[Midnightbsd-cvs] src [11606] vendor-crypto/openssl/1.0.1u: tag 1.0.1u
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sun Jul 8 12:17:14 EDT 2018
Revision: 11606
http://svnweb.midnightbsd.org/src/?rev=11606
Author: laffer1
Date: 2018-07-08 12:17:13 -0400 (Sun, 08 Jul 2018)
Log Message:
-----------
tag 1.0.1u
Added Paths:
-----------
vendor-crypto/openssl/1.0.1u/
vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS
vendor-crypto/openssl/1.0.1u/CHANGES
vendor-crypto/openssl/1.0.1u/CONTRIBUTING
vendor-crypto/openssl/1.0.1u/Configure
vendor-crypto/openssl/1.0.1u/INSTALL
vendor-crypto/openssl/1.0.1u/LICENSE
vendor-crypto/openssl/1.0.1u/Makefile
vendor-crypto/openssl/1.0.1u/Makefile.bak
vendor-crypto/openssl/1.0.1u/Makefile.org
vendor-crypto/openssl/1.0.1u/NEWS
vendor-crypto/openssl/1.0.1u/README
vendor-crypto/openssl/1.0.1u/apps/apps.c
vendor-crypto/openssl/1.0.1u/apps/enc.c
vendor-crypto/openssl/1.0.1u/apps/engine.c
vendor-crypto/openssl/1.0.1u/apps/ocsp.c
vendor-crypto/openssl/1.0.1u/apps/passwd.c
vendor-crypto/openssl/1.0.1u/apps/pkcs12.c
vendor-crypto/openssl/1.0.1u/apps/pkcs7.c
vendor-crypto/openssl/1.0.1u/apps/s_server.c
vendor-crypto/openssl/1.0.1u/apps/speed.c
vendor-crypto/openssl/1.0.1u/apps/x509.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c
vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h
vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c
vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile
vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl
vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl
vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl
vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c
vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c
vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c
vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c
vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c
vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h
vendor-crypto/openssl/1.0.1u/crypto/des/des.c
vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c
vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h
vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c
vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c
vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c
vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c
vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c
vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c
vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c
vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile
vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c
vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c
vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c
vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c
vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c
vendor-crypto/openssl/1.0.1u/crypto/md32_common.h
vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c
vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c
vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c
vendor-crypto/openssl/1.0.1u/crypto/o_dir.c
vendor-crypto/openssl/1.0.1u/crypto/o_dir.h
vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c
vendor-crypto/openssl/1.0.1u/crypto/o_str.c
vendor-crypto/openssl/1.0.1u/crypto/o_str.h
vendor-crypto/openssl/1.0.1u/crypto/o_time.c
vendor-crypto/openssl/1.0.1u/crypto/o_time.h
vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c
vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h
vendor-crypto/openssl/1.0.1u/crypto/opensslv.h
vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h
vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c
vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c
vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c
vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h
vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c
vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c
vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c
vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c
vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c
vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c
vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h
vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c
vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c
vendor-crypto/openssl/1.0.1u/crypto/store/store.h
vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c
vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h
vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c
vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c
vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c
vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c
vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h
vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c
vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c
vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c
vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c
vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h
vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c
vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod
vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod
vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod
vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod
vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod
vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod
vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/EVP_EncodeInit.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/d2i_PrivateKey.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod
vendor-crypto/openssl/1.0.1u/engines/e_chil.c
vendor-crypto/openssl/1.0.1u/include/
vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl
vendor-crypto/openssl/1.0.1u/openssl.spec
vendor-crypto/openssl/1.0.1u/ssl/Makefile
vendor-crypto/openssl/1.0.1u/ssl/d1_both.c
vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c
vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c
vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c
vendor-crypto/openssl/1.0.1u/ssl/kssl.c
vendor-crypto/openssl/1.0.1u/ssl/kssl.h
vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h
vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c
vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c
vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c
vendor-crypto/openssl/1.0.1u/ssl/s3_both.c
vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c
vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c
vendor-crypto/openssl/1.0.1u/ssl/ssl.h
vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c
vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c
vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c
vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h
vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c
vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c
vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c
vendor-crypto/openssl/1.0.1u/test/igetest.c
vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem
vendor-crypto/openssl/1.0.1u/test/testfipsssl
vendor-crypto/openssl/1.0.1u/util/libeay.num
vendor-crypto/openssl/1.0.1u/util/mk1mf.pl
vendor-crypto/openssl/1.0.1u/util/mkdef.pl
vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl
vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl
vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl
vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl
vendor-crypto/openssl/1.0.1u/util/pl/linux.pl
vendor-crypto/openssl/1.0.1u/util/pl/netware.pl
vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl
vendor-crypto/openssl/1.0.1u/util/pl/unix.pl
vendor-crypto/openssl/1.0.1u/util/ssleay.num
Removed Paths:
-------------
vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS
vendor-crypto/openssl/1.0.1u/CHANGES
vendor-crypto/openssl/1.0.1u/CONTRIBUTING
vendor-crypto/openssl/1.0.1u/Configure
vendor-crypto/openssl/1.0.1u/INSTALL
vendor-crypto/openssl/1.0.1u/LICENSE
vendor-crypto/openssl/1.0.1u/Makefile
vendor-crypto/openssl/1.0.1u/Makefile.bak
vendor-crypto/openssl/1.0.1u/Makefile.org
vendor-crypto/openssl/1.0.1u/NEWS
vendor-crypto/openssl/1.0.1u/README
vendor-crypto/openssl/1.0.1u/apps/apps.c
vendor-crypto/openssl/1.0.1u/apps/enc.c
vendor-crypto/openssl/1.0.1u/apps/engine.c
vendor-crypto/openssl/1.0.1u/apps/md4.c
vendor-crypto/openssl/1.0.1u/apps/ocsp.c
vendor-crypto/openssl/1.0.1u/apps/passwd.c
vendor-crypto/openssl/1.0.1u/apps/pkcs12.c
vendor-crypto/openssl/1.0.1u/apps/pkcs7.c
vendor-crypto/openssl/1.0.1u/apps/s_server.c
vendor-crypto/openssl/1.0.1u/apps/speed.c
vendor-crypto/openssl/1.0.1u/apps/x509.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c
vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c
vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c
vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h
vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c
vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c
vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile
vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl
vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl
vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl
vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c
vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c
vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c
vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c
vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c
vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c
vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c
vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h
vendor-crypto/openssl/1.0.1u/crypto/des/des.c
vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c
vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h
vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c
vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c
vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c
vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c
vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c
vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c
vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c
vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c
vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile
vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c
vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c
vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c
vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c
vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c
vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c
vendor-crypto/openssl/1.0.1u/crypto/md32_common.h
vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c
vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c
vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c
vendor-crypto/openssl/1.0.1u/crypto/o_dir.c
vendor-crypto/openssl/1.0.1u/crypto/o_dir.h
vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c
vendor-crypto/openssl/1.0.1u/crypto/o_str.c
vendor-crypto/openssl/1.0.1u/crypto/o_str.h
vendor-crypto/openssl/1.0.1u/crypto/o_time.c
vendor-crypto/openssl/1.0.1u/crypto/o_time.h
vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c
vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h
vendor-crypto/openssl/1.0.1u/crypto/opensslv.h
vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h
vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c
vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c
vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c
vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c
vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h
vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c
vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c
vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c
vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c
vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c
vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c
vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c
vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h
vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c
vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c
vendor-crypto/openssl/1.0.1u/crypto/store/store.h
vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c
vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h
vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c
vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c
vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c
vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c
vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c
vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c
vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h
vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c
vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c
vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c
vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c
vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h
vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c
vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod
vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod
vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod
vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod
vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod
vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod
vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod
vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod
vendor-crypto/openssl/1.0.1u/engines/e_chil.c
vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl
vendor-crypto/openssl/1.0.1u/openssl.spec
vendor-crypto/openssl/1.0.1u/ssl/Makefile
vendor-crypto/openssl/1.0.1u/ssl/d1_both.c
vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c
vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c
vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c
vendor-crypto/openssl/1.0.1u/ssl/kssl.c
vendor-crypto/openssl/1.0.1u/ssl/kssl.h
vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h
vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c
vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c
vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c
vendor-crypto/openssl/1.0.1u/ssl/s3_both.c
vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c
vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c
vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c
vendor-crypto/openssl/1.0.1u/ssl/ssl.h
vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c
vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c
vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c
vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h
vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c
vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c
vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c
vendor-crypto/openssl/1.0.1u/test/bftest.c
vendor-crypto/openssl/1.0.1u/test/bntest.c
vendor-crypto/openssl/1.0.1u/test/casttest.c
vendor-crypto/openssl/1.0.1u/test/clienthellotest.c
vendor-crypto/openssl/1.0.1u/test/constant_time_test.c
vendor-crypto/openssl/1.0.1u/test/destest.c
vendor-crypto/openssl/1.0.1u/test/dhtest.c
vendor-crypto/openssl/1.0.1u/test/dsatest.c
vendor-crypto/openssl/1.0.1u/test/ecdhtest.c
vendor-crypto/openssl/1.0.1u/test/ecdsatest.c
vendor-crypto/openssl/1.0.1u/test/ectest.c
vendor-crypto/openssl/1.0.1u/test/enginetest.c
vendor-crypto/openssl/1.0.1u/test/evp_extra_test.c
vendor-crypto/openssl/1.0.1u/test/evp_test.c
vendor-crypto/openssl/1.0.1u/test/exptest.c
vendor-crypto/openssl/1.0.1u/test/heartbeat_test.c
vendor-crypto/openssl/1.0.1u/test/hmactest.c
vendor-crypto/openssl/1.0.1u/test/ideatest.c
vendor-crypto/openssl/1.0.1u/test/igetest.c
vendor-crypto/openssl/1.0.1u/test/jpaketest.c
vendor-crypto/openssl/1.0.1u/test/md2test.c
vendor-crypto/openssl/1.0.1u/test/md4test.c
vendor-crypto/openssl/1.0.1u/test/md5test.c
vendor-crypto/openssl/1.0.1u/test/mdc2test.c
vendor-crypto/openssl/1.0.1u/test/randtest.c
vendor-crypto/openssl/1.0.1u/test/rc2test.c
vendor-crypto/openssl/1.0.1u/test/rc4test.c
vendor-crypto/openssl/1.0.1u/test/rc5test.c
vendor-crypto/openssl/1.0.1u/test/rmdtest.c
vendor-crypto/openssl/1.0.1u/test/rsa_test.c
vendor-crypto/openssl/1.0.1u/test/sha1test.c
vendor-crypto/openssl/1.0.1u/test/sha256t.c
vendor-crypto/openssl/1.0.1u/test/sha512t.c
vendor-crypto/openssl/1.0.1u/test/shatest.c
vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem
vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem
vendor-crypto/openssl/1.0.1u/test/srptest.c
vendor-crypto/openssl/1.0.1u/test/ssltest.c
vendor-crypto/openssl/1.0.1u/test/testfipsssl
vendor-crypto/openssl/1.0.1u/test/verify_extra_test.c
vendor-crypto/openssl/1.0.1u/test/wp_test.c
vendor-crypto/openssl/1.0.1u/util/libeay.num
vendor-crypto/openssl/1.0.1u/util/mk1mf.pl
vendor-crypto/openssl/1.0.1u/util/mkdef.pl
vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl
vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl
vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl
vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl
vendor-crypto/openssl/1.0.1u/util/pl/linux.pl
vendor-crypto/openssl/1.0.1u/util/pl/netware.pl
vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl
vendor-crypto/openssl/1.0.1u/util/pl/unix.pl
vendor-crypto/openssl/1.0.1u/util/ssleay.num
Deleted: vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS
===================================================================
--- vendor-crypto/openssl/dist/ACKNOWLEDGMENTS 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,30 +0,0 @@
-The OpenSSL project depends on volunteer efforts and financial support from
-the end user community. That support comes in the form of donations and paid
-sponsorships, software support contracts, paid consulting services
-and commissioned software development.
-
-Since all these activities support the continued development and improvement
-of OpenSSL we consider all these clients and customers as sponsors of the
-OpenSSL project.
-
-We would like to identify and thank the following such sponsors for their past
-or current significant support of the OpenSSL project:
-
-Major support:
-
- Qualys http://www.qualys.com/
-
-Very significant support:
-
- OpenGear: http://www.opengear.com/
-
-Significant support:
-
- PSW Group: http://www.psw.net/
- Acano Ltd. http://acano.com/
-
-Please note that we ask permission to identify sponsors and that some sponsors
-we consider eligible for inclusion here have requested to remain anonymous.
-
-Additional sponsorship or financial support is always welcome: for more
-information please contact the OpenSSL Software Foundation.
Copied: vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS (from rev 11605, vendor-crypto/openssl/dist/ACKNOWLEDGMENTS)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ACKNOWLEDGMENTS 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2 @@
+Please https://www.openssl.org/community/thanks.html for the current
+acknowledgements.
Deleted: vendor-crypto/openssl/1.0.1u/CHANGES
===================================================================
--- vendor-crypto/openssl/dist/CHANGES 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/CHANGES 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,10484 +0,0 @@
-
- OpenSSL CHANGES
- _______________
-
- Changes between 1.0.1p and 1.0.1q [3 Dec 2015]
-
- *) Certificate verify crash with missing PSS parameter
-
- The signature verification routines will crash with a NULL pointer
- dereference if presented with an ASN.1 signature using the RSA PSS
- algorithm and absent mask generation function parameter. Since these
- routines are used to verify certificate signature algorithms this can be
- used to crash any certificate verification operation and exploited in a
- DoS attack. Any application which performs certificate verification is
- vulnerable including OpenSSL clients and servers which enable client
- authentication.
-
- This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
- (CVE-2015-3194)
- [Stephen Henson]
-
- *) X509_ATTRIBUTE memory leak
-
- When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
- memory. This structure is used by the PKCS#7 and CMS routines so any
- application which reads PKCS#7 or CMS data from untrusted sources is
- affected. SSL/TLS is not affected.
-
- This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
- libFuzzer.
- (CVE-2015-3195)
- [Stephen Henson]
-
- *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
- This changes the decoding behaviour for some invalid messages,
- though the change is mostly in the more lenient direction, and
- legacy behaviour is preserved as much as possible.
- [Emilia Käsper]
-
- *) In DSA_generate_parameters_ex, if the provided seed is too short,
- return an error
- [Rich Salz and Ismo Puustinen <ismo.puustinen at intel.com>]
-
- Changes between 1.0.1o and 1.0.1p [9 Jul 2015]
-
- *) Alternate chains certificate forgery
-
- During certificate verfification, OpenSSL will attempt to find an
- alternative certificate chain if the first attempt to build such a chain
- fails. An error in the implementation of this logic can mean that an
- attacker could cause certain checks on untrusted certificates to be
- bypassed, such as the CA flag, enabling them to use a valid leaf
- certificate to act as a CA and "issue" an invalid certificate.
-
- This issue was reported to OpenSSL by Adam Langley/David Benjamin
- (Google/BoringSSL).
- (CVE-2015-1793)
- [Matt Caswell]
-
- *) Race condition handling PSK identify hint
-
- If PSK identity hints are received by a multi-threaded client then
- the values are wrongly updated in the parent SSL_CTX structure. This can
- result in a race condition potentially leading to a double free of the
- identify hint data.
- (CVE-2015-3196)
- [Stephen Henson]
-
- Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
- *) Fix HMAC ABI incompatibility. The previous version introduced an ABI
- incompatibility in the handling of HMAC. The previous ABI has now been
- restored.
-
- Changes between 1.0.1m and 1.0.1n [11 Jun 2015]
-
- *) Malformed ECParameters causes infinite loop
-
- When processing an ECParameters structure OpenSSL enters an infinite loop
- if the curve specified is over a specially malformed binary polynomial
- field.
-
- This can be used to perform denial of service against any
- system which processes public keys, certificate requests or
- certificates. This includes TLS clients and TLS servers with
- client authentication enabled.
-
- This issue was reported to OpenSSL by Joseph Barr-Pixton.
- (CVE-2015-1788)
- [Andy Polyakov]
-
- *) Exploitable out-of-bounds read in X509_cmp_time
-
- X509_cmp_time does not properly check the length of the ASN1_TIME
- string and can read a few bytes out of bounds. In addition,
- X509_cmp_time accepts an arbitrary number of fractional seconds in the
- time string.
-
- An attacker can use this to craft malformed certificates and CRLs of
- various sizes and potentially cause a segmentation fault, resulting in
- a DoS on applications that verify certificates or CRLs. TLS clients
- that verify CRLs are affected. TLS clients and servers with client
- authentication enabled may be affected if they use custom verification
- callbacks.
-
- This issue was reported to OpenSSL by Robert Swiecki (Google), and
- independently by Hanno Böck.
- (CVE-2015-1789)
- [Emilia Käsper]
-
- *) PKCS7 crash with missing EnvelopedContent
-
- The PKCS#7 parsing code does not handle missing inner EncryptedContent
- correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
- with missing content and trigger a NULL pointer dereference on parsing.
-
- Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
- structures from untrusted sources are affected. OpenSSL clients and
- servers are not affected.
-
- This issue was reported to OpenSSL by Michal Zalewski (Google).
- (CVE-2015-1790)
- [Emilia Käsper]
-
- *) CMS verify infinite loop with unknown hash function
-
- When verifying a signedData message the CMS code can enter an infinite loop
- if presented with an unknown hash function OID. This can be used to perform
- denial of service against any system which verifies signedData messages using
- the CMS code.
- This issue was reported to OpenSSL by Johannes Bauer.
- (CVE-2015-1792)
- [Stephen Henson]
-
- *) Race condition handling NewSessionTicket
-
- If a NewSessionTicket is received by a multi-threaded client when attempting to
- reuse a previous ticket then a race condition can occur potentially leading to
- a double free of the ticket data.
- (CVE-2015-1791)
- [Matt Caswell]
-
- *) Reject DH handshakes with parameters shorter than 768 bits.
- [Kurt Roeckx and Emilia Kasper]
-
- *) dhparam: generate 2048-bit parameters by default.
- [Kurt Roeckx and Emilia Kasper]
-
- Changes between 1.0.1l and 1.0.1m [19 Mar 2015]
-
- *) Segmentation fault in ASN1_TYPE_cmp fix
-
- The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is
- made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check
- certificate signature algorithm consistency this can be used to crash any
- certificate verification operation and exploited in a DoS attack. Any
- application which performs certificate verification is vulnerable including
- OpenSSL clients and servers which enable client authentication.
- (CVE-2015-0286)
- [Stephen Henson]
-
- *) ASN.1 structure reuse memory corruption fix
-
- Reusing a structure in ASN.1 parsing may allow an attacker to cause
- memory corruption via an invalid write. Such reuse is and has been
- strongly discouraged and is believed to be rare.
-
- Applications that parse structures containing CHOICE or ANY DEFINED BY
- components may be affected. Certificate parsing (d2i_X509 and related
- functions) are however not affected. OpenSSL clients and servers are
- not affected.
- (CVE-2015-0287)
- [Stephen Henson]
-
- *) PKCS7 NULL pointer dereferences fix
-
- The PKCS#7 parsing code does not handle missing outer ContentInfo
- correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with
- missing content and trigger a NULL pointer dereference on parsing.
-
- Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or
- otherwise parse PKCS#7 structures from untrusted sources are
- affected. OpenSSL clients and servers are not affected.
-
- This issue was reported to OpenSSL by Michal Zalewski (Google).
- (CVE-2015-0289)
- [Emilia Käsper]
-
- *) DoS via reachable assert in SSLv2 servers fix
-
- A malicious client can trigger an OPENSSL_assert (i.e., an abort) in
- servers that both support SSLv2 and enable export cipher suites by sending
- a specially crafted SSLv2 CLIENT-MASTER-KEY message.
-
- This issue was discovered by Sean Burford (Google) and Emilia Käsper
- (OpenSSL development team).
- (CVE-2015-0293)
- [Emilia Käsper]
-
- *) Use After Free following d2i_ECPrivatekey error fix
-
- A malformed EC private key file consumed via the d2i_ECPrivateKey function
- could cause a use after free condition. This, in turn, could cause a double
- free in several private key parsing functions (such as d2i_PrivateKey
- or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption
- for applications that receive EC private keys from untrusted
- sources. This scenario is considered rare.
-
- This issue was discovered by the BoringSSL project and fixed in their
- commit 517073cd4b.
- (CVE-2015-0209)
- [Matt Caswell]
-
- *) X509_to_X509_REQ NULL pointer deref fix
-
- The function X509_to_X509_REQ will crash with a NULL pointer dereference if
- the certificate key is invalid. This function is rarely used in practice.
-
- This issue was discovered by Brian Carpenter.
- (CVE-2015-0288)
- [Stephen Henson]
-
- *) Removed the export ciphers from the DEFAULT ciphers
- [Kurt Roeckx]
-
- Changes between 1.0.1k and 1.0.1l [15 Jan 2015]
-
- *) Build fixes for the Windows and OpenVMS platforms
- [Matt Caswell and Richard Levitte]
-
- Changes between 1.0.1j and 1.0.1k [8 Jan 2015]
-
- *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
- message can cause a segmentation fault in OpenSSL due to a NULL pointer
- dereference. This could lead to a Denial Of Service attack. Thanks to
- Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
- (CVE-2014-3571)
- [Steve Henson]
-
- *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
- dtls1_buffer_record function under certain conditions. In particular this
- could occur if an attacker sent repeated DTLS records with the same
- sequence number but for the next epoch. The memory leak could be exploited
- by an attacker in a Denial of Service attack through memory exhaustion.
- Thanks to Chris Mueller for reporting this issue.
- (CVE-2015-0206)
- [Matt Caswell]
-
- *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
- built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
- method would be set to NULL which could later result in a NULL pointer
- dereference. Thanks to Frank Schmirler for reporting this issue.
- (CVE-2014-3569)
- [Kurt Roeckx]
-
- *) Abort handshake if server key exchange message is omitted for ephemeral
- ECDH ciphersuites.
-
- Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
- reporting this issue.
- (CVE-2014-3572)
- [Steve Henson]
-
- *) Remove non-export ephemeral RSA code on client and server. This code
- violated the TLS standard by allowing the use of temporary RSA keys in
- non-export ciphersuites and could be used by a server to effectively
- downgrade the RSA key length used to a value smaller than the server
- certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
- INRIA or reporting this issue.
- (CVE-2015-0204)
- [Steve Henson]
-
- *) Fixed issue where DH client certificates are accepted without verification.
- An OpenSSL server will accept a DH certificate for client authentication
- without the certificate verify message. This effectively allows a client to
- authenticate without the use of a private key. This only affects servers
- which trust a client certificate authority which issues certificates
- containing DH keys: these are extremely rare and hardly ever encountered.
- Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
- this issue.
- (CVE-2015-0205)
- [Steve Henson]
-
- *) Ensure that the session ID context of an SSL is updated when its
- SSL_CTX is updated via SSL_set_SSL_CTX.
-
- The session ID context is typically set from the parent SSL_CTX,
- and can vary with the CTX.
- [Adam Langley]
-
- *) Fix various certificate fingerprint issues.
-
- By using non-DER or invalid encodings outside the signed portion of a
- certificate the fingerprint can be changed without breaking the signature.
- Although no details of the signed portion of the certificate can be changed
- this can cause problems with some applications: e.g. those using the
- certificate fingerprint for blacklists.
-
- 1. Reject signatures with non zero unused bits.
-
- If the BIT STRING containing the signature has non zero unused bits reject
- the signature. All current signature algorithms require zero unused bits.
-
- 2. Check certificate algorithm consistency.
-
- Check the AlgorithmIdentifier inside TBS matches the one in the
- certificate signature. NB: this will result in signature failure
- errors for some broken certificates.
-
- Thanks to Konrad Kraszewski from Google for reporting this issue.
-
- 3. Check DSA/ECDSA signatures use DER.
-
- Reencode DSA/ECDSA signatures and compare with the original received
- signature. Return an error if there is a mismatch.
-
- This will reject various cases including garbage after signature
- (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
- program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
- (negative or with leading zeroes).
-
- Further analysis was conducted and fixes were developed by Stephen Henson
- of the OpenSSL core team.
-
- (CVE-2014-8275)
- [Steve Henson]
-
- *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
- results on some platforms, including x86_64. This bug occurs at random
- with a very low probability, and is not known to be exploitable in any
- way, though its exact impact is difficult to determine. Thanks to Pieter
- Wuille (Blockstream) who reported this issue and also suggested an initial
- fix. Further analysis was conducted by the OpenSSL development team and
- Adam Langley of Google. The final fix was developed by Andy Polyakov of
- the OpenSSL core team.
- (CVE-2014-3570)
- [Andy Polyakov]
-
- *) Do not resume sessions on the server if the negotiated protocol
- version does not match the session's version. Resuming with a different
- version, while not strictly forbidden by the RFC, is of questionable
- sanity and breaks all known clients.
- [David Benjamin, Emilia Käsper]
-
- *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
- early CCS messages during renegotiation. (Note that because
- renegotiation is encrypted, this early CCS was not exploitable.)
- [Emilia Käsper]
-
- *) Tighten client-side session ticket handling during renegotiation:
- ensure that the client only accepts a session ticket if the server sends
- the extension anew in the ServerHello. Previously, a TLS client would
- reuse the old extension state and thus accept a session ticket if one was
- announced in the initial ServerHello.
-
- Similarly, ensure that the client requires a session ticket if one
- was advertised in the ServerHello. Previously, a TLS client would
- ignore a missing NewSessionTicket message.
- [Emilia Käsper]
-
- Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
-
- *) SRTP Memory Leak.
-
- A flaw in the DTLS SRTP extension parsing code allows an attacker, who
- sends a carefully crafted handshake message, to cause OpenSSL to fail
- to free up to 64k of memory causing a memory leak. This could be
- exploited in a Denial Of Service attack. This issue affects OpenSSL
- 1.0.1 server implementations for both SSL/TLS and DTLS regardless of
- whether SRTP is used or configured. Implementations of OpenSSL that
- have been compiled with OPENSSL_NO_SRTP defined are not affected.
-
- The fix was developed by the OpenSSL team.
- (CVE-2014-3513)
- [OpenSSL team]
-
- *) Session Ticket Memory Leak.
-
- When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
- integrity of that ticket is first verified. In the event of a session
- ticket integrity check failing, OpenSSL will fail to free memory
- causing a memory leak. By sending a large number of invalid session
- tickets an attacker could exploit this issue in a Denial Of Service
- attack.
- (CVE-2014-3567)
- [Steve Henson]
-
- *) Build option no-ssl3 is incomplete.
-
- When OpenSSL is configured with "no-ssl3" as a build option, servers
- could accept and complete a SSL 3.0 handshake, and clients could be
- configured to send them.
- (CVE-2014-3568)
- [Akamai and the OpenSSL team]
-
- *) Add support for TLS_FALLBACK_SCSV.
- Client applications doing fallback retries should call
- SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
- (CVE-2014-3566)
- [Adam Langley, Bodo Moeller]
-
- *) Add additional DigestInfo checks.
-
- Reencode DigestInto in DER and check against the original when
- verifying RSA signature: this will reject any improperly encoded
- DigestInfo structures.
-
- Note: this is a precautionary measure and no attacks are currently known.
-
- [Steve Henson]
-
- Changes between 1.0.1h and 1.0.1i [6 Aug 2014]
-
- *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
- SRP code can be overrun an internal buffer. Add sanity check that
- g, A, B < N to SRP code.
-
- Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
- Group for discovering this issue.
- (CVE-2014-3512)
- [Steve Henson]
-
- *) A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
- TLS 1.0 instead of higher protocol versions when the ClientHello message
- is badly fragmented. This allows a man-in-the-middle attacker to force a
- downgrade to TLS 1.0 even if both the server and the client support a
- higher protocol version, by modifying the client's TLS records.
-
- Thanks to David Benjamin and Adam Langley (Google) for discovering and
- researching this issue.
- (CVE-2014-3511)
- [David Benjamin]
-
- *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
- to a denial of service attack. A malicious server can crash the client
- with a null pointer dereference (read) by specifying an anonymous (EC)DH
- ciphersuite and sending carefully crafted handshake messages.
-
- Thanks to Felix Gröbert (Google) for discovering and researching this
- issue.
- (CVE-2014-3510)
- [Emilia Käsper]
-
- *) By sending carefully crafted DTLS packets an attacker could cause openssl
- to leak memory. This can be exploited through a Denial of Service attack.
- Thanks to Adam Langley for discovering and researching this issue.
- (CVE-2014-3507)
- [Adam Langley]
-
- *) An attacker can force openssl to consume large amounts of memory whilst
- processing DTLS handshake messages. This can be exploited through a
- Denial of Service attack.
- Thanks to Adam Langley for discovering and researching this issue.
- (CVE-2014-3506)
- [Adam Langley]
-
- *) An attacker can force an error condition which causes openssl to crash
- whilst processing DTLS packets due to memory being freed twice. This
- can be exploited through a Denial of Service attack.
- Thanks to Adam Langley and Wan-Teh Chang for discovering and researching
- this issue.
- (CVE-2014-3505)
- [Adam Langley]
-
- *) If a multithreaded client connects to a malicious server using a resumed
- session and the server sends an ec point format extension it could write
- up to 255 bytes to freed memory.
-
- Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this
- issue.
- (CVE-2014-3509)
- [Gabor Tyukasz]
-
- *) A malicious server can crash an OpenSSL client with a null pointer
- dereference (read) by specifying an SRP ciphersuite even though it was not
- properly negotiated with the client. This can be exploited through a
- Denial of Service attack.
-
- Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for
- discovering and researching this issue.
- (CVE-2014-5139)
- [Steve Henson]
-
- *) A flaw in OBJ_obj2txt may cause pretty printing functions such as
- X509_name_oneline, X509_name_print_ex et al. to leak some information
- from the stack. Applications may be affected if they echo pretty printing
- output to the attacker.
-
- Thanks to Ivan Fratric (Google) for discovering this issue.
- (CVE-2014-3508)
- [Emilia Käsper, and Steve Henson]
-
- *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
- for corner cases. (Certain input points at infinity could lead to
- bogus results, with non-infinity inputs mapped to infinity too.)
- [Bodo Moeller]
-
- Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
-
- *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
- handshake can force the use of weak keying material in OpenSSL
- SSL/TLS clients and servers.
-
- Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
- researching this issue. (CVE-2014-0224)
- [KIKUCHI Masashi, Steve Henson]
-
- *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
- OpenSSL DTLS client the code can be made to recurse eventually crashing
- in a DoS attack.
-
- Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
- (CVE-2014-0221)
- [Imre Rad, Steve Henson]
-
- *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
- be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
- client or server. This is potentially exploitable to run arbitrary
- code on a vulnerable client or server.
-
- Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
- [Jüri Aedla, Steve Henson]
-
- *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
- are subject to a denial of service attack.
-
- Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
- this issue. (CVE-2014-3470)
- [Felix Gröbert, Ivan Fratric, Steve Henson]
-
- *) Harmonize version and its documentation. -f flag is used to display
- compilation flags.
- [mancha <mancha1 at zoho.com>]
-
- *) Fix eckey_priv_encode so it immediately returns an error upon a failure
- in i2d_ECPrivateKey.
- [mancha <mancha1 at zoho.com>]
-
- *) Fix some double frees. These are not thought to be exploitable.
- [mancha <mancha1 at zoho.com>]
-
- Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
-
- *) A missing bounds check in the handling of the TLS heartbeat extension
- can be used to reveal up to 64k of memory to a connected client or
- server.
-
- Thanks for Neel Mehta of Google Security for discovering this bug and to
- Adam Langley <agl at chromium.org> and Bodo Moeller <bmoeller at acm.org> for
- preparing the fix (CVE-2014-0160)
- [Adam Langley, Bodo Moeller]
-
- *) Fix for the attack described in the paper "Recovering OpenSSL
- ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
- by Yuval Yarom and Naomi Benger. Details can be obtained from:
- http://eprint.iacr.org/2014/140
-
- Thanks to Yuval Yarom and Naomi Benger for discovering this
- flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
- [Yuval Yarom and Naomi Benger]
-
- *) TLS pad extension: draft-agl-tls-padding-03
-
- Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
- TLS client Hello record length value would otherwise be > 255 and
- less that 512 pad with a dummy extension containing zeroes so it
- is at least 512 bytes long.
-
- [Adam Langley, Steve Henson]
-
- Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
-
- *) Fix for TLS record tampering bug. A carefully crafted invalid
- handshake could crash OpenSSL with a NULL pointer exception.
- Thanks to Anton Johansson for reporting this issues.
- (CVE-2013-4353)
-
- *) Keep original DTLS digest and encryption contexts in retransmission
- structures so we can use the previous session parameters if they need
- to be resent. (CVE-2013-6450)
- [Steve Henson]
-
- *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
- avoids preferring ECDHE-ECDSA ciphers when the client appears to be
- Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
- several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug
- is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
- 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
- [Rob Stradling, Adam Langley]
-
- Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
-
- *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
- supporting platforms or when small records were transferred.
- [Andy Polyakov, Steve Henson]
-
- Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
-
- *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
-
- This addresses the flaw in CBC record processing discovered by
- Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
- at: http://www.isg.rhul.ac.uk/tls/
-
- Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
- Security Group at Royal Holloway, University of London
- (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
- Emilia Käsper for the initial patch.
- (CVE-2013-0169)
- [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
-
- *) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
- ciphersuites which can be exploited in a denial of service attack.
- Thanks go to and to Adam Langley <agl at chromium.org> for discovering
- and detecting this bug and to Wolfgang Ettlinger
- <wolfgang.ettlinger at gmail.com> for independently discovering this issue.
- (CVE-2012-2686)
- [Adam Langley]
-
- *) Return an error when checking OCSP signatures when key is NULL.
- This fixes a DoS attack. (CVE-2013-0166)
- [Steve Henson]
-
- *) Make openssl verify return errors.
- [Chris Palmer <palmer at google.com> and Ben Laurie]
-
- *) Call OCSP Stapling callback after ciphersuite has been chosen, so
- the right response is stapled. Also change SSL_get_certificate()
- so it returns the certificate actually sent.
- See http://rt.openssl.org/Ticket/Display.html?id=2836.
- [Rob Stradling <rob.stradling at comodo.com>]
-
- *) Fix possible deadlock when decoding public keys.
- [Steve Henson]
-
- *) Don't use TLS 1.0 record version number in initial client hello
- if renegotiating.
- [Steve Henson]
-
- Changes between 1.0.1b and 1.0.1c [10 May 2012]
-
- *) Sanity check record length before skipping explicit IV in TLS
- 1.2, 1.1 and DTLS to fix DoS attack.
-
- Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
- fuzzing as a service testing platform.
- (CVE-2012-2333)
- [Steve Henson]
-
- *) Initialise tkeylen properly when encrypting CMS messages.
- Thanks to Solar Designer of Openwall for reporting this issue.
- [Steve Henson]
-
- *) In FIPS mode don't try to use composite ciphers as they are not
- approved.
- [Steve Henson]
-
- Changes between 1.0.1a and 1.0.1b [26 Apr 2012]
-
- *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
- 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
- mean any application compiled against OpenSSL 1.0.0 headers setting
- SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
- TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
- 0x10000000L Any application which was previously compiled against
- OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
- will need to be recompiled as a result. Letting be results in
- inability to disable specifically TLS 1.1 and in client context,
- in unlike event, limit maximum offered version to TLS 1.0 [see below].
- [Steve Henson]
-
- *) In order to ensure interoperabilty SSL_OP_NO_protocolX does not
- disable just protocol X, but all protocols above X *if* there are
- protocols *below* X still enabled. In more practical terms it means
- that if application wants to disable TLS1.0 in favor of TLS1.1 and
- above, it's not sufficient to pass SSL_OP_NO_TLSv1, one has to pass
- SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. This applies to
- client side.
- [Andy Polyakov]
-
- Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
-
- *) Check for potentially exploitable overflows in asn1_d2i_read_bio
- BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
- in CRYPTO_realloc_clean.
-
- Thanks to Tavis Ormandy, Google Security Team, for discovering this
- issue and to Adam Langley <agl at chromium.org> for fixing it.
- (CVE-2012-2110)
- [Adam Langley (Google), Tavis Ormandy, Google Security Team]
-
- *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
- [Adam Langley]
-
- *) Workarounds for some broken servers that "hang" if a client hello
- record length exceeds 255 bytes.
-
- 1. Do not use record version number > TLS 1.0 in initial client
- hello: some (but not all) hanging servers will now work.
- 2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
- the number of ciphers sent in the client hello. This should be
- set to an even number, such as 50, for example by passing:
- -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
- Most broken servers should now work.
- 3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
- TLS 1.2 client support entirely.
- [Steve Henson]
-
- *) Fix SEGV in Vector Permutation AES module observed in OpenSSH.
- [Andy Polyakov]
-
- Changes between 1.0.0h and 1.0.1 [14 Mar 2012]
-
- *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET
- STRING form instead of a DigestInfo.
- [Steve Henson]
-
- *) The format used for MDC2 RSA signatures is inconsistent between EVP
- and the RSA_sign/RSA_verify functions. This was made more apparent when
- OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular
- those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect
- the correct format in RSA_verify so both forms transparently work.
- [Steve Henson]
-
- *) Some servers which support TLS 1.0 can choke if we initially indicate
- support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA
- encrypted premaster secret. As a workaround use the maximum pemitted
- client version in client hello, this should keep such servers happy
- and still work with previous versions of OpenSSL.
- [Steve Henson]
-
- *) Add support for TLS/DTLS heartbeats.
- [Robin Seggelmann <seggelmann at fh-muenster.de>]
-
- *) Add support for SCTP.
- [Robin Seggelmann <seggelmann at fh-muenster.de>]
-
- *) Improved PRNG seeding for VOS.
- [Paul Green <Paul.Green at stratus.com>]
-
- *) Extensive assembler packs updates, most notably:
-
- - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support;
- - x86[_64]: SSSE3 support (SHA1, vector-permutation AES);
- - x86_64: bit-sliced AES implementation;
- - ARM: NEON support, contemporary platforms optimizations;
- - s390x: z196 support;
- - *: GHASH and GF(2^m) multiplication implementations;
-
- [Andy Polyakov]
-
- *) Make TLS-SRP code conformant with RFC 5054 API cleanup
- (removal of unnecessary code)
- [Peter Sylvester <peter.sylvester at edelweb.fr>]
-
- *) Add TLS key material exporter from RFC 5705.
- [Eric Rescorla]
-
- *) Add DTLS-SRTP negotiation from RFC 5764.
- [Eric Rescorla]
-
- *) Add Next Protocol Negotiation,
- http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
- disabled with a no-npn flag to config or Configure. Code donated
- by Google.
- [Adam Langley <agl at google.com> and Ben Laurie]
-
- *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224,
- NIST-P256, NIST-P521, with constant-time single point multiplication on
- typical inputs. Compiler support for the nonstandard type __uint128_t is
- required to use this (present in gcc 4.4 and later, for 64-bit builds).
- Code made available under Apache License version 2.0.
-
- Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command
- line to include this in your build of OpenSSL, and run "make depend" (or
- "make update"). This enables the following EC_METHODs:
-
- EC_GFp_nistp224_method()
- EC_GFp_nistp256_method()
- EC_GFp_nistp521_method()
-
- EC_GROUP_new_by_curve_name() will automatically use these (while
- EC_GROUP_new_curve_GFp() currently prefers the more flexible
- implementations).
- [Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
-
- *) Use type ossl_ssize_t instad of ssize_t which isn't available on
- all platforms. Move ssize_t definition from e_os.h to the public
- header file e_os2.h as it now appears in public header file cms.h
- [Steve Henson]
-
- *) New -sigopt option to the ca, req and x509 utilities. Additional
- signature parameters can be passed using this option and in
- particular PSS.
- [Steve Henson]
-
- *) Add RSA PSS signing function. This will generate and set the
- appropriate AlgorithmIdentifiers for PSS based on those in the
- corresponding EVP_MD_CTX structure. No application support yet.
- [Steve Henson]
-
- *) Support for companion algorithm specific ASN1 signing routines.
- New function ASN1_item_sign_ctx() signs a pre-initialised
- EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
- the appropriate parameters.
- [Steve Henson]
-
- *) Add new algorithm specific ASN1 verification initialisation function
- to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
- handling will be the same no matter what EVP_PKEY_METHOD is used.
- Add a PSS handler to support verification of PSS signatures: checked
- against a number of sample certificates.
- [Steve Henson]
-
- *) Add signature printing for PSS. Add PSS OIDs.
- [Steve Henson, Martin Kaiser <lists at kaiser.cx>]
-
- *) Add algorithm specific signature printing. An individual ASN1 method
- can now print out signatures instead of the standard hex dump.
-
- More complex signatures (e.g. PSS) can print out more meaningful
- information. Include DSA version that prints out the signature
- parameters r, s.
- [Steve Henson]
-
- *) Password based recipient info support for CMS library: implementing
- RFC3211.
- [Steve Henson]
-
- *) Split password based encryption into PBES2 and PBKDF2 functions. This
- neatly separates the code into cipher and PBE sections and is required
- for some algorithms that split PBES2 into separate pieces (such as
- password based CMS).
- [Steve Henson]
-
- *) Session-handling fixes:
- - Fix handling of connections that are resuming with a session ID,
- but also support Session Tickets.
- - Fix a bug that suppressed issuing of a new ticket if the client
- presented a ticket with an expired session.
- - Try to set the ticket lifetime hint to something reasonable.
- - Make tickets shorter by excluding irrelevant information.
- - On the client side, don't ignore renewed tickets.
- [Adam Langley, Bodo Moeller (Google)]
-
- *) Fix PSK session representation.
- [Bodo Moeller]
-
- *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
-
- This work was sponsored by Intel.
- [Andy Polyakov]
-
- *) Add GCM support to TLS library. Some custom code is needed to split
- the IV between the fixed (from PRF) and explicit (from TLS record)
- portions. This adds all GCM ciphersuites supported by RFC5288 and
- RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
- add a special AESGCM string for GCM only.
- [Steve Henson]
-
- *) Expand range of ctrls for AES GCM. Permit setting invocation
- field on decrypt and retrieval of invocation field only on encrypt.
- [Steve Henson]
-
- *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
- As required by RFC5289 these ciphersuites cannot be used if for
- versions of TLS earlier than 1.2.
- [Steve Henson]
-
- *) For FIPS capable OpenSSL interpret a NULL default public key method
- as unset and return the appopriate default but do *not* set the default.
- This means we can return the appopriate method in applications that
- swicth between FIPS and non-FIPS modes.
- [Steve Henson]
-
- *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an
- ENGINE is used then we cannot handle that in the FIPS module so we
- keep original code iff non-FIPS operations are allowed.
- [Steve Henson]
-
- *) Add -attime option to openssl utilities.
- [Peter Eckersley <pde at eff.org>, Ben Laurie and Steve Henson]
-
- *) Redirect DSA and DH operations to FIPS module in FIPS mode.
- [Steve Henson]
-
- *) Redirect ECDSA and ECDH operations to FIPS module in FIPS mode. Also use
- FIPS EC methods unconditionally for now.
- [Steve Henson]
-
- *) New build option no-ec2m to disable characteristic 2 code.
- [Steve Henson]
-
- *) Backport libcrypto audit of return value checking from 1.1.0-dev; not
- all cases can be covered as some introduce binary incompatibilities.
- [Steve Henson]
-
- *) Redirect RSA operations to FIPS module including keygen,
- encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
- [Steve Henson]
-
- *) Add similar low level API blocking to ciphers.
- [Steve Henson]
-
- *) Low level digest APIs are not approved in FIPS mode: any attempt
- to use these will cause a fatal error. Applications that *really* want
- to use them can use the private_* version instead.
- [Steve Henson]
-
- *) Redirect cipher operations to FIPS module for FIPS builds.
- [Steve Henson]
-
- *) Redirect digest operations to FIPS module for FIPS builds.
- [Steve Henson]
-
- *) Update build system to add "fips" flag which will link in fipscanister.o
- for static and shared library builds embedding a signature if needed.
- [Steve Henson]
-
- *) Output TLS supported curves in preference order instead of numerical
- order. This is currently hardcoded for the highest order curves first.
- This should be configurable so applications can judge speed vs strength.
- [Steve Henson]
-
- *) Add TLS v1.2 server support for client authentication.
- [Steve Henson]
-
- *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
- and enable MD5.
- [Steve Henson]
-
- *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
- FIPS modules versions.
- [Steve Henson]
-
- *) Add TLS v1.2 client side support for client authentication. Keep cache
- of handshake records longer as we don't know the hash algorithm to use
- until after the certificate request message is received.
- [Steve Henson]
-
- *) Initial TLS v1.2 client support. Add a default signature algorithms
- extension including all the algorithms we support. Parse new signature
- format in client key exchange. Relax some ECC signing restrictions for
- TLS v1.2 as indicated in RFC5246.
- [Steve Henson]
-
- *) Add server support for TLS v1.2 signature algorithms extension. Switch
- to new signature format when needed using client digest preference.
- All server ciphersuites should now work correctly in TLS v1.2. No client
- support yet and no support for client certificates.
- [Steve Henson]
-
- *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
- to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
- ciphersuites. At present only RSA key exchange ciphersuites work with
- TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
- SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
- and version checking.
- [Steve Henson]
-
- *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
- with this defined it will not be affected by any changes to ssl internal
- structures. Add several utility functions to allow openssl application
- to work with OPENSSL_NO_SSL_INTERN defined.
- [Steve Henson]
-
- *) Add SRP support.
- [Tom Wu <tjw at cs.stanford.edu> and Ben Laurie]
-
- *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
- [Steve Henson]
-
- *) Permit abbreviated handshakes when renegotiating using the function
- SSL_renegotiate_abbreviated().
- [Robin Seggelmann <seggelmann at fh-muenster.de>]
-
- *) Add call to ENGINE_register_all_complete() to
- ENGINE_load_builtin_engines(), so some implementations get used
- automatically instead of needing explicit application support.
- [Steve Henson]
-
- *) Add support for TLS key exporter as described in RFC5705.
- [Robin Seggelmann <seggelmann at fh-muenster.de>, Steve Henson]
-
- *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
- a few changes are required:
-
- Add SSL_OP_NO_TLSv1_1 flag.
- Add TLSv1_1 methods.
- Update version checking logic to handle version 1.1.
- Add explicit IV handling (ported from DTLS code).
- Add command line options to s_client/s_server.
- [Steve Henson]
-
- Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
-
- *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
- in CMS and PKCS7 code. When RSA decryption fails use a random key for
- content decryption and always return the same error. Note: this attack
- needs on average 2^20 messages so it only affects automated senders. The
- old behaviour can be reenabled in the CMS code by setting the
- CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
- an MMA defence is not necessary.
- Thanks to Ivan Nestlerode <inestlerode at us.ibm.com> for discovering
- this issue. (CVE-2012-0884)
- [Steve Henson]
-
- *) Fix CVE-2011-4619: make sure we really are receiving a
- client hello before rejecting multiple SGC restarts. Thanks to
- Ivan Nestlerode <inestlerode at us.ibm.com> for discovering this bug.
- [Steve Henson]
-
- Changes between 1.0.0f and 1.0.0g [18 Jan 2012]
-
- *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
- Thanks to Antonio Martin, Enterprise Secure Access Research and
- Development, Cisco Systems, Inc. for discovering this bug and
- preparing a fix. (CVE-2012-0050)
- [Antonio Martin]
-
- Changes between 1.0.0e and 1.0.0f [4 Jan 2012]
-
- *) Nadhem Alfardan and Kenny Paterson have discovered an extension
- of the Vaudenay padding oracle attack on CBC mode encryption
- which enables an efficient plaintext recovery attack against
- the OpenSSL implementation of DTLS. Their attack exploits timing
- differences arising during decryption processing. A research
- paper describing this attack can be found at:
- http://www.isg.rhul.ac.uk/~kp/dtls.pdf
- Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
- Security Group at Royal Holloway, University of London
- (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
- <seggelmann at fh-muenster.de> and Michael Tuexen <tuexen at fh-muenster.de>
- for preparing the fix. (CVE-2011-4108)
- [Robin Seggelmann, Michael Tuexen]
-
- *) Clear bytes used for block padding of SSL 3.0 records.
- (CVE-2011-4576)
- [Adam Langley (Google)]
-
- *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George
- Kadianakis <desnacked at gmail.com> for discovering this issue and
- Adam Langley for preparing the fix. (CVE-2011-4619)
- [Adam Langley (Google)]
-
- *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027)
- [Andrey Kulikov <amdeich at gmail.com>]
-
- *) Prevent malformed RFC3779 data triggering an assertion failure.
- Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
- and Rob Austein <sra at hactrn.net> for fixing it. (CVE-2011-4577)
- [Rob Austein <sra at hactrn.net>]
-
- *) Improved PRNG seeding for VOS.
- [Paul Green <Paul.Green at stratus.com>]
-
- *) Fix ssl_ciph.c set-up race.
- [Adam Langley (Google)]
-
- *) Fix spurious failures in ecdsatest.c.
- [Emilia Käsper (Google)]
-
- *) Fix the BIO_f_buffer() implementation (which was mixing different
- interpretations of the '..._len' fields).
- [Adam Langley (Google)]
-
- *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
- BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
- threads won't reuse the same blinding coefficients.
-
- This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
- lock to call BN_BLINDING_invert_ex, and avoids one use of
- BN_BLINDING_update for each BN_BLINDING structure (previously,
- the last update always remained unused).
- [Emilia Käsper (Google)]
-
- *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
- [Bob Buckholz (Google)]
-
- Changes between 1.0.0d and 1.0.0e [6 Sep 2011]
-
- *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
- by initialising X509_STORE_CTX properly. (CVE-2011-3207)
- [Kaspar Brand <ossl at velox.ch>]
-
- *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
- for multi-threaded use of ECDH. (CVE-2011-3210)
- [Adam Langley (Google)]
-
- *) Fix x509_name_ex_d2i memory leak on bad inputs.
- [Bodo Moeller]
-
- *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
- signature public key algorithm by using OID xref utilities instead.
- Before this you could only use some ECC ciphersuites with SHA1 only.
- [Steve Henson]
-
- *) Add protection against ECDSA timing attacks as mentioned in the paper
- by Billy Bob Brumley and Nicola Tuveri, see:
-
- http://eprint.iacr.org/2011/232.pdf
-
- [Billy Bob Brumley and Nicola Tuveri]
-
- Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
-
- *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
- [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
-
- *) Fix bug in string printing code: if *any* escaping is enabled we must
- escape the escape character (backslash) or the resulting string is
- ambiguous.
- [Steve Henson]
-
- Changes between 1.0.0b and 1.0.0c [2 Dec 2010]
-
- *) Disable code workaround for ancient and obsolete Netscape browsers
- and servers: an attacker can use it in a ciphersuite downgrade attack.
- Thanks to Martin Rex for discovering this bug. CVE-2010-4180
- [Steve Henson]
-
- *) Fixed J-PAKE implementation error, originally discovered by
- Sebastien Martini, further info and confirmation from Stefan
- Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
- [Ben Laurie]
-
- Changes between 1.0.0a and 1.0.0b [16 Nov 2010]
-
- *) Fix extension code to avoid race conditions which can result in a buffer
- overrun vulnerability: resumed sessions must not be modified as they can
- be shared by multiple threads. CVE-2010-3864
- [Steve Henson]
-
- *) Fix WIN32 build system to correctly link an ENGINE directory into
- a DLL.
- [Steve Henson]
-
- Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
-
- *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
- (CVE-2010-1633)
- [Steve Henson, Peter-Michael Hager <hager at dortmund.net>]
-
- Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
-
- *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
- context. The operation can be customised via the ctrl mechanism in
- case ENGINEs want to include additional functionality.
- [Steve Henson]
-
- *) Tolerate yet another broken PKCS#8 key format: private key value negative.
- [Steve Henson]
-
- *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
- output hashes compatible with older versions of OpenSSL.
- [Willy Weisz <weisz at vcpc.univie.ac.at>]
-
- *) Fix compression algorithm handling: if resuming a session use the
- compression algorithm of the resumed session instead of determining
- it from client hello again. Don't allow server to change algorithm.
- [Steve Henson]
-
- *) Add load_crls() function to apps tidying load_certs() too. Add option
- to verify utility to allow additional CRLs to be included.
- [Steve Henson]
-
- *) Update OCSP request code to permit adding custom headers to the request:
- some responders need this.
- [Steve Henson]
-
- *) The function EVP_PKEY_sign() returns <=0 on error: check return code
- correctly.
- [Julia Lawall <julia at diku.dk>]
-
- *) Update verify callback code in apps/s_cb.c and apps/verify.c, it
- needlessly dereferenced structures, used obsolete functions and
- didn't handle all updated verify codes correctly.
- [Steve Henson]
-
- *) Disable MD2 in the default configuration.
- [Steve Henson]
-
- *) In BIO_pop() and BIO_push() use the ctrl argument (which was NULL) to
- indicate the initial BIO being pushed or popped. This makes it possible
- to determine whether the BIO is the one explicitly called or as a result
- of the ctrl being passed down the chain. Fix BIO_pop() and SSL BIOs so
- it handles reference counts correctly and doesn't zero out the I/O bio
- when it is not being explicitly popped. WARNING: applications which
- included workarounds for the old buggy behaviour will need to be modified
- or they could free up already freed BIOs.
- [Steve Henson]
-
- *) Extend the uni2asc/asc2uni => OPENSSL_uni2asc/OPENSSL_asc2uni
- renaming to all platforms (within the 0.9.8 branch, this was
- done conditionally on Netware platforms to avoid a name clash).
- [Guenter <lists at gknw.net>]
-
- *) Add ECDHE and PSK support to DTLS.
- [Michael Tuexen <tuexen at fh-muenster.de>]
-
- *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't
- be used on C++.
- [Steve Henson]
-
- *) Add "missing" function EVP_MD_flags() (without this the only way to
- retrieve a digest flags is by accessing the structure directly. Update
- EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest
- or cipher is registered as in the "from" argument. Print out all
- registered digests in the dgst usage message instead of manually
- attempting to work them out.
- [Steve Henson]
-
- *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
- this allows the use of compression and extensions. Change default cipher
- string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
- by default unless an application cipher string requests it.
- [Steve Henson]
-
- *) Alter match criteria in PKCS12_parse(). It used to try to use local
- key ids to find matching certificates and keys but some PKCS#12 files
- don't follow the (somewhat unwritten) rules and this strategy fails.
- Now just gather all certificates together and the first private key
- then look for the first certificate that matches the key.
- [Steve Henson]
-
- *) Support use of registered digest and cipher names for dgst and cipher
- commands instead of having to add each one as a special case. So now
- you can do:
-
- openssl sha256 foo
-
- as well as:
-
- openssl dgst -sha256 foo
-
- and this works for ENGINE based algorithms too.
-
- [Steve Henson]
-
- *) Update Gost ENGINE to support parameter files.
- [Victor B. Wagner <vitus at cryptocom.ru>]
-
- *) Support GeneralizedTime in ca utility.
- [Oliver Martin <oliver at volatilevoid.net>, Steve Henson]
-
- *) Enhance the hash format used for certificate directory links. The new
- form uses the canonical encoding (meaning equivalent names will work
- even if they aren't identical) and uses SHA1 instead of MD5. This form
- is incompatible with the older format and as a result c_rehash should
- be used to rebuild symbolic links.
- [Steve Henson]
-
- *) Make PKCS#8 the default write format for private keys, replacing the
- traditional format. This form is standardised, more secure and doesn't
- include an implicit MD5 dependency.
- [Steve Henson]
-
- *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
- committed to OpenSSL should pass this lot as a minimum.
- [Steve Henson]
-
- *) Add session ticket override functionality for use by EAP-FAST.
- [Jouni Malinen <j at w1.fi>]
-
- *) Modify HMAC functions to return a value. Since these can be implemented
- in an ENGINE errors can occur.
- [Steve Henson]
-
- *) Type-checked OBJ_bsearch_ex.
- [Ben Laurie]
-
- *) Type-checked OBJ_bsearch. Also some constification necessitated
- by type-checking. Still to come: TXT_DB, bsearch(?),
- OBJ_bsearch_ex, qsort, CRYPTO_EX_DATA, ASN1_VALUE, ASN1_STRING,
- CONF_VALUE.
- [Ben Laurie]
-
- *) New function OPENSSL_gmtime_adj() to add a specific number of days and
- seconds to a tm structure directly, instead of going through OS
- specific date routines. This avoids any issues with OS routines such
- as the year 2038 bug. New *_adj() functions for ASN1 time structures
- and X509_time_adj_ex() to cover the extended range. The existing
- X509_time_adj() is still usable and will no longer have any date issues.
- [Steve Henson]
-
- *) Delta CRL support. New use deltas option which will attempt to locate
- and search any appropriate delta CRLs available.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Support for CRLs partitioned by reason code. Reorganise CRL processing
- code and add additional score elements. Validate alternate CRL paths
- as part of the CRL checking and indicate a new error "CRL path validation
- error" in this case. Applications wanting additional details can use
- the verify callback and check the new "parent" field. If this is not
- NULL CRL path validation is taking place. Existing applications wont
- see this because it requires extended CRL support which is off by
- default.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Support for freshest CRL extension.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Initial indirect CRL support. Currently only supported in the CRLs
- passed directly and not via lookup. Process certificate issuer
- CRL entry extension and lookup CRL entries by bother issuer name
- and serial number. Check and process CRL issuer entry in IDP extension.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Add support for distinct certificate and CRL paths. The CRL issuer
- certificate is validated separately in this case. Only enabled if
- an extended CRL support flag is set: this flag will enable additional
- CRL functionality in future.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Add support for policy mappings extension.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Fixes to pathlength constraint, self issued certificate handling,
- policy processing to align with RFC3280 and PKITS tests.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Support for name constraints certificate extension. DN, email, DNS
- and URI types are currently supported.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) To cater for systems that provide a pointer-based thread ID rather
- than numeric, deprecate the current numeric thread ID mechanism and
- replace it with a structure and associated callback type. This
- mechanism allows a numeric "hash" to be extracted from a thread ID in
- either case, and on platforms where pointers are larger than 'long',
- mixing is done to help ensure the numeric 'hash' is usable even if it
- can't be guaranteed unique. The default mechanism is to use "&errno"
- as a pointer-based thread ID to distinguish between threads.
-
- Applications that want to provide their own thread IDs should now use
- CRYPTO_THREADID_set_callback() to register a callback that will call
- either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer().
-
- Note that ERR_remove_state() is now deprecated, because it is tied
- to the assumption that thread IDs are numeric. ERR_remove_state(0)
- to free the current thread's error state should be replaced by
- ERR_remove_thread_state(NULL).
-
- (This new approach replaces the functions CRYPTO_set_idptr_callback(),
- CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in
- OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an
- application was previously providing a numeric thread callback that
- was inappropriate for distinguishing threads, then uniqueness might
- have been obtained with &errno that happened immediately in the
- intermediate development versions of OpenSSL; this is no longer the
- case, the numeric thread callback will now override the automatic use
- of &errno.)
- [Geoff Thorpe, with help from Bodo Moeller]
-
- *) Initial support for different CRL issuing certificates. This covers a
- simple case where the self issued certificates in the chain exist and
- the real CRL issuer is higher in the existing chain.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Removed effectively defunct crypto/store from the build.
- [Ben Laurie]
-
- *) Revamp of STACK to provide stronger type-checking. Still to come:
- TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE,
- ASN1_STRING, CONF_VALUE.
- [Ben Laurie]
-
- *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
- RAM on SSL connections. This option can save about 34k per idle SSL.
- [Nick Mathewson]
-
- *) Revamp of LHASH to provide stronger type-checking. Still to come:
- STACK, TXT_DB, bsearch, qsort.
- [Ben Laurie]
-
- *) Initial support for Cryptographic Message Syntax (aka CMS) based
- on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
- support for data, signedData, compressedData, digestedData and
- encryptedData, envelopedData types included. Scripts to check against
- RFC4134 examples draft and interop and consistency checks of many
- content types and variants.
- [Steve Henson]
-
- *) Add options to enc utility to support use of zlib compression BIO.
- [Steve Henson]
-
- *) Extend mk1mf to support importing of options and assembly language
- files from Configure script, currently only included in VC-WIN32.
- The assembly language rules can now optionally generate the source
- files from the associated perl scripts.
- [Steve Henson]
-
- *) Implement remaining functionality needed to support GOST ciphersuites.
- Interop testing has been performed using CryptoPro implementations.
- [Victor B. Wagner <vitus at cryptocom.ru>]
-
- *) s390x assembler pack.
- [Andy Polyakov]
-
- *) ARMv4 assembler pack. ARMv4 refers to v4 and later ISA, not CPU
- "family."
- [Andy Polyakov]
-
- *) Implement Opaque PRF Input TLS extension as specified in
- draft-rescorla-tls-opaque-prf-input-00.txt. Since this is not an
- official specification yet and no extension type assignment by
- IANA exists, this extension (for now) will have to be explicitly
- enabled when building OpenSSL by providing the extension number
- to use. For example, specify an option
-
- -DTLSEXT_TYPE_opaque_prf_input=0x9527
-
- to the "config" or "Configure" script to enable the extension,
- assuming extension number 0x9527 (which is a completely arbitrary
- and unofficial assignment based on the MD5 hash of the Internet
- Draft). Note that by doing so, you potentially lose
- interoperability with other TLS implementations since these might
- be using the same extension number for other purposes.
-
- SSL_set_tlsext_opaque_prf_input(ssl, src, len) is used to set the
- opaque PRF input value to use in the handshake. This will create
- an interal copy of the length-'len' string at 'src', and will
- return non-zero for success.
-
- To get more control and flexibility, provide a callback function
- by using
-
- SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb)
- SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg)
-
- where
-
- int (*cb)(SSL *, void *peerinput, size_t len, void *arg);
- void *arg;
-
- Callback function 'cb' will be called in handshakes, and is
- expected to use SSL_set_tlsext_opaque_prf_input() as appropriate.
- Argument 'arg' is for application purposes (the value as given to
- SSL_CTX_set_tlsext_opaque_prf_input_callback_arg() will directly
- be provided to the callback function). The callback function
- has to return non-zero to report success: usually 1 to use opaque
- PRF input just if possible, or 2 to enforce use of the opaque PRF
- input. In the latter case, the library will abort the handshake
- if opaque PRF input is not successfully negotiated.
-
- Arguments 'peerinput' and 'len' given to the callback function
- will always be NULL and 0 in the case of a client. A server will
- see the client's opaque PRF input through these variables if
- available (NULL and 0 otherwise). Note that if the server
- provides an opaque PRF input, the length must be the same as the
- length of the client's opaque PRF input.
-
- Note that the callback function will only be called when creating
- a new session (session resumption can resume whatever was
- previously negotiated), and will not be called in SSL 2.0
- handshakes; thus, SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) or
- SSL_set_options(ssl, SSL_OP_NO_SSLv2) is especially recommended
- for applications that need to enforce opaque PRF input.
-
- [Bodo Moeller]
-
- *) Update ssl code to support digests other than SHA1+MD5 for handshake
- MAC.
-
- [Victor B. Wagner <vitus at cryptocom.ru>]
-
- *) Add RFC4507 support to OpenSSL. This includes the corrections in
- RFC4507bis. The encrypted ticket format is an encrypted encoded
- SSL_SESSION structure, that way new session features are automatically
- supported.
-
- If a client application caches session in an SSL_SESSION structure
- support is transparent because tickets are now stored in the encoded
- SSL_SESSION.
-
- The SSL_CTX structure automatically generates keys for ticket
- protection in servers so again support should be possible
- with no application modification.
-
- If a client or server wishes to disable RFC4507 support then the option
- SSL_OP_NO_TICKET can be set.
-
- Add a TLS extension debugging callback to allow the contents of any client
- or server extensions to be examined.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Final changes to avoid use of pointer pointer casts in OpenSSL.
- OpenSSL should now compile cleanly on gcc 4.2
- [Peter Hartley <pdh at utter.chaos.org.uk>, Steve Henson]
-
- *) Update SSL library to use new EVP_PKEY MAC API. Include generic MAC
- support including streaming MAC support: this is required for GOST
- ciphersuite support.
- [Victor B. Wagner <vitus at cryptocom.ru>, Steve Henson]
-
- *) Add option -stream to use PKCS#7 streaming in smime utility. New
- function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream()
- to output in BER and PEM format.
- [Steve Henson]
-
- *) Experimental support for use of HMAC via EVP_PKEY interface. This
- allows HMAC to be handled via the EVP_DigestSign*() interface. The
- EVP_PKEY "key" in this case is the HMAC key, potentially allowing
- ENGINE support for HMAC keys which are unextractable. New -mac and
- -macopt options to dgst utility.
- [Steve Henson]
-
- *) New option -sigopt to dgst utility. Update dgst to use
- EVP_Digest{Sign,Verify}*. These two changes make it possible to use
- alternative signing paramaters such as X9.31 or PSS in the dgst
- utility.
- [Steve Henson]
-
- *) Change ssl_cipher_apply_rule(), the internal function that does
- the work each time a ciphersuite string requests enabling
- ("foo+bar"), moving ("+foo+bar"), disabling ("-foo+bar", or
- removing ("!foo+bar") a class of ciphersuites: Now it maintains
- the order of disabled ciphersuites such that those ciphersuites
- that most recently went from enabled to disabled not only stay
- in order with respect to each other, but also have higher priority
- than other disabled ciphersuites the next time ciphersuites are
- enabled again.
-
- This means that you can now say, e.g., "PSK:-PSK:HIGH" to enable
- the same ciphersuites as with "HIGH" alone, but in a specific
- order where the PSK ciphersuites come first (since they are the
- most recently disabled ciphersuites when "HIGH" is parsed).
-
- Also, change ssl_create_cipher_list() (using this new
- funcionality) such that between otherwise identical
- cihpersuites, ephemeral ECDH is preferred over ephemeral DH in
- the default order.
- [Bodo Moeller]
-
- *) Change ssl_create_cipher_list() so that it automatically
- arranges the ciphersuites in reasonable order before starting
- to process the rule string. Thus, the definition for "DEFAULT"
- (SSL_DEFAULT_CIPHER_LIST) now is just "ALL:!aNULL:!eNULL", but
- remains equivalent to "AES:ALL:!aNULL:!eNULL:+aECDH:+kRSA:+RC4:@STRENGTH".
- This makes it much easier to arrive at a reasonable default order
- in applications for which anonymous ciphers are OK (meaning
- that you can't actually use DEFAULT).
- [Bodo Moeller; suggested by Victor Duchovni]
-
- *) Split the SSL/TLS algorithm mask (as used for ciphersuite string
- processing) into multiple integers instead of setting
- "SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK",
- "SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer.
- (These masks as well as the individual bit definitions are hidden
- away into the non-exported interface ssl/ssl_locl.h, so this
- change to the definition of the SSL_CIPHER structure shouldn't
- affect applications.) This give us more bits for each of these
- categories, so there is no longer a need to coagulate AES128 and
- AES256 into a single algorithm bit, and to coagulate Camellia128
- and Camellia256 into a single algorithm bit, which has led to all
- kinds of kludges.
-
- Thus, among other things, the kludge introduced in 0.9.7m and
- 0.9.8e for masking out AES256 independently of AES128 or masking
- out Camellia256 independently of AES256 is not needed here in 0.9.9.
-
- With the change, we also introduce new ciphersuite aliases that
- so far were missing: "AES128", "AES256", "CAMELLIA128", and
- "CAMELLIA256".
- [Bodo Moeller]
-
- *) Add support for dsa-with-SHA224 and dsa-with-SHA256.
- Use the leftmost N bytes of the signature input if the input is
- larger than the prime q (with N being the size in bytes of q).
- [Nils Larsch]
-
- *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses
- it yet and it is largely untested.
- [Steve Henson]
-
- *) Add support for the ecdsa-with-SHA224/256/384/512 signature types.
- [Nils Larsch]
-
- *) Initial incomplete changes to avoid need for function casts in OpenSSL
- some compilers (gcc 4.2 and later) reject their use. Safestack is
- reimplemented. Update ASN1 to avoid use of legacy functions.
- [Steve Henson]
-
- *) Win32/64 targets are linked with Winsock2.
- [Andy Polyakov]
-
- *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
- to external functions. This can be used to increase CRL handling
- efficiency especially when CRLs are very large by (for example) storing
- the CRL revoked certificates in a database.
- [Steve Henson]
-
- *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
- new CRLs added to a directory can be used. New command line option
- -verify_return_error to s_client and s_server. This causes real errors
- to be returned by the verify callback instead of carrying on no matter
- what. This reflects the way a "real world" verify callback would behave.
- [Steve Henson]
-
- *) GOST engine, supporting several GOST algorithms and public key formats.
- Kindly donated by Cryptocom.
- [Cryptocom]
-
- *) Partial support for Issuing Distribution Point CRL extension. CRLs
- partitioned by DP are handled but no indirect CRL or reason partitioning
- (yet). Complete overhaul of CRL handling: now the most suitable CRL is
- selected via a scoring technique which handles IDP and AKID in CRLs.
- [Steve Henson]
-
- *) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
- will ultimately be used for all verify operations: this will remove the
- X509_STORE dependency on certificate verification and allow alternative
- lookup methods. X509_STORE based implementations of these two callbacks.
- [Steve Henson]
-
- *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
- Modify get_crl() to find a valid (unexpired) CRL if possible.
- [Steve Henson]
-
- *) New function X509_CRL_match() to check if two CRLs are identical. Normally
- this would be called X509_CRL_cmp() but that name is already used by
- a function that just compares CRL issuer names. Cache several CRL
- extensions in X509_CRL structure and cache CRLDP in X509.
- [Steve Henson]
-
- *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
- this maps equivalent X509_NAME structures into a consistent structure.
- Name comparison can then be performed rapidly using memcmp().
- [Steve Henson]
-
- *) Non-blocking OCSP request processing. Add -timeout option to ocsp
- utility.
- [Steve Henson]
-
- *) Allow digests to supply their own micalg string for S/MIME type using
- the ctrl EVP_MD_CTRL_MICALG.
- [Steve Henson]
-
- *) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
- EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
- ctrl. It can then customise the structure before and/or after signing
- if necessary.
- [Steve Henson]
-
- *) New function OBJ_add_sigid() to allow application defined signature OIDs
- to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
- to free up any added signature OIDs.
- [Steve Henson]
-
- *) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
- EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
- digest and cipher tables. New options added to openssl utility:
- list-message-digest-algorithms and list-cipher-algorithms.
- [Steve Henson]
-
- *) Change the array representation of binary polynomials: the list
- of degrees of non-zero coefficients is now terminated with -1.
- Previously it was terminated with 0, which was also part of the
- value; thus, the array representation was not applicable to
- polynomials where t^0 has coefficient zero. This change makes
- the array representation useful in a more general context.
- [Douglas Stebila]
-
- *) Various modifications and fixes to SSL/TLS cipher string
- handling. For ECC, the code now distinguishes between fixed ECDH
- with RSA certificates on the one hand and with ECDSA certificates
- on the other hand, since these are separate ciphersuites. The
- unused code for Fortezza ciphersuites has been removed.
-
- For consistency with EDH, ephemeral ECDH is now called "EECDH"
- (not "ECDHE"). For consistency with the code for DH
- certificates, use of ECDH certificates is now considered ECDH
- authentication, not RSA or ECDSA authentication (the latter is
- merely the CA's signing algorithm and not actively used in the
- protocol).
-
- The temporary ciphersuite alias "ECCdraft" is no longer
- available, and ECC ciphersuites are no longer excluded from "ALL"
- and "DEFAULT". The following aliases now exist for RFC 4492
- ciphersuites, most of these by analogy with the DH case:
-
- kECDHr - ECDH cert, signed with RSA
- kECDHe - ECDH cert, signed with ECDSA
- kECDH - ECDH cert (signed with either RSA or ECDSA)
- kEECDH - ephemeral ECDH
- ECDH - ECDH cert or ephemeral ECDH
-
- aECDH - ECDH cert
- aECDSA - ECDSA cert
- ECDSA - ECDSA cert
-
- AECDH - anonymous ECDH
- EECDH - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
-
- [Bodo Moeller]
-
- *) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
- Use correct micalg parameters depending on digest(s) in signed message.
- [Steve Henson]
-
- *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
- an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
- [Steve Henson]
-
- *) Initial engine support for EVP_PKEY_METHOD. New functions to permit
- an engine to register a method. Add ENGINE lookups for methods and
- functional reference processing.
- [Steve Henson]
-
- *) New functions EVP_Digest{Sign,Verify)*. These are enchance versions of
- EVP_{Sign,Verify}* which allow an application to customise the signature
- process.
- [Steve Henson]
-
- *) New -resign option to smime utility. This adds one or more signers
- to an existing PKCS#7 signedData structure. Also -md option to use an
- alternative message digest algorithm for signing.
- [Steve Henson]
-
- *) Tidy up PKCS#7 routines and add new functions to make it easier to
- create PKCS7 structures containing multiple signers. Update smime
- application to support multiple signers.
- [Steve Henson]
-
- *) New -macalg option to pkcs12 utility to allow setting of an alternative
- digest MAC.
- [Steve Henson]
-
- *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
- Reorganize PBE internals to lookup from a static table using NIDs,
- add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
- EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
- PRF which will be automatically used with PBES2.
- [Steve Henson]
-
- *) Replace the algorithm specific calls to generate keys in "req" with the
- new API.
- [Steve Henson]
-
- *) Update PKCS#7 enveloped data routines to use new API. This is now
- supported by any public key method supporting the encrypt operation. A
- ctrl is added to allow the public key algorithm to examine or modify
- the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
- a no op.
- [Steve Henson]
-
- *) Add a ctrl to asn1 method to allow a public key algorithm to express
- a default digest type to use. In most cases this will be SHA1 but some
- algorithms (such as GOST) need to specify an alternative digest. The
- return value indicates how strong the prefernce is 1 means optional and
- 2 is mandatory (that is it is the only supported type). Modify
- ASN1_item_sign() to accept a NULL digest argument to indicate it should
- use the default md. Update openssl utilities to use the default digest
- type for signing if it is not explicitly indicated.
- [Steve Henson]
-
- *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New
- EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
- signing method from the key type. This effectively removes the link
- between digests and public key types.
- [Steve Henson]
-
- *) Add an OID cross reference table and utility functions. Its purpose is to
- translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
- rsaEncryption. This will allow some of the algorithm specific hackery
- needed to use the correct OID to be removed.
- [Steve Henson]
-
- *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
- structures for PKCS7_sign(). They are now set up by the relevant public
- key ASN1 method.
- [Steve Henson]
-
- *) Add provisional EC pkey method with support for ECDSA and ECDH.
- [Steve Henson]
-
- *) Add support for key derivation (agreement) in the API, DH method and
- pkeyutl.
- [Steve Henson]
-
- *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
- public and private key formats. As a side effect these add additional
- command line functionality not previously available: DSA signatures can be
- generated and verified using pkeyutl and DH key support and generation in
- pkey, genpkey.
- [Steve Henson]
-
- *) BeOS support.
- [Oliver Tappe <zooey at hirschkaefer.de>]
-
- *) New make target "install_html_docs" installs HTML renditions of the
- manual pages.
- [Oliver Tappe <zooey at hirschkaefer.de>]
-
- *) New utility "genpkey" this is analagous to "genrsa" etc except it can
- generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
- support key and parameter generation and add initial key generation
- functionality for RSA.
- [Steve Henson]
-
- *) Add functions for main EVP_PKEY_method operations. The undocumented
- functions EVP_PKEY_{encrypt,decrypt} have been renamed to
- EVP_PKEY_{encrypt,decrypt}_old.
- [Steve Henson]
-
- *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
- key API, doesn't do much yet.
- [Steve Henson]
-
- *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
- public key algorithms. New option to openssl utility:
- "list-public-key-algorithms" to print out info.
- [Steve Henson]
-
- *) Implement the Supported Elliptic Curves Extension for
- ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
- [Douglas Stebila]
-
- *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
- EVP_CIPHER structures to avoid later problems in EVP_cleanup().
- [Steve Henson]
-
- *) New utilities pkey and pkeyparam. These are similar to algorithm specific
- utilities such as rsa, dsa, dsaparam etc except they process any key
- type.
- [Steve Henson]
-
- *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
- functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
- EVP_PKEY_print_param() to print public key data from an EVP_PKEY
- structure.
- [Steve Henson]
-
- *) Initial support for pluggable public key ASN1.
- De-spaghettify the public key ASN1 handling. Move public and private
- key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
- algorithm specific handling to a single module within the relevant
- algorithm directory. Add functions to allow (near) opaque processing
- of public and private key structures.
- [Steve Henson]
-
- *) Implement the Supported Point Formats Extension for
- ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
- [Douglas Stebila]
-
- *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
- for the psk identity [hint] and the psk callback functions to the
- SSL_SESSION, SSL and SSL_CTX structure.
-
- New ciphersuites:
- PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
- PSK-AES256-CBC-SHA
-
- New functions:
- SSL_CTX_use_psk_identity_hint
- SSL_get_psk_identity_hint
- SSL_get_psk_identity
- SSL_use_psk_identity_hint
-
- [Mika Kousa and Pasi Eronen of Nokia Corporation]
-
- *) Add RFC 3161 compliant time stamp request creation, response generation
- and response verification functionality.
- [Zoltán Glózik <zglozik at opentsa.org>, The OpenTSA Project]
-
- *) Add initial support for TLS extensions, specifically for the server_name
- extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
- have new members for a host name. The SSL data structure has an
- additional member SSL_CTX *initial_ctx so that new sessions can be
- stored in that context to allow for session resumption, even after the
- SSL has been switched to a new SSL_CTX in reaction to a client's
- server_name extension.
-
- New functions (subject to change):
-
- SSL_get_servername()
- SSL_get_servername_type()
- SSL_set_SSL_CTX()
-
- New CTRL codes and macros (subject to change):
-
- SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- - SSL_CTX_set_tlsext_servername_callback()
- SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
- - SSL_CTX_set_tlsext_servername_arg()
- SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
-
- openssl s_client has a new '-servername ...' option.
-
- openssl s_server has new options '-servername_host ...', '-cert2 ...',
- '-key2 ...', '-servername_fatal' (subject to change). This allows
- testing the HostName extension for a specific single host name ('-cert'
- and '-key' remain fallbacks for handshakes without HostName
- negotiation). If the unrecogninzed_name alert has to be sent, this by
- default is a warning; it becomes fatal with the '-servername_fatal'
- option.
-
- [Peter Sylvester, Remy Allais, Christophe Renou]
-
- *) Whirlpool hash implementation is added.
- [Andy Polyakov]
-
- *) BIGNUM code on 64-bit SPARCv9 targets is switched from bn(64,64) to
- bn(64,32). Because of instruction set limitations it doesn't have
- any negative impact on performance. This was done mostly in order
- to make it possible to share assembler modules, such as bn_mul_mont
- implementations, between 32- and 64-bit builds without hassle.
- [Andy Polyakov]
-
- *) Move code previously exiled into file crypto/ec/ec2_smpt.c
- to ec2_smpl.c, and no longer require the OPENSSL_EC_BIN_PT_COMP
- macro.
- [Bodo Moeller]
-
- *) New candidate for BIGNUM assembler implementation, bn_mul_mont,
- dedicated Montgomery multiplication procedure, is introduced.
- BN_MONT_CTX is modified to allow bn_mul_mont to reach for higher
- "64-bit" performance on certain 32-bit targets.
- [Andy Polyakov]
-
- *) New option SSL_OP_NO_COMP to disable use of compression selectively
- in SSL structures. New SSL ctrl to set maximum send fragment size.
- Save memory by seeting the I/O buffer sizes dynamically instead of
- using the maximum available value.
- [Steve Henson]
-
- *) New option -V for 'openssl ciphers'. This prints the ciphersuite code
- in addition to the text details.
- [Bodo Moeller]
-
- *) Very, very preliminary EXPERIMENTAL support for printing of general
- ASN1 structures. This currently produces rather ugly output and doesn't
- handle several customised structures at all.
- [Steve Henson]
-
- *) Integrated support for PVK file format and some related formats such
- as MS PUBLICKEYBLOB and PRIVATEKEYBLOB. Command line switches to support
- these in the 'rsa' and 'dsa' utilities.
- [Steve Henson]
-
- *) Support for PKCS#1 RSAPublicKey format on rsa utility command line.
- [Steve Henson]
-
- *) Remove the ancient ASN1_METHOD code. This was only ever used in one
- place for the (very old) "NETSCAPE" format certificates which are now
- handled using new ASN1 code equivalents.
- [Steve Henson]
-
- *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
- pointer and make the SSL_METHOD parameter in SSL_CTX_new,
- SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.
- [Nils Larsch]
-
- *) Modify CRL distribution points extension code to print out previously
- unsupported fields. Enhance extension setting code to allow setting of
- all fields.
- [Steve Henson]
-
- *) Add print and set support for Issuing Distribution Point CRL extension.
- [Steve Henson]
-
- *) Change 'Configure' script to enable Camellia by default.
- [NTT]
-
- Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
-
- *) When rejecting SSL/TLS records due to an incorrect version number, never
- update s->server with a new major version number. As of
- - OpenSSL 0.9.8m if 'short' is a 16-bit type,
- - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
- the previous behavior could result in a read attempt at NULL when
- receiving specific incorrect SSL/TLS records once record payload
- protection is active. (CVE-2010-0740)
- [Bodo Moeller, Adam Langley <agl at chromium.org>]
-
- *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
- could be crashed if the relevant tables were not present (e.g. chrooted).
- [Tomas Hoger <thoger at redhat.com>]
-
- Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
-
- *) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
- [Martin Olsson, Neel Mehta]
-
- *) Fix X509_STORE locking: Every 'objs' access requires a lock (to
- accommodate for stack sorting, always a write lock!).
- [Bodo Moeller]
-
- *) On some versions of WIN32 Heap32Next is very slow. This can cause
- excessive delays in the RAND_poll(): over a minute. As a workaround
- include a time check in the inner Heap32Next loop too.
- [Steve Henson]
-
- *) The code that handled flushing of data in SSL/TLS originally used the
- BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
- the problem outlined in PR#1949. The fix suggested there however can
- trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
- of Apache). So instead simplify the code to flush unconditionally.
- This should be fine since flushing with no data to flush is a no op.
- [Steve Henson]
-
- *) Handle TLS versions 2.0 and later properly and correctly use the
- highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
- off ancient servers have a habit of sticking around for a while...
- [Steve Henson]
-
- *) Modify compression code so it frees up structures without using the
- ex_data callbacks. This works around a problem where some applications
- call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
- restarting) then use compression (e.g. SSL with compression) later.
- This results in significant per-connection memory leaks and
- has caused some security issues including CVE-2008-1678 and
- CVE-2009-4355.
- [Steve Henson]
-
- *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
- change when encrypting or decrypting.
- [Bodo Moeller]
-
- *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
- connect and renegotiate with servers which do not support RI.
- Until RI is more widely deployed this option is enabled by default.
- [Steve Henson]
-
- *) Add "missing" ssl ctrls to clear options and mode.
- [Steve Henson]
-
- *) If client attempts to renegotiate and doesn't support RI respond with
- a no_renegotiation alert as required by RFC5746. Some renegotiating
- TLS clients will continue a connection gracefully when they receive
- the alert. Unfortunately OpenSSL mishandled this alert and would hang
- waiting for a server hello which it will never receive. Now we treat a
- received no_renegotiation alert as a fatal error. This is because
- applications requesting a renegotiation might well expect it to succeed
- and would have no code in place to handle the server denying it so the
- only safe thing to do is to terminate the connection.
- [Steve Henson]
-
- *) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
- peer supports secure renegotiation and 0 otherwise. Print out peer
- renegotiation support in s_client/s_server.
- [Steve Henson]
-
- *) Replace the highly broken and deprecated SPKAC certification method with
- the updated NID creation version. This should correctly handle UTF8.
- [Steve Henson]
-
- *) Implement RFC5746. Re-enable renegotiation but require the extension
- as needed. Unfortunately, SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
- turns out to be a bad idea. It has been replaced by
- SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
- SSL_CTX_set_options(). This is really not recommended unless you
- know what you are doing.
- [Eric Rescorla <ekr at networkresonance.com>, Ben Laurie, Steve Henson]
-
- *) Fixes to stateless session resumption handling. Use initial_ctx when
- issuing and attempting to decrypt tickets in case it has changed during
- servername handling. Use a non-zero length session ID when attempting
- stateless session resumption: this makes it possible to determine if
- a resumption has occurred immediately after receiving server hello
- (several places in OpenSSL subtly assume this) instead of later in
- the handshake.
- [Steve Henson]
-
- *) The functions ENGINE_ctrl(), OPENSSL_isservice(),
- CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
- fixes for a few places where the return code is not checked
- correctly.
- [Julia Lawall <julia at diku.dk>]
-
- *) Add --strict-warnings option to Configure script to include devteam
- warnings in other configurations.
- [Steve Henson]
-
- *) Add support for --libdir option and LIBDIR variable in makefiles. This
- makes it possible to install openssl libraries in locations which
- have names other than "lib", for example "/usr/lib64" which some
- systems need.
- [Steve Henson, based on patch from Jeremy Utley]
-
- *) Don't allow the use of leading 0x80 in OIDs. This is a violation of
- X690 8.9.12 and can produce some misleading textual output of OIDs.
- [Steve Henson, reported by Dan Kaminsky]
-
- *) Delete MD2 from algorithm tables. This follows the recommendation in
- several standards that it is not used in new applications due to
- several cryptographic weaknesses. For binary compatibility reasons
- the MD2 API is still compiled in by default.
- [Steve Henson]
-
- *) Add compression id to {d2i,i2d}_SSL_SESSION so it is correctly saved
- and restored.
- [Steve Henson]
-
- *) Rename uni2asc and asc2uni functions to OPENSSL_uni2asc and
- OPENSSL_asc2uni conditionally on Netware platforms to avoid a name
- clash.
- [Guenter <lists at gknw.net>]
-
- *) Fix the server certificate chain building code to use X509_verify_cert(),
- it used to have an ad-hoc builder which was unable to cope with anything
- other than a simple chain.
- [David Woodhouse <dwmw2 at infradead.org>, Steve Henson]
-
- *) Don't check self signed certificate signatures in X509_verify_cert()
- by default (a flag can override this): it just wastes time without
- adding any security. As a useful side effect self signed root CAs
- with non-FIPS digests are now usable in FIPS mode.
- [Steve Henson]
-
- *) In dtls1_process_out_of_seq_message() the check if the current message
- is already buffered was missing. For every new message was memory
- allocated, allowing an attacker to perform an denial of service attack
- with sending out of seq handshake messages until there is no memory
- left. Additionally every future messege was buffered, even if the
- sequence number made no sense and would be part of another handshake.
- So only messages with sequence numbers less than 10 in advance will be
- buffered. (CVE-2009-1378)
- [Robin Seggelmann, discovered by Daniel Mentz]
-
- *) Records are buffered if they arrive with a future epoch to be
- processed after finishing the corresponding handshake. There is
- currently no limitation to this buffer allowing an attacker to perform
- a DOS attack with sending records with future epochs until there is no
- memory left. This patch adds the pqueue_size() function to detemine
- the size of a buffer and limits the record buffer to 100 entries.
- (CVE-2009-1377)
- [Robin Seggelmann, discovered by Daniel Mentz]
-
- *) Keep a copy of frag->msg_header.frag_len so it can be used after the
- parent structure is freed. (CVE-2009-1379)
- [Daniel Mentz]
-
- *) Handle non-blocking I/O properly in SSL_shutdown() call.
- [Darryl Miles <darryl-mailinglists at netbauds.net>]
-
- *) Add 2.5.4.* OIDs
- [Ilya O. <vrghost at gmail.com>]
-
- Changes between 0.9.8k and 0.9.8l [5 Nov 2009]
-
- *) Disable renegotiation completely - this fixes a severe security
- problem (CVE-2009-3555) at the cost of breaking all
- renegotiation. Renegotiation can be re-enabled by setting
- SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
- run-time. This is really not recommended unless you know what
- you're doing.
- [Ben Laurie]
-
- Changes between 0.9.8j and 0.9.8k [25 Mar 2009]
-
- *) Don't set val to NULL when freeing up structures, it is freed up by
- underlying code. If sizeof(void *) > sizeof(long) this can result in
- zeroing past the valid field. (CVE-2009-0789)
- [Paolo Ganci <Paolo.Ganci at AdNovum.CH>]
-
- *) Fix bug where return value of CMS_SignerInfo_verify_content() was not
- checked correctly. This would allow some invalid signed attributes to
- appear to verify correctly. (CVE-2009-0591)
- [Ivan Nestlerode <inestlerode at us.ibm.com>]
-
- *) Reject UniversalString and BMPString types with invalid lengths. This
- prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
- a legal length. (CVE-2009-0590)
- [Steve Henson]
-
- *) Set S/MIME signing as the default purpose rather than setting it
- unconditionally. This allows applications to override it at the store
- level.
- [Steve Henson]
-
- *) Permit restricted recursion of ASN1 strings. This is needed in practice
- to handle some structures.
- [Steve Henson]
-
- *) Improve efficiency of mem_gets: don't search whole buffer each time
- for a '\n'
- [Jeremy Shapiro <jnshapir at us.ibm.com>]
-
- *) New -hex option for openssl rand.
- [Matthieu Herrb]
-
- *) Print out UTF8String and NumericString when parsing ASN1.
- [Steve Henson]
-
- *) Support NumericString type for name components.
- [Steve Henson]
-
- *) Allow CC in the environment to override the automatically chosen
- compiler. Note that nothing is done to ensure flags work with the
- chosen compiler.
- [Ben Laurie]
-
- Changes between 0.9.8i and 0.9.8j [07 Jan 2009]
-
- *) Properly check EVP_VerifyFinal() and similar return values
- (CVE-2008-5077).
- [Ben Laurie, Bodo Moeller, Google Security Team]
-
- *) Enable TLS extensions by default.
- [Ben Laurie]
-
- *) Allow the CHIL engine to be loaded, whether the application is
- multithreaded or not. (This does not release the developer from the
- obligation to set up the dynamic locking callbacks.)
- [Sander Temme <sander at temme.net>]
-
- *) Use correct exit code if there is an error in dgst command.
- [Steve Henson; problem pointed out by Roland Dirlewanger]
-
- *) Tweak Configure so that you need to say "experimental-jpake" to enable
- JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
- [Bodo Moeller]
-
- *) Add experimental JPAKE support, including demo authentication in
- s_client and s_server.
- [Ben Laurie]
-
- *) Set the comparison function in v3_addr_canonize().
- [Rob Austein <sra at hactrn.net>]
-
- *) Add support for XMPP STARTTLS in s_client.
- [Philip Paeps <philip at freebsd.org>]
-
- *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
- to ensure that even with this option, only ciphersuites in the
- server's preference list will be accepted. (Note that the option
- applies only when resuming a session, so the earlier behavior was
- just about the algorithm choice for symmetric cryptography.)
- [Bodo Moeller]
-
- Changes between 0.9.8h and 0.9.8i [15 Sep 2008]
-
- *) Fix NULL pointer dereference if a DTLS server received
- ChangeCipherSpec as first record (CVE-2009-1386).
- [PR #1679]
-
- *) Fix a state transitition in s3_srvr.c and d1_srvr.c
- (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
- [Nagendra Modadugu]
-
- *) The fix in 0.9.8c that supposedly got rid of unsafe
- double-checked locking was incomplete for RSA blinding,
- addressing just one layer of what turns out to have been
- doubly unsafe triple-checked locking.
-
- So now fix this for real by retiring the MONT_HELPER macro
- in crypto/rsa/rsa_eay.c.
-
- [Bodo Moeller; problem pointed out by Marius Schilder]
-
- *) Various precautionary measures:
-
- - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
-
- - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
- (NB: This would require knowledge of the secret session ticket key
- to exploit, in which case you'd be SOL either way.)
-
- - Change bn_nist.c so that it will properly handle input BIGNUMs
- outside the expected range.
-
- - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
- builds.
-
- [Neel Mehta, Bodo Moeller]
-
- *) Allow engines to be "soft loaded" - i.e. optionally don't die if
- the load fails. Useful for distros.
- [Ben Laurie and the FreeBSD team]
-
- *) Add support for Local Machine Keyset attribute in PKCS#12 files.
- [Steve Henson]
-
- *) Fix BN_GF2m_mod_arr() top-bit cleanup code.
- [Huang Ying]
-
- *) Expand ENGINE to support engine supplied SSL client certificate functions.
-
- This work was sponsored by Logica.
- [Steve Henson]
-
- *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
- keystores. Support for SSL/TLS client authentication too.
- Not compiled unless enable-capieng specified to Configure.
-
- This work was sponsored by Logica.
- [Steve Henson]
-
- *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
- ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
- attribute creation routines such as certifcate requests and PKCS#12
- files.
- [Steve Henson]
-
- Changes between 0.9.8g and 0.9.8h [28 May 2008]
-
- *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
- handshake which could lead to a cilent crash as found using the
- Codenomicon TLS test suite (CVE-2008-1672)
- [Steve Henson, Mark Cox]
-
- *) Fix double free in TLS server name extensions which could lead to
- a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
- [Joe Orton]
-
- *) Clear error queue in SSL_CTX_use_certificate_chain_file()
-
- Clear the error queue to ensure that error entries left from
- older function calls do not interfere with the correct operation.
- [Lutz Jaenicke, Erik de Castro Lopo]
-
- *) Remove root CA certificates of commercial CAs:
-
- The OpenSSL project does not recommend any specific CA and does not
- have any policy with respect to including or excluding any CA.
- Therefore it does not make any sense to ship an arbitrary selection
- of root CA certificates with the OpenSSL software.
- [Lutz Jaenicke]
-
- *) RSA OAEP patches to fix two separate invalid memory reads.
- The first one involves inputs when 'lzero' is greater than
- 'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
- before the beginning of from). The second one involves inputs where
- the 'db' section contains nothing but zeroes (there is a one-byte
- invalid read after the end of 'db').
- [Ivan Nestlerode <inestlerode at us.ibm.com>]
-
- *) Partial backport from 0.9.9-dev:
-
- Introduce bn_mul_mont (dedicated Montgomery multiplication
- procedure) as a candidate for BIGNUM assembler implementation.
- While 0.9.9-dev uses assembler for various architectures, only
- x86_64 is available by default here in the 0.9.8 branch, and
- 32-bit x86 is available through a compile-time setting.
-
- To try the 32-bit x86 assembler implementation, use Configure
- option "enable-montasm" (which exists only for this backport).
-
- As "enable-montasm" for 32-bit x86 disclaims code stability
- anyway, in this constellation we activate additional code
- backported from 0.9.9-dev for further performance improvements,
- namely BN_from_montgomery_word. (To enable this otherwise,
- e.g. x86_64, try "-DMONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD".)
-
- [Andy Polyakov (backport partially by Bodo Moeller)]
-
- *) Add TLS session ticket callback. This allows an application to set
- TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
- values. This is useful for key rollover for example where several key
- sets may exist with different names.
- [Steve Henson]
-
- *) Reverse ENGINE-internal logic for caching default ENGINE handles.
- This was broken until now in 0.9.8 releases, such that the only way
- a registered ENGINE could be used (assuming it initialises
- successfully on the host) was to explicitly set it as the default
- for the relevant algorithms. This is in contradiction with 0.9.7
- behaviour and the documentation. With this fix, when an ENGINE is
- registered into a given algorithm's table of implementations, the
- 'uptodate' flag is reset so that auto-discovery will be used next
- time a new context for that algorithm attempts to select an
- implementation.
- [Ian Lister (tweaked by Geoff Thorpe)]
-
- *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9
- implemention in the following ways:
-
- Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be
- hard coded.
-
- Lack of BER streaming support means one pass streaming processing is
- only supported if data is detached: setting the streaming flag is
- ignored for embedded content.
-
- CMS support is disabled by default and must be explicitly enabled
- with the enable-cms configuration option.
- [Steve Henson]
-
- *) Update the GMP engine glue to do direct copies between BIGNUM and
- mpz_t when openssl and GMP use the same limb size. Otherwise the
- existing "conversion via a text string export" trick is still used.
- [Paul Sheer <paulsheer at gmail.com>]
-
- *) Zlib compression BIO. This is a filter BIO which compressed and
- uncompresses any data passed through it.
- [Steve Henson]
-
- *) Add AES_wrap_key() and AES_unwrap_key() functions to implement
- RFC3394 compatible AES key wrapping.
- [Steve Henson]
-
- *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0():
- sets string data without copying. X509_ALGOR_set0() and
- X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier)
- data. Attribute function X509at_get0_data_by_OBJ(): retrieves data
- from an X509_ATTRIBUTE structure optionally checking it occurs only
- once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied
- data.
- [Steve Henson]
-
- *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
- to get the expected BN_FLG_CONSTTIME behavior.
- [Bodo Moeller (Google)]
-
- *) Netware support:
-
- - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
- - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
- - added some more tests to do_tests.pl
- - fixed RunningProcess usage so that it works with newer LIBC NDKs too
- - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
- - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
- netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
- - various changes to netware.pl to enable gcc-cross builds on Win32
- platform
- - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
- - various changes to fix missing prototype warnings
- - fixed x86nasm.pl to create correct asm files for NASM COFF output
- - added AES, WHIRLPOOL and CPUID assembler code to build files
- - added missing AES assembler make rules to mk1mf.pl
- - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
- [Guenter Knauf <eflash at gmx.net>]
-
- *) Implement certificate status request TLS extension defined in RFC3546.
- A client can set the appropriate parameters and receive the encoded
- OCSP response via a callback. A server can query the supplied parameters
- and set the encoded OCSP response in the callback. Add simplified examples
- to s_client and s_server.
- [Steve Henson]
-
- Changes between 0.9.8f and 0.9.8g [19 Oct 2007]
-
- *) Fix various bugs:
- + Binary incompatibility of ssl_ctx_st structure
- + DTLS interoperation with non-compliant servers
- + Don't call get_session_cb() without proposed session
- + Fix ia64 assembler code
- [Andy Polyakov, Steve Henson]
-
- Changes between 0.9.8e and 0.9.8f [11 Oct 2007]
-
- *) DTLS Handshake overhaul. There were longstanding issues with
- OpenSSL DTLS implementation, which were making it impossible for
- RFC 4347 compliant client to communicate with OpenSSL server.
- Unfortunately just fixing these incompatibilities would "cut off"
- pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e
- server keeps tolerating non RFC compliant syntax. The opposite is
- not true, 0.9.8f client can not communicate with earlier server.
- This update even addresses CVE-2007-4995.
- [Andy Polyakov]
-
- *) Changes to avoid need for function casts in OpenSSL: some compilers
- (gcc 4.2 and later) reject their use.
- [Kurt Roeckx <kurt at roeckx.be>, Peter Hartley <pdh at utter.chaos.org.uk>,
- Steve Henson]
-
- *) Add RFC4507 support to OpenSSL. This includes the corrections in
- RFC4507bis. The encrypted ticket format is an encrypted encoded
- SSL_SESSION structure, that way new session features are automatically
- supported.
-
- If a client application caches session in an SSL_SESSION structure
- support is transparent because tickets are now stored in the encoded
- SSL_SESSION.
-
- The SSL_CTX structure automatically generates keys for ticket
- protection in servers so again support should be possible
- with no application modification.
-
- If a client or server wishes to disable RFC4507 support then the option
- SSL_OP_NO_TICKET can be set.
-
- Add a TLS extension debugging callback to allow the contents of any client
- or server extensions to be examined.
-
- This work was sponsored by Google.
- [Steve Henson]
-
- *) Add initial support for TLS extensions, specifically for the server_name
- extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
- have new members for a host name. The SSL data structure has an
- additional member SSL_CTX *initial_ctx so that new sessions can be
- stored in that context to allow for session resumption, even after the
- SSL has been switched to a new SSL_CTX in reaction to a client's
- server_name extension.
-
- New functions (subject to change):
-
- SSL_get_servername()
- SSL_get_servername_type()
- SSL_set_SSL_CTX()
-
- New CTRL codes and macros (subject to change):
-
- SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- - SSL_CTX_set_tlsext_servername_callback()
- SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
- - SSL_CTX_set_tlsext_servername_arg()
- SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
-
- openssl s_client has a new '-servername ...' option.
-
- openssl s_server has new options '-servername_host ...', '-cert2 ...',
- '-key2 ...', '-servername_fatal' (subject to change). This allows
- testing the HostName extension for a specific single host name ('-cert'
- and '-key' remain fallbacks for handshakes without HostName
- negotiation). If the unrecogninzed_name alert has to be sent, this by
- default is a warning; it becomes fatal with the '-servername_fatal'
- option.
-
- [Peter Sylvester, Remy Allais, Christophe Renou, Steve Henson]
-
- *) Add AES and SSE2 assembly language support to VC++ build.
- [Steve Henson]
-
- *) Mitigate attack on final subtraction in Montgomery reduction.
- [Andy Polyakov]
-
- *) Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
- (which previously caused an internal error).
- [Bodo Moeller]
-
- *) Squeeze another 10% out of IGE mode when in != out.
- [Ben Laurie]
-
- *) AES IGE mode speedup.
- [Dean Gaudet (Google)]
-
- *) Add the Korean symmetric 128-bit cipher SEED (see
- http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
- add SEED ciphersuites from RFC 4162:
-
- TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA"
- TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA"
- TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA"
- TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA"
-
- To minimize changes between patchlevels in the OpenSSL 0.9.8
- series, SEED remains excluded from compilation unless OpenSSL
- is configured with 'enable-seed'.
- [KISA, Bodo Moeller]
-
- *) Mitigate branch prediction attacks, which can be practical if a
- single processor is shared, allowing a spy process to extract
- information. For detailed background information, see
- http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
- J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
- and Necessary Software Countermeasures"). The core of the change
- are new versions BN_div_no_branch() and
- BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
- respectively, which are slower, but avoid the security-relevant
- conditional branches. These are automatically called by BN_div()
- and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
- of the input BIGNUMs. Also, BN_is_bit_set() has been changed to
- remove a conditional branch.
-
- BN_FLG_CONSTTIME is the new name for the previous
- BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
- modular exponentiation. (Since OpenSSL 0.9.7h, setting this flag
- in the exponent causes BN_mod_exp_mont() to use the alternative
- implementation in BN_mod_exp_mont_consttime().) The old name
- remains as a deprecated alias.
-
- Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
- RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
- constant-time implementations for more than just exponentiation.
- Here too the old name is kept as a deprecated alias.
-
- BN_BLINDING_new() will now use BN_dup() for the modulus so that
- the BN_BLINDING structure gets an independent copy of the
- modulus. This means that the previous "BIGNUM *m" argument to
- BN_BLINDING_new() and to BN_BLINDING_create_param() now
- essentially becomes "const BIGNUM *m", although we can't actually
- change this in the header file before 0.9.9. It allows
- RSA_setup_blinding() to use BN_with_flags() on the modulus to
- enable BN_FLG_CONSTTIME.
-
- [Matthew D Wood (Intel Corp)]
-
- *) In the SSL/TLS server implementation, be strict about session ID
- context matching (which matters if an application uses a single
- external cache for different purposes). Previously,
- out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
- set. This did ensure strict client verification, but meant that,
- with applications using a single external cache for quite
- different requirements, clients could circumvent ciphersuite
- restrictions for a given session ID context by starting a session
- in a different context.
- [Bodo Moeller]
-
- *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
- a ciphersuite string such as "DEFAULT:RSA" cannot enable
- authentication-only ciphersuites.
- [Bodo Moeller]
-
- *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
- not complete and could lead to a possible single byte overflow
- (CVE-2007-5135) [Ben Laurie]
-
- Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
-
- *) Since AES128 and AES256 (and similarly Camellia128 and
- Camellia256) share a single mask bit in the logic of
- ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
- kludge to work properly if AES128 is available and AES256 isn't
- (or if Camellia128 is available and Camellia256 isn't).
- [Victor Duchovni]
-
- *) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
- (within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
- When a point or a seed is encoded in a BIT STRING, we need to
- prevent the removal of trailing zero bits to get the proper DER
- encoding. (By default, crypto/asn1/a_bitstr.c assumes the case
- of a NamedBitList, for which trailing 0 bits need to be removed.)
- [Bodo Moeller]
-
- *) Have SSL/TLS server implementation tolerate "mismatched" record
- protocol version while receiving ClientHello even if the
- ClientHello is fragmented. (The server can't insist on the
- particular protocol version it has chosen before the ServerHello
- message has informed the client about his choice.)
- [Bodo Moeller]
-
- *) Add RFC 3779 support.
- [Rob Austein for ARIN, Ben Laurie]
-
- *) Load error codes if they are not already present instead of using a
- static variable. This allows them to be cleanly unloaded and reloaded.
- Improve header file function name parsing.
- [Steve Henson]
-
- *) extend SMTP and IMAP protocol emulation in s_client to use EHLO
- or CAPABILITY handshake as required by RFCs.
- [Goetz Babin-Ebell]
-
- Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
-
- *) Introduce limits to prevent malicious keys being able to
- cause a denial of service. (CVE-2006-2940)
- [Steve Henson, Bodo Moeller]
-
- *) Fix ASN.1 parsing of certain invalid structures that can result
- in a denial of service. (CVE-2006-2937) [Steve Henson]
-
- *) Fix buffer overflow in SSL_get_shared_ciphers() function.
- (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
-
- *) Fix SSL client code which could crash if connecting to a
- malicious SSLv2 server. (CVE-2006-4343)
- [Tavis Ormandy and Will Drewry, Google Security Team]
-
- *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
- match only those. Before that, "AES256-SHA" would be interpreted
- as a pattern and match "AES128-SHA" too (since AES128-SHA got
- the same strength classification in 0.9.7h) as we currently only
- have a single AES bit in the ciphersuite description bitmap.
- That change, however, also applied to ciphersuite strings such as
- "RC4-MD5" that intentionally matched multiple ciphersuites --
- namely, SSL 2.0 ciphersuites in addition to the more common ones
- from SSL 3.0/TLS 1.0.
-
- So we change the selection algorithm again: Naming an explicit
- ciphersuite selects this one ciphersuite, and any other similar
- ciphersuite (same bitmap) from *other* protocol versions.
- Thus, "RC4-MD5" again will properly select both the SSL 2.0
- ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
-
- Since SSL 2.0 does not have any ciphersuites for which the
- 128/256 bit distinction would be relevant, this works for now.
- The proper fix will be to use different bits for AES128 and
- AES256, which would have avoided the problems from the beginning;
- however, bits are scarce, so we can only do this in a new release
- (not just a patchlevel) when we can change the SSL_CIPHER
- definition to split the single 'unsigned long mask' bitmap into
- multiple values to extend the available space.
-
- [Bodo Moeller]
-
- Changes between 0.9.8b and 0.9.8c [05 Sep 2006]
-
- *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
- (CVE-2006-4339) [Ben Laurie and Google Security Team]
-
- *) Add AES IGE and biIGE modes.
- [Ben Laurie]
-
- *) Change the Unix randomness entropy gathering to use poll() when
- possible instead of select(), since the latter has some
- undesirable limitations.
- [Darryl Miles via Richard Levitte and Bodo Moeller]
-
- *) Disable "ECCdraft" ciphersuites more thoroughly. Now special
- treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
- cannot be implicitly activated as part of, e.g., the "AES" alias.
- However, please upgrade to OpenSSL 0.9.9[-dev] for
- non-experimental use of the ECC ciphersuites to get TLS extension
- support, which is required for curve and point format negotiation
- to avoid potential handshake problems.
- [Bodo Moeller]
-
- *) Disable rogue ciphersuites:
-
- - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
- - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
- - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
-
- The latter two were purportedly from
- draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
- appear there.
-
- Also deactivate the remaining ciphersuites from
- draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
- unofficial, and the ID has long expired.
- [Bodo Moeller]
-
- *) Fix RSA blinding Heisenbug (problems sometimes occured on
- dual-core machines) and other potential thread-safety issues.
- [Bodo Moeller]
-
- *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
- versions), which is now available for royalty-free use
- (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
- Also, add Camellia TLS ciphersuites from RFC 4132.
-
- To minimize changes between patchlevels in the OpenSSL 0.9.8
- series, Camellia remains excluded from compilation unless OpenSSL
- is configured with 'enable-camellia'.
- [NTT]
-
- *) Disable the padding bug check when compression is in use. The padding
- bug check assumes the first packet is of even length, this is not
- necessarily true if compresssion is enabled and can result in false
- positives causing handshake failure. The actual bug test is ancient
- code so it is hoped that implementations will either have fixed it by
- now or any which still have the bug do not support compression.
- [Steve Henson]
-
- Changes between 0.9.8a and 0.9.8b [04 May 2006]
-
- *) When applying a cipher rule check to see if string match is an explicit
- cipher suite and only match that one cipher suite if it is.
- [Steve Henson]
-
- *) Link in manifests for VC++ if needed.
- [Austin Ziegler <halostatue at gmail.com>]
-
- *) Update support for ECC-based TLS ciphersuites according to
- draft-ietf-tls-ecc-12.txt with proposed changes (but without
- TLS extensions, which are supported starting with the 0.9.9
- branch, not in the OpenSSL 0.9.8 branch).
- [Douglas Stebila]
-
- *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support
- opaque EVP_CIPHER_CTX handling.
- [Steve Henson]
-
- *) Fixes and enhancements to zlib compression code. We now only use
- "zlib1.dll" and use the default __cdecl calling convention on Win32
- to conform with the standards mentioned here:
- http://www.zlib.net/DLL_FAQ.txt
- Static zlib linking now works on Windows and the new --with-zlib-include
- --with-zlib-lib options to Configure can be used to supply the location
- of the headers and library. Gracefully handle case where zlib library
- can't be loaded.
- [Steve Henson]
-
- *) Several fixes and enhancements to the OID generation code. The old code
- sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't
- handle numbers larger than ULONG_MAX, truncated printing and had a
- non standard OBJ_obj2txt() behaviour.
- [Steve Henson]
-
- *) Add support for building of engines under engine/ as shared libraries
- under VC++ build system.
- [Steve Henson]
-
- *) Corrected the numerous bugs in the Win32 path splitter in DSO.
- Hopefully, we will not see any false combination of paths any more.
- [Richard Levitte]
-
- Changes between 0.9.8 and 0.9.8a [11 Oct 2005]
-
- *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
- (part of SSL_OP_ALL). This option used to disable the
- countermeasure against man-in-the-middle protocol-version
- rollback in the SSL 2.0 server implementation, which is a bad
- idea. (CVE-2005-2969)
-
- [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
- for Information Security, National Institute of Advanced Industrial
- Science and Technology [AIST], Japan)]
-
- *) Add two function to clear and return the verify parameter flags.
- [Steve Henson]
-
- *) Keep cipherlists sorted in the source instead of sorting them at
- runtime, thus removing the need for a lock.
- [Nils Larsch]
-
- *) Avoid some small subgroup attacks in Diffie-Hellman.
- [Nick Mathewson and Ben Laurie]
-
- *) Add functions for well-known primes.
- [Nick Mathewson]
-
- *) Extended Windows CE support.
- [Satoshi Nakamura and Andy Polyakov]
-
- *) Initialize SSL_METHOD structures at compile time instead of during
- runtime, thus removing the need for a lock.
- [Steve Henson]
-
- *) Make PKCS7_decrypt() work even if no certificate is supplied by
- attempting to decrypt each encrypted key in turn. Add support to
- smime utility.
- [Steve Henson]
-
- Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
-
- [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
- OpenSSL 0.9.8.]
-
- *) Add libcrypto.pc and libssl.pc for those who feel they need them.
- [Richard Levitte]
-
- *) Change CA.sh and CA.pl so they don't bundle the CSR and the private
- key into the same file any more.
- [Richard Levitte]
-
- *) Add initial support for Win64, both IA64 and AMD64/x64 flavors.
- [Andy Polyakov]
-
- *) Add -utf8 command line and config file option to 'ca'.
- [Stefan <stf at udoma.org]
-
- *) Removed the macro des_crypt(), as it seems to conflict with some
- libraries. Use DES_crypt().
- [Richard Levitte]
-
- *) Correct naming of the 'chil' and '4758cca' ENGINEs. This
- involves renaming the source and generated shared-libs for
- both. The engines will accept the corrected or legacy ids
- ('ncipher' and '4758_cca' respectively) when binding. NB,
- this only applies when building 'shared'.
- [Corinna Vinschen <vinschen at redhat.com> and Geoff Thorpe]
-
- *) Add attribute functions to EVP_PKEY structure. Modify
- PKCS12_create() to recognize a CSP name attribute and
- use it. Make -CSP option work again in pkcs12 utility.
- [Steve Henson]
-
- *) Add new functionality to the bn blinding code:
- - automatic re-creation of the BN_BLINDING parameters after
- a fixed number of uses (currently 32)
- - add new function for parameter creation
- - introduce flags to control the update behaviour of the
- BN_BLINDING parameters
- - hide BN_BLINDING structure
- Add a second BN_BLINDING slot to the RSA structure to improve
- performance when a single RSA object is shared among several
- threads.
- [Nils Larsch]
-
- *) Add support for DTLS.
- [Nagendra Modadugu <nagendra at cs.stanford.edu> and Ben Laurie]
-
- *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
- to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
- [Walter Goulet]
-
- *) Remove buggy and incompletet DH cert support from
- ssl/ssl_rsa.c and ssl/s3_both.c
- [Nils Larsch]
-
- *) Use SHA-1 instead of MD5 as the default digest algorithm for
- the apps/openssl applications.
- [Nils Larsch]
-
- *) Compile clean with "-Wall -Wmissing-prototypes
- -Wstrict-prototypes -Wmissing-declarations -Werror". Currently
- DEBUG_SAFESTACK must also be set.
- [Ben Laurie]
-
- *) Change ./Configure so that certain algorithms can be disabled by default.
- The new counterpiece to "no-xxx" is "enable-xxx".
-
- The patented RC5 and MDC2 algorithms will now be disabled unless
- "enable-rc5" and "enable-mdc2", respectively, are specified.
-
- (IDEA remains enabled despite being patented. This is because IDEA
- is frequently required for interoperability, and there is no license
- fee for non-commercial use. As before, "no-idea" can be used to
- avoid this algorithm.)
-
- [Bodo Moeller]
-
- *) Add processing of proxy certificates (see RFC 3820). This work was
- sponsored by KTH (The Royal Institute of Technology in Stockholm) and
- EGEE (Enabling Grids for E-science in Europe).
- [Richard Levitte]
-
- *) RC4 performance overhaul on modern architectures/implementations, such
- as Intel P4, IA-64 and AMD64.
- [Andy Polyakov]
-
- *) New utility extract-section.pl. This can be used specify an alternative
- section number in a pod file instead of having to treat each file as
- a separate case in Makefile. This can be done by adding two lines to the
- pod file:
-
- =for comment openssl_section:XXX
-
- The blank line is mandatory.
-
- [Steve Henson]
-
- *) New arguments -certform, -keyform and -pass for s_client and s_server
- to allow alternative format key and certificate files and passphrase
- sources.
- [Steve Henson]
-
- *) New structure X509_VERIFY_PARAM which combines current verify parameters,
- update associated structures and add various utility functions.
-
- Add new policy related verify parameters, include policy checking in
- standard verify code. Enhance 'smime' application with extra parameters
- to support policy checking and print out.
- [Steve Henson]
-
- *) Add a new engine to support VIA PadLock ACE extensions in the VIA C3
- Nehemiah processors. These extensions support AES encryption in hardware
- as well as RNG (though RNG support is currently disabled).
- [Michal Ludvig <michal at logix.cz>, with help from Andy Polyakov]
-
- *) Deprecate BN_[get|set]_params() functions (they were ignored internally).
- [Geoff Thorpe]
-
- *) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented.
- [Andy Polyakov and a number of other people]
-
- *) Improved PowerPC platform support. Most notably BIGNUM assembler
- implementation contributed by IBM.
- [Suresh Chari, Peter Waltenberg, Andy Polyakov]
-
- *) The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public
- exponent rather than 'unsigned long'. There is a corresponding change to
- the new 'rsa_keygen' element of the RSA_METHOD structure.
- [Jelte Jansen, Geoff Thorpe]
-
- *) Functionality for creating the initial serial number file is now
- moved from CA.pl to the 'ca' utility with a new option -create_serial.
-
- (Before OpenSSL 0.9.7e, CA.pl used to initialize the serial
- number file to 1, which is bound to cause problems. To avoid
- the problems while respecting compatibility between different 0.9.7
- patchlevels, 0.9.7e employed 'openssl x509 -next_serial' in
- CA.pl for serial number initialization. With the new release 0.9.8,
- we can fix the problem directly in the 'ca' utility.)
- [Steve Henson]
-
- *) Reduced header interdepencies by declaring more opaque objects in
- ossl_typ.h. As a consequence, including some headers (eg. engine.h) will
- give fewer recursive includes, which could break lazy source code - so
- this change is covered by the OPENSSL_NO_DEPRECATED symbol. As always,
- developers should define this symbol when building and using openssl to
- ensure they track the recommended behaviour, interfaces, [etc], but
- backwards-compatible behaviour prevails when this isn't defined.
- [Geoff Thorpe]
-
- *) New function X509_POLICY_NODE_print() which prints out policy nodes.
- [Steve Henson]
-
- *) Add new EVP function EVP_CIPHER_CTX_rand_key and associated functionality.
- This will generate a random key of the appropriate length based on the
- cipher context. The EVP_CIPHER can provide its own random key generation
- routine to support keys of a specific form. This is used in the des and
- 3des routines to generate a key of the correct parity. Update S/MIME
- code to use new functions and hence generate correct parity DES keys.
- Add EVP_CHECK_DES_KEY #define to return an error if the key is not
- valid (weak or incorrect parity).
- [Steve Henson]
-
- *) Add a local set of CRLs that can be used by X509_verify_cert() as well
- as looking them up. This is useful when the verified structure may contain
- CRLs, for example PKCS#7 signedData. Modify PKCS7_verify() to use any CRLs
- present unless the new PKCS7_NO_CRL flag is asserted.
- [Steve Henson]
-
- *) Extend ASN1 oid configuration module. It now additionally accepts the
- syntax:
-
- shortName = some long name, 1.2.3.4
- [Steve Henson]
-
- *) Reimplemented the BN_CTX implementation. There is now no more static
- limitation on the number of variables it can handle nor the depth of the
- "stack" handling for BN_CTX_start()/BN_CTX_end() pairs. The stack
- information can now expand as required, and rather than having a single
- static array of bignums, BN_CTX now uses a linked-list of such arrays
- allowing it to expand on demand whilst maintaining the usefulness of
- BN_CTX's "bundling".
- [Geoff Thorpe]
-
- *) Add a missing BN_CTX parameter to the 'rsa_mod_exp' callback in RSA_METHOD
- to allow all RSA operations to function using a single BN_CTX.
- [Geoff Thorpe]
-
- *) Preliminary support for certificate policy evaluation and checking. This
- is initially intended to pass the tests outlined in "Conformance Testing
- of Relying Party Client Certificate Path Processing Logic" v1.07.
- [Steve Henson]
-
- *) bn_dup_expand() has been deprecated, it was introduced in 0.9.7 and
- remained unused and not that useful. A variety of other little bignum
- tweaks and fixes have also been made continuing on from the audit (see
- below).
- [Geoff Thorpe]
-
- *) Constify all or almost all d2i, c2i, s2i and r2i functions, along with
- associated ASN1, EVP and SSL functions and old ASN1 macros.
- [Richard Levitte]
-
- *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results,
- and this should never fail. So the return value from the use of
- BN_set_word() (which can fail due to needless expansion) is now deprecated;
- if OPENSSL_NO_DEPRECATED is defined, BN_zero() is a void macro.
- [Geoff Thorpe]
-
- *) BN_CTX_get() should return zero-valued bignums, providing the same
- initialised value as BN_new().
- [Geoff Thorpe, suggested by Ulf Möller]
-
- *) Support for inhibitAnyPolicy certificate extension.
- [Steve Henson]
-
- *) An audit of the BIGNUM code is underway, for which debugging code is
- enabled when BN_DEBUG is defined. This makes stricter enforcements on what
- is considered valid when processing BIGNUMs, and causes execution to
- assert() when a problem is discovered. If BN_DEBUG_RAND is defined,
- further steps are taken to deliberately pollute unused data in BIGNUM
- structures to try and expose faulty code further on. For now, openssl will
- (in its default mode of operation) continue to tolerate the inconsistent
- forms that it has tolerated in the past, but authors and packagers should
- consider trying openssl and their own applications when compiled with
- these debugging symbols defined. It will help highlight potential bugs in
- their own code, and will improve the test coverage for OpenSSL itself. At
- some point, these tighter rules will become openssl's default to improve
- maintainability, though the assert()s and other overheads will remain only
- in debugging configurations. See bn.h for more details.
- [Geoff Thorpe, Nils Larsch, Ulf Möller]
-
- *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure
- that can only be obtained through BN_CTX_new() (which implicitly
- initialises it). The presence of this function only made it possible
- to overwrite an existing structure (and cause memory leaks).
- [Geoff Thorpe]
-
- *) Because of the callback-based approach for implementing LHASH as a
- template type, lh_insert() adds opaque objects to hash-tables and
- lh_doall() or lh_doall_arg() are typically used with a destructor callback
- to clean up those corresponding objects before destroying the hash table
- (and losing the object pointers). So some over-zealous constifications in
- LHASH have been relaxed so that lh_insert() does not take (nor store) the
- objects as "const" and the lh_doall[_arg] callback wrappers are not
- prototyped to have "const" restrictions on the object pointers they are
- given (and so aren't required to cast them away any more).
- [Geoff Thorpe]
-
- *) The tmdiff.h API was so ugly and minimal that our own timing utility
- (speed) prefers to use its own implementation. The two implementations
- haven't been consolidated as yet (volunteers?) but the tmdiff API has had
- its object type properly exposed (MS_TM) instead of casting to/from "char
- *". This may still change yet if someone realises MS_TM and "ms_time_***"
- aren't necessarily the greatest nomenclatures - but this is what was used
- internally to the implementation so I've used that for now.
- [Geoff Thorpe]
-
- *) Ensure that deprecated functions do not get compiled when
- OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of
- the self-tests were still using deprecated key-generation functions so
- these have been updated also.
- [Geoff Thorpe]
-
- *) Reorganise PKCS#7 code to separate the digest location functionality
- into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest().
- New function PKCS7_set_digest() to set the digest type for PKCS#7
- digestedData type. Add additional code to correctly generate the
- digestedData type and add support for this type in PKCS7 initialization
- functions.
- [Steve Henson]
-
- *) New function PKCS7_set0_type_other() this initializes a PKCS7
- structure of type "other".
- [Steve Henson]
-
- *) Fix prime generation loop in crypto/bn/bn_prime.pl by making
- sure the loop does correctly stop and breaking ("division by zero")
- modulus operations are not performed. The (pre-generated) prime
- table crypto/bn/bn_prime.h was already correct, but it could not be
- re-generated on some platforms because of the "division by zero"
- situation in the script.
- [Ralf S. Engelschall]
-
- *) Update support for ECC-based TLS ciphersuites according to
- draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with
- SHA-1 now is only used for "small" curves (where the
- representation of a field element takes up to 24 bytes); for
- larger curves, the field element resulting from ECDH is directly
- used as premaster secret.
- [Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2
- curve secp160r1 to the tests.
- [Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Add the possibility to load symbols globally with DSO.
- [Götz Babin-Ebell <babin-ebell at trustcenter.de> via Richard Levitte]
-
- *) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better
- control of the error stack.
- [Richard Levitte]
-
- *) Add support for STORE in ENGINE.
- [Richard Levitte]
-
- *) Add the STORE type. The intention is to provide a common interface
- to certificate and key stores, be they simple file-based stores, or
- HSM-type store, or LDAP stores, or...
- NOTE: The code is currently UNTESTED and isn't really used anywhere.
- [Richard Levitte]
-
- *) Add a generic structure called OPENSSL_ITEM. This can be used to
- pass a list of arguments to any function as well as provide a way
- for a function to pass data back to the caller.
- [Richard Levitte]
-
- *) Add the functions BUF_strndup() and BUF_memdup(). BUF_strndup()
- works like BUF_strdup() but can be used to duplicate a portion of
- a string. The copy gets NUL-terminated. BUF_memdup() duplicates
- a memory area.
- [Richard Levitte]
-
- *) Add the function sk_find_ex() which works like sk_find(), but will
- return an index to an element even if an exact match couldn't be
- found. The index is guaranteed to point at the element where the
- searched-for key would be inserted to preserve sorting order.
- [Richard Levitte]
-
- *) Add the function OBJ_bsearch_ex() which works like OBJ_bsearch() but
- takes an extra flags argument for optional functionality. Currently,
- the following flags are defined:
-
- OBJ_BSEARCH_VALUE_ON_NOMATCH
- This one gets OBJ_bsearch_ex() to return a pointer to the first
- element where the comparing function returns a negative or zero
- number.
-
- OBJ_BSEARCH_FIRST_VALUE_ON_MATCH
- This one gets OBJ_bsearch_ex() to return a pointer to the first
- element where the comparing function returns zero. This is useful
- if there are more than one element where the comparing function
- returns zero.
- [Richard Levitte]
-
- *) Make it possible to create self-signed certificates with 'openssl ca'
- in such a way that the self-signed certificate becomes part of the
- CA database and uses the same mechanisms for serial number generation
- as all other certificate signing. The new flag '-selfsign' enables
- this functionality. Adapt CA.sh and CA.pl.in.
- [Richard Levitte]
-
- *) Add functionality to check the public key of a certificate request
- against a given private. This is useful to check that a certificate
- request can be signed by that key (self-signing).
- [Richard Levitte]
-
- *) Make it possible to have multiple active certificates with the same
- subject in the CA index file. This is done only if the keyword
- 'unique_subject' is set to 'no' in the main CA section (default
- if 'CA_default') of the configuration file. The value is saved
- with the database itself in a separate index attribute file,
- named like the index file with '.attr' appended to the name.
- [Richard Levitte]
-
- *) Generate muti valued AVAs using '+' notation in config files for
- req and dirName.
- [Steve Henson]
-
- *) Support for nameConstraints certificate extension.
- [Steve Henson]
-
- *) Support for policyConstraints certificate extension.
- [Steve Henson]
-
- *) Support for policyMappings certificate extension.
- [Steve Henson]
-
- *) Make sure the default DSA_METHOD implementation only uses its
- dsa_mod_exp() and/or bn_mod_exp() handlers if they are non-NULL,
- and change its own handlers to be NULL so as to remove unnecessary
- indirection. This lets alternative implementations fallback to the
- default implementation more easily.
- [Geoff Thorpe]
-
- *) Support for directoryName in GeneralName related extensions
- in config files.
- [Steve Henson]
-
- *) Make it possible to link applications using Makefile.shared.
- Make that possible even when linking against static libraries!
- [Richard Levitte]
-
- *) Support for single pass processing for S/MIME signing. This now
- means that S/MIME signing can be done from a pipe, in addition
- cleartext signing (multipart/signed type) is effectively streaming
- and the signed data does not need to be all held in memory.
-
- This is done with a new flag PKCS7_STREAM. When this flag is set
- PKCS7_sign() only initializes the PKCS7 structure and the actual signing
- is done after the data is output (and digests calculated) in
- SMIME_write_PKCS7().
- [Steve Henson]
-
- *) Add full support for -rpath/-R, both in shared libraries and
- applications, at least on the platforms where it's known how
- to do it.
- [Richard Levitte]
-
- *) In crypto/ec/ec_mult.c, implement fast point multiplication with
- precomputation, based on wNAF splitting: EC_GROUP_precompute_mult()
- will now compute a table of multiples of the generator that
- makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul()
- faster (notably in the case of a single point multiplication,
- scalar * generator).
- [Nils Larsch, Bodo Moeller]
-
- *) IPv6 support for certificate extensions. The various extensions
- which use the IP:a.b.c.d can now take IPv6 addresses using the
- formats of RFC1884 2.2 . IPv6 addresses are now also displayed
- correctly.
- [Steve Henson]
-
- *) Added an ENGINE that implements RSA by performing private key
- exponentiations with the GMP library. The conversions to and from
- GMP's mpz_t format aren't optimised nor are any montgomery forms
- cached, and on x86 it appears OpenSSL's own performance has caught up.
- However there are likely to be other architectures where GMP could
- provide a boost. This ENGINE is not built in by default, but it can be
- specified at Configure time and should be accompanied by the necessary
- linker additions, eg;
- ./config -DOPENSSL_USE_GMP -lgmp
- [Geoff Thorpe]
-
- *) "openssl engine" will not display ENGINE/DSO load failure errors when
- testing availability of engines with "-t" - the old behaviour is
- produced by increasing the feature's verbosity with "-tt".
- [Geoff Thorpe]
-
- *) ECDSA routines: under certain error conditions uninitialized BN objects
- could be freed. Solution: make sure initialization is performed early
- enough. (Reported and fix supplied by Nils Larsch <nla at trustcenter.de>
- via PR#459)
- [Lutz Jaenicke]
-
- *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
- and DH_METHOD (eg. by ENGINE implementations) to override the normal
- software implementations. For DSA and DH, parameter generation can
- also be overriden by providing the appropriate method callbacks.
- [Geoff Thorpe]
-
- *) Change the "progress" mechanism used in key-generation and
- primality testing to functions that take a new BN_GENCB pointer in
- place of callback/argument pairs. The new API functions have "_ex"
- postfixes and the older functions are reimplemented as wrappers for
- the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
- declarations of the old functions to help (graceful) attempts to
- migrate to the new functions. Also, the new key-generation API
- functions operate on a caller-supplied key-structure and return
- success/failure rather than returning a key or NULL - this is to
- help make "keygen" another member function of RSA_METHOD etc.
-
- Example for using the new callback interface:
-
- int (*my_callback)(int a, int b, BN_GENCB *cb) = ...;
- void *my_arg = ...;
- BN_GENCB my_cb;
-
- BN_GENCB_set(&my_cb, my_callback, my_arg);
-
- return BN_is_prime_ex(some_bignum, BN_prime_checks, NULL, &cb);
- /* For the meaning of a, b in calls to my_callback(), see the
- * documentation of the function that calls the callback.
- * cb will point to my_cb; my_arg can be retrieved as cb->arg.
- * my_callback should return 1 if it wants BN_is_prime_ex()
- * to continue, or 0 to stop.
- */
-
- [Geoff Thorpe]
-
- *) Change the ZLIB compression method to be stateful, and make it
- available to TLS with the number defined in
- draft-ietf-tls-compression-04.txt.
- [Richard Levitte]
-
- *) Add the ASN.1 structures and functions for CertificatePair, which
- is defined as follows (according to X.509_4thEditionDraftV6.pdf):
-
- CertificatePair ::= SEQUENCE {
- forward [0] Certificate OPTIONAL,
- reverse [1] Certificate OPTIONAL,
- -- at least one of the pair shall be present -- }
-
- Also implement the PEM functions to read and write certificate
- pairs, and defined the PEM tag as "CERTIFICATE PAIR".
-
- This needed to be defined, mostly for the sake of the LDAP
- attribute crossCertificatePair, but may prove useful elsewhere as
- well.
- [Richard Levitte]
-
- *) Make it possible to inhibit symlinking of shared libraries in
- Makefile.shared, for Cygwin's sake.
- [Richard Levitte]
-
- *) Extend the BIGNUM API by creating a function
- void BN_set_negative(BIGNUM *a, int neg);
- and a macro that behave like
- int BN_is_negative(const BIGNUM *a);
-
- to avoid the need to access 'a->neg' directly in applications.
- [Nils Larsch]
-
- *) Implement fast modular reduction for pseudo-Mersenne primes
- used in NIST curves (crypto/bn/bn_nist.c, crypto/ec/ecp_nist.c).
- EC_GROUP_new_curve_GFp() will now automatically use this
- if applicable.
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Add new lock type (CRYPTO_LOCK_BN).
- [Bodo Moeller]
-
- *) Change the ENGINE framework to automatically load engines
- dynamically from specific directories unless they could be
- found to already be built in or loaded. Move all the
- current engines except for the cryptodev one to a new
- directory engines/.
- The engines in engines/ are built as shared libraries if
- the "shared" options was given to ./Configure or ./config.
- Otherwise, they are inserted in libcrypto.a.
- /usr/local/ssl/engines is the default directory for dynamic
- engines, but that can be overriden at configure time through
- the usual use of --prefix and/or --openssldir, and at run
- time with the environment variable OPENSSL_ENGINES.
- [Geoff Thorpe and Richard Levitte]
-
- *) Add Makefile.shared, a helper makefile to build shared
- libraries. Addapt Makefile.org.
- [Richard Levitte]
-
- *) Add version info to Win32 DLLs.
- [Peter 'Luna' Runestig" <peter at runestig.com>]
-
- *) Add new 'medium level' PKCS#12 API. Certificates and keys
- can be added using this API to created arbitrary PKCS#12
- files while avoiding the low level API.
-
- New options to PKCS12_create(), key or cert can be NULL and
- will then be omitted from the output file. The encryption
- algorithm NIDs can be set to -1 for no encryption, the mac
- iteration count can be set to 0 to omit the mac.
-
- Enhance pkcs12 utility by making the -nokeys and -nocerts
- options work when creating a PKCS#12 file. New option -nomac
- to omit the mac, NONE can be set for an encryption algorithm.
- New code is modified to use the enhanced PKCS12_create()
- instead of the low level API.
- [Steve Henson]
-
- *) Extend ASN1 encoder to support indefinite length constructed
- encoding. This can output sequences tags and octet strings in
- this form. Modify pk7_asn1.c to support indefinite length
- encoding. This is experimental and needs additional code to
- be useful, such as an ASN1 bio and some enhanced streaming
- PKCS#7 code.
-
- Extend template encode functionality so that tagging is passed
- down to the template encoder.
- [Steve Henson]
-
- *) Let 'openssl req' fail if an argument to '-newkey' is not
- recognized instead of using RSA as a default.
- [Bodo Moeller]
-
- *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt.
- As these are not official, they are not included in "ALL";
- the "ECCdraft" ciphersuite group alias can be used to select them.
- [Vipul Gupta and Sumit Gupta (Sun Microsystems Laboratories)]
-
- *) Add ECDH engine support.
- [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Add ECDH in new directory crypto/ecdh/.
- [Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Let BN_rand_range() abort with an error after 100 iterations
- without success (which indicates a broken PRNG).
- [Bodo Moeller]
-
- *) Change BN_mod_sqrt() so that it verifies that the input value
- is really the square of the return value. (Previously,
- BN_mod_sqrt would show GIGO behaviour.)
- [Bodo Moeller]
-
- *) Add named elliptic curves over binary fields from X9.62, SECG,
- and WAP/WTLS; add OIDs that were still missing.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Extend the EC library for elliptic curves over binary fields
- (new files ec2_smpl.c, ec2_smpt.c, ec2_mult.c in crypto/ec/).
- New EC_METHOD:
-
- EC_GF2m_simple_method
-
- New API functions:
-
- EC_GROUP_new_curve_GF2m
- EC_GROUP_set_curve_GF2m
- EC_GROUP_get_curve_GF2m
- EC_POINT_set_affine_coordinates_GF2m
- EC_POINT_get_affine_coordinates_GF2m
- EC_POINT_set_compressed_coordinates_GF2m
-
- Point compression for binary fields is disabled by default for
- patent reasons (compile with OPENSSL_EC_BIN_PT_COMP defined to
- enable it).
-
- As binary polynomials are represented as BIGNUMs, various members
- of the EC_GROUP and EC_POINT data structures can be shared
- between the implementations for prime fields and binary fields;
- the above ..._GF2m functions (except for EX_GROUP_new_curve_GF2m)
- are essentially identical to their ..._GFp counterparts.
- (For simplicity, the '..._GFp' prefix has been dropped from
- various internal method names.)
-
- An internal 'field_div' method (similar to 'field_mul' and
- 'field_sqr') has been added; this is used only for binary fields.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Optionally dispatch EC_POINT_mul(), EC_POINT_precompute_mult()
- through methods ('mul', 'precompute_mult').
-
- The generic implementations (now internally called 'ec_wNAF_mul'
- and 'ec_wNAF_precomputed_mult') remain the default if these
- methods are undefined.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) New function EC_GROUP_get_degree, which is defined through
- EC_METHOD. For curves over prime fields, this returns the bit
- length of the modulus.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) New functions EC_GROUP_dup, EC_POINT_dup.
- (These simply call ..._new and ..._copy).
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Add binary polynomial arithmetic software in crypto/bn/bn_gf2m.c.
- Polynomials are represented as BIGNUMs (where the sign bit is not
- used) in the following functions [macros]:
-
- BN_GF2m_add
- BN_GF2m_sub [= BN_GF2m_add]
- BN_GF2m_mod [wrapper for BN_GF2m_mod_arr]
- BN_GF2m_mod_mul [wrapper for BN_GF2m_mod_mul_arr]
- BN_GF2m_mod_sqr [wrapper for BN_GF2m_mod_sqr_arr]
- BN_GF2m_mod_inv
- BN_GF2m_mod_exp [wrapper for BN_GF2m_mod_exp_arr]
- BN_GF2m_mod_sqrt [wrapper for BN_GF2m_mod_sqrt_arr]
- BN_GF2m_mod_solve_quad [wrapper for BN_GF2m_mod_solve_quad_arr]
- BN_GF2m_cmp [= BN_ucmp]
-
- (Note that only the 'mod' functions are actually for fields GF(2^m).
- BN_GF2m_add() is misnomer, but this is for the sake of consistency.)
-
- For some functions, an the irreducible polynomial defining a
- field can be given as an 'unsigned int[]' with strictly
- decreasing elements giving the indices of those bits that are set;
- i.e., p[] represents the polynomial
- f(t) = t^p[0] + t^p[1] + ... + t^p[k]
- where
- p[0] > p[1] > ... > p[k] = 0.
- This applies to the following functions:
-
- BN_GF2m_mod_arr
- BN_GF2m_mod_mul_arr
- BN_GF2m_mod_sqr_arr
- BN_GF2m_mod_inv_arr [wrapper for BN_GF2m_mod_inv]
- BN_GF2m_mod_div_arr [wrapper for BN_GF2m_mod_div]
- BN_GF2m_mod_exp_arr
- BN_GF2m_mod_sqrt_arr
- BN_GF2m_mod_solve_quad_arr
- BN_GF2m_poly2arr
- BN_GF2m_arr2poly
-
- Conversion can be performed by the following functions:
-
- BN_GF2m_poly2arr
- BN_GF2m_arr2poly
-
- bntest.c has additional tests for binary polynomial arithmetic.
-
- Two implementations for BN_GF2m_mod_div() are available.
- The default algorithm simply uses BN_GF2m_mod_inv() and
- BN_GF2m_mod_mul(). The alternative algorithm is compiled in only
- if OPENSSL_SUN_GF2M_DIV is defined (patent pending; read the
- copyright notice in crypto/bn/bn_gf2m.c before enabling it).
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Add new error code 'ERR_R_DISABLED' that can be used when some
- functionality is disabled at compile-time.
- [Douglas Stebila <douglas.stebila at sun.com>]
-
- *) Change default behaviour of 'openssl asn1parse' so that more
- information is visible when viewing, e.g., a certificate:
-
- Modify asn1_parse2 (crypto/asn1/asn1_par.c) so that in non-'dump'
- mode the content of non-printable OCTET STRINGs is output in a
- style similar to INTEGERs, but with '[HEX DUMP]' prepended to
- avoid the appearance of a printable string.
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access
- functions
- EC_GROUP_set_asn1_flag()
- EC_GROUP_get_asn1_flag()
- EC_GROUP_set_point_conversion_form()
- EC_GROUP_get_point_conversion_form()
- These control ASN1 encoding details:
- - Curves (i.e., groups) are encoded explicitly unless asn1_flag
- has been set to OPENSSL_EC_NAMED_CURVE.
- - Points are encoded in uncompressed form by default; options for
- asn1_for are as for point2oct, namely
- POINT_CONVERSION_COMPRESSED
- POINT_CONVERSION_UNCOMPRESSED
- POINT_CONVERSION_HYBRID
-
- Also add 'seed' and 'seed_len' members to EC_GROUP with access
- functions
- EC_GROUP_set_seed()
- EC_GROUP_get0_seed()
- EC_GROUP_get_seed_len()
- This is used only for ASN1 purposes (so far).
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Add 'field_type' member to EC_METHOD, which holds the NID
- of the appropriate field type OID. The new function
- EC_METHOD_get_field_type() returns this value.
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Add functions
- EC_POINT_point2bn()
- EC_POINT_bn2point()
- EC_POINT_point2hex()
- EC_POINT_hex2point()
- providing useful interfaces to EC_POINT_point2oct() and
- EC_POINT_oct2point().
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Change internals of the EC library so that the functions
- EC_GROUP_set_generator()
- EC_GROUP_get_generator()
- EC_GROUP_get_order()
- EC_GROUP_get_cofactor()
- are implemented directly in crypto/ec/ec_lib.c and not dispatched
- to methods, which would lead to unnecessary code duplication when
- adding different types of curves.
- [Nils Larsch <nla at trustcenter.de> with input by Bodo Moeller]
-
- *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
- arithmetic, and such that modified wNAFs are generated
- (which avoid length expansion in many cases).
- [Bodo Moeller]
-
- *) Add a function EC_GROUP_check_discriminant() (defined via
- EC_METHOD) that verifies that the curve discriminant is non-zero.
-
- Add a function EC_GROUP_check() that makes some sanity tests
- on a EC_GROUP, its generator and order. This includes
- EC_GROUP_check_discriminant().
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Add ECDSA in new directory crypto/ecdsa/.
-
- Add applications 'openssl ecparam' and 'openssl ecdsa'
- (these are based on 'openssl dsaparam' and 'openssl dsa').
-
- ECDSA support is also included in various other files across the
- library. Most notably,
- - 'openssl req' now has a '-newkey ecdsa:file' option;
- - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
- - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
- d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
- them suitable for ECDSA where domain parameters must be
- extracted before the specific public key;
- - ECDSA engine support has been added.
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Include some named elliptic curves, and add OIDs from X9.62,
- SECG, and WAP/WTLS. Each curve can be obtained from the new
- function
- EC_GROUP_new_by_curve_name(),
- and the list of available named curves can be obtained with
- EC_get_builtin_curves().
- Also add a 'curve_name' member to EC_GROUP objects, which can be
- accessed via
- EC_GROUP_set_curve_name()
- EC_GROUP_get_curve_name()
- [Nils Larsch <larsch at trustcenter.de, Bodo Moeller]
-
- *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
- was actually never needed) and in BN_mul(). The removal in BN_mul()
- required a small change in bn_mul_part_recursive() and the addition
- of the functions bn_cmp_part_words(), bn_sub_part_words() and
- bn_add_part_words(), which do the same thing as bn_cmp_words(),
- bn_sub_words() and bn_add_words() except they take arrays with
- differing sizes.
- [Richard Levitte]
-
- Changes between 0.9.7l and 0.9.7m [23 Feb 2007]
-
- *) Cleanse PEM buffers before freeing them since they may contain
- sensitive data.
- [Benjamin Bennett <ben at psc.edu>]
-
- *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
- a ciphersuite string such as "DEFAULT:RSA" cannot enable
- authentication-only ciphersuites.
- [Bodo Moeller]
-
- *) Since AES128 and AES256 share a single mask bit in the logic of
- ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
- kludge to work properly if AES128 is available and AES256 isn't.
- [Victor Duchovni]
-
- *) Expand security boundary to match 1.1.1 module.
- [Steve Henson]
-
- *) Remove redundant features: hash file source, editing of test vectors
- modify fipsld to use external fips_premain.c signature.
- [Steve Henson]
-
- *) New perl script mkfipsscr.pl to create shell scripts or batch files to
- run algorithm test programs.
- [Steve Henson]
-
- *) Make algorithm test programs more tolerant of whitespace.
- [Steve Henson]
-
- *) Have SSL/TLS server implementation tolerate "mismatched" record
- protocol version while receiving ClientHello even if the
- ClientHello is fragmented. (The server can't insist on the
- particular protocol version it has chosen before the ServerHello
- message has informed the client about his choice.)
- [Bodo Moeller]
-
- *) Load error codes if they are not already present instead of using a
- static variable. This allows them to be cleanly unloaded and reloaded.
- [Steve Henson]
-
- Changes between 0.9.7k and 0.9.7l [28 Sep 2006]
-
- *) Introduce limits to prevent malicious keys being able to
- cause a denial of service. (CVE-2006-2940)
- [Steve Henson, Bodo Moeller]
-
- *) Fix ASN.1 parsing of certain invalid structures that can result
- in a denial of service. (CVE-2006-2937) [Steve Henson]
-
- *) Fix buffer overflow in SSL_get_shared_ciphers() function.
- (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
-
- *) Fix SSL client code which could crash if connecting to a
- malicious SSLv2 server. (CVE-2006-4343)
- [Tavis Ormandy and Will Drewry, Google Security Team]
-
- *) Change ciphersuite string processing so that an explicit
- ciphersuite selects this one ciphersuite (so that "AES256-SHA"
- will no longer include "AES128-SHA"), and any other similar
- ciphersuite (same bitmap) from *other* protocol versions (so that
- "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
- SSL 3.0/TLS 1.0 ciphersuite). This is a backport combining
- changes from 0.9.8b and 0.9.8d.
- [Bodo Moeller]
-
- Changes between 0.9.7j and 0.9.7k [05 Sep 2006]
-
- *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
- (CVE-2006-4339) [Ben Laurie and Google Security Team]
-
- *) Change the Unix randomness entropy gathering to use poll() when
- possible instead of select(), since the latter has some
- undesirable limitations.
- [Darryl Miles via Richard Levitte and Bodo Moeller]
-
- *) Disable rogue ciphersuites:
-
- - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
- - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
- - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
-
- The latter two were purportedly from
- draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
- appear there.
-
- Also deactive the remaining ciphersuites from
- draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
- unofficial, and the ID has long expired.
- [Bodo Moeller]
-
- *) Fix RSA blinding Heisenbug (problems sometimes occured on
- dual-core machines) and other potential thread-safety issues.
- [Bodo Moeller]
-
- Changes between 0.9.7i and 0.9.7j [04 May 2006]
-
- *) Adapt fipsld and the build system to link against the validated FIPS
- module in FIPS mode.
- [Steve Henson]
-
- *) Fixes for VC++ 2005 build under Windows.
- [Steve Henson]
-
- *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make
- from a Windows bash shell such as MSYS. It is autodetected from the
- "config" script when run from a VC++ environment. Modify standard VC++
- build to use fipscanister.o from the GNU make build.
- [Steve Henson]
-
- Changes between 0.9.7h and 0.9.7i [14 Oct 2005]
-
- *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
- The value now differs depending on if you build for FIPS or not.
- BEWARE! A program linked with a shared FIPSed libcrypto can't be
- safely run with a non-FIPSed libcrypto, as it may crash because of
- the difference induced by this change.
- [Andy Polyakov]
-
- Changes between 0.9.7g and 0.9.7h [11 Oct 2005]
-
- *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
- (part of SSL_OP_ALL). This option used to disable the
- countermeasure against man-in-the-middle protocol-version
- rollback in the SSL 2.0 server implementation, which is a bad
- idea. (CVE-2005-2969)
-
- [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
- for Information Security, National Institute of Advanced Industrial
- Science and Technology [AIST], Japan)]
-
- *) Minimal support for X9.31 signatures and PSS padding modes. This is
- mainly for FIPS compliance and not fully integrated at this stage.
- [Steve Henson]
-
- *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
- the exponentiation using a fixed-length exponent. (Otherwise,
- the information leaked through timing could expose the secret key
- after many signatures; cf. Bleichenbacher's attack on DSA with
- biased k.)
- [Bodo Moeller]
-
- *) Make a new fixed-window mod_exp implementation the default for
- RSA, DSA, and DH private-key operations so that the sequence of
- squares and multiplies and the memory access pattern are
- independent of the particular secret key. This will mitigate
- cache-timing and potential related attacks.
-
- BN_mod_exp_mont_consttime() is the new exponentiation implementation,
- and this is automatically used by BN_mod_exp_mont() if the new flag
- BN_FLG_EXP_CONSTTIME is set for the exponent. RSA, DSA, and DH
- will use this BN flag for private exponents unless the flag
- RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
- DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
-
- [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
-
- *) Change the client implementation for SSLv23_method() and
- SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
- Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
- (Previously, the SSL 2.0 backwards compatible Client Hello
- message format would be used even with SSL_OP_NO_SSLv2.)
- [Bodo Moeller]
-
- *) Add support for smime-type MIME parameter in S/MIME messages which some
- clients need.
- [Steve Henson]
-
- *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
- a threadsafe manner. Modify rsa code to use new function and add calls
- to dsa and dh code (which had race conditions before).
- [Steve Henson]
-
- *) Include the fixed error library code in the C error file definitions
- instead of fixing them up at runtime. This keeps the error code
- structures constant.
- [Steve Henson]
-
- Changes between 0.9.7f and 0.9.7g [11 Apr 2005]
-
- [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
- OpenSSL 0.9.8.]
-
- *) Fixes for newer kerberos headers. NB: the casts are needed because
- the 'length' field is signed on one version and unsigned on another
- with no (?) obvious way to tell the difference, without these VC++
- complains. Also the "definition" of FAR (blank) is no longer included
- nor is the error ENOMEM. KRB5_PRIVATE has to be set to 1 to pick up
- some needed definitions.
- [Steve Henson]
-
- *) Undo Cygwin change.
- [Ulf Möller]
-
- *) Added support for proxy certificates according to RFC 3820.
- Because they may be a security thread to unaware applications,
- they must be explicitely allowed in run-time. See
- docs/HOWTO/proxy_certificates.txt for further information.
- [Richard Levitte]
-
- Changes between 0.9.7e and 0.9.7f [22 Mar 2005]
-
- *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating
- server and client random values. Previously
- (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in
- less random data when sizeof(time_t) > 4 (some 64 bit platforms).
-
- This change has negligible security impact because:
-
- 1. Server and client random values still have 24 bytes of pseudo random
- data.
-
- 2. Server and client random values are sent in the clear in the initial
- handshake.
-
- 3. The master secret is derived using the premaster secret (48 bytes in
- size for static RSA ciphersuites) as well as client server and random
- values.
-
- The OpenSSL team would like to thank the UK NISCC for bringing this issue
- to our attention.
-
- [Stephen Henson, reported by UK NISCC]
-
- *) Use Windows randomness collection on Cygwin.
- [Ulf Möller]
-
- *) Fix hang in EGD/PRNGD query when communication socket is closed
- prematurely by EGD/PRNGD.
- [Darren Tucker <dtucker at zip.com.au> via Lutz Jänicke, resolves #1014]
-
- *) Prompt for pass phrases when appropriate for PKCS12 input format.
- [Steve Henson]
-
- *) Back-port of selected performance improvements from development
- branch, as well as improved support for PowerPC platforms.
- [Andy Polyakov]
-
- *) Add lots of checks for memory allocation failure, error codes to indicate
- failure and freeing up memory if a failure occurs.
- [Nauticus Networks SSL Team <openssl at nauticusnet.com>, Steve Henson]
-
- *) Add new -passin argument to dgst.
- [Steve Henson]
-
- *) Perform some character comparisons of different types in X509_NAME_cmp:
- this is needed for some certificates that reencode DNs into UTF8Strings
- (in violation of RFC3280) and can't or wont issue name rollover
- certificates.
- [Steve Henson]
-
- *) Make an explicit check during certificate validation to see that
- the CA setting in each certificate on the chain is correct. As a
- side effect always do the following basic checks on extensions,
- not just when there's an associated purpose to the check:
-
- - if there is an unhandled critical extension (unless the user
- has chosen to ignore this fault)
- - if the path length has been exceeded (if one is set at all)
- - that certain extensions fit the associated purpose (if one has
- been given)
- [Richard Levitte]
-
- Changes between 0.9.7d and 0.9.7e [25 Oct 2004]
-
- *) Avoid a race condition when CRLs are checked in a multi threaded
- environment. This would happen due to the reordering of the revoked
- entries during signature checking and serial number lookup. Now the
- encoding is cached and the serial number sort performed under a lock.
- Add new STACK function sk_is_sorted().
- [Steve Henson]
-
- *) Add Delta CRL to the extension code.
- [Steve Henson]
-
- *) Various fixes to s3_pkt.c so alerts are sent properly.
- [David Holmes <d.holmes at f5.com>]
-
- *) Reduce the chances of duplicate issuer name and serial numbers (in
- violation of RFC3280) using the OpenSSL certificate creation utilities.
- This is done by creating a random 64 bit value for the initial serial
- number when a serial number file is created or when a self signed
- certificate is created using 'openssl req -x509'. The initial serial
- number file is created using 'openssl x509 -next_serial' in CA.pl
- rather than being initialized to 1.
- [Steve Henson]
-
- Changes between 0.9.7c and 0.9.7d [17 Mar 2004]
-
- *) Fix null-pointer assignment in do_change_cipher_spec() revealed
- by using the Codenomicon TLS Test Tool (CVE-2004-0079)
- [Joe Orton, Steve Henson]
-
- *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
- (CVE-2004-0112)
- [Joe Orton, Steve Henson]
-
- *) Make it possible to have multiple active certificates with the same
- subject in the CA index file. This is done only if the keyword
- 'unique_subject' is set to 'no' in the main CA section (default
- if 'CA_default') of the configuration file. The value is saved
- with the database itself in a separate index attribute file,
- named like the index file with '.attr' appended to the name.
- [Richard Levitte]
-
- *) X509 verify fixes. Disable broken certificate workarounds when
- X509_V_FLAGS_X509_STRICT is set. Check CRL issuer has cRLSign set if
- keyUsage extension present. Don't accept CRLs with unhandled critical
- extensions: since verify currently doesn't process CRL extensions this
- rejects a CRL with *any* critical extensions. Add new verify error codes
- for these cases.
- [Steve Henson]
-
- *) When creating an OCSP nonce use an OCTET STRING inside the extnValue.
- A clarification of RFC2560 will require the use of OCTET STRINGs and
- some implementations cannot handle the current raw format. Since OpenSSL
- copies and compares OCSP nonces as opaque blobs without any attempt at
- parsing them this should not create any compatibility issues.
- [Steve Henson]
-
- *) New md flag EVP_MD_CTX_FLAG_REUSE this allows md_data to be reused when
- calling EVP_MD_CTX_copy_ex() to avoid calling OPENSSL_malloc(). Without
- this HMAC (and other) operations are several times slower than OpenSSL
- < 0.9.7.
- [Steve Henson]
-
- *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
- [Peter Sylvester <Peter.Sylvester at EdelWeb.fr>]
-
- *) Use the correct content when signing type "other".
- [Steve Henson]
-
- Changes between 0.9.7b and 0.9.7c [30 Sep 2003]
-
- *) Fix various bugs revealed by running the NISCC test suite:
-
- Stop out of bounds reads in the ASN1 code when presented with
- invalid tags (CVE-2003-0543 and CVE-2003-0544).
-
- Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
-
- If verify callback ignores invalid public key errors don't try to check
- certificate signature with the NULL public key.
-
- [Steve Henson]
-
- *) New -ignore_err option in ocsp application to stop the server
- exiting on the first error in a request.
- [Steve Henson]
-
- *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
- if the server requested one: as stated in TLS 1.0 and SSL 3.0
- specifications.
- [Steve Henson]
-
- *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
- extra data after the compression methods not only for TLS 1.0
- but also for SSL 3.0 (as required by the specification).
- [Bodo Moeller; problem pointed out by Matthias Loepfe]
-
- *) Change X509_certificate_type() to mark the key as exported/exportable
- when it's 512 *bits* long, not 512 bytes.
- [Richard Levitte]
-
- *) Change AES_cbc_encrypt() so it outputs exact multiple of
- blocks during encryption.
- [Richard Levitte]
-
- *) Various fixes to base64 BIO and non blocking I/O. On write
- flushes were not handled properly if the BIO retried. On read
- data was not being buffered properly and had various logic bugs.
- This also affects blocking I/O when the data being decoded is a
- certain size.
- [Steve Henson]
-
- *) Various S/MIME bugfixes and compatibility changes:
- output correct application/pkcs7 MIME type if
- PKCS7_NOOLDMIMETYPE is set. Tolerate some broken signatures.
- Output CR+LF for EOL if PKCS7_CRLFEOL is set (this makes opening
- of files as .eml work). Correctly handle very long lines in MIME
- parser.
- [Steve Henson]
-
- Changes between 0.9.7a and 0.9.7b [10 Apr 2003]
-
- *) Countermeasure against the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack on PKCS #1 v1.5 padding: treat
- a protocol version number mismatch like a decryption error
- in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
- [Bodo Moeller]
-
- *) Turn on RSA blinding by default in the default implementation
- to avoid a timing attack. Applications that don't want it can call
- RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
- They would be ill-advised to do so in most cases.
- [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
-
- *) Change RSA blinding code so that it works when the PRNG is not
- seeded (in this case, the secret RSA exponent is abused as
- an unpredictable seed -- if it is not unpredictable, there
- is no point in blinding anyway). Make RSA blinding thread-safe
- by remembering the creator's thread ID in rsa->blinding and
- having all other threads use local one-time blinding factors
- (this requires more computation than sharing rsa->blinding, but
- avoids excessive locking; and if an RSA object is not shared
- between threads, blinding will still be very fast).
- [Bodo Moeller]
-
- *) Fixed a typo bug that would cause ENGINE_set_default() to set an
- ENGINE as defaults for all supported algorithms irrespective of
- the 'flags' parameter. 'flags' is now honoured, so applications
- should make sure they are passing it correctly.
- [Geoff Thorpe]
-
- *) Target "mingw" now allows native Windows code to be generated in
- the Cygwin environment as well as with the MinGW compiler.
- [Ulf Moeller]
-
- Changes between 0.9.7 and 0.9.7a [19 Feb 2003]
-
- *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
- via timing by performing a MAC computation even if incorrrect
- block cipher padding has been found. This is a countermeasure
- against active attacks where the attacker has to distinguish
- between bad padding and a MAC verification error. (CVE-2003-0078)
-
- [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
- Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
- Martin Vuagnoux (EPFL, Ilion)]
-
- *) Make the no-err option work as intended. The intention with no-err
- is not to have the whole error stack handling routines removed from
- libcrypto, it's only intended to remove all the function name and
- reason texts, thereby removing some of the footprint that may not
- be interesting if those errors aren't displayed anyway.
-
- NOTE: it's still possible for any application or module to have it's
- own set of error texts inserted. The routines are there, just not
- used by default when no-err is given.
- [Richard Levitte]
-
- *) Add support for FreeBSD on IA64.
- [dirk.meyer at dinoex.sub.org via Richard Levitte, resolves #454]
-
- *) Adjust DES_cbc_cksum() so it returns the same value as the MIT
- Kerberos function mit_des_cbc_cksum(). Before this change,
- the value returned by DES_cbc_cksum() was like the one from
- mit_des_cbc_cksum(), except the bytes were swapped.
- [Kevin Greaney <Kevin.Greaney at hp.com> and Richard Levitte]
-
- *) Allow an application to disable the automatic SSL chain building.
- Before this a rather primitive chain build was always performed in
- ssl3_output_cert_chain(): an application had no way to send the
- correct chain if the automatic operation produced an incorrect result.
-
- Now the chain builder is disabled if either:
-
- 1. Extra certificates are added via SSL_CTX_add_extra_chain_cert().
-
- 2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set.
-
- The reasoning behind this is that an application would not want the
- auto chain building to take place if extra chain certificates are
- present and it might also want a means of sending no additional
- certificates (for example the chain has two certificates and the
- root is omitted).
- [Steve Henson]
-
- *) Add the possibility to build without the ENGINE framework.
- [Steven Reddie <smr at essemer.com.au> via Richard Levitte]
-
- *) Under Win32 gmtime() can return NULL: check return value in
- OPENSSL_gmtime(). Add error code for case where gmtime() fails.
- [Steve Henson]
-
- *) DSA routines: under certain error conditions uninitialized BN objects
- could be freed. Solution: make sure initialization is performed early
- enough. (Reported and fix supplied by Ivan D Nestlerode <nestler at MIT.EDU>,
- Nils Larsch <nla at trustcenter.de> via PR#459)
- [Lutz Jaenicke]
-
- *) Another fix for SSLv2 session ID handling: the session ID was incorrectly
- checked on reconnect on the client side, therefore session resumption
- could still fail with a "ssl session id is different" error. This
- behaviour is masked when SSL_OP_ALL is used due to
- SSL_OP_MICROSOFT_SESS_ID_BUG being set.
- Behaviour observed by Crispin Flowerday <crispin at flowerday.cx> as
- followup to PR #377.
- [Lutz Jaenicke]
-
- *) IA-32 assembler support enhancements: unified ELF targets, support
- for SCO/Caldera platforms, fix for Cygwin shared build.
- [Andy Polyakov]
-
- *) Add support for FreeBSD on sparc64. As a consequence, support for
- FreeBSD on non-x86 processors is separate from x86 processors on
- the config script, much like the NetBSD support.
- [Richard Levitte & Kris Kennaway <kris at obsecurity.org>]
-
- Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
-
- [NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
- OpenSSL 0.9.7.]
-
- *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
- code (06) was taken as the first octet of the session ID and the last
- octet was ignored consequently. As a result SSLv2 client side session
- caching could not have worked due to the session ID mismatch between
- client and server.
- Behaviour observed by Crispin Flowerday <crispin at flowerday.cx> as
- PR #377.
- [Lutz Jaenicke]
-
- *) Change the declaration of needed Kerberos libraries to use EX_LIBS
- instead of the special (and badly supported) LIBKRB5. LIBKRB5 is
- removed entirely.
- [Richard Levitte]
-
- *) The hw_ncipher.c engine requires dynamic locks. Unfortunately, it
- seems that in spite of existing for more than a year, many application
- author have done nothing to provide the necessary callbacks, which
- means that this particular engine will not work properly anywhere.
- This is a very unfortunate situation which forces us, in the name
- of usability, to give the hw_ncipher.c a static lock, which is part
- of libcrypto.
- NOTE: This is for the 0.9.7 series ONLY. This hack will never
- appear in 0.9.8 or later. We EXPECT application authors to have
- dealt properly with this when 0.9.8 is released (unless we actually
- make such changes in the libcrypto locking code that changes will
- have to be made anyway).
- [Richard Levitte]
-
- *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
- octets have been read, EOF or an error occurs. Without this change
- some truncated ASN1 structures will not produce an error.
- [Steve Henson]
-
- *) Disable Heimdal support, since it hasn't been fully implemented.
- Still give the possibility to force the use of Heimdal, but with
- warnings and a request that patches get sent to openssl-dev.
- [Richard Levitte]
-
- *) Add the VC-CE target, introduce the WINCE sysname, and add
- INSTALL.WCE and appropriate conditionals to make it build.
- [Steven Reddie <smr at essemer.com.au> via Richard Levitte]
-
- *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and
- cygssl-x.y.z.dll, where x, y and z are the major, minor and
- edit numbers of the version.
- [Corinna Vinschen <vinschen at redhat.com> and Richard Levitte]
-
- *) Introduce safe string copy and catenation functions
- (BUF_strlcpy() and BUF_strlcat()).
- [Ben Laurie (CHATS) and Richard Levitte]
-
- *) Avoid using fixed-size buffers for one-line DNs.
- [Ben Laurie (CHATS)]
-
- *) Add BUF_MEM_grow_clean() to avoid information leakage when
- resizing buffers containing secrets, and use where appropriate.
- [Ben Laurie (CHATS)]
-
- *) Avoid using fixed size buffers for configuration file location.
- [Ben Laurie (CHATS)]
-
- *) Avoid filename truncation for various CA files.
- [Ben Laurie (CHATS)]
-
- *) Use sizeof in preference to magic numbers.
- [Ben Laurie (CHATS)]
-
- *) Avoid filename truncation in cert requests.
- [Ben Laurie (CHATS)]
-
- *) Add assertions to check for (supposedly impossible) buffer
- overflows.
- [Ben Laurie (CHATS)]
-
- *) Don't cache truncated DNS entries in the local cache (this could
- potentially lead to a spoofing attack).
- [Ben Laurie (CHATS)]
-
- *) Fix various buffers to be large enough for hex/decimal
- representations in a platform independent manner.
- [Ben Laurie (CHATS)]
-
- *) Add CRYPTO_realloc_clean() to avoid information leakage when
- resizing buffers containing secrets, and use where appropriate.
- [Ben Laurie (CHATS)]
-
- *) Add BIO_indent() to avoid much slightly worrying code to do
- indents.
- [Ben Laurie (CHATS)]
-
- *) Convert sprintf()/BIO_puts() to BIO_printf().
- [Ben Laurie (CHATS)]
-
- *) buffer_gets() could terminate with the buffer only half
- full. Fixed.
- [Ben Laurie (CHATS)]
-
- *) Add assertions to prevent user-supplied crypto functions from
- overflowing internal buffers by having large block sizes, etc.
- [Ben Laurie (CHATS)]
-
- *) New OPENSSL_assert() macro (similar to assert(), but enabled
- unconditionally).
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused copy of key in RC4.
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and incorrectly sized buffers for IV in pem.h.
- [Ben Laurie (CHATS)]
-
- *) Fix off-by-one error in EGD path.
- [Ben Laurie (CHATS)]
-
- *) If RANDFILE path is too long, ignore instead of truncating.
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and incorrectly sized X.509 structure
- CBCParameter.
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and dangerous function knumber().
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and dangerous structure, KSSL_ERR.
- [Ben Laurie (CHATS)]
-
- *) Protect against overlong session ID context length in an encoded
- session object. Since these are local, this does not appear to be
- exploitable.
- [Ben Laurie (CHATS)]
-
- *) Change from security patch (see 0.9.6e below) that did not affect
- the 0.9.6 release series:
-
- Remote buffer overflow in SSL3 protocol - an attacker could
- supply an oversized master key in Kerberos-enabled versions.
- (CVE-2002-0657)
- [Ben Laurie (CHATS)]
-
- *) Change the SSL kerb5 codes to match RFC 2712.
- [Richard Levitte]
-
- *) Make -nameopt work fully for req and add -reqopt switch.
- [Michael Bell <michael.bell at rz.hu-berlin.de>, Steve Henson]
-
- *) The "block size" for block ciphers in CFB and OFB mode should be 1.
- [Steve Henson, reported by Yngve Nysaeter Pettersen <yngve at opera.com>]
-
- *) Make sure tests can be performed even if the corresponding algorithms
- have been removed entirely. This was also the last step to make
- OpenSSL compilable with DJGPP under all reasonable conditions.
- [Richard Levitte, Doug Kaufman <dkaufman at rahul.net>]
-
- *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
- to allow version independent disabling of normally unselected ciphers,
- which may be activated as a side-effect of selecting a single cipher.
-
- (E.g., cipher list string "RSA" enables ciphersuites that are left
- out of "ALL" because they do not provide symmetric encryption.
- "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
- [Lutz Jaenicke, Bodo Moeller]
-
- *) Add appropriate support for separate platform-dependent build
- directories. The recommended way to make a platform-dependent
- build directory is the following (tested on Linux), maybe with
- some local tweaks:
-
- # Place yourself outside of the OpenSSL source tree. In
- # this example, the environment variable OPENSSL_SOURCE
- # is assumed to contain the absolute OpenSSL source directory.
- mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
- cd objtree/"`uname -s`-`uname -r`-`uname -m`"
- (cd $OPENSSL_SOURCE; find . -type f) | while read F; do
- mkdir -p `dirname $F`
- ln -s $OPENSSL_SOURCE/$F $F
- done
-
- To be absolutely sure not to disturb the source tree, a "make clean"
- is a good thing. If it isn't successfull, don't worry about it,
- it probably means the source directory is very clean.
- [Richard Levitte]
-
- *) Make sure any ENGINE control commands make local copies of string
- pointers passed to them whenever necessary. Otherwise it is possible
- the caller may have overwritten (or deallocated) the original string
- data when a later ENGINE operation tries to use the stored values.
- [Götz Babin-Ebell <babinebell at trustcenter.de>]
-
- *) Improve diagnostics in file reading and command-line digests.
- [Ben Laurie aided and abetted by Solar Designer <solar at openwall.com>]
-
- *) Add AES modes CFB and OFB to the object database. Correct an
- error in AES-CFB decryption.
- [Richard Levitte]
-
- *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this
- allows existing EVP_CIPHER_CTX structures to be reused after
- calling EVP_*Final(). This behaviour is used by encryption
- BIOs and some applications. This has the side effect that
- applications must explicitly clean up cipher contexts with
- EVP_CIPHER_CTX_cleanup() or they will leak memory.
- [Steve Henson]
-
- *) Check the values of dna and dnb in bn_mul_recursive before calling
- bn_mul_comba (a non zero value means the a or b arrays do not contain
- n2 elements) and fallback to bn_mul_normal if either is not zero.
- [Steve Henson]
-
- *) Fix escaping of non-ASCII characters when using the -subj option
- of the "openssl req" command line tool. (Robert Joop <joop at fokus.gmd.de>)
- [Lutz Jaenicke]
-
- *) Make object definitions compliant to LDAP (RFC2256): SN is the short
- form for "surname", serialNumber has no short form.
- Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
- therefore remove "mail" short name for "internet 7".
- The OID for unique identifiers in X509 certificates is
- x500UniqueIdentifier, not uniqueIdentifier.
- Some more OID additions. (Michael Bell <michael.bell at rz.hu-berlin.de>)
- [Lutz Jaenicke]
-
- *) Add an "init" command to the ENGINE config module and auto initialize
- ENGINEs. Without any "init" command the ENGINE will be initialized
- after all ctrl commands have been executed on it. If init=1 the
- ENGINE is initailized at that point (ctrls before that point are run
- on the uninitialized ENGINE and after on the initialized one). If
- init=0 then the ENGINE will not be iniatialized at all.
- [Steve Henson]
-
- *) Fix the 'app_verify_callback' interface so that the user-defined
- argument is actually passed to the callback: In the
- SSL_CTX_set_cert_verify_callback() prototype, the callback
- declaration has been changed from
- int (*cb)()
- into
- int (*cb)(X509_STORE_CTX *,void *);
- in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
- i=s->ctx->app_verify_callback(&ctx)
- has been changed into
- i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
-
- To update applications using SSL_CTX_set_cert_verify_callback(),
- a dummy argument can be added to their callback functions.
- [D. K. Smetters <smetters at parc.xerox.com>]
-
- *) Added the '4758cca' ENGINE to support IBM 4758 cards.
- [Maurice Gittens <maurice at gittens.nl>, touchups by Geoff Thorpe]
-
- *) Add and OPENSSL_LOAD_CONF define which will cause
- OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
- This allows older applications to transparently support certain
- OpenSSL features: such as crypto acceleration and dynamic ENGINE loading.
- Two new functions OPENSSL_add_all_algorithms_noconf() which will never
- load the config file and OPENSSL_add_all_algorithms_conf() which will
- always load it have also been added.
- [Steve Henson]
-
- *) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES.
- Adjust NIDs and EVP layer.
- [Stephen Sprunk <stephen at sprunk.org> and Richard Levitte]
-
- *) Config modules support in openssl utility.
-
- Most commands now load modules from the config file,
- though in a few (such as version) this isn't done
- because it couldn't be used for anything.
-
- In the case of ca and req the config file used is
- the same as the utility itself: that is the -config
- command line option can be used to specify an
- alternative file.
- [Steve Henson]
-
- *) Move default behaviour from OPENSSL_config(). If appname is NULL
- use "openssl_conf" if filename is NULL use default openssl config file.
- [Steve Henson]
-
- *) Add an argument to OPENSSL_config() to allow the use of an alternative
- config section name. Add a new flag to tolerate a missing config file
- and move code to CONF_modules_load_file().
- [Steve Henson]
-
- *) Support for crypto accelerator cards from Accelerated Encryption
- Processing, www.aep.ie. (Use engine 'aep')
- The support was copied from 0.9.6c [engine] and adapted/corrected
- to work with the new engine framework.
- [AEP Inc. and Richard Levitte]
-
- *) Support for SureWare crypto accelerator cards from Baltimore
- Technologies. (Use engine 'sureware')
- The support was copied from 0.9.6c [engine] and adapted
- to work with the new engine framework.
- [Richard Levitte]
-
- *) Have the CHIL engine fork-safe (as defined by nCipher) and actually
- make the newer ENGINE framework commands for the CHIL engine work.
- [Toomas Kiisk <vix at cyber.ee> and Richard Levitte]
-
- *) Make it possible to produce shared libraries on ReliantUNIX.
- [Robert Dahlem <Robert.Dahlem at ffm2.siemens.de> via Richard Levitte]
-
- *) Add the configuration target debug-linux-ppro.
- Make 'openssl rsa' use the general key loading routines
- implemented in apps.c, and make those routines able to
- handle the key format FORMAT_NETSCAPE and the variant
- FORMAT_IISSGC.
- [Toomas Kiisk <vix at cyber.ee> via Richard Levitte]
-
- *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
- [Toomas Kiisk <vix at cyber.ee> via Richard Levitte]
-
- *) Add -keyform to rsautl, and document -engine.
- [Richard Levitte, inspired by Toomas Kiisk <vix at cyber.ee>]
-
- *) Change BIO_new_file (crypto/bio/bss_file.c) to use new
- BIO_R_NO_SUCH_FILE error code rather than the generic
- ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
- [Ben Laurie]
-
- *) Add new functions
- ERR_peek_last_error
- ERR_peek_last_error_line
- ERR_peek_last_error_line_data.
- These are similar to
- ERR_peek_error
- ERR_peek_error_line
- ERR_peek_error_line_data,
- but report on the latest error recorded rather than the first one
- still in the error queue.
- [Ben Laurie, Bodo Moeller]
-
- *) default_algorithms option in ENGINE config module. This allows things
- like:
- default_algorithms = ALL
- default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
- [Steve Henson]
-
- *) Prelminary ENGINE config module.
- [Steve Henson]
-
- *) New experimental application configuration code.
- [Steve Henson]
-
- *) Change the AES code to follow the same name structure as all other
- symmetric ciphers, and behave the same way. Move everything to
- the directory crypto/aes, thereby obsoleting crypto/rijndael.
- [Stephen Sprunk <stephen at sprunk.org> and Richard Levitte]
-
- *) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
- [Ben Laurie and Theo de Raadt]
-
- *) Add option to output public keys in req command.
- [Massimiliano Pala madwolf at openca.org]
-
- *) Use wNAFs in EC_POINTs_mul() for improved efficiency
- (up to about 10% better than before for P-192 and P-224).
- [Bodo Moeller]
-
- *) New functions/macros
-
- SSL_CTX_set_msg_callback(ctx, cb)
- SSL_CTX_set_msg_callback_arg(ctx, arg)
- SSL_set_msg_callback(ssl, cb)
- SSL_set_msg_callback_arg(ssl, arg)
-
- to request calling a callback function
-
- void cb(int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl, void *arg)
-
- whenever a protocol message has been completely received
- (write_p == 0) or sent (write_p == 1). Here 'version' is the
- protocol version according to which the SSL library interprets
- the current protocol message (SSL2_VERSION, SSL3_VERSION, or
- TLS1_VERSION). 'content_type' is 0 in the case of SSL 2.0, or
- the content type as defined in the SSL 3.0/TLS 1.0 protocol
- specification (change_cipher_spec(20), alert(21), handshake(22)).
- 'buf' and 'len' point to the actual message, 'ssl' to the
- SSL object, and 'arg' is the application-defined value set by
- SSL[_CTX]_set_msg_callback_arg().
-
- 'openssl s_client' and 'openssl s_server' have new '-msg' options
- to enable a callback that displays all protocol messages.
- [Bodo Moeller]
-
- *) Change the shared library support so shared libraries are built as
- soon as the corresponding static library is finished, and thereby get
- openssl and the test programs linked against the shared library.
- This still only happens when the keyword "shard" has been given to
- the configuration scripts.
-
- NOTE: shared library support is still an experimental thing, and
- backward binary compatibility is still not guaranteed.
- ["Maciej W. Rozycki" <macro at ds2.pg.gda.pl> and Richard Levitte]
-
- *) Add support for Subject Information Access extension.
- [Peter Sylvester <Peter.Sylvester at EdelWeb.fr>]
-
- *) Make BUF_MEM_grow() behaviour more consistent: Initialise to zero
- additional bytes when new memory had to be allocated, not just
- when reusing an existing buffer.
- [Bodo Moeller]
-
- *) New command line and configuration option 'utf8' for the req command.
- This allows field values to be specified as UTF8 strings.
- [Steve Henson]
-
- *) Add -multi and -mr options to "openssl speed" - giving multiple parallel
- runs for the former and machine-readable output for the latter.
- [Ben Laurie]
-
- *) Add '-noemailDN' option to 'openssl ca'. This prevents inclusion
- of the e-mail address in the DN (i.e., it will go into a certificate
- extension only). The new configuration file option 'email_in_dn = no'
- has the same effect.
- [Massimiliano Pala madwolf at openca.org]
-
- *) Change all functions with names starting with des_ to be starting
- with DES_ instead. Add wrappers that are compatible with libdes,
- but are named _ossl_old_des_*. Finally, add macros that map the
- des_* symbols to the corresponding _ossl_old_des_* if libdes
- compatibility is desired. If OpenSSL 0.9.6c compatibility is
- desired, the des_* symbols will be mapped to DES_*, with one
- exception.
-
- Since we provide two compatibility mappings, the user needs to
- define the macro OPENSSL_DES_LIBDES_COMPATIBILITY if libdes
- compatibility is desired. The default (i.e., when that macro
- isn't defined) is OpenSSL 0.9.6c compatibility.
-
- There are also macros that enable and disable the support of old
- des functions altogether. Those are OPENSSL_ENABLE_OLD_DES_SUPPORT
- and OPENSSL_DISABLE_OLD_DES_SUPPORT. If none or both of those
- are defined, the default will apply: to support the old des routines.
-
- In either case, one must include openssl/des.h to get the correct
- definitions. Do not try to just include openssl/des_old.h, that
- won't work.
-
- NOTE: This is a major break of an old API into a new one. Software
- authors are encouraged to switch to the DES_ style functions. Some
- time in the future, des_old.h and the libdes compatibility functions
- will be disable (i.e. OPENSSL_DISABLE_OLD_DES_SUPPORT will be the
- default), and then completely removed.
- [Richard Levitte]
-
- *) Test for certificates which contain unsupported critical extensions.
- If such a certificate is found during a verify operation it is
- rejected by default: this behaviour can be overridden by either
- handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or
- by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function
- X509_supported_extension() has also been added which returns 1 if a
- particular extension is supported.
- [Steve Henson]
-
- *) Modify the behaviour of EVP cipher functions in similar way to digests
- to retain compatibility with existing code.
- [Steve Henson]
-
- *) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain
- compatibility with existing code. In particular the 'ctx' parameter does
- not have to be to be initialized before the call to EVP_DigestInit() and
- it is tidied up after a call to EVP_DigestFinal(). New function
- EVP_DigestFinal_ex() which does not tidy up the ctx. Similarly function
- EVP_MD_CTX_copy() changed to not require the destination to be
- initialized valid and new function EVP_MD_CTX_copy_ex() added which
- requires the destination to be valid.
-
- Modify all the OpenSSL digest calls to use EVP_DigestInit_ex(),
- EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex().
- [Steve Henson]
-
- *) Change ssl3_get_message (ssl/s3_both.c) and the functions using it
- so that complete 'Handshake' protocol structures are kept in memory
- instead of overwriting 'msg_type' and 'length' with 'body' data.
- [Bodo Moeller]
-
- *) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32.
- [Massimo Santin via Richard Levitte]
-
- *) Major restructuring to the underlying ENGINE code. This includes
- reduction of linker bloat, separation of pure "ENGINE" manipulation
- (initialisation, etc) from functionality dealing with implementations
- of specific crypto iterfaces. This change also introduces integrated
- support for symmetric ciphers and digest implementations - so ENGINEs
- can now accelerate these by providing EVP_CIPHER and EVP_MD
- implementations of their own. This is detailed in crypto/engine/README
- as it couldn't be adequately described here. However, there are a few
- API changes worth noting - some RSA, DSA, DH, and RAND functions that
- were changed in the original introduction of ENGINE code have now
- reverted back - the hooking from this code to ENGINE is now a good
- deal more passive and at run-time, operations deal directly with
- RSA_METHODs, DSA_METHODs (etc) as they did before, rather than
- dereferencing through an ENGINE pointer any more. Also, the ENGINE
- functions dealing with BN_MOD_EXP[_CRT] handlers have been removed -
- they were not being used by the framework as there is no concept of a
- BIGNUM_METHOD and they could not be generalised to the new
- 'ENGINE_TABLE' mechanism that underlies the new code. Similarly,
- ENGINE_cpy() has been removed as it cannot be consistently defined in
- the new code.
- [Geoff Thorpe]
-
- *) Change ASN1_GENERALIZEDTIME_check() to allow fractional seconds.
- [Steve Henson]
-
- *) Change mkdef.pl to sort symbols that get the same entry number,
- and make sure the automatically generated functions ERR_load_*
- become part of libeay.num as well.
- [Richard Levitte]
-
- *) New function SSL_renegotiate_pending(). This returns true once
- renegotiation has been requested (either SSL_renegotiate() call
- or HelloRequest/ClientHello receveived from the peer) and becomes
- false once a handshake has been completed.
- (For servers, SSL_renegotiate() followed by SSL_do_handshake()
- sends a HelloRequest, but does not ensure that a handshake takes
- place. SSL_renegotiate_pending() is useful for checking if the
- client has followed the request.)
- [Bodo Moeller]
-
- *) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
- By default, clients may request session resumption even during
- renegotiation (if session ID contexts permit); with this option,
- session resumption is possible only in the first handshake.
-
- SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL. This makes
- more bits available for options that should not be part of
- SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
- [Bodo Moeller]
-
- *) Add some demos for certificate and certificate request creation.
- [Steve Henson]
-
- *) Make maximum certificate chain size accepted from the peer application
- settable (SSL*_get/set_max_cert_list()), as proposed by
- "Douglas E. Engert" <deengert at anl.gov>.
- [Lutz Jaenicke]
-
- *) Add support for shared libraries for Unixware-7
- (Boyd Lynn Gerber <gerberb at zenez.com>).
- [Lutz Jaenicke]
-
- *) Add a "destroy" handler to ENGINEs that allows structural cleanup to
- be done prior to destruction. Use this to unload error strings from
- ENGINEs that load their own error strings. NB: This adds two new API
- functions to "get" and "set" this destroy handler in an ENGINE.
- [Geoff Thorpe]
-
- *) Alter all existing ENGINE implementations (except "openssl" and
- "openbsd") to dynamically instantiate their own error strings. This
- makes them more flexible to be built both as statically-linked ENGINEs
- and self-contained shared-libraries loadable via the "dynamic" ENGINE.
- Also, add stub code to each that makes building them as self-contained
- shared-libraries easier (see README.ENGINE).
- [Geoff Thorpe]
-
- *) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE
- implementations into applications that are completely implemented in
- self-contained shared-libraries. The "dynamic" ENGINE exposes control
- commands that can be used to configure what shared-library to load and
- to control aspects of the way it is handled. Also, made an update to
- the README.ENGINE file that brings its information up-to-date and
- provides some information and instructions on the "dynamic" ENGINE
- (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc).
- [Geoff Thorpe]
-
- *) Make it possible to unload ranges of ERR strings with a new
- "ERR_unload_strings" function.
- [Geoff Thorpe]
-
- *) Add a copy() function to EVP_MD.
- [Ben Laurie]
-
- *) Make EVP_MD routines take a context pointer instead of just the
- md_data void pointer.
- [Ben Laurie]
-
- *) Add flags to EVP_MD and EVP_MD_CTX. EVP_MD_FLAG_ONESHOT indicates
- that the digest can only process a single chunk of data
- (typically because it is provided by a piece of
- hardware). EVP_MD_CTX_FLAG_ONESHOT indicates that the application
- is only going to provide a single chunk of data, and hence the
- framework needn't accumulate the data for oneshot drivers.
- [Ben Laurie]
-
- *) As with "ERR", make it possible to replace the underlying "ex_data"
- functions. This change also alters the storage and management of global
- ex_data state - it's now all inside ex_data.c and all "class" code (eg.
- RSA, BIO, SSL_CTX, etc) no longer stores its own STACKS and per-class
- index counters. The API functions that use this state have been changed
- to take a "class_index" rather than pointers to the class's local STACK
- and counter, and there is now an API function to dynamically create new
- classes. This centralisation allows us to (a) plug a lot of the
- thread-safety problems that existed, and (b) makes it possible to clean
- up all allocated state using "CRYPTO_cleanup_all_ex_data()". W.r.t. (b)
- such data would previously have always leaked in application code and
- workarounds were in place to make the memory debugging turn a blind eye
- to it. Application code that doesn't use this new function will still
- leak as before, but their memory debugging output will announce it now
- rather than letting it slide.
-
- Besides the addition of CRYPTO_cleanup_all_ex_data(), another API change
- induced by the "ex_data" overhaul is that X509_STORE_CTX_init() now
- has a return value to indicate success or failure.
- [Geoff Thorpe]
-
- *) Make it possible to replace the underlying "ERR" functions such that the
- global state (2 LHASH tables and 2 locks) is only used by the "default"
- implementation. This change also adds two functions to "get" and "set"
- the implementation prior to it being automatically set the first time
- any other ERR function takes place. Ie. an application can call "get",
- pass the return value to a module it has just loaded, and that module
- can call its own "set" function using that value. This means the
- module's "ERR" operations will use (and modify) the error state in the
- application and not in its own statically linked copy of OpenSSL code.
- [Geoff Thorpe]
-
- *) Give DH, DSA, and RSA types their own "**_up_ref()" function to increment
- reference counts. This performs normal REF_PRINT/REF_CHECK macros on
- the operation, and provides a more encapsulated way for external code
- (crypto/evp/ and ssl/) to do this. Also changed the evp and ssl code
- to use these functions rather than manually incrementing the counts.
-
- Also rename "DSO_up()" function to more descriptive "DSO_up_ref()".
- [Geoff Thorpe]
-
- *) Add EVP test program.
- [Ben Laurie]
-
- *) Add symmetric cipher support to ENGINE. Expect the API to change!
- [Ben Laurie]
-
- *) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name()
- X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(),
- X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate().
- These allow a CRL to be built without having to access X509_CRL fields
- directly. Modify 'ca' application to use new functions.
- [Steve Henson]
-
- *) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended
- bug workarounds. Rollback attack detection is a security feature.
- The problem will only arise on OpenSSL servers when TLSv1 is not
- available (sslv3_server_method() or SSL_OP_NO_TLSv1).
- Software authors not wanting to support TLSv1 will have special reasons
- for their choice and can explicitly enable this option.
- [Bodo Moeller, Lutz Jaenicke]
-
- *) Rationalise EVP so it can be extended: don't include a union of
- cipher/digest structures, add init/cleanup functions for EVP_MD_CTX
- (similar to those existing for EVP_CIPHER_CTX).
- Usage example:
-
- EVP_MD_CTX md;
-
- EVP_MD_CTX_init(&md); /* new function call */
- EVP_DigestInit(&md, EVP_sha1());
- EVP_DigestUpdate(&md, in, len);
- EVP_DigestFinal(&md, out, NULL);
- EVP_MD_CTX_cleanup(&md); /* new function call */
-
- [Ben Laurie]
-
- *) Make DES key schedule conform to the usual scheme, as well as
- correcting its structure. This means that calls to DES functions
- now have to pass a pointer to a des_key_schedule instead of a
- plain des_key_schedule (which was actually always a pointer
- anyway): E.g.,
-
- des_key_schedule ks;
-
- des_set_key_checked(..., &ks);
- des_ncbc_encrypt(..., &ks, ...);
-
- (Note that a later change renames 'des_...' into 'DES_...'.)
- [Ben Laurie]
-
- *) Initial reduction of linker bloat: the use of some functions, such as
- PEM causes large amounts of unused functions to be linked in due to
- poor organisation. For example pem_all.c contains every PEM function
- which has a knock on effect of linking in large amounts of (unused)
- ASN1 code. Grouping together similar functions and splitting unrelated
- functions prevents this.
- [Steve Henson]
-
- *) Cleanup of EVP macros.
- [Ben Laurie]
-
- *) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the
- correct _ecb suffix.
- [Ben Laurie]
-
- *) Add initial OCSP responder support to ocsp application. The
- revocation information is handled using the text based index
- use by the ca application. The responder can either handle
- requests generated internally, supplied in files (for example
- via a CGI script) or using an internal minimal server.
- [Steve Henson]
-
- *) Add configuration choices to get zlib compression for TLS.
- [Richard Levitte]
-
- *) Changes to Kerberos SSL for RFC 2712 compliance:
- 1. Implemented real KerberosWrapper, instead of just using
- KRB5 AP_REQ message. [Thanks to Simon Wilkinson <sxw at sxw.org.uk>]
- 2. Implemented optional authenticator field of KerberosWrapper.
-
- Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,
- and authenticator structs; see crypto/krb5/.
-
- Generalized Kerberos calls to support multiple Kerberos libraries.
- [Vern Staats <staatsvr at asc.hpc.mil>,
- Jeffrey Altman <jaltman at columbia.edu>
- via Richard Levitte]
-
- *) Cause 'openssl speed' to use fully hard-coded DSA keys as it
- already does with RSA. testdsa.h now has 'priv_key/pub_key'
- values for each of the key sizes rather than having just
- parameters (and 'speed' generating keys each time).
- [Geoff Thorpe]
-
- *) Speed up EVP routines.
- Before:
-encrypt
-type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
-des-cbc 4408.85k 5560.51k 5778.46k 5862.20k 5825.16k
-des-cbc 4389.55k 5571.17k 5792.23k 5846.91k 5832.11k
-des-cbc 4394.32k 5575.92k 5807.44k 5848.37k 5841.30k
-decrypt
-des-cbc 3482.66k 5069.49k 5496.39k 5614.16k 5639.28k
-des-cbc 3480.74k 5068.76k 5510.34k 5609.87k 5635.52k
-des-cbc 3483.72k 5067.62k 5504.60k 5708.01k 5724.80k
- After:
-encrypt
-des-cbc 4660.16k 5650.19k 5807.19k 5827.13k 5783.32k
-decrypt
-des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
- [Ben Laurie]
-
- *) Added the OS2-EMX target.
- ["Brian Havard" <brianh at kheldar.apana.org.au> and Richard Levitte]
-
- *) Rewrite apps to use NCONF routines instead of the old CONF. New functions
- to support NCONF routines in extension code. New function CONF_set_nconf()
- to allow functions which take an NCONF to also handle the old LHASH
- structure: this means that the old CONF compatible routines can be
- retained (in particular wrt extensions) without having to duplicate the
- code. New function X509V3_add_ext_nconf_sk to add extensions to a stack.
- [Steve Henson]
-
- *) Enhance the general user interface with mechanisms for inner control
- and with possibilities to have yes/no kind of prompts.
- [Richard Levitte]
-
- *) Change all calls to low level digest routines in the library and
- applications to use EVP. Add missing calls to HMAC_cleanup() and
- don't assume HMAC_CTX can be copied using memcpy().
- [Verdon Walker <VWalker at novell.com>, Steve Henson]
-
- *) Add the possibility to control engines through control names but with
- arbitrary arguments instead of just a string.
- Change the key loaders to take a UI_METHOD instead of a callback
- function pointer. NOTE: this breaks binary compatibility with earlier
- versions of OpenSSL [engine].
- Adapt the nCipher code for these new conditions and add a card insertion
- callback.
- [Richard Levitte]
-
- *) Enhance the general user interface with mechanisms to better support
- dialog box interfaces, application-defined prompts, the possibility
- to use defaults (for example default passwords from somewhere else)
- and interrupts/cancellations.
- [Richard Levitte]
-
- *) Tidy up PKCS#12 attribute handling. Add support for the CSP name
- attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
- [Steve Henson]
-
- *) Fix a memory leak in 'sk_dup()' in the case reallocation fails. (Also
- tidy up some unnecessarily weird code in 'sk_new()').
- [Geoff, reported by Diego Tartara <dtartara at novamens.com>]
-
- *) Change the key loading routines for ENGINEs to use the same kind
- callback (pem_password_cb) as all other routines that need this
- kind of callback.
- [Richard Levitte]
-
- *) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with
- 256 bit (=32 byte) keys. Of course seeding with more entropy bytes
- than this minimum value is recommended.
- [Lutz Jaenicke]
-
- *) New random seeder for OpenVMS, using the system process statistics
- that are easily reachable.
- [Richard Levitte]
-
- *) Windows apparently can't transparently handle global
- variables defined in DLLs. Initialisations such as:
-
- const ASN1_ITEM *it = &ASN1_INTEGER_it;
-
- wont compile. This is used by the any applications that need to
- declare their own ASN1 modules. This was fixed by adding the option
- EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly
- needed for static libraries under Win32.
- [Steve Henson]
-
- *) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle
- setting of purpose and trust fields. New X509_STORE trust and
- purpose functions and tidy up setting in other SSL functions.
- [Steve Henson]
-
- *) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE
- structure. These are inherited by X509_STORE_CTX when it is
- initialised. This allows various defaults to be set in the
- X509_STORE structure (such as flags for CRL checking and custom
- purpose or trust settings) for functions which only use X509_STORE_CTX
- internally such as S/MIME.
-
- Modify X509_STORE_CTX_purpose_inherit() so it only sets purposes and
- trust settings if they are not set in X509_STORE. This allows X509_STORE
- purposes and trust (in S/MIME for example) to override any set by default.
-
- Add command line options for CRL checking to smime, s_client and s_server
- applications.
- [Steve Henson]
-
- *) Initial CRL based revocation checking. If the CRL checking flag(s)
- are set then the CRL is looked up in the X509_STORE structure and
- its validity and signature checked, then if the certificate is found
- in the CRL the verify fails with a revoked error.
-
- Various new CRL related callbacks added to X509_STORE_CTX structure.
-
- Command line options added to 'verify' application to support this.
-
- This needs some additional work, such as being able to handle multiple
- CRLs with different times, extension based lookup (rather than just
- by subject name) and ultimately more complete V2 CRL extension
- handling.
- [Steve Henson]
-
- *) Add a general user interface API (crypto/ui/). This is designed
- to replace things like des_read_password and friends (backward
- compatibility functions using this new API are provided).
- The purpose is to remove prompting functions from the DES code
- section as well as provide for prompting through dialog boxes in
- a window system and the like.
- [Richard Levitte]
-
- *) Add "ex_data" support to ENGINE so implementations can add state at a
- per-structure level rather than having to store it globally.
- [Geoff]
-
- *) Make it possible for ENGINE structures to be copied when retrieved by
- ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY.
- This causes the "original" ENGINE structure to act like a template,
- analogous to the RSA vs. RSA_METHOD type of separation. Because of this
- operational state can be localised to each ENGINE structure, despite the
- fact they all share the same "methods". New ENGINE structures returned in
- this case have no functional references and the return value is the single
- structural reference. This matches the single structural reference returned
- by ENGINE_by_id() normally, when it is incremented on the pre-existing
- ENGINE structure.
- [Geoff]
-
- *) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this
- needs to match any other type at all we need to manually clear the
- tag cache.
- [Steve Henson]
-
- *) Changes to the "openssl engine" utility to include;
- - verbosity levels ('-v', '-vv', and '-vvv') that provide information
- about an ENGINE's available control commands.
- - executing control commands from command line arguments using the
- '-pre' and '-post' switches. '-post' is only used if '-t' is
- specified and the ENGINE is successfully initialised. The syntax for
- the individual commands are colon-separated, for example;
- openssl engine chil -pre FORK_CHECK:0 -pre SO_PATH:/lib/test.so
- [Geoff]
-
- *) New dynamic control command support for ENGINEs. ENGINEs can now
- declare their own commands (numbers), names (strings), descriptions,
- and input types for run-time discovery by calling applications. A
- subset of these commands are implicitly classed as "executable"
- depending on their input type, and only these can be invoked through
- the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this
- can be based on user input, config files, etc). The distinction is
- that "executable" commands cannot return anything other than a boolean
- result and can only support numeric or string input, whereas some
- discoverable commands may only be for direct use through
- ENGINE_ctrl(), eg. supporting the exchange of binary data, function
- pointers, or other custom uses. The "executable" commands are to
- support parameterisations of ENGINE behaviour that can be
- unambiguously defined by ENGINEs and used consistently across any
- OpenSSL-based application. Commands have been added to all the
- existing hardware-supporting ENGINEs, noticeably "SO_PATH" to allow
- control over shared-library paths without source code alterations.
- [Geoff]
-
- *) Changed all ENGINE implementations to dynamically allocate their
- ENGINEs rather than declaring them statically. Apart from this being
- necessary with the removal of the ENGINE_FLAGS_MALLOCED distinction,
- this also allows the implementations to compile without using the
- internal engine_int.h header.
- [Geoff]
-
- *) Minor adjustment to "rand" code. RAND_get_rand_method() now returns a
- 'const' value. Any code that should be able to modify a RAND_METHOD
- should already have non-const pointers to it (ie. they should only
- modify their own ones).
- [Geoff]
-
- *) Made a variety of little tweaks to the ENGINE code.
- - "atalla" and "ubsec" string definitions were moved from header files
- to C code. "nuron" string definitions were placed in variables
- rather than hard-coded - allowing parameterisation of these values
- later on via ctrl() commands.
- - Removed unused "#if 0"'d code.
- - Fixed engine list iteration code so it uses ENGINE_free() to release
- structural references.
- - Constified the RAND_METHOD element of ENGINE structures.
- - Constified various get/set functions as appropriate and added
- missing functions (including a catch-all ENGINE_cpy that duplicates
- all ENGINE values onto a new ENGINE except reference counts/state).
- - Removed NULL parameter checks in get/set functions. Setting a method
- or function to NULL is a way of cancelling out a previously set
- value. Passing a NULL ENGINE parameter is just plain stupid anyway
- and doesn't justify the extra error symbols and code.
- - Deprecate the ENGINE_FLAGS_MALLOCED define and move the area for
- flags from engine_int.h to engine.h.
- - Changed prototypes for ENGINE handler functions (init(), finish(),
- ctrl(), key-load functions, etc) to take an (ENGINE*) parameter.
- [Geoff]
-
- *) Implement binary inversion algorithm for BN_mod_inverse in addition
- to the algorithm using long division. The binary algorithm can be
- used only if the modulus is odd. On 32-bit systems, it is faster
- only for relatively small moduli (roughly 20-30% for 128-bit moduli,
- roughly 5-15% for 256-bit moduli), so we use it only for moduli
- up to 450 bits. In 64-bit environments, the binary algorithm
- appears to be advantageous for much longer moduli; here we use it
- for moduli up to 2048 bits.
- [Bodo Moeller]
-
- *) Rewrite CHOICE field setting in ASN1_item_ex_d2i(). The old code
- could not support the combine flag in choice fields.
- [Steve Henson]
-
- *) Add a 'copy_extensions' option to the 'ca' utility. This copies
- extensions from a certificate request to the certificate.
- [Steve Henson]
-
- *) Allow multiple 'certopt' and 'nameopt' options to be separated
- by commas. Add 'namopt' and 'certopt' options to the 'ca' config
- file: this allows the display of the certificate about to be
- signed to be customised, to allow certain fields to be included
- or excluded and extension details. The old system didn't display
- multicharacter strings properly, omitted fields not in the policy
- and couldn't display additional details such as extensions.
- [Steve Henson]
-
- *) Function EC_POINTs_mul for multiple scalar multiplication
- of an arbitrary number of elliptic curve points
- \sum scalars[i]*points[i],
- optionally including the generator defined for the EC_GROUP:
- scalar*generator + \sum scalars[i]*points[i].
-
- EC_POINT_mul is a simple wrapper function for the typical case
- that the point list has just one item (besides the optional
- generator).
- [Bodo Moeller]
-
- *) First EC_METHODs for curves over GF(p):
-
- EC_GFp_simple_method() uses the basic BN_mod_mul and BN_mod_sqr
- operations and provides various method functions that can also
- operate with faster implementations of modular arithmetic.
-
- EC_GFp_mont_method() reuses most functions that are part of
- EC_GFp_simple_method, but uses Montgomery arithmetic.
-
- [Bodo Moeller; point addition and point doubling
- implementation directly derived from source code provided by
- Lenka Fibikova <fibikova at exp-math.uni-essen.de>]
-
- *) Framework for elliptic curves (crypto/ec/ec.h, crypto/ec/ec_lcl.h,
- crypto/ec/ec_lib.c):
-
- Curves are EC_GROUP objects (with an optional group generator)
- based on EC_METHODs that are built into the library.
-
- Points are EC_POINT objects based on EC_GROUP objects.
-
- Most of the framework would be able to handle curves over arbitrary
- finite fields, but as there are no obvious types for fields other
- than GF(p), some functions are limited to that for now.
- [Bodo Moeller]
-
- *) Add the -HTTP option to s_server. It is similar to -WWW, but requires
- that the file contains a complete HTTP response.
- [Richard Levitte]
-
- *) Add the ec directory to mkdef.pl and mkfiles.pl. In mkdef.pl
- change the def and num file printf format specifier from "%-40sXXX"
- to "%-39s XXX". The latter will always guarantee a space after the
- field while the former will cause them to run together if the field
- is 40 of more characters long.
- [Steve Henson]
-
- *) Constify the cipher and digest 'method' functions and structures
- and modify related functions to take constant EVP_MD and EVP_CIPHER
- pointers.
- [Steve Henson]
-
- *) Hide BN_CTX structure details in bn_lcl.h instead of publishing them
- in <openssl/bn.h>. Also further increase BN_CTX_NUM to 32.
- [Bodo Moeller]
-
- *) Modify EVP_Digest*() routines so they now return values. Although the
- internal software routines can never fail additional hardware versions
- might.
- [Steve Henson]
-
- *) Clean up crypto/err/err.h and change some error codes to avoid conflicts:
-
- Previously ERR_R_FATAL was too small and coincided with ERR_LIB_PKCS7
- (= ERR_R_PKCS7_LIB); it is now 64 instead of 32.
-
- ASN1 error codes
- ERR_R_NESTED_ASN1_ERROR
- ...
- ERR_R_MISSING_ASN1_EOS
- were 4 .. 9, conflicting with
- ERR_LIB_RSA (= ERR_R_RSA_LIB)
- ...
- ERR_LIB_PEM (= ERR_R_PEM_LIB).
- They are now 58 .. 63 (i.e., just below ERR_R_FATAL).
-
- Add new error code 'ERR_R_INTERNAL_ERROR'.
- [Bodo Moeller]
-
- *) Don't overuse locks in crypto/err/err.c: For data retrieval, CRYPTO_r_lock
- suffices.
- [Bodo Moeller]
-
- *) New option '-subj arg' for 'openssl req' and 'openssl ca'. This
- sets the subject name for a new request or supersedes the
- subject name in a given request. Formats that can be parsed are
- 'CN=Some Name, OU=myOU, C=IT'
- and
- 'CN=Some Name/OU=myOU/C=IT'.
-
- Add options '-batch' and '-verbose' to 'openssl req'.
- [Massimiliano Pala <madwolf at hackmasters.net>]
-
- *) Introduce the possibility to access global variables through
- functions on platform were that's the best way to handle exporting
- global variables in shared libraries. To enable this functionality,
- one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
- "OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
- is normally done by Configure or something similar).
-
- To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
- in the source file (foo.c) like this:
-
- OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
- OPENSSL_IMPLEMENT_GLOBAL(double,bar);
-
- To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
- and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:
-
- OPENSSL_DECLARE_GLOBAL(int,foo);
- #define foo OPENSSL_GLOBAL_REF(foo)
- OPENSSL_DECLARE_GLOBAL(double,bar);
- #define bar OPENSSL_GLOBAL_REF(bar)
-
- The #defines are very important, and therefore so is including the
- header file everywhere where the defined globals are used.
-
- The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
- of ASN.1 items, but that structure is a bit different.
-
- The largest change is in util/mkdef.pl which has been enhanced with
- better and easier to understand logic to choose which symbols should
- go into the Windows .def files as well as a number of fixes and code
- cleanup (among others, algorithm keywords are now sorted
- lexicographically to avoid constant rewrites).
- [Richard Levitte]
-
- *) In BN_div() keep a copy of the sign of 'num' before writing the
- result to 'rm' because if rm==num the value will be overwritten
- and produce the wrong result if 'num' is negative: this caused
- problems with BN_mod() and BN_nnmod().
- [Steve Henson]
-
- *) Function OCSP_request_verify(). This checks the signature on an
- OCSP request and verifies the signer certificate. The signer
- certificate is just checked for a generic purpose and OCSP request
- trust settings.
- [Steve Henson]
-
- *) Add OCSP_check_validity() function to check the validity of OCSP
- responses. OCSP responses are prepared in real time and may only
- be a few seconds old. Simply checking that the current time lies
- between thisUpdate and nextUpdate max reject otherwise valid responses
- caused by either OCSP responder or client clock inaccuracy. Instead
- we allow thisUpdate and nextUpdate to fall within a certain period of
- the current time. The age of the response can also optionally be
- checked. Two new options -validity_period and -status_age added to
- ocsp utility.
- [Steve Henson]
-
- *) If signature or public key algorithm is unrecognized print out its
- OID rather that just UNKNOWN.
- [Steve Henson]
-
- *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
- OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
- ID to be generated from the issuer certificate alone which can then be
- passed to OCSP_id_issuer_cmp().
- [Steve Henson]
-
- *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
- ASN1 modules to export functions returning ASN1_ITEM pointers
- instead of the ASN1_ITEM structures themselves. This adds several
- new macros which allow the underlying ASN1 function/structure to
- be accessed transparently. As a result code should not use ASN1_ITEM
- references directly (such as &X509_it) but instead use the relevant
- macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
- use of the new ASN1 code on platforms where exporting structures
- is problematical (for example in shared libraries) but exporting
- functions returning pointers to structures is not.
- [Steve Henson]
-
- *) Add support for overriding the generation of SSL/TLS session IDs.
- These callbacks can be registered either in an SSL_CTX or per SSL.
- The purpose of this is to allow applications to control, if they wish,
- the arbitrary values chosen for use as session IDs, particularly as it
- can be useful for session caching in multiple-server environments. A
- command-line switch for testing this (and any client code that wishes
- to use such a feature) has been added to "s_server".
- [Geoff Thorpe, Lutz Jaenicke]
-
- *) Modify mkdef.pl to recognise and parse preprocessor conditionals
- of the form '#if defined(...) || defined(...) || ...' and
- '#if !defined(...) && !defined(...) && ...'. This also avoids
- the growing number of special cases it was previously handling.
- [Richard Levitte]
-
- *) Make all configuration macros available for application by making
- sure they are available in opensslconf.h, by giving them names starting
- with "OPENSSL_" to avoid conflicts with other packages and by making
- sure e_os2.h will cover all platform-specific cases together with
- opensslconf.h.
- Additionally, it is now possible to define configuration/platform-
- specific names (called "system identities"). In the C code, these
- are prefixed with "OPENSSL_SYSNAME_". e_os2.h will create another
- macro with the name beginning with "OPENSSL_SYS_", which is determined
- from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on
- what is available.
- [Richard Levitte]
-
- *) New option -set_serial to 'req' and 'x509' this allows the serial
- number to use to be specified on the command line. Previously self
- signed certificates were hard coded with serial number 0 and the
- CA options of 'x509' had to use a serial number in a file which was
- auto incremented.
- [Steve Henson]
-
- *) New options to 'ca' utility to support V2 CRL entry extensions.
- Currently CRL reason, invalidity date and hold instruction are
- supported. Add new CRL extensions to V3 code and some new objects.
- [Steve Henson]
-
- *) New function EVP_CIPHER_CTX_set_padding() this is used to
- disable standard block padding (aka PKCS#5 padding) in the EVP
- API, which was previously mandatory. This means that the data is
- not padded in any way and so the total length much be a multiple
- of the block size, otherwise an error occurs.
- [Steve Henson]
-
- *) Initial (incomplete) OCSP SSL support.
- [Steve Henson]
-
- *) New function OCSP_parse_url(). This splits up a URL into its host,
- port and path components: primarily to parse OCSP URLs. New -url
- option to ocsp utility.
- [Steve Henson]
-
- *) New nonce behavior. The return value of OCSP_check_nonce() now
- reflects the various checks performed. Applications can decide
- whether to tolerate certain situations such as an absent nonce
- in a response when one was present in a request: the ocsp application
- just prints out a warning. New function OCSP_add1_basic_nonce()
- this is to allow responders to include a nonce in a response even if
- the request is nonce-less.
- [Steve Henson]
-
- *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are
- skipped when using openssl x509 multiple times on a single input file,
- e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs".
- [Bodo Moeller]
-
- *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
- set string type: to handle setting ASN1_TIME structures. Fix ca
- utility to correctly initialize revocation date of CRLs.
- [Steve Henson]
-
- *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
- the clients preferred ciphersuites and rather use its own preferences.
- Should help to work around M$ SGC (Server Gated Cryptography) bug in
- Internet Explorer by ensuring unchanged hash method during stepup.
- (Also replaces the broken/deactivated SSL_OP_NON_EXPORT_FIRST option.)
- [Lutz Jaenicke]
-
- *) Make mkdef.pl recognise all DECLARE_ASN1 macros, change rijndael
- to aes and add a new 'exist' option to print out symbols that don't
- appear to exist.
- [Steve Henson]
-
- *) Additional options to ocsp utility to allow flags to be set and
- additional certificates supplied.
- [Steve Henson]
-
- *) Add the option -VAfile to 'openssl ocsp', so the user can give the
- OCSP client a number of certificate to only verify the response
- signature against.
- [Richard Levitte]
-
- *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
- handle the new API. Currently only ECB, CBC modes supported. Add new
- AES OIDs.
-
- Add TLS AES ciphersuites as described in RFC3268, "Advanced
- Encryption Standard (AES) Ciphersuites for Transport Layer
- Security (TLS)". (In beta versions of OpenSSL 0.9.7, these were
- not enabled by default and were not part of the "ALL" ciphersuite
- alias because they were not yet official; they could be
- explicitly requested by specifying the "AESdraft" ciphersuite
- group alias. In the final release of OpenSSL 0.9.7, the group
- alias is called "AES" and is part of "ALL".)
- [Ben Laurie, Steve Henson, Bodo Moeller]
-
- *) New function OCSP_copy_nonce() to copy nonce value (if present) from
- request to response.
- [Steve Henson]
-
- *) Functions for OCSP responders. OCSP_request_onereq_count(),
- OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info()
- extract information from a certificate request. OCSP_response_create()
- creates a response and optionally adds a basic response structure.
- OCSP_basic_add1_status() adds a complete single response to a basic
- response and returns the OCSP_SINGLERESP structure just added (to allow
- extensions to be included for example). OCSP_basic_add1_cert() adds a
- certificate to a basic response and OCSP_basic_sign() signs a basic
- response with various flags. New helper functions ASN1_TIME_check()
- (checks validity of ASN1_TIME structure) and ASN1_TIME_to_generalizedtime()
- (converts ASN1_TIME to GeneralizedTime).
- [Steve Henson]
-
- *) Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
- in a single operation. X509_get0_pubkey_bitstr() extracts the public_key
- structure from a certificate. X509_pubkey_digest() digests the public_key
- contents: this is used in various key identifiers.
- [Steve Henson]
-
- *) Make sk_sort() tolerate a NULL argument.
- [Steve Henson reported by Massimiliano Pala <madwolf at comune.modena.it>]
-
- *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates
- passed by the function are trusted implicitly. If any of them signed the
- response then it is assumed to be valid and is not verified.
- [Steve Henson]
-
- *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
- to data. This was previously part of the PKCS7 ASN1 code. This
- was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.
- [Steve Henson, reported by Kenneth R. Robinette
- <support at securenetterm.com>]
-
- *) Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1
- routines: without these tracing memory leaks is very painful.
- Fix leaks in PKCS12 and PKCS7 routines.
- [Steve Henson]
-
- *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
- Previously it initialised the 'type' argument to V_ASN1_UTCTIME which
- effectively meant GeneralizedTime would never be used. Now it
- is initialised to -1 but X509_time_adj() now has to check the value
- and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or
- V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime.
- [Steve Henson, reported by Kenneth R. Robinette
- <support at securenetterm.com>]
-
- *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously
- result in a zero length in the ASN1_INTEGER structure which was
- not consistent with the structure when d2i_ASN1_INTEGER() was used
- and would cause ASN1_INTEGER_cmp() to fail. Enhance s2i_ASN1_INTEGER()
- to cope with hex and negative integers. Fix bug in i2a_ASN1_INTEGER()
- where it did not print out a minus for negative ASN1_INTEGER.
- [Steve Henson]
-
- *) Add summary printout to ocsp utility. The various functions which
- convert status values to strings have been renamed to:
- OCSP_response_status_str(), OCSP_cert_status_str() and
- OCSP_crl_reason_str() and are no longer static. New options
- to verify nonce values and to disable verification. OCSP response
- printout format cleaned up.
- [Steve Henson]
-
- *) Add additional OCSP certificate checks. These are those specified
- in RFC2560. This consists of two separate checks: the CA of the
- certificate being checked must either be the OCSP signer certificate
- or the issuer of the OCSP signer certificate. In the latter case the
- OCSP signer certificate must contain the OCSP signing extended key
- usage. This check is performed by attempting to match the OCSP
- signer or the OCSP signer CA to the issuerNameHash and issuerKeyHash
- in the OCSP_CERTID structures of the response.
- [Steve Henson]
-
- *) Initial OCSP certificate verification added to OCSP_basic_verify()
- and related routines. This uses the standard OpenSSL certificate
- verify routines to perform initial checks (just CA validity) and
- to obtain the certificate chain. Then additional checks will be
- performed on the chain. Currently the root CA is checked to see
- if it is explicitly trusted for OCSP signing. This is used to set
- a root CA as a global signing root: that is any certificate that
- chains to that CA is an acceptable OCSP signing certificate.
- [Steve Henson]
-
- *) New '-extfile ...' option to 'openssl ca' for reading X.509v3
- extensions from a separate configuration file.
- As when reading extensions from the main configuration file,
- the '-extensions ...' option may be used for specifying the
- section to use.
- [Massimiliano Pala <madwolf at comune.modena.it>]
-
- *) New OCSP utility. Allows OCSP requests to be generated or
- read. The request can be sent to a responder and the output
- parsed, outputed or printed in text form. Not complete yet:
- still needs to check the OCSP response validity.
- [Steve Henson]
-
- *) New subcommands for 'openssl ca':
- 'openssl ca -status <serial>' prints the status of the cert with
- the given serial number (according to the index file).
- 'openssl ca -updatedb' updates the expiry status of certificates
- in the index file.
- [Massimiliano Pala <madwolf at comune.modena.it>]
-
- *) New '-newreq-nodes' command option to CA.pl. This is like
- '-newreq', but calls 'openssl req' with the '-nodes' option
- so that the resulting key is not encrypted.
- [Damien Miller <djm at mindrot.org>]
-
- *) New configuration for the GNU Hurd.
- [Jonathan Bartlett <johnnyb at wolfram.com> via Richard Levitte]
-
- *) Initial code to implement OCSP basic response verify. This
- is currently incomplete. Currently just finds the signer's
- certificate and verifies the signature on the response.
- [Steve Henson]
-
- *) New SSLeay_version code SSLEAY_DIR to determine the compiled-in
- value of OPENSSLDIR. This is available via the new '-d' option
- to 'openssl version', and is also included in 'openssl version -a'.
- [Bodo Moeller]
-
- *) Allowing defining memory allocation callbacks that will be given
- file name and line number information in additional arguments
- (a const char* and an int). The basic functionality remains, as
- well as the original possibility to just replace malloc(),
- realloc() and free() by functions that do not know about these
- additional arguments. To register and find out the current
- settings for extended allocation functions, the following
- functions are provided:
-
- CRYPTO_set_mem_ex_functions
- CRYPTO_set_locked_mem_ex_functions
- CRYPTO_get_mem_ex_functions
- CRYPTO_get_locked_mem_ex_functions
-
- These work the same way as CRYPTO_set_mem_functions and friends.
- CRYPTO_get_[locked_]mem_functions now writes 0 where such an
- extended allocation function is enabled.
- Similarly, CRYPTO_get_[locked_]mem_ex_functions writes 0 where
- a conventional allocation function is enabled.
- [Richard Levitte, Bodo Moeller]
-
- *) Finish off removing the remaining LHASH function pointer casts.
- There should no longer be any prototype-casting required when using
- the LHASH abstraction, and any casts that remain are "bugs". See
- the callback types and macros at the head of lhash.h for details
- (and "OBJ_cleanup" in crypto/objects/obj_dat.c as an example).
- [Geoff Thorpe]
-
- *) Add automatic query of EGD sockets in RAND_poll() for the unix variant.
- If /dev/[u]random devices are not available or do not return enough
- entropy, EGD style sockets (served by EGD or PRNGD) will automatically
- be queried.
- The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and
- /etc/entropy will be queried once each in this sequence, quering stops
- when enough entropy was collected without querying more sockets.
- [Lutz Jaenicke]
-
- *) Change the Unix RAND_poll() variant to be able to poll several
- random devices, as specified by DEVRANDOM, until a sufficient amount
- of data has been collected. We spend at most 10 ms on each file
- (select timeout) and read in non-blocking mode. DEVRANDOM now
- defaults to the list "/dev/urandom", "/dev/random", "/dev/srandom"
- (previously it was just the string "/dev/urandom"), so on typical
- platforms the 10 ms delay will never occur.
- Also separate out the Unix variant to its own file, rand_unix.c.
- For VMS, there's a currently-empty rand_vms.c.
- [Richard Levitte]
-
- *) Move OCSP client related routines to ocsp_cl.c. These
- provide utility functions which an application needing
- to issue a request to an OCSP responder and analyse the
- response will typically need: as opposed to those which an
- OCSP responder itself would need which will be added later.
-
- OCSP_request_sign() signs an OCSP request with an API similar
- to PKCS7_sign(). OCSP_response_status() returns status of OCSP
- response. OCSP_response_get1_basic() extracts basic response
- from response. OCSP_resp_find_status(): finds and extracts status
- information from an OCSP_CERTID structure (which will be created
- when the request structure is built). These are built from lower
- level functions which work on OCSP_SINGLERESP structures but
- wont normally be used unless the application wishes to examine
- extensions in the OCSP response for example.
-
- Replace nonce routines with a pair of functions.
- OCSP_request_add1_nonce() adds a nonce value and optionally
- generates a random value. OCSP_check_nonce() checks the
- validity of the nonce in an OCSP response.
- [Steve Henson]
-
- *) Change function OCSP_request_add() to OCSP_request_add0_id().
- This doesn't copy the supplied OCSP_CERTID and avoids the
- need to free up the newly created id. Change return type
- to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure.
- This can then be used to add extensions to the request.
- Deleted OCSP_request_new(), since most of its functionality
- is now in OCSP_REQUEST_new() (and the case insensitive name
- clash) apart from the ability to set the request name which
- will be added elsewhere.
- [Steve Henson]
-
- *) Update OCSP API. Remove obsolete extensions argument from
- various functions. Extensions are now handled using the new
- OCSP extension code. New simple OCSP HTTP function which
- can be used to send requests and parse the response.
- [Steve Henson]
-
- *) Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new
- ASN1_ITEM structures help with sign and verify. PKCS7_ATTR_SIGN
- uses the special reorder version of SET OF to sort the attributes
- and reorder them to match the encoded order. This resolves a long
- standing problem: a verify on a PKCS7 structure just after signing
- it used to fail because the attribute order did not match the
- encoded order. PKCS7_ATTR_VERIFY does not reorder the attributes:
- it uses the received order. This is necessary to tolerate some broken
- software that does not order SET OF. This is handled by encoding
- as a SEQUENCE OF but using implicit tagging (with UNIVERSAL class)
- to produce the required SET OF.
- [Steve Henson]
-
- *) Have mk1mf.pl generate the macros OPENSSL_BUILD_SHLIBCRYPTO and
- OPENSSL_BUILD_SHLIBSSL and use them appropriately in the header
- files to get correct declarations of the ASN.1 item variables.
- [Richard Levitte]
-
- *) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
- PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs:
- asn1_check_tlen() would sometimes attempt to use 'ctx' when it was
- NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i().
- New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant
- ASN1_ITEM and no wrapper functions.
- [Steve Henson]
-
- *) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These
- replace the old function pointer based I/O routines. Change most of
- the *_d2i_bio() and *_d2i_fp() functions to use these.
- [Steve Henson]
-
- *) Enhance mkdef.pl to be more accepting about spacing in C preprocessor
- lines, recognice more "algorithms" that can be deselected, and make
- it complain about algorithm deselection that isn't recognised.
- [Richard Levitte]
-
- *) New ASN1 functions to handle dup, sign, verify, digest, pack and
- unpack operations in terms of ASN1_ITEM. Modify existing wrappers
- to use new functions. Add NO_ASN1_OLD which can be set to remove
- some old style ASN1 functions: this can be used to determine if old
- code will still work when these eventually go away.
- [Steve Henson]
-
- *) New extension functions for OCSP structures, these follow the
- same conventions as certificates and CRLs.
- [Steve Henson]
-
- *) New function X509V3_add1_i2d(). This automatically encodes and
- adds an extension. Its behaviour can be customised with various
- flags to append, replace or delete. Various wrappers added for
- certifcates and CRLs.
- [Steve Henson]
-
- *) Fix to avoid calling the underlying ASN1 print routine when
- an extension cannot be parsed. Correct a typo in the
- OCSP_SERVICELOC extension. Tidy up print OCSP format.
- [Steve Henson]
-
- *) Make mkdef.pl parse some of the ASN1 macros and add apropriate
- entries for variables.
- [Steve Henson]
-
- *) Add functionality to apps/openssl.c for detecting locking
- problems: As the program is single-threaded, all we have
- to do is register a locking callback using an array for
- storing which locks are currently held by the program.
- [Bodo Moeller]
-
- *) Use a lock around the call to CRYPTO_get_ex_new_index() in
- SSL_get_ex_data_X509_STORE_idx(), which is used in
- ssl_verify_cert_chain() and thus can be called at any time
- during TLS/SSL handshakes so that thread-safety is essential.
- Unfortunately, the ex_data design is not at all suited
- for multi-threaded use, so it probably should be abolished.
- [Bodo Moeller]
-
- *) Added Broadcom "ubsec" ENGINE to OpenSSL.
- [Broadcom, tweaked and integrated by Geoff Thorpe]
-
- *) Move common extension printing code to new function
- X509V3_print_extensions(). Reorganise OCSP print routines and
- implement some needed OCSP ASN1 functions. Add OCSP extensions.
- [Steve Henson]
-
- *) New function X509_signature_print() to remove duplication in some
- print routines.
- [Steve Henson]
-
- *) Add a special meaning when SET OF and SEQUENCE OF flags are both
- set (this was treated exactly the same as SET OF previously). This
- is used to reorder the STACK representing the structure to match the
- encoding. This will be used to get round a problem where a PKCS7
- structure which was signed could not be verified because the STACK
- order did not reflect the encoded order.
- [Steve Henson]
-
- *) Reimplement the OCSP ASN1 module using the new code.
- [Steve Henson]
-
- *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
- for its ASN1 operations. The old style function pointers still exist
- for now but they will eventually go away.
- [Steve Henson]
-
- *) Merge in replacement ASN1 code from the ASN1 branch. This almost
- completely replaces the old ASN1 functionality with a table driven
- encoder and decoder which interprets an ASN1_ITEM structure describing
- the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is
- largely maintained. Almost all of the old asn1_mac.h macro based ASN1
- has also been converted to the new form.
- [Steve Henson]
-
- *) Change BN_mod_exp_recp so that negative moduli are tolerated
- (the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set
- so that BN_mod_exp_mont and BN_mod_exp_mont_word work
- for negative moduli.
- [Bodo Moeller]
-
- *) Fix BN_uadd and BN_usub: Always return non-negative results instead
- of not touching the result's sign bit.
- [Bodo Moeller]
-
- *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
- set.
- [Bodo Moeller]
-
- *) Changed the LHASH code to use prototypes for callbacks, and created
- macros to declare and implement thin (optionally static) functions
- that provide type-safety and avoid function pointer casting for the
- type-specific callbacks.
- [Geoff Thorpe]
-
- *) Added Kerberos Cipher Suites to be used with TLS, as written in
- RFC 2712.
- [Veers Staats <staatsvr at asc.hpc.mil>,
- Jeffrey Altman <jaltman at columbia.edu>, via Richard Levitte]
-
- *) Reformat the FAQ so the different questions and answers can be divided
- in sections depending on the subject.
- [Richard Levitte]
-
- *) Have the zlib compression code load ZLIB.DLL dynamically under
- Windows.
- [Richard Levitte]
-
- *) New function BN_mod_sqrt for computing square roots modulo a prime
- (using the probabilistic Tonelli-Shanks algorithm unless
- p == 3 (mod 4) or p == 5 (mod 8), which are cases that can
- be handled deterministically).
- [Lenka Fibikova <fibikova at exp-math.uni-essen.de>, Bodo Moeller]
-
- *) Make BN_mod_inverse faster by explicitly handling small quotients
- in the Euclid loop. (Speed gain about 20% for small moduli [256 or
- 512 bits], about 30% for larger ones [1024 or 2048 bits].)
- [Bodo Moeller]
-
- *) New function BN_kronecker.
- [Bodo Moeller]
-
- *) Fix BN_gcd so that it works on negative inputs; the result is
- positive unless both parameters are zero.
- Previously something reasonably close to an infinite loop was
- possible because numbers could be growing instead of shrinking
- in the implementation of Euclid's algorithm.
- [Bodo Moeller]
-
- *) Fix BN_is_word() and BN_is_one() macros to take into account the
- sign of the number in question.
-
- Fix BN_is_word(a,w) to work correctly for w == 0.
-
- The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w)
- because its test if the absolute value of 'a' equals 'w'.
- Note that BN_abs_is_word does *not* handle w == 0 reliably;
- it exists mostly for use in the implementations of BN_is_zero(),
- BN_is_one(), and BN_is_word().
- [Bodo Moeller]
-
- *) New function BN_swap.
- [Bodo Moeller]
-
- *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that
- the exponentiation functions are more likely to produce reasonable
- results on negative inputs.
- [Bodo Moeller]
-
- *) Change BN_mod_mul so that the result is always non-negative.
- Previously, it could be negative if one of the factors was negative;
- I don't think anyone really wanted that behaviour.
- [Bodo Moeller]
-
- *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c
- (except for exponentiation, which stays in crypto/bn/bn_exp.c,
- and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c)
- and add new functions:
-
- BN_nnmod
- BN_mod_sqr
- BN_mod_add
- BN_mod_add_quick
- BN_mod_sub
- BN_mod_sub_quick
- BN_mod_lshift1
- BN_mod_lshift1_quick
- BN_mod_lshift
- BN_mod_lshift_quick
-
- These functions always generate non-negative results.
-
- BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r
- such that |m| < r < 0, BN_nnmod will output rem + |m| instead).
-
- BN_mod_XXX_quick(r, a, [b,] m) generates the same result as
- BN_mod_XXX(r, a, [b,] m, ctx), but requires that a [and b]
- be reduced modulo m.
- [Lenka Fibikova <fibikova at exp-math.uni-essen.de>, Bodo Moeller]
-
-#if 0
- The following entry accidentily appeared in the CHANGES file
- distributed with OpenSSL 0.9.7. The modifications described in
- it do *not* apply to OpenSSL 0.9.7.
-
- *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
- was actually never needed) and in BN_mul(). The removal in BN_mul()
- required a small change in bn_mul_part_recursive() and the addition
- of the functions bn_cmp_part_words(), bn_sub_part_words() and
- bn_add_part_words(), which do the same thing as bn_cmp_words(),
- bn_sub_words() and bn_add_words() except they take arrays with
- differing sizes.
- [Richard Levitte]
-#endif
-
- *) In 'openssl passwd', verify passwords read from the terminal
- unless the '-salt' option is used (which usually means that
- verification would just waste user's time since the resulting
- hash is going to be compared with some given password hash)
- or the new '-noverify' option is used.
-
- This is an incompatible change, but it does not affect
- non-interactive use of 'openssl passwd' (passwords on the command
- line, '-stdin' option, '-in ...' option) and thus should not
- cause any problems.
- [Bodo Moeller]
-
- *) Remove all references to RSAref, since there's no more need for it.
- [Richard Levitte]
-
- *) Make DSO load along a path given through an environment variable
- (SHLIB_PATH) with shl_load().
- [Richard Levitte]
-
- *) Constify the ENGINE code as a result of BIGNUM constification.
- Also constify the RSA code and most things related to it. In a
- few places, most notable in the depth of the ASN.1 code, ugly
- casts back to non-const were required (to be solved at a later
- time)
- [Richard Levitte]
-
- *) Make it so the openssl application has all engines loaded by default.
- [Richard Levitte]
-
- *) Constify the BIGNUM routines a little more.
- [Richard Levitte]
-
- *) Add the following functions:
-
- ENGINE_load_cswift()
- ENGINE_load_chil()
- ENGINE_load_atalla()
- ENGINE_load_nuron()
- ENGINE_load_builtin_engines()
-
- That way, an application can itself choose if external engines that
- are built-in in OpenSSL shall ever be used or not. The benefit is
- that applications won't have to be linked with libdl or other dso
- libraries unless it's really needed.
-
- Changed 'openssl engine' to load all engines on demand.
- Changed the engine header files to avoid the duplication of some
- declarations (they differed!).
- [Richard Levitte]
-
- *) 'openssl engine' can now list capabilities.
- [Richard Levitte]
-
- *) Better error reporting in 'openssl engine'.
- [Richard Levitte]
-
- *) Never call load_dh_param(NULL) in s_server.
- [Bodo Moeller]
-
- *) Add engine application. It can currently list engines by name and
- identity, and test if they are actually available.
- [Richard Levitte]
-
- *) Improve RPM specification file by forcing symbolic linking and making
- sure the installed documentation is also owned by root.root.
- [Damien Miller <djm at mindrot.org>]
-
- *) Give the OpenSSL applications more possibilities to make use of
- keys (public as well as private) handled by engines.
- [Richard Levitte]
-
- *) Add OCSP code that comes from CertCo.
- [Richard Levitte]
-
- *) Add VMS support for the Rijndael code.
- [Richard Levitte]
-
- *) Added untested support for Nuron crypto accelerator.
- [Ben Laurie]
-
- *) Add support for external cryptographic devices. This code was
- previously distributed separately as the "engine" branch.
- [Geoff Thorpe, Richard Levitte]
-
- *) Rework the filename-translation in the DSO code. It is now possible to
- have far greater control over how a "name" is turned into a filename
- depending on the operating environment and any oddities about the
- different shared library filenames on each system.
- [Geoff Thorpe]
-
- *) Support threads on FreeBSD-elf in Configure.
- [Richard Levitte]
-
- *) Fix for SHA1 assembly problem with MASM: it produces
- warnings about corrupt line number information when assembling
- with debugging information. This is caused by the overlapping
- of two sections.
- [Bernd Matthes <mainbug at celocom.de>, Steve Henson]
-
- *) NCONF changes.
- NCONF_get_number() has no error checking at all. As a replacement,
- NCONF_get_number_e() is defined (_e for "error checking") and is
- promoted strongly. The old NCONF_get_number is kept around for
- binary backward compatibility.
- Make it possible for methods to load from something other than a BIO,
- by providing a function pointer that is given a name instead of a BIO.
- For example, this could be used to load configuration data from an
- LDAP server.
- [Richard Levitte]
-
- *) Fix for non blocking accept BIOs. Added new I/O special reason
- BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs
- with non blocking I/O was not possible because no retry code was
- implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
- this case.
- [Steve Henson]
-
- *) Added the beginnings of Rijndael support.
- [Ben Laurie]
-
- *) Fix for bug in DirectoryString mask setting. Add support for
- X509_NAME_print_ex() in 'req' and X509_print_ex() function
- to allow certificate printing to more controllable, additional
- 'certopt' option to 'x509' to allow new printing options to be
- set.
- [Steve Henson]
-
- *) Clean old EAY MD5 hack from e_os.h.
- [Richard Levitte]
-
- Changes between 0.9.6l and 0.9.6m [17 Mar 2004]
-
- *) Fix null-pointer assignment in do_change_cipher_spec() revealed
- by using the Codenomicon TLS Test Tool (CVE-2004-0079)
- [Joe Orton, Steve Henson]
-
- Changes between 0.9.6k and 0.9.6l [04 Nov 2003]
-
- *) Fix additional bug revealed by the NISCC test suite:
-
- Stop bug triggering large recursion when presented with
- certain ASN.1 tags (CVE-2003-0851)
- [Steve Henson]
-
- Changes between 0.9.6j and 0.9.6k [30 Sep 2003]
-
- *) Fix various bugs revealed by running the NISCC test suite:
-
- Stop out of bounds reads in the ASN1 code when presented with
- invalid tags (CVE-2003-0543 and CVE-2003-0544).
-
- If verify callback ignores invalid public key errors don't try to check
- certificate signature with the NULL public key.
-
- [Steve Henson]
-
- *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
- if the server requested one: as stated in TLS 1.0 and SSL 3.0
- specifications.
- [Steve Henson]
-
- *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
- extra data after the compression methods not only for TLS 1.0
- but also for SSL 3.0 (as required by the specification).
- [Bodo Moeller; problem pointed out by Matthias Loepfe]
-
- *) Change X509_certificate_type() to mark the key as exported/exportable
- when it's 512 *bits* long, not 512 bytes.
- [Richard Levitte]
-
- Changes between 0.9.6i and 0.9.6j [10 Apr 2003]
-
- *) Countermeasure against the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack on PKCS #1 v1.5 padding: treat
- a protocol version number mismatch like a decryption error
- in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
- [Bodo Moeller]
-
- *) Turn on RSA blinding by default in the default implementation
- to avoid a timing attack. Applications that don't want it can call
- RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
- They would be ill-advised to do so in most cases.
- [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
-
- *) Change RSA blinding code so that it works when the PRNG is not
- seeded (in this case, the secret RSA exponent is abused as
- an unpredictable seed -- if it is not unpredictable, there
- is no point in blinding anyway). Make RSA blinding thread-safe
- by remembering the creator's thread ID in rsa->blinding and
- having all other threads use local one-time blinding factors
- (this requires more computation than sharing rsa->blinding, but
- avoids excessive locking; and if an RSA object is not shared
- between threads, blinding will still be very fast).
- [Bodo Moeller]
-
- Changes between 0.9.6h and 0.9.6i [19 Feb 2003]
-
- *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
- via timing by performing a MAC computation even if incorrrect
- block cipher padding has been found. This is a countermeasure
- against active attacks where the attacker has to distinguish
- between bad padding and a MAC verification error. (CVE-2003-0078)
-
- [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
- Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
- Martin Vuagnoux (EPFL, Ilion)]
-
- Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
-
- *) New function OPENSSL_cleanse(), which is used to cleanse a section of
- memory from it's contents. This is done with a counter that will
- place alternating values in each byte. This can be used to solve
- two issues: 1) the removal of calls to memset() by highly optimizing
- compilers, and 2) cleansing with other values than 0, since those can
- be read through on certain media, for example a swap space on disk.
- [Geoff Thorpe]
-
- *) Bugfix: client side session caching did not work with external caching,
- because the session->cipher setting was not restored when reloading
- from the external cache. This problem was masked, when
- SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
- (Found by Steve Haslam <steve at araqnid.ddts.net>.)
- [Lutz Jaenicke]
-
- *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
- length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
- [Zeev Lieber <zeev-l at yahoo.com>]
-
- *) Undo an undocumented change introduced in 0.9.6e which caused
- repeated calls to OpenSSL_add_all_ciphers() and
- OpenSSL_add_all_digests() to be ignored, even after calling
- EVP_cleanup().
- [Richard Levitte]
-
- *) Change the default configuration reader to deal with last line not
- being properly terminated.
- [Richard Levitte]
-
- *) Change X509_NAME_cmp() so it applies the special rules on handling
- DN values that are of type PrintableString, as well as RDNs of type
- emailAddress where the value has the type ia5String.
- [stefank at valicert.com via Richard Levitte]
-
- *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half
- the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently
- doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
- the bitwise-OR of the two for use by the majority of applications
- wanting this behaviour, and update the docs. The documented
- behaviour and actual behaviour were inconsistent and had been
- changing anyway, so this is more a bug-fix than a behavioural
- change.
- [Geoff Thorpe, diagnosed by Nadav Har'El]
-
- *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
- (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
- [Bodo Moeller]
-
- *) Fix initialization code race conditions in
- SSLv23_method(), SSLv23_client_method(), SSLv23_server_method(),
- SSLv2_method(), SSLv2_client_method(), SSLv2_server_method(),
- SSLv3_method(), SSLv3_client_method(), SSLv3_server_method(),
- TLSv1_method(), TLSv1_client_method(), TLSv1_server_method(),
- ssl2_get_cipher_by_char(),
- ssl3_get_cipher_by_char().
- [Patrick McCormick <patrick at tellme.com>, Bodo Moeller]
-
- *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
- the cached sessions are flushed, as the remove_cb() might use ex_data
- contents. Bug found by Sam Varshavchik <mrsam at courier-mta.com>
- (see [openssl.org #212]).
- [Geoff Thorpe, Lutz Jaenicke]
-
- *) Fix typo in OBJ_txt2obj which incorrectly passed the content
- length, instead of the encoding length to d2i_ASN1_OBJECT.
- [Steve Henson]
-
- Changes between 0.9.6f and 0.9.6g [9 Aug 2002]
-
- *) [In 0.9.6g-engine release:]
- Fix crypto/engine/vendor_defns/cswift.h for WIN32 (use '_stdcall').
- [Lynn Gazis <lgazis at rainbow.com>]
-
- Changes between 0.9.6e and 0.9.6f [8 Aug 2002]
-
- *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
- and get fix the header length calculation.
- [Florian Weimer <Weimer at CERT.Uni-Stuttgart.DE>,
- Alon Kantor <alonk at checkpoint.com> (and others),
- Steve Henson]
-
- *) Use proper error handling instead of 'assertions' in buffer
- overflow checks added in 0.9.6e. This prevents DoS (the
- assertions could call abort()).
- [Arne Ansper <arne at ats.cyber.ee>, Bodo Moeller]
-
- Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
-
- *) Add various sanity checks to asn1_get_length() to reject
- the ASN1 length bytes if they exceed sizeof(long), will appear
- negative or the content length exceeds the length of the
- supplied buffer.
- [Steve Henson, Adi Stav <stav at mercury.co.il>, James Yonan <jim at ntlp.com>]
-
- *) Fix cipher selection routines: ciphers without encryption had no flags
- for the cipher strength set and where therefore not handled correctly
- by the selection routines (PR #130).
- [Lutz Jaenicke]
-
- *) Fix EVP_dsa_sha macro.
- [Nils Larsch]
-
- *) New option
- SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
- for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
- that was added in OpenSSL 0.9.6d.
-
- As the countermeasure turned out to be incompatible with some
- broken SSL implementations, the new option is part of SSL_OP_ALL.
- SSL_OP_ALL is usually employed when compatibility with weird SSL
- implementations is desired (e.g. '-bugs' option to 's_client' and
- 's_server'), so the new option is automatically set in many
- applications.
- [Bodo Moeller]
-
- *) Changes in security patch:
-
- Changes marked "(CHATS)" were sponsored by the Defense Advanced
- Research Projects Agency (DARPA) and Air Force Research Laboratory,
- Air Force Materiel Command, USAF, under agreement number
- F30602-01-2-0537.
-
- *) Add various sanity checks to asn1_get_length() to reject
- the ASN1 length bytes if they exceed sizeof(long), will appear
- negative or the content length exceeds the length of the
- supplied buffer. (CVE-2002-0659)
- [Steve Henson, Adi Stav <stav at mercury.co.il>, James Yonan <jim at ntlp.com>]
-
- *) Assertions for various potential buffer overflows, not known to
- happen in practice.
- [Ben Laurie (CHATS)]
-
- *) Various temporary buffers to hold ASCII versions of integers were
- too small for 64 bit platforms. (CVE-2002-0655)
- [Matthew Byng-Maddick <mbm at aldigital.co.uk> and Ben Laurie (CHATS)>
-
- *) Remote buffer overflow in SSL3 protocol - an attacker could
- supply an oversized session ID to a client. (CVE-2002-0656)
- [Ben Laurie (CHATS)]
-
- *) Remote buffer overflow in SSL2 protocol - an attacker could
- supply an oversized client master key. (CVE-2002-0656)
- [Ben Laurie (CHATS)]
-
- Changes between 0.9.6c and 0.9.6d [9 May 2002]
-
- *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
- encoded as NULL) with id-dsa-with-sha1.
- [Nils Larsch <nla at trustcenter.de>; problem pointed out by Bodo Moeller]
-
- *) Check various X509_...() return values in apps/req.c.
- [Nils Larsch <nla at trustcenter.de>]
-
- *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
- an end-of-file condition would erronously be flagged, when the CRLF
- was just at the end of a processed block. The bug was discovered when
- processing data through a buffering memory BIO handing the data to a
- BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov
- <ptsekov at syntrex.com> and Nedelcho Stanev.
- [Lutz Jaenicke]
-
- *) Implement a countermeasure against a vulnerability recently found
- in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
- before application data chunks to avoid the use of known IVs
- with data potentially chosen by the attacker.
- [Bodo Moeller]
-
- *) Fix length checks in ssl3_get_client_hello().
- [Bodo Moeller]
-
- *) TLS/SSL library bugfix: use s->s3->in_read_app_data differently
- to prevent ssl3_read_internal() from incorrectly assuming that
- ssl3_read_bytes() found application data while handshake
- processing was enabled when in fact s->s3->in_read_app_data was
- merely automatically cleared during the initial handshake.
- [Bodo Moeller; problem pointed out by Arne Ansper <arne at ats.cyber.ee>]
-
- *) Fix object definitions for Private and Enterprise: they were not
- recognized in their shortname (=lowercase) representation. Extend
- obj_dat.pl to issue an error when using undefined keywords instead
- of silently ignoring the problem (Svenning Sorensen
- <sss at sss.dnsalias.net>).
- [Lutz Jaenicke]
-
- *) Fix DH_generate_parameters() so that it works for 'non-standard'
- generators, i.e. generators other than 2 and 5. (Previously, the
- code did not properly initialise the 'add' and 'rem' values to
- BN_generate_prime().)
-
- In the new general case, we do not insist that 'generator' is
- actually a primitive root: This requirement is rather pointless;
- a generator of the order-q subgroup is just as good, if not
- better.
- [Bodo Moeller]
-
- *) Map new X509 verification errors to alerts. Discovered and submitted by
- Tom Wu <tom at arcot.com>.
- [Lutz Jaenicke]
-
- *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from
- returning non-zero before the data has been completely received
- when using non-blocking I/O.
- [Bodo Moeller; problem pointed out by John Hughes]
-
- *) Some of the ciphers missed the strength entry (SSL_LOW etc).
- [Ben Laurie, Lutz Jaenicke]
-
- *) Fix bug in SSL_clear(): bad sessions were not removed (found by
- Yoram Zahavi <YoramZ at gilian.com>).
- [Lutz Jaenicke]
-
- *) Add information about CygWin 1.3 and on, and preserve proper
- configuration for the versions before that.
- [Corinna Vinschen <vinschen at redhat.com> and Richard Levitte]
-
- *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
- check whether we deal with a copy of a session and do not delete from
- the cache in this case. Problem reported by "Izhar Shoshani Levi"
- <izhar at checkpoint.com>.
- [Lutz Jaenicke]
-
- *) Do not store session data into the internal session cache, if it
- is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
- flag is set). Proposed by Aslam <aslam at funk.com>.
- [Lutz Jaenicke]
-
- *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
- value is 0.
- [Richard Levitte]
-
- *) [In 0.9.6d-engine release:]
- Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
- [Toomas Kiisk <vix at cyber.ee> via Richard Levitte]
-
- *) Add the configuration target linux-s390x.
- [Neale Ferguson <Neale.Ferguson at SoftwareAG-USA.com> via Richard Levitte]
-
- *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
- ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
- variable as an indication that a ClientHello message has been
- received. As the flag value will be lost between multiple
- invocations of ssl3_accept when using non-blocking I/O, the
- function may not be aware that a handshake has actually taken
- place, thus preventing a new session from being added to the
- session cache.
-
- To avoid this problem, we now set s->new_session to 2 instead of
- using a local variable.
- [Lutz Jaenicke, Bodo Moeller]
-
- *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
- if the SSL_R_LENGTH_MISMATCH error is detected.
- [Geoff Thorpe, Bodo Moeller]
-
- *) New 'shared_ldflag' column in Configure platform table.
- [Richard Levitte]
-
- *) Fix EVP_CIPHER_mode macro.
- ["Dan S. Camper" <dan at bti.net>]
-
- *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
- type, we must throw them away by setting rr->length to 0.
- [D P Chang <dpc at qualys.com>]
-
- Changes between 0.9.6b and 0.9.6c [21 dec 2001]
-
- *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
- <Dominikus.Scherkl at biodata.com>. (The previous implementation
- worked incorrectly for those cases where range = 10..._2 and
- 3*range is two bits longer than range.)
- [Bodo Moeller]
-
- *) Only add signing time to PKCS7 structures if it is not already
- present.
- [Steve Henson]
-
- *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
- OBJ_ld_ce should be OBJ_id_ce.
- Also some ip-pda OIDs in crypto/objects/objects.txt were
- incorrect (cf. RFC 3039).
- [Matt Cooper, Frederic Giudicelli, Bodo Moeller]
-
- *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
- returns early because it has nothing to do.
- [Andy Schneider <andy.schneider at bjss.co.uk>]
-
- *) [In 0.9.6c-engine release:]
- Fix mutex callback return values in crypto/engine/hw_ncipher.c.
- [Andy Schneider <andy.schneider at bjss.co.uk>]
-
- *) [In 0.9.6c-engine release:]
- Add support for Cryptographic Appliance's keyserver technology.
- (Use engine 'keyclient')
- [Cryptographic Appliances and Geoff Thorpe]
-
- *) Add a configuration entry for OS/390 Unix. The C compiler 'c89'
- is called via tools/c89.sh because arguments have to be
- rearranged (all '-L' options must appear before the first object
- modules).
- [Richard Shapiro <rshapiro at abinitio.com>]
-
- *) [In 0.9.6c-engine release:]
- Add support for Broadcom crypto accelerator cards, backported
- from 0.9.7.
- [Broadcom, Nalin Dahyabhai <nalin at redhat.com>, Mark Cox]
-
- *) [In 0.9.6c-engine release:]
- Add support for SureWare crypto accelerator cards from
- Baltimore Technologies. (Use engine 'sureware')
- [Baltimore Technologies and Mark Cox]
-
- *) [In 0.9.6c-engine release:]
- Add support for crypto accelerator cards from Accelerated
- Encryption Processing, www.aep.ie. (Use engine 'aep')
- [AEP Inc. and Mark Cox]
-
- *) Add a configuration entry for gcc on UnixWare.
- [Gary Benson <gbenson at redhat.com>]
-
- *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
- messages are stored in a single piece (fixed-length part and
- variable-length part combined) and fix various bugs found on the way.
- [Bodo Moeller]
-
- *) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
- instead. BIO_gethostbyname() does not know what timeouts are
- appropriate, so entries would stay in cache even when they have
- become invalid.
- [Bodo Moeller; problem pointed out by Rich Salz <rsalz at zolera.com>
-
- *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
- faced with a pathologically small ClientHello fragment that does
- not contain client_version: Instead of aborting with an error,
- simply choose the highest available protocol version (i.e.,
- TLS 1.0 unless it is disabled). In practice, ClientHello
- messages are never sent like this, but this change gives us
- strictly correct behaviour at least for TLS.
- [Bodo Moeller]
-
- *) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
- never resets s->method to s->ctx->method when called from within
- one of the SSL handshake functions.
- [Bodo Moeller; problem pointed out by Niko Baric]
-
- *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
- (sent using the client's version number) if client_version is
- smaller than the protocol version in use. Also change
- ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
- the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
- the client will at least see that alert.
- [Bodo Moeller]
-
- *) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
- correctly.
- [Bodo Moeller]
-
- *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
- client receives HelloRequest while in a handshake.
- [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider at bjss.co.uk>]
-
- *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
- should end in 'break', not 'goto end' which circuments various
- cleanups done in state SSL_ST_OK. But session related stuff
- must be disabled for SSL_ST_OK in the case that we just sent a
- HelloRequest.
-
- Also avoid some overhead by not calling ssl_init_wbio_buffer()
- before just sending a HelloRequest.
- [Bodo Moeller, Eric Rescorla <ekr at rtfm.com>]
-
- *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
- reveal whether illegal block cipher padding was found or a MAC
- verification error occured. (Neither SSLerr() codes nor alerts
- are directly visible to potential attackers, but the information
- may leak via logfiles.)
-
- Similar changes are not required for the SSL 2.0 implementation
- because the number of padding bytes is sent in clear for SSL 2.0,
- and the extra bytes are just ignored. However ssl/s2_pkt.c
- failed to verify that the purported number of padding bytes is in
- the legal range.
- [Bodo Moeller]
-
- *) Add OpenUNIX-8 support including shared libraries
- (Boyd Lynn Gerber <gerberb at zenez.com>).
- [Lutz Jaenicke]
-
- *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
- 'wristwatch attack' using huge encoding parameters (cf.
- James H. Manger's CRYPTO 2001 paper). Note that the
- RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
- encoding parameters and hence was not vulnerable.
- [Bodo Moeller]
-
- *) BN_sqr() bug fix.
- [Ulf Möller, reported by Jim Ellis <jim.ellis at cavium.com>]
-
- *) Rabin-Miller test analyses assume uniformly distributed witnesses,
- so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
- followed by modular reduction.
- [Bodo Moeller; pointed out by Adam Young <AYoung1 at NCSUS.JNJ.COM>]
-
- *) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
- equivalent based on BN_pseudo_rand() instead of BN_rand().
- [Bodo Moeller]
-
- *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
- This function was broken, as the check for a new client hello message
- to handle SGC did not allow these large messages.
- (Tracked down by "Douglas E. Engert" <deengert at anl.gov>.)
- [Lutz Jaenicke]
-
- *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
- [Lutz Jaenicke]
-
- *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
- for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton at netopia.com>).
- [Lutz Jaenicke]
-
- *) Rework the configuration and shared library support for Tru64 Unix.
- The configuration part makes use of modern compiler features and
- still retains old compiler behavior for those that run older versions
- of the OS. The shared library support part includes a variant that
- uses the RPATH feature, and is available through the special
- configuration target "alpha-cc-rpath", which will never be selected
- automatically.
- [Tim Mooney <mooney at dogbert.cc.ndsu.NoDak.edu> via Richard Levitte]
-
- *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
- with the same message size as in ssl3_get_certificate_request().
- Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
- messages might inadvertently be reject as too long.
- [Petr Lampa <lampa at fee.vutbr.cz>]
-
- *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX).
- [Andy Polyakov]
-
- *) Modified SSL library such that the verify_callback that has been set
- specificly for an SSL object with SSL_set_verify() is actually being
- used. Before the change, a verify_callback set with this function was
- ignored and the verify_callback() set in the SSL_CTX at the time of
- the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
- to allow the necessary settings.
- [Lutz Jaenicke]
-
- *) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
- explicitly to NULL, as at least on Solaris 8 this seems not always to be
- done automatically (in contradiction to the requirements of the C
- standard). This made problems when used from OpenSSH.
- [Lutz Jaenicke]
-
- *) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
- dh->length and always used
-
- BN_rand_range(priv_key, dh->p).
-
- BN_rand_range() is not necessary for Diffie-Hellman, and this
- specific range makes Diffie-Hellman unnecessarily inefficient if
- dh->length (recommended exponent length) is much smaller than the
- length of dh->p. We could use BN_rand_range() if the order of
- the subgroup was stored in the DH structure, but we only have
- dh->length.
-
- So switch back to
-
- BN_rand(priv_key, l, ...)
-
- where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
- otherwise.
- [Bodo Moeller]
-
- *) In
-
- RSA_eay_public_encrypt
- RSA_eay_private_decrypt
- RSA_eay_private_encrypt (signing)
- RSA_eay_public_decrypt (signature verification)
-
- (default implementations for RSA_public_encrypt,
- RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt),
- always reject numbers >= n.
- [Bodo Moeller]
-
- *) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
- to synchronize access to 'locking_thread'. This is necessary on
- systems where access to 'locking_thread' (an 'unsigned long'
- variable) is not atomic.
- [Bodo Moeller]
-
- *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
- *before* setting the 'crypto_lock_rand' flag. The previous code had
- a race condition if 0 is a valid thread ID.
- [Travis Vitek <vitek at roguewave.com>]
-
- *) Add support for shared libraries under Irix.
- [Albert Chin-A-Young <china at thewrittenword.com>]
-
- *) Add configuration option to build on Linux on both big-endian and
- little-endian MIPS.
- [Ralf Baechle <ralf at uni-koblenz.de>]
-
- *) Add the possibility to create shared libraries on HP-UX.
- [Richard Levitte]
-
- Changes between 0.9.6a and 0.9.6b [9 Jul 2001]
-
- *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
- to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
- Markku-Juhani O. Saarinen <markku-juhani.saarinen at nokia.com>:
- PRNG state recovery was possible based on the output of
- one PRNG request appropriately sized to gain knowledge on
- 'md' followed by enough consecutive 1-byte PRNG requests
- to traverse all of 'state'.
-
- 1. When updating 'md_local' (the current thread's copy of 'md')
- during PRNG output generation, hash all of the previous
- 'md_local' value, not just the half used for PRNG output.
-
- 2. Make the number of bytes from 'state' included into the hash
- independent from the number of PRNG bytes requested.
-
- The first measure alone would be sufficient to avoid
- Markku-Juhani's attack. (Actually it had never occurred
- to me that the half of 'md_local' used for chaining was the
- half from which PRNG output bytes were taken -- I had always
- assumed that the secret half would be used.) The second
- measure makes sure that additional data from 'state' is never
- mixed into 'md_local' in small portions; this heuristically
- further strengthens the PRNG.
- [Bodo Moeller]
-
- *) Fix crypto/bn/asm/mips3.s.
- [Andy Polyakov]
-
- *) When only the key is given to "enc", the IV is undefined. Print out
- an error message in this case.
- [Lutz Jaenicke]
-
- *) Handle special case when X509_NAME is empty in X509 printing routines.
- [Steve Henson]
-
- *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
- positive and less than q.
- [Bodo Moeller]
-
- *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
- used: it isn't thread safe and the add_lock_callback should handle
- that itself.
- [Paul Rose <Paul.Rose at bridge.com>]
-
- *) Verify that incoming data obeys the block size in
- ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
- [Bodo Moeller]
-
- *) Fix OAEP check.
- [Ulf Möller, Bodo Möller]
-
- *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
- RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
- when fixing the server behaviour for backwards-compatible 'client
- hello' messages. (Note that the attack is impractical against
- SSL 3.0 and TLS 1.0 anyway because length and version checking
- means that the probability of guessing a valid ciphertext is
- around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
- paper.)
-
- Before 0.9.5, the countermeasure (hide the error by generating a
- random 'decryption result') did not work properly because
- ERR_clear_error() was missing, meaning that SSL_get_error() would
- detect the supposedly ignored error.
-
- Both problems are now fixed.
- [Bodo Moeller]
-
- *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
- (previously it was 1024).
- [Bodo Moeller]
-
- *) Fix for compatibility mode trust settings: ignore trust settings
- unless some valid trust or reject settings are present.
- [Steve Henson]
-
- *) Fix for blowfish EVP: its a variable length cipher.
- [Steve Henson]
-
- *) Fix various bugs related to DSA S/MIME verification. Handle missing
- parameters in DSA public key structures and return an error in the
- DSA routines if parameters are absent.
- [Steve Henson]
-
- *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
- in the current directory if neither $RANDFILE nor $HOME was set.
- RAND_file_name() in 0.9.6a returned NULL in this case. This has
- caused some confusion to Windows users who haven't defined $HOME.
- Thus RAND_file_name() is changed again: e_os.h can define a
- DEFAULT_HOME, which will be used if $HOME is not set.
- For Windows, we use "C:"; on other platforms, we still require
- environment variables.
-
- *) Move 'if (!initialized) RAND_poll()' into regions protected by
- CRYPTO_LOCK_RAND. This is not strictly necessary, but avoids
- having multiple threads call RAND_poll() concurrently.
- [Bodo Moeller]
-
- *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
- combination of a flag and a thread ID variable.
- Otherwise while one thread is in ssleay_rand_bytes (which sets the
- flag), *other* threads can enter ssleay_add_bytes without obeying
- the CRYPTO_LOCK_RAND lock (and may even illegally release the lock
- that they do not hold after the first thread unsets add_do_not_lock).
- [Bodo Moeller]
-
- *) Change bctest again: '-x' expressions are not available in all
- versions of 'test'.
- [Bodo Moeller]
-
- Changes between 0.9.6 and 0.9.6a [5 Apr 2001]
-
- *) Fix a couple of memory leaks in PKCS7_dataDecode()
- [Steve Henson, reported by Heyun Zheng <hzheng at atdsprint.com>]
-
- *) Change Configure and Makefiles to provide EXE_EXT, which will contain
- the default extension for executables, if any. Also, make the perl
- scripts that use symlink() to test if it really exists and use "cp"
- if it doesn't. All this made OpenSSL compilable and installable in
- CygWin.
- [Richard Levitte]
-
- *) Fix for asn1_GetSequence() for indefinite length constructed data.
- If SEQUENCE is length is indefinite just set c->slen to the total
- amount of data available.
- [Steve Henson, reported by shige at FreeBSD.org]
- [This change does not apply to 0.9.7.]
-
- *) Change bctest to avoid here-documents inside command substitution
- (workaround for FreeBSD /bin/sh bug).
- For compatibility with Ultrix, avoid shell functions (introduced
- in the bctest version that searches along $PATH).
- [Bodo Moeller]
-
- *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes
- with des_encrypt() defined on some operating systems, like Solaris
- and UnixWare.
- [Richard Levitte]
-
- *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
- On the Importance of Eliminating Errors in Cryptographic
- Computations, J. Cryptology 14 (2001) 2, 101-119,
- http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
- [Ulf Moeller]
-
- *) MIPS assembler BIGNUM division bug fix.
- [Andy Polyakov]
-
- *) Disabled incorrect Alpha assembler code.
- [Richard Levitte]
-
- *) Fix PKCS#7 decode routines so they correctly update the length
- after reading an EOC for the EXPLICIT tag.
- [Steve Henson]
- [This change does not apply to 0.9.7.]
-
- *) Fix bug in PKCS#12 key generation routines. This was triggered
- if a 3DES key was generated with a 0 initial byte. Include
- PKCS12_BROKEN_KEYGEN compilation option to retain the old
- (but broken) behaviour.
- [Steve Henson]
-
- *) Enhance bctest to search for a working bc along $PATH and print
- it when found.
- [Tim Rice <tim at multitalents.net> via Richard Levitte]
-
- *) Fix memory leaks in err.c: free err_data string if necessary;
- don't write to the wrong index in ERR_set_error_data.
- [Bodo Moeller]
-
- *) Implement ssl23_peek (analogous to ssl23_read), which previously
- did not exist.
- [Bodo Moeller]
-
- *) Replace rdtsc with _emit statements for VC++ version 5.
- [Jeremy Cooper <jeremy at baymoo.org>]
-
- *) Make it possible to reuse SSLv2 sessions.
- [Richard Levitte]
-
- *) In copy_email() check for >= 0 as a return value for
- X509_NAME_get_index_by_NID() since 0 is a valid index.
- [Steve Henson reported by Massimiliano Pala <madwolf at opensca.org>]
-
- *) Avoid coredump with unsupported or invalid public keys by checking if
- X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
- PKCS7_verify() fails with non detached data.
- [Steve Henson]
-
- *) Don't use getenv in library functions when run as setuid/setgid.
- New function OPENSSL_issetugid().
- [Ulf Moeller]
-
- *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
- due to incorrect handling of multi-threading:
-
- 1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
-
- 2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
-
- 3. Count how many times MemCheck_off() has been called so that
- nested use can be treated correctly. This also avoids
- inband-signalling in the previous code (which relied on the
- assumption that thread ID 0 is impossible).
- [Bodo Moeller]
-
- *) Add "-rand" option also to s_client and s_server.
- [Lutz Jaenicke]
-
- *) Fix CPU detection on Irix 6.x.
- [Kurt Hockenbury <khockenb at stevens-tech.edu> and
- "Bruce W. Forsberg" <bruce.forsberg at baesystems.com>]
-
- *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
- was empty.
- [Steve Henson]
- [This change does not apply to 0.9.7.]
-
- *) Use the cached encoding of an X509_NAME structure rather than
- copying it. This is apparently the reason for the libsafe "errors"
- but the code is actually correct.
- [Steve Henson]
-
- *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
- Bleichenbacher's DSA attack.
- Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
- to be set and top=0 forces the highest bit to be set; top=-1 is new
- and leaves the highest bit random.
- [Ulf Moeller, Bodo Moeller]
-
- *) In the NCONF_...-based implementations for CONF_... queries
- (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
- a temporary CONF structure with the data component set to NULL
- (which gives segmentation faults in lh_retrieve).
- Instead, use NULL for the CONF pointer in CONF_get_string and
- CONF_get_number (which may use environment variables) and directly
- return NULL from CONF_get_section.
- [Bodo Moeller]
-
- *) Fix potential buffer overrun for EBCDIC.
- [Ulf Moeller]
-
- *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
- keyUsage if basicConstraints absent for a CA.
- [Steve Henson]
-
- *) Make SMIME_write_PKCS7() write mail header values with a format that
- is more generally accepted (no spaces before the semicolon), since
- some programs can't parse those values properly otherwise. Also make
- sure BIO's that break lines after each write do not create invalid
- headers.
- [Richard Levitte]
-
- *) Make the CRL encoding routines work with empty SEQUENCE OF. The
- macros previously used would not encode an empty SEQUENCE OF
- and break the signature.
- [Steve Henson]
- [This change does not apply to 0.9.7.]
-
- *) Zero the premaster secret after deriving the master secret in
- DH ciphersuites.
- [Steve Henson]
-
- *) Add some EVP_add_digest_alias registrations (as found in
- OpenSSL_add_all_digests()) to SSL_library_init()
- aka OpenSSL_add_ssl_algorithms(). This provides improved
- compatibility with peers using X.509 certificates
- with unconventional AlgorithmIdentifier OIDs.
- [Bodo Moeller]
-
- *) Fix for Irix with NO_ASM.
- ["Bruce W. Forsberg" <bruce.forsberg at baesystems.com>]
-
- *) ./config script fixes.
- [Ulf Moeller, Richard Levitte]
-
- *) Fix 'openssl passwd -1'.
- [Bodo Moeller]
-
- *) Change PKCS12_key_gen_asc() so it can cope with non null
- terminated strings whose length is passed in the passlen
- parameter, for example from PEM callbacks. This was done
- by adding an extra length parameter to asc2uni().
- [Steve Henson, reported by <oddissey at samsung.co.kr>]
-
- *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
- call failed, free the DSA structure.
- [Bodo Moeller]
-
- *) Fix to uni2asc() to cope with zero length Unicode strings.
- These are present in some PKCS#12 files.
- [Steve Henson]
-
- *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
- Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
- when writing a 32767 byte record.
- [Bodo Moeller; problem reported by Eric Day <eday at concentric.net>]
-
- *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
- obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}.
-
- (RSA objects have a reference count access to which is protected
- by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
- so they are meant to be shared between threads.)
- [Bodo Moeller, Geoff Thorpe; original patch submitted by
- "Reddie, Steven" <Steven.Reddie at ca.com>]
-
- *) Fix a deadlock in CRYPTO_mem_leaks().
- [Bodo Moeller]
-
- *) Use better test patterns in bntest.
- [Ulf Möller]
-
- *) rand_win.c fix for Borland C.
- [Ulf Möller]
-
- *) BN_rshift bugfix for n == 0.
- [Bodo Moeller]
-
- *) Add a 'bctest' script that checks for some known 'bc' bugs
- so that 'make test' does not abort just because 'bc' is broken.
- [Bodo Moeller]
-
- *) Store verify_result within SSL_SESSION also for client side to
- avoid potential security hole. (Re-used sessions on the client side
- always resulted in verify_result==X509_V_OK, not using the original
- result of the server certificate verification.)
- [Lutz Jaenicke]
-
- *) Fix ssl3_pending: If the record in s->s3->rrec is not of type
- SSL3_RT_APPLICATION_DATA, return 0.
- Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true.
- [Bodo Moeller]
-
- *) Fix SSL_peek:
- Both ssl2_peek and ssl3_peek, which were totally broken in earlier
- releases, have been re-implemented by renaming the previous
- implementations of ssl2_read and ssl3_read to ssl2_read_internal
- and ssl3_read_internal, respectively, and adding 'peek' parameters
- to them. The new ssl[23]_{read,peek} functions are calls to
- ssl[23]_read_internal with the 'peek' flag set appropriately.
- A 'peek' parameter has also been added to ssl3_read_bytes, which
- does the actual work for ssl3_read_internal.
- [Bodo Moeller]
-
- *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
- the method-specific "init()" handler. Also clean up ex_data after
- calling the method-specific "finish()" handler. Previously, this was
- happening the other way round.
- [Geoff Thorpe]
-
- *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16.
- The previous value, 12, was not always sufficient for BN_mod_exp().
- [Bodo Moeller]
-
- *) Make sure that shared libraries get the internal name engine with
- the full version number and not just 0. This should mark the
- shared libraries as not backward compatible. Of course, this should
- be changed again when we can guarantee backward binary compatibility.
- [Richard Levitte]
-
- *) Fix typo in get_cert_by_subject() in by_dir.c
- [Jean-Marc Desperrier <jean-marc.desperrier at certplus.com>]
-
- *) Rework the system to generate shared libraries:
-
- - Make note of the expected extension for the shared libraries and
- if there is a need for symbolic links from for example libcrypto.so.0
- to libcrypto.so.0.9.7. There is extended info in Configure for
- that.
-
- - Make as few rebuilds of the shared libraries as possible.
-
- - Still avoid linking the OpenSSL programs with the shared libraries.
-
- - When installing, install the shared libraries separately from the
- static ones.
- [Richard Levitte]
-
- *) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
-
- Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
- and not in SSL_clear because the latter is also used by the
- accept/connect functions; previously, the settings made by
- SSL_set_read_ahead would be lost during the handshake.
- [Bodo Moeller; problems reported by Anders Gertz <gertz at epact.se>]
-
- *) Correct util/mkdef.pl to be selective about disabled algorithms.
- Previously, it would create entries for disableed algorithms no
- matter what.
- [Richard Levitte]
-
- *) Added several new manual pages for SSL_* function.
- [Lutz Jaenicke]
-
- Changes between 0.9.5a and 0.9.6 [24 Sep 2000]
-
- *) In ssl23_get_client_hello, generate an error message when faced
- with an initial SSL 3.0/TLS record that is too small to contain the
- first two bytes of the ClientHello message, i.e. client_version.
- (Note that this is a pathologic case that probably has never happened
- in real life.) The previous approach was to use the version number
- from the record header as a substitute; but our protocol choice
- should not depend on that one because it is not authenticated
- by the Finished messages.
- [Bodo Moeller]
-
- *) More robust randomness gathering functions for Windows.
- [Jeffrey Altman <jaltman at columbia.edu>]
-
- *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
- not set then we don't setup the error code for issuer check errors
- to avoid possibly overwriting other errors which the callback does
- handle. If an application does set the flag then we assume it knows
- what it is doing and can handle the new informational codes
- appropriately.
- [Steve Henson]
-
- *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
- a general "ANY" type, as such it should be able to decode anything
- including tagged types. However it didn't check the class so it would
- wrongly interpret tagged types in the same way as their universal
- counterpart and unknown types were just rejected. Changed so that the
- tagged and unknown types are handled in the same way as a SEQUENCE:
- that is the encoding is stored intact. There is also a new type
- "V_ASN1_OTHER" which is used when the class is not universal, in this
- case we have no idea what the actual type is so we just lump them all
- together.
- [Steve Henson]
-
- *) On VMS, stdout may very well lead to a file that is written to
- in a record-oriented fashion. That means that every write() will
- write a separate record, which will be read separately by the
- programs trying to read from it. This can be very confusing.
-
- The solution is to put a BIO filter in the way that will buffer
- text until a linefeed is reached, and then write everything a
- line at a time, so every record written will be an actual line,
- not chunks of lines and not (usually doesn't happen, but I've
- seen it once) several lines in one record. BIO_f_linebuffer() is
- the answer.
-
- Currently, it's a VMS-only method, because that's where it has
- been tested well enough.
- [Richard Levitte]
-
- *) Remove 'optimized' squaring variant in BN_mod_mul_montgomery,
- it can return incorrect results.
- (Note: The buggy variant was not enabled in OpenSSL 0.9.5a,
- but it was in 0.9.6-beta[12].)
- [Bodo Moeller]
-
- *) Disable the check for content being present when verifying detached
- signatures in pk7_smime.c. Some versions of Netscape (wrongly)
- include zero length content when signing messages.
- [Steve Henson]
-
- *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
- BIO_ctrl (for BIO pairs).
- [Bodo Möller]
-
- *) Add DSO method for VMS.
- [Richard Levitte]
-
- *) Bug fix: Montgomery multiplication could produce results with the
- wrong sign.
- [Ulf Möller]
-
- *) Add RPM specification openssl.spec and modify it to build three
- packages. The default package contains applications, application
- documentation and run-time libraries. The devel package contains
- include files, static libraries and function documentation. The
- doc package contains the contents of the doc directory. The original
- openssl.spec was provided by Damien Miller <djm at mindrot.org>.
- [Richard Levitte]
-
- *) Add a large number of documentation files for many SSL routines.
- [Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>]
-
- *) Add a configuration entry for Sony News 4.
- [NAKAJI Hiroyuki <nakaji at tutrp.tut.ac.jp>]
-
- *) Don't set the two most significant bits to one when generating a
- random number < q in the DSA library.
- [Ulf Möller]
-
- *) New SSL API mode 'SSL_MODE_AUTO_RETRY'. This disables the default
- behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if
- the underlying transport is blocking) if a handshake took place.
- (The default behaviour is needed by applications such as s_client
- and s_server that use select() to determine when to use SSL_read;
- but for applications that know in advance when to expect data, it
- just makes things more complicated.)
- [Bodo Moeller]
-
- *) Add RAND_egd_bytes(), which gives control over the number of bytes read
- from EGD.
- [Ben Laurie]
-
- *) Add a few more EBCDIC conditionals that make `req' and `x509'
- work better on such systems.
- [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>]
-
- *) Add two demo programs for PKCS12_parse() and PKCS12_create().
- Update PKCS12_parse() so it copies the friendlyName and the
- keyid to the certificates aux info.
- [Steve Henson]
-
- *) Fix bug in PKCS7_verify() which caused an infinite loop
- if there was more than one signature.
- [Sven Uszpelkat <su at celocom.de>]
-
- *) Major change in util/mkdef.pl to include extra information
- about each symbol, as well as presentig variables as well
- as functions. This change means that there's n more need
- to rebuild the .num files when some algorithms are excluded.
- [Richard Levitte]
-
- *) Allow the verify time to be set by an application,
- rather than always using the current time.
- [Steve Henson]
-
- *) Phase 2 verify code reorganisation. The certificate
- verify code now looks up an issuer certificate by a
- number of criteria: subject name, authority key id
- and key usage. It also verifies self signed certificates
- by the same criteria. The main comparison function is
- X509_check_issued() which performs these checks.
-
- Lot of changes were necessary in order to support this
- without completely rewriting the lookup code.
-
- Authority and subject key identifier are now cached.
-
- The LHASH 'certs' is X509_STORE has now been replaced
- by a STACK_OF(X509_OBJECT). This is mainly because an
- LHASH can't store or retrieve multiple objects with
- the same hash value.
-
- As a result various functions (which were all internal
- use only) have changed to handle the new X509_STORE
- structure. This will break anything that messed round
- with X509_STORE internally.
-
- The functions X509_STORE_add_cert() now checks for an
- exact match, rather than just subject name.
-
- The X509_STORE API doesn't directly support the retrieval
- of multiple certificates matching a given criteria, however
- this can be worked round by performing a lookup first
- (which will fill the cache with candidate certificates)
- and then examining the cache for matches. This is probably
- the best we can do without throwing out X509_LOOKUP
- entirely (maybe later...).
-
- The X509_VERIFY_CTX structure has been enhanced considerably.
-
- All certificate lookup operations now go via a get_issuer()
- callback. Although this currently uses an X509_STORE it
- can be replaced by custom lookups. This is a simple way
- to bypass the X509_STORE hackery necessary to make this
- work and makes it possible to use more efficient techniques
- in future. A very simple version which uses a simple
- STACK for its trusted certificate store is also provided
- using X509_STORE_CTX_trusted_stack().
-
- The verify_cb() and verify() callbacks now have equivalents
- in the X509_STORE_CTX structure.
-
- X509_STORE_CTX also has a 'flags' field which can be used
- to customise the verify behaviour.
- [Steve Henson]
-
- *) Add new PKCS#7 signing option PKCS7_NOSMIMECAP which
- excludes S/MIME capabilities.
- [Steve Henson]
-
- *) When a certificate request is read in keep a copy of the
- original encoding of the signed data and use it when outputing
- again. Signatures then use the original encoding rather than
- a decoded, encoded version which may cause problems if the
- request is improperly encoded.
- [Steve Henson]
-
- *) For consistency with other BIO_puts implementations, call
- buffer_write(b, ...) directly in buffer_puts instead of calling
- BIO_write(b, ...).
-
- In BIO_puts, increment b->num_write as in BIO_write.
- [Peter.Sylvester at EdelWeb.fr]
-
- *) Fix BN_mul_word for the case where the word is 0. (We have to use
- BN_zero, we may not return a BIGNUM with an array consisting of
- words set to zero.)
- [Bodo Moeller]
-
- *) Avoid calling abort() from within the library when problems are
- detected, except if preprocessor symbols have been defined
- (such as REF_CHECK, BN_DEBUG etc.).
- [Bodo Moeller]
-
- *) New openssl application 'rsautl'. This utility can be
- used for low level RSA operations. DER public key
- BIO/fp routines also added.
- [Steve Henson]
-
- *) New Configure entry and patches for compiling on QNX 4.
- [Andreas Schneider <andreas at ds3.etech.fh-hamburg.de>]
-
- *) A demo state-machine implementation was sponsored by
- Nuron (http://www.nuron.com/) and is now available in
- demos/state_machine.
- [Ben Laurie]
-
- *) New options added to the 'dgst' utility for signature
- generation and verification.
- [Steve Henson]
-
- *) Unrecognized PKCS#7 content types are now handled via a
- catch all ASN1_TYPE structure. This allows unsupported
- types to be stored as a "blob" and an application can
- encode and decode it manually.
- [Steve Henson]
-
- *) Fix various signed/unsigned issues to make a_strex.c
- compile under VC++.
- [Oscar Jacobsson <oscar.jacobsson at celocom.com>]
-
- *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
- length if passed a buffer. ASN1_INTEGER_to_BN failed
- if passed a NULL BN and its argument was negative.
- [Steve Henson, pointed out by Sven Heiberg <sven at tartu.cyber.ee>]
-
- *) Modification to PKCS#7 encoding routines to output definite
- length encoding. Since currently the whole structures are in
- memory there's not real point in using indefinite length
- constructed encoding. However if OpenSSL is compiled with
- the flag PKCS7_INDEFINITE_ENCODING the old form is used.
- [Steve Henson]
-
- *) Added BIO_vprintf() and BIO_vsnprintf().
- [Richard Levitte]
-
- *) Added more prefixes to parse for in the the strings written
- through a logging bio, to cover all the levels that are available
- through syslog. The prefixes are now:
-
- PANIC, EMERG, EMR => LOG_EMERG
- ALERT, ALR => LOG_ALERT
- CRIT, CRI => LOG_CRIT
- ERROR, ERR => LOG_ERR
- WARNING, WARN, WAR => LOG_WARNING
- NOTICE, NOTE, NOT => LOG_NOTICE
- INFO, INF => LOG_INFO
- DEBUG, DBG => LOG_DEBUG
-
- and as before, if none of those prefixes are present at the
- beginning of the string, LOG_ERR is chosen.
-
- On Win32, the LOG_* levels are mapped according to this:
-
- LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE
- LOG_WARNING => EVENTLOG_WARNING_TYPE
- LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE
-
- [Richard Levitte]
-
- *) Made it possible to reconfigure with just the configuration
- argument "reconf" or "reconfigure". The command line arguments
- are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
- and are retrieved from there when reconfiguring.
- [Richard Levitte]
-
- *) MD4 implemented.
- [Assar Westerlund <assar at sics.se>, Richard Levitte]
-
- *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
- [Richard Levitte]
-
- *) The obj_dat.pl script was messing up the sorting of object
- names. The reason was that it compared the quoted version
- of strings as a result "OCSP" > "OCSP Signing" because
- " > SPACE. Changed script to store unquoted versions of
- names and add quotes on output. It was also omitting some
- names from the lookup table if they were given a default
- value (that is if SN is missing it is given the same
- value as LN and vice versa), these are now added on the
- grounds that if an object has a name we should be able to
- look it up. Finally added warning output when duplicate
- short or long names are found.
- [Steve Henson]
-
- *) Changes needed for Tandem NSK.
- [Scott Uroff <scott at xypro.com>]
-
- *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
- RSA_padding_check_SSLv23(), special padding was never detected
- and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
- version rollback attacks was not effective.
-
- In s23_clnt.c, don't use special rollback-attack detection padding
- (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
- client; similarly, in s23_srvr.c, don't do the rollback check if
- SSL 2.0 is the only protocol enabled in the server.
- [Bodo Moeller]
-
- *) Make it possible to get hexdumps of unprintable data with 'openssl
- asn1parse'. By implication, the functions ASN1_parse_dump() and
- BIO_dump_indent() are added.
- [Richard Levitte]
-
- *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
- these print out strings and name structures based on various
- flags including RFC2253 support and proper handling of
- multibyte characters. Added options to the 'x509' utility
- to allow the various flags to be set.
- [Steve Henson]
-
- *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
- Also change the functions X509_cmp_current_time() and
- X509_gmtime_adj() work with an ASN1_TIME structure,
- this will enable certificates using GeneralizedTime in validity
- dates to be checked.
- [Steve Henson]
-
- *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
- negative public key encodings) on by default,
- NO_NEG_PUBKEY_BUG can be set to disable it.
- [Steve Henson]
-
- *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
- content octets. An i2c_ASN1_OBJECT is unnecessary because
- the encoding can be trivially obtained from the structure.
- [Steve Henson]
-
- *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
- not read locks (CRYPTO_r_[un]lock).
- [Bodo Moeller]
-
- *) A first attempt at creating official support for shared
- libraries through configuration. I've kept it so the
- default is static libraries only, and the OpenSSL programs
- are always statically linked for now, but there are
- preparations for dynamic linking in place.
- This has been tested on Linux and Tru64.
- [Richard Levitte]
-
- *) Randomness polling function for Win9x, as described in:
- Peter Gutmann, Software Generation of Practically Strong
- Random Numbers.
- [Ulf Möller]
-
- *) Fix so PRNG is seeded in req if using an already existing
- DSA key.
- [Steve Henson]
-
- *) New options to smime application. -inform and -outform
- allow alternative formats for the S/MIME message including
- PEM and DER. The -content option allows the content to be
- specified separately. This should allow things like Netscape
- form signing output easier to verify.
- [Steve Henson]
-
- *) Fix the ASN1 encoding of tags using the 'long form'.
- [Steve Henson]
-
- *) New ASN1 functions, i2c_* and c2i_* for INTEGER and BIT
- STRING types. These convert content octets to and from the
- underlying type. The actual tag and length octets are
- already assumed to have been read in and checked. These
- are needed because all other string types have virtually
- identical handling apart from the tag. By having versions
- of the ASN1 functions that just operate on content octets
- IMPLICIT tagging can be handled properly. It also allows
- the ASN1_ENUMERATED code to be cut down because ASN1_ENUMERATED
- and ASN1_INTEGER are identical apart from the tag.
- [Steve Henson]
-
- *) Change the handling of OID objects as follows:
-
- - New object identifiers are inserted in objects.txt, following
- the syntax given in objects.README.
- - objects.pl is used to process obj_mac.num and create a new
- obj_mac.h.
- - obj_dat.pl is used to create a new obj_dat.h, using the data in
- obj_mac.h.
-
- This is currently kind of a hack, and the perl code in objects.pl
- isn't very elegant, but it works as I intended. The simplest way
- to check that it worked correctly is to look in obj_dat.h and
- check the array nid_objs and make sure the objects haven't moved
- around (this is important!). Additions are OK, as well as
- consistent name changes.
- [Richard Levitte]
-
- *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
- [Bodo Moeller]
-
- *) Addition of the command line parameter '-rand file' to 'openssl req'.
- The given file adds to whatever has already been seeded into the
- random pool through the RANDFILE configuration file option or
- environment variable, or the default random state file.
- [Richard Levitte]
-
- *) mkstack.pl now sorts each macro group into lexical order.
- Previously the output order depended on the order the files
- appeared in the directory, resulting in needless rewriting
- of safestack.h .
- [Steve Henson]
-
- *) Patches to make OpenSSL compile under Win32 again. Mostly
- work arounds for the VC++ problem that it treats func() as
- func(void). Also stripped out the parts of mkdef.pl that
- added extra typesafe functions: these no longer exist.
- [Steve Henson]
-
- *) Reorganisation of the stack code. The macros are now all
- collected in safestack.h . Each macro is defined in terms of
- a "stack macro" of the form SKM_<name>(type, a, b). The
- DEBUG_SAFESTACK is now handled in terms of function casts,
- this has the advantage of retaining type safety without the
- use of additional functions. If DEBUG_SAFESTACK is not defined
- then the non typesafe macros are used instead. Also modified the
- mkstack.pl script to handle the new form. Needs testing to see
- if which (if any) compilers it chokes and maybe make DEBUG_SAFESTACK
- the default if no major problems. Similar behaviour for ASN1_SET_OF
- and PKCS12_STACK_OF.
- [Steve Henson]
-
- *) When some versions of IIS use the 'NET' form of private key the
- key derivation algorithm is different. Normally MD5(password) is
- used as a 128 bit RC4 key. In the modified case
- MD5(MD5(password) + "SGCKEYSALT") is used insted. Added some
- new functions i2d_RSA_NET(), d2i_RSA_NET() etc which are the same
- as the old Netscape_RSA functions except they have an additional
- 'sgckey' parameter which uses the modified algorithm. Also added
- an -sgckey command line option to the rsa utility. Thanks to
- Adrian Peck <bertie at ncipher.com> for posting details of the modified
- algorithm to openssl-dev.
- [Steve Henson]
-
- *) The evp_local.h macros were using 'c.##kname' which resulted in
- invalid expansion on some systems (SCO 5.0.5 for example).
- Corrected to 'c.kname'.
- [Phillip Porch <root at theporch.com>]
-
- *) New X509_get1_email() and X509_REQ_get1_email() functions that return
- a STACK of email addresses from a certificate or request, these look
- in the subject name and the subject alternative name extensions and
- omit any duplicate addresses.
- [Steve Henson]
-
- *) Re-implement BN_mod_exp2_mont using independent (and larger) windows.
- This makes DSA verification about 2 % faster.
- [Bodo Moeller]
-
- *) Increase maximum window size in BN_mod_exp_... to 6 bits instead of 5
- (meaning that now 2^5 values will be precomputed, which is only 4 KB
- plus overhead for 1024 bit moduli).
- This makes exponentiations about 0.5 % faster for 1024 bit
- exponents (as measured by "openssl speed rsa2048").
- [Bodo Moeller]
-
- *) Rename memory handling macros to avoid conflicts with other
- software:
- Malloc => OPENSSL_malloc
- Malloc_locked => OPENSSL_malloc_locked
- Realloc => OPENSSL_realloc
- Free => OPENSSL_free
- [Richard Levitte]
-
- *) New function BN_mod_exp_mont_word for small bases (roughly 15%
- faster than BN_mod_exp_mont, i.e. 7% for a full DH exchange).
- [Bodo Moeller]
-
- *) CygWin32 support.
- [John Jarvie <jjarvie at newsguy.com>]
-
- *) The type-safe stack code has been rejigged. It is now only compiled
- in when OpenSSL is configured with the DEBUG_SAFESTACK option and
- by default all type-specific stack functions are "#define"d back to
- standard stack functions. This results in more streamlined output
- but retains the type-safety checking possibilities of the original
- approach.
- [Geoff Thorpe]
-
- *) The STACK code has been cleaned up, and certain type declarations
- that didn't make a lot of sense have been brought in line. This has
- also involved a cleanup of sorts in safestack.h to more correctly
- map type-safe stack functions onto their plain stack counterparts.
- This work has also resulted in a variety of "const"ifications of
- lots of the code, especially "_cmp" operations which should normally
- be prototyped with "const" parameters anyway.
- [Geoff Thorpe]
-
- *) When generating bytes for the first time in md_rand.c, 'stir the pool'
- by seeding with STATE_SIZE dummy bytes (with zero entropy count).
- (The PRNG state consists of two parts, the large pool 'state' and 'md',
- where all of 'md' is used each time the PRNG is used, but 'state'
- is used only indexed by a cyclic counter. As entropy may not be
- well distributed from the beginning, 'md' is important as a
- chaining variable. However, the output function chains only half
- of 'md', i.e. 80 bits. ssleay_rand_add, on the other hand, chains
- all of 'md', and seeding with STATE_SIZE dummy bytes will result
- in all of 'state' being rewritten, with the new values depending
- on virtually all of 'md'. This overcomes the 80 bit limitation.)
- [Bodo Moeller]
-
- *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when
- the handshake is continued after ssl_verify_cert_chain();
- otherwise, if SSL_VERIFY_NONE is set, remaining error codes
- can lead to 'unexplainable' connection aborts later.
- [Bodo Moeller; problem tracked down by Lutz Jaenicke]
-
- *) Major EVP API cipher revision.
- Add hooks for extra EVP features. This allows various cipher
- parameters to be set in the EVP interface. Support added for variable
- key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and
- setting of RC2 and RC5 parameters.
-
- Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length
- ciphers.
-
- Remove lots of duplicated code from the EVP library. For example *every*
- cipher init() function handles the 'iv' in the same way according to the
- cipher mode. They also all do nothing if the 'key' parameter is NULL and
- for CFB and OFB modes they zero ctx->num.
-
- New functionality allows removal of S/MIME code RC2 hack.
-
- Most of the routines have the same form and so can be declared in terms
- of macros.
-
- By shifting this to the top level EVP_CipherInit() it can be removed from
- all individual ciphers. If the cipher wants to handle IVs or keys
- differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT
- flags.
-
- Change lots of functions like EVP_EncryptUpdate() to now return a
- value: although software versions of the algorithms cannot fail
- any installed hardware versions can.
- [Steve Henson]
-
- *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if
- this option is set, tolerate broken clients that send the negotiated
- protocol version number instead of the requested protocol version
- number.
- [Bodo Moeller]
-
- *) Call dh_tmp_cb (set by ..._TMP_DH_CB) with correct 'is_export' flag;
- i.e. non-zero for export ciphersuites, zero otherwise.
- Previous versions had this flag inverted, inconsistent with
- rsa_tmp_cb (..._TMP_RSA_CB).
- [Bodo Moeller; problem reported by Amit Chopra]
-
- *) Add missing DSA library text string. Work around for some IIS
- key files with invalid SEQUENCE encoding.
- [Steve Henson]
-
- *) Add a document (doc/standards.txt) that list all kinds of standards
- and so on that are implemented in OpenSSL.
- [Richard Levitte]
-
- *) Enhance c_rehash script. Old version would mishandle certificates
- with the same subject name hash and wouldn't handle CRLs at all.
- Added -fingerprint option to crl utility, to support new c_rehash
- features.
- [Steve Henson]
-
- *) Eliminate non-ANSI declarations in crypto.h and stack.h.
- [Ulf Möller]
-
- *) Fix for SSL server purpose checking. Server checking was
- rejecting certificates which had extended key usage present
- but no ssl client purpose.
- [Steve Henson, reported by Rene Grosser <grosser at hisolutions.com>]
-
- *) Make PKCS#12 code work with no password. The PKCS#12 spec
- is a little unclear about how a blank password is handled.
- Since the password in encoded as a BMPString with terminating
- double NULL a zero length password would end up as just the
- double NULL. However no password at all is different and is
- handled differently in the PKCS#12 key generation code. NS
- treats a blank password as zero length. MSIE treats it as no
- password on export: but it will try both on import. We now do
- the same: PKCS12_parse() tries zero length and no password if
- the password is set to "" or NULL (NULL is now a valid password:
- it wasn't before) as does the pkcs12 application.
- [Steve Henson]
-
- *) Bugfixes in apps/x509.c: Avoid a memory leak; and don't use
- perror when PEM_read_bio_X509_REQ fails, the error message must
- be obtained from the error queue.
- [Bodo Moeller]
-
- *) Avoid 'thread_hash' memory leak in crypto/err/err.c by freeing
- it in ERR_remove_state if appropriate, and change ERR_get_state
- accordingly to avoid race conditions (this is necessary because
- thread_hash is no longer constant once set).
- [Bodo Moeller]
-
- *) Bugfix for linux-elf makefile.one.
- [Ulf Möller]
-
- *) RSA_get_default_method() will now cause a default
- RSA_METHOD to be chosen if one doesn't exist already.
- Previously this was only set during a call to RSA_new()
- or RSA_new_method(NULL) meaning it was possible for
- RSA_get_default_method() to return NULL.
- [Geoff Thorpe]
-
- *) Added native name translation to the existing DSO code
- that will convert (if the flag to do so is set) filenames
- that are sufficiently small and have no path information
- into a canonical native form. Eg. "blah" converted to
- "libblah.so" or "blah.dll" etc.
- [Geoff Thorpe]
-
- *) New function ERR_error_string_n(e, buf, len) which is like
- ERR_error_string(e, buf), but writes at most 'len' bytes
- including the 0 terminator. For ERR_error_string_n, 'buf'
- may not be NULL.
- [Damien Miller <djm at mindrot.org>, Bodo Moeller]
-
- *) CONF library reworked to become more general. A new CONF
- configuration file reader "class" is implemented as well as a
- new functions (NCONF_*, for "New CONF") to handle it. The now
- old CONF_* functions are still there, but are reimplemented to
- work in terms of the new functions. Also, a set of functions
- to handle the internal storage of the configuration data is
- provided to make it easier to write new configuration file
- reader "classes" (I can definitely see something reading a
- configuration file in XML format, for example), called _CONF_*,
- or "the configuration storage API"...
-
- The new configuration file reading functions are:
-
- NCONF_new, NCONF_free, NCONF_load, NCONF_load_fp, NCONF_load_bio,
- NCONF_get_section, NCONF_get_string, NCONF_get_numbre
-
- NCONF_default, NCONF_WIN32
-
- NCONF_dump_fp, NCONF_dump_bio
-
- NCONF_default and NCONF_WIN32 are method (or "class") choosers,
- NCONF_new creates a new CONF object. This works in the same way
- as other interfaces in OpenSSL, like the BIO interface.
- NCONF_dump_* dump the internal storage of the configuration file,
- which is useful for debugging. All other functions take the same
- arguments as the old CONF_* functions wth the exception of the
- first that must be a `CONF *' instead of a `LHASH *'.
-
- To make it easer to use the new classes with the old CONF_* functions,
- the function CONF_set_default_method is provided.
- [Richard Levitte]
-
- *) Add '-tls1' option to 'openssl ciphers', which was already
- mentioned in the documentation but had not been implemented.
- (This option is not yet really useful because even the additional
- experimental TLS 1.0 ciphers are currently treated as SSL 3.0 ciphers.)
- [Bodo Moeller]
-
- *) Initial DSO code added into libcrypto for letting OpenSSL (and
- OpenSSL-based applications) load shared libraries and bind to
- them in a portable way.
- [Geoff Thorpe, with contributions from Richard Levitte]
-
- Changes between 0.9.5 and 0.9.5a [1 Apr 2000]
-
- *) Make sure _lrotl and _lrotr are only used with MSVC.
-
- *) Use lock CRYPTO_LOCK_RAND correctly in ssleay_rand_status
- (the default implementation of RAND_status).
-
- *) Rename openssl x509 option '-crlext', which was added in 0.9.5,
- to '-clrext' (= clear extensions), as intended and documented.
- [Bodo Moeller; inconsistency pointed out by Michael Attili
- <attili at amaxo.com>]
-
- *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length
- was larger than the MD block size.
- [Steve Henson, pointed out by Yost William <YostW at tce.com>]
-
- *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
- fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
- using the passed key: if the passed key was a private key the result
- of X509_print(), for example, would be to print out all the private key
- components.
- [Steve Henson]
-
- *) des_quad_cksum() byte order bug fix.
- [Ulf Möller, using the problem description in krb4-0.9.7, where
- the solution is attributed to Derrick J Brashear <shadow at DEMENTIA.ORG>]
-
- *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly
- discouraged.
- [Steve Henson, pointed out by Brian Korver <briank at cs.stanford.edu>]
-
- *) For easily testing in shell scripts whether some command
- 'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
- returns with exit code 0 iff no command of the given name is available.
- 'no-XXX' is printed in this case, 'XXX' otherwise. In both cases,
- the output goes to stdout and nothing is printed to stderr.
- Additional arguments are always ignored.
-
- Since for each cipher there is a command of the same name,
- the 'no-cipher' compilation switches can be tested this way.
-
- ('openssl no-XXX' is not able to detect pseudo-commands such
- as 'quit', 'list-XXX-commands', or 'no-XXX' itself.)
- [Bodo Moeller]
-
- *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
- [Bodo Moeller]
-
- *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
- is set; it will be thrown away anyway because each handshake creates
- its own key.
- ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition
- to parameters -- in previous versions (since OpenSSL 0.9.3) the
- 'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining
- you effectivly got SSL_OP_SINGLE_DH_USE when using this macro.
- [Bodo Moeller]
-
- *) New s_client option -ign_eof: EOF at stdin is ignored, and
- 'Q' and 'R' lose their special meanings (quit/renegotiate).
- This is part of what -quiet does; unlike -quiet, -ign_eof
- does not suppress any output.
- [Richard Levitte]
-
- *) Add compatibility options to the purpose and trust code. The
- purpose X509_PURPOSE_ANY is "any purpose" which automatically
- accepts a certificate or CA, this was the previous behaviour,
- with all the associated security issues.
-
- X509_TRUST_COMPAT is the old trust behaviour: only and
- automatically trust self signed roots in certificate store. A
- new trust setting X509_TRUST_DEFAULT is used to specify that
- a purpose has no associated trust setting and it should instead
- use the value in the default purpose.
- [Steve Henson]
-
- *) Fix the PKCS#8 DSA private key code so it decodes keys again
- and fix a memory leak.
- [Steve Henson]
-
- *) In util/mkerr.pl (which implements 'make errors'), preserve
- reason strings from the previous version of the .c file, as
- the default to have only downcase letters (and digits) in
- automatically generated reasons codes is not always appropriate.
- [Bodo Moeller]
-
- *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table
- using strerror. Previously, ERR_reason_error_string() returned
- library names as reason strings for SYSerr; but SYSerr is a special
- case where small numbers are errno values, not library numbers.
- [Bodo Moeller]
-
- *) Add '-dsaparam' option to 'openssl dhparam' application. This
- converts DSA parameters into DH parameters. (When creating parameters,
- DSA_generate_parameters is used.)
- [Bodo Moeller]
-
- *) Include 'length' (recommended exponent length) in C code generated
- by 'openssl dhparam -C'.
- [Bodo Moeller]
-
- *) The second argument to set_label in perlasm was already being used
- so couldn't be used as a "file scope" flag. Moved to third argument
- which was free.
- [Steve Henson]
-
- *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
- instead of RAND_bytes for encryption IVs and salts.
- [Bodo Moeller]
-
- *) Include RAND_status() into RAND_METHOD instead of implementing
- it only for md_rand.c Otherwise replacing the PRNG by calling
- RAND_set_rand_method would be impossible.
- [Bodo Moeller]
-
- *) Don't let DSA_generate_key() enter an infinite loop if the random
- number generation fails.
- [Bodo Moeller]
-
- *) New 'rand' application for creating pseudo-random output.
- [Bodo Moeller]
-
- *) Added configuration support for Linux/IA64
- [Rolf Haberrecker <rolf at suse.de>]
-
- *) Assembler module support for Mingw32.
- [Ulf Möller]
-
- *) Shared library support for HPUX (in shlib/).
- [Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE> and Anonymous]
-
- *) Shared library support for Solaris gcc.
- [Lutz Behnke <behnke at trustcenter.de>]
-
- Changes between 0.9.4 and 0.9.5 [28 Feb 2000]
-
- *) PKCS7_encrypt() was adding text MIME headers twice because they
- were added manually and by SMIME_crlf_copy().
- [Steve Henson]
-
- *) In bntest.c don't call BN_rand with zero bits argument.
- [Steve Henson, pointed out by Andrew W. Gray <agray at iconsinc.com>]
-
- *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n]
- case was implemented. This caused BN_div_recp() to fail occasionally.
- [Ulf Möller]
-
- *) Add an optional second argument to the set_label() in the perl
- assembly language builder. If this argument exists and is set
- to 1 it signals that the assembler should use a symbol whose
- scope is the entire file, not just the current function. This
- is needed with MASM which uses the format label:: for this scope.
- [Steve Henson, pointed out by Peter Runestig <peter at runestig.com>]
-
- *) Change the ASN1 types so they are typedefs by default. Before
- almost all types were #define'd to ASN1_STRING which was causing
- STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING)
- for example.
- [Steve Henson]
-
- *) Change names of new functions to the new get1/get0 naming
- convention: After 'get1', the caller owns a reference count
- and has to call ..._free; 'get0' returns a pointer to some
- data structure without incrementing reference counters.
- (Some of the existing 'get' functions increment a reference
- counter, some don't.)
- Similarly, 'set1' and 'add1' functions increase reference
- counters or duplicate objects.
- [Steve Henson]
-
- *) Allow for the possibility of temp RSA key generation failure:
- the code used to assume it always worked and crashed on failure.
- [Steve Henson]
-
- *) Fix potential buffer overrun problem in BIO_printf().
- [Ulf Möller, using public domain code by Patrick Powell; problem
- pointed out by David Sacerdote <das33 at cornell.edu>]
-
- *) Support EGD <http://www.lothar.com/tech/crypto/>. New functions
- RAND_egd() and RAND_status(). In the command line application,
- the EGD socket can be specified like a seed file using RANDFILE
- or -rand.
- [Ulf Möller]
-
- *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures.
- Some CAs (e.g. Verisign) distribute certificates in this form.
- [Steve Henson]
-
- *) Remove the SSL_ALLOW_ADH compile option and set the default cipher
- list to exclude them. This means that no special compilation option
- is needed to use anonymous DH: it just needs to be included in the
- cipher list.
- [Steve Henson]
-
- *) Change the EVP_MD_CTX_type macro so its meaning consistent with
- EVP_MD_type. The old functionality is available in a new macro called
- EVP_MD_md(). Change code that uses it and update docs.
- [Steve Henson]
-
- *) ..._ctrl functions now have corresponding ..._callback_ctrl functions
- where the 'void *' argument is replaced by a function pointer argument.
- Previously 'void *' was abused to point to functions, which works on
- many platforms, but is not correct. As these functions are usually
- called by macros defined in OpenSSL header files, most source code
- should work without changes.
- [Richard Levitte]
-
- *) <openssl/opensslconf.h> (which is created by Configure) now contains
- sections with information on -D... compiler switches used for
- compiling the library so that applications can see them. To enable
- one of these sections, a pre-processor symbol OPENSSL_..._DEFINES
- must be defined. E.g.,
- #define OPENSSL_ALGORITHM_DEFINES
- #include <openssl/opensslconf.h>
- defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc.
- [Richard Levitte, Ulf and Bodo Möller]
-
- *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS
- record layer.
- [Bodo Moeller]
-
- *) Change the 'other' type in certificate aux info to a STACK_OF
- X509_ALGOR. Although not an AlgorithmIdentifier as such it has
- the required ASN1 format: arbitrary types determined by an OID.
- [Steve Henson]
-
- *) Add some PEM_write_X509_REQ_NEW() functions and a command line
- argument to 'req'. This is not because the function is newer or
- better than others it just uses the work 'NEW' in the certificate
- request header lines. Some software needs this.
- [Steve Henson]
-
- *) Reorganise password command line arguments: now passwords can be
- obtained from various sources. Delete the PEM_cb function and make
- it the default behaviour: i.e. if the callback is NULL and the
- usrdata argument is not NULL interpret it as a null terminated pass
- phrase. If usrdata and the callback are NULL then the pass phrase
- is prompted for as usual.
- [Steve Henson]
-
- *) Add support for the Compaq Atalla crypto accelerator. If it is installed,
- the support is automatically enabled. The resulting binaries will
- autodetect the card and use it if present.
- [Ben Laurie and Compaq Inc.]
-
- *) Work around for Netscape hang bug. This sends certificate request
- and server done in one record. Since this is perfectly legal in the
- SSL/TLS protocol it isn't a "bug" option and is on by default. See
- the bugs/SSLv3 entry for more info.
- [Steve Henson]
-
- *) HP-UX tune-up: new unified configs, HP C compiler bug workaround.
- [Andy Polyakov]
-
- *) Add -rand argument to smime and pkcs12 applications and read/write
- of seed file.
- [Steve Henson]
-
- *) New 'passwd' tool for crypt(3) and apr1 password hashes.
- [Bodo Moeller]
-
- *) Add command line password options to the remaining applications.
- [Steve Henson]
-
- *) Bug fix for BN_div_recp() for numerators with an even number of
- bits.
- [Ulf Möller]
-
- *) More tests in bntest.c, and changed test_bn output.
- [Ulf Möller]
-
- *) ./config recognizes MacOS X now.
- [Andy Polyakov]
-
- *) Bug fix for BN_div() when the first words of num and divsor are
- equal (it gave wrong results if (rem=(n1-q*d0)&BN_MASK2) < d0).
- [Ulf Möller]
-
- *) Add support for various broken PKCS#8 formats, and command line
- options to produce them.
- [Steve Henson]
-
- *) New functions BN_CTX_start(), BN_CTX_get() and BT_CTX_end() to
- get temporary BIGNUMs from a BN_CTX.
- [Ulf Möller]
-
- *) Correct return values in BN_mod_exp_mont() and BN_mod_exp2_mont()
- for p == 0.
- [Ulf Möller]
-
- *) Change the SSLeay_add_all_*() functions to OpenSSL_add_all_*() and
- include a #define from the old name to the new. The original intent
- was that statically linked binaries could for example just call
- SSLeay_add_all_ciphers() to just add ciphers to the table and not
- link with digests. This never worked becayse SSLeay_add_all_digests()
- and SSLeay_add_all_ciphers() were in the same source file so calling
- one would link with the other. They are now in separate source files.
- [Steve Henson]
-
- *) Add a new -notext option to 'ca' and a -pubkey option to 'spkac'.
- [Steve Henson]
-
- *) Use a less unusual form of the Miller-Rabin primality test (it used
- a binary algorithm for exponentiation integrated into the Miller-Rabin
- loop, our standard modexp algorithms are faster).
- [Bodo Moeller]
-
- *) Support for the EBCDIC character set completed.
- [Martin Kraemer <Martin.Kraemer at Mch.SNI.De>]
-
- *) Source code cleanups: use const where appropriate, eliminate casts,
- use void * instead of char * in lhash.
- [Ulf Möller]
-
- *) Bugfix: ssl3_send_server_key_exchange was not restartable
- (the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of
- this the server could overwrite ephemeral keys that the client
- has already seen).
- [Bodo Moeller]
-
- *) Turn DSA_is_prime into a macro that calls BN_is_prime,
- using 50 iterations of the Rabin-Miller test.
-
- DSA_generate_parameters now uses BN_is_prime_fasttest (with 50
- iterations of the Rabin-Miller test as required by the appendix
- to FIPS PUB 186[-1]) instead of DSA_is_prime.
- As BN_is_prime_fasttest includes trial division, DSA parameter
- generation becomes much faster.
-
- This implies a change for the callback functions in DSA_is_prime
- and DSA_generate_parameters: The callback function is called once
- for each positive witness in the Rabin-Miller test, not just
- occasionally in the inner loop; and the parameters to the
- callback function now provide an iteration count for the outer
- loop rather than for the current invocation of the inner loop.
- DSA_generate_parameters additionally can call the callback
- function with an 'iteration count' of -1, meaning that a
- candidate has passed the trial division test (when q is generated
- from an application-provided seed, trial division is skipped).
- [Bodo Moeller]
-
- *) New function BN_is_prime_fasttest that optionally does trial
- division before starting the Rabin-Miller test and has
- an additional BN_CTX * argument (whereas BN_is_prime always
- has to allocate at least one BN_CTX).
- 'callback(1, -1, cb_arg)' is called when a number has passed the
- trial division stage.
- [Bodo Moeller]
-
- *) Fix for bug in CRL encoding. The validity dates weren't being handled
- as ASN1_TIME.
- [Steve Henson]
-
- *) New -pkcs12 option to CA.pl script to write out a PKCS#12 file.
- [Steve Henson]
-
- *) New function BN_pseudo_rand().
- [Ulf Möller]
-
- *) Clean up BN_mod_mul_montgomery(): replace the broken (and unreadable)
- bignum version of BN_from_montgomery() with the working code from
- SSLeay 0.9.0 (the word based version is faster anyway), and clean up
- the comments.
- [Ulf Möller]
-
- *) Avoid a race condition in s2_clnt.c (function get_server_hello) that
- made it impossible to use the same SSL_SESSION data structure in
- SSL2 clients in multiple threads.
- [Bodo Moeller]
-
- *) The return value of RAND_load_file() no longer counts bytes obtained
- by stat(). RAND_load_file(..., -1) is new and uses the complete file
- to seed the PRNG (previously an explicit byte count was required).
- [Ulf Möller, Bodo Möller]
-
- *) Clean up CRYPTO_EX_DATA functions, some of these didn't have prototypes
- used (char *) instead of (void *) and had casts all over the place.
- [Steve Henson]
-
- *) Make BN_generate_prime() return NULL on error if ret!=NULL.
- [Ulf Möller]
-
- *) Retain source code compatibility for BN_prime_checks macro:
- BN_is_prime(..., BN_prime_checks, ...) now uses
- BN_prime_checks_for_size to determine the appropriate number of
- Rabin-Miller iterations.
- [Ulf Möller]
-
- *) Diffie-Hellman uses "safe" primes: DH_check() return code renamed to
- DH_CHECK_P_NOT_SAFE_PRIME.
- (Check if this is true? OpenPGP calls them "strong".)
- [Ulf Möller]
-
- *) Merge the functionality of "dh" and "gendh" programs into a new program
- "dhparam". The old programs are retained for now but will handle DH keys
- (instead of parameters) in future.
- [Steve Henson]
-
- *) Make the ciphers, s_server and s_client programs check the return values
- when a new cipher list is set.
- [Steve Henson]
-
- *) Enhance the SSL/TLS cipher mechanism to correctly handle the TLS 56bit
- ciphers. Before when the 56bit ciphers were enabled the sorting was
- wrong.
-
- The syntax for the cipher sorting has been extended to support sorting by
- cipher-strength (using the strength_bits hard coded in the tables).
- The new command is "@STRENGTH" (see also doc/apps/ciphers.pod).
-
- Fix a bug in the cipher-command parser: when supplying a cipher command
- string with an "undefined" symbol (neither command nor alphanumeric
- [A-Za-z0-9], ssl_set_cipher_list used to hang in an endless loop. Now
- an error is flagged.
-
- Due to the strength-sorting extension, the code of the
- ssl_create_cipher_list() function was completely rearranged. I hope that
- the readability was also increased :-)
- [Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>]
-
- *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1
- for the first serial number and places 2 in the serial number file. This
- avoids problems when the root CA is created with serial number zero and
- the first user certificate has the same issuer name and serial number
- as the root CA.
- [Steve Henson]
-
- *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses
- the new code. Add documentation for this stuff.
- [Steve Henson]
-
- *) Changes to X509_ATTRIBUTE utilities. These have been renamed from
- X509_*() to X509at_*() on the grounds that they don't handle X509
- structures and behave in an analagous way to the X509v3 functions:
- they shouldn't be called directly but wrapper functions should be used
- instead.
-
- So we also now have some wrapper functions that call the X509at functions
- when passed certificate requests. (TO DO: similar things can be done with
- PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other
- things. Some of these need some d2i or i2d and print functionality
- because they handle more complex structures.)
- [Steve Henson]
-
- *) Add missing #ifndefs that caused missing symbols when building libssl
- as a shared library without RSA. Use #ifndef NO_SSL2 instead of
- NO_RSA in ssl/s2*.c.
- [Kris Kennaway <kris at hub.freebsd.org>, modified by Ulf Möller]
-
- *) Precautions against using the PRNG uninitialized: RAND_bytes() now
- has a return value which indicates the quality of the random data
- (1 = ok, 0 = not seeded). Also an error is recorded on the thread's
- error queue. New function RAND_pseudo_bytes() generates output that is
- guaranteed to be unique but not unpredictable. RAND_add is like
- RAND_seed, but takes an extra argument for an entropy estimate
- (RAND_seed always assumes full entropy).
- [Ulf Möller]
-
- *) Do more iterations of Rabin-Miller probable prime test (specifically,
- 3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
- instead of only 2 for all lengths; see BN_prime_checks_for_size definition
- in crypto/bn/bn_prime.c for the complete table). This guarantees a
- false-positive rate of at most 2^-80 for random input.
- [Bodo Moeller]
-
- *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs.
- [Bodo Moeller]
-
- *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain
- in the 0.9.5 release), this returns the chain
- from an X509_CTX structure with a dup of the stack and all
- the X509 reference counts upped: so the stack will exist
- after X509_CTX_cleanup() has been called. Modify pkcs12.c
- to use this.
-
- Also make SSL_SESSION_print() print out the verify return
- code.
- [Steve Henson]
-
- *) Add manpage for the pkcs12 command. Also change the default
- behaviour so MAC iteration counts are used unless the new
- -nomaciter option is used. This improves file security and
- only older versions of MSIE (4.0 for example) need it.
- [Steve Henson]
-
- *) Honor the no-xxx Configure options when creating .DEF files.
- [Ulf Möller]
-
- *) Add PKCS#10 attributes to field table: challengePassword,
- unstructuredName and unstructuredAddress. These are taken from
- draft PKCS#9 v2.0 but are compatible with v1.2 provided no
- international characters are used.
-
- More changes to X509_ATTRIBUTE code: allow the setting of types
- based on strings. Remove the 'loc' parameter when adding
- attributes because these will be a SET OF encoding which is sorted
- in ASN1 order.
- [Steve Henson]
-
- *) Initial changes to the 'req' utility to allow request generation
- automation. This will allow an application to just generate a template
- file containing all the field values and have req construct the
- request.
-
- Initial support for X509_ATTRIBUTE handling. Stacks of these are
- used all over the place including certificate requests and PKCS#7
- structures. They are currently handled manually where necessary with
- some primitive wrappers for PKCS#7. The new functions behave in a
- manner analogous to the X509 extension functions: they allow
- attributes to be looked up by NID and added.
-
- Later something similar to the X509V3 code would be desirable to
- automatically handle the encoding, decoding and printing of the
- more complex types. The string types like challengePassword can
- be handled by the string table functions.
-
- Also modified the multi byte string table handling. Now there is
- a 'global mask' which masks out certain types. The table itself
- can use the flag STABLE_NO_MASK to ignore the mask setting: this
- is useful when for example there is only one permissible type
- (as in countryName) and using the mask might result in no valid
- types at all.
- [Steve Henson]
-
- *) Clean up 'Finished' handling, and add functions SSL_get_finished and
- SSL_get_peer_finished to allow applications to obtain the latest
- Finished messages sent to the peer or expected from the peer,
- respectively. (SSL_get_peer_finished is usually the Finished message
- actually received from the peer, otherwise the protocol will be aborted.)
-
- As the Finished message are message digests of the complete handshake
- (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
- be used for external authentication procedures when the authentication
- provided by SSL/TLS is not desired or is not enough.
- [Bodo Moeller]
-
- *) Enhanced support for Alpha Linux is added. Now ./config checks if
- the host supports BWX extension and if Compaq C is present on the
- $PATH. Just exploiting of the BWX extension results in 20-30%
- performance kick for some algorithms, e.g. DES and RC4 to mention
- a couple. Compaq C in turn generates ~20% faster code for MD5 and
- SHA1.
- [Andy Polyakov]
-
- *) Add support for MS "fast SGC". This is arguably a violation of the
- SSL3/TLS protocol. Netscape SGC does two handshakes: the first with
- weak crypto and after checking the certificate is SGC a second one
- with strong crypto. MS SGC stops the first handshake after receiving
- the server certificate message and sends a second client hello. Since
- a server will typically do all the time consuming operations before
- expecting any further messages from the client (server key exchange
- is the most expensive) there is little difference between the two.
-
- To get OpenSSL to support MS SGC we have to permit a second client
- hello message after we have sent server done. In addition we have to
- reset the MAC if we do get this second client hello.
- [Steve Henson]
-
- *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide
- if a DER encoded private key is RSA or DSA traditional format. Changed
- d2i_PrivateKey_bio() to use it. This is only needed for the "traditional"
- format DER encoded private key. Newer code should use PKCS#8 format which
- has the key type encoded in the ASN1 structure. Added DER private key
- support to pkcs8 application.
- [Steve Henson]
-
- *) SSL 3/TLS 1 servers now don't request certificates when an anonymous
- ciphersuites has been selected (as required by the SSL 3/TLS 1
- specifications). Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT
- is set, we interpret this as a request to violate the specification
- (the worst that can happen is a handshake failure, and 'correct'
- behaviour would result in a handshake failure anyway).
- [Bodo Moeller]
-
- *) In SSL_CTX_add_session, take into account that there might be multiple
- SSL_SESSION structures with the same session ID (e.g. when two threads
- concurrently obtain them from an external cache).
- The internal cache can handle only one SSL_SESSION with a given ID,
- so if there's a conflict, we now throw out the old one to achieve
- consistency.
- [Bodo Moeller]
-
- *) Add OIDs for idea and blowfish in CBC mode. This will allow both
- to be used in PKCS#5 v2.0 and S/MIME. Also add checking to
- some routines that use cipher OIDs: some ciphers do not have OIDs
- defined and so they cannot be used for S/MIME and PKCS#5 v2.0 for
- example.
- [Steve Henson]
-
- *) Simplify the trust setting structure and code. Now we just have
- two sequences of OIDs for trusted and rejected settings. These will
- typically have values the same as the extended key usage extension
- and any application specific purposes.
-
- The trust checking code now has a default behaviour: it will just
- check for an object with the same NID as the passed id. Functions can
- be provided to override either the default behaviour or the behaviour
- for a given id. SSL client, server and email already have functions
- in place for compatibility: they check the NID and also return "trusted"
- if the certificate is self signed.
- [Steve Henson]
-
- *) Add d2i,i2d bio/fp functions for PrivateKey: these convert the
- traditional format into an EVP_PKEY structure.
- [Steve Henson]
-
- *) Add a password callback function PEM_cb() which either prompts for
- a password if usr_data is NULL or otherwise assumes it is a null
- terminated password. Allow passwords to be passed on command line
- environment or config files in a few more utilities.
- [Steve Henson]
-
- *) Add a bunch of DER and PEM functions to handle PKCS#8 format private
- keys. Add some short names for PKCS#8 PBE algorithms and allow them
- to be specified on the command line for the pkcs8 and pkcs12 utilities.
- Update documentation.
- [Steve Henson]
-
- *) Support for ASN1 "NULL" type. This could be handled before by using
- ASN1_TYPE but there wasn't any function that would try to read a NULL
- and produce an error if it couldn't. For compatibility we also have
- ASN1_NULL_new() and ASN1_NULL_free() functions but these are faked and
- don't allocate anything because they don't need to.
- [Steve Henson]
-
- *) Initial support for MacOS is now provided. Examine INSTALL.MacOS
- for details.
- [Andy Polyakov, Roy Woods <roy at centicsystems.ca>]
-
- *) Rebuild of the memory allocation routines used by OpenSSL code and
- possibly others as well. The purpose is to make an interface that
- provide hooks so anyone can build a separate set of allocation and
- deallocation routines to be used by OpenSSL, for example memory
- pool implementations, or something else, which was previously hard
- since Malloc(), Realloc() and Free() were defined as macros having
- the values malloc, realloc and free, respectively (except for Win32
- compilations). The same is provided for memory debugging code.
- OpenSSL already comes with functionality to find memory leaks, but
- this gives people a chance to debug other memory problems.
-
- With these changes, a new set of functions and macros have appeared:
-
- CRYPTO_set_mem_debug_functions() [F]
- CRYPTO_get_mem_debug_functions() [F]
- CRYPTO_dbg_set_options() [F]
- CRYPTO_dbg_get_options() [F]
- CRYPTO_malloc_debug_init() [M]
-
- The memory debug functions are NULL by default, unless the library
- is compiled with CRYPTO_MDEBUG or friends is defined. If someone
- wants to debug memory anyway, CRYPTO_malloc_debug_init() (which
- gives the standard debugging functions that come with OpenSSL) or
- CRYPTO_set_mem_debug_functions() (tells OpenSSL to use functions
- provided by the library user) must be used. When the standard
- debugging functions are used, CRYPTO_dbg_set_options can be used to
- request additional information:
- CRYPTO_dbg_set_options(V_CYRPTO_MDEBUG_xxx) corresponds to setting
- the CRYPTO_MDEBUG_xxx macro when compiling the library.
-
- Also, things like CRYPTO_set_mem_functions will always give the
- expected result (the new set of functions is used for allocation
- and deallocation) at all times, regardless of platform and compiler
- options.
-
- To finish it up, some functions that were never use in any other
- way than through macros have a new API and new semantic:
-
- CRYPTO_dbg_malloc()
- CRYPTO_dbg_realloc()
- CRYPTO_dbg_free()
-
- All macros of value have retained their old syntax.
- [Richard Levitte and Bodo Moeller]
-
- *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the
- ordering of SMIMECapabilities wasn't in "strength order" and there
- was a missing NULL in the AlgorithmIdentifier for the SHA1 signature
- algorithm.
- [Steve Henson]
-
- *) Some ASN1 types with illegal zero length encoding (INTEGER,
- ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
- [Frans Heymans <fheymans at isaserver.be>, modified by Steve Henson]
-
- *) Merge in my S/MIME library for OpenSSL. This provides a simple
- S/MIME API on top of the PKCS#7 code, a MIME parser (with enough
- functionality to handle multipart/signed properly) and a utility
- called 'smime' to call all this stuff. This is based on code I
- originally wrote for Celo who have kindly allowed it to be
- included in OpenSSL.
- [Steve Henson]
-
- *) Add variants des_set_key_checked and des_set_key_unchecked of
- des_set_key (aka des_key_sched). Global variable des_check_key
- decides which of these is called by des_set_key; this way
- des_check_key behaves as it always did, but applications and
- the library itself, which was buggy for des_check_key == 1,
- have a cleaner way to pick the version they need.
- [Bodo Moeller]
-
- *) New function PKCS12_newpass() which changes the password of a
- PKCS12 structure.
- [Steve Henson]
-
- *) Modify X509_TRUST and X509_PURPOSE so it also uses a static and
- dynamic mix. In both cases the ids can be used as an index into the
- table. Also modified the X509_TRUST_add() and X509_PURPOSE_add()
- functions so they accept a list of the field values and the
- application doesn't need to directly manipulate the X509_TRUST
- structure.
- [Steve Henson]
-
- *) Modify the ASN1_STRING_TABLE stuff so it also uses bsearch and doesn't
- need initialising.
- [Steve Henson]
-
- *) Modify the way the V3 extension code looks up extensions. This now
- works in a similar way to the object code: we have some "standard"
- extensions in a static table which is searched with OBJ_bsearch()
- and the application can add dynamic ones if needed. The file
- crypto/x509v3/ext_dat.h now has the info: this file needs to be
- updated whenever a new extension is added to the core code and kept
- in ext_nid order. There is a simple program 'tabtest.c' which checks
- this. New extensions are not added too often so this file can readily
- be maintained manually.
-
- There are two big advantages in doing things this way. The extensions
- can be looked up immediately and no longer need to be "added" using
- X509V3_add_standard_extensions(): this function now does nothing.
- [Side note: I get *lots* of email saying the extension code doesn't
- work because people forget to call this function]
- Also no dynamic allocation is done unless new extensions are added:
- so if we don't add custom extensions there is no need to call
- X509V3_EXT_cleanup().
- [Steve Henson]
-
- *) Modify enc utility's salting as follows: make salting the default. Add a
- magic header, so unsalted files fail gracefully instead of just decrypting
- to garbage. This is because not salting is a big security hole, so people
- should be discouraged from doing it.
- [Ben Laurie]
-
- *) Fixes and enhancements to the 'x509' utility. It allowed a message
- digest to be passed on the command line but it only used this
- parameter when signing a certificate. Modified so all relevant
- operations are affected by the digest parameter including the
- -fingerprint and -x509toreq options. Also -x509toreq choked if a
- DSA key was used because it didn't fix the digest.
- [Steve Henson]
-
- *) Initial certificate chain verify code. Currently tests the untrusted
- certificates for consistency with the verify purpose (which is set
- when the X509_STORE_CTX structure is set up) and checks the pathlength.
-
- There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour:
- this is because it will reject chains with invalid extensions whereas
- every previous version of OpenSSL and SSLeay made no checks at all.
-
- Trust code: checks the root CA for the relevant trust settings. Trust
- settings have an initial value consistent with the verify purpose: e.g.
- if the verify purpose is for SSL client use it expects the CA to be
- trusted for SSL client use. However the default value can be changed to
- permit custom trust settings: one example of this would be to only trust
- certificates from a specific "secure" set of CAs.
-
- Also added X509_STORE_CTX_new() and X509_STORE_CTX_free() functions
- which should be used for version portability: especially since the
- verify structure is likely to change more often now.
-
- SSL integration. Add purpose and trust to SSL_CTX and SSL and functions
- to set them. If not set then assume SSL clients will verify SSL servers
- and vice versa.
-
- Two new options to the verify program: -untrusted allows a set of
- untrusted certificates to be passed in and -purpose which sets the
- intended purpose of the certificate. If a purpose is set then the
- new chain verify code is used to check extension consistency.
- [Steve Henson]
-
- *) Support for the authority information access extension.
- [Steve Henson]
-
- *) Modify RSA and DSA PEM read routines to transparently handle
- PKCS#8 format private keys. New *_PUBKEY_* functions that handle
- public keys in a format compatible with certificate
- SubjectPublicKeyInfo structures. Unfortunately there were already
- functions called *_PublicKey_* which used various odd formats so
- these are retained for compatibility: however the DSA variants were
- never in a public release so they have been deleted. Changed dsa/rsa
- utilities to handle the new format: note no releases ever handled public
- keys so we should be OK.
-
- The primary motivation for this change is to avoid the same fiasco
- that dogs private keys: there are several incompatible private key
- formats some of which are standard and some OpenSSL specific and
- require various evil hacks to allow partial transparent handling and
- even then it doesn't work with DER formats. Given the option anything
- other than PKCS#8 should be dumped: but the other formats have to
- stay in the name of compatibility.
-
- With public keys and the benefit of hindsight one standard format
- is used which works with EVP_PKEY, RSA or DSA structures: though
- it clearly returns an error if you try to read the wrong kind of key.
-
- Added a -pubkey option to the 'x509' utility to output the public key.
- Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*()
- (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add
- EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*())
- that do the same as the EVP_PKEY_assign_*() except they up the
- reference count of the added key (they don't "swallow" the
- supplied key).
- [Steve Henson]
-
- *) Fixes to crypto/x509/by_file.c the code to read in certificates and
- CRLs would fail if the file contained no certificates or no CRLs:
- added a new function to read in both types and return the number
- read: this means that if none are read it will be an error. The
- DER versions of the certificate and CRL reader would always fail
- because it isn't possible to mix certificates and CRLs in DER format
- without choking one or the other routine. Changed this to just read
- a certificate: this is the best we can do. Also modified the code
- in apps/verify.c to take notice of return codes: it was previously
- attempting to read in certificates from NULL pointers and ignoring
- any errors: this is one reason why the cert and CRL reader seemed
- to work. It doesn't check return codes from the default certificate
- routines: these may well fail if the certificates aren't installed.
- [Steve Henson]
-
- *) Code to support otherName option in GeneralName.
- [Steve Henson]
-
- *) First update to verify code. Change the verify utility
- so it warns if it is passed a self signed certificate:
- for consistency with the normal behaviour. X509_verify
- has been modified to it will now verify a self signed
- certificate if *exactly* the same certificate appears
- in the store: it was previously impossible to trust a
- single self signed certificate. This means that:
- openssl verify ss.pem
- now gives a warning about a self signed certificate but
- openssl verify -CAfile ss.pem ss.pem
- is OK.
- [Steve Henson]
-
- *) For servers, store verify_result in SSL_SESSION data structure
- (and add it to external session representation).
- This is needed when client certificate verifications fails,
- but an application-provided verification callback (set by
- SSL_CTX_set_cert_verify_callback) allows accepting the session
- anyway (i.e. leaves x509_store_ctx->error != X509_V_OK
- but returns 1): When the session is reused, we have to set
- ssl->verify_result to the appropriate error code to avoid
- security holes.
- [Bodo Moeller, problem pointed out by Lutz Jaenicke]
-
- *) Fix a bug in the new PKCS#7 code: it didn't consider the
- case in PKCS7_dataInit() where the signed PKCS7 structure
- didn't contain any existing data because it was being created.
- [Po-Cheng Chen <pocheng at nst.com.tw>, slightly modified by Steve Henson]
-
- *) Add a salt to the key derivation routines in enc.c. This
- forms the first 8 bytes of the encrypted file. Also add a
- -S option to allow a salt to be input on the command line.
- [Steve Henson]
-
- *) New function X509_cmp(). Oddly enough there wasn't a function
- to compare two certificates. We do this by working out the SHA1
- hash and comparing that. X509_cmp() will be needed by the trust
- code.
- [Steve Henson]
-
- *) SSL_get1_session() is like SSL_get_session(), but increments
- the reference count in the SSL_SESSION returned.
- [Geoff Thorpe <geoff at eu.c2.net>]
-
- *) Fix for 'req': it was adding a null to request attributes.
- Also change the X509_LOOKUP and X509_INFO code to handle
- certificate auxiliary information.
- [Steve Henson]
-
- *) Add support for 40 and 64 bit RC2 and RC4 algorithms: document
- the 'enc' command.
- [Steve Henson]
-
- *) Add the possibility to add extra information to the memory leak
- detecting output, to form tracebacks, showing from where each
- allocation was originated: CRYPTO_push_info("constant string") adds
- the string plus current file name and line number to a per-thread
- stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
- is like calling CYRPTO_pop_info() until the stack is empty.
- Also updated memory leak detection code to be multi-thread-safe.
- [Richard Levitte]
-
- *) Add options -text and -noout to pkcs7 utility and delete the
- encryption options which never did anything. Update docs.
- [Steve Henson]
-
- *) Add options to some of the utilities to allow the pass phrase
- to be included on either the command line (not recommended on
- OSes like Unix) or read from the environment. Update the
- manpages and fix a few bugs.
- [Steve Henson]
-
- *) Add a few manpages for some of the openssl commands.
- [Steve Henson]
-
- *) Fix the -revoke option in ca. It was freeing up memory twice,
- leaking and not finding already revoked certificates.
- [Steve Henson]
-
- *) Extensive changes to support certificate auxiliary information.
- This involves the use of X509_CERT_AUX structure and X509_AUX
- functions. An X509_AUX function such as PEM_read_X509_AUX()
- can still read in a certificate file in the usual way but it
- will also read in any additional "auxiliary information". By
- doing things this way a fair degree of compatibility can be
- retained: existing certificates can have this information added
- using the new 'x509' options.
-
- Current auxiliary information includes an "alias" and some trust
- settings. The trust settings will ultimately be used in enhanced
- certificate chain verification routines: currently a certificate
- can only be trusted if it is self signed and then it is trusted
- for all purposes.
- [Steve Henson]
-
- *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
- The problem was that one of the replacement routines had not been working
- since SSLeay releases. For now the offending routine has been replaced
- with non-optimised assembler. Even so, this now gives around 95%
- performance improvement for 1024 bit RSA signs.
- [Mark Cox]
-
- *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2
- handling. Most clients have the effective key size in bits equal to
- the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key.
- A few however don't do this and instead use the size of the decrypted key
- to determine the RC2 key length and the AlgorithmIdentifier to determine
- the effective key length. In this case the effective key length can still
- be 40 bits but the key length can be 168 bits for example. This is fixed
- by manually forcing an RC2 key into the EVP_PKEY structure because the
- EVP code can't currently handle unusual RC2 key sizes: it always assumes
- the key length and effective key length are equal.
- [Steve Henson]
-
- *) Add a bunch of functions that should simplify the creation of
- X509_NAME structures. Now you should be able to do:
- X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, "Steve", -1, -1, 0);
- and have it automatically work out the correct field type and fill in
- the structures. The more adventurous can try:
- X509_NAME_add_entry_by_txt(nm, field, MBSTRING_UTF8, str, -1, -1, 0);
- and it will (hopefully) work out the correct multibyte encoding.
- [Steve Henson]
-
- *) Change the 'req' utility to use the new field handling and multibyte
- copy routines. Before the DN field creation was handled in an ad hoc
- way in req, ca, and x509 which was rather broken and didn't support
- BMPStrings or UTF8Strings. Since some software doesn't implement
- BMPStrings or UTF8Strings yet, they can be enabled using the config file
- using the dirstring_type option. See the new comment in the default
- openssl.cnf for more info.
- [Steve Henson]
-
- *) Make crypto/rand/md_rand.c more robust:
- - Assure unique random numbers after fork().
- - Make sure that concurrent threads access the global counter and
- md serializably so that we never lose entropy in them
- or use exactly the same state in multiple threads.
- Access to the large state is not always serializable because
- the additional locking could be a performance killer, and
- md should be large enough anyway.
- [Bodo Moeller]
-
- *) New file apps/app_rand.c with commonly needed functionality
- for handling the random seed file.
-
- Use the random seed file in some applications that previously did not:
- ca,
- dsaparam -genkey (which also ignored its '-rand' option),
- s_client,
- s_server,
- x509 (when signing).
- Except on systems with /dev/urandom, it is crucial to have a random
- seed file at least for key creation, DSA signing, and for DH exchanges;
- for RSA signatures we could do without one.
-
- gendh and gendsa (unlike genrsa) used to read only the first byte
- of each file listed in the '-rand' option. The function as previously
- found in genrsa is now in app_rand.c and is used by all programs
- that support '-rand'.
- [Bodo Moeller]
-
- *) In RAND_write_file, use mode 0600 for creating files;
- don't just chmod when it may be too late.
- [Bodo Moeller]
-
- *) Report an error from X509_STORE_load_locations
- when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.
- [Bill Perry]
-
- *) New function ASN1_mbstring_copy() this copies a string in either
- ASCII, Unicode, Universal (4 bytes per character) or UTF8 format
- into an ASN1_STRING type. A mask of permissible types is passed
- and it chooses the "minimal" type to use or an error if not type
- is suitable.
- [Steve Henson]
-
- *) Add function equivalents to the various macros in asn1.h. The old
- macros are retained with an M_ prefix. Code inside the library can
- use the M_ macros. External code (including the openssl utility)
- should *NOT* in order to be "shared library friendly".
- [Steve Henson]
-
- *) Add various functions that can check a certificate's extensions
- to see if it usable for various purposes such as SSL client,
- server or S/MIME and CAs of these types. This is currently
- VERY EXPERIMENTAL but will ultimately be used for certificate chain
- verification. Also added a -purpose flag to x509 utility to
- print out all the purposes.
- [Steve Henson]
-
- *) Add a CRYPTO_EX_DATA to X509 certificate structure and associated
- functions.
- [Steve Henson]
-
- *) New X509V3_{X509,CRL,REVOKED}_get_d2i() functions. These will search
- for, obtain and decode and extension and obtain its critical flag.
- This allows all the necessary extension code to be handled in a
- single function call.
- [Steve Henson]
-
- *) RC4 tune-up featuring 30-40% performance improvement on most RISC
- platforms. See crypto/rc4/rc4_enc.c for further details.
- [Andy Polyakov]
-
- *) New -noout option to asn1parse. This causes no output to be produced
- its main use is when combined with -strparse and -out to extract data
- from a file (which may not be in ASN.1 format).
- [Steve Henson]
-
- *) Fix for pkcs12 program. It was hashing an invalid certificate pointer
- when producing the local key id.
- [Richard Levitte <levitte at stacken.kth.se>]
-
- *) New option -dhparam in s_server. This allows a DH parameter file to be
- stated explicitly. If it is not stated then it tries the first server
- certificate file. The previous behaviour hard coded the filename
- "server.pem".
- [Steve Henson]
-
- *) Add -pubin and -pubout options to the rsa and dsa commands. These allow
- a public key to be input or output. For example:
- openssl rsa -in key.pem -pubout -out pubkey.pem
- Also added necessary DSA public key functions to handle this.
- [Steve Henson]
-
- *) Fix so PKCS7_dataVerify() doesn't crash if no certificates are contained
- in the message. This was handled by allowing
- X509_find_by_issuer_and_serial() to tolerate a NULL passed to it.
- [Steve Henson, reported by Sampo Kellomaki <sampo at mail.neuronio.pt>]
-
- *) Fix for bug in d2i_ASN1_bytes(): other ASN1 functions add an extra null
- to the end of the strings whereas this didn't. This would cause problems
- if strings read with d2i_ASN1_bytes() were later modified.
- [Steve Henson, reported by Arne Ansper <arne at ats.cyber.ee>]
-
- *) Fix for base64 decode bug. When a base64 bio reads only one line of
- data and it contains EOF it will end up returning an error. This is
- caused by input 46 bytes long. The cause is due to the way base64
- BIOs find the start of base64 encoded data. They do this by trying a
- trial decode on each line until they find one that works. When they
- do a flag is set and it starts again knowing it can pass all the
- data directly through the decoder. Unfortunately it doesn't reset
- the context it uses. This means that if EOF is reached an attempt
- is made to pass two EOFs through the context and this causes the
- resulting error. This can also cause other problems as well. As is
- usual with these problems it takes *ages* to find and the fix is
- trivial: move one line.
- [Steve Henson, reported by ian at uns.ns.ac.yu (Ivan Nejgebauer) ]
-
- *) Ugly workaround to get s_client and s_server working under Windows. The
- old code wouldn't work because it needed to select() on sockets and the
- tty (for keypresses and to see if data could be written). Win32 only
- supports select() on sockets so we select() with a 1s timeout on the
- sockets and then see if any characters are waiting to be read, if none
- are present then we retry, we also assume we can always write data to
- the tty. This isn't nice because the code then blocks until we've
- received a complete line of data and it is effectively polling the
- keyboard at 1s intervals: however it's quite a bit better than not
- working at all :-) A dedicated Windows application might handle this
- with an event loop for example.
- [Steve Henson]
-
- *) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
- and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
- will be called when RSA_sign() and RSA_verify() are used. This is useful
- if rsa_pub_dec() and rsa_priv_enc() equivalents are not available.
- For this to work properly RSA_public_decrypt() and RSA_private_encrypt()
- should *not* be used: RSA_sign() and RSA_verify() must be used instead.
- This necessitated the support of an extra signature type NID_md5_sha1
- for SSL signatures and modifications to the SSL library to use it instead
- of calling RSA_public_decrypt() and RSA_private_encrypt().
- [Steve Henson]
-
- *) Add new -verify -CAfile and -CApath options to the crl program, these
- will lookup a CRL issuers certificate and verify the signature in a
- similar way to the verify program. Tidy up the crl program so it
- no longer accesses structures directly. Make the ASN1 CRL parsing a bit
- less strict. It will now permit CRL extensions even if it is not
- a V2 CRL: this will allow it to tolerate some broken CRLs.
- [Steve Henson]
-
- *) Initialize all non-automatic variables each time one of the openssl
- sub-programs is started (this is necessary as they may be started
- multiple times from the "OpenSSL>" prompt).
- [Lennart Bang, Bodo Moeller]
-
- *) Preliminary compilation option RSA_NULL which disables RSA crypto without
- removing all other RSA functionality (this is what NO_RSA does). This
- is so (for example) those in the US can disable those operations covered
- by the RSA patent while allowing storage and parsing of RSA keys and RSA
- key generation.
- [Steve Henson]
-
- *) Non-copying interface to BIO pairs.
- (still largely untested)
- [Bodo Moeller]
-
- *) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive
- ASCII string. This was handled independently in various places before.
- [Steve Henson]
-
- *) New functions UTF8_getc() and UTF8_putc() that parse and generate
- UTF8 strings a character at a time.
- [Steve Henson]
-
- *) Use client_version from client hello to select the protocol
- (s23_srvr.c) and for RSA client key exchange verification
- (s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications.
- [Bodo Moeller]
-
- *) Add various utility functions to handle SPKACs, these were previously
- handled by poking round in the structure internals. Added new function
- NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
- print, verify and generate SPKACs. Based on an original idea from
- Massimiliano Pala <madwolf at comune.modena.it> but extensively modified.
- [Steve Henson]
-
- *) RIPEMD160 is operational on all platforms and is back in 'make test'.
- [Andy Polyakov]
-
- *) Allow the config file extension section to be overwritten on the
- command line. Based on an original idea from Massimiliano Pala
- <madwolf at comune.modena.it>. The new option is called -extensions
- and can be applied to ca, req and x509. Also -reqexts to override
- the request extensions in req and -crlexts to override the crl extensions
- in ca.
- [Steve Henson]
-
- *) Add new feature to the SPKAC handling in ca. Now you can include
- the same field multiple times by preceding it by "XXXX." for example:
- 1.OU="Unit name 1"
- 2.OU="Unit name 2"
- this is the same syntax as used in the req config file.
- [Steve Henson]
-
- *) Allow certificate extensions to be added to certificate requests. These
- are specified in a 'req_extensions' option of the req section of the
- config file. They can be printed out with the -text option to req but
- are otherwise ignored at present.
- [Steve Henson]
-
- *) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first
- data read consists of only the final block it would not decrypted because
- EVP_CipherUpdate() would correctly report zero bytes had been decrypted.
- A misplaced 'break' also meant the decrypted final block might not be
- copied until the next read.
- [Steve Henson]
-
- *) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added
- a few extra parameters to the DH structure: these will be useful if
- for example we want the value of 'q' or implement X9.42 DH.
- [Steve Henson]
-
- *) Initial support for DSA_METHOD. This is based on the RSA_METHOD and
- provides hooks that allow the default DSA functions or functions on a
- "per key" basis to be replaced. This allows hardware acceleration and
- hardware key storage to be handled without major modification to the
- library. Also added low level modexp hooks and CRYPTO_EX structure and
- associated functions.
- [Steve Henson]
-
- *) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
- as "read only": it can't be written to and the buffer it points to will
- not be freed. Reading from a read only BIO is much more efficient than
- a normal memory BIO. This was added because there are several times when
- an area of memory needs to be read from a BIO. The previous method was
- to create a memory BIO and write the data to it, this results in two
- copies of the data and an O(n^2) reading algorithm. There is a new
- function BIO_new_mem_buf() which creates a read only memory BIO from
- an area of memory. Also modified the PKCS#7 routines to use read only
- memory BIOs.
- [Steve Henson]
-
- *) Bugfix: ssl23_get_client_hello did not work properly when called in
- state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
- a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
- but a retry condition occured while trying to read the rest.
- [Bodo Moeller]
-
- *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
- NID_pkcs7_encrypted by default: this was wrong since this should almost
- always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
- the encrypted data type: this is a more sensible place to put it and it
- allows the PKCS#12 code to be tidied up that duplicated this
- functionality.
- [Steve Henson]
-
- *) Changed obj_dat.pl script so it takes its input and output files on
- the command line. This should avoid shell escape redirection problems
- under Win32.
- [Steve Henson]
-
- *) Initial support for certificate extension requests, these are included
- in things like Xenroll certificate requests. Included functions to allow
- extensions to be obtained and added.
- [Steve Henson]
-
- *) -crlf option to s_client and s_server for sending newlines as
- CRLF (as required by many protocols).
- [Bodo Moeller]
-
- Changes between 0.9.3a and 0.9.4 [09 Aug 1999]
-
- *) Install libRSAglue.a when OpenSSL is built with RSAref.
- [Ralf S. Engelschall]
-
- *) A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
- [Andrija Antonijevic <TheAntony2 at bigfoot.com>]
-
- *) Fix -startdate and -enddate (which was missing) arguments to 'ca'
- program.
- [Steve Henson]
-
- *) New function DSA_dup_DH, which duplicates DSA parameters/keys as
- DH parameters/keys (q is lost during that conversion, but the resulting
- DH parameters contain its length).
-
- For 1024-bit p, DSA_generate_parameters followed by DSA_dup_DH is
- much faster than DH_generate_parameters (which creates parameters
- where p = 2*q + 1), and also the smaller q makes DH computations
- much more efficient (160-bit exponentiation instead of 1024-bit
- exponentiation); so this provides a convenient way to support DHE
- ciphersuites in SSL/TLS servers (see ssl/ssltest.c). It is of
- utter importance to use
- SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
- or
- SSL_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
- when such DH parameters are used, because otherwise small subgroup
- attacks may become possible!
- [Bodo Moeller]
-
- *) Avoid memory leak in i2d_DHparams.
- [Bodo Moeller]
-
- *) Allow the -k option to be used more than once in the enc program:
- this allows the same encrypted message to be read by multiple recipients.
- [Steve Henson]
-
- *) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
- an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
- it will always use the numerical form of the OID, even if it has a short
- or long name.
- [Steve Henson]
-
- *) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp
- method only got called if p,q,dmp1,dmq1,iqmp components were present,
- otherwise bn_mod_exp was called. In the case of hardware keys for example
- no private key components need be present and it might store extra data
- in the RSA structure, which cannot be accessed from bn_mod_exp.
- By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for
- private key operations.
- [Steve Henson]
-
- *) Added support for SPARC Linux.
- [Andy Polyakov]
-
- *) pem_password_cb function type incompatibly changed from
- typedef int pem_password_cb(char *buf, int size, int rwflag);
- to
- ....(char *buf, int size, int rwflag, void *userdata);
- so that applications can pass data to their callbacks:
- The PEM[_ASN1]_{read,write}... functions and macros now take an
- additional void * argument, which is just handed through whenever
- the password callback is called.
- [Damien Miller <dmiller at ilogic.com.au>; tiny changes by Bodo Moeller]
-
- New function SSL_CTX_set_default_passwd_cb_userdata.
-
- Compatibility note: As many C implementations push function arguments
- onto the stack in reverse order, the new library version is likely to
- interoperate with programs that have been compiled with the old
- pem_password_cb definition (PEM_whatever takes some data that
- happens to be on the stack as its last argument, and the callback
- just ignores this garbage); but there is no guarantee whatsoever that
- this will work.
-
- *) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=...
- (both in crypto/Makefile.ssl for use by crypto/cversion.c) caused
- problems not only on Windows, but also on some Unix platforms.
- To avoid problematic command lines, these definitions are now in an
- auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl
- for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds).
- [Bodo Moeller]
-
- *) MIPS III/IV assembler module is reimplemented.
- [Andy Polyakov]
-
- *) More DES library cleanups: remove references to srand/rand and
- delete an unused file.
- [Ulf Möller]
-
- *) Add support for the the free Netwide assembler (NASM) under Win32,
- since not many people have MASM (ml) and it can be hard to obtain.
- This is currently experimental but it seems to work OK and pass all
- the tests. Check out INSTALL.W32 for info.
- [Steve Henson]
-
- *) Fix memory leaks in s3_clnt.c: All non-anonymous SSL3/TLS1 connections
- without temporary keys kept an extra copy of the server key,
- and connections with temporary keys did not free everything in case
- of an error.
- [Bodo Moeller]
-
- *) New function RSA_check_key and new openssl rsa option -check
- for verifying the consistency of RSA keys.
- [Ulf Moeller, Bodo Moeller]
-
- *) Various changes to make Win32 compile work:
- 1. Casts to avoid "loss of data" warnings in p5_crpt2.c
- 2. Change unsigned int to int in b_dump.c to avoid "signed/unsigned
- comparison" warnings.
- 3. Add sk_<TYPE>_sort to DEF file generator and do make update.
- [Steve Henson]
-
- *) Add a debugging option to PKCS#5 v2 key generation function: when
- you #define DEBUG_PKCS5V2 passwords, salts, iteration counts and
- derived keys are printed to stderr.
- [Steve Henson]
-
- *) Copy the flags in ASN1_STRING_dup().
- [Roman E. Pavlov <pre at mo.msk.ru>]
-
- *) The x509 application mishandled signing requests containing DSA
- keys when the signing key was also DSA and the parameters didn't match.
-
- It was supposed to omit the parameters when they matched the signing key:
- the verifying software was then supposed to automatically use the CA's
- parameters if they were absent from the end user certificate.
-
- Omitting parameters is no longer recommended. The test was also
- the wrong way round! This was probably due to unusual behaviour in
- EVP_cmp_parameters() which returns 1 if the parameters match.
- This meant that parameters were omitted when they *didn't* match and
- the certificate was useless. Certificates signed with 'ca' didn't have
- this bug.
- [Steve Henson, reported by Doug Erickson <Doug.Erickson at Part.NET>]
-
- *) Memory leak checking (-DCRYPTO_MDEBUG) had some problems.
- The interface is as follows:
- Applications can use
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) aka MemCheck_start(),
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) aka MemCheck_stop();
- "off" is now the default.
- The library internally uses
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) aka MemCheck_off(),
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE) aka MemCheck_on()
- to disable memory-checking temporarily.
-
- Some inconsistent states that previously were possible (and were
- even the default) are now avoided.
-
- -DCRYPTO_MDEBUG_TIME is new and additionally stores the current time
- with each memory chunk allocated; this is occasionally more helpful
- than just having a counter.
-
- -DCRYPTO_MDEBUG_THREAD is also new and adds the thread ID.
-
- -DCRYPTO_MDEBUG_ALL enables all of the above, plus any future
- extensions.
- [Bodo Moeller]
-
- *) Introduce "mode" for SSL structures (with defaults in SSL_CTX),
- which largely parallels "options", but is for changing API behaviour,
- whereas "options" are about protocol behaviour.
- Initial "mode" flags are:
-
- SSL_MODE_ENABLE_PARTIAL_WRITE Allow SSL_write to report success when
- a single record has been written.
- SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER Don't insist that SSL_write
- retries use the same buffer location.
- (But all of the contents must be
- copied!)
- [Bodo Moeller]
-
- *) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options
- worked.
-
- *) Fix problems with no-hmac etc.
- [Ulf Möller, pointed out by Brian Wellington <bwelling at tislabs.com>]
-
- *) New functions RSA_get_default_method(), RSA_set_method() and
- RSA_get_method(). These allows replacement of RSA_METHODs without having
- to mess around with the internals of an RSA structure.
- [Steve Henson]
-
- *) Fix memory leaks in DSA_do_sign and DSA_is_prime.
- Also really enable memory leak checks in openssl.c and in some
- test programs.
- [Chad C. Mulligan, Bodo Moeller]
-
- *) Fix a bug in d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() which can mess
- up the length of negative integers. This has now been simplified to just
- store the length when it is first determined and use it later, rather
- than trying to keep track of where data is copied and updating it to
- point to the end.
- [Steve Henson, reported by Brien Wheeler
- <bwheeler at authentica-security.com>]
-
- *) Add a new function PKCS7_signatureVerify. This allows the verification
- of a PKCS#7 signature but with the signing certificate passed to the
- function itself. This contrasts with PKCS7_dataVerify which assumes the
- certificate is present in the PKCS#7 structure. This isn't always the
- case: certificates can be omitted from a PKCS#7 structure and be
- distributed by "out of band" means (such as a certificate database).
- [Steve Henson]
-
- *) Complete the PEM_* macros with DECLARE_PEM versions to replace the
- function prototypes in pem.h, also change util/mkdef.pl to add the
- necessary function names.
- [Steve Henson]
-
- *) mk1mf.pl (used by Windows builds) did not properly read the
- options set by Configure in the top level Makefile, and Configure
- was not even able to write more than one option correctly.
- Fixed, now "no-idea no-rc5 -DCRYPTO_MDEBUG" etc. works as intended.
- [Bodo Moeller]
-
- *) New functions CONF_load_bio() and CONF_load_fp() to allow a config
- file to be loaded from a BIO or FILE pointer. The BIO version will
- for example allow memory BIOs to contain config info.
- [Steve Henson]
-
- *) New function "CRYPTO_num_locks" that returns CRYPTO_NUM_LOCKS.
- Whoever hopes to achieve shared-library compatibility across versions
- must use this, not the compile-time macro.
- (Exercise 0.9.4: Which is the minimum library version required by
- such programs?)
- Note: All this applies only to multi-threaded programs, others don't
- need locks.
- [Bodo Moeller]
-
- *) Add missing case to s3_clnt.c state machine -- one of the new SSL tests
- through a BIO pair triggered the default case, i.e.
- SSLerr(...,SSL_R_UNKNOWN_STATE).
- [Bodo Moeller]
-
- *) New "BIO pair" concept (crypto/bio/bss_bio.c) so that applications
- can use the SSL library even if none of the specific BIOs is
- appropriate.
- [Bodo Moeller]
-
- *) Fix a bug in i2d_DSAPublicKey() which meant it returned the wrong value
- for the encoded length.
- [Jeon KyoungHo <khjeon at sds.samsung.co.kr>]
-
- *) Add initial documentation of the X509V3 functions.
- [Steve Henson]
-
- *) Add a new pair of functions PEM_write_PKCS8PrivateKey() and
- PEM_write_bio_PKCS8PrivateKey() that are equivalent to
- PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more
- secure PKCS#8 private key format with a high iteration count.
- [Steve Henson]
-
- *) Fix determination of Perl interpreter: A perl or perl5
- _directory_ in $PATH was also accepted as the interpreter.
- [Ralf S. Engelschall]
-
- *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking
- wrong with it but it was very old and did things like calling
- PEM_ASN1_read() directly and used MD5 for the hash not to mention some
- unusual formatting.
- [Steve Henson]
-
- *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
- to use the new extension code.
- [Steve Henson]
-
- *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
- with macros. This should make it easier to change their form, add extra
- arguments etc. Fix a few PEM prototypes which didn't have cipher as a
- constant.
- [Steve Henson]
-
- *) Add to configuration table a new entry that can specify an alternative
- name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
- according to Mark Crispin <MRC at Panda.COM>.
- [Bodo Moeller]
-
-#if 0
- *) DES CBC did not update the IV. Weird.
- [Ben Laurie]
-#else
- des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does.
- Changing the behaviour of the former might break existing programs --
- where IV updating is needed, des_ncbc_encrypt can be used.
-#endif
-
- *) When bntest is run from "make test" it drives bc to check its
- calculations, as well as internally checking them. If an internal check
- fails, it needs to cause bc to give a non-zero result or make test carries
- on without noticing the failure. Fixed.
- [Ben Laurie]
-
- *) DES library cleanups.
- [Ulf Möller]
-
- *) Add support for PKCS#5 v2.0 PBE algorithms. This will permit PKCS#8 to be
- used with any cipher unlike PKCS#5 v1.5 which can at most handle 64 bit
- ciphers. NOTE: although the key derivation function has been verified
- against some published test vectors it has not been extensively tested
- yet. Added a -v2 "cipher" option to pkcs8 application to allow the use
- of v2.0.
- [Steve Henson]
-
- *) Instead of "mkdir -p", which is not fully portable, use new
- Perl script "util/mkdir-p.pl".
- [Bodo Moeller]
-
- *) Rewrite the way password based encryption (PBE) is handled. It used to
- assume that the ASN1 AlgorithmIdentifier parameter was a PBEParameter
- structure. This was true for the PKCS#5 v1.5 and PKCS#12 PBE algorithms
- but doesn't apply to PKCS#5 v2.0 where it can be something else. Now
- the 'parameter' field of the AlgorithmIdentifier is passed to the
- underlying key generation function so it must do its own ASN1 parsing.
- This has also changed the EVP_PBE_CipherInit() function which now has a
- 'parameter' argument instead of literal salt and iteration count values
- and the function EVP_PBE_ALGOR_CipherInit() has been deleted.
- [Steve Henson]
-
- *) Support for PKCS#5 v1.5 compatible password based encryption algorithms
- and PKCS#8 functionality. New 'pkcs8' application linked to openssl.
- Needed to change the PEM_STRING_EVP_PKEY value which was just "PRIVATE
- KEY" because this clashed with PKCS#8 unencrypted string. Since this
- value was just used as a "magic string" and not used directly its
- value doesn't matter.
- [Steve Henson]
-
- *) Introduce some semblance of const correctness to BN. Shame C doesn't
- support mutable.
- [Ben Laurie]
-
- *) "linux-sparc64" configuration (ultrapenguin).
- [Ray Miller <ray.miller at oucs.ox.ac.uk>]
- "linux-sparc" configuration.
- [Christian Forster <fo at hawo.stw.uni-erlangen.de>]
-
- *) config now generates no-xxx options for missing ciphers.
- [Ulf Möller]
-
- *) Support the EBCDIC character set (work in progress).
- File ebcdic.c not yet included because it has a different license.
- [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>]
-
- *) Support BS2000/OSD-POSIX.
- [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>]
-
- *) Make callbacks for key generation use void * instead of char *.
- [Ben Laurie]
-
- *) Make S/MIME samples compile (not yet tested).
- [Ben Laurie]
-
- *) Additional typesafe stacks.
- [Ben Laurie]
-
- *) New configuration variants "bsdi-elf-gcc" (BSD/OS 4.x).
- [Bodo Moeller]
-
-
- Changes between 0.9.3 and 0.9.3a [29 May 1999]
-
- *) New configuration variant "sco5-gcc".
-
- *) Updated some demos.
- [Sean O Riordain, Wade Scholine]
-
- *) Add missing BIO_free at exit of pkcs12 application.
- [Wu Zhigang]
-
- *) Fix memory leak in conf.c.
- [Steve Henson]
-
- *) Updates for Win32 to assembler version of MD5.
- [Steve Henson]
-
- *) Set #! path to perl in apps/der_chop to where we found it
- instead of using a fixed path.
- [Bodo Moeller]
-
- *) SHA library changes for irix64-mips4-cc.
- [Andy Polyakov]
-
- *) Improvements for VMS support.
- [Richard Levitte]
-
-
- Changes between 0.9.2b and 0.9.3 [24 May 1999]
-
- *) Bignum library bug fix. IRIX 6 passes "make test" now!
- This also avoids the problems with SC4.2 and unpatched SC5.
- [Andy Polyakov <appro at fy.chalmers.se>]
-
- *) New functions sk_num, sk_value and sk_set to replace the previous macros.
- These are required because of the typesafe stack would otherwise break
- existing code. If old code used a structure member which used to be STACK
- and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with
- sk_num or sk_value it would produce an error because the num, data members
- are not present in STACK_OF. Now it just produces a warning. sk_set
- replaces the old method of assigning a value to sk_value
- (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code
- that does this will no longer work (and should use sk_set instead) but
- this could be regarded as a "questionable" behaviour anyway.
- [Steve Henson]
-
- *) Fix most of the other PKCS#7 bugs. The "experimental" code can now
- correctly handle encrypted S/MIME data.
- [Steve Henson]
-
- *) Change type of various DES function arguments from des_cblock
- (which means, in function argument declarations, pointer to char)
- to des_cblock * (meaning pointer to array with 8 char elements),
- which allows the compiler to do more typechecking; it was like
- that back in SSLeay, but with lots of ugly casts.
-
- Introduce new type const_des_cblock.
- [Bodo Moeller]
-
- *) Reorganise the PKCS#7 library and get rid of some of the more obvious
- problems: find RecipientInfo structure that matches recipient certificate
- and initialise the ASN1 structures properly based on passed cipher.
- [Steve Henson]
-
- *) Belatedly make the BN tests actually check the results.
- [Ben Laurie]
-
- *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
- to and from BNs: it was completely broken. New compilation option
- NEG_PUBKEY_BUG to allow for some broken certificates that encode public
- key elements as negative integers.
- [Steve Henson]
-
- *) Reorganize and speed up MD5.
- [Andy Polyakov <appro at fy.chalmers.se>]
-
- *) VMS support.
- [Richard Levitte <richard at levitte.org>]
-
- *) New option -out to asn1parse to allow the parsed structure to be
- output to a file. This is most useful when combined with the -strparse
- option to examine the output of things like OCTET STRINGS.
- [Steve Henson]
-
- *) Make SSL library a little more fool-proof by not requiring any longer
- that SSL_set_{accept,connect}_state be called before
- SSL_{accept,connect} may be used (SSL_set_..._state is omitted
- in many applications because usually everything *appeared* to work as
- intended anyway -- now it really works as intended).
- [Bodo Moeller]
-
- *) Move openssl.cnf out of lib/.
- [Ulf Möller]
-
- *) Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall
- -Wshadow -Wpointer-arith -Wcast-align -Wmissing-prototypes
- -Wmissing-declarations -Wnested-externs -Winline'' with EGCS 1.1.2+
- [Ralf S. Engelschall]
-
- *) Various fixes to the EVP and PKCS#7 code. It may now be able to
- handle PKCS#7 enveloped data properly.
- [Sebastian Akerman <sak at parallelconsulting.com>, modified by Steve]
-
- *) Create a duplicate of the SSL_CTX's CERT in SSL_new instead of
- copying pointers. The cert_st handling is changed by this in
- various ways (and thus what used to be known as ctx->default_cert
- is now called ctx->cert, since we don't resort to s->ctx->[default_]cert
- any longer when s->cert does not give us what we need).
- ssl_cert_instantiate becomes obsolete by this change.
- As soon as we've got the new code right (possibly it already is?),
- we have solved a couple of bugs of the earlier code where s->cert
- was used as if it could not have been shared with other SSL structures.
-
- Note that using the SSL API in certain dirty ways now will result
- in different behaviour than observed with earlier library versions:
- Changing settings for an SSL_CTX *ctx after having done s = SSL_new(ctx)
- does not influence s as it used to.
-
- In order to clean up things more thoroughly, inside SSL_SESSION
- we don't use CERT any longer, but a new structure SESS_CERT
- that holds per-session data (if available); currently, this is
- the peer's certificate chain and, for clients, the server's certificate
- and temporary key. CERT holds only those values that can have
- meaningful defaults in an SSL_CTX.
- [Bodo Moeller]
-
- *) New function X509V3_EXT_i2d() to create an X509_EXTENSION structure
- from the internal representation. Various PKCS#7 fixes: remove some
- evil casts and set the enc_dig_alg field properly based on the signing
- key type.
- [Steve Henson]
-
- *) Allow PKCS#12 password to be set from the command line or the
- environment. Let 'ca' get its config file name from the environment
- variables "OPENSSL_CONF" or "SSLEAY_CONF" (for consistency with 'req'
- and 'x509').
- [Steve Henson]
-
- *) Allow certificate policies extension to use an IA5STRING for the
- organization field. This is contrary to the PKIX definition but
- VeriSign uses it and IE5 only recognises this form. Document 'x509'
- extension option.
- [Steve Henson]
-
- *) Add PEDANTIC compiler flag to allow compilation with gcc -pedantic,
- without disallowing inline assembler and the like for non-pedantic builds.
- [Ben Laurie]
-
- *) Support Borland C++ builder.
- [Janez Jere <jj at void.si>, modified by Ulf Möller]
-
- *) Support Mingw32.
- [Ulf Möller]
-
- *) SHA-1 cleanups and performance enhancements.
- [Andy Polyakov <appro at fy.chalmers.se>]
-
- *) Sparc v8plus assembler for the bignum library.
- [Andy Polyakov <appro at fy.chalmers.se>]
-
- *) Accept any -xxx and +xxx compiler options in Configure.
- [Ulf Möller]
-
- *) Update HPUX configuration.
- [Anonymous]
-
- *) Add missing sk_<type>_unshift() function to safestack.h
- [Ralf S. Engelschall]
-
- *) New function SSL_CTX_use_certificate_chain_file that sets the
- "extra_cert"s in addition to the certificate. (This makes sense
- only for "PEM" format files, as chains as a whole are not
- DER-encoded.)
- [Bodo Moeller]
-
- *) Support verify_depth from the SSL API.
- x509_vfy.c had what can be considered an off-by-one-error:
- Its depth (which was not part of the external interface)
- was actually counting the number of certificates in a chain;
- now it really counts the depth.
- [Bodo Moeller]
-
- *) Bugfix in crypto/x509/x509_cmp.c: The SSLerr macro was used
- instead of X509err, which often resulted in confusing error
- messages since the error codes are not globally unique
- (e.g. an alleged error in ssl3_accept when a certificate
- didn't match the private key).
-
- *) New function SSL_CTX_set_session_id_context that allows to set a default
- value (so that you don't need SSL_set_session_id_context for each
- connection using the SSL_CTX).
- [Bodo Moeller]
-
- *) OAEP decoding bug fix.
- [Ulf Möller]
-
- *) Support INSTALL_PREFIX for package builders, as proposed by
- David Harris.
- [Bodo Moeller]
-
- *) New Configure options "threads" and "no-threads". For systems
- where the proper compiler options are known (currently Solaris
- and Linux), "threads" is the default.
- [Bodo Moeller]
-
- *) New script util/mklink.pl as a faster substitute for util/mklink.sh.
- [Bodo Moeller]
-
- *) Install various scripts to $(OPENSSLDIR)/misc, not to
- $(INSTALLTOP)/bin -- they shouldn't clutter directories
- such as /usr/local/bin.
- [Bodo Moeller]
-
- *) "make linux-shared" to build shared libraries.
- [Niels Poppe <niels at netbox.org>]
-
- *) New Configure option no-<cipher> (rsa, idea, rc5, ...).
- [Ulf Möller]
-
- *) Add the PKCS#12 API documentation to openssl.txt. Preliminary support for
- extension adding in x509 utility.
- [Steve Henson]
-
- *) Remove NOPROTO sections and error code comments.
- [Ulf Möller]
-
- *) Partial rewrite of the DEF file generator to now parse the ANSI
- prototypes.
- [Steve Henson]
-
- *) New Configure options --prefix=DIR and --openssldir=DIR.
- [Ulf Möller]
-
- *) Complete rewrite of the error code script(s). It is all now handled
- by one script at the top level which handles error code gathering,
- header rewriting and C source file generation. It should be much better
- than the old method: it now uses a modified version of Ulf's parser to
- read the ANSI prototypes in all header files (thus the old K&R definitions
- aren't needed for error creation any more) and do a better job of
- translating function codes into names. The old 'ASN1 error code imbedded
- in a comment' is no longer necessary and it doesn't use .err files which
- have now been deleted. Also the error code call doesn't have to appear all
- on one line (which resulted in some large lines...).
- [Steve Henson]
-
- *) Change #include filenames from <foo.h> to <openssl/foo.h>.
- [Bodo Moeller]
-
- *) Change behaviour of ssl2_read when facing length-0 packets: Don't return
- 0 (which usually indicates a closed connection), but continue reading.
- [Bodo Moeller]
-
- *) Fix some race conditions.
- [Bodo Moeller]
-
- *) Add support for CRL distribution points extension. Add Certificate
- Policies and CRL distribution points documentation.
- [Steve Henson]
-
- *) Move the autogenerated header file parts to crypto/opensslconf.h.
- [Ulf Möller]
-
- *) Fix new 56-bit DES export ciphersuites: they were using 7 bytes instead of
- 8 of keying material. Merlin has also confirmed interop with this fix
- between OpenSSL and Baltimore C/SSL 2.0 and J/SSL 2.0.
- [Merlin Hughes <merlin at baltimore.ie>]
-
- *) Fix lots of warnings.
- [Richard Levitte <levitte at stacken.kth.se>]
-
- *) In add_cert_dir() in crypto/x509/by_dir.c, break out of the loop if
- the directory spec didn't end with a LIST_SEPARATOR_CHAR.
- [Richard Levitte <levitte at stacken.kth.se>]
-
- *) Fix problems with sizeof(long) == 8.
- [Andy Polyakov <appro at fy.chalmers.se>]
-
- *) Change functions to ANSI C.
- [Ulf Möller]
-
- *) Fix typos in error codes.
- [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>, Ulf Möller]
-
- *) Remove defunct assembler files from Configure.
- [Ulf Möller]
-
- *) SPARC v8 assembler BIGNUM implementation.
- [Andy Polyakov <appro at fy.chalmers.se>]
-
- *) Support for Certificate Policies extension: both print and set.
- Various additions to support the r2i method this uses.
- [Steve Henson]
-
- *) A lot of constification, and fix a bug in X509_NAME_oneline() that could
- return a const string when you are expecting an allocated buffer.
- [Ben Laurie]
-
- *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE
- types DirectoryString and DisplayText.
- [Steve Henson]
-
- *) Add code to allow r2i extensions to access the configuration database,
- add an LHASH database driver and add several ctx helper functions.
- [Steve Henson]
-
- *) Fix an evil bug in bn_expand2() which caused various BN functions to
- fail when they extended the size of a BIGNUM.
- [Steve Henson]
-
- *) Various utility functions to handle SXNet extension. Modify mkdef.pl to
- support typesafe stack.
- [Steve Henson]
-
- *) Fix typo in SSL_[gs]et_options().
- [Nils Frostberg <nils at medcom.se>]
-
- *) Delete various functions and files that belonged to the (now obsolete)
- old X509V3 handling code.
- [Steve Henson]
-
- *) New Configure option "rsaref".
- [Ulf Möller]
-
- *) Don't auto-generate pem.h.
- [Bodo Moeller]
-
- *) Introduce type-safe ASN.1 SETs.
- [Ben Laurie]
-
- *) Convert various additional casted stacks to type-safe STACK_OF() variants.
- [Ben Laurie, Ralf S. Engelschall, Steve Henson]
-
- *) Introduce type-safe STACKs. This will almost certainly break lots of code
- that links with OpenSSL (well at least cause lots of warnings), but fear
- not: the conversion is trivial, and it eliminates loads of evil casts. A
- few STACKed things have been converted already. Feel free to convert more.
- In the fullness of time, I'll do away with the STACK type altogether.
- [Ben Laurie]
-
- *) Add `openssl ca -revoke <certfile>' facility which revokes a certificate
- specified in <certfile> by updating the entry in the index.txt file.
- This way one no longer has to edit the index.txt file manually for
- revoking a certificate. The -revoke option does the gory details now.
- [Massimiliano Pala <madwolf at openca.org>, Ralf S. Engelschall]
-
- *) Fix `openssl crl -noout -text' combination where `-noout' killed the
- `-text' option at all and this way the `-noout -text' combination was
- inconsistent in `openssl crl' with the friends in `openssl x509|rsa|dsa'.
- [Ralf S. Engelschall]
-
- *) Make sure a corresponding plain text error message exists for the
- X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
- verify callback function determined that a certificate was revoked.
- [Ralf S. Engelschall]
-
- *) Bugfix: In test/testenc, don't test "openssl <cipher>" for
- ciphers that were excluded, e.g. by -DNO_IDEA. Also, test
- all available cipers including rc5, which was forgotten until now.
- In order to let the testing shell script know which algorithms
- are available, a new (up to now undocumented) command
- "openssl list-cipher-commands" is used.
- [Bodo Moeller]
-
- *) Bugfix: s_client occasionally would sleep in select() when
- it should have checked SSL_pending() first.
- [Bodo Moeller]
-
- *) New functions DSA_do_sign and DSA_do_verify to provide access to
- the raw DSA values prior to ASN.1 encoding.
- [Ulf Möller]
-
- *) Tweaks to Configure
- [Niels Poppe <niels at netbox.org>]
-
- *) Add support for PKCS#5 v2.0 ASN1 PBES2 structures. No other support,
- yet...
- [Steve Henson]
-
- *) New variables $(RANLIB) and $(PERL) in the Makefiles.
- [Ulf Möller]
-
- *) New config option to avoid instructions that are illegal on the 80386.
- The default code is faster, but requires at least a 486.
- [Ulf Möller]
-
- *) Got rid of old SSL2_CLIENT_VERSION (inconsistently used) and
- SSL2_SERVER_VERSION (not used at all) macros, which are now the
- same as SSL2_VERSION anyway.
- [Bodo Moeller]
-
- *) New "-showcerts" option for s_client.
- [Bodo Moeller]
-
- *) Still more PKCS#12 integration. Add pkcs12 application to openssl
- application. Various cleanups and fixes.
- [Steve Henson]
-
- *) More PKCS#12 integration. Add new pkcs12 directory with Makefile.ssl and
- modify error routines to work internally. Add error codes and PBE init
- to library startup routines.
- [Steve Henson]
-
- *) Further PKCS#12 integration. Added password based encryption, PKCS#8 and
- packing functions to asn1 and evp. Changed function names and error
- codes along the way.
- [Steve Henson]
-
- *) PKCS12 integration: and so it begins... First of several patches to
- slowly integrate PKCS#12 functionality into OpenSSL. Add PKCS#12
- objects to objects.h
- [Steve Henson]
-
- *) Add a new 'indent' option to some X509V3 extension code. Initial ASN1
- and display support for Thawte strong extranet extension.
- [Steve Henson]
-
- *) Add LinuxPPC support.
- [Jeff Dubrule <igor at pobox.org>]
-
- *) Get rid of redundant BN file bn_mulw.c, and rename bn_div64 to
- bn_div_words in alpha.s.
- [Hannes Reinecke <H.Reinecke at hw.ac.uk> and Ben Laurie]
-
- *) Make sure the RSA OAEP test is skipped under -DRSAref because
- OAEP isn't supported when OpenSSL is built with RSAref.
- [Ulf Moeller <ulf at fitug.de>]
-
- *) Move definitions of IS_SET/IS_SEQUENCE inside crypto/asn1/asn1.h
- so they no longer are missing under -DNOPROTO.
- [Soren S. Jorvang <soren at t.dk>]
-
-
- Changes between 0.9.1c and 0.9.2b [22 Mar 1999]
-
- *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still
- doesn't work when the session is reused. Coming soon!
- [Ben Laurie]
-
- *) Fix a security hole, that allows sessions to be reused in the wrong
- context thus bypassing client cert protection! All software that uses
- client certs and session caches in multiple contexts NEEDS PATCHING to
- allow session reuse! A fuller solution is in the works.
- [Ben Laurie, problem pointed out by Holger Reif, Bodo Moeller (and ???)]
-
- *) Some more source tree cleanups (removed obsolete files
- crypto/bf/asm/bf586.pl, test/test.txt and crypto/sha/asm/f.s; changed
- permission on "config" script to be executable) and a fix for the INSTALL
- document.
- [Ulf Moeller <ulf at fitug.de>]
-
- *) Remove some legacy and erroneous uses of malloc, free instead of
- Malloc, Free.
- [Lennart Bang <lob at netstream.se>, with minor changes by Steve]
-
- *) Make rsa_oaep_test return non-zero on error.
- [Ulf Moeller <ulf at fitug.de>]
-
- *) Add support for native Solaris shared libraries. Configure
- solaris-sparc-sc4-pic, make, then run shlib/solaris-sc4.sh. It'd be nice
- if someone would make that last step automatic.
- [Matthias Loepfe <Matthias.Loepfe at AdNovum.CH>]
-
- *) ctx_size was not built with the right compiler during "make links". Fixed.
- [Ben Laurie]
-
- *) Change the meaning of 'ALL' in the cipher list. It now means "everything
- except NULL ciphers". This means the default cipher list will no longer
- enable NULL ciphers. They need to be specifically enabled e.g. with
- the string "DEFAULT:eNULL".
- [Steve Henson]
-
- *) Fix to RSA private encryption routines: if p < q then it would
- occasionally produce an invalid result. This will only happen with
- externally generated keys because OpenSSL (and SSLeay) ensure p > q.
- [Steve Henson]
-
- *) Be less restrictive and allow also `perl util/perlpath.pl
- /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin',
- because this way one can also use an interpreter named `perl5' (which is
- usually the name of Perl 5.xxx on platforms where an Perl 4.x is still
- installed as `perl').
- [Matthias Loepfe <Matthias.Loepfe at adnovum.ch>]
-
- *) Let util/clean-depend.pl work also with older Perl 5.00x versions.
- [Matthias Loepfe <Matthias.Loepfe at adnovum.ch>]
-
- *) Fix Makefile.org so CC,CFLAG etc are passed to 'make links' add
- advapi32.lib to Win32 build and change the pem test comparision
- to fc.exe (thanks to Ulrich Kroener <kroneru at yahoo.com> for the
- suggestion). Fix misplaced ASNI prototypes and declarations in evp.h
- and crypto/des/ede_cbcm_enc.c.
- [Steve Henson]
-
- *) DES quad checksum was broken on big-endian architectures. Fixed.
- [Ben Laurie]
-
- *) Comment out two functions in bio.h that aren't implemented. Fix up the
- Win32 test batch file so it (might) work again. The Win32 test batch file
- is horrible: I feel ill....
- [Steve Henson]
-
- *) Move various #ifdefs around so NO_SYSLOG, NO_DIRENT etc are now selected
- in e_os.h. Audit of header files to check ANSI and non ANSI
- sections: 10 functions were absent from non ANSI section and not exported
- from Windows DLLs. Fixed up libeay.num for new functions.
- [Steve Henson]
-
- *) Make `openssl version' output lines consistent.
- [Ralf S. Engelschall]
-
- *) Fix Win32 symbol export lists for BIO functions: Added
- BIO_get_ex_new_index, BIO_get_ex_num, BIO_get_ex_data and BIO_set_ex_data
- to ms/libeay{16,32}.def.
- [Ralf S. Engelschall]
-
- *) Second round of fixing the OpenSSL perl/ stuff. It now at least compiled
- fine under Unix and passes some trivial tests I've now added. But the
- whole stuff is horribly incomplete, so a README.1ST with a disclaimer was
- added to make sure no one expects that this stuff really works in the
- OpenSSL 0.9.2 release. Additionally I've started to clean the XS sources
- up and fixed a few little bugs and inconsistencies in OpenSSL.{pm,xs} and
- openssl_bio.xs.
- [Ralf S. Engelschall]
-
- *) Fix the generation of two part addresses in perl.
- [Kenji Miyake <kenji at miyake.org>, integrated by Ben Laurie]
-
- *) Add config entry for Linux on MIPS.
- [John Tobey <jtobey at channel1.com>]
-
- *) Make links whenever Configure is run, unless we are on Windoze.
- [Ben Laurie]
-
- *) Permit extensions to be added to CRLs using crl_section in openssl.cnf.
- Currently only issuerAltName and AuthorityKeyIdentifier make any sense
- in CRLs.
- [Steve Henson]
-
- *) Add a useful kludge to allow package maintainers to specify compiler and
- other platforms details on the command line without having to patch the
- Configure script everytime: One now can use ``perl Configure
- <id>:<details>'', i.e. platform ids are allowed to have details appended
- to them (seperated by colons). This is treated as there would be a static
- pre-configured entry in Configure's %table under key <id> with value
- <details> and ``perl Configure <id>'' is called. So, when you want to
- perform a quick test-compile under FreeBSD 3.1 with pgcc and without
- assembler stuff you can use ``perl Configure "FreeBSD-elf:pgcc:-O6:::"''
- now, which overrides the FreeBSD-elf entry on-the-fly.
- [Ralf S. Engelschall]
-
- *) Disable new TLS1 ciphersuites by default: they aren't official yet.
- [Ben Laurie]
-
- *) Allow DSO flags like -fpic, -fPIC, -KPIC etc. to be specified
- on the `perl Configure ...' command line. This way one can compile
- OpenSSL libraries with Position Independent Code (PIC) which is needed
- for linking it into DSOs.
- [Ralf S. Engelschall]
-
- *) Remarkably, export ciphers were totally broken and no-one had noticed!
- Fixed.
- [Ben Laurie]
-
- *) Cleaned up the LICENSE document: The official contact for any license
- questions now is the OpenSSL core team under openssl-core at openssl.org.
- And add a paragraph about the dual-license situation to make sure people
- recognize that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply
- to the OpenSSL toolkit.
- [Ralf S. Engelschall]
-
- *) General source tree makefile cleanups: Made `making xxx in yyy...'
- display consistent in the source tree and replaced `/bin/rm' by `rm'.
- Additonally cleaned up the `make links' target: Remove unnecessary
- semicolons, subsequent redundant removes, inline point.sh into mklink.sh
- to speed processing and no longer clutter the display with confusing
- stuff. Instead only the actually done links are displayed.
- [Ralf S. Engelschall]
-
- *) Permit null encryption ciphersuites, used for authentication only. It used
- to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
- It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
- encryption.
- [Ben Laurie]
-
- *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
- signed attributes when verifying signatures (this would break them),
- the detached data encoding was wrong and public keys obtained using
- X509_get_pubkey() weren't freed.
- [Steve Henson]
-
- *) Add text documentation for the BUFFER functions. Also added a work around
- to a Win95 console bug. This was triggered by the password read stuff: the
- last character typed gets carried over to the next fread(). If you were
- generating a new cert request using 'req' for example then the last
- character of the passphrase would be CR which would then enter the first
- field as blank.
- [Steve Henson]
-
- *) Added the new `Includes OpenSSL Cryptography Software' button as
- doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
- button and can be used by applications based on OpenSSL to show the
- relationship to the OpenSSL project.
- [Ralf S. Engelschall]
-
- *) Remove confusing variables in function signatures in files
- ssl/ssl_lib.c and ssl/ssl.h.
- [Lennart Bong <lob at kulthea.stacken.kth.se>]
-
- *) Don't install bss_file.c under PREFIX/include/
- [Lennart Bong <lob at kulthea.stacken.kth.se>]
-
- *) Get the Win32 compile working again. Modify mkdef.pl so it can handle
- functions that return function pointers and has support for NT specific
- stuff. Fix mk1mf.pl and VC-32.pl to support NT differences also. Various
- #ifdef WIN32 and WINNTs sprinkled about the place and some changes from
- unsigned to signed types: this was killing the Win32 compile.
- [Steve Henson]
-
- *) Add new certificate file to stack functions,
- SSL_add_dir_cert_subjects_to_stack() and
- SSL_add_file_cert_subjects_to_stack(). These largely supplant
- SSL_load_client_CA_file(), and can be used to add multiple certs easily
- to a stack (usually this is then handed to SSL_CTX_set_client_CA_list()).
- This means that Apache-SSL and similar packages don't have to mess around
- to add as many CAs as they want to the preferred list.
- [Ben Laurie]
-
- *) Experiment with doxygen documentation. Currently only partially applied to
- ssl/ssl_lib.c.
- See http://www.stack.nl/~dimitri/doxygen/index.html, and run doxygen with
- openssl.doxy as the configuration file.
- [Ben Laurie]
-
- *) Get rid of remaining C++-style comments which strict C compilers hate.
- [Ralf S. Engelschall, pointed out by Carlos Amengual]
-
- *) Changed BN_RECURSION in bn_mont.c to BN_RECURSION_MONT so it is not
- compiled in by default: it has problems with large keys.
- [Steve Henson]
-
- *) Add a bunch of SSL_xxx() functions for configuring the temporary RSA and
- DH private keys and/or callback functions which directly correspond to
- their SSL_CTX_xxx() counterparts but work on a per-connection basis. This
- is needed for applications which have to configure certificates on a
- per-connection basis (e.g. Apache+mod_ssl) instead of a per-context basis
- (e.g. s_server).
- For the RSA certificate situation is makes no difference, but
- for the DSA certificate situation this fixes the "no shared cipher"
- problem where the OpenSSL cipher selection procedure failed because the
- temporary keys were not overtaken from the context and the API provided
- no way to reconfigure them.
- The new functions now let applications reconfigure the stuff and they
- are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
- SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback. Additionally a new
- non-public-API function ssl_cert_instantiate() is used as a helper
- function and also to reduce code redundancy inside ssl_rsa.c.
- [Ralf S. Engelschall]
-
- *) Move s_server -dcert and -dkey options out of the undocumented feature
- area because they are useful for the DSA situation and should be
- recognized by the users.
- [Ralf S. Engelschall]
-
- *) Fix the cipher decision scheme for export ciphers: the export bits are
- *not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
- SSL_EXP_MASK. So, the original variable has to be used instead of the
- already masked variable.
- [Richard Levitte <levitte at stacken.kth.se>]
-
- *) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
- [Richard Levitte <levitte at stacken.kth.se>]
-
- *) Change type of another md_len variable in pk7_doit.c:PKCS7_dataFinal()
- from `int' to `unsigned int' because it's a length and initialized by
- EVP_DigestFinal() which expects an `unsigned int *'.
- [Richard Levitte <levitte at stacken.kth.se>]
-
- *) Don't hard-code path to Perl interpreter on shebang line of Configure
- script. Instead use the usual Shell->Perl transition trick.
- [Ralf S. Engelschall]
-
- *) Make `openssl x509 -noout -modulus' functional also for DSA certificates
- (in addition to RSA certificates) to match the behaviour of `openssl dsa
- -noout -modulus' as it's already the case for `openssl rsa -noout
- -modulus'. For RSA the -modulus is the real "modulus" while for DSA
- currently the public key is printed (a decision which was already done by
- `openssl dsa -modulus' in the past) which serves a similar purpose.
- Additionally the NO_RSA no longer completely removes the whole -modulus
- option; it now only avoids using the RSA stuff. Same applies to NO_DSA
- now, too.
- [Ralf S. Engelschall]
-
- *) Add Arne Ansper's reliable BIO - this is an encrypted, block-digested
- BIO. See the source (crypto/evp/bio_ok.c) for more info.
- [Arne Ansper <arne at ats.cyber.ee>]
-
- *) Dump the old yucky req code that tried (and failed) to allow raw OIDs
- to be added. Now both 'req' and 'ca' can use new objects defined in the
- config file.
- [Steve Henson]
-
- *) Add cool BIO that does syslog (or event log on NT).
- [Arne Ansper <arne at ats.cyber.ee>, integrated by Ben Laurie]
-
- *) Add support for new TLS ciphersuites, TLS_RSA_EXPORT56_WITH_RC4_56_MD5,
- TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 and
- TLS_RSA_EXPORT56_WITH_DES_CBC_SHA, as specified in "56-bit Export Cipher
- Suites For TLS", draft-ietf-tls-56-bit-ciphersuites-00.txt.
- [Ben Laurie]
-
- *) Add preliminary config info for new extension code.
- [Steve Henson]
-
- *) Make RSA_NO_PADDING really use no padding.
- [Ulf Moeller <ulf at fitug.de>]
-
- *) Generate errors when private/public key check is done.
- [Ben Laurie]
-
- *) Overhaul for 'crl' utility. New function X509_CRL_print. Partial support
- for some CRL extensions and new objects added.
- [Steve Henson]
-
- *) Really fix the ASN1 IMPLICIT bug this time... Partial support for private
- key usage extension and fuller support for authority key id.
- [Steve Henson]
-
- *) Add OAEP encryption for the OpenSSL crypto library. OAEP is the improved
- padding method for RSA, which is recommended for new applications in PKCS
- #1 v2.0 (RFC 2437, October 1998).
- OAEP (Optimal Asymmetric Encryption Padding) has better theoretical
- foundations than the ad-hoc padding used in PKCS #1 v1.5. It is secure
- against Bleichbacher's attack on RSA.
- [Ulf Moeller <ulf at fitug.de>, reformatted, corrected and integrated by
- Ben Laurie]
-
- *) Updates to the new SSL compression code
- [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
- *) Fix so that the version number in the master secret, when passed
- via RSA, checks that if TLS was proposed, but we roll back to SSLv3
- (because the server will not accept higher), that the version number
- is 0x03,0x01, not 0x03,0x00
- [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
- *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
- leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
- in apps/ and an unrelated leak in crypto/dsa/dsa_vrf.c
- [Steve Henson]
-
- *) Support for RAW extensions where an arbitrary extension can be
- created by including its DER encoding. See apps/openssl.cnf for
- an example.
- [Steve Henson]
-
- *) Make sure latest Perl versions don't interpret some generated C array
- code as Perl array code in the crypto/err/err_genc.pl script.
- [Lars Weber <3weber at informatik.uni-hamburg.de>]
-
- *) Modify ms/do_ms.bat to not generate assembly language makefiles since
- not many people have the assembler. Various Win32 compilation fixes and
- update to the INSTALL.W32 file with (hopefully) more accurate Win32
- build instructions.
- [Steve Henson]
-
- *) Modify configure script 'Configure' to automatically create crypto/date.h
- file under Win32 and also build pem.h from pem.org. New script
- util/mkfiles.pl to create the MINFO file on environments that can't do a
- 'make files': perl util/mkfiles.pl >MINFO should work.
- [Steve Henson]
-
- *) Major rework of DES function declarations, in the pursuit of correctness
- and purity. As a result, many evil casts evaporated, and some weirdness,
- too. You may find this causes warnings in your code. Zapping your evil
- casts will probably fix them. Mostly.
- [Ben Laurie]
-
- *) Fix for a typo in asn1.h. Bug fix to object creation script
- obj_dat.pl. It considered a zero in an object definition to mean
- "end of object": none of the objects in objects.h have any zeros
- so it wasn't spotted.
- [Steve Henson, reported by Erwann ABALEA <eabalea at certplus.com>]
-
- *) Add support for Triple DES Cipher Block Chaining with Output Feedback
- Masking (CBCM). In the absence of test vectors, the best I have been able
- to do is check that the decrypt undoes the encrypt, so far. Send me test
- vectors if you have them.
- [Ben Laurie]
-
- *) Correct calculation of key length for export ciphers (too much space was
- allocated for null ciphers). This has not been tested!
- [Ben Laurie]
-
- *) Modifications to the mkdef.pl for Win32 DEF file creation. The usage
- message is now correct (it understands "crypto" and "ssl" on its
- command line). There is also now an "update" option. This will update
- the util/ssleay.num and util/libeay.num files with any new functions.
- If you do a:
- perl util/mkdef.pl crypto ssl update
- it will update them.
- [Steve Henson]
-
- *) Overhauled the Perl interface (perl/*):
- - ported BN stuff to OpenSSL's different BN library
- - made the perl/ source tree CVS-aware
- - renamed the package from SSLeay to OpenSSL (the files still contain
- their history because I've copied them in the repository)
- - removed obsolete files (the test scripts will be replaced
- by better Test::Harness variants in the future)
- [Ralf S. Engelschall]
-
- *) First cut for a very conservative source tree cleanup:
- 1. merge various obsolete readme texts into doc/ssleay.txt
- where we collect the old documents and readme texts.
- 2. remove the first part of files where I'm already sure that we no
- longer need them because of three reasons: either they are just temporary
- files which were left by Eric or they are preserved original files where
- I've verified that the diff is also available in the CVS via "cvs diff
- -rSSLeay_0_8_1b" or they were renamed (as it was definitely the case for
- the crypto/md/ stuff).
- [Ralf S. Engelschall]
-
- *) More extension code. Incomplete support for subject and issuer alt
- name, issuer and authority key id. Change the i2v function parameters
- and add an extra 'crl' parameter in the X509V3_CTX structure: guess
- what that's for :-) Fix to ASN1 macro which messed up
- IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
- [Steve Henson]
-
- *) Preliminary support for ENUMERATED type. This is largely copied from the
- INTEGER code.
- [Steve Henson]
-
- *) Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
- [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
- *) Make sure `make rehash' target really finds the `openssl' program.
- [Ralf S. Engelschall, Matthias Loepfe <Matthias.Loepfe at adnovum.ch>]
-
- *) Squeeze another 7% of speed out of MD5 assembler, at least on a P2. I'd
- like to hear about it if this slows down other processors.
- [Ben Laurie]
-
- *) Add CygWin32 platform information to Configure script.
- [Alan Batie <batie at aahz.jf.intel.com>]
-
- *) Fixed ms/32all.bat script: `no_asm' -> `no-asm'
- [Rainer W. Gerling <gerling at mpg-gv.mpg.de>]
-
- *) New program nseq to manipulate netscape certificate sequences
- [Steve Henson]
-
- *) Modify crl2pkcs7 so it supports multiple -certfile arguments. Fix a
- few typos.
- [Steve Henson]
-
- *) Fixes to BN code. Previously the default was to define BN_RECURSION
- but the BN code had some problems that would cause failures when
- doing certificate verification and some other functions.
- [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
- *) Add ASN1 and PEM code to support netscape certificate sequences.
- [Steve Henson]
-
- *) Add ASN1 and PEM code to support netscape certificate sequences.
- [Steve Henson]
-
- *) Add several PKIX and private extended key usage OIDs.
- [Steve Henson]
-
- *) Modify the 'ca' program to handle the new extension code. Modify
- openssl.cnf for new extension format, add comments.
- [Steve Henson]
-
- *) More X509 V3 changes. Fix typo in v3_bitstr.c. Add support to 'req'
- and add a sample to openssl.cnf so req -x509 now adds appropriate
- CA extensions.
- [Steve Henson]
-
- *) Continued X509 V3 changes. Add to other makefiles, integrate with the
- error code, add initial support to X509_print() and x509 application.
- [Steve Henson]
-
- *) Takes a deep breath and start addding X509 V3 extension support code. Add
- files in crypto/x509v3. Move original stuff to crypto/x509v3/old. All this
- stuff is currently isolated and isn't even compiled yet.
- [Steve Henson]
-
- *) Continuing patches for GeneralizedTime. Fix up certificate and CRL
- ASN1 to use ASN1_TIME and modify print routines to use ASN1_TIME_print.
- Removed the versions check from X509 routines when loading extensions:
- this allows certain broken certificates that don't set the version
- properly to be processed.
- [Steve Henson]
-
- *) Deal with irritating shit to do with dependencies, in YAAHW (Yet Another
- Ad Hoc Way) - Makefile.ssls now all contain local dependencies, which
- can still be regenerated with "make depend".
- [Ben Laurie]
-
- *) Spelling mistake in C version of CAST-128.
- [Ben Laurie, reported by Jeremy Hylton <jeremy at cnri.reston.va.us>]
-
- *) Changes to the error generation code. The perl script err-code.pl
- now reads in the old error codes and retains the old numbers, only
- adding new ones if necessary. It also only changes the .err files if new
- codes are added. The makefiles have been modified to only insert errors
- when needed (to avoid needlessly modifying header files). This is done
- by only inserting errors if the .err file is newer than the auto generated
- C file. To rebuild all the error codes from scratch (the old behaviour)
- either modify crypto/Makefile.ssl to pass the -regen flag to err_code.pl
- or delete all the .err files.
- [Steve Henson]
-
- *) CAST-128 was incorrectly implemented for short keys. The C version has
- been fixed, but is untested. The assembler versions are also fixed, but
- new assembler HAS NOT BEEN GENERATED FOR WIN32 - the Makefile needs fixing
- to regenerate it if needed.
- [Ben Laurie, reported (with fix for C version) by Jun-ichiro itojun
- Hagino <itojun at kame.net>]
-
- *) File was opened incorrectly in randfile.c.
- [Ulf Möller <ulf at fitug.de>]
-
- *) Beginning of support for GeneralizedTime. d2i, i2d, check and print
- functions. Also ASN1_TIME suite which is a CHOICE of UTCTime or
- GeneralizedTime. ASN1_TIME is the proper type used in certificates et
- al: it's just almost always a UTCTime. Note this patch adds new error
- codes so do a "make errors" if there are problems.
- [Steve Henson]
-
- *) Correct Linux 1 recognition in config.
- [Ulf Möller <ulf at fitug.de>]
-
- *) Remove pointless MD5 hash when using DSA keys in ca.
- [Anonymous <nobody at replay.com>]
-
- *) Generate an error if given an empty string as a cert directory. Also
- generate an error if handed NULL (previously returned 0 to indicate an
- error, but didn't set one).
- [Ben Laurie, reported by Anonymous <nobody at replay.com>]
-
- *) Add prototypes to SSL methods. Make SSL_write's buffer const, at last.
- [Ben Laurie]
-
- *) Fix the dummy function BN_ref_mod_exp() in rsaref.c to have the correct
- parameters. This was causing a warning which killed off the Win32 compile.
- [Steve Henson]
-
- *) Remove C++ style comments from crypto/bn/bn_local.h.
- [Neil Costigan <neil.costigan at celocom.com>]
-
- *) The function OBJ_txt2nid was broken. It was supposed to return a nid
- based on a text string, looking up short and long names and finally
- "dot" format. The "dot" format stuff didn't work. Added new function
- OBJ_txt2obj to do the same but return an ASN1_OBJECT and rewrote
- OBJ_txt2nid to use it. OBJ_txt2obj can also return objects even if the
- OID is not part of the table.
- [Steve Henson]
-
- *) Add prototypes to X509 lookup/verify methods, fixing a bug in
- X509_LOOKUP_by_alias().
- [Ben Laurie]
-
- *) Sort openssl functions by name.
- [Ben Laurie]
-
- *) Get the gendsa program working (hopefully) and add it to app list. Remove
- encryption from sample DSA keys (in case anyone is interested the password
- was "1234").
- [Steve Henson]
-
- *) Make _all_ *_free functions accept a NULL pointer.
- [Frans Heymans <fheymans at isaserver.be>]
-
- *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
- NULL pointers.
- [Anonymous <nobody at replay.com>]
-
- *) s_server should send the CAfile as acceptable CAs, not its own cert.
- [Bodo Moeller <3moeller at informatik.uni-hamburg.de>]
-
- *) Don't blow it for numeric -newkey arguments to apps/req.
- [Bodo Moeller <3moeller at informatik.uni-hamburg.de>]
-
- *) Temp key "for export" tests were wrong in s3_srvr.c.
- [Anonymous <nobody at replay.com>]
-
- *) Add prototype for temp key callback functions
- SSL_CTX_set_tmp_{rsa,dh}_callback().
- [Ben Laurie]
-
- *) Make DH_free() tolerate being passed a NULL pointer (like RSA_free() and
- DSA_free()). Make X509_PUBKEY_set() check for errors in d2i_PublicKey().
- [Steve Henson]
-
- *) X509_name_add_entry() freed the wrong thing after an error.
- [Arne Ansper <arne at ats.cyber.ee>]
-
- *) rsa_eay.c would attempt to free a NULL context.
- [Arne Ansper <arne at ats.cyber.ee>]
-
- *) BIO_s_socket() had a broken should_retry() on Windoze.
- [Arne Ansper <arne at ats.cyber.ee>]
-
- *) BIO_f_buffer() didn't pass on BIO_CTRL_FLUSH.
- [Arne Ansper <arne at ats.cyber.ee>]
-
- *) Make sure the already existing X509_STORE->depth variable is initialized
- in X509_STORE_new(), but document the fact that this variable is still
- unused in the certificate verification process.
- [Ralf S. Engelschall]
-
- *) Fix the various library and apps files to free up pkeys obtained from
- X509_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
- [Steve Henson]
-
- *) Fix reference counting in X509_PUBKEY_get(). This makes
- demos/maurice/example2.c work, amongst others, probably.
- [Steve Henson and Ben Laurie]
-
- *) First cut of a cleanup for apps/. First the `ssleay' program is now named
- `openssl' and second, the shortcut symlinks for the `openssl <command>'
- are no longer created. This way we have a single and consistent command
- line interface `openssl <command>', similar to `cvs <command>'.
- [Ralf S. Engelschall, Paul Sutton and Ben Laurie]
-
- *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
- BIT STRING wrapper always have zero unused bits.
- [Steve Henson]
-
- *) Add CA.pl, perl version of CA.sh, add extended key usage OID.
- [Steve Henson]
-
- *) Make the top-level INSTALL documentation easier to understand.
- [Paul Sutton]
-
- *) Makefiles updated to exit if an error occurs in a sub-directory
- make (including if user presses ^C) [Paul Sutton]
-
- *) Make Montgomery context stuff explicit in RSA data structure.
- [Ben Laurie]
-
- *) Fix build order of pem and err to allow for generated pem.h.
- [Ben Laurie]
-
- *) Fix renumbering bug in X509_NAME_delete_entry().
- [Ben Laurie]
-
- *) Enhanced the err-ins.pl script so it makes the error library number
- global and can add a library name. This is needed for external ASN1 and
- other error libraries.
- [Steve Henson]
-
- *) Fixed sk_insert which never worked properly.
- [Steve Henson]
-
- *) Fix ASN1 macros so they can handle indefinite length construted
- EXPLICIT tags. Some non standard certificates use these: they can now
- be read in.
- [Steve Henson]
-
- *) Merged the various old/obsolete SSLeay documentation files (doc/xxx.doc)
- into a single doc/ssleay.txt bundle. This way the information is still
- preserved but no longer messes up this directory. Now it's new room for
- the new set of documenation files.
- [Ralf S. Engelschall]
-
- *) SETs were incorrectly DER encoded. This was a major pain, because they
- shared code with SEQUENCEs, which aren't coded the same. This means that
- almost everything to do with SETs or SEQUENCEs has either changed name or
- number of arguments.
- [Ben Laurie, based on a partial fix by GP Jayan <gp at nsj.co.jp>]
-
- *) Fix test data to work with the above.
- [Ben Laurie]
-
- *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
- was already fixed by Eric for 0.9.1 it seems.
- [Ben Laurie - pointed out by Ulf Möller <ulf at fitug.de>]
-
- *) Autodetect FreeBSD3.
- [Ben Laurie]
-
- *) Fix various bugs in Configure. This affects the following platforms:
- nextstep
- ncr-scde
- unixware-2.0
- unixware-2.0-pentium
- sco5-cc.
- [Ben Laurie]
-
- *) Eliminate generated files from CVS. Reorder tests to regenerate files
- before they are needed.
- [Ben Laurie]
-
- *) Generate Makefile.ssl from Makefile.org (to keep CVS happy).
- [Ben Laurie]
-
-
- Changes between 0.9.1b and 0.9.1c [23-Dec-1998]
-
- *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and
- changed SSLeay to OpenSSL in version strings.
- [Ralf S. Engelschall]
-
- *) Some fixups to the top-level documents.
- [Paul Sutton]
-
- *) Fixed the nasty bug where rsaref.h was not found under compile-time
- because the symlink to include/ was missing.
- [Ralf S. Engelschall]
-
- *) Incorporated the popular no-RSA/DSA-only patches
- which allow to compile a RSA-free SSLeay.
- [Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]
-
- *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
- when "ssleay" is still not found.
- [Ralf S. Engelschall]
-
- *) Added more platforms to Configure: Cray T3E, HPUX 11,
- [Ralf S. Engelschall, Beckmann <beckman at acl.lanl.gov>]
-
- *) Updated the README file.
- [Ralf S. Engelschall]
-
- *) Added various .cvsignore files in the CVS repository subdirs
- to make a "cvs update" really silent.
- [Ralf S. Engelschall]
-
- *) Recompiled the error-definition header files and added
- missing symbols to the Win32 linker tables.
- [Ralf S. Engelschall]
-
- *) Cleaned up the top-level documents;
- o new files: CHANGES and LICENSE
- o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay
- o merged COPYRIGHT into LICENSE
- o removed obsolete TODO file
- o renamed MICROSOFT to INSTALL.W32
- [Ralf S. Engelschall]
-
- *) Removed dummy files from the 0.9.1b source tree:
- crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
- crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
- crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
- crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
- util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
- [Ralf S. Engelschall]
-
- *) Added various platform portability fixes.
- [Mark J. Cox]
-
- *) The Genesis of the OpenSSL rpject:
- We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
- Young and Tim J. Hudson created while they were working for C2Net until
- summer 1998.
- [The OpenSSL Project]
-
-
- Changes between 0.9.0b and 0.9.1b [not released]
-
- *) Updated a few CA certificates under certs/
- [Eric A. Young]
-
- *) Changed some BIGNUM api stuff.
- [Eric A. Young]
-
- *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD,
- DGUX x86, Linux Alpha, etc.
- [Eric A. Young]
-
- *) New COMP library [crypto/comp/] for SSL Record Layer Compression:
- RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
- available).
- [Eric A. Young]
-
- *) Add -strparse option to asn1pars program which parses nested
- binary structures
- [Dr Stephen Henson <shenson at bigfoot.com>]
-
- *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
- [Eric A. Young]
-
- *) DSA fix for "ca" program.
- [Eric A. Young]
-
- *) Added "-genkey" option to "dsaparam" program.
- [Eric A. Young]
-
- *) Added RIPE MD160 (rmd160) message digest.
- [Eric A. Young]
-
- *) Added -a (all) option to "ssleay version" command.
- [Eric A. Young]
-
- *) Added PLATFORM define which is the id given to Configure.
- [Eric A. Young]
-
- *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
- [Eric A. Young]
-
- *) Extended the ASN.1 parser routines.
- [Eric A. Young]
-
- *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
- [Eric A. Young]
-
- *) Added a BN_CTX to the BN library.
- [Eric A. Young]
-
- *) Fixed the weak key values in DES library
- [Eric A. Young]
-
- *) Changed API in EVP library for cipher aliases.
- [Eric A. Young]
-
- *) Added support for RC2/64bit cipher.
- [Eric A. Young]
-
- *) Converted the lhash library to the crypto/mem.c functions.
- [Eric A. Young]
-
- *) Added more recognized ASN.1 object ids.
- [Eric A. Young]
-
- *) Added more RSA padding checks for SSL/TLS.
- [Eric A. Young]
-
- *) Added BIO proxy/filter functionality.
- [Eric A. Young]
-
- *) Added extra_certs to SSL_CTX which can be used
- send extra CA certificates to the client in the CA cert chain sending
- process. It can be configured with SSL_CTX_add_extra_chain_cert().
- [Eric A. Young]
-
- *) Now Fortezza is denied in the authentication phase because
- this is key exchange mechanism is not supported by SSLeay at all.
- [Eric A. Young]
-
- *) Additional PKCS1 checks.
- [Eric A. Young]
-
- *) Support the string "TLSv1" for all TLS v1 ciphers.
- [Eric A. Young]
-
- *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
- ex_data index of the SSL context in the X509_STORE_CTX ex_data.
- [Eric A. Young]
-
- *) Fixed a few memory leaks.
- [Eric A. Young]
-
- *) Fixed various code and comment typos.
- [Eric A. Young]
-
- *) A minor bug in ssl/s3_clnt.c where there would always be 4 0
- bytes sent in the client random.
- [Edward Bishop <ebishop at spyglass.com>]
-
Copied: vendor-crypto/openssl/1.0.1u/CHANGES (from rev 11605, vendor-crypto/openssl/dist/CHANGES)
===================================================================
--- vendor-crypto/openssl/1.0.1u/CHANGES (rev 0)
+++ vendor-crypto/openssl/1.0.1u/CHANGES 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,10897 @@
+
+ OpenSSL CHANGES
+ _______________
+
+ Changes between 1.0.1t and 1.0.1u [22 Sep 2016]
+
+ *) OCSP Status Request extension unbounded memory growth
+
+ A malicious client can send an excessively large OCSP Status Request
+ extension. If that client continually requests renegotiation, sending a
+ large OCSP Status Request extension each time, then there will be unbounded
+ memory growth on the server. This will eventually lead to a Denial Of
+ Service attack through memory exhaustion. Servers with a default
+ configuration are vulnerable even if they do not support OCSP. Builds using
+ the "no-ocsp" build time option are not affected.
+
+ This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
+ (CVE-2016-6304)
+ [Matt Caswell]
+
+ *) In order to mitigate the SWEET32 attack, the DES ciphers were moved from
+ HIGH to MEDIUM.
+
+ This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan
+ Leurent (INRIA)
+ (CVE-2016-2183)
+ [Rich Salz]
+
+ *) OOB write in MDC2_Update()
+
+ An overflow can occur in MDC2_Update() either if called directly or
+ through the EVP_DigestUpdate() function using MDC2. If an attacker
+ is able to supply very large amounts of input data after a previous
+ call to EVP_EncryptUpdate() with a partial block then a length check
+ can overflow resulting in a heap corruption.
+
+ The amount of data needed is comparable to SIZE_MAX which is impractical
+ on most platforms.
+
+ This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
+ (CVE-2016-6303)
+ [Stephen Henson]
+
+ *) Malformed SHA512 ticket DoS
+
+ If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
+ DoS attack where a malformed ticket will result in an OOB read which will
+ ultimately crash.
+
+ The use of SHA512 in TLS session tickets is comparatively rare as it requires
+ a custom server callback and ticket lookup mechanism.
+
+ This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
+ (CVE-2016-6302)
+ [Stephen Henson]
+
+ *) OOB write in BN_bn2dec()
+
+ The function BN_bn2dec() does not check the return value of BN_div_word().
+ This can cause an OOB write if an application uses this function with an
+ overly large BIGNUM. This could be a problem if an overly large certificate
+ or CRL is printed out from an untrusted source. TLS is not affected because
+ record limits will reject an oversized certificate before it is parsed.
+
+ This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
+ (CVE-2016-2182)
+ [Stephen Henson]
+
+ *) OOB read in TS_OBJ_print_bio()
+
+ The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
+ the total length the OID text representation would use and not the amount
+ of data written. This will result in OOB reads when large OIDs are
+ presented.
+
+ This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
+ (CVE-2016-2180)
+ [Stephen Henson]
+
+ *) Pointer arithmetic undefined behaviour
+
+ Avoid some undefined pointer arithmetic
+
+ A common idiom in the codebase is to check limits in the following manner:
+ "p + len > limit"
+
+ Where "p" points to some malloc'd data of SIZE bytes and
+ limit == p + SIZE
+
+ "len" here could be from some externally supplied data (e.g. from a TLS
+ message).
+
+ The rules of C pointer arithmetic are such that "p + len" is only well
+ defined where len <= SIZE. Therefore the above idiom is actually
+ undefined behaviour.
+
+ For example this could cause problems if some malloc implementation
+ provides an address for "p" such that "p + len" actually overflows for
+ values of len that are too big and therefore p + len < limit.
+
+ This issue was reported to OpenSSL by Guido Vranken
+ (CVE-2016-2177)
+ [Matt Caswell]
+
+ *) Constant time flag not preserved in DSA signing
+
+ Operations in the DSA signing algorithm should run in constant time in
+ order to avoid side channel attacks. A flaw in the OpenSSL DSA
+ implementation means that a non-constant time codepath is followed for
+ certain operations. This has been demonstrated through a cache-timing
+ attack to be sufficient for an attacker to recover the private DSA key.
+
+ This issue was reported by César Pereida (Aalto University), Billy Brumley
+ (Tampere University of Technology), and Yuval Yarom (The University of
+ Adelaide and NICTA).
+ (CVE-2016-2178)
+ [César Pereida]
+
+ *) DTLS buffered message DoS
+
+ In a DTLS connection where handshake messages are delivered out-of-order
+ those messages that OpenSSL is not yet ready to process will be buffered
+ for later use. Under certain circumstances, a flaw in the logic means that
+ those messages do not get removed from the buffer even though the handshake
+ has been completed. An attacker could force up to approx. 15 messages to
+ remain in the buffer when they are no longer required. These messages will
+ be cleared when the DTLS connection is closed. The default maximum size for
+ a message is 100k. Therefore the attacker could force an additional 1500k
+ to be consumed per connection. By opening many simulataneous connections an
+ attacker could cause a DoS attack through memory exhaustion.
+
+ This issue was reported to OpenSSL by Quan Luo.
+ (CVE-2016-2179)
+ [Matt Caswell]
+
+ *) DTLS replay protection DoS
+
+ A flaw in the DTLS replay attack protection mechanism means that records
+ that arrive for future epochs update the replay protection "window" before
+ the MAC for the record has been validated. This could be exploited by an
+ attacker by sending a record for the next epoch (which does not have to
+ decrypt or have a valid MAC), with a very large sequence number. This means
+ that all subsequent legitimate packets are dropped causing a denial of
+ service for a specific DTLS connection.
+
+ This issue was reported to OpenSSL by the OCAP audit team.
+ (CVE-2016-2181)
+ [Matt Caswell]
+
+ *) Certificate message OOB reads
+
+ In OpenSSL 1.0.2 and earlier some missing message length checks can result
+ in OOB reads of up to 2 bytes beyond an allocated buffer. There is a
+ theoretical DoS risk but this has not been observed in practice on common
+ platforms.
+
+ The messages affected are client certificate, client certificate request
+ and server certificate. As a result the attack can only be performed
+ against a client or a server which enables client authentication.
+
+ This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
+ (CVE-2016-6306)
+ [Stephen Henson]
+
+ Changes between 1.0.1s and 1.0.1t [3 May 2016]
+
+ *) Prevent padding oracle in AES-NI CBC MAC check
+
+ A MITM attacker can use a padding oracle attack to decrypt traffic
+ when the connection uses an AES CBC cipher and the server support
+ AES-NI.
+
+ This issue was introduced as part of the fix for Lucky 13 padding
+ attack (CVE-2013-0169). The padding check was rewritten to be in
+ constant time by making sure that always the same bytes are read and
+ compared against either the MAC or padding bytes. But it no longer
+ checked that there was enough data to have both the MAC and padding
+ bytes.
+
+ This issue was reported by Juraj Somorovsky using TLS-Attacker.
+ (CVE-2016-2107)
+ [Kurt Roeckx]
+
+ *) Fix EVP_EncodeUpdate overflow
+
+ An overflow can occur in the EVP_EncodeUpdate() function which is used for
+ Base64 encoding of binary data. If an attacker is able to supply very large
+ amounts of input data then a length check can overflow resulting in a heap
+ corruption.
+
+ Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
+ the PEM_write_bio* family of functions. These are mainly used within the
+ OpenSSL command line applications, so any application which processes data
+ from an untrusted source and outputs it as a PEM file should be considered
+ vulnerable to this issue. User applications that call these APIs directly
+ with large amounts of untrusted data may also be vulnerable.
+
+ This issue was reported by Guido Vranken.
+ (CVE-2016-2105)
+ [Matt Caswell]
+
+ *) Fix EVP_EncryptUpdate overflow
+
+ An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
+ is able to supply very large amounts of input data after a previous call to
+ EVP_EncryptUpdate() with a partial block then a length check can overflow
+ resulting in a heap corruption. Following an analysis of all OpenSSL
+ internal usage of the EVP_EncryptUpdate() function all usage is one of two
+ forms. The first form is where the EVP_EncryptUpdate() call is known to be
+ the first called function after an EVP_EncryptInit(), and therefore that
+ specific call must be safe. The second form is where the length passed to
+ EVP_EncryptUpdate() can be seen from the code to be some small value and
+ therefore there is no possibility of an overflow. Since all instances are
+ one of these two forms, it is believed that there can be no overflows in
+ internal code due to this problem. It should be noted that
+ EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
+ Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
+ of these calls have also been analysed too and it is believed there are no
+ instances in internal usage where an overflow could occur.
+
+ This issue was reported by Guido Vranken.
+ (CVE-2016-2106)
+ [Matt Caswell]
+
+ *) Prevent ASN.1 BIO excessive memory allocation
+
+ When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
+ a short invalid encoding can casuse allocation of large amounts of memory
+ potentially consuming excessive resources or exhausting memory.
+
+ Any application parsing untrusted data through d2i BIO functions is
+ affected. The memory based functions such as d2i_X509() are *not* affected.
+ Since the memory based functions are used by the TLS library, TLS
+ applications are not affected.
+
+ This issue was reported by Brian Carpenter.
+ (CVE-2016-2109)
+ [Stephen Henson]
+
+ *) EBCDIC overread
+
+ ASN1 Strings that are over 1024 bytes can cause an overread in applications
+ using the X509_NAME_oneline() function on EBCDIC systems. This could result
+ in arbitrary stack data being returned in the buffer.
+
+ This issue was reported by Guido Vranken.
+ (CVE-2016-2176)
+ [Matt Caswell]
+
+ *) Modify behavior of ALPN to invoke callback after SNI/servername
+ callback, such that updates to the SSL_CTX affect ALPN.
+ [Todd Short]
+
+ *) Remove LOW from the DEFAULT cipher list. This removes singles DES from the
+ default.
+ [Kurt Roeckx]
+
+ *) Only remove the SSLv2 methods with the no-ssl2-method option. When the
+ methods are enabled and ssl2 is disabled the methods return NULL.
+ [Kurt Roeckx]
+
+ Changes between 1.0.1r and 1.0.1s [1 Mar 2016]
+
+ * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
+ Builds that are not configured with "enable-weak-ssl-ciphers" will not
+ provide any "EXPORT" or "LOW" strength ciphers.
+ [Viktor Dukhovni]
+
+ * Disable SSLv2 default build, default negotiation and weak ciphers. SSLv2
+ is by default disabled at build-time. Builds that are not configured with
+ "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used,
+ users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
+ will need to explicitly call either of:
+
+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
+ or
+ SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
+
+ as appropriate. Even if either of those is used, or the application
+ explicitly uses the version-specific SSLv2_method() or its client and
+ server variants, SSLv2 ciphers vulnerable to exhaustive search key
+ recovery have been removed. Specifically, the SSLv2 40-bit EXPORT
+ ciphers, and SSLv2 56-bit DES are no longer available.
+ (CVE-2016-0800)
+ [Viktor Dukhovni]
+
+ *) Fix a double-free in DSA code
+
+ A double free bug was discovered when OpenSSL parses malformed DSA private
+ keys and could lead to a DoS attack or memory corruption for applications
+ that receive DSA private keys from untrusted sources. This scenario is
+ considered rare.
+
+ This issue was reported to OpenSSL by Adam Langley(Google/BoringSSL) using
+ libFuzzer.
+ (CVE-2016-0705)
+ [Stephen Henson]
+
+ *) Disable SRP fake user seed to address a server memory leak.
+
+ Add a new method SRP_VBASE_get1_by_user that handles the seed properly.
+
+ SRP_VBASE_get_by_user had inconsistent memory management behaviour.
+ In order to fix an unavoidable memory leak, SRP_VBASE_get_by_user
+ was changed to ignore the "fake user" SRP seed, even if the seed
+ is configured.
+
+ Users should use SRP_VBASE_get1_by_user instead. Note that in
+ SRP_VBASE_get1_by_user, caller must free the returned value. Note
+ also that even though configuring the SRP seed attempts to hide
+ invalid usernames by continuing the handshake with fake
+ credentials, this behaviour is not constant time and no strong
+ guarantees are made that the handshake is indistinguishable from
+ that of a valid user.
+ (CVE-2016-0798)
+ [Emilia Käsper]
+
+ *) Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
+
+ In the BN_hex2bn function the number of hex digits is calculated using an
+ int value |i|. Later |bn_expand| is called with a value of |i * 4|. For
+ large values of |i| this can result in |bn_expand| not allocating any
+ memory because |i * 4| is negative. This can leave the internal BIGNUM data
+ field as NULL leading to a subsequent NULL ptr deref. For very large values
+ of |i|, the calculation |i * 4| could be a positive value smaller than |i|.
+ In this case memory is allocated to the internal BIGNUM data field, but it
+ is insufficiently sized leading to heap corruption. A similar issue exists
+ in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn
+ is ever called by user applications with very large untrusted hex/dec data.
+ This is anticipated to be a rare occurrence.
+
+ All OpenSSL internal usage of these functions use data that is not expected
+ to be untrusted, e.g. config file data or application command line
+ arguments. If user developed applications generate config file data based
+ on untrusted data then it is possible that this could also lead to security
+ consequences. This is also anticipated to be rare.
+
+ This issue was reported to OpenSSL by Guido Vranken.
+ (CVE-2016-0797)
+ [Matt Caswell]
+
+ *) Fix memory issues in BIO_*printf functions
+
+ The internal |fmtstr| function used in processing a "%s" format string in
+ the BIO_*printf functions could overflow while calculating the length of a
+ string and cause an OOB read when printing very long strings.
+
+ Additionally the internal |doapr_outch| function can attempt to write to an
+ OOB memory location (at an offset from the NULL pointer) in the event of a
+ memory allocation failure. In 1.0.2 and below this could be caused where
+ the size of a buffer to be allocated is greater than INT_MAX. E.g. this
+ could be in processing a very long "%s" format string. Memory leaks can
+ also occur.
+
+ The first issue may mask the second issue dependent on compiler behaviour.
+ These problems could enable attacks where large amounts of untrusted data
+ is passed to the BIO_*printf functions. If applications use these functions
+ in this way then they could be vulnerable. OpenSSL itself uses these
+ functions when printing out human-readable dumps of ASN.1 data. Therefore
+ applications that print this data could be vulnerable if the data is from
+ untrusted sources. OpenSSL command line applications could also be
+ vulnerable where they print out ASN.1 data, or if untrusted data is passed
+ as command line arguments.
+
+ Libssl is not considered directly vulnerable. Additionally certificates etc
+ received via remote connections via libssl are also unlikely to be able to
+ trigger these issues because of message size limits enforced within libssl.
+
+ This issue was reported to OpenSSL Guido Vranken.
+ (CVE-2016-0799)
+ [Matt Caswell]
+
+ *) Side channel attack on modular exponentiation
+
+ A side-channel attack was found which makes use of cache-bank conflicts on
+ the Intel Sandy-Bridge microarchitecture which could lead to the recovery
+ of RSA keys. The ability to exploit this issue is limited as it relies on
+ an attacker who has control of code in a thread running on the same
+ hyper-threaded core as the victim thread which is performing decryptions.
+
+ This issue was reported to OpenSSL by Yuval Yarom, The University of
+ Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and
+ Nadia Heninger, University of Pennsylvania with more information at
+ http://cachebleed.info.
+ (CVE-2016-0702)
+ [Andy Polyakov]
+
+ *) Change the req app to generate a 2048-bit RSA/DSA key by default,
+ if no keysize is specified with default_bits. This fixes an
+ omission in an earlier change that changed all RSA/DSA key generation
+ apps to use 2048 bits by default.
+ [Emilia Käsper]
+
+ Changes between 1.0.1q and 1.0.1r [28 Jan 2016]
+
+ *) Protection for DH small subgroup attacks
+
+ As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been
+ switched on by default and cannot be disabled. This could have some
+ performance impact.
+ [Matt Caswell]
+
+ *) SSLv2 doesn't block disabled ciphers
+
+ A malicious client can negotiate SSLv2 ciphers that have been disabled on
+ the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
+ been disabled, provided that the SSLv2 protocol was not also disabled via
+ SSL_OP_NO_SSLv2.
+
+ This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram
+ and Sebastian Schinzel.
+ (CVE-2015-3197)
+ [Viktor Dukhovni]
+
+ *) Reject DH handshakes with parameters shorter than 1024 bits.
+ [Kurt Roeckx]
+
+ Changes between 1.0.1p and 1.0.1q [3 Dec 2015]
+
+ *) Certificate verify crash with missing PSS parameter
+
+ The signature verification routines will crash with a NULL pointer
+ dereference if presented with an ASN.1 signature using the RSA PSS
+ algorithm and absent mask generation function parameter. Since these
+ routines are used to verify certificate signature algorithms this can be
+ used to crash any certificate verification operation and exploited in a
+ DoS attack. Any application which performs certificate verification is
+ vulnerable including OpenSSL clients and servers which enable client
+ authentication.
+
+ This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
+ (CVE-2015-3194)
+ [Stephen Henson]
+
+ *) X509_ATTRIBUTE memory leak
+
+ When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
+ memory. This structure is used by the PKCS#7 and CMS routines so any
+ application which reads PKCS#7 or CMS data from untrusted sources is
+ affected. SSL/TLS is not affected.
+
+ This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
+ libFuzzer.
+ (CVE-2015-3195)
+ [Stephen Henson]
+
+ *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
+ This changes the decoding behaviour for some invalid messages,
+ though the change is mostly in the more lenient direction, and
+ legacy behaviour is preserved as much as possible.
+ [Emilia Käsper]
+
+ *) In DSA_generate_parameters_ex, if the provided seed is too short,
+ use a random seed, as already documented.
+ [Rich Salz and Ismo Puustinen <ismo.puustinen at intel.com>]
+
+ Changes between 1.0.1o and 1.0.1p [9 Jul 2015]
+
+ *) Alternate chains certificate forgery
+
+ During certificate verfification, OpenSSL will attempt to find an
+ alternative certificate chain if the first attempt to build such a chain
+ fails. An error in the implementation of this logic can mean that an
+ attacker could cause certain checks on untrusted certificates to be
+ bypassed, such as the CA flag, enabling them to use a valid leaf
+ certificate to act as a CA and "issue" an invalid certificate.
+
+ This issue was reported to OpenSSL by Adam Langley/David Benjamin
+ (Google/BoringSSL).
+ (CVE-2015-1793)
+ [Matt Caswell]
+
+ *) Race condition handling PSK identify hint
+
+ If PSK identity hints are received by a multi-threaded client then
+ the values are wrongly updated in the parent SSL_CTX structure. This can
+ result in a race condition potentially leading to a double free of the
+ identify hint data.
+ (CVE-2015-3196)
+ [Stephen Henson]
+
+ Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
+ *) Fix HMAC ABI incompatibility. The previous version introduced an ABI
+ incompatibility in the handling of HMAC. The previous ABI has now been
+ restored.
+
+ Changes between 1.0.1m and 1.0.1n [11 Jun 2015]
+
+ *) Malformed ECParameters causes infinite loop
+
+ When processing an ECParameters structure OpenSSL enters an infinite loop
+ if the curve specified is over a specially malformed binary polynomial
+ field.
+
+ This can be used to perform denial of service against any
+ system which processes public keys, certificate requests or
+ certificates. This includes TLS clients and TLS servers with
+ client authentication enabled.
+
+ This issue was reported to OpenSSL by Joseph Barr-Pixton.
+ (CVE-2015-1788)
+ [Andy Polyakov]
+
+ *) Exploitable out-of-bounds read in X509_cmp_time
+
+ X509_cmp_time does not properly check the length of the ASN1_TIME
+ string and can read a few bytes out of bounds. In addition,
+ X509_cmp_time accepts an arbitrary number of fractional seconds in the
+ time string.
+
+ An attacker can use this to craft malformed certificates and CRLs of
+ various sizes and potentially cause a segmentation fault, resulting in
+ a DoS on applications that verify certificates or CRLs. TLS clients
+ that verify CRLs are affected. TLS clients and servers with client
+ authentication enabled may be affected if they use custom verification
+ callbacks.
+
+ This issue was reported to OpenSSL by Robert Swiecki (Google), and
+ independently by Hanno Böck.
+ (CVE-2015-1789)
+ [Emilia Käsper]
+
+ *) PKCS7 crash with missing EnvelopedContent
+
+ The PKCS#7 parsing code does not handle missing inner EncryptedContent
+ correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
+ with missing content and trigger a NULL pointer dereference on parsing.
+
+ Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
+ structures from untrusted sources are affected. OpenSSL clients and
+ servers are not affected.
+
+ This issue was reported to OpenSSL by Michal Zalewski (Google).
+ (CVE-2015-1790)
+ [Emilia Käsper]
+
+ *) CMS verify infinite loop with unknown hash function
+
+ When verifying a signedData message the CMS code can enter an infinite loop
+ if presented with an unknown hash function OID. This can be used to perform
+ denial of service against any system which verifies signedData messages using
+ the CMS code.
+ This issue was reported to OpenSSL by Johannes Bauer.
+ (CVE-2015-1792)
+ [Stephen Henson]
+
+ *) Race condition handling NewSessionTicket
+
+ If a NewSessionTicket is received by a multi-threaded client when attempting to
+ reuse a previous ticket then a race condition can occur potentially leading to
+ a double free of the ticket data.
+ (CVE-2015-1791)
+ [Matt Caswell]
+
+ *) Reject DH handshakes with parameters shorter than 768 bits.
+ [Kurt Roeckx and Emilia Kasper]
+
+ *) dhparam: generate 2048-bit parameters by default.
+ [Kurt Roeckx and Emilia Kasper]
+
+ Changes between 1.0.1l and 1.0.1m [19 Mar 2015]
+
+ *) Segmentation fault in ASN1_TYPE_cmp fix
+
+ The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is
+ made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check
+ certificate signature algorithm consistency this can be used to crash any
+ certificate verification operation and exploited in a DoS attack. Any
+ application which performs certificate verification is vulnerable including
+ OpenSSL clients and servers which enable client authentication.
+ (CVE-2015-0286)
+ [Stephen Henson]
+
+ *) ASN.1 structure reuse memory corruption fix
+
+ Reusing a structure in ASN.1 parsing may allow an attacker to cause
+ memory corruption via an invalid write. Such reuse is and has been
+ strongly discouraged and is believed to be rare.
+
+ Applications that parse structures containing CHOICE or ANY DEFINED BY
+ components may be affected. Certificate parsing (d2i_X509 and related
+ functions) are however not affected. OpenSSL clients and servers are
+ not affected.
+ (CVE-2015-0287)
+ [Stephen Henson]
+
+ *) PKCS7 NULL pointer dereferences fix
+
+ The PKCS#7 parsing code does not handle missing outer ContentInfo
+ correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with
+ missing content and trigger a NULL pointer dereference on parsing.
+
+ Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or
+ otherwise parse PKCS#7 structures from untrusted sources are
+ affected. OpenSSL clients and servers are not affected.
+
+ This issue was reported to OpenSSL by Michal Zalewski (Google).
+ (CVE-2015-0289)
+ [Emilia Käsper]
+
+ *) DoS via reachable assert in SSLv2 servers fix
+
+ A malicious client can trigger an OPENSSL_assert (i.e., an abort) in
+ servers that both support SSLv2 and enable export cipher suites by sending
+ a specially crafted SSLv2 CLIENT-MASTER-KEY message.
+
+ This issue was discovered by Sean Burford (Google) and Emilia Käsper
+ (OpenSSL development team).
+ (CVE-2015-0293)
+ [Emilia Käsper]
+
+ *) Use After Free following d2i_ECPrivatekey error fix
+
+ A malformed EC private key file consumed via the d2i_ECPrivateKey function
+ could cause a use after free condition. This, in turn, could cause a double
+ free in several private key parsing functions (such as d2i_PrivateKey
+ or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption
+ for applications that receive EC private keys from untrusted
+ sources. This scenario is considered rare.
+
+ This issue was discovered by the BoringSSL project and fixed in their
+ commit 517073cd4b.
+ (CVE-2015-0209)
+ [Matt Caswell]
+
+ *) X509_to_X509_REQ NULL pointer deref fix
+
+ The function X509_to_X509_REQ will crash with a NULL pointer dereference if
+ the certificate key is invalid. This function is rarely used in practice.
+
+ This issue was discovered by Brian Carpenter.
+ (CVE-2015-0288)
+ [Stephen Henson]
+
+ *) Removed the export ciphers from the DEFAULT ciphers
+ [Kurt Roeckx]
+
+ Changes between 1.0.1k and 1.0.1l [15 Jan 2015]
+
+ *) Build fixes for the Windows and OpenVMS platforms
+ [Matt Caswell and Richard Levitte]
+
+ Changes between 1.0.1j and 1.0.1k [8 Jan 2015]
+
+ *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
+ message can cause a segmentation fault in OpenSSL due to a NULL pointer
+ dereference. This could lead to a Denial Of Service attack. Thanks to
+ Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
+ (CVE-2014-3571)
+ [Steve Henson]
+
+ *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
+ dtls1_buffer_record function under certain conditions. In particular this
+ could occur if an attacker sent repeated DTLS records with the same
+ sequence number but for the next epoch. The memory leak could be exploited
+ by an attacker in a Denial of Service attack through memory exhaustion.
+ Thanks to Chris Mueller for reporting this issue.
+ (CVE-2015-0206)
+ [Matt Caswell]
+
+ *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
+ built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
+ method would be set to NULL which could later result in a NULL pointer
+ dereference. Thanks to Frank Schmirler for reporting this issue.
+ (CVE-2014-3569)
+ [Kurt Roeckx]
+
+ *) Abort handshake if server key exchange message is omitted for ephemeral
+ ECDH ciphersuites.
+
+ Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+ reporting this issue.
+ (CVE-2014-3572)
+ [Steve Henson]
+
+ *) Remove non-export ephemeral RSA code on client and server. This code
+ violated the TLS standard by allowing the use of temporary RSA keys in
+ non-export ciphersuites and could be used by a server to effectively
+ downgrade the RSA key length used to a value smaller than the server
+ certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+ INRIA or reporting this issue.
+ (CVE-2015-0204)
+ [Steve Henson]
+
+ *) Fixed issue where DH client certificates are accepted without verification.
+ An OpenSSL server will accept a DH certificate for client authentication
+ without the certificate verify message. This effectively allows a client to
+ authenticate without the use of a private key. This only affects servers
+ which trust a client certificate authority which issues certificates
+ containing DH keys: these are extremely rare and hardly ever encountered.
+ Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
+ this issue.
+ (CVE-2015-0205)
+ [Steve Henson]
+
+ *) Ensure that the session ID context of an SSL is updated when its
+ SSL_CTX is updated via SSL_set_SSL_CTX.
+
+ The session ID context is typically set from the parent SSL_CTX,
+ and can vary with the CTX.
+ [Adam Langley]
+
+ *) Fix various certificate fingerprint issues.
+
+ By using non-DER or invalid encodings outside the signed portion of a
+ certificate the fingerprint can be changed without breaking the signature.
+ Although no details of the signed portion of the certificate can be changed
+ this can cause problems with some applications: e.g. those using the
+ certificate fingerprint for blacklists.
+
+ 1. Reject signatures with non zero unused bits.
+
+ If the BIT STRING containing the signature has non zero unused bits reject
+ the signature. All current signature algorithms require zero unused bits.
+
+ 2. Check certificate algorithm consistency.
+
+ Check the AlgorithmIdentifier inside TBS matches the one in the
+ certificate signature. NB: this will result in signature failure
+ errors for some broken certificates.
+
+ Thanks to Konrad Kraszewski from Google for reporting this issue.
+
+ 3. Check DSA/ECDSA signatures use DER.
+
+ Reencode DSA/ECDSA signatures and compare with the original received
+ signature. Return an error if there is a mismatch.
+
+ This will reject various cases including garbage after signature
+ (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
+ program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
+ (negative or with leading zeroes).
+
+ Further analysis was conducted and fixes were developed by Stephen Henson
+ of the OpenSSL core team.
+
+ (CVE-2014-8275)
+ [Steve Henson]
+
+ *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
+ results on some platforms, including x86_64. This bug occurs at random
+ with a very low probability, and is not known to be exploitable in any
+ way, though its exact impact is difficult to determine. Thanks to Pieter
+ Wuille (Blockstream) who reported this issue and also suggested an initial
+ fix. Further analysis was conducted by the OpenSSL development team and
+ Adam Langley of Google. The final fix was developed by Andy Polyakov of
+ the OpenSSL core team.
+ (CVE-2014-3570)
+ [Andy Polyakov]
+
+ *) Do not resume sessions on the server if the negotiated protocol
+ version does not match the session's version. Resuming with a different
+ version, while not strictly forbidden by the RFC, is of questionable
+ sanity and breaks all known clients.
+ [David Benjamin, Emilia Käsper]
+
+ *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
+ early CCS messages during renegotiation. (Note that because
+ renegotiation is encrypted, this early CCS was not exploitable.)
+ [Emilia Käsper]
+
+ *) Tighten client-side session ticket handling during renegotiation:
+ ensure that the client only accepts a session ticket if the server sends
+ the extension anew in the ServerHello. Previously, a TLS client would
+ reuse the old extension state and thus accept a session ticket if one was
+ announced in the initial ServerHello.
+
+ Similarly, ensure that the client requires a session ticket if one
+ was advertised in the ServerHello. Previously, a TLS client would
+ ignore a missing NewSessionTicket message.
+ [Emilia Käsper]
+
+ Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
+
+ *) SRTP Memory Leak.
+
+ A flaw in the DTLS SRTP extension parsing code allows an attacker, who
+ sends a carefully crafted handshake message, to cause OpenSSL to fail
+ to free up to 64k of memory causing a memory leak. This could be
+ exploited in a Denial Of Service attack. This issue affects OpenSSL
+ 1.0.1 server implementations for both SSL/TLS and DTLS regardless of
+ whether SRTP is used or configured. Implementations of OpenSSL that
+ have been compiled with OPENSSL_NO_SRTP defined are not affected.
+
+ The fix was developed by the OpenSSL team.
+ (CVE-2014-3513)
+ [OpenSSL team]
+
+ *) Session Ticket Memory Leak.
+
+ When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
+ integrity of that ticket is first verified. In the event of a session
+ ticket integrity check failing, OpenSSL will fail to free memory
+ causing a memory leak. By sending a large number of invalid session
+ tickets an attacker could exploit this issue in a Denial Of Service
+ attack.
+ (CVE-2014-3567)
+ [Steve Henson]
+
+ *) Build option no-ssl3 is incomplete.
+
+ When OpenSSL is configured with "no-ssl3" as a build option, servers
+ could accept and complete a SSL 3.0 handshake, and clients could be
+ configured to send them.
+ (CVE-2014-3568)
+ [Akamai and the OpenSSL team]
+
+ *) Add support for TLS_FALLBACK_SCSV.
+ Client applications doing fallback retries should call
+ SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
+ (CVE-2014-3566)
+ [Adam Langley, Bodo Moeller]
+
+ *) Add additional DigestInfo checks.
+
+ Reencode DigestInto in DER and check against the original when
+ verifying RSA signature: this will reject any improperly encoded
+ DigestInfo structures.
+
+ Note: this is a precautionary measure and no attacks are currently known.
+
+ [Steve Henson]
+
+ Changes between 1.0.1h and 1.0.1i [6 Aug 2014]
+
+ *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
+ SRP code can be overrun an internal buffer. Add sanity check that
+ g, A, B < N to SRP code.
+
+ Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
+ Group for discovering this issue.
+ (CVE-2014-3512)
+ [Steve Henson]
+
+ *) A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
+ TLS 1.0 instead of higher protocol versions when the ClientHello message
+ is badly fragmented. This allows a man-in-the-middle attacker to force a
+ downgrade to TLS 1.0 even if both the server and the client support a
+ higher protocol version, by modifying the client's TLS records.
+
+ Thanks to David Benjamin and Adam Langley (Google) for discovering and
+ researching this issue.
+ (CVE-2014-3511)
+ [David Benjamin]
+
+ *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
+ to a denial of service attack. A malicious server can crash the client
+ with a null pointer dereference (read) by specifying an anonymous (EC)DH
+ ciphersuite and sending carefully crafted handshake messages.
+
+ Thanks to Felix Gröbert (Google) for discovering and researching this
+ issue.
+ (CVE-2014-3510)
+ [Emilia Käsper]
+
+ *) By sending carefully crafted DTLS packets an attacker could cause openssl
+ to leak memory. This can be exploited through a Denial of Service attack.
+ Thanks to Adam Langley for discovering and researching this issue.
+ (CVE-2014-3507)
+ [Adam Langley]
+
+ *) An attacker can force openssl to consume large amounts of memory whilst
+ processing DTLS handshake messages. This can be exploited through a
+ Denial of Service attack.
+ Thanks to Adam Langley for discovering and researching this issue.
+ (CVE-2014-3506)
+ [Adam Langley]
+
+ *) An attacker can force an error condition which causes openssl to crash
+ whilst processing DTLS packets due to memory being freed twice. This
+ can be exploited through a Denial of Service attack.
+ Thanks to Adam Langley and Wan-Teh Chang for discovering and researching
+ this issue.
+ (CVE-2014-3505)
+ [Adam Langley]
+
+ *) If a multithreaded client connects to a malicious server using a resumed
+ session and the server sends an ec point format extension it could write
+ up to 255 bytes to freed memory.
+
+ Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this
+ issue.
+ (CVE-2014-3509)
+ [Gabor Tyukasz]
+
+ *) A malicious server can crash an OpenSSL client with a null pointer
+ dereference (read) by specifying an SRP ciphersuite even though it was not
+ properly negotiated with the client. This can be exploited through a
+ Denial of Service attack.
+
+ Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for
+ discovering and researching this issue.
+ (CVE-2014-5139)
+ [Steve Henson]
+
+ *) A flaw in OBJ_obj2txt may cause pretty printing functions such as
+ X509_name_oneline, X509_name_print_ex et al. to leak some information
+ from the stack. Applications may be affected if they echo pretty printing
+ output to the attacker.
+
+ Thanks to Ivan Fratric (Google) for discovering this issue.
+ (CVE-2014-3508)
+ [Emilia Käsper, and Steve Henson]
+
+ *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
+ for corner cases. (Certain input points at infinity could lead to
+ bogus results, with non-infinity inputs mapped to infinity too.)
+ [Bodo Moeller]
+
+ Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
+
+ *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
+ handshake can force the use of weak keying material in OpenSSL
+ SSL/TLS clients and servers.
+
+ Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
+ researching this issue. (CVE-2014-0224)
+ [KIKUCHI Masashi, Steve Henson]
+
+ *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
+ OpenSSL DTLS client the code can be made to recurse eventually crashing
+ in a DoS attack.
+
+ Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
+ (CVE-2014-0221)
+ [Imre Rad, Steve Henson]
+
+ *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
+ be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
+ client or server. This is potentially exploitable to run arbitrary
+ code on a vulnerable client or server.
+
+ Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
+ [Jüri Aedla, Steve Henson]
+
+ *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
+ are subject to a denial of service attack.
+
+ Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
+ this issue. (CVE-2014-3470)
+ [Felix Gröbert, Ivan Fratric, Steve Henson]
+
+ *) Harmonize version and its documentation. -f flag is used to display
+ compilation flags.
+ [mancha <mancha1 at zoho.com>]
+
+ *) Fix eckey_priv_encode so it immediately returns an error upon a failure
+ in i2d_ECPrivateKey.
+ [mancha <mancha1 at zoho.com>]
+
+ *) Fix some double frees. These are not thought to be exploitable.
+ [mancha <mancha1 at zoho.com>]
+
+ Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
+
+ *) A missing bounds check in the handling of the TLS heartbeat extension
+ can be used to reveal up to 64k of memory to a connected client or
+ server.
+
+ Thanks for Neel Mehta of Google Security for discovering this bug and to
+ Adam Langley <agl at chromium.org> and Bodo Moeller <bmoeller at acm.org> for
+ preparing the fix (CVE-2014-0160)
+ [Adam Langley, Bodo Moeller]
+
+ *) Fix for the attack described in the paper "Recovering OpenSSL
+ ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+ by Yuval Yarom and Naomi Benger. Details can be obtained from:
+ http://eprint.iacr.org/2014/140
+
+ Thanks to Yuval Yarom and Naomi Benger for discovering this
+ flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
+ [Yuval Yarom and Naomi Benger]
+
+ *) TLS pad extension: draft-agl-tls-padding-03
+
+ Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
+ TLS client Hello record length value would otherwise be > 255 and
+ less that 512 pad with a dummy extension containing zeroes so it
+ is at least 512 bytes long.
+
+ [Adam Langley, Steve Henson]
+
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+ *) Fix for TLS record tampering bug. A carefully crafted invalid
+ handshake could crash OpenSSL with a NULL pointer exception.
+ Thanks to Anton Johansson for reporting this issues.
+ (CVE-2013-4353)
+
+ *) Keep original DTLS digest and encryption contexts in retransmission
+ structures so we can use the previous session parameters if they need
+ to be resent. (CVE-2013-6450)
+ [Steve Henson]
+
+ *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
+ avoids preferring ECDHE-ECDSA ciphers when the client appears to be
+ Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
+ several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug
+ is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
+ 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
+ [Rob Stradling, Adam Langley]
+
+ Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
+
+ *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
+ supporting platforms or when small records were transferred.
+ [Andy Polyakov, Steve Henson]
+
+ Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
+
+ *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+ This addresses the flaw in CBC record processing discovered by
+ Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+ at: http://www.isg.rhul.ac.uk/tls/
+
+ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+ Security Group at Royal Holloway, University of London
+ (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+ Emilia Käsper for the initial patch.
+ (CVE-2013-0169)
+ [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+ *) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
+ ciphersuites which can be exploited in a denial of service attack.
+ Thanks go to and to Adam Langley <agl at chromium.org> for discovering
+ and detecting this bug and to Wolfgang Ettlinger
+ <wolfgang.ettlinger at gmail.com> for independently discovering this issue.
+ (CVE-2012-2686)
+ [Adam Langley]
+
+ *) Return an error when checking OCSP signatures when key is NULL.
+ This fixes a DoS attack. (CVE-2013-0166)
+ [Steve Henson]
+
+ *) Make openssl verify return errors.
+ [Chris Palmer <palmer at google.com> and Ben Laurie]
+
+ *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+ the right response is stapled. Also change SSL_get_certificate()
+ so it returns the certificate actually sent.
+ See http://rt.openssl.org/Ticket/Display.html?id=2836.
+ [Rob Stradling <rob.stradling at comodo.com>]
+
+ *) Fix possible deadlock when decoding public keys.
+ [Steve Henson]
+
+ *) Don't use TLS 1.0 record version number in initial client hello
+ if renegotiating.
+ [Steve Henson]
+
+ Changes between 1.0.1b and 1.0.1c [10 May 2012]
+
+ *) Sanity check record length before skipping explicit IV in TLS
+ 1.2, 1.1 and DTLS to fix DoS attack.
+
+ Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+ fuzzing as a service testing platform.
+ (CVE-2012-2333)
+ [Steve Henson]
+
+ *) Initialise tkeylen properly when encrypting CMS messages.
+ Thanks to Solar Designer of Openwall for reporting this issue.
+ [Steve Henson]
+
+ *) In FIPS mode don't try to use composite ciphers as they are not
+ approved.
+ [Steve Henson]
+
+ Changes between 1.0.1a and 1.0.1b [26 Apr 2012]
+
+ *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
+ 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
+ mean any application compiled against OpenSSL 1.0.0 headers setting
+ SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
+ TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
+ 0x10000000L Any application which was previously compiled against
+ OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
+ will need to be recompiled as a result. Letting be results in
+ inability to disable specifically TLS 1.1 and in client context,
+ in unlike event, limit maximum offered version to TLS 1.0 [see below].
+ [Steve Henson]
+
+ *) In order to ensure interoperabilty SSL_OP_NO_protocolX does not
+ disable just protocol X, but all protocols above X *if* there are
+ protocols *below* X still enabled. In more practical terms it means
+ that if application wants to disable TLS1.0 in favor of TLS1.1 and
+ above, it's not sufficient to pass SSL_OP_NO_TLSv1, one has to pass
+ SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. This applies to
+ client side.
+ [Andy Polyakov]
+
+ Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
+
+ *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+ BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+ in CRYPTO_realloc_clean.
+
+ Thanks to Tavis Ormandy, Google Security Team, for discovering this
+ issue and to Adam Langley <agl at chromium.org> for fixing it.
+ (CVE-2012-2110)
+ [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+ *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
+ [Adam Langley]
+
+ *) Workarounds for some broken servers that "hang" if a client hello
+ record length exceeds 255 bytes.
+
+ 1. Do not use record version number > TLS 1.0 in initial client
+ hello: some (but not all) hanging servers will now work.
+ 2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
+ the number of ciphers sent in the client hello. This should be
+ set to an even number, such as 50, for example by passing:
+ -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
+ Most broken servers should now work.
+ 3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
+ TLS 1.2 client support entirely.
+ [Steve Henson]
+
+ *) Fix SEGV in Vector Permutation AES module observed in OpenSSH.
+ [Andy Polyakov]
+
+ Changes between 1.0.0h and 1.0.1 [14 Mar 2012]
+
+ *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET
+ STRING form instead of a DigestInfo.
+ [Steve Henson]
+
+ *) The format used for MDC2 RSA signatures is inconsistent between EVP
+ and the RSA_sign/RSA_verify functions. This was made more apparent when
+ OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular
+ those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect
+ the correct format in RSA_verify so both forms transparently work.
+ [Steve Henson]
+
+ *) Some servers which support TLS 1.0 can choke if we initially indicate
+ support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA
+ encrypted premaster secret. As a workaround use the maximum pemitted
+ client version in client hello, this should keep such servers happy
+ and still work with previous versions of OpenSSL.
+ [Steve Henson]
+
+ *) Add support for TLS/DTLS heartbeats.
+ [Robin Seggelmann <seggelmann at fh-muenster.de>]
+
+ *) Add support for SCTP.
+ [Robin Seggelmann <seggelmann at fh-muenster.de>]
+
+ *) Improved PRNG seeding for VOS.
+ [Paul Green <Paul.Green at stratus.com>]
+
+ *) Extensive assembler packs updates, most notably:
+
+ - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support;
+ - x86[_64]: SSSE3 support (SHA1, vector-permutation AES);
+ - x86_64: bit-sliced AES implementation;
+ - ARM: NEON support, contemporary platforms optimizations;
+ - s390x: z196 support;
+ - *: GHASH and GF(2^m) multiplication implementations;
+
+ [Andy Polyakov]
+
+ *) Make TLS-SRP code conformant with RFC 5054 API cleanup
+ (removal of unnecessary code)
+ [Peter Sylvester <peter.sylvester at edelweb.fr>]
+
+ *) Add TLS key material exporter from RFC 5705.
+ [Eric Rescorla]
+
+ *) Add DTLS-SRTP negotiation from RFC 5764.
+ [Eric Rescorla]
+
+ *) Add Next Protocol Negotiation,
+ http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
+ disabled with a no-npn flag to config or Configure. Code donated
+ by Google.
+ [Adam Langley <agl at google.com> and Ben Laurie]
+
+ *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224,
+ NIST-P256, NIST-P521, with constant-time single point multiplication on
+ typical inputs. Compiler support for the nonstandard type __uint128_t is
+ required to use this (present in gcc 4.4 and later, for 64-bit builds).
+ Code made available under Apache License version 2.0.
+
+ Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command
+ line to include this in your build of OpenSSL, and run "make depend" (or
+ "make update"). This enables the following EC_METHODs:
+
+ EC_GFp_nistp224_method()
+ EC_GFp_nistp256_method()
+ EC_GFp_nistp521_method()
+
+ EC_GROUP_new_by_curve_name() will automatically use these (while
+ EC_GROUP_new_curve_GFp() currently prefers the more flexible
+ implementations).
+ [Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
+
+ *) Use type ossl_ssize_t instad of ssize_t which isn't available on
+ all platforms. Move ssize_t definition from e_os.h to the public
+ header file e_os2.h as it now appears in public header file cms.h
+ [Steve Henson]
+
+ *) New -sigopt option to the ca, req and x509 utilities. Additional
+ signature parameters can be passed using this option and in
+ particular PSS.
+ [Steve Henson]
+
+ *) Add RSA PSS signing function. This will generate and set the
+ appropriate AlgorithmIdentifiers for PSS based on those in the
+ corresponding EVP_MD_CTX structure. No application support yet.
+ [Steve Henson]
+
+ *) Support for companion algorithm specific ASN1 signing routines.
+ New function ASN1_item_sign_ctx() signs a pre-initialised
+ EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+ the appropriate parameters.
+ [Steve Henson]
+
+ *) Add new algorithm specific ASN1 verification initialisation function
+ to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+ handling will be the same no matter what EVP_PKEY_METHOD is used.
+ Add a PSS handler to support verification of PSS signatures: checked
+ against a number of sample certificates.
+ [Steve Henson]
+
+ *) Add signature printing for PSS. Add PSS OIDs.
+ [Steve Henson, Martin Kaiser <lists at kaiser.cx>]
+
+ *) Add algorithm specific signature printing. An individual ASN1 method
+ can now print out signatures instead of the standard hex dump.
+
+ More complex signatures (e.g. PSS) can print out more meaningful
+ information. Include DSA version that prints out the signature
+ parameters r, s.
+ [Steve Henson]
+
+ *) Password based recipient info support for CMS library: implementing
+ RFC3211.
+ [Steve Henson]
+
+ *) Split password based encryption into PBES2 and PBKDF2 functions. This
+ neatly separates the code into cipher and PBE sections and is required
+ for some algorithms that split PBES2 into separate pieces (such as
+ password based CMS).
+ [Steve Henson]
+
+ *) Session-handling fixes:
+ - Fix handling of connections that are resuming with a session ID,
+ but also support Session Tickets.
+ - Fix a bug that suppressed issuing of a new ticket if the client
+ presented a ticket with an expired session.
+ - Try to set the ticket lifetime hint to something reasonable.
+ - Make tickets shorter by excluding irrelevant information.
+ - On the client side, don't ignore renewed tickets.
+ [Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix PSK session representation.
+ [Bodo Moeller]
+
+ *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
+
+ This work was sponsored by Intel.
+ [Andy Polyakov]
+
+ *) Add GCM support to TLS library. Some custom code is needed to split
+ the IV between the fixed (from PRF) and explicit (from TLS record)
+ portions. This adds all GCM ciphersuites supported by RFC5288 and
+ RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+ add a special AESGCM string for GCM only.
+ [Steve Henson]
+
+ *) Expand range of ctrls for AES GCM. Permit setting invocation
+ field on decrypt and retrieval of invocation field only on encrypt.
+ [Steve Henson]
+
+ *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
+ As required by RFC5289 these ciphersuites cannot be used if for
+ versions of TLS earlier than 1.2.
+ [Steve Henson]
+
+ *) For FIPS capable OpenSSL interpret a NULL default public key method
+ as unset and return the appopriate default but do *not* set the default.
+ This means we can return the appopriate method in applications that
+ swicth between FIPS and non-FIPS modes.
+ [Steve Henson]
+
+ *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an
+ ENGINE is used then we cannot handle that in the FIPS module so we
+ keep original code iff non-FIPS operations are allowed.
+ [Steve Henson]
+
+ *) Add -attime option to openssl utilities.
+ [Peter Eckersley <pde at eff.org>, Ben Laurie and Steve Henson]
+
+ *) Redirect DSA and DH operations to FIPS module in FIPS mode.
+ [Steve Henson]
+
+ *) Redirect ECDSA and ECDH operations to FIPS module in FIPS mode. Also use
+ FIPS EC methods unconditionally for now.
+ [Steve Henson]
+
+ *) New build option no-ec2m to disable characteristic 2 code.
+ [Steve Henson]
+
+ *) Backport libcrypto audit of return value checking from 1.1.0-dev; not
+ all cases can be covered as some introduce binary incompatibilities.
+ [Steve Henson]
+
+ *) Redirect RSA operations to FIPS module including keygen,
+ encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
+ [Steve Henson]
+
+ *) Add similar low level API blocking to ciphers.
+ [Steve Henson]
+
+ *) Low level digest APIs are not approved in FIPS mode: any attempt
+ to use these will cause a fatal error. Applications that *really* want
+ to use them can use the private_* version instead.
+ [Steve Henson]
+
+ *) Redirect cipher operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
+ *) Redirect digest operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
+ *) Update build system to add "fips" flag which will link in fipscanister.o
+ for static and shared library builds embedding a signature if needed.
+ [Steve Henson]
+
+ *) Output TLS supported curves in preference order instead of numerical
+ order. This is currently hardcoded for the highest order curves first.
+ This should be configurable so applications can judge speed vs strength.
+ [Steve Henson]
+
+ *) Add TLS v1.2 server support for client authentication.
+ [Steve Henson]
+
+ *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
+ and enable MD5.
+ [Steve Henson]
+
+ *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
+ FIPS modules versions.
+ [Steve Henson]
+
+ *) Add TLS v1.2 client side support for client authentication. Keep cache
+ of handshake records longer as we don't know the hash algorithm to use
+ until after the certificate request message is received.
+ [Steve Henson]
+
+ *) Initial TLS v1.2 client support. Add a default signature algorithms
+ extension including all the algorithms we support. Parse new signature
+ format in client key exchange. Relax some ECC signing restrictions for
+ TLS v1.2 as indicated in RFC5246.
+ [Steve Henson]
+
+ *) Add server support for TLS v1.2 signature algorithms extension. Switch
+ to new signature format when needed using client digest preference.
+ All server ciphersuites should now work correctly in TLS v1.2. No client
+ support yet and no support for client certificates.
+ [Steve Henson]
+
+ *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
+ to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
+ ciphersuites. At present only RSA key exchange ciphersuites work with
+ TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
+ SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
+ and version checking.
+ [Steve Henson]
+
+ *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
+ with this defined it will not be affected by any changes to ssl internal
+ structures. Add several utility functions to allow openssl application
+ to work with OPENSSL_NO_SSL_INTERN defined.
+ [Steve Henson]
+
+ *) Add SRP support.
+ [Tom Wu <tjw at cs.stanford.edu> and Ben Laurie]
+
+ *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
+ [Steve Henson]
+
+ *) Permit abbreviated handshakes when renegotiating using the function
+ SSL_renegotiate_abbreviated().
+ [Robin Seggelmann <seggelmann at fh-muenster.de>]
+
+ *) Add call to ENGINE_register_all_complete() to
+ ENGINE_load_builtin_engines(), so some implementations get used
+ automatically instead of needing explicit application support.
+ [Steve Henson]
+
+ *) Add support for TLS key exporter as described in RFC5705.
+ [Robin Seggelmann <seggelmann at fh-muenster.de>, Steve Henson]
+
+ *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
+ a few changes are required:
+
+ Add SSL_OP_NO_TLSv1_1 flag.
+ Add TLSv1_1 methods.
+ Update version checking logic to handle version 1.1.
+ Add explicit IV handling (ported from DTLS code).
+ Add command line options to s_client/s_server.
+ [Steve Henson]
+
+ Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
+
+ *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+ in CMS and PKCS7 code. When RSA decryption fails use a random key for
+ content decryption and always return the same error. Note: this attack
+ needs on average 2^20 messages so it only affects automated senders. The
+ old behaviour can be reenabled in the CMS code by setting the
+ CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+ an MMA defence is not necessary.
+ Thanks to Ivan Nestlerode <inestlerode at us.ibm.com> for discovering
+ this issue. (CVE-2012-0884)
+ [Steve Henson]
+
+ *) Fix CVE-2011-4619: make sure we really are receiving a
+ client hello before rejecting multiple SGC restarts. Thanks to
+ Ivan Nestlerode <inestlerode at us.ibm.com> for discovering this bug.
+ [Steve Henson]
+
+ Changes between 1.0.0f and 1.0.0g [18 Jan 2012]
+
+ *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+ Thanks to Antonio Martin, Enterprise Secure Access Research and
+ Development, Cisco Systems, Inc. for discovering this bug and
+ preparing a fix. (CVE-2012-0050)
+ [Antonio Martin]
+
+ Changes between 1.0.0e and 1.0.0f [4 Jan 2012]
+
+ *) Nadhem Alfardan and Kenny Paterson have discovered an extension
+ of the Vaudenay padding oracle attack on CBC mode encryption
+ which enables an efficient plaintext recovery attack against
+ the OpenSSL implementation of DTLS. Their attack exploits timing
+ differences arising during decryption processing. A research
+ paper describing this attack can be found at:
+ http://www.isg.rhul.ac.uk/~kp/dtls.pdf
+ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+ Security Group at Royal Holloway, University of London
+ (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
+ <seggelmann at fh-muenster.de> and Michael Tuexen <tuexen at fh-muenster.de>
+ for preparing the fix. (CVE-2011-4108)
+ [Robin Seggelmann, Michael Tuexen]
+
+ *) Clear bytes used for block padding of SSL 3.0 records.
+ (CVE-2011-4576)
+ [Adam Langley (Google)]
+
+ *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George
+ Kadianakis <desnacked at gmail.com> for discovering this issue and
+ Adam Langley for preparing the fix. (CVE-2011-4619)
+ [Adam Langley (Google)]
+
+ *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027)
+ [Andrey Kulikov <amdeich at gmail.com>]
+
+ *) Prevent malformed RFC3779 data triggering an assertion failure.
+ Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
+ and Rob Austein <sra at hactrn.net> for fixing it. (CVE-2011-4577)
+ [Rob Austein <sra at hactrn.net>]
+
+ *) Improved PRNG seeding for VOS.
+ [Paul Green <Paul.Green at stratus.com>]
+
+ *) Fix ssl_ciph.c set-up race.
+ [Adam Langley (Google)]
+
+ *) Fix spurious failures in ecdsatest.c.
+ [Emilia Käsper (Google)]
+
+ *) Fix the BIO_f_buffer() implementation (which was mixing different
+ interpretations of the '..._len' fields).
+ [Adam Langley (Google)]
+
+ *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
+ BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
+ threads won't reuse the same blinding coefficients.
+
+ This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
+ lock to call BN_BLINDING_invert_ex, and avoids one use of
+ BN_BLINDING_update for each BN_BLINDING structure (previously,
+ the last update always remained unused).
+ [Emilia Käsper (Google)]
+
+ *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
+ [Bob Buckholz (Google)]
+
+ Changes between 1.0.0d and 1.0.0e [6 Sep 2011]
+
+ *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
+ by initialising X509_STORE_CTX properly. (CVE-2011-3207)
+ [Kaspar Brand <ossl at velox.ch>]
+
+ *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+ for multi-threaded use of ECDH. (CVE-2011-3210)
+ [Adam Langley (Google)]
+
+ *) Fix x509_name_ex_d2i memory leak on bad inputs.
+ [Bodo Moeller]
+
+ *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
+ signature public key algorithm by using OID xref utilities instead.
+ Before this you could only use some ECC ciphersuites with SHA1 only.
+ [Steve Henson]
+
+ *) Add protection against ECDSA timing attacks as mentioned in the paper
+ by Billy Bob Brumley and Nicola Tuveri, see:
+
+ http://eprint.iacr.org/2011/232.pdf
+
+ [Billy Bob Brumley and Nicola Tuveri]
+
+ Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
+
+ *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
+ [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix bug in string printing code: if *any* escaping is enabled we must
+ escape the escape character (backslash) or the resulting string is
+ ambiguous.
+ [Steve Henson]
+
+ Changes between 1.0.0b and 1.0.0c [2 Dec 2010]
+
+ *) Disable code workaround for ancient and obsolete Netscape browsers
+ and servers: an attacker can use it in a ciphersuite downgrade attack.
+ Thanks to Martin Rex for discovering this bug. CVE-2010-4180
+ [Steve Henson]
+
+ *) Fixed J-PAKE implementation error, originally discovered by
+ Sebastien Martini, further info and confirmation from Stefan
+ Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
+ [Ben Laurie]
+
+ Changes between 1.0.0a and 1.0.0b [16 Nov 2010]
+
+ *) Fix extension code to avoid race conditions which can result in a buffer
+ overrun vulnerability: resumed sessions must not be modified as they can
+ be shared by multiple threads. CVE-2010-3864
+ [Steve Henson]
+
+ *) Fix WIN32 build system to correctly link an ENGINE directory into
+ a DLL.
+ [Steve Henson]
+
+ Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
+
+ *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
+ (CVE-2010-1633)
+ [Steve Henson, Peter-Michael Hager <hager at dortmund.net>]
+
+ Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
+
+ *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
+ context. The operation can be customised via the ctrl mechanism in
+ case ENGINEs want to include additional functionality.
+ [Steve Henson]
+
+ *) Tolerate yet another broken PKCS#8 key format: private key value negative.
+ [Steve Henson]
+
+ *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
+ output hashes compatible with older versions of OpenSSL.
+ [Willy Weisz <weisz at vcpc.univie.ac.at>]
+
+ *) Fix compression algorithm handling: if resuming a session use the
+ compression algorithm of the resumed session instead of determining
+ it from client hello again. Don't allow server to change algorithm.
+ [Steve Henson]
+
+ *) Add load_crls() function to apps tidying load_certs() too. Add option
+ to verify utility to allow additional CRLs to be included.
+ [Steve Henson]
+
+ *) Update OCSP request code to permit adding custom headers to the request:
+ some responders need this.
+ [Steve Henson]
+
+ *) The function EVP_PKEY_sign() returns <=0 on error: check return code
+ correctly.
+ [Julia Lawall <julia at diku.dk>]
+
+ *) Update verify callback code in apps/s_cb.c and apps/verify.c, it
+ needlessly dereferenced structures, used obsolete functions and
+ didn't handle all updated verify codes correctly.
+ [Steve Henson]
+
+ *) Disable MD2 in the default configuration.
+ [Steve Henson]
+
+ *) In BIO_pop() and BIO_push() use the ctrl argument (which was NULL) to
+ indicate the initial BIO being pushed or popped. This makes it possible
+ to determine whether the BIO is the one explicitly called or as a result
+ of the ctrl being passed down the chain. Fix BIO_pop() and SSL BIOs so
+ it handles reference counts correctly and doesn't zero out the I/O bio
+ when it is not being explicitly popped. WARNING: applications which
+ included workarounds for the old buggy behaviour will need to be modified
+ or they could free up already freed BIOs.
+ [Steve Henson]
+
+ *) Extend the uni2asc/asc2uni => OPENSSL_uni2asc/OPENSSL_asc2uni
+ renaming to all platforms (within the 0.9.8 branch, this was
+ done conditionally on Netware platforms to avoid a name clash).
+ [Guenter <lists at gknw.net>]
+
+ *) Add ECDHE and PSK support to DTLS.
+ [Michael Tuexen <tuexen at fh-muenster.de>]
+
+ *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't
+ be used on C++.
+ [Steve Henson]
+
+ *) Add "missing" function EVP_MD_flags() (without this the only way to
+ retrieve a digest flags is by accessing the structure directly. Update
+ EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest
+ or cipher is registered as in the "from" argument. Print out all
+ registered digests in the dgst usage message instead of manually
+ attempting to work them out.
+ [Steve Henson]
+
+ *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
+ this allows the use of compression and extensions. Change default cipher
+ string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
+ by default unless an application cipher string requests it.
+ [Steve Henson]
+
+ *) Alter match criteria in PKCS12_parse(). It used to try to use local
+ key ids to find matching certificates and keys but some PKCS#12 files
+ don't follow the (somewhat unwritten) rules and this strategy fails.
+ Now just gather all certificates together and the first private key
+ then look for the first certificate that matches the key.
+ [Steve Henson]
+
+ *) Support use of registered digest and cipher names for dgst and cipher
+ commands instead of having to add each one as a special case. So now
+ you can do:
+
+ openssl sha256 foo
+
+ as well as:
+
+ openssl dgst -sha256 foo
+
+ and this works for ENGINE based algorithms too.
+
+ [Steve Henson]
+
+ *) Update Gost ENGINE to support parameter files.
+ [Victor B. Wagner <vitus at cryptocom.ru>]
+
+ *) Support GeneralizedTime in ca utility.
+ [Oliver Martin <oliver at volatilevoid.net>, Steve Henson]
+
+ *) Enhance the hash format used for certificate directory links. The new
+ form uses the canonical encoding (meaning equivalent names will work
+ even if they aren't identical) and uses SHA1 instead of MD5. This form
+ is incompatible with the older format and as a result c_rehash should
+ be used to rebuild symbolic links.
+ [Steve Henson]
+
+ *) Make PKCS#8 the default write format for private keys, replacing the
+ traditional format. This form is standardised, more secure and doesn't
+ include an implicit MD5 dependency.
+ [Steve Henson]
+
+ *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
+ committed to OpenSSL should pass this lot as a minimum.
+ [Steve Henson]
+
+ *) Add session ticket override functionality for use by EAP-FAST.
+ [Jouni Malinen <j at w1.fi>]
+
+ *) Modify HMAC functions to return a value. Since these can be implemented
+ in an ENGINE errors can occur.
+ [Steve Henson]
+
+ *) Type-checked OBJ_bsearch_ex.
+ [Ben Laurie]
+
+ *) Type-checked OBJ_bsearch. Also some constification necessitated
+ by type-checking. Still to come: TXT_DB, bsearch(?),
+ OBJ_bsearch_ex, qsort, CRYPTO_EX_DATA, ASN1_VALUE, ASN1_STRING,
+ CONF_VALUE.
+ [Ben Laurie]
+
+ *) New function OPENSSL_gmtime_adj() to add a specific number of days and
+ seconds to a tm structure directly, instead of going through OS
+ specific date routines. This avoids any issues with OS routines such
+ as the year 2038 bug. New *_adj() functions for ASN1 time structures
+ and X509_time_adj_ex() to cover the extended range. The existing
+ X509_time_adj() is still usable and will no longer have any date issues.
+ [Steve Henson]
+
+ *) Delta CRL support. New use deltas option which will attempt to locate
+ and search any appropriate delta CRLs available.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Support for CRLs partitioned by reason code. Reorganise CRL processing
+ code and add additional score elements. Validate alternate CRL paths
+ as part of the CRL checking and indicate a new error "CRL path validation
+ error" in this case. Applications wanting additional details can use
+ the verify callback and check the new "parent" field. If this is not
+ NULL CRL path validation is taking place. Existing applications wont
+ see this because it requires extended CRL support which is off by
+ default.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Support for freshest CRL extension.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Initial indirect CRL support. Currently only supported in the CRLs
+ passed directly and not via lookup. Process certificate issuer
+ CRL entry extension and lookup CRL entries by bother issuer name
+ and serial number. Check and process CRL issuer entry in IDP extension.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Add support for distinct certificate and CRL paths. The CRL issuer
+ certificate is validated separately in this case. Only enabled if
+ an extended CRL support flag is set: this flag will enable additional
+ CRL functionality in future.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Add support for policy mappings extension.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Fixes to pathlength constraint, self issued certificate handling,
+ policy processing to align with RFC3280 and PKITS tests.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Support for name constraints certificate extension. DN, email, DNS
+ and URI types are currently supported.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) To cater for systems that provide a pointer-based thread ID rather
+ than numeric, deprecate the current numeric thread ID mechanism and
+ replace it with a structure and associated callback type. This
+ mechanism allows a numeric "hash" to be extracted from a thread ID in
+ either case, and on platforms where pointers are larger than 'long',
+ mixing is done to help ensure the numeric 'hash' is usable even if it
+ can't be guaranteed unique. The default mechanism is to use "&errno"
+ as a pointer-based thread ID to distinguish between threads.
+
+ Applications that want to provide their own thread IDs should now use
+ CRYPTO_THREADID_set_callback() to register a callback that will call
+ either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer().
+
+ Note that ERR_remove_state() is now deprecated, because it is tied
+ to the assumption that thread IDs are numeric. ERR_remove_state(0)
+ to free the current thread's error state should be replaced by
+ ERR_remove_thread_state(NULL).
+
+ (This new approach replaces the functions CRYPTO_set_idptr_callback(),
+ CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in
+ OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an
+ application was previously providing a numeric thread callback that
+ was inappropriate for distinguishing threads, then uniqueness might
+ have been obtained with &errno that happened immediately in the
+ intermediate development versions of OpenSSL; this is no longer the
+ case, the numeric thread callback will now override the automatic use
+ of &errno.)
+ [Geoff Thorpe, with help from Bodo Moeller]
+
+ *) Initial support for different CRL issuing certificates. This covers a
+ simple case where the self issued certificates in the chain exist and
+ the real CRL issuer is higher in the existing chain.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Removed effectively defunct crypto/store from the build.
+ [Ben Laurie]
+
+ *) Revamp of STACK to provide stronger type-checking. Still to come:
+ TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE,
+ ASN1_STRING, CONF_VALUE.
+ [Ben Laurie]
+
+ *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
+ RAM on SSL connections. This option can save about 34k per idle SSL.
+ [Nick Mathewson]
+
+ *) Revamp of LHASH to provide stronger type-checking. Still to come:
+ STACK, TXT_DB, bsearch, qsort.
+ [Ben Laurie]
+
+ *) Initial support for Cryptographic Message Syntax (aka CMS) based
+ on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
+ support for data, signedData, compressedData, digestedData and
+ encryptedData, envelopedData types included. Scripts to check against
+ RFC4134 examples draft and interop and consistency checks of many
+ content types and variants.
+ [Steve Henson]
+
+ *) Add options to enc utility to support use of zlib compression BIO.
+ [Steve Henson]
+
+ *) Extend mk1mf to support importing of options and assembly language
+ files from Configure script, currently only included in VC-WIN32.
+ The assembly language rules can now optionally generate the source
+ files from the associated perl scripts.
+ [Steve Henson]
+
+ *) Implement remaining functionality needed to support GOST ciphersuites.
+ Interop testing has been performed using CryptoPro implementations.
+ [Victor B. Wagner <vitus at cryptocom.ru>]
+
+ *) s390x assembler pack.
+ [Andy Polyakov]
+
+ *) ARMv4 assembler pack. ARMv4 refers to v4 and later ISA, not CPU
+ "family."
+ [Andy Polyakov]
+
+ *) Implement Opaque PRF Input TLS extension as specified in
+ draft-rescorla-tls-opaque-prf-input-00.txt. Since this is not an
+ official specification yet and no extension type assignment by
+ IANA exists, this extension (for now) will have to be explicitly
+ enabled when building OpenSSL by providing the extension number
+ to use. For example, specify an option
+
+ -DTLSEXT_TYPE_opaque_prf_input=0x9527
+
+ to the "config" or "Configure" script to enable the extension,
+ assuming extension number 0x9527 (which is a completely arbitrary
+ and unofficial assignment based on the MD5 hash of the Internet
+ Draft). Note that by doing so, you potentially lose
+ interoperability with other TLS implementations since these might
+ be using the same extension number for other purposes.
+
+ SSL_set_tlsext_opaque_prf_input(ssl, src, len) is used to set the
+ opaque PRF input value to use in the handshake. This will create
+ an interal copy of the length-'len' string at 'src', and will
+ return non-zero for success.
+
+ To get more control and flexibility, provide a callback function
+ by using
+
+ SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb)
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg)
+
+ where
+
+ int (*cb)(SSL *, void *peerinput, size_t len, void *arg);
+ void *arg;
+
+ Callback function 'cb' will be called in handshakes, and is
+ expected to use SSL_set_tlsext_opaque_prf_input() as appropriate.
+ Argument 'arg' is for application purposes (the value as given to
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg() will directly
+ be provided to the callback function). The callback function
+ has to return non-zero to report success: usually 1 to use opaque
+ PRF input just if possible, or 2 to enforce use of the opaque PRF
+ input. In the latter case, the library will abort the handshake
+ if opaque PRF input is not successfully negotiated.
+
+ Arguments 'peerinput' and 'len' given to the callback function
+ will always be NULL and 0 in the case of a client. A server will
+ see the client's opaque PRF input through these variables if
+ available (NULL and 0 otherwise). Note that if the server
+ provides an opaque PRF input, the length must be the same as the
+ length of the client's opaque PRF input.
+
+ Note that the callback function will only be called when creating
+ a new session (session resumption can resume whatever was
+ previously negotiated), and will not be called in SSL 2.0
+ handshakes; thus, SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) or
+ SSL_set_options(ssl, SSL_OP_NO_SSLv2) is especially recommended
+ for applications that need to enforce opaque PRF input.
+
+ [Bodo Moeller]
+
+ *) Update ssl code to support digests other than SHA1+MD5 for handshake
+ MAC.
+
+ [Victor B. Wagner <vitus at cryptocom.ru>]
+
+ *) Add RFC4507 support to OpenSSL. This includes the corrections in
+ RFC4507bis. The encrypted ticket format is an encrypted encoded
+ SSL_SESSION structure, that way new session features are automatically
+ supported.
+
+ If a client application caches session in an SSL_SESSION structure
+ support is transparent because tickets are now stored in the encoded
+ SSL_SESSION.
+
+ The SSL_CTX structure automatically generates keys for ticket
+ protection in servers so again support should be possible
+ with no application modification.
+
+ If a client or server wishes to disable RFC4507 support then the option
+ SSL_OP_NO_TICKET can be set.
+
+ Add a TLS extension debugging callback to allow the contents of any client
+ or server extensions to be examined.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Final changes to avoid use of pointer pointer casts in OpenSSL.
+ OpenSSL should now compile cleanly on gcc 4.2
+ [Peter Hartley <pdh at utter.chaos.org.uk>, Steve Henson]
+
+ *) Update SSL library to use new EVP_PKEY MAC API. Include generic MAC
+ support including streaming MAC support: this is required for GOST
+ ciphersuite support.
+ [Victor B. Wagner <vitus at cryptocom.ru>, Steve Henson]
+
+ *) Add option -stream to use PKCS#7 streaming in smime utility. New
+ function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream()
+ to output in BER and PEM format.
+ [Steve Henson]
+
+ *) Experimental support for use of HMAC via EVP_PKEY interface. This
+ allows HMAC to be handled via the EVP_DigestSign*() interface. The
+ EVP_PKEY "key" in this case is the HMAC key, potentially allowing
+ ENGINE support for HMAC keys which are unextractable. New -mac and
+ -macopt options to dgst utility.
+ [Steve Henson]
+
+ *) New option -sigopt to dgst utility. Update dgst to use
+ EVP_Digest{Sign,Verify}*. These two changes make it possible to use
+ alternative signing paramaters such as X9.31 or PSS in the dgst
+ utility.
+ [Steve Henson]
+
+ *) Change ssl_cipher_apply_rule(), the internal function that does
+ the work each time a ciphersuite string requests enabling
+ ("foo+bar"), moving ("+foo+bar"), disabling ("-foo+bar", or
+ removing ("!foo+bar") a class of ciphersuites: Now it maintains
+ the order of disabled ciphersuites such that those ciphersuites
+ that most recently went from enabled to disabled not only stay
+ in order with respect to each other, but also have higher priority
+ than other disabled ciphersuites the next time ciphersuites are
+ enabled again.
+
+ This means that you can now say, e.g., "PSK:-PSK:HIGH" to enable
+ the same ciphersuites as with "HIGH" alone, but in a specific
+ order where the PSK ciphersuites come first (since they are the
+ most recently disabled ciphersuites when "HIGH" is parsed).
+
+ Also, change ssl_create_cipher_list() (using this new
+ funcionality) such that between otherwise identical
+ cihpersuites, ephemeral ECDH is preferred over ephemeral DH in
+ the default order.
+ [Bodo Moeller]
+
+ *) Change ssl_create_cipher_list() so that it automatically
+ arranges the ciphersuites in reasonable order before starting
+ to process the rule string. Thus, the definition for "DEFAULT"
+ (SSL_DEFAULT_CIPHER_LIST) now is just "ALL:!aNULL:!eNULL", but
+ remains equivalent to "AES:ALL:!aNULL:!eNULL:+aECDH:+kRSA:+RC4:@STRENGTH".
+ This makes it much easier to arrive at a reasonable default order
+ in applications for which anonymous ciphers are OK (meaning
+ that you can't actually use DEFAULT).
+ [Bodo Moeller; suggested by Victor Duchovni]
+
+ *) Split the SSL/TLS algorithm mask (as used for ciphersuite string
+ processing) into multiple integers instead of setting
+ "SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK",
+ "SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer.
+ (These masks as well as the individual bit definitions are hidden
+ away into the non-exported interface ssl/ssl_locl.h, so this
+ change to the definition of the SSL_CIPHER structure shouldn't
+ affect applications.) This give us more bits for each of these
+ categories, so there is no longer a need to coagulate AES128 and
+ AES256 into a single algorithm bit, and to coagulate Camellia128
+ and Camellia256 into a single algorithm bit, which has led to all
+ kinds of kludges.
+
+ Thus, among other things, the kludge introduced in 0.9.7m and
+ 0.9.8e for masking out AES256 independently of AES128 or masking
+ out Camellia256 independently of AES256 is not needed here in 0.9.9.
+
+ With the change, we also introduce new ciphersuite aliases that
+ so far were missing: "AES128", "AES256", "CAMELLIA128", and
+ "CAMELLIA256".
+ [Bodo Moeller]
+
+ *) Add support for dsa-with-SHA224 and dsa-with-SHA256.
+ Use the leftmost N bytes of the signature input if the input is
+ larger than the prime q (with N being the size in bytes of q).
+ [Nils Larsch]
+
+ *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses
+ it yet and it is largely untested.
+ [Steve Henson]
+
+ *) Add support for the ecdsa-with-SHA224/256/384/512 signature types.
+ [Nils Larsch]
+
+ *) Initial incomplete changes to avoid need for function casts in OpenSSL
+ some compilers (gcc 4.2 and later) reject their use. Safestack is
+ reimplemented. Update ASN1 to avoid use of legacy functions.
+ [Steve Henson]
+
+ *) Win32/64 targets are linked with Winsock2.
+ [Andy Polyakov]
+
+ *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
+ to external functions. This can be used to increase CRL handling
+ efficiency especially when CRLs are very large by (for example) storing
+ the CRL revoked certificates in a database.
+ [Steve Henson]
+
+ *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
+ new CRLs added to a directory can be used. New command line option
+ -verify_return_error to s_client and s_server. This causes real errors
+ to be returned by the verify callback instead of carrying on no matter
+ what. This reflects the way a "real world" verify callback would behave.
+ [Steve Henson]
+
+ *) GOST engine, supporting several GOST algorithms and public key formats.
+ Kindly donated by Cryptocom.
+ [Cryptocom]
+
+ *) Partial support for Issuing Distribution Point CRL extension. CRLs
+ partitioned by DP are handled but no indirect CRL or reason partitioning
+ (yet). Complete overhaul of CRL handling: now the most suitable CRL is
+ selected via a scoring technique which handles IDP and AKID in CRLs.
+ [Steve Henson]
+
+ *) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
+ will ultimately be used for all verify operations: this will remove the
+ X509_STORE dependency on certificate verification and allow alternative
+ lookup methods. X509_STORE based implementations of these two callbacks.
+ [Steve Henson]
+
+ *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
+ Modify get_crl() to find a valid (unexpired) CRL if possible.
+ [Steve Henson]
+
+ *) New function X509_CRL_match() to check if two CRLs are identical. Normally
+ this would be called X509_CRL_cmp() but that name is already used by
+ a function that just compares CRL issuer names. Cache several CRL
+ extensions in X509_CRL structure and cache CRLDP in X509.
+ [Steve Henson]
+
+ *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
+ this maps equivalent X509_NAME structures into a consistent structure.
+ Name comparison can then be performed rapidly using memcmp().
+ [Steve Henson]
+
+ *) Non-blocking OCSP request processing. Add -timeout option to ocsp
+ utility.
+ [Steve Henson]
+
+ *) Allow digests to supply their own micalg string for S/MIME type using
+ the ctrl EVP_MD_CTRL_MICALG.
+ [Steve Henson]
+
+ *) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
+ EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
+ ctrl. It can then customise the structure before and/or after signing
+ if necessary.
+ [Steve Henson]
+
+ *) New function OBJ_add_sigid() to allow application defined signature OIDs
+ to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
+ to free up any added signature OIDs.
+ [Steve Henson]
+
+ *) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
+ EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
+ digest and cipher tables. New options added to openssl utility:
+ list-message-digest-algorithms and list-cipher-algorithms.
+ [Steve Henson]
+
+ *) Change the array representation of binary polynomials: the list
+ of degrees of non-zero coefficients is now terminated with -1.
+ Previously it was terminated with 0, which was also part of the
+ value; thus, the array representation was not applicable to
+ polynomials where t^0 has coefficient zero. This change makes
+ the array representation useful in a more general context.
+ [Douglas Stebila]
+
+ *) Various modifications and fixes to SSL/TLS cipher string
+ handling. For ECC, the code now distinguishes between fixed ECDH
+ with RSA certificates on the one hand and with ECDSA certificates
+ on the other hand, since these are separate ciphersuites. The
+ unused code for Fortezza ciphersuites has been removed.
+
+ For consistency with EDH, ephemeral ECDH is now called "EECDH"
+ (not "ECDHE"). For consistency with the code for DH
+ certificates, use of ECDH certificates is now considered ECDH
+ authentication, not RSA or ECDSA authentication (the latter is
+ merely the CA's signing algorithm and not actively used in the
+ protocol).
+
+ The temporary ciphersuite alias "ECCdraft" is no longer
+ available, and ECC ciphersuites are no longer excluded from "ALL"
+ and "DEFAULT". The following aliases now exist for RFC 4492
+ ciphersuites, most of these by analogy with the DH case:
+
+ kECDHr - ECDH cert, signed with RSA
+ kECDHe - ECDH cert, signed with ECDSA
+ kECDH - ECDH cert (signed with either RSA or ECDSA)
+ kEECDH - ephemeral ECDH
+ ECDH - ECDH cert or ephemeral ECDH
+
+ aECDH - ECDH cert
+ aECDSA - ECDSA cert
+ ECDSA - ECDSA cert
+
+ AECDH - anonymous ECDH
+ EECDH - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
+
+ [Bodo Moeller]
+
+ *) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
+ Use correct micalg parameters depending on digest(s) in signed message.
+ [Steve Henson]
+
+ *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
+ an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
+ [Steve Henson]
+
+ *) Initial engine support for EVP_PKEY_METHOD. New functions to permit
+ an engine to register a method. Add ENGINE lookups for methods and
+ functional reference processing.
+ [Steve Henson]
+
+ *) New functions EVP_Digest{Sign,Verify)*. These are enchance versions of
+ EVP_{Sign,Verify}* which allow an application to customise the signature
+ process.
+ [Steve Henson]
+
+ *) New -resign option to smime utility. This adds one or more signers
+ to an existing PKCS#7 signedData structure. Also -md option to use an
+ alternative message digest algorithm for signing.
+ [Steve Henson]
+
+ *) Tidy up PKCS#7 routines and add new functions to make it easier to
+ create PKCS7 structures containing multiple signers. Update smime
+ application to support multiple signers.
+ [Steve Henson]
+
+ *) New -macalg option to pkcs12 utility to allow setting of an alternative
+ digest MAC.
+ [Steve Henson]
+
+ *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
+ Reorganize PBE internals to lookup from a static table using NIDs,
+ add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
+ EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
+ PRF which will be automatically used with PBES2.
+ [Steve Henson]
+
+ *) Replace the algorithm specific calls to generate keys in "req" with the
+ new API.
+ [Steve Henson]
+
+ *) Update PKCS#7 enveloped data routines to use new API. This is now
+ supported by any public key method supporting the encrypt operation. A
+ ctrl is added to allow the public key algorithm to examine or modify
+ the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
+ a no op.
+ [Steve Henson]
+
+ *) Add a ctrl to asn1 method to allow a public key algorithm to express
+ a default digest type to use. In most cases this will be SHA1 but some
+ algorithms (such as GOST) need to specify an alternative digest. The
+ return value indicates how strong the prefernce is 1 means optional and
+ 2 is mandatory (that is it is the only supported type). Modify
+ ASN1_item_sign() to accept a NULL digest argument to indicate it should
+ use the default md. Update openssl utilities to use the default digest
+ type for signing if it is not explicitly indicated.
+ [Steve Henson]
+
+ *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New
+ EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
+ signing method from the key type. This effectively removes the link
+ between digests and public key types.
+ [Steve Henson]
+
+ *) Add an OID cross reference table and utility functions. Its purpose is to
+ translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
+ rsaEncryption. This will allow some of the algorithm specific hackery
+ needed to use the correct OID to be removed.
+ [Steve Henson]
+
+ *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
+ structures for PKCS7_sign(). They are now set up by the relevant public
+ key ASN1 method.
+ [Steve Henson]
+
+ *) Add provisional EC pkey method with support for ECDSA and ECDH.
+ [Steve Henson]
+
+ *) Add support for key derivation (agreement) in the API, DH method and
+ pkeyutl.
+ [Steve Henson]
+
+ *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
+ public and private key formats. As a side effect these add additional
+ command line functionality not previously available: DSA signatures can be
+ generated and verified using pkeyutl and DH key support and generation in
+ pkey, genpkey.
+ [Steve Henson]
+
+ *) BeOS support.
+ [Oliver Tappe <zooey at hirschkaefer.de>]
+
+ *) New make target "install_html_docs" installs HTML renditions of the
+ manual pages.
+ [Oliver Tappe <zooey at hirschkaefer.de>]
+
+ *) New utility "genpkey" this is analagous to "genrsa" etc except it can
+ generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
+ support key and parameter generation and add initial key generation
+ functionality for RSA.
+ [Steve Henson]
+
+ *) Add functions for main EVP_PKEY_method operations. The undocumented
+ functions EVP_PKEY_{encrypt,decrypt} have been renamed to
+ EVP_PKEY_{encrypt,decrypt}_old.
+ [Steve Henson]
+
+ *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
+ key API, doesn't do much yet.
+ [Steve Henson]
+
+ *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
+ public key algorithms. New option to openssl utility:
+ "list-public-key-algorithms" to print out info.
+ [Steve Henson]
+
+ *) Implement the Supported Elliptic Curves Extension for
+ ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+ [Douglas Stebila]
+
+ *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
+ EVP_CIPHER structures to avoid later problems in EVP_cleanup().
+ [Steve Henson]
+
+ *) New utilities pkey and pkeyparam. These are similar to algorithm specific
+ utilities such as rsa, dsa, dsaparam etc except they process any key
+ type.
+ [Steve Henson]
+
+ *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
+ functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
+ EVP_PKEY_print_param() to print public key data from an EVP_PKEY
+ structure.
+ [Steve Henson]
+
+ *) Initial support for pluggable public key ASN1.
+ De-spaghettify the public key ASN1 handling. Move public and private
+ key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
+ algorithm specific handling to a single module within the relevant
+ algorithm directory. Add functions to allow (near) opaque processing
+ of public and private key structures.
+ [Steve Henson]
+
+ *) Implement the Supported Point Formats Extension for
+ ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+ [Douglas Stebila]
+
+ *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
+ for the psk identity [hint] and the psk callback functions to the
+ SSL_SESSION, SSL and SSL_CTX structure.
+
+ New ciphersuites:
+ PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
+ PSK-AES256-CBC-SHA
+
+ New functions:
+ SSL_CTX_use_psk_identity_hint
+ SSL_get_psk_identity_hint
+ SSL_get_psk_identity
+ SSL_use_psk_identity_hint
+
+ [Mika Kousa and Pasi Eronen of Nokia Corporation]
+
+ *) Add RFC 3161 compliant time stamp request creation, response generation
+ and response verification functionality.
+ [Zoltán Glózik <zglozik at opentsa.org>, The OpenTSA Project]
+
+ *) Add initial support for TLS extensions, specifically for the server_name
+ extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
+ have new members for a host name. The SSL data structure has an
+ additional member SSL_CTX *initial_ctx so that new sessions can be
+ stored in that context to allow for session resumption, even after the
+ SSL has been switched to a new SSL_CTX in reaction to a client's
+ server_name extension.
+
+ New functions (subject to change):
+
+ SSL_get_servername()
+ SSL_get_servername_type()
+ SSL_set_SSL_CTX()
+
+ New CTRL codes and macros (subject to change):
+
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+ - SSL_CTX_set_tlsext_servername_callback()
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+ - SSL_CTX_set_tlsext_servername_arg()
+ SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
+
+ openssl s_client has a new '-servername ...' option.
+
+ openssl s_server has new options '-servername_host ...', '-cert2 ...',
+ '-key2 ...', '-servername_fatal' (subject to change). This allows
+ testing the HostName extension for a specific single host name ('-cert'
+ and '-key' remain fallbacks for handshakes without HostName
+ negotiation). If the unrecogninzed_name alert has to be sent, this by
+ default is a warning; it becomes fatal with the '-servername_fatal'
+ option.
+
+ [Peter Sylvester, Remy Allais, Christophe Renou]
+
+ *) Whirlpool hash implementation is added.
+ [Andy Polyakov]
+
+ *) BIGNUM code on 64-bit SPARCv9 targets is switched from bn(64,64) to
+ bn(64,32). Because of instruction set limitations it doesn't have
+ any negative impact on performance. This was done mostly in order
+ to make it possible to share assembler modules, such as bn_mul_mont
+ implementations, between 32- and 64-bit builds without hassle.
+ [Andy Polyakov]
+
+ *) Move code previously exiled into file crypto/ec/ec2_smpt.c
+ to ec2_smpl.c, and no longer require the OPENSSL_EC_BIN_PT_COMP
+ macro.
+ [Bodo Moeller]
+
+ *) New candidate for BIGNUM assembler implementation, bn_mul_mont,
+ dedicated Montgomery multiplication procedure, is introduced.
+ BN_MONT_CTX is modified to allow bn_mul_mont to reach for higher
+ "64-bit" performance on certain 32-bit targets.
+ [Andy Polyakov]
+
+ *) New option SSL_OP_NO_COMP to disable use of compression selectively
+ in SSL structures. New SSL ctrl to set maximum send fragment size.
+ Save memory by seeting the I/O buffer sizes dynamically instead of
+ using the maximum available value.
+ [Steve Henson]
+
+ *) New option -V for 'openssl ciphers'. This prints the ciphersuite code
+ in addition to the text details.
+ [Bodo Moeller]
+
+ *) Very, very preliminary EXPERIMENTAL support for printing of general
+ ASN1 structures. This currently produces rather ugly output and doesn't
+ handle several customised structures at all.
+ [Steve Henson]
+
+ *) Integrated support for PVK file format and some related formats such
+ as MS PUBLICKEYBLOB and PRIVATEKEYBLOB. Command line switches to support
+ these in the 'rsa' and 'dsa' utilities.
+ [Steve Henson]
+
+ *) Support for PKCS#1 RSAPublicKey format on rsa utility command line.
+ [Steve Henson]
+
+ *) Remove the ancient ASN1_METHOD code. This was only ever used in one
+ place for the (very old) "NETSCAPE" format certificates which are now
+ handled using new ASN1 code equivalents.
+ [Steve Henson]
+
+ *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
+ pointer and make the SSL_METHOD parameter in SSL_CTX_new,
+ SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.
+ [Nils Larsch]
+
+ *) Modify CRL distribution points extension code to print out previously
+ unsupported fields. Enhance extension setting code to allow setting of
+ all fields.
+ [Steve Henson]
+
+ *) Add print and set support for Issuing Distribution Point CRL extension.
+ [Steve Henson]
+
+ *) Change 'Configure' script to enable Camellia by default.
+ [NTT]
+
+ Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
+
+ *) When rejecting SSL/TLS records due to an incorrect version number, never
+ update s->server with a new major version number. As of
+ - OpenSSL 0.9.8m if 'short' is a 16-bit type,
+ - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
+ the previous behavior could result in a read attempt at NULL when
+ receiving specific incorrect SSL/TLS records once record payload
+ protection is active. (CVE-2010-0740)
+ [Bodo Moeller, Adam Langley <agl at chromium.org>]
+
+ *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
+ could be crashed if the relevant tables were not present (e.g. chrooted).
+ [Tomas Hoger <thoger at redhat.com>]
+
+ Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
+
+ *) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
+ [Martin Olsson, Neel Mehta]
+
+ *) Fix X509_STORE locking: Every 'objs' access requires a lock (to
+ accommodate for stack sorting, always a write lock!).
+ [Bodo Moeller]
+
+ *) On some versions of WIN32 Heap32Next is very slow. This can cause
+ excessive delays in the RAND_poll(): over a minute. As a workaround
+ include a time check in the inner Heap32Next loop too.
+ [Steve Henson]
+
+ *) The code that handled flushing of data in SSL/TLS originally used the
+ BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
+ the problem outlined in PR#1949. The fix suggested there however can
+ trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
+ of Apache). So instead simplify the code to flush unconditionally.
+ This should be fine since flushing with no data to flush is a no op.
+ [Steve Henson]
+
+ *) Handle TLS versions 2.0 and later properly and correctly use the
+ highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
+ off ancient servers have a habit of sticking around for a while...
+ [Steve Henson]
+
+ *) Modify compression code so it frees up structures without using the
+ ex_data callbacks. This works around a problem where some applications
+ call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
+ restarting) then use compression (e.g. SSL with compression) later.
+ This results in significant per-connection memory leaks and
+ has caused some security issues including CVE-2008-1678 and
+ CVE-2009-4355.
+ [Steve Henson]
+
+ *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
+ change when encrypting or decrypting.
+ [Bodo Moeller]
+
+ *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
+ connect and renegotiate with servers which do not support RI.
+ Until RI is more widely deployed this option is enabled by default.
+ [Steve Henson]
+
+ *) Add "missing" ssl ctrls to clear options and mode.
+ [Steve Henson]
+
+ *) If client attempts to renegotiate and doesn't support RI respond with
+ a no_renegotiation alert as required by RFC5746. Some renegotiating
+ TLS clients will continue a connection gracefully when they receive
+ the alert. Unfortunately OpenSSL mishandled this alert and would hang
+ waiting for a server hello which it will never receive. Now we treat a
+ received no_renegotiation alert as a fatal error. This is because
+ applications requesting a renegotiation might well expect it to succeed
+ and would have no code in place to handle the server denying it so the
+ only safe thing to do is to terminate the connection.
+ [Steve Henson]
+
+ *) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
+ peer supports secure renegotiation and 0 otherwise. Print out peer
+ renegotiation support in s_client/s_server.
+ [Steve Henson]
+
+ *) Replace the highly broken and deprecated SPKAC certification method with
+ the updated NID creation version. This should correctly handle UTF8.
+ [Steve Henson]
+
+ *) Implement RFC5746. Re-enable renegotiation but require the extension
+ as needed. Unfortunately, SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ turns out to be a bad idea. It has been replaced by
+ SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
+ SSL_CTX_set_options(). This is really not recommended unless you
+ know what you are doing.
+ [Eric Rescorla <ekr at networkresonance.com>, Ben Laurie, Steve Henson]
+
+ *) Fixes to stateless session resumption handling. Use initial_ctx when
+ issuing and attempting to decrypt tickets in case it has changed during
+ servername handling. Use a non-zero length session ID when attempting
+ stateless session resumption: this makes it possible to determine if
+ a resumption has occurred immediately after receiving server hello
+ (several places in OpenSSL subtly assume this) instead of later in
+ the handshake.
+ [Steve Henson]
+
+ *) The functions ENGINE_ctrl(), OPENSSL_isservice(),
+ CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
+ fixes for a few places where the return code is not checked
+ correctly.
+ [Julia Lawall <julia at diku.dk>]
+
+ *) Add --strict-warnings option to Configure script to include devteam
+ warnings in other configurations.
+ [Steve Henson]
+
+ *) Add support for --libdir option and LIBDIR variable in makefiles. This
+ makes it possible to install openssl libraries in locations which
+ have names other than "lib", for example "/usr/lib64" which some
+ systems need.
+ [Steve Henson, based on patch from Jeremy Utley]
+
+ *) Don't allow the use of leading 0x80 in OIDs. This is a violation of
+ X690 8.9.12 and can produce some misleading textual output of OIDs.
+ [Steve Henson, reported by Dan Kaminsky]
+
+ *) Delete MD2 from algorithm tables. This follows the recommendation in
+ several standards that it is not used in new applications due to
+ several cryptographic weaknesses. For binary compatibility reasons
+ the MD2 API is still compiled in by default.
+ [Steve Henson]
+
+ *) Add compression id to {d2i,i2d}_SSL_SESSION so it is correctly saved
+ and restored.
+ [Steve Henson]
+
+ *) Rename uni2asc and asc2uni functions to OPENSSL_uni2asc and
+ OPENSSL_asc2uni conditionally on Netware platforms to avoid a name
+ clash.
+ [Guenter <lists at gknw.net>]
+
+ *) Fix the server certificate chain building code to use X509_verify_cert(),
+ it used to have an ad-hoc builder which was unable to cope with anything
+ other than a simple chain.
+ [David Woodhouse <dwmw2 at infradead.org>, Steve Henson]
+
+ *) Don't check self signed certificate signatures in X509_verify_cert()
+ by default (a flag can override this): it just wastes time without
+ adding any security. As a useful side effect self signed root CAs
+ with non-FIPS digests are now usable in FIPS mode.
+ [Steve Henson]
+
+ *) In dtls1_process_out_of_seq_message() the check if the current message
+ is already buffered was missing. For every new message was memory
+ allocated, allowing an attacker to perform an denial of service attack
+ with sending out of seq handshake messages until there is no memory
+ left. Additionally every future messege was buffered, even if the
+ sequence number made no sense and would be part of another handshake.
+ So only messages with sequence numbers less than 10 in advance will be
+ buffered. (CVE-2009-1378)
+ [Robin Seggelmann, discovered by Daniel Mentz]
+
+ *) Records are buffered if they arrive with a future epoch to be
+ processed after finishing the corresponding handshake. There is
+ currently no limitation to this buffer allowing an attacker to perform
+ a DOS attack with sending records with future epochs until there is no
+ memory left. This patch adds the pqueue_size() function to detemine
+ the size of a buffer and limits the record buffer to 100 entries.
+ (CVE-2009-1377)
+ [Robin Seggelmann, discovered by Daniel Mentz]
+
+ *) Keep a copy of frag->msg_header.frag_len so it can be used after the
+ parent structure is freed. (CVE-2009-1379)
+ [Daniel Mentz]
+
+ *) Handle non-blocking I/O properly in SSL_shutdown() call.
+ [Darryl Miles <darryl-mailinglists at netbauds.net>]
+
+ *) Add 2.5.4.* OIDs
+ [Ilya O. <vrghost at gmail.com>]
+
+ Changes between 0.9.8k and 0.9.8l [5 Nov 2009]
+
+ *) Disable renegotiation completely - this fixes a severe security
+ problem (CVE-2009-3555) at the cost of breaking all
+ renegotiation. Renegotiation can be re-enabled by setting
+ SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+ run-time. This is really not recommended unless you know what
+ you're doing.
+ [Ben Laurie]
+
+ Changes between 0.9.8j and 0.9.8k [25 Mar 2009]
+
+ *) Don't set val to NULL when freeing up structures, it is freed up by
+ underlying code. If sizeof(void *) > sizeof(long) this can result in
+ zeroing past the valid field. (CVE-2009-0789)
+ [Paolo Ganci <Paolo.Ganci at AdNovum.CH>]
+
+ *) Fix bug where return value of CMS_SignerInfo_verify_content() was not
+ checked correctly. This would allow some invalid signed attributes to
+ appear to verify correctly. (CVE-2009-0591)
+ [Ivan Nestlerode <inestlerode at us.ibm.com>]
+
+ *) Reject UniversalString and BMPString types with invalid lengths. This
+ prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+ a legal length. (CVE-2009-0590)
+ [Steve Henson]
+
+ *) Set S/MIME signing as the default purpose rather than setting it
+ unconditionally. This allows applications to override it at the store
+ level.
+ [Steve Henson]
+
+ *) Permit restricted recursion of ASN1 strings. This is needed in practice
+ to handle some structures.
+ [Steve Henson]
+
+ *) Improve efficiency of mem_gets: don't search whole buffer each time
+ for a '\n'
+ [Jeremy Shapiro <jnshapir at us.ibm.com>]
+
+ *) New -hex option for openssl rand.
+ [Matthieu Herrb]
+
+ *) Print out UTF8String and NumericString when parsing ASN1.
+ [Steve Henson]
+
+ *) Support NumericString type for name components.
+ [Steve Henson]
+
+ *) Allow CC in the environment to override the automatically chosen
+ compiler. Note that nothing is done to ensure flags work with the
+ chosen compiler.
+ [Ben Laurie]
+
+ Changes between 0.9.8i and 0.9.8j [07 Jan 2009]
+
+ *) Properly check EVP_VerifyFinal() and similar return values
+ (CVE-2008-5077).
+ [Ben Laurie, Bodo Moeller, Google Security Team]
+
+ *) Enable TLS extensions by default.
+ [Ben Laurie]
+
+ *) Allow the CHIL engine to be loaded, whether the application is
+ multithreaded or not. (This does not release the developer from the
+ obligation to set up the dynamic locking callbacks.)
+ [Sander Temme <sander at temme.net>]
+
+ *) Use correct exit code if there is an error in dgst command.
+ [Steve Henson; problem pointed out by Roland Dirlewanger]
+
+ *) Tweak Configure so that you need to say "experimental-jpake" to enable
+ JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
+ [Bodo Moeller]
+
+ *) Add experimental JPAKE support, including demo authentication in
+ s_client and s_server.
+ [Ben Laurie]
+
+ *) Set the comparison function in v3_addr_canonize().
+ [Rob Austein <sra at hactrn.net>]
+
+ *) Add support for XMPP STARTTLS in s_client.
+ [Philip Paeps <philip at freebsd.org>]
+
+ *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
+ to ensure that even with this option, only ciphersuites in the
+ server's preference list will be accepted. (Note that the option
+ applies only when resuming a session, so the earlier behavior was
+ just about the algorithm choice for symmetric cryptography.)
+ [Bodo Moeller]
+
+ Changes between 0.9.8h and 0.9.8i [15 Sep 2008]
+
+ *) Fix NULL pointer dereference if a DTLS server received
+ ChangeCipherSpec as first record (CVE-2009-1386).
+ [PR #1679]
+
+ *) Fix a state transitition in s3_srvr.c and d1_srvr.c
+ (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
+ [Nagendra Modadugu]
+
+ *) The fix in 0.9.8c that supposedly got rid of unsafe
+ double-checked locking was incomplete for RSA blinding,
+ addressing just one layer of what turns out to have been
+ doubly unsafe triple-checked locking.
+
+ So now fix this for real by retiring the MONT_HELPER macro
+ in crypto/rsa/rsa_eay.c.
+
+ [Bodo Moeller; problem pointed out by Marius Schilder]
+
+ *) Various precautionary measures:
+
+ - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
+
+ - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
+ (NB: This would require knowledge of the secret session ticket key
+ to exploit, in which case you'd be SOL either way.)
+
+ - Change bn_nist.c so that it will properly handle input BIGNUMs
+ outside the expected range.
+
+ - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
+ builds.
+
+ [Neel Mehta, Bodo Moeller]
+
+ *) Allow engines to be "soft loaded" - i.e. optionally don't die if
+ the load fails. Useful for distros.
+ [Ben Laurie and the FreeBSD team]
+
+ *) Add support for Local Machine Keyset attribute in PKCS#12 files.
+ [Steve Henson]
+
+ *) Fix BN_GF2m_mod_arr() top-bit cleanup code.
+ [Huang Ying]
+
+ *) Expand ENGINE to support engine supplied SSL client certificate functions.
+
+ This work was sponsored by Logica.
+ [Steve Henson]
+
+ *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
+ keystores. Support for SSL/TLS client authentication too.
+ Not compiled unless enable-capieng specified to Configure.
+
+ This work was sponsored by Logica.
+ [Steve Henson]
+
+ *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
+ ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
+ attribute creation routines such as certifcate requests and PKCS#12
+ files.
+ [Steve Henson]
+
+ Changes between 0.9.8g and 0.9.8h [28 May 2008]
+
+ *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+ handshake which could lead to a cilent crash as found using the
+ Codenomicon TLS test suite (CVE-2008-1672)
+ [Steve Henson, Mark Cox]
+
+ *) Fix double free in TLS server name extensions which could lead to
+ a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
+ [Joe Orton]
+
+ *) Clear error queue in SSL_CTX_use_certificate_chain_file()
+
+ Clear the error queue to ensure that error entries left from
+ older function calls do not interfere with the correct operation.
+ [Lutz Jaenicke, Erik de Castro Lopo]
+
+ *) Remove root CA certificates of commercial CAs:
+
+ The OpenSSL project does not recommend any specific CA and does not
+ have any policy with respect to including or excluding any CA.
+ Therefore it does not make any sense to ship an arbitrary selection
+ of root CA certificates with the OpenSSL software.
+ [Lutz Jaenicke]
+
+ *) RSA OAEP patches to fix two separate invalid memory reads.
+ The first one involves inputs when 'lzero' is greater than
+ 'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
+ before the beginning of from). The second one involves inputs where
+ the 'db' section contains nothing but zeroes (there is a one-byte
+ invalid read after the end of 'db').
+ [Ivan Nestlerode <inestlerode at us.ibm.com>]
+
+ *) Partial backport from 0.9.9-dev:
+
+ Introduce bn_mul_mont (dedicated Montgomery multiplication
+ procedure) as a candidate for BIGNUM assembler implementation.
+ While 0.9.9-dev uses assembler for various architectures, only
+ x86_64 is available by default here in the 0.9.8 branch, and
+ 32-bit x86 is available through a compile-time setting.
+
+ To try the 32-bit x86 assembler implementation, use Configure
+ option "enable-montasm" (which exists only for this backport).
+
+ As "enable-montasm" for 32-bit x86 disclaims code stability
+ anyway, in this constellation we activate additional code
+ backported from 0.9.9-dev for further performance improvements,
+ namely BN_from_montgomery_word. (To enable this otherwise,
+ e.g. x86_64, try "-DMONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD".)
+
+ [Andy Polyakov (backport partially by Bodo Moeller)]
+
+ *) Add TLS session ticket callback. This allows an application to set
+ TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
+ values. This is useful for key rollover for example where several key
+ sets may exist with different names.
+ [Steve Henson]
+
+ *) Reverse ENGINE-internal logic for caching default ENGINE handles.
+ This was broken until now in 0.9.8 releases, such that the only way
+ a registered ENGINE could be used (assuming it initialises
+ successfully on the host) was to explicitly set it as the default
+ for the relevant algorithms. This is in contradiction with 0.9.7
+ behaviour and the documentation. With this fix, when an ENGINE is
+ registered into a given algorithm's table of implementations, the
+ 'uptodate' flag is reset so that auto-discovery will be used next
+ time a new context for that algorithm attempts to select an
+ implementation.
+ [Ian Lister (tweaked by Geoff Thorpe)]
+
+ *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9
+ implemention in the following ways:
+
+ Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be
+ hard coded.
+
+ Lack of BER streaming support means one pass streaming processing is
+ only supported if data is detached: setting the streaming flag is
+ ignored for embedded content.
+
+ CMS support is disabled by default and must be explicitly enabled
+ with the enable-cms configuration option.
+ [Steve Henson]
+
+ *) Update the GMP engine glue to do direct copies between BIGNUM and
+ mpz_t when openssl and GMP use the same limb size. Otherwise the
+ existing "conversion via a text string export" trick is still used.
+ [Paul Sheer <paulsheer at gmail.com>]
+
+ *) Zlib compression BIO. This is a filter BIO which compressed and
+ uncompresses any data passed through it.
+ [Steve Henson]
+
+ *) Add AES_wrap_key() and AES_unwrap_key() functions to implement
+ RFC3394 compatible AES key wrapping.
+ [Steve Henson]
+
+ *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0():
+ sets string data without copying. X509_ALGOR_set0() and
+ X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier)
+ data. Attribute function X509at_get0_data_by_OBJ(): retrieves data
+ from an X509_ATTRIBUTE structure optionally checking it occurs only
+ once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied
+ data.
+ [Steve Henson]
+
+ *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
+ to get the expected BN_FLG_CONSTTIME behavior.
+ [Bodo Moeller (Google)]
+
+ *) Netware support:
+
+ - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
+ - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
+ - added some more tests to do_tests.pl
+ - fixed RunningProcess usage so that it works with newer LIBC NDKs too
+ - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
+ - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
+ netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
+ - various changes to netware.pl to enable gcc-cross builds on Win32
+ platform
+ - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
+ - various changes to fix missing prototype warnings
+ - fixed x86nasm.pl to create correct asm files for NASM COFF output
+ - added AES, WHIRLPOOL and CPUID assembler code to build files
+ - added missing AES assembler make rules to mk1mf.pl
+ - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
+ [Guenter Knauf <eflash at gmx.net>]
+
+ *) Implement certificate status request TLS extension defined in RFC3546.
+ A client can set the appropriate parameters and receive the encoded
+ OCSP response via a callback. A server can query the supplied parameters
+ and set the encoded OCSP response in the callback. Add simplified examples
+ to s_client and s_server.
+ [Steve Henson]
+
+ Changes between 0.9.8f and 0.9.8g [19 Oct 2007]
+
+ *) Fix various bugs:
+ + Binary incompatibility of ssl_ctx_st structure
+ + DTLS interoperation with non-compliant servers
+ + Don't call get_session_cb() without proposed session
+ + Fix ia64 assembler code
+ [Andy Polyakov, Steve Henson]
+
+ Changes between 0.9.8e and 0.9.8f [11 Oct 2007]
+
+ *) DTLS Handshake overhaul. There were longstanding issues with
+ OpenSSL DTLS implementation, which were making it impossible for
+ RFC 4347 compliant client to communicate with OpenSSL server.
+ Unfortunately just fixing these incompatibilities would "cut off"
+ pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e
+ server keeps tolerating non RFC compliant syntax. The opposite is
+ not true, 0.9.8f client can not communicate with earlier server.
+ This update even addresses CVE-2007-4995.
+ [Andy Polyakov]
+
+ *) Changes to avoid need for function casts in OpenSSL: some compilers
+ (gcc 4.2 and later) reject their use.
+ [Kurt Roeckx <kurt at roeckx.be>, Peter Hartley <pdh at utter.chaos.org.uk>,
+ Steve Henson]
+
+ *) Add RFC4507 support to OpenSSL. This includes the corrections in
+ RFC4507bis. The encrypted ticket format is an encrypted encoded
+ SSL_SESSION structure, that way new session features are automatically
+ supported.
+
+ If a client application caches session in an SSL_SESSION structure
+ support is transparent because tickets are now stored in the encoded
+ SSL_SESSION.
+
+ The SSL_CTX structure automatically generates keys for ticket
+ protection in servers so again support should be possible
+ with no application modification.
+
+ If a client or server wishes to disable RFC4507 support then the option
+ SSL_OP_NO_TICKET can be set.
+
+ Add a TLS extension debugging callback to allow the contents of any client
+ or server extensions to be examined.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Add initial support for TLS extensions, specifically for the server_name
+ extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
+ have new members for a host name. The SSL data structure has an
+ additional member SSL_CTX *initial_ctx so that new sessions can be
+ stored in that context to allow for session resumption, even after the
+ SSL has been switched to a new SSL_CTX in reaction to a client's
+ server_name extension.
+
+ New functions (subject to change):
+
+ SSL_get_servername()
+ SSL_get_servername_type()
+ SSL_set_SSL_CTX()
+
+ New CTRL codes and macros (subject to change):
+
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+ - SSL_CTX_set_tlsext_servername_callback()
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+ - SSL_CTX_set_tlsext_servername_arg()
+ SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
+
+ openssl s_client has a new '-servername ...' option.
+
+ openssl s_server has new options '-servername_host ...', '-cert2 ...',
+ '-key2 ...', '-servername_fatal' (subject to change). This allows
+ testing the HostName extension for a specific single host name ('-cert'
+ and '-key' remain fallbacks for handshakes without HostName
+ negotiation). If the unrecogninzed_name alert has to be sent, this by
+ default is a warning; it becomes fatal with the '-servername_fatal'
+ option.
+
+ [Peter Sylvester, Remy Allais, Christophe Renou, Steve Henson]
+
+ *) Add AES and SSE2 assembly language support to VC++ build.
+ [Steve Henson]
+
+ *) Mitigate attack on final subtraction in Montgomery reduction.
+ [Andy Polyakov]
+
+ *) Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
+ (which previously caused an internal error).
+ [Bodo Moeller]
+
+ *) Squeeze another 10% out of IGE mode when in != out.
+ [Ben Laurie]
+
+ *) AES IGE mode speedup.
+ [Dean Gaudet (Google)]
+
+ *) Add the Korean symmetric 128-bit cipher SEED (see
+ http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
+ add SEED ciphersuites from RFC 4162:
+
+ TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA"
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA"
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA"
+ TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA"
+
+ To minimize changes between patchlevels in the OpenSSL 0.9.8
+ series, SEED remains excluded from compilation unless OpenSSL
+ is configured with 'enable-seed'.
+ [KISA, Bodo Moeller]
+
+ *) Mitigate branch prediction attacks, which can be practical if a
+ single processor is shared, allowing a spy process to extract
+ information. For detailed background information, see
+ http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
+ J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
+ and Necessary Software Countermeasures"). The core of the change
+ are new versions BN_div_no_branch() and
+ BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
+ respectively, which are slower, but avoid the security-relevant
+ conditional branches. These are automatically called by BN_div()
+ and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
+ of the input BIGNUMs. Also, BN_is_bit_set() has been changed to
+ remove a conditional branch.
+
+ BN_FLG_CONSTTIME is the new name for the previous
+ BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
+ modular exponentiation. (Since OpenSSL 0.9.7h, setting this flag
+ in the exponent causes BN_mod_exp_mont() to use the alternative
+ implementation in BN_mod_exp_mont_consttime().) The old name
+ remains as a deprecated alias.
+
+ Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
+ RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
+ constant-time implementations for more than just exponentiation.
+ Here too the old name is kept as a deprecated alias.
+
+ BN_BLINDING_new() will now use BN_dup() for the modulus so that
+ the BN_BLINDING structure gets an independent copy of the
+ modulus. This means that the previous "BIGNUM *m" argument to
+ BN_BLINDING_new() and to BN_BLINDING_create_param() now
+ essentially becomes "const BIGNUM *m", although we can't actually
+ change this in the header file before 0.9.9. It allows
+ RSA_setup_blinding() to use BN_with_flags() on the modulus to
+ enable BN_FLG_CONSTTIME.
+
+ [Matthew D Wood (Intel Corp)]
+
+ *) In the SSL/TLS server implementation, be strict about session ID
+ context matching (which matters if an application uses a single
+ external cache for different purposes). Previously,
+ out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
+ set. This did ensure strict client verification, but meant that,
+ with applications using a single external cache for quite
+ different requirements, clients could circumvent ciphersuite
+ restrictions for a given session ID context by starting a session
+ in a different context.
+ [Bodo Moeller]
+
+ *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
+ a ciphersuite string such as "DEFAULT:RSA" cannot enable
+ authentication-only ciphersuites.
+ [Bodo Moeller]
+
+ *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+ not complete and could lead to a possible single byte overflow
+ (CVE-2007-5135) [Ben Laurie]
+
+ Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
+
+ *) Since AES128 and AES256 (and similarly Camellia128 and
+ Camellia256) share a single mask bit in the logic of
+ ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
+ kludge to work properly if AES128 is available and AES256 isn't
+ (or if Camellia128 is available and Camellia256 isn't).
+ [Victor Duchovni]
+
+ *) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
+ (within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
+ When a point or a seed is encoded in a BIT STRING, we need to
+ prevent the removal of trailing zero bits to get the proper DER
+ encoding. (By default, crypto/asn1/a_bitstr.c assumes the case
+ of a NamedBitList, for which trailing 0 bits need to be removed.)
+ [Bodo Moeller]
+
+ *) Have SSL/TLS server implementation tolerate "mismatched" record
+ protocol version while receiving ClientHello even if the
+ ClientHello is fragmented. (The server can't insist on the
+ particular protocol version it has chosen before the ServerHello
+ message has informed the client about his choice.)
+ [Bodo Moeller]
+
+ *) Add RFC 3779 support.
+ [Rob Austein for ARIN, Ben Laurie]
+
+ *) Load error codes if they are not already present instead of using a
+ static variable. This allows them to be cleanly unloaded and reloaded.
+ Improve header file function name parsing.
+ [Steve Henson]
+
+ *) extend SMTP and IMAP protocol emulation in s_client to use EHLO
+ or CAPABILITY handshake as required by RFCs.
+ [Goetz Babin-Ebell]
+
+ Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
+
+ *) Introduce limits to prevent malicious keys being able to
+ cause a denial of service. (CVE-2006-2940)
+ [Steve Henson, Bodo Moeller]
+
+ *) Fix ASN.1 parsing of certain invalid structures that can result
+ in a denial of service. (CVE-2006-2937) [Steve Henson]
+
+ *) Fix buffer overflow in SSL_get_shared_ciphers() function.
+ (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
+
+ *) Fix SSL client code which could crash if connecting to a
+ malicious SSLv2 server. (CVE-2006-4343)
+ [Tavis Ormandy and Will Drewry, Google Security Team]
+
+ *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
+ match only those. Before that, "AES256-SHA" would be interpreted
+ as a pattern and match "AES128-SHA" too (since AES128-SHA got
+ the same strength classification in 0.9.7h) as we currently only
+ have a single AES bit in the ciphersuite description bitmap.
+ That change, however, also applied to ciphersuite strings such as
+ "RC4-MD5" that intentionally matched multiple ciphersuites --
+ namely, SSL 2.0 ciphersuites in addition to the more common ones
+ from SSL 3.0/TLS 1.0.
+
+ So we change the selection algorithm again: Naming an explicit
+ ciphersuite selects this one ciphersuite, and any other similar
+ ciphersuite (same bitmap) from *other* protocol versions.
+ Thus, "RC4-MD5" again will properly select both the SSL 2.0
+ ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
+
+ Since SSL 2.0 does not have any ciphersuites for which the
+ 128/256 bit distinction would be relevant, this works for now.
+ The proper fix will be to use different bits for AES128 and
+ AES256, which would have avoided the problems from the beginning;
+ however, bits are scarce, so we can only do this in a new release
+ (not just a patchlevel) when we can change the SSL_CIPHER
+ definition to split the single 'unsigned long mask' bitmap into
+ multiple values to extend the available space.
+
+ [Bodo Moeller]
+
+ Changes between 0.9.8b and 0.9.8c [05 Sep 2006]
+
+ *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+ (CVE-2006-4339) [Ben Laurie and Google Security Team]
+
+ *) Add AES IGE and biIGE modes.
+ [Ben Laurie]
+
+ *) Change the Unix randomness entropy gathering to use poll() when
+ possible instead of select(), since the latter has some
+ undesirable limitations.
+ [Darryl Miles via Richard Levitte and Bodo Moeller]
+
+ *) Disable "ECCdraft" ciphersuites more thoroughly. Now special
+ treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
+ cannot be implicitly activated as part of, e.g., the "AES" alias.
+ However, please upgrade to OpenSSL 0.9.9[-dev] for
+ non-experimental use of the ECC ciphersuites to get TLS extension
+ support, which is required for curve and point format negotiation
+ to avoid potential handshake problems.
+ [Bodo Moeller]
+
+ *) Disable rogue ciphersuites:
+
+ - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
+ - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
+ - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
+
+ The latter two were purportedly from
+ draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
+ appear there.
+
+ Also deactivate the remaining ciphersuites from
+ draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
+ unofficial, and the ID has long expired.
+ [Bodo Moeller]
+
+ *) Fix RSA blinding Heisenbug (problems sometimes occured on
+ dual-core machines) and other potential thread-safety issues.
+ [Bodo Moeller]
+
+ *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
+ versions), which is now available for royalty-free use
+ (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
+ Also, add Camellia TLS ciphersuites from RFC 4132.
+
+ To minimize changes between patchlevels in the OpenSSL 0.9.8
+ series, Camellia remains excluded from compilation unless OpenSSL
+ is configured with 'enable-camellia'.
+ [NTT]
+
+ *) Disable the padding bug check when compression is in use. The padding
+ bug check assumes the first packet is of even length, this is not
+ necessarily true if compresssion is enabled and can result in false
+ positives causing handshake failure. The actual bug test is ancient
+ code so it is hoped that implementations will either have fixed it by
+ now or any which still have the bug do not support compression.
+ [Steve Henson]
+
+ Changes between 0.9.8a and 0.9.8b [04 May 2006]
+
+ *) When applying a cipher rule check to see if string match is an explicit
+ cipher suite and only match that one cipher suite if it is.
+ [Steve Henson]
+
+ *) Link in manifests for VC++ if needed.
+ [Austin Ziegler <halostatue at gmail.com>]
+
+ *) Update support for ECC-based TLS ciphersuites according to
+ draft-ietf-tls-ecc-12.txt with proposed changes (but without
+ TLS extensions, which are supported starting with the 0.9.9
+ branch, not in the OpenSSL 0.9.8 branch).
+ [Douglas Stebila]
+
+ *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support
+ opaque EVP_CIPHER_CTX handling.
+ [Steve Henson]
+
+ *) Fixes and enhancements to zlib compression code. We now only use
+ "zlib1.dll" and use the default __cdecl calling convention on Win32
+ to conform with the standards mentioned here:
+ http://www.zlib.net/DLL_FAQ.txt
+ Static zlib linking now works on Windows and the new --with-zlib-include
+ --with-zlib-lib options to Configure can be used to supply the location
+ of the headers and library. Gracefully handle case where zlib library
+ can't be loaded.
+ [Steve Henson]
+
+ *) Several fixes and enhancements to the OID generation code. The old code
+ sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't
+ handle numbers larger than ULONG_MAX, truncated printing and had a
+ non standard OBJ_obj2txt() behaviour.
+ [Steve Henson]
+
+ *) Add support for building of engines under engine/ as shared libraries
+ under VC++ build system.
+ [Steve Henson]
+
+ *) Corrected the numerous bugs in the Win32 path splitter in DSO.
+ Hopefully, we will not see any false combination of paths any more.
+ [Richard Levitte]
+
+ Changes between 0.9.8 and 0.9.8a [11 Oct 2005]
+
+ *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
+ (part of SSL_OP_ALL). This option used to disable the
+ countermeasure against man-in-the-middle protocol-version
+ rollback in the SSL 2.0 server implementation, which is a bad
+ idea. (CVE-2005-2969)
+
+ [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
+ for Information Security, National Institute of Advanced Industrial
+ Science and Technology [AIST], Japan)]
+
+ *) Add two function to clear and return the verify parameter flags.
+ [Steve Henson]
+
+ *) Keep cipherlists sorted in the source instead of sorting them at
+ runtime, thus removing the need for a lock.
+ [Nils Larsch]
+
+ *) Avoid some small subgroup attacks in Diffie-Hellman.
+ [Nick Mathewson and Ben Laurie]
+
+ *) Add functions for well-known primes.
+ [Nick Mathewson]
+
+ *) Extended Windows CE support.
+ [Satoshi Nakamura and Andy Polyakov]
+
+ *) Initialize SSL_METHOD structures at compile time instead of during
+ runtime, thus removing the need for a lock.
+ [Steve Henson]
+
+ *) Make PKCS7_decrypt() work even if no certificate is supplied by
+ attempting to decrypt each encrypted key in turn. Add support to
+ smime utility.
+ [Steve Henson]
+
+ Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
+
+ [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
+ OpenSSL 0.9.8.]
+
+ *) Add libcrypto.pc and libssl.pc for those who feel they need them.
+ [Richard Levitte]
+
+ *) Change CA.sh and CA.pl so they don't bundle the CSR and the private
+ key into the same file any more.
+ [Richard Levitte]
+
+ *) Add initial support for Win64, both IA64 and AMD64/x64 flavors.
+ [Andy Polyakov]
+
+ *) Add -utf8 command line and config file option to 'ca'.
+ [Stefan <stf at udoma.org]
+
+ *) Removed the macro des_crypt(), as it seems to conflict with some
+ libraries. Use DES_crypt().
+ [Richard Levitte]
+
+ *) Correct naming of the 'chil' and '4758cca' ENGINEs. This
+ involves renaming the source and generated shared-libs for
+ both. The engines will accept the corrected or legacy ids
+ ('ncipher' and '4758_cca' respectively) when binding. NB,
+ this only applies when building 'shared'.
+ [Corinna Vinschen <vinschen at redhat.com> and Geoff Thorpe]
+
+ *) Add attribute functions to EVP_PKEY structure. Modify
+ PKCS12_create() to recognize a CSP name attribute and
+ use it. Make -CSP option work again in pkcs12 utility.
+ [Steve Henson]
+
+ *) Add new functionality to the bn blinding code:
+ - automatic re-creation of the BN_BLINDING parameters after
+ a fixed number of uses (currently 32)
+ - add new function for parameter creation
+ - introduce flags to control the update behaviour of the
+ BN_BLINDING parameters
+ - hide BN_BLINDING structure
+ Add a second BN_BLINDING slot to the RSA structure to improve
+ performance when a single RSA object is shared among several
+ threads.
+ [Nils Larsch]
+
+ *) Add support for DTLS.
+ [Nagendra Modadugu <nagendra at cs.stanford.edu> and Ben Laurie]
+
+ *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
+ to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
+ [Walter Goulet]
+
+ *) Remove buggy and incompletet DH cert support from
+ ssl/ssl_rsa.c and ssl/s3_both.c
+ [Nils Larsch]
+
+ *) Use SHA-1 instead of MD5 as the default digest algorithm for
+ the apps/openssl applications.
+ [Nils Larsch]
+
+ *) Compile clean with "-Wall -Wmissing-prototypes
+ -Wstrict-prototypes -Wmissing-declarations -Werror". Currently
+ DEBUG_SAFESTACK must also be set.
+ [Ben Laurie]
+
+ *) Change ./Configure so that certain algorithms can be disabled by default.
+ The new counterpiece to "no-xxx" is "enable-xxx".
+
+ The patented RC5 and MDC2 algorithms will now be disabled unless
+ "enable-rc5" and "enable-mdc2", respectively, are specified.
+
+ (IDEA remains enabled despite being patented. This is because IDEA
+ is frequently required for interoperability, and there is no license
+ fee for non-commercial use. As before, "no-idea" can be used to
+ avoid this algorithm.)
+
+ [Bodo Moeller]
+
+ *) Add processing of proxy certificates (see RFC 3820). This work was
+ sponsored by KTH (The Royal Institute of Technology in Stockholm) and
+ EGEE (Enabling Grids for E-science in Europe).
+ [Richard Levitte]
+
+ *) RC4 performance overhaul on modern architectures/implementations, such
+ as Intel P4, IA-64 and AMD64.
+ [Andy Polyakov]
+
+ *) New utility extract-section.pl. This can be used specify an alternative
+ section number in a pod file instead of having to treat each file as
+ a separate case in Makefile. This can be done by adding two lines to the
+ pod file:
+
+ =for comment openssl_section:XXX
+
+ The blank line is mandatory.
+
+ [Steve Henson]
+
+ *) New arguments -certform, -keyform and -pass for s_client and s_server
+ to allow alternative format key and certificate files and passphrase
+ sources.
+ [Steve Henson]
+
+ *) New structure X509_VERIFY_PARAM which combines current verify parameters,
+ update associated structures and add various utility functions.
+
+ Add new policy related verify parameters, include policy checking in
+ standard verify code. Enhance 'smime' application with extra parameters
+ to support policy checking and print out.
+ [Steve Henson]
+
+ *) Add a new engine to support VIA PadLock ACE extensions in the VIA C3
+ Nehemiah processors. These extensions support AES encryption in hardware
+ as well as RNG (though RNG support is currently disabled).
+ [Michal Ludvig <michal at logix.cz>, with help from Andy Polyakov]
+
+ *) Deprecate BN_[get|set]_params() functions (they were ignored internally).
+ [Geoff Thorpe]
+
+ *) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented.
+ [Andy Polyakov and a number of other people]
+
+ *) Improved PowerPC platform support. Most notably BIGNUM assembler
+ implementation contributed by IBM.
+ [Suresh Chari, Peter Waltenberg, Andy Polyakov]
+
+ *) The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public
+ exponent rather than 'unsigned long'. There is a corresponding change to
+ the new 'rsa_keygen' element of the RSA_METHOD structure.
+ [Jelte Jansen, Geoff Thorpe]
+
+ *) Functionality for creating the initial serial number file is now
+ moved from CA.pl to the 'ca' utility with a new option -create_serial.
+
+ (Before OpenSSL 0.9.7e, CA.pl used to initialize the serial
+ number file to 1, which is bound to cause problems. To avoid
+ the problems while respecting compatibility between different 0.9.7
+ patchlevels, 0.9.7e employed 'openssl x509 -next_serial' in
+ CA.pl for serial number initialization. With the new release 0.9.8,
+ we can fix the problem directly in the 'ca' utility.)
+ [Steve Henson]
+
+ *) Reduced header interdepencies by declaring more opaque objects in
+ ossl_typ.h. As a consequence, including some headers (eg. engine.h) will
+ give fewer recursive includes, which could break lazy source code - so
+ this change is covered by the OPENSSL_NO_DEPRECATED symbol. As always,
+ developers should define this symbol when building and using openssl to
+ ensure they track the recommended behaviour, interfaces, [etc], but
+ backwards-compatible behaviour prevails when this isn't defined.
+ [Geoff Thorpe]
+
+ *) New function X509_POLICY_NODE_print() which prints out policy nodes.
+ [Steve Henson]
+
+ *) Add new EVP function EVP_CIPHER_CTX_rand_key and associated functionality.
+ This will generate a random key of the appropriate length based on the
+ cipher context. The EVP_CIPHER can provide its own random key generation
+ routine to support keys of a specific form. This is used in the des and
+ 3des routines to generate a key of the correct parity. Update S/MIME
+ code to use new functions and hence generate correct parity DES keys.
+ Add EVP_CHECK_DES_KEY #define to return an error if the key is not
+ valid (weak or incorrect parity).
+ [Steve Henson]
+
+ *) Add a local set of CRLs that can be used by X509_verify_cert() as well
+ as looking them up. This is useful when the verified structure may contain
+ CRLs, for example PKCS#7 signedData. Modify PKCS7_verify() to use any CRLs
+ present unless the new PKCS7_NO_CRL flag is asserted.
+ [Steve Henson]
+
+ *) Extend ASN1 oid configuration module. It now additionally accepts the
+ syntax:
+
+ shortName = some long name, 1.2.3.4
+ [Steve Henson]
+
+ *) Reimplemented the BN_CTX implementation. There is now no more static
+ limitation on the number of variables it can handle nor the depth of the
+ "stack" handling for BN_CTX_start()/BN_CTX_end() pairs. The stack
+ information can now expand as required, and rather than having a single
+ static array of bignums, BN_CTX now uses a linked-list of such arrays
+ allowing it to expand on demand whilst maintaining the usefulness of
+ BN_CTX's "bundling".
+ [Geoff Thorpe]
+
+ *) Add a missing BN_CTX parameter to the 'rsa_mod_exp' callback in RSA_METHOD
+ to allow all RSA operations to function using a single BN_CTX.
+ [Geoff Thorpe]
+
+ *) Preliminary support for certificate policy evaluation and checking. This
+ is initially intended to pass the tests outlined in "Conformance Testing
+ of Relying Party Client Certificate Path Processing Logic" v1.07.
+ [Steve Henson]
+
+ *) bn_dup_expand() has been deprecated, it was introduced in 0.9.7 and
+ remained unused and not that useful. A variety of other little bignum
+ tweaks and fixes have also been made continuing on from the audit (see
+ below).
+ [Geoff Thorpe]
+
+ *) Constify all or almost all d2i, c2i, s2i and r2i functions, along with
+ associated ASN1, EVP and SSL functions and old ASN1 macros.
+ [Richard Levitte]
+
+ *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results,
+ and this should never fail. So the return value from the use of
+ BN_set_word() (which can fail due to needless expansion) is now deprecated;
+ if OPENSSL_NO_DEPRECATED is defined, BN_zero() is a void macro.
+ [Geoff Thorpe]
+
+ *) BN_CTX_get() should return zero-valued bignums, providing the same
+ initialised value as BN_new().
+ [Geoff Thorpe, suggested by Ulf Möller]
+
+ *) Support for inhibitAnyPolicy certificate extension.
+ [Steve Henson]
+
+ *) An audit of the BIGNUM code is underway, for which debugging code is
+ enabled when BN_DEBUG is defined. This makes stricter enforcements on what
+ is considered valid when processing BIGNUMs, and causes execution to
+ assert() when a problem is discovered. If BN_DEBUG_RAND is defined,
+ further steps are taken to deliberately pollute unused data in BIGNUM
+ structures to try and expose faulty code further on. For now, openssl will
+ (in its default mode of operation) continue to tolerate the inconsistent
+ forms that it has tolerated in the past, but authors and packagers should
+ consider trying openssl and their own applications when compiled with
+ these debugging symbols defined. It will help highlight potential bugs in
+ their own code, and will improve the test coverage for OpenSSL itself. At
+ some point, these tighter rules will become openssl's default to improve
+ maintainability, though the assert()s and other overheads will remain only
+ in debugging configurations. See bn.h for more details.
+ [Geoff Thorpe, Nils Larsch, Ulf Möller]
+
+ *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure
+ that can only be obtained through BN_CTX_new() (which implicitly
+ initialises it). The presence of this function only made it possible
+ to overwrite an existing structure (and cause memory leaks).
+ [Geoff Thorpe]
+
+ *) Because of the callback-based approach for implementing LHASH as a
+ template type, lh_insert() adds opaque objects to hash-tables and
+ lh_doall() or lh_doall_arg() are typically used with a destructor callback
+ to clean up those corresponding objects before destroying the hash table
+ (and losing the object pointers). So some over-zealous constifications in
+ LHASH have been relaxed so that lh_insert() does not take (nor store) the
+ objects as "const" and the lh_doall[_arg] callback wrappers are not
+ prototyped to have "const" restrictions on the object pointers they are
+ given (and so aren't required to cast them away any more).
+ [Geoff Thorpe]
+
+ *) The tmdiff.h API was so ugly and minimal that our own timing utility
+ (speed) prefers to use its own implementation. The two implementations
+ haven't been consolidated as yet (volunteers?) but the tmdiff API has had
+ its object type properly exposed (MS_TM) instead of casting to/from "char
+ *". This may still change yet if someone realises MS_TM and "ms_time_***"
+ aren't necessarily the greatest nomenclatures - but this is what was used
+ internally to the implementation so I've used that for now.
+ [Geoff Thorpe]
+
+ *) Ensure that deprecated functions do not get compiled when
+ OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of
+ the self-tests were still using deprecated key-generation functions so
+ these have been updated also.
+ [Geoff Thorpe]
+
+ *) Reorganise PKCS#7 code to separate the digest location functionality
+ into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest().
+ New function PKCS7_set_digest() to set the digest type for PKCS#7
+ digestedData type. Add additional code to correctly generate the
+ digestedData type and add support for this type in PKCS7 initialization
+ functions.
+ [Steve Henson]
+
+ *) New function PKCS7_set0_type_other() this initializes a PKCS7
+ structure of type "other".
+ [Steve Henson]
+
+ *) Fix prime generation loop in crypto/bn/bn_prime.pl by making
+ sure the loop does correctly stop and breaking ("division by zero")
+ modulus operations are not performed. The (pre-generated) prime
+ table crypto/bn/bn_prime.h was already correct, but it could not be
+ re-generated on some platforms because of the "division by zero"
+ situation in the script.
+ [Ralf S. Engelschall]
+
+ *) Update support for ECC-based TLS ciphersuites according to
+ draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with
+ SHA-1 now is only used for "small" curves (where the
+ representation of a field element takes up to 24 bytes); for
+ larger curves, the field element resulting from ECDH is directly
+ used as premaster secret.
+ [Douglas Stebila (Sun Microsystems Laboratories)]
+
+ *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2
+ curve secp160r1 to the tests.
+ [Douglas Stebila (Sun Microsystems Laboratories)]
+
+ *) Add the possibility to load symbols globally with DSO.
+ [Götz Babin-Ebell <babin-ebell at trustcenter.de> via Richard Levitte]
+
+ *) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better
+ control of the error stack.
+ [Richard Levitte]
+
+ *) Add support for STORE in ENGINE.
+ [Richard Levitte]
+
+ *) Add the STORE type. The intention is to provide a common interface
+ to certificate and key stores, be they simple file-based stores, or
+ HSM-type store, or LDAP stores, or...
+ NOTE: The code is currently UNTESTED and isn't really used anywhere.
+ [Richard Levitte]
+
+ *) Add a generic structure called OPENSSL_ITEM. This can be used to
+ pass a list of arguments to any function as well as provide a way
+ for a function to pass data back to the caller.
+ [Richard Levitte]
+
+ *) Add the functions BUF_strndup() and BUF_memdup(). BUF_strndup()
+ works like BUF_strdup() but can be used to duplicate a portion of
+ a string. The copy gets NUL-terminated. BUF_memdup() duplicates
+ a memory area.
+ [Richard Levitte]
+
+ *) Add the function sk_find_ex() which works like sk_find(), but will
+ return an index to an element even if an exact match couldn't be
+ found. The index is guaranteed to point at the element where the
+ searched-for key would be inserted to preserve sorting order.
+ [Richard Levitte]
+
+ *) Add the function OBJ_bsearch_ex() which works like OBJ_bsearch() but
+ takes an extra flags argument for optional functionality. Currently,
+ the following flags are defined:
+
+ OBJ_BSEARCH_VALUE_ON_NOMATCH
+ This one gets OBJ_bsearch_ex() to return a pointer to the first
+ element where the comparing function returns a negative or zero
+ number.
+
+ OBJ_BSEARCH_FIRST_VALUE_ON_MATCH
+ This one gets OBJ_bsearch_ex() to return a pointer to the first
+ element where the comparing function returns zero. This is useful
+ if there are more than one element where the comparing function
+ returns zero.
+ [Richard Levitte]
+
+ *) Make it possible to create self-signed certificates with 'openssl ca'
+ in such a way that the self-signed certificate becomes part of the
+ CA database and uses the same mechanisms for serial number generation
+ as all other certificate signing. The new flag '-selfsign' enables
+ this functionality. Adapt CA.sh and CA.pl.in.
+ [Richard Levitte]
+
+ *) Add functionality to check the public key of a certificate request
+ against a given private. This is useful to check that a certificate
+ request can be signed by that key (self-signing).
+ [Richard Levitte]
+
+ *) Make it possible to have multiple active certificates with the same
+ subject in the CA index file. This is done only if the keyword
+ 'unique_subject' is set to 'no' in the main CA section (default
+ if 'CA_default') of the configuration file. The value is saved
+ with the database itself in a separate index attribute file,
+ named like the index file with '.attr' appended to the name.
+ [Richard Levitte]
+
+ *) Generate muti valued AVAs using '+' notation in config files for
+ req and dirName.
+ [Steve Henson]
+
+ *) Support for nameConstraints certificate extension.
+ [Steve Henson]
+
+ *) Support for policyConstraints certificate extension.
+ [Steve Henson]
+
+ *) Support for policyMappings certificate extension.
+ [Steve Henson]
+
+ *) Make sure the default DSA_METHOD implementation only uses its
+ dsa_mod_exp() and/or bn_mod_exp() handlers if they are non-NULL,
+ and change its own handlers to be NULL so as to remove unnecessary
+ indirection. This lets alternative implementations fallback to the
+ default implementation more easily.
+ [Geoff Thorpe]
+
+ *) Support for directoryName in GeneralName related extensions
+ in config files.
+ [Steve Henson]
+
+ *) Make it possible to link applications using Makefile.shared.
+ Make that possible even when linking against static libraries!
+ [Richard Levitte]
+
+ *) Support for single pass processing for S/MIME signing. This now
+ means that S/MIME signing can be done from a pipe, in addition
+ cleartext signing (multipart/signed type) is effectively streaming
+ and the signed data does not need to be all held in memory.
+
+ This is done with a new flag PKCS7_STREAM. When this flag is set
+ PKCS7_sign() only initializes the PKCS7 structure and the actual signing
+ is done after the data is output (and digests calculated) in
+ SMIME_write_PKCS7().
+ [Steve Henson]
+
+ *) Add full support for -rpath/-R, both in shared libraries and
+ applications, at least on the platforms where it's known how
+ to do it.
+ [Richard Levitte]
+
+ *) In crypto/ec/ec_mult.c, implement fast point multiplication with
+ precomputation, based on wNAF splitting: EC_GROUP_precompute_mult()
+ will now compute a table of multiples of the generator that
+ makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul()
+ faster (notably in the case of a single point multiplication,
+ scalar * generator).
+ [Nils Larsch, Bodo Moeller]
+
+ *) IPv6 support for certificate extensions. The various extensions
+ which use the IP:a.b.c.d can now take IPv6 addresses using the
+ formats of RFC1884 2.2 . IPv6 addresses are now also displayed
+ correctly.
+ [Steve Henson]
+
+ *) Added an ENGINE that implements RSA by performing private key
+ exponentiations with the GMP library. The conversions to and from
+ GMP's mpz_t format aren't optimised nor are any montgomery forms
+ cached, and on x86 it appears OpenSSL's own performance has caught up.
+ However there are likely to be other architectures where GMP could
+ provide a boost. This ENGINE is not built in by default, but it can be
+ specified at Configure time and should be accompanied by the necessary
+ linker additions, eg;
+ ./config -DOPENSSL_USE_GMP -lgmp
+ [Geoff Thorpe]
+
+ *) "openssl engine" will not display ENGINE/DSO load failure errors when
+ testing availability of engines with "-t" - the old behaviour is
+ produced by increasing the feature's verbosity with "-tt".
+ [Geoff Thorpe]
+
+ *) ECDSA routines: under certain error conditions uninitialized BN objects
+ could be freed. Solution: make sure initialization is performed early
+ enough. (Reported and fix supplied by Nils Larsch <nla at trustcenter.de>
+ via PR#459)
+ [Lutz Jaenicke]
+
+ *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
+ and DH_METHOD (eg. by ENGINE implementations) to override the normal
+ software implementations. For DSA and DH, parameter generation can
+ also be overriden by providing the appropriate method callbacks.
+ [Geoff Thorpe]
+
+ *) Change the "progress" mechanism used in key-generation and
+ primality testing to functions that take a new BN_GENCB pointer in
+ place of callback/argument pairs. The new API functions have "_ex"
+ postfixes and the older functions are reimplemented as wrappers for
+ the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
+ declarations of the old functions to help (graceful) attempts to
+ migrate to the new functions. Also, the new key-generation API
+ functions operate on a caller-supplied key-structure and return
+ success/failure rather than returning a key or NULL - this is to
+ help make "keygen" another member function of RSA_METHOD etc.
+
+ Example for using the new callback interface:
+
+ int (*my_callback)(int a, int b, BN_GENCB *cb) = ...;
+ void *my_arg = ...;
+ BN_GENCB my_cb;
+
+ BN_GENCB_set(&my_cb, my_callback, my_arg);
+
+ return BN_is_prime_ex(some_bignum, BN_prime_checks, NULL, &cb);
+ /* For the meaning of a, b in calls to my_callback(), see the
+ * documentation of the function that calls the callback.
+ * cb will point to my_cb; my_arg can be retrieved as cb->arg.
+ * my_callback should return 1 if it wants BN_is_prime_ex()
+ * to continue, or 0 to stop.
+ */
+
+ [Geoff Thorpe]
+
+ *) Change the ZLIB compression method to be stateful, and make it
+ available to TLS with the number defined in
+ draft-ietf-tls-compression-04.txt.
+ [Richard Levitte]
+
+ *) Add the ASN.1 structures and functions for CertificatePair, which
+ is defined as follows (according to X.509_4thEditionDraftV6.pdf):
+
+ CertificatePair ::= SEQUENCE {
+ forward [0] Certificate OPTIONAL,
+ reverse [1] Certificate OPTIONAL,
+ -- at least one of the pair shall be present -- }
+
+ Also implement the PEM functions to read and write certificate
+ pairs, and defined the PEM tag as "CERTIFICATE PAIR".
+
+ This needed to be defined, mostly for the sake of the LDAP
+ attribute crossCertificatePair, but may prove useful elsewhere as
+ well.
+ [Richard Levitte]
+
+ *) Make it possible to inhibit symlinking of shared libraries in
+ Makefile.shared, for Cygwin's sake.
+ [Richard Levitte]
+
+ *) Extend the BIGNUM API by creating a function
+ void BN_set_negative(BIGNUM *a, int neg);
+ and a macro that behave like
+ int BN_is_negative(const BIGNUM *a);
+
+ to avoid the need to access 'a->neg' directly in applications.
+ [Nils Larsch]
+
+ *) Implement fast modular reduction for pseudo-Mersenne primes
+ used in NIST curves (crypto/bn/bn_nist.c, crypto/ec/ecp_nist.c).
+ EC_GROUP_new_curve_GFp() will now automatically use this
+ if applicable.
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Add new lock type (CRYPTO_LOCK_BN).
+ [Bodo Moeller]
+
+ *) Change the ENGINE framework to automatically load engines
+ dynamically from specific directories unless they could be
+ found to already be built in or loaded. Move all the
+ current engines except for the cryptodev one to a new
+ directory engines/.
+ The engines in engines/ are built as shared libraries if
+ the "shared" options was given to ./Configure or ./config.
+ Otherwise, they are inserted in libcrypto.a.
+ /usr/local/ssl/engines is the default directory for dynamic
+ engines, but that can be overriden at configure time through
+ the usual use of --prefix and/or --openssldir, and at run
+ time with the environment variable OPENSSL_ENGINES.
+ [Geoff Thorpe and Richard Levitte]
+
+ *) Add Makefile.shared, a helper makefile to build shared
+ libraries. Addapt Makefile.org.
+ [Richard Levitte]
+
+ *) Add version info to Win32 DLLs.
+ [Peter 'Luna' Runestig" <peter at runestig.com>]
+
+ *) Add new 'medium level' PKCS#12 API. Certificates and keys
+ can be added using this API to created arbitrary PKCS#12
+ files while avoiding the low level API.
+
+ New options to PKCS12_create(), key or cert can be NULL and
+ will then be omitted from the output file. The encryption
+ algorithm NIDs can be set to -1 for no encryption, the mac
+ iteration count can be set to 0 to omit the mac.
+
+ Enhance pkcs12 utility by making the -nokeys and -nocerts
+ options work when creating a PKCS#12 file. New option -nomac
+ to omit the mac, NONE can be set for an encryption algorithm.
+ New code is modified to use the enhanced PKCS12_create()
+ instead of the low level API.
+ [Steve Henson]
+
+ *) Extend ASN1 encoder to support indefinite length constructed
+ encoding. This can output sequences tags and octet strings in
+ this form. Modify pk7_asn1.c to support indefinite length
+ encoding. This is experimental and needs additional code to
+ be useful, such as an ASN1 bio and some enhanced streaming
+ PKCS#7 code.
+
+ Extend template encode functionality so that tagging is passed
+ down to the template encoder.
+ [Steve Henson]
+
+ *) Let 'openssl req' fail if an argument to '-newkey' is not
+ recognized instead of using RSA as a default.
+ [Bodo Moeller]
+
+ *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt.
+ As these are not official, they are not included in "ALL";
+ the "ECCdraft" ciphersuite group alias can be used to select them.
+ [Vipul Gupta and Sumit Gupta (Sun Microsystems Laboratories)]
+
+ *) Add ECDH engine support.
+ [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
+
+ *) Add ECDH in new directory crypto/ecdh/.
+ [Douglas Stebila (Sun Microsystems Laboratories)]
+
+ *) Let BN_rand_range() abort with an error after 100 iterations
+ without success (which indicates a broken PRNG).
+ [Bodo Moeller]
+
+ *) Change BN_mod_sqrt() so that it verifies that the input value
+ is really the square of the return value. (Previously,
+ BN_mod_sqrt would show GIGO behaviour.)
+ [Bodo Moeller]
+
+ *) Add named elliptic curves over binary fields from X9.62, SECG,
+ and WAP/WTLS; add OIDs that were still missing.
+
+ [Sheueling Chang Shantz and Douglas Stebila
+ (Sun Microsystems Laboratories)]
+
+ *) Extend the EC library for elliptic curves over binary fields
+ (new files ec2_smpl.c, ec2_smpt.c, ec2_mult.c in crypto/ec/).
+ New EC_METHOD:
+
+ EC_GF2m_simple_method
+
+ New API functions:
+
+ EC_GROUP_new_curve_GF2m
+ EC_GROUP_set_curve_GF2m
+ EC_GROUP_get_curve_GF2m
+ EC_POINT_set_affine_coordinates_GF2m
+ EC_POINT_get_affine_coordinates_GF2m
+ EC_POINT_set_compressed_coordinates_GF2m
+
+ Point compression for binary fields is disabled by default for
+ patent reasons (compile with OPENSSL_EC_BIN_PT_COMP defined to
+ enable it).
+
+ As binary polynomials are represented as BIGNUMs, various members
+ of the EC_GROUP and EC_POINT data structures can be shared
+ between the implementations for prime fields and binary fields;
+ the above ..._GF2m functions (except for EX_GROUP_new_curve_GF2m)
+ are essentially identical to their ..._GFp counterparts.
+ (For simplicity, the '..._GFp' prefix has been dropped from
+ various internal method names.)
+
+ An internal 'field_div' method (similar to 'field_mul' and
+ 'field_sqr') has been added; this is used only for binary fields.
+
+ [Sheueling Chang Shantz and Douglas Stebila
+ (Sun Microsystems Laboratories)]
+
+ *) Optionally dispatch EC_POINT_mul(), EC_POINT_precompute_mult()
+ through methods ('mul', 'precompute_mult').
+
+ The generic implementations (now internally called 'ec_wNAF_mul'
+ and 'ec_wNAF_precomputed_mult') remain the default if these
+ methods are undefined.
+
+ [Sheueling Chang Shantz and Douglas Stebila
+ (Sun Microsystems Laboratories)]
+
+ *) New function EC_GROUP_get_degree, which is defined through
+ EC_METHOD. For curves over prime fields, this returns the bit
+ length of the modulus.
+
+ [Sheueling Chang Shantz and Douglas Stebila
+ (Sun Microsystems Laboratories)]
+
+ *) New functions EC_GROUP_dup, EC_POINT_dup.
+ (These simply call ..._new and ..._copy).
+
+ [Sheueling Chang Shantz and Douglas Stebila
+ (Sun Microsystems Laboratories)]
+
+ *) Add binary polynomial arithmetic software in crypto/bn/bn_gf2m.c.
+ Polynomials are represented as BIGNUMs (where the sign bit is not
+ used) in the following functions [macros]:
+
+ BN_GF2m_add
+ BN_GF2m_sub [= BN_GF2m_add]
+ BN_GF2m_mod [wrapper for BN_GF2m_mod_arr]
+ BN_GF2m_mod_mul [wrapper for BN_GF2m_mod_mul_arr]
+ BN_GF2m_mod_sqr [wrapper for BN_GF2m_mod_sqr_arr]
+ BN_GF2m_mod_inv
+ BN_GF2m_mod_exp [wrapper for BN_GF2m_mod_exp_arr]
+ BN_GF2m_mod_sqrt [wrapper for BN_GF2m_mod_sqrt_arr]
+ BN_GF2m_mod_solve_quad [wrapper for BN_GF2m_mod_solve_quad_arr]
+ BN_GF2m_cmp [= BN_ucmp]
+
+ (Note that only the 'mod' functions are actually for fields GF(2^m).
+ BN_GF2m_add() is misnomer, but this is for the sake of consistency.)
+
+ For some functions, an the irreducible polynomial defining a
+ field can be given as an 'unsigned int[]' with strictly
+ decreasing elements giving the indices of those bits that are set;
+ i.e., p[] represents the polynomial
+ f(t) = t^p[0] + t^p[1] + ... + t^p[k]
+ where
+ p[0] > p[1] > ... > p[k] = 0.
+ This applies to the following functions:
+
+ BN_GF2m_mod_arr
+ BN_GF2m_mod_mul_arr
+ BN_GF2m_mod_sqr_arr
+ BN_GF2m_mod_inv_arr [wrapper for BN_GF2m_mod_inv]
+ BN_GF2m_mod_div_arr [wrapper for BN_GF2m_mod_div]
+ BN_GF2m_mod_exp_arr
+ BN_GF2m_mod_sqrt_arr
+ BN_GF2m_mod_solve_quad_arr
+ BN_GF2m_poly2arr
+ BN_GF2m_arr2poly
+
+ Conversion can be performed by the following functions:
+
+ BN_GF2m_poly2arr
+ BN_GF2m_arr2poly
+
+ bntest.c has additional tests for binary polynomial arithmetic.
+
+ Two implementations for BN_GF2m_mod_div() are available.
+ The default algorithm simply uses BN_GF2m_mod_inv() and
+ BN_GF2m_mod_mul(). The alternative algorithm is compiled in only
+ if OPENSSL_SUN_GF2M_DIV is defined (patent pending; read the
+ copyright notice in crypto/bn/bn_gf2m.c before enabling it).
+
+ [Sheueling Chang Shantz and Douglas Stebila
+ (Sun Microsystems Laboratories)]
+
+ *) Add new error code 'ERR_R_DISABLED' that can be used when some
+ functionality is disabled at compile-time.
+ [Douglas Stebila <douglas.stebila at sun.com>]
+
+ *) Change default behaviour of 'openssl asn1parse' so that more
+ information is visible when viewing, e.g., a certificate:
+
+ Modify asn1_parse2 (crypto/asn1/asn1_par.c) so that in non-'dump'
+ mode the content of non-printable OCTET STRINGs is output in a
+ style similar to INTEGERs, but with '[HEX DUMP]' prepended to
+ avoid the appearance of a printable string.
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access
+ functions
+ EC_GROUP_set_asn1_flag()
+ EC_GROUP_get_asn1_flag()
+ EC_GROUP_set_point_conversion_form()
+ EC_GROUP_get_point_conversion_form()
+ These control ASN1 encoding details:
+ - Curves (i.e., groups) are encoded explicitly unless asn1_flag
+ has been set to OPENSSL_EC_NAMED_CURVE.
+ - Points are encoded in uncompressed form by default; options for
+ asn1_for are as for point2oct, namely
+ POINT_CONVERSION_COMPRESSED
+ POINT_CONVERSION_UNCOMPRESSED
+ POINT_CONVERSION_HYBRID
+
+ Also add 'seed' and 'seed_len' members to EC_GROUP with access
+ functions
+ EC_GROUP_set_seed()
+ EC_GROUP_get0_seed()
+ EC_GROUP_get_seed_len()
+ This is used only for ASN1 purposes (so far).
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Add 'field_type' member to EC_METHOD, which holds the NID
+ of the appropriate field type OID. The new function
+ EC_METHOD_get_field_type() returns this value.
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Add functions
+ EC_POINT_point2bn()
+ EC_POINT_bn2point()
+ EC_POINT_point2hex()
+ EC_POINT_hex2point()
+ providing useful interfaces to EC_POINT_point2oct() and
+ EC_POINT_oct2point().
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Change internals of the EC library so that the functions
+ EC_GROUP_set_generator()
+ EC_GROUP_get_generator()
+ EC_GROUP_get_order()
+ EC_GROUP_get_cofactor()
+ are implemented directly in crypto/ec/ec_lib.c and not dispatched
+ to methods, which would lead to unnecessary code duplication when
+ adding different types of curves.
+ [Nils Larsch <nla at trustcenter.de> with input by Bodo Moeller]
+
+ *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
+ arithmetic, and such that modified wNAFs are generated
+ (which avoid length expansion in many cases).
+ [Bodo Moeller]
+
+ *) Add a function EC_GROUP_check_discriminant() (defined via
+ EC_METHOD) that verifies that the curve discriminant is non-zero.
+
+ Add a function EC_GROUP_check() that makes some sanity tests
+ on a EC_GROUP, its generator and order. This includes
+ EC_GROUP_check_discriminant().
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Add ECDSA in new directory crypto/ecdsa/.
+
+ Add applications 'openssl ecparam' and 'openssl ecdsa'
+ (these are based on 'openssl dsaparam' and 'openssl dsa').
+
+ ECDSA support is also included in various other files across the
+ library. Most notably,
+ - 'openssl req' now has a '-newkey ecdsa:file' option;
+ - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
+ - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
+ d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
+ them suitable for ECDSA where domain parameters must be
+ extracted before the specific public key;
+ - ECDSA engine support has been added.
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Include some named elliptic curves, and add OIDs from X9.62,
+ SECG, and WAP/WTLS. Each curve can be obtained from the new
+ function
+ EC_GROUP_new_by_curve_name(),
+ and the list of available named curves can be obtained with
+ EC_get_builtin_curves().
+ Also add a 'curve_name' member to EC_GROUP objects, which can be
+ accessed via
+ EC_GROUP_set_curve_name()
+ EC_GROUP_get_curve_name()
+ [Nils Larsch <larsch at trustcenter.de, Bodo Moeller]
+
+ *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
+ was actually never needed) and in BN_mul(). The removal in BN_mul()
+ required a small change in bn_mul_part_recursive() and the addition
+ of the functions bn_cmp_part_words(), bn_sub_part_words() and
+ bn_add_part_words(), which do the same thing as bn_cmp_words(),
+ bn_sub_words() and bn_add_words() except they take arrays with
+ differing sizes.
+ [Richard Levitte]
+
+ Changes between 0.9.7l and 0.9.7m [23 Feb 2007]
+
+ *) Cleanse PEM buffers before freeing them since they may contain
+ sensitive data.
+ [Benjamin Bennett <ben at psc.edu>]
+
+ *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
+ a ciphersuite string such as "DEFAULT:RSA" cannot enable
+ authentication-only ciphersuites.
+ [Bodo Moeller]
+
+ *) Since AES128 and AES256 share a single mask bit in the logic of
+ ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
+ kludge to work properly if AES128 is available and AES256 isn't.
+ [Victor Duchovni]
+
+ *) Expand security boundary to match 1.1.1 module.
+ [Steve Henson]
+
+ *) Remove redundant features: hash file source, editing of test vectors
+ modify fipsld to use external fips_premain.c signature.
+ [Steve Henson]
+
+ *) New perl script mkfipsscr.pl to create shell scripts or batch files to
+ run algorithm test programs.
+ [Steve Henson]
+
+ *) Make algorithm test programs more tolerant of whitespace.
+ [Steve Henson]
+
+ *) Have SSL/TLS server implementation tolerate "mismatched" record
+ protocol version while receiving ClientHello even if the
+ ClientHello is fragmented. (The server can't insist on the
+ particular protocol version it has chosen before the ServerHello
+ message has informed the client about his choice.)
+ [Bodo Moeller]
+
+ *) Load error codes if they are not already present instead of using a
+ static variable. This allows them to be cleanly unloaded and reloaded.
+ [Steve Henson]
+
+ Changes between 0.9.7k and 0.9.7l [28 Sep 2006]
+
+ *) Introduce limits to prevent malicious keys being able to
+ cause a denial of service. (CVE-2006-2940)
+ [Steve Henson, Bodo Moeller]
+
+ *) Fix ASN.1 parsing of certain invalid structures that can result
+ in a denial of service. (CVE-2006-2937) [Steve Henson]
+
+ *) Fix buffer overflow in SSL_get_shared_ciphers() function.
+ (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
+
+ *) Fix SSL client code which could crash if connecting to a
+ malicious SSLv2 server. (CVE-2006-4343)
+ [Tavis Ormandy and Will Drewry, Google Security Team]
+
+ *) Change ciphersuite string processing so that an explicit
+ ciphersuite selects this one ciphersuite (so that "AES256-SHA"
+ will no longer include "AES128-SHA"), and any other similar
+ ciphersuite (same bitmap) from *other* protocol versions (so that
+ "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
+ SSL 3.0/TLS 1.0 ciphersuite). This is a backport combining
+ changes from 0.9.8b and 0.9.8d.
+ [Bodo Moeller]
+
+ Changes between 0.9.7j and 0.9.7k [05 Sep 2006]
+
+ *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+ (CVE-2006-4339) [Ben Laurie and Google Security Team]
+
+ *) Change the Unix randomness entropy gathering to use poll() when
+ possible instead of select(), since the latter has some
+ undesirable limitations.
+ [Darryl Miles via Richard Levitte and Bodo Moeller]
+
+ *) Disable rogue ciphersuites:
+
+ - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
+ - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
+ - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
+
+ The latter two were purportedly from
+ draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
+ appear there.
+
+ Also deactive the remaining ciphersuites from
+ draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
+ unofficial, and the ID has long expired.
+ [Bodo Moeller]
+
+ *) Fix RSA blinding Heisenbug (problems sometimes occured on
+ dual-core machines) and other potential thread-safety issues.
+ [Bodo Moeller]
+
+ Changes between 0.9.7i and 0.9.7j [04 May 2006]
+
+ *) Adapt fipsld and the build system to link against the validated FIPS
+ module in FIPS mode.
+ [Steve Henson]
+
+ *) Fixes for VC++ 2005 build under Windows.
+ [Steve Henson]
+
+ *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make
+ from a Windows bash shell such as MSYS. It is autodetected from the
+ "config" script when run from a VC++ environment. Modify standard VC++
+ build to use fipscanister.o from the GNU make build.
+ [Steve Henson]
+
+ Changes between 0.9.7h and 0.9.7i [14 Oct 2005]
+
+ *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
+ The value now differs depending on if you build for FIPS or not.
+ BEWARE! A program linked with a shared FIPSed libcrypto can't be
+ safely run with a non-FIPSed libcrypto, as it may crash because of
+ the difference induced by this change.
+ [Andy Polyakov]
+
+ Changes between 0.9.7g and 0.9.7h [11 Oct 2005]
+
+ *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
+ (part of SSL_OP_ALL). This option used to disable the
+ countermeasure against man-in-the-middle protocol-version
+ rollback in the SSL 2.0 server implementation, which is a bad
+ idea. (CVE-2005-2969)
+
+ [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
+ for Information Security, National Institute of Advanced Industrial
+ Science and Technology [AIST], Japan)]
+
+ *) Minimal support for X9.31 signatures and PSS padding modes. This is
+ mainly for FIPS compliance and not fully integrated at this stage.
+ [Steve Henson]
+
+ *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
+ the exponentiation using a fixed-length exponent. (Otherwise,
+ the information leaked through timing could expose the secret key
+ after many signatures; cf. Bleichenbacher's attack on DSA with
+ biased k.)
+ [Bodo Moeller]
+
+ *) Make a new fixed-window mod_exp implementation the default for
+ RSA, DSA, and DH private-key operations so that the sequence of
+ squares and multiplies and the memory access pattern are
+ independent of the particular secret key. This will mitigate
+ cache-timing and potential related attacks.
+
+ BN_mod_exp_mont_consttime() is the new exponentiation implementation,
+ and this is automatically used by BN_mod_exp_mont() if the new flag
+ BN_FLG_EXP_CONSTTIME is set for the exponent. RSA, DSA, and DH
+ will use this BN flag for private exponents unless the flag
+ RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
+ DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
+
+ [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
+
+ *) Change the client implementation for SSLv23_method() and
+ SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
+ Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
+ (Previously, the SSL 2.0 backwards compatible Client Hello
+ message format would be used even with SSL_OP_NO_SSLv2.)
+ [Bodo Moeller]
+
+ *) Add support for smime-type MIME parameter in S/MIME messages which some
+ clients need.
+ [Steve Henson]
+
+ *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
+ a threadsafe manner. Modify rsa code to use new function and add calls
+ to dsa and dh code (which had race conditions before).
+ [Steve Henson]
+
+ *) Include the fixed error library code in the C error file definitions
+ instead of fixing them up at runtime. This keeps the error code
+ structures constant.
+ [Steve Henson]
+
+ Changes between 0.9.7f and 0.9.7g [11 Apr 2005]
+
+ [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
+ OpenSSL 0.9.8.]
+
+ *) Fixes for newer kerberos headers. NB: the casts are needed because
+ the 'length' field is signed on one version and unsigned on another
+ with no (?) obvious way to tell the difference, without these VC++
+ complains. Also the "definition" of FAR (blank) is no longer included
+ nor is the error ENOMEM. KRB5_PRIVATE has to be set to 1 to pick up
+ some needed definitions.
+ [Steve Henson]
+
+ *) Undo Cygwin change.
+ [Ulf Möller]
+
+ *) Added support for proxy certificates according to RFC 3820.
+ Because they may be a security thread to unaware applications,
+ they must be explicitely allowed in run-time. See
+ docs/HOWTO/proxy_certificates.txt for further information.
+ [Richard Levitte]
+
+ Changes between 0.9.7e and 0.9.7f [22 Mar 2005]
+
+ *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating
+ server and client random values. Previously
+ (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in
+ less random data when sizeof(time_t) > 4 (some 64 bit platforms).
+
+ This change has negligible security impact because:
+
+ 1. Server and client random values still have 24 bytes of pseudo random
+ data.
+
+ 2. Server and client random values are sent in the clear in the initial
+ handshake.
+
+ 3. The master secret is derived using the premaster secret (48 bytes in
+ size for static RSA ciphersuites) as well as client server and random
+ values.
+
+ The OpenSSL team would like to thank the UK NISCC for bringing this issue
+ to our attention.
+
+ [Stephen Henson, reported by UK NISCC]
+
+ *) Use Windows randomness collection on Cygwin.
+ [Ulf Möller]
+
+ *) Fix hang in EGD/PRNGD query when communication socket is closed
+ prematurely by EGD/PRNGD.
+ [Darren Tucker <dtucker at zip.com.au> via Lutz Jänicke, resolves #1014]
+
+ *) Prompt for pass phrases when appropriate for PKCS12 input format.
+ [Steve Henson]
+
+ *) Back-port of selected performance improvements from development
+ branch, as well as improved support for PowerPC platforms.
+ [Andy Polyakov]
+
+ *) Add lots of checks for memory allocation failure, error codes to indicate
+ failure and freeing up memory if a failure occurs.
+ [Nauticus Networks SSL Team <openssl at nauticusnet.com>, Steve Henson]
+
+ *) Add new -passin argument to dgst.
+ [Steve Henson]
+
+ *) Perform some character comparisons of different types in X509_NAME_cmp:
+ this is needed for some certificates that reencode DNs into UTF8Strings
+ (in violation of RFC3280) and can't or wont issue name rollover
+ certificates.
+ [Steve Henson]
+
+ *) Make an explicit check during certificate validation to see that
+ the CA setting in each certificate on the chain is correct. As a
+ side effect always do the following basic checks on extensions,
+ not just when there's an associated purpose to the check:
+
+ - if there is an unhandled critical extension (unless the user
+ has chosen to ignore this fault)
+ - if the path length has been exceeded (if one is set at all)
+ - that certain extensions fit the associated purpose (if one has
+ been given)
+ [Richard Levitte]
+
+ Changes between 0.9.7d and 0.9.7e [25 Oct 2004]
+
+ *) Avoid a race condition when CRLs are checked in a multi threaded
+ environment. This would happen due to the reordering of the revoked
+ entries during signature checking and serial number lookup. Now the
+ encoding is cached and the serial number sort performed under a lock.
+ Add new STACK function sk_is_sorted().
+ [Steve Henson]
+
+ *) Add Delta CRL to the extension code.
+ [Steve Henson]
+
+ *) Various fixes to s3_pkt.c so alerts are sent properly.
+ [David Holmes <d.holmes at f5.com>]
+
+ *) Reduce the chances of duplicate issuer name and serial numbers (in
+ violation of RFC3280) using the OpenSSL certificate creation utilities.
+ This is done by creating a random 64 bit value for the initial serial
+ number when a serial number file is created or when a self signed
+ certificate is created using 'openssl req -x509'. The initial serial
+ number file is created using 'openssl x509 -next_serial' in CA.pl
+ rather than being initialized to 1.
+ [Steve Henson]
+
+ Changes between 0.9.7c and 0.9.7d [17 Mar 2004]
+
+ *) Fix null-pointer assignment in do_change_cipher_spec() revealed
+ by using the Codenomicon TLS Test Tool (CVE-2004-0079)
+ [Joe Orton, Steve Henson]
+
+ *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
+ (CVE-2004-0112)
+ [Joe Orton, Steve Henson]
+
+ *) Make it possible to have multiple active certificates with the same
+ subject in the CA index file. This is done only if the keyword
+ 'unique_subject' is set to 'no' in the main CA section (default
+ if 'CA_default') of the configuration file. The value is saved
+ with the database itself in a separate index attribute file,
+ named like the index file with '.attr' appended to the name.
+ [Richard Levitte]
+
+ *) X509 verify fixes. Disable broken certificate workarounds when
+ X509_V_FLAGS_X509_STRICT is set. Check CRL issuer has cRLSign set if
+ keyUsage extension present. Don't accept CRLs with unhandled critical
+ extensions: since verify currently doesn't process CRL extensions this
+ rejects a CRL with *any* critical extensions. Add new verify error codes
+ for these cases.
+ [Steve Henson]
+
+ *) When creating an OCSP nonce use an OCTET STRING inside the extnValue.
+ A clarification of RFC2560 will require the use of OCTET STRINGs and
+ some implementations cannot handle the current raw format. Since OpenSSL
+ copies and compares OCSP nonces as opaque blobs without any attempt at
+ parsing them this should not create any compatibility issues.
+ [Steve Henson]
+
+ *) New md flag EVP_MD_CTX_FLAG_REUSE this allows md_data to be reused when
+ calling EVP_MD_CTX_copy_ex() to avoid calling OPENSSL_malloc(). Without
+ this HMAC (and other) operations are several times slower than OpenSSL
+ < 0.9.7.
+ [Steve Henson]
+
+ *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
+ [Peter Sylvester <Peter.Sylvester at EdelWeb.fr>]
+
+ *) Use the correct content when signing type "other".
+ [Steve Henson]
+
+ Changes between 0.9.7b and 0.9.7c [30 Sep 2003]
+
+ *) Fix various bugs revealed by running the NISCC test suite:
+
+ Stop out of bounds reads in the ASN1 code when presented with
+ invalid tags (CVE-2003-0543 and CVE-2003-0544).
+
+ Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
+
+ If verify callback ignores invalid public key errors don't try to check
+ certificate signature with the NULL public key.
+
+ [Steve Henson]
+
+ *) New -ignore_err option in ocsp application to stop the server
+ exiting on the first error in a request.
+ [Steve Henson]
+
+ *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
+ if the server requested one: as stated in TLS 1.0 and SSL 3.0
+ specifications.
+ [Steve Henson]
+
+ *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
+ extra data after the compression methods not only for TLS 1.0
+ but also for SSL 3.0 (as required by the specification).
+ [Bodo Moeller; problem pointed out by Matthias Loepfe]
+
+ *) Change X509_certificate_type() to mark the key as exported/exportable
+ when it's 512 *bits* long, not 512 bytes.
+ [Richard Levitte]
+
+ *) Change AES_cbc_encrypt() so it outputs exact multiple of
+ blocks during encryption.
+ [Richard Levitte]
+
+ *) Various fixes to base64 BIO and non blocking I/O. On write
+ flushes were not handled properly if the BIO retried. On read
+ data was not being buffered properly and had various logic bugs.
+ This also affects blocking I/O when the data being decoded is a
+ certain size.
+ [Steve Henson]
+
+ *) Various S/MIME bugfixes and compatibility changes:
+ output correct application/pkcs7 MIME type if
+ PKCS7_NOOLDMIMETYPE is set. Tolerate some broken signatures.
+ Output CR+LF for EOL if PKCS7_CRLFEOL is set (this makes opening
+ of files as .eml work). Correctly handle very long lines in MIME
+ parser.
+ [Steve Henson]
+
+ Changes between 0.9.7a and 0.9.7b [10 Apr 2003]
+
+ *) Countermeasure against the Klima-Pokorny-Rosa extension of
+ Bleichbacher's attack on PKCS #1 v1.5 padding: treat
+ a protocol version number mismatch like a decryption error
+ in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
+ [Bodo Moeller]
+
+ *) Turn on RSA blinding by default in the default implementation
+ to avoid a timing attack. Applications that don't want it can call
+ RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
+ They would be ill-advised to do so in most cases.
+ [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
+
+ *) Change RSA blinding code so that it works when the PRNG is not
+ seeded (in this case, the secret RSA exponent is abused as
+ an unpredictable seed -- if it is not unpredictable, there
+ is no point in blinding anyway). Make RSA blinding thread-safe
+ by remembering the creator's thread ID in rsa->blinding and
+ having all other threads use local one-time blinding factors
+ (this requires more computation than sharing rsa->blinding, but
+ avoids excessive locking; and if an RSA object is not shared
+ between threads, blinding will still be very fast).
+ [Bodo Moeller]
+
+ *) Fixed a typo bug that would cause ENGINE_set_default() to set an
+ ENGINE as defaults for all supported algorithms irrespective of
+ the 'flags' parameter. 'flags' is now honoured, so applications
+ should make sure they are passing it correctly.
+ [Geoff Thorpe]
+
+ *) Target "mingw" now allows native Windows code to be generated in
+ the Cygwin environment as well as with the MinGW compiler.
+ [Ulf Moeller]
+
+ Changes between 0.9.7 and 0.9.7a [19 Feb 2003]
+
+ *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
+ via timing by performing a MAC computation even if incorrrect
+ block cipher padding has been found. This is a countermeasure
+ against active attacks where the attacker has to distinguish
+ between bad padding and a MAC verification error. (CVE-2003-0078)
+
+ [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
+ Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
+ Martin Vuagnoux (EPFL, Ilion)]
+
+ *) Make the no-err option work as intended. The intention with no-err
+ is not to have the whole error stack handling routines removed from
+ libcrypto, it's only intended to remove all the function name and
+ reason texts, thereby removing some of the footprint that may not
+ be interesting if those errors aren't displayed anyway.
+
+ NOTE: it's still possible for any application or module to have it's
+ own set of error texts inserted. The routines are there, just not
+ used by default when no-err is given.
+ [Richard Levitte]
+
+ *) Add support for FreeBSD on IA64.
+ [dirk.meyer at dinoex.sub.org via Richard Levitte, resolves #454]
+
+ *) Adjust DES_cbc_cksum() so it returns the same value as the MIT
+ Kerberos function mit_des_cbc_cksum(). Before this change,
+ the value returned by DES_cbc_cksum() was like the one from
+ mit_des_cbc_cksum(), except the bytes were swapped.
+ [Kevin Greaney <Kevin.Greaney at hp.com> and Richard Levitte]
+
+ *) Allow an application to disable the automatic SSL chain building.
+ Before this a rather primitive chain build was always performed in
+ ssl3_output_cert_chain(): an application had no way to send the
+ correct chain if the automatic operation produced an incorrect result.
+
+ Now the chain builder is disabled if either:
+
+ 1. Extra certificates are added via SSL_CTX_add_extra_chain_cert().
+
+ 2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set.
+
+ The reasoning behind this is that an application would not want the
+ auto chain building to take place if extra chain certificates are
+ present and it might also want a means of sending no additional
+ certificates (for example the chain has two certificates and the
+ root is omitted).
+ [Steve Henson]
+
+ *) Add the possibility to build without the ENGINE framework.
+ [Steven Reddie <smr at essemer.com.au> via Richard Levitte]
+
+ *) Under Win32 gmtime() can return NULL: check return value in
+ OPENSSL_gmtime(). Add error code for case where gmtime() fails.
+ [Steve Henson]
+
+ *) DSA routines: under certain error conditions uninitialized BN objects
+ could be freed. Solution: make sure initialization is performed early
+ enough. (Reported and fix supplied by Ivan D Nestlerode <nestler at MIT.EDU>,
+ Nils Larsch <nla at trustcenter.de> via PR#459)
+ [Lutz Jaenicke]
+
+ *) Another fix for SSLv2 session ID handling: the session ID was incorrectly
+ checked on reconnect on the client side, therefore session resumption
+ could still fail with a "ssl session id is different" error. This
+ behaviour is masked when SSL_OP_ALL is used due to
+ SSL_OP_MICROSOFT_SESS_ID_BUG being set.
+ Behaviour observed by Crispin Flowerday <crispin at flowerday.cx> as
+ followup to PR #377.
+ [Lutz Jaenicke]
+
+ *) IA-32 assembler support enhancements: unified ELF targets, support
+ for SCO/Caldera platforms, fix for Cygwin shared build.
+ [Andy Polyakov]
+
+ *) Add support for FreeBSD on sparc64. As a consequence, support for
+ FreeBSD on non-x86 processors is separate from x86 processors on
+ the config script, much like the NetBSD support.
+ [Richard Levitte & Kris Kennaway <kris at obsecurity.org>]
+
+ Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
+
+ [NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
+ OpenSSL 0.9.7.]
+
+ *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
+ code (06) was taken as the first octet of the session ID and the last
+ octet was ignored consequently. As a result SSLv2 client side session
+ caching could not have worked due to the session ID mismatch between
+ client and server.
+ Behaviour observed by Crispin Flowerday <crispin at flowerday.cx> as
+ PR #377.
+ [Lutz Jaenicke]
+
+ *) Change the declaration of needed Kerberos libraries to use EX_LIBS
+ instead of the special (and badly supported) LIBKRB5. LIBKRB5 is
+ removed entirely.
+ [Richard Levitte]
+
+ *) The hw_ncipher.c engine requires dynamic locks. Unfortunately, it
+ seems that in spite of existing for more than a year, many application
+ author have done nothing to provide the necessary callbacks, which
+ means that this particular engine will not work properly anywhere.
+ This is a very unfortunate situation which forces us, in the name
+ of usability, to give the hw_ncipher.c a static lock, which is part
+ of libcrypto.
+ NOTE: This is for the 0.9.7 series ONLY. This hack will never
+ appear in 0.9.8 or later. We EXPECT application authors to have
+ dealt properly with this when 0.9.8 is released (unless we actually
+ make such changes in the libcrypto locking code that changes will
+ have to be made anyway).
+ [Richard Levitte]
+
+ *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
+ octets have been read, EOF or an error occurs. Without this change
+ some truncated ASN1 structures will not produce an error.
+ [Steve Henson]
+
+ *) Disable Heimdal support, since it hasn't been fully implemented.
+ Still give the possibility to force the use of Heimdal, but with
+ warnings and a request that patches get sent to openssl-dev.
+ [Richard Levitte]
+
+ *) Add the VC-CE target, introduce the WINCE sysname, and add
+ INSTALL.WCE and appropriate conditionals to make it build.
+ [Steven Reddie <smr at essemer.com.au> via Richard Levitte]
+
+ *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and
+ cygssl-x.y.z.dll, where x, y and z are the major, minor and
+ edit numbers of the version.
+ [Corinna Vinschen <vinschen at redhat.com> and Richard Levitte]
+
+ *) Introduce safe string copy and catenation functions
+ (BUF_strlcpy() and BUF_strlcat()).
+ [Ben Laurie (CHATS) and Richard Levitte]
+
+ *) Avoid using fixed-size buffers for one-line DNs.
+ [Ben Laurie (CHATS)]
+
+ *) Add BUF_MEM_grow_clean() to avoid information leakage when
+ resizing buffers containing secrets, and use where appropriate.
+ [Ben Laurie (CHATS)]
+
+ *) Avoid using fixed size buffers for configuration file location.
+ [Ben Laurie (CHATS)]
+
+ *) Avoid filename truncation for various CA files.
+ [Ben Laurie (CHATS)]
+
+ *) Use sizeof in preference to magic numbers.
+ [Ben Laurie (CHATS)]
+
+ *) Avoid filename truncation in cert requests.
+ [Ben Laurie (CHATS)]
+
+ *) Add assertions to check for (supposedly impossible) buffer
+ overflows.
+ [Ben Laurie (CHATS)]
+
+ *) Don't cache truncated DNS entries in the local cache (this could
+ potentially lead to a spoofing attack).
+ [Ben Laurie (CHATS)]
+
+ *) Fix various buffers to be large enough for hex/decimal
+ representations in a platform independent manner.
+ [Ben Laurie (CHATS)]
+
+ *) Add CRYPTO_realloc_clean() to avoid information leakage when
+ resizing buffers containing secrets, and use where appropriate.
+ [Ben Laurie (CHATS)]
+
+ *) Add BIO_indent() to avoid much slightly worrying code to do
+ indents.
+ [Ben Laurie (CHATS)]
+
+ *) Convert sprintf()/BIO_puts() to BIO_printf().
+ [Ben Laurie (CHATS)]
+
+ *) buffer_gets() could terminate with the buffer only half
+ full. Fixed.
+ [Ben Laurie (CHATS)]
+
+ *) Add assertions to prevent user-supplied crypto functions from
+ overflowing internal buffers by having large block sizes, etc.
+ [Ben Laurie (CHATS)]
+
+ *) New OPENSSL_assert() macro (similar to assert(), but enabled
+ unconditionally).
+ [Ben Laurie (CHATS)]
+
+ *) Eliminate unused copy of key in RC4.
+ [Ben Laurie (CHATS)]
+
+ *) Eliminate unused and incorrectly sized buffers for IV in pem.h.
+ [Ben Laurie (CHATS)]
+
+ *) Fix off-by-one error in EGD path.
+ [Ben Laurie (CHATS)]
+
+ *) If RANDFILE path is too long, ignore instead of truncating.
+ [Ben Laurie (CHATS)]
+
+ *) Eliminate unused and incorrectly sized X.509 structure
+ CBCParameter.
+ [Ben Laurie (CHATS)]
+
+ *) Eliminate unused and dangerous function knumber().
+ [Ben Laurie (CHATS)]
+
+ *) Eliminate unused and dangerous structure, KSSL_ERR.
+ [Ben Laurie (CHATS)]
+
+ *) Protect against overlong session ID context length in an encoded
+ session object. Since these are local, this does not appear to be
+ exploitable.
+ [Ben Laurie (CHATS)]
+
+ *) Change from security patch (see 0.9.6e below) that did not affect
+ the 0.9.6 release series:
+
+ Remote buffer overflow in SSL3 protocol - an attacker could
+ supply an oversized master key in Kerberos-enabled versions.
+ (CVE-2002-0657)
+ [Ben Laurie (CHATS)]
+
+ *) Change the SSL kerb5 codes to match RFC 2712.
+ [Richard Levitte]
+
+ *) Make -nameopt work fully for req and add -reqopt switch.
+ [Michael Bell <michael.bell at rz.hu-berlin.de>, Steve Henson]
+
+ *) The "block size" for block ciphers in CFB and OFB mode should be 1.
+ [Steve Henson, reported by Yngve Nysaeter Pettersen <yngve at opera.com>]
+
+ *) Make sure tests can be performed even if the corresponding algorithms
+ have been removed entirely. This was also the last step to make
+ OpenSSL compilable with DJGPP under all reasonable conditions.
+ [Richard Levitte, Doug Kaufman <dkaufman at rahul.net>]
+
+ *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
+ to allow version independent disabling of normally unselected ciphers,
+ which may be activated as a side-effect of selecting a single cipher.
+
+ (E.g., cipher list string "RSA" enables ciphersuites that are left
+ out of "ALL" because they do not provide symmetric encryption.
+ "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
+ [Lutz Jaenicke, Bodo Moeller]
+
+ *) Add appropriate support for separate platform-dependent build
+ directories. The recommended way to make a platform-dependent
+ build directory is the following (tested on Linux), maybe with
+ some local tweaks:
+
+ # Place yourself outside of the OpenSSL source tree. In
+ # this example, the environment variable OPENSSL_SOURCE
+ # is assumed to contain the absolute OpenSSL source directory.
+ mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
+ cd objtree/"`uname -s`-`uname -r`-`uname -m`"
+ (cd $OPENSSL_SOURCE; find . -type f) | while read F; do
+ mkdir -p `dirname $F`
+ ln -s $OPENSSL_SOURCE/$F $F
+ done
+
+ To be absolutely sure not to disturb the source tree, a "make clean"
+ is a good thing. If it isn't successfull, don't worry about it,
+ it probably means the source directory is very clean.
+ [Richard Levitte]
+
+ *) Make sure any ENGINE control commands make local copies of string
+ pointers passed to them whenever necessary. Otherwise it is possible
+ the caller may have overwritten (or deallocated) the original string
+ data when a later ENGINE operation tries to use the stored values.
+ [Götz Babin-Ebell <babinebell at trustcenter.de>]
+
+ *) Improve diagnostics in file reading and command-line digests.
+ [Ben Laurie aided and abetted by Solar Designer <solar at openwall.com>]
+
+ *) Add AES modes CFB and OFB to the object database. Correct an
+ error in AES-CFB decryption.
+ [Richard Levitte]
+
+ *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this
+ allows existing EVP_CIPHER_CTX structures to be reused after
+ calling EVP_*Final(). This behaviour is used by encryption
+ BIOs and some applications. This has the side effect that
+ applications must explicitly clean up cipher contexts with
+ EVP_CIPHER_CTX_cleanup() or they will leak memory.
+ [Steve Henson]
+
+ *) Check the values of dna and dnb in bn_mul_recursive before calling
+ bn_mul_comba (a non zero value means the a or b arrays do not contain
+ n2 elements) and fallback to bn_mul_normal if either is not zero.
+ [Steve Henson]
+
+ *) Fix escaping of non-ASCII characters when using the -subj option
+ of the "openssl req" command line tool. (Robert Joop <joop at fokus.gmd.de>)
+ [Lutz Jaenicke]
+
+ *) Make object definitions compliant to LDAP (RFC2256): SN is the short
+ form for "surname", serialNumber has no short form.
+ Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
+ therefore remove "mail" short name for "internet 7".
+ The OID for unique identifiers in X509 certificates is
+ x500UniqueIdentifier, not uniqueIdentifier.
+ Some more OID additions. (Michael Bell <michael.bell at rz.hu-berlin.de>)
+ [Lutz Jaenicke]
+
+ *) Add an "init" command to the ENGINE config module and auto initialize
+ ENGINEs. Without any "init" command the ENGINE will be initialized
+ after all ctrl commands have been executed on it. If init=1 the
+ ENGINE is initailized at that point (ctrls before that point are run
+ on the uninitialized ENGINE and after on the initialized one). If
+ init=0 then the ENGINE will not be iniatialized at all.
+ [Steve Henson]
+
+ *) Fix the 'app_verify_callback' interface so that the user-defined
+ argument is actually passed to the callback: In the
+ SSL_CTX_set_cert_verify_callback() prototype, the callback
+ declaration has been changed from
+ int (*cb)()
+ into
+ int (*cb)(X509_STORE_CTX *,void *);
+ in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
+ i=s->ctx->app_verify_callback(&ctx)
+ has been changed into
+ i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
+
+ To update applications using SSL_CTX_set_cert_verify_callback(),
+ a dummy argument can be added to their callback functions.
+ [D. K. Smetters <smetters at parc.xerox.com>]
+
+ *) Added the '4758cca' ENGINE to support IBM 4758 cards.
+ [Maurice Gittens <maurice at gittens.nl>, touchups by Geoff Thorpe]
+
+ *) Add and OPENSSL_LOAD_CONF define which will cause
+ OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
+ This allows older applications to transparently support certain
+ OpenSSL features: such as crypto acceleration and dynamic ENGINE loading.
+ Two new functions OPENSSL_add_all_algorithms_noconf() which will never
+ load the config file and OPENSSL_add_all_algorithms_conf() which will
+ always load it have also been added.
+ [Steve Henson]
+
+ *) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES.
+ Adjust NIDs and EVP layer.
+ [Stephen Sprunk <stephen at sprunk.org> and Richard Levitte]
+
+ *) Config modules support in openssl utility.
+
+ Most commands now load modules from the config file,
+ though in a few (such as version) this isn't done
+ because it couldn't be used for anything.
+
+ In the case of ca and req the config file used is
+ the same as the utility itself: that is the -config
+ command line option can be used to specify an
+ alternative file.
+ [Steve Henson]
+
+ *) Move default behaviour from OPENSSL_config(). If appname is NULL
+ use "openssl_conf" if filename is NULL use default openssl config file.
+ [Steve Henson]
+
+ *) Add an argument to OPENSSL_config() to allow the use of an alternative
+ config section name. Add a new flag to tolerate a missing config file
+ and move code to CONF_modules_load_file().
+ [Steve Henson]
+
+ *) Support for crypto accelerator cards from Accelerated Encryption
+ Processing, www.aep.ie. (Use engine 'aep')
+ The support was copied from 0.9.6c [engine] and adapted/corrected
+ to work with the new engine framework.
+ [AEP Inc. and Richard Levitte]
+
+ *) Support for SureWare crypto accelerator cards from Baltimore
+ Technologies. (Use engine 'sureware')
+ The support was copied from 0.9.6c [engine] and adapted
+ to work with the new engine framework.
+ [Richard Levitte]
+
+ *) Have the CHIL engine fork-safe (as defined by nCipher) and actually
+ make the newer ENGINE framework commands for the CHIL engine work.
+ [Toomas Kiisk <vix at cyber.ee> and Richard Levitte]
+
+ *) Make it possible to produce shared libraries on ReliantUNIX.
+ [Robert Dahlem <Robert.Dahlem at ffm2.siemens.de> via Richard Levitte]
+
+ *) Add the configuration target debug-linux-ppro.
+ Make 'openssl rsa' use the general key loading routines
+ implemented in apps.c, and make those routines able to
+ handle the key format FORMAT_NETSCAPE and the variant
+ FORMAT_IISSGC.
+ [Toomas Kiisk <vix at cyber.ee> via Richard Levitte]
+
+ *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
+ [Toomas Kiisk <vix at cyber.ee> via Richard Levitte]
+
+ *) Add -keyform to rsautl, and document -engine.
+ [Richard Levitte, inspired by Toomas Kiisk <vix at cyber.ee>]
+
+ *) Change BIO_new_file (crypto/bio/bss_file.c) to use new
+ BIO_R_NO_SUCH_FILE error code rather than the generic
+ ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
+ [Ben Laurie]
+
+ *) Add new functions
+ ERR_peek_last_error
+ ERR_peek_last_error_line
+ ERR_peek_last_error_line_data.
+ These are similar to
+ ERR_peek_error
+ ERR_peek_error_line
+ ERR_peek_error_line_data,
+ but report on the latest error recorded rather than the first one
+ still in the error queue.
+ [Ben Laurie, Bodo Moeller]
+
+ *) default_algorithms option in ENGINE config module. This allows things
+ like:
+ default_algorithms = ALL
+ default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
+ [Steve Henson]
+
+ *) Prelminary ENGINE config module.
+ [Steve Henson]
+
+ *) New experimental application configuration code.
+ [Steve Henson]
+
+ *) Change the AES code to follow the same name structure as all other
+ symmetric ciphers, and behave the same way. Move everything to
+ the directory crypto/aes, thereby obsoleting crypto/rijndael.
+ [Stephen Sprunk <stephen at sprunk.org> and Richard Levitte]
+
+ *) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
+ [Ben Laurie and Theo de Raadt]
+
+ *) Add option to output public keys in req command.
+ [Massimiliano Pala madwolf at openca.org]
+
+ *) Use wNAFs in EC_POINTs_mul() for improved efficiency
+ (up to about 10% better than before for P-192 and P-224).
+ [Bodo Moeller]
+
+ *) New functions/macros
+
+ SSL_CTX_set_msg_callback(ctx, cb)
+ SSL_CTX_set_msg_callback_arg(ctx, arg)
+ SSL_set_msg_callback(ssl, cb)
+ SSL_set_msg_callback_arg(ssl, arg)
+
+ to request calling a callback function
+
+ void cb(int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl, void *arg)
+
+ whenever a protocol message has been completely received
+ (write_p == 0) or sent (write_p == 1). Here 'version' is the
+ protocol version according to which the SSL library interprets
+ the current protocol message (SSL2_VERSION, SSL3_VERSION, or
+ TLS1_VERSION). 'content_type' is 0 in the case of SSL 2.0, or
+ the content type as defined in the SSL 3.0/TLS 1.0 protocol
+ specification (change_cipher_spec(20), alert(21), handshake(22)).
+ 'buf' and 'len' point to the actual message, 'ssl' to the
+ SSL object, and 'arg' is the application-defined value set by
+ SSL[_CTX]_set_msg_callback_arg().
+
+ 'openssl s_client' and 'openssl s_server' have new '-msg' options
+ to enable a callback that displays all protocol messages.
+ [Bodo Moeller]
+
+ *) Change the shared library support so shared libraries are built as
+ soon as the corresponding static library is finished, and thereby get
+ openssl and the test programs linked against the shared library.
+ This still only happens when the keyword "shard" has been given to
+ the configuration scripts.
+
+ NOTE: shared library support is still an experimental thing, and
+ backward binary compatibility is still not guaranteed.
+ ["Maciej W. Rozycki" <macro at ds2.pg.gda.pl> and Richard Levitte]
+
+ *) Add support for Subject Information Access extension.
+ [Peter Sylvester <Peter.Sylvester at EdelWeb.fr>]
+
+ *) Make BUF_MEM_grow() behaviour more consistent: Initialise to zero
+ additional bytes when new memory had to be allocated, not just
+ when reusing an existing buffer.
+ [Bodo Moeller]
+
+ *) New command line and configuration option 'utf8' for the req command.
+ This allows field values to be specified as UTF8 strings.
+ [Steve Henson]
+
+ *) Add -multi and -mr options to "openssl speed" - giving multiple parallel
+ runs for the former and machine-readable output for the latter.
+ [Ben Laurie]
+
+ *) Add '-noemailDN' option to 'openssl ca'. This prevents inclusion
+ of the e-mail address in the DN (i.e., it will go into a certificate
+ extension only). The new configuration file option 'email_in_dn = no'
+ has the same effect.
+ [Massimiliano Pala madwolf at openca.org]
+
+ *) Change all functions with names starting with des_ to be starting
+ with DES_ instead. Add wrappers that are compatible with libdes,
+ but are named _ossl_old_des_*. Finally, add macros that map the
+ des_* symbols to the corresponding _ossl_old_des_* if libdes
+ compatibility is desired. If OpenSSL 0.9.6c compatibility is
+ desired, the des_* symbols will be mapped to DES_*, with one
+ exception.
+
+ Since we provide two compatibility mappings, the user needs to
+ define the macro OPENSSL_DES_LIBDES_COMPATIBILITY if libdes
+ compatibility is desired. The default (i.e., when that macro
+ isn't defined) is OpenSSL 0.9.6c compatibility.
+
+ There are also macros that enable and disable the support of old
+ des functions altogether. Those are OPENSSL_ENABLE_OLD_DES_SUPPORT
+ and OPENSSL_DISABLE_OLD_DES_SUPPORT. If none or both of those
+ are defined, the default will apply: to support the old des routines.
+
+ In either case, one must include openssl/des.h to get the correct
+ definitions. Do not try to just include openssl/des_old.h, that
+ won't work.
+
+ NOTE: This is a major break of an old API into a new one. Software
+ authors are encouraged to switch to the DES_ style functions. Some
+ time in the future, des_old.h and the libdes compatibility functions
+ will be disable (i.e. OPENSSL_DISABLE_OLD_DES_SUPPORT will be the
+ default), and then completely removed.
+ [Richard Levitte]
+
+ *) Test for certificates which contain unsupported critical extensions.
+ If such a certificate is found during a verify operation it is
+ rejected by default: this behaviour can be overridden by either
+ handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or
+ by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function
+ X509_supported_extension() has also been added which returns 1 if a
+ particular extension is supported.
+ [Steve Henson]
+
+ *) Modify the behaviour of EVP cipher functions in similar way to digests
+ to retain compatibility with existing code.
+ [Steve Henson]
+
+ *) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain
+ compatibility with existing code. In particular the 'ctx' parameter does
+ not have to be to be initialized before the call to EVP_DigestInit() and
+ it is tidied up after a call to EVP_DigestFinal(). New function
+ EVP_DigestFinal_ex() which does not tidy up the ctx. Similarly function
+ EVP_MD_CTX_copy() changed to not require the destination to be
+ initialized valid and new function EVP_MD_CTX_copy_ex() added which
+ requires the destination to be valid.
+
+ Modify all the OpenSSL digest calls to use EVP_DigestInit_ex(),
+ EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex().
+ [Steve Henson]
+
+ *) Change ssl3_get_message (ssl/s3_both.c) and the functions using it
+ so that complete 'Handshake' protocol structures are kept in memory
+ instead of overwriting 'msg_type' and 'length' with 'body' data.
+ [Bodo Moeller]
+
+ *) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32.
+ [Massimo Santin via Richard Levitte]
+
+ *) Major restructuring to the underlying ENGINE code. This includes
+ reduction of linker bloat, separation of pure "ENGINE" manipulation
+ (initialisation, etc) from functionality dealing with implementations
+ of specific crypto iterfaces. This change also introduces integrated
+ support for symmetric ciphers and digest implementations - so ENGINEs
+ can now accelerate these by providing EVP_CIPHER and EVP_MD
+ implementations of their own. This is detailed in crypto/engine/README
+ as it couldn't be adequately described here. However, there are a few
+ API changes worth noting - some RSA, DSA, DH, and RAND functions that
+ were changed in the original introduction of ENGINE code have now
+ reverted back - the hooking from this code to ENGINE is now a good
+ deal more passive and at run-time, operations deal directly with
+ RSA_METHODs, DSA_METHODs (etc) as they did before, rather than
+ dereferencing through an ENGINE pointer any more. Also, the ENGINE
+ functions dealing with BN_MOD_EXP[_CRT] handlers have been removed -
+ they were not being used by the framework as there is no concept of a
+ BIGNUM_METHOD and they could not be generalised to the new
+ 'ENGINE_TABLE' mechanism that underlies the new code. Similarly,
+ ENGINE_cpy() has been removed as it cannot be consistently defined in
+ the new code.
+ [Geoff Thorpe]
+
+ *) Change ASN1_GENERALIZEDTIME_check() to allow fractional seconds.
+ [Steve Henson]
+
+ *) Change mkdef.pl to sort symbols that get the same entry number,
+ and make sure the automatically generated functions ERR_load_*
+ become part of libeay.num as well.
+ [Richard Levitte]
+
+ *) New function SSL_renegotiate_pending(). This returns true once
+ renegotiation has been requested (either SSL_renegotiate() call
+ or HelloRequest/ClientHello receveived from the peer) and becomes
+ false once a handshake has been completed.
+ (For servers, SSL_renegotiate() followed by SSL_do_handshake()
+ sends a HelloRequest, but does not ensure that a handshake takes
+ place. SSL_renegotiate_pending() is useful for checking if the
+ client has followed the request.)
+ [Bodo Moeller]
+
+ *) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
+ By default, clients may request session resumption even during
+ renegotiation (if session ID contexts permit); with this option,
+ session resumption is possible only in the first handshake.
+
+ SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL. This makes
+ more bits available for options that should not be part of
+ SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
+ [Bodo Moeller]
+
+ *) Add some demos for certificate and certificate request creation.
+ [Steve Henson]
+
+ *) Make maximum certificate chain size accepted from the peer application
+ settable (SSL*_get/set_max_cert_list()), as proposed by
+ "Douglas E. Engert" <deengert at anl.gov>.
+ [Lutz Jaenicke]
+
+ *) Add support for shared libraries for Unixware-7
+ (Boyd Lynn Gerber <gerberb at zenez.com>).
+ [Lutz Jaenicke]
+
+ *) Add a "destroy" handler to ENGINEs that allows structural cleanup to
+ be done prior to destruction. Use this to unload error strings from
+ ENGINEs that load their own error strings. NB: This adds two new API
+ functions to "get" and "set" this destroy handler in an ENGINE.
+ [Geoff Thorpe]
+
+ *) Alter all existing ENGINE implementations (except "openssl" and
+ "openbsd") to dynamically instantiate their own error strings. This
+ makes them more flexible to be built both as statically-linked ENGINEs
+ and self-contained shared-libraries loadable via the "dynamic" ENGINE.
+ Also, add stub code to each that makes building them as self-contained
+ shared-libraries easier (see README.ENGINE).
+ [Geoff Thorpe]
+
+ *) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE
+ implementations into applications that are completely implemented in
+ self-contained shared-libraries. The "dynamic" ENGINE exposes control
+ commands that can be used to configure what shared-library to load and
+ to control aspects of the way it is handled. Also, made an update to
+ the README.ENGINE file that brings its information up-to-date and
+ provides some information and instructions on the "dynamic" ENGINE
+ (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc).
+ [Geoff Thorpe]
+
+ *) Make it possible to unload ranges of ERR strings with a new
+ "ERR_unload_strings" function.
+ [Geoff Thorpe]
+
+ *) Add a copy() function to EVP_MD.
+ [Ben Laurie]
+
+ *) Make EVP_MD routines take a context pointer instead of just the
+ md_data void pointer.
+ [Ben Laurie]
+
+ *) Add flags to EVP_MD and EVP_MD_CTX. EVP_MD_FLAG_ONESHOT indicates
+ that the digest can only process a single chunk of data
+ (typically because it is provided by a piece of
+ hardware). EVP_MD_CTX_FLAG_ONESHOT indicates that the application
+ is only going to provide a single chunk of data, and hence the
+ framework needn't accumulate the data for oneshot drivers.
+ [Ben Laurie]
+
+ *) As with "ERR", make it possible to replace the underlying "ex_data"
+ functions. This change also alters the storage and management of global
+ ex_data state - it's now all inside ex_data.c and all "class" code (eg.
+ RSA, BIO, SSL_CTX, etc) no longer stores its own STACKS and per-class
+ index counters. The API functions that use this state have been changed
+ to take a "class_index" rather than pointers to the class's local STACK
+ and counter, and there is now an API function to dynamically create new
+ classes. This centralisation allows us to (a) plug a lot of the
+ thread-safety problems that existed, and (b) makes it possible to clean
+ up all allocated state using "CRYPTO_cleanup_all_ex_data()". W.r.t. (b)
+ such data would previously have always leaked in application code and
+ workarounds were in place to make the memory debugging turn a blind eye
+ to it. Application code that doesn't use this new function will still
+ leak as before, but their memory debugging output will announce it now
+ rather than letting it slide.
+
+ Besides the addition of CRYPTO_cleanup_all_ex_data(), another API change
+ induced by the "ex_data" overhaul is that X509_STORE_CTX_init() now
+ has a return value to indicate success or failure.
+ [Geoff Thorpe]
+
+ *) Make it possible to replace the underlying "ERR" functions such that the
+ global state (2 LHASH tables and 2 locks) is only used by the "default"
+ implementation. This change also adds two functions to "get" and "set"
+ the implementation prior to it being automatically set the first time
+ any other ERR function takes place. Ie. an application can call "get",
+ pass the return value to a module it has just loaded, and that module
+ can call its own "set" function using that value. This means the
+ module's "ERR" operations will use (and modify) the error state in the
+ application and not in its own statically linked copy of OpenSSL code.
+ [Geoff Thorpe]
+
+ *) Give DH, DSA, and RSA types their own "**_up_ref()" function to increment
+ reference counts. This performs normal REF_PRINT/REF_CHECK macros on
+ the operation, and provides a more encapsulated way for external code
+ (crypto/evp/ and ssl/) to do this. Also changed the evp and ssl code
+ to use these functions rather than manually incrementing the counts.
+
+ Also rename "DSO_up()" function to more descriptive "DSO_up_ref()".
+ [Geoff Thorpe]
+
+ *) Add EVP test program.
+ [Ben Laurie]
+
+ *) Add symmetric cipher support to ENGINE. Expect the API to change!
+ [Ben Laurie]
+
+ *) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name()
+ X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(),
+ X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate().
+ These allow a CRL to be built without having to access X509_CRL fields
+ directly. Modify 'ca' application to use new functions.
+ [Steve Henson]
+
+ *) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended
+ bug workarounds. Rollback attack detection is a security feature.
+ The problem will only arise on OpenSSL servers when TLSv1 is not
+ available (sslv3_server_method() or SSL_OP_NO_TLSv1).
+ Software authors not wanting to support TLSv1 will have special reasons
+ for their choice and can explicitly enable this option.
+ [Bodo Moeller, Lutz Jaenicke]
+
+ *) Rationalise EVP so it can be extended: don't include a union of
+ cipher/digest structures, add init/cleanup functions for EVP_MD_CTX
+ (similar to those existing for EVP_CIPHER_CTX).
+ Usage example:
+
+ EVP_MD_CTX md;
+
+ EVP_MD_CTX_init(&md); /* new function call */
+ EVP_DigestInit(&md, EVP_sha1());
+ EVP_DigestUpdate(&md, in, len);
+ EVP_DigestFinal(&md, out, NULL);
+ EVP_MD_CTX_cleanup(&md); /* new function call */
+
+ [Ben Laurie]
+
+ *) Make DES key schedule conform to the usual scheme, as well as
+ correcting its structure. This means that calls to DES functions
+ now have to pass a pointer to a des_key_schedule instead of a
+ plain des_key_schedule (which was actually always a pointer
+ anyway): E.g.,
+
+ des_key_schedule ks;
+
+ des_set_key_checked(..., &ks);
+ des_ncbc_encrypt(..., &ks, ...);
+
+ (Note that a later change renames 'des_...' into 'DES_...'.)
+ [Ben Laurie]
+
+ *) Initial reduction of linker bloat: the use of some functions, such as
+ PEM causes large amounts of unused functions to be linked in due to
+ poor organisation. For example pem_all.c contains every PEM function
+ which has a knock on effect of linking in large amounts of (unused)
+ ASN1 code. Grouping together similar functions and splitting unrelated
+ functions prevents this.
+ [Steve Henson]
+
+ *) Cleanup of EVP macros.
+ [Ben Laurie]
+
+ *) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the
+ correct _ecb suffix.
+ [Ben Laurie]
+
+ *) Add initial OCSP responder support to ocsp application. The
+ revocation information is handled using the text based index
+ use by the ca application. The responder can either handle
+ requests generated internally, supplied in files (for example
+ via a CGI script) or using an internal minimal server.
+ [Steve Henson]
+
+ *) Add configuration choices to get zlib compression for TLS.
+ [Richard Levitte]
+
+ *) Changes to Kerberos SSL for RFC 2712 compliance:
+ 1. Implemented real KerberosWrapper, instead of just using
+ KRB5 AP_REQ message. [Thanks to Simon Wilkinson <sxw at sxw.org.uk>]
+ 2. Implemented optional authenticator field of KerberosWrapper.
+
+ Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,
+ and authenticator structs; see crypto/krb5/.
+
+ Generalized Kerberos calls to support multiple Kerberos libraries.
+ [Vern Staats <staatsvr at asc.hpc.mil>,
+ Jeffrey Altman <jaltman at columbia.edu>
+ via Richard Levitte]
+
+ *) Cause 'openssl speed' to use fully hard-coded DSA keys as it
+ already does with RSA. testdsa.h now has 'priv_key/pub_key'
+ values for each of the key sizes rather than having just
+ parameters (and 'speed' generating keys each time).
+ [Geoff Thorpe]
+
+ *) Speed up EVP routines.
+ Before:
+encrypt
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+des-cbc 4408.85k 5560.51k 5778.46k 5862.20k 5825.16k
+des-cbc 4389.55k 5571.17k 5792.23k 5846.91k 5832.11k
+des-cbc 4394.32k 5575.92k 5807.44k 5848.37k 5841.30k
+decrypt
+des-cbc 3482.66k 5069.49k 5496.39k 5614.16k 5639.28k
+des-cbc 3480.74k 5068.76k 5510.34k 5609.87k 5635.52k
+des-cbc 3483.72k 5067.62k 5504.60k 5708.01k 5724.80k
+ After:
+encrypt
+des-cbc 4660.16k 5650.19k 5807.19k 5827.13k 5783.32k
+decrypt
+des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
+ [Ben Laurie]
+
+ *) Added the OS2-EMX target.
+ ["Brian Havard" <brianh at kheldar.apana.org.au> and Richard Levitte]
+
+ *) Rewrite apps to use NCONF routines instead of the old CONF. New functions
+ to support NCONF routines in extension code. New function CONF_set_nconf()
+ to allow functions which take an NCONF to also handle the old LHASH
+ structure: this means that the old CONF compatible routines can be
+ retained (in particular wrt extensions) without having to duplicate the
+ code. New function X509V3_add_ext_nconf_sk to add extensions to a stack.
+ [Steve Henson]
+
+ *) Enhance the general user interface with mechanisms for inner control
+ and with possibilities to have yes/no kind of prompts.
+ [Richard Levitte]
+
+ *) Change all calls to low level digest routines in the library and
+ applications to use EVP. Add missing calls to HMAC_cleanup() and
+ don't assume HMAC_CTX can be copied using memcpy().
+ [Verdon Walker <VWalker at novell.com>, Steve Henson]
+
+ *) Add the possibility to control engines through control names but with
+ arbitrary arguments instead of just a string.
+ Change the key loaders to take a UI_METHOD instead of a callback
+ function pointer. NOTE: this breaks binary compatibility with earlier
+ versions of OpenSSL [engine].
+ Adapt the nCipher code for these new conditions and add a card insertion
+ callback.
+ [Richard Levitte]
+
+ *) Enhance the general user interface with mechanisms to better support
+ dialog box interfaces, application-defined prompts, the possibility
+ to use defaults (for example default passwords from somewhere else)
+ and interrupts/cancellations.
+ [Richard Levitte]
+
+ *) Tidy up PKCS#12 attribute handling. Add support for the CSP name
+ attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
+ [Steve Henson]
+
+ *) Fix a memory leak in 'sk_dup()' in the case reallocation fails. (Also
+ tidy up some unnecessarily weird code in 'sk_new()').
+ [Geoff, reported by Diego Tartara <dtartara at novamens.com>]
+
+ *) Change the key loading routines for ENGINEs to use the same kind
+ callback (pem_password_cb) as all other routines that need this
+ kind of callback.
+ [Richard Levitte]
+
+ *) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with
+ 256 bit (=32 byte) keys. Of course seeding with more entropy bytes
+ than this minimum value is recommended.
+ [Lutz Jaenicke]
+
+ *) New random seeder for OpenVMS, using the system process statistics
+ that are easily reachable.
+ [Richard Levitte]
+
+ *) Windows apparently can't transparently handle global
+ variables defined in DLLs. Initialisations such as:
+
+ const ASN1_ITEM *it = &ASN1_INTEGER_it;
+
+ wont compile. This is used by the any applications that need to
+ declare their own ASN1 modules. This was fixed by adding the option
+ EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly
+ needed for static libraries under Win32.
+ [Steve Henson]
+
+ *) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle
+ setting of purpose and trust fields. New X509_STORE trust and
+ purpose functions and tidy up setting in other SSL functions.
+ [Steve Henson]
+
+ *) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE
+ structure. These are inherited by X509_STORE_CTX when it is
+ initialised. This allows various defaults to be set in the
+ X509_STORE structure (such as flags for CRL checking and custom
+ purpose or trust settings) for functions which only use X509_STORE_CTX
+ internally such as S/MIME.
+
+ Modify X509_STORE_CTX_purpose_inherit() so it only sets purposes and
+ trust settings if they are not set in X509_STORE. This allows X509_STORE
+ purposes and trust (in S/MIME for example) to override any set by default.
+
+ Add command line options for CRL checking to smime, s_client and s_server
+ applications.
+ [Steve Henson]
+
+ *) Initial CRL based revocation checking. If the CRL checking flag(s)
+ are set then the CRL is looked up in the X509_STORE structure and
+ its validity and signature checked, then if the certificate is found
+ in the CRL the verify fails with a revoked error.
+
+ Various new CRL related callbacks added to X509_STORE_CTX structure.
+
+ Command line options added to 'verify' application to support this.
+
+ This needs some additional work, such as being able to handle multiple
+ CRLs with different times, extension based lookup (rather than just
+ by subject name) and ultimately more complete V2 CRL extension
+ handling.
+ [Steve Henson]
+
+ *) Add a general user interface API (crypto/ui/). This is designed
+ to replace things like des_read_password and friends (backward
+ compatibility functions using this new API are provided).
+ The purpose is to remove prompting functions from the DES code
+ section as well as provide for prompting through dialog boxes in
+ a window system and the like.
+ [Richard Levitte]
+
+ *) Add "ex_data" support to ENGINE so implementations can add state at a
+ per-structure level rather than having to store it globally.
+ [Geoff]
+
+ *) Make it possible for ENGINE structures to be copied when retrieved by
+ ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY.
+ This causes the "original" ENGINE structure to act like a template,
+ analogous to the RSA vs. RSA_METHOD type of separation. Because of this
+ operational state can be localised to each ENGINE structure, despite the
+ fact they all share the same "methods". New ENGINE structures returned in
+ this case have no functional references and the return value is the single
+ structural reference. This matches the single structural reference returned
+ by ENGINE_by_id() normally, when it is incremented on the pre-existing
+ ENGINE structure.
+ [Geoff]
+
+ *) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this
+ needs to match any other type at all we need to manually clear the
+ tag cache.
+ [Steve Henson]
+
+ *) Changes to the "openssl engine" utility to include;
+ - verbosity levels ('-v', '-vv', and '-vvv') that provide information
+ about an ENGINE's available control commands.
+ - executing control commands from command line arguments using the
+ '-pre' and '-post' switches. '-post' is only used if '-t' is
+ specified and the ENGINE is successfully initialised. The syntax for
+ the individual commands are colon-separated, for example;
+ openssl engine chil -pre FORK_CHECK:0 -pre SO_PATH:/lib/test.so
+ [Geoff]
+
+ *) New dynamic control command support for ENGINEs. ENGINEs can now
+ declare their own commands (numbers), names (strings), descriptions,
+ and input types for run-time discovery by calling applications. A
+ subset of these commands are implicitly classed as "executable"
+ depending on their input type, and only these can be invoked through
+ the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this
+ can be based on user input, config files, etc). The distinction is
+ that "executable" commands cannot return anything other than a boolean
+ result and can only support numeric or string input, whereas some
+ discoverable commands may only be for direct use through
+ ENGINE_ctrl(), eg. supporting the exchange of binary data, function
+ pointers, or other custom uses. The "executable" commands are to
+ support parameterisations of ENGINE behaviour that can be
+ unambiguously defined by ENGINEs and used consistently across any
+ OpenSSL-based application. Commands have been added to all the
+ existing hardware-supporting ENGINEs, noticeably "SO_PATH" to allow
+ control over shared-library paths without source code alterations.
+ [Geoff]
+
+ *) Changed all ENGINE implementations to dynamically allocate their
+ ENGINEs rather than declaring them statically. Apart from this being
+ necessary with the removal of the ENGINE_FLAGS_MALLOCED distinction,
+ this also allows the implementations to compile without using the
+ internal engine_int.h header.
+ [Geoff]
+
+ *) Minor adjustment to "rand" code. RAND_get_rand_method() now returns a
+ 'const' value. Any code that should be able to modify a RAND_METHOD
+ should already have non-const pointers to it (ie. they should only
+ modify their own ones).
+ [Geoff]
+
+ *) Made a variety of little tweaks to the ENGINE code.
+ - "atalla" and "ubsec" string definitions were moved from header files
+ to C code. "nuron" string definitions were placed in variables
+ rather than hard-coded - allowing parameterisation of these values
+ later on via ctrl() commands.
+ - Removed unused "#if 0"'d code.
+ - Fixed engine list iteration code so it uses ENGINE_free() to release
+ structural references.
+ - Constified the RAND_METHOD element of ENGINE structures.
+ - Constified various get/set functions as appropriate and added
+ missing functions (including a catch-all ENGINE_cpy that duplicates
+ all ENGINE values onto a new ENGINE except reference counts/state).
+ - Removed NULL parameter checks in get/set functions. Setting a method
+ or function to NULL is a way of cancelling out a previously set
+ value. Passing a NULL ENGINE parameter is just plain stupid anyway
+ and doesn't justify the extra error symbols and code.
+ - Deprecate the ENGINE_FLAGS_MALLOCED define and move the area for
+ flags from engine_int.h to engine.h.
+ - Changed prototypes for ENGINE handler functions (init(), finish(),
+ ctrl(), key-load functions, etc) to take an (ENGINE*) parameter.
+ [Geoff]
+
+ *) Implement binary inversion algorithm for BN_mod_inverse in addition
+ to the algorithm using long division. The binary algorithm can be
+ used only if the modulus is odd. On 32-bit systems, it is faster
+ only for relatively small moduli (roughly 20-30% for 128-bit moduli,
+ roughly 5-15% for 256-bit moduli), so we use it only for moduli
+ up to 450 bits. In 64-bit environments, the binary algorithm
+ appears to be advantageous for much longer moduli; here we use it
+ for moduli up to 2048 bits.
+ [Bodo Moeller]
+
+ *) Rewrite CHOICE field setting in ASN1_item_ex_d2i(). The old code
+ could not support the combine flag in choice fields.
+ [Steve Henson]
+
+ *) Add a 'copy_extensions' option to the 'ca' utility. This copies
+ extensions from a certificate request to the certificate.
+ [Steve Henson]
+
+ *) Allow multiple 'certopt' and 'nameopt' options to be separated
+ by commas. Add 'namopt' and 'certopt' options to the 'ca' config
+ file: this allows the display of the certificate about to be
+ signed to be customised, to allow certain fields to be included
+ or excluded and extension details. The old system didn't display
+ multicharacter strings properly, omitted fields not in the policy
+ and couldn't display additional details such as extensions.
+ [Steve Henson]
+
+ *) Function EC_POINTs_mul for multiple scalar multiplication
+ of an arbitrary number of elliptic curve points
+ \sum scalars[i]*points[i],
+ optionally including the generator defined for the EC_GROUP:
+ scalar*generator + \sum scalars[i]*points[i].
+
+ EC_POINT_mul is a simple wrapper function for the typical case
+ that the point list has just one item (besides the optional
+ generator).
+ [Bodo Moeller]
+
+ *) First EC_METHODs for curves over GF(p):
+
+ EC_GFp_simple_method() uses the basic BN_mod_mul and BN_mod_sqr
+ operations and provides various method functions that can also
+ operate with faster implementations of modular arithmetic.
+
+ EC_GFp_mont_method() reuses most functions that are part of
+ EC_GFp_simple_method, but uses Montgomery arithmetic.
+
+ [Bodo Moeller; point addition and point doubling
+ implementation directly derived from source code provided by
+ Lenka Fibikova <fibikova at exp-math.uni-essen.de>]
+
+ *) Framework for elliptic curves (crypto/ec/ec.h, crypto/ec/ec_lcl.h,
+ crypto/ec/ec_lib.c):
+
+ Curves are EC_GROUP objects (with an optional group generator)
+ based on EC_METHODs that are built into the library.
+
+ Points are EC_POINT objects based on EC_GROUP objects.
+
+ Most of the framework would be able to handle curves over arbitrary
+ finite fields, but as there are no obvious types for fields other
+ than GF(p), some functions are limited to that for now.
+ [Bodo Moeller]
+
+ *) Add the -HTTP option to s_server. It is similar to -WWW, but requires
+ that the file contains a complete HTTP response.
+ [Richard Levitte]
+
+ *) Add the ec directory to mkdef.pl and mkfiles.pl. In mkdef.pl
+ change the def and num file printf format specifier from "%-40sXXX"
+ to "%-39s XXX". The latter will always guarantee a space after the
+ field while the former will cause them to run together if the field
+ is 40 of more characters long.
+ [Steve Henson]
+
+ *) Constify the cipher and digest 'method' functions and structures
+ and modify related functions to take constant EVP_MD and EVP_CIPHER
+ pointers.
+ [Steve Henson]
+
+ *) Hide BN_CTX structure details in bn_lcl.h instead of publishing them
+ in <openssl/bn.h>. Also further increase BN_CTX_NUM to 32.
+ [Bodo Moeller]
+
+ *) Modify EVP_Digest*() routines so they now return values. Although the
+ internal software routines can never fail additional hardware versions
+ might.
+ [Steve Henson]
+
+ *) Clean up crypto/err/err.h and change some error codes to avoid conflicts:
+
+ Previously ERR_R_FATAL was too small and coincided with ERR_LIB_PKCS7
+ (= ERR_R_PKCS7_LIB); it is now 64 instead of 32.
+
+ ASN1 error codes
+ ERR_R_NESTED_ASN1_ERROR
+ ...
+ ERR_R_MISSING_ASN1_EOS
+ were 4 .. 9, conflicting with
+ ERR_LIB_RSA (= ERR_R_RSA_LIB)
+ ...
+ ERR_LIB_PEM (= ERR_R_PEM_LIB).
+ They are now 58 .. 63 (i.e., just below ERR_R_FATAL).
+
+ Add new error code 'ERR_R_INTERNAL_ERROR'.
+ [Bodo Moeller]
+
+ *) Don't overuse locks in crypto/err/err.c: For data retrieval, CRYPTO_r_lock
+ suffices.
+ [Bodo Moeller]
+
+ *) New option '-subj arg' for 'openssl req' and 'openssl ca'. This
+ sets the subject name for a new request or supersedes the
+ subject name in a given request. Formats that can be parsed are
+ 'CN=Some Name, OU=myOU, C=IT'
+ and
+ 'CN=Some Name/OU=myOU/C=IT'.
+
+ Add options '-batch' and '-verbose' to 'openssl req'.
+ [Massimiliano Pala <madwolf at hackmasters.net>]
+
+ *) Introduce the possibility to access global variables through
+ functions on platform were that's the best way to handle exporting
+ global variables in shared libraries. To enable this functionality,
+ one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
+ "OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
+ is normally done by Configure or something similar).
+
+ To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
+ in the source file (foo.c) like this:
+
+ OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
+ OPENSSL_IMPLEMENT_GLOBAL(double,bar);
+
+ To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
+ and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:
+
+ OPENSSL_DECLARE_GLOBAL(int,foo);
+ #define foo OPENSSL_GLOBAL_REF(foo)
+ OPENSSL_DECLARE_GLOBAL(double,bar);
+ #define bar OPENSSL_GLOBAL_REF(bar)
+
+ The #defines are very important, and therefore so is including the
+ header file everywhere where the defined globals are used.
+
+ The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
+ of ASN.1 items, but that structure is a bit different.
+
+ The largest change is in util/mkdef.pl which has been enhanced with
+ better and easier to understand logic to choose which symbols should
+ go into the Windows .def files as well as a number of fixes and code
+ cleanup (among others, algorithm keywords are now sorted
+ lexicographically to avoid constant rewrites).
+ [Richard Levitte]
+
+ *) In BN_div() keep a copy of the sign of 'num' before writing the
+ result to 'rm' because if rm==num the value will be overwritten
+ and produce the wrong result if 'num' is negative: this caused
+ problems with BN_mod() and BN_nnmod().
+ [Steve Henson]
+
+ *) Function OCSP_request_verify(). This checks the signature on an
+ OCSP request and verifies the signer certificate. The signer
+ certificate is just checked for a generic purpose and OCSP request
+ trust settings.
+ [Steve Henson]
+
+ *) Add OCSP_check_validity() function to check the validity of OCSP
+ responses. OCSP responses are prepared in real time and may only
+ be a few seconds old. Simply checking that the current time lies
+ between thisUpdate and nextUpdate max reject otherwise valid responses
+ caused by either OCSP responder or client clock inaccuracy. Instead
+ we allow thisUpdate and nextUpdate to fall within a certain period of
+ the current time. The age of the response can also optionally be
+ checked. Two new options -validity_period and -status_age added to
+ ocsp utility.
+ [Steve Henson]
+
+ *) If signature or public key algorithm is unrecognized print out its
+ OID rather that just UNKNOWN.
+ [Steve Henson]
+
+ *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
+ OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
+ ID to be generated from the issuer certificate alone which can then be
+ passed to OCSP_id_issuer_cmp().
+ [Steve Henson]
+
+ *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
+ ASN1 modules to export functions returning ASN1_ITEM pointers
+ instead of the ASN1_ITEM structures themselves. This adds several
+ new macros which allow the underlying ASN1 function/structure to
+ be accessed transparently. As a result code should not use ASN1_ITEM
+ references directly (such as &X509_it) but instead use the relevant
+ macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
+ use of the new ASN1 code on platforms where exporting structures
+ is problematical (for example in shared libraries) but exporting
+ functions returning pointers to structures is not.
+ [Steve Henson]
+
+ *) Add support for overriding the generation of SSL/TLS session IDs.
+ These callbacks can be registered either in an SSL_CTX or per SSL.
+ The purpose of this is to allow applications to control, if they wish,
+ the arbitrary values chosen for use as session IDs, particularly as it
+ can be useful for session caching in multiple-server environments. A
+ command-line switch for testing this (and any client code that wishes
+ to use such a feature) has been added to "s_server".
+ [Geoff Thorpe, Lutz Jaenicke]
+
+ *) Modify mkdef.pl to recognise and parse preprocessor conditionals
+ of the form '#if defined(...) || defined(...) || ...' and
+ '#if !defined(...) && !defined(...) && ...'. This also avoids
+ the growing number of special cases it was previously handling.
+ [Richard Levitte]
+
+ *) Make all configuration macros available for application by making
+ sure they are available in opensslconf.h, by giving them names starting
+ with "OPENSSL_" to avoid conflicts with other packages and by making
+ sure e_os2.h will cover all platform-specific cases together with
+ opensslconf.h.
+ Additionally, it is now possible to define configuration/platform-
+ specific names (called "system identities"). In the C code, these
+ are prefixed with "OPENSSL_SYSNAME_". e_os2.h will create another
+ macro with the name beginning with "OPENSSL_SYS_", which is determined
+ from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on
+ what is available.
+ [Richard Levitte]
+
+ *) New option -set_serial to 'req' and 'x509' this allows the serial
+ number to use to be specified on the command line. Previously self
+ signed certificates were hard coded with serial number 0 and the
+ CA options of 'x509' had to use a serial number in a file which was
+ auto incremented.
+ [Steve Henson]
+
+ *) New options to 'ca' utility to support V2 CRL entry extensions.
+ Currently CRL reason, invalidity date and hold instruction are
+ supported. Add new CRL extensions to V3 code and some new objects.
+ [Steve Henson]
+
+ *) New function EVP_CIPHER_CTX_set_padding() this is used to
+ disable standard block padding (aka PKCS#5 padding) in the EVP
+ API, which was previously mandatory. This means that the data is
+ not padded in any way and so the total length much be a multiple
+ of the block size, otherwise an error occurs.
+ [Steve Henson]
+
+ *) Initial (incomplete) OCSP SSL support.
+ [Steve Henson]
+
+ *) New function OCSP_parse_url(). This splits up a URL into its host,
+ port and path components: primarily to parse OCSP URLs. New -url
+ option to ocsp utility.
+ [Steve Henson]
+
+ *) New nonce behavior. The return value of OCSP_check_nonce() now
+ reflects the various checks performed. Applications can decide
+ whether to tolerate certain situations such as an absent nonce
+ in a response when one was present in a request: the ocsp application
+ just prints out a warning. New function OCSP_add1_basic_nonce()
+ this is to allow responders to include a nonce in a response even if
+ the request is nonce-less.
+ [Steve Henson]
+
+ *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are
+ skipped when using openssl x509 multiple times on a single input file,
+ e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs".
+ [Bodo Moeller]
+
+ *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
+ set string type: to handle setting ASN1_TIME structures. Fix ca
+ utility to correctly initialize revocation date of CRLs.
+ [Steve Henson]
+
+ *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
+ the clients preferred ciphersuites and rather use its own preferences.
+ Should help to work around M$ SGC (Server Gated Cryptography) bug in
+ Internet Explorer by ensuring unchanged hash method during stepup.
+ (Also replaces the broken/deactivated SSL_OP_NON_EXPORT_FIRST option.)
+ [Lutz Jaenicke]
+
+ *) Make mkdef.pl recognise all DECLARE_ASN1 macros, change rijndael
+ to aes and add a new 'exist' option to print out symbols that don't
+ appear to exist.
+ [Steve Henson]
+
+ *) Additional options to ocsp utility to allow flags to be set and
+ additional certificates supplied.
+ [Steve Henson]
+
+ *) Add the option -VAfile to 'openssl ocsp', so the user can give the
+ OCSP client a number of certificate to only verify the response
+ signature against.
+ [Richard Levitte]
+
+ *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
+ handle the new API. Currently only ECB, CBC modes supported. Add new
+ AES OIDs.
+
+ Add TLS AES ciphersuites as described in RFC3268, "Advanced
+ Encryption Standard (AES) Ciphersuites for Transport Layer
+ Security (TLS)". (In beta versions of OpenSSL 0.9.7, these were
+ not enabled by default and were not part of the "ALL" ciphersuite
+ alias because they were not yet official; they could be
+ explicitly requested by specifying the "AESdraft" ciphersuite
+ group alias. In the final release of OpenSSL 0.9.7, the group
+ alias is called "AES" and is part of "ALL".)
+ [Ben Laurie, Steve Henson, Bodo Moeller]
+
+ *) New function OCSP_copy_nonce() to copy nonce value (if present) from
+ request to response.
+ [Steve Henson]
+
+ *) Functions for OCSP responders. OCSP_request_onereq_count(),
+ OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info()
+ extract information from a certificate request. OCSP_response_create()
+ creates a response and optionally adds a basic response structure.
+ OCSP_basic_add1_status() adds a complete single response to a basic
+ response and returns the OCSP_SINGLERESP structure just added (to allow
+ extensions to be included for example). OCSP_basic_add1_cert() adds a
+ certificate to a basic response and OCSP_basic_sign() signs a basic
+ response with various flags. New helper functions ASN1_TIME_check()
+ (checks validity of ASN1_TIME structure) and ASN1_TIME_to_generalizedtime()
+ (converts ASN1_TIME to GeneralizedTime).
+ [Steve Henson]
+
+ *) Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
+ in a single operation. X509_get0_pubkey_bitstr() extracts the public_key
+ structure from a certificate. X509_pubkey_digest() digests the public_key
+ contents: this is used in various key identifiers.
+ [Steve Henson]
+
+ *) Make sk_sort() tolerate a NULL argument.
+ [Steve Henson reported by Massimiliano Pala <madwolf at comune.modena.it>]
+
+ *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates
+ passed by the function are trusted implicitly. If any of them signed the
+ response then it is assumed to be valid and is not verified.
+ [Steve Henson]
+
+ *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
+ to data. This was previously part of the PKCS7 ASN1 code. This
+ was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.
+ [Steve Henson, reported by Kenneth R. Robinette
+ <support at securenetterm.com>]
+
+ *) Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1
+ routines: without these tracing memory leaks is very painful.
+ Fix leaks in PKCS12 and PKCS7 routines.
+ [Steve Henson]
+
+ *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
+ Previously it initialised the 'type' argument to V_ASN1_UTCTIME which
+ effectively meant GeneralizedTime would never be used. Now it
+ is initialised to -1 but X509_time_adj() now has to check the value
+ and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or
+ V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime.
+ [Steve Henson, reported by Kenneth R. Robinette
+ <support at securenetterm.com>]
+
+ *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously
+ result in a zero length in the ASN1_INTEGER structure which was
+ not consistent with the structure when d2i_ASN1_INTEGER() was used
+ and would cause ASN1_INTEGER_cmp() to fail. Enhance s2i_ASN1_INTEGER()
+ to cope with hex and negative integers. Fix bug in i2a_ASN1_INTEGER()
+ where it did not print out a minus for negative ASN1_INTEGER.
+ [Steve Henson]
+
+ *) Add summary printout to ocsp utility. The various functions which
+ convert status values to strings have been renamed to:
+ OCSP_response_status_str(), OCSP_cert_status_str() and
+ OCSP_crl_reason_str() and are no longer static. New options
+ to verify nonce values and to disable verification. OCSP response
+ printout format cleaned up.
+ [Steve Henson]
+
+ *) Add additional OCSP certificate checks. These are those specified
+ in RFC2560. This consists of two separate checks: the CA of the
+ certificate being checked must either be the OCSP signer certificate
+ or the issuer of the OCSP signer certificate. In the latter case the
+ OCSP signer certificate must contain the OCSP signing extended key
+ usage. This check is performed by attempting to match the OCSP
+ signer or the OCSP signer CA to the issuerNameHash and issuerKeyHash
+ in the OCSP_CERTID structures of the response.
+ [Steve Henson]
+
+ *) Initial OCSP certificate verification added to OCSP_basic_verify()
+ and related routines. This uses the standard OpenSSL certificate
+ verify routines to perform initial checks (just CA validity) and
+ to obtain the certificate chain. Then additional checks will be
+ performed on the chain. Currently the root CA is checked to see
+ if it is explicitly trusted for OCSP signing. This is used to set
+ a root CA as a global signing root: that is any certificate that
+ chains to that CA is an acceptable OCSP signing certificate.
+ [Steve Henson]
+
+ *) New '-extfile ...' option to 'openssl ca' for reading X.509v3
+ extensions from a separate configuration file.
+ As when reading extensions from the main configuration file,
+ the '-extensions ...' option may be used for specifying the
+ section to use.
+ [Massimiliano Pala <madwolf at comune.modena.it>]
+
+ *) New OCSP utility. Allows OCSP requests to be generated or
+ read. The request can be sent to a responder and the output
+ parsed, outputed or printed in text form. Not complete yet:
+ still needs to check the OCSP response validity.
+ [Steve Henson]
+
+ *) New subcommands for 'openssl ca':
+ 'openssl ca -status <serial>' prints the status of the cert with
+ the given serial number (according to the index file).
+ 'openssl ca -updatedb' updates the expiry status of certificates
+ in the index file.
+ [Massimiliano Pala <madwolf at comune.modena.it>]
+
+ *) New '-newreq-nodes' command option to CA.pl. This is like
+ '-newreq', but calls 'openssl req' with the '-nodes' option
+ so that the resulting key is not encrypted.
+ [Damien Miller <djm at mindrot.org>]
+
+ *) New configuration for the GNU Hurd.
+ [Jonathan Bartlett <johnnyb at wolfram.com> via Richard Levitte]
+
+ *) Initial code to implement OCSP basic response verify. This
+ is currently incomplete. Currently just finds the signer's
+ certificate and verifies the signature on the response.
+ [Steve Henson]
+
+ *) New SSLeay_version code SSLEAY_DIR to determine the compiled-in
+ value of OPENSSLDIR. This is available via the new '-d' option
+ to 'openssl version', and is also included in 'openssl version -a'.
+ [Bodo Moeller]
+
+ *) Allowing defining memory allocation callbacks that will be given
+ file name and line number information in additional arguments
+ (a const char* and an int). The basic functionality remains, as
+ well as the original possibility to just replace malloc(),
+ realloc() and free() by functions that do not know about these
+ additional arguments. To register and find out the current
+ settings for extended allocation functions, the following
+ functions are provided:
+
+ CRYPTO_set_mem_ex_functions
+ CRYPTO_set_locked_mem_ex_functions
+ CRYPTO_get_mem_ex_functions
+ CRYPTO_get_locked_mem_ex_functions
+
+ These work the same way as CRYPTO_set_mem_functions and friends.
+ CRYPTO_get_[locked_]mem_functions now writes 0 where such an
+ extended allocation function is enabled.
+ Similarly, CRYPTO_get_[locked_]mem_ex_functions writes 0 where
+ a conventional allocation function is enabled.
+ [Richard Levitte, Bodo Moeller]
+
+ *) Finish off removing the remaining LHASH function pointer casts.
+ There should no longer be any prototype-casting required when using
+ the LHASH abstraction, and any casts that remain are "bugs". See
+ the callback types and macros at the head of lhash.h for details
+ (and "OBJ_cleanup" in crypto/objects/obj_dat.c as an example).
+ [Geoff Thorpe]
+
+ *) Add automatic query of EGD sockets in RAND_poll() for the unix variant.
+ If /dev/[u]random devices are not available or do not return enough
+ entropy, EGD style sockets (served by EGD or PRNGD) will automatically
+ be queried.
+ The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and
+ /etc/entropy will be queried once each in this sequence, quering stops
+ when enough entropy was collected without querying more sockets.
+ [Lutz Jaenicke]
+
+ *) Change the Unix RAND_poll() variant to be able to poll several
+ random devices, as specified by DEVRANDOM, until a sufficient amount
+ of data has been collected. We spend at most 10 ms on each file
+ (select timeout) and read in non-blocking mode. DEVRANDOM now
+ defaults to the list "/dev/urandom", "/dev/random", "/dev/srandom"
+ (previously it was just the string "/dev/urandom"), so on typical
+ platforms the 10 ms delay will never occur.
+ Also separate out the Unix variant to its own file, rand_unix.c.
+ For VMS, there's a currently-empty rand_vms.c.
+ [Richard Levitte]
+
+ *) Move OCSP client related routines to ocsp_cl.c. These
+ provide utility functions which an application needing
+ to issue a request to an OCSP responder and analyse the
+ response will typically need: as opposed to those which an
+ OCSP responder itself would need which will be added later.
+
+ OCSP_request_sign() signs an OCSP request with an API similar
+ to PKCS7_sign(). OCSP_response_status() returns status of OCSP
+ response. OCSP_response_get1_basic() extracts basic response
+ from response. OCSP_resp_find_status(): finds and extracts status
+ information from an OCSP_CERTID structure (which will be created
+ when the request structure is built). These are built from lower
+ level functions which work on OCSP_SINGLERESP structures but
+ wont normally be used unless the application wishes to examine
+ extensions in the OCSP response for example.
+
+ Replace nonce routines with a pair of functions.
+ OCSP_request_add1_nonce() adds a nonce value and optionally
+ generates a random value. OCSP_check_nonce() checks the
+ validity of the nonce in an OCSP response.
+ [Steve Henson]
+
+ *) Change function OCSP_request_add() to OCSP_request_add0_id().
+ This doesn't copy the supplied OCSP_CERTID and avoids the
+ need to free up the newly created id. Change return type
+ to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure.
+ This can then be used to add extensions to the request.
+ Deleted OCSP_request_new(), since most of its functionality
+ is now in OCSP_REQUEST_new() (and the case insensitive name
+ clash) apart from the ability to set the request name which
+ will be added elsewhere.
+ [Steve Henson]
+
+ *) Update OCSP API. Remove obsolete extensions argument from
+ various functions. Extensions are now handled using the new
+ OCSP extension code. New simple OCSP HTTP function which
+ can be used to send requests and parse the response.
+ [Steve Henson]
+
+ *) Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new
+ ASN1_ITEM structures help with sign and verify. PKCS7_ATTR_SIGN
+ uses the special reorder version of SET OF to sort the attributes
+ and reorder them to match the encoded order. This resolves a long
+ standing problem: a verify on a PKCS7 structure just after signing
+ it used to fail because the attribute order did not match the
+ encoded order. PKCS7_ATTR_VERIFY does not reorder the attributes:
+ it uses the received order. This is necessary to tolerate some broken
+ software that does not order SET OF. This is handled by encoding
+ as a SEQUENCE OF but using implicit tagging (with UNIVERSAL class)
+ to produce the required SET OF.
+ [Steve Henson]
+
+ *) Have mk1mf.pl generate the macros OPENSSL_BUILD_SHLIBCRYPTO and
+ OPENSSL_BUILD_SHLIBSSL and use them appropriately in the header
+ files to get correct declarations of the ASN.1 item variables.
+ [Richard Levitte]
+
+ *) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
+ PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs:
+ asn1_check_tlen() would sometimes attempt to use 'ctx' when it was
+ NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i().
+ New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant
+ ASN1_ITEM and no wrapper functions.
+ [Steve Henson]
+
+ *) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These
+ replace the old function pointer based I/O routines. Change most of
+ the *_d2i_bio() and *_d2i_fp() functions to use these.
+ [Steve Henson]
+
+ *) Enhance mkdef.pl to be more accepting about spacing in C preprocessor
+ lines, recognice more "algorithms" that can be deselected, and make
+ it complain about algorithm deselection that isn't recognised.
+ [Richard Levitte]
+
+ *) New ASN1 functions to handle dup, sign, verify, digest, pack and
+ unpack operations in terms of ASN1_ITEM. Modify existing wrappers
+ to use new functions. Add NO_ASN1_OLD which can be set to remove
+ some old style ASN1 functions: this can be used to determine if old
+ code will still work when these eventually go away.
+ [Steve Henson]
+
+ *) New extension functions for OCSP structures, these follow the
+ same conventions as certificates and CRLs.
+ [Steve Henson]
+
+ *) New function X509V3_add1_i2d(). This automatically encodes and
+ adds an extension. Its behaviour can be customised with various
+ flags to append, replace or delete. Various wrappers added for
+ certifcates and CRLs.
+ [Steve Henson]
+
+ *) Fix to avoid calling the underlying ASN1 print routine when
+ an extension cannot be parsed. Correct a typo in the
+ OCSP_SERVICELOC extension. Tidy up print OCSP format.
+ [Steve Henson]
+
+ *) Make mkdef.pl parse some of the ASN1 macros and add apropriate
+ entries for variables.
+ [Steve Henson]
+
+ *) Add functionality to apps/openssl.c for detecting locking
+ problems: As the program is single-threaded, all we have
+ to do is register a locking callback using an array for
+ storing which locks are currently held by the program.
+ [Bodo Moeller]
+
+ *) Use a lock around the call to CRYPTO_get_ex_new_index() in
+ SSL_get_ex_data_X509_STORE_idx(), which is used in
+ ssl_verify_cert_chain() and thus can be called at any time
+ during TLS/SSL handshakes so that thread-safety is essential.
+ Unfortunately, the ex_data design is not at all suited
+ for multi-threaded use, so it probably should be abolished.
+ [Bodo Moeller]
+
+ *) Added Broadcom "ubsec" ENGINE to OpenSSL.
+ [Broadcom, tweaked and integrated by Geoff Thorpe]
+
+ *) Move common extension printing code to new function
+ X509V3_print_extensions(). Reorganise OCSP print routines and
+ implement some needed OCSP ASN1 functions. Add OCSP extensions.
+ [Steve Henson]
+
+ *) New function X509_signature_print() to remove duplication in some
+ print routines.
+ [Steve Henson]
+
+ *) Add a special meaning when SET OF and SEQUENCE OF flags are both
+ set (this was treated exactly the same as SET OF previously). This
+ is used to reorder the STACK representing the structure to match the
+ encoding. This will be used to get round a problem where a PKCS7
+ structure which was signed could not be verified because the STACK
+ order did not reflect the encoded order.
+ [Steve Henson]
+
+ *) Reimplement the OCSP ASN1 module using the new code.
+ [Steve Henson]
+
+ *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
+ for its ASN1 operations. The old style function pointers still exist
+ for now but they will eventually go away.
+ [Steve Henson]
+
+ *) Merge in replacement ASN1 code from the ASN1 branch. This almost
+ completely replaces the old ASN1 functionality with a table driven
+ encoder and decoder which interprets an ASN1_ITEM structure describing
+ the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is
+ largely maintained. Almost all of the old asn1_mac.h macro based ASN1
+ has also been converted to the new form.
+ [Steve Henson]
+
+ *) Change BN_mod_exp_recp so that negative moduli are tolerated
+ (the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set
+ so that BN_mod_exp_mont and BN_mod_exp_mont_word work
+ for negative moduli.
+ [Bodo Moeller]
+
+ *) Fix BN_uadd and BN_usub: Always return non-negative results instead
+ of not touching the result's sign bit.
+ [Bodo Moeller]
+
+ *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
+ set.
+ [Bodo Moeller]
+
+ *) Changed the LHASH code to use prototypes for callbacks, and created
+ macros to declare and implement thin (optionally static) functions
+ that provide type-safety and avoid function pointer casting for the
+ type-specific callbacks.
+ [Geoff Thorpe]
+
+ *) Added Kerberos Cipher Suites to be used with TLS, as written in
+ RFC 2712.
+ [Veers Staats <staatsvr at asc.hpc.mil>,
+ Jeffrey Altman <jaltman at columbia.edu>, via Richard Levitte]
+
+ *) Reformat the FAQ so the different questions and answers can be divided
+ in sections depending on the subject.
+ [Richard Levitte]
+
+ *) Have the zlib compression code load ZLIB.DLL dynamically under
+ Windows.
+ [Richard Levitte]
+
+ *) New function BN_mod_sqrt for computing square roots modulo a prime
+ (using the probabilistic Tonelli-Shanks algorithm unless
+ p == 3 (mod 4) or p == 5 (mod 8), which are cases that can
+ be handled deterministically).
+ [Lenka Fibikova <fibikova at exp-math.uni-essen.de>, Bodo Moeller]
+
+ *) Make BN_mod_inverse faster by explicitly handling small quotients
+ in the Euclid loop. (Speed gain about 20% for small moduli [256 or
+ 512 bits], about 30% for larger ones [1024 or 2048 bits].)
+ [Bodo Moeller]
+
+ *) New function BN_kronecker.
+ [Bodo Moeller]
+
+ *) Fix BN_gcd so that it works on negative inputs; the result is
+ positive unless both parameters are zero.
+ Previously something reasonably close to an infinite loop was
+ possible because numbers could be growing instead of shrinking
+ in the implementation of Euclid's algorithm.
+ [Bodo Moeller]
+
+ *) Fix BN_is_word() and BN_is_one() macros to take into account the
+ sign of the number in question.
+
+ Fix BN_is_word(a,w) to work correctly for w == 0.
+
+ The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w)
+ because its test if the absolute value of 'a' equals 'w'.
+ Note that BN_abs_is_word does *not* handle w == 0 reliably;
+ it exists mostly for use in the implementations of BN_is_zero(),
+ BN_is_one(), and BN_is_word().
+ [Bodo Moeller]
+
+ *) New function BN_swap.
+ [Bodo Moeller]
+
+ *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that
+ the exponentiation functions are more likely to produce reasonable
+ results on negative inputs.
+ [Bodo Moeller]
+
+ *) Change BN_mod_mul so that the result is always non-negative.
+ Previously, it could be negative if one of the factors was negative;
+ I don't think anyone really wanted that behaviour.
+ [Bodo Moeller]
+
+ *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c
+ (except for exponentiation, which stays in crypto/bn/bn_exp.c,
+ and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c)
+ and add new functions:
+
+ BN_nnmod
+ BN_mod_sqr
+ BN_mod_add
+ BN_mod_add_quick
+ BN_mod_sub
+ BN_mod_sub_quick
+ BN_mod_lshift1
+ BN_mod_lshift1_quick
+ BN_mod_lshift
+ BN_mod_lshift_quick
+
+ These functions always generate non-negative results.
+
+ BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r
+ such that |m| < r < 0, BN_nnmod will output rem + |m| instead).
+
+ BN_mod_XXX_quick(r, a, [b,] m) generates the same result as
+ BN_mod_XXX(r, a, [b,] m, ctx), but requires that a [and b]
+ be reduced modulo m.
+ [Lenka Fibikova <fibikova at exp-math.uni-essen.de>, Bodo Moeller]
+
+#if 0
+ The following entry accidentily appeared in the CHANGES file
+ distributed with OpenSSL 0.9.7. The modifications described in
+ it do *not* apply to OpenSSL 0.9.7.
+
+ *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
+ was actually never needed) and in BN_mul(). The removal in BN_mul()
+ required a small change in bn_mul_part_recursive() and the addition
+ of the functions bn_cmp_part_words(), bn_sub_part_words() and
+ bn_add_part_words(), which do the same thing as bn_cmp_words(),
+ bn_sub_words() and bn_add_words() except they take arrays with
+ differing sizes.
+ [Richard Levitte]
+#endif
+
+ *) In 'openssl passwd', verify passwords read from the terminal
+ unless the '-salt' option is used (which usually means that
+ verification would just waste user's time since the resulting
+ hash is going to be compared with some given password hash)
+ or the new '-noverify' option is used.
+
+ This is an incompatible change, but it does not affect
+ non-interactive use of 'openssl passwd' (passwords on the command
+ line, '-stdin' option, '-in ...' option) and thus should not
+ cause any problems.
+ [Bodo Moeller]
+
+ *) Remove all references to RSAref, since there's no more need for it.
+ [Richard Levitte]
+
+ *) Make DSO load along a path given through an environment variable
+ (SHLIB_PATH) with shl_load().
+ [Richard Levitte]
+
+ *) Constify the ENGINE code as a result of BIGNUM constification.
+ Also constify the RSA code and most things related to it. In a
+ few places, most notable in the depth of the ASN.1 code, ugly
+ casts back to non-const were required (to be solved at a later
+ time)
+ [Richard Levitte]
+
+ *) Make it so the openssl application has all engines loaded by default.
+ [Richard Levitte]
+
+ *) Constify the BIGNUM routines a little more.
+ [Richard Levitte]
+
+ *) Add the following functions:
+
+ ENGINE_load_cswift()
+ ENGINE_load_chil()
+ ENGINE_load_atalla()
+ ENGINE_load_nuron()
+ ENGINE_load_builtin_engines()
+
+ That way, an application can itself choose if external engines that
+ are built-in in OpenSSL shall ever be used or not. The benefit is
+ that applications won't have to be linked with libdl or other dso
+ libraries unless it's really needed.
+
+ Changed 'openssl engine' to load all engines on demand.
+ Changed the engine header files to avoid the duplication of some
+ declarations (they differed!).
+ [Richard Levitte]
+
+ *) 'openssl engine' can now list capabilities.
+ [Richard Levitte]
+
+ *) Better error reporting in 'openssl engine'.
+ [Richard Levitte]
+
+ *) Never call load_dh_param(NULL) in s_server.
+ [Bodo Moeller]
+
+ *) Add engine application. It can currently list engines by name and
+ identity, and test if they are actually available.
+ [Richard Levitte]
+
+ *) Improve RPM specification file by forcing symbolic linking and making
+ sure the installed documentation is also owned by root.root.
+ [Damien Miller <djm at mindrot.org>]
+
+ *) Give the OpenSSL applications more possibilities to make use of
+ keys (public as well as private) handled by engines.
+ [Richard Levitte]
+
+ *) Add OCSP code that comes from CertCo.
+ [Richard Levitte]
+
+ *) Add VMS support for the Rijndael code.
+ [Richard Levitte]
+
+ *) Added untested support for Nuron crypto accelerator.
+ [Ben Laurie]
+
+ *) Add support for external cryptographic devices. This code was
+ previously distributed separately as the "engine" branch.
+ [Geoff Thorpe, Richard Levitte]
+
+ *) Rework the filename-translation in the DSO code. It is now possible to
+ have far greater control over how a "name" is turned into a filename
+ depending on the operating environment and any oddities about the
+ different shared library filenames on each system.
+ [Geoff Thorpe]
+
+ *) Support threads on FreeBSD-elf in Configure.
+ [Richard Levitte]
+
+ *) Fix for SHA1 assembly problem with MASM: it produces
+ warnings about corrupt line number information when assembling
+ with debugging information. This is caused by the overlapping
+ of two sections.
+ [Bernd Matthes <mainbug at celocom.de>, Steve Henson]
+
+ *) NCONF changes.
+ NCONF_get_number() has no error checking at all. As a replacement,
+ NCONF_get_number_e() is defined (_e for "error checking") and is
+ promoted strongly. The old NCONF_get_number is kept around for
+ binary backward compatibility.
+ Make it possible for methods to load from something other than a BIO,
+ by providing a function pointer that is given a name instead of a BIO.
+ For example, this could be used to load configuration data from an
+ LDAP server.
+ [Richard Levitte]
+
+ *) Fix for non blocking accept BIOs. Added new I/O special reason
+ BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs
+ with non blocking I/O was not possible because no retry code was
+ implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
+ this case.
+ [Steve Henson]
+
+ *) Added the beginnings of Rijndael support.
+ [Ben Laurie]
+
+ *) Fix for bug in DirectoryString mask setting. Add support for
+ X509_NAME_print_ex() in 'req' and X509_print_ex() function
+ to allow certificate printing to more controllable, additional
+ 'certopt' option to 'x509' to allow new printing options to be
+ set.
+ [Steve Henson]
+
+ *) Clean old EAY MD5 hack from e_os.h.
+ [Richard Levitte]
+
+ Changes between 0.9.6l and 0.9.6m [17 Mar 2004]
+
+ *) Fix null-pointer assignment in do_change_cipher_spec() revealed
+ by using the Codenomicon TLS Test Tool (CVE-2004-0079)
+ [Joe Orton, Steve Henson]
+
+ Changes between 0.9.6k and 0.9.6l [04 Nov 2003]
+
+ *) Fix additional bug revealed by the NISCC test suite:
+
+ Stop bug triggering large recursion when presented with
+ certain ASN.1 tags (CVE-2003-0851)
+ [Steve Henson]
+
+ Changes between 0.9.6j and 0.9.6k [30 Sep 2003]
+
+ *) Fix various bugs revealed by running the NISCC test suite:
+
+ Stop out of bounds reads in the ASN1 code when presented with
+ invalid tags (CVE-2003-0543 and CVE-2003-0544).
+
+ If verify callback ignores invalid public key errors don't try to check
+ certificate signature with the NULL public key.
+
+ [Steve Henson]
+
+ *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
+ if the server requested one: as stated in TLS 1.0 and SSL 3.0
+ specifications.
+ [Steve Henson]
+
+ *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
+ extra data after the compression methods not only for TLS 1.0
+ but also for SSL 3.0 (as required by the specification).
+ [Bodo Moeller; problem pointed out by Matthias Loepfe]
+
+ *) Change X509_certificate_type() to mark the key as exported/exportable
+ when it's 512 *bits* long, not 512 bytes.
+ [Richard Levitte]
+
+ Changes between 0.9.6i and 0.9.6j [10 Apr 2003]
+
+ *) Countermeasure against the Klima-Pokorny-Rosa extension of
+ Bleichbacher's attack on PKCS #1 v1.5 padding: treat
+ a protocol version number mismatch like a decryption error
+ in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
+ [Bodo Moeller]
+
+ *) Turn on RSA blinding by default in the default implementation
+ to avoid a timing attack. Applications that don't want it can call
+ RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
+ They would be ill-advised to do so in most cases.
+ [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
+
+ *) Change RSA blinding code so that it works when the PRNG is not
+ seeded (in this case, the secret RSA exponent is abused as
+ an unpredictable seed -- if it is not unpredictable, there
+ is no point in blinding anyway). Make RSA blinding thread-safe
+ by remembering the creator's thread ID in rsa->blinding and
+ having all other threads use local one-time blinding factors
+ (this requires more computation than sharing rsa->blinding, but
+ avoids excessive locking; and if an RSA object is not shared
+ between threads, blinding will still be very fast).
+ [Bodo Moeller]
+
+ Changes between 0.9.6h and 0.9.6i [19 Feb 2003]
+
+ *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
+ via timing by performing a MAC computation even if incorrrect
+ block cipher padding has been found. This is a countermeasure
+ against active attacks where the attacker has to distinguish
+ between bad padding and a MAC verification error. (CVE-2003-0078)
+
+ [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
+ Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
+ Martin Vuagnoux (EPFL, Ilion)]
+
+ Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
+
+ *) New function OPENSSL_cleanse(), which is used to cleanse a section of
+ memory from it's contents. This is done with a counter that will
+ place alternating values in each byte. This can be used to solve
+ two issues: 1) the removal of calls to memset() by highly optimizing
+ compilers, and 2) cleansing with other values than 0, since those can
+ be read through on certain media, for example a swap space on disk.
+ [Geoff Thorpe]
+
+ *) Bugfix: client side session caching did not work with external caching,
+ because the session->cipher setting was not restored when reloading
+ from the external cache. This problem was masked, when
+ SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
+ (Found by Steve Haslam <steve at araqnid.ddts.net>.)
+ [Lutz Jaenicke]
+
+ *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
+ length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
+ [Zeev Lieber <zeev-l at yahoo.com>]
+
+ *) Undo an undocumented change introduced in 0.9.6e which caused
+ repeated calls to OpenSSL_add_all_ciphers() and
+ OpenSSL_add_all_digests() to be ignored, even after calling
+ EVP_cleanup().
+ [Richard Levitte]
+
+ *) Change the default configuration reader to deal with last line not
+ being properly terminated.
+ [Richard Levitte]
+
+ *) Change X509_NAME_cmp() so it applies the special rules on handling
+ DN values that are of type PrintableString, as well as RDNs of type
+ emailAddress where the value has the type ia5String.
+ [stefank at valicert.com via Richard Levitte]
+
+ *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half
+ the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently
+ doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
+ the bitwise-OR of the two for use by the majority of applications
+ wanting this behaviour, and update the docs. The documented
+ behaviour and actual behaviour were inconsistent and had been
+ changing anyway, so this is more a bug-fix than a behavioural
+ change.
+ [Geoff Thorpe, diagnosed by Nadav Har'El]
+
+ *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
+ (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
+ [Bodo Moeller]
+
+ *) Fix initialization code race conditions in
+ SSLv23_method(), SSLv23_client_method(), SSLv23_server_method(),
+ SSLv2_method(), SSLv2_client_method(), SSLv2_server_method(),
+ SSLv3_method(), SSLv3_client_method(), SSLv3_server_method(),
+ TLSv1_method(), TLSv1_client_method(), TLSv1_server_method(),
+ ssl2_get_cipher_by_char(),
+ ssl3_get_cipher_by_char().
+ [Patrick McCormick <patrick at tellme.com>, Bodo Moeller]
+
+ *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
+ the cached sessions are flushed, as the remove_cb() might use ex_data
+ contents. Bug found by Sam Varshavchik <mrsam at courier-mta.com>
+ (see [openssl.org #212]).
+ [Geoff Thorpe, Lutz Jaenicke]
+
+ *) Fix typo in OBJ_txt2obj which incorrectly passed the content
+ length, instead of the encoding length to d2i_ASN1_OBJECT.
+ [Steve Henson]
+
+ Changes between 0.9.6f and 0.9.6g [9 Aug 2002]
+
+ *) [In 0.9.6g-engine release:]
+ Fix crypto/engine/vendor_defns/cswift.h for WIN32 (use '_stdcall').
+ [Lynn Gazis <lgazis at rainbow.com>]
+
+ Changes between 0.9.6e and 0.9.6f [8 Aug 2002]
+
+ *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+ and get fix the header length calculation.
+ [Florian Weimer <Weimer at CERT.Uni-Stuttgart.DE>,
+ Alon Kantor <alonk at checkpoint.com> (and others),
+ Steve Henson]
+
+ *) Use proper error handling instead of 'assertions' in buffer
+ overflow checks added in 0.9.6e. This prevents DoS (the
+ assertions could call abort()).
+ [Arne Ansper <arne at ats.cyber.ee>, Bodo Moeller]
+
+ Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
+
+ *) Add various sanity checks to asn1_get_length() to reject
+ the ASN1 length bytes if they exceed sizeof(long), will appear
+ negative or the content length exceeds the length of the
+ supplied buffer.
+ [Steve Henson, Adi Stav <stav at mercury.co.il>, James Yonan <jim at ntlp.com>]
+
+ *) Fix cipher selection routines: ciphers without encryption had no flags
+ for the cipher strength set and where therefore not handled correctly
+ by the selection routines (PR #130).
+ [Lutz Jaenicke]
+
+ *) Fix EVP_dsa_sha macro.
+ [Nils Larsch]
+
+ *) New option
+ SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+ for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
+ that was added in OpenSSL 0.9.6d.
+
+ As the countermeasure turned out to be incompatible with some
+ broken SSL implementations, the new option is part of SSL_OP_ALL.
+ SSL_OP_ALL is usually employed when compatibility with weird SSL
+ implementations is desired (e.g. '-bugs' option to 's_client' and
+ 's_server'), so the new option is automatically set in many
+ applications.
+ [Bodo Moeller]
+
+ *) Changes in security patch:
+
+ Changes marked "(CHATS)" were sponsored by the Defense Advanced
+ Research Projects Agency (DARPA) and Air Force Research Laboratory,
+ Air Force Materiel Command, USAF, under agreement number
+ F30602-01-2-0537.
+
+ *) Add various sanity checks to asn1_get_length() to reject
+ the ASN1 length bytes if they exceed sizeof(long), will appear
+ negative or the content length exceeds the length of the
+ supplied buffer. (CVE-2002-0659)
+ [Steve Henson, Adi Stav <stav at mercury.co.il>, James Yonan <jim at ntlp.com>]
+
+ *) Assertions for various potential buffer overflows, not known to
+ happen in practice.
+ [Ben Laurie (CHATS)]
+
+ *) Various temporary buffers to hold ASCII versions of integers were
+ too small for 64 bit platforms. (CVE-2002-0655)
+ [Matthew Byng-Maddick <mbm at aldigital.co.uk> and Ben Laurie (CHATS)>
+
+ *) Remote buffer overflow in SSL3 protocol - an attacker could
+ supply an oversized session ID to a client. (CVE-2002-0656)
+ [Ben Laurie (CHATS)]
+
+ *) Remote buffer overflow in SSL2 protocol - an attacker could
+ supply an oversized client master key. (CVE-2002-0656)
+ [Ben Laurie (CHATS)]
+
+ Changes between 0.9.6c and 0.9.6d [9 May 2002]
+
+ *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
+ encoded as NULL) with id-dsa-with-sha1.
+ [Nils Larsch <nla at trustcenter.de>; problem pointed out by Bodo Moeller]
+
+ *) Check various X509_...() return values in apps/req.c.
+ [Nils Larsch <nla at trustcenter.de>]
+
+ *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
+ an end-of-file condition would erronously be flagged, when the CRLF
+ was just at the end of a processed block. The bug was discovered when
+ processing data through a buffering memory BIO handing the data to a
+ BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov
+ <ptsekov at syntrex.com> and Nedelcho Stanev.
+ [Lutz Jaenicke]
+
+ *) Implement a countermeasure against a vulnerability recently found
+ in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
+ before application data chunks to avoid the use of known IVs
+ with data potentially chosen by the attacker.
+ [Bodo Moeller]
+
+ *) Fix length checks in ssl3_get_client_hello().
+ [Bodo Moeller]
+
+ *) TLS/SSL library bugfix: use s->s3->in_read_app_data differently
+ to prevent ssl3_read_internal() from incorrectly assuming that
+ ssl3_read_bytes() found application data while handshake
+ processing was enabled when in fact s->s3->in_read_app_data was
+ merely automatically cleared during the initial handshake.
+ [Bodo Moeller; problem pointed out by Arne Ansper <arne at ats.cyber.ee>]
+
+ *) Fix object definitions for Private and Enterprise: they were not
+ recognized in their shortname (=lowercase) representation. Extend
+ obj_dat.pl to issue an error when using undefined keywords instead
+ of silently ignoring the problem (Svenning Sorensen
+ <sss at sss.dnsalias.net>).
+ [Lutz Jaenicke]
+
+ *) Fix DH_generate_parameters() so that it works for 'non-standard'
+ generators, i.e. generators other than 2 and 5. (Previously, the
+ code did not properly initialise the 'add' and 'rem' values to
+ BN_generate_prime().)
+
+ In the new general case, we do not insist that 'generator' is
+ actually a primitive root: This requirement is rather pointless;
+ a generator of the order-q subgroup is just as good, if not
+ better.
+ [Bodo Moeller]
+
+ *) Map new X509 verification errors to alerts. Discovered and submitted by
+ Tom Wu <tom at arcot.com>.
+ [Lutz Jaenicke]
+
+ *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from
+ returning non-zero before the data has been completely received
+ when using non-blocking I/O.
+ [Bodo Moeller; problem pointed out by John Hughes]
+
+ *) Some of the ciphers missed the strength entry (SSL_LOW etc).
+ [Ben Laurie, Lutz Jaenicke]
+
+ *) Fix bug in SSL_clear(): bad sessions were not removed (found by
+ Yoram Zahavi <YoramZ at gilian.com>).
+ [Lutz Jaenicke]
+
+ *) Add information about CygWin 1.3 and on, and preserve proper
+ configuration for the versions before that.
+ [Corinna Vinschen <vinschen at redhat.com> and Richard Levitte]
+
+ *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
+ check whether we deal with a copy of a session and do not delete from
+ the cache in this case. Problem reported by "Izhar Shoshani Levi"
+ <izhar at checkpoint.com>.
+ [Lutz Jaenicke]
+
+ *) Do not store session data into the internal session cache, if it
+ is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+ flag is set). Proposed by Aslam <aslam at funk.com>.
+ [Lutz Jaenicke]
+
+ *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
+ value is 0.
+ [Richard Levitte]
+
+ *) [In 0.9.6d-engine release:]
+ Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
+ [Toomas Kiisk <vix at cyber.ee> via Richard Levitte]
+
+ *) Add the configuration target linux-s390x.
+ [Neale Ferguson <Neale.Ferguson at SoftwareAG-USA.com> via Richard Levitte]
+
+ *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
+ ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
+ variable as an indication that a ClientHello message has been
+ received. As the flag value will be lost between multiple
+ invocations of ssl3_accept when using non-blocking I/O, the
+ function may not be aware that a handshake has actually taken
+ place, thus preventing a new session from being added to the
+ session cache.
+
+ To avoid this problem, we now set s->new_session to 2 instead of
+ using a local variable.
+ [Lutz Jaenicke, Bodo Moeller]
+
+ *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
+ if the SSL_R_LENGTH_MISMATCH error is detected.
+ [Geoff Thorpe, Bodo Moeller]
+
+ *) New 'shared_ldflag' column in Configure platform table.
+ [Richard Levitte]
+
+ *) Fix EVP_CIPHER_mode macro.
+ ["Dan S. Camper" <dan at bti.net>]
+
+ *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
+ type, we must throw them away by setting rr->length to 0.
+ [D P Chang <dpc at qualys.com>]
+
+ Changes between 0.9.6b and 0.9.6c [21 dec 2001]
+
+ *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
+ <Dominikus.Scherkl at biodata.com>. (The previous implementation
+ worked incorrectly for those cases where range = 10..._2 and
+ 3*range is two bits longer than range.)
+ [Bodo Moeller]
+
+ *) Only add signing time to PKCS7 structures if it is not already
+ present.
+ [Steve Henson]
+
+ *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
+ OBJ_ld_ce should be OBJ_id_ce.
+ Also some ip-pda OIDs in crypto/objects/objects.txt were
+ incorrect (cf. RFC 3039).
+ [Matt Cooper, Frederic Giudicelli, Bodo Moeller]
+
+ *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
+ returns early because it has nothing to do.
+ [Andy Schneider <andy.schneider at bjss.co.uk>]
+
+ *) [In 0.9.6c-engine release:]
+ Fix mutex callback return values in crypto/engine/hw_ncipher.c.
+ [Andy Schneider <andy.schneider at bjss.co.uk>]
+
+ *) [In 0.9.6c-engine release:]
+ Add support for Cryptographic Appliance's keyserver technology.
+ (Use engine 'keyclient')
+ [Cryptographic Appliances and Geoff Thorpe]
+
+ *) Add a configuration entry for OS/390 Unix. The C compiler 'c89'
+ is called via tools/c89.sh because arguments have to be
+ rearranged (all '-L' options must appear before the first object
+ modules).
+ [Richard Shapiro <rshapiro at abinitio.com>]
+
+ *) [In 0.9.6c-engine release:]
+ Add support for Broadcom crypto accelerator cards, backported
+ from 0.9.7.
+ [Broadcom, Nalin Dahyabhai <nalin at redhat.com>, Mark Cox]
+
+ *) [In 0.9.6c-engine release:]
+ Add support for SureWare crypto accelerator cards from
+ Baltimore Technologies. (Use engine 'sureware')
+ [Baltimore Technologies and Mark Cox]
+
+ *) [In 0.9.6c-engine release:]
+ Add support for crypto accelerator cards from Accelerated
+ Encryption Processing, www.aep.ie. (Use engine 'aep')
+ [AEP Inc. and Mark Cox]
+
+ *) Add a configuration entry for gcc on UnixWare.
+ [Gary Benson <gbenson at redhat.com>]
+
+ *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
+ messages are stored in a single piece (fixed-length part and
+ variable-length part combined) and fix various bugs found on the way.
+ [Bodo Moeller]
+
+ *) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
+ instead. BIO_gethostbyname() does not know what timeouts are
+ appropriate, so entries would stay in cache even when they have
+ become invalid.
+ [Bodo Moeller; problem pointed out by Rich Salz <rsalz at zolera.com>
+
+ *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
+ faced with a pathologically small ClientHello fragment that does
+ not contain client_version: Instead of aborting with an error,
+ simply choose the highest available protocol version (i.e.,
+ TLS 1.0 unless it is disabled). In practice, ClientHello
+ messages are never sent like this, but this change gives us
+ strictly correct behaviour at least for TLS.
+ [Bodo Moeller]
+
+ *) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
+ never resets s->method to s->ctx->method when called from within
+ one of the SSL handshake functions.
+ [Bodo Moeller; problem pointed out by Niko Baric]
+
+ *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
+ (sent using the client's version number) if client_version is
+ smaller than the protocol version in use. Also change
+ ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
+ the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
+ the client will at least see that alert.
+ [Bodo Moeller]
+
+ *) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
+ correctly.
+ [Bodo Moeller]
+
+ *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
+ client receives HelloRequest while in a handshake.
+ [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider at bjss.co.uk>]
+
+ *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
+ should end in 'break', not 'goto end' which circuments various
+ cleanups done in state SSL_ST_OK. But session related stuff
+ must be disabled for SSL_ST_OK in the case that we just sent a
+ HelloRequest.
+
+ Also avoid some overhead by not calling ssl_init_wbio_buffer()
+ before just sending a HelloRequest.
+ [Bodo Moeller, Eric Rescorla <ekr at rtfm.com>]
+
+ *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
+ reveal whether illegal block cipher padding was found or a MAC
+ verification error occured. (Neither SSLerr() codes nor alerts
+ are directly visible to potential attackers, but the information
+ may leak via logfiles.)
+
+ Similar changes are not required for the SSL 2.0 implementation
+ because the number of padding bytes is sent in clear for SSL 2.0,
+ and the extra bytes are just ignored. However ssl/s2_pkt.c
+ failed to verify that the purported number of padding bytes is in
+ the legal range.
+ [Bodo Moeller]
+
+ *) Add OpenUNIX-8 support including shared libraries
+ (Boyd Lynn Gerber <gerberb at zenez.com>).
+ [Lutz Jaenicke]
+
+ *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
+ 'wristwatch attack' using huge encoding parameters (cf.
+ James H. Manger's CRYPTO 2001 paper). Note that the
+ RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
+ encoding parameters and hence was not vulnerable.
+ [Bodo Moeller]
+
+ *) BN_sqr() bug fix.
+ [Ulf Möller, reported by Jim Ellis <jim.ellis at cavium.com>]
+
+ *) Rabin-Miller test analyses assume uniformly distributed witnesses,
+ so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
+ followed by modular reduction.
+ [Bodo Moeller; pointed out by Adam Young <AYoung1 at NCSUS.JNJ.COM>]
+
+ *) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
+ equivalent based on BN_pseudo_rand() instead of BN_rand().
+ [Bodo Moeller]
+
+ *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
+ This function was broken, as the check for a new client hello message
+ to handle SGC did not allow these large messages.
+ (Tracked down by "Douglas E. Engert" <deengert at anl.gov>.)
+ [Lutz Jaenicke]
+
+ *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
+ [Lutz Jaenicke]
+
+ *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
+ for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton at netopia.com>).
+ [Lutz Jaenicke]
+
+ *) Rework the configuration and shared library support for Tru64 Unix.
+ The configuration part makes use of modern compiler features and
+ still retains old compiler behavior for those that run older versions
+ of the OS. The shared library support part includes a variant that
+ uses the RPATH feature, and is available through the special
+ configuration target "alpha-cc-rpath", which will never be selected
+ automatically.
+ [Tim Mooney <mooney at dogbert.cc.ndsu.NoDak.edu> via Richard Levitte]
+
+ *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
+ with the same message size as in ssl3_get_certificate_request().
+ Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
+ messages might inadvertently be reject as too long.
+ [Petr Lampa <lampa at fee.vutbr.cz>]
+
+ *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX).
+ [Andy Polyakov]
+
+ *) Modified SSL library such that the verify_callback that has been set
+ specificly for an SSL object with SSL_set_verify() is actually being
+ used. Before the change, a verify_callback set with this function was
+ ignored and the verify_callback() set in the SSL_CTX at the time of
+ the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
+ to allow the necessary settings.
+ [Lutz Jaenicke]
+
+ *) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
+ explicitly to NULL, as at least on Solaris 8 this seems not always to be
+ done automatically (in contradiction to the requirements of the C
+ standard). This made problems when used from OpenSSH.
+ [Lutz Jaenicke]
+
+ *) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
+ dh->length and always used
+
+ BN_rand_range(priv_key, dh->p).
+
+ BN_rand_range() is not necessary for Diffie-Hellman, and this
+ specific range makes Diffie-Hellman unnecessarily inefficient if
+ dh->length (recommended exponent length) is much smaller than the
+ length of dh->p. We could use BN_rand_range() if the order of
+ the subgroup was stored in the DH structure, but we only have
+ dh->length.
+
+ So switch back to
+
+ BN_rand(priv_key, l, ...)
+
+ where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
+ otherwise.
+ [Bodo Moeller]
+
+ *) In
+
+ RSA_eay_public_encrypt
+ RSA_eay_private_decrypt
+ RSA_eay_private_encrypt (signing)
+ RSA_eay_public_decrypt (signature verification)
+
+ (default implementations for RSA_public_encrypt,
+ RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt),
+ always reject numbers >= n.
+ [Bodo Moeller]
+
+ *) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
+ to synchronize access to 'locking_thread'. This is necessary on
+ systems where access to 'locking_thread' (an 'unsigned long'
+ variable) is not atomic.
+ [Bodo Moeller]
+
+ *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
+ *before* setting the 'crypto_lock_rand' flag. The previous code had
+ a race condition if 0 is a valid thread ID.
+ [Travis Vitek <vitek at roguewave.com>]
+
+ *) Add support for shared libraries under Irix.
+ [Albert Chin-A-Young <china at thewrittenword.com>]
+
+ *) Add configuration option to build on Linux on both big-endian and
+ little-endian MIPS.
+ [Ralf Baechle <ralf at uni-koblenz.de>]
+
+ *) Add the possibility to create shared libraries on HP-UX.
+ [Richard Levitte]
+
+ Changes between 0.9.6a and 0.9.6b [9 Jul 2001]
+
+ *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
+ to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
+ Markku-Juhani O. Saarinen <markku-juhani.saarinen at nokia.com>:
+ PRNG state recovery was possible based on the output of
+ one PRNG request appropriately sized to gain knowledge on
+ 'md' followed by enough consecutive 1-byte PRNG requests
+ to traverse all of 'state'.
+
+ 1. When updating 'md_local' (the current thread's copy of 'md')
+ during PRNG output generation, hash all of the previous
+ 'md_local' value, not just the half used for PRNG output.
+
+ 2. Make the number of bytes from 'state' included into the hash
+ independent from the number of PRNG bytes requested.
+
+ The first measure alone would be sufficient to avoid
+ Markku-Juhani's attack. (Actually it had never occurred
+ to me that the half of 'md_local' used for chaining was the
+ half from which PRNG output bytes were taken -- I had always
+ assumed that the secret half would be used.) The second
+ measure makes sure that additional data from 'state' is never
+ mixed into 'md_local' in small portions; this heuristically
+ further strengthens the PRNG.
+ [Bodo Moeller]
+
+ *) Fix crypto/bn/asm/mips3.s.
+ [Andy Polyakov]
+
+ *) When only the key is given to "enc", the IV is undefined. Print out
+ an error message in this case.
+ [Lutz Jaenicke]
+
+ *) Handle special case when X509_NAME is empty in X509 printing routines.
+ [Steve Henson]
+
+ *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
+ positive and less than q.
+ [Bodo Moeller]
+
+ *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
+ used: it isn't thread safe and the add_lock_callback should handle
+ that itself.
+ [Paul Rose <Paul.Rose at bridge.com>]
+
+ *) Verify that incoming data obeys the block size in
+ ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
+ [Bodo Moeller]
+
+ *) Fix OAEP check.
+ [Ulf Möller, Bodo Möller]
+
+ *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
+ RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
+ when fixing the server behaviour for backwards-compatible 'client
+ hello' messages. (Note that the attack is impractical against
+ SSL 3.0 and TLS 1.0 anyway because length and version checking
+ means that the probability of guessing a valid ciphertext is
+ around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
+ paper.)
+
+ Before 0.9.5, the countermeasure (hide the error by generating a
+ random 'decryption result') did not work properly because
+ ERR_clear_error() was missing, meaning that SSL_get_error() would
+ detect the supposedly ignored error.
+
+ Both problems are now fixed.
+ [Bodo Moeller]
+
+ *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
+ (previously it was 1024).
+ [Bodo Moeller]
+
+ *) Fix for compatibility mode trust settings: ignore trust settings
+ unless some valid trust or reject settings are present.
+ [Steve Henson]
+
+ *) Fix for blowfish EVP: its a variable length cipher.
+ [Steve Henson]
+
+ *) Fix various bugs related to DSA S/MIME verification. Handle missing
+ parameters in DSA public key structures and return an error in the
+ DSA routines if parameters are absent.
+ [Steve Henson]
+
+ *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
+ in the current directory if neither $RANDFILE nor $HOME was set.
+ RAND_file_name() in 0.9.6a returned NULL in this case. This has
+ caused some confusion to Windows users who haven't defined $HOME.
+ Thus RAND_file_name() is changed again: e_os.h can define a
+ DEFAULT_HOME, which will be used if $HOME is not set.
+ For Windows, we use "C:"; on other platforms, we still require
+ environment variables.
+
+ *) Move 'if (!initialized) RAND_poll()' into regions protected by
+ CRYPTO_LOCK_RAND. This is not strictly necessary, but avoids
+ having multiple threads call RAND_poll() concurrently.
+ [Bodo Moeller]
+
+ *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
+ combination of a flag and a thread ID variable.
+ Otherwise while one thread is in ssleay_rand_bytes (which sets the
+ flag), *other* threads can enter ssleay_add_bytes without obeying
+ the CRYPTO_LOCK_RAND lock (and may even illegally release the lock
+ that they do not hold after the first thread unsets add_do_not_lock).
+ [Bodo Moeller]
+
+ *) Change bctest again: '-x' expressions are not available in all
+ versions of 'test'.
+ [Bodo Moeller]
+
+ Changes between 0.9.6 and 0.9.6a [5 Apr 2001]
+
+ *) Fix a couple of memory leaks in PKCS7_dataDecode()
+ [Steve Henson, reported by Heyun Zheng <hzheng at atdsprint.com>]
+
+ *) Change Configure and Makefiles to provide EXE_EXT, which will contain
+ the default extension for executables, if any. Also, make the perl
+ scripts that use symlink() to test if it really exists and use "cp"
+ if it doesn't. All this made OpenSSL compilable and installable in
+ CygWin.
+ [Richard Levitte]
+
+ *) Fix for asn1_GetSequence() for indefinite length constructed data.
+ If SEQUENCE is length is indefinite just set c->slen to the total
+ amount of data available.
+ [Steve Henson, reported by shige at FreeBSD.org]
+ [This change does not apply to 0.9.7.]
+
+ *) Change bctest to avoid here-documents inside command substitution
+ (workaround for FreeBSD /bin/sh bug).
+ For compatibility with Ultrix, avoid shell functions (introduced
+ in the bctest version that searches along $PATH).
+ [Bodo Moeller]
+
+ *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes
+ with des_encrypt() defined on some operating systems, like Solaris
+ and UnixWare.
+ [Richard Levitte]
+
+ *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
+ On the Importance of Eliminating Errors in Cryptographic
+ Computations, J. Cryptology 14 (2001) 2, 101-119,
+ http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
+ [Ulf Moeller]
+
+ *) MIPS assembler BIGNUM division bug fix.
+ [Andy Polyakov]
+
+ *) Disabled incorrect Alpha assembler code.
+ [Richard Levitte]
+
+ *) Fix PKCS#7 decode routines so they correctly update the length
+ after reading an EOC for the EXPLICIT tag.
+ [Steve Henson]
+ [This change does not apply to 0.9.7.]
+
+ *) Fix bug in PKCS#12 key generation routines. This was triggered
+ if a 3DES key was generated with a 0 initial byte. Include
+ PKCS12_BROKEN_KEYGEN compilation option to retain the old
+ (but broken) behaviour.
+ [Steve Henson]
+
+ *) Enhance bctest to search for a working bc along $PATH and print
+ it when found.
+ [Tim Rice <tim at multitalents.net> via Richard Levitte]
+
+ *) Fix memory leaks in err.c: free err_data string if necessary;
+ don't write to the wrong index in ERR_set_error_data.
+ [Bodo Moeller]
+
+ *) Implement ssl23_peek (analogous to ssl23_read), which previously
+ did not exist.
+ [Bodo Moeller]
+
+ *) Replace rdtsc with _emit statements for VC++ version 5.
+ [Jeremy Cooper <jeremy at baymoo.org>]
+
+ *) Make it possible to reuse SSLv2 sessions.
+ [Richard Levitte]
+
+ *) In copy_email() check for >= 0 as a return value for
+ X509_NAME_get_index_by_NID() since 0 is a valid index.
+ [Steve Henson reported by Massimiliano Pala <madwolf at opensca.org>]
+
+ *) Avoid coredump with unsupported or invalid public keys by checking if
+ X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
+ PKCS7_verify() fails with non detached data.
+ [Steve Henson]
+
+ *) Don't use getenv in library functions when run as setuid/setgid.
+ New function OPENSSL_issetugid().
+ [Ulf Moeller]
+
+ *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
+ due to incorrect handling of multi-threading:
+
+ 1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
+
+ 2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
+
+ 3. Count how many times MemCheck_off() has been called so that
+ nested use can be treated correctly. This also avoids
+ inband-signalling in the previous code (which relied on the
+ assumption that thread ID 0 is impossible).
+ [Bodo Moeller]
+
+ *) Add "-rand" option also to s_client and s_server.
+ [Lutz Jaenicke]
+
+ *) Fix CPU detection on Irix 6.x.
+ [Kurt Hockenbury <khockenb at stevens-tech.edu> and
+ "Bruce W. Forsberg" <bruce.forsberg at baesystems.com>]
+
+ *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
+ was empty.
+ [Steve Henson]
+ [This change does not apply to 0.9.7.]
+
+ *) Use the cached encoding of an X509_NAME structure rather than
+ copying it. This is apparently the reason for the libsafe "errors"
+ but the code is actually correct.
+ [Steve Henson]
+
+ *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
+ Bleichenbacher's DSA attack.
+ Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
+ to be set and top=0 forces the highest bit to be set; top=-1 is new
+ and leaves the highest bit random.
+ [Ulf Moeller, Bodo Moeller]
+
+ *) In the NCONF_...-based implementations for CONF_... queries
+ (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
+ a temporary CONF structure with the data component set to NULL
+ (which gives segmentation faults in lh_retrieve).
+ Instead, use NULL for the CONF pointer in CONF_get_string and
+ CONF_get_number (which may use environment variables) and directly
+ return NULL from CONF_get_section.
+ [Bodo Moeller]
+
+ *) Fix potential buffer overrun for EBCDIC.
+ [Ulf Moeller]
+
+ *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
+ keyUsage if basicConstraints absent for a CA.
+ [Steve Henson]
+
+ *) Make SMIME_write_PKCS7() write mail header values with a format that
+ is more generally accepted (no spaces before the semicolon), since
+ some programs can't parse those values properly otherwise. Also make
+ sure BIO's that break lines after each write do not create invalid
+ headers.
+ [Richard Levitte]
+
+ *) Make the CRL encoding routines work with empty SEQUENCE OF. The
+ macros previously used would not encode an empty SEQUENCE OF
+ and break the signature.
+ [Steve Henson]
+ [This change does not apply to 0.9.7.]
+
+ *) Zero the premaster secret after deriving the master secret in
+ DH ciphersuites.
+ [Steve Henson]
+
+ *) Add some EVP_add_digest_alias registrations (as found in
+ OpenSSL_add_all_digests()) to SSL_library_init()
+ aka OpenSSL_add_ssl_algorithms(). This provides improved
+ compatibility with peers using X.509 certificates
+ with unconventional AlgorithmIdentifier OIDs.
+ [Bodo Moeller]
+
+ *) Fix for Irix with NO_ASM.
+ ["Bruce W. Forsberg" <bruce.forsberg at baesystems.com>]
+
+ *) ./config script fixes.
+ [Ulf Moeller, Richard Levitte]
+
+ *) Fix 'openssl passwd -1'.
+ [Bodo Moeller]
+
+ *) Change PKCS12_key_gen_asc() so it can cope with non null
+ terminated strings whose length is passed in the passlen
+ parameter, for example from PEM callbacks. This was done
+ by adding an extra length parameter to asc2uni().
+ [Steve Henson, reported by <oddissey at samsung.co.kr>]
+
+ *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
+ call failed, free the DSA structure.
+ [Bodo Moeller]
+
+ *) Fix to uni2asc() to cope with zero length Unicode strings.
+ These are present in some PKCS#12 files.
+ [Steve Henson]
+
+ *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
+ Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
+ when writing a 32767 byte record.
+ [Bodo Moeller; problem reported by Eric Day <eday at concentric.net>]
+
+ *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
+ obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}.
+
+ (RSA objects have a reference count access to which is protected
+ by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
+ so they are meant to be shared between threads.)
+ [Bodo Moeller, Geoff Thorpe; original patch submitted by
+ "Reddie, Steven" <Steven.Reddie at ca.com>]
+
+ *) Fix a deadlock in CRYPTO_mem_leaks().
+ [Bodo Moeller]
+
+ *) Use better test patterns in bntest.
+ [Ulf Möller]
+
+ *) rand_win.c fix for Borland C.
+ [Ulf Möller]
+
+ *) BN_rshift bugfix for n == 0.
+ [Bodo Moeller]
+
+ *) Add a 'bctest' script that checks for some known 'bc' bugs
+ so that 'make test' does not abort just because 'bc' is broken.
+ [Bodo Moeller]
+
+ *) Store verify_result within SSL_SESSION also for client side to
+ avoid potential security hole. (Re-used sessions on the client side
+ always resulted in verify_result==X509_V_OK, not using the original
+ result of the server certificate verification.)
+ [Lutz Jaenicke]
+
+ *) Fix ssl3_pending: If the record in s->s3->rrec is not of type
+ SSL3_RT_APPLICATION_DATA, return 0.
+ Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true.
+ [Bodo Moeller]
+
+ *) Fix SSL_peek:
+ Both ssl2_peek and ssl3_peek, which were totally broken in earlier
+ releases, have been re-implemented by renaming the previous
+ implementations of ssl2_read and ssl3_read to ssl2_read_internal
+ and ssl3_read_internal, respectively, and adding 'peek' parameters
+ to them. The new ssl[23]_{read,peek} functions are calls to
+ ssl[23]_read_internal with the 'peek' flag set appropriately.
+ A 'peek' parameter has also been added to ssl3_read_bytes, which
+ does the actual work for ssl3_read_internal.
+ [Bodo Moeller]
+
+ *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
+ the method-specific "init()" handler. Also clean up ex_data after
+ calling the method-specific "finish()" handler. Previously, this was
+ happening the other way round.
+ [Geoff Thorpe]
+
+ *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16.
+ The previous value, 12, was not always sufficient for BN_mod_exp().
+ [Bodo Moeller]
+
+ *) Make sure that shared libraries get the internal name engine with
+ the full version number and not just 0. This should mark the
+ shared libraries as not backward compatible. Of course, this should
+ be changed again when we can guarantee backward binary compatibility.
+ [Richard Levitte]
+
+ *) Fix typo in get_cert_by_subject() in by_dir.c
+ [Jean-Marc Desperrier <jean-marc.desperrier at certplus.com>]
+
+ *) Rework the system to generate shared libraries:
+
+ - Make note of the expected extension for the shared libraries and
+ if there is a need for symbolic links from for example libcrypto.so.0
+ to libcrypto.so.0.9.7. There is extended info in Configure for
+ that.
+
+ - Make as few rebuilds of the shared libraries as possible.
+
+ - Still avoid linking the OpenSSL programs with the shared libraries.
+
+ - When installing, install the shared libraries separately from the
+ static ones.
+ [Richard Levitte]
+
+ *) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
+
+ Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
+ and not in SSL_clear because the latter is also used by the
+ accept/connect functions; previously, the settings made by
+ SSL_set_read_ahead would be lost during the handshake.
+ [Bodo Moeller; problems reported by Anders Gertz <gertz at epact.se>]
+
+ *) Correct util/mkdef.pl to be selective about disabled algorithms.
+ Previously, it would create entries for disableed algorithms no
+ matter what.
+ [Richard Levitte]
+
+ *) Added several new manual pages for SSL_* function.
+ [Lutz Jaenicke]
+
+ Changes between 0.9.5a and 0.9.6 [24 Sep 2000]
+
+ *) In ssl23_get_client_hello, generate an error message when faced
+ with an initial SSL 3.0/TLS record that is too small to contain the
+ first two bytes of the ClientHello message, i.e. client_version.
+ (Note that this is a pathologic case that probably has never happened
+ in real life.) The previous approach was to use the version number
+ from the record header as a substitute; but our protocol choice
+ should not depend on that one because it is not authenticated
+ by the Finished messages.
+ [Bodo Moeller]
+
+ *) More robust randomness gathering functions for Windows.
+ [Jeffrey Altman <jaltman at columbia.edu>]
+
+ *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
+ not set then we don't setup the error code for issuer check errors
+ to avoid possibly overwriting other errors which the callback does
+ handle. If an application does set the flag then we assume it knows
+ what it is doing and can handle the new informational codes
+ appropriately.
+ [Steve Henson]
+
+ *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
+ a general "ANY" type, as such it should be able to decode anything
+ including tagged types. However it didn't check the class so it would
+ wrongly interpret tagged types in the same way as their universal
+ counterpart and unknown types were just rejected. Changed so that the
+ tagged and unknown types are handled in the same way as a SEQUENCE:
+ that is the encoding is stored intact. There is also a new type
+ "V_ASN1_OTHER" which is used when the class is not universal, in this
+ case we have no idea what the actual type is so we just lump them all
+ together.
+ [Steve Henson]
+
+ *) On VMS, stdout may very well lead to a file that is written to
+ in a record-oriented fashion. That means that every write() will
+ write a separate record, which will be read separately by the
+ programs trying to read from it. This can be very confusing.
+
+ The solution is to put a BIO filter in the way that will buffer
+ text until a linefeed is reached, and then write everything a
+ line at a time, so every record written will be an actual line,
+ not chunks of lines and not (usually doesn't happen, but I've
+ seen it once) several lines in one record. BIO_f_linebuffer() is
+ the answer.
+
+ Currently, it's a VMS-only method, because that's where it has
+ been tested well enough.
+ [Richard Levitte]
+
+ *) Remove 'optimized' squaring variant in BN_mod_mul_montgomery,
+ it can return incorrect results.
+ (Note: The buggy variant was not enabled in OpenSSL 0.9.5a,
+ but it was in 0.9.6-beta[12].)
+ [Bodo Moeller]
+
+ *) Disable the check for content being present when verifying detached
+ signatures in pk7_smime.c. Some versions of Netscape (wrongly)
+ include zero length content when signing messages.
+ [Steve Henson]
+
+ *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
+ BIO_ctrl (for BIO pairs).
+ [Bodo Möller]
+
+ *) Add DSO method for VMS.
+ [Richard Levitte]
+
+ *) Bug fix: Montgomery multiplication could produce results with the
+ wrong sign.
+ [Ulf Möller]
+
+ *) Add RPM specification openssl.spec and modify it to build three
+ packages. The default package contains applications, application
+ documentation and run-time libraries. The devel package contains
+ include files, static libraries and function documentation. The
+ doc package contains the contents of the doc directory. The original
+ openssl.spec was provided by Damien Miller <djm at mindrot.org>.
+ [Richard Levitte]
+
+ *) Add a large number of documentation files for many SSL routines.
+ [Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>]
+
+ *) Add a configuration entry for Sony News 4.
+ [NAKAJI Hiroyuki <nakaji at tutrp.tut.ac.jp>]
+
+ *) Don't set the two most significant bits to one when generating a
+ random number < q in the DSA library.
+ [Ulf Möller]
+
+ *) New SSL API mode 'SSL_MODE_AUTO_RETRY'. This disables the default
+ behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if
+ the underlying transport is blocking) if a handshake took place.
+ (The default behaviour is needed by applications such as s_client
+ and s_server that use select() to determine when to use SSL_read;
+ but for applications that know in advance when to expect data, it
+ just makes things more complicated.)
+ [Bodo Moeller]
+
+ *) Add RAND_egd_bytes(), which gives control over the number of bytes read
+ from EGD.
+ [Ben Laurie]
+
+ *) Add a few more EBCDIC conditionals that make `req' and `x509'
+ work better on such systems.
+ [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>]
+
+ *) Add two demo programs for PKCS12_parse() and PKCS12_create().
+ Update PKCS12_parse() so it copies the friendlyName and the
+ keyid to the certificates aux info.
+ [Steve Henson]
+
+ *) Fix bug in PKCS7_verify() which caused an infinite loop
+ if there was more than one signature.
+ [Sven Uszpelkat <su at celocom.de>]
+
+ *) Major change in util/mkdef.pl to include extra information
+ about each symbol, as well as presentig variables as well
+ as functions. This change means that there's n more need
+ to rebuild the .num files when some algorithms are excluded.
+ [Richard Levitte]
+
+ *) Allow the verify time to be set by an application,
+ rather than always using the current time.
+ [Steve Henson]
+
+ *) Phase 2 verify code reorganisation. The certificate
+ verify code now looks up an issuer certificate by a
+ number of criteria: subject name, authority key id
+ and key usage. It also verifies self signed certificates
+ by the same criteria. The main comparison function is
+ X509_check_issued() which performs these checks.
+
+ Lot of changes were necessary in order to support this
+ without completely rewriting the lookup code.
+
+ Authority and subject key identifier are now cached.
+
+ The LHASH 'certs' is X509_STORE has now been replaced
+ by a STACK_OF(X509_OBJECT). This is mainly because an
+ LHASH can't store or retrieve multiple objects with
+ the same hash value.
+
+ As a result various functions (which were all internal
+ use only) have changed to handle the new X509_STORE
+ structure. This will break anything that messed round
+ with X509_STORE internally.
+
+ The functions X509_STORE_add_cert() now checks for an
+ exact match, rather than just subject name.
+
+ The X509_STORE API doesn't directly support the retrieval
+ of multiple certificates matching a given criteria, however
+ this can be worked round by performing a lookup first
+ (which will fill the cache with candidate certificates)
+ and then examining the cache for matches. This is probably
+ the best we can do without throwing out X509_LOOKUP
+ entirely (maybe later...).
+
+ The X509_VERIFY_CTX structure has been enhanced considerably.
+
+ All certificate lookup operations now go via a get_issuer()
+ callback. Although this currently uses an X509_STORE it
+ can be replaced by custom lookups. This is a simple way
+ to bypass the X509_STORE hackery necessary to make this
+ work and makes it possible to use more efficient techniques
+ in future. A very simple version which uses a simple
+ STACK for its trusted certificate store is also provided
+ using X509_STORE_CTX_trusted_stack().
+
+ The verify_cb() and verify() callbacks now have equivalents
+ in the X509_STORE_CTX structure.
+
+ X509_STORE_CTX also has a 'flags' field which can be used
+ to customise the verify behaviour.
+ [Steve Henson]
+
+ *) Add new PKCS#7 signing option PKCS7_NOSMIMECAP which
+ excludes S/MIME capabilities.
+ [Steve Henson]
+
+ *) When a certificate request is read in keep a copy of the
+ original encoding of the signed data and use it when outputing
+ again. Signatures then use the original encoding rather than
+ a decoded, encoded version which may cause problems if the
+ request is improperly encoded.
+ [Steve Henson]
+
+ *) For consistency with other BIO_puts implementations, call
+ buffer_write(b, ...) directly in buffer_puts instead of calling
+ BIO_write(b, ...).
+
+ In BIO_puts, increment b->num_write as in BIO_write.
+ [Peter.Sylvester at EdelWeb.fr]
+
+ *) Fix BN_mul_word for the case where the word is 0. (We have to use
+ BN_zero, we may not return a BIGNUM with an array consisting of
+ words set to zero.)
+ [Bodo Moeller]
+
+ *) Avoid calling abort() from within the library when problems are
+ detected, except if preprocessor symbols have been defined
+ (such as REF_CHECK, BN_DEBUG etc.).
+ [Bodo Moeller]
+
+ *) New openssl application 'rsautl'. This utility can be
+ used for low level RSA operations. DER public key
+ BIO/fp routines also added.
+ [Steve Henson]
+
+ *) New Configure entry and patches for compiling on QNX 4.
+ [Andreas Schneider <andreas at ds3.etech.fh-hamburg.de>]
+
+ *) A demo state-machine implementation was sponsored by
+ Nuron (http://www.nuron.com/) and is now available in
+ demos/state_machine.
+ [Ben Laurie]
+
+ *) New options added to the 'dgst' utility for signature
+ generation and verification.
+ [Steve Henson]
+
+ *) Unrecognized PKCS#7 content types are now handled via a
+ catch all ASN1_TYPE structure. This allows unsupported
+ types to be stored as a "blob" and an application can
+ encode and decode it manually.
+ [Steve Henson]
+
+ *) Fix various signed/unsigned issues to make a_strex.c
+ compile under VC++.
+ [Oscar Jacobsson <oscar.jacobsson at celocom.com>]
+
+ *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
+ length if passed a buffer. ASN1_INTEGER_to_BN failed
+ if passed a NULL BN and its argument was negative.
+ [Steve Henson, pointed out by Sven Heiberg <sven at tartu.cyber.ee>]
+
+ *) Modification to PKCS#7 encoding routines to output definite
+ length encoding. Since currently the whole structures are in
+ memory there's not real point in using indefinite length
+ constructed encoding. However if OpenSSL is compiled with
+ the flag PKCS7_INDEFINITE_ENCODING the old form is used.
+ [Steve Henson]
+
+ *) Added BIO_vprintf() and BIO_vsnprintf().
+ [Richard Levitte]
+
+ *) Added more prefixes to parse for in the the strings written
+ through a logging bio, to cover all the levels that are available
+ through syslog. The prefixes are now:
+
+ PANIC, EMERG, EMR => LOG_EMERG
+ ALERT, ALR => LOG_ALERT
+ CRIT, CRI => LOG_CRIT
+ ERROR, ERR => LOG_ERR
+ WARNING, WARN, WAR => LOG_WARNING
+ NOTICE, NOTE, NOT => LOG_NOTICE
+ INFO, INF => LOG_INFO
+ DEBUG, DBG => LOG_DEBUG
+
+ and as before, if none of those prefixes are present at the
+ beginning of the string, LOG_ERR is chosen.
+
+ On Win32, the LOG_* levels are mapped according to this:
+
+ LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE
+ LOG_WARNING => EVENTLOG_WARNING_TYPE
+ LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE
+
+ [Richard Levitte]
+
+ *) Made it possible to reconfigure with just the configuration
+ argument "reconf" or "reconfigure". The command line arguments
+ are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
+ and are retrieved from there when reconfiguring.
+ [Richard Levitte]
+
+ *) MD4 implemented.
+ [Assar Westerlund <assar at sics.se>, Richard Levitte]
+
+ *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
+ [Richard Levitte]
+
+ *) The obj_dat.pl script was messing up the sorting of object
+ names. The reason was that it compared the quoted version
+ of strings as a result "OCSP" > "OCSP Signing" because
+ " > SPACE. Changed script to store unquoted versions of
+ names and add quotes on output. It was also omitting some
+ names from the lookup table if they were given a default
+ value (that is if SN is missing it is given the same
+ value as LN and vice versa), these are now added on the
+ grounds that if an object has a name we should be able to
+ look it up. Finally added warning output when duplicate
+ short or long names are found.
+ [Steve Henson]
+
+ *) Changes needed for Tandem NSK.
+ [Scott Uroff <scott at xypro.com>]
+
+ *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
+ RSA_padding_check_SSLv23(), special padding was never detected
+ and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
+ version rollback attacks was not effective.
+
+ In s23_clnt.c, don't use special rollback-attack detection padding
+ (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
+ client; similarly, in s23_srvr.c, don't do the rollback check if
+ SSL 2.0 is the only protocol enabled in the server.
+ [Bodo Moeller]
+
+ *) Make it possible to get hexdumps of unprintable data with 'openssl
+ asn1parse'. By implication, the functions ASN1_parse_dump() and
+ BIO_dump_indent() are added.
+ [Richard Levitte]
+
+ *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
+ these print out strings and name structures based on various
+ flags including RFC2253 support and proper handling of
+ multibyte characters. Added options to the 'x509' utility
+ to allow the various flags to be set.
+ [Steve Henson]
+
+ *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
+ Also change the functions X509_cmp_current_time() and
+ X509_gmtime_adj() work with an ASN1_TIME structure,
+ this will enable certificates using GeneralizedTime in validity
+ dates to be checked.
+ [Steve Henson]
+
+ *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
+ negative public key encodings) on by default,
+ NO_NEG_PUBKEY_BUG can be set to disable it.
+ [Steve Henson]
+
+ *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
+ content octets. An i2c_ASN1_OBJECT is unnecessary because
+ the encoding can be trivially obtained from the structure.
+ [Steve Henson]
+
+ *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
+ not read locks (CRYPTO_r_[un]lock).
+ [Bodo Moeller]
+
+ *) A first attempt at creating official support for shared
+ libraries through configuration. I've kept it so the
+ default is static libraries only, and the OpenSSL programs
+ are always statically linked for now, but there are
+ preparations for dynamic linking in place.
+ This has been tested on Linux and Tru64.
+ [Richard Levitte]
+
+ *) Randomness polling function for Win9x, as described in:
+ Peter Gutmann, Software Generation of Practically Strong
+ Random Numbers.
+ [Ulf Möller]
+
+ *) Fix so PRNG is seeded in req if using an already existing
+ DSA key.
+ [Steve Henson]
+
+ *) New options to smime application. -inform and -outform
+ allow alternative formats for the S/MIME message including
+ PEM and DER. The -content option allows the content to be
+ specified separately. This should allow things like Netscape
+ form signing output easier to verify.
+ [Steve Henson]
+
+ *) Fix the ASN1 encoding of tags using the 'long form'.
+ [Steve Henson]
+
+ *) New ASN1 functions, i2c_* and c2i_* for INTEGER and BIT
+ STRING types. These convert content octets to and from the
+ underlying type. The actual tag and length octets are
+ already assumed to have been read in and checked. These
+ are needed because all other string types have virtually
+ identical handling apart from the tag. By having versions
+ of the ASN1 functions that just operate on content octets
+ IMPLICIT tagging can be handled properly. It also allows
+ the ASN1_ENUMERATED code to be cut down because ASN1_ENUMERATED
+ and ASN1_INTEGER are identical apart from the tag.
+ [Steve Henson]
+
+ *) Change the handling of OID objects as follows:
+
+ - New object identifiers are inserted in objects.txt, following
+ the syntax given in objects.README.
+ - objects.pl is used to process obj_mac.num and create a new
+ obj_mac.h.
+ - obj_dat.pl is used to create a new obj_dat.h, using the data in
+ obj_mac.h.
+
+ This is currently kind of a hack, and the perl code in objects.pl
+ isn't very elegant, but it works as I intended. The simplest way
+ to check that it worked correctly is to look in obj_dat.h and
+ check the array nid_objs and make sure the objects haven't moved
+ around (this is important!). Additions are OK, as well as
+ consistent name changes.
+ [Richard Levitte]
+
+ *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
+ [Bodo Moeller]
+
+ *) Addition of the command line parameter '-rand file' to 'openssl req'.
+ The given file adds to whatever has already been seeded into the
+ random pool through the RANDFILE configuration file option or
+ environment variable, or the default random state file.
+ [Richard Levitte]
+
+ *) mkstack.pl now sorts each macro group into lexical order.
+ Previously the output order depended on the order the files
+ appeared in the directory, resulting in needless rewriting
+ of safestack.h .
+ [Steve Henson]
+
+ *) Patches to make OpenSSL compile under Win32 again. Mostly
+ work arounds for the VC++ problem that it treats func() as
+ func(void). Also stripped out the parts of mkdef.pl that
+ added extra typesafe functions: these no longer exist.
+ [Steve Henson]
+
+ *) Reorganisation of the stack code. The macros are now all
+ collected in safestack.h . Each macro is defined in terms of
+ a "stack macro" of the form SKM_<name>(type, a, b). The
+ DEBUG_SAFESTACK is now handled in terms of function casts,
+ this has the advantage of retaining type safety without the
+ use of additional functions. If DEBUG_SAFESTACK is not defined
+ then the non typesafe macros are used instead. Also modified the
+ mkstack.pl script to handle the new form. Needs testing to see
+ if which (if any) compilers it chokes and maybe make DEBUG_SAFESTACK
+ the default if no major problems. Similar behaviour for ASN1_SET_OF
+ and PKCS12_STACK_OF.
+ [Steve Henson]
+
+ *) When some versions of IIS use the 'NET' form of private key the
+ key derivation algorithm is different. Normally MD5(password) is
+ used as a 128 bit RC4 key. In the modified case
+ MD5(MD5(password) + "SGCKEYSALT") is used insted. Added some
+ new functions i2d_RSA_NET(), d2i_RSA_NET() etc which are the same
+ as the old Netscape_RSA functions except they have an additional
+ 'sgckey' parameter which uses the modified algorithm. Also added
+ an -sgckey command line option to the rsa utility. Thanks to
+ Adrian Peck <bertie at ncipher.com> for posting details of the modified
+ algorithm to openssl-dev.
+ [Steve Henson]
+
+ *) The evp_local.h macros were using 'c.##kname' which resulted in
+ invalid expansion on some systems (SCO 5.0.5 for example).
+ Corrected to 'c.kname'.
+ [Phillip Porch <root at theporch.com>]
+
+ *) New X509_get1_email() and X509_REQ_get1_email() functions that return
+ a STACK of email addresses from a certificate or request, these look
+ in the subject name and the subject alternative name extensions and
+ omit any duplicate addresses.
+ [Steve Henson]
+
+ *) Re-implement BN_mod_exp2_mont using independent (and larger) windows.
+ This makes DSA verification about 2 % faster.
+ [Bodo Moeller]
+
+ *) Increase maximum window size in BN_mod_exp_... to 6 bits instead of 5
+ (meaning that now 2^5 values will be precomputed, which is only 4 KB
+ plus overhead for 1024 bit moduli).
+ This makes exponentiations about 0.5 % faster for 1024 bit
+ exponents (as measured by "openssl speed rsa2048").
+ [Bodo Moeller]
+
+ *) Rename memory handling macros to avoid conflicts with other
+ software:
+ Malloc => OPENSSL_malloc
+ Malloc_locked => OPENSSL_malloc_locked
+ Realloc => OPENSSL_realloc
+ Free => OPENSSL_free
+ [Richard Levitte]
+
+ *) New function BN_mod_exp_mont_word for small bases (roughly 15%
+ faster than BN_mod_exp_mont, i.e. 7% for a full DH exchange).
+ [Bodo Moeller]
+
+ *) CygWin32 support.
+ [John Jarvie <jjarvie at newsguy.com>]
+
+ *) The type-safe stack code has been rejigged. It is now only compiled
+ in when OpenSSL is configured with the DEBUG_SAFESTACK option and
+ by default all type-specific stack functions are "#define"d back to
+ standard stack functions. This results in more streamlined output
+ but retains the type-safety checking possibilities of the original
+ approach.
+ [Geoff Thorpe]
+
+ *) The STACK code has been cleaned up, and certain type declarations
+ that didn't make a lot of sense have been brought in line. This has
+ also involved a cleanup of sorts in safestack.h to more correctly
+ map type-safe stack functions onto their plain stack counterparts.
+ This work has also resulted in a variety of "const"ifications of
+ lots of the code, especially "_cmp" operations which should normally
+ be prototyped with "const" parameters anyway.
+ [Geoff Thorpe]
+
+ *) When generating bytes for the first time in md_rand.c, 'stir the pool'
+ by seeding with STATE_SIZE dummy bytes (with zero entropy count).
+ (The PRNG state consists of two parts, the large pool 'state' and 'md',
+ where all of 'md' is used each time the PRNG is used, but 'state'
+ is used only indexed by a cyclic counter. As entropy may not be
+ well distributed from the beginning, 'md' is important as a
+ chaining variable. However, the output function chains only half
+ of 'md', i.e. 80 bits. ssleay_rand_add, on the other hand, chains
+ all of 'md', and seeding with STATE_SIZE dummy bytes will result
+ in all of 'state' being rewritten, with the new values depending
+ on virtually all of 'md'. This overcomes the 80 bit limitation.)
+ [Bodo Moeller]
+
+ *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when
+ the handshake is continued after ssl_verify_cert_chain();
+ otherwise, if SSL_VERIFY_NONE is set, remaining error codes
+ can lead to 'unexplainable' connection aborts later.
+ [Bodo Moeller; problem tracked down by Lutz Jaenicke]
+
+ *) Major EVP API cipher revision.
+ Add hooks for extra EVP features. This allows various cipher
+ parameters to be set in the EVP interface. Support added for variable
+ key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and
+ setting of RC2 and RC5 parameters.
+
+ Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length
+ ciphers.
+
+ Remove lots of duplicated code from the EVP library. For example *every*
+ cipher init() function handles the 'iv' in the same way according to the
+ cipher mode. They also all do nothing if the 'key' parameter is NULL and
+ for CFB and OFB modes they zero ctx->num.
+
+ New functionality allows removal of S/MIME code RC2 hack.
+
+ Most of the routines have the same form and so can be declared in terms
+ of macros.
+
+ By shifting this to the top level EVP_CipherInit() it can be removed from
+ all individual ciphers. If the cipher wants to handle IVs or keys
+ differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT
+ flags.
+
+ Change lots of functions like EVP_EncryptUpdate() to now return a
+ value: although software versions of the algorithms cannot fail
+ any installed hardware versions can.
+ [Steve Henson]
+
+ *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if
+ this option is set, tolerate broken clients that send the negotiated
+ protocol version number instead of the requested protocol version
+ number.
+ [Bodo Moeller]
+
+ *) Call dh_tmp_cb (set by ..._TMP_DH_CB) with correct 'is_export' flag;
+ i.e. non-zero for export ciphersuites, zero otherwise.
+ Previous versions had this flag inverted, inconsistent with
+ rsa_tmp_cb (..._TMP_RSA_CB).
+ [Bodo Moeller; problem reported by Amit Chopra]
+
+ *) Add missing DSA library text string. Work around for some IIS
+ key files with invalid SEQUENCE encoding.
+ [Steve Henson]
+
+ *) Add a document (doc/standards.txt) that list all kinds of standards
+ and so on that are implemented in OpenSSL.
+ [Richard Levitte]
+
+ *) Enhance c_rehash script. Old version would mishandle certificates
+ with the same subject name hash and wouldn't handle CRLs at all.
+ Added -fingerprint option to crl utility, to support new c_rehash
+ features.
+ [Steve Henson]
+
+ *) Eliminate non-ANSI declarations in crypto.h and stack.h.
+ [Ulf Möller]
+
+ *) Fix for SSL server purpose checking. Server checking was
+ rejecting certificates which had extended key usage present
+ but no ssl client purpose.
+ [Steve Henson, reported by Rene Grosser <grosser at hisolutions.com>]
+
+ *) Make PKCS#12 code work with no password. The PKCS#12 spec
+ is a little unclear about how a blank password is handled.
+ Since the password in encoded as a BMPString with terminating
+ double NULL a zero length password would end up as just the
+ double NULL. However no password at all is different and is
+ handled differently in the PKCS#12 key generation code. NS
+ treats a blank password as zero length. MSIE treats it as no
+ password on export: but it will try both on import. We now do
+ the same: PKCS12_parse() tries zero length and no password if
+ the password is set to "" or NULL (NULL is now a valid password:
+ it wasn't before) as does the pkcs12 application.
+ [Steve Henson]
+
+ *) Bugfixes in apps/x509.c: Avoid a memory leak; and don't use
+ perror when PEM_read_bio_X509_REQ fails, the error message must
+ be obtained from the error queue.
+ [Bodo Moeller]
+
+ *) Avoid 'thread_hash' memory leak in crypto/err/err.c by freeing
+ it in ERR_remove_state if appropriate, and change ERR_get_state
+ accordingly to avoid race conditions (this is necessary because
+ thread_hash is no longer constant once set).
+ [Bodo Moeller]
+
+ *) Bugfix for linux-elf makefile.one.
+ [Ulf Möller]
+
+ *) RSA_get_default_method() will now cause a default
+ RSA_METHOD to be chosen if one doesn't exist already.
+ Previously this was only set during a call to RSA_new()
+ or RSA_new_method(NULL) meaning it was possible for
+ RSA_get_default_method() to return NULL.
+ [Geoff Thorpe]
+
+ *) Added native name translation to the existing DSO code
+ that will convert (if the flag to do so is set) filenames
+ that are sufficiently small and have no path information
+ into a canonical native form. Eg. "blah" converted to
+ "libblah.so" or "blah.dll" etc.
+ [Geoff Thorpe]
+
+ *) New function ERR_error_string_n(e, buf, len) which is like
+ ERR_error_string(e, buf), but writes at most 'len' bytes
+ including the 0 terminator. For ERR_error_string_n, 'buf'
+ may not be NULL.
+ [Damien Miller <djm at mindrot.org>, Bodo Moeller]
+
+ *) CONF library reworked to become more general. A new CONF
+ configuration file reader "class" is implemented as well as a
+ new functions (NCONF_*, for "New CONF") to handle it. The now
+ old CONF_* functions are still there, but are reimplemented to
+ work in terms of the new functions. Also, a set of functions
+ to handle the internal storage of the configuration data is
+ provided to make it easier to write new configuration file
+ reader "classes" (I can definitely see something reading a
+ configuration file in XML format, for example), called _CONF_*,
+ or "the configuration storage API"...
+
+ The new configuration file reading functions are:
+
+ NCONF_new, NCONF_free, NCONF_load, NCONF_load_fp, NCONF_load_bio,
+ NCONF_get_section, NCONF_get_string, NCONF_get_numbre
+
+ NCONF_default, NCONF_WIN32
+
+ NCONF_dump_fp, NCONF_dump_bio
+
+ NCONF_default and NCONF_WIN32 are method (or "class") choosers,
+ NCONF_new creates a new CONF object. This works in the same way
+ as other interfaces in OpenSSL, like the BIO interface.
+ NCONF_dump_* dump the internal storage of the configuration file,
+ which is useful for debugging. All other functions take the same
+ arguments as the old CONF_* functions wth the exception of the
+ first that must be a `CONF *' instead of a `LHASH *'.
+
+ To make it easer to use the new classes with the old CONF_* functions,
+ the function CONF_set_default_method is provided.
+ [Richard Levitte]
+
+ *) Add '-tls1' option to 'openssl ciphers', which was already
+ mentioned in the documentation but had not been implemented.
+ (This option is not yet really useful because even the additional
+ experimental TLS 1.0 ciphers are currently treated as SSL 3.0 ciphers.)
+ [Bodo Moeller]
+
+ *) Initial DSO code added into libcrypto for letting OpenSSL (and
+ OpenSSL-based applications) load shared libraries and bind to
+ them in a portable way.
+ [Geoff Thorpe, with contributions from Richard Levitte]
+
+ Changes between 0.9.5 and 0.9.5a [1 Apr 2000]
+
+ *) Make sure _lrotl and _lrotr are only used with MSVC.
+
+ *) Use lock CRYPTO_LOCK_RAND correctly in ssleay_rand_status
+ (the default implementation of RAND_status).
+
+ *) Rename openssl x509 option '-crlext', which was added in 0.9.5,
+ to '-clrext' (= clear extensions), as intended and documented.
+ [Bodo Moeller; inconsistency pointed out by Michael Attili
+ <attili at amaxo.com>]
+
+ *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length
+ was larger than the MD block size.
+ [Steve Henson, pointed out by Yost William <YostW at tce.com>]
+
+ *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
+ fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
+ using the passed key: if the passed key was a private key the result
+ of X509_print(), for example, would be to print out all the private key
+ components.
+ [Steve Henson]
+
+ *) des_quad_cksum() byte order bug fix.
+ [Ulf Möller, using the problem description in krb4-0.9.7, where
+ the solution is attributed to Derrick J Brashear <shadow at DEMENTIA.ORG>]
+
+ *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly
+ discouraged.
+ [Steve Henson, pointed out by Brian Korver <briank at cs.stanford.edu>]
+
+ *) For easily testing in shell scripts whether some command
+ 'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
+ returns with exit code 0 iff no command of the given name is available.
+ 'no-XXX' is printed in this case, 'XXX' otherwise. In both cases,
+ the output goes to stdout and nothing is printed to stderr.
+ Additional arguments are always ignored.
+
+ Since for each cipher there is a command of the same name,
+ the 'no-cipher' compilation switches can be tested this way.
+
+ ('openssl no-XXX' is not able to detect pseudo-commands such
+ as 'quit', 'list-XXX-commands', or 'no-XXX' itself.)
+ [Bodo Moeller]
+
+ *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
+ [Bodo Moeller]
+
+ *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
+ is set; it will be thrown away anyway because each handshake creates
+ its own key.
+ ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition
+ to parameters -- in previous versions (since OpenSSL 0.9.3) the
+ 'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining
+ you effectivly got SSL_OP_SINGLE_DH_USE when using this macro.
+ [Bodo Moeller]
+
+ *) New s_client option -ign_eof: EOF at stdin is ignored, and
+ 'Q' and 'R' lose their special meanings (quit/renegotiate).
+ This is part of what -quiet does; unlike -quiet, -ign_eof
+ does not suppress any output.
+ [Richard Levitte]
+
+ *) Add compatibility options to the purpose and trust code. The
+ purpose X509_PURPOSE_ANY is "any purpose" which automatically
+ accepts a certificate or CA, this was the previous behaviour,
+ with all the associated security issues.
+
+ X509_TRUST_COMPAT is the old trust behaviour: only and
+ automatically trust self signed roots in certificate store. A
+ new trust setting X509_TRUST_DEFAULT is used to specify that
+ a purpose has no associated trust setting and it should instead
+ use the value in the default purpose.
+ [Steve Henson]
+
+ *) Fix the PKCS#8 DSA private key code so it decodes keys again
+ and fix a memory leak.
+ [Steve Henson]
+
+ *) In util/mkerr.pl (which implements 'make errors'), preserve
+ reason strings from the previous version of the .c file, as
+ the default to have only downcase letters (and digits) in
+ automatically generated reasons codes is not always appropriate.
+ [Bodo Moeller]
+
+ *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table
+ using strerror. Previously, ERR_reason_error_string() returned
+ library names as reason strings for SYSerr; but SYSerr is a special
+ case where small numbers are errno values, not library numbers.
+ [Bodo Moeller]
+
+ *) Add '-dsaparam' option to 'openssl dhparam' application. This
+ converts DSA parameters into DH parameters. (When creating parameters,
+ DSA_generate_parameters is used.)
+ [Bodo Moeller]
+
+ *) Include 'length' (recommended exponent length) in C code generated
+ by 'openssl dhparam -C'.
+ [Bodo Moeller]
+
+ *) The second argument to set_label in perlasm was already being used
+ so couldn't be used as a "file scope" flag. Moved to third argument
+ which was free.
+ [Steve Henson]
+
+ *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
+ instead of RAND_bytes for encryption IVs and salts.
+ [Bodo Moeller]
+
+ *) Include RAND_status() into RAND_METHOD instead of implementing
+ it only for md_rand.c Otherwise replacing the PRNG by calling
+ RAND_set_rand_method would be impossible.
+ [Bodo Moeller]
+
+ *) Don't let DSA_generate_key() enter an infinite loop if the random
+ number generation fails.
+ [Bodo Moeller]
+
+ *) New 'rand' application for creating pseudo-random output.
+ [Bodo Moeller]
+
+ *) Added configuration support for Linux/IA64
+ [Rolf Haberrecker <rolf at suse.de>]
+
+ *) Assembler module support for Mingw32.
+ [Ulf Möller]
+
+ *) Shared library support for HPUX (in shlib/).
+ [Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE> and Anonymous]
+
+ *) Shared library support for Solaris gcc.
+ [Lutz Behnke <behnke at trustcenter.de>]
+
+ Changes between 0.9.4 and 0.9.5 [28 Feb 2000]
+
+ *) PKCS7_encrypt() was adding text MIME headers twice because they
+ were added manually and by SMIME_crlf_copy().
+ [Steve Henson]
+
+ *) In bntest.c don't call BN_rand with zero bits argument.
+ [Steve Henson, pointed out by Andrew W. Gray <agray at iconsinc.com>]
+
+ *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n]
+ case was implemented. This caused BN_div_recp() to fail occasionally.
+ [Ulf Möller]
+
+ *) Add an optional second argument to the set_label() in the perl
+ assembly language builder. If this argument exists and is set
+ to 1 it signals that the assembler should use a symbol whose
+ scope is the entire file, not just the current function. This
+ is needed with MASM which uses the format label:: for this scope.
+ [Steve Henson, pointed out by Peter Runestig <peter at runestig.com>]
+
+ *) Change the ASN1 types so they are typedefs by default. Before
+ almost all types were #define'd to ASN1_STRING which was causing
+ STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING)
+ for example.
+ [Steve Henson]
+
+ *) Change names of new functions to the new get1/get0 naming
+ convention: After 'get1', the caller owns a reference count
+ and has to call ..._free; 'get0' returns a pointer to some
+ data structure without incrementing reference counters.
+ (Some of the existing 'get' functions increment a reference
+ counter, some don't.)
+ Similarly, 'set1' and 'add1' functions increase reference
+ counters or duplicate objects.
+ [Steve Henson]
+
+ *) Allow for the possibility of temp RSA key generation failure:
+ the code used to assume it always worked and crashed on failure.
+ [Steve Henson]
+
+ *) Fix potential buffer overrun problem in BIO_printf().
+ [Ulf Möller, using public domain code by Patrick Powell; problem
+ pointed out by David Sacerdote <das33 at cornell.edu>]
+
+ *) Support EGD <http://www.lothar.com/tech/crypto/>. New functions
+ RAND_egd() and RAND_status(). In the command line application,
+ the EGD socket can be specified like a seed file using RANDFILE
+ or -rand.
+ [Ulf Möller]
+
+ *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures.
+ Some CAs (e.g. Verisign) distribute certificates in this form.
+ [Steve Henson]
+
+ *) Remove the SSL_ALLOW_ADH compile option and set the default cipher
+ list to exclude them. This means that no special compilation option
+ is needed to use anonymous DH: it just needs to be included in the
+ cipher list.
+ [Steve Henson]
+
+ *) Change the EVP_MD_CTX_type macro so its meaning consistent with
+ EVP_MD_type. The old functionality is available in a new macro called
+ EVP_MD_md(). Change code that uses it and update docs.
+ [Steve Henson]
+
+ *) ..._ctrl functions now have corresponding ..._callback_ctrl functions
+ where the 'void *' argument is replaced by a function pointer argument.
+ Previously 'void *' was abused to point to functions, which works on
+ many platforms, but is not correct. As these functions are usually
+ called by macros defined in OpenSSL header files, most source code
+ should work without changes.
+ [Richard Levitte]
+
+ *) <openssl/opensslconf.h> (which is created by Configure) now contains
+ sections with information on -D... compiler switches used for
+ compiling the library so that applications can see them. To enable
+ one of these sections, a pre-processor symbol OPENSSL_..._DEFINES
+ must be defined. E.g.,
+ #define OPENSSL_ALGORITHM_DEFINES
+ #include <openssl/opensslconf.h>
+ defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc.
+ [Richard Levitte, Ulf and Bodo Möller]
+
+ *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS
+ record layer.
+ [Bodo Moeller]
+
+ *) Change the 'other' type in certificate aux info to a STACK_OF
+ X509_ALGOR. Although not an AlgorithmIdentifier as such it has
+ the required ASN1 format: arbitrary types determined by an OID.
+ [Steve Henson]
+
+ *) Add some PEM_write_X509_REQ_NEW() functions and a command line
+ argument to 'req'. This is not because the function is newer or
+ better than others it just uses the work 'NEW' in the certificate
+ request header lines. Some software needs this.
+ [Steve Henson]
+
+ *) Reorganise password command line arguments: now passwords can be
+ obtained from various sources. Delete the PEM_cb function and make
+ it the default behaviour: i.e. if the callback is NULL and the
+ usrdata argument is not NULL interpret it as a null terminated pass
+ phrase. If usrdata and the callback are NULL then the pass phrase
+ is prompted for as usual.
+ [Steve Henson]
+
+ *) Add support for the Compaq Atalla crypto accelerator. If it is installed,
+ the support is automatically enabled. The resulting binaries will
+ autodetect the card and use it if present.
+ [Ben Laurie and Compaq Inc.]
+
+ *) Work around for Netscape hang bug. This sends certificate request
+ and server done in one record. Since this is perfectly legal in the
+ SSL/TLS protocol it isn't a "bug" option and is on by default. See
+ the bugs/SSLv3 entry for more info.
+ [Steve Henson]
+
+ *) HP-UX tune-up: new unified configs, HP C compiler bug workaround.
+ [Andy Polyakov]
+
+ *) Add -rand argument to smime and pkcs12 applications and read/write
+ of seed file.
+ [Steve Henson]
+
+ *) New 'passwd' tool for crypt(3) and apr1 password hashes.
+ [Bodo Moeller]
+
+ *) Add command line password options to the remaining applications.
+ [Steve Henson]
+
+ *) Bug fix for BN_div_recp() for numerators with an even number of
+ bits.
+ [Ulf Möller]
+
+ *) More tests in bntest.c, and changed test_bn output.
+ [Ulf Möller]
+
+ *) ./config recognizes MacOS X now.
+ [Andy Polyakov]
+
+ *) Bug fix for BN_div() when the first words of num and divsor are
+ equal (it gave wrong results if (rem=(n1-q*d0)&BN_MASK2) < d0).
+ [Ulf Möller]
+
+ *) Add support for various broken PKCS#8 formats, and command line
+ options to produce them.
+ [Steve Henson]
+
+ *) New functions BN_CTX_start(), BN_CTX_get() and BT_CTX_end() to
+ get temporary BIGNUMs from a BN_CTX.
+ [Ulf Möller]
+
+ *) Correct return values in BN_mod_exp_mont() and BN_mod_exp2_mont()
+ for p == 0.
+ [Ulf Möller]
+
+ *) Change the SSLeay_add_all_*() functions to OpenSSL_add_all_*() and
+ include a #define from the old name to the new. The original intent
+ was that statically linked binaries could for example just call
+ SSLeay_add_all_ciphers() to just add ciphers to the table and not
+ link with digests. This never worked becayse SSLeay_add_all_digests()
+ and SSLeay_add_all_ciphers() were in the same source file so calling
+ one would link with the other. They are now in separate source files.
+ [Steve Henson]
+
+ *) Add a new -notext option to 'ca' and a -pubkey option to 'spkac'.
+ [Steve Henson]
+
+ *) Use a less unusual form of the Miller-Rabin primality test (it used
+ a binary algorithm for exponentiation integrated into the Miller-Rabin
+ loop, our standard modexp algorithms are faster).
+ [Bodo Moeller]
+
+ *) Support for the EBCDIC character set completed.
+ [Martin Kraemer <Martin.Kraemer at Mch.SNI.De>]
+
+ *) Source code cleanups: use const where appropriate, eliminate casts,
+ use void * instead of char * in lhash.
+ [Ulf Möller]
+
+ *) Bugfix: ssl3_send_server_key_exchange was not restartable
+ (the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of
+ this the server could overwrite ephemeral keys that the client
+ has already seen).
+ [Bodo Moeller]
+
+ *) Turn DSA_is_prime into a macro that calls BN_is_prime,
+ using 50 iterations of the Rabin-Miller test.
+
+ DSA_generate_parameters now uses BN_is_prime_fasttest (with 50
+ iterations of the Rabin-Miller test as required by the appendix
+ to FIPS PUB 186[-1]) instead of DSA_is_prime.
+ As BN_is_prime_fasttest includes trial division, DSA parameter
+ generation becomes much faster.
+
+ This implies a change for the callback functions in DSA_is_prime
+ and DSA_generate_parameters: The callback function is called once
+ for each positive witness in the Rabin-Miller test, not just
+ occasionally in the inner loop; and the parameters to the
+ callback function now provide an iteration count for the outer
+ loop rather than for the current invocation of the inner loop.
+ DSA_generate_parameters additionally can call the callback
+ function with an 'iteration count' of -1, meaning that a
+ candidate has passed the trial division test (when q is generated
+ from an application-provided seed, trial division is skipped).
+ [Bodo Moeller]
+
+ *) New function BN_is_prime_fasttest that optionally does trial
+ division before starting the Rabin-Miller test and has
+ an additional BN_CTX * argument (whereas BN_is_prime always
+ has to allocate at least one BN_CTX).
+ 'callback(1, -1, cb_arg)' is called when a number has passed the
+ trial division stage.
+ [Bodo Moeller]
+
+ *) Fix for bug in CRL encoding. The validity dates weren't being handled
+ as ASN1_TIME.
+ [Steve Henson]
+
+ *) New -pkcs12 option to CA.pl script to write out a PKCS#12 file.
+ [Steve Henson]
+
+ *) New function BN_pseudo_rand().
+ [Ulf Möller]
+
+ *) Clean up BN_mod_mul_montgomery(): replace the broken (and unreadable)
+ bignum version of BN_from_montgomery() with the working code from
+ SSLeay 0.9.0 (the word based version is faster anyway), and clean up
+ the comments.
+ [Ulf Möller]
+
+ *) Avoid a race condition in s2_clnt.c (function get_server_hello) that
+ made it impossible to use the same SSL_SESSION data structure in
+ SSL2 clients in multiple threads.
+ [Bodo Moeller]
+
+ *) The return value of RAND_load_file() no longer counts bytes obtained
+ by stat(). RAND_load_file(..., -1) is new and uses the complete file
+ to seed the PRNG (previously an explicit byte count was required).
+ [Ulf Möller, Bodo Möller]
+
+ *) Clean up CRYPTO_EX_DATA functions, some of these didn't have prototypes
+ used (char *) instead of (void *) and had casts all over the place.
+ [Steve Henson]
+
+ *) Make BN_generate_prime() return NULL on error if ret!=NULL.
+ [Ulf Möller]
+
+ *) Retain source code compatibility for BN_prime_checks macro:
+ BN_is_prime(..., BN_prime_checks, ...) now uses
+ BN_prime_checks_for_size to determine the appropriate number of
+ Rabin-Miller iterations.
+ [Ulf Möller]
+
+ *) Diffie-Hellman uses "safe" primes: DH_check() return code renamed to
+ DH_CHECK_P_NOT_SAFE_PRIME.
+ (Check if this is true? OpenPGP calls them "strong".)
+ [Ulf Möller]
+
+ *) Merge the functionality of "dh" and "gendh" programs into a new program
+ "dhparam". The old programs are retained for now but will handle DH keys
+ (instead of parameters) in future.
+ [Steve Henson]
+
+ *) Make the ciphers, s_server and s_client programs check the return values
+ when a new cipher list is set.
+ [Steve Henson]
+
+ *) Enhance the SSL/TLS cipher mechanism to correctly handle the TLS 56bit
+ ciphers. Before when the 56bit ciphers were enabled the sorting was
+ wrong.
+
+ The syntax for the cipher sorting has been extended to support sorting by
+ cipher-strength (using the strength_bits hard coded in the tables).
+ The new command is "@STRENGTH" (see also doc/apps/ciphers.pod).
+
+ Fix a bug in the cipher-command parser: when supplying a cipher command
+ string with an "undefined" symbol (neither command nor alphanumeric
+ [A-Za-z0-9], ssl_set_cipher_list used to hang in an endless loop. Now
+ an error is flagged.
+
+ Due to the strength-sorting extension, the code of the
+ ssl_create_cipher_list() function was completely rearranged. I hope that
+ the readability was also increased :-)
+ [Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>]
+
+ *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1
+ for the first serial number and places 2 in the serial number file. This
+ avoids problems when the root CA is created with serial number zero and
+ the first user certificate has the same issuer name and serial number
+ as the root CA.
+ [Steve Henson]
+
+ *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses
+ the new code. Add documentation for this stuff.
+ [Steve Henson]
+
+ *) Changes to X509_ATTRIBUTE utilities. These have been renamed from
+ X509_*() to X509at_*() on the grounds that they don't handle X509
+ structures and behave in an analagous way to the X509v3 functions:
+ they shouldn't be called directly but wrapper functions should be used
+ instead.
+
+ So we also now have some wrapper functions that call the X509at functions
+ when passed certificate requests. (TO DO: similar things can be done with
+ PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other
+ things. Some of these need some d2i or i2d and print functionality
+ because they handle more complex structures.)
+ [Steve Henson]
+
+ *) Add missing #ifndefs that caused missing symbols when building libssl
+ as a shared library without RSA. Use #ifndef NO_SSL2 instead of
+ NO_RSA in ssl/s2*.c.
+ [Kris Kennaway <kris at hub.freebsd.org>, modified by Ulf Möller]
+
+ *) Precautions against using the PRNG uninitialized: RAND_bytes() now
+ has a return value which indicates the quality of the random data
+ (1 = ok, 0 = not seeded). Also an error is recorded on the thread's
+ error queue. New function RAND_pseudo_bytes() generates output that is
+ guaranteed to be unique but not unpredictable. RAND_add is like
+ RAND_seed, but takes an extra argument for an entropy estimate
+ (RAND_seed always assumes full entropy).
+ [Ulf Möller]
+
+ *) Do more iterations of Rabin-Miller probable prime test (specifically,
+ 3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
+ instead of only 2 for all lengths; see BN_prime_checks_for_size definition
+ in crypto/bn/bn_prime.c for the complete table). This guarantees a
+ false-positive rate of at most 2^-80 for random input.
+ [Bodo Moeller]
+
+ *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs.
+ [Bodo Moeller]
+
+ *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain
+ in the 0.9.5 release), this returns the chain
+ from an X509_CTX structure with a dup of the stack and all
+ the X509 reference counts upped: so the stack will exist
+ after X509_CTX_cleanup() has been called. Modify pkcs12.c
+ to use this.
+
+ Also make SSL_SESSION_print() print out the verify return
+ code.
+ [Steve Henson]
+
+ *) Add manpage for the pkcs12 command. Also change the default
+ behaviour so MAC iteration counts are used unless the new
+ -nomaciter option is used. This improves file security and
+ only older versions of MSIE (4.0 for example) need it.
+ [Steve Henson]
+
+ *) Honor the no-xxx Configure options when creating .DEF files.
+ [Ulf Möller]
+
+ *) Add PKCS#10 attributes to field table: challengePassword,
+ unstructuredName and unstructuredAddress. These are taken from
+ draft PKCS#9 v2.0 but are compatible with v1.2 provided no
+ international characters are used.
+
+ More changes to X509_ATTRIBUTE code: allow the setting of types
+ based on strings. Remove the 'loc' parameter when adding
+ attributes because these will be a SET OF encoding which is sorted
+ in ASN1 order.
+ [Steve Henson]
+
+ *) Initial changes to the 'req' utility to allow request generation
+ automation. This will allow an application to just generate a template
+ file containing all the field values and have req construct the
+ request.
+
+ Initial support for X509_ATTRIBUTE handling. Stacks of these are
+ used all over the place including certificate requests and PKCS#7
+ structures. They are currently handled manually where necessary with
+ some primitive wrappers for PKCS#7. The new functions behave in a
+ manner analogous to the X509 extension functions: they allow
+ attributes to be looked up by NID and added.
+
+ Later something similar to the X509V3 code would be desirable to
+ automatically handle the encoding, decoding and printing of the
+ more complex types. The string types like challengePassword can
+ be handled by the string table functions.
+
+ Also modified the multi byte string table handling. Now there is
+ a 'global mask' which masks out certain types. The table itself
+ can use the flag STABLE_NO_MASK to ignore the mask setting: this
+ is useful when for example there is only one permissible type
+ (as in countryName) and using the mask might result in no valid
+ types at all.
+ [Steve Henson]
+
+ *) Clean up 'Finished' handling, and add functions SSL_get_finished and
+ SSL_get_peer_finished to allow applications to obtain the latest
+ Finished messages sent to the peer or expected from the peer,
+ respectively. (SSL_get_peer_finished is usually the Finished message
+ actually received from the peer, otherwise the protocol will be aborted.)
+
+ As the Finished message are message digests of the complete handshake
+ (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
+ be used for external authentication procedures when the authentication
+ provided by SSL/TLS is not desired or is not enough.
+ [Bodo Moeller]
+
+ *) Enhanced support for Alpha Linux is added. Now ./config checks if
+ the host supports BWX extension and if Compaq C is present on the
+ $PATH. Just exploiting of the BWX extension results in 20-30%
+ performance kick for some algorithms, e.g. DES and RC4 to mention
+ a couple. Compaq C in turn generates ~20% faster code for MD5 and
+ SHA1.
+ [Andy Polyakov]
+
+ *) Add support for MS "fast SGC". This is arguably a violation of the
+ SSL3/TLS protocol. Netscape SGC does two handshakes: the first with
+ weak crypto and after checking the certificate is SGC a second one
+ with strong crypto. MS SGC stops the first handshake after receiving
+ the server certificate message and sends a second client hello. Since
+ a server will typically do all the time consuming operations before
+ expecting any further messages from the client (server key exchange
+ is the most expensive) there is little difference between the two.
+
+ To get OpenSSL to support MS SGC we have to permit a second client
+ hello message after we have sent server done. In addition we have to
+ reset the MAC if we do get this second client hello.
+ [Steve Henson]
+
+ *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide
+ if a DER encoded private key is RSA or DSA traditional format. Changed
+ d2i_PrivateKey_bio() to use it. This is only needed for the "traditional"
+ format DER encoded private key. Newer code should use PKCS#8 format which
+ has the key type encoded in the ASN1 structure. Added DER private key
+ support to pkcs8 application.
+ [Steve Henson]
+
+ *) SSL 3/TLS 1 servers now don't request certificates when an anonymous
+ ciphersuites has been selected (as required by the SSL 3/TLS 1
+ specifications). Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT
+ is set, we interpret this as a request to violate the specification
+ (the worst that can happen is a handshake failure, and 'correct'
+ behaviour would result in a handshake failure anyway).
+ [Bodo Moeller]
+
+ *) In SSL_CTX_add_session, take into account that there might be multiple
+ SSL_SESSION structures with the same session ID (e.g. when two threads
+ concurrently obtain them from an external cache).
+ The internal cache can handle only one SSL_SESSION with a given ID,
+ so if there's a conflict, we now throw out the old one to achieve
+ consistency.
+ [Bodo Moeller]
+
+ *) Add OIDs for idea and blowfish in CBC mode. This will allow both
+ to be used in PKCS#5 v2.0 and S/MIME. Also add checking to
+ some routines that use cipher OIDs: some ciphers do not have OIDs
+ defined and so they cannot be used for S/MIME and PKCS#5 v2.0 for
+ example.
+ [Steve Henson]
+
+ *) Simplify the trust setting structure and code. Now we just have
+ two sequences of OIDs for trusted and rejected settings. These will
+ typically have values the same as the extended key usage extension
+ and any application specific purposes.
+
+ The trust checking code now has a default behaviour: it will just
+ check for an object with the same NID as the passed id. Functions can
+ be provided to override either the default behaviour or the behaviour
+ for a given id. SSL client, server and email already have functions
+ in place for compatibility: they check the NID and also return "trusted"
+ if the certificate is self signed.
+ [Steve Henson]
+
+ *) Add d2i,i2d bio/fp functions for PrivateKey: these convert the
+ traditional format into an EVP_PKEY structure.
+ [Steve Henson]
+
+ *) Add a password callback function PEM_cb() which either prompts for
+ a password if usr_data is NULL or otherwise assumes it is a null
+ terminated password. Allow passwords to be passed on command line
+ environment or config files in a few more utilities.
+ [Steve Henson]
+
+ *) Add a bunch of DER and PEM functions to handle PKCS#8 format private
+ keys. Add some short names for PKCS#8 PBE algorithms and allow them
+ to be specified on the command line for the pkcs8 and pkcs12 utilities.
+ Update documentation.
+ [Steve Henson]
+
+ *) Support for ASN1 "NULL" type. This could be handled before by using
+ ASN1_TYPE but there wasn't any function that would try to read a NULL
+ and produce an error if it couldn't. For compatibility we also have
+ ASN1_NULL_new() and ASN1_NULL_free() functions but these are faked and
+ don't allocate anything because they don't need to.
+ [Steve Henson]
+
+ *) Initial support for MacOS is now provided. Examine INSTALL.MacOS
+ for details.
+ [Andy Polyakov, Roy Woods <roy at centicsystems.ca>]
+
+ *) Rebuild of the memory allocation routines used by OpenSSL code and
+ possibly others as well. The purpose is to make an interface that
+ provide hooks so anyone can build a separate set of allocation and
+ deallocation routines to be used by OpenSSL, for example memory
+ pool implementations, or something else, which was previously hard
+ since Malloc(), Realloc() and Free() were defined as macros having
+ the values malloc, realloc and free, respectively (except for Win32
+ compilations). The same is provided for memory debugging code.
+ OpenSSL already comes with functionality to find memory leaks, but
+ this gives people a chance to debug other memory problems.
+
+ With these changes, a new set of functions and macros have appeared:
+
+ CRYPTO_set_mem_debug_functions() [F]
+ CRYPTO_get_mem_debug_functions() [F]
+ CRYPTO_dbg_set_options() [F]
+ CRYPTO_dbg_get_options() [F]
+ CRYPTO_malloc_debug_init() [M]
+
+ The memory debug functions are NULL by default, unless the library
+ is compiled with CRYPTO_MDEBUG or friends is defined. If someone
+ wants to debug memory anyway, CRYPTO_malloc_debug_init() (which
+ gives the standard debugging functions that come with OpenSSL) or
+ CRYPTO_set_mem_debug_functions() (tells OpenSSL to use functions
+ provided by the library user) must be used. When the standard
+ debugging functions are used, CRYPTO_dbg_set_options can be used to
+ request additional information:
+ CRYPTO_dbg_set_options(V_CYRPTO_MDEBUG_xxx) corresponds to setting
+ the CRYPTO_MDEBUG_xxx macro when compiling the library.
+
+ Also, things like CRYPTO_set_mem_functions will always give the
+ expected result (the new set of functions is used for allocation
+ and deallocation) at all times, regardless of platform and compiler
+ options.
+
+ To finish it up, some functions that were never use in any other
+ way than through macros have a new API and new semantic:
+
+ CRYPTO_dbg_malloc()
+ CRYPTO_dbg_realloc()
+ CRYPTO_dbg_free()
+
+ All macros of value have retained their old syntax.
+ [Richard Levitte and Bodo Moeller]
+
+ *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the
+ ordering of SMIMECapabilities wasn't in "strength order" and there
+ was a missing NULL in the AlgorithmIdentifier for the SHA1 signature
+ algorithm.
+ [Steve Henson]
+
+ *) Some ASN1 types with illegal zero length encoding (INTEGER,
+ ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
+ [Frans Heymans <fheymans at isaserver.be>, modified by Steve Henson]
+
+ *) Merge in my S/MIME library for OpenSSL. This provides a simple
+ S/MIME API on top of the PKCS#7 code, a MIME parser (with enough
+ functionality to handle multipart/signed properly) and a utility
+ called 'smime' to call all this stuff. This is based on code I
+ originally wrote for Celo who have kindly allowed it to be
+ included in OpenSSL.
+ [Steve Henson]
+
+ *) Add variants des_set_key_checked and des_set_key_unchecked of
+ des_set_key (aka des_key_sched). Global variable des_check_key
+ decides which of these is called by des_set_key; this way
+ des_check_key behaves as it always did, but applications and
+ the library itself, which was buggy for des_check_key == 1,
+ have a cleaner way to pick the version they need.
+ [Bodo Moeller]
+
+ *) New function PKCS12_newpass() which changes the password of a
+ PKCS12 structure.
+ [Steve Henson]
+
+ *) Modify X509_TRUST and X509_PURPOSE so it also uses a static and
+ dynamic mix. In both cases the ids can be used as an index into the
+ table. Also modified the X509_TRUST_add() and X509_PURPOSE_add()
+ functions so they accept a list of the field values and the
+ application doesn't need to directly manipulate the X509_TRUST
+ structure.
+ [Steve Henson]
+
+ *) Modify the ASN1_STRING_TABLE stuff so it also uses bsearch and doesn't
+ need initialising.
+ [Steve Henson]
+
+ *) Modify the way the V3 extension code looks up extensions. This now
+ works in a similar way to the object code: we have some "standard"
+ extensions in a static table which is searched with OBJ_bsearch()
+ and the application can add dynamic ones if needed. The file
+ crypto/x509v3/ext_dat.h now has the info: this file needs to be
+ updated whenever a new extension is added to the core code and kept
+ in ext_nid order. There is a simple program 'tabtest.c' which checks
+ this. New extensions are not added too often so this file can readily
+ be maintained manually.
+
+ There are two big advantages in doing things this way. The extensions
+ can be looked up immediately and no longer need to be "added" using
+ X509V3_add_standard_extensions(): this function now does nothing.
+ [Side note: I get *lots* of email saying the extension code doesn't
+ work because people forget to call this function]
+ Also no dynamic allocation is done unless new extensions are added:
+ so if we don't add custom extensions there is no need to call
+ X509V3_EXT_cleanup().
+ [Steve Henson]
+
+ *) Modify enc utility's salting as follows: make salting the default. Add a
+ magic header, so unsalted files fail gracefully instead of just decrypting
+ to garbage. This is because not salting is a big security hole, so people
+ should be discouraged from doing it.
+ [Ben Laurie]
+
+ *) Fixes and enhancements to the 'x509' utility. It allowed a message
+ digest to be passed on the command line but it only used this
+ parameter when signing a certificate. Modified so all relevant
+ operations are affected by the digest parameter including the
+ -fingerprint and -x509toreq options. Also -x509toreq choked if a
+ DSA key was used because it didn't fix the digest.
+ [Steve Henson]
+
+ *) Initial certificate chain verify code. Currently tests the untrusted
+ certificates for consistency with the verify purpose (which is set
+ when the X509_STORE_CTX structure is set up) and checks the pathlength.
+
+ There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour:
+ this is because it will reject chains with invalid extensions whereas
+ every previous version of OpenSSL and SSLeay made no checks at all.
+
+ Trust code: checks the root CA for the relevant trust settings. Trust
+ settings have an initial value consistent with the verify purpose: e.g.
+ if the verify purpose is for SSL client use it expects the CA to be
+ trusted for SSL client use. However the default value can be changed to
+ permit custom trust settings: one example of this would be to only trust
+ certificates from a specific "secure" set of CAs.
+
+ Also added X509_STORE_CTX_new() and X509_STORE_CTX_free() functions
+ which should be used for version portability: especially since the
+ verify structure is likely to change more often now.
+
+ SSL integration. Add purpose and trust to SSL_CTX and SSL and functions
+ to set them. If not set then assume SSL clients will verify SSL servers
+ and vice versa.
+
+ Two new options to the verify program: -untrusted allows a set of
+ untrusted certificates to be passed in and -purpose which sets the
+ intended purpose of the certificate. If a purpose is set then the
+ new chain verify code is used to check extension consistency.
+ [Steve Henson]
+
+ *) Support for the authority information access extension.
+ [Steve Henson]
+
+ *) Modify RSA and DSA PEM read routines to transparently handle
+ PKCS#8 format private keys. New *_PUBKEY_* functions that handle
+ public keys in a format compatible with certificate
+ SubjectPublicKeyInfo structures. Unfortunately there were already
+ functions called *_PublicKey_* which used various odd formats so
+ these are retained for compatibility: however the DSA variants were
+ never in a public release so they have been deleted. Changed dsa/rsa
+ utilities to handle the new format: note no releases ever handled public
+ keys so we should be OK.
+
+ The primary motivation for this change is to avoid the same fiasco
+ that dogs private keys: there are several incompatible private key
+ formats some of which are standard and some OpenSSL specific and
+ require various evil hacks to allow partial transparent handling and
+ even then it doesn't work with DER formats. Given the option anything
+ other than PKCS#8 should be dumped: but the other formats have to
+ stay in the name of compatibility.
+
+ With public keys and the benefit of hindsight one standard format
+ is used which works with EVP_PKEY, RSA or DSA structures: though
+ it clearly returns an error if you try to read the wrong kind of key.
+
+ Added a -pubkey option to the 'x509' utility to output the public key.
+ Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*()
+ (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add
+ EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*())
+ that do the same as the EVP_PKEY_assign_*() except they up the
+ reference count of the added key (they don't "swallow" the
+ supplied key).
+ [Steve Henson]
+
+ *) Fixes to crypto/x509/by_file.c the code to read in certificates and
+ CRLs would fail if the file contained no certificates or no CRLs:
+ added a new function to read in both types and return the number
+ read: this means that if none are read it will be an error. The
+ DER versions of the certificate and CRL reader would always fail
+ because it isn't possible to mix certificates and CRLs in DER format
+ without choking one or the other routine. Changed this to just read
+ a certificate: this is the best we can do. Also modified the code
+ in apps/verify.c to take notice of return codes: it was previously
+ attempting to read in certificates from NULL pointers and ignoring
+ any errors: this is one reason why the cert and CRL reader seemed
+ to work. It doesn't check return codes from the default certificate
+ routines: these may well fail if the certificates aren't installed.
+ [Steve Henson]
+
+ *) Code to support otherName option in GeneralName.
+ [Steve Henson]
+
+ *) First update to verify code. Change the verify utility
+ so it warns if it is passed a self signed certificate:
+ for consistency with the normal behaviour. X509_verify
+ has been modified to it will now verify a self signed
+ certificate if *exactly* the same certificate appears
+ in the store: it was previously impossible to trust a
+ single self signed certificate. This means that:
+ openssl verify ss.pem
+ now gives a warning about a self signed certificate but
+ openssl verify -CAfile ss.pem ss.pem
+ is OK.
+ [Steve Henson]
+
+ *) For servers, store verify_result in SSL_SESSION data structure
+ (and add it to external session representation).
+ This is needed when client certificate verifications fails,
+ but an application-provided verification callback (set by
+ SSL_CTX_set_cert_verify_callback) allows accepting the session
+ anyway (i.e. leaves x509_store_ctx->error != X509_V_OK
+ but returns 1): When the session is reused, we have to set
+ ssl->verify_result to the appropriate error code to avoid
+ security holes.
+ [Bodo Moeller, problem pointed out by Lutz Jaenicke]
+
+ *) Fix a bug in the new PKCS#7 code: it didn't consider the
+ case in PKCS7_dataInit() where the signed PKCS7 structure
+ didn't contain any existing data because it was being created.
+ [Po-Cheng Chen <pocheng at nst.com.tw>, slightly modified by Steve Henson]
+
+ *) Add a salt to the key derivation routines in enc.c. This
+ forms the first 8 bytes of the encrypted file. Also add a
+ -S option to allow a salt to be input on the command line.
+ [Steve Henson]
+
+ *) New function X509_cmp(). Oddly enough there wasn't a function
+ to compare two certificates. We do this by working out the SHA1
+ hash and comparing that. X509_cmp() will be needed by the trust
+ code.
+ [Steve Henson]
+
+ *) SSL_get1_session() is like SSL_get_session(), but increments
+ the reference count in the SSL_SESSION returned.
+ [Geoff Thorpe <geoff at eu.c2.net>]
+
+ *) Fix for 'req': it was adding a null to request attributes.
+ Also change the X509_LOOKUP and X509_INFO code to handle
+ certificate auxiliary information.
+ [Steve Henson]
+
+ *) Add support for 40 and 64 bit RC2 and RC4 algorithms: document
+ the 'enc' command.
+ [Steve Henson]
+
+ *) Add the possibility to add extra information to the memory leak
+ detecting output, to form tracebacks, showing from where each
+ allocation was originated: CRYPTO_push_info("constant string") adds
+ the string plus current file name and line number to a per-thread
+ stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
+ is like calling CYRPTO_pop_info() until the stack is empty.
+ Also updated memory leak detection code to be multi-thread-safe.
+ [Richard Levitte]
+
+ *) Add options -text and -noout to pkcs7 utility and delete the
+ encryption options which never did anything. Update docs.
+ [Steve Henson]
+
+ *) Add options to some of the utilities to allow the pass phrase
+ to be included on either the command line (not recommended on
+ OSes like Unix) or read from the environment. Update the
+ manpages and fix a few bugs.
+ [Steve Henson]
+
+ *) Add a few manpages for some of the openssl commands.
+ [Steve Henson]
+
+ *) Fix the -revoke option in ca. It was freeing up memory twice,
+ leaking and not finding already revoked certificates.
+ [Steve Henson]
+
+ *) Extensive changes to support certificate auxiliary information.
+ This involves the use of X509_CERT_AUX structure and X509_AUX
+ functions. An X509_AUX function such as PEM_read_X509_AUX()
+ can still read in a certificate file in the usual way but it
+ will also read in any additional "auxiliary information". By
+ doing things this way a fair degree of compatibility can be
+ retained: existing certificates can have this information added
+ using the new 'x509' options.
+
+ Current auxiliary information includes an "alias" and some trust
+ settings. The trust settings will ultimately be used in enhanced
+ certificate chain verification routines: currently a certificate
+ can only be trusted if it is self signed and then it is trusted
+ for all purposes.
+ [Steve Henson]
+
+ *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
+ The problem was that one of the replacement routines had not been working
+ since SSLeay releases. For now the offending routine has been replaced
+ with non-optimised assembler. Even so, this now gives around 95%
+ performance improvement for 1024 bit RSA signs.
+ [Mark Cox]
+
+ *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2
+ handling. Most clients have the effective key size in bits equal to
+ the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key.
+ A few however don't do this and instead use the size of the decrypted key
+ to determine the RC2 key length and the AlgorithmIdentifier to determine
+ the effective key length. In this case the effective key length can still
+ be 40 bits but the key length can be 168 bits for example. This is fixed
+ by manually forcing an RC2 key into the EVP_PKEY structure because the
+ EVP code can't currently handle unusual RC2 key sizes: it always assumes
+ the key length and effective key length are equal.
+ [Steve Henson]
+
+ *) Add a bunch of functions that should simplify the creation of
+ X509_NAME structures. Now you should be able to do:
+ X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, "Steve", -1, -1, 0);
+ and have it automatically work out the correct field type and fill in
+ the structures. The more adventurous can try:
+ X509_NAME_add_entry_by_txt(nm, field, MBSTRING_UTF8, str, -1, -1, 0);
+ and it will (hopefully) work out the correct multibyte encoding.
+ [Steve Henson]
+
+ *) Change the 'req' utility to use the new field handling and multibyte
+ copy routines. Before the DN field creation was handled in an ad hoc
+ way in req, ca, and x509 which was rather broken and didn't support
+ BMPStrings or UTF8Strings. Since some software doesn't implement
+ BMPStrings or UTF8Strings yet, they can be enabled using the config file
+ using the dirstring_type option. See the new comment in the default
+ openssl.cnf for more info.
+ [Steve Henson]
+
+ *) Make crypto/rand/md_rand.c more robust:
+ - Assure unique random numbers after fork().
+ - Make sure that concurrent threads access the global counter and
+ md serializably so that we never lose entropy in them
+ or use exactly the same state in multiple threads.
+ Access to the large state is not always serializable because
+ the additional locking could be a performance killer, and
+ md should be large enough anyway.
+ [Bodo Moeller]
+
+ *) New file apps/app_rand.c with commonly needed functionality
+ for handling the random seed file.
+
+ Use the random seed file in some applications that previously did not:
+ ca,
+ dsaparam -genkey (which also ignored its '-rand' option),
+ s_client,
+ s_server,
+ x509 (when signing).
+ Except on systems with /dev/urandom, it is crucial to have a random
+ seed file at least for key creation, DSA signing, and for DH exchanges;
+ for RSA signatures we could do without one.
+
+ gendh and gendsa (unlike genrsa) used to read only the first byte
+ of each file listed in the '-rand' option. The function as previously
+ found in genrsa is now in app_rand.c and is used by all programs
+ that support '-rand'.
+ [Bodo Moeller]
+
+ *) In RAND_write_file, use mode 0600 for creating files;
+ don't just chmod when it may be too late.
+ [Bodo Moeller]
+
+ *) Report an error from X509_STORE_load_locations
+ when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.
+ [Bill Perry]
+
+ *) New function ASN1_mbstring_copy() this copies a string in either
+ ASCII, Unicode, Universal (4 bytes per character) or UTF8 format
+ into an ASN1_STRING type. A mask of permissible types is passed
+ and it chooses the "minimal" type to use or an error if not type
+ is suitable.
+ [Steve Henson]
+
+ *) Add function equivalents to the various macros in asn1.h. The old
+ macros are retained with an M_ prefix. Code inside the library can
+ use the M_ macros. External code (including the openssl utility)
+ should *NOT* in order to be "shared library friendly".
+ [Steve Henson]
+
+ *) Add various functions that can check a certificate's extensions
+ to see if it usable for various purposes such as SSL client,
+ server or S/MIME and CAs of these types. This is currently
+ VERY EXPERIMENTAL but will ultimately be used for certificate chain
+ verification. Also added a -purpose flag to x509 utility to
+ print out all the purposes.
+ [Steve Henson]
+
+ *) Add a CRYPTO_EX_DATA to X509 certificate structure and associated
+ functions.
+ [Steve Henson]
+
+ *) New X509V3_{X509,CRL,REVOKED}_get_d2i() functions. These will search
+ for, obtain and decode and extension and obtain its critical flag.
+ This allows all the necessary extension code to be handled in a
+ single function call.
+ [Steve Henson]
+
+ *) RC4 tune-up featuring 30-40% performance improvement on most RISC
+ platforms. See crypto/rc4/rc4_enc.c for further details.
+ [Andy Polyakov]
+
+ *) New -noout option to asn1parse. This causes no output to be produced
+ its main use is when combined with -strparse and -out to extract data
+ from a file (which may not be in ASN.1 format).
+ [Steve Henson]
+
+ *) Fix for pkcs12 program. It was hashing an invalid certificate pointer
+ when producing the local key id.
+ [Richard Levitte <levitte at stacken.kth.se>]
+
+ *) New option -dhparam in s_server. This allows a DH parameter file to be
+ stated explicitly. If it is not stated then it tries the first server
+ certificate file. The previous behaviour hard coded the filename
+ "server.pem".
+ [Steve Henson]
+
+ *) Add -pubin and -pubout options to the rsa and dsa commands. These allow
+ a public key to be input or output. For example:
+ openssl rsa -in key.pem -pubout -out pubkey.pem
+ Also added necessary DSA public key functions to handle this.
+ [Steve Henson]
+
+ *) Fix so PKCS7_dataVerify() doesn't crash if no certificates are contained
+ in the message. This was handled by allowing
+ X509_find_by_issuer_and_serial() to tolerate a NULL passed to it.
+ [Steve Henson, reported by Sampo Kellomaki <sampo at mail.neuronio.pt>]
+
+ *) Fix for bug in d2i_ASN1_bytes(): other ASN1 functions add an extra null
+ to the end of the strings whereas this didn't. This would cause problems
+ if strings read with d2i_ASN1_bytes() were later modified.
+ [Steve Henson, reported by Arne Ansper <arne at ats.cyber.ee>]
+
+ *) Fix for base64 decode bug. When a base64 bio reads only one line of
+ data and it contains EOF it will end up returning an error. This is
+ caused by input 46 bytes long. The cause is due to the way base64
+ BIOs find the start of base64 encoded data. They do this by trying a
+ trial decode on each line until they find one that works. When they
+ do a flag is set and it starts again knowing it can pass all the
+ data directly through the decoder. Unfortunately it doesn't reset
+ the context it uses. This means that if EOF is reached an attempt
+ is made to pass two EOFs through the context and this causes the
+ resulting error. This can also cause other problems as well. As is
+ usual with these problems it takes *ages* to find and the fix is
+ trivial: move one line.
+ [Steve Henson, reported by ian at uns.ns.ac.yu (Ivan Nejgebauer) ]
+
+ *) Ugly workaround to get s_client and s_server working under Windows. The
+ old code wouldn't work because it needed to select() on sockets and the
+ tty (for keypresses and to see if data could be written). Win32 only
+ supports select() on sockets so we select() with a 1s timeout on the
+ sockets and then see if any characters are waiting to be read, if none
+ are present then we retry, we also assume we can always write data to
+ the tty. This isn't nice because the code then blocks until we've
+ received a complete line of data and it is effectively polling the
+ keyboard at 1s intervals: however it's quite a bit better than not
+ working at all :-) A dedicated Windows application might handle this
+ with an event loop for example.
+ [Steve Henson]
+
+ *) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
+ and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
+ will be called when RSA_sign() and RSA_verify() are used. This is useful
+ if rsa_pub_dec() and rsa_priv_enc() equivalents are not available.
+ For this to work properly RSA_public_decrypt() and RSA_private_encrypt()
+ should *not* be used: RSA_sign() and RSA_verify() must be used instead.
+ This necessitated the support of an extra signature type NID_md5_sha1
+ for SSL signatures and modifications to the SSL library to use it instead
+ of calling RSA_public_decrypt() and RSA_private_encrypt().
+ [Steve Henson]
+
+ *) Add new -verify -CAfile and -CApath options to the crl program, these
+ will lookup a CRL issuers certificate and verify the signature in a
+ similar way to the verify program. Tidy up the crl program so it
+ no longer accesses structures directly. Make the ASN1 CRL parsing a bit
+ less strict. It will now permit CRL extensions even if it is not
+ a V2 CRL: this will allow it to tolerate some broken CRLs.
+ [Steve Henson]
+
+ *) Initialize all non-automatic variables each time one of the openssl
+ sub-programs is started (this is necessary as they may be started
+ multiple times from the "OpenSSL>" prompt).
+ [Lennart Bang, Bodo Moeller]
+
+ *) Preliminary compilation option RSA_NULL which disables RSA crypto without
+ removing all other RSA functionality (this is what NO_RSA does). This
+ is so (for example) those in the US can disable those operations covered
+ by the RSA patent while allowing storage and parsing of RSA keys and RSA
+ key generation.
+ [Steve Henson]
+
+ *) Non-copying interface to BIO pairs.
+ (still largely untested)
+ [Bodo Moeller]
+
+ *) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive
+ ASCII string. This was handled independently in various places before.
+ [Steve Henson]
+
+ *) New functions UTF8_getc() and UTF8_putc() that parse and generate
+ UTF8 strings a character at a time.
+ [Steve Henson]
+
+ *) Use client_version from client hello to select the protocol
+ (s23_srvr.c) and for RSA client key exchange verification
+ (s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications.
+ [Bodo Moeller]
+
+ *) Add various utility functions to handle SPKACs, these were previously
+ handled by poking round in the structure internals. Added new function
+ NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
+ print, verify and generate SPKACs. Based on an original idea from
+ Massimiliano Pala <madwolf at comune.modena.it> but extensively modified.
+ [Steve Henson]
+
+ *) RIPEMD160 is operational on all platforms and is back in 'make test'.
+ [Andy Polyakov]
+
+ *) Allow the config file extension section to be overwritten on the
+ command line. Based on an original idea from Massimiliano Pala
+ <madwolf at comune.modena.it>. The new option is called -extensions
+ and can be applied to ca, req and x509. Also -reqexts to override
+ the request extensions in req and -crlexts to override the crl extensions
+ in ca.
+ [Steve Henson]
+
+ *) Add new feature to the SPKAC handling in ca. Now you can include
+ the same field multiple times by preceding it by "XXXX." for example:
+ 1.OU="Unit name 1"
+ 2.OU="Unit name 2"
+ this is the same syntax as used in the req config file.
+ [Steve Henson]
+
+ *) Allow certificate extensions to be added to certificate requests. These
+ are specified in a 'req_extensions' option of the req section of the
+ config file. They can be printed out with the -text option to req but
+ are otherwise ignored at present.
+ [Steve Henson]
+
+ *) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first
+ data read consists of only the final block it would not decrypted because
+ EVP_CipherUpdate() would correctly report zero bytes had been decrypted.
+ A misplaced 'break' also meant the decrypted final block might not be
+ copied until the next read.
+ [Steve Henson]
+
+ *) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added
+ a few extra parameters to the DH structure: these will be useful if
+ for example we want the value of 'q' or implement X9.42 DH.
+ [Steve Henson]
+
+ *) Initial support for DSA_METHOD. This is based on the RSA_METHOD and
+ provides hooks that allow the default DSA functions or functions on a
+ "per key" basis to be replaced. This allows hardware acceleration and
+ hardware key storage to be handled without major modification to the
+ library. Also added low level modexp hooks and CRYPTO_EX structure and
+ associated functions.
+ [Steve Henson]
+
+ *) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
+ as "read only": it can't be written to and the buffer it points to will
+ not be freed. Reading from a read only BIO is much more efficient than
+ a normal memory BIO. This was added because there are several times when
+ an area of memory needs to be read from a BIO. The previous method was
+ to create a memory BIO and write the data to it, this results in two
+ copies of the data and an O(n^2) reading algorithm. There is a new
+ function BIO_new_mem_buf() which creates a read only memory BIO from
+ an area of memory. Also modified the PKCS#7 routines to use read only
+ memory BIOs.
+ [Steve Henson]
+
+ *) Bugfix: ssl23_get_client_hello did not work properly when called in
+ state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
+ a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
+ but a retry condition occured while trying to read the rest.
+ [Bodo Moeller]
+
+ *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
+ NID_pkcs7_encrypted by default: this was wrong since this should almost
+ always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
+ the encrypted data type: this is a more sensible place to put it and it
+ allows the PKCS#12 code to be tidied up that duplicated this
+ functionality.
+ [Steve Henson]
+
+ *) Changed obj_dat.pl script so it takes its input and output files on
+ the command line. This should avoid shell escape redirection problems
+ under Win32.
+ [Steve Henson]
+
+ *) Initial support for certificate extension requests, these are included
+ in things like Xenroll certificate requests. Included functions to allow
+ extensions to be obtained and added.
+ [Steve Henson]
+
+ *) -crlf option to s_client and s_server for sending newlines as
+ CRLF (as required by many protocols).
+ [Bodo Moeller]
+
+ Changes between 0.9.3a and 0.9.4 [09 Aug 1999]
+
+ *) Install libRSAglue.a when OpenSSL is built with RSAref.
+ [Ralf S. Engelschall]
+
+ *) A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
+ [Andrija Antonijevic <TheAntony2 at bigfoot.com>]
+
+ *) Fix -startdate and -enddate (which was missing) arguments to 'ca'
+ program.
+ [Steve Henson]
+
+ *) New function DSA_dup_DH, which duplicates DSA parameters/keys as
+ DH parameters/keys (q is lost during that conversion, but the resulting
+ DH parameters contain its length).
+
+ For 1024-bit p, DSA_generate_parameters followed by DSA_dup_DH is
+ much faster than DH_generate_parameters (which creates parameters
+ where p = 2*q + 1), and also the smaller q makes DH computations
+ much more efficient (160-bit exponentiation instead of 1024-bit
+ exponentiation); so this provides a convenient way to support DHE
+ ciphersuites in SSL/TLS servers (see ssl/ssltest.c). It is of
+ utter importance to use
+ SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+ or
+ SSL_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+ when such DH parameters are used, because otherwise small subgroup
+ attacks may become possible!
+ [Bodo Moeller]
+
+ *) Avoid memory leak in i2d_DHparams.
+ [Bodo Moeller]
+
+ *) Allow the -k option to be used more than once in the enc program:
+ this allows the same encrypted message to be read by multiple recipients.
+ [Steve Henson]
+
+ *) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
+ an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
+ it will always use the numerical form of the OID, even if it has a short
+ or long name.
+ [Steve Henson]
+
+ *) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp
+ method only got called if p,q,dmp1,dmq1,iqmp components were present,
+ otherwise bn_mod_exp was called. In the case of hardware keys for example
+ no private key components need be present and it might store extra data
+ in the RSA structure, which cannot be accessed from bn_mod_exp.
+ By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for
+ private key operations.
+ [Steve Henson]
+
+ *) Added support for SPARC Linux.
+ [Andy Polyakov]
+
+ *) pem_password_cb function type incompatibly changed from
+ typedef int pem_password_cb(char *buf, int size, int rwflag);
+ to
+ ....(char *buf, int size, int rwflag, void *userdata);
+ so that applications can pass data to their callbacks:
+ The PEM[_ASN1]_{read,write}... functions and macros now take an
+ additional void * argument, which is just handed through whenever
+ the password callback is called.
+ [Damien Miller <dmiller at ilogic.com.au>; tiny changes by Bodo Moeller]
+
+ New function SSL_CTX_set_default_passwd_cb_userdata.
+
+ Compatibility note: As many C implementations push function arguments
+ onto the stack in reverse order, the new library version is likely to
+ interoperate with programs that have been compiled with the old
+ pem_password_cb definition (PEM_whatever takes some data that
+ happens to be on the stack as its last argument, and the callback
+ just ignores this garbage); but there is no guarantee whatsoever that
+ this will work.
+
+ *) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=...
+ (both in crypto/Makefile.ssl for use by crypto/cversion.c) caused
+ problems not only on Windows, but also on some Unix platforms.
+ To avoid problematic command lines, these definitions are now in an
+ auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl
+ for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds).
+ [Bodo Moeller]
+
+ *) MIPS III/IV assembler module is reimplemented.
+ [Andy Polyakov]
+
+ *) More DES library cleanups: remove references to srand/rand and
+ delete an unused file.
+ [Ulf Möller]
+
+ *) Add support for the the free Netwide assembler (NASM) under Win32,
+ since not many people have MASM (ml) and it can be hard to obtain.
+ This is currently experimental but it seems to work OK and pass all
+ the tests. Check out INSTALL.W32 for info.
+ [Steve Henson]
+
+ *) Fix memory leaks in s3_clnt.c: All non-anonymous SSL3/TLS1 connections
+ without temporary keys kept an extra copy of the server key,
+ and connections with temporary keys did not free everything in case
+ of an error.
+ [Bodo Moeller]
+
+ *) New function RSA_check_key and new openssl rsa option -check
+ for verifying the consistency of RSA keys.
+ [Ulf Moeller, Bodo Moeller]
+
+ *) Various changes to make Win32 compile work:
+ 1. Casts to avoid "loss of data" warnings in p5_crpt2.c
+ 2. Change unsigned int to int in b_dump.c to avoid "signed/unsigned
+ comparison" warnings.
+ 3. Add sk_<TYPE>_sort to DEF file generator and do make update.
+ [Steve Henson]
+
+ *) Add a debugging option to PKCS#5 v2 key generation function: when
+ you #define DEBUG_PKCS5V2 passwords, salts, iteration counts and
+ derived keys are printed to stderr.
+ [Steve Henson]
+
+ *) Copy the flags in ASN1_STRING_dup().
+ [Roman E. Pavlov <pre at mo.msk.ru>]
+
+ *) The x509 application mishandled signing requests containing DSA
+ keys when the signing key was also DSA and the parameters didn't match.
+
+ It was supposed to omit the parameters when they matched the signing key:
+ the verifying software was then supposed to automatically use the CA's
+ parameters if they were absent from the end user certificate.
+
+ Omitting parameters is no longer recommended. The test was also
+ the wrong way round! This was probably due to unusual behaviour in
+ EVP_cmp_parameters() which returns 1 if the parameters match.
+ This meant that parameters were omitted when they *didn't* match and
+ the certificate was useless. Certificates signed with 'ca' didn't have
+ this bug.
+ [Steve Henson, reported by Doug Erickson <Doug.Erickson at Part.NET>]
+
+ *) Memory leak checking (-DCRYPTO_MDEBUG) had some problems.
+ The interface is as follows:
+ Applications can use
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) aka MemCheck_start(),
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) aka MemCheck_stop();
+ "off" is now the default.
+ The library internally uses
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) aka MemCheck_off(),
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE) aka MemCheck_on()
+ to disable memory-checking temporarily.
+
+ Some inconsistent states that previously were possible (and were
+ even the default) are now avoided.
+
+ -DCRYPTO_MDEBUG_TIME is new and additionally stores the current time
+ with each memory chunk allocated; this is occasionally more helpful
+ than just having a counter.
+
+ -DCRYPTO_MDEBUG_THREAD is also new and adds the thread ID.
+
+ -DCRYPTO_MDEBUG_ALL enables all of the above, plus any future
+ extensions.
+ [Bodo Moeller]
+
+ *) Introduce "mode" for SSL structures (with defaults in SSL_CTX),
+ which largely parallels "options", but is for changing API behaviour,
+ whereas "options" are about protocol behaviour.
+ Initial "mode" flags are:
+
+ SSL_MODE_ENABLE_PARTIAL_WRITE Allow SSL_write to report success when
+ a single record has been written.
+ SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER Don't insist that SSL_write
+ retries use the same buffer location.
+ (But all of the contents must be
+ copied!)
+ [Bodo Moeller]
+
+ *) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options
+ worked.
+
+ *) Fix problems with no-hmac etc.
+ [Ulf Möller, pointed out by Brian Wellington <bwelling at tislabs.com>]
+
+ *) New functions RSA_get_default_method(), RSA_set_method() and
+ RSA_get_method(). These allows replacement of RSA_METHODs without having
+ to mess around with the internals of an RSA structure.
+ [Steve Henson]
+
+ *) Fix memory leaks in DSA_do_sign and DSA_is_prime.
+ Also really enable memory leak checks in openssl.c and in some
+ test programs.
+ [Chad C. Mulligan, Bodo Moeller]
+
+ *) Fix a bug in d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() which can mess
+ up the length of negative integers. This has now been simplified to just
+ store the length when it is first determined and use it later, rather
+ than trying to keep track of where data is copied and updating it to
+ point to the end.
+ [Steve Henson, reported by Brien Wheeler
+ <bwheeler at authentica-security.com>]
+
+ *) Add a new function PKCS7_signatureVerify. This allows the verification
+ of a PKCS#7 signature but with the signing certificate passed to the
+ function itself. This contrasts with PKCS7_dataVerify which assumes the
+ certificate is present in the PKCS#7 structure. This isn't always the
+ case: certificates can be omitted from a PKCS#7 structure and be
+ distributed by "out of band" means (such as a certificate database).
+ [Steve Henson]
+
+ *) Complete the PEM_* macros with DECLARE_PEM versions to replace the
+ function prototypes in pem.h, also change util/mkdef.pl to add the
+ necessary function names.
+ [Steve Henson]
+
+ *) mk1mf.pl (used by Windows builds) did not properly read the
+ options set by Configure in the top level Makefile, and Configure
+ was not even able to write more than one option correctly.
+ Fixed, now "no-idea no-rc5 -DCRYPTO_MDEBUG" etc. works as intended.
+ [Bodo Moeller]
+
+ *) New functions CONF_load_bio() and CONF_load_fp() to allow a config
+ file to be loaded from a BIO or FILE pointer. The BIO version will
+ for example allow memory BIOs to contain config info.
+ [Steve Henson]
+
+ *) New function "CRYPTO_num_locks" that returns CRYPTO_NUM_LOCKS.
+ Whoever hopes to achieve shared-library compatibility across versions
+ must use this, not the compile-time macro.
+ (Exercise 0.9.4: Which is the minimum library version required by
+ such programs?)
+ Note: All this applies only to multi-threaded programs, others don't
+ need locks.
+ [Bodo Moeller]
+
+ *) Add missing case to s3_clnt.c state machine -- one of the new SSL tests
+ through a BIO pair triggered the default case, i.e.
+ SSLerr(...,SSL_R_UNKNOWN_STATE).
+ [Bodo Moeller]
+
+ *) New "BIO pair" concept (crypto/bio/bss_bio.c) so that applications
+ can use the SSL library even if none of the specific BIOs is
+ appropriate.
+ [Bodo Moeller]
+
+ *) Fix a bug in i2d_DSAPublicKey() which meant it returned the wrong value
+ for the encoded length.
+ [Jeon KyoungHo <khjeon at sds.samsung.co.kr>]
+
+ *) Add initial documentation of the X509V3 functions.
+ [Steve Henson]
+
+ *) Add a new pair of functions PEM_write_PKCS8PrivateKey() and
+ PEM_write_bio_PKCS8PrivateKey() that are equivalent to
+ PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more
+ secure PKCS#8 private key format with a high iteration count.
+ [Steve Henson]
+
+ *) Fix determination of Perl interpreter: A perl or perl5
+ _directory_ in $PATH was also accepted as the interpreter.
+ [Ralf S. Engelschall]
+
+ *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking
+ wrong with it but it was very old and did things like calling
+ PEM_ASN1_read() directly and used MD5 for the hash not to mention some
+ unusual formatting.
+ [Steve Henson]
+
+ *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
+ to use the new extension code.
+ [Steve Henson]
+
+ *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
+ with macros. This should make it easier to change their form, add extra
+ arguments etc. Fix a few PEM prototypes which didn't have cipher as a
+ constant.
+ [Steve Henson]
+
+ *) Add to configuration table a new entry that can specify an alternative
+ name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
+ according to Mark Crispin <MRC at Panda.COM>.
+ [Bodo Moeller]
+
+#if 0
+ *) DES CBC did not update the IV. Weird.
+ [Ben Laurie]
+#else
+ des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does.
+ Changing the behaviour of the former might break existing programs --
+ where IV updating is needed, des_ncbc_encrypt can be used.
+#endif
+
+ *) When bntest is run from "make test" it drives bc to check its
+ calculations, as well as internally checking them. If an internal check
+ fails, it needs to cause bc to give a non-zero result or make test carries
+ on without noticing the failure. Fixed.
+ [Ben Laurie]
+
+ *) DES library cleanups.
+ [Ulf Möller]
+
+ *) Add support for PKCS#5 v2.0 PBE algorithms. This will permit PKCS#8 to be
+ used with any cipher unlike PKCS#5 v1.5 which can at most handle 64 bit
+ ciphers. NOTE: although the key derivation function has been verified
+ against some published test vectors it has not been extensively tested
+ yet. Added a -v2 "cipher" option to pkcs8 application to allow the use
+ of v2.0.
+ [Steve Henson]
+
+ *) Instead of "mkdir -p", which is not fully portable, use new
+ Perl script "util/mkdir-p.pl".
+ [Bodo Moeller]
+
+ *) Rewrite the way password based encryption (PBE) is handled. It used to
+ assume that the ASN1 AlgorithmIdentifier parameter was a PBEParameter
+ structure. This was true for the PKCS#5 v1.5 and PKCS#12 PBE algorithms
+ but doesn't apply to PKCS#5 v2.0 where it can be something else. Now
+ the 'parameter' field of the AlgorithmIdentifier is passed to the
+ underlying key generation function so it must do its own ASN1 parsing.
+ This has also changed the EVP_PBE_CipherInit() function which now has a
+ 'parameter' argument instead of literal salt and iteration count values
+ and the function EVP_PBE_ALGOR_CipherInit() has been deleted.
+ [Steve Henson]
+
+ *) Support for PKCS#5 v1.5 compatible password based encryption algorithms
+ and PKCS#8 functionality. New 'pkcs8' application linked to openssl.
+ Needed to change the PEM_STRING_EVP_PKEY value which was just "PRIVATE
+ KEY" because this clashed with PKCS#8 unencrypted string. Since this
+ value was just used as a "magic string" and not used directly its
+ value doesn't matter.
+ [Steve Henson]
+
+ *) Introduce some semblance of const correctness to BN. Shame C doesn't
+ support mutable.
+ [Ben Laurie]
+
+ *) "linux-sparc64" configuration (ultrapenguin).
+ [Ray Miller <ray.miller at oucs.ox.ac.uk>]
+ "linux-sparc" configuration.
+ [Christian Forster <fo at hawo.stw.uni-erlangen.de>]
+
+ *) config now generates no-xxx options for missing ciphers.
+ [Ulf Möller]
+
+ *) Support the EBCDIC character set (work in progress).
+ File ebcdic.c not yet included because it has a different license.
+ [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>]
+
+ *) Support BS2000/OSD-POSIX.
+ [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>]
+
+ *) Make callbacks for key generation use void * instead of char *.
+ [Ben Laurie]
+
+ *) Make S/MIME samples compile (not yet tested).
+ [Ben Laurie]
+
+ *) Additional typesafe stacks.
+ [Ben Laurie]
+
+ *) New configuration variants "bsdi-elf-gcc" (BSD/OS 4.x).
+ [Bodo Moeller]
+
+
+ Changes between 0.9.3 and 0.9.3a [29 May 1999]
+
+ *) New configuration variant "sco5-gcc".
+
+ *) Updated some demos.
+ [Sean O Riordain, Wade Scholine]
+
+ *) Add missing BIO_free at exit of pkcs12 application.
+ [Wu Zhigang]
+
+ *) Fix memory leak in conf.c.
+ [Steve Henson]
+
+ *) Updates for Win32 to assembler version of MD5.
+ [Steve Henson]
+
+ *) Set #! path to perl in apps/der_chop to where we found it
+ instead of using a fixed path.
+ [Bodo Moeller]
+
+ *) SHA library changes for irix64-mips4-cc.
+ [Andy Polyakov]
+
+ *) Improvements for VMS support.
+ [Richard Levitte]
+
+
+ Changes between 0.9.2b and 0.9.3 [24 May 1999]
+
+ *) Bignum library bug fix. IRIX 6 passes "make test" now!
+ This also avoids the problems with SC4.2 and unpatched SC5.
+ [Andy Polyakov <appro at fy.chalmers.se>]
+
+ *) New functions sk_num, sk_value and sk_set to replace the previous macros.
+ These are required because of the typesafe stack would otherwise break
+ existing code. If old code used a structure member which used to be STACK
+ and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with
+ sk_num or sk_value it would produce an error because the num, data members
+ are not present in STACK_OF. Now it just produces a warning. sk_set
+ replaces the old method of assigning a value to sk_value
+ (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code
+ that does this will no longer work (and should use sk_set instead) but
+ this could be regarded as a "questionable" behaviour anyway.
+ [Steve Henson]
+
+ *) Fix most of the other PKCS#7 bugs. The "experimental" code can now
+ correctly handle encrypted S/MIME data.
+ [Steve Henson]
+
+ *) Change type of various DES function arguments from des_cblock
+ (which means, in function argument declarations, pointer to char)
+ to des_cblock * (meaning pointer to array with 8 char elements),
+ which allows the compiler to do more typechecking; it was like
+ that back in SSLeay, but with lots of ugly casts.
+
+ Introduce new type const_des_cblock.
+ [Bodo Moeller]
+
+ *) Reorganise the PKCS#7 library and get rid of some of the more obvious
+ problems: find RecipientInfo structure that matches recipient certificate
+ and initialise the ASN1 structures properly based on passed cipher.
+ [Steve Henson]
+
+ *) Belatedly make the BN tests actually check the results.
+ [Ben Laurie]
+
+ *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
+ to and from BNs: it was completely broken. New compilation option
+ NEG_PUBKEY_BUG to allow for some broken certificates that encode public
+ key elements as negative integers.
+ [Steve Henson]
+
+ *) Reorganize and speed up MD5.
+ [Andy Polyakov <appro at fy.chalmers.se>]
+
+ *) VMS support.
+ [Richard Levitte <richard at levitte.org>]
+
+ *) New option -out to asn1parse to allow the parsed structure to be
+ output to a file. This is most useful when combined with the -strparse
+ option to examine the output of things like OCTET STRINGS.
+ [Steve Henson]
+
+ *) Make SSL library a little more fool-proof by not requiring any longer
+ that SSL_set_{accept,connect}_state be called before
+ SSL_{accept,connect} may be used (SSL_set_..._state is omitted
+ in many applications because usually everything *appeared* to work as
+ intended anyway -- now it really works as intended).
+ [Bodo Moeller]
+
+ *) Move openssl.cnf out of lib/.
+ [Ulf Möller]
+
+ *) Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall
+ -Wshadow -Wpointer-arith -Wcast-align -Wmissing-prototypes
+ -Wmissing-declarations -Wnested-externs -Winline'' with EGCS 1.1.2+
+ [Ralf S. Engelschall]
+
+ *) Various fixes to the EVP and PKCS#7 code. It may now be able to
+ handle PKCS#7 enveloped data properly.
+ [Sebastian Akerman <sak at parallelconsulting.com>, modified by Steve]
+
+ *) Create a duplicate of the SSL_CTX's CERT in SSL_new instead of
+ copying pointers. The cert_st handling is changed by this in
+ various ways (and thus what used to be known as ctx->default_cert
+ is now called ctx->cert, since we don't resort to s->ctx->[default_]cert
+ any longer when s->cert does not give us what we need).
+ ssl_cert_instantiate becomes obsolete by this change.
+ As soon as we've got the new code right (possibly it already is?),
+ we have solved a couple of bugs of the earlier code where s->cert
+ was used as if it could not have been shared with other SSL structures.
+
+ Note that using the SSL API in certain dirty ways now will result
+ in different behaviour than observed with earlier library versions:
+ Changing settings for an SSL_CTX *ctx after having done s = SSL_new(ctx)
+ does not influence s as it used to.
+
+ In order to clean up things more thoroughly, inside SSL_SESSION
+ we don't use CERT any longer, but a new structure SESS_CERT
+ that holds per-session data (if available); currently, this is
+ the peer's certificate chain and, for clients, the server's certificate
+ and temporary key. CERT holds only those values that can have
+ meaningful defaults in an SSL_CTX.
+ [Bodo Moeller]
+
+ *) New function X509V3_EXT_i2d() to create an X509_EXTENSION structure
+ from the internal representation. Various PKCS#7 fixes: remove some
+ evil casts and set the enc_dig_alg field properly based on the signing
+ key type.
+ [Steve Henson]
+
+ *) Allow PKCS#12 password to be set from the command line or the
+ environment. Let 'ca' get its config file name from the environment
+ variables "OPENSSL_CONF" or "SSLEAY_CONF" (for consistency with 'req'
+ and 'x509').
+ [Steve Henson]
+
+ *) Allow certificate policies extension to use an IA5STRING for the
+ organization field. This is contrary to the PKIX definition but
+ VeriSign uses it and IE5 only recognises this form. Document 'x509'
+ extension option.
+ [Steve Henson]
+
+ *) Add PEDANTIC compiler flag to allow compilation with gcc -pedantic,
+ without disallowing inline assembler and the like for non-pedantic builds.
+ [Ben Laurie]
+
+ *) Support Borland C++ builder.
+ [Janez Jere <jj at void.si>, modified by Ulf Möller]
+
+ *) Support Mingw32.
+ [Ulf Möller]
+
+ *) SHA-1 cleanups and performance enhancements.
+ [Andy Polyakov <appro at fy.chalmers.se>]
+
+ *) Sparc v8plus assembler for the bignum library.
+ [Andy Polyakov <appro at fy.chalmers.se>]
+
+ *) Accept any -xxx and +xxx compiler options in Configure.
+ [Ulf Möller]
+
+ *) Update HPUX configuration.
+ [Anonymous]
+
+ *) Add missing sk_<type>_unshift() function to safestack.h
+ [Ralf S. Engelschall]
+
+ *) New function SSL_CTX_use_certificate_chain_file that sets the
+ "extra_cert"s in addition to the certificate. (This makes sense
+ only for "PEM" format files, as chains as a whole are not
+ DER-encoded.)
+ [Bodo Moeller]
+
+ *) Support verify_depth from the SSL API.
+ x509_vfy.c had what can be considered an off-by-one-error:
+ Its depth (which was not part of the external interface)
+ was actually counting the number of certificates in a chain;
+ now it really counts the depth.
+ [Bodo Moeller]
+
+ *) Bugfix in crypto/x509/x509_cmp.c: The SSLerr macro was used
+ instead of X509err, which often resulted in confusing error
+ messages since the error codes are not globally unique
+ (e.g. an alleged error in ssl3_accept when a certificate
+ didn't match the private key).
+
+ *) New function SSL_CTX_set_session_id_context that allows to set a default
+ value (so that you don't need SSL_set_session_id_context for each
+ connection using the SSL_CTX).
+ [Bodo Moeller]
+
+ *) OAEP decoding bug fix.
+ [Ulf Möller]
+
+ *) Support INSTALL_PREFIX for package builders, as proposed by
+ David Harris.
+ [Bodo Moeller]
+
+ *) New Configure options "threads" and "no-threads". For systems
+ where the proper compiler options are known (currently Solaris
+ and Linux), "threads" is the default.
+ [Bodo Moeller]
+
+ *) New script util/mklink.pl as a faster substitute for util/mklink.sh.
+ [Bodo Moeller]
+
+ *) Install various scripts to $(OPENSSLDIR)/misc, not to
+ $(INSTALLTOP)/bin -- they shouldn't clutter directories
+ such as /usr/local/bin.
+ [Bodo Moeller]
+
+ *) "make linux-shared" to build shared libraries.
+ [Niels Poppe <niels at netbox.org>]
+
+ *) New Configure option no-<cipher> (rsa, idea, rc5, ...).
+ [Ulf Möller]
+
+ *) Add the PKCS#12 API documentation to openssl.txt. Preliminary support for
+ extension adding in x509 utility.
+ [Steve Henson]
+
+ *) Remove NOPROTO sections and error code comments.
+ [Ulf Möller]
+
+ *) Partial rewrite of the DEF file generator to now parse the ANSI
+ prototypes.
+ [Steve Henson]
+
+ *) New Configure options --prefix=DIR and --openssldir=DIR.
+ [Ulf Möller]
+
+ *) Complete rewrite of the error code script(s). It is all now handled
+ by one script at the top level which handles error code gathering,
+ header rewriting and C source file generation. It should be much better
+ than the old method: it now uses a modified version of Ulf's parser to
+ read the ANSI prototypes in all header files (thus the old K&R definitions
+ aren't needed for error creation any more) and do a better job of
+ translating function codes into names. The old 'ASN1 error code imbedded
+ in a comment' is no longer necessary and it doesn't use .err files which
+ have now been deleted. Also the error code call doesn't have to appear all
+ on one line (which resulted in some large lines...).
+ [Steve Henson]
+
+ *) Change #include filenames from <foo.h> to <openssl/foo.h>.
+ [Bodo Moeller]
+
+ *) Change behaviour of ssl2_read when facing length-0 packets: Don't return
+ 0 (which usually indicates a closed connection), but continue reading.
+ [Bodo Moeller]
+
+ *) Fix some race conditions.
+ [Bodo Moeller]
+
+ *) Add support for CRL distribution points extension. Add Certificate
+ Policies and CRL distribution points documentation.
+ [Steve Henson]
+
+ *) Move the autogenerated header file parts to crypto/opensslconf.h.
+ [Ulf Möller]
+
+ *) Fix new 56-bit DES export ciphersuites: they were using 7 bytes instead of
+ 8 of keying material. Merlin has also confirmed interop with this fix
+ between OpenSSL and Baltimore C/SSL 2.0 and J/SSL 2.0.
+ [Merlin Hughes <merlin at baltimore.ie>]
+
+ *) Fix lots of warnings.
+ [Richard Levitte <levitte at stacken.kth.se>]
+
+ *) In add_cert_dir() in crypto/x509/by_dir.c, break out of the loop if
+ the directory spec didn't end with a LIST_SEPARATOR_CHAR.
+ [Richard Levitte <levitte at stacken.kth.se>]
+
+ *) Fix problems with sizeof(long) == 8.
+ [Andy Polyakov <appro at fy.chalmers.se>]
+
+ *) Change functions to ANSI C.
+ [Ulf Möller]
+
+ *) Fix typos in error codes.
+ [Martin Kraemer <Martin.Kraemer at MchP.Siemens.De>, Ulf Möller]
+
+ *) Remove defunct assembler files from Configure.
+ [Ulf Möller]
+
+ *) SPARC v8 assembler BIGNUM implementation.
+ [Andy Polyakov <appro at fy.chalmers.se>]
+
+ *) Support for Certificate Policies extension: both print and set.
+ Various additions to support the r2i method this uses.
+ [Steve Henson]
+
+ *) A lot of constification, and fix a bug in X509_NAME_oneline() that could
+ return a const string when you are expecting an allocated buffer.
+ [Ben Laurie]
+
+ *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE
+ types DirectoryString and DisplayText.
+ [Steve Henson]
+
+ *) Add code to allow r2i extensions to access the configuration database,
+ add an LHASH database driver and add several ctx helper functions.
+ [Steve Henson]
+
+ *) Fix an evil bug in bn_expand2() which caused various BN functions to
+ fail when they extended the size of a BIGNUM.
+ [Steve Henson]
+
+ *) Various utility functions to handle SXNet extension. Modify mkdef.pl to
+ support typesafe stack.
+ [Steve Henson]
+
+ *) Fix typo in SSL_[gs]et_options().
+ [Nils Frostberg <nils at medcom.se>]
+
+ *) Delete various functions and files that belonged to the (now obsolete)
+ old X509V3 handling code.
+ [Steve Henson]
+
+ *) New Configure option "rsaref".
+ [Ulf Möller]
+
+ *) Don't auto-generate pem.h.
+ [Bodo Moeller]
+
+ *) Introduce type-safe ASN.1 SETs.
+ [Ben Laurie]
+
+ *) Convert various additional casted stacks to type-safe STACK_OF() variants.
+ [Ben Laurie, Ralf S. Engelschall, Steve Henson]
+
+ *) Introduce type-safe STACKs. This will almost certainly break lots of code
+ that links with OpenSSL (well at least cause lots of warnings), but fear
+ not: the conversion is trivial, and it eliminates loads of evil casts. A
+ few STACKed things have been converted already. Feel free to convert more.
+ In the fullness of time, I'll do away with the STACK type altogether.
+ [Ben Laurie]
+
+ *) Add `openssl ca -revoke <certfile>' facility which revokes a certificate
+ specified in <certfile> by updating the entry in the index.txt file.
+ This way one no longer has to edit the index.txt file manually for
+ revoking a certificate. The -revoke option does the gory details now.
+ [Massimiliano Pala <madwolf at openca.org>, Ralf S. Engelschall]
+
+ *) Fix `openssl crl -noout -text' combination where `-noout' killed the
+ `-text' option at all and this way the `-noout -text' combination was
+ inconsistent in `openssl crl' with the friends in `openssl x509|rsa|dsa'.
+ [Ralf S. Engelschall]
+
+ *) Make sure a corresponding plain text error message exists for the
+ X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
+ verify callback function determined that a certificate was revoked.
+ [Ralf S. Engelschall]
+
+ *) Bugfix: In test/testenc, don't test "openssl <cipher>" for
+ ciphers that were excluded, e.g. by -DNO_IDEA. Also, test
+ all available cipers including rc5, which was forgotten until now.
+ In order to let the testing shell script know which algorithms
+ are available, a new (up to now undocumented) command
+ "openssl list-cipher-commands" is used.
+ [Bodo Moeller]
+
+ *) Bugfix: s_client occasionally would sleep in select() when
+ it should have checked SSL_pending() first.
+ [Bodo Moeller]
+
+ *) New functions DSA_do_sign and DSA_do_verify to provide access to
+ the raw DSA values prior to ASN.1 encoding.
+ [Ulf Möller]
+
+ *) Tweaks to Configure
+ [Niels Poppe <niels at netbox.org>]
+
+ *) Add support for PKCS#5 v2.0 ASN1 PBES2 structures. No other support,
+ yet...
+ [Steve Henson]
+
+ *) New variables $(RANLIB) and $(PERL) in the Makefiles.
+ [Ulf Möller]
+
+ *) New config option to avoid instructions that are illegal on the 80386.
+ The default code is faster, but requires at least a 486.
+ [Ulf Möller]
+
+ *) Got rid of old SSL2_CLIENT_VERSION (inconsistently used) and
+ SSL2_SERVER_VERSION (not used at all) macros, which are now the
+ same as SSL2_VERSION anyway.
+ [Bodo Moeller]
+
+ *) New "-showcerts" option for s_client.
+ [Bodo Moeller]
+
+ *) Still more PKCS#12 integration. Add pkcs12 application to openssl
+ application. Various cleanups and fixes.
+ [Steve Henson]
+
+ *) More PKCS#12 integration. Add new pkcs12 directory with Makefile.ssl and
+ modify error routines to work internally. Add error codes and PBE init
+ to library startup routines.
+ [Steve Henson]
+
+ *) Further PKCS#12 integration. Added password based encryption, PKCS#8 and
+ packing functions to asn1 and evp. Changed function names and error
+ codes along the way.
+ [Steve Henson]
+
+ *) PKCS12 integration: and so it begins... First of several patches to
+ slowly integrate PKCS#12 functionality into OpenSSL. Add PKCS#12
+ objects to objects.h
+ [Steve Henson]
+
+ *) Add a new 'indent' option to some X509V3 extension code. Initial ASN1
+ and display support for Thawte strong extranet extension.
+ [Steve Henson]
+
+ *) Add LinuxPPC support.
+ [Jeff Dubrule <igor at pobox.org>]
+
+ *) Get rid of redundant BN file bn_mulw.c, and rename bn_div64 to
+ bn_div_words in alpha.s.
+ [Hannes Reinecke <H.Reinecke at hw.ac.uk> and Ben Laurie]
+
+ *) Make sure the RSA OAEP test is skipped under -DRSAref because
+ OAEP isn't supported when OpenSSL is built with RSAref.
+ [Ulf Moeller <ulf at fitug.de>]
+
+ *) Move definitions of IS_SET/IS_SEQUENCE inside crypto/asn1/asn1.h
+ so they no longer are missing under -DNOPROTO.
+ [Soren S. Jorvang <soren at t.dk>]
+
+
+ Changes between 0.9.1c and 0.9.2b [22 Mar 1999]
+
+ *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still
+ doesn't work when the session is reused. Coming soon!
+ [Ben Laurie]
+
+ *) Fix a security hole, that allows sessions to be reused in the wrong
+ context thus bypassing client cert protection! All software that uses
+ client certs and session caches in multiple contexts NEEDS PATCHING to
+ allow session reuse! A fuller solution is in the works.
+ [Ben Laurie, problem pointed out by Holger Reif, Bodo Moeller (and ???)]
+
+ *) Some more source tree cleanups (removed obsolete files
+ crypto/bf/asm/bf586.pl, test/test.txt and crypto/sha/asm/f.s; changed
+ permission on "config" script to be executable) and a fix for the INSTALL
+ document.
+ [Ulf Moeller <ulf at fitug.de>]
+
+ *) Remove some legacy and erroneous uses of malloc, free instead of
+ Malloc, Free.
+ [Lennart Bang <lob at netstream.se>, with minor changes by Steve]
+
+ *) Make rsa_oaep_test return non-zero on error.
+ [Ulf Moeller <ulf at fitug.de>]
+
+ *) Add support for native Solaris shared libraries. Configure
+ solaris-sparc-sc4-pic, make, then run shlib/solaris-sc4.sh. It'd be nice
+ if someone would make that last step automatic.
+ [Matthias Loepfe <Matthias.Loepfe at AdNovum.CH>]
+
+ *) ctx_size was not built with the right compiler during "make links". Fixed.
+ [Ben Laurie]
+
+ *) Change the meaning of 'ALL' in the cipher list. It now means "everything
+ except NULL ciphers". This means the default cipher list will no longer
+ enable NULL ciphers. They need to be specifically enabled e.g. with
+ the string "DEFAULT:eNULL".
+ [Steve Henson]
+
+ *) Fix to RSA private encryption routines: if p < q then it would
+ occasionally produce an invalid result. This will only happen with
+ externally generated keys because OpenSSL (and SSLeay) ensure p > q.
+ [Steve Henson]
+
+ *) Be less restrictive and allow also `perl util/perlpath.pl
+ /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin',
+ because this way one can also use an interpreter named `perl5' (which is
+ usually the name of Perl 5.xxx on platforms where an Perl 4.x is still
+ installed as `perl').
+ [Matthias Loepfe <Matthias.Loepfe at adnovum.ch>]
+
+ *) Let util/clean-depend.pl work also with older Perl 5.00x versions.
+ [Matthias Loepfe <Matthias.Loepfe at adnovum.ch>]
+
+ *) Fix Makefile.org so CC,CFLAG etc are passed to 'make links' add
+ advapi32.lib to Win32 build and change the pem test comparision
+ to fc.exe (thanks to Ulrich Kroener <kroneru at yahoo.com> for the
+ suggestion). Fix misplaced ASNI prototypes and declarations in evp.h
+ and crypto/des/ede_cbcm_enc.c.
+ [Steve Henson]
+
+ *) DES quad checksum was broken on big-endian architectures. Fixed.
+ [Ben Laurie]
+
+ *) Comment out two functions in bio.h that aren't implemented. Fix up the
+ Win32 test batch file so it (might) work again. The Win32 test batch file
+ is horrible: I feel ill....
+ [Steve Henson]
+
+ *) Move various #ifdefs around so NO_SYSLOG, NO_DIRENT etc are now selected
+ in e_os.h. Audit of header files to check ANSI and non ANSI
+ sections: 10 functions were absent from non ANSI section and not exported
+ from Windows DLLs. Fixed up libeay.num for new functions.
+ [Steve Henson]
+
+ *) Make `openssl version' output lines consistent.
+ [Ralf S. Engelschall]
+
+ *) Fix Win32 symbol export lists for BIO functions: Added
+ BIO_get_ex_new_index, BIO_get_ex_num, BIO_get_ex_data and BIO_set_ex_data
+ to ms/libeay{16,32}.def.
+ [Ralf S. Engelschall]
+
+ *) Second round of fixing the OpenSSL perl/ stuff. It now at least compiled
+ fine under Unix and passes some trivial tests I've now added. But the
+ whole stuff is horribly incomplete, so a README.1ST with a disclaimer was
+ added to make sure no one expects that this stuff really works in the
+ OpenSSL 0.9.2 release. Additionally I've started to clean the XS sources
+ up and fixed a few little bugs and inconsistencies in OpenSSL.{pm,xs} and
+ openssl_bio.xs.
+ [Ralf S. Engelschall]
+
+ *) Fix the generation of two part addresses in perl.
+ [Kenji Miyake <kenji at miyake.org>, integrated by Ben Laurie]
+
+ *) Add config entry for Linux on MIPS.
+ [John Tobey <jtobey at channel1.com>]
+
+ *) Make links whenever Configure is run, unless we are on Windoze.
+ [Ben Laurie]
+
+ *) Permit extensions to be added to CRLs using crl_section in openssl.cnf.
+ Currently only issuerAltName and AuthorityKeyIdentifier make any sense
+ in CRLs.
+ [Steve Henson]
+
+ *) Add a useful kludge to allow package maintainers to specify compiler and
+ other platforms details on the command line without having to patch the
+ Configure script everytime: One now can use ``perl Configure
+ <id>:<details>'', i.e. platform ids are allowed to have details appended
+ to them (seperated by colons). This is treated as there would be a static
+ pre-configured entry in Configure's %table under key <id> with value
+ <details> and ``perl Configure <id>'' is called. So, when you want to
+ perform a quick test-compile under FreeBSD 3.1 with pgcc and without
+ assembler stuff you can use ``perl Configure "FreeBSD-elf:pgcc:-O6:::"''
+ now, which overrides the FreeBSD-elf entry on-the-fly.
+ [Ralf S. Engelschall]
+
+ *) Disable new TLS1 ciphersuites by default: they aren't official yet.
+ [Ben Laurie]
+
+ *) Allow DSO flags like -fpic, -fPIC, -KPIC etc. to be specified
+ on the `perl Configure ...' command line. This way one can compile
+ OpenSSL libraries with Position Independent Code (PIC) which is needed
+ for linking it into DSOs.
+ [Ralf S. Engelschall]
+
+ *) Remarkably, export ciphers were totally broken and no-one had noticed!
+ Fixed.
+ [Ben Laurie]
+
+ *) Cleaned up the LICENSE document: The official contact for any license
+ questions now is the OpenSSL core team under openssl-core at openssl.org.
+ And add a paragraph about the dual-license situation to make sure people
+ recognize that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply
+ to the OpenSSL toolkit.
+ [Ralf S. Engelschall]
+
+ *) General source tree makefile cleanups: Made `making xxx in yyy...'
+ display consistent in the source tree and replaced `/bin/rm' by `rm'.
+ Additonally cleaned up the `make links' target: Remove unnecessary
+ semicolons, subsequent redundant removes, inline point.sh into mklink.sh
+ to speed processing and no longer clutter the display with confusing
+ stuff. Instead only the actually done links are displayed.
+ [Ralf S. Engelschall]
+
+ *) Permit null encryption ciphersuites, used for authentication only. It used
+ to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
+ It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
+ encryption.
+ [Ben Laurie]
+
+ *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
+ signed attributes when verifying signatures (this would break them),
+ the detached data encoding was wrong and public keys obtained using
+ X509_get_pubkey() weren't freed.
+ [Steve Henson]
+
+ *) Add text documentation for the BUFFER functions. Also added a work around
+ to a Win95 console bug. This was triggered by the password read stuff: the
+ last character typed gets carried over to the next fread(). If you were
+ generating a new cert request using 'req' for example then the last
+ character of the passphrase would be CR which would then enter the first
+ field as blank.
+ [Steve Henson]
+
+ *) Added the new `Includes OpenSSL Cryptography Software' button as
+ doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
+ button and can be used by applications based on OpenSSL to show the
+ relationship to the OpenSSL project.
+ [Ralf S. Engelschall]
+
+ *) Remove confusing variables in function signatures in files
+ ssl/ssl_lib.c and ssl/ssl.h.
+ [Lennart Bong <lob at kulthea.stacken.kth.se>]
+
+ *) Don't install bss_file.c under PREFIX/include/
+ [Lennart Bong <lob at kulthea.stacken.kth.se>]
+
+ *) Get the Win32 compile working again. Modify mkdef.pl so it can handle
+ functions that return function pointers and has support for NT specific
+ stuff. Fix mk1mf.pl and VC-32.pl to support NT differences also. Various
+ #ifdef WIN32 and WINNTs sprinkled about the place and some changes from
+ unsigned to signed types: this was killing the Win32 compile.
+ [Steve Henson]
+
+ *) Add new certificate file to stack functions,
+ SSL_add_dir_cert_subjects_to_stack() and
+ SSL_add_file_cert_subjects_to_stack(). These largely supplant
+ SSL_load_client_CA_file(), and can be used to add multiple certs easily
+ to a stack (usually this is then handed to SSL_CTX_set_client_CA_list()).
+ This means that Apache-SSL and similar packages don't have to mess around
+ to add as many CAs as they want to the preferred list.
+ [Ben Laurie]
+
+ *) Experiment with doxygen documentation. Currently only partially applied to
+ ssl/ssl_lib.c.
+ See http://www.stack.nl/~dimitri/doxygen/index.html, and run doxygen with
+ openssl.doxy as the configuration file.
+ [Ben Laurie]
+
+ *) Get rid of remaining C++-style comments which strict C compilers hate.
+ [Ralf S. Engelschall, pointed out by Carlos Amengual]
+
+ *) Changed BN_RECURSION in bn_mont.c to BN_RECURSION_MONT so it is not
+ compiled in by default: it has problems with large keys.
+ [Steve Henson]
+
+ *) Add a bunch of SSL_xxx() functions for configuring the temporary RSA and
+ DH private keys and/or callback functions which directly correspond to
+ their SSL_CTX_xxx() counterparts but work on a per-connection basis. This
+ is needed for applications which have to configure certificates on a
+ per-connection basis (e.g. Apache+mod_ssl) instead of a per-context basis
+ (e.g. s_server).
+ For the RSA certificate situation is makes no difference, but
+ for the DSA certificate situation this fixes the "no shared cipher"
+ problem where the OpenSSL cipher selection procedure failed because the
+ temporary keys were not overtaken from the context and the API provided
+ no way to reconfigure them.
+ The new functions now let applications reconfigure the stuff and they
+ are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
+ SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback. Additionally a new
+ non-public-API function ssl_cert_instantiate() is used as a helper
+ function and also to reduce code redundancy inside ssl_rsa.c.
+ [Ralf S. Engelschall]
+
+ *) Move s_server -dcert and -dkey options out of the undocumented feature
+ area because they are useful for the DSA situation and should be
+ recognized by the users.
+ [Ralf S. Engelschall]
+
+ *) Fix the cipher decision scheme for export ciphers: the export bits are
+ *not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
+ SSL_EXP_MASK. So, the original variable has to be used instead of the
+ already masked variable.
+ [Richard Levitte <levitte at stacken.kth.se>]
+
+ *) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
+ [Richard Levitte <levitte at stacken.kth.se>]
+
+ *) Change type of another md_len variable in pk7_doit.c:PKCS7_dataFinal()
+ from `int' to `unsigned int' because it's a length and initialized by
+ EVP_DigestFinal() which expects an `unsigned int *'.
+ [Richard Levitte <levitte at stacken.kth.se>]
+
+ *) Don't hard-code path to Perl interpreter on shebang line of Configure
+ script. Instead use the usual Shell->Perl transition trick.
+ [Ralf S. Engelschall]
+
+ *) Make `openssl x509 -noout -modulus' functional also for DSA certificates
+ (in addition to RSA certificates) to match the behaviour of `openssl dsa
+ -noout -modulus' as it's already the case for `openssl rsa -noout
+ -modulus'. For RSA the -modulus is the real "modulus" while for DSA
+ currently the public key is printed (a decision which was already done by
+ `openssl dsa -modulus' in the past) which serves a similar purpose.
+ Additionally the NO_RSA no longer completely removes the whole -modulus
+ option; it now only avoids using the RSA stuff. Same applies to NO_DSA
+ now, too.
+ [Ralf S. Engelschall]
+
+ *) Add Arne Ansper's reliable BIO - this is an encrypted, block-digested
+ BIO. See the source (crypto/evp/bio_ok.c) for more info.
+ [Arne Ansper <arne at ats.cyber.ee>]
+
+ *) Dump the old yucky req code that tried (and failed) to allow raw OIDs
+ to be added. Now both 'req' and 'ca' can use new objects defined in the
+ config file.
+ [Steve Henson]
+
+ *) Add cool BIO that does syslog (or event log on NT).
+ [Arne Ansper <arne at ats.cyber.ee>, integrated by Ben Laurie]
+
+ *) Add support for new TLS ciphersuites, TLS_RSA_EXPORT56_WITH_RC4_56_MD5,
+ TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 and
+ TLS_RSA_EXPORT56_WITH_DES_CBC_SHA, as specified in "56-bit Export Cipher
+ Suites For TLS", draft-ietf-tls-56-bit-ciphersuites-00.txt.
+ [Ben Laurie]
+
+ *) Add preliminary config info for new extension code.
+ [Steve Henson]
+
+ *) Make RSA_NO_PADDING really use no padding.
+ [Ulf Moeller <ulf at fitug.de>]
+
+ *) Generate errors when private/public key check is done.
+ [Ben Laurie]
+
+ *) Overhaul for 'crl' utility. New function X509_CRL_print. Partial support
+ for some CRL extensions and new objects added.
+ [Steve Henson]
+
+ *) Really fix the ASN1 IMPLICIT bug this time... Partial support for private
+ key usage extension and fuller support for authority key id.
+ [Steve Henson]
+
+ *) Add OAEP encryption for the OpenSSL crypto library. OAEP is the improved
+ padding method for RSA, which is recommended for new applications in PKCS
+ #1 v2.0 (RFC 2437, October 1998).
+ OAEP (Optimal Asymmetric Encryption Padding) has better theoretical
+ foundations than the ad-hoc padding used in PKCS #1 v1.5. It is secure
+ against Bleichbacher's attack on RSA.
+ [Ulf Moeller <ulf at fitug.de>, reformatted, corrected and integrated by
+ Ben Laurie]
+
+ *) Updates to the new SSL compression code
+ [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+ *) Fix so that the version number in the master secret, when passed
+ via RSA, checks that if TLS was proposed, but we roll back to SSLv3
+ (because the server will not accept higher), that the version number
+ is 0x03,0x01, not 0x03,0x00
+ [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+ *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
+ leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
+ in apps/ and an unrelated leak in crypto/dsa/dsa_vrf.c
+ [Steve Henson]
+
+ *) Support for RAW extensions where an arbitrary extension can be
+ created by including its DER encoding. See apps/openssl.cnf for
+ an example.
+ [Steve Henson]
+
+ *) Make sure latest Perl versions don't interpret some generated C array
+ code as Perl array code in the crypto/err/err_genc.pl script.
+ [Lars Weber <3weber at informatik.uni-hamburg.de>]
+
+ *) Modify ms/do_ms.bat to not generate assembly language makefiles since
+ not many people have the assembler. Various Win32 compilation fixes and
+ update to the INSTALL.W32 file with (hopefully) more accurate Win32
+ build instructions.
+ [Steve Henson]
+
+ *) Modify configure script 'Configure' to automatically create crypto/date.h
+ file under Win32 and also build pem.h from pem.org. New script
+ util/mkfiles.pl to create the MINFO file on environments that can't do a
+ 'make files': perl util/mkfiles.pl >MINFO should work.
+ [Steve Henson]
+
+ *) Major rework of DES function declarations, in the pursuit of correctness
+ and purity. As a result, many evil casts evaporated, and some weirdness,
+ too. You may find this causes warnings in your code. Zapping your evil
+ casts will probably fix them. Mostly.
+ [Ben Laurie]
+
+ *) Fix for a typo in asn1.h. Bug fix to object creation script
+ obj_dat.pl. It considered a zero in an object definition to mean
+ "end of object": none of the objects in objects.h have any zeros
+ so it wasn't spotted.
+ [Steve Henson, reported by Erwann ABALEA <eabalea at certplus.com>]
+
+ *) Add support for Triple DES Cipher Block Chaining with Output Feedback
+ Masking (CBCM). In the absence of test vectors, the best I have been able
+ to do is check that the decrypt undoes the encrypt, so far. Send me test
+ vectors if you have them.
+ [Ben Laurie]
+
+ *) Correct calculation of key length for export ciphers (too much space was
+ allocated for null ciphers). This has not been tested!
+ [Ben Laurie]
+
+ *) Modifications to the mkdef.pl for Win32 DEF file creation. The usage
+ message is now correct (it understands "crypto" and "ssl" on its
+ command line). There is also now an "update" option. This will update
+ the util/ssleay.num and util/libeay.num files with any new functions.
+ If you do a:
+ perl util/mkdef.pl crypto ssl update
+ it will update them.
+ [Steve Henson]
+
+ *) Overhauled the Perl interface (perl/*):
+ - ported BN stuff to OpenSSL's different BN library
+ - made the perl/ source tree CVS-aware
+ - renamed the package from SSLeay to OpenSSL (the files still contain
+ their history because I've copied them in the repository)
+ - removed obsolete files (the test scripts will be replaced
+ by better Test::Harness variants in the future)
+ [Ralf S. Engelschall]
+
+ *) First cut for a very conservative source tree cleanup:
+ 1. merge various obsolete readme texts into doc/ssleay.txt
+ where we collect the old documents and readme texts.
+ 2. remove the first part of files where I'm already sure that we no
+ longer need them because of three reasons: either they are just temporary
+ files which were left by Eric or they are preserved original files where
+ I've verified that the diff is also available in the CVS via "cvs diff
+ -rSSLeay_0_8_1b" or they were renamed (as it was definitely the case for
+ the crypto/md/ stuff).
+ [Ralf S. Engelschall]
+
+ *) More extension code. Incomplete support for subject and issuer alt
+ name, issuer and authority key id. Change the i2v function parameters
+ and add an extra 'crl' parameter in the X509V3_CTX structure: guess
+ what that's for :-) Fix to ASN1 macro which messed up
+ IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
+ [Steve Henson]
+
+ *) Preliminary support for ENUMERATED type. This is largely copied from the
+ INTEGER code.
+ [Steve Henson]
+
+ *) Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
+ [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+ *) Make sure `make rehash' target really finds the `openssl' program.
+ [Ralf S. Engelschall, Matthias Loepfe <Matthias.Loepfe at adnovum.ch>]
+
+ *) Squeeze another 7% of speed out of MD5 assembler, at least on a P2. I'd
+ like to hear about it if this slows down other processors.
+ [Ben Laurie]
+
+ *) Add CygWin32 platform information to Configure script.
+ [Alan Batie <batie at aahz.jf.intel.com>]
+
+ *) Fixed ms/32all.bat script: `no_asm' -> `no-asm'
+ [Rainer W. Gerling <gerling at mpg-gv.mpg.de>]
+
+ *) New program nseq to manipulate netscape certificate sequences
+ [Steve Henson]
+
+ *) Modify crl2pkcs7 so it supports multiple -certfile arguments. Fix a
+ few typos.
+ [Steve Henson]
+
+ *) Fixes to BN code. Previously the default was to define BN_RECURSION
+ but the BN code had some problems that would cause failures when
+ doing certificate verification and some other functions.
+ [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+ *) Add ASN1 and PEM code to support netscape certificate sequences.
+ [Steve Henson]
+
+ *) Add ASN1 and PEM code to support netscape certificate sequences.
+ [Steve Henson]
+
+ *) Add several PKIX and private extended key usage OIDs.
+ [Steve Henson]
+
+ *) Modify the 'ca' program to handle the new extension code. Modify
+ openssl.cnf for new extension format, add comments.
+ [Steve Henson]
+
+ *) More X509 V3 changes. Fix typo in v3_bitstr.c. Add support to 'req'
+ and add a sample to openssl.cnf so req -x509 now adds appropriate
+ CA extensions.
+ [Steve Henson]
+
+ *) Continued X509 V3 changes. Add to other makefiles, integrate with the
+ error code, add initial support to X509_print() and x509 application.
+ [Steve Henson]
+
+ *) Takes a deep breath and start addding X509 V3 extension support code. Add
+ files in crypto/x509v3. Move original stuff to crypto/x509v3/old. All this
+ stuff is currently isolated and isn't even compiled yet.
+ [Steve Henson]
+
+ *) Continuing patches for GeneralizedTime. Fix up certificate and CRL
+ ASN1 to use ASN1_TIME and modify print routines to use ASN1_TIME_print.
+ Removed the versions check from X509 routines when loading extensions:
+ this allows certain broken certificates that don't set the version
+ properly to be processed.
+ [Steve Henson]
+
+ *) Deal with irritating shit to do with dependencies, in YAAHW (Yet Another
+ Ad Hoc Way) - Makefile.ssls now all contain local dependencies, which
+ can still be regenerated with "make depend".
+ [Ben Laurie]
+
+ *) Spelling mistake in C version of CAST-128.
+ [Ben Laurie, reported by Jeremy Hylton <jeremy at cnri.reston.va.us>]
+
+ *) Changes to the error generation code. The perl script err-code.pl
+ now reads in the old error codes and retains the old numbers, only
+ adding new ones if necessary. It also only changes the .err files if new
+ codes are added. The makefiles have been modified to only insert errors
+ when needed (to avoid needlessly modifying header files). This is done
+ by only inserting errors if the .err file is newer than the auto generated
+ C file. To rebuild all the error codes from scratch (the old behaviour)
+ either modify crypto/Makefile.ssl to pass the -regen flag to err_code.pl
+ or delete all the .err files.
+ [Steve Henson]
+
+ *) CAST-128 was incorrectly implemented for short keys. The C version has
+ been fixed, but is untested. The assembler versions are also fixed, but
+ new assembler HAS NOT BEEN GENERATED FOR WIN32 - the Makefile needs fixing
+ to regenerate it if needed.
+ [Ben Laurie, reported (with fix for C version) by Jun-ichiro itojun
+ Hagino <itojun at kame.net>]
+
+ *) File was opened incorrectly in randfile.c.
+ [Ulf Möller <ulf at fitug.de>]
+
+ *) Beginning of support for GeneralizedTime. d2i, i2d, check and print
+ functions. Also ASN1_TIME suite which is a CHOICE of UTCTime or
+ GeneralizedTime. ASN1_TIME is the proper type used in certificates et
+ al: it's just almost always a UTCTime. Note this patch adds new error
+ codes so do a "make errors" if there are problems.
+ [Steve Henson]
+
+ *) Correct Linux 1 recognition in config.
+ [Ulf Möller <ulf at fitug.de>]
+
+ *) Remove pointless MD5 hash when using DSA keys in ca.
+ [Anonymous <nobody at replay.com>]
+
+ *) Generate an error if given an empty string as a cert directory. Also
+ generate an error if handed NULL (previously returned 0 to indicate an
+ error, but didn't set one).
+ [Ben Laurie, reported by Anonymous <nobody at replay.com>]
+
+ *) Add prototypes to SSL methods. Make SSL_write's buffer const, at last.
+ [Ben Laurie]
+
+ *) Fix the dummy function BN_ref_mod_exp() in rsaref.c to have the correct
+ parameters. This was causing a warning which killed off the Win32 compile.
+ [Steve Henson]
+
+ *) Remove C++ style comments from crypto/bn/bn_local.h.
+ [Neil Costigan <neil.costigan at celocom.com>]
+
+ *) The function OBJ_txt2nid was broken. It was supposed to return a nid
+ based on a text string, looking up short and long names and finally
+ "dot" format. The "dot" format stuff didn't work. Added new function
+ OBJ_txt2obj to do the same but return an ASN1_OBJECT and rewrote
+ OBJ_txt2nid to use it. OBJ_txt2obj can also return objects even if the
+ OID is not part of the table.
+ [Steve Henson]
+
+ *) Add prototypes to X509 lookup/verify methods, fixing a bug in
+ X509_LOOKUP_by_alias().
+ [Ben Laurie]
+
+ *) Sort openssl functions by name.
+ [Ben Laurie]
+
+ *) Get the gendsa program working (hopefully) and add it to app list. Remove
+ encryption from sample DSA keys (in case anyone is interested the password
+ was "1234").
+ [Steve Henson]
+
+ *) Make _all_ *_free functions accept a NULL pointer.
+ [Frans Heymans <fheymans at isaserver.be>]
+
+ *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
+ NULL pointers.
+ [Anonymous <nobody at replay.com>]
+
+ *) s_server should send the CAfile as acceptable CAs, not its own cert.
+ [Bodo Moeller <3moeller at informatik.uni-hamburg.de>]
+
+ *) Don't blow it for numeric -newkey arguments to apps/req.
+ [Bodo Moeller <3moeller at informatik.uni-hamburg.de>]
+
+ *) Temp key "for export" tests were wrong in s3_srvr.c.
+ [Anonymous <nobody at replay.com>]
+
+ *) Add prototype for temp key callback functions
+ SSL_CTX_set_tmp_{rsa,dh}_callback().
+ [Ben Laurie]
+
+ *) Make DH_free() tolerate being passed a NULL pointer (like RSA_free() and
+ DSA_free()). Make X509_PUBKEY_set() check for errors in d2i_PublicKey().
+ [Steve Henson]
+
+ *) X509_name_add_entry() freed the wrong thing after an error.
+ [Arne Ansper <arne at ats.cyber.ee>]
+
+ *) rsa_eay.c would attempt to free a NULL context.
+ [Arne Ansper <arne at ats.cyber.ee>]
+
+ *) BIO_s_socket() had a broken should_retry() on Windoze.
+ [Arne Ansper <arne at ats.cyber.ee>]
+
+ *) BIO_f_buffer() didn't pass on BIO_CTRL_FLUSH.
+ [Arne Ansper <arne at ats.cyber.ee>]
+
+ *) Make sure the already existing X509_STORE->depth variable is initialized
+ in X509_STORE_new(), but document the fact that this variable is still
+ unused in the certificate verification process.
+ [Ralf S. Engelschall]
+
+ *) Fix the various library and apps files to free up pkeys obtained from
+ X509_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
+ [Steve Henson]
+
+ *) Fix reference counting in X509_PUBKEY_get(). This makes
+ demos/maurice/example2.c work, amongst others, probably.
+ [Steve Henson and Ben Laurie]
+
+ *) First cut of a cleanup for apps/. First the `ssleay' program is now named
+ `openssl' and second, the shortcut symlinks for the `openssl <command>'
+ are no longer created. This way we have a single and consistent command
+ line interface `openssl <command>', similar to `cvs <command>'.
+ [Ralf S. Engelschall, Paul Sutton and Ben Laurie]
+
+ *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
+ BIT STRING wrapper always have zero unused bits.
+ [Steve Henson]
+
+ *) Add CA.pl, perl version of CA.sh, add extended key usage OID.
+ [Steve Henson]
+
+ *) Make the top-level INSTALL documentation easier to understand.
+ [Paul Sutton]
+
+ *) Makefiles updated to exit if an error occurs in a sub-directory
+ make (including if user presses ^C) [Paul Sutton]
+
+ *) Make Montgomery context stuff explicit in RSA data structure.
+ [Ben Laurie]
+
+ *) Fix build order of pem and err to allow for generated pem.h.
+ [Ben Laurie]
+
+ *) Fix renumbering bug in X509_NAME_delete_entry().
+ [Ben Laurie]
+
+ *) Enhanced the err-ins.pl script so it makes the error library number
+ global and can add a library name. This is needed for external ASN1 and
+ other error libraries.
+ [Steve Henson]
+
+ *) Fixed sk_insert which never worked properly.
+ [Steve Henson]
+
+ *) Fix ASN1 macros so they can handle indefinite length construted
+ EXPLICIT tags. Some non standard certificates use these: they can now
+ be read in.
+ [Steve Henson]
+
+ *) Merged the various old/obsolete SSLeay documentation files (doc/xxx.doc)
+ into a single doc/ssleay.txt bundle. This way the information is still
+ preserved but no longer messes up this directory. Now it's new room for
+ the new set of documenation files.
+ [Ralf S. Engelschall]
+
+ *) SETs were incorrectly DER encoded. This was a major pain, because they
+ shared code with SEQUENCEs, which aren't coded the same. This means that
+ almost everything to do with SETs or SEQUENCEs has either changed name or
+ number of arguments.
+ [Ben Laurie, based on a partial fix by GP Jayan <gp at nsj.co.jp>]
+
+ *) Fix test data to work with the above.
+ [Ben Laurie]
+
+ *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
+ was already fixed by Eric for 0.9.1 it seems.
+ [Ben Laurie - pointed out by Ulf Möller <ulf at fitug.de>]
+
+ *) Autodetect FreeBSD3.
+ [Ben Laurie]
+
+ *) Fix various bugs in Configure. This affects the following platforms:
+ nextstep
+ ncr-scde
+ unixware-2.0
+ unixware-2.0-pentium
+ sco5-cc.
+ [Ben Laurie]
+
+ *) Eliminate generated files from CVS. Reorder tests to regenerate files
+ before they are needed.
+ [Ben Laurie]
+
+ *) Generate Makefile.ssl from Makefile.org (to keep CVS happy).
+ [Ben Laurie]
+
+
+ Changes between 0.9.1b and 0.9.1c [23-Dec-1998]
+
+ *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and
+ changed SSLeay to OpenSSL in version strings.
+ [Ralf S. Engelschall]
+
+ *) Some fixups to the top-level documents.
+ [Paul Sutton]
+
+ *) Fixed the nasty bug where rsaref.h was not found under compile-time
+ because the symlink to include/ was missing.
+ [Ralf S. Engelschall]
+
+ *) Incorporated the popular no-RSA/DSA-only patches
+ which allow to compile a RSA-free SSLeay.
+ [Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]
+
+ *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
+ when "ssleay" is still not found.
+ [Ralf S. Engelschall]
+
+ *) Added more platforms to Configure: Cray T3E, HPUX 11,
+ [Ralf S. Engelschall, Beckmann <beckman at acl.lanl.gov>]
+
+ *) Updated the README file.
+ [Ralf S. Engelschall]
+
+ *) Added various .cvsignore files in the CVS repository subdirs
+ to make a "cvs update" really silent.
+ [Ralf S. Engelschall]
+
+ *) Recompiled the error-definition header files and added
+ missing symbols to the Win32 linker tables.
+ [Ralf S. Engelschall]
+
+ *) Cleaned up the top-level documents;
+ o new files: CHANGES and LICENSE
+ o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay
+ o merged COPYRIGHT into LICENSE
+ o removed obsolete TODO file
+ o renamed MICROSOFT to INSTALL.W32
+ [Ralf S. Engelschall]
+
+ *) Removed dummy files from the 0.9.1b source tree:
+ crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
+ crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
+ crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
+ crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
+ util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
+ [Ralf S. Engelschall]
+
+ *) Added various platform portability fixes.
+ [Mark J. Cox]
+
+ *) The Genesis of the OpenSSL rpject:
+ We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
+ Young and Tim J. Hudson created while they were working for C2Net until
+ summer 1998.
+ [The OpenSSL Project]
+
+
+ Changes between 0.9.0b and 0.9.1b [not released]
+
+ *) Updated a few CA certificates under certs/
+ [Eric A. Young]
+
+ *) Changed some BIGNUM api stuff.
+ [Eric A. Young]
+
+ *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD,
+ DGUX x86, Linux Alpha, etc.
+ [Eric A. Young]
+
+ *) New COMP library [crypto/comp/] for SSL Record Layer Compression:
+ RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
+ available).
+ [Eric A. Young]
+
+ *) Add -strparse option to asn1pars program which parses nested
+ binary structures
+ [Dr Stephen Henson <shenson at bigfoot.com>]
+
+ *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
+ [Eric A. Young]
+
+ *) DSA fix for "ca" program.
+ [Eric A. Young]
+
+ *) Added "-genkey" option to "dsaparam" program.
+ [Eric A. Young]
+
+ *) Added RIPE MD160 (rmd160) message digest.
+ [Eric A. Young]
+
+ *) Added -a (all) option to "ssleay version" command.
+ [Eric A. Young]
+
+ *) Added PLATFORM define which is the id given to Configure.
+ [Eric A. Young]
+
+ *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
+ [Eric A. Young]
+
+ *) Extended the ASN.1 parser routines.
+ [Eric A. Young]
+
+ *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
+ [Eric A. Young]
+
+ *) Added a BN_CTX to the BN library.
+ [Eric A. Young]
+
+ *) Fixed the weak key values in DES library
+ [Eric A. Young]
+
+ *) Changed API in EVP library for cipher aliases.
+ [Eric A. Young]
+
+ *) Added support for RC2/64bit cipher.
+ [Eric A. Young]
+
+ *) Converted the lhash library to the crypto/mem.c functions.
+ [Eric A. Young]
+
+ *) Added more recognized ASN.1 object ids.
+ [Eric A. Young]
+
+ *) Added more RSA padding checks for SSL/TLS.
+ [Eric A. Young]
+
+ *) Added BIO proxy/filter functionality.
+ [Eric A. Young]
+
+ *) Added extra_certs to SSL_CTX which can be used
+ send extra CA certificates to the client in the CA cert chain sending
+ process. It can be configured with SSL_CTX_add_extra_chain_cert().
+ [Eric A. Young]
+
+ *) Now Fortezza is denied in the authentication phase because
+ this is key exchange mechanism is not supported by SSLeay at all.
+ [Eric A. Young]
+
+ *) Additional PKCS1 checks.
+ [Eric A. Young]
+
+ *) Support the string "TLSv1" for all TLS v1 ciphers.
+ [Eric A. Young]
+
+ *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
+ ex_data index of the SSL context in the X509_STORE_CTX ex_data.
+ [Eric A. Young]
+
+ *) Fixed a few memory leaks.
+ [Eric A. Young]
+
+ *) Fixed various code and comment typos.
+ [Eric A. Young]
+
+ *) A minor bug in ssl/s3_clnt.c where there would always be 4 0
+ bytes sent in the client random.
+ [Edward Bishop <ebishop at spyglass.com>]
+
Deleted: vendor-crypto/openssl/1.0.1u/CONTRIBUTING
===================================================================
--- vendor-crypto/openssl/dist/CONTRIBUTING 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/CONTRIBUTING 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,38 +0,0 @@
-HOW TO CONTRIBUTE TO OpenSSL
-----------------------------
-
-Development is coordinated on the openssl-dev mailing list (see
-http://www.openssl.org for information on subscribing). If you
-would like to submit a patch, send it to rt at openssl.org with
-the string "[PATCH]" in the subject. Please be sure to include a
-textual explanation of what your patch does.
-
-You can also make GitHub pull requests. If you do this, please also send
-mail to rt at openssl.org with a brief description and a link to the PR so
-that we can more easily keep track of it.
-
-If you are unsure as to whether a feature will be useful for the general
-OpenSSL community please discuss it on the openssl-dev mailing list first.
-Someone may be already working on the same thing or there may be a good
-reason as to why that feature isn't implemented.
-
-Patches should be as up to date as possible, preferably relative to the
-current Git or the last snapshot. They should follow our coding style
-(see https://www.openssl.org/policies/codingstyle.html) and compile without
-warnings using the --strict-warnings flag. OpenSSL compiles on many varied
-platforms: try to ensure you only use portable features.
-
-Our preferred format for patch files is "git format-patch" output. For example
-to provide a patch file containing the last commit in your local git repository
-use the following command:
-
-# git format-patch --stdout HEAD^ >mydiffs.patch
-
-Another method of creating an acceptable patch file without using git is as
-follows:
-
-# cd openssl-work
-# [your changes]
-# ./Configure dist; make clean
-# cd ..
-# diff -ur openssl-orig openssl-work > mydiffs.patch
Copied: vendor-crypto/openssl/1.0.1u/CONTRIBUTING (from rev 11605, vendor-crypto/openssl/dist/CONTRIBUTING)
===================================================================
--- vendor-crypto/openssl/1.0.1u/CONTRIBUTING (rev 0)
+++ vendor-crypto/openssl/1.0.1u/CONTRIBUTING 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,75 @@
+HOW TO CONTRIBUTE TO PATCHES OpenSSL
+------------------------------------
+
+(Please visit https://www.openssl.org/community/getting-started.html for
+other ideas about how to contribute.)
+
+Development is coordinated on the openssl-dev mailing list (see the
+above link or https://mta.openssl.org for information on subscribing).
+If you are unsure as to whether a feature will be useful for the general
+OpenSSL community you might want to discuss it on the openssl-dev mailing
+list first. Someone may be already working on the same thing or there
+may be a good reason as to why that feature isn't implemented.
+
+The best way to submit a patch is to make a pull request on GitHub.
+(It is not necessary to send mail to rt at openssl.org to open a ticket!)
+If you think the patch could use feedback from the community, please
+start a thread on openssl-dev.
+
+You can also submit patches by sending it as mail to rt at openssl.org.
+Please include the word "PATCH" and an explanation of what the patch
+does in the subject line. If you do this, our preferred format is "git
+format-patch" output. For example to provide a patch file containing the
+last commit in your local git repository use the following command:
+
+ % git format-patch --stdout HEAD^ >mydiffs.patch
+
+Another method of creating an acceptable patch file without using git is as
+follows:
+
+ % cd openssl-work
+ ...make your changes...
+ % ./Configure dist; make clean
+ % cd ..
+ % diff -ur openssl-orig openssl-work >mydiffs.patch
+
+Note that pull requests are generally easier for the team, and community, to
+work with. Pull requests benefit from all of the standard GitHub features,
+including code review tools, simpler integration, and CI build support.
+
+No matter how a patch is submitted, the following items will help make
+the acceptance and review process faster:
+
+ 1. Anything other than trivial contributions will require a contributor
+ licensing agreement, giving us permission to use your code. See
+ https://www.openssl.org/policies/cla.html for details.
+
+ 2. All source files should start with the following text (with
+ appropriate comment characters at the start of each line and the
+ year(s) updated):
+
+ Copyright 20xx-20yy The OpenSSL Project Authors. All Rights Reserved.
+
+ Licensed under the OpenSSL license (the "License"). You may not use
+ this file except in compliance with the License. You can obtain a copy
+ in the file LICENSE in the source distribution or at
+ https://www.openssl.org/source/license.html
+
+ 3. Patches should be as current as possible. When using GitHub, please
+ expect to have to rebase and update often. Note that we do not accept merge
+ commits. You will be asked to remove them before a patch is considered
+ acceptable.
+
+ 4. Patches should follow our coding style (see
+ https://www.openssl.org/policies/codingstyle.html) and compile without
+ warnings. Where gcc or clang is availble you should use the
+ --strict-warnings Configure option. OpenSSL compiles on many varied
+ platforms: try to ensure you only use portable features.
+
+ 5. When at all possible, patches should include tests. These can either be
+ added to an existing test, or completely new. Please see test/README
+ for information on the test framework.
+
+ 6. New features or changed functionality must include documentation. Please
+ look at the "pod" files in doc/apps, doc/crypto and doc/ssl for examples of
+ our style.
Deleted: vendor-crypto/openssl/1.0.1u/Configure
===================================================================
--- vendor-crypto/openssl/dist/Configure 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/Configure 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2201 +0,0 @@
-:
-eval 'exec perl -S $0 ${1+"$@"}'
- if $running_under_some_shell;
-##
-## Configure -- OpenSSL source tree configuration script
-##
-
-require 5.000;
-use strict;
-
-# see INSTALL for instructions.
-
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
-
-# Options:
-#
-# --openssldir install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
-# --prefix option is given; /usr/local/ssl otherwise)
-# --prefix prefix for the OpenSSL include, lib and bin directories
-# (Default: the OPENSSLDIR directory)
-#
-# --install_prefix Additional prefix for package builders (empty by
-# default). This needn't be set in advance, you can
-# just as well use "make INSTALL_PREFIX=/whatever install".
-#
-# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected
-# to live in the subdirectory lib/ and the header files in
-# include/. A value is required.
-# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is
-# required.
-# (Default: KRB5_DIR/lib)
-# --with-krb5-include Declare where the Kerberos 5 header files live. A
-# value is required.
-# (Default: KRB5_DIR/include)
-# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently
-# supported values are "MIT" and "Heimdal". A value is required.
-#
-# --test-sanity Make a number of sanity checks on the data in this file.
-# This is a debugging tool for OpenSSL developers.
-#
-# --cross-compile-prefix Add specified prefix to binutils components.
-#
-# no-hw-xxx do not compile support for specific crypto hardware.
-# Generic OpenSSL-style methods relating to this support
-# are always compiled but return NULL if the hardware
-# support isn't compiled.
-# no-hw do not compile support for any crypto hardware.
-# [no-]threads [don't] try to create a library that is suitable for
-# multithreaded applications (default is "threads" if we
-# know how to do it)
-# [no-]shared [don't] try to create shared libraries when supported.
-# no-asm do not use assembler
-# no-dso do not compile in any native shared-library methods. This
-# will ensure that all methods just return NULL.
-# no-krb5 do not compile in any KRB5 library or code.
-# [no-]zlib [don't] compile support for zlib compression.
-# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
-# library and will be loaded in run-time by the OpenSSL library.
-# sctp include SCTP support
-# 386 generate 80386 code
-# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
-# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
-# -<xxx> +<xxx> compiler options are passed through
-#
-# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
-# provided to stack calls. Generates unique stack functions for
-# each possible stack type.
-# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
-# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
-# dependancies but needs to more registers, good for RISC CPU's
-# DES_RISC2 A different RISC variant.
-# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
-# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
-# This is used on the DEC Alpha where long is 8 bytes
-# and int is 4
-# BN_LLONG use the type 'long long' in crypto/bn/bn.h
-# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
-# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
-# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
-# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
-# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
-# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
-# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on
-# array lookups instead of pointer use.
-# RC4_CHUNK enables code that handles data aligned at long (natural CPU
-# word) boundary.
-# RC4_CHUNK_LL enables code that handles data aligned at long long boundary
-# (intended for 64-bit CPUs running 32-bit OS).
-# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
-# BF_PTR2 intel specific version (generic version is more efficient).
-#
-# Following are set automatically by this script
-#
-# MD5_ASM use some extra md5 assember,
-# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
-# RMD160_ASM use some extra ripemd160 assember,
-# SHA256_ASM sha256_block is implemented in assembler
-# SHA512_ASM sha512_block is implemented in assembler
-# AES_ASM ASE_[en|de]crypt is implemented in assembler
-
-# Minimum warning options... any contributions to OpenSSL should at least get
-# past these.
-
-my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
-
-my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Qunused-arguments";
-
-my $strict_warnings = 0;
-
-my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-
-# MD2_CHAR slags pentium pros
-my $x86_gcc_opts="RC4_INDEX MD2_INT";
-
-# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
-# Don't worry about these normally
-
-my $tcc="cc";
-my $tflags="-fast -Xa";
-my $tbn_mul="";
-my $tlib="-lnsl -lsocket";
-#$bits1="SIXTEEN_BIT ";
-#$bits2="THIRTY_TWO_BIT ";
-my $bits1="THIRTY_TWO_BIT ";
-my $bits2="SIXTY_FOUR_BIT ";
-
-my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o:des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
-
-my $x86_elf_asm="$x86_asm:elf";
-
-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o:";
-my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
-my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::ghash-sparcv9.o::void";
-my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::::void";
-my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o:::::sha1-alpha.o:::::::ghash-alpha.o::void";
-my $mips32_asm=":bn-mips.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o::::::::";
-my $mips64_asm=":bn-mips.o mips-mont.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
-my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
-my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o::void";
-my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
-my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
-my $ppc32_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::::";
-my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::::";
-my $no_asm=":::::::::::::::void";
-
-# As for $BSDthreads. Idea is to maintain "collective" set of flags,
-# which would cover all BSD flavors. -pthread applies to them all,
-# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
-# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
-# which has to be accompanied by explicit -D_THREAD_SAFE and
-# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
-# seems to be sufficient?
-my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
-
-#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
-
-my %table=(
-# File 'TABLE' (created by 'make TABLE') contains the data from this list,
-# formatted for better readability.
-
-
-#"b", "${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
-#"bl-4c-2c", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
-#"bl-4c-ri", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
-#"b2-is-ri-dp", "${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",
-
-# Our development configs
-"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
-"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
-"debug-ben", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DDEBUG_SAFESTACK -O2 -pipe::(unknown):::::",
-"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
-"debug-ben-debug-64", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-ben-macos", "cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::",
-"debug-ben-macos-gcc46", "gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
-"debug-ben-darwin64","cc:$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
-"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
-"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"debug-linux-x86_64-clang","clang: -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"dist", "cc:-O::(unknown)::::::",
-
-# Basic configs that should work on any (32 and less bit) box
-"gcc", "gcc:-O3::(unknown):::BN_LLONG:::",
-"cc", "cc:-O::(unknown)::::::",
-
-####VOS Configurations
-"vos-gcc","gcc:-O3 -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-"debug-vos-gcc","gcc:-O0 -g -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-
-#### Solaris x86 with GNU C setups
-# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
-# here because whenever GNU C instantiates an assembler template it
-# surrounds it with #APP #NO_APP comment pair which (at least Solaris
-# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
-# error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -shared -static-libgcc might appear controversial, but modules taken
-# from static libgcc do not have relocations and linking them into our
-# shared objects doesn't have any negative side-effects. On the contrary,
-# doing so makes it possible to use gcc shared build with Sun C. Given
-# that gcc generates faster code [thanks to inline assembler], I would
-# actually recommend to consider using gcc shared build even with vendor
-# compiler:-)
-# <appro at fy.chalmers.se>
-"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
-
-#### Solaris x86 with Sun C setups
-"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
-
-#### SPARC Solaris with GNU C setups
-"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
-####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### SPARC Solaris with Sun C setups
-# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
-# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
-# SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
-####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### SunOS configs, assuming sparc for the gcc one.
-#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
-"sunos-gcc","gcc:-O3 -mcpu=v8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
-
-#### IRIX 5.x configs
-# -mips2 flag is added by ./config when appropriate.
-"irix-gcc","gcc:-O3 -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-cc", "cc:-O2 -use_readonly_const -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### IRIX 6.x configs
-# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
-# './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
-# N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-
-#### Unified HP-UX ANSI C configs.
-# Special notes:
-# - Originally we were optimizing at +O4 level. It should be noted
-# that the only difference between +O3 and +O4 is global inter-
-# procedural analysis. As it has to be performed during the link
-# stage the compiler leaves behind certain pseudo-code in lib*.a
-# which might be release or even patch level specific. Generating
-# the machine code for and analyzing the *whole* program appears
-# to be *extremely* memory demanding while the performance gain is
-# actually questionable. The situation is intensified by the default
-# HP-UX data set size limit (infamous 'maxdsiz' tunable) of 64MB
-# which is way too low for +O4. In other words, doesn't +O3 make
-# more sense?
-# - Keep in mind that the HP compiler by default generates code
-# suitable for execution on the host you're currently compiling at.
-# If the toolkit is ment to be used on various PA-RISC processors
-# consider './config +DAportable'.
-# - +DD64 is chosen in favour of +DA2.0W because it's meant to be
-# compatible with *future* releases.
-# - If you run ./Configure hpux-parisc-[g]cc manually don't forget to
-# pass -D_REENTRANT on HP-UX 10 and later.
-# - -DMD32_XARRAY triggers workaround for compiler bug we ran into in
-# 32-bit message digests. (For the moment of this writing) HP C
-# doesn't seem to "digest" too many local variables (they make "him"
-# chew forever:-). For more details look-up MD32_XARRAY comment in
-# crypto/sha/sha_lcl.h.
-# <appro at fy.chalmers.se>
-#
-# Since there is mention of this in shlib/hpux10-cc.sh
-"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_1-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${parisc11_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
-"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
-
-# More attempts at unified 10.X and 11.X targets for HP C compiler.
-#
-# Chris Ruemmler <ruemmler at cup.hp.com>
-# Kevin Steves <ks at hp.se>
-"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_1-cc","cc:+DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc11_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc20_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
-
-# HP/UX IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
-# Frank Geurts <frank.geurts at nl.abnamro.com> has patiently assisted with
-# with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
-# GCC builds...
-"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
-"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
-
-# Legacy HPUX 9.X configs...
-"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
-"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-
-# DEC Alpha OSF/1/Tru64 targets.
-#
-# "What's in a name? That which we call a rose
-# By any other word would smell as sweet."
-#
-# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
-#
-# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
-#
-"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
-"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
-"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
-
-####
-#### Variety of LINUX:-)
-####
-# *-generic* is endian-neutral target, but ./config is free to
-# throw in -D[BL]_ENDIAN, whichever appropriate...
-"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# It's believed that majority of ARM toolchains predefine appropriate -march.
-# If you compiler does not, do complement config command line with one!
-"linux-armv4", "gcc:-O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### IA-32 targets...
-"linux-ia32-icc", "icc:-DL_ENDIAN -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-aout", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
-####
-"linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc64", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"linux-ia64", "gcc:-DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"linux-x86_64-clang","clang: -m64 -DL_ENDIAN -O3 -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-#### So called "highgprs" target for z/Architecture CPUs
-# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
-# /proc/cpuinfo. The idea is to preserve most significant bits of
-# general purpose registers not only upon 32-bit process context
-# switch, but even on asynchronous signal delivery to such process.
-# This makes it possible to deploy 64-bit instructions even in legacy
-# application context and achieve better [or should we say adequate]
-# performance. The build is binary compatible with linux-generic32,
-# and the idea is to be able to install the resulting libcrypto.so
-# alongside generic one, e.g. as /lib/highgprs/libcrypto.so.x.y, for
-# ldconfig and run-time linker to autodiscover. Unfortunately it
-# doesn't work just yet, because of couple of bugs in glibc
-# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
-"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
-#### SPARC Linux setups
-# Ray Miller <ray.miller at computing-services.oxford.ac.uk> has patiently
-# assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# it's a real mess with -mcpu=ultrasparc option under Linux, but
-# -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-#### Alpha Linux with GNU C and Compaq C setups
-# Special notes:
-# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
-# ought to run './Configure linux-alpha+bwx-gcc' manually, do
-# complement the command line with -mcpu=ev56, -mcpu=ev6 or whatever
-# which is appropriate.
-# - If you use ccc keep in mind that -fast implies -arch host and the
-# compiler is free to issue instructions which gonna make elder CPU
-# choke. If you wish to build "blended" toolkit, add -arch generic
-# *after* -fast and invoke './Configure linux-alpha-ccc' manually.
-#
-# <appro at fy.chalmers.se>
-#
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-
-# Android: linux-* but without pointers to headers and libs.
-"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### *BSD [do see comment about ${BSDthreads} above!]
-"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
-# simply *happens* to work around a compiler bug in gcc 3.3.3,
-# triggered by RIPEMD160 code.
-"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86_64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-"nextstep", "cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
-"nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
-
-# NCR MP-RAS UNIX ver 02.03.01
-"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",
-
-# QNX
-"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
-"QNX6", "gcc:::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"QNX6-i386", "gcc:-DL_ENDIAN -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# BeOS
-"beos-x86-r5", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
-"beos-x86-bone", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lbind -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC:-shared:.so",
-
-#### SCO/Caldera targets.
-#
-# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
-# Now we only have blended unixware-* as it's the only one used by ./config.
-# If you want to optimize for particular microarchitecture, bypass ./config
-# and './Configure unixware-7 -Kpentium_pro' or whatever appropriate.
-# Note that not all targets include assembler support. Mostly because of
-# lack of motivation to support out-of-date platforms with out-of-date
-# compiler drivers and assemblers. Tim Rice <tim at multitalents.net> has
-# patiently assisted to debug most of it.
-#
-# UnixWare 2.0x fails destest with -O.
-"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
-"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
-"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# SCO 5 - Ben Laurie <ben at algroup.co.uk> says the -O breaks the SCO cc.
-"sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### IBM's AIX.
-"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X32",
-"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
-# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
-# at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
-
-#
-# Cray T90 and similar (SDSC)
-# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
-# defined. The T90 ints and longs are 8 bytes long, and apparently the
-# B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and
-# non L_ENDIAN code aligns the bytes in each word correctly.
-#
-# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
-#'Taking the address of a bit field is not allowed. '
-#'An expression with bit field exists as the operand of "sizeof" '
-# (written by Wayne Schroeder <schroede at SDSC.EDU>)
-#
-# j90 is considered the base machine type for unicos machines,
-# so this configuration is now called "cray-j90" ...
-"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG DES_INT:::",
-
-#
-# Cray T3E (Research Center Juelich, beckman at acl.lanl.gov)
-#
-# The BIT_FIELD_LIMITS define was written for the C90 (it seems). I added
-# another use. Basically, the problem is that the T3E uses some bit fields
-# for some st_addr stuff, and then sizeof and address-of fails
-# I could not use the ams/alpha.o option because the Cray assembler, 'cam'
-# did not like it.
-"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:::",
-
-# DGUX, 88100.
-"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):::RC4_INDEX DES_UNROLL:::",
-"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-
-# Sinix/ReliantUNIX RM400
-# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */
-"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
-"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
-
-# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
-"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
-
-# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
-# You need to compile using the c89.sh wrapper in the tools directory, because the
-# IBM compiler does not like the -L switch after any object modules.
-#
-"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
-
-# Visual C targets
-#
-# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
-"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
-"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
-"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
-"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
-# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
-# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
-"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
-# Unified CE target
-"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
-"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
-
-# Borland C++ 4.5
-"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
-
-# MinGW
-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
-# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
-# compiled with one compiler with application compiled with another
-# compiler. It's possible to engage Applink support in mingw64 build,
-# but it's not done, because till mingw64 supports structured exception
-# handling, one can't seriously consider its binaries for using with
-# non-mingw64 run-time environment. And as mingw64 is always consistent
-# with itself, Applink is never engaged and can as well be omitted.
-"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
-
-# UWIN
-"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
-
-# Cygwin
-"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:coff:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
-
-# NetWare from David Ward (dsward at novell.com)
-# requires either MetroWerks NLM development tools, or gcc / nlmconv
-# NetWare defaults socket bio to WinSock sockets. However,
-# the builds can be configured to use BSD sockets instead.
-# netware-clib => legacy CLib c-runtime support
-"netware-clib", "mwccnlm::::::${x86_gcc_opts}::",
-"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::",
-"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
-"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
-# netware-libc => LibC/NKS support
-"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
-"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
-"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
-"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
-
-# DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
-
-# Ultrix from Bernhard Simon <simon at zid.tuwien.ac.at>
-"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
-"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
-# K&R C is no longer supported; you need gcc on old Ultrix installations
-##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",
-
-##### MacOS X (a.k.a. Rhapsody or Darwin) setup
-"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
-"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:".eval{my $asm=$x86_asm;$asm=~s/cast\-586\.o//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-# iPhoneOS/iOS
-"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-
-##### A/UX
-"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
-
-##### Sony NEWS-OS 4.x
-"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
-
-##### GNU Hurd
-"hurd-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
-
-##### OS/2 EMX
-"OS2-EMX", "gcc::::::::",
-
-##### VxWorks for various targets
-"vxworks-ppc60x","ccppc:-D_REENTRANT -mrtp -mhard-float -mstrict-align -fno-implicit-fp -DPPC32_fp60x -O2 -fstrength-reduce -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/common:::::",
-"vxworks-ppcgen","ccppc:-D_REENTRANT -mrtp -msoft-float -mstrict-align -O1 -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/sfcommon:::::",
-"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
-"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
-"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
-"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
-"vxworks-simlinux","ccpentium:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DL_ENDIAN -DCPU=SIMLINUX -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/h -I\$(WIND_BASE)/target/h/wrn/coreip -DOPENSSL_NO_HW_PADLOCK:::VXWORKS:-r::${no_asm}::::::ranlibpentium:",
-"vxworks-mips","ccmips:-mrtp -mips2 -O -G 0 -B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DCPU=MIPS32 -msoft-float -mno-branch-likely -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/h/wrn/coreip::-D_REENTRANT:VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/mips/MIPSI32/sfcommon::${mips32_asm}:o32::::::ranlibmips:",
-
-##### Compaq Non-Stop Kernel (Tandem)
-"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
-
-# uClinux
-"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
-"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
-
-);
-
-my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
- debug-VC-WIN64I debug-VC-WIN64A
- VC-NT VC-CE VC-WIN32 debug-VC-WIN32
- BC-32
- netware-clib netware-clib-bsdsock
- netware-libc netware-libc-bsdsock);
-
-my $idx = 0;
-my $idx_cc = $idx++;
-my $idx_cflags = $idx++;
-my $idx_unistd = $idx++;
-my $idx_thread_cflag = $idx++;
-my $idx_sys_id = $idx++;
-my $idx_lflags = $idx++;
-my $idx_bn_ops = $idx++;
-my $idx_cpuid_obj = $idx++;
-my $idx_bn_obj = $idx++;
-my $idx_des_obj = $idx++;
-my $idx_aes_obj = $idx++;
-my $idx_bf_obj = $idx++;
-my $idx_md5_obj = $idx++;
-my $idx_sha1_obj = $idx++;
-my $idx_cast_obj = $idx++;
-my $idx_rc4_obj = $idx++;
-my $idx_rmd160_obj = $idx++;
-my $idx_rc5_obj = $idx++;
-my $idx_wp_obj = $idx++;
-my $idx_cmll_obj = $idx++;
-my $idx_modes_obj = $idx++;
-my $idx_engines_obj = $idx++;
-my $idx_perlasm_scheme = $idx++;
-my $idx_dso_scheme = $idx++;
-my $idx_shared_target = $idx++;
-my $idx_shared_cflag = $idx++;
-my $idx_shared_ldflag = $idx++;
-my $idx_shared_extension = $idx++;
-my $idx_ranlib = $idx++;
-my $idx_arflags = $idx++;
-my $idx_multilib = $idx++;
-
-my $prefix="";
-my $libdir="";
-my $openssldir="";
-my $exe_ext="";
-my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
-my $cross_compile_prefix="";
-my $fipsdir="/usr/local/ssl/fips-2.0";
-my $fipslibdir="";
-my $baseaddr="0xFB00000";
-my $no_threads=0;
-my $threads=0;
-my $no_shared=0; # but "no-shared" is default
-my $zlib=1; # but "no-zlib" is default
-my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
-my $no_rfc3779=1; # but "no-rfc3779" is default
-my $no_asm=0;
-my $no_dso=0;
-my $no_gmp=0;
-my @skip=();
-my $Makefile="Makefile";
-my $des_locl="crypto/des/des_locl.h";
-my $des ="crypto/des/des.h";
-my $bn ="crypto/bn/bn.h";
-my $md2 ="crypto/md2/md2.h";
-my $rc4 ="crypto/rc4/rc4.h";
-my $rc4_locl="crypto/rc4/rc4_locl.h";
-my $idea ="crypto/idea/idea.h";
-my $rc2 ="crypto/rc2/rc2.h";
-my $bf ="crypto/bf/bf_locl.h";
-my $bn_asm ="bn_asm.o";
-my $des_enc="des_enc.o fcrypt_b.o";
-my $aes_enc="aes_core.o aes_cbc.o";
-my $bf_enc ="bf_enc.o";
-my $cast_enc="c_enc.o";
-my $rc4_enc="rc4_enc.o rc4_skey.o";
-my $rc5_enc="rc5_enc.o";
-my $md5_obj="";
-my $sha1_obj="";
-my $rmd160_obj="";
-my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
-my $processor="";
-my $default_ranlib;
-my $perl;
-my $fips=0;
-
-if (exists $ENV{FIPSDIR})
- {
- $fipsdir = $ENV{FIPSDIR};
- $fipsdir =~ s/\/$//;
- }
-
-# All of the following is disabled by default (RC5 was enabled before 0.9.8):
-
-my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
- "ec_nistp_64_gcc_128" => "default",
- "gmp" => "default",
- "jpake" => "experimental",
- "md2" => "default",
- "rc5" => "default",
- "rfc3779" => "default",
- "sctp" => "default",
- "shared" => "default",
- "store" => "experimental",
- "unit-test" => "default",
- "zlib" => "default",
- "zlib-dynamic" => "default"
- );
-my @experimental = ();
-
-# This is what $depflags will look like with the above defaults
-# (we need this to see if we should advise the user to run "make depend"):
-my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";
-
-# Explicit "no-..." options will be collected in %disabled along with the defaults.
-# To remove something from %disabled, use "enable-foo" (unless it's experimental).
-# For symmetry, "disable-foo" is a synonym for "no-foo".
-
-# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
-# We will collect such requests in @experimental.
-# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.
-
-
-my $no_sse2=0;
-
-&usage if ($#ARGV < 0);
-
-my $flags;
-my $depflags;
-my $openssl_experimental_defines;
-my $openssl_algorithm_defines;
-my $openssl_thread_defines;
-my $openssl_sys_defines="";
-my $openssl_other_defines;
-my $libs;
-my $libkrb5="";
-my $target;
-my $options;
-my $symlink;
-my $make_depend=0;
-my %withargs=();
-
-my @argvcopy=@ARGV;
-my $argvstring="";
-my $argv_unprocessed=1;
-
-while($argv_unprocessed)
- {
- $flags="";
- $depflags="";
- $openssl_experimental_defines="";
- $openssl_algorithm_defines="";
- $openssl_thread_defines="";
- $openssl_sys_defines="";
- $openssl_other_defines="";
- $libs="";
- $target="";
- $options="";
- $symlink=1;
-
- $argv_unprocessed=0;
- $argvstring=join(' ', at argvcopy);
-
-PROCESS_ARGS:
- foreach (@argvcopy)
- {
- s /^-no-/no-/; # some people just can't read the instructions
-
- # rewrite some options in "enable-..." form
- s /^-?-?shared$/enable-shared/;
- s /^sctp$/enable-sctp/;
- s /^threads$/enable-threads/;
- s /^zlib$/enable-zlib/;
- s /^zlib-dynamic$/enable-zlib-dynamic/;
-
- if (/^no-(.+)$/ || /^disable-(.+)$/)
- {
- if (!($disabled{$1} eq "experimental"))
- {
- if ($1 eq "ssl")
- {
- $disabled{"ssl2"} = "option(ssl)";
- $disabled{"ssl3"} = "option(ssl)";
- }
- elsif ($1 eq "tls")
- {
- $disabled{"tls1"} = "option(tls)"
- }
- elsif ($1 eq "ssl3-method")
- {
- $disabled{"ssl3-method"} = "option(ssl)";
- $disabled{"ssl3"} = "option(ssl)";
- }
- else
- {
- $disabled{$1} = "option";
- }
- }
- }
- elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
- {
- my $algo = $1;
- if ($disabled{$algo} eq "experimental")
- {
- die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
- unless (/^experimental-/);
- push @experimental, $algo;
- }
- delete $disabled{$algo};
-
- $threads = 1 if ($algo eq "threads");
- }
- elsif (/^--test-sanity$/)
- {
- exit(&test_sanity());
- }
- elsif (/^--strict-warnings/)
- {
- $strict_warnings = 1;
- }
- elsif (/^reconfigure/ || /^reconf/)
- {
- if (open(IN,"<$Makefile"))
- {
- while (<IN>)
- {
- chomp;
- if (/^CONFIGURE_ARGS=(.*)/)
- {
- $argvstring=$1;
- @argvcopy=split(' ',$argvstring);
- die "Incorrect data to reconfigure, please do a normal configuration\n"
- if (grep(/^reconf/, at argvcopy));
- print "Reconfiguring with: $argvstring\n";
- $argv_unprocessed=1;
- close(IN);
- last PROCESS_ARGS;
- }
- }
- close(IN);
- }
- die "Insufficient data to reconfigure, please do a normal configuration\n";
- }
- elsif (/^386$/)
- { $processor=386; }
- elsif (/^fips$/)
- {
- $fips=1;
- }
- elsif (/^rsaref$/)
- {
- # No RSAref support any more since it's not needed.
- # The check for the option is there so scripts aren't
- # broken
- }
- elsif (/^[-+]/)
- {
- if (/^-[lL](.*)$/ or /^-Wl,/)
- {
- $libs.=$_." ";
- }
- elsif (/^-[^-]/ or /^\+/)
- {
- $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
- $flags.=$_." ";
- }
- elsif (/^--prefix=(.*)$/)
- {
- $prefix=$1;
- }
- elsif (/^--libdir=(.*)$/)
- {
- $libdir=$1;
- }
- elsif (/^--openssldir=(.*)$/)
- {
- $openssldir=$1;
- }
- elsif (/^--install.prefix=(.*)$/)
- {
- $install_prefix=$1;
- }
- elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
- {
- $withargs{"krb5-".$1}=$2;
- }
- elsif (/^--with-zlib-lib=(.*)$/)
- {
- $withargs{"zlib-lib"}=$1;
- }
- elsif (/^--with-zlib-include=(.*)$/)
- {
- $withargs{"zlib-include"}="-I$1";
- }
- elsif (/^--with-fipsdir=(.*)$/)
- {
- $fipsdir="$1";
- }
- elsif (/^--with-fipslibdir=(.*)$/)
- {
- $fipslibdir="$1";
- }
- elsif (/^--with-baseaddr=(.*)$/)
- {
- $baseaddr="$1";
- }
- elsif (/^--cross-compile-prefix=(.*)$/)
- {
- $cross_compile_prefix=$1;
- }
- else
- {
- print STDERR $usage;
- exit(1);
- }
- }
- elsif ($_ =~ /^([^:]+):(.+)$/)
- {
- eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
- $target=$1;
- }
- else
- {
- die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
- $target=$_;
- }
-
- unless ($_ eq $target || /^no-/ || /^disable-/)
- {
- # "no-..." follows later after implied disactivations
- # have been derived. (Don't take this too seroiusly,
- # we really only write OPTIONS to the Makefile out of
- # nostalgia.)
-
- if ($options eq "")
- { $options = $_; }
- else
- { $options .= " ".$_; }
- }
- }
- }
-
-
-
-if ($processor eq "386")
- {
- $disabled{"sse2"} = "forced";
- }
-
-if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
- {
- $disabled{"krb5"} = "krb5-flavor not specified";
- }
-
-if (!defined($disabled{"zlib-dynamic"}))
- {
- # "zlib-dynamic" was specifically enabled, so enable "zlib"
- delete $disabled{"zlib"};
- }
-
-if (defined($disabled{"rijndael"}))
- {
- $disabled{"aes"} = "forced";
- }
-if (defined($disabled{"des"}))
- {
- $disabled{"mdc2"} = "forced";
- }
-if (defined($disabled{"ec"}))
- {
- $disabled{"ecdsa"} = "forced";
- $disabled{"ecdh"} = "forced";
- }
-
-# SSL 2.0 requires MD5 and RSA
-if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
- {
- $disabled{"ssl2"} = "forced";
- }
-
-if ($fips && $fipslibdir eq "")
- {
- $fipslibdir = $fipsdir . "/lib/";
- }
-
-# RSAX ENGINE sets default non-FIPS RSA method.
-if ($fips)
- {
- $disabled{"rsax"} = "forced";
- }
-
-# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
-if (defined($disabled{"md5"}) || defined($disabled{"sha"})
- || (defined($disabled{"rsa"})
- && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
- {
- $disabled{"ssl3"} = "forced";
- $disabled{"tls1"} = "forced";
- }
-
-if (defined($disabled{"tls1"}))
- {
- $disabled{"tlsext"} = "forced";
- }
-
-if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
- || defined($disabled{"dh"}))
- {
- $disabled{"gost"} = "forced";
- }
-
-# SRP and HEARTBEATS require TLSEXT
-if (defined($disabled{"tlsext"}))
- {
- $disabled{"srp"} = "forced";
- $disabled{"heartbeats"} = "forced";
- }
-
-if ($target eq "TABLE") {
- foreach $target (sort keys %table) {
- print_table_entry($target);
- }
- exit 0;
-}
-
-if ($target eq "LIST") {
- foreach (sort keys %table) {
- print;
- print "\n";
- }
- exit 0;
-}
-
-if ($target =~ m/^CygWin32(-.*)$/) {
- $target = "Cygwin".$1;
-}
-
-print "Configuring for $target\n";
-
-&usage if (!defined($table{$target}));
-
-
-foreach (sort (keys %disabled))
- {
- $options .= " no-$_";
-
- printf " no-%-12s %-10s", $_, "[$disabled{$_}]";
-
- if (/^dso$/)
- { $no_dso = 1; }
- elsif (/^threads$/)
- { $no_threads = 1; }
- elsif (/^shared$/)
- { $no_shared = 1; }
- elsif (/^zlib$/)
- { $zlib = 0; }
- elsif (/^static-engine$/)
- { }
- elsif (/^zlib-dynamic$/)
- { }
- elsif (/^symlinks$/)
- { $symlink = 0; }
- elsif (/^sse2$/)
- { $no_sse2 = 1; }
- else
- {
- my ($ALGO, $algo);
- ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
-
- if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
- {
- $openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
- print " OPENSSL_NO_$ALGO";
-
- if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; }
- elsif (/^asm$/) { $no_asm = 1; }
- }
- else
- {
- $openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
- print " OPENSSL_NO_$ALGO";
-
- if (/^krb5$/)
- { $no_krb5 = 1; }
- else
- {
- push @skip, $algo;
- # fix-up crypto/directory name(s)
- @skip[$#skip]="whrlpool" if $algo eq "whirlpool";
- print " (skip dir)";
-
- $depflags .= " -DOPENSSL_NO_$ALGO";
- }
- }
- }
-
- print "\n";
- }
-
-my $exp_cflags = "";
-foreach (sort @experimental)
- {
- my $ALGO;
- ($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
-
- # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
- $openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
- $exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
- }
-
-my $IsMK1MF=scalar grep /^$target$/, at MK1MF_Builds;
-
-$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
-$exe_ext=".nlm" if ($target =~ /netware/);
-$exe_ext=".pm" if ($target =~ /vos/);
-$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
-$prefix=$openssldir if $prefix eq "";
-
-$default_ranlib= &which("ranlib") or $default_ranlib="true";
-$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
- or $perl="perl";
-my $make = $ENV{'MAKE'} || "make";
-
-$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";
-
-chop $openssldir if $openssldir =~ /\/$/;
-chop $prefix if $prefix =~ /.\/$/;
-
-$openssldir=$prefix . "/ssl" if $openssldir eq "";
-$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
-
-
-print "IsMK1MF=$IsMK1MF\n";
-
-my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-my $cc = $fields[$idx_cc];
-# Allow environment CC to override compiler...
-if($ENV{CC}) {
- $cc = $ENV{CC};
-}
-my $cflags = $fields[$idx_cflags];
-my $unistd = $fields[$idx_unistd];
-my $thread_cflag = $fields[$idx_thread_cflag];
-my $sys_id = $fields[$idx_sys_id];
-my $lflags = $fields[$idx_lflags];
-my $bn_ops = $fields[$idx_bn_ops];
-my $cpuid_obj = $fields[$idx_cpuid_obj];
-my $bn_obj = $fields[$idx_bn_obj];
-my $des_obj = $fields[$idx_des_obj];
-my $aes_obj = $fields[$idx_aes_obj];
-my $bf_obj = $fields[$idx_bf_obj];
-my $md5_obj = $fields[$idx_md5_obj];
-my $sha1_obj = $fields[$idx_sha1_obj];
-my $cast_obj = $fields[$idx_cast_obj];
-my $rc4_obj = $fields[$idx_rc4_obj];
-my $rmd160_obj = $fields[$idx_rmd160_obj];
-my $rc5_obj = $fields[$idx_rc5_obj];
-my $wp_obj = $fields[$idx_wp_obj];
-my $cmll_obj = $fields[$idx_cmll_obj];
-my $modes_obj = $fields[$idx_modes_obj];
-my $engines_obj = $fields[$idx_engines_obj];
-my $perlasm_scheme = $fields[$idx_perlasm_scheme];
-my $dso_scheme = $fields[$idx_dso_scheme];
-my $shared_target = $fields[$idx_shared_target];
-my $shared_cflag = $fields[$idx_shared_cflag];
-my $shared_ldflag = $fields[$idx_shared_ldflag];
-my $shared_extension = $fields[$idx_shared_extension];
-my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
-my $ar = $ENV{'AR'} || "ar";
-my $arflags = $fields[$idx_arflags];
-my $multilib = $fields[$idx_multilib];
-
-# if $prefix/lib$multilib is not an existing directory, then
-# assume that it's not searched by linker automatically, in
-# which case adding $multilib suffix causes more grief than
-# we're ready to tolerate, so don't...
-$multilib="" if !-d "$prefix/lib$multilib";
-
-$libdir="lib$multilib" if $libdir eq "";
-
-$cflags = "$cflags$exp_cflags";
-
-# '%' in $lflags is used to split flags to "pre-" and post-flags
-my ($prelflags,$postlflags)=split('%',$lflags);
-if (defined($postlflags)) { $lflags=$postlflags; }
-else { $lflags=$prelflags; undef $prelflags; }
-
-if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
- {
- $cflags =~ s/\-mno\-cygwin\s*//;
- $shared_ldflag =~ s/\-mno\-cygwin\s*//;
- }
-
-my $no_shared_warn=0;
-my $no_user_cflags=0;
-
-if ($flags ne "") { $cflags="$flags$cflags"; }
-else { $no_user_cflags=1; }
-
-# Kerberos settings. The flavor must be provided from outside, either through
-# the script "config" or manually.
-if (!$no_krb5)
- {
- my ($lresolv, $lpath, $lext);
- if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
- {
- die "Sorry, Heimdal is currently not supported\n";
- }
- ##### HACK to force use of Heimdal.
- ##### WARNING: Since we don't really have adequate support for Heimdal,
- ##### using this will break the build. You'll have to make
- ##### changes to the source, and if you do, please send
- ##### patches to openssl-dev at openssl.org
- if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
- {
- warn "Heimdal isn't really supported. Your build WILL break\n";
- warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
- $withargs{"krb5-dir"} = "/usr/heimdal"
- if $withargs{"krb5-dir"} eq "";
- $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
- "/lib -lgssapi -lkrb5 -lcom_err"
- if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
- $cflags="-DKRB5_HEIMDAL $cflags";
- }
- if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
- {
- $withargs{"krb5-dir"} = "/usr/kerberos"
- if $withargs{"krb5-dir"} eq "";
- $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
- "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
- if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
- $cflags="-DKRB5_MIT $cflags";
- $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
- if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
- {
- $cflags="-DKRB5_MIT_OLD11 $cflags";
- }
- }
- LRESOLV:
- foreach $lpath ("/lib", "/usr/lib")
- {
- foreach $lext ("a", "so")
- {
- $lresolv = "$lpath/libresolv.$lext";
- last LRESOLV if (-r "$lresolv");
- $lresolv = "";
- }
- }
- $withargs{"krb5-lib"} .= " -lresolv"
- if ("$lresolv" ne "");
- $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
- if $withargs{"krb5-include"} eq "" &&
- $withargs{"krb5-dir"} ne "";
- }
-
-# The DSO code currently always implements all functions so that no
-# applications will have to worry about that from a compilation point
-# of view. However, the "method"s may return zero unless that platform
-# has support compiled in for them. Currently each method is enabled
-# by a define "DSO_<name>" ... we translate the "dso_scheme" config
-# string entry into using the following logic;
-my $dso_cflags;
-if (!$no_dso && $dso_scheme ne "")
- {
- $dso_scheme =~ tr/[a-z]/[A-Z]/;
- if ($dso_scheme eq "DLFCN")
- {
- $dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
- }
- elsif ($dso_scheme eq "DLFCN_NO_H")
- {
- $dso_cflags = "-DDSO_DLFCN";
- }
- else
- {
- $dso_cflags = "-DDSO_$dso_scheme";
- }
- $cflags = "$dso_cflags $cflags";
- }
-
-my $thread_cflags;
-my $thread_defines;
-if ($thread_cflag ne "(unknown)" && !$no_threads)
- {
- # If we know how to do it, support threads by default.
- $threads = 1;
- }
-if ($thread_cflag eq "(unknown)" && $threads)
- {
- # If the user asked for "threads", [s]he is also expected to
- # provide any system-dependent compiler options that are
- # necessary.
- if ($no_user_cflags)
- {
- print "You asked for multi-threading support, but didn't\n";
- print "provide any system-specific compiler options\n";
- exit(1);
- }
- $thread_cflags="-DOPENSSL_THREADS $cflags" ;
- $thread_defines .= "#define OPENSSL_THREADS\n";
- }
-else
- {
- $thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
- $thread_defines .= "#define OPENSSL_THREADS\n";
-# my $def;
-# foreach $def (split ' ',$thread_cflag)
-# {
-# if ($def =~ s/^-D// && $def !~ /^_/)
-# {
-# $thread_defines .= "#define $def\n";
-# }
-# }
- }
-
-$lflags="$libs$lflags" if ($libs ne "");
-
-if ($no_asm)
- {
- $cpuid_obj=$bn_obj=
- $des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
- $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
- }
-
-if (!$no_shared)
- {
- $cast_obj=""; # CAST assembler is not PIC
- }
-
-if ($threads)
- {
- $cflags=$thread_cflags;
- $openssl_thread_defines .= $thread_defines;
- }
-
-if ($zlib)
- {
- $cflags = "-DZLIB $cflags";
- if (defined($disabled{"zlib-dynamic"}))
- {
- if (defined($withargs{"zlib-lib"}))
- {
- $lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
- }
- else
- {
- $lflags = "$lflags -lz";
- }
- }
- else
- {
- $cflags = "-DZLIB_SHARED $cflags";
- }
- }
-
-# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
-my $shared_mark = "";
-if ($shared_target eq "")
- {
- $no_shared_warn = 1 if !$no_shared;
- $no_shared = 1;
- }
-if (!$no_shared)
- {
- if ($shared_cflag ne "")
- {
- $cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
- }
- }
-
-if (!$IsMK1MF)
- {
- # add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
- if ($no_shared)
- {
- $openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
- $options.=" static-engine";
- }
- else
- {
- $openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
- $options.=" no-static-engine";
- }
- }
-
-$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
-
-#
-# Platform fix-ups
-#
-if ($target =~ /\-icc$/) # Intel C compiler
- {
- my $iccver=0;
- if (open(FD,"$cc -V 2>&1 |"))
- {
- while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
- close(FD);
- }
- if ($iccver>=8)
- {
- # Eliminate unnecessary dependency from libirc.a. This is
- # essential for shared library support, as otherwise
- # apps/openssl can end up in endless loop upon startup...
- $cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
- }
- if ($iccver>=9)
- {
- $cflags.=" -i-static";
- $cflags=~s/\-no_cpprt/-no-cpprt/;
- }
- if ($iccver>=10)
- {
- $cflags=~s/\-i\-static/-static-intel/;
- }
- }
-
-# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
-# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
-# .so objects. Apparently application RPATH is not global and does
-# not apply to .so linked with other .so. Problem manifests itself
-# when libssl.so fails to load libcrypto.so. One can argue that we
-# should engrave this into Makefile.shared rules or into BSD-* config
-# lines above. Meanwhile let's try to be cautious and pass -rpath to
-# linker only when --prefix is not /usr.
-if ($target =~ /^BSD\-/)
- {
- $shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
- }
-
-if ($sys_id ne "")
- {
- #$cflags="-DOPENSSL_SYSNAME_$sys_id $cflags";
- $openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n";
- }
-
-if ($ranlib eq "")
- {
- $ranlib = $default_ranlib;
- }
-
-#my ($bn1)=split(/\s+/,$bn_obj);
-#$bn1 = "" unless defined $bn1;
-#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
-#$bn_obj="$bn1";
-
-$cpuid_obj="" if ($processor eq "386");
-
-$bn_obj = $bn_asm unless $bn_obj ne "";
-# bn-586 is the only one implementing bn_*_part_words
-$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
-$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
-
-$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
-$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
-$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);
-
-if ($fips)
- {
- $openssl_other_defines.="#define OPENSSL_FIPS\n";
- $cflags .= " -I\$(FIPSDIR)/include";
- }
-
-$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
-$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
-$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
-$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
-$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
-$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
-if ($sha1_obj =~ /\.o$/)
- {
-# $sha1_obj=$sha1_enc;
- $cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
- $cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
- $cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
- if ($sha1_obj =~ /sse2/)
- { if ($no_sse2)
- { $sha1_obj =~ s/\S*sse2\S+//; }
- elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
- { $cflags.=" -DOPENSSL_IA32_SSE2"; }
- }
- }
-if ($md5_obj =~ /\.o$/)
- {
-# $md5_obj=$md5_enc;
- $cflags.=" -DMD5_ASM";
- }
-if ($rmd160_obj =~ /\.o$/)
- {
-# $rmd160_obj=$rmd160_enc;
- $cflags.=" -DRMD160_ASM";
- }
-if ($aes_obj =~ /\.o$/)
- {
- $cflags.=" -DAES_ASM";
- # aes-ctr.o is not a real file, only indication that assembler
- # module implements AES_ctr32_encrypt...
- $cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
- # aes-xts.o indicates presense of AES_xts_[en|de]crypt...
- $cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
- $aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
- $cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
- $cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
- }
-else {
- $aes_obj=$aes_enc;
- }
-$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
-if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
- {
- $cflags.=" -DWHIRLPOOL_ASM";
- }
-else {
- $wp_obj="wp_block.o";
- }
-$cmll_obj=$cmll_enc unless ($cmll_obj =~ /.o$/);
-if ($modes_obj =~ /ghash/)
- {
- $cflags.=" -DGHASH_ASM";
- }
-
-# "Stringify" the C flags string. This permits it to be made part of a string
-# and works as well on command lines.
-$cflags =~ s/([\\\"])/\\\1/g;
-
-my $version = "unknown";
-my $version_num = "unknown";
-my $major = "unknown";
-my $minor = "unknown";
-my $shlib_version_number = "unknown";
-my $shlib_version_history = "unknown";
-my $shlib_major = "unknown";
-my $shlib_minor = "unknown";
-
-open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
-while (<IN>)
- {
- $version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
- $version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/;
- $shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
- $shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
- }
-close(IN);
-if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }
-
-if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
- {
- $major=$1;
- $minor=$2;
- }
-
-if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
- {
- $shlib_major=$1;
- $shlib_minor=$2;
- }
-
-if ($strict_warnings)
- {
- my $ecc = $cc;
- $ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
- my $wopt;
- die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc$/ or $ecc =~ /clang$/);
- foreach $wopt (split /\s+/, $gcc_devteam_warn)
- {
- $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
- }
- if ($ecc eq "clang")
- {
- foreach $wopt (split /\s+/, $clang_devteam_warn)
- {
- $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
- }
- }
- }
-
-open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
-unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
-open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
-print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
-my $sdirs=0;
-while (<IN>)
- {
- chomp;
- $sdirs = 1 if /^SDIRS=/;
- if ($sdirs) {
- my $dir;
- foreach $dir (@skip) {
- s/(\s)$dir /$1/;
- s/\s$dir$//;
- }
- }
- $sdirs = 0 unless /\\$/;
- s/engines // if (/^DIRS=/ && $disabled{"engine"});
- s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
- s/^VERSION=.*/VERSION=$version/;
- s/^MAJOR=.*/MAJOR=$major/;
- s/^MINOR=.*/MINOR=$minor/;
- s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
- s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
- s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
- s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
- s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
- s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
- s/^MULTILIB=.*$/MULTILIB=$multilib/;
- s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
- s/^LIBDIR=.*$/LIBDIR=$libdir/;
- s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
- s/^PLATFORM=.*$/PLATFORM=$target/;
- s/^OPTIONS=.*$/OPTIONS=$options/;
- s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
- if ($cross_compile_prefix)
- {
- s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
- s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
- s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
- s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
- s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
- }
- else {
- s/^CC=.*$/CC= $cc/;
- s/^AR=\s*ar/AR= $ar/;
- s/^RANLIB=.*/RANLIB= $ranlib/;
- s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
- }
- s/^CFLAG=.*$/CFLAG= $cflags/;
- s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
- s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
- s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
- s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
- s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
- s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
- s/^DES_ENC=.*$/DES_ENC= $des_obj/;
- s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
- s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
- s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
- s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
- s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
- s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
- s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
- s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
- s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
- s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
- s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
- s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
- s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
- s/^PROCESSOR=.*/PROCESSOR= $processor/;
- s/^ARFLAGS=.*/ARFLAGS= $arflags/;
- s/^PERL=.*/PERL= $perl/;
- s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
- s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
- s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
- s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
-
- s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
- s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
- s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
- s/^BASEADDR=.*/BASEADDR=$baseaddr/;
-
- s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
- s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
- s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
- if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
- {
- my $sotmp = $1;
- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
- }
- elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
- {
- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
- }
- elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
- {
- my $sotmp = $1;
- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
- }
- elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
- {
- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
- }
- s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
- print OUT $_."\n";
- }
-close(IN);
-close(OUT);
-rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
-rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
-
-print "CC =$cc\n";
-print "CFLAG =$cflags\n";
-print "EX_LIBS =$lflags\n";
-print "CPUID_OBJ =$cpuid_obj\n";
-print "BN_ASM =$bn_obj\n";
-print "DES_ENC =$des_obj\n";
-print "AES_ENC =$aes_obj\n";
-print "BF_ENC =$bf_obj\n";
-print "CAST_ENC =$cast_obj\n";
-print "RC4_ENC =$rc4_obj\n";
-print "RC5_ENC =$rc5_obj\n";
-print "MD5_OBJ_ASM =$md5_obj\n";
-print "SHA1_OBJ_ASM =$sha1_obj\n";
-print "RMD160_OBJ_ASM=$rmd160_obj\n";
-print "CMLL_ENC =$cmll_obj\n";
-print "MODES_OBJ =$modes_obj\n";
-print "ENGINES_OBJ =$engines_obj\n";
-print "PROCESSOR =$processor\n";
-print "RANLIB =$ranlib\n";
-print "ARFLAGS =$arflags\n";
-print "PERL =$perl\n";
-print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
- if $withargs{"krb5-include"} ne "";
-
-my $des_ptr=0;
-my $des_risc1=0;
-my $des_risc2=0;
-my $des_unroll=0;
-my $bn_ll=0;
-my $def_int=2;
-my $rc4_int=$def_int;
-my $md2_int=$def_int;
-my $idea_int=$def_int;
-my $rc2_int=$def_int;
-my $rc4_idx=0;
-my $rc4_chunk=0;
-my $bf_ptr=0;
-my @type=("char","short","int","long");
-my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
-my $export_var_as_fn=0;
-
-my $des_int;
-
-foreach (sort split(/\s+/,$bn_ops))
- {
- $des_ptr=1 if /DES_PTR/;
- $des_risc1=1 if /DES_RISC1/;
- $des_risc2=1 if /DES_RISC2/;
- $des_unroll=1 if /DES_UNROLL/;
- $des_int=1 if /DES_INT/;
- $bn_ll=1 if /BN_LLONG/;
- $rc4_int=0 if /RC4_CHAR/;
- $rc4_int=3 if /RC4_LONG/;
- $rc4_idx=1 if /RC4_INDEX/;
- $rc4_chunk=1 if /RC4_CHUNK/;
- $rc4_chunk=2 if /RC4_CHUNK_LL/;
- $md2_int=0 if /MD2_CHAR/;
- $md2_int=3 if /MD2_LONG/;
- $idea_int=1 if /IDEA_SHORT/;
- $idea_int=3 if /IDEA_LONG/;
- $rc2_int=1 if /RC2_SHORT/;
- $rc2_int=3 if /RC2_LONG/;
- $bf_ptr=1 if $_ eq "BF_PTR";
- $bf_ptr=2 if $_ eq "BF_PTR2";
- ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
- ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
- ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
- ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
- ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
- $export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
- }
-
-open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
-unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
-open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
-print OUT "/* opensslconf.h */\n";
-print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
-
-print OUT "#ifdef __cplusplus\n";
-print OUT "extern \"C\" {\n";
-print OUT "#endif\n";
-print OUT "/* OpenSSL was configured with the following options: */\n";
-my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
-$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg;
-$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg;
-$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-$openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
-$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-print OUT $openssl_sys_defines;
-print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
-print OUT $openssl_experimental_defines;
-print OUT "\n";
-print OUT $openssl_algorithm_defines;
-print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
-print OUT $openssl_thread_defines;
-print OUT $openssl_other_defines,"\n";
-
-print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
-print OUT " asks for it. This is a transient feature that is provided for those\n";
-print OUT " who haven't had the time to do the appropriate changes in their\n";
-print OUT " applications. */\n";
-print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
-print OUT $openssl_algorithm_defines_trans;
-print OUT "#endif\n\n";
-
-print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");
-
-while (<IN>)
- {
- if (/^#define\s+OPENSSLDIR/)
- {
- my $foo = $openssldir;
- $foo =~ s/\\/\\\\/g;
- print OUT "#define OPENSSLDIR \"$foo\"\n";
- }
- elsif (/^#define\s+ENGINESDIR/)
- {
- my $foo = "$prefix/$libdir/engines";
- $foo =~ s/\\/\\\\/g;
- print OUT "#define ENGINESDIR \"$foo\"\n";
- }
- elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
- { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
- if $export_var_as_fn;
- printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
- ($export_var_as_fn)?"define":"undef"; }
- elsif (/^#define\s+OPENSSL_UNISTD/)
- {
- $unistd = "<unistd.h>" if $unistd eq "";
- print OUT "#define OPENSSL_UNISTD $unistd\n";
- }
- elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
- { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
- elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
- { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
- elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
- { printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
- elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
- { printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
- elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
- { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
- elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
- { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
- elsif (/^\#define\s+DES_LONG\s+.*/)
- { printf OUT "#define DES_LONG unsigned %s\n",
- ($des_int)?'int':'long'; }
- elsif (/^\#(define|undef)\s+DES_PTR/)
- { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
- elsif (/^\#(define|undef)\s+DES_RISC1/)
- { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
- elsif (/^\#(define|undef)\s+DES_RISC2/)
- { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
- elsif (/^\#(define|undef)\s+DES_UNROLL/)
- { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
- elsif (/^#define\s+RC4_INT\s/)
- { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
- elsif (/^#undef\s+RC4_CHUNK/)
- {
- printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
- printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
- printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
- }
- elsif (/^#((define)|(undef))\s+RC4_INDEX/)
- { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
- elsif (/^#(define|undef)\s+I386_ONLY/)
- { printf OUT "#%s I386_ONLY\n", ($processor eq "386")?
- "define":"undef"; }
- elsif (/^#define\s+MD2_INT\s/)
- { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
- elsif (/^#define\s+IDEA_INT\s/)
- {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
- elsif (/^#define\s+RC2_INT\s/)
- {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
- elsif (/^#(define|undef)\s+BF_PTR/)
- {
- printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
- printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
- printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
- }
- else
- { print OUT $_; }
- }
-close(IN);
-print OUT "#ifdef __cplusplus\n";
-print OUT "}\n";
-print OUT "#endif\n";
-close(OUT);
-rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
-rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
-
-
-# Fix the date
-
-print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
-print "SIXTY_FOUR_BIT mode\n" if $b64;
-print "THIRTY_TWO_BIT mode\n" if $b32;
-print "SIXTEEN_BIT mode\n" if $b16;
-print "EIGHT_BIT mode\n" if $b8;
-print "DES_PTR used\n" if $des_ptr;
-print "DES_RISC1 used\n" if $des_risc1;
-print "DES_RISC2 used\n" if $des_risc2;
-print "DES_UNROLL used\n" if $des_unroll;
-print "DES_INT used\n" if $des_int;
-print "BN_LLONG mode\n" if $bn_ll;
-print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
-print "RC4_INDEX mode\n" if $rc4_idx;
-print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
-print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
-print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
-print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
-print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
-print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
-print "BF_PTR used\n" if $bf_ptr == 1;
-print "BF_PTR2 used\n" if $bf_ptr == 2;
-
-if($IsMK1MF) {
- open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
- printf OUT <<EOF;
-#ifndef MK1MF_BUILD
- /* auto-generated by Configure for crypto/cversion.c:
- * for Unix builds, crypto/Makefile.ssl generates functional definitions;
- * Windows builds (and other mk1mf builds) compile cversion.c with
- * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
- #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
-#endif
-EOF
- close(OUT);
-} else {
- my $make_command = "$make PERL=\'$perl\'";
- my $make_targets = "";
- $make_targets .= " links" if $symlink;
- $make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
- $make_targets .= " gentests" if $symlink;
- (system $make_command.$make_targets) == 0 or exit $?
- if $make_targets ne "";
- if ( $perl =~ m@^/@) {
- &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
- &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
- } else {
- # No path for Perl known ...
- &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
- &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
- }
- if ($depflags ne $default_depflags && !$make_depend) {
- print <<EOF;
-
-Since you've disabled or enabled at least one algorithm, you need to do
-the following before building:
-
- make depend
-EOF
- }
-}
-
-# create the ms/version32.rc file if needed
-if ($IsMK1MF && ($target !~ /^netware/)) {
- my ($v1, $v2, $v3, $v4);
- if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {
- $v1=hex $1;
- $v2=hex $2;
- $v3=hex $3;
- $v4=hex $4;
- }
- open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc";
- print OUT <<EOF;
-#include <winver.h>
-
-LANGUAGE 0x09,0x01
-
-1 VERSIONINFO
- FILEVERSION $v1,$v2,$v3,$v4
- PRODUCTVERSION $v1,$v2,$v3,$v4
- FILEFLAGSMASK 0x3fL
-#ifdef _DEBUG
- FILEFLAGS 0x01L
-#else
- FILEFLAGS 0x00L
-#endif
- FILEOS VOS__WINDOWS32
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904b0"
- BEGIN
- // Required:
- VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
- VALUE "FileDescription", "OpenSSL Shared Library\\0"
- VALUE "FileVersion", "$version\\0"
-#if defined(CRYPTO)
- VALUE "InternalName", "libeay32\\0"
- VALUE "OriginalFilename", "libeay32.dll\\0"
-#elif defined(SSL)
- VALUE "InternalName", "ssleay32\\0"
- VALUE "OriginalFilename", "ssleay32.dll\\0"
-#endif
- VALUE "ProductName", "The OpenSSL Toolkit\\0"
- VALUE "ProductVersion", "$version\\0"
- // Optional:
- //VALUE "Comments", "\\0"
- VALUE "LegalCopyright", "Copyright \xA9 1998-2005 The OpenSSL Project. Copyright \xA9 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
- //VALUE "LegalTrademarks", "\\0"
- //VALUE "PrivateBuild", "\\0"
- //VALUE "SpecialBuild", "\\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 0x4b0
- END
-END
-EOF
- close(OUT);
- }
-
-print <<EOF;
-
-Configured for $target.
-EOF
-
-print <<\EOF if (!$no_threads && !$threads);
-
-The library could not be configured for supporting multi-threaded
-applications as the compiler options required on this system are not known.
-See file INSTALL for details if you need multi-threading.
-EOF
-
-print <<\EOF if ($no_shared_warn);
-
-You gave the option 'shared'. Normally, that would give you shared libraries.
-Unfortunately, the OpenSSL configuration doesn't include shared library support
-for this platform yet, so it will pretend you gave the option 'no-shared'. If
-you can inform the developpers (openssl-dev\@openssl.org) how to support shared
-libraries on this platform, they will at least look at it and try their best
-(but please first make sure you have tried with a current version of OpenSSL).
-EOF
-
-exit(0);
-
-sub usage
- {
- print STDERR $usage;
- print STDERR "\npick os/compiler from:\n";
- my $j=0;
- my $i;
- my $k=0;
- foreach $i (sort keys %table)
- {
- next if $i =~ /^debug/;
- $k += length($i) + 1;
- if ($k > 78)
- {
- print STDERR "\n";
- $k=length($i);
- }
- print STDERR $i . " ";
- }
- foreach $i (sort keys %table)
- {
- next if $i !~ /^debug/;
- $k += length($i) + 1;
- if ($k > 78)
- {
- print STDERR "\n";
- $k=length($i);
- }
- print STDERR $i . " ";
- }
- print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
- exit(1);
- }
-
-sub which
- {
- my($name)=@_;
- my $path;
- foreach $path (split /:/, $ENV{PATH})
- {
- if (-f "$path/$name$exe_ext" and -x _)
- {
- return "$path/$name$exe_ext" unless ($name eq "perl" and
- system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\''));
- }
- }
- }
-
-sub dofile
- {
- my $f; my $p; my %m; my @a; my $k; my $ff;
- ($f,$p,%m)=@_;
-
- open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
- @a=<IN>;
- close(IN);
- foreach $k (keys %m)
- {
- grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)), at a);
- }
- open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
- print OUT @a;
- close(OUT);
- rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
- rename("$f.new",$f) || die "unable to rename $f.new\n";
- }
-
-sub print_table_entry
- {
- my $target = shift;
-
- (my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
- my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
- my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
- my $rc5_obj,my $wp_obj,my $cmll_obj,my $modes_obj, my $engines_obj,
- my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
- my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
- split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-
- print <<EOF
-
-*** $target
-\$cc = $cc
-\$cflags = $cflags
-\$unistd = $unistd
-\$thread_cflag = $thread_cflag
-\$sys_id = $sys_id
-\$lflags = $lflags
-\$bn_ops = $bn_ops
-\$cpuid_obj = $cpuid_obj
-\$bn_obj = $bn_obj
-\$des_obj = $des_obj
-\$aes_obj = $aes_obj
-\$bf_obj = $bf_obj
-\$md5_obj = $md5_obj
-\$sha1_obj = $sha1_obj
-\$cast_obj = $cast_obj
-\$rc4_obj = $rc4_obj
-\$rmd160_obj = $rmd160_obj
-\$rc5_obj = $rc5_obj
-\$wp_obj = $wp_obj
-\$cmll_obj = $cmll_obj
-\$modes_obj = $modes_obj
-\$engines_obj = $engines_obj
-\$perlasm_scheme = $perlasm_scheme
-\$dso_scheme = $dso_scheme
-\$shared_target= $shared_target
-\$shared_cflag = $shared_cflag
-\$shared_ldflag = $shared_ldflag
-\$shared_extension = $shared_extension
-\$ranlib = $ranlib
-\$arflags = $arflags
-\$multilib = $multilib
-EOF
- }
-
-sub test_sanity
- {
- my $errorcnt = 0;
-
- print STDERR "=" x 70, "\n";
- print STDERR "=== SANITY TESTING!\n";
- print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
- print STDERR "=" x 70, "\n";
-
- foreach $target (sort keys %table)
- {
- @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-
- if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
- {
- $errorcnt++;
- print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
- print STDERR " in the previous field\n";
- }
- elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
- {
- $errorcnt++;
- print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
- print STDERR " in the following field\n";
- }
- elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
- {
- $errorcnt++;
- print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
- print STDERR " valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
- }
- }
- print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
- return $errorcnt;
- }
Copied: vendor-crypto/openssl/1.0.1u/Configure (from rev 11605, vendor-crypto/openssl/dist/Configure)
===================================================================
--- vendor-crypto/openssl/1.0.1u/Configure (rev 0)
+++ vendor-crypto/openssl/1.0.1u/Configure 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2210 @@
+:
+eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+##
+## Configure -- OpenSSL source tree configuration script
+##
+
+require 5.000;
+use strict;
+
+# see INSTALL for instructions.
+
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
+
+# Options:
+#
+# --openssldir install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
+# --prefix option is given; /usr/local/ssl otherwise)
+# --prefix prefix for the OpenSSL include, lib and bin directories
+# (Default: the OPENSSLDIR directory)
+#
+# --install_prefix Additional prefix for package builders (empty by
+# default). This needn't be set in advance, you can
+# just as well use "make INSTALL_PREFIX=/whatever install".
+#
+# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected
+# to live in the subdirectory lib/ and the header files in
+# include/. A value is required.
+# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is
+# required.
+# (Default: KRB5_DIR/lib)
+# --with-krb5-include Declare where the Kerberos 5 header files live. A
+# value is required.
+# (Default: KRB5_DIR/include)
+# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently
+# supported values are "MIT" and "Heimdal". A value is required.
+#
+# --test-sanity Make a number of sanity checks on the data in this file.
+# This is a debugging tool for OpenSSL developers.
+#
+# --cross-compile-prefix Add specified prefix to binutils components.
+#
+# no-hw-xxx do not compile support for specific crypto hardware.
+# Generic OpenSSL-style methods relating to this support
+# are always compiled but return NULL if the hardware
+# support isn't compiled.
+# no-hw do not compile support for any crypto hardware.
+# [no-]threads [don't] try to create a library that is suitable for
+# multithreaded applications (default is "threads" if we
+# know how to do it)
+# [no-]shared [don't] try to create shared libraries when supported.
+# no-asm do not use assembler
+# no-dso do not compile in any native shared-library methods. This
+# will ensure that all methods just return NULL.
+# no-krb5 do not compile in any KRB5 library or code.
+# [no-]zlib [don't] compile support for zlib compression.
+# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
+# library and will be loaded in run-time by the OpenSSL library.
+# sctp include SCTP support
+# 386 generate 80386 code
+# enable-weak-ssl-ciphers
+# Enable EXPORT and LOW SSLv3 ciphers that are disabled by
+# default. Note, weak SSLv2 ciphers are unconditionally
+# disabled.
+# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
+# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
+# -<xxx> +<xxx> compiler options are passed through
+#
+# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
+# provided to stack calls. Generates unique stack functions for
+# each possible stack type.
+# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
+# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
+# dependancies but needs to more registers, good for RISC CPU's
+# DES_RISC2 A different RISC variant.
+# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
+# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
+# This is used on the DEC Alpha where long is 8 bytes
+# and int is 4
+# BN_LLONG use the type 'long long' in crypto/bn/bn.h
+# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on
+# array lookups instead of pointer use.
+# RC4_CHUNK enables code that handles data aligned at long (natural CPU
+# word) boundary.
+# RC4_CHUNK_LL enables code that handles data aligned at long long boundary
+# (intended for 64-bit CPUs running 32-bit OS).
+# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
+# BF_PTR2 intel specific version (generic version is more efficient).
+#
+# Following are set automatically by this script
+#
+# MD5_ASM use some extra md5 assember,
+# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
+# RMD160_ASM use some extra ripemd160 assember,
+# SHA256_ASM sha256_block is implemented in assembler
+# SHA512_ASM sha512_block is implemented in assembler
+# AES_ASM ASE_[en|de]crypt is implemented in assembler
+
+# Minimum warning options... any contributions to OpenSSL should at least get
+# past these.
+
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+
+# Warn that "make depend" should be run?
+my $warn_make_depend = 0;
+
+my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Qunused-arguments";
+
+my $strict_warnings = 0;
+
+my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
+
+# MD2_CHAR slags pentium pros
+my $x86_gcc_opts="RC4_INDEX MD2_INT";
+
+# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
+# Don't worry about these normally
+
+my $tcc="cc";
+my $tflags="-fast -Xa";
+my $tbn_mul="";
+my $tlib="-lnsl -lsocket";
+#$bits1="SIXTEEN_BIT ";
+#$bits2="THIRTY_TWO_BIT ";
+my $bits1="THIRTY_TWO_BIT ";
+my $bits2="SIXTY_FOUR_BIT ";
+
+my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o:des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
+
+my $x86_elf_asm="$x86_asm:elf";
+
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o:";
+my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
+my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::ghash-sparcv9.o::void";
+my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::::void";
+my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o:::::sha1-alpha.o:::::::ghash-alpha.o::void";
+my $mips32_asm=":bn-mips.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o::::::::";
+my $mips64_asm=":bn-mips.o mips-mont.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
+my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
+my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o::void";
+my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
+my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
+my $ppc32_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::::";
+my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::::";
+my $no_asm=":::::::::::::::void";
+
+# As for $BSDthreads. Idea is to maintain "collective" set of flags,
+# which would cover all BSD flavors. -pthread applies to them all,
+# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
+# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
+# which has to be accompanied by explicit -D_THREAD_SAFE and
+# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
+# seems to be sufficient?
+my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
+
+#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
+
+my %table=(
+# File 'TABLE' (created by 'make TABLE') contains the data from this list,
+# formatted for better readability.
+
+
+#"b", "${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
+#"bl-4c-2c", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
+#"bl-4c-ri", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
+#"b2-is-ri-dp", "${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",
+
+# Our development configs
+"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
+"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
+"debug-ben", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DDEBUG_SAFESTACK -O2 -pipe::(unknown):::::",
+"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
+"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
+"debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
+"debug-ben-debug-64", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-ben-macos", "cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::",
+"debug-ben-macos-gcc46", "gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
+"debug-ben-darwin64","cc:$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
+"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
+"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-bodo", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
+"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-linux-x86_64-clang","clang: -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"dist", "cc:-O::(unknown)::::::",
+
+# Basic configs that should work on any (32 and less bit) box
+"gcc", "gcc:-O3::(unknown):::BN_LLONG:::",
+"cc", "cc:-O::(unknown)::::::",
+
+####VOS Configurations
+"vos-gcc","gcc:-O3 -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+"debug-vos-gcc","gcc:-O0 -g -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+
+#### Solaris x86 with GNU C setups
+# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
+# here because whenever GNU C instantiates an assembler template it
+# surrounds it with #APP #NO_APP comment pair which (at least Solaris
+# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
+# error message.
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -shared -static-libgcc might appear controversial, but modules taken
+# from static libgcc do not have relocations and linking them into our
+# shared objects doesn't have any negative side-effects. On the contrary,
+# doing so makes it possible to use gcc shared build with Sun C. Given
+# that gcc generates faster code [thanks to inline assembler], I would
+# actually recommend to consider using gcc shared build even with vendor
+# compiler:-)
+# <appro at fy.chalmers.se>
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+
+#### Solaris x86 with Sun C setups
+"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+
+#### SPARC Solaris with GNU C setups
+"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+####
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### SPARC Solaris with Sun C setups
+# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
+# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
+# SC5.0 note: Compiler common patch 107357-01 or later is required!
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+####
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### SunOS configs, assuming sparc for the gcc one.
+#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
+"sunos-gcc","gcc:-O3 -mcpu=v8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
+
+#### IRIX 5.x configs
+# -mips2 flag is added by ./config when appropriate.
+"irix-gcc","gcc:-O3 -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-cc", "cc:-O2 -use_readonly_const -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+#### IRIX 6.x configs
+# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
+# './Configure irix-cc -o32' manually.
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+# N64 ABI builds.
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+
+#### Unified HP-UX ANSI C configs.
+# Special notes:
+# - Originally we were optimizing at +O4 level. It should be noted
+# that the only difference between +O3 and +O4 is global inter-
+# procedural analysis. As it has to be performed during the link
+# stage the compiler leaves behind certain pseudo-code in lib*.a
+# which might be release or even patch level specific. Generating
+# the machine code for and analyzing the *whole* program appears
+# to be *extremely* memory demanding while the performance gain is
+# actually questionable. The situation is intensified by the default
+# HP-UX data set size limit (infamous 'maxdsiz' tunable) of 64MB
+# which is way too low for +O4. In other words, doesn't +O3 make
+# more sense?
+# - Keep in mind that the HP compiler by default generates code
+# suitable for execution on the host you're currently compiling at.
+# If the toolkit is ment to be used on various PA-RISC processors
+# consider './config +DAportable'.
+# - +DD64 is chosen in favour of +DA2.0W because it's meant to be
+# compatible with *future* releases.
+# - If you run ./Configure hpux-parisc-[g]cc manually don't forget to
+# pass -D_REENTRANT on HP-UX 10 and later.
+# - -DMD32_XARRAY triggers workaround for compiler bug we ran into in
+# 32-bit message digests. (For the moment of this writing) HP C
+# doesn't seem to "digest" too many local variables (they make "him"
+# chew forever:-). For more details look-up MD32_XARRAY comment in
+# crypto/sha/sha_lcl.h.
+# <appro at fy.chalmers.se>
+#
+# Since there is mention of this in shlib/hpux10-cc.sh
+"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${parisc11_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
+
+# More attempts at unified 10.X and 11.X targets for HP C compiler.
+#
+# Chris Ruemmler <ruemmler at cup.hp.com>
+# Kevin Steves <ks at hp.se>
+"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-cc","cc:+DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc11_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc20_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
+
+# HP/UX IA-64 targets
+"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
+# Frank Geurts <frank.geurts at nl.abnamro.com> has patiently assisted with
+# with debugging of the following config.
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
+# GCC builds...
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
+"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
+
+# Legacy HPUX 9.X configs...
+"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
+"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+
+# DEC Alpha OSF/1/Tru64 targets.
+#
+# "What's in a name? That which we call a rose
+# By any other word would smell as sweet."
+#
+# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
+#
+# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
+#
+"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
+
+####
+#### Variety of LINUX:-)
+####
+# *-generic* is endian-neutral target, but ./config is free to
+# throw in -D[BL]_ENDIAN, whichever appropriate...
+"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# It's believed that majority of ARM toolchains predefine appropriate -march.
+# If you compiler does not, do complement config command line with one!
+"linux-armv4", "gcc:-O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+#### IA-32 targets...
+"linux-ia32-icc", "icc:-DL_ENDIAN -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-aout", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+####
+"linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-ia64", "gcc:-DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x86_64-clang","clang: -m64 -DL_ENDIAN -O3 -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### So called "highgprs" target for z/Architecture CPUs
+# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
+# /proc/cpuinfo. The idea is to preserve most significant bits of
+# general purpose registers not only upon 32-bit process context
+# switch, but even on asynchronous signal delivery to such process.
+# This makes it possible to deploy 64-bit instructions even in legacy
+# application context and achieve better [or should we say adequate]
+# performance. The build is binary compatible with linux-generic32,
+# and the idea is to be able to install the resulting libcrypto.so
+# alongside generic one, e.g. as /lib/highgprs/libcrypto.so.x.y, for
+# ldconfig and run-time linker to autodiscover. Unfortunately it
+# doesn't work just yet, because of couple of bugs in glibc
+# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
+"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
+#### SPARC Linux setups
+# Ray Miller <ray.miller at computing-services.oxford.ac.uk> has patiently
+# assisted with debugging of following two configs.
+"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# it's a real mess with -mcpu=ultrasparc option under Linux, but
+# -Wa,-Av8plus should do the trick no matter what.
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# GCC 3.1 is a requirement
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### Alpha Linux with GNU C and Compaq C setups
+# Special notes:
+# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
+# ought to run './Configure linux-alpha+bwx-gcc' manually, do
+# complement the command line with -mcpu=ev56, -mcpu=ev6 or whatever
+# which is appropriate.
+# - If you use ccc keep in mind that -fast implies -arch host and the
+# compiler is free to issue instructions which gonna make elder CPU
+# choke. If you wish to build "blended" toolkit, add -arch generic
+# *after* -fast and invoke './Configure linux-alpha-ccc' manually.
+#
+# <appro at fy.chalmers.se>
+#
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+
+# Android: linux-* but without pointers to headers and libs.
+"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### *BSD [do see comment about ${BSDthreads} above!]
+"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
+# simply *happens* to work around a compiler bug in gcc 3.3.3,
+# triggered by RIPEMD160 code.
+"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"nextstep", "cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
+"nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
+
+# NCR MP-RAS UNIX ver 02.03.01
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",
+
+# QNX
+"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
+"QNX6", "gcc:::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6-i386", "gcc:-DL_ENDIAN -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# BeOS
+"beos-x86-r5", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
+"beos-x86-bone", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lbind -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC:-shared:.so",
+
+#### SCO/Caldera targets.
+#
+# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
+# Now we only have blended unixware-* as it's the only one used by ./config.
+# If you want to optimize for particular microarchitecture, bypass ./config
+# and './Configure unixware-7 -Kpentium_pro' or whatever appropriate.
+# Note that not all targets include assembler support. Mostly because of
+# lack of motivation to support out-of-date platforms with out-of-date
+# compiler drivers and assemblers. Tim Rice <tim at multitalents.net> has
+# patiently assisted to debug most of it.
+#
+# UnixWare 2.0x fails destest with -O.
+"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# SCO 5 - Ben Laurie <ben at algroup.co.uk> says the -O breaks the SCO cc.
+"sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### IBM's AIX.
+"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
+"aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X32",
+"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
+# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
+# at build time. $OBJECT_MODE is respected at ./config stage!
+"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+
+#
+# Cray T90 and similar (SDSC)
+# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
+# defined. The T90 ints and longs are 8 bytes long, and apparently the
+# B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and
+# non L_ENDIAN code aligns the bytes in each word correctly.
+#
+# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
+#'Taking the address of a bit field is not allowed. '
+#'An expression with bit field exists as the operand of "sizeof" '
+# (written by Wayne Schroeder <schroede at SDSC.EDU>)
+#
+# j90 is considered the base machine type for unicos machines,
+# so this configuration is now called "cray-j90" ...
+"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG DES_INT:::",
+
+#
+# Cray T3E (Research Center Juelich, beckman at acl.lanl.gov)
+#
+# The BIT_FIELD_LIMITS define was written for the C90 (it seems). I added
+# another use. Basically, the problem is that the T3E uses some bit fields
+# for some st_addr stuff, and then sizeof and address-of fails
+# I could not use the ams/alpha.o option because the Cray assembler, 'cam'
+# did not like it.
+"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:::",
+
+# DGUX, 88100.
+"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):::RC4_INDEX DES_UNROLL:::",
+"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
+"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+
+# Sinix/ReliantUNIX RM400
+# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */
+"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
+"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
+
+# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
+"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+
+# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
+# You need to compile using the c89.sh wrapper in the tools directory, because the
+# IBM compiler does not like the -L switch after any object modules.
+#
+"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+
+# Visual C targets
+#
+# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
+"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
+# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
+"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+# Unified CE target
+"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
+
+# Borland C++ 4.5
+"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
+
+# MinGW
+"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
+# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
+# compiled with one compiler with application compiled with another
+# compiler. It's possible to engage Applink support in mingw64 build,
+# but it's not done, because till mingw64 supports structured exception
+# handling, one can't seriously consider its binaries for using with
+# non-mingw64 run-time environment. And as mingw64 is always consistent
+# with itself, Applink is never engaged and can as well be omitted.
+"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
+
+# UWIN
+"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+
+# Cygwin
+"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:coff:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+
+# NetWare from David Ward (dsward at novell.com)
+# requires either MetroWerks NLM development tools, or gcc / nlmconv
+# NetWare defaults socket bio to WinSock sockets. However,
+# the builds can be configured to use BSD sockets instead.
+# netware-clib => legacy CLib c-runtime support
+"netware-clib", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
+"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
+# netware-libc => LibC/NKS support
+"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
+
+# DJGPP
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+
+# Ultrix from Bernhard Simon <simon at zid.tuwien.ac.at>
+"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
+"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
+# K&R C is no longer supported; you need gcc on old Ultrix installations
+##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",
+
+##### MacOS X (a.k.a. Rhapsody or Darwin) setup
+"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
+"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:".eval{my $asm=$x86_asm;$asm=~s/cast\-586\.o//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+# iPhoneOS/iOS
+"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+
+##### A/UX
+"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
+
+##### Sony NEWS-OS 4.x
+"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
+
+##### GNU Hurd
+"hurd-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
+
+##### OS/2 EMX
+"OS2-EMX", "gcc::::::::",
+
+##### VxWorks for various targets
+"vxworks-ppc60x","ccppc:-D_REENTRANT -mrtp -mhard-float -mstrict-align -fno-implicit-fp -DPPC32_fp60x -O2 -fstrength-reduce -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/common:::::",
+"vxworks-ppcgen","ccppc:-D_REENTRANT -mrtp -msoft-float -mstrict-align -O1 -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/sfcommon:::::",
+"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
+"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
+"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
+"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
+"vxworks-simlinux","ccpentium:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DL_ENDIAN -DCPU=SIMLINUX -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/h -I\$(WIND_BASE)/target/h/wrn/coreip -DOPENSSL_NO_HW_PADLOCK:::VXWORKS:-r::${no_asm}::::::ranlibpentium:",
+"vxworks-mips","ccmips:-mrtp -mips2 -O -G 0 -B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DCPU=MIPS32 -msoft-float -mno-branch-likely -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/h/wrn/coreip::-D_REENTRANT:VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/mips/MIPSI32/sfcommon::${mips32_asm}:o32::::::ranlibmips:",
+
+##### Compaq Non-Stop Kernel (Tandem)
+"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
+
+# uClinux
+"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+
+);
+
+my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
+ debug-VC-WIN64I debug-VC-WIN64A
+ VC-NT VC-CE VC-WIN32 debug-VC-WIN32
+ BC-32
+ netware-clib netware-clib-bsdsock
+ netware-libc netware-libc-bsdsock);
+
+my $idx = 0;
+my $idx_cc = $idx++;
+my $idx_cflags = $idx++;
+my $idx_unistd = $idx++;
+my $idx_thread_cflag = $idx++;
+my $idx_sys_id = $idx++;
+my $idx_lflags = $idx++;
+my $idx_bn_ops = $idx++;
+my $idx_cpuid_obj = $idx++;
+my $idx_bn_obj = $idx++;
+my $idx_des_obj = $idx++;
+my $idx_aes_obj = $idx++;
+my $idx_bf_obj = $idx++;
+my $idx_md5_obj = $idx++;
+my $idx_sha1_obj = $idx++;
+my $idx_cast_obj = $idx++;
+my $idx_rc4_obj = $idx++;
+my $idx_rmd160_obj = $idx++;
+my $idx_rc5_obj = $idx++;
+my $idx_wp_obj = $idx++;
+my $idx_cmll_obj = $idx++;
+my $idx_modes_obj = $idx++;
+my $idx_engines_obj = $idx++;
+my $idx_perlasm_scheme = $idx++;
+my $idx_dso_scheme = $idx++;
+my $idx_shared_target = $idx++;
+my $idx_shared_cflag = $idx++;
+my $idx_shared_ldflag = $idx++;
+my $idx_shared_extension = $idx++;
+my $idx_ranlib = $idx++;
+my $idx_arflags = $idx++;
+my $idx_multilib = $idx++;
+
+my $prefix="";
+my $libdir="";
+my $openssldir="";
+my $exe_ext="";
+my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
+my $cross_compile_prefix="";
+my $fipsdir="/usr/local/ssl/fips-2.0";
+my $fipslibdir="";
+my $baseaddr="0xFB00000";
+my $no_threads=0;
+my $threads=0;
+my $no_shared=0; # but "no-shared" is default
+my $zlib=1; # but "no-zlib" is default
+my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
+my $no_rfc3779=1; # but "no-rfc3779" is default
+my $no_asm=0;
+my $no_dso=0;
+my $no_gmp=0;
+my @skip=();
+my $Makefile="Makefile";
+my $des_locl="crypto/des/des_locl.h";
+my $des ="crypto/des/des.h";
+my $bn ="crypto/bn/bn.h";
+my $md2 ="crypto/md2/md2.h";
+my $rc4 ="crypto/rc4/rc4.h";
+my $rc4_locl="crypto/rc4/rc4_locl.h";
+my $idea ="crypto/idea/idea.h";
+my $rc2 ="crypto/rc2/rc2.h";
+my $bf ="crypto/bf/bf_locl.h";
+my $bn_asm ="bn_asm.o";
+my $des_enc="des_enc.o fcrypt_b.o";
+my $aes_enc="aes_core.o aes_cbc.o";
+my $bf_enc ="bf_enc.o";
+my $cast_enc="c_enc.o";
+my $rc4_enc="rc4_enc.o rc4_skey.o";
+my $rc5_enc="rc5_enc.o";
+my $md5_obj="";
+my $sha1_obj="";
+my $rmd160_obj="";
+my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
+my $processor="";
+my $default_ranlib;
+my $perl;
+my $fips=0;
+
+if (exists $ENV{FIPSDIR})
+ {
+ $fipsdir = $ENV{FIPSDIR};
+ $fipsdir =~ s/\/$//;
+ }
+
+# All of the following is disabled by default (RC5 was enabled before 0.9.8):
+
+my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
+ "ec_nistp_64_gcc_128" => "default",
+ "gmp" => "default",
+ "jpake" => "experimental",
+ "md2" => "default",
+ "rc5" => "default",
+ "rfc3779" => "default",
+ "sctp" => "default",
+ "shared" => "default",
+ "ssl2" => "default",
+ "store" => "experimental",
+ "unit-test" => "default",
+ "weak-ssl-ciphers" => "default",
+ "zlib" => "default",
+ "zlib-dynamic" => "default"
+ );
+my @experimental = ();
+
+# This is what $depflags will look like with the above defaults
+# (we need this to see if we should advise the user to run "make depend"):
+my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS";
+
+# Explicit "no-..." options will be collected in %disabled along with the defaults.
+# To remove something from %disabled, use "enable-foo" (unless it's experimental).
+# For symmetry, "disable-foo" is a synonym for "no-foo".
+
+# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
+# We will collect such requests in @experimental.
+# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.
+
+
+my $no_sse2=0;
+
+&usage if ($#ARGV < 0);
+
+my $flags;
+my $depflags;
+my $openssl_experimental_defines;
+my $openssl_algorithm_defines;
+my $openssl_thread_defines;
+my $openssl_sys_defines="";
+my $openssl_other_defines;
+my $libs;
+my $libkrb5="";
+my $target;
+my $options;
+my $symlink;
+my $make_depend=0;
+my %withargs=();
+
+my @argvcopy=@ARGV;
+my $argvstring="";
+my $argv_unprocessed=1;
+
+while($argv_unprocessed)
+ {
+ $flags="";
+ $depflags="";
+ $openssl_experimental_defines="";
+ $openssl_algorithm_defines="";
+ $openssl_thread_defines="";
+ $openssl_sys_defines="";
+ $openssl_other_defines="";
+ $libs="";
+ $target="";
+ $options="";
+ $symlink=1;
+
+ $argv_unprocessed=0;
+ $argvstring=join(' ', at argvcopy);
+
+PROCESS_ARGS:
+ foreach (@argvcopy)
+ {
+ s /^-no-/no-/; # some people just can't read the instructions
+
+ # rewrite some options in "enable-..." form
+ s /^-?-?shared$/enable-shared/;
+ s /^sctp$/enable-sctp/;
+ s /^threads$/enable-threads/;
+ s /^zlib$/enable-zlib/;
+ s /^zlib-dynamic$/enable-zlib-dynamic/;
+
+ if (/^no-(.+)$/ || /^disable-(.+)$/)
+ {
+ if (!($disabled{$1} eq "experimental"))
+ {
+ if ($1 eq "ssl")
+ {
+ $disabled{"ssl2"} = "option(ssl)";
+ $disabled{"ssl3"} = "option(ssl)";
+ }
+ elsif ($1 eq "tls")
+ {
+ $disabled{"tls1"} = "option(tls)"
+ }
+ elsif ($1 eq "ssl3-method")
+ {
+ $disabled{"ssl3-method"} = "option(ssl)";
+ $disabled{"ssl3"} = "option(ssl)";
+ }
+ else
+ {
+ $disabled{$1} = "option";
+ }
+ }
+ }
+ elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
+ {
+ my $algo = $1;
+ if ($disabled{$algo} eq "experimental")
+ {
+ die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
+ unless (/^experimental-/);
+ push @experimental, $algo;
+ }
+ delete $disabled{$algo};
+
+ $threads = 1 if ($algo eq "threads");
+ }
+ elsif (/^--test-sanity$/)
+ {
+ exit(&test_sanity());
+ }
+ elsif (/^--strict-warnings/)
+ {
+ $strict_warnings = 1;
+ }
+ elsif (/^reconfigure/ || /^reconf/)
+ {
+ if (open(IN,"<$Makefile"))
+ {
+ while (<IN>)
+ {
+ chomp;
+ if (/^CONFIGURE_ARGS=(.*)/)
+ {
+ $argvstring=$1;
+ @argvcopy=split(' ',$argvstring);
+ die "Incorrect data to reconfigure, please do a normal configuration\n"
+ if (grep(/^reconf/, at argvcopy));
+ print "Reconfiguring with: $argvstring\n";
+ $argv_unprocessed=1;
+ close(IN);
+ last PROCESS_ARGS;
+ }
+ }
+ close(IN);
+ }
+ die "Insufficient data to reconfigure, please do a normal configuration\n";
+ }
+ elsif (/^386$/)
+ { $processor=386; }
+ elsif (/^fips$/)
+ {
+ $fips=1;
+ }
+ elsif (/^rsaref$/)
+ {
+ # No RSAref support any more since it's not needed.
+ # The check for the option is there so scripts aren't
+ # broken
+ }
+ elsif (/^[-+]/)
+ {
+ if (/^-[lL](.*)$/ or /^-Wl,/)
+ {
+ $libs.=$_." ";
+ }
+ elsif (/^-[^-]/ or /^\+/)
+ {
+ $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
+ $flags.=$_." ";
+ }
+ elsif (/^--prefix=(.*)$/)
+ {
+ $prefix=$1;
+ }
+ elsif (/^--libdir=(.*)$/)
+ {
+ $libdir=$1;
+ }
+ elsif (/^--openssldir=(.*)$/)
+ {
+ $openssldir=$1;
+ }
+ elsif (/^--install.prefix=(.*)$/)
+ {
+ $install_prefix=$1;
+ }
+ elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
+ {
+ $withargs{"krb5-".$1}=$2;
+ }
+ elsif (/^--with-zlib-lib=(.*)$/)
+ {
+ $withargs{"zlib-lib"}=$1;
+ }
+ elsif (/^--with-zlib-include=(.*)$/)
+ {
+ $withargs{"zlib-include"}="-I$1";
+ }
+ elsif (/^--with-fipsdir=(.*)$/)
+ {
+ $fipsdir="$1";
+ }
+ elsif (/^--with-fipslibdir=(.*)$/)
+ {
+ $fipslibdir="$1";
+ }
+ elsif (/^--with-baseaddr=(.*)$/)
+ {
+ $baseaddr="$1";
+ }
+ elsif (/^--cross-compile-prefix=(.*)$/)
+ {
+ $cross_compile_prefix=$1;
+ }
+ else
+ {
+ print STDERR $usage;
+ exit(1);
+ }
+ }
+ elsif ($_ =~ /^([^:]+):(.+)$/)
+ {
+ eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
+ $target=$1;
+ }
+ else
+ {
+ die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
+ $target=$_;
+ }
+
+ unless ($_ eq $target || /^no-/ || /^disable-/)
+ {
+ # "no-..." follows later after implied disactivations
+ # have been derived. (Don't take this too seroiusly,
+ # we really only write OPTIONS to the Makefile out of
+ # nostalgia.)
+
+ if ($options eq "")
+ { $options = $_; }
+ else
+ { $options .= " ".$_; }
+ }
+ }
+ }
+
+
+
+if ($processor eq "386")
+ {
+ $disabled{"sse2"} = "forced";
+ }
+
+if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
+ {
+ $disabled{"krb5"} = "krb5-flavor not specified";
+ }
+
+if (!defined($disabled{"zlib-dynamic"}))
+ {
+ # "zlib-dynamic" was specifically enabled, so enable "zlib"
+ delete $disabled{"zlib"};
+ }
+
+if (defined($disabled{"rijndael"}))
+ {
+ $disabled{"aes"} = "forced";
+ }
+if (defined($disabled{"des"}))
+ {
+ $disabled{"mdc2"} = "forced";
+ }
+if (defined($disabled{"ec"}))
+ {
+ $disabled{"ecdsa"} = "forced";
+ $disabled{"ecdh"} = "forced";
+ }
+
+# SSL 2.0 requires MD5 and RSA
+if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
+ {
+ $disabled{"ssl2"} = "forced";
+ }
+
+if ($fips && $fipslibdir eq "")
+ {
+ $fipslibdir = $fipsdir . "/lib/";
+ }
+
+# RSAX ENGINE sets default non-FIPS RSA method.
+if ($fips)
+ {
+ $disabled{"rsax"} = "forced";
+ }
+
+# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
+if (defined($disabled{"md5"}) || defined($disabled{"sha"})
+ || (defined($disabled{"rsa"})
+ && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
+ {
+ $disabled{"ssl3"} = "forced";
+ $disabled{"tls1"} = "forced";
+ }
+
+if (defined($disabled{"tls1"}))
+ {
+ $disabled{"tlsext"} = "forced";
+ }
+
+if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
+ || defined($disabled{"dh"}))
+ {
+ $disabled{"gost"} = "forced";
+ }
+
+# SRP and HEARTBEATS require TLSEXT
+if (defined($disabled{"tlsext"}))
+ {
+ $disabled{"srp"} = "forced";
+ $disabled{"heartbeats"} = "forced";
+ }
+
+if ($target eq "TABLE") {
+ foreach $target (sort keys %table) {
+ print_table_entry($target);
+ }
+ exit 0;
+}
+
+if ($target eq "LIST") {
+ foreach (sort keys %table) {
+ print;
+ print "\n";
+ }
+ exit 0;
+}
+
+if ($target =~ m/^CygWin32(-.*)$/) {
+ $target = "Cygwin".$1;
+}
+
+print "Configuring for $target\n";
+
+&usage if (!defined($table{$target}));
+
+
+foreach (sort (keys %disabled))
+ {
+ $options .= " no-$_";
+
+ printf " no-%-12s %-10s", $_, "[$disabled{$_}]";
+
+ if (/^dso$/)
+ { $no_dso = 1; }
+ elsif (/^threads$/)
+ { $no_threads = 1; }
+ elsif (/^shared$/)
+ { $no_shared = 1; }
+ elsif (/^zlib$/)
+ { $zlib = 0; }
+ elsif (/^static-engine$/)
+ { }
+ elsif (/^zlib-dynamic$/)
+ { }
+ elsif (/^symlinks$/)
+ { $symlink = 0; }
+ elsif (/^sse2$/)
+ { $no_sse2 = 1; }
+ else
+ {
+ my ($ALGO, $algo);
+ ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
+
+ if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
+ {
+ $openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
+ print " OPENSSL_NO_$ALGO";
+
+ if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; }
+ elsif (/^asm$/) { $no_asm = 1; }
+ }
+ else
+ {
+ $openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
+ print " OPENSSL_NO_$ALGO";
+
+ if (/^krb5$/)
+ { $no_krb5 = 1; }
+ else
+ {
+ push @skip, $algo;
+ # fix-up crypto/directory name(s)
+ @skip[$#skip]="whrlpool" if $algo eq "whirlpool";
+ print " (skip dir)";
+
+ $depflags .= " -DOPENSSL_NO_$ALGO";
+ }
+ }
+ }
+
+ print "\n";
+ }
+
+my $exp_cflags = "";
+foreach (sort @experimental)
+ {
+ my $ALGO;
+ ($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
+
+ # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
+ $openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
+ $exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
+ }
+
+my $IsMK1MF=scalar grep /^$target$/, at MK1MF_Builds;
+
+$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
+$exe_ext=".nlm" if ($target =~ /netware/);
+$exe_ext=".pm" if ($target =~ /vos/);
+$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
+$prefix=$openssldir if $prefix eq "";
+
+$default_ranlib= &which("ranlib") or $default_ranlib="true";
+$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
+ or $perl="perl";
+my $make = $ENV{'MAKE'} || "make";
+
+$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";
+
+chop $openssldir if $openssldir =~ /\/$/;
+chop $prefix if $prefix =~ /.\/$/;
+
+$openssldir=$prefix . "/ssl" if $openssldir eq "";
+$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
+
+
+print "IsMK1MF=$IsMK1MF\n";
+
+my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+my $cc = $fields[$idx_cc];
+# Allow environment CC to override compiler...
+if($ENV{CC}) {
+ $cc = $ENV{CC};
+}
+my $cflags = $fields[$idx_cflags];
+my $unistd = $fields[$idx_unistd];
+my $thread_cflag = $fields[$idx_thread_cflag];
+my $sys_id = $fields[$idx_sys_id];
+my $lflags = $fields[$idx_lflags];
+my $bn_ops = $fields[$idx_bn_ops];
+my $cpuid_obj = $fields[$idx_cpuid_obj];
+my $bn_obj = $fields[$idx_bn_obj];
+my $des_obj = $fields[$idx_des_obj];
+my $aes_obj = $fields[$idx_aes_obj];
+my $bf_obj = $fields[$idx_bf_obj];
+my $md5_obj = $fields[$idx_md5_obj];
+my $sha1_obj = $fields[$idx_sha1_obj];
+my $cast_obj = $fields[$idx_cast_obj];
+my $rc4_obj = $fields[$idx_rc4_obj];
+my $rmd160_obj = $fields[$idx_rmd160_obj];
+my $rc5_obj = $fields[$idx_rc5_obj];
+my $wp_obj = $fields[$idx_wp_obj];
+my $cmll_obj = $fields[$idx_cmll_obj];
+my $modes_obj = $fields[$idx_modes_obj];
+my $engines_obj = $fields[$idx_engines_obj];
+my $perlasm_scheme = $fields[$idx_perlasm_scheme];
+my $dso_scheme = $fields[$idx_dso_scheme];
+my $shared_target = $fields[$idx_shared_target];
+my $shared_cflag = $fields[$idx_shared_cflag];
+my $shared_ldflag = $fields[$idx_shared_ldflag];
+my $shared_extension = $fields[$idx_shared_extension];
+my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
+my $ar = $ENV{'AR'} || "ar";
+my $arflags = $fields[$idx_arflags];
+my $multilib = $fields[$idx_multilib];
+
+# if $prefix/lib$multilib is not an existing directory, then
+# assume that it's not searched by linker automatically, in
+# which case adding $multilib suffix causes more grief than
+# we're ready to tolerate, so don't...
+$multilib="" if !-d "$prefix/lib$multilib";
+
+$libdir="lib$multilib" if $libdir eq "";
+
+$cflags = "$cflags$exp_cflags";
+
+# '%' in $lflags is used to split flags to "pre-" and post-flags
+my ($prelflags,$postlflags)=split('%',$lflags);
+if (defined($postlflags)) { $lflags=$postlflags; }
+else { $lflags=$prelflags; undef $prelflags; }
+
+if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
+ {
+ $cflags =~ s/\-mno\-cygwin\s*//;
+ $shared_ldflag =~ s/\-mno\-cygwin\s*//;
+ }
+
+my $no_shared_warn=0;
+my $no_user_cflags=0;
+
+if ($flags ne "") { $cflags="$flags$cflags"; }
+else { $no_user_cflags=1; }
+
+# Kerberos settings. The flavor must be provided from outside, either through
+# the script "config" or manually.
+if (!$no_krb5)
+ {
+ my ($lresolv, $lpath, $lext);
+ if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
+ {
+ die "Sorry, Heimdal is currently not supported\n";
+ }
+ ##### HACK to force use of Heimdal.
+ ##### WARNING: Since we don't really have adequate support for Heimdal,
+ ##### using this will break the build. You'll have to make
+ ##### changes to the source, and if you do, please send
+ ##### patches to openssl-dev at openssl.org
+ if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
+ {
+ warn "Heimdal isn't really supported. Your build WILL break\n";
+ warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
+ $withargs{"krb5-dir"} = "/usr/heimdal"
+ if $withargs{"krb5-dir"} eq "";
+ $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
+ "/lib -lgssapi -lkrb5 -lcom_err"
+ if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
+ $cflags="-DKRB5_HEIMDAL $cflags";
+ }
+ if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
+ {
+ $withargs{"krb5-dir"} = "/usr/kerberos"
+ if $withargs{"krb5-dir"} eq "";
+ $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
+ "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
+ if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
+ $cflags="-DKRB5_MIT $cflags";
+ $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
+ if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
+ {
+ $cflags="-DKRB5_MIT_OLD11 $cflags";
+ }
+ }
+ LRESOLV:
+ foreach $lpath ("/lib", "/usr/lib")
+ {
+ foreach $lext ("a", "so")
+ {
+ $lresolv = "$lpath/libresolv.$lext";
+ last LRESOLV if (-r "$lresolv");
+ $lresolv = "";
+ }
+ }
+ $withargs{"krb5-lib"} .= " -lresolv"
+ if ("$lresolv" ne "");
+ $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
+ if $withargs{"krb5-include"} eq "" &&
+ $withargs{"krb5-dir"} ne "";
+ }
+
+# The DSO code currently always implements all functions so that no
+# applications will have to worry about that from a compilation point
+# of view. However, the "method"s may return zero unless that platform
+# has support compiled in for them. Currently each method is enabled
+# by a define "DSO_<name>" ... we translate the "dso_scheme" config
+# string entry into using the following logic;
+my $dso_cflags;
+if (!$no_dso && $dso_scheme ne "")
+ {
+ $dso_scheme =~ tr/[a-z]/[A-Z]/;
+ if ($dso_scheme eq "DLFCN")
+ {
+ $dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
+ }
+ elsif ($dso_scheme eq "DLFCN_NO_H")
+ {
+ $dso_cflags = "-DDSO_DLFCN";
+ }
+ else
+ {
+ $dso_cflags = "-DDSO_$dso_scheme";
+ }
+ $cflags = "$dso_cflags $cflags";
+ }
+
+my $thread_cflags;
+my $thread_defines;
+if ($thread_cflag ne "(unknown)" && !$no_threads)
+ {
+ # If we know how to do it, support threads by default.
+ $threads = 1;
+ }
+if ($thread_cflag eq "(unknown)" && $threads)
+ {
+ # If the user asked for "threads", [s]he is also expected to
+ # provide any system-dependent compiler options that are
+ # necessary.
+ if ($no_user_cflags)
+ {
+ print "You asked for multi-threading support, but didn't\n";
+ print "provide any system-specific compiler options\n";
+ exit(1);
+ }
+ $thread_cflags="-DOPENSSL_THREADS $cflags" ;
+ $thread_defines .= "#define OPENSSL_THREADS\n";
+ }
+else
+ {
+ $thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
+ $thread_defines .= "#define OPENSSL_THREADS\n";
+# my $def;
+# foreach $def (split ' ',$thread_cflag)
+# {
+# if ($def =~ s/^-D// && $def !~ /^_/)
+# {
+# $thread_defines .= "#define $def\n";
+# }
+# }
+ }
+
+$lflags="$libs$lflags" if ($libs ne "");
+
+if ($no_asm)
+ {
+ $cpuid_obj=$bn_obj=
+ $des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
+ $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
+ }
+
+if (!$no_shared)
+ {
+ $cast_obj=""; # CAST assembler is not PIC
+ }
+
+if ($threads)
+ {
+ $cflags=$thread_cflags;
+ $openssl_thread_defines .= $thread_defines;
+ }
+
+if ($zlib)
+ {
+ $cflags = "-DZLIB $cflags";
+ if (defined($disabled{"zlib-dynamic"}))
+ {
+ if (defined($withargs{"zlib-lib"}))
+ {
+ $lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
+ }
+ else
+ {
+ $lflags = "$lflags -lz";
+ }
+ }
+ else
+ {
+ $cflags = "-DZLIB_SHARED $cflags";
+ }
+ }
+
+# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
+my $shared_mark = "";
+if ($shared_target eq "")
+ {
+ $no_shared_warn = 1 if !$no_shared;
+ $no_shared = 1;
+ }
+if (!$no_shared)
+ {
+ if ($shared_cflag ne "")
+ {
+ $cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
+ }
+ }
+
+if (!$IsMK1MF)
+ {
+ # add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
+ if ($no_shared)
+ {
+ $openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
+ $options.=" static-engine";
+ }
+ else
+ {
+ $openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
+ $options.=" no-static-engine";
+ }
+ }
+
+$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
+
+#
+# Platform fix-ups
+#
+if ($target =~ /\-icc$/) # Intel C compiler
+ {
+ my $iccver=0;
+ if (open(FD,"$cc -V 2>&1 |"))
+ {
+ while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
+ close(FD);
+ }
+ if ($iccver>=8)
+ {
+ # Eliminate unnecessary dependency from libirc.a. This is
+ # essential for shared library support, as otherwise
+ # apps/openssl can end up in endless loop upon startup...
+ $cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
+ }
+ if ($iccver>=9)
+ {
+ $cflags.=" -i-static";
+ $cflags=~s/\-no_cpprt/-no-cpprt/;
+ }
+ if ($iccver>=10)
+ {
+ $cflags=~s/\-i\-static/-static-intel/;
+ }
+ }
+
+# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
+# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
+# .so objects. Apparently application RPATH is not global and does
+# not apply to .so linked with other .so. Problem manifests itself
+# when libssl.so fails to load libcrypto.so. One can argue that we
+# should engrave this into Makefile.shared rules or into BSD-* config
+# lines above. Meanwhile let's try to be cautious and pass -rpath to
+# linker only when --prefix is not /usr.
+if ($target =~ /^BSD\-/)
+ {
+ $shared_ldflag.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
+ }
+
+if ($sys_id ne "")
+ {
+ #$cflags="-DOPENSSL_SYSNAME_$sys_id $cflags";
+ $openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n";
+ }
+
+if ($ranlib eq "")
+ {
+ $ranlib = $default_ranlib;
+ }
+
+#my ($bn1)=split(/\s+/,$bn_obj);
+#$bn1 = "" unless defined $bn1;
+#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
+#$bn_obj="$bn1";
+
+$cpuid_obj="" if ($processor eq "386");
+
+$bn_obj = $bn_asm unless $bn_obj ne "";
+# bn-586 is the only one implementing bn_*_part_words
+$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
+$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
+
+$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
+$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
+$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);
+
+if ($fips)
+ {
+ $openssl_other_defines.="#define OPENSSL_FIPS\n";
+ $cflags .= " -I\$(FIPSDIR)/include";
+ }
+
+$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
+$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
+$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
+$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
+if ($sha1_obj =~ /\.o$/)
+ {
+# $sha1_obj=$sha1_enc;
+ $cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
+ $cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
+ $cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
+ if ($sha1_obj =~ /sse2/)
+ { if ($no_sse2)
+ { $sha1_obj =~ s/\S*sse2\S+//; }
+ elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
+ { $cflags.=" -DOPENSSL_IA32_SSE2"; }
+ }
+ }
+if ($md5_obj =~ /\.o$/)
+ {
+# $md5_obj=$md5_enc;
+ $cflags.=" -DMD5_ASM";
+ }
+if ($rmd160_obj =~ /\.o$/)
+ {
+# $rmd160_obj=$rmd160_enc;
+ $cflags.=" -DRMD160_ASM";
+ }
+if ($aes_obj =~ /\.o$/)
+ {
+ $cflags.=" -DAES_ASM";
+ # aes-ctr.o is not a real file, only indication that assembler
+ # module implements AES_ctr32_encrypt...
+ $cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
+ # aes-xts.o indicates presense of AES_xts_[en|de]crypt...
+ $cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
+ $aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
+ $cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
+ $cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
+ }
+else {
+ $aes_obj=$aes_enc;
+ }
+$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
+if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
+ {
+ $cflags.=" -DWHIRLPOOL_ASM";
+ }
+else {
+ $wp_obj="wp_block.o";
+ }
+$cmll_obj=$cmll_enc unless ($cmll_obj =~ /.o$/);
+if ($modes_obj =~ /ghash/)
+ {
+ $cflags.=" -DGHASH_ASM";
+ }
+
+# "Stringify" the C flags string. This permits it to be made part of a string
+# and works as well on command lines.
+$cflags =~ s/([\\\"])/\\\1/g;
+
+my $version = "unknown";
+my $version_num = "unknown";
+my $major = "unknown";
+my $minor = "unknown";
+my $shlib_version_number = "unknown";
+my $shlib_version_history = "unknown";
+my $shlib_major = "unknown";
+my $shlib_minor = "unknown";
+
+open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
+while (<IN>)
+ {
+ $version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
+ $version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/;
+ $shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
+ $shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
+ }
+close(IN);
+if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }
+
+if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
+ {
+ $major=$1;
+ $minor=$2;
+ }
+
+if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
+ {
+ $shlib_major=$1;
+ $shlib_minor=$2;
+ }
+
+if ($strict_warnings)
+ {
+ my $ecc = $cc;
+ $ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
+ my $wopt;
+ die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc$/ or $ecc =~ /clang$/);
+ foreach $wopt (split /\s+/, $gcc_devteam_warn)
+ {
+ $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
+ }
+ if ($ecc eq "clang")
+ {
+ foreach $wopt (split /\s+/, $clang_devteam_warn)
+ {
+ $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
+ }
+ }
+ }
+
+open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
+my $sdirs=0;
+while (<IN>)
+ {
+ chomp;
+ $sdirs = 1 if /^SDIRS=/;
+ if ($sdirs) {
+ my $dir;
+ foreach $dir (@skip) {
+ s/(\s)$dir /$1/;
+ s/\s$dir$//;
+ }
+ }
+ $sdirs = 0 unless /\\$/;
+ s/engines // if (/^DIRS=/ && $disabled{"engine"});
+ s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
+ s/^VERSION=.*/VERSION=$version/;
+ s/^MAJOR=.*/MAJOR=$major/;
+ s/^MINOR=.*/MINOR=$minor/;
+ s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
+ s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
+ s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
+ s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
+ s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
+ s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
+ s/^MULTILIB=.*$/MULTILIB=$multilib/;
+ s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
+ s/^LIBDIR=.*$/LIBDIR=$libdir/;
+ s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
+ s/^PLATFORM=.*$/PLATFORM=$target/;
+ s/^OPTIONS=.*$/OPTIONS=$options/;
+ s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
+ if ($cross_compile_prefix)
+ {
+ s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
+ s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
+ s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
+ s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
+ }
+ else {
+ s/^CC=.*$/CC= $cc/;
+ s/^AR=\s*ar/AR= $ar/;
+ s/^RANLIB=.*/RANLIB= $ranlib/;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
+ }
+ s/^CFLAG=.*$/CFLAG= $cflags/;
+ s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
+ s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
+ s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
+ s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
+ s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
+ s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
+ s/^DES_ENC=.*$/DES_ENC= $des_obj/;
+ s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
+ s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+ s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
+ s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
+ s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
+ s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
+ s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
+ s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
+ s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
+ s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
+ s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
+ s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
+ s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
+ s/^PROCESSOR=.*/PROCESSOR= $processor/;
+ s/^ARFLAGS=.*/ARFLAGS= $arflags/;
+ s/^PERL=.*/PERL= $perl/;
+ s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
+ s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
+ s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
+ s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
+
+ s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
+ s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
+ s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
+ s/^BASEADDR=.*/BASEADDR=$baseaddr/;
+
+ s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
+ s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
+ s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
+ if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
+ {
+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+ {
+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
+ }
+ s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
+ print OUT $_."\n";
+ }
+close(IN);
+close(OUT);
+rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
+rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
+
+print "CC =$cc\n";
+print "CFLAG =$cflags\n";
+print "EX_LIBS =$lflags\n";
+print "CPUID_OBJ =$cpuid_obj\n";
+print "BN_ASM =$bn_obj\n";
+print "DES_ENC =$des_obj\n";
+print "AES_ENC =$aes_obj\n";
+print "BF_ENC =$bf_obj\n";
+print "CAST_ENC =$cast_obj\n";
+print "RC4_ENC =$rc4_obj\n";
+print "RC5_ENC =$rc5_obj\n";
+print "MD5_OBJ_ASM =$md5_obj\n";
+print "SHA1_OBJ_ASM =$sha1_obj\n";
+print "RMD160_OBJ_ASM=$rmd160_obj\n";
+print "CMLL_ENC =$cmll_obj\n";
+print "MODES_OBJ =$modes_obj\n";
+print "ENGINES_OBJ =$engines_obj\n";
+print "PROCESSOR =$processor\n";
+print "RANLIB =$ranlib\n";
+print "ARFLAGS =$arflags\n";
+print "PERL =$perl\n";
+print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
+ if $withargs{"krb5-include"} ne "";
+
+my $des_ptr=0;
+my $des_risc1=0;
+my $des_risc2=0;
+my $des_unroll=0;
+my $bn_ll=0;
+my $def_int=2;
+my $rc4_int=$def_int;
+my $md2_int=$def_int;
+my $idea_int=$def_int;
+my $rc2_int=$def_int;
+my $rc4_idx=0;
+my $rc4_chunk=0;
+my $bf_ptr=0;
+my @type=("char","short","int","long");
+my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
+my $export_var_as_fn=0;
+
+my $des_int;
+
+foreach (sort split(/\s+/,$bn_ops))
+ {
+ $des_ptr=1 if /DES_PTR/;
+ $des_risc1=1 if /DES_RISC1/;
+ $des_risc2=1 if /DES_RISC2/;
+ $des_unroll=1 if /DES_UNROLL/;
+ $des_int=1 if /DES_INT/;
+ $bn_ll=1 if /BN_LLONG/;
+ $rc4_int=0 if /RC4_CHAR/;
+ $rc4_int=3 if /RC4_LONG/;
+ $rc4_idx=1 if /RC4_INDEX/;
+ $rc4_chunk=1 if /RC4_CHUNK/;
+ $rc4_chunk=2 if /RC4_CHUNK_LL/;
+ $md2_int=0 if /MD2_CHAR/;
+ $md2_int=3 if /MD2_LONG/;
+ $idea_int=1 if /IDEA_SHORT/;
+ $idea_int=3 if /IDEA_LONG/;
+ $rc2_int=1 if /RC2_SHORT/;
+ $rc2_int=3 if /RC2_LONG/;
+ $bf_ptr=1 if $_ eq "BF_PTR";
+ $bf_ptr=2 if $_ eq "BF_PTR2";
+ ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
+ $export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
+ }
+
+open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
+unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
+open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
+print OUT "/* opensslconf.h */\n";
+print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
+
+print OUT "#ifdef __cplusplus\n";
+print OUT "extern \"C\" {\n";
+print OUT "#endif\n";
+print OUT "/* OpenSSL was configured with the following options: */\n";
+my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
+$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg;
+$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg;
+$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+$openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
+$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+print OUT $openssl_sys_defines;
+print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
+print OUT $openssl_experimental_defines;
+print OUT "\n";
+print OUT $openssl_algorithm_defines;
+print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
+print OUT $openssl_thread_defines;
+print OUT $openssl_other_defines,"\n";
+
+print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
+print OUT " asks for it. This is a transient feature that is provided for those\n";
+print OUT " who haven't had the time to do the appropriate changes in their\n";
+print OUT " applications. */\n";
+print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
+print OUT $openssl_algorithm_defines_trans;
+print OUT "#endif\n\n";
+
+print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");
+
+while (<IN>)
+ {
+ if (/^#define\s+OPENSSLDIR/)
+ {
+ my $foo = $openssldir;
+ $foo =~ s/\\/\\\\/g;
+ print OUT "#define OPENSSLDIR \"$foo\"\n";
+ }
+ elsif (/^#define\s+ENGINESDIR/)
+ {
+ my $foo = "$prefix/$libdir/engines";
+ $foo =~ s/\\/\\\\/g;
+ print OUT "#define ENGINESDIR \"$foo\"\n";
+ }
+ elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
+ { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
+ if $export_var_as_fn;
+ printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
+ ($export_var_as_fn)?"define":"undef"; }
+ elsif (/^#define\s+OPENSSL_UNISTD/)
+ {
+ $unistd = "<unistd.h>" if $unistd eq "";
+ print OUT "#define OPENSSL_UNISTD $unistd\n";
+ }
+ elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
+ { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
+ { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
+ { printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
+ { printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
+ { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
+ { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
+ elsif (/^\#define\s+DES_LONG\s+.*/)
+ { printf OUT "#define DES_LONG unsigned %s\n",
+ ($des_int)?'int':'long'; }
+ elsif (/^\#(define|undef)\s+DES_PTR/)
+ { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC1/)
+ { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC2/)
+ { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_UNROLL/)
+ { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
+ elsif (/^#define\s+RC4_INT\s/)
+ { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
+ elsif (/^#undef\s+RC4_CHUNK/)
+ {
+ printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
+ printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
+ printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
+ }
+ elsif (/^#((define)|(undef))\s+RC4_INDEX/)
+ { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
+ elsif (/^#(define|undef)\s+I386_ONLY/)
+ { printf OUT "#%s I386_ONLY\n", ($processor eq "386")?
+ "define":"undef"; }
+ elsif (/^#define\s+MD2_INT\s/)
+ { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
+ elsif (/^#define\s+IDEA_INT\s/)
+ {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
+ elsif (/^#define\s+RC2_INT\s/)
+ {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
+ elsif (/^#(define|undef)\s+BF_PTR/)
+ {
+ printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
+ printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
+ printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
+ }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+print OUT "#ifdef __cplusplus\n";
+print OUT "}\n";
+print OUT "#endif\n";
+close(OUT);
+rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
+rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
+
+
+# Fix the date
+
+print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
+print "SIXTY_FOUR_BIT mode\n" if $b64;
+print "THIRTY_TWO_BIT mode\n" if $b32;
+print "SIXTEEN_BIT mode\n" if $b16;
+print "EIGHT_BIT mode\n" if $b8;
+print "DES_PTR used\n" if $des_ptr;
+print "DES_RISC1 used\n" if $des_risc1;
+print "DES_RISC2 used\n" if $des_risc2;
+print "DES_UNROLL used\n" if $des_unroll;
+print "DES_INT used\n" if $des_int;
+print "BN_LLONG mode\n" if $bn_ll;
+print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
+print "RC4_INDEX mode\n" if $rc4_idx;
+print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
+print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
+print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
+print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
+print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
+print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
+print "BF_PTR used\n" if $bf_ptr == 1;
+print "BF_PTR2 used\n" if $bf_ptr == 2;
+
+if($IsMK1MF) {
+ open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
+ printf OUT <<EOF;
+#ifndef MK1MF_BUILD
+ /* auto-generated by Configure for crypto/cversion.c:
+ * for Unix builds, crypto/Makefile.ssl generates functional definitions;
+ * Windows builds (and other mk1mf builds) compile cversion.c with
+ * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
+ #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
+#endif
+EOF
+ close(OUT);
+} else {
+ my $make_command = "$make PERL=\'$perl\'";
+ my $make_targets = "";
+ $make_targets .= " links" if $symlink;
+ $make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
+ $make_targets .= " gentests" if $symlink;
+ (system $make_command.$make_targets) == 0 or exit $?
+ if $make_targets ne "";
+ if ( $perl =~ m@^/@) {
+ &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
+ &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
+ } else {
+ # No path for Perl known ...
+ &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
+ &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
+ }
+ if ($depflags ne $default_depflags && !$make_depend) {
+ $warn_make_depend++;
+ }
+}
+
+# create the ms/version32.rc file if needed
+if ($IsMK1MF && ($target !~ /^netware/)) {
+ my ($v1, $v2, $v3, $v4);
+ if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {
+ $v1=hex $1;
+ $v2=hex $2;
+ $v3=hex $3;
+ $v4=hex $4;
+ }
+ open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc";
+ print OUT <<EOF;
+#include <winver.h>
+
+LANGUAGE 0x09,0x01
+
+1 VERSIONINFO
+ FILEVERSION $v1,$v2,$v3,$v4
+ PRODUCTVERSION $v1,$v2,$v3,$v4
+ FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+ FILEFLAGS 0x01L
+#else
+ FILEFLAGS 0x00L
+#endif
+ FILEOS VOS__WINDOWS32
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904b0"
+ BEGIN
+ // Required:
+ VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
+ VALUE "FileDescription", "OpenSSL Shared Library\\0"
+ VALUE "FileVersion", "$version\\0"
+#if defined(CRYPTO)
+ VALUE "InternalName", "libeay32\\0"
+ VALUE "OriginalFilename", "libeay32.dll\\0"
+#elif defined(SSL)
+ VALUE "InternalName", "ssleay32\\0"
+ VALUE "OriginalFilename", "ssleay32.dll\\0"
+#endif
+ VALUE "ProductName", "The OpenSSL Toolkit\\0"
+ VALUE "ProductVersion", "$version\\0"
+ // Optional:
+ //VALUE "Comments", "\\0"
+ VALUE "LegalCopyright", "Copyright \xA9 1998-2005 The OpenSSL Project. Copyright \xA9 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+ //VALUE "LegalTrademarks", "\\0"
+ //VALUE "PrivateBuild", "\\0"
+ //VALUE "SpecialBuild", "\\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 0x4b0
+ END
+END
+EOF
+ close(OUT);
+ }
+
+print <<EOF;
+
+Configured for $target.
+EOF
+
+print <<\EOF if (!$no_threads && !$threads);
+
+The library could not be configured for supporting multi-threaded
+applications as the compiler options required on this system are not known.
+See file INSTALL for details if you need multi-threading.
+EOF
+
+print <<\EOF if ($no_shared_warn);
+
+You gave the option 'shared', which is not supported on this platform, so
+we will pretend you gave the option 'no-shared'. If you know how to implement
+shared libraries, please let us know (but please first make sure you have
+tried with a current version of OpenSSL).
+EOF
+
+print <<EOF if ($warn_make_depend);
+
+*** Because of configuration changes, you MUST do the following before
+*** building:
+
+ make depend
+EOF
+
+exit(0);
+
+sub usage
+ {
+ print STDERR $usage;
+ print STDERR "\npick os/compiler from:\n";
+ my $j=0;
+ my $i;
+ my $k=0;
+ foreach $i (sort keys %table)
+ {
+ next if $i =~ /^debug/;
+ $k += length($i) + 1;
+ if ($k > 78)
+ {
+ print STDERR "\n";
+ $k=length($i);
+ }
+ print STDERR $i . " ";
+ }
+ foreach $i (sort keys %table)
+ {
+ next if $i !~ /^debug/;
+ $k += length($i) + 1;
+ if ($k > 78)
+ {
+ print STDERR "\n";
+ $k=length($i);
+ }
+ print STDERR $i . " ";
+ }
+ print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
+ exit(1);
+ }
+
+sub which
+ {
+ my($name)=@_;
+ my $path;
+ foreach $path (split /:/, $ENV{PATH})
+ {
+ if (-f "$path/$name$exe_ext" and -x _)
+ {
+ return "$path/$name$exe_ext" unless ($name eq "perl" and
+ system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\''));
+ }
+ }
+ }
+
+sub dofile
+ {
+ my $f; my $p; my %m; my @a; my $k; my $ff;
+ ($f,$p,%m)=@_;
+
+ open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
+ @a=<IN>;
+ close(IN);
+ foreach $k (keys %m)
+ {
+ grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)), at a);
+ }
+ open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
+ print OUT @a;
+ close(OUT);
+ rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
+ rename("$f.new",$f) || die "unable to rename $f.new\n";
+ }
+
+sub print_table_entry
+ {
+ my $target = shift;
+
+ (my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
+ my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
+ my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
+ my $rc5_obj,my $wp_obj,my $cmll_obj,my $modes_obj, my $engines_obj,
+ my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
+ my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
+ split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+
+ print <<EOF
+
+*** $target
+\$cc = $cc
+\$cflags = $cflags
+\$unistd = $unistd
+\$thread_cflag = $thread_cflag
+\$sys_id = $sys_id
+\$lflags = $lflags
+\$bn_ops = $bn_ops
+\$cpuid_obj = $cpuid_obj
+\$bn_obj = $bn_obj
+\$des_obj = $des_obj
+\$aes_obj = $aes_obj
+\$bf_obj = $bf_obj
+\$md5_obj = $md5_obj
+\$sha1_obj = $sha1_obj
+\$cast_obj = $cast_obj
+\$rc4_obj = $rc4_obj
+\$rmd160_obj = $rmd160_obj
+\$rc5_obj = $rc5_obj
+\$wp_obj = $wp_obj
+\$cmll_obj = $cmll_obj
+\$modes_obj = $modes_obj
+\$engines_obj = $engines_obj
+\$perlasm_scheme = $perlasm_scheme
+\$dso_scheme = $dso_scheme
+\$shared_target= $shared_target
+\$shared_cflag = $shared_cflag
+\$shared_ldflag = $shared_ldflag
+\$shared_extension = $shared_extension
+\$ranlib = $ranlib
+\$arflags = $arflags
+\$multilib = $multilib
+EOF
+ }
+
+sub test_sanity
+ {
+ my $errorcnt = 0;
+
+ print STDERR "=" x 70, "\n";
+ print STDERR "=== SANITY TESTING!\n";
+ print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
+ print STDERR "=" x 70, "\n";
+
+ foreach $target (sort keys %table)
+ {
+ @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+
+ if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
+ {
+ $errorcnt++;
+ print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
+ print STDERR " in the previous field\n";
+ }
+ elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
+ {
+ $errorcnt++;
+ print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
+ print STDERR " in the following field\n";
+ }
+ elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
+ {
+ $errorcnt++;
+ print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
+ print STDERR " valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
+ }
+ }
+ print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
+ return $errorcnt;
+ }
Deleted: vendor-crypto/openssl/1.0.1u/INSTALL
===================================================================
--- vendor-crypto/openssl/dist/INSTALL 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/INSTALL 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,360 +0,0 @@
-
- INSTALLATION ON THE UNIX PLATFORM
- ---------------------------------
-
- [Installation on DOS (with djgpp), Windows, OpenVMS, MacOS (before MacOS X)
- and NetWare is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS,
- INSTALL.MacOS and INSTALL.NW.
-
- This document describes installation on operating systems in the Unix
- family.]
-
- To install OpenSSL, you will need:
-
- * make
- * Perl 5
- * an ANSI C compiler
- * a development environment in form of development libraries and C
- header files
- * a supported Unix operating system
-
- Quick Start
- -----------
-
- If you want to just get on with it, do:
-
- $ ./config
- $ make
- $ make test
- $ make install
-
- [If any of these steps fails, see section Installation in Detail below.]
-
- This will build and install OpenSSL in the default location, which is (for
- historical reasons) /usr/local/ssl. If you want to install it anywhere else,
- run config like this:
-
- $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
-
-
- Configuration Options
- ---------------------
-
- There are several options to ./config (or ./Configure) to customize
- the build:
-
- --prefix=DIR Install in DIR/bin, DIR/lib, DIR/include/openssl.
- Configuration files used by OpenSSL will be in DIR/ssl
- or the directory specified by --openssldir.
-
- --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
- the library files and binaries are also installed there.
-
- no-threads Don't try to build with support for multi-threaded
- applications.
-
- threads Build with support for multi-threaded applications.
- This will usually require additional system-dependent options!
- See "Note on multi-threading" below.
-
- no-zlib Don't try to build with support for zlib compression and
- decompression.
-
- zlib Build with support for zlib compression/decompression.
-
- zlib-dynamic Like "zlib", but has OpenSSL load the zlib library dynamically
- when needed. This is only supported on systems where loading
- of shared libraries is supported. This is the default choice.
-
- no-shared Don't try to create shared libraries.
-
- shared In addition to the usual static libraries, create shared
- libraries on platforms where it's supported. See "Note on
- shared libraries" below.
-
- no-asm Do not use assembler code.
-
- 386 Use the 80386 instruction set only (the default x86 code is
- more efficient, but requires at least a 486). Note: Use
- compiler flags for any other CPU specific configuration,
- e.g. "-m32" to build x86 code on an x64 system.
-
- no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
- detected at run-time, but the decision whether or not the
- machine code will be executed is taken solely on CPU
- capability vector. This means that if you happen to run OS
- kernel which does not support SSE2 extension on Intel P4
- processor, then your application might be exposed to
- "illegal instruction" exception. There might be a way
- to enable support in kernel, e.g. FreeBSD kernel can be
- compiled with CPU_ENABLE_SSE, and there is a way to
- disengage SSE2 code pathes upon application start-up,
- but if you aim for wider "audience" running such kernel,
- consider no-sse2. Both 386 and no-asm options above imply
- no-sse2.
-
- no-<cipher> Build without the specified cipher (bf, cast, des, dh, dsa,
- hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
- The crypto/<cipher> directory can be removed after running
- "make depend".
-
- -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
- be passed through to the compiler to allow you to
- define preprocessor symbols, specify additional libraries,
- library directories or other compiler options.
-
- -DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
- BSD. Useful if you are running ocf-linux or something
- similar. Once enabled you can also enable the use of
- cryptodev digests, which is usually slower unless you have
- large amounts data. Use -DUSE_CRYPTODEV_DIGESTS to force
- it.
-
- Installation in Detail
- ----------------------
-
- 1a. Configure OpenSSL for your operation system automatically:
-
- $ ./config [options]
-
- This guesses at your operating system (and compiler, if necessary) and
- configures OpenSSL based on this guess. Run ./config -t to see
- if it guessed correctly. If you want to use a different compiler, you
- are cross-compiling for another platform, or the ./config guess was
- wrong for other reasons, go to step 1b. Otherwise go to step 2.
-
- On some systems, you can include debugging information as follows:
-
- $ ./config -d [options]
-
- 1b. Configure OpenSSL for your operating system manually
-
- OpenSSL knows about a range of different operating system, hardware and
- compiler combinations. To see the ones it knows about, run
-
- $ ./Configure
-
- Pick a suitable name from the list that matches your system. For most
- operating systems there is a choice between using "cc" or "gcc". When
- you have identified your system (and if necessary compiler) use this name
- as the argument to ./Configure. For example, a "linux-elf" user would
- run:
-
- $ ./Configure linux-elf [options]
-
- If your system is not available, you will have to edit the Configure
- program and add the correct configuration for your system. The
- generic configurations "cc" or "gcc" should usually work on 32 bit
- systems.
-
- Configure creates the file Makefile.ssl from Makefile.org and
- defines various macros in crypto/opensslconf.h (generated from
- crypto/opensslconf.h.in).
-
- 2. Build OpenSSL by running:
-
- $ make
-
- This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
- OpenSSL binary ("openssl"). The libraries will be built in the top-level
- directory, and the binary will be in the "apps" directory.
-
- If "make" fails, look at the output. There may be reasons for
- the failure that aren't problems in OpenSSL itself (like missing
- standard headers). If it is a problem with OpenSSL itself, please
- report the problem to <openssl-bugs at openssl.org> (note that your
- message will be recorded in the request tracker publicly readable
- via http://www.openssl.org/support/rt.html and will be forwarded to a
- public mailing list). Include the output of "make report" in your message.
- Please check out the request tracker. Maybe the bug was already
- reported or has already been fixed.
-
- [If you encounter assembler error messages, try the "no-asm"
- configuration option as an immediate fix.]
-
- Compiling parts of OpenSSL with gcc and others with the system
- compiler will result in unresolved symbols on some systems.
-
- 3. After a successful build, the libraries should be tested. Run:
-
- $ make test
-
- If a test fails, look at the output. There may be reasons for
- the failure that isn't a problem in OpenSSL itself (like a missing
- or malfunctioning bc). If it is a problem with OpenSSL itself,
- try removing any compiler optimization flags from the CFLAG line
- in Makefile.ssl and run "make clean; make". Please send a bug
- report to <openssl-bugs at openssl.org>, including the output of
- "make report" in order to be added to the request tracker at
- http://www.openssl.org/support/rt.html.
-
- 4. If everything tests ok, install OpenSSL with
-
- $ make install
-
- This will create the installation directory (if it does not exist) and
- then the following subdirectories:
-
- certs Initially empty, this is the default location
- for certificate files.
- man/man1 Manual pages for the 'openssl' command line tool
- man/man3 Manual pages for the libraries (very incomplete)
- misc Various scripts.
- private Initially empty, this is the default location
- for private key files.
-
- If you didn't choose a different installation prefix, the
- following additional subdirectories will be created:
-
- bin Contains the openssl binary and a few other
- utility programs.
- include/openssl Contains the header files needed if you want to
- compile programs with libcrypto or libssl.
- lib Contains the OpenSSL library files themselves.
-
- Use "make install_sw" to install the software without documentation,
- and "install_docs_html" to install HTML renditions of the manual
- pages.
-
- Package builders who want to configure the library for standard
- locations, but have the package installed somewhere else so that
- it can easily be packaged, can use
-
- $ make INSTALL_PREFIX=/tmp/package-root install
-
- (or specify "--install_prefix=/tmp/package-root" as a configure
- option). The specified prefix will be prepended to all
- installation target filenames.
-
-
- NOTE: The header files used to reside directly in the include
- directory, but have now been moved to include/openssl so that
- OpenSSL can co-exist with other libraries which use some of the
- same filenames. This means that applications that use OpenSSL
- should now use C preprocessor directives of the form
-
- #include <openssl/ssl.h>
-
- instead of "#include <ssl.h>", which was used with library versions
- up to OpenSSL 0.9.2b.
-
- If you install a new version of OpenSSL over an old library version,
- you should delete the old header files in the include directory.
-
- Compatibility issues:
-
- * COMPILING existing applications
-
- To compile an application that uses old filenames -- e.g.
- "#include <ssl.h>" --, it will usually be enough to find
- the CFLAGS definition in the application's Makefile and
- add a C option such as
-
- -I/usr/local/ssl/include/openssl
-
- to it.
-
- But don't delete the existing -I option that points to
- the ..../include directory! Otherwise, OpenSSL header files
- could not #include each other.
-
- * WRITING applications
-
- To write an application that is able to handle both the new
- and the old directory layout, so that it can still be compiled
- with library versions up to OpenSSL 0.9.2b without bothering
- the user, you can proceed as follows:
-
- - Always use the new filename of OpenSSL header files,
- e.g. #include <openssl/ssl.h>.
-
- - Create a directory "incl" that contains only a symbolic
- link named "openssl", which points to the "include" directory
- of OpenSSL.
- For example, your application's Makefile might contain the
- following rule, if OPENSSLDIR is a pathname (absolute or
- relative) of the directory where OpenSSL resides:
-
- incl/openssl:
- -mkdir incl
- cd $(OPENSSLDIR) # Check whether the directory really exists
- -ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl
-
- You will have to add "incl/openssl" to the dependencies
- of those C files that include some OpenSSL header file.
-
- - Add "-Iincl" to your CFLAGS.
-
- With these additions, the OpenSSL header files will be available
- under both name variants if an old library version is used:
- Your application can reach them under names like <openssl/foo.h>,
- while the header files still are able to #include each other
- with names of the form <foo.h>.
-
-
- Note on multi-threading
- -----------------------
-
- For some systems, the OpenSSL Configure script knows what compiler options
- are needed to generate a library that is suitable for multi-threaded
- applications. On these systems, support for multi-threading is enabled
- by default; use the "no-threads" option to disable (this should never be
- necessary).
-
- On other systems, to enable support for multi-threading, you will have
- to specify at least two options: "threads", and a system-dependent option.
- (The latter is "-D_REENTRANT" on various systems.) The default in this
- case, obviously, is not to include support for multi-threading (but
- you can still use "no-threads" to suppress an annoying warning message
- from the Configure script.)
-
-
- Note on shared libraries
- ------------------------
-
- Shared libraries have certain caveats. Binary backward compatibility
- can't be guaranteed before OpenSSL version 1.0. The only reason to
- use them would be to conserve memory on systems where several programs
- are using OpenSSL.
-
- For some systems, the OpenSSL Configure script knows what is needed to
- build shared libraries for libcrypto and libssl. On these systems,
- the shared libraries are currently not created by default, but giving
- the option "shared" will get them created. This method supports Makefile
- targets for shared library creation, like linux-shared. Those targets
- can currently be used on their own just as well, but this is expected
- to change in future versions of OpenSSL.
-
- Note on random number generation
- --------------------------------
-
- Availability of cryptographically secure random numbers is required for
- secret key generation. OpenSSL provides several options to seed the
- internal PRNG. If not properly seeded, the internal PRNG will refuse
- to deliver random bytes and a "PRNG not seeded error" will occur.
- On systems without /dev/urandom (or similar) device, it may be necessary
- to install additional support software to obtain random seed.
- Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
- and the FAQ for more information.
-
- Note on support for multiple builds
- -----------------------------------
-
- OpenSSL is usually built in its source tree. Unfortunately, this doesn't
- support building for multiple platforms from the same source tree very well.
- It is however possible to build in a separate tree through the use of lots
- of symbolic links, which should be prepared like this:
-
- mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
- cd objtree/"`uname -s`-`uname -r`-`uname -m`"
- (cd $OPENSSL_SOURCE; find . -type f) | while read F; do
- mkdir -p `dirname $F`
- rm -f $F; ln -s $OPENSSL_SOURCE/$F $F
- echo $F '->' $OPENSSL_SOURCE/$F
- done
- make -f Makefile.org clean
-
- OPENSSL_SOURCE is an environment variable that contains the absolute (this
- is important!) path to the OpenSSL source tree.
-
- Also, operations like 'make update' should still be made in the source tree.
Copied: vendor-crypto/openssl/1.0.1u/INSTALL (from rev 11605, vendor-crypto/openssl/dist/INSTALL)
===================================================================
--- vendor-crypto/openssl/1.0.1u/INSTALL (rev 0)
+++ vendor-crypto/openssl/1.0.1u/INSTALL 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,360 @@
+
+ INSTALLATION ON THE UNIX PLATFORM
+ ---------------------------------
+
+ [Installation on DOS (with djgpp), Windows, OpenVMS, MacOS (before MacOS X)
+ and NetWare is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS,
+ INSTALL.MacOS and INSTALL.NW.
+
+ This document describes installation on operating systems in the Unix
+ family.]
+
+ To install OpenSSL, you will need:
+
+ * make
+ * Perl 5
+ * an ANSI C compiler
+ * a development environment in form of development libraries and C
+ header files
+ * a supported Unix operating system
+
+ Quick Start
+ -----------
+
+ If you want to just get on with it, do:
+
+ $ ./config
+ $ make
+ $ make test
+ $ make install
+
+ [If any of these steps fails, see section Installation in Detail below.]
+
+ This will build and install OpenSSL in the default location, which is (for
+ historical reasons) /usr/local/ssl. If you want to install it anywhere else,
+ run config like this:
+
+ $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
+
+
+ Configuration Options
+ ---------------------
+
+ There are several options to ./config (or ./Configure) to customize
+ the build:
+
+ --prefix=DIR Install in DIR/bin, DIR/lib, DIR/include/openssl.
+ Configuration files used by OpenSSL will be in DIR/ssl
+ or the directory specified by --openssldir.
+
+ --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
+ the library files and binaries are also installed there.
+
+ no-threads Don't try to build with support for multi-threaded
+ applications.
+
+ threads Build with support for multi-threaded applications.
+ This will usually require additional system-dependent options!
+ See "Note on multi-threading" below.
+
+ no-zlib Don't try to build with support for zlib compression and
+ decompression.
+
+ zlib Build with support for zlib compression/decompression.
+
+ zlib-dynamic Like "zlib", but has OpenSSL load the zlib library dynamically
+ when needed. This is only supported on systems where loading
+ of shared libraries is supported. This is the default choice.
+
+ no-shared Don't try to create shared libraries.
+
+ shared In addition to the usual static libraries, create shared
+ libraries on platforms where it's supported. See "Note on
+ shared libraries" below.
+
+ no-asm Do not use assembler code.
+
+ 386 Use the 80386 instruction set only (the default x86 code is
+ more efficient, but requires at least a 486). Note: Use
+ compiler flags for any other CPU specific configuration,
+ e.g. "-m32" to build x86 code on an x64 system.
+
+ no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
+ detected at run-time, but the decision whether or not the
+ machine code will be executed is taken solely on CPU
+ capability vector. This means that if you happen to run OS
+ kernel which does not support SSE2 extension on Intel P4
+ processor, then your application might be exposed to
+ "illegal instruction" exception. There might be a way
+ to enable support in kernel, e.g. FreeBSD kernel can be
+ compiled with CPU_ENABLE_SSE, and there is a way to
+ disengage SSE2 code pathes upon application start-up,
+ but if you aim for wider "audience" running such kernel,
+ consider no-sse2. Both 386 and no-asm options above imply
+ no-sse2.
+
+ no-<cipher> Build without the specified cipher (bf, cast, des, dh, dsa,
+ hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
+ The crypto/<cipher> directory can be removed after running
+ "make depend".
+
+ -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
+ be passed through to the compiler to allow you to
+ define preprocessor symbols, specify additional libraries,
+ library directories or other compiler options.
+
+ -DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
+ BSD. Useful if you are running ocf-linux or something
+ similar. Once enabled you can also enable the use of
+ cryptodev digests, which is usually slower unless you have
+ large amounts data. Use -DUSE_CRYPTODEV_DIGESTS to force
+ it.
+
+ Installation in Detail
+ ----------------------
+
+ 1a. Configure OpenSSL for your operation system automatically:
+
+ $ ./config [options]
+
+ This guesses at your operating system (and compiler, if necessary) and
+ configures OpenSSL based on this guess. Run ./config -t to see
+ if it guessed correctly. If you want to use a different compiler, you
+ are cross-compiling for another platform, or the ./config guess was
+ wrong for other reasons, go to step 1b. Otherwise go to step 2.
+
+ On some systems, you can include debugging information as follows:
+
+ $ ./config -d [options]
+
+ 1b. Configure OpenSSL for your operating system manually
+
+ OpenSSL knows about a range of different operating system, hardware and
+ compiler combinations. To see the ones it knows about, run
+
+ $ ./Configure
+
+ Pick a suitable name from the list that matches your system. For most
+ operating systems there is a choice between using "cc" or "gcc". When
+ you have identified your system (and if necessary compiler) use this name
+ as the argument to ./Configure. For example, a "linux-elf" user would
+ run:
+
+ $ ./Configure linux-elf [options]
+
+ If your system is not available, you will have to edit the Configure
+ program and add the correct configuration for your system. The
+ generic configurations "cc" or "gcc" should usually work on 32 bit
+ systems.
+
+ Configure creates the file Makefile.ssl from Makefile.org and
+ defines various macros in crypto/opensslconf.h (generated from
+ crypto/opensslconf.h.in).
+
+ 2. Build OpenSSL by running:
+
+ $ make
+
+ This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
+ OpenSSL binary ("openssl"). The libraries will be built in the top-level
+ directory, and the binary will be in the "apps" directory.
+
+ If "make" fails, look at the output. There may be reasons for
+ the failure that aren't problems in OpenSSL itself (like missing
+ standard headers). If it is a problem with OpenSSL itself, please
+ report the problem to <openssl-bugs at openssl.org> (note that your
+ message will be recorded in the request tracker publicly readable
+ at https://www.openssl.org/community/index.html#bugs and will be
+ forwarded to a public mailing list). Include the output of "make
+ report" in your message. Please check out the request tracker. Maybe
+ the bug was already reported or has already been fixed.
+
+ [If you encounter assembler error messages, try the "no-asm"
+ configuration option as an immediate fix.]
+
+ Compiling parts of OpenSSL with gcc and others with the system
+ compiler will result in unresolved symbols on some systems.
+
+ 3. After a successful build, the libraries should be tested. Run:
+
+ $ make test
+
+ If a test fails, look at the output. There may be reasons for
+ the failure that isn't a problem in OpenSSL itself (like a missing
+ or malfunctioning bc). If it is a problem with OpenSSL itself,
+ try removing any compiler optimization flags from the CFLAG line
+ in Makefile.ssl and run "make clean; make". Please send a bug
+ report to <openssl-bugs at openssl.org>, including the output of
+ "make report" in order to be added to the request tracker at
+ http://www.openssl.org/support/rt.html.
+
+ 4. If everything tests ok, install OpenSSL with
+
+ $ make install
+
+ This will create the installation directory (if it does not exist) and
+ then the following subdirectories:
+
+ certs Initially empty, this is the default location
+ for certificate files.
+ man/man1 Manual pages for the 'openssl' command line tool
+ man/man3 Manual pages for the libraries (very incomplete)
+ misc Various scripts.
+ private Initially empty, this is the default location
+ for private key files.
+
+ If you didn't choose a different installation prefix, the
+ following additional subdirectories will be created:
+
+ bin Contains the openssl binary and a few other
+ utility programs.
+ include/openssl Contains the header files needed if you want to
+ compile programs with libcrypto or libssl.
+ lib Contains the OpenSSL library files themselves.
+
+ Use "make install_sw" to install the software without documentation,
+ and "install_docs_html" to install HTML renditions of the manual
+ pages.
+
+ Package builders who want to configure the library for standard
+ locations, but have the package installed somewhere else so that
+ it can easily be packaged, can use
+
+ $ make INSTALL_PREFIX=/tmp/package-root install
+
+ (or specify "--install_prefix=/tmp/package-root" as a configure
+ option). The specified prefix will be prepended to all
+ installation target filenames.
+
+
+ NOTE: The header files used to reside directly in the include
+ directory, but have now been moved to include/openssl so that
+ OpenSSL can co-exist with other libraries which use some of the
+ same filenames. This means that applications that use OpenSSL
+ should now use C preprocessor directives of the form
+
+ #include <openssl/ssl.h>
+
+ instead of "#include <ssl.h>", which was used with library versions
+ up to OpenSSL 0.9.2b.
+
+ If you install a new version of OpenSSL over an old library version,
+ you should delete the old header files in the include directory.
+
+ Compatibility issues:
+
+ * COMPILING existing applications
+
+ To compile an application that uses old filenames -- e.g.
+ "#include <ssl.h>" --, it will usually be enough to find
+ the CFLAGS definition in the application's Makefile and
+ add a C option such as
+
+ -I/usr/local/ssl/include/openssl
+
+ to it.
+
+ But don't delete the existing -I option that points to
+ the ..../include directory! Otherwise, OpenSSL header files
+ could not #include each other.
+
+ * WRITING applications
+
+ To write an application that is able to handle both the new
+ and the old directory layout, so that it can still be compiled
+ with library versions up to OpenSSL 0.9.2b without bothering
+ the user, you can proceed as follows:
+
+ - Always use the new filename of OpenSSL header files,
+ e.g. #include <openssl/ssl.h>.
+
+ - Create a directory "incl" that contains only a symbolic
+ link named "openssl", which points to the "include" directory
+ of OpenSSL.
+ For example, your application's Makefile might contain the
+ following rule, if OPENSSLDIR is a pathname (absolute or
+ relative) of the directory where OpenSSL resides:
+
+ incl/openssl:
+ -mkdir incl
+ cd $(OPENSSLDIR) # Check whether the directory really exists
+ -ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl
+
+ You will have to add "incl/openssl" to the dependencies
+ of those C files that include some OpenSSL header file.
+
+ - Add "-Iincl" to your CFLAGS.
+
+ With these additions, the OpenSSL header files will be available
+ under both name variants if an old library version is used:
+ Your application can reach them under names like <openssl/foo.h>,
+ while the header files still are able to #include each other
+ with names of the form <foo.h>.
+
+
+ Note on multi-threading
+ -----------------------
+
+ For some systems, the OpenSSL Configure script knows what compiler options
+ are needed to generate a library that is suitable for multi-threaded
+ applications. On these systems, support for multi-threading is enabled
+ by default; use the "no-threads" option to disable (this should never be
+ necessary).
+
+ On other systems, to enable support for multi-threading, you will have
+ to specify at least two options: "threads", and a system-dependent option.
+ (The latter is "-D_REENTRANT" on various systems.) The default in this
+ case, obviously, is not to include support for multi-threading (but
+ you can still use "no-threads" to suppress an annoying warning message
+ from the Configure script.)
+
+
+ Note on shared libraries
+ ------------------------
+
+ Shared libraries have certain caveats. Binary backward compatibility
+ can't be guaranteed before OpenSSL version 1.0. The only reason to
+ use them would be to conserve memory on systems where several programs
+ are using OpenSSL.
+
+ For some systems, the OpenSSL Configure script knows what is needed to
+ build shared libraries for libcrypto and libssl. On these systems,
+ the shared libraries are currently not created by default, but giving
+ the option "shared" will get them created. This method supports Makefile
+ targets for shared library creation, like linux-shared. Those targets
+ can currently be used on their own just as well, but this is expected
+ to change in future versions of OpenSSL.
+
+ Note on random number generation
+ --------------------------------
+
+ Availability of cryptographically secure random numbers is required for
+ secret key generation. OpenSSL provides several options to seed the
+ internal PRNG. If not properly seeded, the internal PRNG will refuse
+ to deliver random bytes and a "PRNG not seeded error" will occur.
+ On systems without /dev/urandom (or similar) device, it may be necessary
+ to install additional support software to obtain random seed.
+ Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
+ and the FAQ for more information.
+
+ Note on support for multiple builds
+ -----------------------------------
+
+ OpenSSL is usually built in its source tree. Unfortunately, this doesn't
+ support building for multiple platforms from the same source tree very well.
+ It is however possible to build in a separate tree through the use of lots
+ of symbolic links, which should be prepared like this:
+
+ mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
+ cd objtree/"`uname -s`-`uname -r`-`uname -m`"
+ (cd $OPENSSL_SOURCE; find . -type f) | while read F; do
+ mkdir -p `dirname $F`
+ rm -f $F; ln -s $OPENSSL_SOURCE/$F $F
+ echo $F '->' $OPENSSL_SOURCE/$F
+ done
+ make -f Makefile.org clean
+
+ OPENSSL_SOURCE is an environment variable that contains the absolute (this
+ is important!) path to the OpenSSL source tree.
+
+ Also, operations like 'make update' should still be made in the source tree.
Deleted: vendor-crypto/openssl/1.0.1u/LICENSE
===================================================================
--- vendor-crypto/openssl/dist/LICENSE 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/LICENSE 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,127 +0,0 @@
-
- LICENSE ISSUES
- ==============
-
- The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
- the OpenSSL License and the original SSLeay license apply to the toolkit.
- See below for the actual license texts. Actually both licenses are BSD-style
- Open Source licenses. In case of any license issues related to OpenSSL
- please contact openssl-core at openssl.org.
-
- OpenSSL License
- ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
Copied: vendor-crypto/openssl/1.0.1u/LICENSE (from rev 11605, vendor-crypto/openssl/dist/LICENSE)
===================================================================
--- vendor-crypto/openssl/1.0.1u/LICENSE (rev 0)
+++ vendor-crypto/openssl/1.0.1u/LICENSE 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,127 @@
+
+ LICENSE ISSUES
+ ==============
+
+ The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+ the OpenSSL License and the original SSLeay license apply to the toolkit.
+ See below for the actual license texts. Actually both licenses are BSD-style
+ Open Source licenses. In case of any license issues related to OpenSSL
+ please contact openssl-core at openssl.org.
+
+ OpenSSL License
+ ---------------
+
+/* ====================================================================
+ * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+ Original SSLeay License
+ -----------------------
+
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
Deleted: vendor-crypto/openssl/1.0.1u/Makefile
===================================================================
--- vendor-crypto/openssl/dist/Makefile 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,680 +0,0 @@
-### Generated automatically from Makefile.org by Configure.
-
-##
-## Makefile for OpenSSL
-##
-
-VERSION=1.0.1q
-MAJOR=1
-MINOR=0.1
-SHLIB_VERSION_NUMBER=1.0.0
-SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=1
-SHLIB_MINOR=0.0
-SHLIB_EXT=
-PLATFORM=dist
-OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine
-CONFIGURE_ARGS=dist
-SHLIB_TARGET=
-
-# HERE indicates where this Makefile lives. This can be used to indicate
-# where sub-Makefiles are expected to be. Currently has very limited usage,
-# and should probably not be bothered with at all.
-HERE=.
-
-# INSTALL_PREFIX is for package builders so that they can configure
-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
-# Normally it is left empty.
-INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
-
-# Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
-
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4 - Define to build without the RC4 algorithm
-# NO_RC2 - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-# one. 32 bytes will be read from this when the random
-# number generator is initalised.
-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
-# NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-# call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= cc
-CFLAG= -O
-DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
-PEX_LIBS=
-EX_LIBS=
-EXE_EXT=
-ARFLAGS=
-AR= ar $(ARFLAGS) r
-RANLIB= /usr/bin/ranlib
-NM= nm
-PERL= /usr/bin/perl
-TAR= tar
-TARFLAGS= --no-recursion --record-size=10240
-MAKEDEPPROG=makedepend
-LIBDIR=lib
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAG=$(CFLAG)
-
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR=
-
-# CPUID module collects small commonly used assembler snippets
-CPUID_OBJ= mem_clr.o
-BN_ASM= bn_asm.o
-DES_ENC= des_enc.o fcrypt_b.o
-AES_ENC= aes_core.o aes_cbc.o
-BF_ENC= bf_enc.o
-CAST_ENC= c_enc.o
-RC4_ENC= rc4_enc.o rc4_skey.o
-RC5_ENC= rc5_enc.o
-MD5_ASM_OBJ=
-SHA1_ASM_OBJ=
-RMD160_ASM_OBJ=
-WP_ASM_OBJ= wp_block.o
-CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
-MODES_ASM_OBJ=
-ENGINES_ASM_OBJ=
-PERLASM_SCHEME=
-
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-# Zlib stuff
-ZLIB_INCLUDE=
-LIBZLIB=
-
-# TOP level FIPS install directory.
-FIPSDIR=/usr/local/ssl/fips-2.0
-
-# This is the location of fipscanister.o and friends.
-# The FIPS module build will place it $(INSTALLTOP)/lib
-# but since $(INSTALLTOP) can only take the default value
-# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build may be different so hard
-# code the path.
-
-FIPSLIBDIR=
-
-# The location of the library which contains fipscanister.o
-# normally it will be libcrypto unless fipsdso is set in which
-# case it will be libfips. If not compiling in FIPS mode at all
-# this is empty making it a useful test for a FIPS compile.
-
-FIPSCANLIB=
-
-# Shared library base address. Currently only used on Windows.
-#
-
-BASEADDR=0xFB00000
-
-DIRS= crypto ssl engines apps test tools
-ENGDIRS= ccgost
-SHLIBDIRS= crypto ssl
-
-# dirs in crypto to build
-SDIRS= \
- objects \
- md4 md5 sha mdc2 hmac ripemd whrlpool \
- des aes rc2 rc4 idea bf cast camellia seed modes \
- bn ec rsa dsa ecdsa dh ecdh dso engine \
- buffer bio stack lhash rand err \
- evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- cms pqueue ts srp cmac
-# keep in mind that the above list is adjusted by ./Configure
-# according to no-xxx arguments...
-
-# tests to perform. "alltests" is a special word indicating that all tests
-# should be performed.
-TESTS = alltests
-
-MAKEFILE= Makefile
-
-MANDIR=$(OPENSSLDIR)/man
-MAN1=1
-MAN3=3
-MANSUFFIX=
-HTMLSUFFIX=html
-HTMLDIR=$(OPENSSLDIR)/html
-SHELL=/bin/sh
-
-TOP= .
-ONEDIRS=out tmp
-EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-WDIRS= windows
-LIBS= libcrypto.a libssl.a
-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
-SHARED_LDFLAGS=
-
-GENERAL= Makefile
-BASENAME= openssl
-NAME= $(BASENAME)-$(VERSION)
-TARFILE= $(NAME).tar
-WTARFILE= $(NAME)-win.tar
-EXHEADER= e_os2.h
-HEADER= e_os.h
-
-all: Makefile build_all
-
-# as we stick to -e, CLEARENV ensures that local variables in lower
-# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
-# shell, which [annoyingly enough] terminates unset with error if VAR
-# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
-# which terminates unset with error if no variable was present:-(
-CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
- $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
- $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
- $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
- $${EXHEADER+EXHEADER} $${HEADER+HEADER} \
- $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
- $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
- $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
-
-BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
- CC='$(CC)' CFLAG='$(CFLAG)' \
- AS='$(CC)' ASFLAG='$(CFLAG) -c' \
- AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
- CROSS_COMPILE='$(CROSS_COMPILE)' \
- PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
- SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
- INSTALL_PREFIX='$(INSTALL_PREFIX)' \
- INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
- LIBDIR='$(LIBDIR)' \
- MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
- DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
- MAKEDEPPROG='$(MAKEDEPPROG)' \
- SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
- KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
- ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
- EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
- SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
- PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
- CPUID_OBJ='$(CPUID_OBJ)' \
- BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
- AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
- BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
- RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
- SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
- MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
- RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
- WP_ASM_OBJ='$(WP_ASM_OBJ)' \
- MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
- ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
- PERLASM_SCHEME='$(PERLASM_SCHEME)' \
- FIPSLIBDIR='${FIPSLIBDIR}' \
- FIPSDIR='${FIPSDIR}' \
- FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
- THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
-# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
-# which in turn eliminates ambiguities in variable treatment with -e.
-
-# BUILD_CMD is a generic macro to build a given target in a given
-# subdirectory. The target must be given through the shell variable
-# `target' and the subdirectory to build in must be given through `dir'.
-# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
-# BUILD_ONE_CMD instead.
-#
-# BUILD_ONE_CMD is a macro to build a given target in a given
-# subdirectory if that subdirectory is part of $(DIRS). It requires
-# exactly the same shell variables as BUILD_CMD.
-#
-# RECURSIVE_BUILD_CMD is a macro to build a given target in all
-# subdirectories defined in $(DIRS). It requires that the target
-# is given through the shell variable `target'.
-BUILD_CMD= if [ -d "$$dir" ]; then \
- ( cd $$dir && echo "making $$target in $$dir..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
- ) || exit 1; \
- fi
-RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
-BUILD_ONE_CMD=\
- if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
- $(BUILD_CMD); \
- fi
-
-reflect:
- @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
-
-sub_all: build_all
-
-build_all: build_libs build_apps build_tests build_tools
-
-build_libs: build_libcrypto build_libssl openssl.pc
-
-build_libcrypto: build_crypto build_engines libcrypto.pc
-build_libssl: build_ssl libssl.pc
-
-build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
-
-all_testapps: build_libs build_testapps
-build_testapps:
- @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-
-fips_premain_dso$(EXE_EXT): libcrypto.a
- [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
- -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
- $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
- libcrypto.a $(EX_LIBS)
-
-libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_LIBCRYPTO=libcrypto.a ; \
- FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
- export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
- fi; \
- $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
- (touch -c fips_premain_dso$(EXE_EXT) || :); \
- else \
- echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
- fi
-
-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
- else \
- echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
- fi
-
-clean-shared:
- @set -e; for i in $(SHLIBDIRS); do \
- if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
- tmp="$(SHARED_LIBS_LINK_EXTS)"; \
- for j in $${tmp:-x}; do \
- ( set -x; rm -f lib$$i$$j ); \
- done; \
- fi; \
- ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
- if [ "$(PLATFORM)" = "Cygwin" ]; then \
- ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
- fi; \
- done
-
-link-shared:
- @ set -e; for i in $(SHLIBDIRS); do \
- $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- symlink.$(SHLIB_TARGET); \
- libs="$$libs -l$$i"; \
- done
-
-build-shared: do_$(SHLIB_TARGET) link-shared
-
-do_$(SHLIB_TARGET):
- @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
- if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
- libs="$(LIBKRB5) $$libs"; \
- fi; \
- $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- LIBDEPS="$$libs $(EX_LIBS)" \
- link_a.$(SHLIB_TARGET); \
- libs="-l$$i $$libs"; \
- done
-
-libcrypto.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL-libcrypto'; \
- echo 'Description: OpenSSL cryptography library'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
-
-libssl.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
-
-openssl.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
-
-Makefile: Makefile.org Configure config
- @echo "Makefile is older than Makefile.org, Configure or config."
- @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
- @false
-
-libclean:
- rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
-
-clean: libclean
- rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
- @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
- rm -f $(LIBS)
- rm -f openssl.pc libssl.pc libcrypto.pc
- rm -f speed.* .pure
- rm -f $(TARFILE)
- @set -e; for i in $(ONEDIRS) ;\
- do \
- rm -fr $$i/*; \
- done
-
-makefile.one: files
- $(PERL) util/mk1mf.pl >makefile.one; \
- sh util/do_ms.sh
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
- @set -e; target=files; $(RECURSIVE_BUILD_CMD)
-
-links:
- @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
- @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
- @set -e; target=links; $(RECURSIVE_BUILD_CMD)
-
-gentests:
- @(cd test && echo "generating dummy tests (if needed)..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
-
-dclean:
- rm -rf *.bak include/openssl certs/.0
- @set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
-
-rehash: rehash.time
-rehash.time: certs apps
- @if [ -z "$(CROSS_COMPILE)" ]; then \
- (OPENSSL="`pwd`/util/opensslwrap.sh"; \
- [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
- OPENSSL_DEBUG_MEMORY=on; \
- export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs/demo) && \
- touch rehash.time; \
- else :; fi
-
-test: tests
-
-tests: rehash
- @(cd test && echo "testing..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
- OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
-
-report:
- @$(PERL) util/selftest.pl
-
-update: errors stacks util/libeay.num util/ssleay.num TABLE
- @set -e; target=update; $(RECURSIVE_BUILD_CMD)
-
-depend:
- @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
-
-lint:
- @set -e; target=lint; $(RECURSIVE_BUILD_CMD)
-
-tags:
- rm -f TAGS
- find . -name '[^.]*.[ch]' | xargs etags -a
-
-errors:
- $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
- $(PERL) util/mkerr.pl -recurse -write
- (cd engines; $(MAKE) PERL=$(PERL) errors)
-
-stacks:
- $(PERL) util/mkstack.pl -write
-
-util/libeay.num::
- $(PERL) util/mkdef.pl crypto update
-
-util/ssleay.num::
- $(PERL) util/mkdef.pl ssl update
-
-TABLE: Configure
- (echo 'Output of `Configure TABLE'"':"; \
- $(PERL) Configure TABLE) > TABLE
-
-# Build distribution tar-file. As the list of files returned by "find" is
-# pretty long, on several platforms a "too many arguments" error or similar
-# would occur. Therefore the list of files is temporarily stored into a file
-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
-# tar does not support the --files-from option.
-TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \
- --owner openssl:0 --group openssl:0 \
- --transform 's|^|openssl-$(VERSION)/|' \
- -cvf -
-
-../$(TARFILE).list:
- find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
- \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
- \! -name '*test' \! -name '.#*' \! -name '*~' \
- | sort > ../$(TARFILE).list
-
-tar: ../$(TARFILE).list
- find . -type d -print | xargs chmod 755
- find . -type f -print | xargs chmod a+r
- find . -type f -perm -0100 -print | xargs chmod a+x
- $(TAR_COMMAND) | gzip --best >../$(TARFILE).gz
- rm -f ../$(TARFILE).list
- ls -l ../$(TARFILE).gz
-
-tar-snap: ../$(TARFILE).list
- $(TAR_COMMAND) > ../$(TARFILE)
- rm -f ../$(TARFILE).list
- ls -l ../$(TARFILE)
-
-dist:
- $(PERL) Configure dist
- @$(MAKE) dist_pem_h
- @$(MAKE) SDIRS='$(SDIRS)' clean
- @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
-
-dist_pem_h:
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-
-install: all install_docs install_sw
-
-install_sw:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
- $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
- do \
- if [ -f "$$i" ]; then \
- ( echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
- fi; \
- done;
- @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
- tmp="$(SHARED_LIBS)"; \
- for i in $${tmp:-x}; \
- do \
- if [ -f "$$i" -o -f "$$i.a" ]; then \
- ( echo installing $$i; \
- if [ "$(PLATFORM)" != "Cygwin" ]; then \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
- else \
- c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
- cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
- fi ); \
- if expr $(PLATFORM) : 'mingw' > /dev/null; then \
- ( case $$i in \
- *crypto*) i=libeay32.dll;; \
- *ssl*) i=ssleay32.dll;; \
- esac; \
- echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
- fi; \
- fi; \
- done; \
- ( here="`pwd`"; \
- cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
- $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
- if [ "$(INSTALLTOP)" != "/usr" ]; then \
- echo 'OpenSSL shared libraries have been installed in:'; \
- echo ' $(INSTALLTOP)'; \
- echo ''; \
- sed -e '1,/^$$/d' doc/openssl-shared.txt; \
- fi; \
- fi
- cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
- cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
- cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
-
-install_html_docs:
- here="`pwd`"; \
- for subdir in apps crypto ssl; do \
- mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
- for i in doc/$$subdir/*.pod; do \
- fn=`basename $$i .pod`; \
- echo "installing html/$$fn.$(HTMLSUFFIX)"; \
- cat $$i \
- | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
- | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
- | sed -r 's/<!DOCTYPE.*//g' \
- > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- grep -v $$filecase "^$$fn\$$" | \
- (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
- done); \
- done; \
- done
-
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
- here="`pwd`"; \
- filecase=; \
- if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
- filecase=-i; \
- fi; \
- set -e; for i in doc/apps/*.pod; do \
- fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
- --section=$$sec --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- (grep -v $$filecase "^$$fn\$$"; true) | \
- (grep -v "[ ]"; true) | \
- (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
- done); \
- done; \
- set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
- fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
- --section=$$sec --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- (grep -v $$filecase "^$$fn\$$"; true) | \
- (grep -v "[ ]"; true) | \
- (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
- done); \
- done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
Copied: vendor-crypto/openssl/1.0.1u/Makefile (from rev 11605, vendor-crypto/openssl/dist/Makefile)
===================================================================
--- vendor-crypto/openssl/1.0.1u/Makefile (rev 0)
+++ vendor-crypto/openssl/1.0.1u/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,676 @@
+### Generated automatically from Makefile.org by Configure.
+
+##
+## Makefile for OpenSSL
+##
+
+VERSION=1.0.1u
+MAJOR=1
+MINOR=0.1
+SHLIB_VERSION_NUMBER=1.0.0
+SHLIB_VERSION_HISTORY=
+SHLIB_MAJOR=1
+SHLIB_MINOR=0.0
+SHLIB_EXT=
+PLATFORM=dist
+OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-ssl2 no-store no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic static-engine
+CONFIGURE_ARGS=dist
+SHLIB_TARGET=
+
+# HERE indicates where this Makefile lives. This can be used to indicate
+# where sub-Makefiles are expected to be. Currently has very limited usage,
+# and should probably not be bothered with at all.
+HERE=.
+
+# INSTALL_PREFIX is for package builders so that they can configure
+# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+# Normally it is left empty.
+INSTALL_PREFIX=
+INSTALLTOP=/usr/local/ssl
+
+# Do not edit this manually. Use Configure --openssldir=DIR do change this!
+OPENSSLDIR=/usr/local/ssl
+
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4 - Define to build without the RC4 algorithm
+# NO_RC2 - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+# one. 32 bytes will be read from this when the random
+# number generator is initalised.
+# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+# NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+# call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
+
+CC= cc
+CFLAG= -O
+DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS
+PEX_LIBS=
+EX_LIBS=
+EXE_EXT=
+ARFLAGS=
+AR= ar $(ARFLAGS) r
+RANLIB= /usr/bin/ranlib
+NM= nm
+PERL= /usr/bin/perl
+TAR= tar
+TARFLAGS= --no-recursion --record-size=10240
+MAKEDEPPROG=makedepend
+LIBDIR=lib
+
+# We let the C compiler driver to take care of .s files. This is done in
+# order to be excused from maintaining a separate set of architecture
+# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+# gcc, then the driver will automatically translate it to -xarch=v8plus
+# and pass it down to assembler.
+AS=$(CC) -c
+ASFLAG=$(CFLAG)
+
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR=
+
+# CPUID module collects small commonly used assembler snippets
+CPUID_OBJ= mem_clr.o
+BN_ASM= bn_asm.o
+DES_ENC= des_enc.o fcrypt_b.o
+AES_ENC= aes_core.o aes_cbc.o
+BF_ENC= bf_enc.o
+CAST_ENC= c_enc.o
+RC4_ENC= rc4_enc.o rc4_skey.o
+RC5_ENC= rc5_enc.o
+MD5_ASM_OBJ=
+SHA1_ASM_OBJ=
+RMD160_ASM_OBJ=
+WP_ASM_OBJ= wp_block.o
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME=
+
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=0xFB00000
+
+DIRS= crypto ssl engines apps test tools
+ENGDIRS= ccgost
+SHLIBDIRS= crypto ssl
+
+# dirs in crypto to build
+SDIRS= \
+ objects \
+ md4 md5 sha mdc2 hmac ripemd whrlpool \
+ des aes rc2 rc4 idea bf cast camellia seed modes \
+ bn ec rsa dsa ecdsa dh ecdh dso engine \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+ cms pqueue ts srp cmac
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
+
+# tests to perform. "alltests" is a special word indicating that all tests
+# should be performed.
+TESTS = alltests
+
+MAKEFILE= Makefile
+
+MANDIR=$(OPENSSLDIR)/man
+MAN1=1
+MAN3=3
+MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
+SHELL=/bin/sh
+
+TOP= .
+ONEDIRS=out tmp
+EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
+WDIRS= windows
+LIBS= libcrypto.a libssl.a
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=
+SHARED_LDFLAGS=
+
+GENERAL= Makefile
+BASENAME= openssl
+NAME= $(BASENAME)-$(VERSION)
+TARFILE= ../$(NAME).tar
+EXHEADER= e_os2.h
+HEADER= e_os.h
+
+all: Makefile build_all
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
+ $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
+ $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
+ $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
+ $${EXHEADER+EXHEADER} $${HEADER+HEADER} \
+ $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
+ $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
+ $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+ INSTALL_PREFIX='$(INSTALL_PREFIX)' \
+ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+ LIBDIR='$(LIBDIR)' \
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
+ PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
+ CPUID_OBJ='$(CPUID_OBJ)' \
+ BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
+ AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+ BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+ RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
+ PERLASM_SCHEME='$(PERLASM_SCHEME)' \
+ FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
+ FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
+ THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory. The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS). It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS). It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD= if [ -d "$$dir" ]; then \
+ ( cd $$dir && echo "making $$target in $$dir..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+ ) || exit 1; \
+ fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+ if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+ $(BUILD_CMD); \
+ fi
+
+reflect:
+ @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+
+sub_all: build_all
+
+build_all: build_libs build_apps build_tests build_tools
+
+build_libs: build_libcrypto build_libssl openssl.pc
+
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc
+
+build_crypto:
+ @dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl: build_crypto
+ @dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines: build_crypto
+ @dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps: build_libs
+ @dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests: build_libs
+ @dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools: build_libs
+ @dir=tools; target=all; $(BUILD_ONE_CMD)
+
+all_testapps: build_libs build_testapps
+build_testapps:
+ @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
+ (touch -c fips_premain_dso$(EXE_EXT) || :); \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+ fi
+
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+ fi
+
+clean-shared:
+ @set -e; for i in $(SHLIBDIRS); do \
+ if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+ tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+ for j in $${tmp:-x}; do \
+ ( set -x; rm -f lib$$i$$j ); \
+ done; \
+ fi; \
+ ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then \
+ ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
+ fi; \
+ done
+
+link-shared:
+ @ set -e; for i in $(SHLIBDIRS); do \
+ $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ symlink.$(SHLIB_TARGET); \
+ libs="$$libs -l$$i"; \
+ done
+
+build-shared: do_$(SHLIB_TARGET) link-shared
+
+do_$(SHLIB_TARGET):
+ @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ libs="$(LIBKRB5) $$libs"; \
+ fi; \
+ $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ LIBDEPS="$$libs $(EX_LIBS)" \
+ link_a.$(SHLIB_TARGET); \
+ libs="-l$$i $$libs"; \
+ done
+
+libcrypto.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL-libcrypto'; \
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+Makefile: Makefile.org Configure config
+ @echo "Makefile is older than Makefile.org, Configure or config."
+ @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+ @false
+
+libclean:
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+
+clean: libclean
+ rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
+ @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+ rm -f $(LIBS)
+ rm -f openssl.pc libssl.pc libcrypto.pc
+ rm -f speed.* .pure
+ rm -f $(TARFILE)
+ @set -e; for i in $(ONEDIRS) ;\
+ do \
+ rm -fr $$i/*; \
+ done
+
+makefile.one: files
+ $(PERL) util/mk1mf.pl >makefile.one; \
+ sh util/do_ms.sh
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+ @set -e; target=files; $(RECURSIVE_BUILD_CMD)
+
+links:
+ @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
+ @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
+ @set -e; target=links; $(RECURSIVE_BUILD_CMD)
+
+gentests:
+ @(cd test && echo "generating dummy tests (if needed)..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+
+dclean:
+ rm -rf *.bak include/openssl certs/.0
+ @set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
+
+rehash: rehash.time
+rehash.time: certs apps
+ @if [ -z "$(CROSS_COMPILE)" ]; then \
+ (OPENSSL="`pwd`/util/opensslwrap.sh"; \
+ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+ OPENSSL_DEBUG_MEMORY=on; \
+ export OPENSSL OPENSSL_DEBUG_MEMORY; \
+ $(PERL) tools/c_rehash certs/demo) && \
+ touch rehash.time; \
+ else :; fi
+
+test: tests
+
+tests: rehash
+ @(cd test && echo "testing..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+report:
+ @$(PERL) util/selftest.pl
+
+update: errors stacks util/libeay.num util/ssleay.num TABLE
+ @set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
+depend:
+ @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+
+lint:
+ @set -e; target=lint; $(RECURSIVE_BUILD_CMD)
+
+tags:
+ rm -f TAGS
+ find . -name '[^.]*.[ch]' | xargs etags -a
+
+errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+ $(PERL) util/mkerr.pl -recurse -write
+ (cd engines; $(MAKE) PERL=$(PERL) errors)
+
+stacks:
+ $(PERL) util/mkstack.pl -write
+
+util/libeay.num::
+ $(PERL) util/mkdef.pl crypto update
+
+util/ssleay.num::
+ $(PERL) util/mkdef.pl ssl update
+
+TABLE: Configure
+ (echo 'Output of `Configure TABLE'"':"; \
+ $(PERL) Configure TABLE) > TABLE
+
+# Build distribution tar-file. As the list of files returned by "find" is
+# pretty long, on several platforms a "too many arguments" error or similar
+# would occur. Therefore the list of files is temporarily stored into a file
+# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+# tar does not support the --files-from option.
+TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
+ --owner 0 --group 0 \
+ --transform 's|^|$(NAME)/|' \
+ -cvf -
+
+$(TARFILE).list:
+ find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
+ \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
+ \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
+ \! -name '.#*' \! -name '*~' \! -type l \
+ | sort > $(TARFILE).list
+
+tar: $(TARFILE).list
+ find . -type d -print | xargs chmod 755
+ find . -type f -print | xargs chmod a+r
+ find . -type f -perm -0100 -print | xargs chmod a+x
+ $(TAR_COMMAND) | gzip --best > $(TARFILE).gz
+ rm -f $(TARFILE).list
+ ls -l $(TARFILE).gz
+
+tar-snap: $(TARFILE).list
+ $(TAR_COMMAND) > $(TARFILE)
+ rm -f $(TARFILE).list
+ ls -l $(TARFILE)
+
+dist:
+ $(PERL) Configure dist
+ @$(MAKE) SDIRS='$(SDIRS)' clean
+ @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
+
+install: all install_docs install_sw
+
+install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+ @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+ fi; \
+ done;
+ @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+ tmp="$(SHARED_LIBS)"; \
+ for i in $${tmp:-x}; \
+ do \
+ if [ -f "$$i" -o -f "$$i.a" ]; then \
+ ( echo installing $$i; \
+ if [ "$(PLATFORM)" != "Cygwin" ]; then \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ else \
+ c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ fi ); \
+ if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+ ( case $$i in \
+ *crypto*) i=libeay32.dll;; \
+ *ssl*) i=ssleay32.dll;; \
+ esac; \
+ echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ fi; \
+ fi; \
+ done; \
+ ( here="`pwd`"; \
+ cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+ $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+ if [ "$(INSTALLTOP)" != "/usr" ]; then \
+ echo 'OpenSSL shared libraries have been installed in:'; \
+ echo ' $(INSTALLTOP)'; \
+ echo ''; \
+ sed -e '1,/^$$/d' doc/openssl-shared.txt; \
+ fi; \
+ fi
+ cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+ cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+ cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+ here="`pwd`"; \
+ for subdir in apps crypto ssl; do \
+ mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ for i in doc/$$subdir/*.pod; do \
+ fn=`basename $$i .pod`; \
+ echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+ cat $$i \
+ | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+ | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+ | sed -r 's/<!DOCTYPE.*//g' \
+ > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ grep -v $$filecase "^$$fn\$$" | \
+ (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+ done); \
+ done; \
+ done
+
+install_docs:
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+ @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+ here="`pwd`"; \
+ filecase=; \
+ if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
+ filecase=-i; \
+ fi; \
+ set -e; for i in doc/apps/*.pod; do \
+ fn=`basename $$i .pod`; \
+ sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+ --section=$$sec --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ (grep -v $$filecase "^$$fn\$$"; true) | \
+ (grep -v "[ ]"; true) | \
+ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ done); \
+ done; \
+ set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+ fn=`basename $$i .pod`; \
+ sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+ --section=$$sec --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ (grep -v $$filecase "^$$fn\$$"; true) | \
+ (grep -v "[ ]"; true) | \
+ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ done); \
+ done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
Deleted: vendor-crypto/openssl/1.0.1u/Makefile.bak
===================================================================
--- vendor-crypto/openssl/dist/Makefile.bak 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/Makefile.bak 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,680 +0,0 @@
-### Generated automatically from Makefile.org by Configure.
-
-##
-## Makefile for OpenSSL
-##
-
-VERSION=1.0.1q-dev
-MAJOR=1
-MINOR=0.1
-SHLIB_VERSION_NUMBER=1.0.0
-SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=1
-SHLIB_MINOR=0.0
-SHLIB_EXT=
-PLATFORM=gcc
-OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine
-CONFIGURE_ARGS=gcc
-SHLIB_TARGET=
-
-# HERE indicates where this Makefile lives. This can be used to indicate
-# where sub-Makefiles are expected to be. Currently has very limited usage,
-# and should probably not be bothered with at all.
-HERE=.
-
-# INSTALL_PREFIX is for package builders so that they can configure
-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
-# Normally it is left empty.
-INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
-
-# Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
-
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4 - Define to build without the RC4 algorithm
-# NO_RC2 - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-# one. 32 bytes will be read from this when the random
-# number generator is initalised.
-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
-# NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-# call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= gcc
-CFLAG= -O3
-DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
-PEX_LIBS=
-EX_LIBS=
-EXE_EXT=
-ARFLAGS=
-AR= ar $(ARFLAGS) r
-RANLIB= /usr/bin/ranlib
-NM= nm
-PERL= /usr/bin/perl
-TAR= tar
-TARFLAGS= --no-recursion --record-size=10240
-MAKEDEPPROG= gcc
-LIBDIR=lib
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAG=$(CFLAG)
-
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR=
-
-# CPUID module collects small commonly used assembler snippets
-CPUID_OBJ= mem_clr.o
-BN_ASM= bn_asm.o
-DES_ENC= des_enc.o fcrypt_b.o
-AES_ENC= aes_core.o aes_cbc.o
-BF_ENC= bf_enc.o
-CAST_ENC= c_enc.o
-RC4_ENC= rc4_enc.o rc4_skey.o
-RC5_ENC= rc5_enc.o
-MD5_ASM_OBJ=
-SHA1_ASM_OBJ=
-RMD160_ASM_OBJ=
-WP_ASM_OBJ= wp_block.o
-CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
-MODES_ASM_OBJ=
-ENGINES_ASM_OBJ=
-PERLASM_SCHEME=
-
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-# Zlib stuff
-ZLIB_INCLUDE=
-LIBZLIB=
-
-# TOP level FIPS install directory.
-FIPSDIR=/usr/local/ssl/fips-2.0
-
-# This is the location of fipscanister.o and friends.
-# The FIPS module build will place it $(INSTALLTOP)/lib
-# but since $(INSTALLTOP) can only take the default value
-# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build may be different so hard
-# code the path.
-
-FIPSLIBDIR=
-
-# The location of the library which contains fipscanister.o
-# normally it will be libcrypto unless fipsdso is set in which
-# case it will be libfips. If not compiling in FIPS mode at all
-# this is empty making it a useful test for a FIPS compile.
-
-FIPSCANLIB=
-
-# Shared library base address. Currently only used on Windows.
-#
-
-BASEADDR=0xFB00000
-
-DIRS= crypto ssl engines apps test tools
-ENGDIRS= ccgost
-SHLIBDIRS= crypto ssl
-
-# dirs in crypto to build
-SDIRS= \
- objects \
- md4 md5 sha mdc2 hmac ripemd whrlpool \
- des aes rc2 rc4 idea bf cast camellia seed modes \
- bn ec rsa dsa ecdsa dh ecdh dso engine \
- buffer bio stack lhash rand err \
- evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- cms pqueue ts srp cmac
-# keep in mind that the above list is adjusted by ./Configure
-# according to no-xxx arguments...
-
-# tests to perform. "alltests" is a special word indicating that all tests
-# should be performed.
-TESTS = alltests
-
-MAKEFILE= Makefile
-
-MANDIR=$(OPENSSLDIR)/man
-MAN1=1
-MAN3=3
-MANSUFFIX=
-HTMLSUFFIX=html
-HTMLDIR=$(OPENSSLDIR)/html
-SHELL=/bin/sh
-
-TOP= .
-ONEDIRS=out tmp
-EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-WDIRS= windows
-LIBS= libcrypto.a libssl.a
-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
-SHARED_LDFLAGS=
-
-GENERAL= Makefile
-BASENAME= openssl
-NAME= $(BASENAME)-$(VERSION)
-TARFILE= $(NAME).tar
-WTARFILE= $(NAME)-win.tar
-EXHEADER= e_os2.h
-HEADER= e_os.h
-
-all: Makefile build_all
-
-# as we stick to -e, CLEARENV ensures that local variables in lower
-# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
-# shell, which [annoyingly enough] terminates unset with error if VAR
-# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
-# which terminates unset with error if no variable was present:-(
-CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
- $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
- $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
- $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
- $${EXHEADER+EXHEADER} $${HEADER+HEADER} \
- $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
- $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
- $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
-
-BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
- CC='$(CC)' CFLAG='$(CFLAG)' \
- AS='$(CC)' ASFLAG='$(CFLAG) -c' \
- AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
- CROSS_COMPILE='$(CROSS_COMPILE)' \
- PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
- SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
- INSTALL_PREFIX='$(INSTALL_PREFIX)' \
- INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
- LIBDIR='$(LIBDIR)' \
- MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
- DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
- MAKEDEPPROG='$(MAKEDEPPROG)' \
- SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
- KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
- ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
- EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
- SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
- PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
- CPUID_OBJ='$(CPUID_OBJ)' \
- BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
- AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
- BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
- RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
- SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
- MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
- RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
- WP_ASM_OBJ='$(WP_ASM_OBJ)' \
- MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
- ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
- PERLASM_SCHEME='$(PERLASM_SCHEME)' \
- FIPSLIBDIR='${FIPSLIBDIR}' \
- FIPSDIR='${FIPSDIR}' \
- FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
- THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
-# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
-# which in turn eliminates ambiguities in variable treatment with -e.
-
-# BUILD_CMD is a generic macro to build a given target in a given
-# subdirectory. The target must be given through the shell variable
-# `target' and the subdirectory to build in must be given through `dir'.
-# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
-# BUILD_ONE_CMD instead.
-#
-# BUILD_ONE_CMD is a macro to build a given target in a given
-# subdirectory if that subdirectory is part of $(DIRS). It requires
-# exactly the same shell variables as BUILD_CMD.
-#
-# RECURSIVE_BUILD_CMD is a macro to build a given target in all
-# subdirectories defined in $(DIRS). It requires that the target
-# is given through the shell variable `target'.
-BUILD_CMD= if [ -d "$$dir" ]; then \
- ( cd $$dir && echo "making $$target in $$dir..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
- ) || exit 1; \
- fi
-RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
-BUILD_ONE_CMD=\
- if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
- $(BUILD_CMD); \
- fi
-
-reflect:
- @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
-
-sub_all: build_all
-
-build_all: build_libs build_apps build_tests build_tools
-
-build_libs: build_libcrypto build_libssl openssl.pc
-
-build_libcrypto: build_crypto build_engines libcrypto.pc
-build_libssl: build_ssl libssl.pc
-
-build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
-
-all_testapps: build_libs build_testapps
-build_testapps:
- @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-
-fips_premain_dso$(EXE_EXT): libcrypto.a
- [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
- -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
- $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
- libcrypto.a $(EX_LIBS)
-
-libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_LIBCRYPTO=libcrypto.a ; \
- FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
- export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
- fi; \
- $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
- (touch -c fips_premain_dso$(EXE_EXT) || :); \
- else \
- echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
- fi
-
-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
- else \
- echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
- fi
-
-clean-shared:
- @set -e; for i in $(SHLIBDIRS); do \
- if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
- tmp="$(SHARED_LIBS_LINK_EXTS)"; \
- for j in $${tmp:-x}; do \
- ( set -x; rm -f lib$$i$$j ); \
- done; \
- fi; \
- ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
- if [ "$(PLATFORM)" = "Cygwin" ]; then \
- ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
- fi; \
- done
-
-link-shared:
- @ set -e; for i in $(SHLIBDIRS); do \
- $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- symlink.$(SHLIB_TARGET); \
- libs="$$libs -l$$i"; \
- done
-
-build-shared: do_$(SHLIB_TARGET) link-shared
-
-do_$(SHLIB_TARGET):
- @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
- if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
- libs="$(LIBKRB5) $$libs"; \
- fi; \
- $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- LIBDEPS="$$libs $(EX_LIBS)" \
- link_a.$(SHLIB_TARGET); \
- libs="-l$$i $$libs"; \
- done
-
-libcrypto.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL-libcrypto'; \
- echo 'Description: OpenSSL cryptography library'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
-
-libssl.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
-
-openssl.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
-
-Makefile: Makefile.org Configure config
- @echo "Makefile is older than Makefile.org, Configure or config."
- @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
- @false
-
-libclean:
- rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
-
-clean: libclean
- rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
- @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
- rm -f $(LIBS)
- rm -f openssl.pc libssl.pc libcrypto.pc
- rm -f speed.* .pure
- rm -f $(TARFILE)
- @set -e; for i in $(ONEDIRS) ;\
- do \
- rm -fr $$i/*; \
- done
-
-makefile.one: files
- $(PERL) util/mk1mf.pl >makefile.one; \
- sh util/do_ms.sh
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
- @set -e; target=files; $(RECURSIVE_BUILD_CMD)
-
-links:
- @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
- @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
- @set -e; target=links; $(RECURSIVE_BUILD_CMD)
-
-gentests:
- @(cd test && echo "generating dummy tests (if needed)..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
-
-dclean:
- rm -rf *.bak include/openssl certs/.0
- @set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
-
-rehash: rehash.time
-rehash.time: certs apps
- @if [ -z "$(CROSS_COMPILE)" ]; then \
- (OPENSSL="`pwd`/util/opensslwrap.sh"; \
- [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
- OPENSSL_DEBUG_MEMORY=on; \
- export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs/demo) && \
- touch rehash.time; \
- else :; fi
-
-test: tests
-
-tests: rehash
- @(cd test && echo "testing..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
- OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
-
-report:
- @$(PERL) util/selftest.pl
-
-update: errors stacks util/libeay.num util/ssleay.num TABLE
- @set -e; target=update; $(RECURSIVE_BUILD_CMD)
-
-depend:
- @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
-
-lint:
- @set -e; target=lint; $(RECURSIVE_BUILD_CMD)
-
-tags:
- rm -f TAGS
- find . -name '[^.]*.[ch]' | xargs etags -a
-
-errors:
- $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
- $(PERL) util/mkerr.pl -recurse -write
- (cd engines; $(MAKE) PERL=$(PERL) errors)
-
-stacks:
- $(PERL) util/mkstack.pl -write
-
-util/libeay.num::
- $(PERL) util/mkdef.pl crypto update
-
-util/ssleay.num::
- $(PERL) util/mkdef.pl ssl update
-
-TABLE: Configure
- (echo 'Output of `Configure TABLE'"':"; \
- $(PERL) Configure TABLE) > TABLE
-
-# Build distribution tar-file. As the list of files returned by "find" is
-# pretty long, on several platforms a "too many arguments" error or similar
-# would occur. Therefore the list of files is temporarily stored into a file
-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
-# tar does not support the --files-from option.
-TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \
- --owner openssl:0 --group openssl:0 \
- --transform 's|^|openssl-$(VERSION)/|' \
- -cvf -
-
-../$(TARFILE).list:
- find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
- \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
- \! -name '*test' \! -name '.#*' \! -name '*~' \
- | sort > ../$(TARFILE).list
-
-tar: ../$(TARFILE).list
- find . -type d -print | xargs chmod 755
- find . -type f -print | xargs chmod a+r
- find . -type f -perm -0100 -print | xargs chmod a+x
- $(TAR_COMMAND) | gzip --best >../$(TARFILE).gz
- rm -f ../$(TARFILE).list
- ls -l ../$(TARFILE).gz
-
-tar-snap: ../$(TARFILE).list
- $(TAR_COMMAND) > ../$(TARFILE)
- rm -f ../$(TARFILE).list
- ls -l ../$(TARFILE)
-
-dist:
- $(PERL) Configure dist
- @$(MAKE) dist_pem_h
- @$(MAKE) SDIRS='$(SDIRS)' clean
- @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
-
-dist_pem_h:
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-
-install: all install_docs install_sw
-
-install_sw:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
- $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
- do \
- if [ -f "$$i" ]; then \
- ( echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
- fi; \
- done;
- @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
- tmp="$(SHARED_LIBS)"; \
- for i in $${tmp:-x}; \
- do \
- if [ -f "$$i" -o -f "$$i.a" ]; then \
- ( echo installing $$i; \
- if [ "$(PLATFORM)" != "Cygwin" ]; then \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
- else \
- c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
- cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
- fi ); \
- if expr $(PLATFORM) : 'mingw' > /dev/null; then \
- ( case $$i in \
- *crypto*) i=libeay32.dll;; \
- *ssl*) i=ssleay32.dll;; \
- esac; \
- echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
- fi; \
- fi; \
- done; \
- ( here="`pwd`"; \
- cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
- $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
- if [ "$(INSTALLTOP)" != "/usr" ]; then \
- echo 'OpenSSL shared libraries have been installed in:'; \
- echo ' $(INSTALLTOP)'; \
- echo ''; \
- sed -e '1,/^$$/d' doc/openssl-shared.txt; \
- fi; \
- fi
- cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
- cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
- cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
-
-install_html_docs:
- here="`pwd`"; \
- for subdir in apps crypto ssl; do \
- mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
- for i in doc/$$subdir/*.pod; do \
- fn=`basename $$i .pod`; \
- echo "installing html/$$fn.$(HTMLSUFFIX)"; \
- cat $$i \
- | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
- | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
- | sed -r 's/<!DOCTYPE.*//g' \
- > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- grep -v $$filecase "^$$fn\$$" | \
- (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
- done); \
- done; \
- done
-
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
- here="`pwd`"; \
- filecase=; \
- if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
- filecase=-i; \
- fi; \
- set -e; for i in doc/apps/*.pod; do \
- fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
- --section=$$sec --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- (grep -v $$filecase "^$$fn\$$"; true) | \
- (grep -v "[ ]"; true) | \
- (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
- done); \
- done; \
- set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
- fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
- --section=$$sec --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- (grep -v $$filecase "^$$fn\$$"; true) | \
- (grep -v "[ ]"; true) | \
- (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
- done); \
- done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
Copied: vendor-crypto/openssl/1.0.1u/Makefile.bak (from rev 11605, vendor-crypto/openssl/dist/Makefile.bak)
===================================================================
--- vendor-crypto/openssl/1.0.1u/Makefile.bak (rev 0)
+++ vendor-crypto/openssl/1.0.1u/Makefile.bak 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,676 @@
+### Generated automatically from Makefile.org by Configure.
+
+##
+## Makefile for OpenSSL
+##
+
+VERSION=1.0.1u
+MAJOR=1
+MINOR=0.1
+SHLIB_VERSION_NUMBER=1.0.0
+SHLIB_VERSION_HISTORY=
+SHLIB_MAJOR=1
+SHLIB_MINOR=0.0
+SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+PLATFORM=linux-x86_64
+OPTIONS=-Wa,--noexecstack no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-ssl2 no-store no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic static-engine
+CONFIGURE_ARGS=linux-x86_64 -Wa,--noexecstack
+SHLIB_TARGET=linux-shared
+
+# HERE indicates where this Makefile lives. This can be used to indicate
+# where sub-Makefiles are expected to be. Currently has very limited usage,
+# and should probably not be bothered with at all.
+HERE=.
+
+# INSTALL_PREFIX is for package builders so that they can configure
+# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+# Normally it is left empty.
+INSTALL_PREFIX=
+INSTALLTOP=/usr/local/ssl
+
+# Do not edit this manually. Use Configure --openssldir=DIR do change this!
+OPENSSLDIR=/usr/local/ssl
+
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4 - Define to build without the RC4 algorithm
+# NO_RC2 - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+# one. 32 bytes will be read from this when the random
+# number generator is initalised.
+# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+# NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+# call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
+
+CC= gcc
+CFLAG= -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS
+PEX_LIBS=
+EX_LIBS= -ldl
+EXE_EXT=
+ARFLAGS=
+AR= ar $(ARFLAGS) r
+RANLIB= /usr/bin/ranlib
+NM= nm
+PERL= /usr/bin/perl
+TAR= tar
+TARFLAGS= --no-recursion --record-size=10240
+MAKEDEPPROG= gcc
+LIBDIR=lib
+
+# We let the C compiler driver to take care of .s files. This is done in
+# order to be excused from maintaining a separate set of architecture
+# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+# gcc, then the driver will automatically translate it to -xarch=v8plus
+# and pass it down to assembler.
+AS=$(CC) -c
+ASFLAG=$(CFLAG)
+
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR=
+
+# CPUID module collects small commonly used assembler snippets
+CPUID_OBJ= x86_64cpuid.o
+BN_ASM= x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o
+DES_ENC= des_enc.o fcrypt_b.o
+AES_ENC= aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o
+BF_ENC= bf_enc.o
+CAST_ENC= c_enc.o
+RC4_ENC= rc4-x86_64.o rc4-md5-x86_64.o
+RC5_ENC= rc5_enc.o
+MD5_ASM_OBJ= md5-x86_64.o
+SHA1_ASM_OBJ= sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+RMD160_ASM_OBJ=
+WP_ASM_OBJ= wp-x86_64.o
+CMLL_ENC= cmll-x86_64.o cmll_misc.o
+MODES_ASM_OBJ= ghash-x86_64.o
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME= elf
+
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=0xFB00000
+
+DIRS= crypto ssl engines apps test tools
+ENGDIRS= ccgost
+SHLIBDIRS= crypto ssl
+
+# dirs in crypto to build
+SDIRS= \
+ objects \
+ md4 md5 sha mdc2 hmac ripemd whrlpool \
+ des aes rc2 rc4 idea bf cast camellia seed modes \
+ bn ec rsa dsa ecdsa dh ecdh dso engine \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+ cms pqueue ts srp cmac
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
+
+# tests to perform. "alltests" is a special word indicating that all tests
+# should be performed.
+TESTS = alltests
+
+MAKEFILE= Makefile
+
+MANDIR=$(OPENSSLDIR)/man
+MAN1=1
+MAN3=3
+MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
+SHELL=/bin/sh
+
+TOP= .
+ONEDIRS=out tmp
+EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
+WDIRS= windows
+LIBS= libcrypto.a libssl.a
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=.so.$(SHLIB_MAJOR) .so
+SHARED_LDFLAGS=-m64
+
+GENERAL= Makefile
+BASENAME= openssl
+NAME= $(BASENAME)-$(VERSION)
+TARFILE= ../$(NAME).tar
+EXHEADER= e_os2.h
+HEADER= e_os.h
+
+all: Makefile build_all
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
+ $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
+ $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
+ $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
+ $${EXHEADER+EXHEADER} $${HEADER+HEADER} \
+ $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
+ $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
+ $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+ INSTALL_PREFIX='$(INSTALL_PREFIX)' \
+ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+ LIBDIR='$(LIBDIR)' \
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
+ PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
+ CPUID_OBJ='$(CPUID_OBJ)' \
+ BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
+ AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+ BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+ RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
+ PERLASM_SCHEME='$(PERLASM_SCHEME)' \
+ FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
+ FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
+ THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory. The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS). It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS). It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD= if [ -d "$$dir" ]; then \
+ ( cd $$dir && echo "making $$target in $$dir..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+ ) || exit 1; \
+ fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+ if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+ $(BUILD_CMD); \
+ fi
+
+reflect:
+ @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+
+sub_all: build_all
+
+build_all: build_libs build_apps build_tests build_tools
+
+build_libs: build_libcrypto build_libssl openssl.pc
+
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc
+
+build_crypto:
+ @dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl: build_crypto
+ @dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines: build_crypto
+ @dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps: build_libs
+ @dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests: build_libs
+ @dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools: build_libs
+ @dir=tools; target=all; $(BUILD_ONE_CMD)
+
+all_testapps: build_libs build_testapps
+build_testapps:
+ @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
+ (touch -c fips_premain_dso$(EXE_EXT) || :); \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+ fi
+
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+ fi
+
+clean-shared:
+ @set -e; for i in $(SHLIBDIRS); do \
+ if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+ tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+ for j in $${tmp:-x}; do \
+ ( set -x; rm -f lib$$i$$j ); \
+ done; \
+ fi; \
+ ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then \
+ ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
+ fi; \
+ done
+
+link-shared:
+ @ set -e; for i in $(SHLIBDIRS); do \
+ $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ symlink.$(SHLIB_TARGET); \
+ libs="$$libs -l$$i"; \
+ done
+
+build-shared: do_$(SHLIB_TARGET) link-shared
+
+do_$(SHLIB_TARGET):
+ @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ libs="$(LIBKRB5) $$libs"; \
+ fi; \
+ $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ LIBDEPS="$$libs $(EX_LIBS)" \
+ link_a.$(SHLIB_TARGET); \
+ libs="-l$$i $$libs"; \
+ done
+
+libcrypto.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL-libcrypto'; \
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+Makefile: Makefile.org Configure config
+ @echo "Makefile is older than Makefile.org, Configure or config."
+ @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+ @false
+
+libclean:
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+
+clean: libclean
+ rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
+ @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+ rm -f $(LIBS)
+ rm -f openssl.pc libssl.pc libcrypto.pc
+ rm -f speed.* .pure
+ rm -f $(TARFILE)
+ @set -e; for i in $(ONEDIRS) ;\
+ do \
+ rm -fr $$i/*; \
+ done
+
+makefile.one: files
+ $(PERL) util/mk1mf.pl >makefile.one; \
+ sh util/do_ms.sh
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+ @set -e; target=files; $(RECURSIVE_BUILD_CMD)
+
+links:
+ @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
+ @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
+ @set -e; target=links; $(RECURSIVE_BUILD_CMD)
+
+gentests:
+ @(cd test && echo "generating dummy tests (if needed)..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+
+dclean:
+ rm -rf *.bak include/openssl certs/.0
+ @set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
+
+rehash: rehash.time
+rehash.time: certs apps
+ @if [ -z "$(CROSS_COMPILE)" ]; then \
+ (OPENSSL="`pwd`/util/opensslwrap.sh"; \
+ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+ OPENSSL_DEBUG_MEMORY=on; \
+ export OPENSSL OPENSSL_DEBUG_MEMORY; \
+ $(PERL) tools/c_rehash certs/demo) && \
+ touch rehash.time; \
+ else :; fi
+
+test: tests
+
+tests: rehash
+ @(cd test && echo "testing..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+report:
+ @$(PERL) util/selftest.pl
+
+update: errors stacks util/libeay.num util/ssleay.num TABLE
+ @set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
+depend:
+ @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+
+lint:
+ @set -e; target=lint; $(RECURSIVE_BUILD_CMD)
+
+tags:
+ rm -f TAGS
+ find . -name '[^.]*.[ch]' | xargs etags -a
+
+errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+ $(PERL) util/mkerr.pl -recurse -write
+ (cd engines; $(MAKE) PERL=$(PERL) errors)
+
+stacks:
+ $(PERL) util/mkstack.pl -write
+
+util/libeay.num::
+ $(PERL) util/mkdef.pl crypto update
+
+util/ssleay.num::
+ $(PERL) util/mkdef.pl ssl update
+
+TABLE: Configure
+ (echo 'Output of `Configure TABLE'"':"; \
+ $(PERL) Configure TABLE) > TABLE
+
+# Build distribution tar-file. As the list of files returned by "find" is
+# pretty long, on several platforms a "too many arguments" error or similar
+# would occur. Therefore the list of files is temporarily stored into a file
+# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+# tar does not support the --files-from option.
+TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
+ --owner 0 --group 0 \
+ --transform 's|^|$(NAME)/|' \
+ -cvf -
+
+$(TARFILE).list:
+ find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
+ \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
+ \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
+ \! -name '.#*' \! -name '*~' \! -type l \
+ | sort > $(TARFILE).list
+
+tar: $(TARFILE).list
+ find . -type d -print | xargs chmod 755
+ find . -type f -print | xargs chmod a+r
+ find . -type f -perm -0100 -print | xargs chmod a+x
+ $(TAR_COMMAND) | gzip --best > $(TARFILE).gz
+ rm -f $(TARFILE).list
+ ls -l $(TARFILE).gz
+
+tar-snap: $(TARFILE).list
+ $(TAR_COMMAND) > $(TARFILE)
+ rm -f $(TARFILE).list
+ ls -l $(TARFILE)
+
+dist:
+ $(PERL) Configure dist
+ @$(MAKE) SDIRS='$(SDIRS)' clean
+ @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
+
+install: all install_docs install_sw
+
+install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+ @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+ fi; \
+ done;
+ @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+ tmp="$(SHARED_LIBS)"; \
+ for i in $${tmp:-x}; \
+ do \
+ if [ -f "$$i" -o -f "$$i.a" ]; then \
+ ( echo installing $$i; \
+ if [ "$(PLATFORM)" != "Cygwin" ]; then \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ else \
+ c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ fi ); \
+ if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+ ( case $$i in \
+ *crypto*) i=libeay32.dll;; \
+ *ssl*) i=ssleay32.dll;; \
+ esac; \
+ echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ fi; \
+ fi; \
+ done; \
+ ( here="`pwd`"; \
+ cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+ $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+ if [ "$(INSTALLTOP)" != "/usr" ]; then \
+ echo 'OpenSSL shared libraries have been installed in:'; \
+ echo ' $(INSTALLTOP)'; \
+ echo ''; \
+ sed -e '1,/^$$/d' doc/openssl-shared.txt; \
+ fi; \
+ fi
+ cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+ cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+ cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+ here="`pwd`"; \
+ for subdir in apps crypto ssl; do \
+ mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ for i in doc/$$subdir/*.pod; do \
+ fn=`basename $$i .pod`; \
+ echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+ cat $$i \
+ | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+ | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+ | sed -r 's/<!DOCTYPE.*//g' \
+ > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ grep -v $$filecase "^$$fn\$$" | \
+ (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+ done); \
+ done; \
+ done
+
+install_docs:
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+ @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+ here="`pwd`"; \
+ filecase=; \
+ if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
+ filecase=-i; \
+ fi; \
+ set -e; for i in doc/apps/*.pod; do \
+ fn=`basename $$i .pod`; \
+ sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+ --section=$$sec --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ (grep -v $$filecase "^$$fn\$$"; true) | \
+ (grep -v "[ ]"; true) | \
+ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ done); \
+ done; \
+ set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+ fn=`basename $$i .pod`; \
+ sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+ --section=$$sec --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ (grep -v $$filecase "^$$fn\$$"; true) | \
+ (grep -v "[ ]"; true) | \
+ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ done); \
+ done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
Deleted: vendor-crypto/openssl/1.0.1u/Makefile.org
===================================================================
--- vendor-crypto/openssl/dist/Makefile.org 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/Makefile.org 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,678 +0,0 @@
-##
-## Makefile for OpenSSL
-##
-
-VERSION=
-MAJOR=
-MINOR=
-SHLIB_VERSION_NUMBER=
-SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=
-SHLIB_MINOR=
-SHLIB_EXT=
-PLATFORM=dist
-OPTIONS=
-CONFIGURE_ARGS=
-SHLIB_TARGET=
-
-# HERE indicates where this Makefile lives. This can be used to indicate
-# where sub-Makefiles are expected to be. Currently has very limited usage,
-# and should probably not be bothered with at all.
-HERE=.
-
-# INSTALL_PREFIX is for package builders so that they can configure
-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
-# Normally it is left empty.
-INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
-
-# Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
-
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4 - Define to build without the RC4 algorithm
-# NO_RC2 - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-# one. 32 bytes will be read from this when the random
-# number generator is initalised.
-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
-# NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-# call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= cc
-CFLAG= -O
-DEPFLAG=
-PEX_LIBS=
-EX_LIBS=
-EXE_EXT=
-ARFLAGS=
-AR=ar $(ARFLAGS) r
-RANLIB= ranlib
-NM= nm
-PERL= perl
-TAR= tar
-TARFLAGS= --no-recursion --record-size=10240
-MAKEDEPPROG=makedepend
-LIBDIR=lib
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAG=$(CFLAG)
-
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR=
-
-# CPUID module collects small commonly used assembler snippets
-CPUID_OBJ=
-BN_ASM= bn_asm.o
-DES_ENC= des_enc.o fcrypt_b.o
-AES_ENC= aes_core.o aes_cbc.o
-BF_ENC= bf_enc.o
-CAST_ENC= c_enc.o
-RC4_ENC= rc4_enc.o
-RC5_ENC= rc5_enc.o
-MD5_ASM_OBJ=
-SHA1_ASM_OBJ=
-RMD160_ASM_OBJ=
-WP_ASM_OBJ=
-CMLL_ENC=
-MODES_ASM_OBJ=
-ENGINES_ASM_OBJ=
-PERLASM_SCHEME=
-
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-# Zlib stuff
-ZLIB_INCLUDE=
-LIBZLIB=
-
-# TOP level FIPS install directory.
-FIPSDIR=
-
-# This is the location of fipscanister.o and friends.
-# The FIPS module build will place it $(INSTALLTOP)/lib
-# but since $(INSTALLTOP) can only take the default value
-# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build may be different so hard
-# code the path.
-
-FIPSLIBDIR=
-
-# The location of the library which contains fipscanister.o
-# normally it will be libcrypto unless fipsdso is set in which
-# case it will be libfips. If not compiling in FIPS mode at all
-# this is empty making it a useful test for a FIPS compile.
-
-FIPSCANLIB=
-
-# Shared library base address. Currently only used on Windows.
-#
-
-BASEADDR=
-
-DIRS= crypto ssl engines apps test tools
-ENGDIRS= ccgost
-SHLIBDIRS= crypto ssl
-
-# dirs in crypto to build
-SDIRS= \
- objects \
- md2 md4 md5 sha mdc2 hmac ripemd whrlpool \
- des aes rc2 rc4 rc5 idea bf cast camellia seed modes \
- bn ec rsa dsa ecdsa dh ecdh dso engine \
- buffer bio stack lhash rand err \
- evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- cms pqueue ts jpake srp store cmac
-# keep in mind that the above list is adjusted by ./Configure
-# according to no-xxx arguments...
-
-# tests to perform. "alltests" is a special word indicating that all tests
-# should be performed.
-TESTS = alltests
-
-MAKEFILE= Makefile
-
-MANDIR=$(OPENSSLDIR)/man
-MAN1=1
-MAN3=3
-MANSUFFIX=
-HTMLSUFFIX=html
-HTMLDIR=$(OPENSSLDIR)/html
-SHELL=/bin/sh
-
-TOP= .
-ONEDIRS=out tmp
-EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-WDIRS= windows
-LIBS= libcrypto.a libssl.a
-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
-SHARED_LDFLAGS=
-
-GENERAL= Makefile
-BASENAME= openssl
-NAME= $(BASENAME)-$(VERSION)
-TARFILE= $(NAME).tar
-WTARFILE= $(NAME)-win.tar
-EXHEADER= e_os2.h
-HEADER= e_os.h
-
-all: Makefile build_all
-
-# as we stick to -e, CLEARENV ensures that local variables in lower
-# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
-# shell, which [annoyingly enough] terminates unset with error if VAR
-# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
-# which terminates unset with error if no variable was present:-(
-CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
- $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
- $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
- $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
- $${EXHEADER+EXHEADER} $${HEADER+HEADER} \
- $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
- $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
- $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
-
-BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
- CC='$(CC)' CFLAG='$(CFLAG)' \
- AS='$(CC)' ASFLAG='$(CFLAG) -c' \
- AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
- CROSS_COMPILE='$(CROSS_COMPILE)' \
- PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
- SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
- INSTALL_PREFIX='$(INSTALL_PREFIX)' \
- INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
- LIBDIR='$(LIBDIR)' \
- MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
- DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
- MAKEDEPPROG='$(MAKEDEPPROG)' \
- SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
- KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
- ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
- EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
- SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
- PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
- CPUID_OBJ='$(CPUID_OBJ)' \
- BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
- AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
- BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
- RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
- SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
- MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
- RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
- WP_ASM_OBJ='$(WP_ASM_OBJ)' \
- MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
- ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
- PERLASM_SCHEME='$(PERLASM_SCHEME)' \
- FIPSLIBDIR='${FIPSLIBDIR}' \
- FIPSDIR='${FIPSDIR}' \
- FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
- THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
-# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
-# which in turn eliminates ambiguities in variable treatment with -e.
-
-# BUILD_CMD is a generic macro to build a given target in a given
-# subdirectory. The target must be given through the shell variable
-# `target' and the subdirectory to build in must be given through `dir'.
-# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
-# BUILD_ONE_CMD instead.
-#
-# BUILD_ONE_CMD is a macro to build a given target in a given
-# subdirectory if that subdirectory is part of $(DIRS). It requires
-# exactly the same shell variables as BUILD_CMD.
-#
-# RECURSIVE_BUILD_CMD is a macro to build a given target in all
-# subdirectories defined in $(DIRS). It requires that the target
-# is given through the shell variable `target'.
-BUILD_CMD= if [ -d "$$dir" ]; then \
- ( cd $$dir && echo "making $$target in $$dir..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
- ) || exit 1; \
- fi
-RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
-BUILD_ONE_CMD=\
- if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
- $(BUILD_CMD); \
- fi
-
-reflect:
- @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
-
-sub_all: build_all
-
-build_all: build_libs build_apps build_tests build_tools
-
-build_libs: build_libcrypto build_libssl openssl.pc
-
-build_libcrypto: build_crypto build_engines libcrypto.pc
-build_libssl: build_ssl libssl.pc
-
-build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
-
-all_testapps: build_libs build_testapps
-build_testapps:
- @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-
-fips_premain_dso$(EXE_EXT): libcrypto.a
- [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
- -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
- $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
- libcrypto.a $(EX_LIBS)
-
-libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_LIBCRYPTO=libcrypto.a ; \
- FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
- export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
- fi; \
- $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
- (touch -c fips_premain_dso$(EXE_EXT) || :); \
- else \
- echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
- fi
-
-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
- else \
- echo "There's no support for shared libraries on this platform" >&2; \
- exit 1; \
- fi
-
-clean-shared:
- @set -e; for i in $(SHLIBDIRS); do \
- if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
- tmp="$(SHARED_LIBS_LINK_EXTS)"; \
- for j in $${tmp:-x}; do \
- ( set -x; rm -f lib$$i$$j ); \
- done; \
- fi; \
- ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
- if [ "$(PLATFORM)" = "Cygwin" ]; then \
- ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
- fi; \
- done
-
-link-shared:
- @ set -e; for i in $(SHLIBDIRS); do \
- $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- symlink.$(SHLIB_TARGET); \
- libs="$$libs -l$$i"; \
- done
-
-build-shared: do_$(SHLIB_TARGET) link-shared
-
-do_$(SHLIB_TARGET):
- @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
- if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
- libs="$(LIBKRB5) $$libs"; \
- fi; \
- $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- LIBDEPS="$$libs $(EX_LIBS)" \
- link_a.$(SHLIB_TARGET); \
- libs="-l$$i $$libs"; \
- done
-
-libcrypto.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL-libcrypto'; \
- echo 'Description: OpenSSL cryptography library'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
-
-libssl.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
-
-openssl.pc: Makefile
- @ ( echo 'prefix=$(INSTALLTOP)'; \
- echo 'exec_prefix=$${prefix}'; \
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
- echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
-
-Makefile: Makefile.org Configure config
- @echo "Makefile is older than Makefile.org, Configure or config."
- @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
- @false
-
-libclean:
- rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
-
-clean: libclean
- rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
- @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
- rm -f $(LIBS)
- rm -f openssl.pc libssl.pc libcrypto.pc
- rm -f speed.* .pure
- rm -f $(TARFILE)
- @set -e; for i in $(ONEDIRS) ;\
- do \
- rm -fr $$i/*; \
- done
-
-makefile.one: files
- $(PERL) util/mk1mf.pl >makefile.one; \
- sh util/do_ms.sh
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
- @set -e; target=files; $(RECURSIVE_BUILD_CMD)
-
-links:
- @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
- @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
- @set -e; target=links; $(RECURSIVE_BUILD_CMD)
-
-gentests:
- @(cd test && echo "generating dummy tests (if needed)..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
-
-dclean:
- rm -rf *.bak include/openssl certs/.0
- @set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
-
-rehash: rehash.time
-rehash.time: certs apps
- @if [ -z "$(CROSS_COMPILE)" ]; then \
- (OPENSSL="`pwd`/util/opensslwrap.sh"; \
- [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
- OPENSSL_DEBUG_MEMORY=on; \
- export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs/demo) && \
- touch rehash.time; \
- else :; fi
-
-test: tests
-
-tests: rehash
- @(cd test && echo "testing..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
- OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
-
-report:
- @$(PERL) util/selftest.pl
-
-update: errors stacks util/libeay.num util/ssleay.num TABLE
- @set -e; target=update; $(RECURSIVE_BUILD_CMD)
-
-depend:
- @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
-
-lint:
- @set -e; target=lint; $(RECURSIVE_BUILD_CMD)
-
-tags:
- rm -f TAGS
- find . -name '[^.]*.[ch]' | xargs etags -a
-
-errors:
- $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
- $(PERL) util/mkerr.pl -recurse -write
- (cd engines; $(MAKE) PERL=$(PERL) errors)
-
-stacks:
- $(PERL) util/mkstack.pl -write
-
-util/libeay.num::
- $(PERL) util/mkdef.pl crypto update
-
-util/ssleay.num::
- $(PERL) util/mkdef.pl ssl update
-
-TABLE: Configure
- (echo 'Output of `Configure TABLE'"':"; \
- $(PERL) Configure TABLE) > TABLE
-
-# Build distribution tar-file. As the list of files returned by "find" is
-# pretty long, on several platforms a "too many arguments" error or similar
-# would occur. Therefore the list of files is temporarily stored into a file
-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
-# tar does not support the --files-from option.
-TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \
- --owner openssl:0 --group openssl:0 \
- --transform 's|^|openssl-$(VERSION)/|' \
- -cvf -
-
-../$(TARFILE).list:
- find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
- \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
- \! -name '*test' \! -name '.#*' \! -name '*~' \
- | sort > ../$(TARFILE).list
-
-tar: ../$(TARFILE).list
- find . -type d -print | xargs chmod 755
- find . -type f -print | xargs chmod a+r
- find . -type f -perm -0100 -print | xargs chmod a+x
- $(TAR_COMMAND) | gzip --best >../$(TARFILE).gz
- rm -f ../$(TARFILE).list
- ls -l ../$(TARFILE).gz
-
-tar-snap: ../$(TARFILE).list
- $(TAR_COMMAND) > ../$(TARFILE)
- rm -f ../$(TARFILE).list
- ls -l ../$(TARFILE)
-
-dist:
- $(PERL) Configure dist
- @$(MAKE) dist_pem_h
- @$(MAKE) SDIRS='$(SDIRS)' clean
- @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
-
-dist_pem_h:
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-
-install: all install_docs install_sw
-
-install_sw:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
- $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
- do \
- if [ -f "$$i" ]; then \
- ( echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
- fi; \
- done;
- @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
- tmp="$(SHARED_LIBS)"; \
- for i in $${tmp:-x}; \
- do \
- if [ -f "$$i" -o -f "$$i.a" ]; then \
- ( echo installing $$i; \
- if [ "$(PLATFORM)" != "Cygwin" ]; then \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
- else \
- c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
- cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
- fi ); \
- if expr $(PLATFORM) : 'mingw' > /dev/null; then \
- ( case $$i in \
- *crypto*) i=libeay32.dll;; \
- *ssl*) i=ssleay32.dll;; \
- esac; \
- echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
- fi; \
- fi; \
- done; \
- ( here="`pwd`"; \
- cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
- $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
- if [ "$(INSTALLTOP)" != "/usr" ]; then \
- echo 'OpenSSL shared libraries have been installed in:'; \
- echo ' $(INSTALLTOP)'; \
- echo ''; \
- sed -e '1,/^$$/d' doc/openssl-shared.txt; \
- fi; \
- fi
- cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
- cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
- cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
-
-install_html_docs:
- here="`pwd`"; \
- for subdir in apps crypto ssl; do \
- mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
- for i in doc/$$subdir/*.pod; do \
- fn=`basename $$i .pod`; \
- echo "installing html/$$fn.$(HTMLSUFFIX)"; \
- cat $$i \
- | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
- | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
- | sed -r 's/<!DOCTYPE.*//g' \
- > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- grep -v $$filecase "^$$fn\$$" | \
- (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
- done); \
- done; \
- done
-
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
- here="`pwd`"; \
- filecase=; \
- if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
- filecase=-i; \
- fi; \
- set -e; for i in doc/apps/*.pod; do \
- fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
- --section=$$sec --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- (grep -v $$filecase "^$$fn\$$"; true) | \
- (grep -v "[ ]"; true) | \
- (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
- done); \
- done; \
- set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
- fn=`basename $$i .pod`; \
- sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
- --section=$$sec --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
- (grep -v $$filecase "^$$fn\$$"; true) | \
- (grep -v "[ ]"; true) | \
- (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
- while read n; do \
- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
- done); \
- done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
Copied: vendor-crypto/openssl/1.0.1u/Makefile.org (from rev 11605, vendor-crypto/openssl/dist/Makefile.org)
===================================================================
--- vendor-crypto/openssl/1.0.1u/Makefile.org (rev 0)
+++ vendor-crypto/openssl/1.0.1u/Makefile.org 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,674 @@
+##
+## Makefile for OpenSSL
+##
+
+VERSION=
+MAJOR=
+MINOR=
+SHLIB_VERSION_NUMBER=
+SHLIB_VERSION_HISTORY=
+SHLIB_MAJOR=
+SHLIB_MINOR=
+SHLIB_EXT=
+PLATFORM=dist
+OPTIONS=
+CONFIGURE_ARGS=
+SHLIB_TARGET=
+
+# HERE indicates where this Makefile lives. This can be used to indicate
+# where sub-Makefiles are expected to be. Currently has very limited usage,
+# and should probably not be bothered with at all.
+HERE=.
+
+# INSTALL_PREFIX is for package builders so that they can configure
+# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+# Normally it is left empty.
+INSTALL_PREFIX=
+INSTALLTOP=/usr/local/ssl
+
+# Do not edit this manually. Use Configure --openssldir=DIR do change this!
+OPENSSLDIR=/usr/local/ssl
+
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4 - Define to build without the RC4 algorithm
+# NO_RC2 - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+# one. 32 bytes will be read from this when the random
+# number generator is initalised.
+# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+# NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+# call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
+
+CC= cc
+CFLAG= -O
+DEPFLAG=
+PEX_LIBS=
+EX_LIBS=
+EXE_EXT=
+ARFLAGS=
+AR=ar $(ARFLAGS) r
+RANLIB= ranlib
+NM= nm
+PERL= perl
+TAR= tar
+TARFLAGS= --no-recursion --record-size=10240
+MAKEDEPPROG=makedepend
+LIBDIR=lib
+
+# We let the C compiler driver to take care of .s files. This is done in
+# order to be excused from maintaining a separate set of architecture
+# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+# gcc, then the driver will automatically translate it to -xarch=v8plus
+# and pass it down to assembler.
+AS=$(CC) -c
+ASFLAG=$(CFLAG)
+
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR=
+
+# CPUID module collects small commonly used assembler snippets
+CPUID_OBJ=
+BN_ASM= bn_asm.o
+DES_ENC= des_enc.o fcrypt_b.o
+AES_ENC= aes_core.o aes_cbc.o
+BF_ENC= bf_enc.o
+CAST_ENC= c_enc.o
+RC4_ENC= rc4_enc.o
+RC5_ENC= rc5_enc.o
+MD5_ASM_OBJ=
+SHA1_ASM_OBJ=
+RMD160_ASM_OBJ=
+WP_ASM_OBJ=
+CMLL_ENC=
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME=
+
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
+# TOP level FIPS install directory.
+FIPSDIR=
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=
+
+DIRS= crypto ssl engines apps test tools
+ENGDIRS= ccgost
+SHLIBDIRS= crypto ssl
+
+# dirs in crypto to build
+SDIRS= \
+ objects \
+ md2 md4 md5 sha mdc2 hmac ripemd whrlpool \
+ des aes rc2 rc4 rc5 idea bf cast camellia seed modes \
+ bn ec rsa dsa ecdsa dh ecdh dso engine \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+ cms pqueue ts jpake srp store cmac
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
+
+# tests to perform. "alltests" is a special word indicating that all tests
+# should be performed.
+TESTS = alltests
+
+MAKEFILE= Makefile
+
+MANDIR=$(OPENSSLDIR)/man
+MAN1=1
+MAN3=3
+MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
+SHELL=/bin/sh
+
+TOP= .
+ONEDIRS=out tmp
+EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
+WDIRS= windows
+LIBS= libcrypto.a libssl.a
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=
+SHARED_LDFLAGS=
+
+GENERAL= Makefile
+BASENAME= openssl
+NAME= $(BASENAME)-$(VERSION)
+TARFILE= ../$(NAME).tar
+EXHEADER= e_os2.h
+HEADER= e_os.h
+
+all: Makefile build_all
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
+ $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
+ $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
+ $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
+ $${EXHEADER+EXHEADER} $${HEADER+HEADER} \
+ $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
+ $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
+ $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+ INSTALL_PREFIX='$(INSTALL_PREFIX)' \
+ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+ LIBDIR='$(LIBDIR)' \
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
+ PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
+ CPUID_OBJ='$(CPUID_OBJ)' \
+ BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
+ AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+ BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+ RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
+ PERLASM_SCHEME='$(PERLASM_SCHEME)' \
+ FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
+ FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
+ THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory. The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS). It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS). It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD= if [ -d "$$dir" ]; then \
+ ( cd $$dir && echo "making $$target in $$dir..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+ ) || exit 1; \
+ fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+ if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+ $(BUILD_CMD); \
+ fi
+
+reflect:
+ @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+
+sub_all: build_all
+
+build_all: build_libs build_apps build_tests build_tools
+
+build_libs: build_libcrypto build_libssl openssl.pc
+
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc
+
+build_crypto:
+ @dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl: build_crypto
+ @dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines: build_crypto
+ @dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps: build_libs
+ @dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests: build_libs
+ @dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools: build_libs
+ @dir=tools; target=all; $(BUILD_ONE_CMD)
+
+all_testapps: build_libs build_testapps
+build_testapps:
+ @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
+ (touch -c fips_premain_dso$(EXE_EXT) || :); \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+ fi
+
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+ fi
+
+clean-shared:
+ @set -e; for i in $(SHLIBDIRS); do \
+ if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+ tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+ for j in $${tmp:-x}; do \
+ ( set -x; rm -f lib$$i$$j ); \
+ done; \
+ fi; \
+ ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+ if [ "$(PLATFORM)" = "Cygwin" ]; then \
+ ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
+ fi; \
+ done
+
+link-shared:
+ @ set -e; for i in $(SHLIBDIRS); do \
+ $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ symlink.$(SHLIB_TARGET); \
+ libs="$$libs -l$$i"; \
+ done
+
+build-shared: do_$(SHLIB_TARGET) link-shared
+
+do_$(SHLIB_TARGET):
+ @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ libs="$(LIBKRB5) $$libs"; \
+ fi; \
+ $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ LIBDEPS="$$libs $(EX_LIBS)" \
+ link_a.$(SHLIB_TARGET); \
+ libs="-l$$i $$libs"; \
+ done
+
+libcrypto.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL-libcrypto'; \
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
+ @ ( echo 'prefix=$(INSTALLTOP)'; \
+ echo 'exec_prefix=$${prefix}'; \
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+Makefile: Makefile.org Configure config
+ @echo "Makefile is older than Makefile.org, Configure or config."
+ @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+ @false
+
+libclean:
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+
+clean: libclean
+ rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
+ @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+ rm -f $(LIBS)
+ rm -f openssl.pc libssl.pc libcrypto.pc
+ rm -f speed.* .pure
+ rm -f $(TARFILE)
+ @set -e; for i in $(ONEDIRS) ;\
+ do \
+ rm -fr $$i/*; \
+ done
+
+makefile.one: files
+ $(PERL) util/mk1mf.pl >makefile.one; \
+ sh util/do_ms.sh
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+ @set -e; target=files; $(RECURSIVE_BUILD_CMD)
+
+links:
+ @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
+ @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
+ @set -e; target=links; $(RECURSIVE_BUILD_CMD)
+
+gentests:
+ @(cd test && echo "generating dummy tests (if needed)..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+
+dclean:
+ rm -rf *.bak include/openssl certs/.0
+ @set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
+
+rehash: rehash.time
+rehash.time: certs apps
+ @if [ -z "$(CROSS_COMPILE)" ]; then \
+ (OPENSSL="`pwd`/util/opensslwrap.sh"; \
+ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+ OPENSSL_DEBUG_MEMORY=on; \
+ export OPENSSL OPENSSL_DEBUG_MEMORY; \
+ $(PERL) tools/c_rehash certs/demo) && \
+ touch rehash.time; \
+ else :; fi
+
+test: tests
+
+tests: rehash
+ @(cd test && echo "testing..." && \
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+report:
+ @$(PERL) util/selftest.pl
+
+update: errors stacks util/libeay.num util/ssleay.num TABLE
+ @set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
+depend:
+ @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+
+lint:
+ @set -e; target=lint; $(RECURSIVE_BUILD_CMD)
+
+tags:
+ rm -f TAGS
+ find . -name '[^.]*.[ch]' | xargs etags -a
+
+errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+ $(PERL) util/mkerr.pl -recurse -write
+ (cd engines; $(MAKE) PERL=$(PERL) errors)
+
+stacks:
+ $(PERL) util/mkstack.pl -write
+
+util/libeay.num::
+ $(PERL) util/mkdef.pl crypto update
+
+util/ssleay.num::
+ $(PERL) util/mkdef.pl ssl update
+
+TABLE: Configure
+ (echo 'Output of `Configure TABLE'"':"; \
+ $(PERL) Configure TABLE) > TABLE
+
+# Build distribution tar-file. As the list of files returned by "find" is
+# pretty long, on several platforms a "too many arguments" error or similar
+# would occur. Therefore the list of files is temporarily stored into a file
+# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+# tar does not support the --files-from option.
+TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
+ --owner 0 --group 0 \
+ --transform 's|^|$(NAME)/|' \
+ -cvf -
+
+$(TARFILE).list:
+ find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
+ \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
+ \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
+ \! -name '.#*' \! -name '*~' \! -type l \
+ | sort > $(TARFILE).list
+
+tar: $(TARFILE).list
+ find . -type d -print | xargs chmod 755
+ find . -type f -print | xargs chmod a+r
+ find . -type f -perm -0100 -print | xargs chmod a+x
+ $(TAR_COMMAND) | gzip --best > $(TARFILE).gz
+ rm -f $(TARFILE).list
+ ls -l $(TARFILE).gz
+
+tar-snap: $(TARFILE).list
+ $(TAR_COMMAND) > $(TARFILE)
+ rm -f $(TARFILE).list
+ ls -l $(TARFILE)
+
+dist:
+ $(PERL) Configure dist
+ @$(MAKE) SDIRS='$(SDIRS)' clean
+ @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
+
+install: all install_docs install_sw
+
+install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+ @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+ fi; \
+ done;
+ @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+ tmp="$(SHARED_LIBS)"; \
+ for i in $${tmp:-x}; \
+ do \
+ if [ -f "$$i" -o -f "$$i.a" ]; then \
+ ( echo installing $$i; \
+ if [ "$(PLATFORM)" != "Cygwin" ]; then \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ else \
+ c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ fi ); \
+ if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+ ( case $$i in \
+ *crypto*) i=libeay32.dll;; \
+ *ssl*) i=ssleay32.dll;; \
+ esac; \
+ echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ fi; \
+ fi; \
+ done; \
+ ( here="`pwd`"; \
+ cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+ $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+ if [ "$(INSTALLTOP)" != "/usr" ]; then \
+ echo 'OpenSSL shared libraries have been installed in:'; \
+ echo ' $(INSTALLTOP)'; \
+ echo ''; \
+ sed -e '1,/^$$/d' doc/openssl-shared.txt; \
+ fi; \
+ fi
+ cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+ cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+ cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+ here="`pwd`"; \
+ for subdir in apps crypto ssl; do \
+ mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ for i in doc/$$subdir/*.pod; do \
+ fn=`basename $$i .pod`; \
+ echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+ cat $$i \
+ | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+ | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+ | sed -r 's/<!DOCTYPE.*//g' \
+ > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ grep -v $$filecase "^$$fn\$$" | \
+ (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+ done); \
+ done; \
+ done
+
+install_docs:
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+ @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+ here="`pwd`"; \
+ filecase=; \
+ if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
+ filecase=-i; \
+ fi; \
+ set -e; for i in doc/apps/*.pod; do \
+ fn=`basename $$i .pod`; \
+ sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+ --section=$$sec --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ (grep -v $$filecase "^$$fn\$$"; true) | \
+ (grep -v "[ ]"; true) | \
+ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ done); \
+ done; \
+ set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+ fn=`basename $$i .pod`; \
+ sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+ --section=$$sec --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ (grep -v $$filecase "^$$fn\$$"; true) | \
+ (grep -v "[ ]"; true) | \
+ (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ done); \
+ done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
Deleted: vendor-crypto/openssl/1.0.1u/NEWS
===================================================================
--- vendor-crypto/openssl/dist/NEWS 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/NEWS 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,726 +0,0 @@
-
- NEWS
- ====
-
- This file gives a brief overview of the major changes between each OpenSSL
- release. For more details please read the CHANGES file.
-
- Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015]
-
- o Certificate verify crash with missing PSS parameter (CVE-2015-3194)
- o X509_ATTRIBUTE memory leak (CVE-2015-3195)
- o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
- o In DSA_generate_parameters_ex, if the provided seed is too short,
- return an error
-
- Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015]
-
- o Alternate chains certificate forgery (CVE-2015-1793)
- o Race condition handling PSK identify hint (CVE-2015-3196)
-
- Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]
-
- o Fix HMAC ABI incompatibility
-
- Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015]
-
- o Malformed ECParameters causes infinite loop (CVE-2015-1788)
- o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
- o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
- o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
- o Race condition handling NewSessionTicket (CVE-2015-1791)
-
- Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015]
-
- o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
- o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
- o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
- o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
- o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
- o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
- o Removed the export ciphers from the DEFAULT ciphers
-
- Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
-
- o Build fixes for the Windows and OpenVMS platforms
-
- Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
-
- o Fix for CVE-2014-3571
- o Fix for CVE-2015-0206
- o Fix for CVE-2014-3569
- o Fix for CVE-2014-3572
- o Fix for CVE-2015-0204
- o Fix for CVE-2015-0205
- o Fix for CVE-2014-8275
- o Fix for CVE-2014-3570
-
- Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]
-
- o Fix for CVE-2014-3513
- o Fix for CVE-2014-3567
- o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
- o Fix for CVE-2014-3568
-
- Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]
-
- o Fix for CVE-2014-3512
- o Fix for CVE-2014-3511
- o Fix for CVE-2014-3510
- o Fix for CVE-2014-3507
- o Fix for CVE-2014-3506
- o Fix for CVE-2014-3505
- o Fix for CVE-2014-3509
- o Fix for CVE-2014-5139
- o Fix for CVE-2014-3508
-
- Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
-
- o Fix for CVE-2014-0224
- o Fix for CVE-2014-0221
- o Fix for CVE-2014-0198
- o Fix for CVE-2014-0195
- o Fix for CVE-2014-3470
- o Fix for CVE-2010-5298
-
- Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
-
- o Fix for CVE-2014-0160
- o Add TLS padding extension workaround for broken servers.
- o Fix for CVE-2014-0076
-
- Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
-
- o Don't include gmt_unix_time in TLS server and client random values
- o Fix for TLS record tampering bug CVE-2013-4353
- o Fix for TLS version checking bug CVE-2013-6449
- o Fix for DTLS retransmission bug CVE-2013-6450
-
- Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
-
- o Corrected fix for CVE-2013-0169
-
- Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
-
- o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
- o Include the fips configuration module.
- o Fix OCSP bad key DoS attack CVE-2013-0166
- o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
- o Fix for TLS AESNI record handling flaw CVE-2012-2686
-
- Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
-
- o Fix TLS/DTLS record length checking bug CVE-2012-2333
- o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
-
- Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
-
- o Fix compilation error on non-x86 platforms.
- o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
- o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
-
- Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
-
- o Fix for ASN1 overflow bug CVE-2012-2110
- o Workarounds for some servers that hang on long client hellos.
- o Fix SEGV in AES code.
-
- Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
-
- o TLS/DTLS heartbeat support.
- o SCTP support.
- o RFC 5705 TLS key material exporter.
- o RFC 5764 DTLS-SRTP negotiation.
- o Next Protocol Negotiation.
- o PSS signatures in certificates, requests and CRLs.
- o Support for password based recipient info for CMS.
- o Support TLS v1.2 and TLS v1.1.
- o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
- o SRP support.
-
- Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
-
- o Fix for CMS/PKCS#7 MMA CVE-2012-0884
- o Corrected fix for CVE-2011-4619
- o Various DTLS fixes.
-
- Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
-
- o Fix for DTLS DoS issue CVE-2012-0050
-
- Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
-
- o Fix for DTLS plaintext recovery attack CVE-2011-4108
- o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
- o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
- o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
- o Check for malformed RFC3779 data CVE-2011-4577
-
- Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
-
- o Fix for CRL vulnerability issue CVE-2011-3207
- o Fix for ECDH crashes CVE-2011-3210
- o Protection against EC timing attacks.
- o Support ECDH ciphersuites for certificates using SHA2 algorithms.
- o Various DTLS fixes.
-
- Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
-
- o Fix for security issue CVE-2011-0014
-
- Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
-
- o Fix for security issue CVE-2010-4180
- o Fix for CVE-2010-4252
- o Fix mishandling of absent EC point format extension.
- o Fix various platform compilation issues.
- o Corrected fix for security issue CVE-2010-3864.
-
- Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
-
- o Fix for security issue CVE-2010-3864.
- o Fix for CVE-2010-2939
- o Fix WIN32 build system for GOST ENGINE.
-
- Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
-
- o Fix for security issue CVE-2010-1633.
- o GOST MAC and CFB fixes.
-
- Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
-
- o RFC3280 path validation: sufficient to process PKITS tests.
- o Integrated support for PVK files and keyblobs.
- o Change default private key format to PKCS#8.
- o CMS support: able to process all examples in RFC4134
- o Streaming ASN1 encode support for PKCS#7 and CMS.
- o Multiple signer and signer add support for PKCS#7 and CMS.
- o ASN1 printing support.
- o Whirlpool hash algorithm added.
- o RFC3161 time stamp support.
- o New generalised public key API supporting ENGINE based algorithms.
- o New generalised public key API utilities.
- o New ENGINE supporting GOST algorithms.
- o SSL/TLS GOST ciphersuite support.
- o PKCS#7 and CMS GOST support.
- o RFC4279 PSK ciphersuite support.
- o Supported points format extension for ECC ciphersuites.
- o ecdsa-with-SHA224/256/384/512 signature types.
- o dsa-with-SHA224 and dsa-with-SHA256 signature types.
- o Opaque PRF Input TLS extension support.
- o Updated time routines to avoid OS limitations.
-
- Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
-
- o CFB cipher definition fixes.
- o Fix security issues CVE-2010-0740 and CVE-2010-0433.
-
- Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
-
- o Cipher definition fixes.
- o Workaround for slow RAND_poll() on some WIN32 versions.
- o Remove MD2 from algorithm tables.
- o SPKAC handling fixes.
- o Support for RFC5746 TLS renegotiation extension.
- o Compression memory leak fixed.
- o Compression session resumption fixed.
- o Ticket and SNI coexistence fixes.
- o Many fixes to DTLS handling.
-
- Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
-
- o Temporary work around for CVE-2009-3555: disable renegotiation.
-
- Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
-
- o Fix various build issues.
- o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
-
- Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
-
- o Fix security issue (CVE-2008-5077)
- o Merge FIPS 140-2 branch code.
-
- Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
-
- o CryptoAPI ENGINE support.
- o Various precautionary measures.
- o Fix for bugs affecting certificate request creation.
- o Support for local machine keyset attribute in PKCS#12 files.
-
- Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
-
- o Backport of CMS functionality to 0.9.8.
- o Fixes for bugs introduced with 0.9.8f.
-
- Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
-
- o Add gcc 4.2 support.
- o Add support for AES and SSE2 assembly lanugauge optimization
- for VC++ build.
- o Support for RFC4507bis and server name extensions if explicitly
- selected at compile time.
- o DTLS improvements.
- o RFC4507bis support.
- o TLS Extensions support.
-
- Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
-
- o Various ciphersuite selection fixes.
- o RFC3779 support.
-
- Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
-
- o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
- o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
- o Changes to ciphersuite selection algorithm
-
- Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
-
- o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
- o New cipher Camellia
-
- Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
-
- o Cipher string fixes.
- o Fixes for VC++ 2005.
- o Updated ECC cipher suite support.
- o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free().
- o Zlib compression usage fixes.
- o Built in dynamic engine compilation support on Win32.
- o Fixes auto dynamic engine loading in Win32.
-
- Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
-
- o Fix potential SSL 2.0 rollback, CVE-2005-2969
- o Extended Windows CE support
-
- Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
-
- o Major work on the BIGNUM library for higher efficiency and to
- make operations more streamlined and less contradictory. This
- is the result of a major audit of the BIGNUM library.
- o Addition of BIGNUM functions for fields GF(2^m) and NIST
- curves, to support the Elliptic Crypto functions.
- o Major work on Elliptic Crypto; ECDH and ECDSA added, including
- the use through EVP, X509 and ENGINE.
- o New ASN.1 mini-compiler that's usable through the OpenSSL
- configuration file.
- o Added support for ASN.1 indefinite length constructed encoding.
- o New PKCS#12 'medium level' API to manipulate PKCS#12 files.
- o Complete rework of shared library construction and linking
- programs with shared or static libraries, through a separate
- Makefile.shared.
- o Rework of the passing of parameters from one Makefile to another.
- o Changed ENGINE framework to load dynamic engine modules
- automatically from specifically given directories.
- o New structure and ASN.1 functions for CertificatePair.
- o Changed the ZLIB compression method to be stateful.
- o Changed the key-generation and primality testing "progress"
- mechanism to take a structure that contains the ticker
- function and an argument.
- o New engine module: GMP (performs private key exponentiation).
- o New engine module: VIA PadLOck ACE extension in VIA C3
- Nehemiah processors.
- o Added support for IPv6 addresses in certificate extensions.
- See RFC 1884, section 2.2.
- o Added support for certificate policy mappings, policy
- constraints and name constraints.
- o Added support for multi-valued AVAs in the OpenSSL
- configuration file.
- o Added support for multiple certificates with the same subject
- in the 'openssl ca' index file.
- o Make it possible to create self-signed certificates using
- 'openssl ca -selfsign'.
- o Make it possible to generate a serial number file with
- 'openssl ca -create_serial'.
- o New binary search functions with extended functionality.
- o New BUF functions.
- o New STORE structure and library to provide an interface to all
- sorts of data repositories. Supports storage of public and
- private keys, certificates, CRLs, numbers and arbitrary blobs.
- This library is unfortunately unfinished and unused withing
- OpenSSL.
- o New control functions for the error stack.
- o Changed the PKCS#7 library to support one-pass S/MIME
- processing.
- o Added the possibility to compile without old deprecated
- functionality with the OPENSSL_NO_DEPRECATED macro or the
- 'no-deprecated' argument to the config and Configure scripts.
- o Constification of all ASN.1 conversion functions, and other
- affected functions.
- o Improved platform support for PowerPC.
- o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512).
- o New X509_VERIFY_PARAM structure to support parametrisation
- of X.509 path validation.
- o Major overhaul of RC4 performance on Intel P4, IA-64 and
- AMD64.
- o Changed the Configure script to have some algorithms disabled
- by default. Those can be explicitely enabled with the new
- argument form 'enable-xxx'.
- o Change the default digest in 'openssl' commands from MD5 to
- SHA-1.
- o Added support for DTLS.
- o New BIGNUM blinding.
- o Added support for the RSA-PSS encryption scheme
- o Added support for the RSA X.931 padding.
- o Added support for BSD sockets on NetWare.
- o Added support for files larger than 2GB.
- o Added initial support for Win64.
- o Added alternate pkg-config files.
-
- Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
-
- o FIPS 1.1.1 module linking.
- o Various ciphersuite selection fixes.
-
- Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
-
- o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
- o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
-
- Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
-
- o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
-
- Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
-
- o Visual C++ 2005 fixes.
- o Update Windows build system for FIPS.
-
- Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
-
- o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
-
- Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
-
- o Fix SSL 2.0 Rollback, CVE-2005-2969
- o Allow use of fixed-length exponent on DSA signing
- o Default fixed-window RSA, DSA, DH private-key operations
-
- Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
-
- o More compilation issues fixed.
- o Adaptation to more modern Kerberos API.
- o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin.
- o Enhanced x86_64 assembler BIGNUM module.
- o More constification.
- o Added processing of proxy certificates (RFC 3820).
-
- Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
-
- o Several compilation issues fixed.
- o Many memory allocation failure checks added.
- o Improved comparison of X509 Name type.
- o Mandatory basic checks on certificates.
- o Performance improvements.
-
- Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
-
- o Fix race condition in CRL checking code.
- o Fixes to PKCS#7 (S/MIME) code.
-
- Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
-
- o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
- o Security: Fix null-pointer assignment in do_change_cipher_spec()
- o Allow multiple active certificates with same subject in CA index
- o Multiple X509 verification fixes
- o Speed up HMAC and other operations
-
- Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
-
- o Security: fix various ASN1 parsing bugs.
- o New -ignore_err option to OCSP utility.
- o Various interop and bug fixes in S/MIME code.
- o SSL/TLS protocol fix for unrequested client certificates.
-
- Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
-
- o Security: counter the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack
- o Security: make RSA blinding default.
- o Configuration: Irix fixes, AIX fixes, better mingw support.
- o Support for new platforms: linux-ia64-ecc.
- o Build: shared library support fixes.
- o ASN.1: treat domainComponent correctly.
- o Documentation: fixes and additions.
-
- Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
-
- o Security: Important security related bugfixes.
- o Enhanced compatibility with MIT Kerberos.
- o Can be built without the ENGINE framework.
- o IA32 assembler enhancements.
- o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64.
- o Configuration: the no-err option now works properly.
- o SSL/TLS: now handles manual certificate chain building.
- o SSL/TLS: certain session ID malfunctions corrected.
-
- Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
-
- o New library section OCSP.
- o Complete rewrite of ASN1 code.
- o CRL checking in verify code and openssl utility.
- o Extension copying in 'ca' utility.
- o Flexible display options in 'ca' utility.
- o Provisional support for international characters with UTF8.
- o Support for external crypto devices ('engine') is no longer
- a separate distribution.
- o New elliptic curve library section.
- o New AES (Rijndael) library section.
- o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
- Linux x86_64, Linux 64-bit on Sparc v9
- o Extended support for some platforms: VxWorks
- o Enhanced support for shared libraries.
- o Now only builds PIC code when shared library support is requested.
- o Support for pkg-config.
- o Lots of new manuals.
- o Makes symbolic links to or copies of manuals to cover all described
- functions.
- o Change DES API to clean up the namespace (some applications link also
- against libdes providing similar functions having the same name).
- Provide macros for backward compatibility (will be removed in the
- future).
- o Unify handling of cryptographic algorithms (software and engine)
- to be available via EVP routines for asymmetric and symmetric ciphers.
- o NCONF: new configuration handling routines.
- o Change API to use more 'const' modifiers to improve error checking
- and help optimizers.
- o Finally remove references to RSAref.
- o Reworked parts of the BIGNUM code.
- o Support for new engines: Broadcom ubsec, Accelerated Encryption
- Processing, IBM 4758.
- o A few new engines added in the demos area.
- o Extended and corrected OID (object identifier) table.
- o PRNG: query at more locations for a random device, automatic query for
- EGD style random sources at several locations.
- o SSL/TLS: allow optional cipher choice according to server's preference.
- o SSL/TLS: allow server to explicitly set new session ids.
- o SSL/TLS: support Kerberos cipher suites (RFC2712).
- Only supports MIT Kerberos for now.
- o SSL/TLS: allow more precise control of renegotiations and sessions.
- o SSL/TLS: add callback to retrieve SSL/TLS messages.
- o SSL/TLS: support AES cipher suites (RFC3268).
-
- Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
-
- o Security: fix various ASN1 parsing bugs.
- o SSL/TLS protocol fix for unrequested client certificates.
-
- Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
-
- o Security: counter the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack
- o Security: make RSA blinding default.
- o Build: shared library support fixes.
-
- Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
-
- o Important security related bugfixes.
-
- Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
-
- o New configuration targets for Tandem OSS and A/UX.
- o New OIDs for Microsoft attributes.
- o Better handling of SSL session caching.
- o Better comparison of distinguished names.
- o Better handling of shared libraries in a mixed GNU/non-GNU environment.
- o Support assembler code with Borland C.
- o Fixes for length problems.
- o Fixes for uninitialised variables.
- o Fixes for memory leaks, some unusual crashes and some race conditions.
- o Fixes for smaller building problems.
- o Updates of manuals, FAQ and other instructive documents.
-
- Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
-
- o Important building fixes on Unix.
-
- Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
-
- o Various important bugfixes.
-
- Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
-
- o Important security related bugfixes.
- o Various SSL/TLS library bugfixes.
-
- Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
-
- o Various SSL/TLS library bugfixes.
- o Fix DH parameter generation for 'non-standard' generators.
-
- Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
-
- o Various SSL/TLS library bugfixes.
- o BIGNUM library fixes.
- o RSA OAEP and random number generation fixes.
- o Object identifiers corrected and added.
- o Add assembler BN routines for IA64.
- o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8,
- MIPS Linux; shared library support for Irix, HP-UX.
- o Add crypto accelerator support for AEP, Baltimore SureWare,
- Broadcom and Cryptographic Appliance's keyserver
- [in 0.9.6c-engine release].
-
- Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
-
- o Security fix: PRNG improvements.
- o Security fix: RSA OAEP check.
- o Security fix: Reinsert and fix countermeasure to Bleichbacher's
- attack.
- o MIPS bug fix in BIGNUM.
- o Bug fix in "openssl enc".
- o Bug fix in X.509 printing routine.
- o Bug fix in DSA verification routine and DSA S/MIME verification.
- o Bug fix to make PRNG thread-safe.
- o Bug fix in RAND_file_name().
- o Bug fix in compatibility mode trust settings.
- o Bug fix in blowfish EVP.
- o Increase default size for BIO buffering filter.
- o Compatibility fixes in some scripts.
-
- Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
-
- o Security fix: change behavior of OpenSSL to avoid using
- environment variables when running as root.
- o Security fix: check the result of RSA-CRT to reduce the
- possibility of deducing the private key from an incorrectly
- calculated signature.
- o Security fix: prevent Bleichenbacher's DSA attack.
- o Security fix: Zero the premaster secret after deriving the
- master secret in DH ciphersuites.
- o Reimplement SSL_peek(), which had various problems.
- o Compatibility fix: the function des_encrypt() renamed to
- des_encrypt1() to avoid clashes with some Unixen libc.
- o Bug fixes for Win32, HP/UX and Irix.
- o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
- memory checking routines.
- o Bug fixes for RSA operations in threaded environments.
- o Bug fixes in misc. openssl applications.
- o Remove a few potential memory leaks.
- o Add tighter checks of BIGNUM routines.
- o Shared library support has been reworked for generality.
- o More documentation.
- o New function BN_rand_range().
- o Add "-rand" option to openssl s_client and s_server.
-
- Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
-
- o Some documentation for BIO and SSL libraries.
- o Enhanced chain verification using key identifiers.
- o New sign and verify options to 'dgst' application.
- o Support for DER and PEM encoded messages in 'smime' application.
- o New 'rsautl' application, low level RSA utility.
- o MD4 now included.
- o Bugfix for SSL rollback padding check.
- o Support for external crypto devices [1].
- o Enhanced EVP interface.
-
- [1] The support for external crypto devices is currently a separate
- distribution. See the file README.ENGINE.
-
- Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
-
- o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
- o Shared library support for HPUX and Solaris-gcc
- o Support of Linux/IA64
- o Assembler support for Mingw32
- o New 'rand' application
- o New way to check for existence of algorithms from scripts
-
- Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
-
- o S/MIME support in new 'smime' command
- o Documentation for the OpenSSL command line application
- o Automation of 'req' application
- o Fixes to make s_client, s_server work under Windows
- o Support for multiple fieldnames in SPKACs
- o New SPKAC command line utilty and associated library functions
- o Options to allow passwords to be obtained from various sources
- o New public key PEM format and options to handle it
- o Many other fixes and enhancements to command line utilities
- o Usable certificate chain verification
- o Certificate purpose checking
- o Certificate trust settings
- o Support of authority information access extension
- o Extensions in certificate requests
- o Simplified X509 name and attribute routines
- o Initial (incomplete) support for international character sets
- o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD
- o Read only memory BIOs and simplified creation function
- o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0
- record; allow fragmentation and interleaving of handshake and other
- data
- o TLS/SSL code now "tolerates" MS SGC
- o Work around for Netscape client certificate hang bug
- o RSA_NULL option that removes RSA patent code but keeps other
- RSA functionality
- o Memory leak detection now allows applications to add extra information
- via a per-thread stack
- o PRNG robustness improved
- o EGD support
- o BIGNUM library bug fixes
- o Faster DSA parameter generation
- o Enhanced support for Alpha Linux
- o Experimental MacOS support
-
- Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
-
- o Transparent support for PKCS#8 format private keys: these are used
- by several software packages and are more secure than the standard
- form
- o PKCS#5 v2.0 implementation
- o Password callbacks have a new void * argument for application data
- o Avoid various memory leaks
- o New pipe-like BIO that allows using the SSL library when actual I/O
- must be handled by the application (BIO pair)
-
- Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
- o Lots of enhancements and cleanups to the Configuration mechanism
- o RSA OEAP related fixes
- o Added `openssl ca -revoke' option for revoking a certificate
- o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
- o Source tree cleanups: removed lots of obsolete files
- o Thawte SXNet, certificate policies and CRL distribution points
- extension support
- o Preliminary (experimental) S/MIME support
- o Support for ASN.1 UTF8String and VisibleString
- o Full integration of PKCS#12 code
- o Sparc assembler bignum implementation, optimized hash functions
- o Option to disable selected ciphers
-
- Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
- o Fixed a security hole related to session resumption
- o Fixed RSA encryption routines for the p < q case
- o "ALL" in cipher lists now means "everything except NULL ciphers"
- o Support for Triple-DES CBCM cipher
- o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA
- o First support for new TLSv1 ciphers
- o Added a few new BIOs (syslog BIO, reliable BIO)
- o Extended support for DSA certificate/keys.
- o Extended support for Certificate Signing Requests (CSR)
- o Initial support for X.509v3 extensions
- o Extended support for compression inside the SSL record layer
- o Overhauled Win32 builds
- o Cleanups and fixes to the Big Number (BN) library
- o Support for ASN.1 GeneralizedTime
- o Splitted ASN.1 SETs from SEQUENCEs
- o ASN1 and PEM support for Netscape Certificate Sequences
- o Overhauled Perl interface
- o Lots of source tree cleanups.
- o Lots of memory leak fixes.
- o Lots of bug fixes.
-
- Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
- o Integration of the popular NO_RSA/NO_DSA patches
- o Initial support for compression inside the SSL record layer
- o Added BIO proxy and filtering functionality
- o Extended Big Number (BN) library
- o Added RIPE MD160 message digest
- o Addeed support for RC2/64bit cipher
- o Extended ASN.1 parser routines
- o Adjustations of the source tree for CVS
- o Support for various new platforms
-
Copied: vendor-crypto/openssl/1.0.1u/NEWS (from rev 11605, vendor-crypto/openssl/dist/NEWS)
===================================================================
--- vendor-crypto/openssl/1.0.1u/NEWS (rev 0)
+++ vendor-crypto/openssl/1.0.1u/NEWS 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,771 @@
+
+ NEWS
+ ====
+
+ This file gives a brief overview of the major changes between each OpenSSL
+ release. For more details please read the CHANGES file.
+
+ Major changes between OpenSSL 1.0.1t and OpenSSL 1.0.1u [22 Sep 2016]
+
+ o OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
+ o SWEET32 Mitigation (CVE-2016-2183)
+ o OOB write in MDC2_Update() (CVE-2016-6303)
+ o Malformed SHA512 ticket DoS (CVE-2016-6302)
+ o OOB write in BN_bn2dec() (CVE-2016-2182)
+ o OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
+ o Pointer arithmetic undefined behaviour (CVE-2016-2177)
+ o Constant time flag not preserved in DSA signing (CVE-2016-2178)
+ o DTLS buffered message DoS (CVE-2016-2179)
+ o DTLS replay protection DoS (CVE-2016-2181)
+ o Certificate message OOB reads (CVE-2016-6306)
+
+ Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016]
+
+ o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+ o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
+ o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
+ o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
+ o EBCDIC overread (CVE-2016-2176)
+ o Modify behavior of ALPN to invoke callback after SNI/servername
+ callback, such that updates to the SSL_CTX affect ALPN.
+ o Remove LOW from the DEFAULT cipher list. This removes singles DES from
+ the default.
+ o Only remove the SSLv2 methods with the no-ssl2-method option.
+
+ Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [1 Mar 2016]
+
+ o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
+ o Disable SSLv2 default build, default negotiation and weak ciphers
+ (CVE-2016-0800)
+ o Fix a double-free in DSA code (CVE-2016-0705)
+ o Disable SRP fake user seed to address a server memory leak
+ (CVE-2016-0798)
+ o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
+ (CVE-2016-0797)
+ o Fix memory issues in BIO_*printf functions (CVE-2016-0799)
+ o Fix side channel attack on modular exponentiation (CVE-2016-0702)
+
+ Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016]
+
+ o Protection for DH small subgroup attacks
+ o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
+
+ Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015]
+
+ o Certificate verify crash with missing PSS parameter (CVE-2015-3194)
+ o X509_ATTRIBUTE memory leak (CVE-2015-3195)
+ o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
+ o In DSA_generate_parameters_ex, if the provided seed is too short,
+ return an error
+
+ Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015]
+
+ o Alternate chains certificate forgery (CVE-2015-1793)
+ o Race condition handling PSK identify hint (CVE-2015-3196)
+
+ Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]
+
+ o Fix HMAC ABI incompatibility
+
+ Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015]
+
+ o Malformed ECParameters causes infinite loop (CVE-2015-1788)
+ o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
+ o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
+ o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
+ o Race condition handling NewSessionTicket (CVE-2015-1791)
+
+ Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015]
+
+ o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
+ o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
+ o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
+ o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
+ o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
+ o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
+ o Removed the export ciphers from the DEFAULT ciphers
+
+ Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
+
+ o Build fixes for the Windows and OpenVMS platforms
+
+ Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
+
+ o Fix for CVE-2014-3571
+ o Fix for CVE-2015-0206
+ o Fix for CVE-2014-3569
+ o Fix for CVE-2014-3572
+ o Fix for CVE-2015-0204
+ o Fix for CVE-2015-0205
+ o Fix for CVE-2014-8275
+ o Fix for CVE-2014-3570
+
+ Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]
+
+ o Fix for CVE-2014-3513
+ o Fix for CVE-2014-3567
+ o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
+ o Fix for CVE-2014-3568
+
+ Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]
+
+ o Fix for CVE-2014-3512
+ o Fix for CVE-2014-3511
+ o Fix for CVE-2014-3510
+ o Fix for CVE-2014-3507
+ o Fix for CVE-2014-3506
+ o Fix for CVE-2014-3505
+ o Fix for CVE-2014-3509
+ o Fix for CVE-2014-5139
+ o Fix for CVE-2014-3508
+
+ Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
+
+ o Fix for CVE-2014-0224
+ o Fix for CVE-2014-0221
+ o Fix for CVE-2014-0198
+ o Fix for CVE-2014-0195
+ o Fix for CVE-2014-3470
+ o Fix for CVE-2010-5298
+
+ Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
+
+ o Fix for CVE-2014-0160
+ o Add TLS padding extension workaround for broken servers.
+ o Fix for CVE-2014-0076
+
+ Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
+
+ o Don't include gmt_unix_time in TLS server and client random values
+ o Fix for TLS record tampering bug CVE-2013-4353
+ o Fix for TLS version checking bug CVE-2013-6449
+ o Fix for DTLS retransmission bug CVE-2013-6450
+
+ Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
+
+ o Corrected fix for CVE-2013-0169
+
+ Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
+
+ o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
+ o Include the fips configuration module.
+ o Fix OCSP bad key DoS attack CVE-2013-0166
+ o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+ o Fix for TLS AESNI record handling flaw CVE-2012-2686
+
+ Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
+
+ o Fix TLS/DTLS record length checking bug CVE-2012-2333
+ o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
+
+ Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
+
+ o Fix compilation error on non-x86 platforms.
+ o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
+ o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
+
+ Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
+
+ o Fix for ASN1 overflow bug CVE-2012-2110
+ o Workarounds for some servers that hang on long client hellos.
+ o Fix SEGV in AES code.
+
+ Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
+
+ o TLS/DTLS heartbeat support.
+ o SCTP support.
+ o RFC 5705 TLS key material exporter.
+ o RFC 5764 DTLS-SRTP negotiation.
+ o Next Protocol Negotiation.
+ o PSS signatures in certificates, requests and CRLs.
+ o Support for password based recipient info for CMS.
+ o Support TLS v1.2 and TLS v1.1.
+ o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
+ o SRP support.
+
+ Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
+
+ o Fix for CMS/PKCS#7 MMA CVE-2012-0884
+ o Corrected fix for CVE-2011-4619
+ o Various DTLS fixes.
+
+ Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
+
+ o Fix for DTLS DoS issue CVE-2012-0050
+
+ Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
+
+ o Fix for DTLS plaintext recovery attack CVE-2011-4108
+ o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
+ o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
+ o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
+ o Check for malformed RFC3779 data CVE-2011-4577
+
+ Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
+
+ o Fix for CRL vulnerability issue CVE-2011-3207
+ o Fix for ECDH crashes CVE-2011-3210
+ o Protection against EC timing attacks.
+ o Support ECDH ciphersuites for certificates using SHA2 algorithms.
+ o Various DTLS fixes.
+
+ Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
+
+ o Fix for security issue CVE-2011-0014
+
+ Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
+
+ o Fix for security issue CVE-2010-4180
+ o Fix for CVE-2010-4252
+ o Fix mishandling of absent EC point format extension.
+ o Fix various platform compilation issues.
+ o Corrected fix for security issue CVE-2010-3864.
+
+ Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
+
+ o Fix for security issue CVE-2010-3864.
+ o Fix for CVE-2010-2939
+ o Fix WIN32 build system for GOST ENGINE.
+
+ Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
+
+ o Fix for security issue CVE-2010-1633.
+ o GOST MAC and CFB fixes.
+
+ Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
+
+ o RFC3280 path validation: sufficient to process PKITS tests.
+ o Integrated support for PVK files and keyblobs.
+ o Change default private key format to PKCS#8.
+ o CMS support: able to process all examples in RFC4134
+ o Streaming ASN1 encode support for PKCS#7 and CMS.
+ o Multiple signer and signer add support for PKCS#7 and CMS.
+ o ASN1 printing support.
+ o Whirlpool hash algorithm added.
+ o RFC3161 time stamp support.
+ o New generalised public key API supporting ENGINE based algorithms.
+ o New generalised public key API utilities.
+ o New ENGINE supporting GOST algorithms.
+ o SSL/TLS GOST ciphersuite support.
+ o PKCS#7 and CMS GOST support.
+ o RFC4279 PSK ciphersuite support.
+ o Supported points format extension for ECC ciphersuites.
+ o ecdsa-with-SHA224/256/384/512 signature types.
+ o dsa-with-SHA224 and dsa-with-SHA256 signature types.
+ o Opaque PRF Input TLS extension support.
+ o Updated time routines to avoid OS limitations.
+
+ Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
+
+ o CFB cipher definition fixes.
+ o Fix security issues CVE-2010-0740 and CVE-2010-0433.
+
+ Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
+
+ o Cipher definition fixes.
+ o Workaround for slow RAND_poll() on some WIN32 versions.
+ o Remove MD2 from algorithm tables.
+ o SPKAC handling fixes.
+ o Support for RFC5746 TLS renegotiation extension.
+ o Compression memory leak fixed.
+ o Compression session resumption fixed.
+ o Ticket and SNI coexistence fixes.
+ o Many fixes to DTLS handling.
+
+ Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
+
+ o Temporary work around for CVE-2009-3555: disable renegotiation.
+
+ Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
+
+ o Fix various build issues.
+ o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
+
+ Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
+
+ o Fix security issue (CVE-2008-5077)
+ o Merge FIPS 140-2 branch code.
+
+ Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
+
+ o CryptoAPI ENGINE support.
+ o Various precautionary measures.
+ o Fix for bugs affecting certificate request creation.
+ o Support for local machine keyset attribute in PKCS#12 files.
+
+ Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
+
+ o Backport of CMS functionality to 0.9.8.
+ o Fixes for bugs introduced with 0.9.8f.
+
+ Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
+
+ o Add gcc 4.2 support.
+ o Add support for AES and SSE2 assembly lanugauge optimization
+ for VC++ build.
+ o Support for RFC4507bis and server name extensions if explicitly
+ selected at compile time.
+ o DTLS improvements.
+ o RFC4507bis support.
+ o TLS Extensions support.
+
+ Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
+
+ o Various ciphersuite selection fixes.
+ o RFC3779 support.
+
+ Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
+
+ o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
+ o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+ o Changes to ciphersuite selection algorithm
+
+ Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
+
+ o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+ o New cipher Camellia
+
+ Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
+
+ o Cipher string fixes.
+ o Fixes for VC++ 2005.
+ o Updated ECC cipher suite support.
+ o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free().
+ o Zlib compression usage fixes.
+ o Built in dynamic engine compilation support on Win32.
+ o Fixes auto dynamic engine loading in Win32.
+
+ Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
+
+ o Fix potential SSL 2.0 rollback, CVE-2005-2969
+ o Extended Windows CE support
+
+ Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
+
+ o Major work on the BIGNUM library for higher efficiency and to
+ make operations more streamlined and less contradictory. This
+ is the result of a major audit of the BIGNUM library.
+ o Addition of BIGNUM functions for fields GF(2^m) and NIST
+ curves, to support the Elliptic Crypto functions.
+ o Major work on Elliptic Crypto; ECDH and ECDSA added, including
+ the use through EVP, X509 and ENGINE.
+ o New ASN.1 mini-compiler that's usable through the OpenSSL
+ configuration file.
+ o Added support for ASN.1 indefinite length constructed encoding.
+ o New PKCS#12 'medium level' API to manipulate PKCS#12 files.
+ o Complete rework of shared library construction and linking
+ programs with shared or static libraries, through a separate
+ Makefile.shared.
+ o Rework of the passing of parameters from one Makefile to another.
+ o Changed ENGINE framework to load dynamic engine modules
+ automatically from specifically given directories.
+ o New structure and ASN.1 functions for CertificatePair.
+ o Changed the ZLIB compression method to be stateful.
+ o Changed the key-generation and primality testing "progress"
+ mechanism to take a structure that contains the ticker
+ function and an argument.
+ o New engine module: GMP (performs private key exponentiation).
+ o New engine module: VIA PadLOck ACE extension in VIA C3
+ Nehemiah processors.
+ o Added support for IPv6 addresses in certificate extensions.
+ See RFC 1884, section 2.2.
+ o Added support for certificate policy mappings, policy
+ constraints and name constraints.
+ o Added support for multi-valued AVAs in the OpenSSL
+ configuration file.
+ o Added support for multiple certificates with the same subject
+ in the 'openssl ca' index file.
+ o Make it possible to create self-signed certificates using
+ 'openssl ca -selfsign'.
+ o Make it possible to generate a serial number file with
+ 'openssl ca -create_serial'.
+ o New binary search functions with extended functionality.
+ o New BUF functions.
+ o New STORE structure and library to provide an interface to all
+ sorts of data repositories. Supports storage of public and
+ private keys, certificates, CRLs, numbers and arbitrary blobs.
+ This library is unfortunately unfinished and unused withing
+ OpenSSL.
+ o New control functions for the error stack.
+ o Changed the PKCS#7 library to support one-pass S/MIME
+ processing.
+ o Added the possibility to compile without old deprecated
+ functionality with the OPENSSL_NO_DEPRECATED macro or the
+ 'no-deprecated' argument to the config and Configure scripts.
+ o Constification of all ASN.1 conversion functions, and other
+ affected functions.
+ o Improved platform support for PowerPC.
+ o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512).
+ o New X509_VERIFY_PARAM structure to support parametrisation
+ of X.509 path validation.
+ o Major overhaul of RC4 performance on Intel P4, IA-64 and
+ AMD64.
+ o Changed the Configure script to have some algorithms disabled
+ by default. Those can be explicitely enabled with the new
+ argument form 'enable-xxx'.
+ o Change the default digest in 'openssl' commands from MD5 to
+ SHA-1.
+ o Added support for DTLS.
+ o New BIGNUM blinding.
+ o Added support for the RSA-PSS encryption scheme
+ o Added support for the RSA X.931 padding.
+ o Added support for BSD sockets on NetWare.
+ o Added support for files larger than 2GB.
+ o Added initial support for Win64.
+ o Added alternate pkg-config files.
+
+ Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
+
+ o FIPS 1.1.1 module linking.
+ o Various ciphersuite selection fixes.
+
+ Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
+
+ o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
+ o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+
+ Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
+
+ o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+
+ Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
+
+ o Visual C++ 2005 fixes.
+ o Update Windows build system for FIPS.
+
+ Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
+
+ o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
+
+ Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
+
+ o Fix SSL 2.0 Rollback, CVE-2005-2969
+ o Allow use of fixed-length exponent on DSA signing
+ o Default fixed-window RSA, DSA, DH private-key operations
+
+ Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
+
+ o More compilation issues fixed.
+ o Adaptation to more modern Kerberos API.
+ o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin.
+ o Enhanced x86_64 assembler BIGNUM module.
+ o More constification.
+ o Added processing of proxy certificates (RFC 3820).
+
+ Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
+
+ o Several compilation issues fixed.
+ o Many memory allocation failure checks added.
+ o Improved comparison of X509 Name type.
+ o Mandatory basic checks on certificates.
+ o Performance improvements.
+
+ Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
+
+ o Fix race condition in CRL checking code.
+ o Fixes to PKCS#7 (S/MIME) code.
+
+ Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
+
+ o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
+ o Security: Fix null-pointer assignment in do_change_cipher_spec()
+ o Allow multiple active certificates with same subject in CA index
+ o Multiple X509 verification fixes
+ o Speed up HMAC and other operations
+
+ Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
+
+ o Security: fix various ASN1 parsing bugs.
+ o New -ignore_err option to OCSP utility.
+ o Various interop and bug fixes in S/MIME code.
+ o SSL/TLS protocol fix for unrequested client certificates.
+
+ Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
+
+ o Security: counter the Klima-Pokorny-Rosa extension of
+ Bleichbacher's attack
+ o Security: make RSA blinding default.
+ o Configuration: Irix fixes, AIX fixes, better mingw support.
+ o Support for new platforms: linux-ia64-ecc.
+ o Build: shared library support fixes.
+ o ASN.1: treat domainComponent correctly.
+ o Documentation: fixes and additions.
+
+ Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
+
+ o Security: Important security related bugfixes.
+ o Enhanced compatibility with MIT Kerberos.
+ o Can be built without the ENGINE framework.
+ o IA32 assembler enhancements.
+ o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64.
+ o Configuration: the no-err option now works properly.
+ o SSL/TLS: now handles manual certificate chain building.
+ o SSL/TLS: certain session ID malfunctions corrected.
+
+ Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
+
+ o New library section OCSP.
+ o Complete rewrite of ASN1 code.
+ o CRL checking in verify code and openssl utility.
+ o Extension copying in 'ca' utility.
+ o Flexible display options in 'ca' utility.
+ o Provisional support for international characters with UTF8.
+ o Support for external crypto devices ('engine') is no longer
+ a separate distribution.
+ o New elliptic curve library section.
+ o New AES (Rijndael) library section.
+ o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
+ Linux x86_64, Linux 64-bit on Sparc v9
+ o Extended support for some platforms: VxWorks
+ o Enhanced support for shared libraries.
+ o Now only builds PIC code when shared library support is requested.
+ o Support for pkg-config.
+ o Lots of new manuals.
+ o Makes symbolic links to or copies of manuals to cover all described
+ functions.
+ o Change DES API to clean up the namespace (some applications link also
+ against libdes providing similar functions having the same name).
+ Provide macros for backward compatibility (will be removed in the
+ future).
+ o Unify handling of cryptographic algorithms (software and engine)
+ to be available via EVP routines for asymmetric and symmetric ciphers.
+ o NCONF: new configuration handling routines.
+ o Change API to use more 'const' modifiers to improve error checking
+ and help optimizers.
+ o Finally remove references to RSAref.
+ o Reworked parts of the BIGNUM code.
+ o Support for new engines: Broadcom ubsec, Accelerated Encryption
+ Processing, IBM 4758.
+ o A few new engines added in the demos area.
+ o Extended and corrected OID (object identifier) table.
+ o PRNG: query at more locations for a random device, automatic query for
+ EGD style random sources at several locations.
+ o SSL/TLS: allow optional cipher choice according to server's preference.
+ o SSL/TLS: allow server to explicitly set new session ids.
+ o SSL/TLS: support Kerberos cipher suites (RFC2712).
+ Only supports MIT Kerberos for now.
+ o SSL/TLS: allow more precise control of renegotiations and sessions.
+ o SSL/TLS: add callback to retrieve SSL/TLS messages.
+ o SSL/TLS: support AES cipher suites (RFC3268).
+
+ Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
+
+ o Security: fix various ASN1 parsing bugs.
+ o SSL/TLS protocol fix for unrequested client certificates.
+
+ Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
+
+ o Security: counter the Klima-Pokorny-Rosa extension of
+ Bleichbacher's attack
+ o Security: make RSA blinding default.
+ o Build: shared library support fixes.
+
+ Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
+
+ o Important security related bugfixes.
+
+ Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
+
+ o New configuration targets for Tandem OSS and A/UX.
+ o New OIDs for Microsoft attributes.
+ o Better handling of SSL session caching.
+ o Better comparison of distinguished names.
+ o Better handling of shared libraries in a mixed GNU/non-GNU environment.
+ o Support assembler code with Borland C.
+ o Fixes for length problems.
+ o Fixes for uninitialised variables.
+ o Fixes for memory leaks, some unusual crashes and some race conditions.
+ o Fixes for smaller building problems.
+ o Updates of manuals, FAQ and other instructive documents.
+
+ Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
+
+ o Important building fixes on Unix.
+
+ Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
+
+ o Various important bugfixes.
+
+ Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
+
+ o Important security related bugfixes.
+ o Various SSL/TLS library bugfixes.
+
+ Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
+
+ o Various SSL/TLS library bugfixes.
+ o Fix DH parameter generation for 'non-standard' generators.
+
+ Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
+
+ o Various SSL/TLS library bugfixes.
+ o BIGNUM library fixes.
+ o RSA OAEP and random number generation fixes.
+ o Object identifiers corrected and added.
+ o Add assembler BN routines for IA64.
+ o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8,
+ MIPS Linux; shared library support for Irix, HP-UX.
+ o Add crypto accelerator support for AEP, Baltimore SureWare,
+ Broadcom and Cryptographic Appliance's keyserver
+ [in 0.9.6c-engine release].
+
+ Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
+
+ o Security fix: PRNG improvements.
+ o Security fix: RSA OAEP check.
+ o Security fix: Reinsert and fix countermeasure to Bleichbacher's
+ attack.
+ o MIPS bug fix in BIGNUM.
+ o Bug fix in "openssl enc".
+ o Bug fix in X.509 printing routine.
+ o Bug fix in DSA verification routine and DSA S/MIME verification.
+ o Bug fix to make PRNG thread-safe.
+ o Bug fix in RAND_file_name().
+ o Bug fix in compatibility mode trust settings.
+ o Bug fix in blowfish EVP.
+ o Increase default size for BIO buffering filter.
+ o Compatibility fixes in some scripts.
+
+ Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
+
+ o Security fix: change behavior of OpenSSL to avoid using
+ environment variables when running as root.
+ o Security fix: check the result of RSA-CRT to reduce the
+ possibility of deducing the private key from an incorrectly
+ calculated signature.
+ o Security fix: prevent Bleichenbacher's DSA attack.
+ o Security fix: Zero the premaster secret after deriving the
+ master secret in DH ciphersuites.
+ o Reimplement SSL_peek(), which had various problems.
+ o Compatibility fix: the function des_encrypt() renamed to
+ des_encrypt1() to avoid clashes with some Unixen libc.
+ o Bug fixes for Win32, HP/UX and Irix.
+ o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
+ memory checking routines.
+ o Bug fixes for RSA operations in threaded environments.
+ o Bug fixes in misc. openssl applications.
+ o Remove a few potential memory leaks.
+ o Add tighter checks of BIGNUM routines.
+ o Shared library support has been reworked for generality.
+ o More documentation.
+ o New function BN_rand_range().
+ o Add "-rand" option to openssl s_client and s_server.
+
+ Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
+
+ o Some documentation for BIO and SSL libraries.
+ o Enhanced chain verification using key identifiers.
+ o New sign and verify options to 'dgst' application.
+ o Support for DER and PEM encoded messages in 'smime' application.
+ o New 'rsautl' application, low level RSA utility.
+ o MD4 now included.
+ o Bugfix for SSL rollback padding check.
+ o Support for external crypto devices [1].
+ o Enhanced EVP interface.
+
+ [1] The support for external crypto devices is currently a separate
+ distribution. See the file README.ENGINE.
+
+ Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
+
+ o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
+ o Shared library support for HPUX and Solaris-gcc
+ o Support of Linux/IA64
+ o Assembler support for Mingw32
+ o New 'rand' application
+ o New way to check for existence of algorithms from scripts
+
+ Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
+
+ o S/MIME support in new 'smime' command
+ o Documentation for the OpenSSL command line application
+ o Automation of 'req' application
+ o Fixes to make s_client, s_server work under Windows
+ o Support for multiple fieldnames in SPKACs
+ o New SPKAC command line utilty and associated library functions
+ o Options to allow passwords to be obtained from various sources
+ o New public key PEM format and options to handle it
+ o Many other fixes and enhancements to command line utilities
+ o Usable certificate chain verification
+ o Certificate purpose checking
+ o Certificate trust settings
+ o Support of authority information access extension
+ o Extensions in certificate requests
+ o Simplified X509 name and attribute routines
+ o Initial (incomplete) support for international character sets
+ o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD
+ o Read only memory BIOs and simplified creation function
+ o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0
+ record; allow fragmentation and interleaving of handshake and other
+ data
+ o TLS/SSL code now "tolerates" MS SGC
+ o Work around for Netscape client certificate hang bug
+ o RSA_NULL option that removes RSA patent code but keeps other
+ RSA functionality
+ o Memory leak detection now allows applications to add extra information
+ via a per-thread stack
+ o PRNG robustness improved
+ o EGD support
+ o BIGNUM library bug fixes
+ o Faster DSA parameter generation
+ o Enhanced support for Alpha Linux
+ o Experimental MacOS support
+
+ Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
+
+ o Transparent support for PKCS#8 format private keys: these are used
+ by several software packages and are more secure than the standard
+ form
+ o PKCS#5 v2.0 implementation
+ o Password callbacks have a new void * argument for application data
+ o Avoid various memory leaks
+ o New pipe-like BIO that allows using the SSL library when actual I/O
+ must be handled by the application (BIO pair)
+
+ Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
+ o Lots of enhancements and cleanups to the Configuration mechanism
+ o RSA OEAP related fixes
+ o Added `openssl ca -revoke' option for revoking a certificate
+ o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
+ o Source tree cleanups: removed lots of obsolete files
+ o Thawte SXNet, certificate policies and CRL distribution points
+ extension support
+ o Preliminary (experimental) S/MIME support
+ o Support for ASN.1 UTF8String and VisibleString
+ o Full integration of PKCS#12 code
+ o Sparc assembler bignum implementation, optimized hash functions
+ o Option to disable selected ciphers
+
+ Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
+ o Fixed a security hole related to session resumption
+ o Fixed RSA encryption routines for the p < q case
+ o "ALL" in cipher lists now means "everything except NULL ciphers"
+ o Support for Triple-DES CBCM cipher
+ o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA
+ o First support for new TLSv1 ciphers
+ o Added a few new BIOs (syslog BIO, reliable BIO)
+ o Extended support for DSA certificate/keys.
+ o Extended support for Certificate Signing Requests (CSR)
+ o Initial support for X.509v3 extensions
+ o Extended support for compression inside the SSL record layer
+ o Overhauled Win32 builds
+ o Cleanups and fixes to the Big Number (BN) library
+ o Support for ASN.1 GeneralizedTime
+ o Splitted ASN.1 SETs from SEQUENCEs
+ o ASN1 and PEM support for Netscape Certificate Sequences
+ o Overhauled Perl interface
+ o Lots of source tree cleanups.
+ o Lots of memory leak fixes.
+ o Lots of bug fixes.
+
+ Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
+ o Integration of the popular NO_RSA/NO_DSA patches
+ o Initial support for compression inside the SSL record layer
+ o Added BIO proxy and filtering functionality
+ o Extended Big Number (BN) library
+ o Added RIPE MD160 message digest
+ o Addeed support for RC2/64bit cipher
+ o Extended ASN.1 parser routines
+ o Adjustations of the source tree for CVS
+ o Support for various new platforms
+
Deleted: vendor-crypto/openssl/1.0.1u/README
===================================================================
--- vendor-crypto/openssl/dist/README 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/README 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,118 +0,0 @@
-
- OpenSSL 1.0.1q 3 Dec 2015
-
- Copyright (c) 1998-2015 The OpenSSL Project
- Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
- All rights reserved.
-
- DESCRIPTION
- -----------
-
- The OpenSSL Project is a collaborative effort to develop a robust,
- commercial-grade, fully featured, and Open Source toolkit implementing the
- Secure Sockets Layer (SSLv3) and Transport Layer Security (TLS) protocols as
- well as a full-strength general purpose cryptograpic library. The project is
- managed by a worldwide community of volunteers that use the Internet to
- communicate, plan, and develop the OpenSSL toolkit and its related
- documentation.
-
- OpenSSL is descended from the SSLeay library developed by Eric A. Young
- and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the
- OpenSSL license plus the SSLeay license), which means that you are free to
- get and use it for commercial and non-commercial purposes as long as you
- fulfill the conditions of both licenses.
-
- OVERVIEW
- --------
-
- The OpenSSL toolkit includes:
-
- libssl.a:
- Provides the client and server-side implementations for SSLv3 and TLS.
-
- libcrypto.a:
- Provides general cryptographic and X.509 support needed by SSL/TLS but
- not logically part of it.
-
- openssl:
- A command line tool that can be used for:
- Creation of key parameters
- Creation of X.509 certificates, CSRs and CRLs
- Calculation of message digests
- Encryption and decryption
- SSL/TLS client and server tests
- Handling of S/MIME signed or encrypted mail
- And more...
-
- INSTALLATION
- ------------
-
- See the appropriate file:
- INSTALL Linux, Unix, etc.
- INSTALL.DJGPP DOS platform with DJGPP
- INSTALL.NW Netware
- INSTALL.OS2 OS/2
- INSTALL.VMS VMS
- INSTALL.W32 Windows (32bit)
- INSTALL.W64 Windows (64bit)
- INSTALL.WCE Windows CE
-
- SUPPORT
- -------
-
- See the OpenSSL website www.openssl.org for details on how to obtain
- commercial technical support.
-
- If you have any problems with OpenSSL then please take the following steps
- first:
-
- - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
- to see if the problem has already been addressed
- - Remove ASM versions of libraries
- - Remove compiler optimisation flags
-
- If you wish to report a bug then please include the following information in
- any bug report:
-
- - On Unix systems:
- Self-test report generated by 'make report'
- - On other systems:
- OpenSSL version: output of 'openssl version -a'
- OS Name, Version, Hardware platform
- Compiler Details (name, version)
- - Application Details (name, version)
- - Problem Description (steps that will reproduce the problem, if known)
- - Stack Traceback (if the application dumps core)
-
- Email the report to:
-
- rt at openssl.org
-
- In order to avoid spam, this is a moderated mailing list, and it might
- take a day for the ticket to show up. (We also scan posts to make sure
- that security disclosures aren't publically posted by mistake.) Mail to
- this address is recorded in the public RT (request tracker) database (see
- https://www.openssl.org/support/rt.html for details) and also forwarded
- the public openssl-dev mailing list. Confidential mail may be sent to
- openssl-security at openssl.org (PGP key available from the key servers).
-
- Please do NOT use this for general assistance or support queries.
- Just because something doesn't work the way you expect does not mean it
- is necessarily a bug in OpenSSL.
-
- You can also make GitHub pull requests. If you do this, please also send
- mail to rt at openssl.org with a link to the PR so that we can more easily
- keep track of it.
-
- HOW TO CONTRIBUTE TO OpenSSL
- ----------------------------
-
- See CONTRIBUTING
-
- LEGALITIES
- ----------
-
- A number of nations, in particular the U.S., restrict the use or export
- of cryptography. If you are potentially subject to such restrictions
- you should seek competent professional legal advice before attempting to
- develop or distribute cryptographic code.
Copied: vendor-crypto/openssl/1.0.1u/README (from rev 11605, vendor-crypto/openssl/dist/README)
===================================================================
--- vendor-crypto/openssl/1.0.1u/README (rev 0)
+++ vendor-crypto/openssl/1.0.1u/README 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,119 @@
+
+ OpenSSL 1.0.1u 22 Sep 2016
+
+ Copyright (c) 1998-2015 The OpenSSL Project
+ Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
+ All rights reserved.
+
+ DESCRIPTION
+ -----------
+
+ The OpenSSL Project is a collaborative effort to develop a robust,
+ commercial-grade, fully featured, and Open Source toolkit implementing the
+ Secure Sockets Layer (SSLv3) and Transport Layer Security (TLS) protocols as
+ well as a full-strength general purpose cryptograpic library. The project is
+ managed by a worldwide community of volunteers that use the Internet to
+ communicate, plan, and develop the OpenSSL toolkit and its related
+ documentation.
+
+ OpenSSL is descended from the SSLeay library developed by Eric A. Young
+ and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the
+ OpenSSL license plus the SSLeay license), which means that you are free to
+ get and use it for commercial and non-commercial purposes as long as you
+ fulfill the conditions of both licenses.
+
+ OVERVIEW
+ --------
+
+ The OpenSSL toolkit includes:
+
+ libssl.a:
+ Provides the client and server-side implementations for SSLv3 and TLS.
+
+ libcrypto.a:
+ Provides general cryptographic and X.509 support needed by SSL/TLS but
+ not logically part of it.
+
+ openssl:
+ A command line tool that can be used for:
+ Creation of key parameters
+ Creation of X.509 certificates, CSRs and CRLs
+ Calculation of message digests
+ Encryption and decryption
+ SSL/TLS client and server tests
+ Handling of S/MIME signed or encrypted mail
+ And more...
+
+ INSTALLATION
+ ------------
+
+ See the appropriate file:
+ INSTALL Linux, Unix, etc.
+ INSTALL.DJGPP DOS platform with DJGPP
+ INSTALL.NW Netware
+ INSTALL.OS2 OS/2
+ INSTALL.VMS VMS
+ INSTALL.W32 Windows (32bit)
+ INSTALL.W64 Windows (64bit)
+ INSTALL.WCE Windows CE
+
+ SUPPORT
+ -------
+
+ See the OpenSSL website www.openssl.org for details on how to obtain
+ commercial technical support.
+
+ If you have any problems with OpenSSL then please take the following steps
+ first:
+
+ - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
+ to see if the problem has already been addressed
+ - Remove ASM versions of libraries
+ - Remove compiler optimisation flags
+
+ If you wish to report a bug then please include the following information in
+ any bug report:
+
+ - On Unix systems:
+ Self-test report generated by 'make report'
+ - On other systems:
+ OpenSSL version: output of 'openssl version -a'
+ OS Name, Version, Hardware platform
+ Compiler Details (name, version)
+ - Application Details (name, version)
+ - Problem Description (steps that will reproduce the problem, if known)
+ - Stack Traceback (if the application dumps core)
+
+ Email the report to:
+
+ rt at openssl.org
+
+ In order to avoid spam, this is a moderated mailing list, and it might
+ take a day for the ticket to show up. (We also scan posts to make sure
+ that security disclosures aren't publically posted by mistake.) Mail
+ to this address is recorded in the public RT (request tracker) database
+ (see https://www.openssl.org/community/index.html#bugs for details) and
+ also forwarded the public openssl-dev mailing list. Confidential mail
+ may be sent to openssl-security at openssl.org (PGP key available from the
+ key servers).
+
+ Please do NOT use this for general assistance or support queries.
+ Just because something doesn't work the way you expect does not mean it
+ is necessarily a bug in OpenSSL.
+
+ You can also make GitHub pull requests. If you do this, please also send
+ mail to rt at openssl.org with a link to the PR so that we can more easily
+ keep track of it.
+
+ HOW TO CONTRIBUTE TO OpenSSL
+ ----------------------------
+
+ See CONTRIBUTING
+
+ LEGALITIES
+ ----------
+
+ A number of nations, in particular the U.S., restrict the use or export
+ of cryptography. If you are potentially subject to such restrictions
+ you should seek competent professional legal advice before attempting to
+ develop or distribute cryptographic code.
Deleted: vendor-crypto/openssl/1.0.1u/apps/apps.c
===================================================================
--- vendor-crypto/openssl/dist/apps/apps.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/apps.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2978 +0,0 @@
-/* apps/apps.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
-/*
- * On VMS, you need to define this to get the declaration of fileno(). The
- * value 2 is to make sure no function defined in POSIX-2 is left undefined.
- */
-# define _POSIX_C_SOURCE 2
-#endif
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <ctype.h>
-#include <errno.h>
-#include <assert.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include <openssl/ui.h>
-#include <openssl/safestack.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_JPAKE
-# include <openssl/jpake.h>
-#endif
-
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-
-#ifdef _WIN32
-static int WIN32_rename(const char *from, const char *to);
-# define rename(from,to) WIN32_rename((from),(to))
-#endif
-
-typedef struct {
- const char *name;
- unsigned long flag;
- unsigned long mask;
-} NAME_EX_TBL;
-
-static UI_METHOD *ui_method = NULL;
-
-static int set_table_opts(unsigned long *flags, const char *arg,
- const NAME_EX_TBL * in_tbl);
-static int set_multi_opts(unsigned long *flags, const char *arg,
- const NAME_EX_TBL * in_tbl);
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-/* Looks like this stuff is worth moving into separate function */
-static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
- const char *key_descrip, int format);
-#endif
-
-int app_init(long mesgwin);
-#ifdef undef /* never finished - probably never will be
- * :-) */
-int args_from_file(char *file, int *argc, char **argv[])
-{
- FILE *fp;
- int num, i;
- unsigned int len;
- static char *buf = NULL;
- static char **arg = NULL;
- char *p;
-
- fp = fopen(file, "r");
- if (fp == NULL)
- return (0);
-
- if (fseek(fp, 0, SEEK_END) == 0)
- len = ftell(fp), rewind(fp);
- else
- len = -1;
- if (len <= 0) {
- fclose(fp);
- return (0);
- }
-
- *argc = 0;
- *argv = NULL;
-
- if (buf != NULL)
- OPENSSL_free(buf);
- buf = (char *)OPENSSL_malloc(len + 1);
- if (buf == NULL)
- return (0);
-
- len = fread(buf, 1, len, fp);
- if (len <= 1)
- return (0);
- buf[len] = '\0';
-
- i = 0;
- for (p = buf; *p; p++)
- if (*p == '\n')
- i++;
- if (arg != NULL)
- OPENSSL_free(arg);
- arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2));
-
- *argv = arg;
- num = 0;
- p = buf;
- for (;;) {
- if (!*p)
- break;
- if (*p == '#') { /* comment line */
- while (*p && (*p != '\n'))
- p++;
- continue;
- }
- /* else we have a line */
- *(arg++) = p;
- num++;
- while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
- p++;
- if (!*p)
- break;
- if (*p == '\n') {
- *(p++) = '\0';
- continue;
- }
- /* else it is a tab or space */
- p++;
- while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
- p++;
- if (!*p)
- break;
- if (*p == '\n') {
- p++;
- continue;
- }
- *(arg++) = p++;
- num++;
- while (*p && (*p != '\n'))
- p++;
- if (!*p)
- break;
- /* else *p == '\n' */
- *(p++) = '\0';
- }
- *argc = num;
- return (1);
-}
-#endif
-
-int str2fmt(char *s)
-{
- if (s == NULL)
- return FORMAT_UNDEF;
- if ((*s == 'D') || (*s == 'd'))
- return (FORMAT_ASN1);
- else if ((*s == 'T') || (*s == 't'))
- return (FORMAT_TEXT);
- else if ((*s == 'N') || (*s == 'n'))
- return (FORMAT_NETSCAPE);
- else if ((*s == 'S') || (*s == 's'))
- return (FORMAT_SMIME);
- else if ((*s == 'M') || (*s == 'm'))
- return (FORMAT_MSBLOB);
- else if ((*s == '1')
- || (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0)
- || (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0))
- return (FORMAT_PKCS12);
- else if ((*s == 'E') || (*s == 'e'))
- return (FORMAT_ENGINE);
- else if ((*s == 'P') || (*s == 'p')) {
- if (s[1] == 'V' || s[1] == 'v')
- return FORMAT_PVK;
- else
- return (FORMAT_PEM);
- } else
- return (FORMAT_UNDEF);
-}
-
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE)
-void program_name(char *in, char *out, int size)
-{
- int i, n;
- char *p = NULL;
-
- n = strlen(in);
- /* find the last '/', '\' or ':' */
- for (i = n - 1; i > 0; i--) {
- if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) {
- p = &(in[i + 1]);
- break;
- }
- }
- if (p == NULL)
- p = in;
- n = strlen(p);
-
-# if defined(OPENSSL_SYS_NETWARE)
- /* strip off trailing .nlm if present. */
- if ((n > 4) && (p[n - 4] == '.') &&
- ((p[n - 3] == 'n') || (p[n - 3] == 'N')) &&
- ((p[n - 2] == 'l') || (p[n - 2] == 'L')) &&
- ((p[n - 1] == 'm') || (p[n - 1] == 'M')))
- n -= 4;
-# else
- /* strip off trailing .exe if present. */
- if ((n > 4) && (p[n - 4] == '.') &&
- ((p[n - 3] == 'e') || (p[n - 3] == 'E')) &&
- ((p[n - 2] == 'x') || (p[n - 2] == 'X')) &&
- ((p[n - 1] == 'e') || (p[n - 1] == 'E')))
- n -= 4;
-# endif
-
- if (n > size - 1)
- n = size - 1;
-
- for (i = 0; i < n; i++) {
- if ((p[i] >= 'A') && (p[i] <= 'Z'))
- out[i] = p[i] - 'A' + 'a';
- else
- out[i] = p[i];
- }
- out[n] = '\0';
-}
-#else
-# ifdef OPENSSL_SYS_VMS
-void program_name(char *in, char *out, int size)
-{
- char *p = in, *q;
- char *chars = ":]>";
-
- while (*chars != '\0') {
- q = strrchr(p, *chars);
- if (q > p)
- p = q + 1;
- chars++;
- }
-
- q = strrchr(p, '.');
- if (q == NULL)
- q = p + strlen(p);
- strncpy(out, p, size - 1);
- if (q - p >= size) {
- out[size - 1] = '\0';
- } else {
- out[q - p] = '\0';
- }
-}
-# else
-void program_name(char *in, char *out, int size)
-{
- char *p;
-
- p = strrchr(in, '/');
- if (p != NULL)
- p++;
- else
- p = in;
- BUF_strlcpy(out, p, size);
-}
-# endif
-#endif
-
-int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
-{
- int num, i;
- char *p;
-
- *argc = 0;
- *argv = NULL;
-
- i = 0;
- if (arg->count == 0) {
- arg->count = 20;
- arg->data = (char **)OPENSSL_malloc(sizeof(char *) * arg->count);
- if (arg->data == NULL)
- return 0;
- }
- for (i = 0; i < arg->count; i++)
- arg->data[i] = NULL;
-
- num = 0;
- p = buf;
- for (;;) {
- /* first scan over white space */
- if (!*p)
- break;
- while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
- p++;
- if (!*p)
- break;
-
- /* The start of something good :-) */
- if (num >= arg->count) {
- char **tmp_p;
- int tlen = arg->count + 20;
- tmp_p = (char **)OPENSSL_realloc(arg->data,
- sizeof(char *) * tlen);
- if (tmp_p == NULL)
- return 0;
- arg->data = tmp_p;
- arg->count = tlen;
- /* initialize newly allocated data */
- for (i = num; i < arg->count; i++)
- arg->data[i] = NULL;
- }
- arg->data[num++] = p;
-
- /* now look for the end of this */
- if ((*p == '\'') || (*p == '\"')) { /* scan for closing quote */
- i = *(p++);
- arg->data[num - 1]++; /* jump over quote */
- while (*p && (*p != i))
- p++;
- *p = '\0';
- } else {
- while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
- p++;
-
- if (*p == '\0')
- p--;
- else
- *p = '\0';
- }
- p++;
- }
- *argc = num;
- *argv = arg->data;
- return (1);
-}
-
-#ifndef APP_INIT
-int app_init(long mesgwin)
-{
- return (1);
-}
-#endif
-
-int dump_cert_text(BIO *out, X509 *x)
-{
- char *p;
-
- p = X509_NAME_oneline(X509_get_subject_name(x), NULL, 0);
- BIO_puts(out, "subject=");
- BIO_puts(out, p);
- OPENSSL_free(p);
-
- p = X509_NAME_oneline(X509_get_issuer_name(x), NULL, 0);
- BIO_puts(out, "\nissuer=");
- BIO_puts(out, p);
- BIO_puts(out, "\n");
- OPENSSL_free(p);
-
- return 0;
-}
-
-static int ui_open(UI *ui)
-{
- return UI_method_get_opener(UI_OpenSSL())(ui);
-}
-
-static int ui_read(UI *ui, UI_STRING *uis)
-{
- if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
- && UI_get0_user_data(ui)) {
- switch (UI_get_string_type(uis)) {
- case UIT_PROMPT:
- case UIT_VERIFY:
- {
- const char *password =
- ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
- if (password && password[0] != '\0') {
- UI_set_result(ui, uis, password);
- return 1;
- }
- }
- default:
- break;
- }
- }
- return UI_method_get_reader(UI_OpenSSL())(ui, uis);
-}
-
-static int ui_write(UI *ui, UI_STRING *uis)
-{
- if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
- && UI_get0_user_data(ui)) {
- switch (UI_get_string_type(uis)) {
- case UIT_PROMPT:
- case UIT_VERIFY:
- {
- const char *password =
- ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
- if (password && password[0] != '\0')
- return 1;
- }
- default:
- break;
- }
- }
- return UI_method_get_writer(UI_OpenSSL())(ui, uis);
-}
-
-static int ui_close(UI *ui)
-{
- return UI_method_get_closer(UI_OpenSSL())(ui);
-}
-
-int setup_ui_method(void)
-{
- ui_method = UI_create_method("OpenSSL application user interface");
- UI_method_set_opener(ui_method, ui_open);
- UI_method_set_reader(ui_method, ui_read);
- UI_method_set_writer(ui_method, ui_write);
- UI_method_set_closer(ui_method, ui_close);
- return 0;
-}
-
-void destroy_ui_method(void)
-{
- if (ui_method) {
- UI_destroy_method(ui_method);
- ui_method = NULL;
- }
-}
-
-int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
-{
- UI *ui = NULL;
- int res = 0;
- const char *prompt_info = NULL;
- const char *password = NULL;
- PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
-
- if (cb_data) {
- if (cb_data->password)
- password = cb_data->password;
- if (cb_data->prompt_info)
- prompt_info = cb_data->prompt_info;
- }
-
- if (password) {
- res = strlen(password);
- if (res > bufsiz)
- res = bufsiz;
- memcpy(buf, password, res);
- return res;
- }
-
- ui = UI_new_method(ui_method);
- if (ui) {
- int ok = 0;
- char *buff = NULL;
- int ui_flags = 0;
- char *prompt = NULL;
-
- prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
- if (!prompt) {
- BIO_printf(bio_err, "Out of memory\n");
- UI_free(ui);
- return 0;
- }
-
- ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
- UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
- if (ok >= 0)
- ok = UI_add_input_string(ui, prompt, ui_flags, buf,
- PW_MIN_LENGTH, bufsiz - 1);
- if (ok >= 0 && verify) {
- buff = (char *)OPENSSL_malloc(bufsiz);
- if (!buff) {
- BIO_printf(bio_err, "Out of memory\n");
- UI_free(ui);
- OPENSSL_free(prompt);
- return 0;
- }
- ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
- PW_MIN_LENGTH, bufsiz - 1, buf);
- }
- if (ok >= 0)
- do {
- ok = UI_process(ui);
- }
- while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
- if (buff) {
- OPENSSL_cleanse(buff, (unsigned int)bufsiz);
- OPENSSL_free(buff);
- }
-
- if (ok >= 0)
- res = strlen(buf);
- if (ok == -1) {
- BIO_printf(bio_err, "User interface error\n");
- ERR_print_errors(bio_err);
- OPENSSL_cleanse(buf, (unsigned int)bufsiz);
- res = 0;
- }
- if (ok == -2) {
- BIO_printf(bio_err, "aborted!\n");
- OPENSSL_cleanse(buf, (unsigned int)bufsiz);
- res = 0;
- }
- UI_free(ui);
- OPENSSL_free(prompt);
- }
- return res;
-}
-
-static char *app_get_pass(BIO *err, char *arg, int keepbio);
-
-int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
-{
- int same;
- if (!arg2 || !arg1 || strcmp(arg1, arg2))
- same = 0;
- else
- same = 1;
- if (arg1) {
- *pass1 = app_get_pass(err, arg1, same);
- if (!*pass1)
- return 0;
- } else if (pass1)
- *pass1 = NULL;
- if (arg2) {
- *pass2 = app_get_pass(err, arg2, same ? 2 : 0);
- if (!*pass2)
- return 0;
- } else if (pass2)
- *pass2 = NULL;
- return 1;
-}
-
-static char *app_get_pass(BIO *err, char *arg, int keepbio)
-{
- char *tmp, tpass[APP_PASS_LEN];
- static BIO *pwdbio = NULL;
- int i;
- if (!strncmp(arg, "pass:", 5))
- return BUF_strdup(arg + 5);
- if (!strncmp(arg, "env:", 4)) {
- tmp = getenv(arg + 4);
- if (!tmp) {
- BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
- return NULL;
- }
- return BUF_strdup(tmp);
- }
- if (!keepbio || !pwdbio) {
- if (!strncmp(arg, "file:", 5)) {
- pwdbio = BIO_new_file(arg + 5, "r");
- if (!pwdbio) {
- BIO_printf(err, "Can't open file %s\n", arg + 5);
- return NULL;
- }
-#if !defined(_WIN32)
- /*
- * Under _WIN32, which covers even Win64 and CE, file
- * descriptors referenced by BIO_s_fd are not inherited
- * by child process and therefore below is not an option.
- * It could have been an option if bss_fd.c was operating
- * on real Windows descriptors, such as those obtained
- * with CreateFile.
- */
- } else if (!strncmp(arg, "fd:", 3)) {
- BIO *btmp;
- i = atoi(arg + 3);
- if (i >= 0)
- pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
- if ((i < 0) || !pwdbio) {
- BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
- return NULL;
- }
- /*
- * Can't do BIO_gets on an fd BIO so add a buffering BIO
- */
- btmp = BIO_new(BIO_f_buffer());
- pwdbio = BIO_push(btmp, pwdbio);
-#endif
- } else if (!strcmp(arg, "stdin")) {
- pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
- if (!pwdbio) {
- BIO_printf(err, "Can't open BIO for stdin\n");
- return NULL;
- }
- } else {
- BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
- return NULL;
- }
- }
- i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
- if (keepbio != 1) {
- BIO_free_all(pwdbio);
- pwdbio = NULL;
- }
- if (i <= 0) {
- BIO_printf(err, "Error reading password from BIO\n");
- return NULL;
- }
- tmp = strchr(tpass, '\n');
- if (tmp)
- *tmp = 0;
- return BUF_strdup(tpass);
-}
-
-int add_oid_section(BIO *err, CONF *conf)
-{
- char *p;
- STACK_OF(CONF_VALUE) *sktmp;
- CONF_VALUE *cnf;
- int i;
- if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) {
- ERR_clear_error();
- return 1;
- }
- if (!(sktmp = NCONF_get_section(conf, p))) {
- BIO_printf(err, "problem loading oid section %s\n", p);
- return 0;
- }
- for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
- cnf = sk_CONF_VALUE_value(sktmp, i);
- if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
- BIO_printf(err, "problem creating object %s=%s\n",
- cnf->name, cnf->value);
- return 0;
- }
- }
- return 1;
-}
-
-static int load_pkcs12(BIO *err, BIO *in, const char *desc,
- pem_password_cb *pem_cb, void *cb_data,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
-{
- const char *pass;
- char tpass[PEM_BUFSIZE];
- int len, ret = 0;
- PKCS12 *p12;
- p12 = d2i_PKCS12_bio(in, NULL);
- if (p12 == NULL) {
- BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
- goto die;
- }
- /* See if an empty password will do */
- if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
- pass = "";
- else {
- if (!pem_cb)
- pem_cb = (pem_password_cb *)password_callback;
- len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
- if (len < 0) {
- BIO_printf(err, "Passpharse callback error for %s\n", desc);
- goto die;
- }
- if (len < PEM_BUFSIZE)
- tpass[len] = 0;
- if (!PKCS12_verify_mac(p12, tpass, len)) {
- BIO_printf(err,
- "Mac verify error (wrong password?) in PKCS12 file for %s\n",
- desc);
- goto die;
- }
- pass = tpass;
- }
- ret = PKCS12_parse(p12, pass, pkey, cert, ca);
- die:
- if (p12)
- PKCS12_free(p12);
- return ret;
-}
-
-X509 *load_cert(BIO *err, const char *file, int format,
- const char *pass, ENGINE *e, const char *cert_descrip)
-{
- X509 *x = NULL;
- BIO *cert;
-
- if ((cert = BIO_new(BIO_s_file())) == NULL) {
- ERR_print_errors(err);
- goto end;
- }
-
- if (file == NULL) {
-#ifdef _IONBF
-# ifndef OPENSSL_NO_SETVBUF_IONBF
- setvbuf(stdin, NULL, _IONBF, 0);
-# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#endif
- BIO_set_fp(cert, stdin, BIO_NOCLOSE);
- } else {
- if (BIO_read_filename(cert, file) <= 0) {
- BIO_printf(err, "Error opening %s %s\n", cert_descrip, file);
- ERR_print_errors(err);
- goto end;
- }
- }
-
- if (format == FORMAT_ASN1)
- x = d2i_X509_bio(cert, NULL);
- else if (format == FORMAT_NETSCAPE) {
- NETSCAPE_X509 *nx;
- nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL);
- if (nx == NULL)
- goto end;
-
- if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data,
- nx->header->length) != 0)) {
- NETSCAPE_X509_free(nx);
- BIO_printf(err, "Error reading header on certificate\n");
- goto end;
- }
- x = nx->cert;
- nx->cert = NULL;
- NETSCAPE_X509_free(nx);
- } else if (format == FORMAT_PEM)
- x = PEM_read_bio_X509_AUX(cert, NULL,
- (pem_password_cb *)password_callback, NULL);
- else if (format == FORMAT_PKCS12) {
- if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL, NULL, &x, NULL))
- goto end;
- } else {
- BIO_printf(err, "bad input format specified for %s\n", cert_descrip);
- goto end;
- }
- end:
- if (x == NULL) {
- BIO_printf(err, "unable to load certificate\n");
- ERR_print_errors(err);
- }
- if (cert != NULL)
- BIO_free(cert);
- return (x);
-}
-
-EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
- const char *pass, ENGINE *e, const char *key_descrip)
-{
- BIO *key = NULL;
- EVP_PKEY *pkey = NULL;
- PW_CB_DATA cb_data;
-
- cb_data.password = pass;
- cb_data.prompt_info = file;
-
- if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
- BIO_printf(err, "no keyfile specified\n");
- goto end;
- }
-#ifndef OPENSSL_NO_ENGINE
- if (format == FORMAT_ENGINE) {
- if (!e)
- BIO_printf(err, "no engine specified\n");
- else {
- pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
- if (!pkey) {
- BIO_printf(err, "cannot load %s from engine\n", key_descrip);
- ERR_print_errors(err);
- }
- }
- goto end;
- }
-#endif
- key = BIO_new(BIO_s_file());
- if (key == NULL) {
- ERR_print_errors(err);
- goto end;
- }
- if (file == NULL && maybe_stdin) {
-#ifdef _IONBF
-# ifndef OPENSSL_NO_SETVBUF_IONBF
- setvbuf(stdin, NULL, _IONBF, 0);
-# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#endif
- BIO_set_fp(key, stdin, BIO_NOCLOSE);
- } else if (BIO_read_filename(key, file) <= 0) {
- BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
- ERR_print_errors(err);
- goto end;
- }
- if (format == FORMAT_ASN1) {
- pkey = d2i_PrivateKey_bio(key, NULL);
- } else if (format == FORMAT_PEM) {
- pkey = PEM_read_bio_PrivateKey(key, NULL,
- (pem_password_cb *)password_callback,
- &cb_data);
- }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
- else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
- pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
- else if (format == FORMAT_PKCS12) {
- if (!load_pkcs12(err, key, key_descrip,
- (pem_password_cb *)password_callback, &cb_data,
- &pkey, NULL, NULL))
- goto end;
- }
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
- else if (format == FORMAT_MSBLOB)
- pkey = b2i_PrivateKey_bio(key);
- else if (format == FORMAT_PVK)
- pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
- &cb_data);
-#endif
- else {
- BIO_printf(err, "bad input format specified for key file\n");
- goto end;
- }
- end:
- if (key != NULL)
- BIO_free(key);
- if (pkey == NULL) {
- BIO_printf(err, "unable to load %s\n", key_descrip);
- ERR_print_errors(err);
- }
- return (pkey);
-}
-
-EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
- const char *pass, ENGINE *e, const char *key_descrip)
-{
- BIO *key = NULL;
- EVP_PKEY *pkey = NULL;
- PW_CB_DATA cb_data;
-
- cb_data.password = pass;
- cb_data.prompt_info = file;
-
- if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
- BIO_printf(err, "no keyfile specified\n");
- goto end;
- }
-#ifndef OPENSSL_NO_ENGINE
- if (format == FORMAT_ENGINE) {
- if (!e)
- BIO_printf(bio_err, "no engine specified\n");
- else
- pkey = ENGINE_load_public_key(e, file, ui_method, &cb_data);
- goto end;
- }
-#endif
- key = BIO_new(BIO_s_file());
- if (key == NULL) {
- ERR_print_errors(err);
- goto end;
- }
- if (file == NULL && maybe_stdin) {
-#ifdef _IONBF
-# ifndef OPENSSL_NO_SETVBUF_IONBF
- setvbuf(stdin, NULL, _IONBF, 0);
-# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#endif
- BIO_set_fp(key, stdin, BIO_NOCLOSE);
- } else if (BIO_read_filename(key, file) <= 0) {
- BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
- ERR_print_errors(err);
- goto end;
- }
- if (format == FORMAT_ASN1) {
- pkey = d2i_PUBKEY_bio(key, NULL);
- }
-#ifndef OPENSSL_NO_RSA
- else if (format == FORMAT_ASN1RSA) {
- RSA *rsa;
- rsa = d2i_RSAPublicKey_bio(key, NULL);
- if (rsa) {
- pkey = EVP_PKEY_new();
- if (pkey)
- EVP_PKEY_set1_RSA(pkey, rsa);
- RSA_free(rsa);
- } else
- pkey = NULL;
- } else if (format == FORMAT_PEMRSA) {
- RSA *rsa;
- rsa = PEM_read_bio_RSAPublicKey(key, NULL,
- (pem_password_cb *)password_callback,
- &cb_data);
- if (rsa) {
- pkey = EVP_PKEY_new();
- if (pkey)
- EVP_PKEY_set1_RSA(pkey, rsa);
- RSA_free(rsa);
- } else
- pkey = NULL;
- }
-#endif
- else if (format == FORMAT_PEM) {
- pkey = PEM_read_bio_PUBKEY(key, NULL,
- (pem_password_cb *)password_callback,
- &cb_data);
- }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
- else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
- pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
- else if (format == FORMAT_MSBLOB)
- pkey = b2i_PublicKey_bio(key);
-#endif
- else {
- BIO_printf(err, "bad input format specified for key file\n");
- goto end;
- }
- end:
- if (key != NULL)
- BIO_free(key);
- if (pkey == NULL)
- BIO_printf(err, "unable to load %s\n", key_descrip);
- return (pkey);
-}
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
- const char *key_descrip, int format)
-{
- EVP_PKEY *pkey;
- BUF_MEM *buf;
- RSA *rsa;
- const unsigned char *p;
- int size, i;
-
- buf = BUF_MEM_new();
- pkey = EVP_PKEY_new();
- size = 0;
- if (buf == NULL || pkey == NULL)
- goto error;
- for (;;) {
- if (!BUF_MEM_grow_clean(buf, size + 1024 * 10))
- goto error;
- i = BIO_read(key, &(buf->data[size]), 1024 * 10);
- size += i;
- if (i == 0)
- break;
- if (i < 0) {
- BIO_printf(err, "Error reading %s %s", key_descrip, file);
- goto error;
- }
- }
- p = (unsigned char *)buf->data;
- rsa = d2i_RSA_NET(NULL, &p, (long)size, NULL,
- (format == FORMAT_IISSGC ? 1 : 0));
- if (rsa == NULL)
- goto error;
- BUF_MEM_free(buf);
- EVP_PKEY_set1_RSA(pkey, rsa);
- return pkey;
- error:
- BUF_MEM_free(buf);
- EVP_PKEY_free(pkey);
- return NULL;
-}
-#endif /* ndef OPENSSL_NO_RC4 */
-
-static int load_certs_crls(BIO *err, const char *file, int format,
- const char *pass, ENGINE *e, const char *desc,
- STACK_OF(X509) **pcerts,
- STACK_OF(X509_CRL) **pcrls)
-{
- int i;
- BIO *bio;
- STACK_OF(X509_INFO) *xis = NULL;
- X509_INFO *xi;
- PW_CB_DATA cb_data;
- int rv = 0;
-
- cb_data.password = pass;
- cb_data.prompt_info = file;
-
- if (format != FORMAT_PEM) {
- BIO_printf(err, "bad input format specified for %s\n", desc);
- return 0;
- }
-
- if (file == NULL)
- bio = BIO_new_fp(stdin, BIO_NOCLOSE);
- else
- bio = BIO_new_file(file, "r");
-
- if (bio == NULL) {
- BIO_printf(err, "Error opening %s %s\n", desc, file ? file : "stdin");
- ERR_print_errors(err);
- return 0;
- }
-
- xis = PEM_X509_INFO_read_bio(bio, NULL,
- (pem_password_cb *)password_callback,
- &cb_data);
-
- BIO_free(bio);
-
- if (pcerts) {
- *pcerts = sk_X509_new_null();
- if (!*pcerts)
- goto end;
- }
-
- if (pcrls) {
- *pcrls = sk_X509_CRL_new_null();
- if (!*pcrls)
- goto end;
- }
-
- for (i = 0; i < sk_X509_INFO_num(xis); i++) {
- xi = sk_X509_INFO_value(xis, i);
- if (xi->x509 && pcerts) {
- if (!sk_X509_push(*pcerts, xi->x509))
- goto end;
- xi->x509 = NULL;
- }
- if (xi->crl && pcrls) {
- if (!sk_X509_CRL_push(*pcrls, xi->crl))
- goto end;
- xi->crl = NULL;
- }
- }
-
- if (pcerts && sk_X509_num(*pcerts) > 0)
- rv = 1;
-
- if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
- rv = 1;
-
- end:
-
- if (xis)
- sk_X509_INFO_pop_free(xis, X509_INFO_free);
-
- if (rv == 0) {
- if (pcerts) {
- sk_X509_pop_free(*pcerts, X509_free);
- *pcerts = NULL;
- }
- if (pcrls) {
- sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
- *pcrls = NULL;
- }
- BIO_printf(err, "unable to load %s\n",
- pcerts ? "certificates" : "CRLs");
- ERR_print_errors(err);
- }
- return rv;
-}
-
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
- const char *pass, ENGINE *e, const char *desc)
-{
- STACK_OF(X509) *certs;
- if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
- return NULL;
- return certs;
-}
-
-STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
- const char *pass, ENGINE *e, const char *desc)
-{
- STACK_OF(X509_CRL) *crls;
- if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
- return NULL;
- return crls;
-}
-
-#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
-/* Return error for unknown extensions */
-#define X509V3_EXT_DEFAULT 0
-/* Print error for unknown extensions */
-#define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
-/* ASN1 parse unknown extensions */
-#define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
-/* BIO_dump unknown extensions */
-#define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
-
-#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
- X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
-
-int set_cert_ex(unsigned long *flags, const char *arg)
-{
- static const NAME_EX_TBL cert_tbl[] = {
- {"compatible", X509_FLAG_COMPAT, 0xffffffffl},
- {"ca_default", X509_FLAG_CA, 0xffffffffl},
- {"no_header", X509_FLAG_NO_HEADER, 0},
- {"no_version", X509_FLAG_NO_VERSION, 0},
- {"no_serial", X509_FLAG_NO_SERIAL, 0},
- {"no_signame", X509_FLAG_NO_SIGNAME, 0},
- {"no_validity", X509_FLAG_NO_VALIDITY, 0},
- {"no_subject", X509_FLAG_NO_SUBJECT, 0},
- {"no_issuer", X509_FLAG_NO_ISSUER, 0},
- {"no_pubkey", X509_FLAG_NO_PUBKEY, 0},
- {"no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
- {"no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
- {"no_aux", X509_FLAG_NO_AUX, 0},
- {"no_attributes", X509_FLAG_NO_ATTRIBUTES, 0},
- {"ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
- {"ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
- {"ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
- {"ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
- {NULL, 0, 0}
- };
- return set_multi_opts(flags, arg, cert_tbl);
-}
-
-int set_name_ex(unsigned long *flags, const char *arg)
-{
- static const NAME_EX_TBL ex_tbl[] = {
- {"esc_2253", ASN1_STRFLGS_ESC_2253, 0},
- {"esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
- {"esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
- {"use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
- {"utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},
- {"ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},
- {"show_type", ASN1_STRFLGS_SHOW_TYPE, 0},
- {"dump_all", ASN1_STRFLGS_DUMP_ALL, 0},
- {"dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},
- {"dump_der", ASN1_STRFLGS_DUMP_DER, 0},
- {"compat", XN_FLAG_COMPAT, 0xffffffffL},
- {"sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK},
- {"sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK},
- {"sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK},
- {"sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK},
- {"dn_rev", XN_FLAG_DN_REV, 0},
- {"nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK},
- {"sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
- {"lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
- {"align", XN_FLAG_FN_ALIGN, 0},
- {"oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
- {"space_eq", XN_FLAG_SPC_EQ, 0},
- {"dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
- {"RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
- {"oneline", XN_FLAG_ONELINE, 0xffffffffL},
- {"multiline", XN_FLAG_MULTILINE, 0xffffffffL},
- {"ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
- {NULL, 0, 0}
- };
- if (set_multi_opts(flags, arg, ex_tbl) == 0)
- return 0;
- if ((*flags & XN_FLAG_SEP_MASK) == 0)
- *flags |= XN_FLAG_SEP_CPLUS_SPC;
- return 1;
-}
-
-int set_ext_copy(int *copy_type, const char *arg)
-{
- if (!strcasecmp(arg, "none"))
- *copy_type = EXT_COPY_NONE;
- else if (!strcasecmp(arg, "copy"))
- *copy_type = EXT_COPY_ADD;
- else if (!strcasecmp(arg, "copyall"))
- *copy_type = EXT_COPY_ALL;
- else
- return 0;
- return 1;
-}
-
-int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
-{
- STACK_OF(X509_EXTENSION) *exts = NULL;
- X509_EXTENSION *ext, *tmpext;
- ASN1_OBJECT *obj;
- int i, idx, ret = 0;
- if (!x || !req || (copy_type == EXT_COPY_NONE))
- return 1;
- exts = X509_REQ_get_extensions(req);
-
- for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
- ext = sk_X509_EXTENSION_value(exts, i);
- obj = X509_EXTENSION_get_object(ext);
- idx = X509_get_ext_by_OBJ(x, obj, -1);
- /* Does extension exist? */
- if (idx != -1) {
- /* If normal copy don't override existing extension */
- if (copy_type == EXT_COPY_ADD)
- continue;
- /* Delete all extensions of same type */
- do {
- tmpext = X509_get_ext(x, idx);
- X509_delete_ext(x, idx);
- X509_EXTENSION_free(tmpext);
- idx = X509_get_ext_by_OBJ(x, obj, -1);
- } while (idx != -1);
- }
- if (!X509_add_ext(x, ext, -1))
- goto end;
- }
-
- ret = 1;
-
- end:
-
- sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-
- return ret;
-}
-
-static int set_multi_opts(unsigned long *flags, const char *arg,
- const NAME_EX_TBL * in_tbl)
-{
- STACK_OF(CONF_VALUE) *vals;
- CONF_VALUE *val;
- int i, ret = 1;
- if (!arg)
- return 0;
- vals = X509V3_parse_list(arg);
- for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
- val = sk_CONF_VALUE_value(vals, i);
- if (!set_table_opts(flags, val->name, in_tbl))
- ret = 0;
- }
- sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
- return ret;
-}
-
-static int set_table_opts(unsigned long *flags, const char *arg,
- const NAME_EX_TBL * in_tbl)
-{
- char c;
- const NAME_EX_TBL *ptbl;
- c = arg[0];
-
- if (c == '-') {
- c = 0;
- arg++;
- } else if (c == '+') {
- c = 1;
- arg++;
- } else
- c = 1;
-
- for (ptbl = in_tbl; ptbl->name; ptbl++) {
- if (!strcasecmp(arg, ptbl->name)) {
- *flags &= ~ptbl->mask;
- if (c)
- *flags |= ptbl->flag;
- else
- *flags &= ~ptbl->flag;
- return 1;
- }
- }
- return 0;
-}
-
-void print_name(BIO *out, const char *title, X509_NAME *nm,
- unsigned long lflags)
-{
- char *buf;
- char mline = 0;
- int indent = 0;
-
- if (title)
- BIO_puts(out, title);
- if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
- mline = 1;
- indent = 4;
- }
- if (lflags == XN_FLAG_COMPAT) {
- buf = X509_NAME_oneline(nm, 0, 0);
- BIO_puts(out, buf);
- BIO_puts(out, "\n");
- OPENSSL_free(buf);
- } else {
- if (mline)
- BIO_puts(out, "\n");
- X509_NAME_print_ex(out, nm, indent, lflags);
- BIO_puts(out, "\n");
- }
-}
-
-X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
-{
- X509_STORE *store;
- X509_LOOKUP *lookup;
- if (!(store = X509_STORE_new()))
- goto end;
- lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
- if (lookup == NULL)
- goto end;
- if (CAfile) {
- if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) {
- BIO_printf(bp, "Error loading file %s\n", CAfile);
- goto end;
- }
- } else
- X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
-
- lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
- if (lookup == NULL)
- goto end;
- if (CApath) {
- if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) {
- BIO_printf(bp, "Error loading directory %s\n", CApath);
- goto end;
- }
- } else
- X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
-
- ERR_clear_error();
- return store;
- end:
- X509_STORE_free(store);
- return NULL;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-/* Try to load an engine in a shareable library */
-static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
-{
- ENGINE *e = ENGINE_by_id("dynamic");
- if (e) {
- if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
- || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
- ENGINE_free(e);
- e = NULL;
- }
- }
- return e;
-}
-
-ENGINE *setup_engine(BIO *err, const char *engine, int debug)
-{
- ENGINE *e = NULL;
-
- if (engine) {
- if (strcmp(engine, "auto") == 0) {
- BIO_printf(err, "enabling auto ENGINE support\n");
- ENGINE_register_all_complete();
- return NULL;
- }
- if ((e = ENGINE_by_id(engine)) == NULL
- && (e = try_load_engine(err, engine, debug)) == NULL) {
- BIO_printf(err, "invalid engine \"%s\"\n", engine);
- ERR_print_errors(err);
- return NULL;
- }
- if (debug) {
- ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, err, 0);
- }
- ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
- if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
- BIO_printf(err, "can't use that engine\n");
- ERR_print_errors(err);
- ENGINE_free(e);
- return NULL;
- }
-
- BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e));
-
- /* Free our "structural" reference. */
- ENGINE_free(e);
- }
- return e;
-}
-#endif
-
-int load_config(BIO *err, CONF *cnf)
-{
- static int load_config_called = 0;
- if (load_config_called)
- return 1;
- load_config_called = 1;
- if (!cnf)
- cnf = config;
- if (!cnf)
- return 1;
-
- OPENSSL_load_builtin_modules();
-
- if (CONF_modules_load(cnf, NULL, 0) <= 0) {
- BIO_printf(err, "Error configuring OpenSSL\n");
- ERR_print_errors(err);
- return 0;
- }
- return 1;
-}
-
-char *make_config_name()
-{
- const char *t = X509_get_default_cert_area();
- size_t len;
- char *p;
-
- len = strlen(t) + strlen(OPENSSL_CONF) + 2;
- p = OPENSSL_malloc(len);
- if (p == NULL)
- return NULL;
- BUF_strlcpy(p, t, len);
-#ifndef OPENSSL_SYS_VMS
- BUF_strlcat(p, "/", len);
-#endif
- BUF_strlcat(p, OPENSSL_CONF, len);
-
- return p;
-}
-
-static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
-{
- const char *n;
-
- n = a[DB_serial];
- while (*n == '0')
- n++;
- return (lh_strhash(n));
-}
-
-static int index_serial_cmp(const OPENSSL_CSTRING *a,
- const OPENSSL_CSTRING *b)
-{
- const char *aa, *bb;
-
- for (aa = a[DB_serial]; *aa == '0'; aa++) ;
- for (bb = b[DB_serial]; *bb == '0'; bb++) ;
- return (strcmp(aa, bb));
-}
-
-static int index_name_qual(char **a)
-{
- return (a[0][0] == 'V');
-}
-
-static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
-{
- return (lh_strhash(a[DB_name]));
-}
-
-int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
-{
- return (strcmp(a[DB_name], b[DB_name]));
-}
-
-static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
-static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
-static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
-static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
-#undef BSIZE
-#define BSIZE 256
-BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
-{
- BIO *in = NULL;
- BIGNUM *ret = NULL;
- MS_STATIC char buf[1024];
- ASN1_INTEGER *ai = NULL;
-
- ai = ASN1_INTEGER_new();
- if (ai == NULL)
- goto err;
-
- if ((in = BIO_new(BIO_s_file())) == NULL) {
- ERR_print_errors(bio_err);
- goto err;
- }
-
- if (BIO_read_filename(in, serialfile) <= 0) {
- if (!create) {
- perror(serialfile);
- goto err;
- } else {
- ret = BN_new();
- if (ret == NULL || !rand_serial(ret, ai))
- BIO_printf(bio_err, "Out of memory\n");
- }
- } else {
- if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
- BIO_printf(bio_err, "unable to load number from %s\n",
- serialfile);
- goto err;
- }
- ret = ASN1_INTEGER_to_BN(ai, NULL);
- if (ret == NULL) {
- BIO_printf(bio_err,
- "error converting number from bin to BIGNUM\n");
- goto err;
- }
- }
-
- if (ret && retai) {
- *retai = ai;
- ai = NULL;
- }
- err:
- if (in != NULL)
- BIO_free(in);
- if (ai != NULL)
- ASN1_INTEGER_free(ai);
- return (ret);
-}
-
-int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
- ASN1_INTEGER **retai)
-{
- char buf[1][BSIZE];
- BIO *out = NULL;
- int ret = 0;
- ASN1_INTEGER *ai = NULL;
- int j;
-
- if (suffix == NULL)
- j = strlen(serialfile);
- else
- j = strlen(serialfile) + strlen(suffix) + 1;
- if (j >= BSIZE) {
- BIO_printf(bio_err, "file name too long\n");
- goto err;
- }
-
- if (suffix == NULL)
- BUF_strlcpy(buf[0], serialfile, BSIZE);
- else {
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
-#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
-#endif
- }
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
-#endif
- out = BIO_new(BIO_s_file());
- if (out == NULL) {
- ERR_print_errors(bio_err);
- goto err;
- }
- if (BIO_write_filename(out, buf[0]) <= 0) {
- perror(serialfile);
- goto err;
- }
-
- if ((ai = BN_to_ASN1_INTEGER(serial, NULL)) == NULL) {
- BIO_printf(bio_err, "error converting serial to ASN.1 format\n");
- goto err;
- }
- i2a_ASN1_INTEGER(out, ai);
- BIO_puts(out, "\n");
- ret = 1;
- if (retai) {
- *retai = ai;
- ai = NULL;
- }
- err:
- if (out != NULL)
- BIO_free_all(out);
- if (ai != NULL)
- ASN1_INTEGER_free(ai);
- return (ret);
-}
-
-int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
-{
- char buf[5][BSIZE];
- int i, j;
-
- i = strlen(serialfile) + strlen(old_suffix);
- j = strlen(serialfile) + strlen(new_suffix);
- if (i > j)
- j = i;
- if (j + 1 >= BSIZE) {
- BIO_printf(bio_err, "file name too long\n");
- goto err;
- }
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
-#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
-#else
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
-#endif
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
- serialfile, buf[1]);
-#endif
- if (rename(serialfile, buf[1]) < 0 && errno != ENOENT
-#ifdef ENOTDIR
- && errno != ENOTDIR
-#endif
- ) {
- BIO_printf(bio_err,
- "unable to rename %s to %s\n", serialfile, buf[1]);
- perror("reason");
- goto err;
- }
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
- buf[0], serialfile);
-#endif
- if (rename(buf[0], serialfile) < 0) {
- BIO_printf(bio_err,
- "unable to rename %s to %s\n", buf[0], serialfile);
- perror("reason");
- rename(buf[1], serialfile);
- goto err;
- }
- return 1;
- err:
- return 0;
-}
-
-int rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
-{
- BIGNUM *btmp;
- int ret = 0;
- if (b)
- btmp = b;
- else
- btmp = BN_new();
-
- if (!btmp)
- return 0;
-
- if (!BN_pseudo_rand(btmp, SERIAL_RAND_BITS, 0, 0))
- goto error;
- if (ai && !BN_to_ASN1_INTEGER(btmp, ai))
- goto error;
-
- ret = 1;
-
- error:
-
- if (!b)
- BN_free(btmp);
-
- return ret;
-}
-
-CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
-{
- CA_DB *retdb = NULL;
- TXT_DB *tmpdb = NULL;
- BIO *in = BIO_new(BIO_s_file());
- CONF *dbattr_conf = NULL;
- char buf[1][BSIZE];
- long errorline = -1;
-
- if (in == NULL) {
- ERR_print_errors(bio_err);
- goto err;
- }
- if (BIO_read_filename(in, dbfile) <= 0) {
- perror(dbfile);
- BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
- goto err;
- }
- if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
- goto err;
-
-#ifndef OPENSSL_SYS_VMS
- BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
-#else
- BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
-#endif
- dbattr_conf = NCONF_new(NULL);
- if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
- if (errorline > 0) {
- BIO_printf(bio_err,
- "error on line %ld of db attribute file '%s'\n",
- errorline, buf[0]);
- goto err;
- } else {
- NCONF_free(dbattr_conf);
- dbattr_conf = NULL;
- }
- }
-
- if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL) {
- fprintf(stderr, "Out of memory\n");
- goto err;
- }
-
- retdb->db = tmpdb;
- tmpdb = NULL;
- if (db_attr)
- retdb->attributes = *db_attr;
- else {
- retdb->attributes.unique_subject = 1;
- }
-
- if (dbattr_conf) {
- char *p = NCONF_get_string(dbattr_conf, NULL, "unique_subject");
- if (p) {
-#ifdef RL_DEBUG
- BIO_printf(bio_err,
- "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
-#endif
- retdb->attributes.unique_subject = parse_yesno(p, 1);
- }
- }
-
- err:
- if (dbattr_conf)
- NCONF_free(dbattr_conf);
- if (tmpdb)
- TXT_DB_free(tmpdb);
- if (in)
- BIO_free_all(in);
- return retdb;
-}
-
-int index_index(CA_DB *db)
-{
- if (!TXT_DB_create_index(db->db, DB_serial, NULL,
- LHASH_HASH_FN(index_serial),
- LHASH_COMP_FN(index_serial))) {
- BIO_printf(bio_err,
- "error creating serial number index:(%ld,%ld,%ld)\n",
- db->db->error, db->db->arg1, db->db->arg2);
- return 0;
- }
-
- if (db->attributes.unique_subject
- && !TXT_DB_create_index(db->db, DB_name, index_name_qual,
- LHASH_HASH_FN(index_name),
- LHASH_COMP_FN(index_name))) {
- BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n",
- db->db->error, db->db->arg1, db->db->arg2);
- return 0;
- }
- return 1;
-}
-
-int save_index(const char *dbfile, const char *suffix, CA_DB *db)
-{
- char buf[3][BSIZE];
- BIO *out = BIO_new(BIO_s_file());
- int j;
-
- if (out == NULL) {
- ERR_print_errors(bio_err);
- goto err;
- }
-
- j = strlen(dbfile) + strlen(suffix);
- if (j + 6 >= BSIZE) {
- BIO_printf(bio_err, "file name too long\n");
- goto err;
- }
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
-#else
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
-#else
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
-#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
-#endif
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
-#endif
- if (BIO_write_filename(out, buf[0]) <= 0) {
- perror(dbfile);
- BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
- goto err;
- }
- j = TXT_DB_write(out, db->db);
- if (j <= 0)
- goto err;
-
- BIO_free(out);
-
- out = BIO_new(BIO_s_file());
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
-#endif
- if (BIO_write_filename(out, buf[1]) <= 0) {
- perror(buf[2]);
- BIO_printf(bio_err, "unable to open '%s'\n", buf[2]);
- goto err;
- }
- BIO_printf(out, "unique_subject = %s\n",
- db->attributes.unique_subject ? "yes" : "no");
- BIO_free(out);
-
- return 1;
- err:
- return 0;
-}
-
-int rotate_index(const char *dbfile, const char *new_suffix,
- const char *old_suffix)
-{
- char buf[5][BSIZE];
- int i, j;
-
- i = strlen(dbfile) + strlen(old_suffix);
- j = strlen(dbfile) + strlen(new_suffix);
- if (i > j)
- j = i;
- if (j + 6 >= BSIZE) {
- BIO_printf(bio_err, "file name too long\n");
- goto err;
- }
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
-#else
- j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
-#else
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
-#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
-#else
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
-#else
- j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
-#endif
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
-#endif
- if (rename(dbfile, buf[1]) < 0 && errno != ENOENT
-#ifdef ENOTDIR
- && errno != ENOTDIR
-#endif
- ) {
- BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, buf[1]);
- perror("reason");
- goto err;
- }
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[0], dbfile);
-#endif
- if (rename(buf[0], dbfile) < 0) {
- BIO_printf(bio_err, "unable to rename %s to %s\n", buf[0], dbfile);
- perror("reason");
- rename(buf[1], dbfile);
- goto err;
- }
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[4], buf[3]);
-#endif
- if (rename(buf[4], buf[3]) < 0 && errno != ENOENT
-#ifdef ENOTDIR
- && errno != ENOTDIR
-#endif
- ) {
- BIO_printf(bio_err, "unable to rename %s to %s\n", buf[4], buf[3]);
- perror("reason");
- rename(dbfile, buf[0]);
- rename(buf[1], dbfile);
- goto err;
- }
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[2], buf[4]);
-#endif
- if (rename(buf[2], buf[4]) < 0) {
- BIO_printf(bio_err, "unable to rename %s to %s\n", buf[2], buf[4]);
- perror("reason");
- rename(buf[3], buf[4]);
- rename(dbfile, buf[0]);
- rename(buf[1], dbfile);
- goto err;
- }
- return 1;
- err:
- return 0;
-}
-
-void free_index(CA_DB *db)
-{
- if (db) {
- if (db->db)
- TXT_DB_free(db->db);
- OPENSSL_free(db);
- }
-}
-
-int parse_yesno(const char *str, int def)
-{
- int ret = def;
- if (str) {
- switch (*str) {
- case 'f': /* false */
- case 'F': /* FALSE */
- case 'n': /* no */
- case 'N': /* NO */
- case '0': /* 0 */
- ret = 0;
- break;
- case 't': /* true */
- case 'T': /* TRUE */
- case 'y': /* yes */
- case 'Y': /* YES */
- case '1': /* 1 */
- ret = 1;
- break;
- default:
- ret = def;
- break;
- }
- }
- return ret;
-}
-
-/*
- * subject is expected to be in the format /type0=value0/type1=value1/type2=...
- * where characters may be escaped by \
- */
-X509_NAME *parse_name(char *subject, long chtype, int multirdn)
-{
- size_t buflen = strlen(subject) + 1; /* to copy the types and values
- * into. due to escaping, the copy
- * can only become shorter */
- char *buf = OPENSSL_malloc(buflen);
- size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
- char **ne_types = OPENSSL_malloc(max_ne * sizeof(char *));
- char **ne_values = OPENSSL_malloc(max_ne * sizeof(char *));
- int *mval = OPENSSL_malloc(max_ne * sizeof(int));
-
- char *sp = subject, *bp = buf;
- int i, ne_num = 0;
-
- X509_NAME *n = NULL;
- int nid;
-
- if (!buf || !ne_types || !ne_values || !mval) {
- BIO_printf(bio_err, "malloc error\n");
- goto error;
- }
-
- if (*subject != '/') {
- BIO_printf(bio_err, "Subject does not start with '/'.\n");
- goto error;
- }
- sp++; /* skip leading / */
-
- /* no multivalued RDN by default */
- mval[ne_num] = 0;
-
- while (*sp) {
- /* collect type */
- ne_types[ne_num] = bp;
- while (*sp) {
- if (*sp == '\\') { /* is there anything to escape in the
- * type...? */
- if (*++sp)
- *bp++ = *sp++;
- else {
- BIO_printf(bio_err,
- "escape character at end of string\n");
- goto error;
- }
- } else if (*sp == '=') {
- sp++;
- *bp++ = '\0';
- break;
- } else
- *bp++ = *sp++;
- }
- if (!*sp) {
- BIO_printf(bio_err,
- "end of string encountered while processing type of subject name element #%d\n",
- ne_num);
- goto error;
- }
- ne_values[ne_num] = bp;
- while (*sp) {
- if (*sp == '\\') {
- if (*++sp)
- *bp++ = *sp++;
- else {
- BIO_printf(bio_err,
- "escape character at end of string\n");
- goto error;
- }
- } else if (*sp == '/') {
- sp++;
- /* no multivalued RDN by default */
- mval[ne_num + 1] = 0;
- break;
- } else if (*sp == '+' && multirdn) {
- /*
- * a not escaped + signals a mutlivalued RDN
- */
- sp++;
- mval[ne_num + 1] = -1;
- break;
- } else
- *bp++ = *sp++;
- }
- *bp++ = '\0';
- ne_num++;
- }
-
- if (!(n = X509_NAME_new()))
- goto error;
-
- for (i = 0; i < ne_num; i++) {
- if ((nid = OBJ_txt2nid(ne_types[i])) == NID_undef) {
- BIO_printf(bio_err,
- "Subject Attribute %s has no known NID, skipped\n",
- ne_types[i]);
- continue;
- }
-
- if (!*ne_values[i]) {
- BIO_printf(bio_err,
- "No value provided for Subject Attribute %s, skipped\n",
- ne_types[i]);
- continue;
- }
-
- if (!X509_NAME_add_entry_by_NID
- (n, nid, chtype, (unsigned char *)ne_values[i], -1, -1, mval[i]))
- goto error;
- }
-
- OPENSSL_free(ne_values);
- OPENSSL_free(ne_types);
- OPENSSL_free(buf);
- OPENSSL_free(mval);
- return n;
-
- error:
- X509_NAME_free(n);
- if (ne_values)
- OPENSSL_free(ne_values);
- if (ne_types)
- OPENSSL_free(ne_types);
- if (mval)
- OPENSSL_free(mval);
- if (buf)
- OPENSSL_free(buf);
- return NULL;
-}
-
-int args_verify(char ***pargs, int *pargc,
- int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
-{
- ASN1_OBJECT *otmp = NULL;
- unsigned long flags = 0;
- int i;
- int purpose = 0, depth = -1;
- char **oldargs = *pargs;
- char *arg = **pargs, *argn = (*pargs)[1];
- time_t at_time = 0;
- if (!strcmp(arg, "-policy")) {
- if (!argn)
- *badarg = 1;
- else {
- otmp = OBJ_txt2obj(argn, 0);
- if (!otmp) {
- BIO_printf(err, "Invalid Policy \"%s\"\n", argn);
- *badarg = 1;
- }
- }
- (*pargs)++;
- } else if (strcmp(arg, "-purpose") == 0) {
- X509_PURPOSE *xptmp;
- if (!argn)
- *badarg = 1;
- else {
- i = X509_PURPOSE_get_by_sname(argn);
- if (i < 0) {
- BIO_printf(err, "unrecognized purpose\n");
- *badarg = 1;
- } else {
- xptmp = X509_PURPOSE_get0(i);
- purpose = X509_PURPOSE_get_id(xptmp);
- }
- }
- (*pargs)++;
- } else if (strcmp(arg, "-verify_depth") == 0) {
- if (!argn)
- *badarg = 1;
- else {
- depth = atoi(argn);
- if (depth < 0) {
- BIO_printf(err, "invalid depth\n");
- *badarg = 1;
- }
- }
- (*pargs)++;
- } else if (strcmp(arg, "-attime") == 0) {
- if (!argn)
- *badarg = 1;
- else {
- long timestamp;
- /*
- * interpret the -attime argument as seconds since Epoch
- */
- if (sscanf(argn, "%li", ×tamp) != 1) {
- BIO_printf(bio_err, "Error parsing timestamp %s\n", argn);
- *badarg = 1;
- }
- /* on some platforms time_t may be a float */
- at_time = (time_t)timestamp;
- }
- (*pargs)++;
- } else if (!strcmp(arg, "-ignore_critical"))
- flags |= X509_V_FLAG_IGNORE_CRITICAL;
- else if (!strcmp(arg, "-issuer_checks"))
- flags |= X509_V_FLAG_CB_ISSUER_CHECK;
- else if (!strcmp(arg, "-crl_check"))
- flags |= X509_V_FLAG_CRL_CHECK;
- else if (!strcmp(arg, "-crl_check_all"))
- flags |= X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL;
- else if (!strcmp(arg, "-policy_check"))
- flags |= X509_V_FLAG_POLICY_CHECK;
- else if (!strcmp(arg, "-explicit_policy"))
- flags |= X509_V_FLAG_EXPLICIT_POLICY;
- else if (!strcmp(arg, "-inhibit_any"))
- flags |= X509_V_FLAG_INHIBIT_ANY;
- else if (!strcmp(arg, "-inhibit_map"))
- flags |= X509_V_FLAG_INHIBIT_MAP;
- else if (!strcmp(arg, "-x509_strict"))
- flags |= X509_V_FLAG_X509_STRICT;
- else if (!strcmp(arg, "-extended_crl"))
- flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT;
- else if (!strcmp(arg, "-use_deltas"))
- flags |= X509_V_FLAG_USE_DELTAS;
- else if (!strcmp(arg, "-policy_print"))
- flags |= X509_V_FLAG_NOTIFY_POLICY;
- else if (!strcmp(arg, "-check_ss_sig"))
- flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
- else if (!strcmp(arg, "-no_alt_chains"))
- flags |= X509_V_FLAG_NO_ALT_CHAINS;
- else
- return 0;
-
- if (*badarg) {
- if (*pm)
- X509_VERIFY_PARAM_free(*pm);
- *pm = NULL;
- goto end;
- }
-
- if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) {
- *badarg = 1;
- goto end;
- }
-
- if (otmp)
- X509_VERIFY_PARAM_add0_policy(*pm, otmp);
- if (flags)
- X509_VERIFY_PARAM_set_flags(*pm, flags);
-
- if (purpose)
- X509_VERIFY_PARAM_set_purpose(*pm, purpose);
-
- if (depth >= 0)
- X509_VERIFY_PARAM_set_depth(*pm, depth);
-
- if (at_time)
- X509_VERIFY_PARAM_set_time(*pm, at_time);
-
- end:
-
- (*pargs)++;
-
- if (pargc)
- *pargc -= *pargs - oldargs;
-
- return 1;
-
-}
-
-/*
- * Read whole contents of a BIO into an allocated memory buffer and return
- * it.
- */
-
-int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
-{
- BIO *mem;
- int len, ret;
- unsigned char tbuf[1024];
- mem = BIO_new(BIO_s_mem());
- if (!mem)
- return -1;
- for (;;) {
- if ((maxlen != -1) && maxlen < 1024)
- len = maxlen;
- else
- len = 1024;
- len = BIO_read(in, tbuf, len);
- if (len <= 0)
- break;
- if (BIO_write(mem, tbuf, len) != len) {
- BIO_free(mem);
- return -1;
- }
- maxlen -= len;
-
- if (maxlen == 0)
- break;
- }
- ret = BIO_get_mem_data(mem, (char **)out);
- BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
- BIO_free(mem);
- return ret;
-}
-
-int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
-{
- int rv;
- char *stmp, *vtmp = NULL;
- stmp = BUF_strdup(value);
- if (!stmp)
- return -1;
- vtmp = strchr(stmp, ':');
- if (vtmp) {
- *vtmp = 0;
- vtmp++;
- }
- rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
- OPENSSL_free(stmp);
- return rv;
-}
-
-static void nodes_print(BIO *out, const char *name,
- STACK_OF(X509_POLICY_NODE) *nodes)
-{
- X509_POLICY_NODE *node;
- int i;
- BIO_printf(out, "%s Policies:", name);
- if (nodes) {
- BIO_puts(out, "\n");
- for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) {
- node = sk_X509_POLICY_NODE_value(nodes, i);
- X509_POLICY_NODE_print(out, node, 2);
- }
- } else
- BIO_puts(out, " <empty>\n");
-}
-
-void policies_print(BIO *out, X509_STORE_CTX *ctx)
-{
- X509_POLICY_TREE *tree;
- int explicit_policy;
- int free_out = 0;
- if (out == NULL) {
- out = BIO_new_fp(stderr, BIO_NOCLOSE);
- free_out = 1;
- }
- tree = X509_STORE_CTX_get0_policy_tree(ctx);
- explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
-
- BIO_printf(out, "Require explicit Policy: %s\n",
- explicit_policy ? "True" : "False");
-
- nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
- nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
- if (free_out)
- BIO_free(out);
-}
-
-#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
-
-static JPAKE_CTX *jpake_init(const char *us, const char *them,
- const char *secret)
-{
- BIGNUM *p = NULL;
- BIGNUM *g = NULL;
- BIGNUM *q = NULL;
- BIGNUM *bnsecret = BN_new();
- JPAKE_CTX *ctx;
-
- /* Use a safe prime for p (that we found earlier) */
- BN_hex2bn(&p,
- "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
- g = BN_new();
- BN_set_word(g, 2);
- q = BN_new();
- BN_rshift1(q, p);
-
- BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret);
-
- ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret);
- BN_free(bnsecret);
- BN_free(q);
- BN_free(g);
- BN_free(p);
-
- return ctx;
-}
-
-static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p)
-{
- BN_print(conn, p->gx);
- BIO_puts(conn, "\n");
- BN_print(conn, p->zkpx.gr);
- BIO_puts(conn, "\n");
- BN_print(conn, p->zkpx.b);
- BIO_puts(conn, "\n");
-}
-
-static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
-{
- JPAKE_STEP1 s1;
-
- JPAKE_STEP1_init(&s1);
- JPAKE_STEP1_generate(&s1, ctx);
- jpake_send_part(bconn, &s1.p1);
- jpake_send_part(bconn, &s1.p2);
- (void)BIO_flush(bconn);
- JPAKE_STEP1_release(&s1);
-}
-
-static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
-{
- JPAKE_STEP2 s2;
-
- JPAKE_STEP2_init(&s2);
- JPAKE_STEP2_generate(&s2, ctx);
- jpake_send_part(bconn, &s2);
- (void)BIO_flush(bconn);
- JPAKE_STEP2_release(&s2);
-}
-
-static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
-{
- JPAKE_STEP3A s3a;
-
- JPAKE_STEP3A_init(&s3a);
- JPAKE_STEP3A_generate(&s3a, ctx);
- BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
- (void)BIO_flush(bconn);
- JPAKE_STEP3A_release(&s3a);
-}
-
-static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
-{
- JPAKE_STEP3B s3b;
-
- JPAKE_STEP3B_init(&s3b);
- JPAKE_STEP3B_generate(&s3b, ctx);
- BIO_write(bconn, s3b.hk, sizeof s3b.hk);
- (void)BIO_flush(bconn);
- JPAKE_STEP3B_release(&s3b);
-}
-
-static void readbn(BIGNUM **bn, BIO *bconn)
-{
- char buf[10240];
- int l;
-
- l = BIO_gets(bconn, buf, sizeof buf);
- assert(l > 0);
- assert(buf[l - 1] == '\n');
- buf[l - 1] = '\0';
- BN_hex2bn(bn, buf);
-}
-
-static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn)
-{
- readbn(&p->gx, bconn);
- readbn(&p->zkpx.gr, bconn);
- readbn(&p->zkpx.b, bconn);
-}
-
-static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn)
-{
- JPAKE_STEP1 s1;
-
- JPAKE_STEP1_init(&s1);
- jpake_receive_part(&s1.p1, bconn);
- jpake_receive_part(&s1.p2, bconn);
- if (!JPAKE_STEP1_process(ctx, &s1)) {
- ERR_print_errors(bio_err);
- exit(1);
- }
- JPAKE_STEP1_release(&s1);
-}
-
-static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn)
-{
- JPAKE_STEP2 s2;
-
- JPAKE_STEP2_init(&s2);
- jpake_receive_part(&s2, bconn);
- if (!JPAKE_STEP2_process(ctx, &s2)) {
- ERR_print_errors(bio_err);
- exit(1);
- }
- JPAKE_STEP2_release(&s2);
-}
-
-static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
-{
- JPAKE_STEP3A s3a;
- int l;
-
- JPAKE_STEP3A_init(&s3a);
- l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
- assert(l == sizeof s3a.hhk);
- if (!JPAKE_STEP3A_process(ctx, &s3a)) {
- ERR_print_errors(bio_err);
- exit(1);
- }
- JPAKE_STEP3A_release(&s3a);
-}
-
-static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
-{
- JPAKE_STEP3B s3b;
- int l;
-
- JPAKE_STEP3B_init(&s3b);
- l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
- assert(l == sizeof s3b.hk);
- if (!JPAKE_STEP3B_process(ctx, &s3b)) {
- ERR_print_errors(bio_err);
- exit(1);
- }
- JPAKE_STEP3B_release(&s3b);
-}
-
-void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
-{
- JPAKE_CTX *ctx;
- BIO *bconn;
-
- BIO_puts(out, "Authenticating with JPAKE\n");
-
- ctx = jpake_init("client", "server", secret);
-
- bconn = BIO_new(BIO_f_buffer());
- BIO_push(bconn, conn);
-
- jpake_send_step1(bconn, ctx);
- jpake_receive_step1(ctx, bconn);
- jpake_send_step2(bconn, ctx);
- jpake_receive_step2(ctx, bconn);
- jpake_send_step3a(bconn, ctx);
- jpake_receive_step3b(ctx, bconn);
-
- BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
-
- psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
-
- BIO_pop(bconn);
- BIO_free(bconn);
-
- JPAKE_CTX_free(ctx);
-}
-
-void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
-{
- JPAKE_CTX *ctx;
- BIO *bconn;
-
- BIO_puts(out, "Authenticating with JPAKE\n");
-
- ctx = jpake_init("server", "client", secret);
-
- bconn = BIO_new(BIO_f_buffer());
- BIO_push(bconn, conn);
-
- jpake_receive_step1(ctx, bconn);
- jpake_send_step1(bconn, ctx);
- jpake_receive_step2(ctx, bconn);
- jpake_send_step2(bconn, ctx);
- jpake_receive_step3a(ctx, bconn);
- jpake_send_step3b(bconn, ctx);
-
- BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
-
- psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
-
- BIO_pop(bconn);
- BIO_free(bconn);
-
- JPAKE_CTX_free(ctx);
-}
-
-#endif
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-/*-
- * next_protos_parse parses a comma separated list of strings into a string
- * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
- * outlen: (output) set to the length of the resulting buffer on success.
- * err: (maybe NULL) on failure, an error message line is written to this BIO.
- * in: a NUL termianted string like "abc,def,ghi"
- *
- * returns: a malloced buffer or NULL on failure.
- */
-unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
-{
- size_t len;
- unsigned char *out;
- size_t i, start = 0;
-
- len = strlen(in);
- if (len >= 65535)
- return NULL;
-
- out = OPENSSL_malloc(strlen(in) + 1);
- if (!out)
- return NULL;
-
- for (i = 0; i <= len; ++i) {
- if (i == len || in[i] == ',') {
- if (i - start > 255) {
- OPENSSL_free(out);
- return NULL;
- }
- out[start] = i - start;
- start = i + 1;
- } else
- out[i + 1] = in[i];
- }
-
- *outlen = len + 1;
- return out;
-}
-#endif /* !OPENSSL_NO_TLSEXT &&
- * !OPENSSL_NO_NEXTPROTONEG */
-
-/*
- * Platform-specific sections
- */
-#if defined(_WIN32)
-# ifdef fileno
-# undef fileno
-# define fileno(a) (int)_fileno(a)
-# endif
-
-# include <windows.h>
-# include <tchar.h>
-
-static int WIN32_rename(const char *from, const char *to)
-{
- TCHAR *tfrom = NULL, *tto;
- DWORD err;
- int ret = 0;
-
- if (sizeof(TCHAR) == 1) {
- tfrom = (TCHAR *)from;
- tto = (TCHAR *)to;
- } else { /* UNICODE path */
-
- size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
- tfrom = (TCHAR *)malloc(sizeof(TCHAR) * (flen + tlen));
- if (tfrom == NULL)
- goto err;
- tto = tfrom + flen;
-# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
- if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, flen))
-# endif
- for (i = 0; i < flen; i++)
- tfrom[i] = (TCHAR)from[i];
-# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
- if (!MultiByteToWideChar(CP_ACP, 0, to, tlen, (WCHAR *)tto, tlen))
-# endif
- for (i = 0; i < tlen; i++)
- tto[i] = (TCHAR)to[i];
- }
-
- if (MoveFile(tfrom, tto))
- goto ok;
- err = GetLastError();
- if (err == ERROR_ALREADY_EXISTS || err == ERROR_FILE_EXISTS) {
- if (DeleteFile(tto) && MoveFile(tfrom, tto))
- goto ok;
- err = GetLastError();
- }
- if (err == ERROR_FILE_NOT_FOUND || err == ERROR_PATH_NOT_FOUND)
- errno = ENOENT;
- else if (err == ERROR_ACCESS_DENIED)
- errno = EACCES;
- else
- errno = EINVAL; /* we could map more codes... */
- err:
- ret = -1;
- ok:
- if (tfrom != NULL && tfrom != (TCHAR *)from)
- free(tfrom);
- return ret;
-}
-#endif
-
-/* app_tminterval section */
-#if defined(_WIN32)
-double app_tminterval(int stop, int usertime)
-{
- FILETIME now;
- double ret = 0;
- static ULARGE_INTEGER tmstart;
- static int warning = 1;
-# ifdef _WIN32_WINNT
- static HANDLE proc = NULL;
-
- if (proc == NULL) {
- if (check_winnt())
- proc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
- GetCurrentProcessId());
- if (proc == NULL)
- proc = (HANDLE) - 1;
- }
-
- if (usertime && proc != (HANDLE) - 1) {
- FILETIME junk;
- GetProcessTimes(proc, &junk, &junk, &junk, &now);
- } else
-# endif
- {
- SYSTEMTIME systime;
-
- if (usertime && warning) {
- BIO_printf(bio_err, "To get meaningful results, run "
- "this program on idle system.\n");
- warning = 0;
- }
- GetSystemTime(&systime);
- SystemTimeToFileTime(&systime, &now);
- }
-
- if (stop == TM_START) {
- tmstart.u.LowPart = now.dwLowDateTime;
- tmstart.u.HighPart = now.dwHighDateTime;
- } else {
- ULARGE_INTEGER tmstop;
-
- tmstop.u.LowPart = now.dwLowDateTime;
- tmstop.u.HighPart = now.dwHighDateTime;
-
- ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart) * 1e-7;
- }
-
- return (ret);
-}
-
-#elif defined(OPENSSL_SYS_NETWARE)
-# include <time.h>
-
-double app_tminterval(int stop, int usertime)
-{
- double ret = 0;
- static clock_t tmstart;
- static int warning = 1;
-
- if (usertime && warning) {
- BIO_printf(bio_err, "To get meaningful results, run "
- "this program on idle system.\n");
- warning = 0;
- }
-
- if (stop == TM_START)
- tmstart = clock();
- else
- ret = (clock() - tmstart) / (double)CLOCKS_PER_SEC;
-
- return (ret);
-}
-
-#elif defined(OPENSSL_SYSTEM_VXWORKS)
-# include <time.h>
-
-double app_tminterval(int stop, int usertime)
-{
- double ret = 0;
-# ifdef CLOCK_REALTIME
- static struct timespec tmstart;
- struct timespec now;
-# else
- static unsigned long tmstart;
- unsigned long now;
-# endif
- static int warning = 1;
-
- if (usertime && warning) {
- BIO_printf(bio_err, "To get meaningful results, run "
- "this program on idle system.\n");
- warning = 0;
- }
-# ifdef CLOCK_REALTIME
- clock_gettime(CLOCK_REALTIME, &now);
- if (stop == TM_START)
- tmstart = now;
- else
- ret = ((now.tv_sec + now.tv_nsec * 1e-9)
- - (tmstart.tv_sec + tmstart.tv_nsec * 1e-9));
-# else
- now = tickGet();
- if (stop == TM_START)
- tmstart = now;
- else
- ret = (now - tmstart) / (double)sysClkRateGet();
-# endif
- return (ret);
-}
-
-#elif defined(OPENSSL_SYSTEM_VMS)
-# include <time.h>
-# include <times.h>
-
-double app_tminterval(int stop, int usertime)
-{
- static clock_t tmstart;
- double ret = 0;
- clock_t now;
-# ifdef __TMS
- struct tms rus;
-
- now = times(&rus);
- if (usertime)
- now = rus.tms_utime;
-# else
- if (usertime)
- now = clock(); /* sum of user and kernel times */
- else {
- struct timeval tv;
- gettimeofday(&tv, NULL);
- now = (clock_t)((unsigned long long)tv.tv_sec * CLK_TCK +
- (unsigned long long)tv.tv_usec * (1000000 / CLK_TCK)
- );
- }
-# endif
- if (stop == TM_START)
- tmstart = now;
- else
- ret = (now - tmstart) / (double)(CLK_TCK);
-
- return (ret);
-}
-
-#elif defined(_SC_CLK_TCK) /* by means of unistd.h */
-# include <sys/times.h>
-
-double app_tminterval(int stop, int usertime)
-{
- double ret = 0;
- struct tms rus;
- clock_t now = times(&rus);
- static clock_t tmstart;
-
- if (usertime)
- now = rus.tms_utime;
-
- if (stop == TM_START)
- tmstart = now;
- else {
- long int tck = sysconf(_SC_CLK_TCK);
- ret = (now - tmstart) / (double)tck;
- }
-
- return (ret);
-}
-
-#else
-# include <sys/time.h>
-# include <sys/resource.h>
-
-double app_tminterval(int stop, int usertime)
-{
- double ret = 0;
- struct rusage rus;
- struct timeval now;
- static struct timeval tmstart;
-
- if (usertime)
- getrusage(RUSAGE_SELF, &rus), now = rus.ru_utime;
- else
- gettimeofday(&now, NULL);
-
- if (stop == TM_START)
- tmstart = now;
- else
- ret = ((now.tv_sec + now.tv_usec * 1e-6)
- - (tmstart.tv_sec + tmstart.tv_usec * 1e-6));
-
- return ret;
-}
-#endif
-
-/* app_isdir section */
-#ifdef _WIN32
-int app_isdir(const char *name)
-{
- HANDLE hList;
- WIN32_FIND_DATA FileData;
-# if defined(UNICODE) || defined(_UNICODE)
- size_t i, len_0 = strlen(name) + 1;
-
- if (len_0 > sizeof(FileData.cFileName) / sizeof(FileData.cFileName[0]))
- return -1;
-
-# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
- if (!MultiByteToWideChar
- (CP_ACP, 0, name, len_0, FileData.cFileName, len_0))
-# endif
- for (i = 0; i < len_0; i++)
- FileData.cFileName[i] = (WCHAR)name[i];
-
- hList = FindFirstFile(FileData.cFileName, &FileData);
-# else
- hList = FindFirstFile(name, &FileData);
-# endif
- if (hList == INVALID_HANDLE_VALUE)
- return -1;
- FindClose(hList);
- return ((FileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0);
-}
-#else
-# include <sys/stat.h>
-# ifndef S_ISDIR
-# if defined(_S_IFMT) && defined(_S_IFDIR)
-# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
-# else
-# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
-# endif
-# endif
-
-int app_isdir(const char *name)
-{
-# if defined(S_ISDIR)
- struct stat st;
-
- if (stat(name, &st) == 0)
- return S_ISDIR(st.st_mode);
- else
- return -1;
-# else
- return -1;
-# endif
-}
-#endif
-
-/* raw_read|write section */
-#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
-int raw_read_stdin(void *buf, int siz)
-{
- DWORD n;
- if (ReadFile(GetStdHandle(STD_INPUT_HANDLE), buf, siz, &n, NULL))
- return (n);
- else
- return (-1);
-}
-#else
-int raw_read_stdin(void *buf, int siz)
-{
- return read(fileno(stdin), buf, siz);
-}
-#endif
-
-#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
-int raw_write_stdout(const void *buf, int siz)
-{
- DWORD n;
- if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE), buf, siz, &n, NULL))
- return (n);
- else
- return (-1);
-}
-#else
-int raw_write_stdout(const void *buf, int siz)
-{
- return write(fileno(stdout), buf, siz);
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/apps/apps.c (from rev 11605, vendor-crypto/openssl/dist/apps/apps.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/apps.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/apps.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2980 @@
+/* apps/apps.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+/*
+ * On VMS, you need to define this to get the declaration of fileno(). The
+ * value 2 is to make sure no function defined in POSIX-2 is left undefined.
+ */
+# define _POSIX_C_SOURCE 2
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <ctype.h>
+#include <errno.h>
+#include <assert.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs12.h>
+#include <openssl/ui.h>
+#include <openssl/safestack.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_JPAKE
+# include <openssl/jpake.h>
+#endif
+
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+
+#ifdef _WIN32
+static int WIN32_rename(const char *from, const char *to);
+# define rename(from,to) WIN32_rename((from),(to))
+#endif
+
+typedef struct {
+ const char *name;
+ unsigned long flag;
+ unsigned long mask;
+} NAME_EX_TBL;
+
+static UI_METHOD *ui_method = NULL;
+
+static int set_table_opts(unsigned long *flags, const char *arg,
+ const NAME_EX_TBL * in_tbl);
+static int set_multi_opts(unsigned long *flags, const char *arg,
+ const NAME_EX_TBL * in_tbl);
+
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+/* Looks like this stuff is worth moving into separate function */
+static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
+ const char *key_descrip, int format);
+#endif
+
+int app_init(long mesgwin);
+#ifdef undef /* never finished - probably never will be
+ * :-) */
+int args_from_file(char *file, int *argc, char **argv[])
+{
+ FILE *fp;
+ int num, i;
+ unsigned int len;
+ static char *buf = NULL;
+ static char **arg = NULL;
+ char *p;
+
+ fp = fopen(file, "r");
+ if (fp == NULL)
+ return (0);
+
+ if (fseek(fp, 0, SEEK_END) == 0)
+ len = ftell(fp), rewind(fp);
+ else
+ len = -1;
+ if (len <= 0) {
+ fclose(fp);
+ return (0);
+ }
+
+ *argc = 0;
+ *argv = NULL;
+
+ if (buf != NULL)
+ OPENSSL_free(buf);
+ buf = (char *)OPENSSL_malloc(len + 1);
+ if (buf == NULL)
+ return (0);
+
+ len = fread(buf, 1, len, fp);
+ if (len <= 1)
+ return (0);
+ buf[len] = '\0';
+
+ i = 0;
+ for (p = buf; *p; p++)
+ if (*p == '\n')
+ i++;
+ if (arg != NULL)
+ OPENSSL_free(arg);
+ arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2));
+
+ *argv = arg;
+ num = 0;
+ p = buf;
+ for (;;) {
+ if (!*p)
+ break;
+ if (*p == '#') { /* comment line */
+ while (*p && (*p != '\n'))
+ p++;
+ continue;
+ }
+ /* else we have a line */
+ *(arg++) = p;
+ num++;
+ while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+ p++;
+ if (!*p)
+ break;
+ if (*p == '\n') {
+ *(p++) = '\0';
+ continue;
+ }
+ /* else it is a tab or space */
+ p++;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p)
+ break;
+ if (*p == '\n') {
+ p++;
+ continue;
+ }
+ *(arg++) = p++;
+ num++;
+ while (*p && (*p != '\n'))
+ p++;
+ if (!*p)
+ break;
+ /* else *p == '\n' */
+ *(p++) = '\0';
+ }
+ *argc = num;
+ return (1);
+}
+#endif
+
+int str2fmt(char *s)
+{
+ if (s == NULL)
+ return FORMAT_UNDEF;
+ if ((*s == 'D') || (*s == 'd'))
+ return (FORMAT_ASN1);
+ else if ((*s == 'T') || (*s == 't'))
+ return (FORMAT_TEXT);
+ else if ((*s == 'N') || (*s == 'n'))
+ return (FORMAT_NETSCAPE);
+ else if ((*s == 'S') || (*s == 's'))
+ return (FORMAT_SMIME);
+ else if ((*s == 'M') || (*s == 'm'))
+ return (FORMAT_MSBLOB);
+ else if ((*s == '1')
+ || (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0)
+ || (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0))
+ return (FORMAT_PKCS12);
+ else if ((*s == 'E') || (*s == 'e'))
+ return (FORMAT_ENGINE);
+ else if ((*s == 'P') || (*s == 'p')) {
+ if (s[1] == 'V' || s[1] == 'v')
+ return FORMAT_PVK;
+ else
+ return (FORMAT_PEM);
+ } else
+ return (FORMAT_UNDEF);
+}
+
+#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE)
+void program_name(char *in, char *out, int size)
+{
+ int i, n;
+ char *p = NULL;
+
+ n = strlen(in);
+ /* find the last '/', '\' or ':' */
+ for (i = n - 1; i > 0; i--) {
+ if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) {
+ p = &(in[i + 1]);
+ break;
+ }
+ }
+ if (p == NULL)
+ p = in;
+ n = strlen(p);
+
+# if defined(OPENSSL_SYS_NETWARE)
+ /* strip off trailing .nlm if present. */
+ if ((n > 4) && (p[n - 4] == '.') &&
+ ((p[n - 3] == 'n') || (p[n - 3] == 'N')) &&
+ ((p[n - 2] == 'l') || (p[n - 2] == 'L')) &&
+ ((p[n - 1] == 'm') || (p[n - 1] == 'M')))
+ n -= 4;
+# else
+ /* strip off trailing .exe if present. */
+ if ((n > 4) && (p[n - 4] == '.') &&
+ ((p[n - 3] == 'e') || (p[n - 3] == 'E')) &&
+ ((p[n - 2] == 'x') || (p[n - 2] == 'X')) &&
+ ((p[n - 1] == 'e') || (p[n - 1] == 'E')))
+ n -= 4;
+# endif
+
+ if (n > size - 1)
+ n = size - 1;
+
+ for (i = 0; i < n; i++) {
+ if ((p[i] >= 'A') && (p[i] <= 'Z'))
+ out[i] = p[i] - 'A' + 'a';
+ else
+ out[i] = p[i];
+ }
+ out[n] = '\0';
+}
+#else
+# ifdef OPENSSL_SYS_VMS
+void program_name(char *in, char *out, int size)
+{
+ char *p = in, *q;
+ char *chars = ":]>";
+
+ while (*chars != '\0') {
+ q = strrchr(p, *chars);
+ if (q > p)
+ p = q + 1;
+ chars++;
+ }
+
+ q = strrchr(p, '.');
+ if (q == NULL)
+ q = p + strlen(p);
+ strncpy(out, p, size - 1);
+ if (q - p >= size) {
+ out[size - 1] = '\0';
+ } else {
+ out[q - p] = '\0';
+ }
+}
+# else
+void program_name(char *in, char *out, int size)
+{
+ char *p;
+
+ p = strrchr(in, '/');
+ if (p != NULL)
+ p++;
+ else
+ p = in;
+ BUF_strlcpy(out, p, size);
+}
+# endif
+#endif
+
+int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
+{
+ int num, i;
+ char *p;
+
+ *argc = 0;
+ *argv = NULL;
+
+ i = 0;
+ if (arg->count == 0) {
+ arg->count = 20;
+ arg->data = (char **)OPENSSL_malloc(sizeof(char *) * arg->count);
+ if (arg->data == NULL)
+ return 0;
+ }
+ for (i = 0; i < arg->count; i++)
+ arg->data[i] = NULL;
+
+ num = 0;
+ p = buf;
+ for (;;) {
+ /* first scan over white space */
+ if (!*p)
+ break;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p)
+ break;
+
+ /* The start of something good :-) */
+ if (num >= arg->count) {
+ char **tmp_p;
+ int tlen = arg->count + 20;
+ tmp_p = (char **)OPENSSL_realloc(arg->data,
+ sizeof(char *) * tlen);
+ if (tmp_p == NULL)
+ return 0;
+ arg->data = tmp_p;
+ arg->count = tlen;
+ /* initialize newly allocated data */
+ for (i = num; i < arg->count; i++)
+ arg->data[i] = NULL;
+ }
+ arg->data[num++] = p;
+
+ /* now look for the end of this */
+ if ((*p == '\'') || (*p == '\"')) { /* scan for closing quote */
+ i = *(p++);
+ arg->data[num - 1]++; /* jump over quote */
+ while (*p && (*p != i))
+ p++;
+ *p = '\0';
+ } else {
+ while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+ p++;
+
+ if (*p == '\0')
+ p--;
+ else
+ *p = '\0';
+ }
+ p++;
+ }
+ *argc = num;
+ *argv = arg->data;
+ return (1);
+}
+
+#ifndef APP_INIT
+int app_init(long mesgwin)
+{
+ return (1);
+}
+#endif
+
+int dump_cert_text(BIO *out, X509 *x)
+{
+ char *p;
+
+ p = X509_NAME_oneline(X509_get_subject_name(x), NULL, 0);
+ BIO_puts(out, "subject=");
+ BIO_puts(out, p);
+ OPENSSL_free(p);
+
+ p = X509_NAME_oneline(X509_get_issuer_name(x), NULL, 0);
+ BIO_puts(out, "\nissuer=");
+ BIO_puts(out, p);
+ BIO_puts(out, "\n");
+ OPENSSL_free(p);
+
+ return 0;
+}
+
+static int ui_open(UI *ui)
+{
+ return UI_method_get_opener(UI_OpenSSL())(ui);
+}
+
+static int ui_read(UI *ui, UI_STRING *uis)
+{
+ if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
+ && UI_get0_user_data(ui)) {
+ switch (UI_get_string_type(uis)) {
+ case UIT_PROMPT:
+ case UIT_VERIFY:
+ {
+ const char *password =
+ ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
+ if (password && password[0] != '\0') {
+ UI_set_result(ui, uis, password);
+ return 1;
+ }
+ }
+ default:
+ break;
+ }
+ }
+ return UI_method_get_reader(UI_OpenSSL())(ui, uis);
+}
+
+static int ui_write(UI *ui, UI_STRING *uis)
+{
+ if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
+ && UI_get0_user_data(ui)) {
+ switch (UI_get_string_type(uis)) {
+ case UIT_PROMPT:
+ case UIT_VERIFY:
+ {
+ const char *password =
+ ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
+ if (password && password[0] != '\0')
+ return 1;
+ }
+ default:
+ break;
+ }
+ }
+ return UI_method_get_writer(UI_OpenSSL())(ui, uis);
+}
+
+static int ui_close(UI *ui)
+{
+ return UI_method_get_closer(UI_OpenSSL())(ui);
+}
+
+int setup_ui_method(void)
+{
+ ui_method = UI_create_method("OpenSSL application user interface");
+ UI_method_set_opener(ui_method, ui_open);
+ UI_method_set_reader(ui_method, ui_read);
+ UI_method_set_writer(ui_method, ui_write);
+ UI_method_set_closer(ui_method, ui_close);
+ return 0;
+}
+
+void destroy_ui_method(void)
+{
+ if (ui_method) {
+ UI_destroy_method(ui_method);
+ ui_method = NULL;
+ }
+}
+
+int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
+{
+ UI *ui = NULL;
+ int res = 0;
+ const char *prompt_info = NULL;
+ const char *password = NULL;
+ PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
+
+ if (cb_data) {
+ if (cb_data->password)
+ password = cb_data->password;
+ if (cb_data->prompt_info)
+ prompt_info = cb_data->prompt_info;
+ }
+
+ if (password) {
+ res = strlen(password);
+ if (res > bufsiz)
+ res = bufsiz;
+ memcpy(buf, password, res);
+ return res;
+ }
+
+ ui = UI_new_method(ui_method);
+ if (ui) {
+ int ok = 0;
+ char *buff = NULL;
+ int ui_flags = 0;
+ char *prompt = NULL;
+
+ prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
+ if (!prompt) {
+ BIO_printf(bio_err, "Out of memory\n");
+ UI_free(ui);
+ return 0;
+ }
+
+ ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
+ UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
+
+ if (ok >= 0)
+ ok = UI_add_input_string(ui, prompt, ui_flags, buf,
+ PW_MIN_LENGTH, bufsiz - 1);
+ if (ok >= 0 && verify) {
+ buff = (char *)OPENSSL_malloc(bufsiz);
+ if (!buff) {
+ BIO_printf(bio_err, "Out of memory\n");
+ UI_free(ui);
+ OPENSSL_free(prompt);
+ return 0;
+ }
+ ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
+ PW_MIN_LENGTH, bufsiz - 1, buf);
+ }
+ if (ok >= 0)
+ do {
+ ok = UI_process(ui);
+ }
+ while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
+
+ if (buff) {
+ OPENSSL_cleanse(buff, (unsigned int)bufsiz);
+ OPENSSL_free(buff);
+ }
+
+ if (ok >= 0)
+ res = strlen(buf);
+ if (ok == -1) {
+ BIO_printf(bio_err, "User interface error\n");
+ ERR_print_errors(bio_err);
+ OPENSSL_cleanse(buf, (unsigned int)bufsiz);
+ res = 0;
+ }
+ if (ok == -2) {
+ BIO_printf(bio_err, "aborted!\n");
+ OPENSSL_cleanse(buf, (unsigned int)bufsiz);
+ res = 0;
+ }
+ UI_free(ui);
+ OPENSSL_free(prompt);
+ }
+ return res;
+}
+
+static char *app_get_pass(BIO *err, char *arg, int keepbio);
+
+int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
+{
+ int same;
+ if (!arg2 || !arg1 || strcmp(arg1, arg2))
+ same = 0;
+ else
+ same = 1;
+ if (arg1) {
+ *pass1 = app_get_pass(err, arg1, same);
+ if (!*pass1)
+ return 0;
+ } else if (pass1)
+ *pass1 = NULL;
+ if (arg2) {
+ *pass2 = app_get_pass(err, arg2, same ? 2 : 0);
+ if (!*pass2)
+ return 0;
+ } else if (pass2)
+ *pass2 = NULL;
+ return 1;
+}
+
+static char *app_get_pass(BIO *err, char *arg, int keepbio)
+{
+ char *tmp, tpass[APP_PASS_LEN];
+ static BIO *pwdbio = NULL;
+ int i;
+ if (!strncmp(arg, "pass:", 5))
+ return BUF_strdup(arg + 5);
+ if (!strncmp(arg, "env:", 4)) {
+ tmp = getenv(arg + 4);
+ if (!tmp) {
+ BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
+ return NULL;
+ }
+ return BUF_strdup(tmp);
+ }
+ if (!keepbio || !pwdbio) {
+ if (!strncmp(arg, "file:", 5)) {
+ pwdbio = BIO_new_file(arg + 5, "r");
+ if (!pwdbio) {
+ BIO_printf(err, "Can't open file %s\n", arg + 5);
+ return NULL;
+ }
+#if !defined(_WIN32)
+ /*
+ * Under _WIN32, which covers even Win64 and CE, file
+ * descriptors referenced by BIO_s_fd are not inherited
+ * by child process and therefore below is not an option.
+ * It could have been an option if bss_fd.c was operating
+ * on real Windows descriptors, such as those obtained
+ * with CreateFile.
+ */
+ } else if (!strncmp(arg, "fd:", 3)) {
+ BIO *btmp;
+ i = atoi(arg + 3);
+ if (i >= 0)
+ pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
+ if ((i < 0) || !pwdbio) {
+ BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
+ return NULL;
+ }
+ /*
+ * Can't do BIO_gets on an fd BIO so add a buffering BIO
+ */
+ btmp = BIO_new(BIO_f_buffer());
+ pwdbio = BIO_push(btmp, pwdbio);
+#endif
+ } else if (!strcmp(arg, "stdin")) {
+ pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ if (!pwdbio) {
+ BIO_printf(err, "Can't open BIO for stdin\n");
+ return NULL;
+ }
+ } else {
+ BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
+ return NULL;
+ }
+ }
+ i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
+ if (keepbio != 1) {
+ BIO_free_all(pwdbio);
+ pwdbio = NULL;
+ }
+ if (i <= 0) {
+ BIO_printf(err, "Error reading password from BIO\n");
+ return NULL;
+ }
+ tmp = strchr(tpass, '\n');
+ if (tmp)
+ *tmp = 0;
+ return BUF_strdup(tpass);
+}
+
+int add_oid_section(BIO *err, CONF *conf)
+{
+ char *p;
+ STACK_OF(CONF_VALUE) *sktmp;
+ CONF_VALUE *cnf;
+ int i;
+ if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) {
+ ERR_clear_error();
+ return 1;
+ }
+ if (!(sktmp = NCONF_get_section(conf, p))) {
+ BIO_printf(err, "problem loading oid section %s\n", p);
+ return 0;
+ }
+ for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+ cnf = sk_CONF_VALUE_value(sktmp, i);
+ if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
+ BIO_printf(err, "problem creating object %s=%s\n",
+ cnf->name, cnf->value);
+ return 0;
+ }
+ }
+ return 1;
+}
+
+static int load_pkcs12(BIO *err, BIO *in, const char *desc,
+ pem_password_cb *pem_cb, void *cb_data,
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+{
+ const char *pass;
+ char tpass[PEM_BUFSIZE];
+ int len, ret = 0;
+ PKCS12 *p12;
+ p12 = d2i_PKCS12_bio(in, NULL);
+ if (p12 == NULL) {
+ BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
+ goto die;
+ }
+ /* See if an empty password will do */
+ if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
+ pass = "";
+ else {
+ if (!pem_cb)
+ pem_cb = (pem_password_cb *)password_callback;
+ len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
+ if (len < 0) {
+ BIO_printf(err, "Passpharse callback error for %s\n", desc);
+ goto die;
+ }
+ if (len < PEM_BUFSIZE)
+ tpass[len] = 0;
+ if (!PKCS12_verify_mac(p12, tpass, len)) {
+ BIO_printf(err,
+ "Mac verify error (wrong password?) in PKCS12 file for %s\n",
+ desc);
+ goto die;
+ }
+ pass = tpass;
+ }
+ ret = PKCS12_parse(p12, pass, pkey, cert, ca);
+ die:
+ if (p12)
+ PKCS12_free(p12);
+ return ret;
+}
+
+X509 *load_cert(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *cert_descrip)
+{
+ X509 *x = NULL;
+ BIO *cert;
+
+ if ((cert = BIO_new(BIO_s_file())) == NULL) {
+ ERR_print_errors(err);
+ goto end;
+ }
+
+ if (file == NULL) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+ setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
+ BIO_set_fp(cert, stdin, BIO_NOCLOSE);
+ } else {
+ if (BIO_read_filename(cert, file) <= 0) {
+ BIO_printf(err, "Error opening %s %s\n", cert_descrip, file);
+ ERR_print_errors(err);
+ goto end;
+ }
+ }
+
+ if (format == FORMAT_ASN1)
+ x = d2i_X509_bio(cert, NULL);
+ else if (format == FORMAT_NETSCAPE) {
+ NETSCAPE_X509 *nx;
+ nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL);
+ if (nx == NULL)
+ goto end;
+
+ if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data,
+ nx->header->length) != 0)) {
+ NETSCAPE_X509_free(nx);
+ BIO_printf(err, "Error reading header on certificate\n");
+ goto end;
+ }
+ x = nx->cert;
+ nx->cert = NULL;
+ NETSCAPE_X509_free(nx);
+ } else if (format == FORMAT_PEM)
+ x = PEM_read_bio_X509_AUX(cert, NULL,
+ (pem_password_cb *)password_callback, NULL);
+ else if (format == FORMAT_PKCS12) {
+ if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL, NULL, &x, NULL))
+ goto end;
+ } else {
+ BIO_printf(err, "bad input format specified for %s\n", cert_descrip);
+ goto end;
+ }
+ end:
+ if (x == NULL) {
+ BIO_printf(err, "unable to load certificate\n");
+ ERR_print_errors(err);
+ }
+ if (cert != NULL)
+ BIO_free(cert);
+ return (x);
+}
+
+EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
+ const char *pass, ENGINE *e, const char *key_descrip)
+{
+ BIO *key = NULL;
+ EVP_PKEY *pkey = NULL;
+ PW_CB_DATA cb_data;
+
+ cb_data.password = pass;
+ cb_data.prompt_info = file;
+
+ if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
+ BIO_printf(err, "no keyfile specified\n");
+ goto end;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ if (format == FORMAT_ENGINE) {
+ if (!e)
+ BIO_printf(err, "no engine specified\n");
+ else {
+ pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
+ if (!pkey) {
+ BIO_printf(err, "cannot load %s from engine\n", key_descrip);
+ ERR_print_errors(err);
+ }
+ }
+ goto end;
+ }
+#endif
+ key = BIO_new(BIO_s_file());
+ if (key == NULL) {
+ ERR_print_errors(err);
+ goto end;
+ }
+ if (file == NULL && maybe_stdin) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+ setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
+ BIO_set_fp(key, stdin, BIO_NOCLOSE);
+ } else if (BIO_read_filename(key, file) <= 0) {
+ BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
+ ERR_print_errors(err);
+ goto end;
+ }
+ if (format == FORMAT_ASN1) {
+ pkey = d2i_PrivateKey_bio(key, NULL);
+ } else if (format == FORMAT_PEM) {
+ pkey = PEM_read_bio_PrivateKey(key, NULL,
+ (pem_password_cb *)password_callback,
+ &cb_data);
+ }
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+ else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
+ pkey = load_netscape_key(err, key, file, key_descrip, format);
+#endif
+ else if (format == FORMAT_PKCS12) {
+ if (!load_pkcs12(err, key, key_descrip,
+ (pem_password_cb *)password_callback, &cb_data,
+ &pkey, NULL, NULL))
+ goto end;
+ }
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
+ else if (format == FORMAT_MSBLOB)
+ pkey = b2i_PrivateKey_bio(key);
+ else if (format == FORMAT_PVK)
+ pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
+ &cb_data);
+#endif
+ else {
+ BIO_printf(err, "bad input format specified for key file\n");
+ goto end;
+ }
+ end:
+ if (key != NULL)
+ BIO_free(key);
+ if (pkey == NULL) {
+ BIO_printf(err, "unable to load %s\n", key_descrip);
+ ERR_print_errors(err);
+ }
+ return (pkey);
+}
+
+EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
+ const char *pass, ENGINE *e, const char *key_descrip)
+{
+ BIO *key = NULL;
+ EVP_PKEY *pkey = NULL;
+ PW_CB_DATA cb_data;
+
+ cb_data.password = pass;
+ cb_data.prompt_info = file;
+
+ if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
+ BIO_printf(err, "no keyfile specified\n");
+ goto end;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ if (format == FORMAT_ENGINE) {
+ if (!e)
+ BIO_printf(bio_err, "no engine specified\n");
+ else
+ pkey = ENGINE_load_public_key(e, file, ui_method, &cb_data);
+ goto end;
+ }
+#endif
+ key = BIO_new(BIO_s_file());
+ if (key == NULL) {
+ ERR_print_errors(err);
+ goto end;
+ }
+ if (file == NULL && maybe_stdin) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+ setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
+ BIO_set_fp(key, stdin, BIO_NOCLOSE);
+ } else if (BIO_read_filename(key, file) <= 0) {
+ BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
+ ERR_print_errors(err);
+ goto end;
+ }
+ if (format == FORMAT_ASN1) {
+ pkey = d2i_PUBKEY_bio(key, NULL);
+ }
+#ifndef OPENSSL_NO_RSA
+ else if (format == FORMAT_ASN1RSA) {
+ RSA *rsa;
+ rsa = d2i_RSAPublicKey_bio(key, NULL);
+ if (rsa) {
+ pkey = EVP_PKEY_new();
+ if (pkey)
+ EVP_PKEY_set1_RSA(pkey, rsa);
+ RSA_free(rsa);
+ } else
+ pkey = NULL;
+ } else if (format == FORMAT_PEMRSA) {
+ RSA *rsa;
+ rsa = PEM_read_bio_RSAPublicKey(key, NULL,
+ (pem_password_cb *)password_callback,
+ &cb_data);
+ if (rsa) {
+ pkey = EVP_PKEY_new();
+ if (pkey)
+ EVP_PKEY_set1_RSA(pkey, rsa);
+ RSA_free(rsa);
+ } else
+ pkey = NULL;
+ }
+#endif
+ else if (format == FORMAT_PEM) {
+ pkey = PEM_read_bio_PUBKEY(key, NULL,
+ (pem_password_cb *)password_callback,
+ &cb_data);
+ }
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+ else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
+ pkey = load_netscape_key(err, key, file, key_descrip, format);
+#endif
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+ else if (format == FORMAT_MSBLOB)
+ pkey = b2i_PublicKey_bio(key);
+#endif
+ else {
+ BIO_printf(err, "bad input format specified for key file\n");
+ goto end;
+ }
+ end:
+ if (key != NULL)
+ BIO_free(key);
+ if (pkey == NULL)
+ BIO_printf(err, "unable to load %s\n", key_descrip);
+ return (pkey);
+}
+
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
+ const char *key_descrip, int format)
+{
+ EVP_PKEY *pkey;
+ BUF_MEM *buf;
+ RSA *rsa;
+ const unsigned char *p;
+ int size, i;
+
+ buf = BUF_MEM_new();
+ pkey = EVP_PKEY_new();
+ size = 0;
+ if (buf == NULL || pkey == NULL)
+ goto error;
+ for (;;) {
+ if (!BUF_MEM_grow_clean(buf, size + 1024 * 10))
+ goto error;
+ i = BIO_read(key, &(buf->data[size]), 1024 * 10);
+ size += i;
+ if (i == 0)
+ break;
+ if (i < 0) {
+ BIO_printf(err, "Error reading %s %s", key_descrip, file);
+ goto error;
+ }
+ }
+ p = (unsigned char *)buf->data;
+ rsa = d2i_RSA_NET(NULL, &p, (long)size, NULL,
+ (format == FORMAT_IISSGC ? 1 : 0));
+ if (rsa == NULL)
+ goto error;
+ BUF_MEM_free(buf);
+ EVP_PKEY_set1_RSA(pkey, rsa);
+ return pkey;
+ error:
+ BUF_MEM_free(buf);
+ EVP_PKEY_free(pkey);
+ return NULL;
+}
+#endif /* ndef OPENSSL_NO_RC4 */
+
+static int load_certs_crls(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *desc,
+ STACK_OF(X509) **pcerts,
+ STACK_OF(X509_CRL) **pcrls)
+{
+ int i;
+ BIO *bio;
+ STACK_OF(X509_INFO) *xis = NULL;
+ X509_INFO *xi;
+ PW_CB_DATA cb_data;
+ int rv = 0;
+
+ cb_data.password = pass;
+ cb_data.prompt_info = file;
+
+ if (format != FORMAT_PEM) {
+ BIO_printf(err, "bad input format specified for %s\n", desc);
+ return 0;
+ }
+
+ if (file == NULL)
+ bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ else
+ bio = BIO_new_file(file, "r");
+
+ if (bio == NULL) {
+ BIO_printf(err, "Error opening %s %s\n", desc, file ? file : "stdin");
+ ERR_print_errors(err);
+ return 0;
+ }
+
+ xis = PEM_X509_INFO_read_bio(bio, NULL,
+ (pem_password_cb *)password_callback,
+ &cb_data);
+
+ BIO_free(bio);
+
+ if (pcerts) {
+ *pcerts = sk_X509_new_null();
+ if (!*pcerts)
+ goto end;
+ }
+
+ if (pcrls) {
+ *pcrls = sk_X509_CRL_new_null();
+ if (!*pcrls)
+ goto end;
+ }
+
+ for (i = 0; i < sk_X509_INFO_num(xis); i++) {
+ xi = sk_X509_INFO_value(xis, i);
+ if (xi->x509 && pcerts) {
+ if (!sk_X509_push(*pcerts, xi->x509))
+ goto end;
+ xi->x509 = NULL;
+ }
+ if (xi->crl && pcrls) {
+ if (!sk_X509_CRL_push(*pcrls, xi->crl))
+ goto end;
+ xi->crl = NULL;
+ }
+ }
+
+ if (pcerts && sk_X509_num(*pcerts) > 0)
+ rv = 1;
+
+ if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
+ rv = 1;
+
+ end:
+
+ if (xis)
+ sk_X509_INFO_pop_free(xis, X509_INFO_free);
+
+ if (rv == 0) {
+ if (pcerts) {
+ sk_X509_pop_free(*pcerts, X509_free);
+ *pcerts = NULL;
+ }
+ if (pcrls) {
+ sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
+ *pcrls = NULL;
+ }
+ BIO_printf(err, "unable to load %s\n",
+ pcerts ? "certificates" : "CRLs");
+ ERR_print_errors(err);
+ }
+ return rv;
+}
+
+STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *desc)
+{
+ STACK_OF(X509) *certs;
+ if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
+ return NULL;
+ return certs;
+}
+
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *desc)
+{
+ STACK_OF(X509_CRL) *crls;
+ if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
+ return NULL;
+ return crls;
+}
+
+#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
+/* Return error for unknown extensions */
+#define X509V3_EXT_DEFAULT 0
+/* Print error for unknown extensions */
+#define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
+/* ASN1 parse unknown extensions */
+#define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
+/* BIO_dump unknown extensions */
+#define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
+
+#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
+ X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
+
+int set_cert_ex(unsigned long *flags, const char *arg)
+{
+ static const NAME_EX_TBL cert_tbl[] = {
+ {"compatible", X509_FLAG_COMPAT, 0xffffffffl},
+ {"ca_default", X509_FLAG_CA, 0xffffffffl},
+ {"no_header", X509_FLAG_NO_HEADER, 0},
+ {"no_version", X509_FLAG_NO_VERSION, 0},
+ {"no_serial", X509_FLAG_NO_SERIAL, 0},
+ {"no_signame", X509_FLAG_NO_SIGNAME, 0},
+ {"no_validity", X509_FLAG_NO_VALIDITY, 0},
+ {"no_subject", X509_FLAG_NO_SUBJECT, 0},
+ {"no_issuer", X509_FLAG_NO_ISSUER, 0},
+ {"no_pubkey", X509_FLAG_NO_PUBKEY, 0},
+ {"no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
+ {"no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
+ {"no_aux", X509_FLAG_NO_AUX, 0},
+ {"no_attributes", X509_FLAG_NO_ATTRIBUTES, 0},
+ {"ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
+ {"ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
+ {"ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
+ {"ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
+ {NULL, 0, 0}
+ };
+ return set_multi_opts(flags, arg, cert_tbl);
+}
+
+int set_name_ex(unsigned long *flags, const char *arg)
+{
+ static const NAME_EX_TBL ex_tbl[] = {
+ {"esc_2253", ASN1_STRFLGS_ESC_2253, 0},
+ {"esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
+ {"esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
+ {"use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
+ {"utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},
+ {"ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},
+ {"show_type", ASN1_STRFLGS_SHOW_TYPE, 0},
+ {"dump_all", ASN1_STRFLGS_DUMP_ALL, 0},
+ {"dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},
+ {"dump_der", ASN1_STRFLGS_DUMP_DER, 0},
+ {"compat", XN_FLAG_COMPAT, 0xffffffffL},
+ {"sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK},
+ {"sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK},
+ {"sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK},
+ {"sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK},
+ {"dn_rev", XN_FLAG_DN_REV, 0},
+ {"nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK},
+ {"sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
+ {"lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
+ {"align", XN_FLAG_FN_ALIGN, 0},
+ {"oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
+ {"space_eq", XN_FLAG_SPC_EQ, 0},
+ {"dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
+ {"RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
+ {"oneline", XN_FLAG_ONELINE, 0xffffffffL},
+ {"multiline", XN_FLAG_MULTILINE, 0xffffffffL},
+ {"ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
+ {NULL, 0, 0}
+ };
+ if (set_multi_opts(flags, arg, ex_tbl) == 0)
+ return 0;
+ if ((*flags & XN_FLAG_SEP_MASK) == 0)
+ *flags |= XN_FLAG_SEP_CPLUS_SPC;
+ return 1;
+}
+
+int set_ext_copy(int *copy_type, const char *arg)
+{
+ if (!strcasecmp(arg, "none"))
+ *copy_type = EXT_COPY_NONE;
+ else if (!strcasecmp(arg, "copy"))
+ *copy_type = EXT_COPY_ADD;
+ else if (!strcasecmp(arg, "copyall"))
+ *copy_type = EXT_COPY_ALL;
+ else
+ return 0;
+ return 1;
+}
+
+int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
+{
+ STACK_OF(X509_EXTENSION) *exts = NULL;
+ X509_EXTENSION *ext, *tmpext;
+ ASN1_OBJECT *obj;
+ int i, idx, ret = 0;
+ if (!x || !req || (copy_type == EXT_COPY_NONE))
+ return 1;
+ exts = X509_REQ_get_extensions(req);
+
+ for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
+ ext = sk_X509_EXTENSION_value(exts, i);
+ obj = X509_EXTENSION_get_object(ext);
+ idx = X509_get_ext_by_OBJ(x, obj, -1);
+ /* Does extension exist? */
+ if (idx != -1) {
+ /* If normal copy don't override existing extension */
+ if (copy_type == EXT_COPY_ADD)
+ continue;
+ /* Delete all extensions of same type */
+ do {
+ tmpext = X509_get_ext(x, idx);
+ X509_delete_ext(x, idx);
+ X509_EXTENSION_free(tmpext);
+ idx = X509_get_ext_by_OBJ(x, obj, -1);
+ } while (idx != -1);
+ }
+ if (!X509_add_ext(x, ext, -1))
+ goto end;
+ }
+
+ ret = 1;
+
+ end:
+
+ sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
+
+ return ret;
+}
+
+static int set_multi_opts(unsigned long *flags, const char *arg,
+ const NAME_EX_TBL * in_tbl)
+{
+ STACK_OF(CONF_VALUE) *vals;
+ CONF_VALUE *val;
+ int i, ret = 1;
+ if (!arg)
+ return 0;
+ vals = X509V3_parse_list(arg);
+ for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+ val = sk_CONF_VALUE_value(vals, i);
+ if (!set_table_opts(flags, val->name, in_tbl))
+ ret = 0;
+ }
+ sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
+ return ret;
+}
+
+static int set_table_opts(unsigned long *flags, const char *arg,
+ const NAME_EX_TBL * in_tbl)
+{
+ char c;
+ const NAME_EX_TBL *ptbl;
+ c = arg[0];
+
+ if (c == '-') {
+ c = 0;
+ arg++;
+ } else if (c == '+') {
+ c = 1;
+ arg++;
+ } else
+ c = 1;
+
+ for (ptbl = in_tbl; ptbl->name; ptbl++) {
+ if (!strcasecmp(arg, ptbl->name)) {
+ *flags &= ~ptbl->mask;
+ if (c)
+ *flags |= ptbl->flag;
+ else
+ *flags &= ~ptbl->flag;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+void print_name(BIO *out, const char *title, X509_NAME *nm,
+ unsigned long lflags)
+{
+ char *buf;
+ char mline = 0;
+ int indent = 0;
+
+ if (title)
+ BIO_puts(out, title);
+ if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+ mline = 1;
+ indent = 4;
+ }
+ if (lflags == XN_FLAG_COMPAT) {
+ buf = X509_NAME_oneline(nm, 0, 0);
+ BIO_puts(out, buf);
+ BIO_puts(out, "\n");
+ OPENSSL_free(buf);
+ } else {
+ if (mline)
+ BIO_puts(out, "\n");
+ X509_NAME_print_ex(out, nm, indent, lflags);
+ BIO_puts(out, "\n");
+ }
+}
+
+X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
+{
+ X509_STORE *store;
+ X509_LOOKUP *lookup;
+ if (!(store = X509_STORE_new()))
+ goto end;
+ lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
+ if (lookup == NULL)
+ goto end;
+ if (CAfile) {
+ if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) {
+ BIO_printf(bp, "Error loading file %s\n", CAfile);
+ goto end;
+ }
+ } else
+ X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+ lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
+ if (lookup == NULL)
+ goto end;
+ if (CApath) {
+ if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) {
+ BIO_printf(bp, "Error loading directory %s\n", CApath);
+ goto end;
+ }
+ } else
+ X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+ ERR_clear_error();
+ return store;
+ end:
+ X509_STORE_free(store);
+ return NULL;
+}
+
+#ifndef OPENSSL_NO_ENGINE
+/* Try to load an engine in a shareable library */
+static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
+{
+ ENGINE *e = ENGINE_by_id("dynamic");
+ if (e) {
+ if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
+ || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
+ ENGINE_free(e);
+ e = NULL;
+ }
+ }
+ return e;
+}
+
+ENGINE *setup_engine(BIO *err, const char *engine, int debug)
+{
+ ENGINE *e = NULL;
+
+ if (engine) {
+ if (strcmp(engine, "auto") == 0) {
+ BIO_printf(err, "enabling auto ENGINE support\n");
+ ENGINE_register_all_complete();
+ return NULL;
+ }
+ if ((e = ENGINE_by_id(engine)) == NULL
+ && (e = try_load_engine(err, engine, debug)) == NULL) {
+ BIO_printf(err, "invalid engine \"%s\"\n", engine);
+ ERR_print_errors(err);
+ return NULL;
+ }
+ if (debug) {
+ ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, err, 0);
+ }
+ ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
+ if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
+ BIO_printf(err, "can't use that engine\n");
+ ERR_print_errors(err);
+ ENGINE_free(e);
+ return NULL;
+ }
+
+ BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e));
+
+ /* Free our "structural" reference. */
+ ENGINE_free(e);
+ }
+ return e;
+}
+#endif
+
+int load_config(BIO *err, CONF *cnf)
+{
+ static int load_config_called = 0;
+ if (load_config_called)
+ return 1;
+ load_config_called = 1;
+ if (!cnf)
+ cnf = config;
+ if (!cnf)
+ return 1;
+
+ OPENSSL_load_builtin_modules();
+
+ if (CONF_modules_load(cnf, NULL, 0) <= 0) {
+ BIO_printf(err, "Error configuring OpenSSL\n");
+ ERR_print_errors(err);
+ return 0;
+ }
+ return 1;
+}
+
+char *make_config_name()
+{
+ const char *t = X509_get_default_cert_area();
+ size_t len;
+ char *p;
+
+ len = strlen(t) + strlen(OPENSSL_CONF) + 2;
+ p = OPENSSL_malloc(len);
+ if (p == NULL)
+ return NULL;
+ BUF_strlcpy(p, t, len);
+#ifndef OPENSSL_SYS_VMS
+ BUF_strlcat(p, "/", len);
+#endif
+ BUF_strlcat(p, OPENSSL_CONF, len);
+
+ return p;
+}
+
+static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
+{
+ const char *n;
+
+ n = a[DB_serial];
+ while (*n == '0')
+ n++;
+ return (lh_strhash(n));
+}
+
+static int index_serial_cmp(const OPENSSL_CSTRING *a,
+ const OPENSSL_CSTRING *b)
+{
+ const char *aa, *bb;
+
+ for (aa = a[DB_serial]; *aa == '0'; aa++) ;
+ for (bb = b[DB_serial]; *bb == '0'; bb++) ;
+ return (strcmp(aa, bb));
+}
+
+static int index_name_qual(char **a)
+{
+ return (a[0][0] == 'V');
+}
+
+static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
+{
+ return (lh_strhash(a[DB_name]));
+}
+
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
+{
+ return (strcmp(a[DB_name], b[DB_name]));
+}
+
+static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
+#undef BSIZE
+#define BSIZE 256
+BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
+{
+ BIO *in = NULL;
+ BIGNUM *ret = NULL;
+ MS_STATIC char buf[1024];
+ ASN1_INTEGER *ai = NULL;
+
+ ai = ASN1_INTEGER_new();
+ if (ai == NULL)
+ goto err;
+
+ if ((in = BIO_new(BIO_s_file())) == NULL) {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ if (BIO_read_filename(in, serialfile) <= 0) {
+ if (!create) {
+ perror(serialfile);
+ goto err;
+ } else {
+ ret = BN_new();
+ if (ret == NULL || !rand_serial(ret, ai))
+ BIO_printf(bio_err, "Out of memory\n");
+ }
+ } else {
+ if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
+ BIO_printf(bio_err, "unable to load number from %s\n",
+ serialfile);
+ goto err;
+ }
+ ret = ASN1_INTEGER_to_BN(ai, NULL);
+ if (ret == NULL) {
+ BIO_printf(bio_err,
+ "error converting number from bin to BIGNUM\n");
+ goto err;
+ }
+ }
+
+ if (ret && retai) {
+ *retai = ai;
+ ai = NULL;
+ }
+ err:
+ if (in != NULL)
+ BIO_free(in);
+ if (ai != NULL)
+ ASN1_INTEGER_free(ai);
+ return (ret);
+}
+
+int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
+ ASN1_INTEGER **retai)
+{
+ char buf[1][BSIZE];
+ BIO *out = NULL;
+ int ret = 0;
+ ASN1_INTEGER *ai = NULL;
+ int j;
+
+ if (suffix == NULL)
+ j = strlen(serialfile);
+ else
+ j = strlen(serialfile) + strlen(suffix) + 1;
+ if (j >= BSIZE) {
+ BIO_printf(bio_err, "file name too long\n");
+ goto err;
+ }
+
+ if (suffix == NULL)
+ BUF_strlcpy(buf[0], serialfile, BSIZE);
+ else {
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
+#else
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
+#endif
+ }
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
+#endif
+ out = BIO_new(BIO_s_file());
+ if (out == NULL) {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ if (BIO_write_filename(out, buf[0]) <= 0) {
+ perror(serialfile);
+ goto err;
+ }
+
+ if ((ai = BN_to_ASN1_INTEGER(serial, NULL)) == NULL) {
+ BIO_printf(bio_err, "error converting serial to ASN.1 format\n");
+ goto err;
+ }
+ i2a_ASN1_INTEGER(out, ai);
+ BIO_puts(out, "\n");
+ ret = 1;
+ if (retai) {
+ *retai = ai;
+ ai = NULL;
+ }
+ err:
+ if (out != NULL)
+ BIO_free_all(out);
+ if (ai != NULL)
+ ASN1_INTEGER_free(ai);
+ return (ret);
+}
+
+int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
+{
+ char buf[5][BSIZE];
+ int i, j;
+
+ i = strlen(serialfile) + strlen(old_suffix);
+ j = strlen(serialfile) + strlen(new_suffix);
+ if (i > j)
+ j = i;
+ if (j + 1 >= BSIZE) {
+ BIO_printf(bio_err, "file name too long\n");
+ goto err;
+ }
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
+#else
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
+#else
+ j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
+#endif
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+ serialfile, buf[1]);
+#endif
+ if (rename(serialfile, buf[1]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+ && errno != ENOTDIR
+#endif
+ ) {
+ BIO_printf(bio_err,
+ "unable to rename %s to %s\n", serialfile, buf[1]);
+ perror("reason");
+ goto err;
+ }
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+ buf[0], serialfile);
+#endif
+ if (rename(buf[0], serialfile) < 0) {
+ BIO_printf(bio_err,
+ "unable to rename %s to %s\n", buf[0], serialfile);
+ perror("reason");
+ rename(buf[1], serialfile);
+ goto err;
+ }
+ return 1;
+ err:
+ return 0;
+}
+
+int rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
+{
+ BIGNUM *btmp;
+ int ret = 0;
+ if (b)
+ btmp = b;
+ else
+ btmp = BN_new();
+
+ if (!btmp)
+ return 0;
+
+ if (!BN_pseudo_rand(btmp, SERIAL_RAND_BITS, 0, 0))
+ goto error;
+ if (ai && !BN_to_ASN1_INTEGER(btmp, ai))
+ goto error;
+
+ ret = 1;
+
+ error:
+
+ if (!b)
+ BN_free(btmp);
+
+ return ret;
+}
+
+CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
+{
+ CA_DB *retdb = NULL;
+ TXT_DB *tmpdb = NULL;
+ BIO *in = BIO_new(BIO_s_file());
+ CONF *dbattr_conf = NULL;
+ char buf[1][BSIZE];
+ long errorline = -1;
+
+ if (in == NULL) {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ if (BIO_read_filename(in, dbfile) <= 0) {
+ perror(dbfile);
+ BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
+ goto err;
+ }
+ if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
+ goto err;
+
+#ifndef OPENSSL_SYS_VMS
+ BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
+#else
+ BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
+#endif
+ dbattr_conf = NCONF_new(NULL);
+ if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
+ if (errorline > 0) {
+ BIO_printf(bio_err,
+ "error on line %ld of db attribute file '%s'\n",
+ errorline, buf[0]);
+ goto err;
+ } else {
+ NCONF_free(dbattr_conf);
+ dbattr_conf = NULL;
+ }
+ }
+
+ if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL) {
+ fprintf(stderr, "Out of memory\n");
+ goto err;
+ }
+
+ retdb->db = tmpdb;
+ tmpdb = NULL;
+ if (db_attr)
+ retdb->attributes = *db_attr;
+ else {
+ retdb->attributes.unique_subject = 1;
+ }
+
+ if (dbattr_conf) {
+ char *p = NCONF_get_string(dbattr_conf, NULL, "unique_subject");
+ if (p) {
+#ifdef RL_DEBUG
+ BIO_printf(bio_err,
+ "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
+#endif
+ retdb->attributes.unique_subject = parse_yesno(p, 1);
+ }
+ }
+
+ err:
+ if (dbattr_conf)
+ NCONF_free(dbattr_conf);
+ if (tmpdb)
+ TXT_DB_free(tmpdb);
+ if (in)
+ BIO_free_all(in);
+ return retdb;
+}
+
+int index_index(CA_DB *db)
+{
+ if (!TXT_DB_create_index(db->db, DB_serial, NULL,
+ LHASH_HASH_FN(index_serial),
+ LHASH_COMP_FN(index_serial))) {
+ BIO_printf(bio_err,
+ "error creating serial number index:(%ld,%ld,%ld)\n",
+ db->db->error, db->db->arg1, db->db->arg2);
+ return 0;
+ }
+
+ if (db->attributes.unique_subject
+ && !TXT_DB_create_index(db->db, DB_name, index_name_qual,
+ LHASH_HASH_FN(index_name),
+ LHASH_COMP_FN(index_name))) {
+ BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n",
+ db->db->error, db->db->arg1, db->db->arg2);
+ return 0;
+ }
+ return 1;
+}
+
+int save_index(const char *dbfile, const char *suffix, CA_DB *db)
+{
+ char buf[3][BSIZE];
+ BIO *out = BIO_new(BIO_s_file());
+ int j;
+
+ if (out == NULL) {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ j = strlen(dbfile) + strlen(suffix);
+ if (j + 6 >= BSIZE) {
+ BIO_printf(bio_err, "file name too long\n");
+ goto err;
+ }
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
+#else
+ j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
+#else
+ j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
+#else
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
+#endif
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
+#endif
+ if (BIO_write_filename(out, buf[0]) <= 0) {
+ perror(dbfile);
+ BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
+ goto err;
+ }
+ j = TXT_DB_write(out, db->db);
+ if (j <= 0)
+ goto err;
+
+ BIO_free(out);
+
+ out = BIO_new(BIO_s_file());
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
+#endif
+ if (BIO_write_filename(out, buf[1]) <= 0) {
+ perror(buf[2]);
+ BIO_printf(bio_err, "unable to open '%s'\n", buf[2]);
+ goto err;
+ }
+ BIO_printf(out, "unique_subject = %s\n",
+ db->attributes.unique_subject ? "yes" : "no");
+ BIO_free(out);
+
+ return 1;
+ err:
+ return 0;
+}
+
+int rotate_index(const char *dbfile, const char *new_suffix,
+ const char *old_suffix)
+{
+ char buf[5][BSIZE];
+ int i, j;
+
+ i = strlen(dbfile) + strlen(old_suffix);
+ j = strlen(dbfile) + strlen(new_suffix);
+ if (i > j)
+ j = i;
+ if (j + 6 >= BSIZE) {
+ BIO_printf(bio_err, "file name too long\n");
+ goto err;
+ }
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
+#else
+ j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
+#else
+ j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
+#else
+ j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
+#else
+ j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+ j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
+#else
+ j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
+#endif
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
+#endif
+ if (rename(dbfile, buf[1]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+ && errno != ENOTDIR
+#endif
+ ) {
+ BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, buf[1]);
+ perror("reason");
+ goto err;
+ }
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[0], dbfile);
+#endif
+ if (rename(buf[0], dbfile) < 0) {
+ BIO_printf(bio_err, "unable to rename %s to %s\n", buf[0], dbfile);
+ perror("reason");
+ rename(buf[1], dbfile);
+ goto err;
+ }
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[4], buf[3]);
+#endif
+ if (rename(buf[4], buf[3]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+ && errno != ENOTDIR
+#endif
+ ) {
+ BIO_printf(bio_err, "unable to rename %s to %s\n", buf[4], buf[3]);
+ perror("reason");
+ rename(dbfile, buf[0]);
+ rename(buf[1], dbfile);
+ goto err;
+ }
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[2], buf[4]);
+#endif
+ if (rename(buf[2], buf[4]) < 0) {
+ BIO_printf(bio_err, "unable to rename %s to %s\n", buf[2], buf[4]);
+ perror("reason");
+ rename(buf[3], buf[4]);
+ rename(dbfile, buf[0]);
+ rename(buf[1], dbfile);
+ goto err;
+ }
+ return 1;
+ err:
+ return 0;
+}
+
+void free_index(CA_DB *db)
+{
+ if (db) {
+ if (db->db)
+ TXT_DB_free(db->db);
+ OPENSSL_free(db);
+ }
+}
+
+int parse_yesno(const char *str, int def)
+{
+ int ret = def;
+ if (str) {
+ switch (*str) {
+ case 'f': /* false */
+ case 'F': /* FALSE */
+ case 'n': /* no */
+ case 'N': /* NO */
+ case '0': /* 0 */
+ ret = 0;
+ break;
+ case 't': /* true */
+ case 'T': /* TRUE */
+ case 'y': /* yes */
+ case 'Y': /* YES */
+ case '1': /* 1 */
+ ret = 1;
+ break;
+ default:
+ ret = def;
+ break;
+ }
+ }
+ return ret;
+}
+
+/*
+ * subject is expected to be in the format /type0=value0/type1=value1/type2=...
+ * where characters may be escaped by \
+ */
+X509_NAME *parse_name(char *subject, long chtype, int multirdn)
+{
+ size_t buflen = strlen(subject) + 1; /* to copy the types and values
+ * into. due to escaping, the copy
+ * can only become shorter */
+ char *buf = OPENSSL_malloc(buflen);
+ size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
+ char **ne_types = OPENSSL_malloc(max_ne * sizeof(char *));
+ char **ne_values = OPENSSL_malloc(max_ne * sizeof(char *));
+ int *mval = OPENSSL_malloc(max_ne * sizeof(int));
+
+ char *sp = subject, *bp = buf;
+ int i, ne_num = 0;
+
+ X509_NAME *n = NULL;
+ int nid;
+
+ if (!buf || !ne_types || !ne_values || !mval) {
+ BIO_printf(bio_err, "malloc error\n");
+ goto error;
+ }
+
+ if (*subject != '/') {
+ BIO_printf(bio_err, "Subject does not start with '/'.\n");
+ goto error;
+ }
+ sp++; /* skip leading / */
+
+ /* no multivalued RDN by default */
+ mval[ne_num] = 0;
+
+ while (*sp) {
+ /* collect type */
+ ne_types[ne_num] = bp;
+ while (*sp) {
+ if (*sp == '\\') { /* is there anything to escape in the
+ * type...? */
+ if (*++sp)
+ *bp++ = *sp++;
+ else {
+ BIO_printf(bio_err,
+ "escape character at end of string\n");
+ goto error;
+ }
+ } else if (*sp == '=') {
+ sp++;
+ *bp++ = '\0';
+ break;
+ } else
+ *bp++ = *sp++;
+ }
+ if (!*sp) {
+ BIO_printf(bio_err,
+ "end of string encountered while processing type of subject name element #%d\n",
+ ne_num);
+ goto error;
+ }
+ ne_values[ne_num] = bp;
+ while (*sp) {
+ if (*sp == '\\') {
+ if (*++sp)
+ *bp++ = *sp++;
+ else {
+ BIO_printf(bio_err,
+ "escape character at end of string\n");
+ goto error;
+ }
+ } else if (*sp == '/') {
+ sp++;
+ /* no multivalued RDN by default */
+ mval[ne_num + 1] = 0;
+ break;
+ } else if (*sp == '+' && multirdn) {
+ /*
+ * a not escaped + signals a mutlivalued RDN
+ */
+ sp++;
+ mval[ne_num + 1] = -1;
+ break;
+ } else
+ *bp++ = *sp++;
+ }
+ *bp++ = '\0';
+ ne_num++;
+ }
+
+ if (!(n = X509_NAME_new()))
+ goto error;
+
+ for (i = 0; i < ne_num; i++) {
+ if ((nid = OBJ_txt2nid(ne_types[i])) == NID_undef) {
+ BIO_printf(bio_err,
+ "Subject Attribute %s has no known NID, skipped\n",
+ ne_types[i]);
+ continue;
+ }
+
+ if (!*ne_values[i]) {
+ BIO_printf(bio_err,
+ "No value provided for Subject Attribute %s, skipped\n",
+ ne_types[i]);
+ continue;
+ }
+
+ if (!X509_NAME_add_entry_by_NID
+ (n, nid, chtype, (unsigned char *)ne_values[i], -1, -1, mval[i]))
+ goto error;
+ }
+
+ OPENSSL_free(ne_values);
+ OPENSSL_free(ne_types);
+ OPENSSL_free(buf);
+ OPENSSL_free(mval);
+ return n;
+
+ error:
+ X509_NAME_free(n);
+ if (ne_values)
+ OPENSSL_free(ne_values);
+ if (ne_types)
+ OPENSSL_free(ne_types);
+ if (mval)
+ OPENSSL_free(mval);
+ if (buf)
+ OPENSSL_free(buf);
+ return NULL;
+}
+
+int args_verify(char ***pargs, int *pargc,
+ int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
+{
+ ASN1_OBJECT *otmp = NULL;
+ unsigned long flags = 0;
+ int i;
+ int purpose = 0, depth = -1;
+ char **oldargs = *pargs;
+ char *arg = **pargs, *argn = (*pargs)[1];
+ time_t at_time = 0;
+ if (!strcmp(arg, "-policy")) {
+ if (!argn)
+ *badarg = 1;
+ else {
+ otmp = OBJ_txt2obj(argn, 0);
+ if (!otmp) {
+ BIO_printf(err, "Invalid Policy \"%s\"\n", argn);
+ *badarg = 1;
+ }
+ }
+ (*pargs)++;
+ } else if (strcmp(arg, "-purpose") == 0) {
+ X509_PURPOSE *xptmp;
+ if (!argn)
+ *badarg = 1;
+ else {
+ i = X509_PURPOSE_get_by_sname(argn);
+ if (i < 0) {
+ BIO_printf(err, "unrecognized purpose\n");
+ *badarg = 1;
+ } else {
+ xptmp = X509_PURPOSE_get0(i);
+ purpose = X509_PURPOSE_get_id(xptmp);
+ }
+ }
+ (*pargs)++;
+ } else if (strcmp(arg, "-verify_depth") == 0) {
+ if (!argn)
+ *badarg = 1;
+ else {
+ depth = atoi(argn);
+ if (depth < 0) {
+ BIO_printf(err, "invalid depth\n");
+ *badarg = 1;
+ }
+ }
+ (*pargs)++;
+ } else if (strcmp(arg, "-attime") == 0) {
+ if (!argn)
+ *badarg = 1;
+ else {
+ long timestamp;
+ /*
+ * interpret the -attime argument as seconds since Epoch
+ */
+ if (sscanf(argn, "%li", ×tamp) != 1) {
+ BIO_printf(bio_err, "Error parsing timestamp %s\n", argn);
+ *badarg = 1;
+ }
+ /* on some platforms time_t may be a float */
+ at_time = (time_t)timestamp;
+ }
+ (*pargs)++;
+ } else if (!strcmp(arg, "-ignore_critical"))
+ flags |= X509_V_FLAG_IGNORE_CRITICAL;
+ else if (!strcmp(arg, "-issuer_checks"))
+ flags |= X509_V_FLAG_CB_ISSUER_CHECK;
+ else if (!strcmp(arg, "-crl_check"))
+ flags |= X509_V_FLAG_CRL_CHECK;
+ else if (!strcmp(arg, "-crl_check_all"))
+ flags |= X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL;
+ else if (!strcmp(arg, "-policy_check"))
+ flags |= X509_V_FLAG_POLICY_CHECK;
+ else if (!strcmp(arg, "-explicit_policy"))
+ flags |= X509_V_FLAG_EXPLICIT_POLICY;
+ else if (!strcmp(arg, "-inhibit_any"))
+ flags |= X509_V_FLAG_INHIBIT_ANY;
+ else if (!strcmp(arg, "-inhibit_map"))
+ flags |= X509_V_FLAG_INHIBIT_MAP;
+ else if (!strcmp(arg, "-x509_strict"))
+ flags |= X509_V_FLAG_X509_STRICT;
+ else if (!strcmp(arg, "-extended_crl"))
+ flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT;
+ else if (!strcmp(arg, "-use_deltas"))
+ flags |= X509_V_FLAG_USE_DELTAS;
+ else if (!strcmp(arg, "-policy_print"))
+ flags |= X509_V_FLAG_NOTIFY_POLICY;
+ else if (!strcmp(arg, "-check_ss_sig"))
+ flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
+ else if (!strcmp(arg, "-no_alt_chains"))
+ flags |= X509_V_FLAG_NO_ALT_CHAINS;
+ else if (!strcmp(arg, "-allow_proxy_certs"))
+ flags |= X509_V_FLAG_ALLOW_PROXY_CERTS;
+ else
+ return 0;
+
+ if (*badarg) {
+ if (*pm)
+ X509_VERIFY_PARAM_free(*pm);
+ *pm = NULL;
+ goto end;
+ }
+
+ if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) {
+ *badarg = 1;
+ goto end;
+ }
+
+ if (otmp)
+ X509_VERIFY_PARAM_add0_policy(*pm, otmp);
+ if (flags)
+ X509_VERIFY_PARAM_set_flags(*pm, flags);
+
+ if (purpose)
+ X509_VERIFY_PARAM_set_purpose(*pm, purpose);
+
+ if (depth >= 0)
+ X509_VERIFY_PARAM_set_depth(*pm, depth);
+
+ if (at_time)
+ X509_VERIFY_PARAM_set_time(*pm, at_time);
+
+ end:
+
+ (*pargs)++;
+
+ if (pargc)
+ *pargc -= *pargs - oldargs;
+
+ return 1;
+
+}
+
+/*
+ * Read whole contents of a BIO into an allocated memory buffer and return
+ * it.
+ */
+
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
+{
+ BIO *mem;
+ int len, ret;
+ unsigned char tbuf[1024];
+ mem = BIO_new(BIO_s_mem());
+ if (!mem)
+ return -1;
+ for (;;) {
+ if ((maxlen != -1) && maxlen < 1024)
+ len = maxlen;
+ else
+ len = 1024;
+ len = BIO_read(in, tbuf, len);
+ if (len <= 0)
+ break;
+ if (BIO_write(mem, tbuf, len) != len) {
+ BIO_free(mem);
+ return -1;
+ }
+ maxlen -= len;
+
+ if (maxlen == 0)
+ break;
+ }
+ ret = BIO_get_mem_data(mem, (char **)out);
+ BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
+ BIO_free(mem);
+ return ret;
+}
+
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
+{
+ int rv;
+ char *stmp, *vtmp = NULL;
+ stmp = BUF_strdup(value);
+ if (!stmp)
+ return -1;
+ vtmp = strchr(stmp, ':');
+ if (vtmp) {
+ *vtmp = 0;
+ vtmp++;
+ }
+ rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
+ OPENSSL_free(stmp);
+ return rv;
+}
+
+static void nodes_print(BIO *out, const char *name,
+ STACK_OF(X509_POLICY_NODE) *nodes)
+{
+ X509_POLICY_NODE *node;
+ int i;
+ BIO_printf(out, "%s Policies:", name);
+ if (nodes) {
+ BIO_puts(out, "\n");
+ for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) {
+ node = sk_X509_POLICY_NODE_value(nodes, i);
+ X509_POLICY_NODE_print(out, node, 2);
+ }
+ } else
+ BIO_puts(out, " <empty>\n");
+}
+
+void policies_print(BIO *out, X509_STORE_CTX *ctx)
+{
+ X509_POLICY_TREE *tree;
+ int explicit_policy;
+ int free_out = 0;
+ if (out == NULL) {
+ out = BIO_new_fp(stderr, BIO_NOCLOSE);
+ free_out = 1;
+ }
+ tree = X509_STORE_CTX_get0_policy_tree(ctx);
+ explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
+
+ BIO_printf(out, "Require explicit Policy: %s\n",
+ explicit_policy ? "True" : "False");
+
+ nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
+ nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
+ if (free_out)
+ BIO_free(out);
+}
+
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+
+static JPAKE_CTX *jpake_init(const char *us, const char *them,
+ const char *secret)
+{
+ BIGNUM *p = NULL;
+ BIGNUM *g = NULL;
+ BIGNUM *q = NULL;
+ BIGNUM *bnsecret = BN_new();
+ JPAKE_CTX *ctx;
+
+ /* Use a safe prime for p (that we found earlier) */
+ BN_hex2bn(&p,
+ "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
+ g = BN_new();
+ BN_set_word(g, 2);
+ q = BN_new();
+ BN_rshift1(q, p);
+
+ BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret);
+
+ ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret);
+ BN_free(bnsecret);
+ BN_free(q);
+ BN_free(g);
+ BN_free(p);
+
+ return ctx;
+}
+
+static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p)
+{
+ BN_print(conn, p->gx);
+ BIO_puts(conn, "\n");
+ BN_print(conn, p->zkpx.gr);
+ BIO_puts(conn, "\n");
+ BN_print(conn, p->zkpx.b);
+ BIO_puts(conn, "\n");
+}
+
+static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
+{
+ JPAKE_STEP1 s1;
+
+ JPAKE_STEP1_init(&s1);
+ JPAKE_STEP1_generate(&s1, ctx);
+ jpake_send_part(bconn, &s1.p1);
+ jpake_send_part(bconn, &s1.p2);
+ (void)BIO_flush(bconn);
+ JPAKE_STEP1_release(&s1);
+}
+
+static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
+{
+ JPAKE_STEP2 s2;
+
+ JPAKE_STEP2_init(&s2);
+ JPAKE_STEP2_generate(&s2, ctx);
+ jpake_send_part(bconn, &s2);
+ (void)BIO_flush(bconn);
+ JPAKE_STEP2_release(&s2);
+}
+
+static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
+{
+ JPAKE_STEP3A s3a;
+
+ JPAKE_STEP3A_init(&s3a);
+ JPAKE_STEP3A_generate(&s3a, ctx);
+ BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
+ (void)BIO_flush(bconn);
+ JPAKE_STEP3A_release(&s3a);
+}
+
+static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
+{
+ JPAKE_STEP3B s3b;
+
+ JPAKE_STEP3B_init(&s3b);
+ JPAKE_STEP3B_generate(&s3b, ctx);
+ BIO_write(bconn, s3b.hk, sizeof s3b.hk);
+ (void)BIO_flush(bconn);
+ JPAKE_STEP3B_release(&s3b);
+}
+
+static void readbn(BIGNUM **bn, BIO *bconn)
+{
+ char buf[10240];
+ int l;
+
+ l = BIO_gets(bconn, buf, sizeof buf);
+ assert(l > 0);
+ assert(buf[l - 1] == '\n');
+ buf[l - 1] = '\0';
+ BN_hex2bn(bn, buf);
+}
+
+static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn)
+{
+ readbn(&p->gx, bconn);
+ readbn(&p->zkpx.gr, bconn);
+ readbn(&p->zkpx.b, bconn);
+}
+
+static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn)
+{
+ JPAKE_STEP1 s1;
+
+ JPAKE_STEP1_init(&s1);
+ jpake_receive_part(&s1.p1, bconn);
+ jpake_receive_part(&s1.p2, bconn);
+ if (!JPAKE_STEP1_process(ctx, &s1)) {
+ ERR_print_errors(bio_err);
+ exit(1);
+ }
+ JPAKE_STEP1_release(&s1);
+}
+
+static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn)
+{
+ JPAKE_STEP2 s2;
+
+ JPAKE_STEP2_init(&s2);
+ jpake_receive_part(&s2, bconn);
+ if (!JPAKE_STEP2_process(ctx, &s2)) {
+ ERR_print_errors(bio_err);
+ exit(1);
+ }
+ JPAKE_STEP2_release(&s2);
+}
+
+static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
+{
+ JPAKE_STEP3A s3a;
+ int l;
+
+ JPAKE_STEP3A_init(&s3a);
+ l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
+ assert(l == sizeof s3a.hhk);
+ if (!JPAKE_STEP3A_process(ctx, &s3a)) {
+ ERR_print_errors(bio_err);
+ exit(1);
+ }
+ JPAKE_STEP3A_release(&s3a);
+}
+
+static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
+{
+ JPAKE_STEP3B s3b;
+ int l;
+
+ JPAKE_STEP3B_init(&s3b);
+ l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
+ assert(l == sizeof s3b.hk);
+ if (!JPAKE_STEP3B_process(ctx, &s3b)) {
+ ERR_print_errors(bio_err);
+ exit(1);
+ }
+ JPAKE_STEP3B_release(&s3b);
+}
+
+void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
+{
+ JPAKE_CTX *ctx;
+ BIO *bconn;
+
+ BIO_puts(out, "Authenticating with JPAKE\n");
+
+ ctx = jpake_init("client", "server", secret);
+
+ bconn = BIO_new(BIO_f_buffer());
+ BIO_push(bconn, conn);
+
+ jpake_send_step1(bconn, ctx);
+ jpake_receive_step1(ctx, bconn);
+ jpake_send_step2(bconn, ctx);
+ jpake_receive_step2(ctx, bconn);
+ jpake_send_step3a(bconn, ctx);
+ jpake_receive_step3b(ctx, bconn);
+
+ BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+
+ psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
+ BIO_pop(bconn);
+ BIO_free(bconn);
+
+ JPAKE_CTX_free(ctx);
+}
+
+void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
+{
+ JPAKE_CTX *ctx;
+ BIO *bconn;
+
+ BIO_puts(out, "Authenticating with JPAKE\n");
+
+ ctx = jpake_init("server", "client", secret);
+
+ bconn = BIO_new(BIO_f_buffer());
+ BIO_push(bconn, conn);
+
+ jpake_receive_step1(ctx, bconn);
+ jpake_send_step1(bconn, ctx);
+ jpake_receive_step2(ctx, bconn);
+ jpake_send_step2(bconn, ctx);
+ jpake_receive_step3a(ctx, bconn);
+ jpake_send_step3b(bconn, ctx);
+
+ BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+
+ psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
+ BIO_pop(bconn);
+ BIO_free(bconn);
+
+ JPAKE_CTX_free(ctx);
+}
+
+#endif
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ * outlen: (output) set to the length of the resulting buffer on success.
+ * err: (maybe NULL) on failure, an error message line is written to this BIO.
+ * in: a NUL termianted string like "abc,def,ghi"
+ *
+ * returns: a malloced buffer or NULL on failure.
+ */
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
+{
+ size_t len;
+ unsigned char *out;
+ size_t i, start = 0;
+
+ len = strlen(in);
+ if (len >= 65535)
+ return NULL;
+
+ out = OPENSSL_malloc(strlen(in) + 1);
+ if (!out)
+ return NULL;
+
+ for (i = 0; i <= len; ++i) {
+ if (i == len || in[i] == ',') {
+ if (i - start > 255) {
+ OPENSSL_free(out);
+ return NULL;
+ }
+ out[start] = i - start;
+ start = i + 1;
+ } else
+ out[i + 1] = in[i];
+ }
+
+ *outlen = len + 1;
+ return out;
+}
+#endif /* !OPENSSL_NO_TLSEXT &&
+ * !OPENSSL_NO_NEXTPROTONEG */
+
+/*
+ * Platform-specific sections
+ */
+#if defined(_WIN32)
+# ifdef fileno
+# undef fileno
+# define fileno(a) (int)_fileno(a)
+# endif
+
+# include <windows.h>
+# include <tchar.h>
+
+static int WIN32_rename(const char *from, const char *to)
+{
+ TCHAR *tfrom = NULL, *tto;
+ DWORD err;
+ int ret = 0;
+
+ if (sizeof(TCHAR) == 1) {
+ tfrom = (TCHAR *)from;
+ tto = (TCHAR *)to;
+ } else { /* UNICODE path */
+
+ size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
+ tfrom = (TCHAR *)malloc(sizeof(TCHAR) * (flen + tlen));
+ if (tfrom == NULL)
+ goto err;
+ tto = tfrom + flen;
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+ if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, flen))
+# endif
+ for (i = 0; i < flen; i++)
+ tfrom[i] = (TCHAR)from[i];
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+ if (!MultiByteToWideChar(CP_ACP, 0, to, tlen, (WCHAR *)tto, tlen))
+# endif
+ for (i = 0; i < tlen; i++)
+ tto[i] = (TCHAR)to[i];
+ }
+
+ if (MoveFile(tfrom, tto))
+ goto ok;
+ err = GetLastError();
+ if (err == ERROR_ALREADY_EXISTS || err == ERROR_FILE_EXISTS) {
+ if (DeleteFile(tto) && MoveFile(tfrom, tto))
+ goto ok;
+ err = GetLastError();
+ }
+ if (err == ERROR_FILE_NOT_FOUND || err == ERROR_PATH_NOT_FOUND)
+ errno = ENOENT;
+ else if (err == ERROR_ACCESS_DENIED)
+ errno = EACCES;
+ else
+ errno = EINVAL; /* we could map more codes... */
+ err:
+ ret = -1;
+ ok:
+ if (tfrom != NULL && tfrom != (TCHAR *)from)
+ free(tfrom);
+ return ret;
+}
+#endif
+
+/* app_tminterval section */
+#if defined(_WIN32)
+double app_tminterval(int stop, int usertime)
+{
+ FILETIME now;
+ double ret = 0;
+ static ULARGE_INTEGER tmstart;
+ static int warning = 1;
+# ifdef _WIN32_WINNT
+ static HANDLE proc = NULL;
+
+ if (proc == NULL) {
+ if (check_winnt())
+ proc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
+ GetCurrentProcessId());
+ if (proc == NULL)
+ proc = (HANDLE) - 1;
+ }
+
+ if (usertime && proc != (HANDLE) - 1) {
+ FILETIME junk;
+ GetProcessTimes(proc, &junk, &junk, &junk, &now);
+ } else
+# endif
+ {
+ SYSTEMTIME systime;
+
+ if (usertime && warning) {
+ BIO_printf(bio_err, "To get meaningful results, run "
+ "this program on idle system.\n");
+ warning = 0;
+ }
+ GetSystemTime(&systime);
+ SystemTimeToFileTime(&systime, &now);
+ }
+
+ if (stop == TM_START) {
+ tmstart.u.LowPart = now.dwLowDateTime;
+ tmstart.u.HighPart = now.dwHighDateTime;
+ } else {
+ ULARGE_INTEGER tmstop;
+
+ tmstop.u.LowPart = now.dwLowDateTime;
+ tmstop.u.HighPart = now.dwHighDateTime;
+
+ ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart) * 1e-7;
+ }
+
+ return (ret);
+}
+
+#elif defined(OPENSSL_SYS_NETWARE)
+# include <time.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+ static clock_t tmstart;
+ static int warning = 1;
+
+ if (usertime && warning) {
+ BIO_printf(bio_err, "To get meaningful results, run "
+ "this program on idle system.\n");
+ warning = 0;
+ }
+
+ if (stop == TM_START)
+ tmstart = clock();
+ else
+ ret = (clock() - tmstart) / (double)CLOCKS_PER_SEC;
+
+ return (ret);
+}
+
+#elif defined(OPENSSL_SYSTEM_VXWORKS)
+# include <time.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+# ifdef CLOCK_REALTIME
+ static struct timespec tmstart;
+ struct timespec now;
+# else
+ static unsigned long tmstart;
+ unsigned long now;
+# endif
+ static int warning = 1;
+
+ if (usertime && warning) {
+ BIO_printf(bio_err, "To get meaningful results, run "
+ "this program on idle system.\n");
+ warning = 0;
+ }
+# ifdef CLOCK_REALTIME
+ clock_gettime(CLOCK_REALTIME, &now);
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = ((now.tv_sec + now.tv_nsec * 1e-9)
+ - (tmstart.tv_sec + tmstart.tv_nsec * 1e-9));
+# else
+ now = tickGet();
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = (now - tmstart) / (double)sysClkRateGet();
+# endif
+ return (ret);
+}
+
+#elif defined(OPENSSL_SYSTEM_VMS)
+# include <time.h>
+# include <times.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ static clock_t tmstart;
+ double ret = 0;
+ clock_t now;
+# ifdef __TMS
+ struct tms rus;
+
+ now = times(&rus);
+ if (usertime)
+ now = rus.tms_utime;
+# else
+ if (usertime)
+ now = clock(); /* sum of user and kernel times */
+ else {
+ struct timeval tv;
+ gettimeofday(&tv, NULL);
+ now = (clock_t)((unsigned long long)tv.tv_sec * CLK_TCK +
+ (unsigned long long)tv.tv_usec * (1000000 / CLK_TCK)
+ );
+ }
+# endif
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = (now - tmstart) / (double)(CLK_TCK);
+
+ return (ret);
+}
+
+#elif defined(_SC_CLK_TCK) /* by means of unistd.h */
+# include <sys/times.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+ struct tms rus;
+ clock_t now = times(&rus);
+ static clock_t tmstart;
+
+ if (usertime)
+ now = rus.tms_utime;
+
+ if (stop == TM_START)
+ tmstart = now;
+ else {
+ long int tck = sysconf(_SC_CLK_TCK);
+ ret = (now - tmstart) / (double)tck;
+ }
+
+ return (ret);
+}
+
+#else
+# include <sys/time.h>
+# include <sys/resource.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+ struct rusage rus;
+ struct timeval now;
+ static struct timeval tmstart;
+
+ if (usertime)
+ getrusage(RUSAGE_SELF, &rus), now = rus.ru_utime;
+ else
+ gettimeofday(&now, NULL);
+
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = ((now.tv_sec + now.tv_usec * 1e-6)
+ - (tmstart.tv_sec + tmstart.tv_usec * 1e-6));
+
+ return ret;
+}
+#endif
+
+/* app_isdir section */
+#ifdef _WIN32
+int app_isdir(const char *name)
+{
+ HANDLE hList;
+ WIN32_FIND_DATA FileData;
+# if defined(UNICODE) || defined(_UNICODE)
+ size_t i, len_0 = strlen(name) + 1;
+
+ if (len_0 > sizeof(FileData.cFileName) / sizeof(FileData.cFileName[0]))
+ return -1;
+
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+ if (!MultiByteToWideChar
+ (CP_ACP, 0, name, len_0, FileData.cFileName, len_0))
+# endif
+ for (i = 0; i < len_0; i++)
+ FileData.cFileName[i] = (WCHAR)name[i];
+
+ hList = FindFirstFile(FileData.cFileName, &FileData);
+# else
+ hList = FindFirstFile(name, &FileData);
+# endif
+ if (hList == INVALID_HANDLE_VALUE)
+ return -1;
+ FindClose(hList);
+ return ((FileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0);
+}
+#else
+# include <sys/stat.h>
+# ifndef S_ISDIR
+# if defined(_S_IFMT) && defined(_S_IFDIR)
+# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
+# else
+# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
+# endif
+# endif
+
+int app_isdir(const char *name)
+{
+# if defined(S_ISDIR)
+ struct stat st;
+
+ if (stat(name, &st) == 0)
+ return S_ISDIR(st.st_mode);
+ else
+ return -1;
+# else
+ return -1;
+# endif
+}
+#endif
+
+/* raw_read|write section */
+#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
+int raw_read_stdin(void *buf, int siz)
+{
+ DWORD n;
+ if (ReadFile(GetStdHandle(STD_INPUT_HANDLE), buf, siz, &n, NULL))
+ return (n);
+ else
+ return (-1);
+}
+#else
+int raw_read_stdin(void *buf, int siz)
+{
+ return read(fileno(stdin), buf, siz);
+}
+#endif
+
+#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
+int raw_write_stdout(const void *buf, int siz)
+{
+ DWORD n;
+ if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE), buf, siz, &n, NULL))
+ return (n);
+ else
+ return (-1);
+}
+#else
+int raw_write_stdout(const void *buf, int siz)
+{
+ return write(fileno(stdout), buf, siz);
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/apps/enc.c
===================================================================
--- vendor-crypto/openssl/dist/apps/enc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,715 +0,0 @@
-/* apps/enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#include <ctype.h>
-
-int set_hex(char *in, unsigned char *out, int size);
-#undef SIZE
-#undef BSIZE
-#undef PROG
-
-#define SIZE (512)
-#define BSIZE (8*1024)
-#define PROG enc_main
-
-static void show_ciphers(const OBJ_NAME *name, void *bio_)
-{
- BIO *bio = bio_;
- static int n;
-
- if (!islower((unsigned char)*name->name))
- return;
-
- BIO_printf(bio, "-%-25s", name->name);
- if (++n == 3) {
- BIO_printf(bio, "\n");
- n = 0;
- } else
- BIO_printf(bio, " ");
-}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- static const char magic[] = "Salted__";
- char mbuf[sizeof magic - 1];
- char *strbuf = NULL;
- unsigned char *buff = NULL, *bufsize = NULL;
- int bsize = BSIZE, verbose = 0;
- int ret = 1, inl;
- int nopad = 0;
- unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
- unsigned char salt[PKCS5_SALT_LEN];
- char *str = NULL, *passarg = NULL, *pass = NULL;
- char *hkey = NULL, *hiv = NULL, *hsalt = NULL;
- char *md = NULL;
- int enc = 1, printkey = 0, i, base64 = 0;
-#ifdef ZLIB
- int do_zlib = 0;
- BIO *bzl = NULL;
-#endif
- int debug = 0, olb64 = 0, nosalt = 0;
- const EVP_CIPHER *cipher = NULL, *c;
- EVP_CIPHER_CTX *ctx = NULL;
- char *inf = NULL, *outf = NULL;
- BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
- NULL, *wbio = NULL;
-#define PROG_NAME_SIZE 39
- char pname[PROG_NAME_SIZE + 1];
-#ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
-#endif
- const EVP_MD *dgst = NULL;
- int non_fips_allow = 0;
-
- apps_startup();
-
- if (bio_err == NULL)
- if ((bio_err = BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- if (!load_config(bio_err, NULL))
- goto end;
-
- /* first check the program name */
- program_name(argv[0], pname, sizeof pname);
- if (strcmp(pname, "base64") == 0)
- base64 = 1;
-#ifdef ZLIB
- if (strcmp(pname, "zlib") == 0)
- do_zlib = 1;
-#endif
-
- cipher = EVP_get_cipherbyname(pname);
-#ifdef ZLIB
- if (!do_zlib && !base64 && (cipher == NULL)
- && (strcmp(pname, "enc") != 0))
-#else
- if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0))
-#endif
- {
- BIO_printf(bio_err, "%s is an unknown cipher\n", pname);
- goto bad;
- }
-
- argc--;
- argv++;
- while (argc >= 1) {
- if (strcmp(*argv, "-e") == 0)
- enc = 1;
- else if (strcmp(*argv, "-in") == 0) {
- if (--argc < 1)
- goto bad;
- inf = *(++argv);
- } else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- goto bad;
- outf = *(++argv);
- } else if (strcmp(*argv, "-pass") == 0) {
- if (--argc < 1)
- goto bad;
- passarg = *(++argv);
- }
-#ifndef OPENSSL_NO_ENGINE
- else if (strcmp(*argv, "-engine") == 0) {
- if (--argc < 1)
- goto bad;
- engine = *(++argv);
- }
-#endif
- else if (strcmp(*argv, "-d") == 0)
- enc = 0;
- else if (strcmp(*argv, "-p") == 0)
- printkey = 1;
- else if (strcmp(*argv, "-v") == 0)
- verbose = 1;
- else if (strcmp(*argv, "-nopad") == 0)
- nopad = 1;
- else if (strcmp(*argv, "-salt") == 0)
- nosalt = 0;
- else if (strcmp(*argv, "-nosalt") == 0)
- nosalt = 1;
- else if (strcmp(*argv, "-debug") == 0)
- debug = 1;
- else if (strcmp(*argv, "-P") == 0)
- printkey = 2;
- else if (strcmp(*argv, "-A") == 0)
- olb64 = 1;
- else if (strcmp(*argv, "-a") == 0)
- base64 = 1;
- else if (strcmp(*argv, "-base64") == 0)
- base64 = 1;
-#ifdef ZLIB
- else if (strcmp(*argv, "-z") == 0)
- do_zlib = 1;
-#endif
- else if (strcmp(*argv, "-bufsize") == 0) {
- if (--argc < 1)
- goto bad;
- bufsize = (unsigned char *)*(++argv);
- } else if (strcmp(*argv, "-k") == 0) {
- if (--argc < 1)
- goto bad;
- str = *(++argv);
- } else if (strcmp(*argv, "-kfile") == 0) {
- static char buf[128];
- FILE *infile;
- char *file;
-
- if (--argc < 1)
- goto bad;
- file = *(++argv);
- infile = fopen(file, "r");
- if (infile == NULL) {
- BIO_printf(bio_err, "unable to read key from '%s'\n", file);
- goto bad;
- }
- buf[0] = '\0';
- if (!fgets(buf, sizeof buf, infile)) {
- BIO_printf(bio_err, "unable to read key from '%s'\n", file);
- goto bad;
- }
- fclose(infile);
- i = strlen(buf);
- if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
- buf[--i] = '\0';
- if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
- buf[--i] = '\0';
- if (i < 1) {
- BIO_printf(bio_err, "zero length password\n");
- goto bad;
- }
- str = buf;
- } else if (strcmp(*argv, "-K") == 0) {
- if (--argc < 1)
- goto bad;
- hkey = *(++argv);
- } else if (strcmp(*argv, "-S") == 0) {
- if (--argc < 1)
- goto bad;
- hsalt = *(++argv);
- } else if (strcmp(*argv, "-iv") == 0) {
- if (--argc < 1)
- goto bad;
- hiv = *(++argv);
- } else if (strcmp(*argv, "-md") == 0) {
- if (--argc < 1)
- goto bad;
- md = *(++argv);
- } else if (strcmp(*argv, "-non-fips-allow") == 0)
- non_fips_allow = 1;
- else if ((argv[0][0] == '-') &&
- ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) {
- cipher = c;
- } else if (strcmp(*argv, "-none") == 0)
- cipher = NULL;
- else {
- BIO_printf(bio_err, "unknown option '%s'\n", *argv);
- bad:
- BIO_printf(bio_err, "options are\n");
- BIO_printf(bio_err, "%-14s input file\n", "-in <file>");
- BIO_printf(bio_err, "%-14s output file\n", "-out <file>");
- BIO_printf(bio_err, "%-14s pass phrase source\n", "-pass <arg>");
- BIO_printf(bio_err, "%-14s encrypt\n", "-e");
- BIO_printf(bio_err, "%-14s decrypt\n", "-d");
- BIO_printf(bio_err,
- "%-14s base64 encode/decode, depending on encryption flag\n",
- "-a/-base64");
- BIO_printf(bio_err, "%-14s passphrase is the next argument\n",
- "-k");
- BIO_printf(bio_err,
- "%-14s passphrase is the first line of the file argument\n",
- "-kfile");
- BIO_printf(bio_err,
- "%-14s the next argument is the md to use to create a key\n",
- "-md");
- BIO_printf(bio_err,
- "%-14s from a passphrase. One of md2, md5, sha or sha1\n",
- "");
- BIO_printf(bio_err, "%-14s salt in hex is the next argument\n",
- "-S");
- BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n",
- "-K/-iv");
- BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n",
- "-[pP]");
- BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
- BIO_printf(bio_err, "%-14s disable standard block padding\n",
- "-nopad");
-#ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err,
- "%-14s use engine e, possibly a hardware device.\n",
- "-engine e");
-#endif
-
- BIO_printf(bio_err, "Cipher Types\n");
- OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
- show_ciphers, bio_err);
- BIO_printf(bio_err, "\n");
-
- goto end;
- }
- argc--;
- argv++;
- }
-
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-#endif
-
- if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
- BIO_printf(bio_err,
- "AEAD ciphers not supported by the enc utility\n");
- goto end;
- }
-
- if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) {
- BIO_printf(bio_err,
- "Ciphers in XTS mode are not supported by the enc utility\n");
- goto end;
- }
-
- if (md && (dgst = EVP_get_digestbyname(md)) == NULL) {
- BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
- goto end;
- }
-
- if (dgst == NULL) {
- dgst = EVP_md5();
- }
-
- if (bufsize != NULL) {
- unsigned long n;
-
- for (n = 0; *bufsize; bufsize++) {
- i = *bufsize;
- if ((i <= '9') && (i >= '0'))
- n = n * 10 + i - '0';
- else if (i == 'k') {
- n *= 1024;
- bufsize++;
- break;
- }
- }
- if (*bufsize != '\0') {
- BIO_printf(bio_err, "invalid 'bufsize' specified.\n");
- goto end;
- }
-
- /* It must be large enough for a base64 encoded line */
- if (base64 && n < 80)
- n = 80;
-
- bsize = (int)n;
- if (verbose)
- BIO_printf(bio_err, "bufsize=%d\n", bsize);
- }
-
- strbuf = OPENSSL_malloc(SIZE);
- buff = (unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
- if ((buff == NULL) || (strbuf == NULL)) {
- BIO_printf(bio_err, "OPENSSL_malloc failure %ld\n",
- (long)EVP_ENCODE_LENGTH(bsize));
- goto end;
- }
-
- in = BIO_new(BIO_s_file());
- out = BIO_new(BIO_s_file());
- if ((in == NULL) || (out == NULL)) {
- ERR_print_errors(bio_err);
- goto end;
- }
- if (debug) {
- BIO_set_callback(in, BIO_debug_callback);
- BIO_set_callback(out, BIO_debug_callback);
- BIO_set_callback_arg(in, (char *)bio_err);
- BIO_set_callback_arg(out, (char *)bio_err);
- }
-
- if (inf == NULL) {
-#ifndef OPENSSL_NO_SETVBUF_IONBF
- if (bufsize != NULL)
- setvbuf(stdin, (char *)NULL, _IONBF, 0);
-#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
- BIO_set_fp(in, stdin, BIO_NOCLOSE);
- } else {
- if (BIO_read_filename(in, inf) <= 0) {
- perror(inf);
- goto end;
- }
- }
-
- if (!str && passarg) {
- if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
- BIO_printf(bio_err, "Error getting password\n");
- goto end;
- }
- str = pass;
- }
-
- if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
- for (;;) {
- char buf[200];
-
- BIO_snprintf(buf, sizeof buf, "enter %s %s password:",
- OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
- (enc) ? "encryption" : "decryption");
- strbuf[0] = '\0';
- i = EVP_read_pw_string((char *)strbuf, SIZE, buf, enc);
- if (i == 0) {
- if (strbuf[0] == '\0') {
- ret = 1;
- goto end;
- }
- str = strbuf;
- break;
- }
- if (i < 0) {
- BIO_printf(bio_err, "bad password read\n");
- goto end;
- }
- }
- }
-
- if (outf == NULL) {
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-#ifndef OPENSSL_NO_SETVBUF_IONBF
- if (bufsize != NULL)
- setvbuf(stdout, (char *)NULL, _IONBF, 0);
-#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- out = BIO_push(tmpbio, out);
- }
-#endif
- } else {
- if (BIO_write_filename(out, outf) <= 0) {
- perror(outf);
- goto end;
- }
- }
-
- rbio = in;
- wbio = out;
-
-#ifdef ZLIB
-
- if (do_zlib) {
- if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
- goto end;
- if (enc)
- wbio = BIO_push(bzl, wbio);
- else
- rbio = BIO_push(bzl, rbio);
- }
-#endif
-
- if (base64) {
- if ((b64 = BIO_new(BIO_f_base64())) == NULL)
- goto end;
- if (debug) {
- BIO_set_callback(b64, BIO_debug_callback);
- BIO_set_callback_arg(b64, (char *)bio_err);
- }
- if (olb64)
- BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
- if (enc)
- wbio = BIO_push(b64, wbio);
- else
- rbio = BIO_push(b64, rbio);
- }
-
- if (cipher != NULL) {
- /*
- * Note that str is NULL if a key was passed on the command line, so
- * we get no salt in that case. Is this a bug?
- */
- if (str != NULL) {
- /*
- * Salt handling: if encrypting generate a salt and write to
- * output BIO. If decrypting read salt from input BIO.
- */
- unsigned char *sptr;
- if (nosalt)
- sptr = NULL;
- else {
- if (enc) {
- if (hsalt) {
- if (!set_hex(hsalt, salt, sizeof salt)) {
- BIO_printf(bio_err, "invalid hex salt value\n");
- goto end;
- }
- } else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
- goto end;
- /*
- * If -P option then don't bother writing
- */
- if ((printkey != 2)
- && (BIO_write(wbio, magic,
- sizeof magic - 1) != sizeof magic - 1
- || BIO_write(wbio,
- (char *)salt,
- sizeof salt) != sizeof salt)) {
- BIO_printf(bio_err, "error writing output file\n");
- goto end;
- }
- } else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
- || BIO_read(rbio,
- (unsigned char *)salt,
- sizeof salt) != sizeof salt) {
- BIO_printf(bio_err, "error reading input file\n");
- goto end;
- } else if (memcmp(mbuf, magic, sizeof magic - 1)) {
- BIO_printf(bio_err, "bad magic number\n");
- goto end;
- }
-
- sptr = salt;
- }
-
- EVP_BytesToKey(cipher, dgst, sptr,
- (unsigned char *)str, strlen(str), 1, key, iv);
- /*
- * zero the complete buffer or the string passed from the command
- * line bug picked up by Larry J. Hughes Jr. <hughes at indiana.edu>
- */
- if (str == strbuf)
- OPENSSL_cleanse(str, SIZE);
- else
- OPENSSL_cleanse(str, strlen(str));
- }
- if (hiv != NULL) {
- int siz = EVP_CIPHER_iv_length(cipher);
- if (siz == 0) {
- BIO_printf(bio_err, "warning: iv not use by this cipher\n");
- } else if (!set_hex(hiv, iv, sizeof iv)) {
- BIO_printf(bio_err, "invalid hex iv value\n");
- goto end;
- }
- }
- if ((hiv == NULL) && (str == NULL)
- && EVP_CIPHER_iv_length(cipher) != 0) {
- /*
- * No IV was explicitly set and no IV was generated during
- * EVP_BytesToKey. Hence the IV is undefined, making correct
- * decryption impossible.
- */
- BIO_printf(bio_err, "iv undefined\n");
- goto end;
- }
- if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
- BIO_printf(bio_err, "invalid hex key value\n");
- goto end;
- }
-
- if ((benc = BIO_new(BIO_f_cipher())) == NULL)
- goto end;
-
- /*
- * Since we may be changing parameters work on the encryption context
- * rather than calling BIO_set_cipher().
- */
-
- BIO_get_cipher_ctx(benc, &ctx);
-
- if (non_fips_allow)
- EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_NON_FIPS_ALLOW);
-
- if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) {
- BIO_printf(bio_err, "Error setting cipher %s\n",
- EVP_CIPHER_name(cipher));
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (nopad)
- EVP_CIPHER_CTX_set_padding(ctx, 0);
-
- if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
- BIO_printf(bio_err, "Error setting cipher %s\n",
- EVP_CIPHER_name(cipher));
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (debug) {
- BIO_set_callback(benc, BIO_debug_callback);
- BIO_set_callback_arg(benc, (char *)bio_err);
- }
-
- if (printkey) {
- if (!nosalt) {
- printf("salt=");
- for (i = 0; i < (int)sizeof(salt); i++)
- printf("%02X", salt[i]);
- printf("\n");
- }
- if (cipher->key_len > 0) {
- printf("key=");
- for (i = 0; i < cipher->key_len; i++)
- printf("%02X", key[i]);
- printf("\n");
- }
- if (cipher->iv_len > 0) {
- printf("iv =");
- for (i = 0; i < cipher->iv_len; i++)
- printf("%02X", iv[i]);
- printf("\n");
- }
- if (printkey == 2) {
- ret = 0;
- goto end;
- }
- }
- }
-
- /* Only encrypt/decrypt as we write the file */
- if (benc != NULL)
- wbio = BIO_push(benc, wbio);
-
- for (;;) {
- inl = BIO_read(rbio, (char *)buff, bsize);
- if (inl <= 0)
- break;
- if (BIO_write(wbio, (char *)buff, inl) != inl) {
- BIO_printf(bio_err, "error writing output file\n");
- goto end;
- }
- }
- if (!BIO_flush(wbio)) {
- BIO_printf(bio_err, "bad decrypt\n");
- goto end;
- }
-
- ret = 0;
- if (verbose) {
- BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in));
- BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out));
- }
- end:
- ERR_print_errors(bio_err);
- if (strbuf != NULL)
- OPENSSL_free(strbuf);
- if (buff != NULL)
- OPENSSL_free(buff);
- if (in != NULL)
- BIO_free(in);
- if (out != NULL)
- BIO_free_all(out);
- if (benc != NULL)
- BIO_free(benc);
- if (b64 != NULL)
- BIO_free(b64);
-#ifdef ZLIB
- if (bzl != NULL)
- BIO_free(bzl);
-#endif
- if (pass)
- OPENSSL_free(pass);
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
-
-int set_hex(char *in, unsigned char *out, int size)
-{
- int i, n;
- unsigned char j;
-
- n = strlen(in);
- if (n > (size * 2)) {
- BIO_printf(bio_err, "hex string is too long\n");
- return (0);
- }
- memset(out, 0, size);
- for (i = 0; i < n; i++) {
- j = (unsigned char)*in;
- *(in++) = '\0';
- if (j == 0)
- break;
- if ((j >= '0') && (j <= '9'))
- j -= '0';
- else if ((j >= 'A') && (j <= 'F'))
- j = j - 'A' + 10;
- else if ((j >= 'a') && (j <= 'f'))
- j = j - 'a' + 10;
- else {
- BIO_printf(bio_err, "non-hex digit\n");
- return (0);
- }
- if (i & 1)
- out[i / 2] |= j;
- else
- out[i / 2] = (j << 4);
- }
- return (1);
-}
Copied: vendor-crypto/openssl/1.0.1u/apps/enc.c (from rev 11605, vendor-crypto/openssl/dist/apps/enc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/enc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,715 @@
+/* apps/enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#include <ctype.h>
+
+int set_hex(char *in, unsigned char *out, int size);
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE (512)
+#define BSIZE (8*1024)
+#define PROG enc_main
+
+static void show_ciphers(const OBJ_NAME *name, void *bio_)
+{
+ BIO *bio = bio_;
+ static int n;
+
+ if (!islower((unsigned char)*name->name))
+ return;
+
+ BIO_printf(bio, "-%-25s", name->name);
+ if (++n == 3) {
+ BIO_printf(bio, "\n");
+ n = 0;
+ } else
+ BIO_printf(bio, " ");
+}
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ static const char magic[] = "Salted__";
+ char mbuf[sizeof magic - 1];
+ char *strbuf = NULL;
+ unsigned char *buff = NULL, *bufsize = NULL;
+ int bsize = BSIZE, verbose = 0;
+ int ret = 1, inl;
+ int nopad = 0;
+ unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
+ unsigned char salt[PKCS5_SALT_LEN];
+ char *str = NULL, *passarg = NULL, *pass = NULL;
+ char *hkey = NULL, *hiv = NULL, *hsalt = NULL;
+ char *md = NULL;
+ int enc = 1, printkey = 0, i, base64 = 0;
+#ifdef ZLIB
+ int do_zlib = 0;
+ BIO *bzl = NULL;
+#endif
+ int debug = 0, olb64 = 0, nosalt = 0;
+ const EVP_CIPHER *cipher = NULL, *c;
+ EVP_CIPHER_CTX *ctx = NULL;
+ char *inf = NULL, *outf = NULL;
+ BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
+ NULL, *wbio = NULL;
+#define PROG_NAME_SIZE 39
+ char pname[PROG_NAME_SIZE + 1];
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
+ const EVP_MD *dgst = NULL;
+ int non_fips_allow = 0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ /* first check the program name */
+ program_name(argv[0], pname, sizeof pname);
+ if (strcmp(pname, "base64") == 0)
+ base64 = 1;
+#ifdef ZLIB
+ if (strcmp(pname, "zlib") == 0)
+ do_zlib = 1;
+#endif
+
+ cipher = EVP_get_cipherbyname(pname);
+#ifdef ZLIB
+ if (!do_zlib && !base64 && (cipher == NULL)
+ && (strcmp(pname, "enc") != 0))
+#else
+ if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0))
+#endif
+ {
+ BIO_printf(bio_err, "%s is an unknown cipher\n", pname);
+ goto bad;
+ }
+
+ argc--;
+ argv++;
+ while (argc >= 1) {
+ if (strcmp(*argv, "-e") == 0)
+ enc = 1;
+ else if (strcmp(*argv, "-in") == 0) {
+ if (--argc < 1)
+ goto bad;
+ inf = *(++argv);
+ } else if (strcmp(*argv, "-out") == 0) {
+ if (--argc < 1)
+ goto bad;
+ outf = *(++argv);
+ } else if (strcmp(*argv, "-pass") == 0) {
+ if (--argc < 1)
+ goto bad;
+ passarg = *(++argv);
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*argv, "-engine") == 0) {
+ if (--argc < 1)
+ goto bad;
+ engine = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-d") == 0)
+ enc = 0;
+ else if (strcmp(*argv, "-p") == 0)
+ printkey = 1;
+ else if (strcmp(*argv, "-v") == 0)
+ verbose = 1;
+ else if (strcmp(*argv, "-nopad") == 0)
+ nopad = 1;
+ else if (strcmp(*argv, "-salt") == 0)
+ nosalt = 0;
+ else if (strcmp(*argv, "-nosalt") == 0)
+ nosalt = 1;
+ else if (strcmp(*argv, "-debug") == 0)
+ debug = 1;
+ else if (strcmp(*argv, "-P") == 0)
+ printkey = 2;
+ else if (strcmp(*argv, "-A") == 0)
+ olb64 = 1;
+ else if (strcmp(*argv, "-a") == 0)
+ base64 = 1;
+ else if (strcmp(*argv, "-base64") == 0)
+ base64 = 1;
+#ifdef ZLIB
+ else if (strcmp(*argv, "-z") == 0)
+ do_zlib = 1;
+#endif
+ else if (strcmp(*argv, "-bufsize") == 0) {
+ if (--argc < 1)
+ goto bad;
+ bufsize = (unsigned char *)*(++argv);
+ } else if (strcmp(*argv, "-k") == 0) {
+ if (--argc < 1)
+ goto bad;
+ str = *(++argv);
+ } else if (strcmp(*argv, "-kfile") == 0) {
+ static char buf[128];
+ FILE *infile;
+ char *file;
+
+ if (--argc < 1)
+ goto bad;
+ file = *(++argv);
+ infile = fopen(file, "r");
+ if (infile == NULL) {
+ BIO_printf(bio_err, "unable to read key from '%s'\n", file);
+ goto bad;
+ }
+ buf[0] = '\0';
+ if (!fgets(buf, sizeof buf, infile)) {
+ BIO_printf(bio_err, "unable to read key from '%s'\n", file);
+ goto bad;
+ }
+ fclose(infile);
+ i = strlen(buf);
+ if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
+ buf[--i] = '\0';
+ if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
+ buf[--i] = '\0';
+ if (i < 1) {
+ BIO_printf(bio_err, "zero length password\n");
+ goto bad;
+ }
+ str = buf;
+ } else if (strcmp(*argv, "-K") == 0) {
+ if (--argc < 1)
+ goto bad;
+ hkey = *(++argv);
+ } else if (strcmp(*argv, "-S") == 0) {
+ if (--argc < 1)
+ goto bad;
+ hsalt = *(++argv);
+ } else if (strcmp(*argv, "-iv") == 0) {
+ if (--argc < 1)
+ goto bad;
+ hiv = *(++argv);
+ } else if (strcmp(*argv, "-md") == 0) {
+ if (--argc < 1)
+ goto bad;
+ md = *(++argv);
+ } else if (strcmp(*argv, "-non-fips-allow") == 0)
+ non_fips_allow = 1;
+ else if ((argv[0][0] == '-') &&
+ ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) {
+ cipher = c;
+ } else if (strcmp(*argv, "-none") == 0)
+ cipher = NULL;
+ else {
+ BIO_printf(bio_err, "unknown option '%s'\n", *argv);
+ bad:
+ BIO_printf(bio_err, "options are\n");
+ BIO_printf(bio_err, "%-14s input file\n", "-in <file>");
+ BIO_printf(bio_err, "%-14s output file\n", "-out <file>");
+ BIO_printf(bio_err, "%-14s pass phrase source\n", "-pass <arg>");
+ BIO_printf(bio_err, "%-14s encrypt\n", "-e");
+ BIO_printf(bio_err, "%-14s decrypt\n", "-d");
+ BIO_printf(bio_err,
+ "%-14s base64 encode/decode, depending on encryption flag\n",
+ "-a/-base64");
+ BIO_printf(bio_err, "%-14s passphrase is the next argument\n",
+ "-k");
+ BIO_printf(bio_err,
+ "%-14s passphrase is the first line of the file argument\n",
+ "-kfile");
+ BIO_printf(bio_err,
+ "%-14s the next argument is the md to use to create a key\n",
+ "-md");
+ BIO_printf(bio_err,
+ "%-14s from a passphrase. One of md2, md5, sha or sha1\n",
+ "");
+ BIO_printf(bio_err, "%-14s salt in hex is the next argument\n",
+ "-S");
+ BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n",
+ "-K/-iv");
+ BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n",
+ "-[pP]");
+ BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
+ BIO_printf(bio_err, "%-14s disable standard block padding\n",
+ "-nopad");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "%-14s use engine e, possibly a hardware device.\n",
+ "-engine e");
+#endif
+
+ BIO_printf(bio_err, "Cipher Types\n");
+ OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
+ show_ciphers, bio_err);
+ BIO_printf(bio_err, "\n");
+
+ goto end;
+ }
+ argc--;
+ argv++;
+ }
+
+#ifndef OPENSSL_NO_ENGINE
+ setup_engine(bio_err, engine, 0);
+#endif
+
+ if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+ BIO_printf(bio_err,
+ "AEAD ciphers not supported by the enc utility\n");
+ goto end;
+ }
+
+ if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) {
+ BIO_printf(bio_err,
+ "Ciphers in XTS mode are not supported by the enc utility\n");
+ goto end;
+ }
+
+ if (md && (dgst = EVP_get_digestbyname(md)) == NULL) {
+ BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
+ goto end;
+ }
+
+ if (dgst == NULL) {
+ dgst = EVP_md5();
+ }
+
+ if (bufsize != NULL) {
+ unsigned long n;
+
+ for (n = 0; *bufsize; bufsize++) {
+ i = *bufsize;
+ if ((i <= '9') && (i >= '0'))
+ n = n * 10 + i - '0';
+ else if (i == 'k') {
+ n *= 1024;
+ bufsize++;
+ break;
+ }
+ }
+ if (*bufsize != '\0') {
+ BIO_printf(bio_err, "invalid 'bufsize' specified.\n");
+ goto end;
+ }
+
+ /* It must be large enough for a base64 encoded line */
+ if (base64 && n < 80)
+ n = 80;
+
+ bsize = (int)n;
+ if (verbose)
+ BIO_printf(bio_err, "bufsize=%d\n", bsize);
+ }
+
+ strbuf = OPENSSL_malloc(SIZE);
+ buff = (unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
+ if ((buff == NULL) || (strbuf == NULL)) {
+ BIO_printf(bio_err, "OPENSSL_malloc failure %ld\n",
+ (long)EVP_ENCODE_LENGTH(bsize));
+ goto end;
+ }
+
+ in = BIO_new(BIO_s_file());
+ out = BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (debug) {
+ BIO_set_callback(in, BIO_debug_callback);
+ BIO_set_callback(out, BIO_debug_callback);
+ BIO_set_callback_arg(in, (char *)bio_err);
+ BIO_set_callback_arg(out, (char *)bio_err);
+ }
+
+ if (inf == NULL) {
+#ifndef OPENSSL_NO_SETVBUF_IONBF
+ if (bufsize != NULL)
+ setvbuf(stdin, (char *)NULL, _IONBF, 0);
+#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+ BIO_set_fp(in, stdin, BIO_NOCLOSE);
+ } else {
+ if (BIO_read_filename(in, inf) <= 0) {
+ perror(inf);
+ goto end;
+ }
+ }
+
+ if (!str && passarg) {
+ if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+ str = pass;
+ }
+
+ if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
+ for (;;) {
+ char buf[200];
+
+ BIO_snprintf(buf, sizeof buf, "enter %s %s password:",
+ OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+ (enc) ? "encryption" : "decryption");
+ strbuf[0] = '\0';
+ i = EVP_read_pw_string((char *)strbuf, SIZE, buf, enc);
+ if (i == 0) {
+ if (strbuf[0] == '\0') {
+ ret = 1;
+ goto end;
+ }
+ str = strbuf;
+ break;
+ }
+ if (i < 0) {
+ BIO_printf(bio_err, "bad password read\n");
+ goto end;
+ }
+ }
+ }
+
+ if (outf == NULL) {
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifndef OPENSSL_NO_SETVBUF_IONBF
+ if (bufsize != NULL)
+ setvbuf(stdout, (char *)NULL, _IONBF, 0);
+#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ } else {
+ if (BIO_write_filename(out, outf) <= 0) {
+ perror(outf);
+ goto end;
+ }
+ }
+
+ rbio = in;
+ wbio = out;
+
+#ifdef ZLIB
+
+ if (do_zlib) {
+ if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
+ goto end;
+ if (enc)
+ wbio = BIO_push(bzl, wbio);
+ else
+ rbio = BIO_push(bzl, rbio);
+ }
+#endif
+
+ if (base64) {
+ if ((b64 = BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ if (debug) {
+ BIO_set_callback(b64, BIO_debug_callback);
+ BIO_set_callback_arg(b64, (char *)bio_err);
+ }
+ if (olb64)
+ BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
+ if (enc)
+ wbio = BIO_push(b64, wbio);
+ else
+ rbio = BIO_push(b64, rbio);
+ }
+
+ if (cipher != NULL) {
+ /*
+ * Note that str is NULL if a key was passed on the command line, so
+ * we get no salt in that case. Is this a bug?
+ */
+ if (str != NULL) {
+ /*
+ * Salt handling: if encrypting generate a salt and write to
+ * output BIO. If decrypting read salt from input BIO.
+ */
+ unsigned char *sptr;
+ if (nosalt)
+ sptr = NULL;
+ else {
+ if (enc) {
+ if (hsalt) {
+ if (!set_hex(hsalt, salt, sizeof salt)) {
+ BIO_printf(bio_err, "invalid hex salt value\n");
+ goto end;
+ }
+ } else if (RAND_bytes(salt, sizeof salt) <= 0)
+ goto end;
+ /*
+ * If -P option then don't bother writing
+ */
+ if ((printkey != 2)
+ && (BIO_write(wbio, magic,
+ sizeof magic - 1) != sizeof magic - 1
+ || BIO_write(wbio,
+ (char *)salt,
+ sizeof salt) != sizeof salt)) {
+ BIO_printf(bio_err, "error writing output file\n");
+ goto end;
+ }
+ } else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
+ || BIO_read(rbio,
+ (unsigned char *)salt,
+ sizeof salt) != sizeof salt) {
+ BIO_printf(bio_err, "error reading input file\n");
+ goto end;
+ } else if (memcmp(mbuf, magic, sizeof magic - 1)) {
+ BIO_printf(bio_err, "bad magic number\n");
+ goto end;
+ }
+
+ sptr = salt;
+ }
+
+ EVP_BytesToKey(cipher, dgst, sptr,
+ (unsigned char *)str, strlen(str), 1, key, iv);
+ /*
+ * zero the complete buffer or the string passed from the command
+ * line bug picked up by Larry J. Hughes Jr. <hughes at indiana.edu>
+ */
+ if (str == strbuf)
+ OPENSSL_cleanse(str, SIZE);
+ else
+ OPENSSL_cleanse(str, strlen(str));
+ }
+ if (hiv != NULL) {
+ int siz = EVP_CIPHER_iv_length(cipher);
+ if (siz == 0) {
+ BIO_printf(bio_err, "warning: iv not use by this cipher\n");
+ } else if (!set_hex(hiv, iv, sizeof iv)) {
+ BIO_printf(bio_err, "invalid hex iv value\n");
+ goto end;
+ }
+ }
+ if ((hiv == NULL) && (str == NULL)
+ && EVP_CIPHER_iv_length(cipher) != 0) {
+ /*
+ * No IV was explicitly set and no IV was generated during
+ * EVP_BytesToKey. Hence the IV is undefined, making correct
+ * decryption impossible.
+ */
+ BIO_printf(bio_err, "iv undefined\n");
+ goto end;
+ }
+ if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
+ BIO_printf(bio_err, "invalid hex key value\n");
+ goto end;
+ }
+
+ if ((benc = BIO_new(BIO_f_cipher())) == NULL)
+ goto end;
+
+ /*
+ * Since we may be changing parameters work on the encryption context
+ * rather than calling BIO_set_cipher().
+ */
+
+ BIO_get_cipher_ctx(benc, &ctx);
+
+ if (non_fips_allow)
+ EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_NON_FIPS_ALLOW);
+
+ if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) {
+ BIO_printf(bio_err, "Error setting cipher %s\n",
+ EVP_CIPHER_name(cipher));
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (nopad)
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
+ BIO_printf(bio_err, "Error setting cipher %s\n",
+ EVP_CIPHER_name(cipher));
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (debug) {
+ BIO_set_callback(benc, BIO_debug_callback);
+ BIO_set_callback_arg(benc, (char *)bio_err);
+ }
+
+ if (printkey) {
+ if (!nosalt) {
+ printf("salt=");
+ for (i = 0; i < (int)sizeof(salt); i++)
+ printf("%02X", salt[i]);
+ printf("\n");
+ }
+ if (cipher->key_len > 0) {
+ printf("key=");
+ for (i = 0; i < cipher->key_len; i++)
+ printf("%02X", key[i]);
+ printf("\n");
+ }
+ if (cipher->iv_len > 0) {
+ printf("iv =");
+ for (i = 0; i < cipher->iv_len; i++)
+ printf("%02X", iv[i]);
+ printf("\n");
+ }
+ if (printkey == 2) {
+ ret = 0;
+ goto end;
+ }
+ }
+ }
+
+ /* Only encrypt/decrypt as we write the file */
+ if (benc != NULL)
+ wbio = BIO_push(benc, wbio);
+
+ for (;;) {
+ inl = BIO_read(rbio, (char *)buff, bsize);
+ if (inl <= 0)
+ break;
+ if (BIO_write(wbio, (char *)buff, inl) != inl) {
+ BIO_printf(bio_err, "error writing output file\n");
+ goto end;
+ }
+ }
+ if (!BIO_flush(wbio)) {
+ BIO_printf(bio_err, "bad decrypt\n");
+ goto end;
+ }
+
+ ret = 0;
+ if (verbose) {
+ BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in));
+ BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out));
+ }
+ end:
+ ERR_print_errors(bio_err);
+ if (strbuf != NULL)
+ OPENSSL_free(strbuf);
+ if (buff != NULL)
+ OPENSSL_free(buff);
+ if (in != NULL)
+ BIO_free(in);
+ if (out != NULL)
+ BIO_free_all(out);
+ if (benc != NULL)
+ BIO_free(benc);
+ if (b64 != NULL)
+ BIO_free(b64);
+#ifdef ZLIB
+ if (bzl != NULL)
+ BIO_free(bzl);
+#endif
+ if (pass)
+ OPENSSL_free(pass);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+
+int set_hex(char *in, unsigned char *out, int size)
+{
+ int i, n;
+ unsigned char j;
+
+ n = strlen(in);
+ if (n > (size * 2)) {
+ BIO_printf(bio_err, "hex string is too long\n");
+ return (0);
+ }
+ memset(out, 0, size);
+ for (i = 0; i < n; i++) {
+ j = (unsigned char)*in;
+ *(in++) = '\0';
+ if (j == 0)
+ break;
+ if ((j >= '0') && (j <= '9'))
+ j -= '0';
+ else if ((j >= 'A') && (j <= 'F'))
+ j = j - 'A' + 10;
+ else if ((j >= 'a') && (j <= 'f'))
+ j = j - 'a' + 10;
+ else {
+ BIO_printf(bio_err, "non-hex digit\n");
+ return (0);
+ }
+ if (i & 1)
+ out[i / 2] |= j;
+ else
+ out[i / 2] = (j << 4);
+ }
+ return (1);
+}
Deleted: vendor-crypto/openssl/1.0.1u/apps/engine.c
===================================================================
--- vendor-crypto/openssl/dist/apps/engine.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/engine.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,512 +0,0 @@
-/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-# define APPS_WIN16
-#endif
-#include "apps.h"
-#include <openssl/err.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-# include <openssl/ssl.h>
-
-# undef PROG
-# define PROG engine_main
-
-static const char *engine_usage[] = {
- "usage: engine opts [engine ...]\n",
- " -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
- " -vv will additionally display each command's description\n",
- " -vvv will also add the input flags for each command\n",
- " -vvvv will also show internal input flags\n",
- " -c - for each engine, also list the capabilities\n",
- " -t[t] - for each engine, check that they are really available\n",
- " -tt will display error trace for unavailable engines\n",
- " -pre <cmd> - runs command 'cmd' against the ENGINE before any attempts\n",
- " to load it (if -t is used)\n",
- " -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
- " (only used if -t is also provided)\n",
- " NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
- " line, or all supported ENGINEs if none are specified.\n",
- " Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
- " argument \"/lib/libdriver.so\".\n",
- NULL
-};
-
-static void identity(char *ptr)
-{
- return;
-}
-
-static int append_buf(char **buf, const char *s, int *size, int step)
-{
- if (*buf == NULL) {
- *size = step;
- *buf = OPENSSL_malloc(*size);
- if (*buf == NULL)
- return 0;
- **buf = '\0';
- }
-
- if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
- *size += step;
- *buf = OPENSSL_realloc(*buf, *size);
- }
-
- if (*buf == NULL)
- return 0;
-
- if (**buf != '\0')
- BUF_strlcat(*buf, ", ", *size);
- BUF_strlcat(*buf, s, *size);
-
- return 1;
-}
-
-static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
-{
- int started = 0, err = 0;
- /* Indent before displaying input flags */
- BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
- if (flags == 0) {
- BIO_printf(bio_out, "<no flags>\n");
- return 1;
- }
- /*
- * If the object is internal, mark it in a way that shows instead of
- * having it part of all the other flags, even if it really is.
- */
- if (flags & ENGINE_CMD_FLAG_INTERNAL) {
- BIO_printf(bio_out, "[Internal] ");
- }
-
- if (flags & ENGINE_CMD_FLAG_NUMERIC) {
- BIO_printf(bio_out, "NUMERIC");
- started = 1;
- }
- /*
- * Now we check that no combinations of the mutually exclusive NUMERIC,
- * STRING, and NO_INPUT flags have been used. Future flags that can be
- * OR'd together with these would need to added after these to preserve
- * the testing logic.
- */
- if (flags & ENGINE_CMD_FLAG_STRING) {
- if (started) {
- BIO_printf(bio_out, "|");
- err = 1;
- }
- BIO_printf(bio_out, "STRING");
- started = 1;
- }
- if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
- if (started) {
- BIO_printf(bio_out, "|");
- err = 1;
- }
- BIO_printf(bio_out, "NO_INPUT");
- started = 1;
- }
- /* Check for unknown flags */
- flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
- ~ENGINE_CMD_FLAG_STRING &
- ~ENGINE_CMD_FLAG_NO_INPUT & ~ENGINE_CMD_FLAG_INTERNAL;
- if (flags) {
- if (started)
- BIO_printf(bio_out, "|");
- BIO_printf(bio_out, "<0x%04X>", flags);
- }
- if (err)
- BIO_printf(bio_out, " <illegal flags!>");
- BIO_printf(bio_out, "\n");
- return 1;
-}
-
-static int util_verbose(ENGINE *e, int verbose, BIO *bio_out,
- const char *indent)
-{
- static const int line_wrap = 78;
- int num;
- int ret = 0;
- char *name = NULL;
- char *desc = NULL;
- int flags;
- int xpos = 0;
- STACK_OF(OPENSSL_STRING) *cmds = NULL;
- if (!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
- ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
- 0, NULL, NULL)) <= 0)) {
-# if 0
- BIO_printf(bio_out, "%s<no control commands>\n", indent);
-# endif
- return 1;
- }
-
- cmds = sk_OPENSSL_STRING_new_null();
-
- if (!cmds)
- goto err;
- do {
- int len;
- /* Get the command input flags */
- if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
- NULL, NULL)) < 0)
- goto err;
- if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4) {
- /* Get the command name */
- if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
- NULL, NULL)) <= 0)
- goto err;
- if ((name = OPENSSL_malloc(len + 1)) == NULL)
- goto err;
- if (ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
- NULL) <= 0)
- goto err;
- /* Get the command description */
- if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
- NULL, NULL)) < 0)
- goto err;
- if (len > 0) {
- if ((desc = OPENSSL_malloc(len + 1)) == NULL)
- goto err;
- if (ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
- NULL) <= 0)
- goto err;
- }
- /* Now decide on the output */
- if (xpos == 0)
- /* Do an indent */
- xpos = BIO_puts(bio_out, indent);
- else
- /* Otherwise prepend a ", " */
- xpos += BIO_printf(bio_out, ", ");
- if (verbose == 1) {
- /*
- * We're just listing names, comma-delimited
- */
- if ((xpos > (int)strlen(indent)) &&
- (xpos + (int)strlen(name) > line_wrap)) {
- BIO_printf(bio_out, "\n");
- xpos = BIO_puts(bio_out, indent);
- }
- xpos += BIO_printf(bio_out, "%s", name);
- } else {
- /* We're listing names plus descriptions */
- BIO_printf(bio_out, "%s: %s\n", name,
- (desc == NULL) ? "<no description>" : desc);
- /* ... and sometimes input flags */
- if ((verbose >= 3) && !util_flags(bio_out, flags, indent))
- goto err;
- xpos = 0;
- }
- }
- OPENSSL_free(name);
- name = NULL;
- if (desc) {
- OPENSSL_free(desc);
- desc = NULL;
- }
- /* Move to the next command */
- num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE, num, NULL, NULL);
- } while (num > 0);
- if (xpos > 0)
- BIO_printf(bio_out, "\n");
- ret = 1;
- err:
- if (cmds)
- sk_OPENSSL_STRING_pop_free(cmds, identity);
- if (name)
- OPENSSL_free(name);
- if (desc)
- OPENSSL_free(desc);
- return ret;
-}
-
-static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
- BIO *bio_out, const char *indent)
-{
- int loop, res, num = sk_OPENSSL_STRING_num(cmds);
-
- if (num < 0) {
- BIO_printf(bio_out, "[Error]: internal stack error\n");
- return;
- }
- for (loop = 0; loop < num; loop++) {
- char buf[256];
- const char *cmd, *arg;
- cmd = sk_OPENSSL_STRING_value(cmds, loop);
- res = 1; /* assume success */
- /* Check if this command has no ":arg" */
- if ((arg = strstr(cmd, ":")) == NULL) {
- if (!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
- res = 0;
- } else {
- if ((int)(arg - cmd) > 254) {
- BIO_printf(bio_out, "[Error]: command name too long\n");
- return;
- }
- memcpy(buf, cmd, (int)(arg - cmd));
- buf[arg - cmd] = '\0';
- arg++; /* Move past the ":" */
- /* Call the command with the argument */
- if (!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
- res = 0;
- }
- if (res)
- BIO_printf(bio_out, "[Success]: %s\n", cmd);
- else {
- BIO_printf(bio_out, "[Failure]: %s\n", cmd);
- ERR_print_errors(bio_out);
- }
- }
-}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- int ret = 1, i;
- const char **pp;
- int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
- ENGINE *e;
- STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
- STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
- STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
- int badops = 1;
- BIO *bio_out = NULL;
- const char *indent = " ";
-
- apps_startup();
- SSL_load_error_strings();
-
- if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- if (!load_config(bio_err, NULL))
- goto end;
- bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
-# ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- bio_out = BIO_push(tmpbio, bio_out);
- }
-# endif
-
- argc--;
- argv++;
- while (argc >= 1) {
- if (strncmp(*argv, "-v", 2) == 0) {
- if (strspn(*argv + 1, "v") < strlen(*argv + 1))
- goto skip_arg_loop;
- if ((verbose = strlen(*argv + 1)) > 4)
- goto skip_arg_loop;
- } else if (strcmp(*argv, "-c") == 0)
- list_cap = 1;
- else if (strncmp(*argv, "-t", 2) == 0) {
- test_avail = 1;
- if (strspn(*argv + 1, "t") < strlen(*argv + 1))
- goto skip_arg_loop;
- if ((test_avail_noise = strlen(*argv + 1) - 1) > 1)
- goto skip_arg_loop;
- } else if (strcmp(*argv, "-pre") == 0) {
- argc--;
- argv++;
- if (argc == 0)
- goto skip_arg_loop;
- sk_OPENSSL_STRING_push(pre_cmds, *argv);
- } else if (strcmp(*argv, "-post") == 0) {
- argc--;
- argv++;
- if (argc == 0)
- goto skip_arg_loop;
- sk_OPENSSL_STRING_push(post_cmds, *argv);
- } else if ((strncmp(*argv, "-h", 2) == 0) ||
- (strcmp(*argv, "-?") == 0))
- goto skip_arg_loop;
- else
- sk_OPENSSL_STRING_push(engines, *argv);
- argc--;
- argv++;
- }
- /* Looks like everything went OK */
- badops = 0;
- skip_arg_loop:
-
- if (badops) {
- for (pp = engine_usage; (*pp != NULL); pp++)
- BIO_printf(bio_err, "%s", *pp);
- goto end;
- }
-
- if (sk_OPENSSL_STRING_num(engines) == 0) {
- for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
- sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
- }
- }
-
- for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
- const char *id = sk_OPENSSL_STRING_value(engines, i);
- if ((e = ENGINE_by_id(id)) != NULL) {
- const char *name = ENGINE_get_name(e);
- /*
- * Do "id" first, then "name". Easier to auto-parse.
- */
- BIO_printf(bio_out, "(%s) %s\n", id, name);
- util_do_cmds(e, pre_cmds, bio_out, indent);
- if (strcmp(ENGINE_get_id(e), id) != 0) {
- BIO_printf(bio_out, "Loaded: (%s) %s\n",
- ENGINE_get_id(e), ENGINE_get_name(e));
- }
- if (list_cap) {
- int cap_size = 256;
- char *cap_buf = NULL;
- int k, n;
- const int *nids;
- ENGINE_CIPHERS_PTR fn_c;
- ENGINE_DIGESTS_PTR fn_d;
- ENGINE_PKEY_METHS_PTR fn_pk;
-
- if (ENGINE_get_RSA(e) != NULL
- && !append_buf(&cap_buf, "RSA", &cap_size, 256))
- goto end;
- if (ENGINE_get_DSA(e) != NULL
- && !append_buf(&cap_buf, "DSA", &cap_size, 256))
- goto end;
- if (ENGINE_get_DH(e) != NULL
- && !append_buf(&cap_buf, "DH", &cap_size, 256))
- goto end;
- if (ENGINE_get_RAND(e) != NULL
- && !append_buf(&cap_buf, "RAND", &cap_size, 256))
- goto end;
-
- fn_c = ENGINE_get_ciphers(e);
- if (!fn_c)
- goto skip_ciphers;
- n = fn_c(e, NULL, &nids, 0);
- for (k = 0; k < n; ++k)
- if (!append_buf(&cap_buf,
- OBJ_nid2sn(nids[k]), &cap_size, 256))
- goto end;
-
- skip_ciphers:
- fn_d = ENGINE_get_digests(e);
- if (!fn_d)
- goto skip_digests;
- n = fn_d(e, NULL, &nids, 0);
- for (k = 0; k < n; ++k)
- if (!append_buf(&cap_buf,
- OBJ_nid2sn(nids[k]), &cap_size, 256))
- goto end;
-
- skip_digests:
- fn_pk = ENGINE_get_pkey_meths(e);
- if (!fn_pk)
- goto skip_pmeths;
- n = fn_pk(e, NULL, &nids, 0);
- for (k = 0; k < n; ++k)
- if (!append_buf(&cap_buf,
- OBJ_nid2sn(nids[k]), &cap_size, 256))
- goto end;
- skip_pmeths:
- if (cap_buf && (*cap_buf != '\0'))
- BIO_printf(bio_out, " [%s]\n", cap_buf);
-
- OPENSSL_free(cap_buf);
- }
- if (test_avail) {
- BIO_printf(bio_out, "%s", indent);
- if (ENGINE_init(e)) {
- BIO_printf(bio_out, "[ available ]\n");
- util_do_cmds(e, post_cmds, bio_out, indent);
- ENGINE_finish(e);
- } else {
- BIO_printf(bio_out, "[ unavailable ]\n");
- if (test_avail_noise)
- ERR_print_errors_fp(stdout);
- ERR_clear_error();
- }
- }
- if ((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
- goto end;
- ENGINE_free(e);
- } else
- ERR_print_errors(bio_err);
- }
-
- ret = 0;
- end:
-
- ERR_print_errors(bio_err);
- sk_OPENSSL_STRING_pop_free(engines, identity);
- sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
- sk_OPENSSL_STRING_pop_free(post_cmds, identity);
- if (bio_out != NULL)
- BIO_free_all(bio_out);
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
-#else
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/apps/engine.c (from rev 11605, vendor-crypto/openssl/dist/apps/engine.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/engine.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/engine.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,512 @@
+/* apps/engine.c */
+/*
+ * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include "apps.h"
+#include <openssl/err.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+# include <openssl/ssl.h>
+
+# undef PROG
+# define PROG engine_main
+
+static const char *engine_usage[] = {
+ "usage: engine opts [engine ...]\n",
+ " -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
+ " -vv will additionally display each command's description\n",
+ " -vvv will also add the input flags for each command\n",
+ " -vvvv will also show internal input flags\n",
+ " -c - for each engine, also list the capabilities\n",
+ " -t[t] - for each engine, check that they are really available\n",
+ " -tt will display error trace for unavailable engines\n",
+ " -pre <cmd> - runs command 'cmd' against the ENGINE before any attempts\n",
+ " to load it (if -t is used)\n",
+ " -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
+ " (only used if -t is also provided)\n",
+ " NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
+ " line, or all supported ENGINEs if none are specified.\n",
+ " Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
+ " argument \"/lib/libdriver.so\".\n",
+ NULL
+};
+
+static void identity(char *ptr)
+{
+ return;
+}
+
+static int append_buf(char **buf, const char *s, int *size, int step)
+{
+ if (*buf == NULL) {
+ *size = step;
+ *buf = OPENSSL_malloc(*size);
+ if (*buf == NULL)
+ return 0;
+ **buf = '\0';
+ }
+
+ if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+ *size += step;
+ *buf = OPENSSL_realloc(*buf, *size);
+ }
+
+ if (*buf == NULL)
+ return 0;
+
+ if (**buf != '\0')
+ BUF_strlcat(*buf, ", ", *size);
+ BUF_strlcat(*buf, s, *size);
+
+ return 1;
+}
+
+static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
+{
+ int started = 0, err = 0;
+ /* Indent before displaying input flags */
+ BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
+ if (flags == 0) {
+ BIO_printf(bio_out, "<no flags>\n");
+ return 1;
+ }
+ /*
+ * If the object is internal, mark it in a way that shows instead of
+ * having it part of all the other flags, even if it really is.
+ */
+ if (flags & ENGINE_CMD_FLAG_INTERNAL) {
+ BIO_printf(bio_out, "[Internal] ");
+ }
+
+ if (flags & ENGINE_CMD_FLAG_NUMERIC) {
+ BIO_printf(bio_out, "NUMERIC");
+ started = 1;
+ }
+ /*
+ * Now we check that no combinations of the mutually exclusive NUMERIC,
+ * STRING, and NO_INPUT flags have been used. Future flags that can be
+ * OR'd together with these would need to added after these to preserve
+ * the testing logic.
+ */
+ if (flags & ENGINE_CMD_FLAG_STRING) {
+ if (started) {
+ BIO_printf(bio_out, "|");
+ err = 1;
+ }
+ BIO_printf(bio_out, "STRING");
+ started = 1;
+ }
+ if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
+ if (started) {
+ BIO_printf(bio_out, "|");
+ err = 1;
+ }
+ BIO_printf(bio_out, "NO_INPUT");
+ started = 1;
+ }
+ /* Check for unknown flags */
+ flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
+ ~ENGINE_CMD_FLAG_STRING &
+ ~ENGINE_CMD_FLAG_NO_INPUT & ~ENGINE_CMD_FLAG_INTERNAL;
+ if (flags) {
+ if (started)
+ BIO_printf(bio_out, "|");
+ BIO_printf(bio_out, "<0x%04X>", flags);
+ }
+ if (err)
+ BIO_printf(bio_out, " <illegal flags!>");
+ BIO_printf(bio_out, "\n");
+ return 1;
+}
+
+static int util_verbose(ENGINE *e, int verbose, BIO *bio_out,
+ const char *indent)
+{
+ static const int line_wrap = 78;
+ int num;
+ int ret = 0;
+ char *name = NULL;
+ char *desc = NULL;
+ int flags;
+ int xpos = 0;
+ STACK_OF(OPENSSL_STRING) *cmds = NULL;
+ if (!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
+ ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
+ 0, NULL, NULL)) <= 0)) {
+# if 0
+ BIO_printf(bio_out, "%s<no control commands>\n", indent);
+# endif
+ return 1;
+ }
+
+ cmds = sk_OPENSSL_STRING_new_null();
+
+ if (!cmds)
+ goto err;
+ do {
+ int len;
+ /* Get the command input flags */
+ if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
+ NULL, NULL)) < 0)
+ goto err;
+ if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4) {
+ /* Get the command name */
+ if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
+ NULL, NULL)) <= 0)
+ goto err;
+ if ((name = OPENSSL_malloc(len + 1)) == NULL)
+ goto err;
+ if (ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
+ NULL) <= 0)
+ goto err;
+ /* Get the command description */
+ if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
+ NULL, NULL)) < 0)
+ goto err;
+ if (len > 0) {
+ if ((desc = OPENSSL_malloc(len + 1)) == NULL)
+ goto err;
+ if (ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
+ NULL) <= 0)
+ goto err;
+ }
+ /* Now decide on the output */
+ if (xpos == 0)
+ /* Do an indent */
+ xpos = BIO_puts(bio_out, indent);
+ else
+ /* Otherwise prepend a ", " */
+ xpos += BIO_printf(bio_out, ", ");
+ if (verbose == 1) {
+ /*
+ * We're just listing names, comma-delimited
+ */
+ if ((xpos > (int)strlen(indent)) &&
+ (xpos + (int)strlen(name) > line_wrap)) {
+ BIO_printf(bio_out, "\n");
+ xpos = BIO_puts(bio_out, indent);
+ }
+ xpos += BIO_printf(bio_out, "%s", name);
+ } else {
+ /* We're listing names plus descriptions */
+ BIO_printf(bio_out, "%s: %s\n", name,
+ (desc == NULL) ? "<no description>" : desc);
+ /* ... and sometimes input flags */
+ if ((verbose >= 3) && !util_flags(bio_out, flags, indent))
+ goto err;
+ xpos = 0;
+ }
+ }
+ OPENSSL_free(name);
+ name = NULL;
+ if (desc) {
+ OPENSSL_free(desc);
+ desc = NULL;
+ }
+ /* Move to the next command */
+ num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE, num, NULL, NULL);
+ } while (num > 0);
+ if (xpos > 0)
+ BIO_printf(bio_out, "\n");
+ ret = 1;
+ err:
+ if (cmds)
+ sk_OPENSSL_STRING_pop_free(cmds, identity);
+ if (name)
+ OPENSSL_free(name);
+ if (desc)
+ OPENSSL_free(desc);
+ return ret;
+}
+
+static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
+ BIO *bio_out, const char *indent)
+{
+ int loop, res, num = sk_OPENSSL_STRING_num(cmds);
+
+ if (num < 0) {
+ BIO_printf(bio_out, "[Error]: internal stack error\n");
+ return;
+ }
+ for (loop = 0; loop < num; loop++) {
+ char buf[256];
+ const char *cmd, *arg;
+ cmd = sk_OPENSSL_STRING_value(cmds, loop);
+ res = 1; /* assume success */
+ /* Check if this command has no ":arg" */
+ if ((arg = strstr(cmd, ":")) == NULL) {
+ if (!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
+ res = 0;
+ } else {
+ if ((int)(arg - cmd) > 254) {
+ BIO_printf(bio_out, "[Error]: command name too long\n");
+ return;
+ }
+ memcpy(buf, cmd, (int)(arg - cmd));
+ buf[arg - cmd] = '\0';
+ arg++; /* Move past the ":" */
+ /* Call the command with the argument */
+ if (!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
+ res = 0;
+ }
+ if (res)
+ BIO_printf(bio_out, "[Success]: %s\n", cmd);
+ else {
+ BIO_printf(bio_out, "[Failure]: %s\n", cmd);
+ ERR_print_errors(bio_out);
+ }
+ }
+}
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ int ret = 1, i;
+ const char **pp;
+ int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
+ ENGINE *e;
+ STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
+ STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
+ STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
+ int badops = 1;
+ BIO *bio_out = NULL;
+ const char *indent = " ";
+
+ apps_startup();
+ SSL_load_error_strings();
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ bio_out = BIO_push(tmpbio, bio_out);
+ }
+# endif
+
+ argc--;
+ argv++;
+ while (argc >= 1) {
+ if (strncmp(*argv, "-v", 2) == 0) {
+ if (strspn(*argv + 1, "v") < strlen(*argv + 1))
+ goto skip_arg_loop;
+ if ((verbose = strlen(*argv + 1)) > 4)
+ goto skip_arg_loop;
+ } else if (strcmp(*argv, "-c") == 0)
+ list_cap = 1;
+ else if (strncmp(*argv, "-t", 2) == 0) {
+ test_avail = 1;
+ if (strspn(*argv + 1, "t") < strlen(*argv + 1))
+ goto skip_arg_loop;
+ if ((test_avail_noise = strlen(*argv + 1) - 1) > 1)
+ goto skip_arg_loop;
+ } else if (strcmp(*argv, "-pre") == 0) {
+ argc--;
+ argv++;
+ if (argc == 0)
+ goto skip_arg_loop;
+ sk_OPENSSL_STRING_push(pre_cmds, *argv);
+ } else if (strcmp(*argv, "-post") == 0) {
+ argc--;
+ argv++;
+ if (argc == 0)
+ goto skip_arg_loop;
+ sk_OPENSSL_STRING_push(post_cmds, *argv);
+ } else if ((strncmp(*argv, "-h", 2) == 0) ||
+ (strcmp(*argv, "-?") == 0))
+ goto skip_arg_loop;
+ else
+ sk_OPENSSL_STRING_push(engines, *argv);
+ argc--;
+ argv++;
+ }
+ /* Looks like everything went OK */
+ badops = 0;
+ skip_arg_loop:
+
+ if (badops) {
+ for (pp = engine_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err, "%s", *pp);
+ goto end;
+ }
+
+ if (sk_OPENSSL_STRING_num(engines) == 0) {
+ for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
+ sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
+ }
+ }
+
+ for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
+ const char *id = sk_OPENSSL_STRING_value(engines, i);
+ if ((e = ENGINE_by_id(id)) != NULL) {
+ const char *name = ENGINE_get_name(e);
+ /*
+ * Do "id" first, then "name". Easier to auto-parse.
+ */
+ BIO_printf(bio_out, "(%s) %s\n", id, name);
+ util_do_cmds(e, pre_cmds, bio_out, indent);
+ if (strcmp(ENGINE_get_id(e), id) != 0) {
+ BIO_printf(bio_out, "Loaded: (%s) %s\n",
+ ENGINE_get_id(e), ENGINE_get_name(e));
+ }
+ if (list_cap) {
+ int cap_size = 256;
+ char *cap_buf = NULL;
+ int k, n;
+ const int *nids;
+ ENGINE_CIPHERS_PTR fn_c;
+ ENGINE_DIGESTS_PTR fn_d;
+ ENGINE_PKEY_METHS_PTR fn_pk;
+
+ if (ENGINE_get_RSA(e) != NULL
+ && !append_buf(&cap_buf, "RSA", &cap_size, 256))
+ goto end;
+ if (ENGINE_get_DSA(e) != NULL
+ && !append_buf(&cap_buf, "DSA", &cap_size, 256))
+ goto end;
+ if (ENGINE_get_DH(e) != NULL
+ && !append_buf(&cap_buf, "DH", &cap_size, 256))
+ goto end;
+ if (ENGINE_get_RAND(e) != NULL
+ && !append_buf(&cap_buf, "RAND", &cap_size, 256))
+ goto end;
+
+ fn_c = ENGINE_get_ciphers(e);
+ if (!fn_c)
+ goto skip_ciphers;
+ n = fn_c(e, NULL, &nids, 0);
+ for (k = 0; k < n; ++k)
+ if (!append_buf(&cap_buf,
+ OBJ_nid2sn(nids[k]), &cap_size, 256))
+ goto end;
+
+ skip_ciphers:
+ fn_d = ENGINE_get_digests(e);
+ if (!fn_d)
+ goto skip_digests;
+ n = fn_d(e, NULL, &nids, 0);
+ for (k = 0; k < n; ++k)
+ if (!append_buf(&cap_buf,
+ OBJ_nid2sn(nids[k]), &cap_size, 256))
+ goto end;
+
+ skip_digests:
+ fn_pk = ENGINE_get_pkey_meths(e);
+ if (!fn_pk)
+ goto skip_pmeths;
+ n = fn_pk(e, NULL, &nids, 0);
+ for (k = 0; k < n; ++k)
+ if (!append_buf(&cap_buf,
+ OBJ_nid2sn(nids[k]), &cap_size, 256))
+ goto end;
+ skip_pmeths:
+ if (cap_buf && (*cap_buf != '\0'))
+ BIO_printf(bio_out, " [%s]\n", cap_buf);
+
+ OPENSSL_free(cap_buf);
+ }
+ if (test_avail) {
+ BIO_printf(bio_out, "%s", indent);
+ if (ENGINE_init(e)) {
+ BIO_printf(bio_out, "[ available ]\n");
+ util_do_cmds(e, post_cmds, bio_out, indent);
+ ENGINE_finish(e);
+ } else {
+ BIO_printf(bio_out, "[ unavailable ]\n");
+ if (test_avail_noise)
+ ERR_print_errors_fp(stdout);
+ ERR_clear_error();
+ }
+ }
+ if ((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
+ goto end;
+ ENGINE_free(e);
+ } else
+ ERR_print_errors(bio_err);
+ }
+
+ ret = 0;
+ end:
+
+ ERR_print_errors(bio_err);
+ sk_OPENSSL_STRING_pop_free(engines, identity);
+ sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
+ sk_OPENSSL_STRING_pop_free(post_cmds, identity);
+ if (bio_out != NULL)
+ BIO_free_all(bio_out);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+#else
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/apps/md4.c
===================================================================
--- vendor-crypto/openssl/dist/apps/md4.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/md4.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/md4/md4.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/apps/ocsp.c
===================================================================
--- vendor-crypto/openssl/dist/apps/ocsp.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/ocsp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1325 +0,0 @@
-/* ocsp.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_OCSP
-
-# ifdef OPENSSL_SYS_VMS
-# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
- * on OpenVMS */
-# endif
-
-# define USE_SOCKETS
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include <time.h>
-# include "apps.h" /* needs to be included before the openssl
- * headers! */
-# include <openssl/e_os2.h>
-# include <openssl/crypto.h>
-# include <openssl/err.h>
-# include <openssl/ssl.h>
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/x509v3.h>
-
-# if defined(NETWARE_CLIB)
-# ifdef NETWARE_BSDSOCK
-# include <sys/socket.h>
-# include <sys/bsdskt.h>
-# else
-# include <novsock2.h>
-# endif
-# elif defined(NETWARE_LIBC)
-# ifdef NETWARE_BSDSOCK
-# include <sys/select.h>
-# else
-# include <novsock2.h>
-# endif
-# endif
-
-/* Maximum leeway in validity period: default 5 minutes */
-# define MAX_VALIDITY_PERIOD (5 * 60)
-
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
- const EVP_MD *cert_id_md, X509 *issuer,
- STACK_OF(OCSP_CERTID) *ids);
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
- const EVP_MD *cert_id_md, X509 *issuer,
- STACK_OF(OCSP_CERTID) *ids);
-static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
- STACK_OF(OPENSSL_STRING) *names,
- STACK_OF(OCSP_CERTID) *ids, long nsec,
- long maxage);
-
-static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
- CA_DB *db, X509 *ca, X509 *rcert,
- EVP_PKEY *rkey, STACK_OF(X509) *rother,
- unsigned long flags, int nmin, int ndays);
-
-static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
-static BIO *init_responder(char *port);
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
- char *port);
-static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
-static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
- STACK_OF(CONF_VALUE) *headers,
- OCSP_REQUEST *req, int req_timeout);
-
-# undef PROG
-# define PROG ocsp_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- ENGINE *e = NULL;
- char **args;
- char *host = NULL, *port = NULL, *path = "/";
- char *thost = NULL, *tport = NULL, *tpath = NULL;
- char *reqin = NULL, *respin = NULL;
- char *reqout = NULL, *respout = NULL;
- char *signfile = NULL, *keyfile = NULL;
- char *rsignfile = NULL, *rkeyfile = NULL;
- char *outfile = NULL;
- int add_nonce = 1, noverify = 0, use_ssl = -1;
- STACK_OF(CONF_VALUE) *headers = NULL;
- OCSP_REQUEST *req = NULL;
- OCSP_RESPONSE *resp = NULL;
- OCSP_BASICRESP *bs = NULL;
- X509 *issuer = NULL, *cert = NULL;
- X509 *signer = NULL, *rsigner = NULL;
- EVP_PKEY *key = NULL, *rkey = NULL;
- BIO *acbio = NULL, *cbio = NULL;
- BIO *derbio = NULL;
- BIO *out = NULL;
- int req_timeout = -1;
- int req_text = 0, resp_text = 0;
- long nsec = MAX_VALIDITY_PERIOD, maxage = -1;
- char *CAfile = NULL, *CApath = NULL;
- X509_STORE *store = NULL;
- STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL;
- char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL;
- unsigned long sign_flags = 0, verify_flags = 0, rflags = 0;
- int ret = 1;
- int accept_count = -1;
- int badarg = 0;
- int i;
- int ignore_err = 0;
- STACK_OF(OPENSSL_STRING) *reqnames = NULL;
- STACK_OF(OCSP_CERTID) *ids = NULL;
-
- X509 *rca_cert = NULL;
- char *ridx_filename = NULL;
- char *rca_filename = NULL;
- CA_DB *rdb = NULL;
- int nmin = 0, ndays = -1;
- const EVP_MD *cert_id_md = NULL;
-
- if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- if (!load_config(bio_err, NULL))
- goto end;
- SSL_load_error_strings();
- OpenSSL_add_ssl_algorithms();
- args = argv + 1;
- reqnames = sk_OPENSSL_STRING_new_null();
- ids = sk_OCSP_CERTID_new_null();
- while (!badarg && *args && *args[0] == '-') {
- if (!strcmp(*args, "-out")) {
- if (args[1]) {
- args++;
- outfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-timeout")) {
- if (args[1]) {
- args++;
- req_timeout = atol(*args);
- if (req_timeout < 0) {
- BIO_printf(bio_err, "Illegal timeout value %s\n", *args);
- badarg = 1;
- }
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-url")) {
- if (thost)
- OPENSSL_free(thost);
- if (tport)
- OPENSSL_free(tport);
- if (tpath)
- OPENSSL_free(tpath);
- if (args[1]) {
- args++;
- if (!OCSP_parse_url(*args, &host, &port, &path, &use_ssl)) {
- BIO_printf(bio_err, "Error parsing URL\n");
- badarg = 1;
- }
- thost = host;
- tport = port;
- tpath = path;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-host")) {
- if (args[1]) {
- args++;
- host = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-port")) {
- if (args[1]) {
- args++;
- port = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-header")) {
- if (args[1] && args[2]) {
- if (!X509V3_add_value(args[1], args[2], &headers))
- goto end;
- args += 2;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-ignore_err"))
- ignore_err = 1;
- else if (!strcmp(*args, "-noverify"))
- noverify = 1;
- else if (!strcmp(*args, "-nonce"))
- add_nonce = 2;
- else if (!strcmp(*args, "-no_nonce"))
- add_nonce = 0;
- else if (!strcmp(*args, "-resp_no_certs"))
- rflags |= OCSP_NOCERTS;
- else if (!strcmp(*args, "-resp_key_id"))
- rflags |= OCSP_RESPID_KEY;
- else if (!strcmp(*args, "-no_certs"))
- sign_flags |= OCSP_NOCERTS;
- else if (!strcmp(*args, "-no_signature_verify"))
- verify_flags |= OCSP_NOSIGS;
- else if (!strcmp(*args, "-no_cert_verify"))
- verify_flags |= OCSP_NOVERIFY;
- else if (!strcmp(*args, "-no_chain"))
- verify_flags |= OCSP_NOCHAIN;
- else if (!strcmp(*args, "-no_cert_checks"))
- verify_flags |= OCSP_NOCHECKS;
- else if (!strcmp(*args, "-no_explicit"))
- verify_flags |= OCSP_NOEXPLICIT;
- else if (!strcmp(*args, "-trust_other"))
- verify_flags |= OCSP_TRUSTOTHER;
- else if (!strcmp(*args, "-no_intern"))
- verify_flags |= OCSP_NOINTERN;
- else if (!strcmp(*args, "-text")) {
- req_text = 1;
- resp_text = 1;
- } else if (!strcmp(*args, "-req_text"))
- req_text = 1;
- else if (!strcmp(*args, "-resp_text"))
- resp_text = 1;
- else if (!strcmp(*args, "-reqin")) {
- if (args[1]) {
- args++;
- reqin = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-respin")) {
- if (args[1]) {
- args++;
- respin = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-signer")) {
- if (args[1]) {
- args++;
- signfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-VAfile")) {
- if (args[1]) {
- args++;
- verify_certfile = *args;
- verify_flags |= OCSP_TRUSTOTHER;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-sign_other")) {
- if (args[1]) {
- args++;
- sign_certfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-verify_other")) {
- if (args[1]) {
- args++;
- verify_certfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-CAfile")) {
- if (args[1]) {
- args++;
- CAfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-CApath")) {
- if (args[1]) {
- args++;
- CApath = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-validity_period")) {
- if (args[1]) {
- args++;
- nsec = atol(*args);
- if (nsec < 0) {
- BIO_printf(bio_err,
- "Illegal validity period %s\n", *args);
- badarg = 1;
- }
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-status_age")) {
- if (args[1]) {
- args++;
- maxage = atol(*args);
- if (maxage < 0) {
- BIO_printf(bio_err, "Illegal validity age %s\n", *args);
- badarg = 1;
- }
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-signkey")) {
- if (args[1]) {
- args++;
- keyfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-reqout")) {
- if (args[1]) {
- args++;
- reqout = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-respout")) {
- if (args[1]) {
- args++;
- respout = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-path")) {
- if (args[1]) {
- args++;
- path = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-issuer")) {
- if (args[1]) {
- args++;
- X509_free(issuer);
- issuer = load_cert(bio_err, *args, FORMAT_PEM,
- NULL, e, "issuer certificate");
- if (!issuer)
- goto end;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-cert")) {
- if (args[1]) {
- args++;
- X509_free(cert);
- cert = load_cert(bio_err, *args, FORMAT_PEM,
- NULL, e, "certificate");
- if (!cert)
- goto end;
- if (!cert_id_md)
- cert_id_md = EVP_sha1();
- if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
- goto end;
- if (!sk_OPENSSL_STRING_push(reqnames, *args))
- goto end;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-serial")) {
- if (args[1]) {
- args++;
- if (!cert_id_md)
- cert_id_md = EVP_sha1();
- if (!add_ocsp_serial(&req, *args, cert_id_md, issuer, ids))
- goto end;
- if (!sk_OPENSSL_STRING_push(reqnames, *args))
- goto end;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-index")) {
- if (args[1]) {
- args++;
- ridx_filename = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-CA")) {
- if (args[1]) {
- args++;
- rca_filename = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-nmin")) {
- if (args[1]) {
- args++;
- nmin = atol(*args);
- if (nmin < 0) {
- BIO_printf(bio_err, "Illegal update period %s\n", *args);
- badarg = 1;
- }
- }
- if (ndays == -1)
- ndays = 0;
- else
- badarg = 1;
- } else if (!strcmp(*args, "-nrequest")) {
- if (args[1]) {
- args++;
- accept_count = atol(*args);
- if (accept_count < 0) {
- BIO_printf(bio_err, "Illegal accept count %s\n", *args);
- badarg = 1;
- }
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-ndays")) {
- if (args[1]) {
- args++;
- ndays = atol(*args);
- if (ndays < 0) {
- BIO_printf(bio_err, "Illegal update period %s\n", *args);
- badarg = 1;
- }
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-rsigner")) {
- if (args[1]) {
- args++;
- rsignfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-rkey")) {
- if (args[1]) {
- args++;
- rkeyfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-rother")) {
- if (args[1]) {
- args++;
- rcertfile = *args;
- } else
- badarg = 1;
- } else if ((cert_id_md = EVP_get_digestbyname((*args) + 1)) == NULL) {
- badarg = 1;
- }
- args++;
- }
-
- /* Have we anything to do? */
- if (!req && !reqin && !respin && !(port && ridx_filename))
- badarg = 1;
-
- if (badarg) {
- BIO_printf(bio_err, "OCSP utility\n");
- BIO_printf(bio_err, "Usage ocsp [options]\n");
- BIO_printf(bio_err, "where options are\n");
- BIO_printf(bio_err, "-out file output filename\n");
- BIO_printf(bio_err, "-issuer file issuer certificate\n");
- BIO_printf(bio_err, "-cert file certificate to check\n");
- BIO_printf(bio_err, "-serial n serial number to check\n");
- BIO_printf(bio_err,
- "-signer file certificate to sign OCSP request with\n");
- BIO_printf(bio_err,
- "-signkey file private key to sign OCSP request with\n");
- BIO_printf(bio_err,
- "-sign_other file additional certificates to include in signed request\n");
- BIO_printf(bio_err,
- "-no_certs don't include any certificates in signed request\n");
- BIO_printf(bio_err,
- "-req_text print text form of request\n");
- BIO_printf(bio_err,
- "-resp_text print text form of response\n");
- BIO_printf(bio_err,
- "-text print text form of request and response\n");
- BIO_printf(bio_err,
- "-reqout file write DER encoded OCSP request to \"file\"\n");
- BIO_printf(bio_err,
- "-respout file write DER encoded OCSP reponse to \"file\"\n");
- BIO_printf(bio_err,
- "-reqin file read DER encoded OCSP request from \"file\"\n");
- BIO_printf(bio_err,
- "-respin file read DER encoded OCSP reponse from \"file\"\n");
- BIO_printf(bio_err,
- "-nonce add OCSP nonce to request\n");
- BIO_printf(bio_err,
- "-no_nonce don't add OCSP nonce to request\n");
- BIO_printf(bio_err, "-url URL OCSP responder URL\n");
- BIO_printf(bio_err,
- "-host host:n send OCSP request to host on port n\n");
- BIO_printf(bio_err,
- "-path path to use in OCSP request\n");
- BIO_printf(bio_err,
- "-CApath dir trusted certificates directory\n");
- BIO_printf(bio_err,
- "-CAfile file trusted certificates file\n");
- BIO_printf(bio_err,
- "-no_alt_chains only ever use the first certificate chain found\n");
- BIO_printf(bio_err,
- "-VAfile file validator certificates file\n");
- BIO_printf(bio_err,
- "-validity_period n maximum validity discrepancy in seconds\n");
- BIO_printf(bio_err,
- "-status_age n maximum status age in seconds\n");
- BIO_printf(bio_err,
- "-noverify don't verify response at all\n");
- BIO_printf(bio_err,
- "-verify_other file additional certificates to search for signer\n");
- BIO_printf(bio_err,
- "-trust_other don't verify additional certificates\n");
- BIO_printf(bio_err,
- "-no_intern don't search certificates contained in response for signer\n");
- BIO_printf(bio_err,
- "-no_signature_verify don't check signature on response\n");
- BIO_printf(bio_err,
- "-no_cert_verify don't check signing certificate\n");
- BIO_printf(bio_err,
- "-no_chain don't chain verify response\n");
- BIO_printf(bio_err,
- "-no_cert_checks don't do additional checks on signing certificate\n");
- BIO_printf(bio_err,
- "-port num port to run responder on\n");
- BIO_printf(bio_err,
- "-index file certificate status index file\n");
- BIO_printf(bio_err, "-CA file CA certificate\n");
- BIO_printf(bio_err,
- "-rsigner file responder certificate to sign responses with\n");
- BIO_printf(bio_err,
- "-rkey file responder key to sign responses with\n");
- BIO_printf(bio_err,
- "-rother file other certificates to include in response\n");
- BIO_printf(bio_err,
- "-resp_no_certs don't include any certificates in response\n");
- BIO_printf(bio_err,
- "-nmin n number of minutes before next update\n");
- BIO_printf(bio_err,
- "-ndays n number of days before next update\n");
- BIO_printf(bio_err,
- "-resp_key_id identify reponse by signing certificate key ID\n");
- BIO_printf(bio_err,
- "-nrequest n number of requests to accept (default unlimited)\n");
- BIO_printf(bio_err,
- "-<dgst alg> use specified digest in the request\n");
- BIO_printf(bio_err,
- "-timeout n timeout connection to OCSP responder after n seconds\n");
- goto end;
- }
-
- if (outfile)
- out = BIO_new_file(outfile, "w");
- else
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
- if (!out) {
- BIO_printf(bio_err, "Error opening output file\n");
- goto end;
- }
-
- if (!req && (add_nonce != 2))
- add_nonce = 0;
-
- if (!req && reqin) {
- derbio = BIO_new_file(reqin, "rb");
- if (!derbio) {
- BIO_printf(bio_err, "Error Opening OCSP request file\n");
- goto end;
- }
- req = d2i_OCSP_REQUEST_bio(derbio, NULL);
- BIO_free(derbio);
- if (!req) {
- BIO_printf(bio_err, "Error reading OCSP request\n");
- goto end;
- }
- }
-
- if (!req && port) {
- acbio = init_responder(port);
- if (!acbio)
- goto end;
- }
-
- if (rsignfile && !rdb) {
- if (!rkeyfile)
- rkeyfile = rsignfile;
- rsigner = load_cert(bio_err, rsignfile, FORMAT_PEM,
- NULL, e, "responder certificate");
- if (!rsigner) {
- BIO_printf(bio_err, "Error loading responder certificate\n");
- goto end;
- }
- rca_cert = load_cert(bio_err, rca_filename, FORMAT_PEM,
- NULL, e, "CA certificate");
- if (rcertfile) {
- rother = load_certs(bio_err, rcertfile, FORMAT_PEM,
- NULL, e, "responder other certificates");
- if (!rother)
- goto end;
- }
- rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, 0, NULL, NULL,
- "responder private key");
- if (!rkey)
- goto end;
- }
- if (acbio)
- BIO_printf(bio_err, "Waiting for OCSP client connections...\n");
-
- redo_accept:
-
- if (acbio) {
- if (!do_responder(&req, &cbio, acbio, port))
- goto end;
- if (!req) {
- resp =
- OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST,
- NULL);
- send_ocsp_response(cbio, resp);
- goto done_resp;
- }
- }
-
- if (!req && (signfile || reqout || host || add_nonce || ridx_filename)) {
- BIO_printf(bio_err, "Need an OCSP request for this operation!\n");
- goto end;
- }
-
- if (req && add_nonce)
- OCSP_request_add1_nonce(req, NULL, -1);
-
- if (signfile) {
- if (!keyfile)
- keyfile = signfile;
- signer = load_cert(bio_err, signfile, FORMAT_PEM,
- NULL, e, "signer certificate");
- if (!signer) {
- BIO_printf(bio_err, "Error loading signer certificate\n");
- goto end;
- }
- if (sign_certfile) {
- sign_other = load_certs(bio_err, sign_certfile, FORMAT_PEM,
- NULL, e, "signer certificates");
- if (!sign_other)
- goto end;
- }
- key = load_key(bio_err, keyfile, FORMAT_PEM, 0, NULL, NULL,
- "signer private key");
- if (!key)
- goto end;
-
- if (!OCSP_request_sign
- (req, signer, key, NULL, sign_other, sign_flags)) {
- BIO_printf(bio_err, "Error signing OCSP request\n");
- goto end;
- }
- }
-
- if (req_text && req)
- OCSP_REQUEST_print(out, req, 0);
-
- if (reqout) {
- derbio = BIO_new_file(reqout, "wb");
- if (!derbio) {
- BIO_printf(bio_err, "Error opening file %s\n", reqout);
- goto end;
- }
- i2d_OCSP_REQUEST_bio(derbio, req);
- BIO_free(derbio);
- }
-
- if (ridx_filename && (!rkey || !rsigner || !rca_cert)) {
- BIO_printf(bio_err,
- "Need a responder certificate, key and CA for this operation!\n");
- goto end;
- }
-
- if (ridx_filename && !rdb) {
- rdb = load_index(ridx_filename, NULL);
- if (!rdb)
- goto end;
- if (!index_index(rdb))
- goto end;
- }
-
- if (rdb) {
- i = make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey,
- rother, rflags, nmin, ndays);
- if (cbio)
- send_ocsp_response(cbio, resp);
- } else if (host) {
-# ifndef OPENSSL_NO_SOCK
- resp = process_responder(bio_err, req, host, path,
- port, use_ssl, headers, req_timeout);
- if (!resp)
- goto end;
-# else
- BIO_printf(bio_err,
- "Error creating connect BIO - sockets not supported.\n");
- goto end;
-# endif
- } else if (respin) {
- derbio = BIO_new_file(respin, "rb");
- if (!derbio) {
- BIO_printf(bio_err, "Error Opening OCSP response file\n");
- goto end;
- }
- resp = d2i_OCSP_RESPONSE_bio(derbio, NULL);
- BIO_free(derbio);
- if (!resp) {
- BIO_printf(bio_err, "Error reading OCSP response\n");
- goto end;
- }
-
- } else {
- ret = 0;
- goto end;
- }
-
- done_resp:
-
- if (respout) {
- derbio = BIO_new_file(respout, "wb");
- if (!derbio) {
- BIO_printf(bio_err, "Error opening file %s\n", respout);
- goto end;
- }
- i2d_OCSP_RESPONSE_bio(derbio, resp);
- BIO_free(derbio);
- }
-
- i = OCSP_response_status(resp);
-
- if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
- BIO_printf(out, "Responder Error: %s (%d)\n",
- OCSP_response_status_str(i), i);
- if (ignore_err)
- goto redo_accept;
- ret = 0;
- goto end;
- }
-
- if (resp_text)
- OCSP_RESPONSE_print(out, resp, 0);
-
- /* If running as responder don't verify our own response */
- if (cbio) {
- if (accept_count > 0)
- accept_count--;
- /* Redo if more connections needed */
- if (accept_count) {
- BIO_free_all(cbio);
- cbio = NULL;
- OCSP_REQUEST_free(req);
- req = NULL;
- OCSP_RESPONSE_free(resp);
- resp = NULL;
- goto redo_accept;
- }
- goto end;
- }
-
- if (!store)
- store = setup_verify(bio_err, CAfile, CApath);
- if (!store)
- goto end;
- if (verify_certfile) {
- verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,
- NULL, e, "validator certificate");
- if (!verify_other)
- goto end;
- }
-
- bs = OCSP_response_get1_basic(resp);
-
- if (!bs) {
- BIO_printf(bio_err, "Error parsing response\n");
- goto end;
- }
-
- if (!noverify) {
- if (req && ((i = OCSP_check_nonce(req, bs)) <= 0)) {
- if (i == -1)
- BIO_printf(bio_err, "WARNING: no nonce in response\n");
- else {
- BIO_printf(bio_err, "Nonce Verify error\n");
- goto end;
- }
- }
-
- i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
- if (i < 0)
- i = OCSP_basic_verify(bs, NULL, store, 0);
-
- if (i <= 0) {
- BIO_printf(bio_err, "Response Verify Failure\n");
- ERR_print_errors(bio_err);
- } else
- BIO_printf(bio_err, "Response verify OK\n");
-
- }
-
- if (!print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage))
- goto end;
-
- ret = 0;
-
- end:
- ERR_print_errors(bio_err);
- X509_free(signer);
- X509_STORE_free(store);
- EVP_PKEY_free(key);
- EVP_PKEY_free(rkey);
- X509_free(issuer);
- X509_free(cert);
- X509_free(rsigner);
- X509_free(rca_cert);
- free_index(rdb);
- BIO_free_all(cbio);
- BIO_free_all(acbio);
- BIO_free(out);
- OCSP_REQUEST_free(req);
- OCSP_RESPONSE_free(resp);
- OCSP_BASICRESP_free(bs);
- sk_OPENSSL_STRING_free(reqnames);
- sk_OCSP_CERTID_free(ids);
- sk_X509_pop_free(sign_other, X509_free);
- sk_X509_pop_free(verify_other, X509_free);
- sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
-
- if (thost)
- OPENSSL_free(thost);
- if (tport)
- OPENSSL_free(tport);
- if (tpath)
- OPENSSL_free(tpath);
-
- OPENSSL_EXIT(ret);
-}
-
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
- const EVP_MD *cert_id_md, X509 *issuer,
- STACK_OF(OCSP_CERTID) *ids)
-{
- OCSP_CERTID *id;
- if (!issuer) {
- BIO_printf(bio_err, "No issuer certificate specified\n");
- return 0;
- }
- if (!*req)
- *req = OCSP_REQUEST_new();
- if (!*req)
- goto err;
- id = OCSP_cert_to_id(cert_id_md, cert, issuer);
- if (!id || !sk_OCSP_CERTID_push(ids, id))
- goto err;
- if (!OCSP_request_add0_id(*req, id))
- goto err;
- return 1;
-
- err:
- BIO_printf(bio_err, "Error Creating OCSP request\n");
- return 0;
-}
-
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
- const EVP_MD *cert_id_md, X509 *issuer,
- STACK_OF(OCSP_CERTID) *ids)
-{
- OCSP_CERTID *id;
- X509_NAME *iname;
- ASN1_BIT_STRING *ikey;
- ASN1_INTEGER *sno;
- if (!issuer) {
- BIO_printf(bio_err, "No issuer certificate specified\n");
- return 0;
- }
- if (!*req)
- *req = OCSP_REQUEST_new();
- if (!*req)
- goto err;
- iname = X509_get_subject_name(issuer);
- ikey = X509_get0_pubkey_bitstr(issuer);
- sno = s2i_ASN1_INTEGER(NULL, serial);
- if (!sno) {
- BIO_printf(bio_err, "Error converting serial number %s\n", serial);
- return 0;
- }
- id = OCSP_cert_id_new(cert_id_md, iname, ikey, sno);
- ASN1_INTEGER_free(sno);
- if (!id || !sk_OCSP_CERTID_push(ids, id))
- goto err;
- if (!OCSP_request_add0_id(*req, id))
- goto err;
- return 1;
-
- err:
- BIO_printf(bio_err, "Error Creating OCSP request\n");
- return 0;
-}
-
-static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
- STACK_OF(OPENSSL_STRING) *names,
- STACK_OF(OCSP_CERTID) *ids, long nsec,
- long maxage)
-{
- OCSP_CERTID *id;
- char *name;
- int i;
-
- int status, reason;
-
- ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
-
- if (!bs || !req || !sk_OPENSSL_STRING_num(names)
- || !sk_OCSP_CERTID_num(ids))
- return 1;
-
- for (i = 0; i < sk_OCSP_CERTID_num(ids); i++) {
- id = sk_OCSP_CERTID_value(ids, i);
- name = sk_OPENSSL_STRING_value(names, i);
- BIO_printf(out, "%s: ", name);
-
- if (!OCSP_resp_find_status(bs, id, &status, &reason,
- &rev, &thisupd, &nextupd)) {
- BIO_puts(out, "ERROR: No Status found.\n");
- continue;
- }
-
- /*
- * Check validity: if invalid write to output BIO so we know which
- * response this refers to.
- */
- if (!OCSP_check_validity(thisupd, nextupd, nsec, maxage)) {
- BIO_puts(out, "WARNING: Status times invalid.\n");
- ERR_print_errors(out);
- }
- BIO_printf(out, "%s\n", OCSP_cert_status_str(status));
-
- BIO_puts(out, "\tThis Update: ");
- ASN1_GENERALIZEDTIME_print(out, thisupd);
- BIO_puts(out, "\n");
-
- if (nextupd) {
- BIO_puts(out, "\tNext Update: ");
- ASN1_GENERALIZEDTIME_print(out, nextupd);
- BIO_puts(out, "\n");
- }
-
- if (status != V_OCSP_CERTSTATUS_REVOKED)
- continue;
-
- if (reason != -1)
- BIO_printf(out, "\tReason: %s\n", OCSP_crl_reason_str(reason));
-
- BIO_puts(out, "\tRevocation Time: ");
- ASN1_GENERALIZEDTIME_print(out, rev);
- BIO_puts(out, "\n");
- }
-
- return 1;
-}
-
-static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
- CA_DB *db, X509 *ca, X509 *rcert,
- EVP_PKEY *rkey, STACK_OF(X509) *rother,
- unsigned long flags, int nmin, int ndays)
-{
- ASN1_TIME *thisupd = NULL, *nextupd = NULL;
- OCSP_CERTID *cid, *ca_id = NULL;
- OCSP_BASICRESP *bs = NULL;
- int i, id_count, ret = 1;
-
- id_count = OCSP_request_onereq_count(req);
-
- if (id_count <= 0) {
- *resp =
- OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
- goto end;
- }
-
- bs = OCSP_BASICRESP_new();
- thisupd = X509_gmtime_adj(NULL, 0);
- if (ndays != -1)
- nextupd = X509_gmtime_adj(NULL, nmin * 60 + ndays * 3600 * 24);
-
- /* Examine each certificate id in the request */
- for (i = 0; i < id_count; i++) {
- OCSP_ONEREQ *one;
- ASN1_INTEGER *serial;
- char **inf;
- ASN1_OBJECT *cert_id_md_oid;
- const EVP_MD *cert_id_md;
- one = OCSP_request_onereq_get0(req, i);
- cid = OCSP_onereq_get0_id(one);
-
- OCSP_id_get0_info(NULL, &cert_id_md_oid, NULL, NULL, cid);
-
- cert_id_md = EVP_get_digestbyobj(cert_id_md_oid);
- if (!cert_id_md) {
- *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
- NULL);
- goto end;
- }
- if (ca_id)
- OCSP_CERTID_free(ca_id);
- ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
-
- /* Is this request about our CA? */
- if (OCSP_id_issuer_cmp(ca_id, cid)) {
- OCSP_basic_add1_status(bs, cid,
- V_OCSP_CERTSTATUS_UNKNOWN,
- 0, NULL, thisupd, nextupd);
- continue;
- }
- OCSP_id_get0_info(NULL, NULL, NULL, &serial, cid);
- inf = lookup_serial(db, serial);
- if (!inf)
- OCSP_basic_add1_status(bs, cid,
- V_OCSP_CERTSTATUS_UNKNOWN,
- 0, NULL, thisupd, nextupd);
- else if (inf[DB_type][0] == DB_TYPE_VAL)
- OCSP_basic_add1_status(bs, cid,
- V_OCSP_CERTSTATUS_GOOD,
- 0, NULL, thisupd, nextupd);
- else if (inf[DB_type][0] == DB_TYPE_REV) {
- ASN1_OBJECT *inst = NULL;
- ASN1_TIME *revtm = NULL;
- ASN1_GENERALIZEDTIME *invtm = NULL;
- OCSP_SINGLERESP *single;
- int reason = -1;
- unpack_revinfo(&revtm, &reason, &inst, &invtm, inf[DB_rev_date]);
- single = OCSP_basic_add1_status(bs, cid,
- V_OCSP_CERTSTATUS_REVOKED,
- reason, revtm, thisupd, nextupd);
- if (invtm)
- OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date,
- invtm, 0, 0);
- else if (inst)
- OCSP_SINGLERESP_add1_ext_i2d(single,
- NID_hold_instruction_code, inst,
- 0, 0);
- ASN1_OBJECT_free(inst);
- ASN1_TIME_free(revtm);
- ASN1_GENERALIZEDTIME_free(invtm);
- }
- }
-
- OCSP_copy_nonce(bs, req);
-
- OCSP_basic_sign(bs, rcert, rkey, NULL, rother, flags);
-
- *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
-
- end:
- ASN1_TIME_free(thisupd);
- ASN1_TIME_free(nextupd);
- OCSP_CERTID_free(ca_id);
- OCSP_BASICRESP_free(bs);
- return ret;
-
-}
-
-static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
-{
- int i;
- BIGNUM *bn = NULL;
- char *itmp, *row[DB_NUMBER], **rrow;
- for (i = 0; i < DB_NUMBER; i++)
- row[i] = NULL;
- bn = ASN1_INTEGER_to_BN(ser, NULL);
- OPENSSL_assert(bn); /* FIXME: should report an error at this
- * point and abort */
- if (BN_is_zero(bn))
- itmp = BUF_strdup("00");
- else
- itmp = BN_bn2hex(bn);
- row[DB_serial] = itmp;
- BN_free(bn);
- rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
- OPENSSL_free(itmp);
- return rrow;
-}
-
-/* Quick and dirty OCSP server: read in and parse input request */
-
-static BIO *init_responder(char *port)
-{
- BIO *acbio = NULL, *bufbio = NULL;
- bufbio = BIO_new(BIO_f_buffer());
- if (!bufbio)
- goto err;
-# ifndef OPENSSL_NO_SOCK
- acbio = BIO_new_accept(port);
-# else
- BIO_printf(bio_err,
- "Error setting up accept BIO - sockets not supported.\n");
-# endif
- if (!acbio)
- goto err;
- BIO_set_accept_bios(acbio, bufbio);
- bufbio = NULL;
-
- if (BIO_do_accept(acbio) <= 0) {
- BIO_printf(bio_err, "Error setting up accept BIO\n");
- ERR_print_errors(bio_err);
- goto err;
- }
-
- return acbio;
-
- err:
- BIO_free_all(acbio);
- BIO_free(bufbio);
- return NULL;
-}
-
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
- char *port)
-{
- int have_post = 0, len;
- OCSP_REQUEST *req = NULL;
- char inbuf[1024];
- BIO *cbio = NULL;
-
- if (BIO_do_accept(acbio) <= 0) {
- BIO_printf(bio_err, "Error accepting connection\n");
- ERR_print_errors(bio_err);
- return 0;
- }
-
- cbio = BIO_pop(acbio);
- *pcbio = cbio;
-
- for (;;) {
- len = BIO_gets(cbio, inbuf, sizeof inbuf);
- if (len <= 0)
- return 1;
- /* Look for "POST" signalling start of query */
- if (!have_post) {
- if (strncmp(inbuf, "POST", 4)) {
- BIO_printf(bio_err, "Invalid request\n");
- return 1;
- }
- have_post = 1;
- }
- /* Look for end of headers */
- if ((inbuf[0] == '\r') || (inbuf[0] == '\n'))
- break;
- }
-
- /* Try to read OCSP request */
-
- req = d2i_OCSP_REQUEST_bio(cbio, NULL);
-
- if (!req) {
- BIO_printf(bio_err, "Error parsing OCSP request\n");
- ERR_print_errors(bio_err);
- }
-
- *preq = req;
-
- return 1;
-
-}
-
-static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
-{
- char http_resp[] =
- "HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n"
- "Content-Length: %d\r\n\r\n";
- if (!cbio)
- return 0;
- BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
- i2d_OCSP_RESPONSE_bio(cbio, resp);
- (void)BIO_flush(cbio);
- return 1;
-}
-
-static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
- STACK_OF(CONF_VALUE) *headers,
- OCSP_REQUEST *req, int req_timeout)
-{
- int fd;
- int rv;
- int i;
- OCSP_REQ_CTX *ctx = NULL;
- OCSP_RESPONSE *rsp = NULL;
- fd_set confds;
- struct timeval tv;
-
- if (req_timeout != -1)
- BIO_set_nbio(cbio, 1);
-
- rv = BIO_do_connect(cbio);
-
- if ((rv <= 0) && ((req_timeout == -1) || !BIO_should_retry(cbio))) {
- BIO_puts(err, "Error connecting BIO\n");
- return NULL;
- }
-
- if (BIO_get_fd(cbio, &fd) < 0) {
- BIO_puts(bio_err, "Can't get connection fd\n");
- goto err;
- }
-
- if (req_timeout != -1 && rv <= 0) {
- FD_ZERO(&confds);
- openssl_fdset(fd, &confds);
- tv.tv_usec = 0;
- tv.tv_sec = req_timeout;
- rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
- if (rv == 0) {
- BIO_puts(err, "Timeout on connect\n");
- return NULL;
- }
- }
-
- ctx = OCSP_sendreq_new(cbio, path, NULL, -1);
- if (!ctx)
- return NULL;
-
- for (i = 0; i < sk_CONF_VALUE_num(headers); i++) {
- CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
- if (!OCSP_REQ_CTX_add1_header(ctx, hdr->name, hdr->value))
- goto err;
- }
-
- if (!OCSP_REQ_CTX_set1_req(ctx, req))
- goto err;
-
- for (;;) {
- rv = OCSP_sendreq_nbio(&rsp, ctx);
- if (rv != -1)
- break;
- if (req_timeout == -1)
- continue;
- FD_ZERO(&confds);
- openssl_fdset(fd, &confds);
- tv.tv_usec = 0;
- tv.tv_sec = req_timeout;
- if (BIO_should_read(cbio))
- rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv);
- else if (BIO_should_write(cbio))
- rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
- else {
- BIO_puts(err, "Unexpected retry condition\n");
- goto err;
- }
- if (rv == 0) {
- BIO_puts(err, "Timeout on request\n");
- break;
- }
- if (rv == -1) {
- BIO_puts(err, "Select error\n");
- break;
- }
-
- }
- err:
- if (ctx)
- OCSP_REQ_CTX_free(ctx);
-
- return rsp;
-}
-
-OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
- char *host, char *path, char *port,
- int use_ssl, STACK_OF(CONF_VALUE) *headers,
- int req_timeout)
-{
- BIO *cbio = NULL;
- SSL_CTX *ctx = NULL;
- OCSP_RESPONSE *resp = NULL;
- cbio = BIO_new_connect(host);
- if (!cbio) {
- BIO_printf(err, "Error creating connect BIO\n");
- goto end;
- }
- if (port)
- BIO_set_conn_port(cbio, port);
- if (use_ssl == 1) {
- BIO *sbio;
- ctx = SSL_CTX_new(SSLv23_client_method());
- if (ctx == NULL) {
- BIO_printf(err, "Error creating SSL context.\n");
- goto end;
- }
- SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
- sbio = BIO_new_ssl(ctx, 1);
- cbio = BIO_push(sbio, cbio);
- }
- resp = query_responder(err, cbio, path, headers, req, req_timeout);
- if (!resp)
- BIO_printf(bio_err, "Error querying OCSP responder\n");
- end:
- if (cbio)
- BIO_free_all(cbio);
- if (ctx)
- SSL_CTX_free(ctx);
- return resp;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/apps/ocsp.c (from rev 11605, vendor-crypto/openssl/dist/apps/ocsp.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/ocsp.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/ocsp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1325 @@
+/* ocsp.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#ifndef OPENSSL_NO_OCSP
+
+# ifdef OPENSSL_SYS_VMS
+# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
+ * on OpenVMS */
+# endif
+
+# define USE_SOCKETS
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <time.h>
+# include "apps.h" /* needs to be included before the openssl
+ * headers! */
+# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
+# include <openssl/err.h>
+# include <openssl/ssl.h>
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/x509v3.h>
+
+# if defined(NETWARE_CLIB)
+# ifdef NETWARE_BSDSOCK
+# include <sys/socket.h>
+# include <sys/bsdskt.h>
+# else
+# include <novsock2.h>
+# endif
+# elif defined(NETWARE_LIBC)
+# ifdef NETWARE_BSDSOCK
+# include <sys/select.h>
+# else
+# include <novsock2.h>
+# endif
+# endif
+
+/* Maximum leeway in validity period: default 5 minutes */
+# define MAX_VALIDITY_PERIOD (5 * 60)
+
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
+ const EVP_MD *cert_id_md, X509 *issuer,
+ STACK_OF(OCSP_CERTID) *ids);
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
+ const EVP_MD *cert_id_md, X509 *issuer,
+ STACK_OF(OCSP_CERTID) *ids);
+static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
+ STACK_OF(OPENSSL_STRING) *names,
+ STACK_OF(OCSP_CERTID) *ids, long nsec,
+ long maxage);
+
+static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
+ CA_DB *db, X509 *ca, X509 *rcert,
+ EVP_PKEY *rkey, STACK_OF(X509) *rother,
+ unsigned long flags, int nmin, int ndays);
+
+static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
+static BIO *init_responder(char *port);
+static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
+ char *port);
+static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
+static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
+ STACK_OF(CONF_VALUE) *headers,
+ OCSP_REQUEST *req, int req_timeout);
+
+# undef PROG
+# define PROG ocsp_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ ENGINE *e = NULL;
+ char **args;
+ char *host = NULL, *port = NULL, *path = "/";
+ char *thost = NULL, *tport = NULL, *tpath = NULL;
+ char *reqin = NULL, *respin = NULL;
+ char *reqout = NULL, *respout = NULL;
+ char *signfile = NULL, *keyfile = NULL;
+ char *rsignfile = NULL, *rkeyfile = NULL;
+ char *outfile = NULL;
+ int add_nonce = 1, noverify = 0, use_ssl = -1;
+ STACK_OF(CONF_VALUE) *headers = NULL;
+ OCSP_REQUEST *req = NULL;
+ OCSP_RESPONSE *resp = NULL;
+ OCSP_BASICRESP *bs = NULL;
+ X509 *issuer = NULL, *cert = NULL;
+ X509 *signer = NULL, *rsigner = NULL;
+ EVP_PKEY *key = NULL, *rkey = NULL;
+ BIO *acbio = NULL, *cbio = NULL;
+ BIO *derbio = NULL;
+ BIO *out = NULL;
+ int req_timeout = -1;
+ int req_text = 0, resp_text = 0;
+ long nsec = MAX_VALIDITY_PERIOD, maxage = -1;
+ char *CAfile = NULL, *CApath = NULL;
+ X509_STORE *store = NULL;
+ STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL;
+ char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL;
+ unsigned long sign_flags = 0, verify_flags = 0, rflags = 0;
+ int ret = 1;
+ int accept_count = -1;
+ int badarg = 0;
+ int i;
+ int ignore_err = 0;
+ STACK_OF(OPENSSL_STRING) *reqnames = NULL;
+ STACK_OF(OCSP_CERTID) *ids = NULL;
+
+ X509 *rca_cert = NULL;
+ char *ridx_filename = NULL;
+ char *rca_filename = NULL;
+ CA_DB *rdb = NULL;
+ int nmin = 0, ndays = -1;
+ const EVP_MD *cert_id_md = NULL;
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+ SSL_load_error_strings();
+ OpenSSL_add_ssl_algorithms();
+ args = argv + 1;
+ reqnames = sk_OPENSSL_STRING_new_null();
+ ids = sk_OCSP_CERTID_new_null();
+ while (!badarg && *args && *args[0] == '-') {
+ if (!strcmp(*args, "-out")) {
+ if (args[1]) {
+ args++;
+ outfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-timeout")) {
+ if (args[1]) {
+ args++;
+ req_timeout = atol(*args);
+ if (req_timeout < 0) {
+ BIO_printf(bio_err, "Illegal timeout value %s\n", *args);
+ badarg = 1;
+ }
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-url")) {
+ if (thost)
+ OPENSSL_free(thost);
+ if (tport)
+ OPENSSL_free(tport);
+ if (tpath)
+ OPENSSL_free(tpath);
+ if (args[1]) {
+ args++;
+ if (!OCSP_parse_url(*args, &host, &port, &path, &use_ssl)) {
+ BIO_printf(bio_err, "Error parsing URL\n");
+ badarg = 1;
+ }
+ thost = host;
+ tport = port;
+ tpath = path;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-host")) {
+ if (args[1]) {
+ args++;
+ host = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-port")) {
+ if (args[1]) {
+ args++;
+ port = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-header")) {
+ if (args[1] && args[2]) {
+ if (!X509V3_add_value(args[1], args[2], &headers))
+ goto end;
+ args += 2;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-ignore_err"))
+ ignore_err = 1;
+ else if (!strcmp(*args, "-noverify"))
+ noverify = 1;
+ else if (!strcmp(*args, "-nonce"))
+ add_nonce = 2;
+ else if (!strcmp(*args, "-no_nonce"))
+ add_nonce = 0;
+ else if (!strcmp(*args, "-resp_no_certs"))
+ rflags |= OCSP_NOCERTS;
+ else if (!strcmp(*args, "-resp_key_id"))
+ rflags |= OCSP_RESPID_KEY;
+ else if (!strcmp(*args, "-no_certs"))
+ sign_flags |= OCSP_NOCERTS;
+ else if (!strcmp(*args, "-no_signature_verify"))
+ verify_flags |= OCSP_NOSIGS;
+ else if (!strcmp(*args, "-no_cert_verify"))
+ verify_flags |= OCSP_NOVERIFY;
+ else if (!strcmp(*args, "-no_chain"))
+ verify_flags |= OCSP_NOCHAIN;
+ else if (!strcmp(*args, "-no_cert_checks"))
+ verify_flags |= OCSP_NOCHECKS;
+ else if (!strcmp(*args, "-no_explicit"))
+ verify_flags |= OCSP_NOEXPLICIT;
+ else if (!strcmp(*args, "-trust_other"))
+ verify_flags |= OCSP_TRUSTOTHER;
+ else if (!strcmp(*args, "-no_intern"))
+ verify_flags |= OCSP_NOINTERN;
+ else if (!strcmp(*args, "-text")) {
+ req_text = 1;
+ resp_text = 1;
+ } else if (!strcmp(*args, "-req_text"))
+ req_text = 1;
+ else if (!strcmp(*args, "-resp_text"))
+ resp_text = 1;
+ else if (!strcmp(*args, "-reqin")) {
+ if (args[1]) {
+ args++;
+ reqin = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-respin")) {
+ if (args[1]) {
+ args++;
+ respin = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-signer")) {
+ if (args[1]) {
+ args++;
+ signfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-VAfile")) {
+ if (args[1]) {
+ args++;
+ verify_certfile = *args;
+ verify_flags |= OCSP_TRUSTOTHER;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-sign_other")) {
+ if (args[1]) {
+ args++;
+ sign_certfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-verify_other")) {
+ if (args[1]) {
+ args++;
+ verify_certfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-CAfile")) {
+ if (args[1]) {
+ args++;
+ CAfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-CApath")) {
+ if (args[1]) {
+ args++;
+ CApath = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-validity_period")) {
+ if (args[1]) {
+ args++;
+ nsec = atol(*args);
+ if (nsec < 0) {
+ BIO_printf(bio_err,
+ "Illegal validity period %s\n", *args);
+ badarg = 1;
+ }
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-status_age")) {
+ if (args[1]) {
+ args++;
+ maxage = atol(*args);
+ if (maxage < 0) {
+ BIO_printf(bio_err, "Illegal validity age %s\n", *args);
+ badarg = 1;
+ }
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-signkey")) {
+ if (args[1]) {
+ args++;
+ keyfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-reqout")) {
+ if (args[1]) {
+ args++;
+ reqout = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-respout")) {
+ if (args[1]) {
+ args++;
+ respout = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-path")) {
+ if (args[1]) {
+ args++;
+ path = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-issuer")) {
+ if (args[1]) {
+ args++;
+ X509_free(issuer);
+ issuer = load_cert(bio_err, *args, FORMAT_PEM,
+ NULL, e, "issuer certificate");
+ if (!issuer)
+ goto end;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-cert")) {
+ if (args[1]) {
+ args++;
+ X509_free(cert);
+ cert = load_cert(bio_err, *args, FORMAT_PEM,
+ NULL, e, "certificate");
+ if (!cert)
+ goto end;
+ if (!cert_id_md)
+ cert_id_md = EVP_sha1();
+ if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
+ goto end;
+ if (!sk_OPENSSL_STRING_push(reqnames, *args))
+ goto end;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-serial")) {
+ if (args[1]) {
+ args++;
+ if (!cert_id_md)
+ cert_id_md = EVP_sha1();
+ if (!add_ocsp_serial(&req, *args, cert_id_md, issuer, ids))
+ goto end;
+ if (!sk_OPENSSL_STRING_push(reqnames, *args))
+ goto end;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-index")) {
+ if (args[1]) {
+ args++;
+ ridx_filename = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-CA")) {
+ if (args[1]) {
+ args++;
+ rca_filename = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-nmin")) {
+ if (args[1]) {
+ args++;
+ nmin = atol(*args);
+ if (nmin < 0) {
+ BIO_printf(bio_err, "Illegal update period %s\n", *args);
+ badarg = 1;
+ }
+ }
+ if (ndays == -1)
+ ndays = 0;
+ else
+ badarg = 1;
+ } else if (!strcmp(*args, "-nrequest")) {
+ if (args[1]) {
+ args++;
+ accept_count = atol(*args);
+ if (accept_count < 0) {
+ BIO_printf(bio_err, "Illegal accept count %s\n", *args);
+ badarg = 1;
+ }
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-ndays")) {
+ if (args[1]) {
+ args++;
+ ndays = atol(*args);
+ if (ndays < 0) {
+ BIO_printf(bio_err, "Illegal update period %s\n", *args);
+ badarg = 1;
+ }
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-rsigner")) {
+ if (args[1]) {
+ args++;
+ rsignfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-rkey")) {
+ if (args[1]) {
+ args++;
+ rkeyfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-rother")) {
+ if (args[1]) {
+ args++;
+ rcertfile = *args;
+ } else
+ badarg = 1;
+ } else if ((cert_id_md = EVP_get_digestbyname((*args) + 1)) == NULL) {
+ badarg = 1;
+ }
+ args++;
+ }
+
+ /* Have we anything to do? */
+ if (!req && !reqin && !respin && !(port && ridx_filename))
+ badarg = 1;
+
+ if (badarg) {
+ BIO_printf(bio_err, "OCSP utility\n");
+ BIO_printf(bio_err, "Usage ocsp [options]\n");
+ BIO_printf(bio_err, "where options are\n");
+ BIO_printf(bio_err, "-out file output filename\n");
+ BIO_printf(bio_err, "-issuer file issuer certificate\n");
+ BIO_printf(bio_err, "-cert file certificate to check\n");
+ BIO_printf(bio_err, "-serial n serial number to check\n");
+ BIO_printf(bio_err,
+ "-signer file certificate to sign OCSP request with\n");
+ BIO_printf(bio_err,
+ "-signkey file private key to sign OCSP request with\n");
+ BIO_printf(bio_err,
+ "-sign_other file additional certificates to include in signed request\n");
+ BIO_printf(bio_err,
+ "-no_certs don't include any certificates in signed request\n");
+ BIO_printf(bio_err,
+ "-req_text print text form of request\n");
+ BIO_printf(bio_err,
+ "-resp_text print text form of response\n");
+ BIO_printf(bio_err,
+ "-text print text form of request and response\n");
+ BIO_printf(bio_err,
+ "-reqout file write DER encoded OCSP request to \"file\"\n");
+ BIO_printf(bio_err,
+ "-respout file write DER encoded OCSP reponse to \"file\"\n");
+ BIO_printf(bio_err,
+ "-reqin file read DER encoded OCSP request from \"file\"\n");
+ BIO_printf(bio_err,
+ "-respin file read DER encoded OCSP reponse from \"file\"\n");
+ BIO_printf(bio_err,
+ "-nonce add OCSP nonce to request\n");
+ BIO_printf(bio_err,
+ "-no_nonce don't add OCSP nonce to request\n");
+ BIO_printf(bio_err, "-url URL OCSP responder URL\n");
+ BIO_printf(bio_err,
+ "-host host:n send OCSP request to host on port n\n");
+ BIO_printf(bio_err,
+ "-path path to use in OCSP request\n");
+ BIO_printf(bio_err,
+ "-CApath dir trusted certificates directory\n");
+ BIO_printf(bio_err,
+ "-CAfile file trusted certificates file\n");
+ BIO_printf(bio_err,
+ "-no_alt_chains only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
+ "-VAfile file validator certificates file\n");
+ BIO_printf(bio_err,
+ "-validity_period n maximum validity discrepancy in seconds\n");
+ BIO_printf(bio_err,
+ "-status_age n maximum status age in seconds\n");
+ BIO_printf(bio_err,
+ "-noverify don't verify response at all\n");
+ BIO_printf(bio_err,
+ "-verify_other file additional certificates to search for signer\n");
+ BIO_printf(bio_err,
+ "-trust_other don't verify additional certificates\n");
+ BIO_printf(bio_err,
+ "-no_intern don't search certificates contained in response for signer\n");
+ BIO_printf(bio_err,
+ "-no_signature_verify don't check signature on response\n");
+ BIO_printf(bio_err,
+ "-no_cert_verify don't check signing certificate\n");
+ BIO_printf(bio_err,
+ "-no_chain don't chain verify response\n");
+ BIO_printf(bio_err,
+ "-no_cert_checks don't do additional checks on signing certificate\n");
+ BIO_printf(bio_err,
+ "-port num port to run responder on\n");
+ BIO_printf(bio_err,
+ "-index file certificate status index file\n");
+ BIO_printf(bio_err, "-CA file CA certificate\n");
+ BIO_printf(bio_err,
+ "-rsigner file responder certificate to sign responses with\n");
+ BIO_printf(bio_err,
+ "-rkey file responder key to sign responses with\n");
+ BIO_printf(bio_err,
+ "-rother file other certificates to include in response\n");
+ BIO_printf(bio_err,
+ "-resp_no_certs don't include any certificates in response\n");
+ BIO_printf(bio_err,
+ "-nmin n number of minutes before next update\n");
+ BIO_printf(bio_err,
+ "-ndays n number of days before next update\n");
+ BIO_printf(bio_err,
+ "-resp_key_id identify reponse by signing certificate key ID\n");
+ BIO_printf(bio_err,
+ "-nrequest n number of requests to accept (default unlimited)\n");
+ BIO_printf(bio_err,
+ "-<dgst alg> use specified digest in the request\n");
+ BIO_printf(bio_err,
+ "-timeout n timeout connection to OCSP responder after n seconds\n");
+ goto end;
+ }
+
+ if (outfile)
+ out = BIO_new_file(outfile, "w");
+ else
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ if (!out) {
+ BIO_printf(bio_err, "Error opening output file\n");
+ goto end;
+ }
+
+ if (!req && (add_nonce != 2))
+ add_nonce = 0;
+
+ if (!req && reqin) {
+ derbio = BIO_new_file(reqin, "rb");
+ if (!derbio) {
+ BIO_printf(bio_err, "Error Opening OCSP request file\n");
+ goto end;
+ }
+ req = d2i_OCSP_REQUEST_bio(derbio, NULL);
+ BIO_free(derbio);
+ if (!req) {
+ BIO_printf(bio_err, "Error reading OCSP request\n");
+ goto end;
+ }
+ }
+
+ if (!req && port) {
+ acbio = init_responder(port);
+ if (!acbio)
+ goto end;
+ }
+
+ if (rsignfile && !rdb) {
+ if (!rkeyfile)
+ rkeyfile = rsignfile;
+ rsigner = load_cert(bio_err, rsignfile, FORMAT_PEM,
+ NULL, e, "responder certificate");
+ if (!rsigner) {
+ BIO_printf(bio_err, "Error loading responder certificate\n");
+ goto end;
+ }
+ rca_cert = load_cert(bio_err, rca_filename, FORMAT_PEM,
+ NULL, e, "CA certificate");
+ if (rcertfile) {
+ rother = load_certs(bio_err, rcertfile, FORMAT_PEM,
+ NULL, e, "responder other certificates");
+ if (!rother)
+ goto end;
+ }
+ rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, 0, NULL, NULL,
+ "responder private key");
+ if (!rkey)
+ goto end;
+ }
+ if (acbio)
+ BIO_printf(bio_err, "Waiting for OCSP client connections...\n");
+
+ redo_accept:
+
+ if (acbio) {
+ if (!do_responder(&req, &cbio, acbio, port))
+ goto end;
+ if (!req) {
+ resp =
+ OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST,
+ NULL);
+ send_ocsp_response(cbio, resp);
+ goto done_resp;
+ }
+ }
+
+ if (!req && (signfile || reqout || host || add_nonce || ridx_filename)) {
+ BIO_printf(bio_err, "Need an OCSP request for this operation!\n");
+ goto end;
+ }
+
+ if (req && add_nonce)
+ OCSP_request_add1_nonce(req, NULL, -1);
+
+ if (signfile) {
+ if (!keyfile)
+ keyfile = signfile;
+ signer = load_cert(bio_err, signfile, FORMAT_PEM,
+ NULL, e, "signer certificate");
+ if (!signer) {
+ BIO_printf(bio_err, "Error loading signer certificate\n");
+ goto end;
+ }
+ if (sign_certfile) {
+ sign_other = load_certs(bio_err, sign_certfile, FORMAT_PEM,
+ NULL, e, "signer certificates");
+ if (!sign_other)
+ goto end;
+ }
+ key = load_key(bio_err, keyfile, FORMAT_PEM, 0, NULL, NULL,
+ "signer private key");
+ if (!key)
+ goto end;
+
+ if (!OCSP_request_sign
+ (req, signer, key, NULL, sign_other, sign_flags)) {
+ BIO_printf(bio_err, "Error signing OCSP request\n");
+ goto end;
+ }
+ }
+
+ if (req_text && req)
+ OCSP_REQUEST_print(out, req, 0);
+
+ if (reqout) {
+ derbio = BIO_new_file(reqout, "wb");
+ if (!derbio) {
+ BIO_printf(bio_err, "Error opening file %s\n", reqout);
+ goto end;
+ }
+ i2d_OCSP_REQUEST_bio(derbio, req);
+ BIO_free(derbio);
+ }
+
+ if (ridx_filename && (!rkey || !rsigner || !rca_cert)) {
+ BIO_printf(bio_err,
+ "Need a responder certificate, key and CA for this operation!\n");
+ goto end;
+ }
+
+ if (ridx_filename && !rdb) {
+ rdb = load_index(ridx_filename, NULL);
+ if (!rdb)
+ goto end;
+ if (!index_index(rdb))
+ goto end;
+ }
+
+ if (rdb) {
+ i = make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey,
+ rother, rflags, nmin, ndays);
+ if (cbio)
+ send_ocsp_response(cbio, resp);
+ } else if (host) {
+# ifndef OPENSSL_NO_SOCK
+ resp = process_responder(bio_err, req, host, path,
+ port, use_ssl, headers, req_timeout);
+ if (!resp)
+ goto end;
+# else
+ BIO_printf(bio_err,
+ "Error creating connect BIO - sockets not supported.\n");
+ goto end;
+# endif
+ } else if (respin) {
+ derbio = BIO_new_file(respin, "rb");
+ if (!derbio) {
+ BIO_printf(bio_err, "Error Opening OCSP response file\n");
+ goto end;
+ }
+ resp = d2i_OCSP_RESPONSE_bio(derbio, NULL);
+ BIO_free(derbio);
+ if (!resp) {
+ BIO_printf(bio_err, "Error reading OCSP response\n");
+ goto end;
+ }
+
+ } else {
+ ret = 0;
+ goto end;
+ }
+
+ done_resp:
+
+ if (respout) {
+ derbio = BIO_new_file(respout, "wb");
+ if (!derbio) {
+ BIO_printf(bio_err, "Error opening file %s\n", respout);
+ goto end;
+ }
+ i2d_OCSP_RESPONSE_bio(derbio, resp);
+ BIO_free(derbio);
+ }
+
+ i = OCSP_response_status(resp);
+
+ if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
+ BIO_printf(out, "Responder Error: %s (%d)\n",
+ OCSP_response_status_str(i), i);
+ if (ignore_err)
+ goto redo_accept;
+ ret = 0;
+ goto end;
+ }
+
+ if (resp_text)
+ OCSP_RESPONSE_print(out, resp, 0);
+
+ /* If running as responder don't verify our own response */
+ if (cbio) {
+ if (accept_count > 0)
+ accept_count--;
+ /* Redo if more connections needed */
+ if (accept_count) {
+ BIO_free_all(cbio);
+ cbio = NULL;
+ OCSP_REQUEST_free(req);
+ req = NULL;
+ OCSP_RESPONSE_free(resp);
+ resp = NULL;
+ goto redo_accept;
+ }
+ goto end;
+ }
+
+ if (!store)
+ store = setup_verify(bio_err, CAfile, CApath);
+ if (!store)
+ goto end;
+ if (verify_certfile) {
+ verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,
+ NULL, e, "validator certificate");
+ if (!verify_other)
+ goto end;
+ }
+
+ bs = OCSP_response_get1_basic(resp);
+
+ if (!bs) {
+ BIO_printf(bio_err, "Error parsing response\n");
+ goto end;
+ }
+
+ if (!noverify) {
+ if (req && ((i = OCSP_check_nonce(req, bs)) <= 0)) {
+ if (i == -1)
+ BIO_printf(bio_err, "WARNING: no nonce in response\n");
+ else {
+ BIO_printf(bio_err, "Nonce Verify error\n");
+ goto end;
+ }
+ }
+
+ i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
+ if (i < 0)
+ i = OCSP_basic_verify(bs, NULL, store, 0);
+
+ if (i <= 0) {
+ BIO_printf(bio_err, "Response Verify Failure\n");
+ ERR_print_errors(bio_err);
+ } else
+ BIO_printf(bio_err, "Response verify OK\n");
+
+ }
+
+ if (!print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage))
+ goto end;
+
+ ret = 0;
+
+ end:
+ ERR_print_errors(bio_err);
+ X509_free(signer);
+ X509_STORE_free(store);
+ EVP_PKEY_free(key);
+ EVP_PKEY_free(rkey);
+ X509_free(issuer);
+ X509_free(cert);
+ X509_free(rsigner);
+ X509_free(rca_cert);
+ free_index(rdb);
+ BIO_free_all(cbio);
+ BIO_free_all(acbio);
+ BIO_free(out);
+ OCSP_REQUEST_free(req);
+ OCSP_RESPONSE_free(resp);
+ OCSP_BASICRESP_free(bs);
+ sk_OPENSSL_STRING_free(reqnames);
+ sk_OCSP_CERTID_free(ids);
+ sk_X509_pop_free(sign_other, X509_free);
+ sk_X509_pop_free(verify_other, X509_free);
+ sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
+
+ if (thost)
+ OPENSSL_free(thost);
+ if (tport)
+ OPENSSL_free(tport);
+ if (tpath)
+ OPENSSL_free(tpath);
+
+ OPENSSL_EXIT(ret);
+}
+
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
+ const EVP_MD *cert_id_md, X509 *issuer,
+ STACK_OF(OCSP_CERTID) *ids)
+{
+ OCSP_CERTID *id;
+ if (!issuer) {
+ BIO_printf(bio_err, "No issuer certificate specified\n");
+ return 0;
+ }
+ if (!*req)
+ *req = OCSP_REQUEST_new();
+ if (!*req)
+ goto err;
+ id = OCSP_cert_to_id(cert_id_md, cert, issuer);
+ if (!id || !sk_OCSP_CERTID_push(ids, id))
+ goto err;
+ if (!OCSP_request_add0_id(*req, id))
+ goto err;
+ return 1;
+
+ err:
+ BIO_printf(bio_err, "Error Creating OCSP request\n");
+ return 0;
+}
+
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
+ const EVP_MD *cert_id_md, X509 *issuer,
+ STACK_OF(OCSP_CERTID) *ids)
+{
+ OCSP_CERTID *id;
+ X509_NAME *iname;
+ ASN1_BIT_STRING *ikey;
+ ASN1_INTEGER *sno;
+ if (!issuer) {
+ BIO_printf(bio_err, "No issuer certificate specified\n");
+ return 0;
+ }
+ if (!*req)
+ *req = OCSP_REQUEST_new();
+ if (!*req)
+ goto err;
+ iname = X509_get_subject_name(issuer);
+ ikey = X509_get0_pubkey_bitstr(issuer);
+ sno = s2i_ASN1_INTEGER(NULL, serial);
+ if (!sno) {
+ BIO_printf(bio_err, "Error converting serial number %s\n", serial);
+ return 0;
+ }
+ id = OCSP_cert_id_new(cert_id_md, iname, ikey, sno);
+ ASN1_INTEGER_free(sno);
+ if (!id || !sk_OCSP_CERTID_push(ids, id))
+ goto err;
+ if (!OCSP_request_add0_id(*req, id))
+ goto err;
+ return 1;
+
+ err:
+ BIO_printf(bio_err, "Error Creating OCSP request\n");
+ return 0;
+}
+
+static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
+ STACK_OF(OPENSSL_STRING) *names,
+ STACK_OF(OCSP_CERTID) *ids, long nsec,
+ long maxage)
+{
+ OCSP_CERTID *id;
+ char *name;
+ int i;
+
+ int status, reason;
+
+ ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
+
+ if (!bs || !req || !sk_OPENSSL_STRING_num(names)
+ || !sk_OCSP_CERTID_num(ids))
+ return 1;
+
+ for (i = 0; i < sk_OCSP_CERTID_num(ids); i++) {
+ id = sk_OCSP_CERTID_value(ids, i);
+ name = sk_OPENSSL_STRING_value(names, i);
+ BIO_printf(out, "%s: ", name);
+
+ if (!OCSP_resp_find_status(bs, id, &status, &reason,
+ &rev, &thisupd, &nextupd)) {
+ BIO_puts(out, "ERROR: No Status found.\n");
+ continue;
+ }
+
+ /*
+ * Check validity: if invalid write to output BIO so we know which
+ * response this refers to.
+ */
+ if (!OCSP_check_validity(thisupd, nextupd, nsec, maxage)) {
+ BIO_puts(out, "WARNING: Status times invalid.\n");
+ ERR_print_errors(out);
+ }
+ BIO_printf(out, "%s\n", OCSP_cert_status_str(status));
+
+ BIO_puts(out, "\tThis Update: ");
+ ASN1_GENERALIZEDTIME_print(out, thisupd);
+ BIO_puts(out, "\n");
+
+ if (nextupd) {
+ BIO_puts(out, "\tNext Update: ");
+ ASN1_GENERALIZEDTIME_print(out, nextupd);
+ BIO_puts(out, "\n");
+ }
+
+ if (status != V_OCSP_CERTSTATUS_REVOKED)
+ continue;
+
+ if (reason != -1)
+ BIO_printf(out, "\tReason: %s\n", OCSP_crl_reason_str(reason));
+
+ BIO_puts(out, "\tRevocation Time: ");
+ ASN1_GENERALIZEDTIME_print(out, rev);
+ BIO_puts(out, "\n");
+ }
+
+ return 1;
+}
+
+static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
+ CA_DB *db, X509 *ca, X509 *rcert,
+ EVP_PKEY *rkey, STACK_OF(X509) *rother,
+ unsigned long flags, int nmin, int ndays)
+{
+ ASN1_TIME *thisupd = NULL, *nextupd = NULL;
+ OCSP_CERTID *cid, *ca_id = NULL;
+ OCSP_BASICRESP *bs = NULL;
+ int i, id_count, ret = 1;
+
+ id_count = OCSP_request_onereq_count(req);
+
+ if (id_count <= 0) {
+ *resp =
+ OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
+ goto end;
+ }
+
+ bs = OCSP_BASICRESP_new();
+ thisupd = X509_gmtime_adj(NULL, 0);
+ if (ndays != -1)
+ nextupd = X509_time_adj_ex(NULL, ndays, nmin * 60, NULL);
+
+ /* Examine each certificate id in the request */
+ for (i = 0; i < id_count; i++) {
+ OCSP_ONEREQ *one;
+ ASN1_INTEGER *serial;
+ char **inf;
+ ASN1_OBJECT *cert_id_md_oid;
+ const EVP_MD *cert_id_md;
+ one = OCSP_request_onereq_get0(req, i);
+ cid = OCSP_onereq_get0_id(one);
+
+ OCSP_id_get0_info(NULL, &cert_id_md_oid, NULL, NULL, cid);
+
+ cert_id_md = EVP_get_digestbyobj(cert_id_md_oid);
+ if (!cert_id_md) {
+ *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
+ NULL);
+ goto end;
+ }
+ if (ca_id)
+ OCSP_CERTID_free(ca_id);
+ ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
+
+ /* Is this request about our CA? */
+ if (OCSP_id_issuer_cmp(ca_id, cid)) {
+ OCSP_basic_add1_status(bs, cid,
+ V_OCSP_CERTSTATUS_UNKNOWN,
+ 0, NULL, thisupd, nextupd);
+ continue;
+ }
+ OCSP_id_get0_info(NULL, NULL, NULL, &serial, cid);
+ inf = lookup_serial(db, serial);
+ if (!inf)
+ OCSP_basic_add1_status(bs, cid,
+ V_OCSP_CERTSTATUS_UNKNOWN,
+ 0, NULL, thisupd, nextupd);
+ else if (inf[DB_type][0] == DB_TYPE_VAL)
+ OCSP_basic_add1_status(bs, cid,
+ V_OCSP_CERTSTATUS_GOOD,
+ 0, NULL, thisupd, nextupd);
+ else if (inf[DB_type][0] == DB_TYPE_REV) {
+ ASN1_OBJECT *inst = NULL;
+ ASN1_TIME *revtm = NULL;
+ ASN1_GENERALIZEDTIME *invtm = NULL;
+ OCSP_SINGLERESP *single;
+ int reason = -1;
+ unpack_revinfo(&revtm, &reason, &inst, &invtm, inf[DB_rev_date]);
+ single = OCSP_basic_add1_status(bs, cid,
+ V_OCSP_CERTSTATUS_REVOKED,
+ reason, revtm, thisupd, nextupd);
+ if (invtm)
+ OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date,
+ invtm, 0, 0);
+ else if (inst)
+ OCSP_SINGLERESP_add1_ext_i2d(single,
+ NID_hold_instruction_code, inst,
+ 0, 0);
+ ASN1_OBJECT_free(inst);
+ ASN1_TIME_free(revtm);
+ ASN1_GENERALIZEDTIME_free(invtm);
+ }
+ }
+
+ OCSP_copy_nonce(bs, req);
+
+ OCSP_basic_sign(bs, rcert, rkey, NULL, rother, flags);
+
+ *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
+
+ end:
+ ASN1_TIME_free(thisupd);
+ ASN1_TIME_free(nextupd);
+ OCSP_CERTID_free(ca_id);
+ OCSP_BASICRESP_free(bs);
+ return ret;
+
+}
+
+static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
+{
+ int i;
+ BIGNUM *bn = NULL;
+ char *itmp, *row[DB_NUMBER], **rrow;
+ for (i = 0; i < DB_NUMBER; i++)
+ row[i] = NULL;
+ bn = ASN1_INTEGER_to_BN(ser, NULL);
+ OPENSSL_assert(bn); /* FIXME: should report an error at this
+ * point and abort */
+ if (BN_is_zero(bn))
+ itmp = BUF_strdup("00");
+ else
+ itmp = BN_bn2hex(bn);
+ row[DB_serial] = itmp;
+ BN_free(bn);
+ rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+ OPENSSL_free(itmp);
+ return rrow;
+}
+
+/* Quick and dirty OCSP server: read in and parse input request */
+
+static BIO *init_responder(char *port)
+{
+ BIO *acbio = NULL, *bufbio = NULL;
+ bufbio = BIO_new(BIO_f_buffer());
+ if (!bufbio)
+ goto err;
+# ifndef OPENSSL_NO_SOCK
+ acbio = BIO_new_accept(port);
+# else
+ BIO_printf(bio_err,
+ "Error setting up accept BIO - sockets not supported.\n");
+# endif
+ if (!acbio)
+ goto err;
+ BIO_set_accept_bios(acbio, bufbio);
+ bufbio = NULL;
+
+ if (BIO_do_accept(acbio) <= 0) {
+ BIO_printf(bio_err, "Error setting up accept BIO\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ return acbio;
+
+ err:
+ BIO_free_all(acbio);
+ BIO_free(bufbio);
+ return NULL;
+}
+
+static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
+ char *port)
+{
+ int have_post = 0, len;
+ OCSP_REQUEST *req = NULL;
+ char inbuf[1024];
+ BIO *cbio = NULL;
+
+ if (BIO_do_accept(acbio) <= 0) {
+ BIO_printf(bio_err, "Error accepting connection\n");
+ ERR_print_errors(bio_err);
+ return 0;
+ }
+
+ cbio = BIO_pop(acbio);
+ *pcbio = cbio;
+
+ for (;;) {
+ len = BIO_gets(cbio, inbuf, sizeof inbuf);
+ if (len <= 0)
+ return 1;
+ /* Look for "POST" signalling start of query */
+ if (!have_post) {
+ if (strncmp(inbuf, "POST", 4)) {
+ BIO_printf(bio_err, "Invalid request\n");
+ return 1;
+ }
+ have_post = 1;
+ }
+ /* Look for end of headers */
+ if ((inbuf[0] == '\r') || (inbuf[0] == '\n'))
+ break;
+ }
+
+ /* Try to read OCSP request */
+
+ req = d2i_OCSP_REQUEST_bio(cbio, NULL);
+
+ if (!req) {
+ BIO_printf(bio_err, "Error parsing OCSP request\n");
+ ERR_print_errors(bio_err);
+ }
+
+ *preq = req;
+
+ return 1;
+
+}
+
+static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
+{
+ char http_resp[] =
+ "HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n"
+ "Content-Length: %d\r\n\r\n";
+ if (!cbio)
+ return 0;
+ BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
+ i2d_OCSP_RESPONSE_bio(cbio, resp);
+ (void)BIO_flush(cbio);
+ return 1;
+}
+
+static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
+ STACK_OF(CONF_VALUE) *headers,
+ OCSP_REQUEST *req, int req_timeout)
+{
+ int fd;
+ int rv;
+ int i;
+ OCSP_REQ_CTX *ctx = NULL;
+ OCSP_RESPONSE *rsp = NULL;
+ fd_set confds;
+ struct timeval tv;
+
+ if (req_timeout != -1)
+ BIO_set_nbio(cbio, 1);
+
+ rv = BIO_do_connect(cbio);
+
+ if ((rv <= 0) && ((req_timeout == -1) || !BIO_should_retry(cbio))) {
+ BIO_puts(err, "Error connecting BIO\n");
+ return NULL;
+ }
+
+ if (BIO_get_fd(cbio, &fd) < 0) {
+ BIO_puts(bio_err, "Can't get connection fd\n");
+ goto err;
+ }
+
+ if (req_timeout != -1 && rv <= 0) {
+ FD_ZERO(&confds);
+ openssl_fdset(fd, &confds);
+ tv.tv_usec = 0;
+ tv.tv_sec = req_timeout;
+ rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
+ if (rv == 0) {
+ BIO_puts(err, "Timeout on connect\n");
+ return NULL;
+ }
+ }
+
+ ctx = OCSP_sendreq_new(cbio, path, NULL, -1);
+ if (!ctx)
+ return NULL;
+
+ for (i = 0; i < sk_CONF_VALUE_num(headers); i++) {
+ CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+ if (!OCSP_REQ_CTX_add1_header(ctx, hdr->name, hdr->value))
+ goto err;
+ }
+
+ if (!OCSP_REQ_CTX_set1_req(ctx, req))
+ goto err;
+
+ for (;;) {
+ rv = OCSP_sendreq_nbio(&rsp, ctx);
+ if (rv != -1)
+ break;
+ if (req_timeout == -1)
+ continue;
+ FD_ZERO(&confds);
+ openssl_fdset(fd, &confds);
+ tv.tv_usec = 0;
+ tv.tv_sec = req_timeout;
+ if (BIO_should_read(cbio))
+ rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv);
+ else if (BIO_should_write(cbio))
+ rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
+ else {
+ BIO_puts(err, "Unexpected retry condition\n");
+ goto err;
+ }
+ if (rv == 0) {
+ BIO_puts(err, "Timeout on request\n");
+ break;
+ }
+ if (rv == -1) {
+ BIO_puts(err, "Select error\n");
+ break;
+ }
+
+ }
+ err:
+ if (ctx)
+ OCSP_REQ_CTX_free(ctx);
+
+ return rsp;
+}
+
+OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
+ char *host, char *path, char *port,
+ int use_ssl, STACK_OF(CONF_VALUE) *headers,
+ int req_timeout)
+{
+ BIO *cbio = NULL;
+ SSL_CTX *ctx = NULL;
+ OCSP_RESPONSE *resp = NULL;
+ cbio = BIO_new_connect(host);
+ if (!cbio) {
+ BIO_printf(err, "Error creating connect BIO\n");
+ goto end;
+ }
+ if (port)
+ BIO_set_conn_port(cbio, port);
+ if (use_ssl == 1) {
+ BIO *sbio;
+ ctx = SSL_CTX_new(SSLv23_client_method());
+ if (ctx == NULL) {
+ BIO_printf(err, "Error creating SSL context.\n");
+ goto end;
+ }
+ SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
+ sbio = BIO_new_ssl(ctx, 1);
+ cbio = BIO_push(sbio, cbio);
+ }
+ resp = query_responder(err, cbio, path, headers, req, req_timeout);
+ if (!resp)
+ BIO_printf(bio_err, "Error querying OCSP responder\n");
+ end:
+ if (cbio)
+ BIO_free_all(cbio);
+ if (ctx)
+ SSL_CTX_free(ctx);
+ return resp;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/apps/passwd.c
===================================================================
--- vendor-crypto/openssl/dist/apps/passwd.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/passwd.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,494 +0,0 @@
-/* apps/passwd.c */
-
-#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
-# define NO_MD5CRYPT_1
-#endif
-
-#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
-
-# include <assert.h>
-# include <string.h>
-
-# include "apps.h"
-
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/evp.h>
-# include <openssl/rand.h>
-# ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-# endif
-# ifndef NO_MD5CRYPT_1
-# include <openssl/md5.h>
-# endif
-
-# undef PROG
-# define PROG passwd_main
-
-static unsigned const char cov_2char[64] = {
- /* from crypto/des/fcrypt.c */
- 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
- 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
- 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
- 0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
- 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
- 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
- 0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
- 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
-};
-
-static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
- char *passwd, BIO *out, int quiet, int table,
- int reverse, size_t pw_maxlen, int usecrypt, int use1,
- int useapr1);
-
-/*-
- * -crypt - standard Unix password algorithm (default)
- * -1 - MD5-based password algorithm
- * -apr1 - MD5-based password algorithm, Apache variant
- * -salt string - salt
- * -in file - read passwords from file
- * -stdin - read passwords from stdin
- * -noverify - never verify when reading password from terminal
- * -quiet - no warnings
- * -table - format output as table
- * -reverse - switch table columns
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- int ret = 1;
- char *infile = NULL;
- int in_stdin = 0;
- int in_noverify = 0;
- char *salt = NULL, *passwd = NULL, **passwds = NULL;
- char *salt_malloc = NULL, *passwd_malloc = NULL;
- size_t passwd_malloc_size = 0;
- int pw_source_defined = 0;
- BIO *in = NULL, *out = NULL;
- int i, badopt, opt_done;
- int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
- int usecrypt = 0, use1 = 0, useapr1 = 0;
- size_t pw_maxlen = 0;
-
- apps_startup();
-
- if (bio_err == NULL)
- if ((bio_err = BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- if (!load_config(bio_err, NULL))
- goto err;
- out = BIO_new(BIO_s_file());
- if (out == NULL)
- goto err;
- BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-# ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- out = BIO_push(tmpbio, out);
- }
-# endif
-
- badopt = 0, opt_done = 0;
- i = 0;
- while (!badopt && !opt_done && argv[++i] != NULL) {
- if (strcmp(argv[i], "-crypt") == 0)
- usecrypt = 1;
- else if (strcmp(argv[i], "-1") == 0)
- use1 = 1;
- else if (strcmp(argv[i], "-apr1") == 0)
- useapr1 = 1;
- else if (strcmp(argv[i], "-salt") == 0) {
- if ((argv[i + 1] != NULL) && (salt == NULL)) {
- passed_salt = 1;
- salt = argv[++i];
- } else
- badopt = 1;
- } else if (strcmp(argv[i], "-in") == 0) {
- if ((argv[i + 1] != NULL) && !pw_source_defined) {
- pw_source_defined = 1;
- infile = argv[++i];
- } else
- badopt = 1;
- } else if (strcmp(argv[i], "-stdin") == 0) {
- if (!pw_source_defined) {
- pw_source_defined = 1;
- in_stdin = 1;
- } else
- badopt = 1;
- } else if (strcmp(argv[i], "-noverify") == 0)
- in_noverify = 1;
- else if (strcmp(argv[i], "-quiet") == 0)
- quiet = 1;
- else if (strcmp(argv[i], "-table") == 0)
- table = 1;
- else if (strcmp(argv[i], "-reverse") == 0)
- reverse = 1;
- else if (argv[i][0] == '-')
- badopt = 1;
- else if (!pw_source_defined)
- /* non-option arguments, use as passwords */
- {
- pw_source_defined = 1;
- passwds = &argv[i];
- opt_done = 1;
- } else
- badopt = 1;
- }
-
- if (!usecrypt && !use1 && !useapr1) /* use default */
- usecrypt = 1;
- if (usecrypt + use1 + useapr1 > 1) /* conflict */
- badopt = 1;
-
- /* reject unsupported algorithms */
-# ifdef OPENSSL_NO_DES
- if (usecrypt)
- badopt = 1;
-# endif
-# ifdef NO_MD5CRYPT_1
- if (use1 || useapr1)
- badopt = 1;
-# endif
-
- if (badopt) {
- BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
- BIO_printf(bio_err, "where options are\n");
-# ifndef OPENSSL_NO_DES
- BIO_printf(bio_err,
- "-crypt standard Unix password algorithm (default)\n");
-# endif
-# ifndef NO_MD5CRYPT_1
- BIO_printf(bio_err,
- "-1 MD5-based password algorithm\n");
- BIO_printf(bio_err,
- "-apr1 MD5-based password algorithm, Apache variant\n");
-# endif
- BIO_printf(bio_err, "-salt string use provided salt\n");
- BIO_printf(bio_err, "-in file read passwords from file\n");
- BIO_printf(bio_err, "-stdin read passwords from stdin\n");
- BIO_printf(bio_err,
- "-noverify never verify when reading password from terminal\n");
- BIO_printf(bio_err, "-quiet no warnings\n");
- BIO_printf(bio_err, "-table format output as table\n");
- BIO_printf(bio_err, "-reverse switch table columns\n");
-
- goto err;
- }
-
- if ((infile != NULL) || in_stdin) {
- in = BIO_new(BIO_s_file());
- if (in == NULL)
- goto err;
- if (infile != NULL) {
- assert(in_stdin == 0);
- if (BIO_read_filename(in, infile) <= 0)
- goto err;
- } else {
- assert(in_stdin);
- BIO_set_fp(in, stdin, BIO_NOCLOSE);
- }
- }
-
- if (usecrypt)
- pw_maxlen = 8;
- else if (use1 || useapr1)
- pw_maxlen = 256; /* arbitrary limit, should be enough for most
- * passwords */
-
- if (passwds == NULL) {
- /* no passwords on the command line */
-
- passwd_malloc_size = pw_maxlen + 2;
- /*
- * longer than necessary so that we can warn about truncation
- */
- passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
- if (passwd_malloc == NULL)
- goto err;
- }
-
- if ((in == NULL) && (passwds == NULL)) {
- /* build a null-terminated list */
- static char *passwds_static[2] = { NULL, NULL };
-
- passwds = passwds_static;
- if (in == NULL)
- if (EVP_read_pw_string
- (passwd_malloc, passwd_malloc_size, "Password: ",
- !(passed_salt || in_noverify)) != 0)
- goto err;
- passwds[0] = passwd_malloc;
- }
-
- if (in == NULL) {
- assert(passwds != NULL);
- assert(*passwds != NULL);
-
- do { /* loop over list of passwords */
- passwd = *passwds++;
- if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
- quiet, table, reverse, pw_maxlen, usecrypt, use1,
- useapr1))
- goto err;
- }
- while (*passwds != NULL);
- } else
- /* in != NULL */
- {
- int done;
-
- assert(passwd != NULL);
- do {
- int r = BIO_gets(in, passwd, pw_maxlen + 1);
- if (r > 0) {
- char *c = (strchr(passwd, '\n'));
- if (c != NULL)
- *c = 0; /* truncate at newline */
- else {
- /* ignore rest of line */
- char trash[BUFSIZ];
- do
- r = BIO_gets(in, trash, sizeof trash);
- while ((r > 0) && (!strchr(trash, '\n')));
- }
-
- if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
- quiet, table, reverse, pw_maxlen, usecrypt,
- use1, useapr1))
- goto err;
- }
- done = (r <= 0);
- }
- while (!done);
- }
- ret = 0;
-
- err:
- ERR_print_errors(bio_err);
- if (salt_malloc)
- OPENSSL_free(salt_malloc);
- if (passwd_malloc)
- OPENSSL_free(passwd_malloc);
- if (in)
- BIO_free(in);
- if (out)
- BIO_free_all(out);
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
-
-# ifndef NO_MD5CRYPT_1
-/*
- * MD5-based password algorithm (should probably be available as a library
- * function; then the static buffer would not be acceptable). For magic
- * string "1", this should be compatible to the MD5-based BSD password
- * algorithm. For 'magic' string "apr1", this is compatible to the MD5-based
- * Apache password algorithm. (Apparently, the Apache password algorithm is
- * identical except that the 'magic' string was changed -- the laziest
- * application of the NIH principle I've ever encountered.)
- */
-static char *md5crypt(const char *passwd, const char *magic, const char *salt)
-{
- /* "$apr1$..salt..$.......md5hash..........\0" */
- static char out_buf[6 + 9 + 24 + 2];
- unsigned char buf[MD5_DIGEST_LENGTH];
- char *salt_out;
- int n;
- unsigned int i;
- EVP_MD_CTX md, md2;
- size_t passwd_len, salt_len;
-
- passwd_len = strlen(passwd);
- out_buf[0] = '$';
- out_buf[1] = 0;
- assert(strlen(magic) <= 4); /* "1" or "apr1" */
- strncat(out_buf, magic, 4);
- strncat(out_buf, "$", 1);
- strncat(out_buf, salt, 8);
- assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
- salt_out = out_buf + 2 + strlen(magic);
- salt_len = strlen(salt_out);
- assert(salt_len <= 8);
-
- EVP_MD_CTX_init(&md);
- EVP_DigestInit_ex(&md, EVP_md5(), NULL);
- EVP_DigestUpdate(&md, passwd, passwd_len);
- EVP_DigestUpdate(&md, "$", 1);
- EVP_DigestUpdate(&md, magic, strlen(magic));
- EVP_DigestUpdate(&md, "$", 1);
- EVP_DigestUpdate(&md, salt_out, salt_len);
-
- EVP_MD_CTX_init(&md2);
- EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
- EVP_DigestUpdate(&md2, passwd, passwd_len);
- EVP_DigestUpdate(&md2, salt_out, salt_len);
- EVP_DigestUpdate(&md2, passwd, passwd_len);
- EVP_DigestFinal_ex(&md2, buf, NULL);
-
- for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
- EVP_DigestUpdate(&md, buf, sizeof buf);
- EVP_DigestUpdate(&md, buf, i);
-
- n = passwd_len;
- while (n) {
- EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
- n >>= 1;
- }
- EVP_DigestFinal_ex(&md, buf, NULL);
-
- for (i = 0; i < 1000; i++) {
- EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
- EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
- (i & 1) ? passwd_len : sizeof buf);
- if (i % 3)
- EVP_DigestUpdate(&md2, salt_out, salt_len);
- if (i % 7)
- EVP_DigestUpdate(&md2, passwd, passwd_len);
- EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
- (i & 1) ? sizeof buf : passwd_len);
- EVP_DigestFinal_ex(&md2, buf, NULL);
- }
- EVP_MD_CTX_cleanup(&md2);
-
- {
- /* transform buf into output string */
-
- unsigned char buf_perm[sizeof buf];
- int dest, source;
- char *output;
-
- /* silly output permutation */
- for (dest = 0, source = 0; dest < 14;
- dest++, source = (source + 6) % 17)
- buf_perm[dest] = buf[source];
- buf_perm[14] = buf[5];
- buf_perm[15] = buf[11];
-# ifndef PEDANTIC /* Unfortunately, this generates a "no
- * effect" warning */
- assert(16 == sizeof buf_perm);
-# endif
-
- output = salt_out + salt_len;
- assert(output == out_buf + strlen(out_buf));
-
- *output++ = '$';
-
- for (i = 0; i < 15; i += 3) {
- *output++ = cov_2char[buf_perm[i + 2] & 0x3f];
- *output++ = cov_2char[((buf_perm[i + 1] & 0xf) << 2) |
- (buf_perm[i + 2] >> 6)];
- *output++ = cov_2char[((buf_perm[i] & 3) << 4) |
- (buf_perm[i + 1] >> 4)];
- *output++ = cov_2char[buf_perm[i] >> 2];
- }
- assert(i == 15);
- *output++ = cov_2char[buf_perm[i] & 0x3f];
- *output++ = cov_2char[buf_perm[i] >> 6];
- *output = 0;
- assert(strlen(out_buf) < sizeof(out_buf));
- }
- EVP_MD_CTX_cleanup(&md);
-
- return out_buf;
-}
-# endif
-
-static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
- char *passwd, BIO *out, int quiet, int table,
- int reverse, size_t pw_maxlen, int usecrypt, int use1,
- int useapr1)
-{
- char *hash = NULL;
-
- assert(salt_p != NULL);
- assert(salt_malloc_p != NULL);
-
- /* first make sure we have a salt */
- if (!passed_salt) {
-# ifndef OPENSSL_NO_DES
- if (usecrypt) {
- if (*salt_malloc_p == NULL) {
- *salt_p = *salt_malloc_p = OPENSSL_malloc(3);
- if (*salt_malloc_p == NULL)
- goto err;
- }
- if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
- goto err;
- (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
- (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
- (*salt_p)[2] = 0;
-# ifdef CHARSET_EBCDIC
- ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert back
- * to ASCII */
-# endif
- }
-# endif /* !OPENSSL_NO_DES */
-
-# ifndef NO_MD5CRYPT_1
- if (use1 || useapr1) {
- int i;
-
- if (*salt_malloc_p == NULL) {
- *salt_p = *salt_malloc_p = OPENSSL_malloc(9);
- if (*salt_malloc_p == NULL)
- goto err;
- }
- if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
- goto err;
-
- for (i = 0; i < 8; i++)
- (*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
- (*salt_p)[8] = 0;
- }
-# endif /* !NO_MD5CRYPT_1 */
- }
-
- assert(*salt_p != NULL);
-
- /* truncate password if necessary */
- if ((strlen(passwd) > pw_maxlen)) {
- if (!quiet)
- /*
- * XXX: really we should know how to print a size_t, not cast it
- */
- BIO_printf(bio_err,
- "Warning: truncating password to %u characters\n",
- (unsigned)pw_maxlen);
- passwd[pw_maxlen] = 0;
- }
- assert(strlen(passwd) <= pw_maxlen);
-
- /* now compute password hash */
-# ifndef OPENSSL_NO_DES
- if (usecrypt)
- hash = DES_crypt(passwd, *salt_p);
-# endif
-# ifndef NO_MD5CRYPT_1
- if (use1 || useapr1)
- hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
-# endif
- assert(hash != NULL);
-
- if (table && !reverse)
- BIO_printf(out, "%s\t%s\n", passwd, hash);
- else if (table && reverse)
- BIO_printf(out, "%s\t%s\n", hash, passwd);
- else
- BIO_printf(out, "%s\n", hash);
- return 1;
-
- err:
- return 0;
-}
-#else
-
-int MAIN(int argc, char **argv)
-{
- fputs("Program not available.\n", stderr)
- OPENSSL_EXIT(1);
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/apps/passwd.c (from rev 11605, vendor-crypto/openssl/dist/apps/passwd.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/passwd.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/passwd.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,494 @@
+/* apps/passwd.c */
+
+#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
+# define NO_MD5CRYPT_1
+#endif
+
+#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
+
+# include <assert.h>
+# include <string.h>
+
+# include "apps.h"
+
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/rand.h>
+# ifndef OPENSSL_NO_DES
+# include <openssl/des.h>
+# endif
+# ifndef NO_MD5CRYPT_1
+# include <openssl/md5.h>
+# endif
+
+# undef PROG
+# define PROG passwd_main
+
+static unsigned const char cov_2char[64] = {
+ /* from crypto/des/fcrypt.c */
+ 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
+ 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
+ 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
+ 0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
+ 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
+ 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
+ 0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
+ 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
+};
+
+static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
+ char *passwd, BIO *out, int quiet, int table,
+ int reverse, size_t pw_maxlen, int usecrypt, int use1,
+ int useapr1);
+
+/*-
+ * -crypt - standard Unix password algorithm (default)
+ * -1 - MD5-based password algorithm
+ * -apr1 - MD5-based password algorithm, Apache variant
+ * -salt string - salt
+ * -in file - read passwords from file
+ * -stdin - read passwords from stdin
+ * -noverify - never verify when reading password from terminal
+ * -quiet - no warnings
+ * -table - format output as table
+ * -reverse - switch table columns
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ int ret = 1;
+ char *infile = NULL;
+ int in_stdin = 0;
+ int in_noverify = 0;
+ char *salt = NULL, *passwd = NULL, **passwds = NULL;
+ char *salt_malloc = NULL, *passwd_malloc = NULL;
+ size_t passwd_malloc_size = 0;
+ int pw_source_defined = 0;
+ BIO *in = NULL, *out = NULL;
+ int i, badopt, opt_done;
+ int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
+ int usecrypt = 0, use1 = 0, useapr1 = 0;
+ size_t pw_maxlen = 0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ if (!load_config(bio_err, NULL))
+ goto err;
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+ goto err;
+ BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+# ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+# endif
+
+ badopt = 0, opt_done = 0;
+ i = 0;
+ while (!badopt && !opt_done && argv[++i] != NULL) {
+ if (strcmp(argv[i], "-crypt") == 0)
+ usecrypt = 1;
+ else if (strcmp(argv[i], "-1") == 0)
+ use1 = 1;
+ else if (strcmp(argv[i], "-apr1") == 0)
+ useapr1 = 1;
+ else if (strcmp(argv[i], "-salt") == 0) {
+ if ((argv[i + 1] != NULL) && (salt == NULL)) {
+ passed_salt = 1;
+ salt = argv[++i];
+ } else
+ badopt = 1;
+ } else if (strcmp(argv[i], "-in") == 0) {
+ if ((argv[i + 1] != NULL) && !pw_source_defined) {
+ pw_source_defined = 1;
+ infile = argv[++i];
+ } else
+ badopt = 1;
+ } else if (strcmp(argv[i], "-stdin") == 0) {
+ if (!pw_source_defined) {
+ pw_source_defined = 1;
+ in_stdin = 1;
+ } else
+ badopt = 1;
+ } else if (strcmp(argv[i], "-noverify") == 0)
+ in_noverify = 1;
+ else if (strcmp(argv[i], "-quiet") == 0)
+ quiet = 1;
+ else if (strcmp(argv[i], "-table") == 0)
+ table = 1;
+ else if (strcmp(argv[i], "-reverse") == 0)
+ reverse = 1;
+ else if (argv[i][0] == '-')
+ badopt = 1;
+ else if (!pw_source_defined)
+ /* non-option arguments, use as passwords */
+ {
+ pw_source_defined = 1;
+ passwds = &argv[i];
+ opt_done = 1;
+ } else
+ badopt = 1;
+ }
+
+ if (!usecrypt && !use1 && !useapr1) /* use default */
+ usecrypt = 1;
+ if (usecrypt + use1 + useapr1 > 1) /* conflict */
+ badopt = 1;
+
+ /* reject unsupported algorithms */
+# ifdef OPENSSL_NO_DES
+ if (usecrypt)
+ badopt = 1;
+# endif
+# ifdef NO_MD5CRYPT_1
+ if (use1 || useapr1)
+ badopt = 1;
+# endif
+
+ if (badopt) {
+ BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
+ BIO_printf(bio_err, "where options are\n");
+# ifndef OPENSSL_NO_DES
+ BIO_printf(bio_err,
+ "-crypt standard Unix password algorithm (default)\n");
+# endif
+# ifndef NO_MD5CRYPT_1
+ BIO_printf(bio_err,
+ "-1 MD5-based password algorithm\n");
+ BIO_printf(bio_err,
+ "-apr1 MD5-based password algorithm, Apache variant\n");
+# endif
+ BIO_printf(bio_err, "-salt string use provided salt\n");
+ BIO_printf(bio_err, "-in file read passwords from file\n");
+ BIO_printf(bio_err, "-stdin read passwords from stdin\n");
+ BIO_printf(bio_err,
+ "-noverify never verify when reading password from terminal\n");
+ BIO_printf(bio_err, "-quiet no warnings\n");
+ BIO_printf(bio_err, "-table format output as table\n");
+ BIO_printf(bio_err, "-reverse switch table columns\n");
+
+ goto err;
+ }
+
+ if ((infile != NULL) || in_stdin) {
+ in = BIO_new(BIO_s_file());
+ if (in == NULL)
+ goto err;
+ if (infile != NULL) {
+ assert(in_stdin == 0);
+ if (BIO_read_filename(in, infile) <= 0)
+ goto err;
+ } else {
+ assert(in_stdin);
+ BIO_set_fp(in, stdin, BIO_NOCLOSE);
+ }
+ }
+
+ if (usecrypt)
+ pw_maxlen = 8;
+ else if (use1 || useapr1)
+ pw_maxlen = 256; /* arbitrary limit, should be enough for most
+ * passwords */
+
+ if (passwds == NULL) {
+ /* no passwords on the command line */
+
+ passwd_malloc_size = pw_maxlen + 2;
+ /*
+ * longer than necessary so that we can warn about truncation
+ */
+ passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
+ if (passwd_malloc == NULL)
+ goto err;
+ }
+
+ if ((in == NULL) && (passwds == NULL)) {
+ /* build a null-terminated list */
+ static char *passwds_static[2] = { NULL, NULL };
+
+ passwds = passwds_static;
+ if (in == NULL)
+ if (EVP_read_pw_string
+ (passwd_malloc, passwd_malloc_size, "Password: ",
+ !(passed_salt || in_noverify)) != 0)
+ goto err;
+ passwds[0] = passwd_malloc;
+ }
+
+ if (in == NULL) {
+ assert(passwds != NULL);
+ assert(*passwds != NULL);
+
+ do { /* loop over list of passwords */
+ passwd = *passwds++;
+ if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
+ quiet, table, reverse, pw_maxlen, usecrypt, use1,
+ useapr1))
+ goto err;
+ }
+ while (*passwds != NULL);
+ } else
+ /* in != NULL */
+ {
+ int done;
+
+ assert(passwd != NULL);
+ do {
+ int r = BIO_gets(in, passwd, pw_maxlen + 1);
+ if (r > 0) {
+ char *c = (strchr(passwd, '\n'));
+ if (c != NULL)
+ *c = 0; /* truncate at newline */
+ else {
+ /* ignore rest of line */
+ char trash[BUFSIZ];
+ do
+ r = BIO_gets(in, trash, sizeof trash);
+ while ((r > 0) && (!strchr(trash, '\n')));
+ }
+
+ if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
+ quiet, table, reverse, pw_maxlen, usecrypt,
+ use1, useapr1))
+ goto err;
+ }
+ done = (r <= 0);
+ }
+ while (!done);
+ }
+ ret = 0;
+
+ err:
+ ERR_print_errors(bio_err);
+ if (salt_malloc)
+ OPENSSL_free(salt_malloc);
+ if (passwd_malloc)
+ OPENSSL_free(passwd_malloc);
+ if (in)
+ BIO_free(in);
+ if (out)
+ BIO_free_all(out);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+
+# ifndef NO_MD5CRYPT_1
+/*
+ * MD5-based password algorithm (should probably be available as a library
+ * function; then the static buffer would not be acceptable). For magic
+ * string "1", this should be compatible to the MD5-based BSD password
+ * algorithm. For 'magic' string "apr1", this is compatible to the MD5-based
+ * Apache password algorithm. (Apparently, the Apache password algorithm is
+ * identical except that the 'magic' string was changed -- the laziest
+ * application of the NIH principle I've ever encountered.)
+ */
+static char *md5crypt(const char *passwd, const char *magic, const char *salt)
+{
+ /* "$apr1$..salt..$.......md5hash..........\0" */
+ static char out_buf[6 + 9 + 24 + 2];
+ unsigned char buf[MD5_DIGEST_LENGTH];
+ char *salt_out;
+ int n;
+ unsigned int i;
+ EVP_MD_CTX md, md2;
+ size_t passwd_len, salt_len;
+
+ passwd_len = strlen(passwd);
+ out_buf[0] = '$';
+ out_buf[1] = 0;
+ assert(strlen(magic) <= 4); /* "1" or "apr1" */
+ strncat(out_buf, magic, 4);
+ strncat(out_buf, "$", 1);
+ strncat(out_buf, salt, 8);
+ assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
+ salt_out = out_buf + 2 + strlen(magic);
+ salt_len = strlen(salt_out);
+ assert(salt_len <= 8);
+
+ EVP_MD_CTX_init(&md);
+ EVP_DigestInit_ex(&md, EVP_md5(), NULL);
+ EVP_DigestUpdate(&md, passwd, passwd_len);
+ EVP_DigestUpdate(&md, "$", 1);
+ EVP_DigestUpdate(&md, magic, strlen(magic));
+ EVP_DigestUpdate(&md, "$", 1);
+ EVP_DigestUpdate(&md, salt_out, salt_len);
+
+ EVP_MD_CTX_init(&md2);
+ EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestUpdate(&md2, salt_out, salt_len);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestFinal_ex(&md2, buf, NULL);
+
+ for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
+ EVP_DigestUpdate(&md, buf, sizeof buf);
+ EVP_DigestUpdate(&md, buf, i);
+
+ n = passwd_len;
+ while (n) {
+ EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
+ n >>= 1;
+ }
+ EVP_DigestFinal_ex(&md, buf, NULL);
+
+ for (i = 0; i < 1000; i++) {
+ EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+ EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
+ (i & 1) ? passwd_len : sizeof buf);
+ if (i % 3)
+ EVP_DigestUpdate(&md2, salt_out, salt_len);
+ if (i % 7)
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
+ (i & 1) ? sizeof buf : passwd_len);
+ EVP_DigestFinal_ex(&md2, buf, NULL);
+ }
+ EVP_MD_CTX_cleanup(&md2);
+
+ {
+ /* transform buf into output string */
+
+ unsigned char buf_perm[sizeof buf];
+ int dest, source;
+ char *output;
+
+ /* silly output permutation */
+ for (dest = 0, source = 0; dest < 14;
+ dest++, source = (source + 6) % 17)
+ buf_perm[dest] = buf[source];
+ buf_perm[14] = buf[5];
+ buf_perm[15] = buf[11];
+# ifndef PEDANTIC /* Unfortunately, this generates a "no
+ * effect" warning */
+ assert(16 == sizeof buf_perm);
+# endif
+
+ output = salt_out + salt_len;
+ assert(output == out_buf + strlen(out_buf));
+
+ *output++ = '$';
+
+ for (i = 0; i < 15; i += 3) {
+ *output++ = cov_2char[buf_perm[i + 2] & 0x3f];
+ *output++ = cov_2char[((buf_perm[i + 1] & 0xf) << 2) |
+ (buf_perm[i + 2] >> 6)];
+ *output++ = cov_2char[((buf_perm[i] & 3) << 4) |
+ (buf_perm[i + 1] >> 4)];
+ *output++ = cov_2char[buf_perm[i] >> 2];
+ }
+ assert(i == 15);
+ *output++ = cov_2char[buf_perm[i] & 0x3f];
+ *output++ = cov_2char[buf_perm[i] >> 6];
+ *output = 0;
+ assert(strlen(out_buf) < sizeof(out_buf));
+ }
+ EVP_MD_CTX_cleanup(&md);
+
+ return out_buf;
+}
+# endif
+
+static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
+ char *passwd, BIO *out, int quiet, int table,
+ int reverse, size_t pw_maxlen, int usecrypt, int use1,
+ int useapr1)
+{
+ char *hash = NULL;
+
+ assert(salt_p != NULL);
+ assert(salt_malloc_p != NULL);
+
+ /* first make sure we have a salt */
+ if (!passed_salt) {
+# ifndef OPENSSL_NO_DES
+ if (usecrypt) {
+ if (*salt_malloc_p == NULL) {
+ *salt_p = *salt_malloc_p = OPENSSL_malloc(3);
+ if (*salt_malloc_p == NULL)
+ goto err;
+ }
+ if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0)
+ goto err;
+ (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
+ (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
+ (*salt_p)[2] = 0;
+# ifdef CHARSET_EBCDIC
+ ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert back
+ * to ASCII */
+# endif
+ }
+# endif /* !OPENSSL_NO_DES */
+
+# ifndef NO_MD5CRYPT_1
+ if (use1 || useapr1) {
+ int i;
+
+ if (*salt_malloc_p == NULL) {
+ *salt_p = *salt_malloc_p = OPENSSL_malloc(9);
+ if (*salt_malloc_p == NULL)
+ goto err;
+ }
+ if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0)
+ goto err;
+
+ for (i = 0; i < 8; i++)
+ (*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
+ (*salt_p)[8] = 0;
+ }
+# endif /* !NO_MD5CRYPT_1 */
+ }
+
+ assert(*salt_p != NULL);
+
+ /* truncate password if necessary */
+ if ((strlen(passwd) > pw_maxlen)) {
+ if (!quiet)
+ /*
+ * XXX: really we should know how to print a size_t, not cast it
+ */
+ BIO_printf(bio_err,
+ "Warning: truncating password to %u characters\n",
+ (unsigned)pw_maxlen);
+ passwd[pw_maxlen] = 0;
+ }
+ assert(strlen(passwd) <= pw_maxlen);
+
+ /* now compute password hash */
+# ifndef OPENSSL_NO_DES
+ if (usecrypt)
+ hash = DES_crypt(passwd, *salt_p);
+# endif
+# ifndef NO_MD5CRYPT_1
+ if (use1 || useapr1)
+ hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
+# endif
+ assert(hash != NULL);
+
+ if (table && !reverse)
+ BIO_printf(out, "%s\t%s\n", passwd, hash);
+ else if (table && reverse)
+ BIO_printf(out, "%s\t%s\n", hash, passwd);
+ else
+ BIO_printf(out, "%s\n", hash);
+ return 1;
+
+ err:
+ return 0;
+}
+#else
+
+int MAIN(int argc, char **argv)
+{
+ fputs("Program not available.\n", stderr)
+ OPENSSL_EXIT(1);
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/apps/pkcs12.c
===================================================================
--- vendor-crypto/openssl/dist/apps/pkcs12.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/pkcs12.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1068 +0,0 @@
-/* pkcs12.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include "apps.h"
-# include <openssl/crypto.h>
-# include <openssl/err.h>
-# include <openssl/pem.h>
-# include <openssl/pkcs12.h>
-
-# define PROG pkcs12_main
-
-const EVP_CIPHER *enc;
-
-# define NOKEYS 0x1
-# define NOCERTS 0x2
-# define INFO 0x4
-# define CLCERTS 0x8
-# define CACERTS 0x10
-
-int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
-int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen,
- int options, char *pempass);
-int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
- char *pass, int passlen, int options,
- char *pempass);
-int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass,
- int passlen, int options, char *pempass);
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,
- const char *name);
-void hex_prin(BIO *out, unsigned char *buf, int len);
-int alg_print(BIO *x, X509_ALGOR *alg);
-int cert_load(BIO *in, STACK_OF(X509) *sk);
-static int set_pbe(BIO *err, int *ppbe, const char *str);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- ENGINE *e = NULL;
- char *infile = NULL, *outfile = NULL, *keyname = NULL;
- char *certfile = NULL;
- BIO *in = NULL, *out = NULL;
- char **args;
- char *name = NULL;
- char *csp_name = NULL;
- int add_lmk = 0;
- PKCS12 *p12 = NULL;
- char pass[50], macpass[50];
- int export_cert = 0;
- int options = 0;
- int chain = 0;
- int badarg = 0;
- int iter = PKCS12_DEFAULT_ITER;
- int maciter = PKCS12_DEFAULT_ITER;
- int twopass = 0;
- int keytype = 0;
- int cert_pbe;
- int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
- int ret = 1;
- int macver = 1;
- int noprompt = 0;
- STACK_OF(OPENSSL_STRING) *canames = NULL;
- char *cpass = NULL, *mpass = NULL;
- char *passargin = NULL, *passargout = NULL, *passarg = NULL;
- char *passin = NULL, *passout = NULL;
- char *inrand = NULL;
- char *macalg = NULL;
- char *CApath = NULL, *CAfile = NULL;
-# ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
-# endif
-
- apps_startup();
-
- enc = EVP_des_ede3_cbc();
- if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- if (!load_config(bio_err, NULL))
- goto end;
-
-# ifdef OPENSSL_FIPS
- if (FIPS_mode())
- cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
- else
-# endif
- cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-
- args = argv + 1;
-
- while (*args) {
- if (*args[0] == '-') {
- if (!strcmp(*args, "-nokeys"))
- options |= NOKEYS;
- else if (!strcmp(*args, "-keyex"))
- keytype = KEY_EX;
- else if (!strcmp(*args, "-keysig"))
- keytype = KEY_SIG;
- else if (!strcmp(*args, "-nocerts"))
- options |= NOCERTS;
- else if (!strcmp(*args, "-clcerts"))
- options |= CLCERTS;
- else if (!strcmp(*args, "-cacerts"))
- options |= CACERTS;
- else if (!strcmp(*args, "-noout"))
- options |= (NOKEYS | NOCERTS);
- else if (!strcmp(*args, "-info"))
- options |= INFO;
- else if (!strcmp(*args, "-chain"))
- chain = 1;
- else if (!strcmp(*args, "-twopass"))
- twopass = 1;
- else if (!strcmp(*args, "-nomacver"))
- macver = 0;
- else if (!strcmp(*args, "-descert"))
- cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
- else if (!strcmp(*args, "-export"))
- export_cert = 1;
- else if (!strcmp(*args, "-des"))
- enc = EVP_des_cbc();
- else if (!strcmp(*args, "-des3"))
- enc = EVP_des_ede3_cbc();
-# ifndef OPENSSL_NO_IDEA
- else if (!strcmp(*args, "-idea"))
- enc = EVP_idea_cbc();
-# endif
-# ifndef OPENSSL_NO_SEED
- else if (!strcmp(*args, "-seed"))
- enc = EVP_seed_cbc();
-# endif
-# ifndef OPENSSL_NO_AES
- else if (!strcmp(*args, "-aes128"))
- enc = EVP_aes_128_cbc();
- else if (!strcmp(*args, "-aes192"))
- enc = EVP_aes_192_cbc();
- else if (!strcmp(*args, "-aes256"))
- enc = EVP_aes_256_cbc();
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- else if (!strcmp(*args, "-camellia128"))
- enc = EVP_camellia_128_cbc();
- else if (!strcmp(*args, "-camellia192"))
- enc = EVP_camellia_192_cbc();
- else if (!strcmp(*args, "-camellia256"))
- enc = EVP_camellia_256_cbc();
-# endif
- else if (!strcmp(*args, "-noiter"))
- iter = 1;
- else if (!strcmp(*args, "-maciter"))
- maciter = PKCS12_DEFAULT_ITER;
- else if (!strcmp(*args, "-nomaciter"))
- maciter = 1;
- else if (!strcmp(*args, "-nomac"))
- maciter = -1;
- else if (!strcmp(*args, "-macalg"))
- if (args[1]) {
- args++;
- macalg = *args;
- } else
- badarg = 1;
- else if (!strcmp(*args, "-nodes"))
- enc = NULL;
- else if (!strcmp(*args, "-certpbe")) {
- if (!set_pbe(bio_err, &cert_pbe, *++args))
- badarg = 1;
- } else if (!strcmp(*args, "-keypbe")) {
- if (!set_pbe(bio_err, &key_pbe, *++args))
- badarg = 1;
- } else if (!strcmp(*args, "-rand")) {
- if (args[1]) {
- args++;
- inrand = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-inkey")) {
- if (args[1]) {
- args++;
- keyname = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-certfile")) {
- if (args[1]) {
- args++;
- certfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-name")) {
- if (args[1]) {
- args++;
- name = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-LMK"))
- add_lmk = 1;
- else if (!strcmp(*args, "-CSP")) {
- if (args[1]) {
- args++;
- csp_name = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-caname")) {
- if (args[1]) {
- args++;
- if (!canames)
- canames = sk_OPENSSL_STRING_new_null();
- sk_OPENSSL_STRING_push(canames, *args);
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-in")) {
- if (args[1]) {
- args++;
- infile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-out")) {
- if (args[1]) {
- args++;
- outfile = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-passin")) {
- if (args[1]) {
- args++;
- passargin = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-passout")) {
- if (args[1]) {
- args++;
- passargout = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-password")) {
- if (args[1]) {
- args++;
- passarg = *args;
- noprompt = 1;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-CApath")) {
- if (args[1]) {
- args++;
- CApath = *args;
- } else
- badarg = 1;
- } else if (!strcmp(*args, "-CAfile")) {
- if (args[1]) {
- args++;
- CAfile = *args;
- } else
- badarg = 1;
-# ifndef OPENSSL_NO_ENGINE
- } else if (!strcmp(*args, "-engine")) {
- if (args[1]) {
- args++;
- engine = *args;
- } else
- badarg = 1;
-# endif
- } else
- badarg = 1;
-
- } else
- badarg = 1;
- args++;
- }
-
- if (badarg) {
- BIO_printf(bio_err, "Usage: pkcs12 [options]\n");
- BIO_printf(bio_err, "where options are\n");
- BIO_printf(bio_err, "-export output PKCS12 file\n");
- BIO_printf(bio_err, "-chain add certificate chain\n");
- BIO_printf(bio_err, "-inkey file private key if not infile\n");
- BIO_printf(bio_err, "-certfile f add all certs in f\n");
- BIO_printf(bio_err, "-CApath arg - PEM format directory of CA's\n");
- BIO_printf(bio_err, "-CAfile arg - PEM format file of CA's\n");
- BIO_printf(bio_err, "-name \"name\" use name as friendly name\n");
- BIO_printf(bio_err,
- "-caname \"nm\" use nm as CA friendly name (can be used more than once).\n");
- BIO_printf(bio_err, "-in infile input filename\n");
- BIO_printf(bio_err, "-out outfile output filename\n");
- BIO_printf(bio_err,
- "-noout don't output anything, just verify.\n");
- BIO_printf(bio_err, "-nomacver don't verify MAC.\n");
- BIO_printf(bio_err, "-nocerts don't output certificates.\n");
- BIO_printf(bio_err,
- "-clcerts only output client certificates.\n");
- BIO_printf(bio_err, "-cacerts only output CA certificates.\n");
- BIO_printf(bio_err, "-nokeys don't output private keys.\n");
- BIO_printf(bio_err,
- "-info give info about PKCS#12 structure.\n");
- BIO_printf(bio_err, "-des encrypt private keys with DES\n");
- BIO_printf(bio_err,
- "-des3 encrypt private keys with triple DES (default)\n");
-# ifndef OPENSSL_NO_IDEA
- BIO_printf(bio_err, "-idea encrypt private keys with idea\n");
-# endif
-# ifndef OPENSSL_NO_SEED
- BIO_printf(bio_err, "-seed encrypt private keys with seed\n");
-# endif
-# ifndef OPENSSL_NO_AES
- BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
- BIO_printf(bio_err,
- " encrypt PEM output with cbc aes\n");
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
- BIO_printf(bio_err,
- " encrypt PEM output with cbc camellia\n");
-# endif
- BIO_printf(bio_err, "-nodes don't encrypt private keys\n");
- BIO_printf(bio_err, "-noiter don't use encryption iteration\n");
- BIO_printf(bio_err, "-nomaciter don't use MAC iteration\n");
- BIO_printf(bio_err, "-maciter use MAC iteration\n");
- BIO_printf(bio_err, "-nomac don't generate MAC\n");
- BIO_printf(bio_err,
- "-twopass separate MAC, encryption passwords\n");
- BIO_printf(bio_err,
- "-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
- BIO_printf(bio_err,
- "-certpbe alg specify certificate PBE algorithm (default RC2-40)\n");
- BIO_printf(bio_err,
- "-keypbe alg specify private key PBE algorithm (default 3DES)\n");
- BIO_printf(bio_err,
- "-macalg alg digest algorithm used in MAC (default SHA1)\n");
- BIO_printf(bio_err, "-keyex set MS key exchange type\n");
- BIO_printf(bio_err, "-keysig set MS key signature type\n");
- BIO_printf(bio_err,
- "-password p set import/export password source\n");
- BIO_printf(bio_err, "-passin p input file pass phrase source\n");
- BIO_printf(bio_err, "-passout p output file pass phrase source\n");
-# ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err,
- "-engine e use engine e, possibly a hardware device.\n");
-# endif
- BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
- LIST_SEPARATOR_CHAR);
- BIO_printf(bio_err,
- " load the file (or the files in the directory) into\n");
- BIO_printf(bio_err, " the random number generator\n");
- BIO_printf(bio_err, "-CSP name Microsoft CSP name\n");
- BIO_printf(bio_err,
- "-LMK Add local machine keyset attribute to private key\n");
- goto end;
- }
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
-# endif
-
- if (passarg) {
- if (export_cert)
- passargout = passarg;
- else
- passargin = passarg;
- }
-
- if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
- BIO_printf(bio_err, "Error getting passwords\n");
- goto end;
- }
-
- if (!cpass) {
- if (export_cert)
- cpass = passout;
- else
- cpass = passin;
- }
-
- if (cpass) {
- mpass = cpass;
- noprompt = 1;
- } else {
- cpass = pass;
- mpass = macpass;
- }
-
- if (export_cert || inrand) {
- app_RAND_load_file(NULL, bio_err, (inrand != NULL));
- if (inrand != NULL)
- BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
- app_RAND_load_files(inrand));
- }
- ERR_load_crypto_strings();
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("read files");
-# endif
-
- if (!infile)
- in = BIO_new_fp(stdin, BIO_NOCLOSE);
- else
- in = BIO_new_file(infile, "rb");
- if (!in) {
- BIO_printf(bio_err, "Error opening input file %s\n",
- infile ? infile : "<stdin>");
- perror(infile);
- goto end;
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("write files");
-# endif
-
- if (!outfile) {
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
-# ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- out = BIO_push(tmpbio, out);
- }
-# endif
- } else
- out = BIO_new_file(outfile, "wb");
- if (!out) {
- BIO_printf(bio_err, "Error opening output file %s\n",
- outfile ? outfile : "<stdout>");
- perror(outfile);
- goto end;
- }
- if (twopass) {
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("read MAC password");
-# endif
- if (EVP_read_pw_string
- (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
- BIO_printf(bio_err, "Can't read Password\n");
- goto end;
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
- }
-
- if (export_cert) {
- EVP_PKEY *key = NULL;
- X509 *ucert = NULL, *x = NULL;
- STACK_OF(X509) *certs = NULL;
- const EVP_MD *macmd = NULL;
- unsigned char *catmp = NULL;
- int i;
-
- if ((options & (NOCERTS | NOKEYS)) == (NOCERTS | NOKEYS)) {
- BIO_printf(bio_err, "Nothing to do!\n");
- goto export_end;
- }
-
- if (options & NOCERTS)
- chain = 0;
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("process -export_cert");
- CRYPTO_push_info("reading private key");
-# endif
- if (!(options & NOKEYS)) {
- key = load_key(bio_err, keyname ? keyname : infile,
- FORMAT_PEM, 1, passin, e, "private key");
- if (!key)
- goto export_end;
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("reading certs from input");
-# endif
-
- /* Load in all certs in input file */
- if (!(options & NOCERTS)) {
- certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
- "certificates");
- if (!certs)
- goto export_end;
-
- if (key) {
- /* Look for matching private key */
- for (i = 0; i < sk_X509_num(certs); i++) {
- x = sk_X509_value(certs, i);
- if (X509_check_private_key(x, key)) {
- ucert = x;
- /* Zero keyid and alias */
- X509_keyid_set1(ucert, NULL, 0);
- X509_alias_set1(ucert, NULL, 0);
- /* Remove from list */
- (void)sk_X509_delete(certs, i);
- break;
- }
- }
- if (!ucert) {
- BIO_printf(bio_err,
- "No certificate matches private key\n");
- goto export_end;
- }
- }
-
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("reading certs from input 2");
-# endif
-
- /* Add any more certificates asked for */
- if (certfile) {
- STACK_OF(X509) *morecerts = NULL;
- if (!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM,
- NULL, e,
- "certificates from certfile")))
- goto export_end;
- while (sk_X509_num(morecerts) > 0)
- sk_X509_push(certs, sk_X509_shift(morecerts));
- sk_X509_free(morecerts);
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("reading certs from certfile");
-# endif
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("building chain");
-# endif
-
- /* If chaining get chain from user cert */
- if (chain) {
- int vret;
- STACK_OF(X509) *chain2;
- X509_STORE *store = X509_STORE_new();
- if (!store) {
- BIO_printf(bio_err, "Memory allocation error\n");
- goto export_end;
- }
- if (!X509_STORE_load_locations(store, CAfile, CApath))
- X509_STORE_set_default_paths(store);
-
- vret = get_cert_chain(ucert, store, &chain2);
- X509_STORE_free(store);
-
- if (!vret) {
- /* Exclude verified certificate */
- for (i = 1; i < sk_X509_num(chain2); i++)
- sk_X509_push(certs, sk_X509_value(chain2, i));
- /* Free first certificate */
- X509_free(sk_X509_value(chain2, 0));
- sk_X509_free(chain2);
- } else {
- if (vret >= 0)
- BIO_printf(bio_err, "Error %s getting chain.\n",
- X509_verify_cert_error_string(vret));
- else
- ERR_print_errors(bio_err);
- goto export_end;
- }
- }
-
- /* Add any CA names */
-
- for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++) {
- catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
- X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
- }
-
- if (csp_name && key)
- EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
- MBSTRING_ASC, (unsigned char *)csp_name,
- -1);
-
- if (add_lmk && key)
- EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("reading password");
-# endif
-
- if (!noprompt &&
- EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
- 1)) {
- BIO_printf(bio_err, "Can't read Password\n");
- goto export_end;
- }
- if (!twopass)
- BUF_strlcpy(macpass, pass, sizeof macpass);
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("creating PKCS#12 structure");
-# endif
-
- p12 = PKCS12_create(cpass, name, key, ucert, certs,
- key_pbe, cert_pbe, iter, -1, keytype);
-
- if (!p12) {
- ERR_print_errors(bio_err);
- goto export_end;
- }
-
- if (macalg) {
- macmd = EVP_get_digestbyname(macalg);
- if (!macmd) {
- BIO_printf(bio_err, "Unknown digest algorithm %s\n", macalg);
- }
- }
-
- if (maciter != -1)
- PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_push_info("writing pkcs12");
-# endif
-
- i2d_PKCS12_bio(out, p12);
-
- ret = 0;
-
- export_end:
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
- CRYPTO_pop_info();
- CRYPTO_push_info("process -export_cert: freeing");
-# endif
-
- if (key)
- EVP_PKEY_free(key);
- if (certs)
- sk_X509_pop_free(certs, X509_free);
- if (ucert)
- X509_free(ucert);
-
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
- goto end;
-
- }
-
- if (!(p12 = d2i_PKCS12_bio(in, NULL))) {
- ERR_print_errors(bio_err);
- goto end;
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("read import password");
-# endif
- if (!noprompt
- && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
- 0)) {
- BIO_printf(bio_err, "Can't read Password\n");
- goto end;
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
-
- if (!twopass)
- BUF_strlcpy(macpass, pass, sizeof macpass);
-
- if ((options & INFO) && p12->mac)
- BIO_printf(bio_err, "MAC Iteration %ld\n",
- p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1);
- if (macver) {
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("verify MAC");
-# endif
- /* If we enter empty password try no password first */
- if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
- /* If mac and crypto pass the same set it to NULL too */
- if (!twopass)
- cpass = NULL;
- } else if (!PKCS12_verify_mac(p12, mpass, -1)) {
- BIO_printf(bio_err, "Mac verify error: invalid password?\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- BIO_printf(bio_err, "MAC verified OK\n");
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("output keys and certificates");
-# endif
- if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout)) {
- BIO_printf(bio_err, "Error outputting keys and certificates\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
- ret = 0;
- end:
- if (p12)
- PKCS12_free(p12);
- if (export_cert || inrand)
- app_RAND_write_file(NULL, bio_err);
-# ifdef CRYPTO_MDEBUG
- CRYPTO_remove_all_info();
-# endif
- BIO_free(in);
- BIO_free_all(out);
- if (canames)
- sk_OPENSSL_STRING_free(canames);
- if (passin)
- OPENSSL_free(passin);
- if (passout)
- OPENSSL_free(passout);
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
-
-int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass,
- int passlen, int options, char *pempass)
-{
- STACK_OF(PKCS7) *asafes = NULL;
- STACK_OF(PKCS12_SAFEBAG) *bags;
- int i, bagnid;
- int ret = 0;
- PKCS7 *p7;
-
- if (!(asafes = PKCS12_unpack_authsafes(p12)))
- return 0;
- for (i = 0; i < sk_PKCS7_num(asafes); i++) {
- p7 = sk_PKCS7_value(asafes, i);
- bagnid = OBJ_obj2nid(p7->type);
- if (bagnid == NID_pkcs7_data) {
- bags = PKCS12_unpack_p7data(p7);
- if (options & INFO)
- BIO_printf(bio_err, "PKCS7 Data\n");
- } else if (bagnid == NID_pkcs7_encrypted) {
- if (options & INFO) {
- BIO_printf(bio_err, "PKCS7 Encrypted data: ");
- alg_print(bio_err, p7->d.encrypted->enc_data->algorithm);
- }
- bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
- } else
- continue;
- if (!bags)
- goto err;
- if (!dump_certs_pkeys_bags(out, bags, pass, passlen,
- options, pempass)) {
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- goto err;
- }
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- bags = NULL;
- }
- ret = 1;
-
- err:
-
- if (asafes)
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return ret;
-}
-
-int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
- char *pass, int passlen, int options, char *pempass)
-{
- int i;
- for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
- if (!dump_certs_pkeys_bag(out,
- sk_PKCS12_SAFEBAG_value(bags, i),
- pass, passlen, options, pempass))
- return 0;
- }
- return 1;
-}
-
-int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
- int passlen, int options, char *pempass)
-{
- EVP_PKEY *pkey;
- PKCS8_PRIV_KEY_INFO *p8;
- X509 *x509;
-
- switch (M_PKCS12_bag_type(bag)) {
- case NID_keyBag:
- if (options & INFO)
- BIO_printf(bio_err, "Key bag\n");
- if (options & NOKEYS)
- return 1;
- print_attribs(out, bag->attrib, "Bag Attributes");
- p8 = bag->value.keybag;
- if (!(pkey = EVP_PKCS82PKEY(p8)))
- return 0;
- print_attribs(out, p8->attributes, "Key Attributes");
- PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
- EVP_PKEY_free(pkey);
- break;
-
- case NID_pkcs8ShroudedKeyBag:
- if (options & INFO) {
- BIO_printf(bio_err, "Shrouded Keybag: ");
- alg_print(bio_err, bag->value.shkeybag->algor);
- }
- if (options & NOKEYS)
- return 1;
- print_attribs(out, bag->attrib, "Bag Attributes");
- if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
- return 0;
- if (!(pkey = EVP_PKCS82PKEY(p8))) {
- PKCS8_PRIV_KEY_INFO_free(p8);
- return 0;
- }
- print_attribs(out, p8->attributes, "Key Attributes");
- PKCS8_PRIV_KEY_INFO_free(p8);
- PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
- EVP_PKEY_free(pkey);
- break;
-
- case NID_certBag:
- if (options & INFO)
- BIO_printf(bio_err, "Certificate bag\n");
- if (options & NOCERTS)
- return 1;
- if (PKCS12_get_attr(bag, NID_localKeyID)) {
- if (options & CACERTS)
- return 1;
- } else if (options & CLCERTS)
- return 1;
- print_attribs(out, bag->attrib, "Bag Attributes");
- if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
- return 1;
- if (!(x509 = PKCS12_certbag2x509(bag)))
- return 0;
- dump_cert_text(out, x509);
- PEM_write_bio_X509(out, x509);
- X509_free(x509);
- break;
-
- case NID_safeContentsBag:
- if (options & INFO)
- BIO_printf(bio_err, "Safe Contents bag\n");
- print_attribs(out, bag->attrib, "Bag Attributes");
- return dump_certs_pkeys_bags(out, bag->value.safes, pass,
- passlen, options, pempass);
-
- default:
- BIO_printf(bio_err, "Warning unsupported bag type: ");
- i2a_ASN1_OBJECT(bio_err, bag->type);
- BIO_printf(bio_err, "\n");
- return 1;
- break;
- }
- return 1;
-}
-
-/* Given a single certificate return a verified chain or NULL if error */
-
-/* Hope this is OK .... */
-
-int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
-{
- X509_STORE_CTX store_ctx;
- STACK_OF(X509) *chn;
- int i = 0;
-
- /*
- * FIXME: Should really check the return status of X509_STORE_CTX_init
- * for an error, but how that fits into the return value of this function
- * is less obvious.
- */
- X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
- if (X509_verify_cert(&store_ctx) <= 0) {
- i = X509_STORE_CTX_get_error(&store_ctx);
- if (i == 0)
- /*
- * avoid returning 0 if X509_verify_cert() did not set an
- * appropriate error value in the context
- */
- i = -1;
- chn = NULL;
- goto err;
- } else
- chn = X509_STORE_CTX_get1_chain(&store_ctx);
- err:
- X509_STORE_CTX_cleanup(&store_ctx);
- *chain = chn;
-
- return i;
-}
-
-int alg_print(BIO *x, X509_ALGOR *alg)
-{
- PBEPARAM *pbe;
- const unsigned char *p;
- p = alg->parameter->value.sequence->data;
- pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
- if (!pbe)
- return 1;
- BIO_printf(bio_err, "%s, Iteration %ld\n",
- OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
- ASN1_INTEGER_get(pbe->iter));
- PBEPARAM_free(pbe);
- return 1;
-}
-
-/* Load all certificates from a given file */
-
-int cert_load(BIO *in, STACK_OF(X509) *sk)
-{
- int ret;
- X509 *cert;
- ret = 0;
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("cert_load(): reading one cert");
-# endif
- while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
- ret = 1;
- sk_X509_push(sk, cert);
-# ifdef CRYPTO_MDEBUG
- CRYPTO_push_info("cert_load(): reading one cert");
-# endif
- }
-# ifdef CRYPTO_MDEBUG
- CRYPTO_pop_info();
-# endif
- if (ret)
- ERR_clear_error();
- return ret;
-}
-
-/* Generalised attribute print: handle PKCS#8 and bag attributes */
-
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,
- const char *name)
-{
- X509_ATTRIBUTE *attr;
- ASN1_TYPE *av;
- char *value;
- int i, attr_nid;
- if (!attrlst) {
- BIO_printf(out, "%s: <No Attributes>\n", name);
- return 1;
- }
- if (!sk_X509_ATTRIBUTE_num(attrlst)) {
- BIO_printf(out, "%s: <Empty Attributes>\n", name);
- return 1;
- }
- BIO_printf(out, "%s\n", name);
- for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
- attr = sk_X509_ATTRIBUTE_value(attrlst, i);
- attr_nid = OBJ_obj2nid(attr->object);
- BIO_printf(out, " ");
- if (attr_nid == NID_undef) {
- i2a_ASN1_OBJECT(out, attr->object);
- BIO_printf(out, ": ");
- } else
- BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
-
- if (sk_ASN1_TYPE_num(attr->value.set)) {
- av = sk_ASN1_TYPE_value(attr->value.set, 0);
- switch (av->type) {
- case V_ASN1_BMPSTRING:
- value = OPENSSL_uni2asc(av->value.bmpstring->data,
- av->value.bmpstring->length);
- BIO_printf(out, "%s\n", value);
- OPENSSL_free(value);
- break;
-
- case V_ASN1_OCTET_STRING:
- hex_prin(out, av->value.octet_string->data,
- av->value.octet_string->length);
- BIO_printf(out, "\n");
- break;
-
- case V_ASN1_BIT_STRING:
- hex_prin(out, av->value.bit_string->data,
- av->value.bit_string->length);
- BIO_printf(out, "\n");
- break;
-
- default:
- BIO_printf(out, "<Unsupported tag %d>\n", av->type);
- break;
- }
- } else
- BIO_printf(out, "<No Values>\n");
- }
- return 1;
-}
-
-void hex_prin(BIO *out, unsigned char *buf, int len)
-{
- int i;
- for (i = 0; i < len; i++)
- BIO_printf(out, "%02X ", buf[i]);
-}
-
-static int set_pbe(BIO *err, int *ppbe, const char *str)
-{
- if (!str)
- return 0;
- if (!strcmp(str, "NONE")) {
- *ppbe = -1;
- return 1;
- }
- *ppbe = OBJ_txt2nid(str);
- if (*ppbe == NID_undef) {
- BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
- return 0;
- }
- return 1;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/apps/pkcs12.c (from rev 11605, vendor-crypto/openssl/dist/apps/pkcs12.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/pkcs12.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/pkcs12.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1058 @@
+/* pkcs12.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/crypto.h>
+# include <openssl/err.h>
+# include <openssl/pem.h>
+# include <openssl/pkcs12.h>
+
+# define PROG pkcs12_main
+
+const EVP_CIPHER *enc;
+
+# define NOKEYS 0x1
+# define NOCERTS 0x2
+# define INFO 0x4
+# define CLCERTS 0x8
+# define CACERTS 0x10
+
+static int get_cert_chain(X509 *cert, X509_STORE *store,
+ STACK_OF(X509) **chain);
+int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen,
+ int options, char *pempass);
+int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
+ char *pass, int passlen, int options,
+ char *pempass);
+int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass,
+ int passlen, int options, char *pempass);
+int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,
+ const char *name);
+void hex_prin(BIO *out, unsigned char *buf, int len);
+int alg_print(BIO *x, X509_ALGOR *alg);
+int cert_load(BIO *in, STACK_OF(X509) *sk);
+static int set_pbe(BIO *err, int *ppbe, const char *str);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ ENGINE *e = NULL;
+ char *infile = NULL, *outfile = NULL, *keyname = NULL;
+ char *certfile = NULL;
+ BIO *in = NULL, *out = NULL;
+ char **args;
+ char *name = NULL;
+ char *csp_name = NULL;
+ int add_lmk = 0;
+ PKCS12 *p12 = NULL;
+ char pass[50], macpass[50];
+ int export_cert = 0;
+ int options = 0;
+ int chain = 0;
+ int badarg = 0;
+ int iter = PKCS12_DEFAULT_ITER;
+ int maciter = PKCS12_DEFAULT_ITER;
+ int twopass = 0;
+ int keytype = 0;
+ int cert_pbe;
+ int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ int ret = 1;
+ int macver = 1;
+ int noprompt = 0;
+ STACK_OF(OPENSSL_STRING) *canames = NULL;
+ char *cpass = NULL, *mpass = NULL;
+ char *passargin = NULL, *passargout = NULL, *passarg = NULL;
+ char *passin = NULL, *passout = NULL;
+ char *inrand = NULL;
+ char *macalg = NULL;
+ char *CApath = NULL, *CAfile = NULL;
+# ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+# endif
+
+ apps_startup();
+
+ enc = EVP_des_ede3_cbc();
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ else
+# endif
+ cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
+ args = argv + 1;
+
+ while (*args) {
+ if (*args[0] == '-') {
+ if (!strcmp(*args, "-nokeys"))
+ options |= NOKEYS;
+ else if (!strcmp(*args, "-keyex"))
+ keytype = KEY_EX;
+ else if (!strcmp(*args, "-keysig"))
+ keytype = KEY_SIG;
+ else if (!strcmp(*args, "-nocerts"))
+ options |= NOCERTS;
+ else if (!strcmp(*args, "-clcerts"))
+ options |= CLCERTS;
+ else if (!strcmp(*args, "-cacerts"))
+ options |= CACERTS;
+ else if (!strcmp(*args, "-noout"))
+ options |= (NOKEYS | NOCERTS);
+ else if (!strcmp(*args, "-info"))
+ options |= INFO;
+ else if (!strcmp(*args, "-chain"))
+ chain = 1;
+ else if (!strcmp(*args, "-twopass"))
+ twopass = 1;
+ else if (!strcmp(*args, "-nomacver"))
+ macver = 0;
+ else if (!strcmp(*args, "-descert"))
+ cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ else if (!strcmp(*args, "-export"))
+ export_cert = 1;
+ else if (!strcmp(*args, "-des"))
+ enc = EVP_des_cbc();
+ else if (!strcmp(*args, "-des3"))
+ enc = EVP_des_ede3_cbc();
+# ifndef OPENSSL_NO_IDEA
+ else if (!strcmp(*args, "-idea"))
+ enc = EVP_idea_cbc();
+# endif
+# ifndef OPENSSL_NO_SEED
+ else if (!strcmp(*args, "-seed"))
+ enc = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+ else if (!strcmp(*args, "-aes128"))
+ enc = EVP_aes_128_cbc();
+ else if (!strcmp(*args, "-aes192"))
+ enc = EVP_aes_192_cbc();
+ else if (!strcmp(*args, "-aes256"))
+ enc = EVP_aes_256_cbc();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ else if (!strcmp(*args, "-camellia128"))
+ enc = EVP_camellia_128_cbc();
+ else if (!strcmp(*args, "-camellia192"))
+ enc = EVP_camellia_192_cbc();
+ else if (!strcmp(*args, "-camellia256"))
+ enc = EVP_camellia_256_cbc();
+# endif
+ else if (!strcmp(*args, "-noiter"))
+ iter = 1;
+ else if (!strcmp(*args, "-maciter"))
+ maciter = PKCS12_DEFAULT_ITER;
+ else if (!strcmp(*args, "-nomaciter"))
+ maciter = 1;
+ else if (!strcmp(*args, "-nomac"))
+ maciter = -1;
+ else if (!strcmp(*args, "-macalg"))
+ if (args[1]) {
+ args++;
+ macalg = *args;
+ } else
+ badarg = 1;
+ else if (!strcmp(*args, "-nodes"))
+ enc = NULL;
+ else if (!strcmp(*args, "-certpbe")) {
+ if (!set_pbe(bio_err, &cert_pbe, *++args))
+ badarg = 1;
+ } else if (!strcmp(*args, "-keypbe")) {
+ if (!set_pbe(bio_err, &key_pbe, *++args))
+ badarg = 1;
+ } else if (!strcmp(*args, "-rand")) {
+ if (args[1]) {
+ args++;
+ inrand = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-inkey")) {
+ if (args[1]) {
+ args++;
+ keyname = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-certfile")) {
+ if (args[1]) {
+ args++;
+ certfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-name")) {
+ if (args[1]) {
+ args++;
+ name = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-LMK"))
+ add_lmk = 1;
+ else if (!strcmp(*args, "-CSP")) {
+ if (args[1]) {
+ args++;
+ csp_name = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-caname")) {
+ if (args[1]) {
+ args++;
+ if (!canames)
+ canames = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(canames, *args);
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-in")) {
+ if (args[1]) {
+ args++;
+ infile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-out")) {
+ if (args[1]) {
+ args++;
+ outfile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-passin")) {
+ if (args[1]) {
+ args++;
+ passargin = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-passout")) {
+ if (args[1]) {
+ args++;
+ passargout = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-password")) {
+ if (args[1]) {
+ args++;
+ passarg = *args;
+ noprompt = 1;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-CApath")) {
+ if (args[1]) {
+ args++;
+ CApath = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-CAfile")) {
+ if (args[1]) {
+ args++;
+ CAfile = *args;
+ } else
+ badarg = 1;
+# ifndef OPENSSL_NO_ENGINE
+ } else if (!strcmp(*args, "-engine")) {
+ if (args[1]) {
+ args++;
+ engine = *args;
+ } else
+ badarg = 1;
+# endif
+ } else
+ badarg = 1;
+
+ } else
+ badarg = 1;
+ args++;
+ }
+
+ if (badarg) {
+ BIO_printf(bio_err, "Usage: pkcs12 [options]\n");
+ BIO_printf(bio_err, "where options are\n");
+ BIO_printf(bio_err, "-export output PKCS12 file\n");
+ BIO_printf(bio_err, "-chain add certificate chain\n");
+ BIO_printf(bio_err, "-inkey file private key if not infile\n");
+ BIO_printf(bio_err, "-certfile f add all certs in f\n");
+ BIO_printf(bio_err, "-CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err, "-CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err, "-name \"name\" use name as friendly name\n");
+ BIO_printf(bio_err,
+ "-caname \"nm\" use nm as CA friendly name (can be used more than once).\n");
+ BIO_printf(bio_err, "-in infile input filename\n");
+ BIO_printf(bio_err, "-out outfile output filename\n");
+ BIO_printf(bio_err,
+ "-noout don't output anything, just verify.\n");
+ BIO_printf(bio_err, "-nomacver don't verify MAC.\n");
+ BIO_printf(bio_err, "-nocerts don't output certificates.\n");
+ BIO_printf(bio_err,
+ "-clcerts only output client certificates.\n");
+ BIO_printf(bio_err, "-cacerts only output CA certificates.\n");
+ BIO_printf(bio_err, "-nokeys don't output private keys.\n");
+ BIO_printf(bio_err,
+ "-info give info about PKCS#12 structure.\n");
+ BIO_printf(bio_err, "-des encrypt private keys with DES\n");
+ BIO_printf(bio_err,
+ "-des3 encrypt private keys with triple DES (default)\n");
+# ifndef OPENSSL_NO_IDEA
+ BIO_printf(bio_err, "-idea encrypt private keys with idea\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err, "-seed encrypt private keys with seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
+ BIO_printf(bio_err,
+ " encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
+ BIO_printf(bio_err,
+ " encrypt PEM output with cbc camellia\n");
+# endif
+ BIO_printf(bio_err, "-nodes don't encrypt private keys\n");
+ BIO_printf(bio_err, "-noiter don't use encryption iteration\n");
+ BIO_printf(bio_err, "-nomaciter don't use MAC iteration\n");
+ BIO_printf(bio_err, "-maciter use MAC iteration\n");
+ BIO_printf(bio_err, "-nomac don't generate MAC\n");
+ BIO_printf(bio_err,
+ "-twopass separate MAC, encryption passwords\n");
+ BIO_printf(bio_err,
+ "-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
+ BIO_printf(bio_err,
+ "-certpbe alg specify certificate PBE algorithm (default RC2-40)\n");
+ BIO_printf(bio_err,
+ "-keypbe alg specify private key PBE algorithm (default 3DES)\n");
+ BIO_printf(bio_err,
+ "-macalg alg digest algorithm used in MAC (default SHA1)\n");
+ BIO_printf(bio_err, "-keyex set MS key exchange type\n");
+ BIO_printf(bio_err, "-keysig set MS key signature type\n");
+ BIO_printf(bio_err,
+ "-password p set import/export password source\n");
+ BIO_printf(bio_err, "-passin p input file pass phrase source\n");
+ BIO_printf(bio_err, "-passout p output file pass phrase source\n");
+# ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "-engine e use engine e, possibly a hardware device.\n");
+# endif
+ BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+ LIST_SEPARATOR_CHAR);
+ BIO_printf(bio_err,
+ " load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err, " the random number generator\n");
+ BIO_printf(bio_err, "-CSP name Microsoft CSP name\n");
+ BIO_printf(bio_err,
+ "-LMK Add local machine keyset attribute to private key\n");
+ goto end;
+ }
+# ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine, 0);
+# endif
+
+ if (passarg) {
+ if (export_cert)
+ passargout = passarg;
+ else
+ passargin = passarg;
+ }
+
+ if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+ BIO_printf(bio_err, "Error getting passwords\n");
+ goto end;
+ }
+
+ if (!cpass) {
+ if (export_cert)
+ cpass = passout;
+ else
+ cpass = passin;
+ }
+
+ if (cpass) {
+ mpass = cpass;
+ noprompt = 1;
+ } else {
+ cpass = pass;
+ mpass = macpass;
+ }
+
+ if (export_cert || inrand) {
+ app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+ if (inrand != NULL)
+ BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+ app_RAND_load_files(inrand));
+ }
+ ERR_load_crypto_strings();
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("read files");
+# endif
+
+ if (!infile)
+ in = BIO_new_fp(stdin, BIO_NOCLOSE);
+ else
+ in = BIO_new_file(infile, "rb");
+ if (!in) {
+ BIO_printf(bio_err, "Error opening input file %s\n",
+ infile ? infile : "<stdin>");
+ perror(infile);
+ goto end;
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("write files");
+# endif
+
+ if (!outfile) {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+# endif
+ } else
+ out = BIO_new_file(outfile, "wb");
+ if (!out) {
+ BIO_printf(bio_err, "Error opening output file %s\n",
+ outfile ? outfile : "<stdout>");
+ perror(outfile);
+ goto end;
+ }
+ if (twopass) {
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("read MAC password");
+# endif
+ if (EVP_read_pw_string
+ (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
+ BIO_printf(bio_err, "Can't read Password\n");
+ goto end;
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+ }
+
+ if (export_cert) {
+ EVP_PKEY *key = NULL;
+ X509 *ucert = NULL, *x = NULL;
+ STACK_OF(X509) *certs = NULL;
+ const EVP_MD *macmd = NULL;
+ unsigned char *catmp = NULL;
+ int i;
+
+ if ((options & (NOCERTS | NOKEYS)) == (NOCERTS | NOKEYS)) {
+ BIO_printf(bio_err, "Nothing to do!\n");
+ goto export_end;
+ }
+
+ if (options & NOCERTS)
+ chain = 0;
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("process -export_cert");
+ CRYPTO_push_info("reading private key");
+# endif
+ if (!(options & NOKEYS)) {
+ key = load_key(bio_err, keyname ? keyname : infile,
+ FORMAT_PEM, 1, passin, e, "private key");
+ if (!key)
+ goto export_end;
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("reading certs from input");
+# endif
+
+ /* Load in all certs in input file */
+ if (!(options & NOCERTS)) {
+ certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
+ "certificates");
+ if (!certs)
+ goto export_end;
+
+ if (key) {
+ /* Look for matching private key */
+ for (i = 0; i < sk_X509_num(certs); i++) {
+ x = sk_X509_value(certs, i);
+ if (X509_check_private_key(x, key)) {
+ ucert = x;
+ /* Zero keyid and alias */
+ X509_keyid_set1(ucert, NULL, 0);
+ X509_alias_set1(ucert, NULL, 0);
+ /* Remove from list */
+ (void)sk_X509_delete(certs, i);
+ break;
+ }
+ }
+ if (!ucert) {
+ BIO_printf(bio_err,
+ "No certificate matches private key\n");
+ goto export_end;
+ }
+ }
+
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("reading certs from input 2");
+# endif
+
+ /* Add any more certificates asked for */
+ if (certfile) {
+ STACK_OF(X509) *morecerts = NULL;
+ if (!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM,
+ NULL, e,
+ "certificates from certfile")))
+ goto export_end;
+ while (sk_X509_num(morecerts) > 0)
+ sk_X509_push(certs, sk_X509_shift(morecerts));
+ sk_X509_free(morecerts);
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("reading certs from certfile");
+# endif
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("building chain");
+# endif
+
+ /* If chaining get chain from user cert */
+ if (chain) {
+ int vret;
+ STACK_OF(X509) *chain2;
+ X509_STORE *store = X509_STORE_new();
+ if (!store) {
+ BIO_printf(bio_err, "Memory allocation error\n");
+ goto export_end;
+ }
+ if (!X509_STORE_load_locations(store, CAfile, CApath))
+ X509_STORE_set_default_paths(store);
+
+ vret = get_cert_chain(ucert, store, &chain2);
+ X509_STORE_free(store);
+
+ if (vret == X509_V_OK) {
+ /* Exclude verified certificate */
+ for (i = 1; i < sk_X509_num(chain2); i++)
+ sk_X509_push(certs, sk_X509_value(chain2, i));
+ /* Free first certificate */
+ X509_free(sk_X509_value(chain2, 0));
+ sk_X509_free(chain2);
+ } else {
+ if (vret != X509_V_ERR_UNSPECIFIED)
+ BIO_printf(bio_err, "Error %s getting chain.\n",
+ X509_verify_cert_error_string(vret));
+ else
+ ERR_print_errors(bio_err);
+ goto export_end;
+ }
+ }
+
+ /* Add any CA names */
+
+ for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++) {
+ catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
+ X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
+ }
+
+ if (csp_name && key)
+ EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
+ MBSTRING_ASC, (unsigned char *)csp_name,
+ -1);
+
+ if (add_lmk && key)
+ EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("reading password");
+# endif
+
+ if (!noprompt &&
+ EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
+ 1)) {
+ BIO_printf(bio_err, "Can't read Password\n");
+ goto export_end;
+ }
+ if (!twopass)
+ BUF_strlcpy(macpass, pass, sizeof macpass);
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("creating PKCS#12 structure");
+# endif
+
+ p12 = PKCS12_create(cpass, name, key, ucert, certs,
+ key_pbe, cert_pbe, iter, -1, keytype);
+
+ if (!p12) {
+ ERR_print_errors(bio_err);
+ goto export_end;
+ }
+
+ if (macalg) {
+ macmd = EVP_get_digestbyname(macalg);
+ if (!macmd) {
+ BIO_printf(bio_err, "Unknown digest algorithm %s\n", macalg);
+ }
+ }
+
+ if (maciter != -1)
+ PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("writing pkcs12");
+# endif
+
+ i2d_PKCS12_bio(out, p12);
+
+ ret = 0;
+
+ export_end:
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_pop_info();
+ CRYPTO_push_info("process -export_cert: freeing");
+# endif
+
+ if (key)
+ EVP_PKEY_free(key);
+ if (certs)
+ sk_X509_pop_free(certs, X509_free);
+ if (ucert)
+ X509_free(ucert);
+
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+ goto end;
+
+ }
+
+ if (!(p12 = d2i_PKCS12_bio(in, NULL))) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("read import password");
+# endif
+ if (!noprompt
+ && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
+ 0)) {
+ BIO_printf(bio_err, "Can't read Password\n");
+ goto end;
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+
+ if (!twopass)
+ BUF_strlcpy(macpass, pass, sizeof macpass);
+
+ if ((options & INFO) && p12->mac)
+ BIO_printf(bio_err, "MAC Iteration %ld\n",
+ p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1);
+ if (macver) {
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("verify MAC");
+# endif
+ /* If we enter empty password try no password first */
+ if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
+ /* If mac and crypto pass the same set it to NULL too */
+ if (!twopass)
+ cpass = NULL;
+ } else if (!PKCS12_verify_mac(p12, mpass, -1)) {
+ BIO_printf(bio_err, "Mac verify error: invalid password?\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_printf(bio_err, "MAC verified OK\n");
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("output keys and certificates");
+# endif
+ if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout)) {
+ BIO_printf(bio_err, "Error outputting keys and certificates\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+ ret = 0;
+ end:
+ if (p12)
+ PKCS12_free(p12);
+ if (export_cert || inrand)
+ app_RAND_write_file(NULL, bio_err);
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_remove_all_info();
+# endif
+ BIO_free(in);
+ BIO_free_all(out);
+ if (canames)
+ sk_OPENSSL_STRING_free(canames);
+ if (passin)
+ OPENSSL_free(passin);
+ if (passout)
+ OPENSSL_free(passout);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+
+int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass,
+ int passlen, int options, char *pempass)
+{
+ STACK_OF(PKCS7) *asafes = NULL;
+ STACK_OF(PKCS12_SAFEBAG) *bags;
+ int i, bagnid;
+ int ret = 0;
+ PKCS7 *p7;
+
+ if (!(asafes = PKCS12_unpack_authsafes(p12)))
+ return 0;
+ for (i = 0; i < sk_PKCS7_num(asafes); i++) {
+ p7 = sk_PKCS7_value(asafes, i);
+ bagnid = OBJ_obj2nid(p7->type);
+ if (bagnid == NID_pkcs7_data) {
+ bags = PKCS12_unpack_p7data(p7);
+ if (options & INFO)
+ BIO_printf(bio_err, "PKCS7 Data\n");
+ } else if (bagnid == NID_pkcs7_encrypted) {
+ if (options & INFO) {
+ BIO_printf(bio_err, "PKCS7 Encrypted data: ");
+ alg_print(bio_err, p7->d.encrypted->enc_data->algorithm);
+ }
+ bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
+ } else
+ continue;
+ if (!bags)
+ goto err;
+ if (!dump_certs_pkeys_bags(out, bags, pass, passlen,
+ options, pempass)) {
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+ goto err;
+ }
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+ bags = NULL;
+ }
+ ret = 1;
+
+ err:
+
+ if (asafes)
+ sk_PKCS7_pop_free(asafes, PKCS7_free);
+ return ret;
+}
+
+int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
+ char *pass, int passlen, int options, char *pempass)
+{
+ int i;
+ for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+ if (!dump_certs_pkeys_bag(out,
+ sk_PKCS12_SAFEBAG_value(bags, i),
+ pass, passlen, options, pempass))
+ return 0;
+ }
+ return 1;
+}
+
+int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+ int passlen, int options, char *pempass)
+{
+ EVP_PKEY *pkey;
+ PKCS8_PRIV_KEY_INFO *p8;
+ X509 *x509;
+
+ switch (M_PKCS12_bag_type(bag)) {
+ case NID_keyBag:
+ if (options & INFO)
+ BIO_printf(bio_err, "Key bag\n");
+ if (options & NOKEYS)
+ return 1;
+ print_attribs(out, bag->attrib, "Bag Attributes");
+ p8 = bag->value.keybag;
+ if (!(pkey = EVP_PKCS82PKEY(p8)))
+ return 0;
+ print_attribs(out, p8->attributes, "Key Attributes");
+ PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+ EVP_PKEY_free(pkey);
+ break;
+
+ case NID_pkcs8ShroudedKeyBag:
+ if (options & INFO) {
+ BIO_printf(bio_err, "Shrouded Keybag: ");
+ alg_print(bio_err, bag->value.shkeybag->algor);
+ }
+ if (options & NOKEYS)
+ return 1;
+ print_attribs(out, bag->attrib, "Bag Attributes");
+ if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
+ return 0;
+ if (!(pkey = EVP_PKCS82PKEY(p8))) {
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ return 0;
+ }
+ print_attribs(out, p8->attributes, "Key Attributes");
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+ EVP_PKEY_free(pkey);
+ break;
+
+ case NID_certBag:
+ if (options & INFO)
+ BIO_printf(bio_err, "Certificate bag\n");
+ if (options & NOCERTS)
+ return 1;
+ if (PKCS12_get_attr(bag, NID_localKeyID)) {
+ if (options & CACERTS)
+ return 1;
+ } else if (options & CLCERTS)
+ return 1;
+ print_attribs(out, bag->attrib, "Bag Attributes");
+ if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
+ return 1;
+ if (!(x509 = PKCS12_certbag2x509(bag)))
+ return 0;
+ dump_cert_text(out, x509);
+ PEM_write_bio_X509(out, x509);
+ X509_free(x509);
+ break;
+
+ case NID_safeContentsBag:
+ if (options & INFO)
+ BIO_printf(bio_err, "Safe Contents bag\n");
+ print_attribs(out, bag->attrib, "Bag Attributes");
+ return dump_certs_pkeys_bags(out, bag->value.safes, pass,
+ passlen, options, pempass);
+
+ default:
+ BIO_printf(bio_err, "Warning unsupported bag type: ");
+ i2a_ASN1_OBJECT(bio_err, bag->type);
+ BIO_printf(bio_err, "\n");
+ return 1;
+ break;
+ }
+ return 1;
+}
+
+/* Given a single certificate return a verified chain or NULL if error */
+
+static int get_cert_chain(X509 *cert, X509_STORE *store,
+ STACK_OF(X509) **chain)
+{
+ X509_STORE_CTX store_ctx;
+ STACK_OF(X509) *chn = NULL;
+ int i = 0;
+
+ if (!X509_STORE_CTX_init(&store_ctx, store, cert, NULL)) {
+ *chain = NULL;
+ return X509_V_ERR_UNSPECIFIED;
+ }
+
+ if (X509_verify_cert(&store_ctx) > 0)
+ chn = X509_STORE_CTX_get1_chain(&store_ctx);
+ else if ((i = X509_STORE_CTX_get_error(&store_ctx)) == 0)
+ i = X509_V_ERR_UNSPECIFIED;
+
+ X509_STORE_CTX_cleanup(&store_ctx);
+ *chain = chn;
+ return i;
+}
+
+int alg_print(BIO *x, X509_ALGOR *alg)
+{
+ PBEPARAM *pbe;
+ const unsigned char *p;
+ p = alg->parameter->value.sequence->data;
+ pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+ if (!pbe)
+ return 1;
+ BIO_printf(bio_err, "%s, Iteration %ld\n",
+ OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
+ ASN1_INTEGER_get(pbe->iter));
+ PBEPARAM_free(pbe);
+ return 1;
+}
+
+/* Load all certificates from a given file */
+
+int cert_load(BIO *in, STACK_OF(X509) *sk)
+{
+ int ret;
+ X509 *cert;
+ ret = 0;
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("cert_load(): reading one cert");
+# endif
+ while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+ ret = 1;
+ sk_X509_push(sk, cert);
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("cert_load(): reading one cert");
+# endif
+ }
+# ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+# endif
+ if (ret)
+ ERR_clear_error();
+ return ret;
+}
+
+/* Generalised attribute print: handle PKCS#8 and bag attributes */
+
+int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,
+ const char *name)
+{
+ X509_ATTRIBUTE *attr;
+ ASN1_TYPE *av;
+ char *value;
+ int i, attr_nid;
+ if (!attrlst) {
+ BIO_printf(out, "%s: <No Attributes>\n", name);
+ return 1;
+ }
+ if (!sk_X509_ATTRIBUTE_num(attrlst)) {
+ BIO_printf(out, "%s: <Empty Attributes>\n", name);
+ return 1;
+ }
+ BIO_printf(out, "%s\n", name);
+ for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
+ attr = sk_X509_ATTRIBUTE_value(attrlst, i);
+ attr_nid = OBJ_obj2nid(attr->object);
+ BIO_printf(out, " ");
+ if (attr_nid == NID_undef) {
+ i2a_ASN1_OBJECT(out, attr->object);
+ BIO_printf(out, ": ");
+ } else
+ BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
+
+ if (sk_ASN1_TYPE_num(attr->value.set)) {
+ av = sk_ASN1_TYPE_value(attr->value.set, 0);
+ switch (av->type) {
+ case V_ASN1_BMPSTRING:
+ value = OPENSSL_uni2asc(av->value.bmpstring->data,
+ av->value.bmpstring->length);
+ BIO_printf(out, "%s\n", value);
+ OPENSSL_free(value);
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ hex_prin(out, av->value.octet_string->data,
+ av->value.octet_string->length);
+ BIO_printf(out, "\n");
+ break;
+
+ case V_ASN1_BIT_STRING:
+ hex_prin(out, av->value.bit_string->data,
+ av->value.bit_string->length);
+ BIO_printf(out, "\n");
+ break;
+
+ default:
+ BIO_printf(out, "<Unsupported tag %d>\n", av->type);
+ break;
+ }
+ } else
+ BIO_printf(out, "<No Values>\n");
+ }
+ return 1;
+}
+
+void hex_prin(BIO *out, unsigned char *buf, int len)
+{
+ int i;
+ for (i = 0; i < len; i++)
+ BIO_printf(out, "%02X ", buf[i]);
+}
+
+static int set_pbe(BIO *err, int *ppbe, const char *str)
+{
+ if (!str)
+ return 0;
+ if (!strcmp(str, "NONE")) {
+ *ppbe = -1;
+ return 1;
+ }
+ *ppbe = OBJ_txt2nid(str);
+ if (*ppbe == NID_undef) {
+ BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
+ return 0;
+ }
+ return 1;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/apps/pkcs7.c
===================================================================
--- vendor-crypto/openssl/dist/apps/pkcs7.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/pkcs7.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,308 +0,0 @@
-/* apps/pkcs7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG pkcs7_main
-
-/*-
- * -inform arg - input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg - input file - default stdin
- * -out arg - output file - default stdout
- * -print_certs
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- PKCS7 *p7 = NULL;
- int i, badops = 0;
- BIO *in = NULL, *out = NULL;
- int informat, outformat;
- char *infile, *outfile, *prog;
- int print_certs = 0, text = 0, noout = 0, p7_print = 0;
- int ret = 1;
-#ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
-#endif
-
- apps_startup();
-
- if (bio_err == NULL)
- if ((bio_err = BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- if (!load_config(bio_err, NULL))
- goto end;
-
- infile = NULL;
- outfile = NULL;
- informat = FORMAT_PEM;
- outformat = FORMAT_PEM;
-
- prog = argv[0];
- argc--;
- argv++;
- while (argc >= 1) {
- if (strcmp(*argv, "-inform") == 0) {
- if (--argc < 1)
- goto bad;
- informat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-outform") == 0) {
- if (--argc < 1)
- goto bad;
- outformat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-in") == 0) {
- if (--argc < 1)
- goto bad;
- infile = *(++argv);
- } else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- goto bad;
- outfile = *(++argv);
- } else if (strcmp(*argv, "-noout") == 0)
- noout = 1;
- else if (strcmp(*argv, "-text") == 0)
- text = 1;
- else if (strcmp(*argv, "-print") == 0)
- p7_print = 1;
- else if (strcmp(*argv, "-print_certs") == 0)
- print_certs = 1;
-#ifndef OPENSSL_NO_ENGINE
- else if (strcmp(*argv, "-engine") == 0) {
- if (--argc < 1)
- goto bad;
- engine = *(++argv);
- }
-#endif
- else {
- BIO_printf(bio_err, "unknown option %s\n", *argv);
- badops = 1;
- break;
- }
- argc--;
- argv++;
- }
-
- if (badops) {
- bad:
- BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
- BIO_printf(bio_err, "where options are\n");
- BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
- BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
- BIO_printf(bio_err, " -in arg input file\n");
- BIO_printf(bio_err, " -out arg output file\n");
- BIO_printf(bio_err,
- " -print_certs print any certs or crl in the input\n");
- BIO_printf(bio_err,
- " -text print full details of certificates\n");
- BIO_printf(bio_err, " -noout don't output encoded data\n");
-#ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err,
- " -engine e use engine e, possibly a hardware device.\n");
-#endif
- ret = 1;
- goto end;
- }
-
- ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-#endif
-
- in = BIO_new(BIO_s_file());
- out = BIO_new(BIO_s_file());
- if ((in == NULL) || (out == NULL)) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (infile == NULL)
- BIO_set_fp(in, stdin, BIO_NOCLOSE);
- else {
- if (BIO_read_filename(in, infile) <= 0) {
- BIO_printf(bio_err, "unable to load input file\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- if (informat == FORMAT_ASN1)
- p7 = d2i_PKCS7_bio(in, NULL);
- else if (informat == FORMAT_PEM)
- p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
- else {
- BIO_printf(bio_err, "bad input format specified for pkcs7 object\n");
- goto end;
- }
- if (p7 == NULL) {
- BIO_printf(bio_err, "unable to load PKCS7 object\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (outfile == NULL) {
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- out = BIO_push(tmpbio, out);
- }
-#endif
- } else {
- if (BIO_write_filename(out, outfile) <= 0) {
- perror(outfile);
- goto end;
- }
- }
-
- if (p7_print)
- PKCS7_print_ctx(out, p7, 0, NULL);
-
- if (print_certs) {
- STACK_OF(X509) *certs = NULL;
- STACK_OF(X509_CRL) *crls = NULL;
-
- i = OBJ_obj2nid(p7->type);
- switch (i) {
- case NID_pkcs7_signed:
- certs = p7->d.sign->cert;
- crls = p7->d.sign->crl;
- break;
- case NID_pkcs7_signedAndEnveloped:
- certs = p7->d.signed_and_enveloped->cert;
- crls = p7->d.signed_and_enveloped->crl;
- break;
- default:
- break;
- }
-
- if (certs != NULL) {
- X509 *x;
-
- for (i = 0; i < sk_X509_num(certs); i++) {
- x = sk_X509_value(certs, i);
- if (text)
- X509_print(out, x);
- else
- dump_cert_text(out, x);
-
- if (!noout)
- PEM_write_bio_X509(out, x);
- BIO_puts(out, "\n");
- }
- }
- if (crls != NULL) {
- X509_CRL *crl;
-
- for (i = 0; i < sk_X509_CRL_num(crls); i++) {
- crl = sk_X509_CRL_value(crls, i);
-
- X509_CRL_print(out, crl);
-
- if (!noout)
- PEM_write_bio_X509_CRL(out, crl);
- BIO_puts(out, "\n");
- }
- }
-
- ret = 0;
- goto end;
- }
-
- if (!noout) {
- if (outformat == FORMAT_ASN1)
- i = i2d_PKCS7_bio(out, p7);
- else if (outformat == FORMAT_PEM)
- i = PEM_write_bio_PKCS7(out, p7);
- else {
- BIO_printf(bio_err, "bad output format specified for outfile\n");
- goto end;
- }
-
- if (!i) {
- BIO_printf(bio_err, "unable to write pkcs7 object\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- }
- ret = 0;
- end:
- if (p7 != NULL)
- PKCS7_free(p7);
- if (in != NULL)
- BIO_free(in);
- if (out != NULL)
- BIO_free_all(out);
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/apps/pkcs7.c (from rev 11605, vendor-crypto/openssl/dist/apps/pkcs7.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/pkcs7.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/pkcs7.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,312 @@
+/* apps/pkcs7.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG pkcs7_main
+
+/*-
+ * -inform arg - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -print_certs
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ PKCS7 *p7 = NULL;
+ int i, badops = 0;
+ BIO *in = NULL, *out = NULL;
+ int informat, outformat;
+ char *infile, *outfile, *prog;
+ int print_certs = 0, text = 0, noout = 0, p7_print = 0;
+ int ret = 1;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ infile = NULL;
+ outfile = NULL;
+ informat = FORMAT_PEM;
+ outformat = FORMAT_PEM;
+
+ prog = argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1) {
+ if (strcmp(*argv, "-inform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ informat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-outform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ outformat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-in") == 0) {
+ if (--argc < 1)
+ goto bad;
+ infile = *(++argv);
+ } else if (strcmp(*argv, "-out") == 0) {
+ if (--argc < 1)
+ goto bad;
+ outfile = *(++argv);
+ } else if (strcmp(*argv, "-noout") == 0)
+ noout = 1;
+ else if (strcmp(*argv, "-text") == 0)
+ text = 1;
+ else if (strcmp(*argv, "-print") == 0)
+ p7_print = 1;
+ else if (strcmp(*argv, "-print_certs") == 0)
+ print_certs = 1;
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*argv, "-engine") == 0) {
+ if (--argc < 1)
+ goto bad;
+ engine = *(++argv);
+ }
+#endif
+ else {
+ BIO_printf(bio_err, "unknown option %s\n", *argv);
+ badops = 1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops) {
+ bad:
+ BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+ BIO_printf(bio_err, "where options are\n");
+ BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
+ BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
+ BIO_printf(bio_err, " -in arg input file\n");
+ BIO_printf(bio_err, " -out arg output file\n");
+ BIO_printf(bio_err,
+ " -print_certs print any certs or crl in the input\n");
+ BIO_printf(bio_err,
+ " -text print full details of certificates\n");
+ BIO_printf(bio_err, " -noout don't output encoded data\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ " -engine e use engine e, possibly a hardware device.\n");
+#endif
+ ret = 1;
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+#ifndef OPENSSL_NO_ENGINE
+ setup_engine(bio_err, engine, 0);
+#endif
+
+ in = BIO_new(BIO_s_file());
+ out = BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in, stdin, BIO_NOCLOSE);
+ else {
+ if (BIO_read_filename(in, infile) <= 0) {
+ BIO_printf(bio_err, "unable to load input file\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ p7 = d2i_PKCS7_bio(in, NULL);
+ else if (informat == FORMAT_PEM)
+ p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+ else {
+ BIO_printf(bio_err, "bad input format specified for pkcs7 object\n");
+ goto end;
+ }
+ if (p7 == NULL) {
+ BIO_printf(bio_err, "unable to load PKCS7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL) {
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ } else {
+ if (BIO_write_filename(out, outfile) <= 0) {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (p7_print)
+ PKCS7_print_ctx(out, p7, 0, NULL);
+
+ if (print_certs) {
+ STACK_OF(X509) *certs = NULL;
+ STACK_OF(X509_CRL) *crls = NULL;
+
+ i = OBJ_obj2nid(p7->type);
+ switch (i) {
+ case NID_pkcs7_signed:
+ if (p7->d.sign != NULL) {
+ certs = p7->d.sign->cert;
+ crls = p7->d.sign->crl;
+ }
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ if (p7->d.signed_and_enveloped != NULL) {
+ certs = p7->d.signed_and_enveloped->cert;
+ crls = p7->d.signed_and_enveloped->crl;
+ }
+ break;
+ default:
+ break;
+ }
+
+ if (certs != NULL) {
+ X509 *x;
+
+ for (i = 0; i < sk_X509_num(certs); i++) {
+ x = sk_X509_value(certs, i);
+ if (text)
+ X509_print(out, x);
+ else
+ dump_cert_text(out, x);
+
+ if (!noout)
+ PEM_write_bio_X509(out, x);
+ BIO_puts(out, "\n");
+ }
+ }
+ if (crls != NULL) {
+ X509_CRL *crl;
+
+ for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+ crl = sk_X509_CRL_value(crls, i);
+
+ X509_CRL_print(out, crl);
+
+ if (!noout)
+ PEM_write_bio_X509_CRL(out, crl);
+ BIO_puts(out, "\n");
+ }
+ }
+
+ ret = 0;
+ goto end;
+ }
+
+ if (!noout) {
+ if (outformat == FORMAT_ASN1)
+ i = i2d_PKCS7_bio(out, p7);
+ else if (outformat == FORMAT_PEM)
+ i = PEM_write_bio_PKCS7(out, p7);
+ else {
+ BIO_printf(bio_err, "bad output format specified for outfile\n");
+ goto end;
+ }
+
+ if (!i) {
+ BIO_printf(bio_err, "unable to write pkcs7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ ret = 0;
+ end:
+ if (p7 != NULL)
+ PKCS7_free(p7);
+ if (in != NULL)
+ BIO_free(in);
+ if (out != NULL)
+ BIO_free_all(out);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/apps/s_server.c
===================================================================
--- vendor-crypto/openssl/dist/apps/s_server.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/s_server.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2978 +0,0 @@
-/* apps/s_server.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-/*
- * Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code
- */
-#ifdef OPENSSL_NO_DEPRECATED
-# undef OPENSSL_NO_DEPRECATED
-#endif
-
-#include <assert.h>
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/e_os2.h>
-#ifdef OPENSSL_NO_STDIO
-# define APPS_WIN16
-#endif
-
-/* conflicts with winsock2 stuff on netware */
-#if !defined(OPENSSL_SYS_NETWARE)
-# include <sys/types.h>
-#endif
-
-/*
- * With IPv6, it looks like Digital has mixed up the proper order of
- * recursive header file inclusion, resulting in the compiler complaining
- * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
- * needed to have fileno() declared correctly... So let's define u_int
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-# define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#include <openssl/lhash.h>
-#include <openssl/bn.h>
-#define USE_SOCKETS
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/rand.h>
-#include <openssl/ocsp.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_SRP
-# include <openssl/srp.h>
-#endif
-#include "s_apps.h"
-#include "timeouts.h"
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-# undef FIONBIO
-#endif
-
-#if defined(OPENSSL_SYS_BEOS_R5)
-# include <fcntl.h>
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
-#endif
-static int sv_body(char *hostname, int s, unsigned char *context);
-static int www_body(char *hostname, int s, unsigned char *context);
-static void close_accept_socket(void);
-static void sv_usage(void);
-static int init_ssl_connection(SSL *s);
-static void print_stats(BIO *bp, SSL_CTX *ctx);
-static int generate_session_id(const SSL *ssl, unsigned char *id,
- unsigned int *id_len);
-#ifndef OPENSSL_NO_DH
-static DH *load_dh_param(const char *dhfile);
-static DH *get_dh2048(void);
-#endif
-
-#ifdef MONOLITH
-static void s_server_init(void);
-#endif
-
-#ifndef OPENSSL_NO_DH
-static unsigned char dh2048_p[] = {
- 0xF6,0x42,0x57,0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,
- 0xA9,0x42,0xF3,0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,
- 0x6E,0xB9,0x4B,0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,
- 0x8F,0x40,0x55,0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,
- 0xF7,0x4C,0x64,0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,
- 0xD4,0xA1,0xD3,0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,
- 0x3D,0x3D,0x8D,0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,
- 0xB8,0xAE,0x74,0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,
- 0x61,0xCE,0x7C,0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,
- 0xC7,0x01,0xAA,0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,
- 0x1A,0xF0,0xBF,0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,
- 0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,
- 0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,
- 0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,
- 0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,
- 0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,
- 0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
- 0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
- 0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
- 0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
- 0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
- 0xE9,0x32,0x0B,0x3B,
-};
-
-static unsigned char dh2048_g[] = {
- 0x02,
-};
-
-DH *get_dh2048()
-{
- DH *dh;
-
- if ((dh = DH_new()) == NULL)
- return NULL;
- dh->p=BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
- dh->g=BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
- if (dh->p == NULL || dh->g == NULL) {
- DH_free(dh);
- return NULL;
- }
- return dh;
-}
-#endif
-
-/* static int load_CA(SSL_CTX *ctx, char *file);*/
-
-#undef BUFSIZZ
-#define BUFSIZZ 16*1024
-static int bufsize = BUFSIZZ;
-static int accept_socket = -1;
-
-#define TEST_CERT "server.pem"
-#ifndef OPENSSL_NO_TLSEXT
-# define TEST_CERT2 "server2.pem"
-#endif
-#undef PROG
-#define PROG s_server_main
-
-extern int verify_depth, verify_return_error;
-
-static char *cipher = NULL;
-static int s_server_verify = SSL_VERIFY_NONE;
-static int s_server_session_id_context = 1; /* anything will do */
-static const char *s_cert_file = TEST_CERT, *s_key_file = NULL;
-#ifndef OPENSSL_NO_TLSEXT
-static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
-#endif
-static char *s_dcert_file = NULL, *s_dkey_file = NULL;
-#ifdef FIONBIO
-static int s_nbio = 0;
-#endif
-static int s_nbio_test = 0;
-int s_crlf = 0;
-static SSL_CTX *ctx = NULL;
-#ifndef OPENSSL_NO_TLSEXT
-static SSL_CTX *ctx2 = NULL;
-#endif
-static int www = 0;
-
-static BIO *bio_s_out = NULL;
-static int s_debug = 0;
-#ifndef OPENSSL_NO_TLSEXT
-static int s_tlsextdebug = 0;
-static int s_tlsextstatus = 0;
-static int cert_status_cb(SSL *s, void *arg);
-#endif
-static int s_msg = 0;
-static int s_quiet = 0;
-
-static char *keymatexportlabel = NULL;
-static int keymatexportlen = 20;
-
-static int hack = 0;
-#ifndef OPENSSL_NO_ENGINE
-static char *engine_id = NULL;
-#endif
-static const char *session_id_prefix = NULL;
-
-static int enable_timeouts = 0;
-static long socket_mtu;
-#ifndef OPENSSL_NO_DTLS1
-static int cert_chain = 0;
-#endif
-
-#ifndef OPENSSL_NO_PSK
-static char *psk_identity = "Client_identity";
-char *psk_key = NULL; /* by default PSK is not used */
-
-static unsigned int psk_server_cb(SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len)
-{
- unsigned int psk_len = 0;
- int ret;
- BIGNUM *bn = NULL;
-
- if (s_debug)
- BIO_printf(bio_s_out, "psk_server_cb\n");
- if (!identity) {
- BIO_printf(bio_err, "Error: client did not send PSK identity\n");
- goto out_err;
- }
- if (s_debug)
- BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
- (int)strlen(identity), identity);
-
- /* here we could lookup the given identity e.g. from a database */
- if (strcmp(identity, psk_identity) != 0) {
- BIO_printf(bio_s_out, "PSK error: client identity not found"
- " (got '%s' expected '%s')\n", identity, psk_identity);
- goto out_err;
- }
- if (s_debug)
- BIO_printf(bio_s_out, "PSK client identity found\n");
-
- /* convert the PSK key to binary */
- ret = BN_hex2bn(&bn, psk_key);
- if (!ret) {
- BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
- psk_key);
- if (bn)
- BN_free(bn);
- return 0;
- }
- if (BN_num_bytes(bn) > (int)max_psk_len) {
- BIO_printf(bio_err,
- "psk buffer of callback is too small (%d) for key (%d)\n",
- max_psk_len, BN_num_bytes(bn));
- BN_free(bn);
- return 0;
- }
-
- ret = BN_bn2bin(bn, psk);
- BN_free(bn);
-
- if (ret < 0)
- goto out_err;
- psk_len = (unsigned int)ret;
-
- if (s_debug)
- BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
- return psk_len;
- out_err:
- if (s_debug)
- BIO_printf(bio_err, "Error in PSK server callback\n");
- return 0;
-}
-#endif
-
-#ifndef OPENSSL_NO_SRP
-/* This is a context that we pass to callbacks */
-typedef struct srpsrvparm_st {
- char *login;
- SRP_VBASE *vb;
- SRP_user_pwd *user;
-} srpsrvparm;
-
-/*
- * This callback pretends to require some asynchronous logic in order to
- * obtain a verifier. When the callback is called for a new connection we
- * return with a negative value. This will provoke the accept etc to return
- * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
- * (which would normally occur after a worker has finished) and we set the
- * user parameters.
- */
-static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
-{
- srpsrvparm *p = (srpsrvparm *) arg;
- if (p->login == NULL && p->user == NULL) {
- p->login = SSL_get_srp_username(s);
- BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
- return (-1);
- }
-
- if (p->user == NULL) {
- BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
- return SSL3_AL_FATAL;
- }
- if (SSL_set_srp_server_param
- (s, p->user->N, p->user->g, p->user->s, p->user->v,
- p->user->info) < 0) {
- *ad = SSL_AD_INTERNAL_ERROR;
- return SSL3_AL_FATAL;
- }
- BIO_printf(bio_err,
- "SRP parameters set: username = \"%s\" info=\"%s\" \n",
- p->login, p->user->info);
- /* need to check whether there are memory leaks */
- p->user = NULL;
- p->login = NULL;
- return SSL_ERROR_NONE;
-}
-
-#endif
-
-#ifdef MONOLITH
-static void s_server_init(void)
-{
- accept_socket = -1;
- cipher = NULL;
- s_server_verify = SSL_VERIFY_NONE;
- s_dcert_file = NULL;
- s_dkey_file = NULL;
- s_cert_file = TEST_CERT;
- s_key_file = NULL;
-# ifndef OPENSSL_NO_TLSEXT
- s_cert_file2 = TEST_CERT2;
- s_key_file2 = NULL;
- ctx2 = NULL;
-# endif
-# ifdef FIONBIO
- s_nbio = 0;
-# endif
- s_nbio_test = 0;
- ctx = NULL;
- www = 0;
-
- bio_s_out = NULL;
- s_debug = 0;
- s_msg = 0;
- s_quiet = 0;
- hack = 0;
-# ifndef OPENSSL_NO_ENGINE
- engine_id = NULL;
-# endif
-}
-#endif
-
-static void sv_usage(void)
-{
- BIO_printf(bio_err, "usage: s_server [args ...]\n");
- BIO_printf(bio_err, "\n");
- BIO_printf(bio_err,
- " -accept arg - port to accept on (default is %d)\n", PORT);
- BIO_printf(bio_err, " -context arg - set session ID context\n");
- BIO_printf(bio_err,
- " -verify arg - turn on peer certificate verification\n");
- BIO_printf(bio_err,
- " -Verify arg - turn on peer certificate verification, must have a cert.\n");
- BIO_printf(bio_err,
- " -verify_return_error - return verification errors\n");
- BIO_printf(bio_err, " -cert arg - certificate file to use\n");
- BIO_printf(bio_err, " (default is %s)\n", TEST_CERT);
- BIO_printf(bio_err,
- " -crl_check - check the peer certificate has not been revoked by its CA.\n"
- " The CRL(s) are appended to the certificate file\n");
- BIO_printf(bio_err,
- " -crl_check_all - check the peer certificate has not been revoked by its CA\n"
- " or any other CRL in the CA chain. CRL(s) are appened to the\n"
- " the certificate file.\n");
- BIO_printf(bio_err,
- " -certform arg - certificate format (PEM or DER) PEM default\n");
- BIO_printf(bio_err,
- " -key arg - Private Key file to use, in cert file if\n");
- BIO_printf(bio_err, " not specified (default is %s)\n",
- TEST_CERT);
- BIO_printf(bio_err,
- " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
- BIO_printf(bio_err,
- " -pass arg - private key file pass phrase source\n");
- BIO_printf(bio_err,
- " -dcert arg - second certificate file to use (usually for DSA)\n");
- BIO_printf(bio_err,
- " -dcertform x - second certificate format (PEM or DER) PEM default\n");
- BIO_printf(bio_err,
- " -dkey arg - second private key file to use (usually for DSA)\n");
- BIO_printf(bio_err,
- " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
- BIO_printf(bio_err,
- " -dpass arg - second private key file pass phrase source\n");
- BIO_printf(bio_err,
- " -dhparam arg - DH parameter file to use, in cert file if not specified\n");
- BIO_printf(bio_err,
- " or a default set of parameters is used\n");
-#ifndef OPENSSL_NO_ECDH
- BIO_printf(bio_err,
- " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
- " Use \"openssl ecparam -list_curves\" for all names\n"
- " (default is nistp256).\n");
-#endif
-#ifdef FIONBIO
- BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");
-#endif
- BIO_printf(bio_err,
- " -nbio_test - test with the non-blocking test bio\n");
- BIO_printf(bio_err,
- " -crlf - convert LF from terminal into CRLF\n");
- BIO_printf(bio_err, " -debug - Print more output\n");
- BIO_printf(bio_err, " -msg - Show protocol messages\n");
- BIO_printf(bio_err, " -state - Print the SSL states\n");
- BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
- BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
- BIO_printf(bio_err,
- " -no_alt_chains - only ever use the first certificate chain found\n");
- BIO_printf(bio_err,
- " -nocert - Don't use any certificates (Anon-DH)\n");
- BIO_printf(bio_err,
- " -cipher arg - play with 'openssl ciphers' to see what goes here\n");
- BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n");
- BIO_printf(bio_err, " -quiet - No server output\n");
- BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n");
-#ifndef OPENSSL_NO_PSK
- BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
- BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
-# ifndef OPENSSL_NO_JPAKE
- BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
-# endif
-#endif
-#ifndef OPENSSL_NO_SRP
- BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n");
- BIO_printf(bio_err,
- " -srpuserseed string - A seed string for a default user salt.\n");
-#endif
- BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n");
-#ifndef OPENSSL_NO_SSL3_METHOD
- BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n");
-#endif
- BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n");
- BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n");
- BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n");
- BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n");
- BIO_printf(bio_err, " -timeout - Enable timeouts\n");
- BIO_printf(bio_err, " -mtu - Set link layer MTU\n");
- BIO_printf(bio_err, " -chain - Read a certificate chain\n");
- BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n");
- BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n");
- BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n");
- BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n");
- BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n");
-#ifndef OPENSSL_NO_DH
- BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n");
-#endif
-#ifndef OPENSSL_NO_ECDH
- BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n");
-#endif
- BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n");
- BIO_printf(bio_err,
- " -hack - workaround for early Netscape code\n");
- BIO_printf(bio_err,
- " -www - Respond to a 'GET /' with a status page\n");
- BIO_printf(bio_err,
- " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
- BIO_printf(bio_err,
- " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
- BIO_printf(bio_err,
- " with the assumption it contains a complete HTTP response.\n");
-#ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err,
- " -engine id - Initialise and use the specified engine\n");
-#endif
- BIO_printf(bio_err,
- " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
- BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
- LIST_SEPARATOR_CHAR);
-#ifndef OPENSSL_NO_TLSEXT
- BIO_printf(bio_err,
- " -servername host - servername for HostName TLS extension\n");
- BIO_printf(bio_err,
- " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
- BIO_printf(bio_err,
- " -cert2 arg - certificate file to use for servername\n");
- BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2);
- BIO_printf(bio_err,
- " -key2 arg - Private Key file to use for servername, in cert file if\n");
- BIO_printf(bio_err, " not specified (default is %s)\n",
- TEST_CERT2);
- BIO_printf(bio_err,
- " -tlsextdebug - hex dump of all TLS extensions received\n");
- BIO_printf(bio_err,
- " -no_ticket - disable use of RFC4507bis session tickets\n");
- BIO_printf(bio_err,
- " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
-# ifndef OPENSSL_NO_NEXTPROTONEG
- BIO_printf(bio_err,
- " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
-# endif
-# ifndef OPENSSL_NO_SRTP
- BIO_printf(bio_err,
- " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
-# endif
-#endif
- BIO_printf(bio_err,
- " -keymatexport label - Export keying material using label\n");
- BIO_printf(bio_err,
- " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
- BIO_printf(bio_err,
- " -status - respond to certificate status requests\n");
- BIO_printf(bio_err,
- " -status_verbose - enable status request verbose printout\n");
- BIO_printf(bio_err,
- " -status_timeout n - status request responder timeout\n");
- BIO_printf(bio_err, " -status_url URL - status request fallback URL\n");
-}
-
-static int local_argc = 0;
-static char **local_argv;
-
-#ifdef CHARSET_EBCDIC
-static int ebcdic_new(BIO *bi);
-static int ebcdic_free(BIO *a);
-static int ebcdic_read(BIO *b, char *out, int outl);
-static int ebcdic_write(BIO *b, const char *in, int inl);
-static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
-static int ebcdic_gets(BIO *bp, char *buf, int size);
-static int ebcdic_puts(BIO *bp, const char *str);
-
-# define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
-static BIO_METHOD methods_ebcdic = {
- BIO_TYPE_EBCDIC_FILTER,
- "EBCDIC/ASCII filter",
- ebcdic_write,
- ebcdic_read,
- ebcdic_puts,
- ebcdic_gets,
- ebcdic_ctrl,
- ebcdic_new,
- ebcdic_free,
-};
-
-typedef struct {
- size_t alloced;
- char buff[1];
-} EBCDIC_OUTBUFF;
-
-BIO_METHOD *BIO_f_ebcdic_filter()
-{
- return (&methods_ebcdic);
-}
-
-static int ebcdic_new(BIO *bi)
-{
- EBCDIC_OUTBUFF *wbuf;
-
- wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
- if (!wbuf)
- return 0;
- wbuf->alloced = 1024;
- wbuf->buff[0] = '\0';
-
- bi->ptr = (char *)wbuf;
- bi->init = 1;
- bi->flags = 0;
- return (1);
-}
-
-static int ebcdic_free(BIO *a)
-{
- if (a == NULL)
- return (0);
- if (a->ptr != NULL)
- OPENSSL_free(a->ptr);
- a->ptr = NULL;
- a->init = 0;
- a->flags = 0;
- return (1);
-}
-
-static int ebcdic_read(BIO *b, char *out, int outl)
-{
- int ret = 0;
-
- if (out == NULL || outl == 0)
- return (0);
- if (b->next_bio == NULL)
- return (0);
-
- ret = BIO_read(b->next_bio, out, outl);
- if (ret > 0)
- ascii2ebcdic(out, out, ret);
- return (ret);
-}
-
-static int ebcdic_write(BIO *b, const char *in, int inl)
-{
- EBCDIC_OUTBUFF *wbuf;
- int ret = 0;
- int num;
- unsigned char n;
-
- if ((in == NULL) || (inl <= 0))
- return (0);
- if (b->next_bio == NULL)
- return (0);
-
- wbuf = (EBCDIC_OUTBUFF *) b->ptr;
-
- if (inl > (num = wbuf->alloced)) {
- num = num + num; /* double the size */
- if (num < inl)
- num = inl;
- wbuf =
- (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
- if (!wbuf)
- return 0;
- OPENSSL_free(b->ptr);
-
- wbuf->alloced = num;
- wbuf->buff[0] = '\0';
-
- b->ptr = (char *)wbuf;
- }
-
- ebcdic2ascii(wbuf->buff, in, inl);
-
- ret = BIO_write(b->next_bio, wbuf->buff, inl);
-
- return (ret);
-}
-
-static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
- long ret;
-
- if (b->next_bio == NULL)
- return (0);
- switch (cmd) {
- case BIO_CTRL_DUP:
- ret = 0L;
- break;
- default:
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- }
- return (ret);
-}
-
-static int ebcdic_gets(BIO *bp, char *buf, int size)
-{
- int i, ret = 0;
- if (bp->next_bio == NULL)
- return (0);
-/* return(BIO_gets(bp->next_bio,buf,size));*/
- for (i = 0; i < size - 1; ++i) {
- ret = ebcdic_read(bp, &buf[i], 1);
- if (ret <= 0)
- break;
- else if (buf[i] == '\n') {
- ++i;
- break;
- }
- }
- if (i < size)
- buf[i] = '\0';
- return (ret < 0 && i == 0) ? ret : i;
-}
-
-static int ebcdic_puts(BIO *bp, const char *str)
-{
- if (bp->next_bio == NULL)
- return (0);
- return ebcdic_write(bp, str, strlen(str));
-}
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-
-/* This is a context that we pass to callbacks */
-typedef struct tlsextctx_st {
- char *servername;
- BIO *biodebug;
- int extension_error;
-} tlsextctx;
-
-static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
-{
- tlsextctx *p = (tlsextctx *) arg;
- const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
- if (servername && p->biodebug)
- BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
- servername);
-
- if (!p->servername)
- return SSL_TLSEXT_ERR_NOACK;
-
- if (servername) {
- if (strcasecmp(servername, p->servername))
- return p->extension_error;
- if (ctx2) {
- BIO_printf(p->biodebug, "Switching server context.\n");
- SSL_set_SSL_CTX(s, ctx2);
- }
- }
- return SSL_TLSEXT_ERR_OK;
-}
-
-/* Structure passed to cert status callback */
-
-typedef struct tlsextstatusctx_st {
- /* Default responder to use */
- char *host, *path, *port;
- int use_ssl;
- int timeout;
- BIO *err;
- int verbose;
-} tlsextstatusctx;
-
-static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 };
-
-/*
- * Certificate Status callback. This is called when a client includes a
- * certificate status request extension. This is a simplified version. It
- * examines certificates each time and makes one OCSP responder query for
- * each request. A full version would store details such as the OCSP
- * certificate IDs and minimise the number of OCSP responses by caching them
- * until they were considered "expired".
- */
-
-static int cert_status_cb(SSL *s, void *arg)
-{
- tlsextstatusctx *srctx = arg;
- BIO *err = srctx->err;
- char *host, *port, *path;
- int use_ssl;
- unsigned char *rspder = NULL;
- int rspderlen;
- STACK_OF(OPENSSL_STRING) *aia = NULL;
- X509 *x = NULL;
- X509_STORE_CTX inctx;
- X509_OBJECT obj;
- OCSP_REQUEST *req = NULL;
- OCSP_RESPONSE *resp = NULL;
- OCSP_CERTID *id = NULL;
- STACK_OF(X509_EXTENSION) *exts;
- int ret = SSL_TLSEXT_ERR_NOACK;
- int i;
-# if 0
- STACK_OF(OCSP_RESPID) *ids;
- SSL_get_tlsext_status_ids(s, &ids);
- BIO_printf(err, "cert_status: received %d ids\n",
- sk_OCSP_RESPID_num(ids));
-# endif
- if (srctx->verbose)
- BIO_puts(err, "cert_status: callback called\n");
- /* Build up OCSP query from server certificate */
- x = SSL_get_certificate(s);
- aia = X509_get1_ocsp(x);
- if (aia) {
- if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
- &host, &port, &path, &use_ssl)) {
- BIO_puts(err, "cert_status: can't parse AIA URL\n");
- goto err;
- }
- if (srctx->verbose)
- BIO_printf(err, "cert_status: AIA URL: %s\n",
- sk_OPENSSL_STRING_value(aia, 0));
- } else {
- if (!srctx->host) {
- BIO_puts(srctx->err,
- "cert_status: no AIA and no default responder URL\n");
- goto done;
- }
- host = srctx->host;
- path = srctx->path;
- port = srctx->port;
- use_ssl = srctx->use_ssl;
- }
-
- if (!X509_STORE_CTX_init(&inctx,
- SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
- NULL, NULL))
- goto err;
- if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
- X509_get_issuer_name(x), &obj) <= 0) {
- BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
- X509_STORE_CTX_cleanup(&inctx);
- goto done;
- }
- req = OCSP_REQUEST_new();
- if (!req)
- goto err;
- id = OCSP_cert_to_id(NULL, x, obj.data.x509);
- X509_free(obj.data.x509);
- X509_STORE_CTX_cleanup(&inctx);
- if (!id)
- goto err;
- if (!OCSP_request_add0_id(req, id))
- goto err;
- id = NULL;
- /* Add any extensions to the request */
- SSL_get_tlsext_status_exts(s, &exts);
- for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
- X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
- if (!OCSP_REQUEST_add_ext(req, ext, -1))
- goto err;
- }
- resp = process_responder(err, req, host, path, port, use_ssl, NULL,
- srctx->timeout);
- if (!resp) {
- BIO_puts(err, "cert_status: error querying responder\n");
- goto done;
- }
- rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
- if (rspderlen <= 0)
- goto err;
- SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
- if (srctx->verbose) {
- BIO_puts(err, "cert_status: ocsp response sent:\n");
- OCSP_RESPONSE_print(err, resp, 2);
- }
- ret = SSL_TLSEXT_ERR_OK;
- done:
- if (ret != SSL_TLSEXT_ERR_OK)
- ERR_print_errors(err);
- if (aia) {
- OPENSSL_free(host);
- OPENSSL_free(path);
- OPENSSL_free(port);
- X509_email_free(aia);
- }
- if (id)
- OCSP_CERTID_free(id);
- if (req)
- OCSP_REQUEST_free(req);
- if (resp)
- OCSP_RESPONSE_free(resp);
- return ret;
- err:
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- goto done;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/* This is the context that we pass to next_proto_cb */
-typedef struct tlsextnextprotoctx_st {
- unsigned char *data;
- unsigned int len;
-} tlsextnextprotoctx;
-
-static int next_proto_cb(SSL *s, const unsigned char **data,
- unsigned int *len, void *arg)
-{
- tlsextnextprotoctx *next_proto = arg;
-
- *data = next_proto->data;
- *len = next_proto->len;
-
- return SSL_TLSEXT_ERR_OK;
-}
-# endif /* ndef OPENSSL_NO_NEXTPROTONEG */
-
-#endif
-
-int MAIN(int, char **);
-
-#ifndef OPENSSL_NO_JPAKE
-static char *jpake_secret = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
-static srpsrvparm srp_callback_parm;
-#endif
-#ifndef OPENSSL_NO_SRTP
-static char *srtp_profiles = NULL;
-#endif
-
-int MAIN(int argc, char *argv[])
-{
- X509_VERIFY_PARAM *vpm = NULL;
- int badarg = 0;
- short port = PORT;
- char *CApath = NULL, *CAfile = NULL;
- unsigned char *context = NULL;
- char *dhfile = NULL;
-#ifndef OPENSSL_NO_ECDH
- char *named_curve = NULL;
-#endif
- int badop = 0, bugs = 0;
- int ret = 1;
- int off = 0;
- int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
-#ifndef OPENSSL_NO_ECDH
- int no_ecdhe = 0;
-#endif
- int state = 0;
- const SSL_METHOD *meth = NULL;
- int socket_type = SOCK_STREAM;
- ENGINE *e = NULL;
- char *inrand = NULL;
- int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
- char *passarg = NULL, *pass = NULL;
- char *dpassarg = NULL, *dpass = NULL;
- int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
- X509 *s_cert = NULL, *s_dcert = NULL;
- EVP_PKEY *s_key = NULL, *s_dkey = NULL;
- int no_cache = 0;
-#ifndef OPENSSL_NO_TLSEXT
- EVP_PKEY *s_key2 = NULL;
- X509 *s_cert2 = NULL;
- tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
-# ifndef OPENSSL_NO_NEXTPROTONEG
- const char *next_proto_neg_in = NULL;
- tlsextnextprotoctx next_proto;
-# endif
-#endif
-#ifndef OPENSSL_NO_PSK
- /* by default do not send a PSK identity hint */
- static char *psk_identity_hint = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
- char *srpuserseed = NULL;
- char *srp_verifier_file = NULL;
-#endif
- meth = SSLv23_server_method();
-
- local_argc = argc;
- local_argv = argv;
-
- apps_startup();
-#ifdef MONOLITH
- s_server_init();
-#endif
-
- if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- if (!load_config(bio_err, NULL))
- goto end;
-
- verify_depth = 0;
-#ifdef FIONBIO
- s_nbio = 0;
-#endif
- s_nbio_test = 0;
-
- argc--;
- argv++;
-
- while (argc >= 1) {
- if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) {
- if (--argc < 1)
- goto bad;
- if (!extract_port(*(++argv), &port))
- goto bad;
- } else if (strcmp(*argv, "-verify") == 0) {
- s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
- if (--argc < 1)
- goto bad;
- verify_depth = atoi(*(++argv));
- BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
- } else if (strcmp(*argv, "-Verify") == 0) {
- s_server_verify =
- SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
- SSL_VERIFY_CLIENT_ONCE;
- if (--argc < 1)
- goto bad;
- verify_depth = atoi(*(++argv));
- BIO_printf(bio_err,
- "verify depth is %d, must return a certificate\n",
- verify_depth);
- } else if (strcmp(*argv, "-context") == 0) {
- if (--argc < 1)
- goto bad;
- context = (unsigned char *)*(++argv);
- } else if (strcmp(*argv, "-cert") == 0) {
- if (--argc < 1)
- goto bad;
- s_cert_file = *(++argv);
- } else if (strcmp(*argv, "-certform") == 0) {
- if (--argc < 1)
- goto bad;
- s_cert_format = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-key") == 0) {
- if (--argc < 1)
- goto bad;
- s_key_file = *(++argv);
- } else if (strcmp(*argv, "-keyform") == 0) {
- if (--argc < 1)
- goto bad;
- s_key_format = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-pass") == 0) {
- if (--argc < 1)
- goto bad;
- passarg = *(++argv);
- } else if (strcmp(*argv, "-dhparam") == 0) {
- if (--argc < 1)
- goto bad;
- dhfile = *(++argv);
- }
-#ifndef OPENSSL_NO_ECDH
- else if (strcmp(*argv, "-named_curve") == 0) {
- if (--argc < 1)
- goto bad;
- named_curve = *(++argv);
- }
-#endif
- else if (strcmp(*argv, "-dcertform") == 0) {
- if (--argc < 1)
- goto bad;
- s_dcert_format = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-dcert") == 0) {
- if (--argc < 1)
- goto bad;
- s_dcert_file = *(++argv);
- } else if (strcmp(*argv, "-dkeyform") == 0) {
- if (--argc < 1)
- goto bad;
- s_dkey_format = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-dpass") == 0) {
- if (--argc < 1)
- goto bad;
- dpassarg = *(++argv);
- } else if (strcmp(*argv, "-dkey") == 0) {
- if (--argc < 1)
- goto bad;
- s_dkey_file = *(++argv);
- } else if (strcmp(*argv, "-nocert") == 0) {
- nocert = 1;
- } else if (strcmp(*argv, "-CApath") == 0) {
- if (--argc < 1)
- goto bad;
- CApath = *(++argv);
- } else if (strcmp(*argv, "-no_cache") == 0)
- no_cache = 1;
- else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
- if (badarg)
- goto bad;
- continue;
- } else if (strcmp(*argv, "-verify_return_error") == 0)
- verify_return_error = 1;
- else if (strcmp(*argv, "-serverpref") == 0) {
- off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
- } else if (strcmp(*argv, "-legacy_renegotiation") == 0)
- off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
- else if (strcmp(*argv, "-cipher") == 0) {
- if (--argc < 1)
- goto bad;
- cipher = *(++argv);
- } else if (strcmp(*argv, "-CAfile") == 0) {
- if (--argc < 1)
- goto bad;
- CAfile = *(++argv);
- }
-#ifdef FIONBIO
- else if (strcmp(*argv, "-nbio") == 0) {
- s_nbio = 1;
- }
-#endif
- else if (strcmp(*argv, "-nbio_test") == 0) {
-#ifdef FIONBIO
- s_nbio = 1;
-#endif
- s_nbio_test = 1;
- } else if (strcmp(*argv, "-debug") == 0) {
- s_debug = 1;
- }
-#ifndef OPENSSL_NO_TLSEXT
- else if (strcmp(*argv, "-tlsextdebug") == 0)
- s_tlsextdebug = 1;
- else if (strcmp(*argv, "-status") == 0)
- s_tlsextstatus = 1;
- else if (strcmp(*argv, "-status_verbose") == 0) {
- s_tlsextstatus = 1;
- tlscstatp.verbose = 1;
- } else if (!strcmp(*argv, "-status_timeout")) {
- s_tlsextstatus = 1;
- if (--argc < 1)
- goto bad;
- tlscstatp.timeout = atoi(*(++argv));
- } else if (!strcmp(*argv, "-status_url")) {
- s_tlsextstatus = 1;
- if (--argc < 1)
- goto bad;
- if (!OCSP_parse_url(*(++argv),
- &tlscstatp.host,
- &tlscstatp.port,
- &tlscstatp.path, &tlscstatp.use_ssl)) {
- BIO_printf(bio_err, "Error parsing URL\n");
- goto bad;
- }
- }
-#endif
- else if (strcmp(*argv, "-msg") == 0) {
- s_msg = 1;
- } else if (strcmp(*argv, "-hack") == 0) {
- hack = 1;
- } else if (strcmp(*argv, "-state") == 0) {
- state = 1;
- } else if (strcmp(*argv, "-crlf") == 0) {
- s_crlf = 1;
- } else if (strcmp(*argv, "-quiet") == 0) {
- s_quiet = 1;
- } else if (strcmp(*argv, "-bugs") == 0) {
- bugs = 1;
- } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
- no_tmp_rsa = 1;
- } else if (strcmp(*argv, "-no_dhe") == 0) {
- no_dhe = 1;
- }
-#ifndef OPENSSL_NO_ECDH
- else if (strcmp(*argv, "-no_ecdhe") == 0) {
- no_ecdhe = 1;
- }
-#endif
-#ifndef OPENSSL_NO_PSK
- else if (strcmp(*argv, "-psk_hint") == 0) {
- if (--argc < 1)
- goto bad;
- psk_identity_hint = *(++argv);
- } else if (strcmp(*argv, "-psk") == 0) {
- size_t i;
-
- if (--argc < 1)
- goto bad;
- psk_key = *(++argv);
- for (i = 0; i < strlen(psk_key); i++) {
- if (isxdigit((unsigned char)psk_key[i]))
- continue;
- BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
- goto bad;
- }
- }
-#endif
-#ifndef OPENSSL_NO_SRP
- else if (strcmp(*argv, "-srpvfile") == 0) {
- if (--argc < 1)
- goto bad;
- srp_verifier_file = *(++argv);
- meth = TLSv1_server_method();
- } else if (strcmp(*argv, "-srpuserseed") == 0) {
- if (--argc < 1)
- goto bad;
- srpuserseed = *(++argv);
- meth = TLSv1_server_method();
- }
-#endif
- else if (strcmp(*argv, "-www") == 0) {
- www = 1;
- } else if (strcmp(*argv, "-WWW") == 0) {
- www = 2;
- } else if (strcmp(*argv, "-HTTP") == 0) {
- www = 3;
- } else if (strcmp(*argv, "-no_ssl2") == 0) {
- off |= SSL_OP_NO_SSLv2;
- } else if (strcmp(*argv, "-no_ssl3") == 0) {
- off |= SSL_OP_NO_SSLv3;
- } else if (strcmp(*argv, "-no_tls1") == 0) {
- off |= SSL_OP_NO_TLSv1;
- } else if (strcmp(*argv, "-no_tls1_1") == 0) {
- off |= SSL_OP_NO_TLSv1_1;
- } else if (strcmp(*argv, "-no_tls1_2") == 0) {
- off |= SSL_OP_NO_TLSv1_2;
- } else if (strcmp(*argv, "-no_comp") == 0) {
- off |= SSL_OP_NO_COMPRESSION;
- }
-#ifndef OPENSSL_NO_TLSEXT
- else if (strcmp(*argv, "-no_ticket") == 0) {
- off |= SSL_OP_NO_TICKET;
- }
-#endif
-#ifndef OPENSSL_NO_SSL2
- else if (strcmp(*argv, "-ssl2") == 0) {
- meth = SSLv2_server_method();
- }
-#endif
-#ifndef OPENSSL_NO_SSL3_METHOD
- else if (strcmp(*argv, "-ssl3") == 0) {
- meth = SSLv3_server_method();
- }
-#endif
-#ifndef OPENSSL_NO_TLS1
- else if (strcmp(*argv, "-tls1") == 0) {
- meth = TLSv1_server_method();
- } else if (strcmp(*argv, "-tls1_1") == 0) {
- meth = TLSv1_1_server_method();
- } else if (strcmp(*argv, "-tls1_2") == 0) {
- meth = TLSv1_2_server_method();
- }
-#endif
-#ifndef OPENSSL_NO_DTLS1
- else if (strcmp(*argv, "-dtls1") == 0) {
- meth = DTLSv1_server_method();
- socket_type = SOCK_DGRAM;
- } else if (strcmp(*argv, "-timeout") == 0)
- enable_timeouts = 1;
- else if (strcmp(*argv, "-mtu") == 0) {
- if (--argc < 1)
- goto bad;
- socket_mtu = atol(*(++argv));
- } else if (strcmp(*argv, "-chain") == 0)
- cert_chain = 1;
-#endif
- else if (strcmp(*argv, "-id_prefix") == 0) {
- if (--argc < 1)
- goto bad;
- session_id_prefix = *(++argv);
- }
-#ifndef OPENSSL_NO_ENGINE
- else if (strcmp(*argv, "-engine") == 0) {
- if (--argc < 1)
- goto bad;
- engine_id = *(++argv);
- }
-#endif
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- }
-#ifndef OPENSSL_NO_TLSEXT
- else if (strcmp(*argv, "-servername") == 0) {
- if (--argc < 1)
- goto bad;
- tlsextcbp.servername = *(++argv);
- } else if (strcmp(*argv, "-servername_fatal") == 0) {
- tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
- } else if (strcmp(*argv, "-cert2") == 0) {
- if (--argc < 1)
- goto bad;
- s_cert_file2 = *(++argv);
- } else if (strcmp(*argv, "-key2") == 0) {
- if (--argc < 1)
- goto bad;
- s_key_file2 = *(++argv);
- }
-# ifndef OPENSSL_NO_NEXTPROTONEG
- else if (strcmp(*argv, "-nextprotoneg") == 0) {
- if (--argc < 1)
- goto bad;
- next_proto_neg_in = *(++argv);
- }
-# endif
-#endif
-#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
- else if (strcmp(*argv, "-jpake") == 0) {
- if (--argc < 1)
- goto bad;
- jpake_secret = *(++argv);
- }
-#endif
-#ifndef OPENSSL_NO_SRTP
- else if (strcmp(*argv, "-use_srtp") == 0) {
- if (--argc < 1)
- goto bad;
- srtp_profiles = *(++argv);
- }
-#endif
- else if (strcmp(*argv, "-keymatexport") == 0) {
- if (--argc < 1)
- goto bad;
- keymatexportlabel = *(++argv);
- } else if (strcmp(*argv, "-keymatexportlen") == 0) {
- if (--argc < 1)
- goto bad;
- keymatexportlen = atoi(*(++argv));
- if (keymatexportlen == 0)
- goto bad;
- } else {
- BIO_printf(bio_err, "unknown option %s\n", *argv);
- badop = 1;
- break;
- }
- argc--;
- argv++;
- }
- if (badop) {
- bad:
- sv_usage();
- goto end;
- }
-#ifndef OPENSSL_NO_DTLS1
- if (www && socket_type == SOCK_DGRAM) {
- BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
- goto end;
- }
-#endif
-
-#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
- if (jpake_secret) {
- if (psk_key) {
- BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
- goto end;
- }
- psk_identity = "JPAKE";
- if (cipher) {
- BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
- goto end;
- }
- cipher = "PSK";
- }
-#endif
-
- SSL_load_error_strings();
- OpenSSL_add_ssl_algorithms();
-
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine_id, 1);
-#endif
-
- if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
- BIO_printf(bio_err, "Error getting password\n");
- goto end;
- }
-
- if (s_key_file == NULL)
- s_key_file = s_cert_file;
-#ifndef OPENSSL_NO_TLSEXT
- if (s_key_file2 == NULL)
- s_key_file2 = s_cert_file2;
-#endif
-
- if (nocert == 0) {
- s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
- "server certificate private key file");
- if (!s_key) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
- NULL, e, "server certificate file");
-
- if (!s_cert) {
- ERR_print_errors(bio_err);
- goto end;
- }
-#ifndef OPENSSL_NO_TLSEXT
- if (tlsextcbp.servername) {
- s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
- "second server certificate private key file");
- if (!s_key2) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
- NULL, e, "second server certificate file");
-
- if (!s_cert2) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-#endif
- }
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- if (next_proto_neg_in) {
- unsigned short len;
- next_proto.data = next_protos_parse(&len, next_proto_neg_in);
- if (next_proto.data == NULL)
- goto end;
- next_proto.len = len;
- } else {
- next_proto.data = NULL;
- }
-#endif
-
- if (s_dcert_file) {
-
- if (s_dkey_file == NULL)
- s_dkey_file = s_dcert_file;
-
- s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
- 0, dpass, e, "second certificate private key file");
- if (!s_dkey) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
- NULL, e, "second server certificate file");
-
- if (!s_dcert) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- }
-
- if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
- && !RAND_status()) {
- BIO_printf(bio_err,
- "warning, not much extra random data, consider using the -rand option\n");
- }
- if (inrand != NULL)
- BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
- app_RAND_load_files(inrand));
-
- if (bio_s_out == NULL) {
- if (s_quiet && !s_debug && !s_msg) {
- bio_s_out = BIO_new(BIO_s_null());
- } else {
- if (bio_s_out == NULL)
- bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
- }
- }
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
- if (nocert)
-#endif
- {
- s_cert_file = NULL;
- s_key_file = NULL;
- s_dcert_file = NULL;
- s_dkey_file = NULL;
-#ifndef OPENSSL_NO_TLSEXT
- s_cert_file2 = NULL;
- s_key_file2 = NULL;
-#endif
- }
-
- ctx = SSL_CTX_new(meth);
- if (ctx == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
- if (session_id_prefix) {
- if (strlen(session_id_prefix) >= 32)
- BIO_printf(bio_err,
- "warning: id_prefix is too long, only one new session will be possible\n");
- else if (strlen(session_id_prefix) >= 16)
- BIO_printf(bio_err,
- "warning: id_prefix is too long if you use SSLv2\n");
- if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
- BIO_printf(bio_err, "error setting 'id_prefix'\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
- }
- SSL_CTX_set_quiet_shutdown(ctx, 1);
- if (bugs)
- SSL_CTX_set_options(ctx, SSL_OP_ALL);
- if (hack)
- SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
- SSL_CTX_set_options(ctx, off);
-
- if (state)
- SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
- if (no_cache)
- SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
- else
- SSL_CTX_sess_set_cache_size(ctx, 128);
-
-#ifndef OPENSSL_NO_SRTP
- if (srtp_profiles != NULL)
- SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
-#endif
-
-#if 0
- if (cipher == NULL)
- cipher = getenv("SSL_CIPHER");
-#endif
-
-#if 0
- if (s_cert_file == NULL) {
- BIO_printf(bio_err,
- "You must specify a certificate file for the server to use\n");
- goto end;
- }
-#endif
-
- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(ctx))) {
- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
- ERR_print_errors(bio_err);
- /* goto end; */
- }
- if (vpm)
- SSL_CTX_set1_param(ctx, vpm);
-
-#ifndef OPENSSL_NO_TLSEXT
- if (s_cert2) {
- ctx2 = SSL_CTX_new(meth);
- if (ctx2 == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- if (ctx2) {
- BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
-
- if (session_id_prefix) {
- if (strlen(session_id_prefix) >= 32)
- BIO_printf(bio_err,
- "warning: id_prefix is too long, only one new session will be possible\n");
- else if (strlen(session_id_prefix) >= 16)
- BIO_printf(bio_err,
- "warning: id_prefix is too long if you use SSLv2\n");
- if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
- BIO_printf(bio_err, "error setting 'id_prefix'\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
- }
- SSL_CTX_set_quiet_shutdown(ctx2, 1);
- if (bugs)
- SSL_CTX_set_options(ctx2, SSL_OP_ALL);
- if (hack)
- SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
- SSL_CTX_set_options(ctx2, off);
-
- if (state)
- SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
-
- if (no_cache)
- SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
- else
- SSL_CTX_sess_set_cache_size(ctx2, 128);
-
- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(ctx2))) {
- ERR_print_errors(bio_err);
- }
- if (vpm)
- SSL_CTX_set1_param(ctx2, vpm);
- }
-# ifndef OPENSSL_NO_NEXTPROTONEG
- if (next_proto.data)
- SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
- &next_proto);
-# endif
-#endif
-
-#ifndef OPENSSL_NO_DH
- if (!no_dhe) {
- DH *dh = NULL;
-
- if (dhfile)
- dh = load_dh_param(dhfile);
- else if (s_cert_file)
- dh = load_dh_param(s_cert_file);
-
- if (dh != NULL) {
- BIO_printf(bio_s_out, "Setting temp DH parameters\n");
- } else {
- BIO_printf(bio_s_out, "Using default temp DH parameters\n");
- dh = get_dh2048();
- if (dh == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
- (void)BIO_flush(bio_s_out);
-
- SSL_CTX_set_tmp_dh(ctx, dh);
-# ifndef OPENSSL_NO_TLSEXT
- if (ctx2) {
- if (!dhfile) {
- DH *dh2 = load_dh_param(s_cert_file2);
- if (dh2 != NULL) {
- BIO_printf(bio_s_out, "Setting temp DH parameters\n");
- (void)BIO_flush(bio_s_out);
-
- DH_free(dh);
- dh = dh2;
- }
- }
- SSL_CTX_set_tmp_dh(ctx2, dh);
- }
-# endif
- DH_free(dh);
- }
-#endif
-
-#ifndef OPENSSL_NO_ECDH
- if (!no_ecdhe) {
- EC_KEY *ecdh = NULL;
-
- if (named_curve) {
- int nid = OBJ_sn2nid(named_curve);
-
- if (nid == 0) {
- BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
- goto end;
- }
- ecdh = EC_KEY_new_by_curve_name(nid);
- if (ecdh == NULL) {
- BIO_printf(bio_err, "unable to create curve (%s)\n",
- named_curve);
- goto end;
- }
- }
-
- if (ecdh != NULL) {
- BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
- } else {
- BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");
- ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- if (ecdh == NULL) {
- BIO_printf(bio_err, "unable to create curve (nistp256)\n");
- goto end;
- }
- }
- (void)BIO_flush(bio_s_out);
-
- SSL_CTX_set_tmp_ecdh(ctx, ecdh);
-# ifndef OPENSSL_NO_TLSEXT
- if (ctx2)
- SSL_CTX_set_tmp_ecdh(ctx2, ecdh);
-# endif
- EC_KEY_free(ecdh);
- }
-#endif
-
- if (!set_cert_key_stuff(ctx, s_cert, s_key))
- goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
- goto end;
-#endif
- if (s_dcert != NULL) {
- if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
- goto end;
- }
-#ifndef OPENSSL_NO_RSA
-# if 1
- if (!no_tmp_rsa) {
- SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
-# ifndef OPENSSL_NO_TLSEXT
- if (ctx2)
- SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
-# endif
- }
-# else
- if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
- RSA *rsa;
-
- BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
- BIO_flush(bio_s_out);
-
- rsa = RSA_generate_key(512, RSA_F4, NULL);
-
- if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
- ERR_print_errors(bio_err);
- goto end;
- }
-# ifndef OPENSSL_NO_TLSEXT
- if (ctx2) {
- if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-# endif
- RSA_free(rsa);
- BIO_printf(bio_s_out, "\n");
- }
-# endif
-#endif
-
-#ifndef OPENSSL_NO_PSK
-# ifdef OPENSSL_NO_JPAKE
- if (psk_key != NULL)
-# else
- if (psk_key != NULL || jpake_secret)
-# endif
- {
- if (s_debug)
- BIO_printf(bio_s_out,
- "PSK key given or JPAKE in use, setting server callback\n");
- SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
- }
-
- if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
- BIO_printf(bio_err, "error setting PSK identity hint to context\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-#endif
-
- if (cipher != NULL) {
- if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
- BIO_printf(bio_err, "error setting cipher list\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-#ifndef OPENSSL_NO_TLSEXT
- if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
- BIO_printf(bio_err, "error setting cipher list\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-#endif
- }
- SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
- SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
- sizeof s_server_session_id_context);
-
- /* Set DTLS cookie generation and verification callbacks */
- SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
- SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
-
-#ifndef OPENSSL_NO_TLSEXT
- if (ctx2) {
- SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
- SSL_CTX_set_session_id_context(ctx2,
- (void *)&s_server_session_id_context,
- sizeof s_server_session_id_context);
-
- tlsextcbp.biodebug = bio_s_out;
- SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
- SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
- SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
- SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
- }
-#endif
-
-#ifndef OPENSSL_NO_SRP
- if (srp_verifier_file != NULL) {
- srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
- srp_callback_parm.user = NULL;
- srp_callback_parm.login = NULL;
- if ((ret =
- SRP_VBASE_init(srp_callback_parm.vb,
- srp_verifier_file)) != SRP_NO_ERROR) {
- BIO_printf(bio_err,
- "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
- srp_verifier_file, ret);
- goto end;
- }
- SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
- SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
- SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
- } else
-#endif
- if (CAfile != NULL) {
- SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
-#ifndef OPENSSL_NO_TLSEXT
- if (ctx2)
- SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
-#endif
- }
-
- BIO_printf(bio_s_out, "ACCEPT\n");
- (void)BIO_flush(bio_s_out);
- if (www)
- do_server(port, socket_type, &accept_socket, www_body, context);
- else
- do_server(port, socket_type, &accept_socket, sv_body, context);
- print_stats(bio_s_out, ctx);
- ret = 0;
- end:
- if (ctx != NULL)
- SSL_CTX_free(ctx);
- if (s_cert)
- X509_free(s_cert);
- if (s_dcert)
- X509_free(s_dcert);
- if (s_key)
- EVP_PKEY_free(s_key);
- if (s_dkey)
- EVP_PKEY_free(s_dkey);
- if (pass)
- OPENSSL_free(pass);
- if (dpass)
- OPENSSL_free(dpass);
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
-#ifndef OPENSSL_NO_TLSEXT
- if (tlscstatp.host)
- OPENSSL_free(tlscstatp.host);
- if (tlscstatp.port)
- OPENSSL_free(tlscstatp.port);
- if (tlscstatp.path)
- OPENSSL_free(tlscstatp.path);
- if (ctx2 != NULL)
- SSL_CTX_free(ctx2);
- if (s_cert2)
- X509_free(s_cert2);
- if (s_key2)
- EVP_PKEY_free(s_key2);
-#endif
- if (bio_s_out != NULL) {
- BIO_free(bio_s_out);
- bio_s_out = NULL;
- }
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
-
-static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
-{
- BIO_printf(bio, "%4ld items in the session cache\n",
- SSL_CTX_sess_number(ssl_ctx));
- BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
- SSL_CTX_sess_connect(ssl_ctx));
- BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
- SSL_CTX_sess_connect_renegotiate(ssl_ctx));
- BIO_printf(bio, "%4ld client connects that finished\n",
- SSL_CTX_sess_connect_good(ssl_ctx));
- BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
- SSL_CTX_sess_accept(ssl_ctx));
- BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
- SSL_CTX_sess_accept_renegotiate(ssl_ctx));
- BIO_printf(bio, "%4ld server accepts that finished\n",
- SSL_CTX_sess_accept_good(ssl_ctx));
- BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
- BIO_printf(bio, "%4ld session cache misses\n",
- SSL_CTX_sess_misses(ssl_ctx));
- BIO_printf(bio, "%4ld session cache timeouts\n",
- SSL_CTX_sess_timeouts(ssl_ctx));
- BIO_printf(bio, "%4ld callback cache hits\n",
- SSL_CTX_sess_cb_hits(ssl_ctx));
- BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
- SSL_CTX_sess_cache_full(ssl_ctx),
- SSL_CTX_sess_get_cache_size(ssl_ctx));
-}
-
-static int sv_body(char *hostname, int s, unsigned char *context)
-{
- char *buf = NULL;
- fd_set readfds;
- int ret = 1, width;
- int k, i;
- unsigned long l;
- SSL *con = NULL;
- BIO *sbio;
-#ifndef OPENSSL_NO_KRB5
- KSSL_CTX *kctx;
-#endif
- struct timeval timeout;
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
- struct timeval tv;
-#else
- struct timeval *timeoutp;
-#endif
-
- if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
- BIO_printf(bio_err, "out of memory\n");
- goto err;
- }
-#ifdef FIONBIO
- if (s_nbio) {
- unsigned long sl = 1;
-
- if (!s_quiet)
- BIO_printf(bio_err, "turning on non blocking io\n");
- if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
- ERR_print_errors(bio_err);
- }
-#endif
-
- if (con == NULL) {
- con = SSL_new(ctx);
-#ifndef OPENSSL_NO_TLSEXT
- if (s_tlsextdebug) {
- SSL_set_tlsext_debug_callback(con, tlsext_cb);
- SSL_set_tlsext_debug_arg(con, bio_s_out);
- }
- if (s_tlsextstatus) {
- SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
- tlscstatp.err = bio_err;
- SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
- }
-#endif
-#ifndef OPENSSL_NO_KRB5
- if ((kctx = kssl_ctx_new()) != NULL) {
- SSL_set0_kssl_ctx(con, kctx);
- kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
- kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
- }
-#endif /* OPENSSL_NO_KRB5 */
- if (context)
- SSL_set_session_id_context(con, context, strlen((char *)context));
- }
- SSL_clear(con);
-#if 0
-# ifdef TLSEXT_TYPE_opaque_prf_input
- SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
-# endif
-#endif
-
- if (SSL_version(con) == DTLS1_VERSION) {
-
- sbio = BIO_new_dgram(s, BIO_NOCLOSE);
-
- if (enable_timeouts) {
- timeout.tv_sec = 0;
- timeout.tv_usec = DGRAM_RCV_TIMEOUT;
- BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
-
- timeout.tv_sec = 0;
- timeout.tv_usec = DGRAM_SND_TIMEOUT;
- BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
- }
-
- if (socket_mtu) {
- if (socket_mtu < DTLS_get_link_min_mtu(con)) {
- BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
- DTLS_get_link_min_mtu(con));
- ret = -1;
- BIO_free(sbio);
- goto err;
- }
- SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
- if (!DTLS_set_link_mtu(con, socket_mtu)) {
- BIO_printf(bio_err, "Failed to set MTU\n");
- ret = -1;
- BIO_free(sbio);
- goto err;
- }
- } else
- /* want to do MTU discovery */
- BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
-
- /* turn on cookie exchange */
- SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
- } else
- sbio = BIO_new_socket(s, BIO_NOCLOSE);
-
- if (s_nbio_test) {
- BIO *test;
-
- test = BIO_new(BIO_f_nbio_test());
- sbio = BIO_push(test, sbio);
- }
-#ifndef OPENSSL_NO_JPAKE
- if (jpake_secret)
- jpake_server_auth(bio_s_out, sbio, jpake_secret);
-#endif
-
- SSL_set_bio(con, sbio, sbio);
- SSL_set_accept_state(con);
- /* SSL_set_fd(con,s); */
-
- if (s_debug) {
- SSL_set_debug(con, 1);
- BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
- BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
- }
- if (s_msg) {
- SSL_set_msg_callback(con, msg_cb);
- SSL_set_msg_callback_arg(con, bio_s_out);
- }
-#ifndef OPENSSL_NO_TLSEXT
- if (s_tlsextdebug) {
- SSL_set_tlsext_debug_callback(con, tlsext_cb);
- SSL_set_tlsext_debug_arg(con, bio_s_out);
- }
-#endif
-
- width = s + 1;
- for (;;) {
- int read_from_terminal;
- int read_from_sslcon;
-
- read_from_terminal = 0;
- read_from_sslcon = SSL_pending(con);
-
- if (!read_from_sslcon) {
- FD_ZERO(&readfds);
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
- openssl_fdset(fileno(stdin), &readfds);
-#endif
- openssl_fdset(s, &readfds);
- /*
- * Note: under VMS with SOCKETSHR the second parameter is
- * currently of type (int *) whereas under other systems it is
- * (void *) if you don't have a cast it will choke the compiler:
- * if you do have a cast then you can either go for (int *) or
- * (void *).
- */
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
- /*
- * Under DOS (non-djgpp) and Windows we can't select on stdin:
- * only on sockets. As a workaround we timeout the select every
- * second and check for any keypress. In a proper Windows
- * application we wouldn't do this because it is inefficient.
- */
- tv.tv_sec = 1;
- tv.tv_usec = 0;
- i = select(width, (void *)&readfds, NULL, NULL, &tv);
- if ((i < 0) || (!i && !_kbhit()))
- continue;
- if (_kbhit())
- read_from_terminal = 1;
-#elif defined(OPENSSL_SYS_BEOS_R5)
- /* Under BeOS-R5 the situation is similar to DOS */
- tv.tv_sec = 1;
- tv.tv_usec = 0;
- (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
- i = select(width, (void *)&readfds, NULL, NULL, &tv);
- if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
- continue;
- if (read(fileno(stdin), buf, 0) >= 0)
- read_from_terminal = 1;
- (void)fcntl(fileno(stdin), F_SETFL, 0);
-#else
- if ((SSL_version(con) == DTLS1_VERSION) &&
- DTLSv1_get_timeout(con, &timeout))
- timeoutp = &timeout;
- else
- timeoutp = NULL;
-
- i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
-
- if ((SSL_version(con) == DTLS1_VERSION)
- && DTLSv1_handle_timeout(con) > 0) {
- BIO_printf(bio_err, "TIMEOUT occured\n");
- }
-
- if (i <= 0)
- continue;
- if (FD_ISSET(fileno(stdin), &readfds))
- read_from_terminal = 1;
-#endif
- if (FD_ISSET(s, &readfds))
- read_from_sslcon = 1;
- }
- if (read_from_terminal) {
- if (s_crlf) {
- int j, lf_num;
-
- i = raw_read_stdin(buf, bufsize / 2);
- lf_num = 0;
- /* both loops are skipped when i <= 0 */
- for (j = 0; j < i; j++)
- if (buf[j] == '\n')
- lf_num++;
- for (j = i - 1; j >= 0; j--) {
- buf[j + lf_num] = buf[j];
- if (buf[j] == '\n') {
- lf_num--;
- i++;
- buf[j + lf_num] = '\r';
- }
- }
- assert(lf_num == 0);
- } else
- i = raw_read_stdin(buf, bufsize);
- if (!s_quiet) {
- if ((i <= 0) || (buf[0] == 'Q')) {
- BIO_printf(bio_s_out, "DONE\n");
- SHUTDOWN(s);
- close_accept_socket();
- ret = -11;
- goto err;
- }
- if ((i <= 0) || (buf[0] == 'q')) {
- BIO_printf(bio_s_out, "DONE\n");
- if (SSL_version(con) != DTLS1_VERSION)
- SHUTDOWN(s);
- /*
- * close_accept_socket(); ret= -11;
- */
- goto err;
- }
-#ifndef OPENSSL_NO_HEARTBEATS
- if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
- BIO_printf(bio_err, "HEARTBEATING\n");
- SSL_heartbeat(con);
- i = 0;
- continue;
- }
-#endif
- if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
- SSL_renegotiate(con);
- i = SSL_do_handshake(con);
- printf("SSL_do_handshake -> %d\n", i);
- i = 0; /* 13; */
- continue;
- /*
- * strcpy(buf,"server side RE-NEGOTIATE\n");
- */
- }
- if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
- SSL_set_verify(con,
- SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
- NULL);
- SSL_renegotiate(con);
- i = SSL_do_handshake(con);
- printf("SSL_do_handshake -> %d\n", i);
- i = 0; /* 13; */
- continue;
- /*
- * strcpy(buf,"server side RE-NEGOTIATE asking for client
- * cert\n");
- */
- }
- if (buf[0] == 'P') {
- static const char *str = "Lets print some clear text\n";
- BIO_write(SSL_get_wbio(con), str, strlen(str));
- }
- if (buf[0] == 'S') {
- print_stats(bio_s_out, SSL_get_SSL_CTX(con));
- }
- }
-#ifdef CHARSET_EBCDIC
- ebcdic2ascii(buf, buf, i);
-#endif
- l = k = 0;
- for (;;) {
- /* should do a select for the write */
-#ifdef RENEG
- {
- static count = 0;
- if (++count == 100) {
- count = 0;
- SSL_renegotiate(con);
- }
- }
-#endif
- k = SSL_write(con, &(buf[l]), (unsigned int)i);
-#ifndef OPENSSL_NO_SRP
- while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
- BIO_printf(bio_s_out, "LOOKUP renego during write\n");
- srp_callback_parm.user =
- SRP_VBASE_get_by_user(srp_callback_parm.vb,
- srp_callback_parm.login);
- if (srp_callback_parm.user)
- BIO_printf(bio_s_out, "LOOKUP done %s\n",
- srp_callback_parm.user->info);
- else
- BIO_printf(bio_s_out, "LOOKUP not successful\n");
- k = SSL_write(con, &(buf[l]), (unsigned int)i);
- }
-#endif
- switch (SSL_get_error(con, k)) {
- case SSL_ERROR_NONE:
- break;
- case SSL_ERROR_WANT_WRITE:
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_X509_LOOKUP:
- BIO_printf(bio_s_out, "Write BLOCK\n");
- break;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- BIO_printf(bio_s_out, "ERROR\n");
- ERR_print_errors(bio_err);
- ret = 1;
- goto err;
- /* break; */
- case SSL_ERROR_ZERO_RETURN:
- BIO_printf(bio_s_out, "DONE\n");
- ret = 1;
- goto err;
- }
- if (k > 0) {
- l += k;
- i -= k;
- }
- if (i <= 0)
- break;
- }
- }
- if (read_from_sslcon) {
- if (!SSL_is_init_finished(con)) {
- i = init_ssl_connection(con);
-
- if (i < 0) {
- ret = 0;
- goto err;
- } else if (i == 0) {
- ret = 1;
- goto err;
- }
- } else {
- again:
- i = SSL_read(con, (char *)buf, bufsize);
-#ifndef OPENSSL_NO_SRP
- while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
- BIO_printf(bio_s_out, "LOOKUP renego during read\n");
- srp_callback_parm.user =
- SRP_VBASE_get_by_user(srp_callback_parm.vb,
- srp_callback_parm.login);
- if (srp_callback_parm.user)
- BIO_printf(bio_s_out, "LOOKUP done %s\n",
- srp_callback_parm.user->info);
- else
- BIO_printf(bio_s_out, "LOOKUP not successful\n");
- i = SSL_read(con, (char *)buf, bufsize);
- }
-#endif
- switch (SSL_get_error(con, i)) {
- case SSL_ERROR_NONE:
-#ifdef CHARSET_EBCDIC
- ascii2ebcdic(buf, buf, i);
-#endif
- raw_write_stdout(buf, (unsigned int)i);
- if (SSL_pending(con))
- goto again;
- break;
- case SSL_ERROR_WANT_WRITE:
- case SSL_ERROR_WANT_READ:
- BIO_printf(bio_s_out, "Read BLOCK\n");
- break;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- BIO_printf(bio_s_out, "ERROR\n");
- ERR_print_errors(bio_err);
- ret = 1;
- goto err;
- case SSL_ERROR_ZERO_RETURN:
- BIO_printf(bio_s_out, "DONE\n");
- ret = 1;
- goto err;
- }
- }
- }
- }
- err:
- if (con != NULL) {
- BIO_printf(bio_s_out, "shutting down SSL\n");
-#if 1
- SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-#else
- SSL_shutdown(con);
-#endif
- SSL_free(con);
- }
- BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
- if (buf != NULL) {
- OPENSSL_cleanse(buf, bufsize);
- OPENSSL_free(buf);
- }
- if (ret >= 0)
- BIO_printf(bio_s_out, "ACCEPT\n");
- return (ret);
-}
-
-static void close_accept_socket(void)
-{
- BIO_printf(bio_err, "shutdown accept socket\n");
- if (accept_socket >= 0) {
- SHUTDOWN2(accept_socket);
- }
-}
-
-static int init_ssl_connection(SSL *con)
-{
- int i;
- const char *str;
- X509 *peer;
- long verify_error;
- MS_STATIC char buf[BUFSIZ];
-#ifndef OPENSSL_NO_KRB5
- char *client_princ;
-#endif
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- const unsigned char *next_proto_neg;
- unsigned next_proto_neg_len;
-#endif
- unsigned char *exportedkeymat;
-
- i = SSL_accept(con);
-#ifndef OPENSSL_NO_SRP
- while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
- BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
- srp_callback_parm.login);
- srp_callback_parm.user =
- SRP_VBASE_get_by_user(srp_callback_parm.vb,
- srp_callback_parm.login);
- if (srp_callback_parm.user)
- BIO_printf(bio_s_out, "LOOKUP done %s\n",
- srp_callback_parm.user->info);
- else
- BIO_printf(bio_s_out, "LOOKUP not successful\n");
- i = SSL_accept(con);
- }
-#endif
- if (i <= 0) {
- if (BIO_sock_should_retry(i)) {
- BIO_printf(bio_s_out, "DELAY\n");
- return (1);
- }
-
- BIO_printf(bio_err, "ERROR\n");
- verify_error = SSL_get_verify_result(con);
- if (verify_error != X509_V_OK) {
- BIO_printf(bio_err, "verify error:%s\n",
- X509_verify_cert_error_string(verify_error));
- } else
- ERR_print_errors(bio_err);
- return (0);
- }
-
- PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
-
- peer = SSL_get_peer_certificate(con);
- if (peer != NULL) {
- BIO_printf(bio_s_out, "Client certificate\n");
- PEM_write_bio_X509(bio_s_out, peer);
- X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
- BIO_printf(bio_s_out, "subject=%s\n", buf);
- X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
- BIO_printf(bio_s_out, "issuer=%s\n", buf);
- X509_free(peer);
- }
-
- if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
- BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
- str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
- BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
- if (next_proto_neg) {
- BIO_printf(bio_s_out, "NEXTPROTO is ");
- BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
- BIO_printf(bio_s_out, "\n");
- }
-#endif
-#ifndef OPENSSL_NO_SRTP
- {
- SRTP_PROTECTION_PROFILE *srtp_profile
- = SSL_get_selected_srtp_profile(con);
-
- if (srtp_profile)
- BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
- srtp_profile->name);
- }
-#endif
- if (SSL_cache_hit(con))
- BIO_printf(bio_s_out, "Reused session-id\n");
- if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
- TLS1_FLAGS_TLS_PADDING_BUG)
- BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
-#ifndef OPENSSL_NO_KRB5
- client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
- if (client_princ != NULL) {
- BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
- client_princ);
- }
-#endif /* OPENSSL_NO_KRB5 */
- BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
- SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
- if (keymatexportlabel != NULL) {
- BIO_printf(bio_s_out, "Keying material exporter:\n");
- BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
- BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
- exportedkeymat = OPENSSL_malloc(keymatexportlen);
- if (exportedkeymat != NULL) {
- if (!SSL_export_keying_material(con, exportedkeymat,
- keymatexportlen,
- keymatexportlabel,
- strlen(keymatexportlabel),
- NULL, 0, 0)) {
- BIO_printf(bio_s_out, " Error\n");
- } else {
- BIO_printf(bio_s_out, " Keying material: ");
- for (i = 0; i < keymatexportlen; i++)
- BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
- BIO_printf(bio_s_out, "\n");
- }
- OPENSSL_free(exportedkeymat);
- }
- }
-
- return (1);
-}
-
-#ifndef OPENSSL_NO_DH
-static DH *load_dh_param(const char *dhfile)
-{
- DH *ret = NULL;
- BIO *bio;
-
- if ((bio = BIO_new_file(dhfile, "r")) == NULL)
- goto err;
- ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
- err:
- if (bio != NULL)
- BIO_free(bio);
- return (ret);
-}
-#endif
-#ifndef OPENSSL_NO_KRB5
-char *client_princ;
-#endif
-
-#if 0
-static int load_CA(SSL_CTX *ctx, char *file)
-{
- FILE *in;
- X509 *x = NULL;
-
- if ((in = fopen(file, "r")) == NULL)
- return (0);
-
- for (;;) {
- if (PEM_read_X509(in, &x, NULL) == NULL)
- break;
- SSL_CTX_add_client_CA(ctx, x);
- }
- if (x != NULL)
- X509_free(x);
- fclose(in);
- return (1);
-}
-#endif
-
-static int www_body(char *hostname, int s, unsigned char *context)
-{
- char *buf = NULL;
- int ret = 1;
- int i, j, k, dot;
- SSL *con;
- const SSL_CIPHER *c;
- BIO *io, *ssl_bio, *sbio;
-#ifndef OPENSSL_NO_KRB5
- KSSL_CTX *kctx;
-#endif
-
- buf = OPENSSL_malloc(bufsize);
- if (buf == NULL)
- return (0);
- io = BIO_new(BIO_f_buffer());
- ssl_bio = BIO_new(BIO_f_ssl());
- if ((io == NULL) || (ssl_bio == NULL))
- goto err;
-
-#ifdef FIONBIO
- if (s_nbio) {
- unsigned long sl = 1;
-
- if (!s_quiet)
- BIO_printf(bio_err, "turning on non blocking io\n");
- if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
- ERR_print_errors(bio_err);
- }
-#endif
-
- /* lets make the output buffer a reasonable size */
- if (!BIO_set_write_buffer_size(io, bufsize))
- goto err;
-
- if ((con = SSL_new(ctx)) == NULL)
- goto err;
-#ifndef OPENSSL_NO_TLSEXT
- if (s_tlsextdebug) {
- SSL_set_tlsext_debug_callback(con, tlsext_cb);
- SSL_set_tlsext_debug_arg(con, bio_s_out);
- }
-#endif
-#ifndef OPENSSL_NO_KRB5
- if ((kctx = kssl_ctx_new()) != NULL) {
- kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
- kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
- }
-#endif /* OPENSSL_NO_KRB5 */
- if (context)
- SSL_set_session_id_context(con, context, strlen((char *)context));
-
- sbio = BIO_new_socket(s, BIO_NOCLOSE);
- if (s_nbio_test) {
- BIO *test;
-
- test = BIO_new(BIO_f_nbio_test());
- sbio = BIO_push(test, sbio);
- }
- SSL_set_bio(con, sbio, sbio);
- SSL_set_accept_state(con);
-
- /* SSL_set_fd(con,s); */
- BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
- BIO_push(io, ssl_bio);
-#ifdef CHARSET_EBCDIC
- io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
-#endif
-
- if (s_debug) {
- SSL_set_debug(con, 1);
- BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
- BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
- }
- if (s_msg) {
- SSL_set_msg_callback(con, msg_cb);
- SSL_set_msg_callback_arg(con, bio_s_out);
- }
-
- for (;;) {
- if (hack) {
- i = SSL_accept(con);
-#ifndef OPENSSL_NO_SRP
- while (i <= 0
- && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
- BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
- srp_callback_parm.login);
- srp_callback_parm.user =
- SRP_VBASE_get_by_user(srp_callback_parm.vb,
- srp_callback_parm.login);
- if (srp_callback_parm.user)
- BIO_printf(bio_s_out, "LOOKUP done %s\n",
- srp_callback_parm.user->info);
- else
- BIO_printf(bio_s_out, "LOOKUP not successful\n");
- i = SSL_accept(con);
- }
-#endif
- switch (SSL_get_error(con, i)) {
- case SSL_ERROR_NONE:
- break;
- case SSL_ERROR_WANT_WRITE:
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_X509_LOOKUP:
- continue;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- case SSL_ERROR_ZERO_RETURN:
- ret = 1;
- goto err;
- /* break; */
- }
-
- SSL_renegotiate(con);
- SSL_write(con, NULL, 0);
- }
-
- i = BIO_gets(io, buf, bufsize - 1);
- if (i < 0) { /* error */
- if (!BIO_should_retry(io)) {
- if (!s_quiet)
- ERR_print_errors(bio_err);
- goto err;
- } else {
- BIO_printf(bio_s_out, "read R BLOCK\n");
-#ifndef OPENSSL_NO_SRP
- if (BIO_should_io_special(io)
- && BIO_get_retry_reason(io) == BIO_RR_SSL_X509_LOOKUP) {
- BIO_printf(bio_s_out, "LOOKUP renego during read\n");
- srp_callback_parm.user =
- SRP_VBASE_get_by_user(srp_callback_parm.vb,
- srp_callback_parm.login);
- if (srp_callback_parm.user)
- BIO_printf(bio_s_out, "LOOKUP done %s\n",
- srp_callback_parm.user->info);
- else
- BIO_printf(bio_s_out, "LOOKUP not successful\n");
- continue;
- }
-#endif
-#if defined(OPENSSL_SYS_NETWARE)
- delay(1000);
-#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
- sleep(1);
-#endif
- continue;
- }
- } else if (i == 0) { /* end of input */
- ret = 1;
- goto end;
- }
-
- /* else we have data */
- if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
- ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
- char *p;
- X509 *peer;
- STACK_OF(SSL_CIPHER) *sk;
- static const char *space = " ";
-
- BIO_puts(io,
- "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
- BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
- BIO_puts(io, "<pre>\n");
-/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
- BIO_puts(io, "\n");
- for (i = 0; i < local_argc; i++) {
- BIO_puts(io, local_argv[i]);
- BIO_write(io, " ", 1);
- }
- BIO_puts(io, "\n");
-
- BIO_printf(io,
- "Secure Renegotiation IS%s supported\n",
- SSL_get_secure_renegotiation_support(con) ?
- "" : " NOT");
-
- /*
- * The following is evil and should not really be done
- */
- BIO_printf(io, "Ciphers supported in s_server binary\n");
- sk = SSL_get_ciphers(con);
- j = sk_SSL_CIPHER_num(sk);
- for (i = 0; i < j; i++) {
- c = sk_SSL_CIPHER_value(sk, i);
- BIO_printf(io, "%-11s:%-25s",
- SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
- if ((((i + 1) % 2) == 0) && (i + 1 != j))
- BIO_puts(io, "\n");
- }
- BIO_puts(io, "\n");
- p = SSL_get_shared_ciphers(con, buf, bufsize);
- if (p != NULL) {
- BIO_printf(io,
- "---\nCiphers common between both SSL end points:\n");
- j = i = 0;
- while (*p) {
- if (*p == ':') {
- BIO_write(io, space, 26 - j);
- i++;
- j = 0;
- BIO_write(io, ((i % 3) ? " " : "\n"), 1);
- } else {
- BIO_write(io, p, 1);
- j++;
- }
- p++;
- }
- BIO_puts(io, "\n");
- }
- BIO_printf(io, (SSL_cache_hit(con)
- ? "---\nReused, " : "---\nNew, "));
- c = SSL_get_current_cipher(con);
- BIO_printf(io, "%s, Cipher is %s\n",
- SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
- SSL_SESSION_print(io, SSL_get_session(con));
- BIO_printf(io, "---\n");
- print_stats(io, SSL_get_SSL_CTX(con));
- BIO_printf(io, "---\n");
- peer = SSL_get_peer_certificate(con);
- if (peer != NULL) {
- BIO_printf(io, "Client certificate\n");
- X509_print(io, peer);
- PEM_write_bio_X509(io, peer);
- } else
- BIO_puts(io, "no client certificate available\n");
- BIO_puts(io, "</BODY></HTML>\r\n\r\n");
- break;
- } else if ((www == 2 || www == 3)
- && (strncmp("GET /", buf, 5) == 0)) {
- BIO *file;
- char *p, *e;
- static const char *text =
- "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
-
- /* skip the '/' */
- p = &(buf[5]);
-
- dot = 1;
- for (e = p; *e != '\0'; e++) {
- if (e[0] == ' ')
- break;
-
- switch (dot) {
- case 1:
- dot = (e[0] == '.') ? 2 : 0;
- break;
- case 2:
- dot = (e[0] == '.') ? 3 : 0;
- break;
- case 3:
- dot = (e[0] == '/') ? -1 : 0;
- break;
- }
- if (dot == 0)
- dot = (e[0] == '/') ? 1 : 0;
- }
- dot = (dot == 3) || (dot == -1); /* filename contains ".."
- * component */
-
- if (*e == '\0') {
- BIO_puts(io, text);
- BIO_printf(io, "'%s' is an invalid file name\r\n", p);
- break;
- }
- *e = '\0';
-
- if (dot) {
- BIO_puts(io, text);
- BIO_printf(io, "'%s' contains '..' reference\r\n", p);
- break;
- }
-
- if (*p == '/') {
- BIO_puts(io, text);
- BIO_printf(io, "'%s' is an invalid path\r\n", p);
- break;
- }
-#if 0
- /* append if a directory lookup */
- if (e[-1] == '/')
- strcat(p, "index.html");
-#endif
-
- /* if a directory, do the index thang */
- if (app_isdir(p) > 0) {
-#if 0 /* must check buffer size */
- strcat(p, "/index.html");
-#else
- BIO_puts(io, text);
- BIO_printf(io, "'%s' is a directory\r\n", p);
- break;
-#endif
- }
-
- if ((file = BIO_new_file(p, "r")) == NULL) {
- BIO_puts(io, text);
- BIO_printf(io, "Error opening '%s'\r\n", p);
- ERR_print_errors(io);
- break;
- }
-
- if (!s_quiet)
- BIO_printf(bio_err, "FILE:%s\n", p);
-
- if (www == 2) {
- i = strlen(p);
- if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
- ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
- ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
- BIO_puts(io,
- "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
- else
- BIO_puts(io,
- "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
- }
- /* send the file */
- for (;;) {
- i = BIO_read(file, buf, bufsize);
- if (i <= 0)
- break;
-
-#ifdef RENEG
- total_bytes += i;
- fprintf(stderr, "%d\n", i);
- if (total_bytes > 3 * 1024) {
- total_bytes = 0;
- fprintf(stderr, "RENEGOTIATE\n");
- SSL_renegotiate(con);
- }
-#endif
-
- for (j = 0; j < i;) {
-#ifdef RENEG
- {
- static count = 0;
- if (++count == 13) {
- SSL_renegotiate(con);
- }
- }
-#endif
- k = BIO_write(io, &(buf[j]), i - j);
- if (k <= 0) {
- if (!BIO_should_retry(io))
- goto write_error;
- else {
- BIO_printf(bio_s_out, "rwrite W BLOCK\n");
- }
- } else {
- j += k;
- }
- }
- }
- write_error:
- BIO_free(file);
- break;
- }
- }
-
- for (;;) {
- i = (int)BIO_flush(io);
- if (i <= 0) {
- if (!BIO_should_retry(io))
- break;
- } else
- break;
- }
- end:
-#if 1
- /* make sure we re-use sessions */
- SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-#else
- /* This kills performance */
- /*
- * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io)
- * procession
- */
-#endif
-
- err:
-
- if (ret >= 0)
- BIO_printf(bio_s_out, "ACCEPT\n");
-
- if (buf != NULL)
- OPENSSL_free(buf);
- if (io != NULL)
- BIO_free_all(io);
-/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
- return (ret);
-}
-
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
-{
- BIGNUM *bn = NULL;
- static RSA *rsa_tmp = NULL;
-
- if (!rsa_tmp && ((bn = BN_new()) == NULL))
- BIO_printf(bio_err, "Allocation error in generating RSA key\n");
- if (!rsa_tmp && bn) {
- if (!s_quiet) {
- BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
- keylength);
- (void)BIO_flush(bio_err);
- }
- if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
- !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
- if (rsa_tmp)
- RSA_free(rsa_tmp);
- rsa_tmp = NULL;
- }
- if (!s_quiet) {
- BIO_printf(bio_err, "\n");
- (void)BIO_flush(bio_err);
- }
- BN_free(bn);
- }
- return (rsa_tmp);
-}
-#endif
-
-#define MAX_SESSION_ID_ATTEMPTS 10
-static int generate_session_id(const SSL *ssl, unsigned char *id,
- unsigned int *id_len)
-{
- unsigned int count = 0;
- do {
- if (RAND_pseudo_bytes(id, *id_len) < 0)
- return 0;
- /*
- * Prefix the session_id with the required prefix. NB: If our prefix
- * is too long, clip it - but there will be worse effects anyway, eg.
- * the server could only possibly create 1 session ID (ie. the
- * prefix!) so all future session negotiations will fail due to
- * conflicts.
- */
- memcpy(id, session_id_prefix,
- (strlen(session_id_prefix) < *id_len) ?
- strlen(session_id_prefix) : *id_len);
- }
- while (SSL_has_matching_session_id(ssl, id, *id_len) &&
- (++count < MAX_SESSION_ID_ATTEMPTS));
- if (count >= MAX_SESSION_ID_ATTEMPTS)
- return 0;
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/apps/s_server.c (from rev 11605, vendor-crypto/openssl/dist/apps/s_server.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/s_server.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/s_server.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2989 @@
+/* apps/s_server.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#include <assert.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/e_os2.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+
+/* conflicts with winsock2 stuff on netware */
+#if !defined(OPENSSL_SYS_NETWARE)
+# include <sys/types.h>
+#endif
+
+/*
+ * With IPv6, it looks like Digital has mixed up the proper order of
+ * recursive header file inclusion, resulting in the compiler complaining
+ * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
+ * needed to have fileno() declared correctly... So let's define u_int
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
+# define __U_INT
+typedef unsigned int u_int;
+#endif
+
+#include <openssl/lhash.h>
+#include <openssl/bn.h>
+#define USE_SOCKETS
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
+#include "s_apps.h"
+#include "timeouts.h"
+
+#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
+/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
+# undef FIONBIO
+#endif
+
+#if defined(OPENSSL_SYS_BEOS_R5)
+# include <fcntl.h>
+#endif
+
+#ifndef OPENSSL_NO_RSA
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
+#endif
+static int sv_body(char *hostname, int s, unsigned char *context);
+static int www_body(char *hostname, int s, unsigned char *context);
+static void close_accept_socket(void);
+static void sv_usage(void);
+static int init_ssl_connection(SSL *s);
+static void print_stats(BIO *bp, SSL_CTX *ctx);
+static int generate_session_id(const SSL *ssl, unsigned char *id,
+ unsigned int *id_len);
+#ifndef OPENSSL_NO_DH
+static DH *load_dh_param(const char *dhfile);
+static DH *get_dh2048(void);
+#endif
+
+#ifdef MONOLITH
+static void s_server_init(void);
+#endif
+
+#ifndef OPENSSL_NO_DH
+static unsigned char dh2048_p[] = {
+ 0xF6,0x42,0x57,0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,
+ 0xA9,0x42,0xF3,0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,
+ 0x6E,0xB9,0x4B,0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,
+ 0x8F,0x40,0x55,0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,
+ 0xF7,0x4C,0x64,0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,
+ 0xD4,0xA1,0xD3,0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,
+ 0x3D,0x3D,0x8D,0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,
+ 0xB8,0xAE,0x74,0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,
+ 0x61,0xCE,0x7C,0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,
+ 0xC7,0x01,0xAA,0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,
+ 0x1A,0xF0,0xBF,0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,
+ 0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,
+ 0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,
+ 0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,
+ 0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,
+ 0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,
+ 0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
+ 0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
+ 0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
+ 0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
+ 0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
+ 0xE9,0x32,0x0B,0x3B,
+};
+
+static unsigned char dh2048_g[] = {
+ 0x02,
+};
+
+DH *get_dh2048()
+{
+ DH *dh;
+
+ if ((dh = DH_new()) == NULL)
+ return NULL;
+ dh->p=BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
+ dh->g=BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
+ if (dh->p == NULL || dh->g == NULL) {
+ DH_free(dh);
+ return NULL;
+ }
+ return dh;
+}
+#endif
+
+/* static int load_CA(SSL_CTX *ctx, char *file);*/
+
+#undef BUFSIZZ
+#define BUFSIZZ 16*1024
+static int bufsize = BUFSIZZ;
+static int accept_socket = -1;
+
+#define TEST_CERT "server.pem"
+#ifndef OPENSSL_NO_TLSEXT
+# define TEST_CERT2 "server2.pem"
+#endif
+#undef PROG
+#define PROG s_server_main
+
+extern int verify_depth, verify_return_error;
+
+static char *cipher = NULL;
+static int s_server_verify = SSL_VERIFY_NONE;
+static int s_server_session_id_context = 1; /* anything will do */
+static const char *s_cert_file = TEST_CERT, *s_key_file = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
+#endif
+static char *s_dcert_file = NULL, *s_dkey_file = NULL;
+#ifdef FIONBIO
+static int s_nbio = 0;
+#endif
+static int s_nbio_test = 0;
+int s_crlf = 0;
+static SSL_CTX *ctx = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+static SSL_CTX *ctx2 = NULL;
+#endif
+static int www = 0;
+
+static BIO *bio_s_out = NULL;
+static int s_debug = 0;
+#ifndef OPENSSL_NO_TLSEXT
+static int s_tlsextdebug = 0;
+static int s_tlsextstatus = 0;
+static int cert_status_cb(SSL *s, void *arg);
+#endif
+static int s_msg = 0;
+static int s_quiet = 0;
+
+static char *keymatexportlabel = NULL;
+static int keymatexportlen = 20;
+
+static int hack = 0;
+#ifndef OPENSSL_NO_ENGINE
+static char *engine_id = NULL;
+#endif
+static const char *session_id_prefix = NULL;
+
+static int enable_timeouts = 0;
+static long socket_mtu;
+#ifndef OPENSSL_NO_DTLS1
+static int cert_chain = 0;
+#endif
+
+#ifndef OPENSSL_NO_PSK
+static char *psk_identity = "Client_identity";
+char *psk_key = NULL; /* by default PSK is not used */
+
+static unsigned int psk_server_cb(SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ unsigned int psk_len = 0;
+ int ret;
+ BIGNUM *bn = NULL;
+
+ if (s_debug)
+ BIO_printf(bio_s_out, "psk_server_cb\n");
+ if (!identity) {
+ BIO_printf(bio_err, "Error: client did not send PSK identity\n");
+ goto out_err;
+ }
+ if (s_debug)
+ BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
+ (int)strlen(identity), identity);
+
+ /* here we could lookup the given identity e.g. from a database */
+ if (strcmp(identity, psk_identity) != 0) {
+ BIO_printf(bio_s_out, "PSK error: client identity not found"
+ " (got '%s' expected '%s')\n", identity, psk_identity);
+ goto out_err;
+ }
+ if (s_debug)
+ BIO_printf(bio_s_out, "PSK client identity found\n");
+
+ /* convert the PSK key to binary */
+ ret = BN_hex2bn(&bn, psk_key);
+ if (!ret) {
+ BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+ psk_key);
+ if (bn)
+ BN_free(bn);
+ return 0;
+ }
+ if (BN_num_bytes(bn) > (int)max_psk_len) {
+ BIO_printf(bio_err,
+ "psk buffer of callback is too small (%d) for key (%d)\n",
+ max_psk_len, BN_num_bytes(bn));
+ BN_free(bn);
+ return 0;
+ }
+
+ ret = BN_bn2bin(bn, psk);
+ BN_free(bn);
+
+ if (ret < 0)
+ goto out_err;
+ psk_len = (unsigned int)ret;
+
+ if (s_debug)
+ BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
+ return psk_len;
+ out_err:
+ if (s_debug)
+ BIO_printf(bio_err, "Error in PSK server callback\n");
+ return 0;
+}
+#endif
+
+#ifndef OPENSSL_NO_SRP
+/* This is a context that we pass to callbacks */
+typedef struct srpsrvparm_st {
+ char *login;
+ SRP_VBASE *vb;
+ SRP_user_pwd *user;
+} srpsrvparm;
+
+/*
+ * This callback pretends to require some asynchronous logic in order to
+ * obtain a verifier. When the callback is called for a new connection we
+ * return with a negative value. This will provoke the accept etc to return
+ * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
+ * (which would normally occur after a worker has finished) and we set the
+ * user parameters.
+ */
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+{
+ srpsrvparm *p = (srpsrvparm *) arg;
+ int ret = SSL3_AL_FATAL;
+
+ if (p->login == NULL && p->user == NULL) {
+ p->login = SSL_get_srp_username(s);
+ BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
+ return (-1);
+ }
+
+ if (p->user == NULL) {
+ BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
+ goto err;
+ }
+
+ if (SSL_set_srp_server_param
+ (s, p->user->N, p->user->g, p->user->s, p->user->v,
+ p->user->info) < 0) {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ BIO_printf(bio_err,
+ "SRP parameters set: username = \"%s\" info=\"%s\" \n",
+ p->login, p->user->info);
+ ret = SSL_ERROR_NONE;
+
+err:
+ SRP_user_pwd_free(p->user);
+ p->user = NULL;
+ p->login = NULL;
+ return ret;
+}
+
+#endif
+
+#ifdef MONOLITH
+static void s_server_init(void)
+{
+ accept_socket = -1;
+ cipher = NULL;
+ s_server_verify = SSL_VERIFY_NONE;
+ s_dcert_file = NULL;
+ s_dkey_file = NULL;
+ s_cert_file = TEST_CERT;
+ s_key_file = NULL;
+# ifndef OPENSSL_NO_TLSEXT
+ s_cert_file2 = TEST_CERT2;
+ s_key_file2 = NULL;
+ ctx2 = NULL;
+# endif
+# ifdef FIONBIO
+ s_nbio = 0;
+# endif
+ s_nbio_test = 0;
+ ctx = NULL;
+ www = 0;
+
+ bio_s_out = NULL;
+ s_debug = 0;
+ s_msg = 0;
+ s_quiet = 0;
+ hack = 0;
+# ifndef OPENSSL_NO_ENGINE
+ engine_id = NULL;
+# endif
+}
+#endif
+
+static void sv_usage(void)
+{
+ BIO_printf(bio_err, "usage: s_server [args ...]\n");
+ BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err,
+ " -accept arg - port to accept on (default is %d)\n", PORT);
+ BIO_printf(bio_err, " -context arg - set session ID context\n");
+ BIO_printf(bio_err,
+ " -verify arg - turn on peer certificate verification\n");
+ BIO_printf(bio_err,
+ " -Verify arg - turn on peer certificate verification, must have a cert.\n");
+ BIO_printf(bio_err,
+ " -verify_return_error - return verification errors\n");
+ BIO_printf(bio_err, " -cert arg - certificate file to use\n");
+ BIO_printf(bio_err, " (default is %s)\n", TEST_CERT);
+ BIO_printf(bio_err,
+ " -crl_check - check the peer certificate has not been revoked by its CA.\n"
+ " The CRL(s) are appended to the certificate file\n");
+ BIO_printf(bio_err,
+ " -crl_check_all - check the peer certificate has not been revoked by its CA\n"
+ " or any other CRL in the CA chain. CRL(s) are appened to the\n"
+ " the certificate file.\n");
+ BIO_printf(bio_err,
+ " -certform arg - certificate format (PEM or DER) PEM default\n");
+ BIO_printf(bio_err,
+ " -key arg - Private Key file to use, in cert file if\n");
+ BIO_printf(bio_err, " not specified (default is %s)\n",
+ TEST_CERT);
+ BIO_printf(bio_err,
+ " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
+ BIO_printf(bio_err,
+ " -pass arg - private key file pass phrase source\n");
+ BIO_printf(bio_err,
+ " -dcert arg - second certificate file to use (usually for DSA)\n");
+ BIO_printf(bio_err,
+ " -dcertform x - second certificate format (PEM or DER) PEM default\n");
+ BIO_printf(bio_err,
+ " -dkey arg - second private key file to use (usually for DSA)\n");
+ BIO_printf(bio_err,
+ " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
+ BIO_printf(bio_err,
+ " -dpass arg - second private key file pass phrase source\n");
+ BIO_printf(bio_err,
+ " -dhparam arg - DH parameter file to use, in cert file if not specified\n");
+ BIO_printf(bio_err,
+ " or a default set of parameters is used\n");
+#ifndef OPENSSL_NO_ECDH
+ BIO_printf(bio_err,
+ " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
+ " Use \"openssl ecparam -list_curves\" for all names\n"
+ " (default is nistp256).\n");
+#endif
+#ifdef FIONBIO
+ BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");
+#endif
+ BIO_printf(bio_err,
+ " -nbio_test - test with the non-blocking test bio\n");
+ BIO_printf(bio_err,
+ " -crlf - convert LF from terminal into CRLF\n");
+ BIO_printf(bio_err, " -debug - Print more output\n");
+ BIO_printf(bio_err, " -msg - Show protocol messages\n");
+ BIO_printf(bio_err, " -state - Print the SSL states\n");
+ BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err,
+ " -no_alt_chains - only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
+ " -nocert - Don't use any certificates (Anon-DH)\n");
+ BIO_printf(bio_err,
+ " -cipher arg - play with 'openssl ciphers' to see what goes here\n");
+ BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n");
+ BIO_printf(bio_err, " -quiet - No server output\n");
+ BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n");
+#ifndef OPENSSL_NO_PSK
+ BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
+ BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+ BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
+# endif
+#endif
+#ifndef OPENSSL_NO_SRP
+ BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n");
+ BIO_printf(bio_err,
+ " -srpuserseed string - A seed string for a default user salt.\n");
+#endif
+ BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n");
+#ifndef OPENSSL_NO_SSL3_METHOD
+ BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n");
+#endif
+ BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n");
+ BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n");
+ BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n");
+ BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n");
+ BIO_printf(bio_err, " -timeout - Enable timeouts\n");
+ BIO_printf(bio_err, " -mtu - Set link layer MTU\n");
+ BIO_printf(bio_err, " -chain - Read a certificate chain\n");
+ BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n");
+ BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n");
+ BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n");
+ BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n");
+ BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n");
+#ifndef OPENSSL_NO_DH
+ BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n");
+#endif
+#ifndef OPENSSL_NO_ECDH
+ BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n");
+#endif
+ BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n");
+ BIO_printf(bio_err,
+ " -hack - workaround for early Netscape code\n");
+ BIO_printf(bio_err,
+ " -www - Respond to a 'GET /' with a status page\n");
+ BIO_printf(bio_err,
+ " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
+ BIO_printf(bio_err,
+ " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
+ BIO_printf(bio_err,
+ " with the assumption it contains a complete HTTP response.\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ " -engine id - Initialise and use the specified engine\n");
+#endif
+ BIO_printf(bio_err,
+ " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
+ BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+ LIST_SEPARATOR_CHAR);
+#ifndef OPENSSL_NO_TLSEXT
+ BIO_printf(bio_err,
+ " -servername host - servername for HostName TLS extension\n");
+ BIO_printf(bio_err,
+ " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
+ BIO_printf(bio_err,
+ " -cert2 arg - certificate file to use for servername\n");
+ BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2);
+ BIO_printf(bio_err,
+ " -key2 arg - Private Key file to use for servername, in cert file if\n");
+ BIO_printf(bio_err, " not specified (default is %s)\n",
+ TEST_CERT2);
+ BIO_printf(bio_err,
+ " -tlsextdebug - hex dump of all TLS extensions received\n");
+ BIO_printf(bio_err,
+ " -no_ticket - disable use of RFC4507bis session tickets\n");
+ BIO_printf(bio_err,
+ " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ BIO_printf(bio_err,
+ " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
+# endif
+# ifndef OPENSSL_NO_SRTP
+ BIO_printf(bio_err,
+ " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
+# endif
+#endif
+ BIO_printf(bio_err,
+ " -keymatexport label - Export keying material using label\n");
+ BIO_printf(bio_err,
+ " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
+ BIO_printf(bio_err,
+ " -status - respond to certificate status requests\n");
+ BIO_printf(bio_err,
+ " -status_verbose - enable status request verbose printout\n");
+ BIO_printf(bio_err,
+ " -status_timeout n - status request responder timeout\n");
+ BIO_printf(bio_err, " -status_url URL - status request fallback URL\n");
+}
+
+static int local_argc = 0;
+static char **local_argv;
+
+#ifdef CHARSET_EBCDIC
+static int ebcdic_new(BIO *bi);
+static int ebcdic_free(BIO *a);
+static int ebcdic_read(BIO *b, char *out, int outl);
+static int ebcdic_write(BIO *b, const char *in, int inl);
+static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
+static int ebcdic_gets(BIO *bp, char *buf, int size);
+static int ebcdic_puts(BIO *bp, const char *str);
+
+# define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
+static BIO_METHOD methods_ebcdic = {
+ BIO_TYPE_EBCDIC_FILTER,
+ "EBCDIC/ASCII filter",
+ ebcdic_write,
+ ebcdic_read,
+ ebcdic_puts,
+ ebcdic_gets,
+ ebcdic_ctrl,
+ ebcdic_new,
+ ebcdic_free,
+};
+
+typedef struct {
+ size_t alloced;
+ char buff[1];
+} EBCDIC_OUTBUFF;
+
+BIO_METHOD *BIO_f_ebcdic_filter()
+{
+ return (&methods_ebcdic);
+}
+
+static int ebcdic_new(BIO *bi)
+{
+ EBCDIC_OUTBUFF *wbuf;
+
+ wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
+ if (!wbuf)
+ return 0;
+ wbuf->alloced = 1024;
+ wbuf->buff[0] = '\0';
+
+ bi->ptr = (char *)wbuf;
+ bi->init = 1;
+ bi->flags = 0;
+ return (1);
+}
+
+static int ebcdic_free(BIO *a)
+{
+ if (a == NULL)
+ return (0);
+ if (a->ptr != NULL)
+ OPENSSL_free(a->ptr);
+ a->ptr = NULL;
+ a->init = 0;
+ a->flags = 0;
+ return (1);
+}
+
+static int ebcdic_read(BIO *b, char *out, int outl)
+{
+ int ret = 0;
+
+ if (out == NULL || outl == 0)
+ return (0);
+ if (b->next_bio == NULL)
+ return (0);
+
+ ret = BIO_read(b->next_bio, out, outl);
+ if (ret > 0)
+ ascii2ebcdic(out, out, ret);
+ return (ret);
+}
+
+static int ebcdic_write(BIO *b, const char *in, int inl)
+{
+ EBCDIC_OUTBUFF *wbuf;
+ int ret = 0;
+ int num;
+ unsigned char n;
+
+ if ((in == NULL) || (inl <= 0))
+ return (0);
+ if (b->next_bio == NULL)
+ return (0);
+
+ wbuf = (EBCDIC_OUTBUFF *) b->ptr;
+
+ if (inl > (num = wbuf->alloced)) {
+ num = num + num; /* double the size */
+ if (num < inl)
+ num = inl;
+ wbuf =
+ (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
+ if (!wbuf)
+ return 0;
+ OPENSSL_free(b->ptr);
+
+ wbuf->alloced = num;
+ wbuf->buff[0] = '\0';
+
+ b->ptr = (char *)wbuf;
+ }
+
+ ebcdic2ascii(wbuf->buff, in, inl);
+
+ ret = BIO_write(b->next_bio, wbuf->buff, inl);
+
+ return (ret);
+}
+
+static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ long ret;
+
+ if (b->next_bio == NULL)
+ return (0);
+ switch (cmd) {
+ case BIO_CTRL_DUP:
+ ret = 0L;
+ break;
+ default:
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ }
+ return (ret);
+}
+
+static int ebcdic_gets(BIO *bp, char *buf, int size)
+{
+ int i, ret = 0;
+ if (bp->next_bio == NULL)
+ return (0);
+/* return(BIO_gets(bp->next_bio,buf,size));*/
+ for (i = 0; i < size - 1; ++i) {
+ ret = ebcdic_read(bp, &buf[i], 1);
+ if (ret <= 0)
+ break;
+ else if (buf[i] == '\n') {
+ ++i;
+ break;
+ }
+ }
+ if (i < size)
+ buf[i] = '\0';
+ return (ret < 0 && i == 0) ? ret : i;
+}
+
+static int ebcdic_puts(BIO *bp, const char *str)
+{
+ if (bp->next_bio == NULL)
+ return (0);
+ return ebcdic_write(bp, str, strlen(str));
+}
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+
+/* This is a context that we pass to callbacks */
+typedef struct tlsextctx_st {
+ char *servername;
+ BIO *biodebug;
+ int extension_error;
+} tlsextctx;
+
+static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
+{
+ tlsextctx *p = (tlsextctx *) arg;
+ const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+ if (servername && p->biodebug)
+ BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
+ servername);
+
+ if (!p->servername)
+ return SSL_TLSEXT_ERR_NOACK;
+
+ if (servername) {
+ if (strcasecmp(servername, p->servername))
+ return p->extension_error;
+ if (ctx2) {
+ BIO_printf(p->biodebug, "Switching server context.\n");
+ SSL_set_SSL_CTX(s, ctx2);
+ }
+ }
+ return SSL_TLSEXT_ERR_OK;
+}
+
+/* Structure passed to cert status callback */
+
+typedef struct tlsextstatusctx_st {
+ /* Default responder to use */
+ char *host, *path, *port;
+ int use_ssl;
+ int timeout;
+ BIO *err;
+ int verbose;
+} tlsextstatusctx;
+
+static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 };
+
+/*
+ * Certificate Status callback. This is called when a client includes a
+ * certificate status request extension. This is a simplified version. It
+ * examines certificates each time and makes one OCSP responder query for
+ * each request. A full version would store details such as the OCSP
+ * certificate IDs and minimise the number of OCSP responses by caching them
+ * until they were considered "expired".
+ */
+
+static int cert_status_cb(SSL *s, void *arg)
+{
+ tlsextstatusctx *srctx = arg;
+ BIO *err = srctx->err;
+ char *host, *port, *path;
+ int use_ssl;
+ unsigned char *rspder = NULL;
+ int rspderlen;
+ STACK_OF(OPENSSL_STRING) *aia = NULL;
+ X509 *x = NULL;
+ X509_STORE_CTX inctx;
+ X509_OBJECT obj;
+ OCSP_REQUEST *req = NULL;
+ OCSP_RESPONSE *resp = NULL;
+ OCSP_CERTID *id = NULL;
+ STACK_OF(X509_EXTENSION) *exts;
+ int ret = SSL_TLSEXT_ERR_NOACK;
+ int i;
+# if 0
+ STACK_OF(OCSP_RESPID) *ids;
+ SSL_get_tlsext_status_ids(s, &ids);
+ BIO_printf(err, "cert_status: received %d ids\n",
+ sk_OCSP_RESPID_num(ids));
+# endif
+ if (srctx->verbose)
+ BIO_puts(err, "cert_status: callback called\n");
+ /* Build up OCSP query from server certificate */
+ x = SSL_get_certificate(s);
+ aia = X509_get1_ocsp(x);
+ if (aia) {
+ if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
+ &host, &port, &path, &use_ssl)) {
+ BIO_puts(err, "cert_status: can't parse AIA URL\n");
+ goto err;
+ }
+ if (srctx->verbose)
+ BIO_printf(err, "cert_status: AIA URL: %s\n",
+ sk_OPENSSL_STRING_value(aia, 0));
+ } else {
+ if (!srctx->host) {
+ BIO_puts(srctx->err,
+ "cert_status: no AIA and no default responder URL\n");
+ goto done;
+ }
+ host = srctx->host;
+ path = srctx->path;
+ port = srctx->port;
+ use_ssl = srctx->use_ssl;
+ }
+
+ if (!X509_STORE_CTX_init(&inctx,
+ SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
+ NULL, NULL))
+ goto err;
+ if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
+ X509_get_issuer_name(x), &obj) <= 0) {
+ BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
+ X509_STORE_CTX_cleanup(&inctx);
+ goto done;
+ }
+ req = OCSP_REQUEST_new();
+ if (!req)
+ goto err;
+ id = OCSP_cert_to_id(NULL, x, obj.data.x509);
+ X509_free(obj.data.x509);
+ X509_STORE_CTX_cleanup(&inctx);
+ if (!id)
+ goto err;
+ if (!OCSP_request_add0_id(req, id))
+ goto err;
+ id = NULL;
+ /* Add any extensions to the request */
+ SSL_get_tlsext_status_exts(s, &exts);
+ for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
+ X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
+ if (!OCSP_REQUEST_add_ext(req, ext, -1))
+ goto err;
+ }
+ resp = process_responder(err, req, host, path, port, use_ssl, NULL,
+ srctx->timeout);
+ if (!resp) {
+ BIO_puts(err, "cert_status: error querying responder\n");
+ goto done;
+ }
+ rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
+ if (rspderlen <= 0)
+ goto err;
+ SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
+ if (srctx->verbose) {
+ BIO_puts(err, "cert_status: ocsp response sent:\n");
+ OCSP_RESPONSE_print(err, resp, 2);
+ }
+ ret = SSL_TLSEXT_ERR_OK;
+ done:
+ if (ret != SSL_TLSEXT_ERR_OK)
+ ERR_print_errors(err);
+ if (aia) {
+ OPENSSL_free(host);
+ OPENSSL_free(path);
+ OPENSSL_free(port);
+ X509_email_free(aia);
+ }
+ if (id)
+ OCSP_CERTID_free(id);
+ if (req)
+ OCSP_REQUEST_free(req);
+ if (resp)
+ OCSP_RESPONSE_free(resp);
+ return ret;
+ err:
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ goto done;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is the context that we pass to next_proto_cb */
+typedef struct tlsextnextprotoctx_st {
+ unsigned char *data;
+ unsigned int len;
+} tlsextnextprotoctx;
+
+static int next_proto_cb(SSL *s, const unsigned char **data,
+ unsigned int *len, void *arg)
+{
+ tlsextnextprotoctx *next_proto = arg;
+
+ *data = next_proto->data;
+ *len = next_proto->len;
+
+ return SSL_TLSEXT_ERR_OK;
+}
+# endif /* ndef OPENSSL_NO_NEXTPROTONEG */
+
+#endif
+
+int MAIN(int, char **);
+
+#ifndef OPENSSL_NO_JPAKE
+static char *jpake_secret = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+static srpsrvparm srp_callback_parm;
+#endif
+#ifndef OPENSSL_NO_SRTP
+static char *srtp_profiles = NULL;
+#endif
+
+int MAIN(int argc, char *argv[])
+{
+ X509_VERIFY_PARAM *vpm = NULL;
+ int badarg = 0;
+ short port = PORT;
+ char *CApath = NULL, *CAfile = NULL;
+ unsigned char *context = NULL;
+ char *dhfile = NULL;
+#ifndef OPENSSL_NO_ECDH
+ char *named_curve = NULL;
+#endif
+ int badop = 0, bugs = 0;
+ int ret = 1;
+ int off = 0;
+ int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
+#ifndef OPENSSL_NO_ECDH
+ int no_ecdhe = 0;
+#endif
+ int state = 0;
+ const SSL_METHOD *meth = NULL;
+ int socket_type = SOCK_STREAM;
+ ENGINE *e = NULL;
+ char *inrand = NULL;
+ int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
+ char *passarg = NULL, *pass = NULL;
+ char *dpassarg = NULL, *dpass = NULL;
+ int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
+ X509 *s_cert = NULL, *s_dcert = NULL;
+ EVP_PKEY *s_key = NULL, *s_dkey = NULL;
+ int no_cache = 0;
+#ifndef OPENSSL_NO_TLSEXT
+ EVP_PKEY *s_key2 = NULL;
+ X509 *s_cert2 = NULL;
+ tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ const char *next_proto_neg_in = NULL;
+ tlsextnextprotoctx next_proto;
+# endif
+#endif
+#ifndef OPENSSL_NO_PSK
+ /* by default do not send a PSK identity hint */
+ static char *psk_identity_hint = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ char *srpuserseed = NULL;
+ char *srp_verifier_file = NULL;
+#endif
+ meth = SSLv23_server_method();
+
+ local_argc = argc;
+ local_argv = argv;
+
+ apps_startup();
+#ifdef MONOLITH
+ s_server_init();
+#endif
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ verify_depth = 0;
+#ifdef FIONBIO
+ s_nbio = 0;
+#endif
+ s_nbio_test = 0;
+
+ argc--;
+ argv++;
+
+ while (argc >= 1) {
+ if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) {
+ if (--argc < 1)
+ goto bad;
+ if (!extract_port(*(++argv), &port))
+ goto bad;
+ } else if (strcmp(*argv, "-verify") == 0) {
+ s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1)
+ goto bad;
+ verify_depth = atoi(*(++argv));
+ BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
+ } else if (strcmp(*argv, "-Verify") == 0) {
+ s_server_verify =
+ SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
+ SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1)
+ goto bad;
+ verify_depth = atoi(*(++argv));
+ BIO_printf(bio_err,
+ "verify depth is %d, must return a certificate\n",
+ verify_depth);
+ } else if (strcmp(*argv, "-context") == 0) {
+ if (--argc < 1)
+ goto bad;
+ context = (unsigned char *)*(++argv);
+ } else if (strcmp(*argv, "-cert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_cert_file = *(++argv);
+ } else if (strcmp(*argv, "-certform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_cert_format = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-key") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_key_file = *(++argv);
+ } else if (strcmp(*argv, "-keyform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_key_format = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-pass") == 0) {
+ if (--argc < 1)
+ goto bad;
+ passarg = *(++argv);
+ } else if (strcmp(*argv, "-dhparam") == 0) {
+ if (--argc < 1)
+ goto bad;
+ dhfile = *(++argv);
+ }
+#ifndef OPENSSL_NO_ECDH
+ else if (strcmp(*argv, "-named_curve") == 0) {
+ if (--argc < 1)
+ goto bad;
+ named_curve = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-dcertform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_dcert_format = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-dcert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_dcert_file = *(++argv);
+ } else if (strcmp(*argv, "-dkeyform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_dkey_format = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-dpass") == 0) {
+ if (--argc < 1)
+ goto bad;
+ dpassarg = *(++argv);
+ } else if (strcmp(*argv, "-dkey") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_dkey_file = *(++argv);
+ } else if (strcmp(*argv, "-nocert") == 0) {
+ nocert = 1;
+ } else if (strcmp(*argv, "-CApath") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CApath = *(++argv);
+ } else if (strcmp(*argv, "-no_cache") == 0)
+ no_cache = 1;
+ else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
+ if (badarg)
+ goto bad;
+ continue;
+ } else if (strcmp(*argv, "-verify_return_error") == 0)
+ verify_return_error = 1;
+ else if (strcmp(*argv, "-serverpref") == 0) {
+ off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+ } else if (strcmp(*argv, "-legacy_renegotiation") == 0)
+ off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+ else if (strcmp(*argv, "-cipher") == 0) {
+ if (--argc < 1)
+ goto bad;
+ cipher = *(++argv);
+ } else if (strcmp(*argv, "-CAfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAfile = *(++argv);
+ }
+#ifdef FIONBIO
+ else if (strcmp(*argv, "-nbio") == 0) {
+ s_nbio = 1;
+ }
+#endif
+ else if (strcmp(*argv, "-nbio_test") == 0) {
+#ifdef FIONBIO
+ s_nbio = 1;
+#endif
+ s_nbio_test = 1;
+ } else if (strcmp(*argv, "-debug") == 0) {
+ s_debug = 1;
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ else if (strcmp(*argv, "-tlsextdebug") == 0)
+ s_tlsextdebug = 1;
+ else if (strcmp(*argv, "-status") == 0)
+ s_tlsextstatus = 1;
+ else if (strcmp(*argv, "-status_verbose") == 0) {
+ s_tlsextstatus = 1;
+ tlscstatp.verbose = 1;
+ } else if (!strcmp(*argv, "-status_timeout")) {
+ s_tlsextstatus = 1;
+ if (--argc < 1)
+ goto bad;
+ tlscstatp.timeout = atoi(*(++argv));
+ } else if (!strcmp(*argv, "-status_url")) {
+ s_tlsextstatus = 1;
+ if (--argc < 1)
+ goto bad;
+ if (!OCSP_parse_url(*(++argv),
+ &tlscstatp.host,
+ &tlscstatp.port,
+ &tlscstatp.path, &tlscstatp.use_ssl)) {
+ BIO_printf(bio_err, "Error parsing URL\n");
+ goto bad;
+ }
+ }
+#endif
+ else if (strcmp(*argv, "-msg") == 0) {
+ s_msg = 1;
+ } else if (strcmp(*argv, "-hack") == 0) {
+ hack = 1;
+ } else if (strcmp(*argv, "-state") == 0) {
+ state = 1;
+ } else if (strcmp(*argv, "-crlf") == 0) {
+ s_crlf = 1;
+ } else if (strcmp(*argv, "-quiet") == 0) {
+ s_quiet = 1;
+ } else if (strcmp(*argv, "-bugs") == 0) {
+ bugs = 1;
+ } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
+ no_tmp_rsa = 1;
+ } else if (strcmp(*argv, "-no_dhe") == 0) {
+ no_dhe = 1;
+ }
+#ifndef OPENSSL_NO_ECDH
+ else if (strcmp(*argv, "-no_ecdhe") == 0) {
+ no_ecdhe = 1;
+ }
+#endif
+#ifndef OPENSSL_NO_PSK
+ else if (strcmp(*argv, "-psk_hint") == 0) {
+ if (--argc < 1)
+ goto bad;
+ psk_identity_hint = *(++argv);
+ } else if (strcmp(*argv, "-psk") == 0) {
+ size_t i;
+
+ if (--argc < 1)
+ goto bad;
+ psk_key = *(++argv);
+ for (i = 0; i < strlen(psk_key); i++) {
+ if (isxdigit((unsigned char)psk_key[i]))
+ continue;
+ BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+ goto bad;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv, "-srpvfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_verifier_file = *(++argv);
+ meth = TLSv1_server_method();
+ } else if (strcmp(*argv, "-srpuserseed") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srpuserseed = *(++argv);
+ meth = TLSv1_server_method();
+ }
+#endif
+ else if (strcmp(*argv, "-www") == 0) {
+ www = 1;
+ } else if (strcmp(*argv, "-WWW") == 0) {
+ www = 2;
+ } else if (strcmp(*argv, "-HTTP") == 0) {
+ www = 3;
+ } else if (strcmp(*argv, "-no_ssl2") == 0) {
+ off |= SSL_OP_NO_SSLv2;
+ } else if (strcmp(*argv, "-no_ssl3") == 0) {
+ off |= SSL_OP_NO_SSLv3;
+ } else if (strcmp(*argv, "-no_tls1") == 0) {
+ off |= SSL_OP_NO_TLSv1;
+ } else if (strcmp(*argv, "-no_tls1_1") == 0) {
+ off |= SSL_OP_NO_TLSv1_1;
+ } else if (strcmp(*argv, "-no_tls1_2") == 0) {
+ off |= SSL_OP_NO_TLSv1_2;
+ } else if (strcmp(*argv, "-no_comp") == 0) {
+ off |= SSL_OP_NO_COMPRESSION;
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ else if (strcmp(*argv, "-no_ticket") == 0) {
+ off |= SSL_OP_NO_TICKET;
+ }
+#endif
+#ifndef OPENSSL_NO_SSL2
+ else if (strcmp(*argv, "-ssl2") == 0) {
+ meth = SSLv2_server_method();
+ }
+#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+ else if (strcmp(*argv, "-ssl3") == 0) {
+ meth = SSLv3_server_method();
+ }
+#endif
+#ifndef OPENSSL_NO_TLS1
+ else if (strcmp(*argv, "-tls1") == 0) {
+ meth = TLSv1_server_method();
+ } else if (strcmp(*argv, "-tls1_1") == 0) {
+ meth = TLSv1_1_server_method();
+ } else if (strcmp(*argv, "-tls1_2") == 0) {
+ meth = TLSv1_2_server_method();
+ }
+#endif
+#ifndef OPENSSL_NO_DTLS1
+ else if (strcmp(*argv, "-dtls1") == 0) {
+ meth = DTLSv1_server_method();
+ socket_type = SOCK_DGRAM;
+ } else if (strcmp(*argv, "-timeout") == 0)
+ enable_timeouts = 1;
+ else if (strcmp(*argv, "-mtu") == 0) {
+ if (--argc < 1)
+ goto bad;
+ socket_mtu = atol(*(++argv));
+ } else if (strcmp(*argv, "-chain") == 0)
+ cert_chain = 1;
+#endif
+ else if (strcmp(*argv, "-id_prefix") == 0) {
+ if (--argc < 1)
+ goto bad;
+ session_id_prefix = *(++argv);
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*argv, "-engine") == 0) {
+ if (--argc < 1)
+ goto bad;
+ engine_id = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-rand") == 0) {
+ if (--argc < 1)
+ goto bad;
+ inrand = *(++argv);
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ else if (strcmp(*argv, "-servername") == 0) {
+ if (--argc < 1)
+ goto bad;
+ tlsextcbp.servername = *(++argv);
+ } else if (strcmp(*argv, "-servername_fatal") == 0) {
+ tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
+ } else if (strcmp(*argv, "-cert2") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_cert_file2 = *(++argv);
+ } else if (strcmp(*argv, "-key2") == 0) {
+ if (--argc < 1)
+ goto bad;
+ s_key_file2 = *(++argv);
+ }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (strcmp(*argv, "-nextprotoneg") == 0) {
+ if (--argc < 1)
+ goto bad;
+ next_proto_neg_in = *(++argv);
+ }
+# endif
+#endif
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+ else if (strcmp(*argv, "-jpake") == 0) {
+ if (--argc < 1)
+ goto bad;
+ jpake_secret = *(++argv);
+ }
+#endif
+#ifndef OPENSSL_NO_SRTP
+ else if (strcmp(*argv, "-use_srtp") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srtp_profiles = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-keymatexport") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keymatexportlabel = *(++argv);
+ } else if (strcmp(*argv, "-keymatexportlen") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keymatexportlen = atoi(*(++argv));
+ if (keymatexportlen == 0)
+ goto bad;
+ } else {
+ BIO_printf(bio_err, "unknown option %s\n", *argv);
+ badop = 1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop) {
+ bad:
+ sv_usage();
+ goto end;
+ }
+#ifndef OPENSSL_NO_DTLS1
+ if (www && socket_type == SOCK_DGRAM) {
+ BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
+ goto end;
+ }
+#endif
+
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+ if (jpake_secret) {
+ if (psk_key) {
+ BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
+ goto end;
+ }
+ psk_identity = "JPAKE";
+ if (cipher) {
+ BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+ goto end;
+ }
+ cipher = "PSK";
+ }
+#endif
+
+ SSL_load_error_strings();
+ OpenSSL_add_ssl_algorithms();
+
+#ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine_id, 1);
+#endif
+
+ if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+
+ if (s_key_file == NULL)
+ s_key_file = s_cert_file;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s_key_file2 == NULL)
+ s_key_file2 = s_cert_file2;
+#endif
+
+ if (nocert == 0) {
+ s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
+ "server certificate private key file");
+ if (!s_key) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
+ NULL, e, "server certificate file");
+
+ if (!s_cert) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ if (tlsextcbp.servername) {
+ s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
+ "second server certificate private key file");
+ if (!s_key2) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
+ NULL, e, "second server certificate file");
+
+ if (!s_cert2) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+#endif
+ }
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (next_proto_neg_in) {
+ unsigned short len;
+ next_proto.data = next_protos_parse(&len, next_proto_neg_in);
+ if (next_proto.data == NULL)
+ goto end;
+ next_proto.len = len;
+ } else {
+ next_proto.data = NULL;
+ }
+#endif
+
+ if (s_dcert_file) {
+
+ if (s_dkey_file == NULL)
+ s_dkey_file = s_dcert_file;
+
+ s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
+ 0, dpass, e, "second certificate private key file");
+ if (!s_dkey) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
+ NULL, e, "second server certificate file");
+
+ if (!s_dcert) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ }
+
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+ && !RAND_status()) {
+ BIO_printf(bio_err,
+ "warning, not much extra random data, consider using the -rand option\n");
+ }
+ if (inrand != NULL)
+ BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+ app_RAND_load_files(inrand));
+
+ if (bio_s_out == NULL) {
+ if (s_quiet && !s_debug && !s_msg) {
+ bio_s_out = BIO_new(BIO_s_null());
+ } else {
+ if (bio_s_out == NULL)
+ bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ }
+ }
+#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+ if (nocert)
+#endif
+ {
+ s_cert_file = NULL;
+ s_key_file = NULL;
+ s_dcert_file = NULL;
+ s_dkey_file = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+ s_cert_file2 = NULL;
+ s_key_file2 = NULL;
+#endif
+ }
+
+ ctx = SSL_CTX_new(meth);
+ if (ctx == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (session_id_prefix) {
+ if (strlen(session_id_prefix) >= 32)
+ BIO_printf(bio_err,
+ "warning: id_prefix is too long, only one new session will be possible\n");
+ else if (strlen(session_id_prefix) >= 16)
+ BIO_printf(bio_err,
+ "warning: id_prefix is too long if you use SSLv2\n");
+ if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
+ BIO_printf(bio_err, "error setting 'id_prefix'\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
+ }
+ SSL_CTX_set_quiet_shutdown(ctx, 1);
+ if (bugs)
+ SSL_CTX_set_options(ctx, SSL_OP_ALL);
+ if (hack)
+ SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+ SSL_CTX_set_options(ctx, off);
+
+ if (state)
+ SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
+ if (no_cache)
+ SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
+ else
+ SSL_CTX_sess_set_cache_size(ctx, 128);
+
+#ifndef OPENSSL_NO_SRTP
+ if (srtp_profiles != NULL)
+ SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
+#endif
+
+#if 0
+ if (cipher == NULL)
+ cipher = getenv("SSL_CIPHER");
+#endif
+
+#if 0
+ if (s_cert_file == NULL) {
+ BIO_printf(bio_err,
+ "You must specify a certificate file for the server to use\n");
+ goto end;
+ }
+#endif
+
+ if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx))) {
+ /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+ if (vpm)
+ SSL_CTX_set1_param(ctx, vpm);
+
+#ifndef OPENSSL_NO_TLSEXT
+ if (s_cert2) {
+ ctx2 = SSL_CTX_new(meth);
+ if (ctx2 == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (ctx2) {
+ BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
+
+ if (session_id_prefix) {
+ if (strlen(session_id_prefix) >= 32)
+ BIO_printf(bio_err,
+ "warning: id_prefix is too long, only one new session will be possible\n");
+ else if (strlen(session_id_prefix) >= 16)
+ BIO_printf(bio_err,
+ "warning: id_prefix is too long if you use SSLv2\n");
+ if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
+ BIO_printf(bio_err, "error setting 'id_prefix'\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
+ }
+ SSL_CTX_set_quiet_shutdown(ctx2, 1);
+ if (bugs)
+ SSL_CTX_set_options(ctx2, SSL_OP_ALL);
+ if (hack)
+ SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+ SSL_CTX_set_options(ctx2, off);
+
+ if (state)
+ SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
+
+ if (no_cache)
+ SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
+ else
+ SSL_CTX_sess_set_cache_size(ctx2, 128);
+
+ if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx2))) {
+ ERR_print_errors(bio_err);
+ }
+ if (vpm)
+ SSL_CTX_set1_param(ctx2, vpm);
+ }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ if (next_proto.data)
+ SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
+ &next_proto);
+# endif
+#endif
+
+#ifndef OPENSSL_NO_DH
+ if (!no_dhe) {
+ DH *dh = NULL;
+
+ if (dhfile)
+ dh = load_dh_param(dhfile);
+ else if (s_cert_file)
+ dh = load_dh_param(s_cert_file);
+
+ if (dh != NULL) {
+ BIO_printf(bio_s_out, "Setting temp DH parameters\n");
+ } else {
+ BIO_printf(bio_s_out, "Using default temp DH parameters\n");
+ dh = get_dh2048();
+ if (dh == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ (void)BIO_flush(bio_s_out);
+
+ SSL_CTX_set_tmp_dh(ctx, dh);
+# ifndef OPENSSL_NO_TLSEXT
+ if (ctx2) {
+ if (!dhfile) {
+ DH *dh2 = load_dh_param(s_cert_file2);
+ if (dh2 != NULL) {
+ BIO_printf(bio_s_out, "Setting temp DH parameters\n");
+ (void)BIO_flush(bio_s_out);
+
+ DH_free(dh);
+ dh = dh2;
+ }
+ }
+ SSL_CTX_set_tmp_dh(ctx2, dh);
+ }
+# endif
+ DH_free(dh);
+ }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ if (!no_ecdhe) {
+ EC_KEY *ecdh = NULL;
+
+ if (named_curve) {
+ int nid = OBJ_sn2nid(named_curve);
+
+ if (nid == 0) {
+ BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
+ goto end;
+ }
+ ecdh = EC_KEY_new_by_curve_name(nid);
+ if (ecdh == NULL) {
+ BIO_printf(bio_err, "unable to create curve (%s)\n",
+ named_curve);
+ goto end;
+ }
+ }
+
+ if (ecdh != NULL) {
+ BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
+ } else {
+ BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");
+ ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (ecdh == NULL) {
+ BIO_printf(bio_err, "unable to create curve (nistp256)\n");
+ goto end;
+ }
+ }
+ (void)BIO_flush(bio_s_out);
+
+ SSL_CTX_set_tmp_ecdh(ctx, ecdh);
+# ifndef OPENSSL_NO_TLSEXT
+ if (ctx2)
+ SSL_CTX_set_tmp_ecdh(ctx2, ecdh);
+# endif
+ EC_KEY_free(ecdh);
+ }
+#endif
+
+ if (!set_cert_key_stuff(ctx, s_cert, s_key))
+ goto end;
+#ifndef OPENSSL_NO_TLSEXT
+ if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
+ goto end;
+#endif
+ if (s_dcert != NULL) {
+ if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
+ goto end;
+ }
+#ifndef OPENSSL_NO_RSA
+# if 1
+ if (!no_tmp_rsa) {
+ SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
+# ifndef OPENSSL_NO_TLSEXT
+ if (ctx2)
+ SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
+# endif
+ }
+# else
+ if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
+ RSA *rsa;
+
+ BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
+ BIO_flush(bio_s_out);
+
+ rsa = RSA_generate_key(512, RSA_F4, NULL);
+
+ if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+# ifndef OPENSSL_NO_TLSEXT
+ if (ctx2) {
+ if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+# endif
+ RSA_free(rsa);
+ BIO_printf(bio_s_out, "\n");
+ }
+# endif
+#endif
+
+#ifndef OPENSSL_NO_PSK
+# ifdef OPENSSL_NO_JPAKE
+ if (psk_key != NULL)
+# else
+ if (psk_key != NULL || jpake_secret)
+# endif
+ {
+ if (s_debug)
+ BIO_printf(bio_s_out,
+ "PSK key given or JPAKE in use, setting server callback\n");
+ SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
+ }
+
+ if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
+ BIO_printf(bio_err, "error setting PSK identity hint to context\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#endif
+
+ if (cipher != NULL) {
+ if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
+ BIO_printf(bio_err, "error setting cipher list\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
+ BIO_printf(bio_err, "error setting cipher list\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#endif
+ }
+ SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
+ SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
+ sizeof s_server_session_id_context);
+
+ /* Set DTLS cookie generation and verification callbacks */
+ SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
+ SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
+
+#ifndef OPENSSL_NO_TLSEXT
+ if (ctx2) {
+ SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
+ SSL_CTX_set_session_id_context(ctx2,
+ (void *)&s_server_session_id_context,
+ sizeof s_server_session_id_context);
+
+ tlsextcbp.biodebug = bio_s_out;
+ SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
+ SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
+ SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+ SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
+ }
+#endif
+
+#ifndef OPENSSL_NO_SRP
+ if (srp_verifier_file != NULL) {
+ srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
+ srp_callback_parm.user = NULL;
+ srp_callback_parm.login = NULL;
+ if ((ret =
+ SRP_VBASE_init(srp_callback_parm.vb,
+ srp_verifier_file)) != SRP_NO_ERROR) {
+ BIO_printf(bio_err,
+ "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
+ srp_verifier_file, ret);
+ goto end;
+ }
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
+ SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
+ SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
+ } else
+#endif
+ if (CAfile != NULL) {
+ SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
+#ifndef OPENSSL_NO_TLSEXT
+ if (ctx2)
+ SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
+#endif
+ }
+
+ BIO_printf(bio_s_out, "ACCEPT\n");
+ (void)BIO_flush(bio_s_out);
+ if (www)
+ do_server(port, socket_type, &accept_socket, www_body, context);
+ else
+ do_server(port, socket_type, &accept_socket, sv_body, context);
+ print_stats(bio_s_out, ctx);
+ ret = 0;
+ end:
+ if (ctx != NULL)
+ SSL_CTX_free(ctx);
+ if (s_cert)
+ X509_free(s_cert);
+ if (s_dcert)
+ X509_free(s_dcert);
+ if (s_key)
+ EVP_PKEY_free(s_key);
+ if (s_dkey)
+ EVP_PKEY_free(s_dkey);
+ if (pass)
+ OPENSSL_free(pass);
+ if (dpass)
+ OPENSSL_free(dpass);
+ if (vpm)
+ X509_VERIFY_PARAM_free(vpm);
+#ifndef OPENSSL_NO_TLSEXT
+ if (tlscstatp.host)
+ OPENSSL_free(tlscstatp.host);
+ if (tlscstatp.port)
+ OPENSSL_free(tlscstatp.port);
+ if (tlscstatp.path)
+ OPENSSL_free(tlscstatp.path);
+ if (ctx2 != NULL)
+ SSL_CTX_free(ctx2);
+ if (s_cert2)
+ X509_free(s_cert2);
+ if (s_key2)
+ EVP_PKEY_free(s_key2);
+#endif
+ if (bio_s_out != NULL) {
+ BIO_free(bio_s_out);
+ bio_s_out = NULL;
+ }
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+
+static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
+{
+ BIO_printf(bio, "%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ssl_ctx));
+ BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ssl_ctx));
+ BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
+ SSL_CTX_sess_connect_renegotiate(ssl_ctx));
+ BIO_printf(bio, "%4ld client connects that finished\n",
+ SSL_CTX_sess_connect_good(ssl_ctx));
+ BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
+ SSL_CTX_sess_accept(ssl_ctx));
+ BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
+ SSL_CTX_sess_accept_renegotiate(ssl_ctx));
+ BIO_printf(bio, "%4ld server accepts that finished\n",
+ SSL_CTX_sess_accept_good(ssl_ctx));
+ BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
+ BIO_printf(bio, "%4ld session cache misses\n",
+ SSL_CTX_sess_misses(ssl_ctx));
+ BIO_printf(bio, "%4ld session cache timeouts\n",
+ SSL_CTX_sess_timeouts(ssl_ctx));
+ BIO_printf(bio, "%4ld callback cache hits\n",
+ SSL_CTX_sess_cb_hits(ssl_ctx));
+ BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
+ SSL_CTX_sess_cache_full(ssl_ctx),
+ SSL_CTX_sess_get_cache_size(ssl_ctx));
+}
+
+static int sv_body(char *hostname, int s, unsigned char *context)
+{
+ char *buf = NULL;
+ fd_set readfds;
+ int ret = 1, width;
+ int k, i;
+ unsigned long l;
+ SSL *con = NULL;
+ BIO *sbio;
+#ifndef OPENSSL_NO_KRB5
+ KSSL_CTX *kctx;
+#endif
+ struct timeval timeout;
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+ struct timeval tv;
+#else
+ struct timeval *timeoutp;
+#endif
+
+ if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
+ BIO_printf(bio_err, "out of memory\n");
+ goto err;
+ }
+#ifdef FIONBIO
+ if (s_nbio) {
+ unsigned long sl = 1;
+
+ if (!s_quiet)
+ BIO_printf(bio_err, "turning on non blocking io\n");
+ if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
+ ERR_print_errors(bio_err);
+ }
+#endif
+
+ if (con == NULL) {
+ con = SSL_new(ctx);
+#ifndef OPENSSL_NO_TLSEXT
+ if (s_tlsextdebug) {
+ SSL_set_tlsext_debug_callback(con, tlsext_cb);
+ SSL_set_tlsext_debug_arg(con, bio_s_out);
+ }
+ if (s_tlsextstatus) {
+ SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
+ tlscstatp.err = bio_err;
+ SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
+ }
+#endif
+#ifndef OPENSSL_NO_KRB5
+ if ((kctx = kssl_ctx_new()) != NULL) {
+ SSL_set0_kssl_ctx(con, kctx);
+ kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+ kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
+ }
+#endif /* OPENSSL_NO_KRB5 */
+ if (context)
+ SSL_set_session_id_context(con, context, strlen((char *)context));
+ }
+ SSL_clear(con);
+#if 0
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
+# endif
+#endif
+
+ if (SSL_version(con) == DTLS1_VERSION) {
+
+ sbio = BIO_new_dgram(s, BIO_NOCLOSE);
+
+ if (enable_timeouts) {
+ timeout.tv_sec = 0;
+ timeout.tv_usec = DGRAM_RCV_TIMEOUT;
+ BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
+
+ timeout.tv_sec = 0;
+ timeout.tv_usec = DGRAM_SND_TIMEOUT;
+ BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
+ }
+
+ if (socket_mtu) {
+ if (socket_mtu < DTLS_get_link_min_mtu(con)) {
+ BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
+ DTLS_get_link_min_mtu(con));
+ ret = -1;
+ BIO_free(sbio);
+ goto err;
+ }
+ SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
+ if (!DTLS_set_link_mtu(con, socket_mtu)) {
+ BIO_printf(bio_err, "Failed to set MTU\n");
+ ret = -1;
+ BIO_free(sbio);
+ goto err;
+ }
+ } else
+ /* want to do MTU discovery */
+ BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
+
+ /* turn on cookie exchange */
+ SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
+ } else
+ sbio = BIO_new_socket(s, BIO_NOCLOSE);
+
+ if (s_nbio_test) {
+ BIO *test;
+
+ test = BIO_new(BIO_f_nbio_test());
+ sbio = BIO_push(test, sbio);
+ }
+#ifndef OPENSSL_NO_JPAKE
+ if (jpake_secret)
+ jpake_server_auth(bio_s_out, sbio, jpake_secret);
+#endif
+
+ SSL_set_bio(con, sbio, sbio);
+ SSL_set_accept_state(con);
+ /* SSL_set_fd(con,s); */
+
+ if (s_debug) {
+ SSL_set_debug(con, 1);
+ BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
+ BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
+ }
+ if (s_msg) {
+ SSL_set_msg_callback(con, msg_cb);
+ SSL_set_msg_callback_arg(con, bio_s_out);
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ if (s_tlsextdebug) {
+ SSL_set_tlsext_debug_callback(con, tlsext_cb);
+ SSL_set_tlsext_debug_arg(con, bio_s_out);
+ }
+#endif
+
+ width = s + 1;
+ for (;;) {
+ int read_from_terminal;
+ int read_from_sslcon;
+
+ read_from_terminal = 0;
+ read_from_sslcon = SSL_pending(con);
+
+ if (!read_from_sslcon) {
+ FD_ZERO(&readfds);
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
+ openssl_fdset(fileno(stdin), &readfds);
+#endif
+ openssl_fdset(s, &readfds);
+ /*
+ * Note: under VMS with SOCKETSHR the second parameter is
+ * currently of type (int *) whereas under other systems it is
+ * (void *) if you don't have a cast it will choke the compiler:
+ * if you do have a cast then you can either go for (int *) or
+ * (void *).
+ */
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+ /*
+ * Under DOS (non-djgpp) and Windows we can't select on stdin:
+ * only on sockets. As a workaround we timeout the select every
+ * second and check for any keypress. In a proper Windows
+ * application we wouldn't do this because it is inefficient.
+ */
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ i = select(width, (void *)&readfds, NULL, NULL, &tv);
+ if ((i < 0) || (!i && !_kbhit()))
+ continue;
+ if (_kbhit())
+ read_from_terminal = 1;
+#elif defined(OPENSSL_SYS_BEOS_R5)
+ /* Under BeOS-R5 the situation is similar to DOS */
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+ i = select(width, (void *)&readfds, NULL, NULL, &tv);
+ if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
+ continue;
+ if (read(fileno(stdin), buf, 0) >= 0)
+ read_from_terminal = 1;
+ (void)fcntl(fileno(stdin), F_SETFL, 0);
+#else
+ if ((SSL_version(con) == DTLS1_VERSION) &&
+ DTLSv1_get_timeout(con, &timeout))
+ timeoutp = &timeout;
+ else
+ timeoutp = NULL;
+
+ i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
+
+ if ((SSL_version(con) == DTLS1_VERSION)
+ && DTLSv1_handle_timeout(con) > 0) {
+ BIO_printf(bio_err, "TIMEOUT occured\n");
+ }
+
+ if (i <= 0)
+ continue;
+ if (FD_ISSET(fileno(stdin), &readfds))
+ read_from_terminal = 1;
+#endif
+ if (FD_ISSET(s, &readfds))
+ read_from_sslcon = 1;
+ }
+ if (read_from_terminal) {
+ if (s_crlf) {
+ int j, lf_num;
+
+ i = raw_read_stdin(buf, bufsize / 2);
+ lf_num = 0;
+ /* both loops are skipped when i <= 0 */
+ for (j = 0; j < i; j++)
+ if (buf[j] == '\n')
+ lf_num++;
+ for (j = i - 1; j >= 0; j--) {
+ buf[j + lf_num] = buf[j];
+ if (buf[j] == '\n') {
+ lf_num--;
+ i++;
+ buf[j + lf_num] = '\r';
+ }
+ }
+ assert(lf_num == 0);
+ } else
+ i = raw_read_stdin(buf, bufsize);
+ if (!s_quiet) {
+ if ((i <= 0) || (buf[0] == 'Q')) {
+ BIO_printf(bio_s_out, "DONE\n");
+ SHUTDOWN(s);
+ close_accept_socket();
+ ret = -11;
+ goto err;
+ }
+ if ((i <= 0) || (buf[0] == 'q')) {
+ BIO_printf(bio_s_out, "DONE\n");
+ if (SSL_version(con) != DTLS1_VERSION)
+ SHUTDOWN(s);
+ /*
+ * close_accept_socket(); ret= -11;
+ */
+ goto err;
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+ BIO_printf(bio_err, "HEARTBEATING\n");
+ SSL_heartbeat(con);
+ i = 0;
+ continue;
+ }
+#endif
+ if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+ SSL_renegotiate(con);
+ i = SSL_do_handshake(con);
+ printf("SSL_do_handshake -> %d\n", i);
+ i = 0; /* 13; */
+ continue;
+ /*
+ * strcpy(buf,"server side RE-NEGOTIATE\n");
+ */
+ }
+ if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+ SSL_set_verify(con,
+ SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+ NULL);
+ SSL_renegotiate(con);
+ i = SSL_do_handshake(con);
+ printf("SSL_do_handshake -> %d\n", i);
+ i = 0; /* 13; */
+ continue;
+ /*
+ * strcpy(buf,"server side RE-NEGOTIATE asking for client
+ * cert\n");
+ */
+ }
+ if (buf[0] == 'P') {
+ static const char *str = "Lets print some clear text\n";
+ BIO_write(SSL_get_wbio(con), str, strlen(str));
+ }
+ if (buf[0] == 'S') {
+ print_stats(bio_s_out, SSL_get_SSL_CTX(con));
+ }
+ }
+#ifdef CHARSET_EBCDIC
+ ebcdic2ascii(buf, buf, i);
+#endif
+ l = k = 0;
+ for (;;) {
+ /* should do a select for the write */
+#ifdef RENEG
+ {
+ static count = 0;
+ if (++count == 100) {
+ count = 0;
+ SSL_renegotiate(con);
+ }
+ }
+#endif
+ k = SSL_write(con, &(buf[l]), (unsigned int)i);
+#ifndef OPENSSL_NO_SRP
+ while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during write\n");
+ SRP_user_pwd_free(srp_callback_parm.user);
+ srp_callback_parm.user =
+ SRP_VBASE_get1_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ k = SSL_write(con, &(buf[l]), (unsigned int)i);
+ }
+#endif
+ switch (SSL_get_error(con, k)) {
+ case SSL_ERROR_NONE:
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_s_out, "Write BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ BIO_printf(bio_s_out, "ERROR\n");
+ ERR_print_errors(bio_err);
+ ret = 1;
+ goto err;
+ /* break; */
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_s_out, "DONE\n");
+ ret = 1;
+ goto err;
+ }
+ if (k > 0) {
+ l += k;
+ i -= k;
+ }
+ if (i <= 0)
+ break;
+ }
+ }
+ if (read_from_sslcon) {
+ if (!SSL_is_init_finished(con)) {
+ i = init_ssl_connection(con);
+
+ if (i < 0) {
+ ret = 0;
+ goto err;
+ } else if (i == 0) {
+ ret = 1;
+ goto err;
+ }
+ } else {
+ again:
+ i = SSL_read(con, (char *)buf, bufsize);
+#ifndef OPENSSL_NO_SRP
+ while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+ SRP_user_pwd_free(srp_callback_parm.user);
+ srp_callback_parm.user =
+ SRP_VBASE_get1_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_read(con, (char *)buf, bufsize);
+ }
+#endif
+ switch (SSL_get_error(con, i)) {
+ case SSL_ERROR_NONE:
+#ifdef CHARSET_EBCDIC
+ ascii2ebcdic(buf, buf, i);
+#endif
+ raw_write_stdout(buf, (unsigned int)i);
+ if (SSL_pending(con))
+ goto again;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ BIO_printf(bio_s_out, "Read BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ BIO_printf(bio_s_out, "ERROR\n");
+ ERR_print_errors(bio_err);
+ ret = 1;
+ goto err;
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_s_out, "DONE\n");
+ ret = 1;
+ goto err;
+ }
+ }
+ }
+ }
+ err:
+ if (con != NULL) {
+ BIO_printf(bio_s_out, "shutting down SSL\n");
+#if 1
+ SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(con);
+#endif
+ SSL_free(con);
+ }
+ BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
+ if (buf != NULL) {
+ OPENSSL_cleanse(buf, bufsize);
+ OPENSSL_free(buf);
+ }
+ if (ret >= 0)
+ BIO_printf(bio_s_out, "ACCEPT\n");
+ return (ret);
+}
+
+static void close_accept_socket(void)
+{
+ BIO_printf(bio_err, "shutdown accept socket\n");
+ if (accept_socket >= 0) {
+ SHUTDOWN2(accept_socket);
+ }
+}
+
+static int init_ssl_connection(SSL *con)
+{
+ int i;
+ const char *str;
+ X509 *peer;
+ long verify_error;
+ MS_STATIC char buf[BUFSIZ];
+#ifndef OPENSSL_NO_KRB5
+ char *client_princ;
+#endif
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ const unsigned char *next_proto_neg;
+ unsigned next_proto_neg_len;
+#endif
+ unsigned char *exportedkeymat;
+
+ i = SSL_accept(con);
+#ifndef OPENSSL_NO_SRP
+ while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
+ srp_callback_parm.login);
+ SRP_user_pwd_free(srp_callback_parm.user);
+ srp_callback_parm.user =
+ SRP_VBASE_get1_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_accept(con);
+ }
+#endif
+ if (i <= 0) {
+ if (BIO_sock_should_retry(i)) {
+ BIO_printf(bio_s_out, "DELAY\n");
+ return (1);
+ }
+
+ BIO_printf(bio_err, "ERROR\n");
+ verify_error = SSL_get_verify_result(con);
+ if (verify_error != X509_V_OK) {
+ BIO_printf(bio_err, "verify error:%s\n",
+ X509_verify_cert_error_string(verify_error));
+ } else
+ ERR_print_errors(bio_err);
+ return (0);
+ }
+
+ PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
+
+ peer = SSL_get_peer_certificate(con);
+ if (peer != NULL) {
+ BIO_printf(bio_s_out, "Client certificate\n");
+ PEM_write_bio_X509(bio_s_out, peer);
+ X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+ BIO_printf(bio_s_out, "subject=%s\n", buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+ BIO_printf(bio_s_out, "issuer=%s\n", buf);
+ X509_free(peer);
+ }
+
+ if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
+ BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
+ str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
+ BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
+ if (next_proto_neg) {
+ BIO_printf(bio_s_out, "NEXTPROTO is ");
+ BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
+ BIO_printf(bio_s_out, "\n");
+ }
+#endif
+#ifndef OPENSSL_NO_SRTP
+ {
+ SRTP_PROTECTION_PROFILE *srtp_profile
+ = SSL_get_selected_srtp_profile(con);
+
+ if (srtp_profile)
+ BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
+ srtp_profile->name);
+ }
+#endif
+ if (SSL_cache_hit(con))
+ BIO_printf(bio_s_out, "Reused session-id\n");
+ if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
+ TLS1_FLAGS_TLS_PADDING_BUG)
+ BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
+#ifndef OPENSSL_NO_KRB5
+ client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
+ if (client_princ != NULL) {
+ BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
+ client_princ);
+ }
+#endif /* OPENSSL_NO_KRB5 */
+ BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
+ SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
+ if (keymatexportlabel != NULL) {
+ BIO_printf(bio_s_out, "Keying material exporter:\n");
+ BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
+ BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
+ exportedkeymat = OPENSSL_malloc(keymatexportlen);
+ if (exportedkeymat != NULL) {
+ if (!SSL_export_keying_material(con, exportedkeymat,
+ keymatexportlen,
+ keymatexportlabel,
+ strlen(keymatexportlabel),
+ NULL, 0, 0)) {
+ BIO_printf(bio_s_out, " Error\n");
+ } else {
+ BIO_printf(bio_s_out, " Keying material: ");
+ for (i = 0; i < keymatexportlen; i++)
+ BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
+ BIO_printf(bio_s_out, "\n");
+ }
+ OPENSSL_free(exportedkeymat);
+ }
+ }
+
+ return (1);
+}
+
+#ifndef OPENSSL_NO_DH
+static DH *load_dh_param(const char *dhfile)
+{
+ DH *ret = NULL;
+ BIO *bio;
+
+ if ((bio = BIO_new_file(dhfile, "r")) == NULL)
+ goto err;
+ ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
+ err:
+ if (bio != NULL)
+ BIO_free(bio);
+ return (ret);
+}
+#endif
+#ifndef OPENSSL_NO_KRB5
+char *client_princ;
+#endif
+
+#if 0
+static int load_CA(SSL_CTX *ctx, char *file)
+{
+ FILE *in;
+ X509 *x = NULL;
+
+ if ((in = fopen(file, "r")) == NULL)
+ return (0);
+
+ for (;;) {
+ if (PEM_read_X509(in, &x, NULL) == NULL)
+ break;
+ SSL_CTX_add_client_CA(ctx, x);
+ }
+ if (x != NULL)
+ X509_free(x);
+ fclose(in);
+ return (1);
+}
+#endif
+
+static int www_body(char *hostname, int s, unsigned char *context)
+{
+ char *buf = NULL;
+ int ret = 1;
+ int i, j, k, dot;
+ SSL *con;
+ const SSL_CIPHER *c;
+ BIO *io, *ssl_bio, *sbio;
+#ifndef OPENSSL_NO_KRB5
+ KSSL_CTX *kctx;
+#endif
+
+ buf = OPENSSL_malloc(bufsize);
+ if (buf == NULL)
+ return (0);
+ io = BIO_new(BIO_f_buffer());
+ ssl_bio = BIO_new(BIO_f_ssl());
+ if ((io == NULL) || (ssl_bio == NULL))
+ goto err;
+
+#ifdef FIONBIO
+ if (s_nbio) {
+ unsigned long sl = 1;
+
+ if (!s_quiet)
+ BIO_printf(bio_err, "turning on non blocking io\n");
+ if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
+ ERR_print_errors(bio_err);
+ }
+#endif
+
+ /* lets make the output buffer a reasonable size */
+ if (!BIO_set_write_buffer_size(io, bufsize))
+ goto err;
+
+ if ((con = SSL_new(ctx)) == NULL)
+ goto err;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s_tlsextdebug) {
+ SSL_set_tlsext_debug_callback(con, tlsext_cb);
+ SSL_set_tlsext_debug_arg(con, bio_s_out);
+ }
+#endif
+#ifndef OPENSSL_NO_KRB5
+ if ((kctx = kssl_ctx_new()) != NULL) {
+ kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+ kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
+ }
+#endif /* OPENSSL_NO_KRB5 */
+ if (context)
+ SSL_set_session_id_context(con, context, strlen((char *)context));
+
+ sbio = BIO_new_socket(s, BIO_NOCLOSE);
+ if (s_nbio_test) {
+ BIO *test;
+
+ test = BIO_new(BIO_f_nbio_test());
+ sbio = BIO_push(test, sbio);
+ }
+ SSL_set_bio(con, sbio, sbio);
+ SSL_set_accept_state(con);
+
+ /* SSL_set_fd(con,s); */
+ BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
+ BIO_push(io, ssl_bio);
+#ifdef CHARSET_EBCDIC
+ io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+#endif
+
+ if (s_debug) {
+ SSL_set_debug(con, 1);
+ BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
+ BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
+ }
+ if (s_msg) {
+ SSL_set_msg_callback(con, msg_cb);
+ SSL_set_msg_callback_arg(con, bio_s_out);
+ }
+
+ for (;;) {
+ if (hack) {
+ i = SSL_accept(con);
+#ifndef OPENSSL_NO_SRP
+ while (i <= 0
+ && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
+ srp_callback_parm.login);
+ SRP_user_pwd_free(srp_callback_parm.user);
+ srp_callback_parm.user =
+ SRP_VBASE_get1_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_accept(con);
+ }
+#endif
+ switch (SSL_get_error(con, i)) {
+ case SSL_ERROR_NONE:
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ continue;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_ZERO_RETURN:
+ ret = 1;
+ goto err;
+ /* break; */
+ }
+
+ SSL_renegotiate(con);
+ SSL_write(con, NULL, 0);
+ }
+
+ i = BIO_gets(io, buf, bufsize - 1);
+ if (i < 0) { /* error */
+ if (!BIO_should_retry(io)) {
+ if (!s_quiet)
+ ERR_print_errors(bio_err);
+ goto err;
+ } else {
+ BIO_printf(bio_s_out, "read R BLOCK\n");
+#ifndef OPENSSL_NO_SRP
+ if (BIO_should_io_special(io)
+ && BIO_get_retry_reason(io) == BIO_RR_SSL_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+ SRP_user_pwd_free(srp_callback_parm.user);
+ srp_callback_parm.user =
+ SRP_VBASE_get1_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ continue;
+ }
+#endif
+#if defined(OPENSSL_SYS_NETWARE)
+ delay(1000);
+#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
+ sleep(1);
+#endif
+ continue;
+ }
+ } else if (i == 0) { /* end of input */
+ ret = 1;
+ goto end;
+ }
+
+ /* else we have data */
+ if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
+ ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
+ char *p;
+ X509 *peer;
+ STACK_OF(SSL_CIPHER) *sk;
+ static const char *space = " ";
+
+ BIO_puts(io,
+ "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+ BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
+ BIO_puts(io, "<pre>\n");
+/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
+ BIO_puts(io, "\n");
+ for (i = 0; i < local_argc; i++) {
+ BIO_puts(io, local_argv[i]);
+ BIO_write(io, " ", 1);
+ }
+ BIO_puts(io, "\n");
+
+ BIO_printf(io,
+ "Secure Renegotiation IS%s supported\n",
+ SSL_get_secure_renegotiation_support(con) ?
+ "" : " NOT");
+
+ /*
+ * The following is evil and should not really be done
+ */
+ BIO_printf(io, "Ciphers supported in s_server binary\n");
+ sk = SSL_get_ciphers(con);
+ j = sk_SSL_CIPHER_num(sk);
+ for (i = 0; i < j; i++) {
+ c = sk_SSL_CIPHER_value(sk, i);
+ BIO_printf(io, "%-11s:%-25s",
+ SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
+ if ((((i + 1) % 2) == 0) && (i + 1 != j))
+ BIO_puts(io, "\n");
+ }
+ BIO_puts(io, "\n");
+ p = SSL_get_shared_ciphers(con, buf, bufsize);
+ if (p != NULL) {
+ BIO_printf(io,
+ "---\nCiphers common between both SSL end points:\n");
+ j = i = 0;
+ while (*p) {
+ if (*p == ':') {
+ BIO_write(io, space, 26 - j);
+ i++;
+ j = 0;
+ BIO_write(io, ((i % 3) ? " " : "\n"), 1);
+ } else {
+ BIO_write(io, p, 1);
+ j++;
+ }
+ p++;
+ }
+ BIO_puts(io, "\n");
+ }
+ BIO_printf(io, (SSL_cache_hit(con)
+ ? "---\nReused, " : "---\nNew, "));
+ c = SSL_get_current_cipher(con);
+ BIO_printf(io, "%s, Cipher is %s\n",
+ SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
+ SSL_SESSION_print(io, SSL_get_session(con));
+ BIO_printf(io, "---\n");
+ print_stats(io, SSL_get_SSL_CTX(con));
+ BIO_printf(io, "---\n");
+ peer = SSL_get_peer_certificate(con);
+ if (peer != NULL) {
+ BIO_printf(io, "Client certificate\n");
+ X509_print(io, peer);
+ PEM_write_bio_X509(io, peer);
+ } else
+ BIO_puts(io, "no client certificate available\n");
+ BIO_puts(io, "</BODY></HTML>\r\n\r\n");
+ break;
+ } else if ((www == 2 || www == 3)
+ && (strncmp("GET /", buf, 5) == 0)) {
+ BIO *file;
+ char *p, *e;
+ static const char *text =
+ "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
+
+ /* skip the '/' */
+ p = &(buf[5]);
+
+ dot = 1;
+ for (e = p; *e != '\0'; e++) {
+ if (e[0] == ' ')
+ break;
+
+ switch (dot) {
+ case 1:
+ dot = (e[0] == '.') ? 2 : 0;
+ break;
+ case 2:
+ dot = (e[0] == '.') ? 3 : 0;
+ break;
+ case 3:
+ dot = (e[0] == '/') ? -1 : 0;
+ break;
+ }
+ if (dot == 0)
+ dot = (e[0] == '/') ? 1 : 0;
+ }
+ dot = (dot == 3) || (dot == -1); /* filename contains ".."
+ * component */
+
+ if (*e == '\0') {
+ BIO_puts(io, text);
+ BIO_printf(io, "'%s' is an invalid file name\r\n", p);
+ break;
+ }
+ *e = '\0';
+
+ if (dot) {
+ BIO_puts(io, text);
+ BIO_printf(io, "'%s' contains '..' reference\r\n", p);
+ break;
+ }
+
+ if (*p == '/') {
+ BIO_puts(io, text);
+ BIO_printf(io, "'%s' is an invalid path\r\n", p);
+ break;
+ }
+#if 0
+ /* append if a directory lookup */
+ if (e[-1] == '/')
+ strcat(p, "index.html");
+#endif
+
+ /* if a directory, do the index thang */
+ if (app_isdir(p) > 0) {
+#if 0 /* must check buffer size */
+ strcat(p, "/index.html");
+#else
+ BIO_puts(io, text);
+ BIO_printf(io, "'%s' is a directory\r\n", p);
+ break;
+#endif
+ }
+
+ if ((file = BIO_new_file(p, "r")) == NULL) {
+ BIO_puts(io, text);
+ BIO_printf(io, "Error opening '%s'\r\n", p);
+ ERR_print_errors(io);
+ break;
+ }
+
+ if (!s_quiet)
+ BIO_printf(bio_err, "FILE:%s\n", p);
+
+ if (www == 2) {
+ i = strlen(p);
+ if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
+ ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
+ ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
+ BIO_puts(io,
+ "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+ else
+ BIO_puts(io,
+ "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
+ }
+ /* send the file */
+ for (;;) {
+ i = BIO_read(file, buf, bufsize);
+ if (i <= 0)
+ break;
+
+#ifdef RENEG
+ total_bytes += i;
+ fprintf(stderr, "%d\n", i);
+ if (total_bytes > 3 * 1024) {
+ total_bytes = 0;
+ fprintf(stderr, "RENEGOTIATE\n");
+ SSL_renegotiate(con);
+ }
+#endif
+
+ for (j = 0; j < i;) {
+#ifdef RENEG
+ {
+ static count = 0;
+ if (++count == 13) {
+ SSL_renegotiate(con);
+ }
+ }
+#endif
+ k = BIO_write(io, &(buf[j]), i - j);
+ if (k <= 0) {
+ if (!BIO_should_retry(io))
+ goto write_error;
+ else {
+ BIO_printf(bio_s_out, "rwrite W BLOCK\n");
+ }
+ } else {
+ j += k;
+ }
+ }
+ }
+ write_error:
+ BIO_free(file);
+ break;
+ }
+ }
+
+ for (;;) {
+ i = (int)BIO_flush(io);
+ if (i <= 0) {
+ if (!BIO_should_retry(io))
+ break;
+ } else
+ break;
+ }
+ end:
+#if 1
+ /* make sure we re-use sessions */
+ SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+ /* This kills performance */
+ /*
+ * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io)
+ * procession
+ */
+#endif
+
+ err:
+
+ if (ret >= 0)
+ BIO_printf(bio_s_out, "ACCEPT\n");
+
+ if (buf != NULL)
+ OPENSSL_free(buf);
+ if (io != NULL)
+ BIO_free_all(io);
+/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
+ return (ret);
+}
+
+#ifndef OPENSSL_NO_RSA
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
+{
+ BIGNUM *bn = NULL;
+ static RSA *rsa_tmp = NULL;
+
+ if (!rsa_tmp && ((bn = BN_new()) == NULL))
+ BIO_printf(bio_err, "Allocation error in generating RSA key\n");
+ if (!rsa_tmp && bn) {
+ if (!s_quiet) {
+ BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
+ keylength);
+ (void)BIO_flush(bio_err);
+ }
+ if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
+ !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
+ if (rsa_tmp)
+ RSA_free(rsa_tmp);
+ rsa_tmp = NULL;
+ }
+ if (!s_quiet) {
+ BIO_printf(bio_err, "\n");
+ (void)BIO_flush(bio_err);
+ }
+ BN_free(bn);
+ }
+ return (rsa_tmp);
+}
+#endif
+
+#define MAX_SESSION_ID_ATTEMPTS 10
+static int generate_session_id(const SSL *ssl, unsigned char *id,
+ unsigned int *id_len)
+{
+ unsigned int count = 0;
+ do {
+ if (RAND_bytes(id, *id_len) <= 0)
+ return 0;
+ /*
+ * Prefix the session_id with the required prefix. NB: If our prefix
+ * is too long, clip it - but there will be worse effects anyway, eg.
+ * the server could only possibly create 1 session ID (ie. the
+ * prefix!) so all future session negotiations will fail due to
+ * conflicts.
+ */
+ memcpy(id, session_id_prefix,
+ (strlen(session_id_prefix) < *id_len) ?
+ strlen(session_id_prefix) : *id_len);
+ }
+ while (SSL_has_matching_session_id(ssl, id, *id_len) &&
+ (++count < MAX_SESSION_ID_ATTEMPTS));
+ if (count >= MAX_SESSION_ID_ATTEMPTS)
+ return 0;
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/apps/speed.c
===================================================================
--- vendor-crypto/openssl/dist/apps/speed.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/speed.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2745 +0,0 @@
-/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The ECDH and ECDSA speed test software is originally written by
- * Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#ifndef OPENSSL_NO_SPEED
-
-# undef SECONDS
-# define SECONDS 3
-# define RSA_SECONDS 10
-# define DSA_SECONDS 10
-# define ECDSA_SECONDS 10
-# define ECDH_SECONDS 10
-
-/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
-
-# undef PROG
-# define PROG speed_main
-
-# include <stdio.h>
-# include <stdlib.h>
-
-# include <string.h>
-# include <math.h>
-# include "apps.h"
-# ifdef OPENSSL_NO_STDIO
-# define APPS_WIN16
-# endif
-# include <openssl/crypto.h>
-# include <openssl/rand.h>
-# include <openssl/err.h>
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# if !defined(OPENSSL_SYS_MSDOS)
-# include OPENSSL_UNISTD
-# endif
-
-# ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-# endif
-
-# if defined(_WIN32) || defined(__CYGWIN__)
-# include <windows.h>
-# if defined(__CYGWIN__) && !defined(_WIN32)
- /*
- * <windows.h> should define _WIN32, which normally is mutually exclusive
- * with __CYGWIN__, but if it didn't...
- */
-# define _WIN32
- /* this is done because Cygwin alarm() fails sometimes. */
-# endif
-# endif
-
-# include <openssl/bn.h>
-# ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-# endif
-# ifndef OPENSSL_NO_AES
-# include <openssl/aes.h>
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
-# include <openssl/camellia.h>
-# endif
-# ifndef OPENSSL_NO_MD2
-# include <openssl/md2.h>
-# endif
-# ifndef OPENSSL_NO_MDC2
-# include <openssl/mdc2.h>
-# endif
-# ifndef OPENSSL_NO_MD4
-# include <openssl/md4.h>
-# endif
-# ifndef OPENSSL_NO_MD5
-# include <openssl/md5.h>
-# endif
-# ifndef OPENSSL_NO_HMAC
-# include <openssl/hmac.h>
-# endif
-# include <openssl/evp.h>
-# ifndef OPENSSL_NO_SHA
-# include <openssl/sha.h>
-# endif
-# ifndef OPENSSL_NO_RIPEMD
-# include <openssl/ripemd.h>
-# endif
-# ifndef OPENSSL_NO_WHIRLPOOL
-# include <openssl/whrlpool.h>
-# endif
-# ifndef OPENSSL_NO_RC4
-# include <openssl/rc4.h>
-# endif
-# ifndef OPENSSL_NO_RC5
-# include <openssl/rc5.h>
-# endif
-# ifndef OPENSSL_NO_RC2
-# include <openssl/rc2.h>
-# endif
-# ifndef OPENSSL_NO_IDEA
-# include <openssl/idea.h>
-# endif
-# ifndef OPENSSL_NO_SEED
-# include <openssl/seed.h>
-# endif
-# ifndef OPENSSL_NO_BF
-# include <openssl/blowfish.h>
-# endif
-# ifndef OPENSSL_NO_CAST
-# include <openssl/cast.h>
-# endif
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# include "./testrsa.h"
-# endif
-# include <openssl/x509.h>
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# include "./testdsa.h"
-# endif
-# ifndef OPENSSL_NO_ECDSA
-# include <openssl/ecdsa.h>
-# endif
-# ifndef OPENSSL_NO_ECDH
-# include <openssl/ecdh.h>
-# endif
-# include <openssl/modes.h>
-
-# ifdef OPENSSL_FIPS
-# ifdef OPENSSL_DOING_MAKEDEPEND
-# undef AES_set_encrypt_key
-# undef AES_set_decrypt_key
-# undef DES_set_key_unchecked
-# endif
-# define BF_set_key private_BF_set_key
-# define CAST_set_key private_CAST_set_key
-# define idea_set_encrypt_key private_idea_set_encrypt_key
-# define SEED_set_key private_SEED_set_key
-# define RC2_set_key private_RC2_set_key
-# define RC4_set_key private_RC4_set_key
-# define DES_set_key_unchecked private_DES_set_key_unchecked
-# define AES_set_encrypt_key private_AES_set_encrypt_key
-# define AES_set_decrypt_key private_AES_set_decrypt_key
-# define Camellia_set_key private_Camellia_set_key
-# endif
-
-# ifndef HAVE_FORK
-# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
-# define HAVE_FORK 0
-# else
-# define HAVE_FORK 1
-# endif
-# endif
-
-# if HAVE_FORK
-# undef NO_FORK
-# else
-# define NO_FORK
-# endif
-
-# undef BUFSIZE
-# define BUFSIZE ((long)1024*8+1)
-static volatile int run = 0;
-
-static int mr = 0;
-static int usertime = 1;
-
-static double Time_F(int s);
-static void print_message(const char *s, long num, int length);
-static void pkey_print_message(const char *str, const char *str2,
- long num, int bits, int sec);
-static void print_result(int alg, int run_no, int count, double time_used);
-# ifndef NO_FORK
-static int do_multi(int multi);
-# endif
-
-# define ALGOR_NUM 30
-# define SIZE_NUM 5
-# define RSA_NUM 4
-# define DSA_NUM 3
-
-# define EC_NUM 16
-# define MAX_ECDH_SIZE 256
-
-static const char *names[ALGOR_NUM] = {
- "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
- "des cbc", "des ede3", "idea cbc", "seed cbc",
- "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
- "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
- "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
- "evp", "sha256", "sha512", "whirlpool",
- "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
-};
-
-static double results[ALGOR_NUM][SIZE_NUM];
-static int lengths[SIZE_NUM] = { 16, 64, 256, 1024, 8 * 1024 };
-
-# ifndef OPENSSL_NO_RSA
-static double rsa_results[RSA_NUM][2];
-# endif
-# ifndef OPENSSL_NO_DSA
-static double dsa_results[DSA_NUM][2];
-# endif
-# ifndef OPENSSL_NO_ECDSA
-static double ecdsa_results[EC_NUM][2];
-# endif
-# ifndef OPENSSL_NO_ECDH
-static double ecdh_results[EC_NUM][1];
-# endif
-
-# if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH))
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-static int rnd_fake = 0;
-# endif
-
-# ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-# define SIGRETTYPE void
-# else
-# define SIGRETTYPE int
-# endif
-
-static SIGRETTYPE sig_done(int sig);
-static SIGRETTYPE sig_done(int sig)
-{
- signal(SIGALRM, sig_done);
- run = 0;
-# ifdef LINT
- sig = sig;
-# endif
-}
-# endif
-
-# define START 0
-# define STOP 1
-
-# if defined(_WIN32)
-
-# if !defined(SIGALRM)
-# define SIGALRM
-# endif
-static unsigned int lapse, schlock;
-static void alarm_win32(unsigned int secs)
-{
- lapse = secs * 1000;
-}
-
-# define alarm alarm_win32
-
-static DWORD WINAPI sleepy(VOID * arg)
-{
- schlock = 1;
- Sleep(lapse);
- run = 0;
- return 0;
-}
-
-static double Time_F(int s)
-{
- if (s == START) {
- HANDLE thr;
- schlock = 0;
- thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
- if (thr == NULL) {
- DWORD ret = GetLastError();
- BIO_printf(bio_err, "unable to CreateThread (%d)", ret);
- ExitProcess(ret);
- }
- CloseHandle(thr); /* detach the thread */
- while (!schlock)
- Sleep(0); /* scheduler spinlock */
- }
-
- return app_tminterval(s, usertime);
-}
-# else
-
-static double Time_F(int s)
-{
- return app_tminterval(s, usertime);
-}
-# endif
-
-# ifndef OPENSSL_NO_ECDH
-static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
- size_t *outlen)
-{
-# ifndef OPENSSL_NO_SHA
- if (*outlen < SHA_DIGEST_LENGTH)
- return NULL;
- else
- *outlen = SHA_DIGEST_LENGTH;
- return SHA1(in, inlen, out);
-# else
- return NULL;
-# endif /* OPENSSL_NO_SHA */
-}
-# endif /* OPENSSL_NO_ECDH */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- unsigned char *buf = NULL, *buf2 = NULL;
- int mret = 1;
- long count = 0, save_count = 0;
- int i, j, k;
-# if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
- long rsa_count;
-# endif
-# ifndef OPENSSL_NO_RSA
- unsigned rsa_num;
-# endif
- unsigned char md[EVP_MAX_MD_SIZE];
-# ifndef OPENSSL_NO_MD2
- unsigned char md2[MD2_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_MDC2
- unsigned char mdc2[MDC2_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_MD4
- unsigned char md4[MD4_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_MD5
- unsigned char md5[MD5_DIGEST_LENGTH];
- unsigned char hmac[MD5_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_SHA
- unsigned char sha[SHA_DIGEST_LENGTH];
-# ifndef OPENSSL_NO_SHA256
- unsigned char sha256[SHA256_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_SHA512
- unsigned char sha512[SHA512_DIGEST_LENGTH];
-# endif
-# endif
-# ifndef OPENSSL_NO_WHIRLPOOL
- unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_RIPEMD
- unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_RC4
- RC4_KEY rc4_ks;
-# endif
-# ifndef OPENSSL_NO_RC5
- RC5_32_KEY rc5_ks;
-# endif
-# ifndef OPENSSL_NO_RC2
- RC2_KEY rc2_ks;
-# endif
-# ifndef OPENSSL_NO_IDEA
- IDEA_KEY_SCHEDULE idea_ks;
-# endif
-# ifndef OPENSSL_NO_SEED
- SEED_KEY_SCHEDULE seed_ks;
-# endif
-# ifndef OPENSSL_NO_BF
- BF_KEY bf_ks;
-# endif
-# ifndef OPENSSL_NO_CAST
- CAST_KEY cast_ks;
-# endif
- static const unsigned char key16[16] = {
- 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
- 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
- };
-# ifndef OPENSSL_NO_AES
- static const unsigned char key24[24] = {
- 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
- 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
- 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
- };
- static const unsigned char key32[32] = {
- 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
- 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
- 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
- 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
- };
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- static const unsigned char ckey24[24] = {
- 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
- 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
- 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
- };
- static const unsigned char ckey32[32] = {
- 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
- 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
- 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
- 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
- };
-# endif
-# ifndef OPENSSL_NO_AES
-# define MAX_BLOCK_SIZE 128
-# else
-# define MAX_BLOCK_SIZE 64
-# endif
- unsigned char DES_iv[8];
- unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
-# ifndef OPENSSL_NO_DES
- static DES_cblock key =
- { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
- static DES_cblock key2 =
- { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
- static DES_cblock key3 =
- { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
- DES_key_schedule sch;
- DES_key_schedule sch2;
- DES_key_schedule sch3;
-# endif
-# ifndef OPENSSL_NO_AES
- AES_KEY aes_ks1, aes_ks2, aes_ks3;
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
-# endif
-# define D_MD2 0
-# define D_MDC2 1
-# define D_MD4 2
-# define D_MD5 3
-# define D_HMAC 4
-# define D_SHA1 5
-# define D_RMD160 6
-# define D_RC4 7
-# define D_CBC_DES 8
-# define D_EDE3_DES 9
-# define D_CBC_IDEA 10
-# define D_CBC_SEED 11
-# define D_CBC_RC2 12
-# define D_CBC_RC5 13
-# define D_CBC_BF 14
-# define D_CBC_CAST 15
-# define D_CBC_128_AES 16
-# define D_CBC_192_AES 17
-# define D_CBC_256_AES 18
-# define D_CBC_128_CML 19
-# define D_CBC_192_CML 20
-# define D_CBC_256_CML 21
-# define D_EVP 22
-# define D_SHA256 23
-# define D_SHA512 24
-# define D_WHIRLPOOL 25
-# define D_IGE_128_AES 26
-# define D_IGE_192_AES 27
-# define D_IGE_256_AES 28
-# define D_GHASH 29
- double d = 0.0;
- long c[ALGOR_NUM][SIZE_NUM];
-# define R_DSA_512 0
-# define R_DSA_1024 1
-# define R_DSA_2048 2
-# define R_RSA_512 0
-# define R_RSA_1024 1
-# define R_RSA_2048 2
-# define R_RSA_4096 3
-
-# define R_EC_P160 0
-# define R_EC_P192 1
-# define R_EC_P224 2
-# define R_EC_P256 3
-# define R_EC_P384 4
-# define R_EC_P521 5
-# define R_EC_K163 6
-# define R_EC_K233 7
-# define R_EC_K283 8
-# define R_EC_K409 9
-# define R_EC_K571 10
-# define R_EC_B163 11
-# define R_EC_B233 12
-# define R_EC_B283 13
-# define R_EC_B409 14
-# define R_EC_B571 15
-
-# ifndef OPENSSL_NO_RSA
- RSA *rsa_key[RSA_NUM];
- long rsa_c[RSA_NUM][2];
- static unsigned int rsa_bits[RSA_NUM] = {
- 512, 1024, 2048, 4096
- };
- static unsigned char *rsa_data[RSA_NUM] = {
- test512, test1024, test2048, test4096
- };
- static int rsa_data_length[RSA_NUM] = {
- sizeof(test512), sizeof(test1024),
- sizeof(test2048), sizeof(test4096)
- };
-# endif
-# ifndef OPENSSL_NO_DSA
- DSA *dsa_key[DSA_NUM];
- long dsa_c[DSA_NUM][2];
- static unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
-# endif
-# ifndef OPENSSL_NO_EC
- /*
- * We only test over the following curves as they are representative, To
- * add tests over more curves, simply add the curve NID and curve name to
- * the following arrays and increase the EC_NUM value accordingly.
- */
- static unsigned int test_curves[EC_NUM] = {
- /* Prime Curves */
- NID_secp160r1,
- NID_X9_62_prime192v1,
- NID_secp224r1,
- NID_X9_62_prime256v1,
- NID_secp384r1,
- NID_secp521r1,
- /* Binary Curves */
- NID_sect163k1,
- NID_sect233k1,
- NID_sect283k1,
- NID_sect409k1,
- NID_sect571k1,
- NID_sect163r2,
- NID_sect233r1,
- NID_sect283r1,
- NID_sect409r1,
- NID_sect571r1
- };
- static const char *test_curves_names[EC_NUM] = {
- /* Prime Curves */
- "secp160r1",
- "nistp192",
- "nistp224",
- "nistp256",
- "nistp384",
- "nistp521",
- /* Binary Curves */
- "nistk163",
- "nistk233",
- "nistk283",
- "nistk409",
- "nistk571",
- "nistb163",
- "nistb233",
- "nistb283",
- "nistb409",
- "nistb571"
- };
- static int test_curves_bits[EC_NUM] = {
- 160, 192, 224, 256, 384, 521,
- 163, 233, 283, 409, 571,
- 163, 233, 283, 409, 571
- };
-
-# endif
-
-# ifndef OPENSSL_NO_ECDSA
- unsigned char ecdsasig[256];
- unsigned int ecdsasiglen;
- EC_KEY *ecdsa[EC_NUM];
- long ecdsa_c[EC_NUM][2];
-# endif
-
-# ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
- unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
- int secret_size_a, secret_size_b;
- int ecdh_checks = 0;
- int secret_idx = 0;
- long ecdh_c[EC_NUM][2];
-# endif
-
- int rsa_doit[RSA_NUM];
- int dsa_doit[DSA_NUM];
-# ifndef OPENSSL_NO_ECDSA
- int ecdsa_doit[EC_NUM];
-# endif
-# ifndef OPENSSL_NO_ECDH
- int ecdh_doit[EC_NUM];
-# endif
- int doit[ALGOR_NUM];
- int pr_header = 0;
- const EVP_CIPHER *evp_cipher = NULL;
- const EVP_MD *evp_md = NULL;
- int decrypt = 0;
-# ifndef NO_FORK
- int multi = 0;
-# endif
-
-# ifndef TIMES
- usertime = -1;
-# endif
-
- apps_startup();
- memset(results, 0, sizeof(results));
-# ifndef OPENSSL_NO_DSA
- memset(dsa_key, 0, sizeof(dsa_key));
-# endif
-# ifndef OPENSSL_NO_ECDSA
- for (i = 0; i < EC_NUM; i++)
- ecdsa[i] = NULL;
-# endif
-# ifndef OPENSSL_NO_ECDH
- for (i = 0; i < EC_NUM; i++) {
- ecdh_a[i] = NULL;
- ecdh_b[i] = NULL;
- }
-# endif
-
- if (bio_err == NULL)
- if ((bio_err = BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- if (!load_config(bio_err, NULL))
- goto end;
-
-# ifndef OPENSSL_NO_RSA
- memset(rsa_key, 0, sizeof(rsa_key));
- for (i = 0; i < RSA_NUM; i++)
- rsa_key[i] = NULL;
-# endif
-
- if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
- BIO_printf(bio_err, "out of memory\n");
- goto end;
- }
- if ((buf2 = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
- BIO_printf(bio_err, "out of memory\n");
- goto end;
- }
-
- memset(c, 0, sizeof(c));
- memset(DES_iv, 0, sizeof(DES_iv));
- memset(iv, 0, sizeof(iv));
-
- for (i = 0; i < ALGOR_NUM; i++)
- doit[i] = 0;
- for (i = 0; i < RSA_NUM; i++)
- rsa_doit[i] = 0;
- for (i = 0; i < DSA_NUM; i++)
- dsa_doit[i] = 0;
-# ifndef OPENSSL_NO_ECDSA
- for (i = 0; i < EC_NUM; i++)
- ecdsa_doit[i] = 0;
-# endif
-# ifndef OPENSSL_NO_ECDH
- for (i = 0; i < EC_NUM; i++)
- ecdh_doit[i] = 0;
-# endif
-
- j = 0;
- argc--;
- argv++;
- while (argc) {
- if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) {
- usertime = 0;
- j--; /* Otherwise, -elapsed gets confused with an
- * algorithm. */
- } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) {
- argc--;
- argv++;
- if (argc == 0) {
- BIO_printf(bio_err, "no EVP given\n");
- goto end;
- }
- evp_cipher = EVP_get_cipherbyname(*argv);
- if (!evp_cipher) {
- evp_md = EVP_get_digestbyname(*argv);
- }
- if (!evp_cipher && !evp_md) {
- BIO_printf(bio_err, "%s is an unknown cipher or digest\n",
- *argv);
- goto end;
- }
- doit[D_EVP] = 1;
- } else if (argc > 0 && !strcmp(*argv, "-decrypt")) {
- decrypt = 1;
- j--; /* Otherwise, -elapsed gets confused with an
- * algorithm. */
- }
-# ifndef OPENSSL_NO_ENGINE
- else if ((argc > 0) && (strcmp(*argv, "-engine") == 0)) {
- argc--;
- argv++;
- if (argc == 0) {
- BIO_printf(bio_err, "no engine given\n");
- goto end;
- }
- setup_engine(bio_err, *argv, 0);
- /*
- * j will be increased again further down. We just don't want
- * speed to confuse an engine with an algorithm, especially when
- * none is given (which means all of them should be run)
- */
- j--;
- }
-# endif
-# ifndef NO_FORK
- else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) {
- argc--;
- argv++;
- if (argc == 0) {
- BIO_printf(bio_err, "no multi count given\n");
- goto end;
- }
- multi = atoi(argv[0]);
- if (multi <= 0) {
- BIO_printf(bio_err, "bad multi count\n");
- goto end;
- }
- j--; /* Otherwise, -mr gets confused with an
- * algorithm. */
- }
-# endif
- else if (argc > 0 && !strcmp(*argv, "-mr")) {
- mr = 1;
- j--; /* Otherwise, -mr gets confused with an
- * algorithm. */
- } else
-# ifndef OPENSSL_NO_MD2
- if (strcmp(*argv, "md2") == 0)
- doit[D_MD2] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_MDC2
- if (strcmp(*argv, "mdc2") == 0)
- doit[D_MDC2] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_MD4
- if (strcmp(*argv, "md4") == 0)
- doit[D_MD4] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_MD5
- if (strcmp(*argv, "md5") == 0)
- doit[D_MD5] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_MD5
- if (strcmp(*argv, "hmac") == 0)
- doit[D_HMAC] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_SHA
- if (strcmp(*argv, "sha1") == 0)
- doit[D_SHA1] = 1;
- else if (strcmp(*argv, "sha") == 0)
- doit[D_SHA1] = 1, doit[D_SHA256] = 1, doit[D_SHA512] = 1;
- else
-# ifndef OPENSSL_NO_SHA256
- if (strcmp(*argv, "sha256") == 0)
- doit[D_SHA256] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_SHA512
- if (strcmp(*argv, "sha512") == 0)
- doit[D_SHA512] = 1;
- else
-# endif
-# endif
-# ifndef OPENSSL_NO_WHIRLPOOL
- if (strcmp(*argv, "whirlpool") == 0)
- doit[D_WHIRLPOOL] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_RIPEMD
- if (strcmp(*argv, "ripemd") == 0)
- doit[D_RMD160] = 1;
- else if (strcmp(*argv, "rmd160") == 0)
- doit[D_RMD160] = 1;
- else if (strcmp(*argv, "ripemd160") == 0)
- doit[D_RMD160] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_RC4
- if (strcmp(*argv, "rc4") == 0)
- doit[D_RC4] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_DES
- if (strcmp(*argv, "des-cbc") == 0)
- doit[D_CBC_DES] = 1;
- else if (strcmp(*argv, "des-ede3") == 0)
- doit[D_EDE3_DES] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_AES
- if (strcmp(*argv, "aes-128-cbc") == 0)
- doit[D_CBC_128_AES] = 1;
- else if (strcmp(*argv, "aes-192-cbc") == 0)
- doit[D_CBC_192_AES] = 1;
- else if (strcmp(*argv, "aes-256-cbc") == 0)
- doit[D_CBC_256_AES] = 1;
- else if (strcmp(*argv, "aes-128-ige") == 0)
- doit[D_IGE_128_AES] = 1;
- else if (strcmp(*argv, "aes-192-ige") == 0)
- doit[D_IGE_192_AES] = 1;
- else if (strcmp(*argv, "aes-256-ige") == 0)
- doit[D_IGE_256_AES] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- if (strcmp(*argv, "camellia-128-cbc") == 0)
- doit[D_CBC_128_CML] = 1;
- else if (strcmp(*argv, "camellia-192-cbc") == 0)
- doit[D_CBC_192_CML] = 1;
- else if (strcmp(*argv, "camellia-256-cbc") == 0)
- doit[D_CBC_256_CML] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_RSA
-# if 0 /* was: #ifdef RSAref */
- if (strcmp(*argv, "rsaref") == 0) {
- RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
- j--;
- } else
-# endif
-# ifndef RSA_NULL
- if (strcmp(*argv, "openssl") == 0) {
- RSA_set_default_method(RSA_PKCS1_SSLeay());
- j--;
- } else
-# endif
-# endif /* !OPENSSL_NO_RSA */
- if (strcmp(*argv, "dsa512") == 0)
- dsa_doit[R_DSA_512] = 2;
- else if (strcmp(*argv, "dsa1024") == 0)
- dsa_doit[R_DSA_1024] = 2;
- else if (strcmp(*argv, "dsa2048") == 0)
- dsa_doit[R_DSA_2048] = 2;
- else if (strcmp(*argv, "rsa512") == 0)
- rsa_doit[R_RSA_512] = 2;
- else if (strcmp(*argv, "rsa1024") == 0)
- rsa_doit[R_RSA_1024] = 2;
- else if (strcmp(*argv, "rsa2048") == 0)
- rsa_doit[R_RSA_2048] = 2;
- else if (strcmp(*argv, "rsa4096") == 0)
- rsa_doit[R_RSA_4096] = 2;
- else
-# ifndef OPENSSL_NO_RC2
- if (strcmp(*argv, "rc2-cbc") == 0)
- doit[D_CBC_RC2] = 1;
- else if (strcmp(*argv, "rc2") == 0)
- doit[D_CBC_RC2] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_RC5
- if (strcmp(*argv, "rc5-cbc") == 0)
- doit[D_CBC_RC5] = 1;
- else if (strcmp(*argv, "rc5") == 0)
- doit[D_CBC_RC5] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_IDEA
- if (strcmp(*argv, "idea-cbc") == 0)
- doit[D_CBC_IDEA] = 1;
- else if (strcmp(*argv, "idea") == 0)
- doit[D_CBC_IDEA] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_SEED
- if (strcmp(*argv, "seed-cbc") == 0)
- doit[D_CBC_SEED] = 1;
- else if (strcmp(*argv, "seed") == 0)
- doit[D_CBC_SEED] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_BF
- if (strcmp(*argv, "bf-cbc") == 0)
- doit[D_CBC_BF] = 1;
- else if (strcmp(*argv, "blowfish") == 0)
- doit[D_CBC_BF] = 1;
- else if (strcmp(*argv, "bf") == 0)
- doit[D_CBC_BF] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_CAST
- if (strcmp(*argv, "cast-cbc") == 0)
- doit[D_CBC_CAST] = 1;
- else if (strcmp(*argv, "cast") == 0)
- doit[D_CBC_CAST] = 1;
- else if (strcmp(*argv, "cast5") == 0)
- doit[D_CBC_CAST] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_DES
- if (strcmp(*argv, "des") == 0) {
- doit[D_CBC_DES] = 1;
- doit[D_EDE3_DES] = 1;
- } else
-# endif
-# ifndef OPENSSL_NO_AES
- if (strcmp(*argv, "aes") == 0) {
- doit[D_CBC_128_AES] = 1;
- doit[D_CBC_192_AES] = 1;
- doit[D_CBC_256_AES] = 1;
- } else if (strcmp(*argv, "ghash") == 0) {
- doit[D_GHASH] = 1;
- } else
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- if (strcmp(*argv, "camellia") == 0) {
- doit[D_CBC_128_CML] = 1;
- doit[D_CBC_192_CML] = 1;
- doit[D_CBC_256_CML] = 1;
- } else
-# endif
-# ifndef OPENSSL_NO_RSA
- if (strcmp(*argv, "rsa") == 0) {
- rsa_doit[R_RSA_512] = 1;
- rsa_doit[R_RSA_1024] = 1;
- rsa_doit[R_RSA_2048] = 1;
- rsa_doit[R_RSA_4096] = 1;
- } else
-# endif
-# ifndef OPENSSL_NO_DSA
- if (strcmp(*argv, "dsa") == 0) {
- dsa_doit[R_DSA_512] = 1;
- dsa_doit[R_DSA_1024] = 1;
- dsa_doit[R_DSA_2048] = 1;
- } else
-# endif
-# ifndef OPENSSL_NO_ECDSA
- if (strcmp(*argv, "ecdsap160") == 0)
- ecdsa_doit[R_EC_P160] = 2;
- else if (strcmp(*argv, "ecdsap192") == 0)
- ecdsa_doit[R_EC_P192] = 2;
- else if (strcmp(*argv, "ecdsap224") == 0)
- ecdsa_doit[R_EC_P224] = 2;
- else if (strcmp(*argv, "ecdsap256") == 0)
- ecdsa_doit[R_EC_P256] = 2;
- else if (strcmp(*argv, "ecdsap384") == 0)
- ecdsa_doit[R_EC_P384] = 2;
- else if (strcmp(*argv, "ecdsap521") == 0)
- ecdsa_doit[R_EC_P521] = 2;
- else if (strcmp(*argv, "ecdsak163") == 0)
- ecdsa_doit[R_EC_K163] = 2;
- else if (strcmp(*argv, "ecdsak233") == 0)
- ecdsa_doit[R_EC_K233] = 2;
- else if (strcmp(*argv, "ecdsak283") == 0)
- ecdsa_doit[R_EC_K283] = 2;
- else if (strcmp(*argv, "ecdsak409") == 0)
- ecdsa_doit[R_EC_K409] = 2;
- else if (strcmp(*argv, "ecdsak571") == 0)
- ecdsa_doit[R_EC_K571] = 2;
- else if (strcmp(*argv, "ecdsab163") == 0)
- ecdsa_doit[R_EC_B163] = 2;
- else if (strcmp(*argv, "ecdsab233") == 0)
- ecdsa_doit[R_EC_B233] = 2;
- else if (strcmp(*argv, "ecdsab283") == 0)
- ecdsa_doit[R_EC_B283] = 2;
- else if (strcmp(*argv, "ecdsab409") == 0)
- ecdsa_doit[R_EC_B409] = 2;
- else if (strcmp(*argv, "ecdsab571") == 0)
- ecdsa_doit[R_EC_B571] = 2;
- else if (strcmp(*argv, "ecdsa") == 0) {
- for (i = 0; i < EC_NUM; i++)
- ecdsa_doit[i] = 1;
- } else
-# endif
-# ifndef OPENSSL_NO_ECDH
- if (strcmp(*argv, "ecdhp160") == 0)
- ecdh_doit[R_EC_P160] = 2;
- else if (strcmp(*argv, "ecdhp192") == 0)
- ecdh_doit[R_EC_P192] = 2;
- else if (strcmp(*argv, "ecdhp224") == 0)
- ecdh_doit[R_EC_P224] = 2;
- else if (strcmp(*argv, "ecdhp256") == 0)
- ecdh_doit[R_EC_P256] = 2;
- else if (strcmp(*argv, "ecdhp384") == 0)
- ecdh_doit[R_EC_P384] = 2;
- else if (strcmp(*argv, "ecdhp521") == 0)
- ecdh_doit[R_EC_P521] = 2;
- else if (strcmp(*argv, "ecdhk163") == 0)
- ecdh_doit[R_EC_K163] = 2;
- else if (strcmp(*argv, "ecdhk233") == 0)
- ecdh_doit[R_EC_K233] = 2;
- else if (strcmp(*argv, "ecdhk283") == 0)
- ecdh_doit[R_EC_K283] = 2;
- else if (strcmp(*argv, "ecdhk409") == 0)
- ecdh_doit[R_EC_K409] = 2;
- else if (strcmp(*argv, "ecdhk571") == 0)
- ecdh_doit[R_EC_K571] = 2;
- else if (strcmp(*argv, "ecdhb163") == 0)
- ecdh_doit[R_EC_B163] = 2;
- else if (strcmp(*argv, "ecdhb233") == 0)
- ecdh_doit[R_EC_B233] = 2;
- else if (strcmp(*argv, "ecdhb283") == 0)
- ecdh_doit[R_EC_B283] = 2;
- else if (strcmp(*argv, "ecdhb409") == 0)
- ecdh_doit[R_EC_B409] = 2;
- else if (strcmp(*argv, "ecdhb571") == 0)
- ecdh_doit[R_EC_B571] = 2;
- else if (strcmp(*argv, "ecdh") == 0) {
- for (i = 0; i < EC_NUM; i++)
- ecdh_doit[i] = 1;
- } else
-# endif
- {
- BIO_printf(bio_err, "Error: bad option or value\n");
- BIO_printf(bio_err, "\n");
- BIO_printf(bio_err, "Available values:\n");
-# ifndef OPENSSL_NO_MD2
- BIO_printf(bio_err, "md2 ");
-# endif
-# ifndef OPENSSL_NO_MDC2
- BIO_printf(bio_err, "mdc2 ");
-# endif
-# ifndef OPENSSL_NO_MD4
- BIO_printf(bio_err, "md4 ");
-# endif
-# ifndef OPENSSL_NO_MD5
- BIO_printf(bio_err, "md5 ");
-# ifndef OPENSSL_NO_HMAC
- BIO_printf(bio_err, "hmac ");
-# endif
-# endif
-# ifndef OPENSSL_NO_SHA1
- BIO_printf(bio_err, "sha1 ");
-# endif
-# ifndef OPENSSL_NO_SHA256
- BIO_printf(bio_err, "sha256 ");
-# endif
-# ifndef OPENSSL_NO_SHA512
- BIO_printf(bio_err, "sha512 ");
-# endif
-# ifndef OPENSSL_NO_WHIRLPOOL
- BIO_printf(bio_err, "whirlpool");
-# endif
-# ifndef OPENSSL_NO_RIPEMD160
- BIO_printf(bio_err, "rmd160");
-# endif
-# if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
- !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
- !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
- !defined(OPENSSL_NO_WHIRLPOOL)
- BIO_printf(bio_err, "\n");
-# endif
-
-# ifndef OPENSSL_NO_IDEA
- BIO_printf(bio_err, "idea-cbc ");
-# endif
-# ifndef OPENSSL_NO_SEED
- BIO_printf(bio_err, "seed-cbc ");
-# endif
-# ifndef OPENSSL_NO_RC2
- BIO_printf(bio_err, "rc2-cbc ");
-# endif
-# ifndef OPENSSL_NO_RC5
- BIO_printf(bio_err, "rc5-cbc ");
-# endif
-# ifndef OPENSSL_NO_BF
- BIO_printf(bio_err, "bf-cbc");
-# endif
-# if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \
- !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
- BIO_printf(bio_err, "\n");
-# endif
-# ifndef OPENSSL_NO_DES
- BIO_printf(bio_err, "des-cbc des-ede3 ");
-# endif
-# ifndef OPENSSL_NO_AES
- BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc ");
- BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige ");
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- BIO_printf(bio_err, "\n");
- BIO_printf(bio_err,
- "camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
-# endif
-# ifndef OPENSSL_NO_RC4
- BIO_printf(bio_err, "rc4");
-# endif
- BIO_printf(bio_err, "\n");
-
-# ifndef OPENSSL_NO_RSA
- BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n");
-# endif
-
-# ifndef OPENSSL_NO_DSA
- BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n");
-# endif
-# ifndef OPENSSL_NO_ECDSA
- BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 "
- "ecdsap256 ecdsap384 ecdsap521\n");
- BIO_printf(bio_err,
- "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
- BIO_printf(bio_err,
- "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
- BIO_printf(bio_err, "ecdsa\n");
-# endif
-# ifndef OPENSSL_NO_ECDH
- BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 "
- "ecdhp256 ecdhp384 ecdhp521\n");
- BIO_printf(bio_err,
- "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
- BIO_printf(bio_err,
- "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n");
- BIO_printf(bio_err, "ecdh\n");
-# endif
-
-# ifndef OPENSSL_NO_IDEA
- BIO_printf(bio_err, "idea ");
-# endif
-# ifndef OPENSSL_NO_SEED
- BIO_printf(bio_err, "seed ");
-# endif
-# ifndef OPENSSL_NO_RC2
- BIO_printf(bio_err, "rc2 ");
-# endif
-# ifndef OPENSSL_NO_DES
- BIO_printf(bio_err, "des ");
-# endif
-# ifndef OPENSSL_NO_AES
- BIO_printf(bio_err, "aes ");
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- BIO_printf(bio_err, "camellia ");
-# endif
-# ifndef OPENSSL_NO_RSA
- BIO_printf(bio_err, "rsa ");
-# endif
-# ifndef OPENSSL_NO_BF
- BIO_printf(bio_err, "blowfish");
-# endif
-# if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
- !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
- !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
- !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
- BIO_printf(bio_err, "\n");
-# endif
-
- BIO_printf(bio_err, "\n");
- BIO_printf(bio_err, "Available options:\n");
-# if defined(TIMES) || defined(USE_TOD)
- BIO_printf(bio_err, "-elapsed "
- "measure time in real time instead of CPU user time.\n");
-# endif
-# ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err,
- "-engine e "
- "use engine e, possibly a hardware device.\n");
-# endif
- BIO_printf(bio_err, "-evp e " "use EVP e.\n");
- BIO_printf(bio_err,
- "-decrypt "
- "time decryption instead of encryption (only EVP).\n");
- BIO_printf(bio_err,
- "-mr "
- "produce machine readable output.\n");
-# ifndef NO_FORK
- BIO_printf(bio_err,
- "-multi n " "run n benchmarks in parallel.\n");
-# endif
- goto end;
- }
- argc--;
- argv++;
- j++;
- }
-
-# ifndef NO_FORK
- if (multi && do_multi(multi))
- goto show_res;
-# endif
-
- if (j == 0) {
- for (i = 0; i < ALGOR_NUM; i++) {
- if (i != D_EVP)
- doit[i] = 1;
- }
- for (i = 0; i < RSA_NUM; i++)
- rsa_doit[i] = 1;
- for (i = 0; i < DSA_NUM; i++)
- dsa_doit[i] = 1;
-# ifndef OPENSSL_NO_ECDSA
- for (i = 0; i < EC_NUM; i++)
- ecdsa_doit[i] = 1;
-# endif
-# ifndef OPENSSL_NO_ECDH
- for (i = 0; i < EC_NUM; i++)
- ecdh_doit[i] = 1;
-# endif
- }
- for (i = 0; i < ALGOR_NUM; i++)
- if (doit[i])
- pr_header++;
-
- if (usertime == 0 && !mr)
- BIO_printf(bio_err,
- "You have chosen to measure elapsed time "
- "instead of user CPU time.\n");
-
-# ifndef OPENSSL_NO_RSA
- for (i = 0; i < RSA_NUM; i++) {
- const unsigned char *p;
-
- p = rsa_data[i];
- rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]);
- if (rsa_key[i] == NULL) {
- BIO_printf(bio_err, "internal error loading RSA key number %d\n",
- i);
- goto end;
- }
-# if 0
- else {
- BIO_printf(bio_err,
- mr ? "+RK:%d:"
- : "Loaded RSA key, %d bit modulus and e= 0x",
- BN_num_bits(rsa_key[i]->n));
- BN_print(bio_err, rsa_key[i]->e);
- BIO_printf(bio_err, "\n");
- }
-# endif
- }
-# endif
-
-# ifndef OPENSSL_NO_DSA
- dsa_key[0] = get_dsa512();
- dsa_key[1] = get_dsa1024();
- dsa_key[2] = get_dsa2048();
-# endif
-
-# ifndef OPENSSL_NO_DES
- DES_set_key_unchecked(&key, &sch);
- DES_set_key_unchecked(&key2, &sch2);
- DES_set_key_unchecked(&key3, &sch3);
-# endif
-# ifndef OPENSSL_NO_AES
- AES_set_encrypt_key(key16, 128, &aes_ks1);
- AES_set_encrypt_key(key24, 192, &aes_ks2);
- AES_set_encrypt_key(key32, 256, &aes_ks3);
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- Camellia_set_key(key16, 128, &camellia_ks1);
- Camellia_set_key(ckey24, 192, &camellia_ks2);
- Camellia_set_key(ckey32, 256, &camellia_ks3);
-# endif
-# ifndef OPENSSL_NO_IDEA
- idea_set_encrypt_key(key16, &idea_ks);
-# endif
-# ifndef OPENSSL_NO_SEED
- SEED_set_key(key16, &seed_ks);
-# endif
-# ifndef OPENSSL_NO_RC4
- RC4_set_key(&rc4_ks, 16, key16);
-# endif
-# ifndef OPENSSL_NO_RC2
- RC2_set_key(&rc2_ks, 16, key16, 128);
-# endif
-# ifndef OPENSSL_NO_RC5
- RC5_32_set_key(&rc5_ks, 16, key16, 12);
-# endif
-# ifndef OPENSSL_NO_BF
- BF_set_key(&bf_ks, 16, key16);
-# endif
-# ifndef OPENSSL_NO_CAST
- CAST_set_key(&cast_ks, 16, key16);
-# endif
-# ifndef OPENSSL_NO_RSA
- memset(rsa_c, 0, sizeof(rsa_c));
-# endif
-# ifndef SIGALRM
-# ifndef OPENSSL_NO_DES
- BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
- count = 10;
- do {
- long it;
- count *= 2;
- Time_F(START);
- for (it = count; it; it--)
- DES_ecb_encrypt((DES_cblock *)buf,
- (DES_cblock *)buf, &sch, DES_ENCRYPT);
- d = Time_F(STOP);
- } while (d < 3);
- save_count = count;
- c[D_MD2][0] = count / 10;
- c[D_MDC2][0] = count / 10;
- c[D_MD4][0] = count;
- c[D_MD5][0] = count;
- c[D_HMAC][0] = count;
- c[D_SHA1][0] = count;
- c[D_RMD160][0] = count;
- c[D_RC4][0] = count * 5;
- c[D_CBC_DES][0] = count;
- c[D_EDE3_DES][0] = count / 3;
- c[D_CBC_IDEA][0] = count;
- c[D_CBC_SEED][0] = count;
- c[D_CBC_RC2][0] = count;
- c[D_CBC_RC5][0] = count;
- c[D_CBC_BF][0] = count;
- c[D_CBC_CAST][0] = count;
- c[D_CBC_128_AES][0] = count;
- c[D_CBC_192_AES][0] = count;
- c[D_CBC_256_AES][0] = count;
- c[D_CBC_128_CML][0] = count;
- c[D_CBC_192_CML][0] = count;
- c[D_CBC_256_CML][0] = count;
- c[D_SHA256][0] = count;
- c[D_SHA512][0] = count;
- c[D_WHIRLPOOL][0] = count;
- c[D_IGE_128_AES][0] = count;
- c[D_IGE_192_AES][0] = count;
- c[D_IGE_256_AES][0] = count;
- c[D_GHASH][0] = count;
-
- for (i = 1; i < SIZE_NUM; i++) {
- c[D_MD2][i] = c[D_MD2][0] * 4 * lengths[0] / lengths[i];
- c[D_MDC2][i] = c[D_MDC2][0] * 4 * lengths[0] / lengths[i];
- c[D_MD4][i] = c[D_MD4][0] * 4 * lengths[0] / lengths[i];
- c[D_MD5][i] = c[D_MD5][0] * 4 * lengths[0] / lengths[i];
- c[D_HMAC][i] = c[D_HMAC][0] * 4 * lengths[0] / lengths[i];
- c[D_SHA1][i] = c[D_SHA1][0] * 4 * lengths[0] / lengths[i];
- c[D_RMD160][i] = c[D_RMD160][0] * 4 * lengths[0] / lengths[i];
- c[D_SHA256][i] = c[D_SHA256][0] * 4 * lengths[0] / lengths[i];
- c[D_SHA512][i] = c[D_SHA512][0] * 4 * lengths[0] / lengths[i];
- c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * lengths[0] / lengths[i];
- }
- for (i = 1; i < SIZE_NUM; i++) {
- long l0, l1;
-
- l0 = (long)lengths[i - 1];
- l1 = (long)lengths[i];
- c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
- c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
- c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
- c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
- c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
- c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
- c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
- c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
- c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
- c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
- c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
- c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
- c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
- c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
- c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
- c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
- c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
- c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
- }
-# ifndef OPENSSL_NO_RSA
- rsa_c[R_RSA_512][0] = count / 2000;
- rsa_c[R_RSA_512][1] = count / 400;
- for (i = 1; i < RSA_NUM; i++) {
- rsa_c[i][0] = rsa_c[i - 1][0] / 8;
- rsa_c[i][1] = rsa_c[i - 1][1] / 4;
- if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0))
- rsa_doit[i] = 0;
- else {
- if (rsa_c[i][0] == 0) {
- rsa_c[i][0] = 1;
- rsa_c[i][1] = 20;
- }
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_DSA
- dsa_c[R_DSA_512][0] = count / 1000;
- dsa_c[R_DSA_512][1] = count / 1000 / 2;
- for (i = 1; i < DSA_NUM; i++) {
- dsa_c[i][0] = dsa_c[i - 1][0] / 4;
- dsa_c[i][1] = dsa_c[i - 1][1] / 4;
- if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0))
- dsa_doit[i] = 0;
- else {
- if (dsa_c[i] == 0) {
- dsa_c[i][0] = 1;
- dsa_c[i][1] = 1;
- }
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_ECDSA
- ecdsa_c[R_EC_P160][0] = count / 1000;
- ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
- ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
- ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
- if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
- ecdsa_doit[i] = 0;
- else {
- if (ecdsa_c[i] == 0) {
- ecdsa_c[i][0] = 1;
- ecdsa_c[i][1] = 1;
- }
- }
- }
- ecdsa_c[R_EC_K163][0] = count / 1000;
- ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
- for (i = R_EC_K233; i <= R_EC_K571; i++) {
- ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
- ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
- if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
- ecdsa_doit[i] = 0;
- else {
- if (ecdsa_c[i] == 0) {
- ecdsa_c[i][0] = 1;
- ecdsa_c[i][1] = 1;
- }
- }
- }
- ecdsa_c[R_EC_B163][0] = count / 1000;
- ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
- for (i = R_EC_B233; i <= R_EC_B571; i++) {
- ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
- ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
- if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
- ecdsa_doit[i] = 0;
- else {
- if (ecdsa_c[i] == 0) {
- ecdsa_c[i][0] = 1;
- ecdsa_c[i][1] = 1;
- }
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_ECDH
- ecdh_c[R_EC_P160][0] = count / 1000;
- ecdh_c[R_EC_P160][1] = count / 1000;
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
- ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
- ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
- if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
- ecdh_doit[i] = 0;
- else {
- if (ecdh_c[i] == 0) {
- ecdh_c[i][0] = 1;
- ecdh_c[i][1] = 1;
- }
- }
- }
- ecdh_c[R_EC_K163][0] = count / 1000;
- ecdh_c[R_EC_K163][1] = count / 1000;
- for (i = R_EC_K233; i <= R_EC_K571; i++) {
- ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
- ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
- if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
- ecdh_doit[i] = 0;
- else {
- if (ecdh_c[i] == 0) {
- ecdh_c[i][0] = 1;
- ecdh_c[i][1] = 1;
- }
- }
- }
- ecdh_c[R_EC_B163][0] = count / 1000;
- ecdh_c[R_EC_B163][1] = count / 1000;
- for (i = R_EC_B233; i <= R_EC_B571; i++) {
- ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
- ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
- if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
- ecdh_doit[i] = 0;
- else {
- if (ecdh_c[i] == 0) {
- ecdh_c[i][0] = 1;
- ecdh_c[i][1] = 1;
- }
- }
- }
-# endif
-
-# define COND(d) (count < (d))
-# define COUNT(d) (d)
-# else
-/* not worth fixing */
-# error "You cannot disable DES on systems without SIGALRM."
-# endif /* OPENSSL_NO_DES */
-# else
-# define COND(c) (run && count<0x7fffffff)
-# define COUNT(d) (count)
-# ifndef _WIN32
- signal(SIGALRM, sig_done);
-# endif
-# endif /* SIGALRM */
-
-# ifndef OPENSSL_NO_MD2
- if (doit[D_MD2]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_MD2], c[D_MD2][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_MD2][j]); count++)
- EVP_Digest(buf, (unsigned long)lengths[j], &(md2[0]), NULL,
- EVP_md2(), NULL);
- d = Time_F(STOP);
- print_result(D_MD2, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_MDC2
- if (doit[D_MDC2]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_MDC2], c[D_MDC2][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_MDC2][j]); count++)
- EVP_Digest(buf, (unsigned long)lengths[j], &(mdc2[0]), NULL,
- EVP_mdc2(), NULL);
- d = Time_F(STOP);
- print_result(D_MDC2, j, count, d);
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_MD4
- if (doit[D_MD4]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_MD4], c[D_MD4][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_MD4][j]); count++)
- EVP_Digest(&(buf[0]), (unsigned long)lengths[j], &(md4[0]),
- NULL, EVP_md4(), NULL);
- d = Time_F(STOP);
- print_result(D_MD4, j, count, d);
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_MD5
- if (doit[D_MD5]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_MD5], c[D_MD5][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_MD5][j]); count++)
- EVP_Digest(&(buf[0]), (unsigned long)lengths[j], &(md5[0]),
- NULL, EVP_get_digestbyname("md5"), NULL);
- d = Time_F(STOP);
- print_result(D_MD5, j, count, d);
- }
- }
-# endif
-
-# if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC)
- if (doit[D_HMAC]) {
- HMAC_CTX hctx;
-
- HMAC_CTX_init(&hctx);
- HMAC_Init_ex(&hctx, (unsigned char *)"This is a key...",
- 16, EVP_md5(), NULL);
-
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) {
- HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL);
- HMAC_Update(&hctx, buf, lengths[j]);
- HMAC_Final(&hctx, &(hmac[0]), NULL);
- }
- d = Time_F(STOP);
- print_result(D_HMAC, j, count, d);
- }
- HMAC_CTX_cleanup(&hctx);
- }
-# endif
-# ifndef OPENSSL_NO_SHA
- if (doit[D_SHA1]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_SHA1][j]); count++)
- EVP_Digest(buf, (unsigned long)lengths[j], &(sha[0]), NULL,
- EVP_sha1(), NULL);
- d = Time_F(STOP);
- print_result(D_SHA1, j, count, d);
- }
- }
-# ifndef OPENSSL_NO_SHA256
- if (doit[D_SHA256]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_SHA256][j]); count++)
- SHA256(buf, lengths[j], sha256);
- d = Time_F(STOP);
- print_result(D_SHA256, j, count, d);
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_SHA512
- if (doit[D_SHA512]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_SHA512][j]); count++)
- SHA512(buf, lengths[j], sha512);
- d = Time_F(STOP);
- print_result(D_SHA512, j, count, d);
- }
- }
-# endif
-# endif
-
-# ifndef OPENSSL_NO_WHIRLPOOL
- if (doit[D_WHIRLPOOL]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++)
- WHIRLPOOL(buf, lengths[j], whirlpool);
- d = Time_F(STOP);
- print_result(D_WHIRLPOOL, j, count, d);
- }
- }
-# endif
-
-# ifndef OPENSSL_NO_RIPEMD
- if (doit[D_RMD160]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_RMD160][j]); count++)
- EVP_Digest(buf, (unsigned long)lengths[j], &(rmd160[0]), NULL,
- EVP_ripemd160(), NULL);
- d = Time_F(STOP);
- print_result(D_RMD160, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_RC4
- if (doit[D_RC4]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_RC4], c[D_RC4][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_RC4][j]); count++)
- RC4(&rc4_ks, (unsigned int)lengths[j], buf, buf);
- d = Time_F(STOP);
- print_result(D_RC4, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_DES
- if (doit[D_CBC_DES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++)
- DES_ncbc_encrypt(buf, buf, lengths[j], &sch,
- &DES_iv, DES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_DES, j, count, d);
- }
- }
-
- if (doit[D_EDE3_DES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++)
- DES_ede3_cbc_encrypt(buf, buf, lengths[j],
- &sch, &sch2, &sch3,
- &DES_iv, DES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_EDE3_DES, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_AES
- if (doit[D_CBC_128_AES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++)
- AES_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &aes_ks1,
- iv, AES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_128_AES, j, count, d);
- }
- }
- if (doit[D_CBC_192_AES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++)
- AES_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &aes_ks2,
- iv, AES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_192_AES, j, count, d);
- }
- }
- if (doit[D_CBC_256_AES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++)
- AES_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &aes_ks3,
- iv, AES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_256_AES, j, count, d);
- }
- }
-
- if (doit[D_IGE_128_AES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++)
- AES_ige_encrypt(buf, buf2,
- (unsigned long)lengths[j], &aes_ks1,
- iv, AES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_IGE_128_AES, j, count, d);
- }
- }
- if (doit[D_IGE_192_AES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++)
- AES_ige_encrypt(buf, buf2,
- (unsigned long)lengths[j], &aes_ks2,
- iv, AES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_IGE_192_AES, j, count, d);
- }
- }
- if (doit[D_IGE_256_AES]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++)
- AES_ige_encrypt(buf, buf2,
- (unsigned long)lengths[j], &aes_ks3,
- iv, AES_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_IGE_256_AES, j, count, d);
- }
- }
- if (doit[D_GHASH]) {
- GCM128_CONTEXT *ctx =
- CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
- CRYPTO_gcm128_setiv(ctx, (unsigned char *)"0123456789ab", 12);
-
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_GHASH][j]); count++)
- CRYPTO_gcm128_aad(ctx, buf, lengths[j]);
- d = Time_F(STOP);
- print_result(D_GHASH, j, count, d);
- }
- CRYPTO_gcm128_release(ctx);
- }
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
- if (doit[D_CBC_128_CML]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++)
- Camellia_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &camellia_ks1,
- iv, CAMELLIA_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_128_CML, j, count, d);
- }
- }
- if (doit[D_CBC_192_CML]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++)
- Camellia_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &camellia_ks2,
- iv, CAMELLIA_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_192_CML, j, count, d);
- }
- }
- if (doit[D_CBC_256_CML]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j],
- lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++)
- Camellia_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &camellia_ks3,
- iv, CAMELLIA_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_256_CML, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_IDEA
- if (doit[D_CBC_IDEA]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++)
- idea_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &idea_ks,
- iv, IDEA_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_IDEA, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_SEED
- if (doit[D_CBC_SEED]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_SEED], c[D_CBC_SEED][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_SEED][j]); count++)
- SEED_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &seed_ks, iv, 1);
- d = Time_F(STOP);
- print_result(D_CBC_SEED, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_RC2
- if (doit[D_CBC_RC2]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++)
- RC2_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &rc2_ks,
- iv, RC2_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_RC2, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_RC5
- if (doit[D_CBC_RC5]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_RC5], c[D_CBC_RC5][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_RC5][j]); count++)
- RC5_32_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &rc5_ks,
- iv, RC5_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_RC5, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_BF
- if (doit[D_CBC_BF]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++)
- BF_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &bf_ks,
- iv, BF_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_BF, j, count, d);
- }
- }
-# endif
-# ifndef OPENSSL_NO_CAST
- if (doit[D_CBC_CAST]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++)
- CAST_cbc_encrypt(buf, buf,
- (unsigned long)lengths[j], &cast_ks,
- iv, CAST_ENCRYPT);
- d = Time_F(STOP);
- print_result(D_CBC_CAST, j, count, d);
- }
- }
-# endif
-
- if (doit[D_EVP]) {
- for (j = 0; j < SIZE_NUM; j++) {
- if (evp_cipher) {
- EVP_CIPHER_CTX ctx;
- int outl;
-
- names[D_EVP] = OBJ_nid2ln(evp_cipher->nid);
- /*
- * -O3 -fschedule-insns messes up an optimization here!
- * names[D_EVP] somehow becomes NULL
- */
- print_message(names[D_EVP], save_count, lengths[j]);
-
- EVP_CIPHER_CTX_init(&ctx);
- if (decrypt)
- EVP_DecryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
- else
- EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
-
- Time_F(START);
- if (decrypt)
- for (count = 0, run = 1;
- COND(save_count * 4 * lengths[0] / lengths[j]);
- count++)
- EVP_DecryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
- else
- for (count = 0, run = 1;
- COND(save_count * 4 * lengths[0] / lengths[j]);
- count++)
- EVP_EncryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
- if (decrypt)
- EVP_DecryptFinal_ex(&ctx, buf, &outl);
- else
- EVP_EncryptFinal_ex(&ctx, buf, &outl);
- d = Time_F(STOP);
- EVP_CIPHER_CTX_cleanup(&ctx);
- }
- if (evp_md) {
- names[D_EVP] = OBJ_nid2ln(evp_md->type);
- print_message(names[D_EVP], save_count, lengths[j]);
-
- Time_F(START);
- for (count = 0, run = 1;
- COND(save_count * 4 * lengths[0] / lengths[j]); count++)
- EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL);
-
- d = Time_F(STOP);
- }
- print_result(D_EVP, j, count, d);
- }
- }
-
- RAND_pseudo_bytes(buf, 36);
-# ifndef OPENSSL_NO_RSA
- for (j = 0; j < RSA_NUM; j++) {
- int ret;
- if (!rsa_doit[j])
- continue;
- ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]);
- if (ret == 0) {
- BIO_printf(bio_err,
- "RSA sign failure. No RSA sign will be done.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- } else {
- pkey_print_message("private", "rsa",
- rsa_c[j][0], rsa_bits[j], RSA_SECONDS);
- /* RSA_blinding_on(rsa_key[j],NULL); */
- Time_F(START);
- for (count = 0, run = 1; COND(rsa_c[j][0]); count++) {
- ret = RSA_sign(NID_md5_sha1, buf, 36, buf2,
- &rsa_num, rsa_key[j]);
- if (ret == 0) {
- BIO_printf(bio_err, "RSA sign failure\n");
- ERR_print_errors(bio_err);
- count = 1;
- break;
- }
- }
- d = Time_F(STOP);
- BIO_printf(bio_err,
- mr ? "+R1:%ld:%d:%.2f\n"
- : "%ld %d bit private RSA's in %.2fs\n",
- count, rsa_bits[j], d);
- rsa_results[j][0] = d / (double)count;
- rsa_count = count;
- }
-
-# if 1
- ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]);
- if (ret <= 0) {
- BIO_printf(bio_err,
- "RSA verify failure. No RSA verify will be done.\n");
- ERR_print_errors(bio_err);
- rsa_doit[j] = 0;
- } else {
- pkey_print_message("public", "rsa",
- rsa_c[j][1], rsa_bits[j], RSA_SECONDS);
- Time_F(START);
- for (count = 0, run = 1; COND(rsa_c[j][1]); count++) {
- ret = RSA_verify(NID_md5_sha1, buf, 36, buf2,
- rsa_num, rsa_key[j]);
- if (ret <= 0) {
- BIO_printf(bio_err, "RSA verify failure\n");
- ERR_print_errors(bio_err);
- count = 1;
- break;
- }
- }
- d = Time_F(STOP);
- BIO_printf(bio_err,
- mr ? "+R2:%ld:%d:%.2f\n"
- : "%ld %d bit public RSA's in %.2fs\n",
- count, rsa_bits[j], d);
- rsa_results[j][1] = d / (double)count;
- }
-# endif
-
- if (rsa_count <= 1) {
- /* if longer than 10s, don't do any more */
- for (j++; j < RSA_NUM; j++)
- rsa_doit[j] = 0;
- }
- }
-# endif
-
- RAND_pseudo_bytes(buf, 20);
-# ifndef OPENSSL_NO_DSA
- if (RAND_status() != 1) {
- RAND_seed(rnd_seed, sizeof rnd_seed);
- rnd_fake = 1;
- }
- for (j = 0; j < DSA_NUM; j++) {
- unsigned int kk;
- int ret;
-
- if (!dsa_doit[j])
- continue;
-
- /* DSA_generate_key(dsa_key[j]); */
- /* DSA_sign_setup(dsa_key[j],NULL); */
- ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
- if (ret == 0) {
- BIO_printf(bio_err,
- "DSA sign failure. No DSA sign will be done.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- } else {
- pkey_print_message("sign", "dsa",
- dsa_c[j][0], dsa_bits[j], DSA_SECONDS);
- Time_F(START);
- for (count = 0, run = 1; COND(dsa_c[j][0]); count++) {
- ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
- if (ret == 0) {
- BIO_printf(bio_err, "DSA sign failure\n");
- ERR_print_errors(bio_err);
- count = 1;
- break;
- }
- }
- d = Time_F(STOP);
- BIO_printf(bio_err,
- mr ? "+R3:%ld:%d:%.2f\n"
- : "%ld %d bit DSA signs in %.2fs\n",
- count, dsa_bits[j], d);
- dsa_results[j][0] = d / (double)count;
- rsa_count = count;
- }
-
- ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
- if (ret <= 0) {
- BIO_printf(bio_err,
- "DSA verify failure. No DSA verify will be done.\n");
- ERR_print_errors(bio_err);
- dsa_doit[j] = 0;
- } else {
- pkey_print_message("verify", "dsa",
- dsa_c[j][1], dsa_bits[j], DSA_SECONDS);
- Time_F(START);
- for (count = 0, run = 1; COND(dsa_c[j][1]); count++) {
- ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
- if (ret <= 0) {
- BIO_printf(bio_err, "DSA verify failure\n");
- ERR_print_errors(bio_err);
- count = 1;
- break;
- }
- }
- d = Time_F(STOP);
- BIO_printf(bio_err,
- mr ? "+R4:%ld:%d:%.2f\n"
- : "%ld %d bit DSA verify in %.2fs\n",
- count, dsa_bits[j], d);
- dsa_results[j][1] = d / (double)count;
- }
-
- if (rsa_count <= 1) {
- /* if longer than 10s, don't do any more */
- for (j++; j < DSA_NUM; j++)
- dsa_doit[j] = 0;
- }
- }
- if (rnd_fake)
- RAND_cleanup();
-# endif
-
-# ifndef OPENSSL_NO_ECDSA
- if (RAND_status() != 1) {
- RAND_seed(rnd_seed, sizeof rnd_seed);
- rnd_fake = 1;
- }
- for (j = 0; j < EC_NUM; j++) {
- int ret;
-
- if (!ecdsa_doit[j])
- continue; /* Ignore Curve */
- ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]);
- if (ecdsa[j] == NULL) {
- BIO_printf(bio_err, "ECDSA failure.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- } else {
-# if 1
- EC_KEY_precompute_mult(ecdsa[j], NULL);
-# endif
- /* Perform ECDSA signature test */
- EC_KEY_generate_key(ecdsa[j]);
- ret = ECDSA_sign(0, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
- if (ret == 0) {
- BIO_printf(bio_err,
- "ECDSA sign failure. No ECDSA sign will be done.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- } else {
- pkey_print_message("sign", "ecdsa",
- ecdsa_c[j][0],
- test_curves_bits[j], ECDSA_SECONDS);
-
- Time_F(START);
- for (count = 0, run = 1; COND(ecdsa_c[j][0]); count++) {
- ret = ECDSA_sign(0, buf, 20,
- ecdsasig, &ecdsasiglen, ecdsa[j]);
- if (ret == 0) {
- BIO_printf(bio_err, "ECDSA sign failure\n");
- ERR_print_errors(bio_err);
- count = 1;
- break;
- }
- }
- d = Time_F(STOP);
-
- BIO_printf(bio_err,
- mr ? "+R5:%ld:%d:%.2f\n" :
- "%ld %d bit ECDSA signs in %.2fs \n",
- count, test_curves_bits[j], d);
- ecdsa_results[j][0] = d / (double)count;
- rsa_count = count;
- }
-
- /* Perform ECDSA verification test */
- ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
- if (ret != 1) {
- BIO_printf(bio_err,
- "ECDSA verify failure. No ECDSA verify will be done.\n");
- ERR_print_errors(bio_err);
- ecdsa_doit[j] = 0;
- } else {
- pkey_print_message("verify", "ecdsa",
- ecdsa_c[j][1],
- test_curves_bits[j], ECDSA_SECONDS);
- Time_F(START);
- for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) {
- ret =
- ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen,
- ecdsa[j]);
- if (ret != 1) {
- BIO_printf(bio_err, "ECDSA verify failure\n");
- ERR_print_errors(bio_err);
- count = 1;
- break;
- }
- }
- d = Time_F(STOP);
- BIO_printf(bio_err,
- mr ? "+R6:%ld:%d:%.2f\n"
- : "%ld %d bit ECDSA verify in %.2fs\n",
- count, test_curves_bits[j], d);
- ecdsa_results[j][1] = d / (double)count;
- }
-
- if (rsa_count <= 1) {
- /* if longer than 10s, don't do any more */
- for (j++; j < EC_NUM; j++)
- ecdsa_doit[j] = 0;
- }
- }
- }
- if (rnd_fake)
- RAND_cleanup();
-# endif
-
-# ifndef OPENSSL_NO_ECDH
- if (RAND_status() != 1) {
- RAND_seed(rnd_seed, sizeof rnd_seed);
- rnd_fake = 1;
- }
- for (j = 0; j < EC_NUM; j++) {
- if (!ecdh_doit[j])
- continue;
- ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]);
- ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]);
- if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) {
- BIO_printf(bio_err, "ECDH failure.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- } else {
- /* generate two ECDH key pairs */
- if (!EC_KEY_generate_key(ecdh_a[j]) ||
- !EC_KEY_generate_key(ecdh_b[j])) {
- BIO_printf(bio_err, "ECDH key generation failure.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- } else {
- /*
- * If field size is not more than 24 octets, then use SHA-1
- * hash of result; otherwise, use result (see section 4.8 of
- * draft-ietf-tls-ecc-03.txt).
- */
- int field_size, outlen;
- void *(*kdf) (const void *in, size_t inlen, void *out,
- size_t *xoutlen);
- field_size =
- EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j]));
- if (field_size <= 24 * 8) {
- outlen = KDF1_SHA1_len;
- kdf = KDF1_SHA1;
- } else {
- outlen = (field_size + 7) / 8;
- kdf = NULL;
- }
- secret_size_a =
- ECDH_compute_key(secret_a, outlen,
- EC_KEY_get0_public_key(ecdh_b[j]),
- ecdh_a[j], kdf);
- secret_size_b =
- ECDH_compute_key(secret_b, outlen,
- EC_KEY_get0_public_key(ecdh_a[j]),
- ecdh_b[j], kdf);
- if (secret_size_a != secret_size_b)
- ecdh_checks = 0;
- else
- ecdh_checks = 1;
-
- for (secret_idx = 0; (secret_idx < secret_size_a)
- && (ecdh_checks == 1); secret_idx++) {
- if (secret_a[secret_idx] != secret_b[secret_idx])
- ecdh_checks = 0;
- }
-
- if (ecdh_checks == 0) {
- BIO_printf(bio_err, "ECDH computations don't match.\n");
- ERR_print_errors(bio_err);
- rsa_count = 1;
- }
-
- pkey_print_message("", "ecdh",
- ecdh_c[j][0],
- test_curves_bits[j], ECDH_SECONDS);
- Time_F(START);
- for (count = 0, run = 1; COND(ecdh_c[j][0]); count++) {
- ECDH_compute_key(secret_a, outlen,
- EC_KEY_get0_public_key(ecdh_b[j]),
- ecdh_a[j], kdf);
- }
- d = Time_F(STOP);
- BIO_printf(bio_err,
- mr ? "+R7:%ld:%d:%.2f\n" :
- "%ld %d-bit ECDH ops in %.2fs\n", count,
- test_curves_bits[j], d);
- ecdh_results[j][0] = d / (double)count;
- rsa_count = count;
- }
- }
-
- if (rsa_count <= 1) {
- /* if longer than 10s, don't do any more */
- for (j++; j < EC_NUM; j++)
- ecdh_doit[j] = 0;
- }
- }
- if (rnd_fake)
- RAND_cleanup();
-# endif
-# ifndef NO_FORK
- show_res:
-# endif
- if (!mr) {
- fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION));
- fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON));
- printf("options:");
- printf("%s ", BN_options());
-# ifndef OPENSSL_NO_MD2
- printf("%s ", MD2_options());
-# endif
-# ifndef OPENSSL_NO_RC4
- printf("%s ", RC4_options());
-# endif
-# ifndef OPENSSL_NO_DES
- printf("%s ", DES_options());
-# endif
-# ifndef OPENSSL_NO_AES
- printf("%s ", AES_options());
-# endif
-# ifndef OPENSSL_NO_IDEA
- printf("%s ", idea_options());
-# endif
-# ifndef OPENSSL_NO_BF
- printf("%s ", BF_options());
-# endif
- fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS));
- }
-
- if (pr_header) {
- if (mr)
- fprintf(stdout, "+H");
- else {
- fprintf(stdout,
- "The 'numbers' are in 1000s of bytes per second processed.\n");
- fprintf(stdout, "type ");
- }
- for (j = 0; j < SIZE_NUM; j++)
- fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]);
- fprintf(stdout, "\n");
- }
-
- for (k = 0; k < ALGOR_NUM; k++) {
- if (!doit[k])
- continue;
- if (mr)
- fprintf(stdout, "+F:%d:%s", k, names[k]);
- else
- fprintf(stdout, "%-13s", names[k]);
- for (j = 0; j < SIZE_NUM; j++) {
- if (results[k][j] > 10000 && !mr)
- fprintf(stdout, " %11.2fk", results[k][j] / 1e3);
- else
- fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]);
- }
- fprintf(stdout, "\n");
- }
-# ifndef OPENSSL_NO_RSA
- j = 1;
- for (k = 0; k < RSA_NUM; k++) {
- if (!rsa_doit[k])
- continue;
- if (j && !mr) {
- printf("%18ssign verify sign/s verify/s\n", " ");
- j = 0;
- }
- if (mr)
- fprintf(stdout, "+F2:%u:%u:%f:%f\n",
- k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
- else
- fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
- rsa_bits[k], rsa_results[k][0], rsa_results[k][1],
- 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]);
- }
-# endif
-# ifndef OPENSSL_NO_DSA
- j = 1;
- for (k = 0; k < DSA_NUM; k++) {
- if (!dsa_doit[k])
- continue;
- if (j && !mr) {
- printf("%18ssign verify sign/s verify/s\n", " ");
- j = 0;
- }
- if (mr)
- fprintf(stdout, "+F3:%u:%u:%f:%f\n",
- k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
- else
- fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
- dsa_bits[k], dsa_results[k][0], dsa_results[k][1],
- 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]);
- }
-# endif
-# ifndef OPENSSL_NO_ECDSA
- j = 1;
- for (k = 0; k < EC_NUM; k++) {
- if (!ecdsa_doit[k])
- continue;
- if (j && !mr) {
- printf("%30ssign verify sign/s verify/s\n", " ");
- j = 0;
- }
-
- if (mr)
- fprintf(stdout, "+F4:%u:%u:%f:%f\n",
- k, test_curves_bits[k],
- ecdsa_results[k][0], ecdsa_results[k][1]);
- else
- fprintf(stdout,
- "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
- test_curves_bits[k],
- test_curves_names[k],
- ecdsa_results[k][0], ecdsa_results[k][1],
- 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]);
- }
-# endif
-
-# ifndef OPENSSL_NO_ECDH
- j = 1;
- for (k = 0; k < EC_NUM; k++) {
- if (!ecdh_doit[k])
- continue;
- if (j && !mr) {
- printf("%30sop op/s\n", " ");
- j = 0;
- }
- if (mr)
- fprintf(stdout, "+F5:%u:%u:%f:%f\n",
- k, test_curves_bits[k],
- ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
-
- else
- fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n",
- test_curves_bits[k],
- test_curves_names[k],
- ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
- }
-# endif
-
- mret = 0;
-
- end:
- ERR_print_errors(bio_err);
- if (buf != NULL)
- OPENSSL_free(buf);
- if (buf2 != NULL)
- OPENSSL_free(buf2);
-# ifndef OPENSSL_NO_RSA
- for (i = 0; i < RSA_NUM; i++)
- if (rsa_key[i] != NULL)
- RSA_free(rsa_key[i]);
-# endif
-# ifndef OPENSSL_NO_DSA
- for (i = 0; i < DSA_NUM; i++)
- if (dsa_key[i] != NULL)
- DSA_free(dsa_key[i]);
-# endif
-
-# ifndef OPENSSL_NO_ECDSA
- for (i = 0; i < EC_NUM; i++)
- if (ecdsa[i] != NULL)
- EC_KEY_free(ecdsa[i]);
-# endif
-# ifndef OPENSSL_NO_ECDH
- for (i = 0; i < EC_NUM; i++) {
- if (ecdh_a[i] != NULL)
- EC_KEY_free(ecdh_a[i]);
- if (ecdh_b[i] != NULL)
- EC_KEY_free(ecdh_b[i]);
- }
-# endif
-
- apps_shutdown();
- OPENSSL_EXIT(mret);
-}
-
-static void print_message(const char *s, long num, int length)
-{
-# ifdef SIGALRM
- BIO_printf(bio_err,
- mr ? "+DT:%s:%d:%d\n"
- : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length);
- (void)BIO_flush(bio_err);
- alarm(SECONDS);
-# else
- BIO_printf(bio_err,
- mr ? "+DN:%s:%ld:%d\n"
- : "Doing %s %ld times on %d size blocks: ", s, num, length);
- (void)BIO_flush(bio_err);
-# endif
-# ifdef LINT
- num = num;
-# endif
-}
-
-static void pkey_print_message(const char *str, const char *str2, long num,
- int bits, int tm)
-{
-# ifdef SIGALRM
- BIO_printf(bio_err,
- mr ? "+DTP:%d:%s:%s:%d\n"
- : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm);
- (void)BIO_flush(bio_err);
- alarm(tm);
-# else
- BIO_printf(bio_err,
- mr ? "+DNP:%ld:%d:%s:%s\n"
- : "Doing %ld %d bit %s %s's: ", num, bits, str, str2);
- (void)BIO_flush(bio_err);
-# endif
-# ifdef LINT
- num = num;
-# endif
-}
-
-static void print_result(int alg, int run_no, int count, double time_used)
-{
- BIO_printf(bio_err,
- mr ? "+R:%d:%s:%f\n"
- : "%d %s's in %.2fs\n", count, names[alg], time_used);
- results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
-}
-
-# ifndef NO_FORK
-static char *sstrsep(char **string, const char *delim)
-{
- char isdelim[256];
- char *token = *string;
-
- if (**string == 0)
- return NULL;
-
- memset(isdelim, 0, sizeof isdelim);
- isdelim[0] = 1;
-
- while (*delim) {
- isdelim[(unsigned char)(*delim)] = 1;
- delim++;
- }
-
- while (!isdelim[(unsigned char)(**string)]) {
- (*string)++;
- }
-
- if (**string) {
- **string = 0;
- (*string)++;
- }
-
- return token;
-}
-
-static int do_multi(int multi)
-{
- int n;
- int fd[2];
- int *fds;
- static char sep[] = ":";
-
- fds = malloc(multi * sizeof *fds);
- for (n = 0; n < multi; ++n) {
- if (pipe(fd) == -1) {
- fprintf(stderr, "pipe failure\n");
- exit(1);
- }
- fflush(stdout);
- fflush(stderr);
- if (fork()) {
- close(fd[1]);
- fds[n] = fd[0];
- } else {
- close(fd[0]);
- close(1);
- if (dup(fd[1]) == -1) {
- fprintf(stderr, "dup failed\n");
- exit(1);
- }
- close(fd[1]);
- mr = 1;
- usertime = 0;
- free(fds);
- return 0;
- }
- printf("Forked child %d\n", n);
- }
-
- /* for now, assume the pipe is long enough to take all the output */
- for (n = 0; n < multi; ++n) {
- FILE *f;
- char buf[1024];
- char *p;
-
- f = fdopen(fds[n], "r");
- while (fgets(buf, sizeof buf, f)) {
- p = strchr(buf, '\n');
- if (p)
- *p = '\0';
- if (buf[0] != '+') {
- fprintf(stderr, "Don't understand line '%s' from child %d\n",
- buf, n);
- continue;
- }
- printf("Got: %s from %d\n", buf, n);
- if (!strncmp(buf, "+F:", 3)) {
- int alg;
- int j;
-
- p = buf + 3;
- alg = atoi(sstrsep(&p, sep));
- sstrsep(&p, sep);
- for (j = 0; j < SIZE_NUM; ++j)
- results[alg][j] += atof(sstrsep(&p, sep));
- } else if (!strncmp(buf, "+F2:", 4)) {
- int k;
- double d;
-
- p = buf + 4;
- k = atoi(sstrsep(&p, sep));
- sstrsep(&p, sep);
-
- d = atof(sstrsep(&p, sep));
- if (n)
- rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
- else
- rsa_results[k][0] = d;
-
- d = atof(sstrsep(&p, sep));
- if (n)
- rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
- else
- rsa_results[k][1] = d;
- }
-# ifndef OPENSSL_NO_DSA
- else if (!strncmp(buf, "+F3:", 4)) {
- int k;
- double d;
-
- p = buf + 4;
- k = atoi(sstrsep(&p, sep));
- sstrsep(&p, sep);
-
- d = atof(sstrsep(&p, sep));
- if (n)
- dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d);
- else
- dsa_results[k][0] = d;
-
- d = atof(sstrsep(&p, sep));
- if (n)
- dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d);
- else
- dsa_results[k][1] = d;
- }
-# endif
-# ifndef OPENSSL_NO_ECDSA
- else if (!strncmp(buf, "+F4:", 4)) {
- int k;
- double d;
-
- p = buf + 4;
- k = atoi(sstrsep(&p, sep));
- sstrsep(&p, sep);
-
- d = atof(sstrsep(&p, sep));
- if (n)
- ecdsa_results[k][0] =
- 1 / (1 / ecdsa_results[k][0] + 1 / d);
- else
- ecdsa_results[k][0] = d;
-
- d = atof(sstrsep(&p, sep));
- if (n)
- ecdsa_results[k][1] =
- 1 / (1 / ecdsa_results[k][1] + 1 / d);
- else
- ecdsa_results[k][1] = d;
- }
-# endif
-
-# ifndef OPENSSL_NO_ECDH
- else if (!strncmp(buf, "+F5:", 4)) {
- int k;
- double d;
-
- p = buf + 4;
- k = atoi(sstrsep(&p, sep));
- sstrsep(&p, sep);
-
- d = atof(sstrsep(&p, sep));
- if (n)
- ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d);
- else
- ecdh_results[k][0] = d;
-
- }
-# endif
-
- else if (!strncmp(buf, "+H:", 3)) {
- } else
- fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n);
- }
-
- fclose(f);
- }
- free(fds);
- return 1;
-}
-# endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/apps/speed.c (from rev 11605, vendor-crypto/openssl/dist/apps/speed.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/speed.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/speed.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2745 @@
+/* apps/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The ECDH and ECDSA speed test software is originally written by
+ * Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#ifndef OPENSSL_NO_SPEED
+
+# undef SECONDS
+# define SECONDS 3
+# define RSA_SECONDS 10
+# define DSA_SECONDS 10
+# define ECDSA_SECONDS 10
+# define ECDH_SECONDS 10
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+# undef PROG
+# define PROG speed_main
+
+# include <stdio.h>
+# include <stdlib.h>
+
+# include <string.h>
+# include <math.h>
+# include "apps.h"
+# ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+# endif
+# include <openssl/crypto.h>
+# include <openssl/rand.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# if !defined(OPENSSL_SYS_MSDOS)
+# include OPENSSL_UNISTD
+# endif
+
+# ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+# endif
+
+# if defined(_WIN32) || defined(__CYGWIN__)
+# include <windows.h>
+# if defined(__CYGWIN__) && !defined(_WIN32)
+ /*
+ * <windows.h> should define _WIN32, which normally is mutually exclusive
+ * with __CYGWIN__, but if it didn't...
+ */
+# define _WIN32
+ /* this is done because Cygwin alarm() fails sometimes. */
+# endif
+# endif
+
+# include <openssl/bn.h>
+# ifndef OPENSSL_NO_DES
+# include <openssl/des.h>
+# endif
+# ifndef OPENSSL_NO_AES
+# include <openssl/aes.h>
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+# include <openssl/camellia.h>
+# endif
+# ifndef OPENSSL_NO_MD2
+# include <openssl/md2.h>
+# endif
+# ifndef OPENSSL_NO_MDC2
+# include <openssl/mdc2.h>
+# endif
+# ifndef OPENSSL_NO_MD4
+# include <openssl/md4.h>
+# endif
+# ifndef OPENSSL_NO_MD5
+# include <openssl/md5.h>
+# endif
+# ifndef OPENSSL_NO_HMAC
+# include <openssl/hmac.h>
+# endif
+# include <openssl/evp.h>
+# ifndef OPENSSL_NO_SHA
+# include <openssl/sha.h>
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+# include <openssl/ripemd.h>
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+# include <openssl/whrlpool.h>
+# endif
+# ifndef OPENSSL_NO_RC4
+# include <openssl/rc4.h>
+# endif
+# ifndef OPENSSL_NO_RC5
+# include <openssl/rc5.h>
+# endif
+# ifndef OPENSSL_NO_RC2
+# include <openssl/rc2.h>
+# endif
+# ifndef OPENSSL_NO_IDEA
+# include <openssl/idea.h>
+# endif
+# ifndef OPENSSL_NO_SEED
+# include <openssl/seed.h>
+# endif
+# ifndef OPENSSL_NO_BF
+# include <openssl/blowfish.h>
+# endif
+# ifndef OPENSSL_NO_CAST
+# include <openssl/cast.h>
+# endif
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# include "./testrsa.h"
+# endif
+# include <openssl/x509.h>
+# ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+# include "./testdsa.h"
+# endif
+# ifndef OPENSSL_NO_ECDSA
+# include <openssl/ecdsa.h>
+# endif
+# ifndef OPENSSL_NO_ECDH
+# include <openssl/ecdh.h>
+# endif
+# include <openssl/modes.h>
+
+# ifdef OPENSSL_FIPS
+# ifdef OPENSSL_DOING_MAKEDEPEND
+# undef AES_set_encrypt_key
+# undef AES_set_decrypt_key
+# undef DES_set_key_unchecked
+# endif
+# define BF_set_key private_BF_set_key
+# define CAST_set_key private_CAST_set_key
+# define idea_set_encrypt_key private_idea_set_encrypt_key
+# define SEED_set_key private_SEED_set_key
+# define RC2_set_key private_RC2_set_key
+# define RC4_set_key private_RC4_set_key
+# define DES_set_key_unchecked private_DES_set_key_unchecked
+# define AES_set_encrypt_key private_AES_set_encrypt_key
+# define AES_set_decrypt_key private_AES_set_decrypt_key
+# define Camellia_set_key private_Camellia_set_key
+# endif
+
+# ifndef HAVE_FORK
+# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
+# define HAVE_FORK 0
+# else
+# define HAVE_FORK 1
+# endif
+# endif
+
+# if HAVE_FORK
+# undef NO_FORK
+# else
+# define NO_FORK
+# endif
+
+# undef BUFSIZE
+# define BUFSIZE ((long)1024*8+1)
+static volatile int run = 0;
+
+static int mr = 0;
+static int usertime = 1;
+
+static double Time_F(int s);
+static void print_message(const char *s, long num, int length);
+static void pkey_print_message(const char *str, const char *str2,
+ long num, int bits, int sec);
+static void print_result(int alg, int run_no, int count, double time_used);
+# ifndef NO_FORK
+static int do_multi(int multi);
+# endif
+
+# define ALGOR_NUM 30
+# define SIZE_NUM 5
+# define RSA_NUM 4
+# define DSA_NUM 3
+
+# define EC_NUM 16
+# define MAX_ECDH_SIZE 256
+
+static const char *names[ALGOR_NUM] = {
+ "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
+ "des cbc", "des ede3", "idea cbc", "seed cbc",
+ "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
+ "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
+ "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
+ "evp", "sha256", "sha512", "whirlpool",
+ "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
+};
+
+static double results[ALGOR_NUM][SIZE_NUM];
+static int lengths[SIZE_NUM] = { 16, 64, 256, 1024, 8 * 1024 };
+
+# ifndef OPENSSL_NO_RSA
+static double rsa_results[RSA_NUM][2];
+# endif
+# ifndef OPENSSL_NO_DSA
+static double dsa_results[DSA_NUM][2];
+# endif
+# ifndef OPENSSL_NO_ECDSA
+static double ecdsa_results[EC_NUM][2];
+# endif
+# ifndef OPENSSL_NO_ECDH
+static double ecdh_results[EC_NUM][1];
+# endif
+
+# if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH))
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+static int rnd_fake = 0;
+# endif
+
+# ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+# define SIGRETTYPE void
+# else
+# define SIGRETTYPE int
+# endif
+
+static SIGRETTYPE sig_done(int sig);
+static SIGRETTYPE sig_done(int sig)
+{
+ signal(SIGALRM, sig_done);
+ run = 0;
+# ifdef LINT
+ sig = sig;
+# endif
+}
+# endif
+
+# define START 0
+# define STOP 1
+
+# if defined(_WIN32)
+
+# if !defined(SIGALRM)
+# define SIGALRM
+# endif
+static unsigned int lapse, schlock;
+static void alarm_win32(unsigned int secs)
+{
+ lapse = secs * 1000;
+}
+
+# define alarm alarm_win32
+
+static DWORD WINAPI sleepy(VOID * arg)
+{
+ schlock = 1;
+ Sleep(lapse);
+ run = 0;
+ return 0;
+}
+
+static double Time_F(int s)
+{
+ if (s == START) {
+ HANDLE thr;
+ schlock = 0;
+ thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
+ if (thr == NULL) {
+ DWORD ret = GetLastError();
+ BIO_printf(bio_err, "unable to CreateThread (%d)", ret);
+ ExitProcess(ret);
+ }
+ CloseHandle(thr); /* detach the thread */
+ while (!schlock)
+ Sleep(0); /* scheduler spinlock */
+ }
+
+ return app_tminterval(s, usertime);
+}
+# else
+
+static double Time_F(int s)
+{
+ return app_tminterval(s, usertime);
+}
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+static const int KDF1_SHA1_len = 20;
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
+ size_t *outlen)
+{
+# ifndef OPENSSL_NO_SHA
+ if (*outlen < SHA_DIGEST_LENGTH)
+ return NULL;
+ else
+ *outlen = SHA_DIGEST_LENGTH;
+ return SHA1(in, inlen, out);
+# else
+ return NULL;
+# endif /* OPENSSL_NO_SHA */
+}
+# endif /* OPENSSL_NO_ECDH */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ unsigned char *buf = NULL, *buf2 = NULL;
+ int mret = 1;
+ long count = 0, save_count = 0;
+ int i, j, k;
+# if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
+ long rsa_count;
+# endif
+# ifndef OPENSSL_NO_RSA
+ unsigned rsa_num;
+# endif
+ unsigned char md[EVP_MAX_MD_SIZE];
+# ifndef OPENSSL_NO_MD2
+ unsigned char md2[MD2_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_MDC2
+ unsigned char mdc2[MDC2_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_MD4
+ unsigned char md4[MD4_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_MD5
+ unsigned char md5[MD5_DIGEST_LENGTH];
+ unsigned char hmac[MD5_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_SHA
+ unsigned char sha[SHA_DIGEST_LENGTH];
+# ifndef OPENSSL_NO_SHA256
+ unsigned char sha256[SHA256_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_SHA512
+ unsigned char sha512[SHA512_DIGEST_LENGTH];
+# endif
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+ unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_RC4
+ RC4_KEY rc4_ks;
+# endif
+# ifndef OPENSSL_NO_RC5
+ RC5_32_KEY rc5_ks;
+# endif
+# ifndef OPENSSL_NO_RC2
+ RC2_KEY rc2_ks;
+# endif
+# ifndef OPENSSL_NO_IDEA
+ IDEA_KEY_SCHEDULE idea_ks;
+# endif
+# ifndef OPENSSL_NO_SEED
+ SEED_KEY_SCHEDULE seed_ks;
+# endif
+# ifndef OPENSSL_NO_BF
+ BF_KEY bf_ks;
+# endif
+# ifndef OPENSSL_NO_CAST
+ CAST_KEY cast_ks;
+# endif
+ static const unsigned char key16[16] = {
+ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+ 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
+ };
+# ifndef OPENSSL_NO_AES
+ static const unsigned char key24[24] = {
+ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+ 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+ 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
+ };
+ static const unsigned char key32[32] = {
+ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+ 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+ 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
+ 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
+ };
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ static const unsigned char ckey24[24] = {
+ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+ 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+ 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
+ };
+ static const unsigned char ckey32[32] = {
+ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+ 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+ 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
+ 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
+ };
+# endif
+# ifndef OPENSSL_NO_AES
+# define MAX_BLOCK_SIZE 128
+# else
+# define MAX_BLOCK_SIZE 64
+# endif
+ unsigned char DES_iv[8];
+ unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
+# ifndef OPENSSL_NO_DES
+ static DES_cblock key =
+ { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
+ static DES_cblock key2 =
+ { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
+ static DES_cblock key3 =
+ { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
+ DES_key_schedule sch;
+ DES_key_schedule sch2;
+ DES_key_schedule sch3;
+# endif
+# ifndef OPENSSL_NO_AES
+ AES_KEY aes_ks1, aes_ks2, aes_ks3;
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
+# endif
+# define D_MD2 0
+# define D_MDC2 1
+# define D_MD4 2
+# define D_MD5 3
+# define D_HMAC 4
+# define D_SHA1 5
+# define D_RMD160 6
+# define D_RC4 7
+# define D_CBC_DES 8
+# define D_EDE3_DES 9
+# define D_CBC_IDEA 10
+# define D_CBC_SEED 11
+# define D_CBC_RC2 12
+# define D_CBC_RC5 13
+# define D_CBC_BF 14
+# define D_CBC_CAST 15
+# define D_CBC_128_AES 16
+# define D_CBC_192_AES 17
+# define D_CBC_256_AES 18
+# define D_CBC_128_CML 19
+# define D_CBC_192_CML 20
+# define D_CBC_256_CML 21
+# define D_EVP 22
+# define D_SHA256 23
+# define D_SHA512 24
+# define D_WHIRLPOOL 25
+# define D_IGE_128_AES 26
+# define D_IGE_192_AES 27
+# define D_IGE_256_AES 28
+# define D_GHASH 29
+ double d = 0.0;
+ long c[ALGOR_NUM][SIZE_NUM];
+# define R_DSA_512 0
+# define R_DSA_1024 1
+# define R_DSA_2048 2
+# define R_RSA_512 0
+# define R_RSA_1024 1
+# define R_RSA_2048 2
+# define R_RSA_4096 3
+
+# define R_EC_P160 0
+# define R_EC_P192 1
+# define R_EC_P224 2
+# define R_EC_P256 3
+# define R_EC_P384 4
+# define R_EC_P521 5
+# define R_EC_K163 6
+# define R_EC_K233 7
+# define R_EC_K283 8
+# define R_EC_K409 9
+# define R_EC_K571 10
+# define R_EC_B163 11
+# define R_EC_B233 12
+# define R_EC_B283 13
+# define R_EC_B409 14
+# define R_EC_B571 15
+
+# ifndef OPENSSL_NO_RSA
+ RSA *rsa_key[RSA_NUM];
+ long rsa_c[RSA_NUM][2];
+ static unsigned int rsa_bits[RSA_NUM] = {
+ 512, 1024, 2048, 4096
+ };
+ static unsigned char *rsa_data[RSA_NUM] = {
+ test512, test1024, test2048, test4096
+ };
+ static int rsa_data_length[RSA_NUM] = {
+ sizeof(test512), sizeof(test1024),
+ sizeof(test2048), sizeof(test4096)
+ };
+# endif
+# ifndef OPENSSL_NO_DSA
+ DSA *dsa_key[DSA_NUM];
+ long dsa_c[DSA_NUM][2];
+ static unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
+# endif
+# ifndef OPENSSL_NO_EC
+ /*
+ * We only test over the following curves as they are representative, To
+ * add tests over more curves, simply add the curve NID and curve name to
+ * the following arrays and increase the EC_NUM value accordingly.
+ */
+ static unsigned int test_curves[EC_NUM] = {
+ /* Prime Curves */
+ NID_secp160r1,
+ NID_X9_62_prime192v1,
+ NID_secp224r1,
+ NID_X9_62_prime256v1,
+ NID_secp384r1,
+ NID_secp521r1,
+ /* Binary Curves */
+ NID_sect163k1,
+ NID_sect233k1,
+ NID_sect283k1,
+ NID_sect409k1,
+ NID_sect571k1,
+ NID_sect163r2,
+ NID_sect233r1,
+ NID_sect283r1,
+ NID_sect409r1,
+ NID_sect571r1
+ };
+ static const char *test_curves_names[EC_NUM] = {
+ /* Prime Curves */
+ "secp160r1",
+ "nistp192",
+ "nistp224",
+ "nistp256",
+ "nistp384",
+ "nistp521",
+ /* Binary Curves */
+ "nistk163",
+ "nistk233",
+ "nistk283",
+ "nistk409",
+ "nistk571",
+ "nistb163",
+ "nistb233",
+ "nistb283",
+ "nistb409",
+ "nistb571"
+ };
+ static int test_curves_bits[EC_NUM] = {
+ 160, 192, 224, 256, 384, 521,
+ 163, 233, 283, 409, 571,
+ 163, 233, 283, 409, 571
+ };
+
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+ unsigned char ecdsasig[256];
+ unsigned int ecdsasiglen;
+ EC_KEY *ecdsa[EC_NUM];
+ long ecdsa_c[EC_NUM][2];
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
+ unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
+ int secret_size_a, secret_size_b;
+ int ecdh_checks = 0;
+ int secret_idx = 0;
+ long ecdh_c[EC_NUM][2];
+# endif
+
+ int rsa_doit[RSA_NUM];
+ int dsa_doit[DSA_NUM];
+# ifndef OPENSSL_NO_ECDSA
+ int ecdsa_doit[EC_NUM];
+# endif
+# ifndef OPENSSL_NO_ECDH
+ int ecdh_doit[EC_NUM];
+# endif
+ int doit[ALGOR_NUM];
+ int pr_header = 0;
+ const EVP_CIPHER *evp_cipher = NULL;
+ const EVP_MD *evp_md = NULL;
+ int decrypt = 0;
+# ifndef NO_FORK
+ int multi = 0;
+# endif
+
+# ifndef TIMES
+ usertime = -1;
+# endif
+
+ apps_startup();
+ memset(results, 0, sizeof(results));
+# ifndef OPENSSL_NO_DSA
+ memset(dsa_key, 0, sizeof(dsa_key));
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ for (i = 0; i < EC_NUM; i++)
+ ecdsa[i] = NULL;
+# endif
+# ifndef OPENSSL_NO_ECDH
+ for (i = 0; i < EC_NUM; i++) {
+ ecdh_a[i] = NULL;
+ ecdh_b[i] = NULL;
+ }
+# endif
+
+ if (bio_err == NULL)
+ if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+# ifndef OPENSSL_NO_RSA
+ memset(rsa_key, 0, sizeof(rsa_key));
+ for (i = 0; i < RSA_NUM; i++)
+ rsa_key[i] = NULL;
+# endif
+
+ if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
+ BIO_printf(bio_err, "out of memory\n");
+ goto end;
+ }
+ if ((buf2 = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
+ BIO_printf(bio_err, "out of memory\n");
+ goto end;
+ }
+
+ memset(c, 0, sizeof(c));
+ memset(DES_iv, 0, sizeof(DES_iv));
+ memset(iv, 0, sizeof(iv));
+
+ for (i = 0; i < ALGOR_NUM; i++)
+ doit[i] = 0;
+ for (i = 0; i < RSA_NUM; i++)
+ rsa_doit[i] = 0;
+ for (i = 0; i < DSA_NUM; i++)
+ dsa_doit[i] = 0;
+# ifndef OPENSSL_NO_ECDSA
+ for (i = 0; i < EC_NUM; i++)
+ ecdsa_doit[i] = 0;
+# endif
+# ifndef OPENSSL_NO_ECDH
+ for (i = 0; i < EC_NUM; i++)
+ ecdh_doit[i] = 0;
+# endif
+
+ j = 0;
+ argc--;
+ argv++;
+ while (argc) {
+ if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) {
+ usertime = 0;
+ j--; /* Otherwise, -elapsed gets confused with an
+ * algorithm. */
+ } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ BIO_printf(bio_err, "no EVP given\n");
+ goto end;
+ }
+ evp_cipher = EVP_get_cipherbyname(*argv);
+ if (!evp_cipher) {
+ evp_md = EVP_get_digestbyname(*argv);
+ }
+ if (!evp_cipher && !evp_md) {
+ BIO_printf(bio_err, "%s is an unknown cipher or digest\n",
+ *argv);
+ goto end;
+ }
+ doit[D_EVP] = 1;
+ } else if (argc > 0 && !strcmp(*argv, "-decrypt")) {
+ decrypt = 1;
+ j--; /* Otherwise, -elapsed gets confused with an
+ * algorithm. */
+ }
+# ifndef OPENSSL_NO_ENGINE
+ else if ((argc > 0) && (strcmp(*argv, "-engine") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ BIO_printf(bio_err, "no engine given\n");
+ goto end;
+ }
+ setup_engine(bio_err, *argv, 0);
+ /*
+ * j will be increased again further down. We just don't want
+ * speed to confuse an engine with an algorithm, especially when
+ * none is given (which means all of them should be run)
+ */
+ j--;
+ }
+# endif
+# ifndef NO_FORK
+ else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ BIO_printf(bio_err, "no multi count given\n");
+ goto end;
+ }
+ multi = atoi(argv[0]);
+ if (multi <= 0) {
+ BIO_printf(bio_err, "bad multi count\n");
+ goto end;
+ }
+ j--; /* Otherwise, -mr gets confused with an
+ * algorithm. */
+ }
+# endif
+ else if (argc > 0 && !strcmp(*argv, "-mr")) {
+ mr = 1;
+ j--; /* Otherwise, -mr gets confused with an
+ * algorithm. */
+ } else
+# ifndef OPENSSL_NO_MD2
+ if (strcmp(*argv, "md2") == 0)
+ doit[D_MD2] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_MDC2
+ if (strcmp(*argv, "mdc2") == 0)
+ doit[D_MDC2] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_MD4
+ if (strcmp(*argv, "md4") == 0)
+ doit[D_MD4] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_MD5
+ if (strcmp(*argv, "md5") == 0)
+ doit[D_MD5] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_MD5
+ if (strcmp(*argv, "hmac") == 0)
+ doit[D_HMAC] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_SHA
+ if (strcmp(*argv, "sha1") == 0)
+ doit[D_SHA1] = 1;
+ else if (strcmp(*argv, "sha") == 0)
+ doit[D_SHA1] = 1, doit[D_SHA256] = 1, doit[D_SHA512] = 1;
+ else
+# ifndef OPENSSL_NO_SHA256
+ if (strcmp(*argv, "sha256") == 0)
+ doit[D_SHA256] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_SHA512
+ if (strcmp(*argv, "sha512") == 0)
+ doit[D_SHA512] = 1;
+ else
+# endif
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ if (strcmp(*argv, "whirlpool") == 0)
+ doit[D_WHIRLPOOL] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+ if (strcmp(*argv, "ripemd") == 0)
+ doit[D_RMD160] = 1;
+ else if (strcmp(*argv, "rmd160") == 0)
+ doit[D_RMD160] = 1;
+ else if (strcmp(*argv, "ripemd160") == 0)
+ doit[D_RMD160] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_RC4
+ if (strcmp(*argv, "rc4") == 0)
+ doit[D_RC4] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_DES
+ if (strcmp(*argv, "des-cbc") == 0)
+ doit[D_CBC_DES] = 1;
+ else if (strcmp(*argv, "des-ede3") == 0)
+ doit[D_EDE3_DES] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_AES
+ if (strcmp(*argv, "aes-128-cbc") == 0)
+ doit[D_CBC_128_AES] = 1;
+ else if (strcmp(*argv, "aes-192-cbc") == 0)
+ doit[D_CBC_192_AES] = 1;
+ else if (strcmp(*argv, "aes-256-cbc") == 0)
+ doit[D_CBC_256_AES] = 1;
+ else if (strcmp(*argv, "aes-128-ige") == 0)
+ doit[D_IGE_128_AES] = 1;
+ else if (strcmp(*argv, "aes-192-ige") == 0)
+ doit[D_IGE_192_AES] = 1;
+ else if (strcmp(*argv, "aes-256-ige") == 0)
+ doit[D_IGE_256_AES] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ if (strcmp(*argv, "camellia-128-cbc") == 0)
+ doit[D_CBC_128_CML] = 1;
+ else if (strcmp(*argv, "camellia-192-cbc") == 0)
+ doit[D_CBC_192_CML] = 1;
+ else if (strcmp(*argv, "camellia-256-cbc") == 0)
+ doit[D_CBC_256_CML] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_RSA
+# if 0 /* was: #ifdef RSAref */
+ if (strcmp(*argv, "rsaref") == 0) {
+ RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
+ j--;
+ } else
+# endif
+# ifndef RSA_NULL
+ if (strcmp(*argv, "openssl") == 0) {
+ RSA_set_default_method(RSA_PKCS1_SSLeay());
+ j--;
+ } else
+# endif
+# endif /* !OPENSSL_NO_RSA */
+ if (strcmp(*argv, "dsa512") == 0)
+ dsa_doit[R_DSA_512] = 2;
+ else if (strcmp(*argv, "dsa1024") == 0)
+ dsa_doit[R_DSA_1024] = 2;
+ else if (strcmp(*argv, "dsa2048") == 0)
+ dsa_doit[R_DSA_2048] = 2;
+ else if (strcmp(*argv, "rsa512") == 0)
+ rsa_doit[R_RSA_512] = 2;
+ else if (strcmp(*argv, "rsa1024") == 0)
+ rsa_doit[R_RSA_1024] = 2;
+ else if (strcmp(*argv, "rsa2048") == 0)
+ rsa_doit[R_RSA_2048] = 2;
+ else if (strcmp(*argv, "rsa4096") == 0)
+ rsa_doit[R_RSA_4096] = 2;
+ else
+# ifndef OPENSSL_NO_RC2
+ if (strcmp(*argv, "rc2-cbc") == 0)
+ doit[D_CBC_RC2] = 1;
+ else if (strcmp(*argv, "rc2") == 0)
+ doit[D_CBC_RC2] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_RC5
+ if (strcmp(*argv, "rc5-cbc") == 0)
+ doit[D_CBC_RC5] = 1;
+ else if (strcmp(*argv, "rc5") == 0)
+ doit[D_CBC_RC5] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_IDEA
+ if (strcmp(*argv, "idea-cbc") == 0)
+ doit[D_CBC_IDEA] = 1;
+ else if (strcmp(*argv, "idea") == 0)
+ doit[D_CBC_IDEA] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_SEED
+ if (strcmp(*argv, "seed-cbc") == 0)
+ doit[D_CBC_SEED] = 1;
+ else if (strcmp(*argv, "seed") == 0)
+ doit[D_CBC_SEED] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_BF
+ if (strcmp(*argv, "bf-cbc") == 0)
+ doit[D_CBC_BF] = 1;
+ else if (strcmp(*argv, "blowfish") == 0)
+ doit[D_CBC_BF] = 1;
+ else if (strcmp(*argv, "bf") == 0)
+ doit[D_CBC_BF] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_CAST
+ if (strcmp(*argv, "cast-cbc") == 0)
+ doit[D_CBC_CAST] = 1;
+ else if (strcmp(*argv, "cast") == 0)
+ doit[D_CBC_CAST] = 1;
+ else if (strcmp(*argv, "cast5") == 0)
+ doit[D_CBC_CAST] = 1;
+ else
+# endif
+# ifndef OPENSSL_NO_DES
+ if (strcmp(*argv, "des") == 0) {
+ doit[D_CBC_DES] = 1;
+ doit[D_EDE3_DES] = 1;
+ } else
+# endif
+# ifndef OPENSSL_NO_AES
+ if (strcmp(*argv, "aes") == 0) {
+ doit[D_CBC_128_AES] = 1;
+ doit[D_CBC_192_AES] = 1;
+ doit[D_CBC_256_AES] = 1;
+ } else if (strcmp(*argv, "ghash") == 0) {
+ doit[D_GHASH] = 1;
+ } else
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ if (strcmp(*argv, "camellia") == 0) {
+ doit[D_CBC_128_CML] = 1;
+ doit[D_CBC_192_CML] = 1;
+ doit[D_CBC_256_CML] = 1;
+ } else
+# endif
+# ifndef OPENSSL_NO_RSA
+ if (strcmp(*argv, "rsa") == 0) {
+ rsa_doit[R_RSA_512] = 1;
+ rsa_doit[R_RSA_1024] = 1;
+ rsa_doit[R_RSA_2048] = 1;
+ rsa_doit[R_RSA_4096] = 1;
+ } else
+# endif
+# ifndef OPENSSL_NO_DSA
+ if (strcmp(*argv, "dsa") == 0) {
+ dsa_doit[R_DSA_512] = 1;
+ dsa_doit[R_DSA_1024] = 1;
+ dsa_doit[R_DSA_2048] = 1;
+ } else
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ if (strcmp(*argv, "ecdsap160") == 0)
+ ecdsa_doit[R_EC_P160] = 2;
+ else if (strcmp(*argv, "ecdsap192") == 0)
+ ecdsa_doit[R_EC_P192] = 2;
+ else if (strcmp(*argv, "ecdsap224") == 0)
+ ecdsa_doit[R_EC_P224] = 2;
+ else if (strcmp(*argv, "ecdsap256") == 0)
+ ecdsa_doit[R_EC_P256] = 2;
+ else if (strcmp(*argv, "ecdsap384") == 0)
+ ecdsa_doit[R_EC_P384] = 2;
+ else if (strcmp(*argv, "ecdsap521") == 0)
+ ecdsa_doit[R_EC_P521] = 2;
+ else if (strcmp(*argv, "ecdsak163") == 0)
+ ecdsa_doit[R_EC_K163] = 2;
+ else if (strcmp(*argv, "ecdsak233") == 0)
+ ecdsa_doit[R_EC_K233] = 2;
+ else if (strcmp(*argv, "ecdsak283") == 0)
+ ecdsa_doit[R_EC_K283] = 2;
+ else if (strcmp(*argv, "ecdsak409") == 0)
+ ecdsa_doit[R_EC_K409] = 2;
+ else if (strcmp(*argv, "ecdsak571") == 0)
+ ecdsa_doit[R_EC_K571] = 2;
+ else if (strcmp(*argv, "ecdsab163") == 0)
+ ecdsa_doit[R_EC_B163] = 2;
+ else if (strcmp(*argv, "ecdsab233") == 0)
+ ecdsa_doit[R_EC_B233] = 2;
+ else if (strcmp(*argv, "ecdsab283") == 0)
+ ecdsa_doit[R_EC_B283] = 2;
+ else if (strcmp(*argv, "ecdsab409") == 0)
+ ecdsa_doit[R_EC_B409] = 2;
+ else if (strcmp(*argv, "ecdsab571") == 0)
+ ecdsa_doit[R_EC_B571] = 2;
+ else if (strcmp(*argv, "ecdsa") == 0) {
+ for (i = 0; i < EC_NUM; i++)
+ ecdsa_doit[i] = 1;
+ } else
+# endif
+# ifndef OPENSSL_NO_ECDH
+ if (strcmp(*argv, "ecdhp160") == 0)
+ ecdh_doit[R_EC_P160] = 2;
+ else if (strcmp(*argv, "ecdhp192") == 0)
+ ecdh_doit[R_EC_P192] = 2;
+ else if (strcmp(*argv, "ecdhp224") == 0)
+ ecdh_doit[R_EC_P224] = 2;
+ else if (strcmp(*argv, "ecdhp256") == 0)
+ ecdh_doit[R_EC_P256] = 2;
+ else if (strcmp(*argv, "ecdhp384") == 0)
+ ecdh_doit[R_EC_P384] = 2;
+ else if (strcmp(*argv, "ecdhp521") == 0)
+ ecdh_doit[R_EC_P521] = 2;
+ else if (strcmp(*argv, "ecdhk163") == 0)
+ ecdh_doit[R_EC_K163] = 2;
+ else if (strcmp(*argv, "ecdhk233") == 0)
+ ecdh_doit[R_EC_K233] = 2;
+ else if (strcmp(*argv, "ecdhk283") == 0)
+ ecdh_doit[R_EC_K283] = 2;
+ else if (strcmp(*argv, "ecdhk409") == 0)
+ ecdh_doit[R_EC_K409] = 2;
+ else if (strcmp(*argv, "ecdhk571") == 0)
+ ecdh_doit[R_EC_K571] = 2;
+ else if (strcmp(*argv, "ecdhb163") == 0)
+ ecdh_doit[R_EC_B163] = 2;
+ else if (strcmp(*argv, "ecdhb233") == 0)
+ ecdh_doit[R_EC_B233] = 2;
+ else if (strcmp(*argv, "ecdhb283") == 0)
+ ecdh_doit[R_EC_B283] = 2;
+ else if (strcmp(*argv, "ecdhb409") == 0)
+ ecdh_doit[R_EC_B409] = 2;
+ else if (strcmp(*argv, "ecdhb571") == 0)
+ ecdh_doit[R_EC_B571] = 2;
+ else if (strcmp(*argv, "ecdh") == 0) {
+ for (i = 0; i < EC_NUM; i++)
+ ecdh_doit[i] = 1;
+ } else
+# endif
+ {
+ BIO_printf(bio_err, "Error: bad option or value\n");
+ BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err, "Available values:\n");
+# ifndef OPENSSL_NO_MD2
+ BIO_printf(bio_err, "md2 ");
+# endif
+# ifndef OPENSSL_NO_MDC2
+ BIO_printf(bio_err, "mdc2 ");
+# endif
+# ifndef OPENSSL_NO_MD4
+ BIO_printf(bio_err, "md4 ");
+# endif
+# ifndef OPENSSL_NO_MD5
+ BIO_printf(bio_err, "md5 ");
+# ifndef OPENSSL_NO_HMAC
+ BIO_printf(bio_err, "hmac ");
+# endif
+# endif
+# ifndef OPENSSL_NO_SHA1
+ BIO_printf(bio_err, "sha1 ");
+# endif
+# ifndef OPENSSL_NO_SHA256
+ BIO_printf(bio_err, "sha256 ");
+# endif
+# ifndef OPENSSL_NO_SHA512
+ BIO_printf(bio_err, "sha512 ");
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ BIO_printf(bio_err, "whirlpool");
+# endif
+# ifndef OPENSSL_NO_RIPEMD160
+ BIO_printf(bio_err, "rmd160");
+# endif
+# if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
+ !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
+ !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
+ !defined(OPENSSL_NO_WHIRLPOOL)
+ BIO_printf(bio_err, "\n");
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+ BIO_printf(bio_err, "idea-cbc ");
+# endif
+# ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err, "seed-cbc ");
+# endif
+# ifndef OPENSSL_NO_RC2
+ BIO_printf(bio_err, "rc2-cbc ");
+# endif
+# ifndef OPENSSL_NO_RC5
+ BIO_printf(bio_err, "rc5-cbc ");
+# endif
+# ifndef OPENSSL_NO_BF
+ BIO_printf(bio_err, "bf-cbc");
+# endif
+# if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \
+ !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
+ BIO_printf(bio_err, "\n");
+# endif
+# ifndef OPENSSL_NO_DES
+ BIO_printf(bio_err, "des-cbc des-ede3 ");
+# endif
+# ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc ");
+ BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige ");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err,
+ "camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
+# endif
+# ifndef OPENSSL_NO_RC4
+ BIO_printf(bio_err, "rc4");
+# endif
+ BIO_printf(bio_err, "\n");
+
+# ifndef OPENSSL_NO_RSA
+ BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n");
+# endif
+
+# ifndef OPENSSL_NO_DSA
+ BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n");
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 "
+ "ecdsap256 ecdsap384 ecdsap521\n");
+ BIO_printf(bio_err,
+ "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
+ BIO_printf(bio_err,
+ "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
+ BIO_printf(bio_err, "ecdsa\n");
+# endif
+# ifndef OPENSSL_NO_ECDH
+ BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 "
+ "ecdhp256 ecdhp384 ecdhp521\n");
+ BIO_printf(bio_err,
+ "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
+ BIO_printf(bio_err,
+ "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n");
+ BIO_printf(bio_err, "ecdh\n");
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+ BIO_printf(bio_err, "idea ");
+# endif
+# ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err, "seed ");
+# endif
+# ifndef OPENSSL_NO_RC2
+ BIO_printf(bio_err, "rc2 ");
+# endif
+# ifndef OPENSSL_NO_DES
+ BIO_printf(bio_err, "des ");
+# endif
+# ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err, "aes ");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ BIO_printf(bio_err, "camellia ");
+# endif
+# ifndef OPENSSL_NO_RSA
+ BIO_printf(bio_err, "rsa ");
+# endif
+# ifndef OPENSSL_NO_BF
+ BIO_printf(bio_err, "blowfish");
+# endif
+# if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
+ !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
+ !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
+ !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
+ BIO_printf(bio_err, "\n");
+# endif
+
+ BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err, "Available options:\n");
+# if defined(TIMES) || defined(USE_TOD)
+ BIO_printf(bio_err, "-elapsed "
+ "measure time in real time instead of CPU user time.\n");
+# endif
+# ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "-engine e "
+ "use engine e, possibly a hardware device.\n");
+# endif
+ BIO_printf(bio_err, "-evp e " "use EVP e.\n");
+ BIO_printf(bio_err,
+ "-decrypt "
+ "time decryption instead of encryption (only EVP).\n");
+ BIO_printf(bio_err,
+ "-mr "
+ "produce machine readable output.\n");
+# ifndef NO_FORK
+ BIO_printf(bio_err,
+ "-multi n " "run n benchmarks in parallel.\n");
+# endif
+ goto end;
+ }
+ argc--;
+ argv++;
+ j++;
+ }
+
+# ifndef NO_FORK
+ if (multi && do_multi(multi))
+ goto show_res;
+# endif
+
+ if (j == 0) {
+ for (i = 0; i < ALGOR_NUM; i++) {
+ if (i != D_EVP)
+ doit[i] = 1;
+ }
+ for (i = 0; i < RSA_NUM; i++)
+ rsa_doit[i] = 1;
+ for (i = 0; i < DSA_NUM; i++)
+ dsa_doit[i] = 1;
+# ifndef OPENSSL_NO_ECDSA
+ for (i = 0; i < EC_NUM; i++)
+ ecdsa_doit[i] = 1;
+# endif
+# ifndef OPENSSL_NO_ECDH
+ for (i = 0; i < EC_NUM; i++)
+ ecdh_doit[i] = 1;
+# endif
+ }
+ for (i = 0; i < ALGOR_NUM; i++)
+ if (doit[i])
+ pr_header++;
+
+ if (usertime == 0 && !mr)
+ BIO_printf(bio_err,
+ "You have chosen to measure elapsed time "
+ "instead of user CPU time.\n");
+
+# ifndef OPENSSL_NO_RSA
+ for (i = 0; i < RSA_NUM; i++) {
+ const unsigned char *p;
+
+ p = rsa_data[i];
+ rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]);
+ if (rsa_key[i] == NULL) {
+ BIO_printf(bio_err, "internal error loading RSA key number %d\n",
+ i);
+ goto end;
+ }
+# if 0
+ else {
+ BIO_printf(bio_err,
+ mr ? "+RK:%d:"
+ : "Loaded RSA key, %d bit modulus and e= 0x",
+ BN_num_bits(rsa_key[i]->n));
+ BN_print(bio_err, rsa_key[i]->e);
+ BIO_printf(bio_err, "\n");
+ }
+# endif
+ }
+# endif
+
+# ifndef OPENSSL_NO_DSA
+ dsa_key[0] = get_dsa512();
+ dsa_key[1] = get_dsa1024();
+ dsa_key[2] = get_dsa2048();
+# endif
+
+# ifndef OPENSSL_NO_DES
+ DES_set_key_unchecked(&key, &sch);
+ DES_set_key_unchecked(&key2, &sch2);
+ DES_set_key_unchecked(&key3, &sch3);
+# endif
+# ifndef OPENSSL_NO_AES
+ AES_set_encrypt_key(key16, 128, &aes_ks1);
+ AES_set_encrypt_key(key24, 192, &aes_ks2);
+ AES_set_encrypt_key(key32, 256, &aes_ks3);
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ Camellia_set_key(key16, 128, &camellia_ks1);
+ Camellia_set_key(ckey24, 192, &camellia_ks2);
+ Camellia_set_key(ckey32, 256, &camellia_ks3);
+# endif
+# ifndef OPENSSL_NO_IDEA
+ idea_set_encrypt_key(key16, &idea_ks);
+# endif
+# ifndef OPENSSL_NO_SEED
+ SEED_set_key(key16, &seed_ks);
+# endif
+# ifndef OPENSSL_NO_RC4
+ RC4_set_key(&rc4_ks, 16, key16);
+# endif
+# ifndef OPENSSL_NO_RC2
+ RC2_set_key(&rc2_ks, 16, key16, 128);
+# endif
+# ifndef OPENSSL_NO_RC5
+ RC5_32_set_key(&rc5_ks, 16, key16, 12);
+# endif
+# ifndef OPENSSL_NO_BF
+ BF_set_key(&bf_ks, 16, key16);
+# endif
+# ifndef OPENSSL_NO_CAST
+ CAST_set_key(&cast_ks, 16, key16);
+# endif
+# ifndef OPENSSL_NO_RSA
+ memset(rsa_c, 0, sizeof(rsa_c));
+# endif
+# ifndef SIGALRM
+# ifndef OPENSSL_NO_DES
+ BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
+ count = 10;
+ do {
+ long it;
+ count *= 2;
+ Time_F(START);
+ for (it = count; it; it--)
+ DES_ecb_encrypt((DES_cblock *)buf,
+ (DES_cblock *)buf, &sch, DES_ENCRYPT);
+ d = Time_F(STOP);
+ } while (d < 3);
+ save_count = count;
+ c[D_MD2][0] = count / 10;
+ c[D_MDC2][0] = count / 10;
+ c[D_MD4][0] = count;
+ c[D_MD5][0] = count;
+ c[D_HMAC][0] = count;
+ c[D_SHA1][0] = count;
+ c[D_RMD160][0] = count;
+ c[D_RC4][0] = count * 5;
+ c[D_CBC_DES][0] = count;
+ c[D_EDE3_DES][0] = count / 3;
+ c[D_CBC_IDEA][0] = count;
+ c[D_CBC_SEED][0] = count;
+ c[D_CBC_RC2][0] = count;
+ c[D_CBC_RC5][0] = count;
+ c[D_CBC_BF][0] = count;
+ c[D_CBC_CAST][0] = count;
+ c[D_CBC_128_AES][0] = count;
+ c[D_CBC_192_AES][0] = count;
+ c[D_CBC_256_AES][0] = count;
+ c[D_CBC_128_CML][0] = count;
+ c[D_CBC_192_CML][0] = count;
+ c[D_CBC_256_CML][0] = count;
+ c[D_SHA256][0] = count;
+ c[D_SHA512][0] = count;
+ c[D_WHIRLPOOL][0] = count;
+ c[D_IGE_128_AES][0] = count;
+ c[D_IGE_192_AES][0] = count;
+ c[D_IGE_256_AES][0] = count;
+ c[D_GHASH][0] = count;
+
+ for (i = 1; i < SIZE_NUM; i++) {
+ c[D_MD2][i] = c[D_MD2][0] * 4 * lengths[0] / lengths[i];
+ c[D_MDC2][i] = c[D_MDC2][0] * 4 * lengths[0] / lengths[i];
+ c[D_MD4][i] = c[D_MD4][0] * 4 * lengths[0] / lengths[i];
+ c[D_MD5][i] = c[D_MD5][0] * 4 * lengths[0] / lengths[i];
+ c[D_HMAC][i] = c[D_HMAC][0] * 4 * lengths[0] / lengths[i];
+ c[D_SHA1][i] = c[D_SHA1][0] * 4 * lengths[0] / lengths[i];
+ c[D_RMD160][i] = c[D_RMD160][0] * 4 * lengths[0] / lengths[i];
+ c[D_SHA256][i] = c[D_SHA256][0] * 4 * lengths[0] / lengths[i];
+ c[D_SHA512][i] = c[D_SHA512][0] * 4 * lengths[0] / lengths[i];
+ c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * lengths[0] / lengths[i];
+ }
+ for (i = 1; i < SIZE_NUM; i++) {
+ long l0, l1;
+
+ l0 = (long)lengths[i - 1];
+ l1 = (long)lengths[i];
+ c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
+ c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
+ c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
+ c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
+ c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
+ c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
+ c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
+ c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
+ c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
+ c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
+ c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
+ c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
+ c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
+ c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
+ c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
+ c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
+ c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
+ c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
+ }
+# ifndef OPENSSL_NO_RSA
+ rsa_c[R_RSA_512][0] = count / 2000;
+ rsa_c[R_RSA_512][1] = count / 400;
+ for (i = 1; i < RSA_NUM; i++) {
+ rsa_c[i][0] = rsa_c[i - 1][0] / 8;
+ rsa_c[i][1] = rsa_c[i - 1][1] / 4;
+ if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0))
+ rsa_doit[i] = 0;
+ else {
+ if (rsa_c[i][0] == 0) {
+ rsa_c[i][0] = 1;
+ rsa_c[i][1] = 20;
+ }
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_DSA
+ dsa_c[R_DSA_512][0] = count / 1000;
+ dsa_c[R_DSA_512][1] = count / 1000 / 2;
+ for (i = 1; i < DSA_NUM; i++) {
+ dsa_c[i][0] = dsa_c[i - 1][0] / 4;
+ dsa_c[i][1] = dsa_c[i - 1][1] / 4;
+ if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0))
+ dsa_doit[i] = 0;
+ else {
+ if (dsa_c[i] == 0) {
+ dsa_c[i][0] = 1;
+ dsa_c[i][1] = 1;
+ }
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+ ecdsa_c[R_EC_P160][0] = count / 1000;
+ ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
+ for (i = R_EC_P192; i <= R_EC_P521; i++) {
+ ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+ ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+ if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+ ecdsa_doit[i] = 0;
+ else {
+ if (ecdsa_c[i] == 0) {
+ ecdsa_c[i][0] = 1;
+ ecdsa_c[i][1] = 1;
+ }
+ }
+ }
+ ecdsa_c[R_EC_K163][0] = count / 1000;
+ ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
+ for (i = R_EC_K233; i <= R_EC_K571; i++) {
+ ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+ ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+ if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+ ecdsa_doit[i] = 0;
+ else {
+ if (ecdsa_c[i] == 0) {
+ ecdsa_c[i][0] = 1;
+ ecdsa_c[i][1] = 1;
+ }
+ }
+ }
+ ecdsa_c[R_EC_B163][0] = count / 1000;
+ ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
+ for (i = R_EC_B233; i <= R_EC_B571; i++) {
+ ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+ ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+ if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+ ecdsa_doit[i] = 0;
+ else {
+ if (ecdsa_c[i] == 0) {
+ ecdsa_c[i][0] = 1;
+ ecdsa_c[i][1] = 1;
+ }
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+ ecdh_c[R_EC_P160][0] = count / 1000;
+ ecdh_c[R_EC_P160][1] = count / 1000;
+ for (i = R_EC_P192; i <= R_EC_P521; i++) {
+ ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+ ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
+ if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+ ecdh_doit[i] = 0;
+ else {
+ if (ecdh_c[i] == 0) {
+ ecdh_c[i][0] = 1;
+ ecdh_c[i][1] = 1;
+ }
+ }
+ }
+ ecdh_c[R_EC_K163][0] = count / 1000;
+ ecdh_c[R_EC_K163][1] = count / 1000;
+ for (i = R_EC_K233; i <= R_EC_K571; i++) {
+ ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+ ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
+ if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+ ecdh_doit[i] = 0;
+ else {
+ if (ecdh_c[i] == 0) {
+ ecdh_c[i][0] = 1;
+ ecdh_c[i][1] = 1;
+ }
+ }
+ }
+ ecdh_c[R_EC_B163][0] = count / 1000;
+ ecdh_c[R_EC_B163][1] = count / 1000;
+ for (i = R_EC_B233; i <= R_EC_B571; i++) {
+ ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+ ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
+ if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+ ecdh_doit[i] = 0;
+ else {
+ if (ecdh_c[i] == 0) {
+ ecdh_c[i][0] = 1;
+ ecdh_c[i][1] = 1;
+ }
+ }
+ }
+# endif
+
+# define COND(d) (count < (d))
+# define COUNT(d) (d)
+# else
+/* not worth fixing */
+# error "You cannot disable DES on systems without SIGALRM."
+# endif /* OPENSSL_NO_DES */
+# else
+# define COND(c) (run && count<0x7fffffff)
+# define COUNT(d) (count)
+# ifndef _WIN32
+ signal(SIGALRM, sig_done);
+# endif
+# endif /* SIGALRM */
+
+# ifndef OPENSSL_NO_MD2
+ if (doit[D_MD2]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_MD2], c[D_MD2][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_MD2][j]); count++)
+ EVP_Digest(buf, (unsigned long)lengths[j], &(md2[0]), NULL,
+ EVP_md2(), NULL);
+ d = Time_F(STOP);
+ print_result(D_MD2, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_MDC2
+ if (doit[D_MDC2]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_MDC2], c[D_MDC2][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_MDC2][j]); count++)
+ EVP_Digest(buf, (unsigned long)lengths[j], &(mdc2[0]), NULL,
+ EVP_mdc2(), NULL);
+ d = Time_F(STOP);
+ print_result(D_MDC2, j, count, d);
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_MD4
+ if (doit[D_MD4]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_MD4], c[D_MD4][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_MD4][j]); count++)
+ EVP_Digest(&(buf[0]), (unsigned long)lengths[j], &(md4[0]),
+ NULL, EVP_md4(), NULL);
+ d = Time_F(STOP);
+ print_result(D_MD4, j, count, d);
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_MD5
+ if (doit[D_MD5]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_MD5], c[D_MD5][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_MD5][j]); count++)
+ EVP_Digest(&(buf[0]), (unsigned long)lengths[j], &(md5[0]),
+ NULL, EVP_get_digestbyname("md5"), NULL);
+ d = Time_F(STOP);
+ print_result(D_MD5, j, count, d);
+ }
+ }
+# endif
+
+# if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC)
+ if (doit[D_HMAC]) {
+ HMAC_CTX hctx;
+
+ HMAC_CTX_init(&hctx);
+ HMAC_Init_ex(&hctx, (unsigned char *)"This is a key...",
+ 16, EVP_md5(), NULL);
+
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) {
+ HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL);
+ HMAC_Update(&hctx, buf, lengths[j]);
+ HMAC_Final(&hctx, &(hmac[0]), NULL);
+ }
+ d = Time_F(STOP);
+ print_result(D_HMAC, j, count, d);
+ }
+ HMAC_CTX_cleanup(&hctx);
+ }
+# endif
+# ifndef OPENSSL_NO_SHA
+ if (doit[D_SHA1]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_SHA1][j]); count++)
+ EVP_Digest(buf, (unsigned long)lengths[j], &(sha[0]), NULL,
+ EVP_sha1(), NULL);
+ d = Time_F(STOP);
+ print_result(D_SHA1, j, count, d);
+ }
+ }
+# ifndef OPENSSL_NO_SHA256
+ if (doit[D_SHA256]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_SHA256][j]); count++)
+ SHA256(buf, lengths[j], sha256);
+ d = Time_F(STOP);
+ print_result(D_SHA256, j, count, d);
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_SHA512
+ if (doit[D_SHA512]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_SHA512][j]); count++)
+ SHA512(buf, lengths[j], sha512);
+ d = Time_F(STOP);
+ print_result(D_SHA512, j, count, d);
+ }
+ }
+# endif
+# endif
+
+# ifndef OPENSSL_NO_WHIRLPOOL
+ if (doit[D_WHIRLPOOL]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++)
+ WHIRLPOOL(buf, lengths[j], whirlpool);
+ d = Time_F(STOP);
+ print_result(D_WHIRLPOOL, j, count, d);
+ }
+ }
+# endif
+
+# ifndef OPENSSL_NO_RIPEMD
+ if (doit[D_RMD160]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_RMD160][j]); count++)
+ EVP_Digest(buf, (unsigned long)lengths[j], &(rmd160[0]), NULL,
+ EVP_ripemd160(), NULL);
+ d = Time_F(STOP);
+ print_result(D_RMD160, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_RC4
+ if (doit[D_RC4]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_RC4], c[D_RC4][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_RC4][j]); count++)
+ RC4(&rc4_ks, (unsigned int)lengths[j], buf, buf);
+ d = Time_F(STOP);
+ print_result(D_RC4, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_DES
+ if (doit[D_CBC_DES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++)
+ DES_ncbc_encrypt(buf, buf, lengths[j], &sch,
+ &DES_iv, DES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_DES, j, count, d);
+ }
+ }
+
+ if (doit[D_EDE3_DES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++)
+ DES_ede3_cbc_encrypt(buf, buf, lengths[j],
+ &sch, &sch2, &sch3,
+ &DES_iv, DES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_EDE3_DES, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_AES
+ if (doit[D_CBC_128_AES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++)
+ AES_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &aes_ks1,
+ iv, AES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_128_AES, j, count, d);
+ }
+ }
+ if (doit[D_CBC_192_AES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++)
+ AES_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &aes_ks2,
+ iv, AES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_192_AES, j, count, d);
+ }
+ }
+ if (doit[D_CBC_256_AES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++)
+ AES_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &aes_ks3,
+ iv, AES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_256_AES, j, count, d);
+ }
+ }
+
+ if (doit[D_IGE_128_AES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++)
+ AES_ige_encrypt(buf, buf2,
+ (unsigned long)lengths[j], &aes_ks1,
+ iv, AES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_IGE_128_AES, j, count, d);
+ }
+ }
+ if (doit[D_IGE_192_AES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++)
+ AES_ige_encrypt(buf, buf2,
+ (unsigned long)lengths[j], &aes_ks2,
+ iv, AES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_IGE_192_AES, j, count, d);
+ }
+ }
+ if (doit[D_IGE_256_AES]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++)
+ AES_ige_encrypt(buf, buf2,
+ (unsigned long)lengths[j], &aes_ks3,
+ iv, AES_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_IGE_256_AES, j, count, d);
+ }
+ }
+ if (doit[D_GHASH]) {
+ GCM128_CONTEXT *ctx =
+ CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
+ CRYPTO_gcm128_setiv(ctx, (unsigned char *)"0123456789ab", 12);
+
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_GHASH][j]); count++)
+ CRYPTO_gcm128_aad(ctx, buf, lengths[j]);
+ d = Time_F(STOP);
+ print_result(D_GHASH, j, count, d);
+ }
+ CRYPTO_gcm128_release(ctx);
+ }
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+ if (doit[D_CBC_128_CML]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++)
+ Camellia_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &camellia_ks1,
+ iv, CAMELLIA_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_128_CML, j, count, d);
+ }
+ }
+ if (doit[D_CBC_192_CML]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++)
+ Camellia_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &camellia_ks2,
+ iv, CAMELLIA_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_192_CML, j, count, d);
+ }
+ }
+ if (doit[D_CBC_256_CML]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j],
+ lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++)
+ Camellia_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &camellia_ks3,
+ iv, CAMELLIA_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_256_CML, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_IDEA
+ if (doit[D_CBC_IDEA]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++)
+ idea_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &idea_ks,
+ iv, IDEA_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_IDEA, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_SEED
+ if (doit[D_CBC_SEED]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_SEED], c[D_CBC_SEED][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_SEED][j]); count++)
+ SEED_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &seed_ks, iv, 1);
+ d = Time_F(STOP);
+ print_result(D_CBC_SEED, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_RC2
+ if (doit[D_CBC_RC2]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++)
+ RC2_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &rc2_ks,
+ iv, RC2_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_RC2, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_RC5
+ if (doit[D_CBC_RC5]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_RC5], c[D_CBC_RC5][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_RC5][j]); count++)
+ RC5_32_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &rc5_ks,
+ iv, RC5_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_RC5, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_BF
+ if (doit[D_CBC_BF]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++)
+ BF_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &bf_ks,
+ iv, BF_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_BF, j, count, d);
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_CAST
+ if (doit[D_CBC_CAST]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++)
+ CAST_cbc_encrypt(buf, buf,
+ (unsigned long)lengths[j], &cast_ks,
+ iv, CAST_ENCRYPT);
+ d = Time_F(STOP);
+ print_result(D_CBC_CAST, j, count, d);
+ }
+ }
+# endif
+
+ if (doit[D_EVP]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ if (evp_cipher) {
+ EVP_CIPHER_CTX ctx;
+ int outl;
+
+ names[D_EVP] = OBJ_nid2ln(evp_cipher->nid);
+ /*
+ * -O3 -fschedule-insns messes up an optimization here!
+ * names[D_EVP] somehow becomes NULL
+ */
+ print_message(names[D_EVP], save_count, lengths[j]);
+
+ EVP_CIPHER_CTX_init(&ctx);
+ if (decrypt)
+ EVP_DecryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
+ else
+ EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
+
+ Time_F(START);
+ if (decrypt)
+ for (count = 0, run = 1;
+ COND(save_count * 4 * lengths[0] / lengths[j]);
+ count++)
+ EVP_DecryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
+ else
+ for (count = 0, run = 1;
+ COND(save_count * 4 * lengths[0] / lengths[j]);
+ count++)
+ EVP_EncryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
+ if (decrypt)
+ EVP_DecryptFinal_ex(&ctx, buf, &outl);
+ else
+ EVP_EncryptFinal_ex(&ctx, buf, &outl);
+ d = Time_F(STOP);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ }
+ if (evp_md) {
+ names[D_EVP] = OBJ_nid2ln(evp_md->type);
+ print_message(names[D_EVP], save_count, lengths[j]);
+
+ Time_F(START);
+ for (count = 0, run = 1;
+ COND(save_count * 4 * lengths[0] / lengths[j]); count++)
+ EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL);
+
+ d = Time_F(STOP);
+ }
+ print_result(D_EVP, j, count, d);
+ }
+ }
+
+ RAND_pseudo_bytes(buf, 36);
+# ifndef OPENSSL_NO_RSA
+ for (j = 0; j < RSA_NUM; j++) {
+ int ret;
+ if (!rsa_doit[j])
+ continue;
+ ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]);
+ if (ret == 0) {
+ BIO_printf(bio_err,
+ "RSA sign failure. No RSA sign will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ } else {
+ pkey_print_message("private", "rsa",
+ rsa_c[j][0], rsa_bits[j], RSA_SECONDS);
+ /* RSA_blinding_on(rsa_key[j],NULL); */
+ Time_F(START);
+ for (count = 0, run = 1; COND(rsa_c[j][0]); count++) {
+ ret = RSA_sign(NID_md5_sha1, buf, 36, buf2,
+ &rsa_num, rsa_key[j]);
+ if (ret == 0) {
+ BIO_printf(bio_err, "RSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count = 1;
+ break;
+ }
+ }
+ d = Time_F(STOP);
+ BIO_printf(bio_err,
+ mr ? "+R1:%ld:%d:%.2f\n"
+ : "%ld %d bit private RSA's in %.2fs\n",
+ count, rsa_bits[j], d);
+ rsa_results[j][0] = d / (double)count;
+ rsa_count = count;
+ }
+
+# if 1
+ ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]);
+ if (ret <= 0) {
+ BIO_printf(bio_err,
+ "RSA verify failure. No RSA verify will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_doit[j] = 0;
+ } else {
+ pkey_print_message("public", "rsa",
+ rsa_c[j][1], rsa_bits[j], RSA_SECONDS);
+ Time_F(START);
+ for (count = 0, run = 1; COND(rsa_c[j][1]); count++) {
+ ret = RSA_verify(NID_md5_sha1, buf, 36, buf2,
+ rsa_num, rsa_key[j]);
+ if (ret <= 0) {
+ BIO_printf(bio_err, "RSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count = 1;
+ break;
+ }
+ }
+ d = Time_F(STOP);
+ BIO_printf(bio_err,
+ mr ? "+R2:%ld:%d:%.2f\n"
+ : "%ld %d bit public RSA's in %.2fs\n",
+ count, rsa_bits[j], d);
+ rsa_results[j][1] = d / (double)count;
+ }
+# endif
+
+ if (rsa_count <= 1) {
+ /* if longer than 10s, don't do any more */
+ for (j++; j < RSA_NUM; j++)
+ rsa_doit[j] = 0;
+ }
+ }
+# endif
+
+ RAND_pseudo_bytes(buf, 20);
+# ifndef OPENSSL_NO_DSA
+ if (RAND_status() != 1) {
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+ rnd_fake = 1;
+ }
+ for (j = 0; j < DSA_NUM; j++) {
+ unsigned int kk;
+ int ret;
+
+ if (!dsa_doit[j])
+ continue;
+
+ /* DSA_generate_key(dsa_key[j]); */
+ /* DSA_sign_setup(dsa_key[j],NULL); */
+ ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
+ if (ret == 0) {
+ BIO_printf(bio_err,
+ "DSA sign failure. No DSA sign will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ } else {
+ pkey_print_message("sign", "dsa",
+ dsa_c[j][0], dsa_bits[j], DSA_SECONDS);
+ Time_F(START);
+ for (count = 0, run = 1; COND(dsa_c[j][0]); count++) {
+ ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
+ if (ret == 0) {
+ BIO_printf(bio_err, "DSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count = 1;
+ break;
+ }
+ }
+ d = Time_F(STOP);
+ BIO_printf(bio_err,
+ mr ? "+R3:%ld:%d:%.2f\n"
+ : "%ld %d bit DSA signs in %.2fs\n",
+ count, dsa_bits[j], d);
+ dsa_results[j][0] = d / (double)count;
+ rsa_count = count;
+ }
+
+ ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
+ if (ret <= 0) {
+ BIO_printf(bio_err,
+ "DSA verify failure. No DSA verify will be done.\n");
+ ERR_print_errors(bio_err);
+ dsa_doit[j] = 0;
+ } else {
+ pkey_print_message("verify", "dsa",
+ dsa_c[j][1], dsa_bits[j], DSA_SECONDS);
+ Time_F(START);
+ for (count = 0, run = 1; COND(dsa_c[j][1]); count++) {
+ ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
+ if (ret <= 0) {
+ BIO_printf(bio_err, "DSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count = 1;
+ break;
+ }
+ }
+ d = Time_F(STOP);
+ BIO_printf(bio_err,
+ mr ? "+R4:%ld:%d:%.2f\n"
+ : "%ld %d bit DSA verify in %.2fs\n",
+ count, dsa_bits[j], d);
+ dsa_results[j][1] = d / (double)count;
+ }
+
+ if (rsa_count <= 1) {
+ /* if longer than 10s, don't do any more */
+ for (j++; j < DSA_NUM; j++)
+ dsa_doit[j] = 0;
+ }
+ }
+ if (rnd_fake)
+ RAND_cleanup();
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+ if (RAND_status() != 1) {
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+ rnd_fake = 1;
+ }
+ for (j = 0; j < EC_NUM; j++) {
+ int ret;
+
+ if (!ecdsa_doit[j])
+ continue; /* Ignore Curve */
+ ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+ if (ecdsa[j] == NULL) {
+ BIO_printf(bio_err, "ECDSA failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ } else {
+# if 1
+ EC_KEY_precompute_mult(ecdsa[j], NULL);
+# endif
+ /* Perform ECDSA signature test */
+ EC_KEY_generate_key(ecdsa[j]);
+ ret = ECDSA_sign(0, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
+ if (ret == 0) {
+ BIO_printf(bio_err,
+ "ECDSA sign failure. No ECDSA sign will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ } else {
+ pkey_print_message("sign", "ecdsa",
+ ecdsa_c[j][0],
+ test_curves_bits[j], ECDSA_SECONDS);
+
+ Time_F(START);
+ for (count = 0, run = 1; COND(ecdsa_c[j][0]); count++) {
+ ret = ECDSA_sign(0, buf, 20,
+ ecdsasig, &ecdsasiglen, ecdsa[j]);
+ if (ret == 0) {
+ BIO_printf(bio_err, "ECDSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count = 1;
+ break;
+ }
+ }
+ d = Time_F(STOP);
+
+ BIO_printf(bio_err,
+ mr ? "+R5:%ld:%d:%.2f\n" :
+ "%ld %d bit ECDSA signs in %.2fs \n",
+ count, test_curves_bits[j], d);
+ ecdsa_results[j][0] = d / (double)count;
+ rsa_count = count;
+ }
+
+ /* Perform ECDSA verification test */
+ ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+ if (ret != 1) {
+ BIO_printf(bio_err,
+ "ECDSA verify failure. No ECDSA verify will be done.\n");
+ ERR_print_errors(bio_err);
+ ecdsa_doit[j] = 0;
+ } else {
+ pkey_print_message("verify", "ecdsa",
+ ecdsa_c[j][1],
+ test_curves_bits[j], ECDSA_SECONDS);
+ Time_F(START);
+ for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) {
+ ret =
+ ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen,
+ ecdsa[j]);
+ if (ret != 1) {
+ BIO_printf(bio_err, "ECDSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count = 1;
+ break;
+ }
+ }
+ d = Time_F(STOP);
+ BIO_printf(bio_err,
+ mr ? "+R6:%ld:%d:%.2f\n"
+ : "%ld %d bit ECDSA verify in %.2fs\n",
+ count, test_curves_bits[j], d);
+ ecdsa_results[j][1] = d / (double)count;
+ }
+
+ if (rsa_count <= 1) {
+ /* if longer than 10s, don't do any more */
+ for (j++; j < EC_NUM; j++)
+ ecdsa_doit[j] = 0;
+ }
+ }
+ }
+ if (rnd_fake)
+ RAND_cleanup();
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+ if (RAND_status() != 1) {
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+ rnd_fake = 1;
+ }
+ for (j = 0; j < EC_NUM; j++) {
+ if (!ecdh_doit[j])
+ continue;
+ ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+ ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+ if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) {
+ BIO_printf(bio_err, "ECDH failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ } else {
+ /* generate two ECDH key pairs */
+ if (!EC_KEY_generate_key(ecdh_a[j]) ||
+ !EC_KEY_generate_key(ecdh_b[j])) {
+ BIO_printf(bio_err, "ECDH key generation failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ } else {
+ /*
+ * If field size is not more than 24 octets, then use SHA-1
+ * hash of result; otherwise, use result (see section 4.8 of
+ * draft-ietf-tls-ecc-03.txt).
+ */
+ int field_size, outlen;
+ void *(*kdf) (const void *in, size_t inlen, void *out,
+ size_t *xoutlen);
+ field_size =
+ EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j]));
+ if (field_size <= 24 * 8) {
+ outlen = KDF1_SHA1_len;
+ kdf = KDF1_SHA1;
+ } else {
+ outlen = (field_size + 7) / 8;
+ kdf = NULL;
+ }
+ secret_size_a =
+ ECDH_compute_key(secret_a, outlen,
+ EC_KEY_get0_public_key(ecdh_b[j]),
+ ecdh_a[j], kdf);
+ secret_size_b =
+ ECDH_compute_key(secret_b, outlen,
+ EC_KEY_get0_public_key(ecdh_a[j]),
+ ecdh_b[j], kdf);
+ if (secret_size_a != secret_size_b)
+ ecdh_checks = 0;
+ else
+ ecdh_checks = 1;
+
+ for (secret_idx = 0; (secret_idx < secret_size_a)
+ && (ecdh_checks == 1); secret_idx++) {
+ if (secret_a[secret_idx] != secret_b[secret_idx])
+ ecdh_checks = 0;
+ }
+
+ if (ecdh_checks == 0) {
+ BIO_printf(bio_err, "ECDH computations don't match.\n");
+ ERR_print_errors(bio_err);
+ rsa_count = 1;
+ }
+
+ pkey_print_message("", "ecdh",
+ ecdh_c[j][0],
+ test_curves_bits[j], ECDH_SECONDS);
+ Time_F(START);
+ for (count = 0, run = 1; COND(ecdh_c[j][0]); count++) {
+ ECDH_compute_key(secret_a, outlen,
+ EC_KEY_get0_public_key(ecdh_b[j]),
+ ecdh_a[j], kdf);
+ }
+ d = Time_F(STOP);
+ BIO_printf(bio_err,
+ mr ? "+R7:%ld:%d:%.2f\n" :
+ "%ld %d-bit ECDH ops in %.2fs\n", count,
+ test_curves_bits[j], d);
+ ecdh_results[j][0] = d / (double)count;
+ rsa_count = count;
+ }
+ }
+
+ if (rsa_count <= 1) {
+ /* if longer than 10s, don't do any more */
+ for (j++; j < EC_NUM; j++)
+ ecdh_doit[j] = 0;
+ }
+ }
+ if (rnd_fake)
+ RAND_cleanup();
+# endif
+# ifndef NO_FORK
+ show_res:
+# endif
+ if (!mr) {
+ fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION));
+ fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON));
+ printf("options:");
+ printf("%s ", BN_options());
+# ifndef OPENSSL_NO_MD2
+ printf("%s ", MD2_options());
+# endif
+# ifndef OPENSSL_NO_RC4
+ printf("%s ", RC4_options());
+# endif
+# ifndef OPENSSL_NO_DES
+ printf("%s ", DES_options());
+# endif
+# ifndef OPENSSL_NO_AES
+ printf("%s ", AES_options());
+# endif
+# ifndef OPENSSL_NO_IDEA
+ printf("%s ", idea_options());
+# endif
+# ifndef OPENSSL_NO_BF
+ printf("%s ", BF_options());
+# endif
+ fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS));
+ }
+
+ if (pr_header) {
+ if (mr)
+ fprintf(stdout, "+H");
+ else {
+ fprintf(stdout,
+ "The 'numbers' are in 1000s of bytes per second processed.\n");
+ fprintf(stdout, "type ");
+ }
+ for (j = 0; j < SIZE_NUM; j++)
+ fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]);
+ fprintf(stdout, "\n");
+ }
+
+ for (k = 0; k < ALGOR_NUM; k++) {
+ if (!doit[k])
+ continue;
+ if (mr)
+ fprintf(stdout, "+F:%d:%s", k, names[k]);
+ else
+ fprintf(stdout, "%-13s", names[k]);
+ for (j = 0; j < SIZE_NUM; j++) {
+ if (results[k][j] > 10000 && !mr)
+ fprintf(stdout, " %11.2fk", results[k][j] / 1e3);
+ else
+ fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]);
+ }
+ fprintf(stdout, "\n");
+ }
+# ifndef OPENSSL_NO_RSA
+ j = 1;
+ for (k = 0; k < RSA_NUM; k++) {
+ if (!rsa_doit[k])
+ continue;
+ if (j && !mr) {
+ printf("%18ssign verify sign/s verify/s\n", " ");
+ j = 0;
+ }
+ if (mr)
+ fprintf(stdout, "+F2:%u:%u:%f:%f\n",
+ k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
+ else
+ fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
+ rsa_bits[k], rsa_results[k][0], rsa_results[k][1],
+ 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]);
+ }
+# endif
+# ifndef OPENSSL_NO_DSA
+ j = 1;
+ for (k = 0; k < DSA_NUM; k++) {
+ if (!dsa_doit[k])
+ continue;
+ if (j && !mr) {
+ printf("%18ssign verify sign/s verify/s\n", " ");
+ j = 0;
+ }
+ if (mr)
+ fprintf(stdout, "+F3:%u:%u:%f:%f\n",
+ k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
+ else
+ fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
+ dsa_bits[k], dsa_results[k][0], dsa_results[k][1],
+ 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]);
+ }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ j = 1;
+ for (k = 0; k < EC_NUM; k++) {
+ if (!ecdsa_doit[k])
+ continue;
+ if (j && !mr) {
+ printf("%30ssign verify sign/s verify/s\n", " ");
+ j = 0;
+ }
+
+ if (mr)
+ fprintf(stdout, "+F4:%u:%u:%f:%f\n",
+ k, test_curves_bits[k],
+ ecdsa_results[k][0], ecdsa_results[k][1]);
+ else
+ fprintf(stdout,
+ "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
+ test_curves_bits[k],
+ test_curves_names[k],
+ ecdsa_results[k][0], ecdsa_results[k][1],
+ 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]);
+ }
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+ j = 1;
+ for (k = 0; k < EC_NUM; k++) {
+ if (!ecdh_doit[k])
+ continue;
+ if (j && !mr) {
+ printf("%30sop op/s\n", " ");
+ j = 0;
+ }
+ if (mr)
+ fprintf(stdout, "+F5:%u:%u:%f:%f\n",
+ k, test_curves_bits[k],
+ ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
+
+ else
+ fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n",
+ test_curves_bits[k],
+ test_curves_names[k],
+ ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
+ }
+# endif
+
+ mret = 0;
+
+ end:
+ ERR_print_errors(bio_err);
+ if (buf != NULL)
+ OPENSSL_free(buf);
+ if (buf2 != NULL)
+ OPENSSL_free(buf2);
+# ifndef OPENSSL_NO_RSA
+ for (i = 0; i < RSA_NUM; i++)
+ if (rsa_key[i] != NULL)
+ RSA_free(rsa_key[i]);
+# endif
+# ifndef OPENSSL_NO_DSA
+ for (i = 0; i < DSA_NUM; i++)
+ if (dsa_key[i] != NULL)
+ DSA_free(dsa_key[i]);
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+ for (i = 0; i < EC_NUM; i++)
+ if (ecdsa[i] != NULL)
+ EC_KEY_free(ecdsa[i]);
+# endif
+# ifndef OPENSSL_NO_ECDH
+ for (i = 0; i < EC_NUM; i++) {
+ if (ecdh_a[i] != NULL)
+ EC_KEY_free(ecdh_a[i]);
+ if (ecdh_b[i] != NULL)
+ EC_KEY_free(ecdh_b[i]);
+ }
+# endif
+
+ apps_shutdown();
+ OPENSSL_EXIT(mret);
+}
+
+static void print_message(const char *s, long num, int length)
+{
+# ifdef SIGALRM
+ BIO_printf(bio_err,
+ mr ? "+DT:%s:%d:%d\n"
+ : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length);
+ (void)BIO_flush(bio_err);
+ alarm(SECONDS);
+# else
+ BIO_printf(bio_err,
+ mr ? "+DN:%s:%ld:%d\n"
+ : "Doing %s %ld times on %d size blocks: ", s, num, length);
+ (void)BIO_flush(bio_err);
+# endif
+# ifdef LINT
+ num = num;
+# endif
+}
+
+static void pkey_print_message(const char *str, const char *str2, long num,
+ int bits, int tm)
+{
+# ifdef SIGALRM
+ BIO_printf(bio_err,
+ mr ? "+DTP:%d:%s:%s:%d\n"
+ : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm);
+ (void)BIO_flush(bio_err);
+ alarm(tm);
+# else
+ BIO_printf(bio_err,
+ mr ? "+DNP:%ld:%d:%s:%s\n"
+ : "Doing %ld %d bit %s %s's: ", num, bits, str, str2);
+ (void)BIO_flush(bio_err);
+# endif
+# ifdef LINT
+ num = num;
+# endif
+}
+
+static void print_result(int alg, int run_no, int count, double time_used)
+{
+ BIO_printf(bio_err,
+ mr ? "+R:%d:%s:%f\n"
+ : "%d %s's in %.2fs\n", count, names[alg], time_used);
+ results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
+}
+
+# ifndef NO_FORK
+static char *sstrsep(char **string, const char *delim)
+{
+ char isdelim[256];
+ char *token = *string;
+
+ if (**string == 0)
+ return NULL;
+
+ memset(isdelim, 0, sizeof isdelim);
+ isdelim[0] = 1;
+
+ while (*delim) {
+ isdelim[(unsigned char)(*delim)] = 1;
+ delim++;
+ }
+
+ while (!isdelim[(unsigned char)(**string)]) {
+ (*string)++;
+ }
+
+ if (**string) {
+ **string = 0;
+ (*string)++;
+ }
+
+ return token;
+}
+
+static int do_multi(int multi)
+{
+ int n;
+ int fd[2];
+ int *fds;
+ static char sep[] = ":";
+
+ fds = malloc(multi * sizeof *fds);
+ for (n = 0; n < multi; ++n) {
+ if (pipe(fd) == -1) {
+ fprintf(stderr, "pipe failure\n");
+ exit(1);
+ }
+ fflush(stdout);
+ fflush(stderr);
+ if (fork()) {
+ close(fd[1]);
+ fds[n] = fd[0];
+ } else {
+ close(fd[0]);
+ close(1);
+ if (dup(fd[1]) == -1) {
+ fprintf(stderr, "dup failed\n");
+ exit(1);
+ }
+ close(fd[1]);
+ mr = 1;
+ usertime = 0;
+ free(fds);
+ return 0;
+ }
+ printf("Forked child %d\n", n);
+ }
+
+ /* for now, assume the pipe is long enough to take all the output */
+ for (n = 0; n < multi; ++n) {
+ FILE *f;
+ char buf[1024];
+ char *p;
+
+ f = fdopen(fds[n], "r");
+ while (fgets(buf, sizeof buf, f)) {
+ p = strchr(buf, '\n');
+ if (p)
+ *p = '\0';
+ if (buf[0] != '+') {
+ fprintf(stderr, "Don't understand line '%s' from child %d\n",
+ buf, n);
+ continue;
+ }
+ printf("Got: %s from %d\n", buf, n);
+ if (!strncmp(buf, "+F:", 3)) {
+ int alg;
+ int j;
+
+ p = buf + 3;
+ alg = atoi(sstrsep(&p, sep));
+ sstrsep(&p, sep);
+ for (j = 0; j < SIZE_NUM; ++j)
+ results[alg][j] += atof(sstrsep(&p, sep));
+ } else if (!strncmp(buf, "+F2:", 4)) {
+ int k;
+ double d;
+
+ p = buf + 4;
+ k = atoi(sstrsep(&p, sep));
+ sstrsep(&p, sep);
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
+ else
+ rsa_results[k][0] = d;
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
+ else
+ rsa_results[k][1] = d;
+ }
+# ifndef OPENSSL_NO_DSA
+ else if (!strncmp(buf, "+F3:", 4)) {
+ int k;
+ double d;
+
+ p = buf + 4;
+ k = atoi(sstrsep(&p, sep));
+ sstrsep(&p, sep);
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d);
+ else
+ dsa_results[k][0] = d;
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d);
+ else
+ dsa_results[k][1] = d;
+ }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ else if (!strncmp(buf, "+F4:", 4)) {
+ int k;
+ double d;
+
+ p = buf + 4;
+ k = atoi(sstrsep(&p, sep));
+ sstrsep(&p, sep);
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ ecdsa_results[k][0] =
+ 1 / (1 / ecdsa_results[k][0] + 1 / d);
+ else
+ ecdsa_results[k][0] = d;
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ ecdsa_results[k][1] =
+ 1 / (1 / ecdsa_results[k][1] + 1 / d);
+ else
+ ecdsa_results[k][1] = d;
+ }
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+ else if (!strncmp(buf, "+F5:", 4)) {
+ int k;
+ double d;
+
+ p = buf + 4;
+ k = atoi(sstrsep(&p, sep));
+ sstrsep(&p, sep);
+
+ d = atof(sstrsep(&p, sep));
+ if (n)
+ ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d);
+ else
+ ecdh_results[k][0] = d;
+
+ }
+# endif
+
+ else if (!strncmp(buf, "+H:", 3)) {
+ } else
+ fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n);
+ }
+
+ fclose(f);
+ }
+ free(fds);
+ return 1;
+}
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/apps/x509.c
===================================================================
--- vendor-crypto/openssl/dist/apps/x509.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/apps/x509.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1220 +0,0 @@
-/* apps/x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-# define APPS_WIN16
-#endif
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-#undef PROG
-#define PROG x509_main
-
-#undef POSTFIX
-#define POSTFIX ".srl"
-#define DEF_DAYS 30
-
-static const char *x509_usage[] = {
- "usage: x509 args\n",
- " -inform arg - input format - default PEM (one of DER, NET or PEM)\n",
- " -outform arg - output format - default PEM (one of DER, NET or PEM)\n",
- " -keyform arg - private key format - default PEM\n",
- " -CAform arg - CA format - default PEM\n",
- " -CAkeyform arg - CA key format - default PEM\n",
- " -in arg - input file - default stdin\n",
- " -out arg - output file - default stdout\n",
- " -passin arg - private key password source\n",
- " -serial - print serial number value\n",
- " -subject_hash - print subject hash value\n",
-#ifndef OPENSSL_NO_MD5
- " -subject_hash_old - print old-style (MD5) subject hash value\n",
-#endif
- " -issuer_hash - print issuer hash value\n",
-#ifndef OPENSSL_NO_MD5
- " -issuer_hash_old - print old-style (MD5) issuer hash value\n",
-#endif
- " -hash - synonym for -subject_hash\n",
- " -subject - print subject DN\n",
- " -issuer - print issuer DN\n",
- " -email - print email address(es)\n",
- " -startdate - notBefore field\n",
- " -enddate - notAfter field\n",
- " -purpose - print out certificate purposes\n",
- " -dates - both Before and After dates\n",
- " -modulus - print the RSA key modulus\n",
- " -pubkey - output the public key\n",
- " -fingerprint - print the certificate fingerprint\n",
- " -alias - output certificate alias\n",
- " -noout - no certificate output\n",
- " -ocspid - print OCSP hash values for the subject name and public key\n",
- " -ocsp_uri - print OCSP Responder URL(s)\n",
- " -trustout - output a \"trusted\" certificate\n",
- " -clrtrust - clear all trusted purposes\n",
- " -clrreject - clear all rejected purposes\n",
- " -addtrust arg - trust certificate for a given purpose\n",
- " -addreject arg - reject certificate for a given purpose\n",
- " -setalias arg - set certificate alias\n",
- " -days arg - How long till expiry of a signed certificate - def 30 days\n",
- " -checkend arg - check whether the cert expires in the next arg seconds\n",
- " exit 1 if so, 0 if not\n",
- " -signkey arg - self sign cert with arg\n",
- " -x509toreq - output a certification request object\n",
- " -req - input is a certificate request, sign and output.\n",
- " -CA arg - set the CA certificate, must be PEM format.\n",
- " -CAkey arg - set the CA key, must be PEM format\n",
- " missing, it is assumed to be in the CA file.\n",
- " -CAcreateserial - create serial number file if it does not exist\n",
- " -CAserial arg - serial file\n",
- " -set_serial - serial number to use\n",
- " -text - print the certificate in text form\n",
- " -C - print out C code forms\n",
- " -md2/-md5/-sha1/-mdc2 - digest to use\n",
- " -extfile - configuration file with X509V3 extensions to add\n",
- " -extensions - section from config file with X509V3 extensions to add\n",
- " -clrext - delete extensions before signing and input certificate\n",
- " -nameopt arg - various certificate name options\n",
-#ifndef OPENSSL_NO_ENGINE
- " -engine e - use engine e, possibly a hardware device.\n",
-#endif
- " -certopt arg - various certificate text options\n",
- NULL
-};
-
-static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
-static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
- const EVP_MD *digest, CONF *conf, char *section);
-static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
- X509 *x, X509 *xca, EVP_PKEY *pkey,
- STACK_OF(OPENSSL_STRING) *sigopts, char *serial,
- int create, int days, int clrext, CONF *conf,
- char *section, ASN1_INTEGER *sno);
-static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
-static int reqfile = 0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
- ENGINE *e = NULL;
- int ret = 1;
- X509_REQ *req = NULL;
- X509 *x = NULL, *xca = NULL;
- ASN1_OBJECT *objtmp;
- STACK_OF(OPENSSL_STRING) *sigopts = NULL;
- EVP_PKEY *Upkey = NULL, *CApkey = NULL;
- ASN1_INTEGER *sno = NULL;
- int i, num, badops = 0;
- BIO *out = NULL;
- BIO *STDout = NULL;
- STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
- int informat, outformat, keyformat, CAformat, CAkeyformat;
- char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
- char *CAkeyfile = NULL, *CAserial = NULL;
- char *alias = NULL;
- int text = 0, serial = 0, subject = 0, issuer = 0, startdate =
- 0, enddate = 0;
- int next_serial = 0;
- int subject_hash = 0, issuer_hash = 0, ocspid = 0;
-#ifndef OPENSSL_NO_MD5
- int subject_hash_old = 0, issuer_hash_old = 0;
-#endif
- int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0, email = 0;
- int ocsp_uri = 0;
- int trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0, clrext = 0;
- int C = 0;
- int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0;
- int pprint = 0;
- const char **pp;
- X509_STORE *ctx = NULL;
- X509_REQ *rq = NULL;
- int fingerprint = 0;
- char buf[256];
- const EVP_MD *md_alg, *digest = NULL;
- CONF *extconf = NULL;
- char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
- int need_rand = 0;
- int checkend = 0, checkoffset = 0;
- unsigned long nmflag = 0, certflag = 0;
-#ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
-#endif
-
- reqfile = 0;
-
- apps_startup();
-
- if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- if (!load_config(bio_err, NULL))
- goto end;
- STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- STDout = BIO_push(tmpbio, STDout);
- }
-#endif
-
- informat = FORMAT_PEM;
- outformat = FORMAT_PEM;
- keyformat = FORMAT_PEM;
- CAformat = FORMAT_PEM;
- CAkeyformat = FORMAT_PEM;
-
- ctx = X509_STORE_new();
- if (ctx == NULL)
- goto end;
- X509_STORE_set_verify_cb(ctx, callb);
-
- argc--;
- argv++;
- num = 0;
- while (argc >= 1) {
- if (strcmp(*argv, "-inform") == 0) {
- if (--argc < 1)
- goto bad;
- informat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-outform") == 0) {
- if (--argc < 1)
- goto bad;
- outformat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-keyform") == 0) {
- if (--argc < 1)
- goto bad;
- keyformat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-req") == 0) {
- reqfile = 1;
- need_rand = 1;
- } else if (strcmp(*argv, "-CAform") == 0) {
- if (--argc < 1)
- goto bad;
- CAformat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-CAkeyform") == 0) {
- if (--argc < 1)
- goto bad;
- CAkeyformat = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-sigopt") == 0) {
- if (--argc < 1)
- goto bad;
- if (!sigopts)
- sigopts = sk_OPENSSL_STRING_new_null();
- if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
- goto bad;
- } else if (strcmp(*argv, "-days") == 0) {
- if (--argc < 1)
- goto bad;
- days = atoi(*(++argv));
- if (days == 0) {
- BIO_printf(bio_err, "bad number of days\n");
- goto bad;
- }
- } else if (strcmp(*argv, "-passin") == 0) {
- if (--argc < 1)
- goto bad;
- passargin = *(++argv);
- } else if (strcmp(*argv, "-extfile") == 0) {
- if (--argc < 1)
- goto bad;
- extfile = *(++argv);
- } else if (strcmp(*argv, "-extensions") == 0) {
- if (--argc < 1)
- goto bad;
- extsect = *(++argv);
- } else if (strcmp(*argv, "-in") == 0) {
- if (--argc < 1)
- goto bad;
- infile = *(++argv);
- } else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- goto bad;
- outfile = *(++argv);
- } else if (strcmp(*argv, "-signkey") == 0) {
- if (--argc < 1)
- goto bad;
- keyfile = *(++argv);
- sign_flag = ++num;
- need_rand = 1;
- } else if (strcmp(*argv, "-CA") == 0) {
- if (--argc < 1)
- goto bad;
- CAfile = *(++argv);
- CA_flag = ++num;
- need_rand = 1;
- } else if (strcmp(*argv, "-CAkey") == 0) {
- if (--argc < 1)
- goto bad;
- CAkeyfile = *(++argv);
- } else if (strcmp(*argv, "-CAserial") == 0) {
- if (--argc < 1)
- goto bad;
- CAserial = *(++argv);
- } else if (strcmp(*argv, "-set_serial") == 0) {
- if (--argc < 1)
- goto bad;
- if (!(sno = s2i_ASN1_INTEGER(NULL, *(++argv))))
- goto bad;
- } else if (strcmp(*argv, "-addtrust") == 0) {
- if (--argc < 1)
- goto bad;
- if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) {
- BIO_printf(bio_err, "Invalid trust object value %s\n", *argv);
- goto bad;
- }
- if (!trust)
- trust = sk_ASN1_OBJECT_new_null();
- sk_ASN1_OBJECT_push(trust, objtmp);
- trustout = 1;
- } else if (strcmp(*argv, "-addreject") == 0) {
- if (--argc < 1)
- goto bad;
- if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) {
- BIO_printf(bio_err,
- "Invalid reject object value %s\n", *argv);
- goto bad;
- }
- if (!reject)
- reject = sk_ASN1_OBJECT_new_null();
- sk_ASN1_OBJECT_push(reject, objtmp);
- trustout = 1;
- } else if (strcmp(*argv, "-setalias") == 0) {
- if (--argc < 1)
- goto bad;
- alias = *(++argv);
- trustout = 1;
- } else if (strcmp(*argv, "-certopt") == 0) {
- if (--argc < 1)
- goto bad;
- if (!set_cert_ex(&certflag, *(++argv)))
- goto bad;
- } else if (strcmp(*argv, "-nameopt") == 0) {
- if (--argc < 1)
- goto bad;
- if (!set_name_ex(&nmflag, *(++argv)))
- goto bad;
- }
-#ifndef OPENSSL_NO_ENGINE
- else if (strcmp(*argv, "-engine") == 0) {
- if (--argc < 1)
- goto bad;
- engine = *(++argv);
- }
-#endif
- else if (strcmp(*argv, "-C") == 0)
- C = ++num;
- else if (strcmp(*argv, "-email") == 0)
- email = ++num;
- else if (strcmp(*argv, "-ocsp_uri") == 0)
- ocsp_uri = ++num;
- else if (strcmp(*argv, "-serial") == 0)
- serial = ++num;
- else if (strcmp(*argv, "-next_serial") == 0)
- next_serial = ++num;
- else if (strcmp(*argv, "-modulus") == 0)
- modulus = ++num;
- else if (strcmp(*argv, "-pubkey") == 0)
- pubkey = ++num;
- else if (strcmp(*argv, "-x509toreq") == 0)
- x509req = ++num;
- else if (strcmp(*argv, "-text") == 0)
- text = ++num;
- else if (strcmp(*argv, "-hash") == 0
- || strcmp(*argv, "-subject_hash") == 0)
- subject_hash = ++num;
-#ifndef OPENSSL_NO_MD5
- else if (strcmp(*argv, "-subject_hash_old") == 0)
- subject_hash_old = ++num;
-#endif
- else if (strcmp(*argv, "-issuer_hash") == 0)
- issuer_hash = ++num;
-#ifndef OPENSSL_NO_MD5
- else if (strcmp(*argv, "-issuer_hash_old") == 0)
- issuer_hash_old = ++num;
-#endif
- else if (strcmp(*argv, "-subject") == 0)
- subject = ++num;
- else if (strcmp(*argv, "-issuer") == 0)
- issuer = ++num;
- else if (strcmp(*argv, "-fingerprint") == 0)
- fingerprint = ++num;
- else if (strcmp(*argv, "-dates") == 0) {
- startdate = ++num;
- enddate = ++num;
- } else if (strcmp(*argv, "-purpose") == 0)
- pprint = ++num;
- else if (strcmp(*argv, "-startdate") == 0)
- startdate = ++num;
- else if (strcmp(*argv, "-enddate") == 0)
- enddate = ++num;
- else if (strcmp(*argv, "-checkend") == 0) {
- if (--argc < 1)
- goto bad;
- checkoffset = atoi(*(++argv));
- checkend = 1;
- } else if (strcmp(*argv, "-noout") == 0)
- noout = ++num;
- else if (strcmp(*argv, "-trustout") == 0)
- trustout = 1;
- else if (strcmp(*argv, "-clrtrust") == 0)
- clrtrust = ++num;
- else if (strcmp(*argv, "-clrreject") == 0)
- clrreject = ++num;
- else if (strcmp(*argv, "-alias") == 0)
- aliasout = ++num;
- else if (strcmp(*argv, "-CAcreateserial") == 0)
- CA_createserial = ++num;
- else if (strcmp(*argv, "-clrext") == 0)
- clrext = 1;
-#if 1 /* stay backwards-compatible with 0.9.5; this
- * should go away soon */
- else if (strcmp(*argv, "-crlext") == 0) {
- BIO_printf(bio_err, "use -clrext instead of -crlext\n");
- clrext = 1;
- }
-#endif
- else if (strcmp(*argv, "-ocspid") == 0)
- ocspid = ++num;
- else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
- /* ok */
- digest = md_alg;
- } else {
- BIO_printf(bio_err, "unknown option %s\n", *argv);
- badops = 1;
- break;
- }
- argc--;
- argv++;
- }
-
- if (badops) {
- bad:
- for (pp = x509_usage; (*pp != NULL); pp++)
- BIO_printf(bio_err, "%s", *pp);
- goto end;
- }
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
-#endif
-
- if (need_rand)
- app_RAND_load_file(NULL, bio_err, 0);
-
- ERR_load_crypto_strings();
-
- if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
- BIO_printf(bio_err, "Error getting password\n");
- goto end;
- }
-
- if (!X509_STORE_set_default_paths(ctx)) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM)) {
- CAkeyfile = CAfile;
- } else if ((CA_flag) && (CAkeyfile == NULL)) {
- BIO_printf(bio_err,
- "need to specify a CAkey if using the CA command\n");
- goto end;
- }
-
- if (extfile) {
- long errorline = -1;
- X509V3_CTX ctx2;
- extconf = NCONF_new(NULL);
- if (!NCONF_load(extconf, extfile, &errorline)) {
- if (errorline <= 0)
- BIO_printf(bio_err,
- "error loading the config file '%s'\n", extfile);
- else
- BIO_printf(bio_err,
- "error on line %ld of config file '%s'\n",
- errorline, extfile);
- goto end;
- }
- if (!extsect) {
- extsect = NCONF_get_string(extconf, "default", "extensions");
- if (!extsect) {
- ERR_clear_error();
- extsect = "default";
- }
- }
- X509V3_set_ctx_test(&ctx2);
- X509V3_set_nconf(&ctx2, extconf);
- if (!X509V3_EXT_add_nconf(extconf, &ctx2, extsect, NULL)) {
- BIO_printf(bio_err,
- "Error Loading extension section %s\n", extsect);
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- if (reqfile) {
- EVP_PKEY *pkey;
- BIO *in;
-
- if (!sign_flag && !CA_flag) {
- BIO_printf(bio_err, "We need a private key to sign with\n");
- goto end;
- }
- in = BIO_new(BIO_s_file());
- if (in == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (infile == NULL)
- BIO_set_fp(in, stdin, BIO_NOCLOSE | BIO_FP_TEXT);
- else {
- if (BIO_read_filename(in, infile) <= 0) {
- perror(infile);
- BIO_free(in);
- goto end;
- }
- }
- req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
- BIO_free(in);
-
- if (req == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if ((req->req_info == NULL) ||
- (req->req_info->pubkey == NULL) ||
- (req->req_info->pubkey->public_key == NULL) ||
- (req->req_info->pubkey->public_key->data == NULL)) {
- BIO_printf(bio_err,
- "The certificate request appears to corrupted\n");
- BIO_printf(bio_err, "It does not contain a public key\n");
- goto end;
- }
- if ((pkey = X509_REQ_get_pubkey(req)) == NULL) {
- BIO_printf(bio_err, "error unpacking public key\n");
- goto end;
- }
- i = X509_REQ_verify(req, pkey);
- EVP_PKEY_free(pkey);
- if (i < 0) {
- BIO_printf(bio_err, "Signature verification error\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- if (i == 0) {
- BIO_printf(bio_err,
- "Signature did not match the certificate request\n");
- goto end;
- } else
- BIO_printf(bio_err, "Signature ok\n");
-
- print_name(bio_err, "subject=", X509_REQ_get_subject_name(req),
- nmflag);
-
- if ((x = X509_new()) == NULL)
- goto end;
-
- if (sno == NULL) {
- sno = ASN1_INTEGER_new();
- if (!sno || !rand_serial(NULL, sno))
- goto end;
- if (!X509_set_serialNumber(x, sno))
- goto end;
- ASN1_INTEGER_free(sno);
- sno = NULL;
- } else if (!X509_set_serialNumber(x, sno))
- goto end;
-
- if (!X509_set_issuer_name(x, req->req_info->subject))
- goto end;
- if (!X509_set_subject_name(x, req->req_info->subject))
- goto end;
-
- X509_gmtime_adj(X509_get_notBefore(x), 0);
- X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL);
-
- pkey = X509_REQ_get_pubkey(req);
- X509_set_pubkey(x, pkey);
- EVP_PKEY_free(pkey);
- } else
- x = load_cert(bio_err, infile, informat, NULL, e, "Certificate");
-
- if (x == NULL)
- goto end;
- if (CA_flag) {
- xca = load_cert(bio_err, CAfile, CAformat, NULL, e, "CA Certificate");
- if (xca == NULL)
- goto end;
- }
-
- if (!noout || text || next_serial) {
- OBJ_create("2.99999.3", "SET.ex3", "SET x509v3 extension 3");
-
- out = BIO_new(BIO_s_file());
- if (out == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
- if (outfile == NULL) {
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
- {
- BIO *tmpbio = BIO_new(BIO_f_linebuffer());
- out = BIO_push(tmpbio, out);
- }
-#endif
- } else {
- if (BIO_write_filename(out, outfile) <= 0) {
- perror(outfile);
- goto end;
- }
- }
- }
-
- if (alias)
- X509_alias_set1(x, (unsigned char *)alias, -1);
-
- if (clrtrust)
- X509_trust_clear(x);
- if (clrreject)
- X509_reject_clear(x);
-
- if (trust) {
- for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) {
- objtmp = sk_ASN1_OBJECT_value(trust, i);
- X509_add1_trust_object(x, objtmp);
- }
- }
-
- if (reject) {
- for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++) {
- objtmp = sk_ASN1_OBJECT_value(reject, i);
- X509_add1_reject_object(x, objtmp);
- }
- }
-
- if (num) {
- for (i = 1; i <= num; i++) {
- if (issuer == i) {
- print_name(STDout, "issuer= ",
- X509_get_issuer_name(x), nmflag);
- } else if (subject == i) {
- print_name(STDout, "subject= ",
- X509_get_subject_name(x), nmflag);
- } else if (serial == i) {
- BIO_printf(STDout, "serial=");
- i2a_ASN1_INTEGER(STDout, X509_get_serialNumber(x));
- BIO_printf(STDout, "\n");
- } else if (next_serial == i) {
- BIGNUM *bnser;
- ASN1_INTEGER *ser;
- ser = X509_get_serialNumber(x);
- bnser = ASN1_INTEGER_to_BN(ser, NULL);
- if (!bnser)
- goto end;
- if (!BN_add_word(bnser, 1))
- goto end;
- ser = BN_to_ASN1_INTEGER(bnser, NULL);
- if (!ser)
- goto end;
- BN_free(bnser);
- i2a_ASN1_INTEGER(out, ser);
- ASN1_INTEGER_free(ser);
- BIO_puts(out, "\n");
- } else if ((email == i) || (ocsp_uri == i)) {
- int j;
- STACK_OF(OPENSSL_STRING) *emlst;
- if (email == i)
- emlst = X509_get1_email(x);
- else
- emlst = X509_get1_ocsp(x);
- for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
- BIO_printf(STDout, "%s\n",
- sk_OPENSSL_STRING_value(emlst, j));
- X509_email_free(emlst);
- } else if (aliasout == i) {
- unsigned char *alstr;
- alstr = X509_alias_get0(x, NULL);
- if (alstr)
- BIO_printf(STDout, "%s\n", alstr);
- else
- BIO_puts(STDout, "<No Alias>\n");
- } else if (subject_hash == i) {
- BIO_printf(STDout, "%08lx\n", X509_subject_name_hash(x));
- }
-#ifndef OPENSSL_NO_MD5
- else if (subject_hash_old == i) {
- BIO_printf(STDout, "%08lx\n", X509_subject_name_hash_old(x));
- }
-#endif
- else if (issuer_hash == i) {
- BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash(x));
- }
-#ifndef OPENSSL_NO_MD5
- else if (issuer_hash_old == i) {
- BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash_old(x));
- }
-#endif
- else if (pprint == i) {
- X509_PURPOSE *ptmp;
- int j;
- BIO_printf(STDout, "Certificate purposes:\n");
- for (j = 0; j < X509_PURPOSE_get_count(); j++) {
- ptmp = X509_PURPOSE_get0(j);
- purpose_print(STDout, x, ptmp);
- }
- } else if (modulus == i) {
- EVP_PKEY *pkey;
-
- pkey = X509_get_pubkey(x);
- if (pkey == NULL) {
- BIO_printf(bio_err, "Modulus=unavailable\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- BIO_printf(STDout, "Modulus=");
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- BN_print(STDout, pkey->pkey.rsa->n);
- else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- BN_print(STDout, pkey->pkey.dsa->pub_key);
- else
-#endif
- BIO_printf(STDout, "Wrong Algorithm type");
- BIO_printf(STDout, "\n");
- EVP_PKEY_free(pkey);
- } else if (pubkey == i) {
- EVP_PKEY *pkey;
-
- pkey = X509_get_pubkey(x);
- if (pkey == NULL) {
- BIO_printf(bio_err, "Error getting public key\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- PEM_write_bio_PUBKEY(STDout, pkey);
- EVP_PKEY_free(pkey);
- } else if (C == i) {
- unsigned char *d;
- char *m;
- int y, z;
-
- X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
- BIO_printf(STDout, "/* subject:%s */\n", buf);
- m = X509_NAME_oneline(X509_get_issuer_name(x), buf,
- sizeof buf);
- BIO_printf(STDout, "/* issuer :%s */\n", buf);
-
- z = i2d_X509(x, NULL);
- m = OPENSSL_malloc(z);
- if (!m) {
- BIO_printf(bio_err, "Out of memory\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-
- d = (unsigned char *)m;
- z = i2d_X509_NAME(X509_get_subject_name(x), &d);
- BIO_printf(STDout, "unsigned char XXX_subject_name[%d]={\n",
- z);
- d = (unsigned char *)m;
- for (y = 0; y < z; y++) {
- BIO_printf(STDout, "0x%02X,", d[y]);
- if ((y & 0x0f) == 0x0f)
- BIO_printf(STDout, "\n");
- }
- if (y % 16 != 0)
- BIO_printf(STDout, "\n");
- BIO_printf(STDout, "};\n");
-
- z = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &d);
- BIO_printf(STDout, "unsigned char XXX_public_key[%d]={\n", z);
- d = (unsigned char *)m;
- for (y = 0; y < z; y++) {
- BIO_printf(STDout, "0x%02X,", d[y]);
- if ((y & 0x0f) == 0x0f)
- BIO_printf(STDout, "\n");
- }
- if (y % 16 != 0)
- BIO_printf(STDout, "\n");
- BIO_printf(STDout, "};\n");
-
- z = i2d_X509(x, &d);
- BIO_printf(STDout, "unsigned char XXX_certificate[%d]={\n",
- z);
- d = (unsigned char *)m;
- for (y = 0; y < z; y++) {
- BIO_printf(STDout, "0x%02X,", d[y]);
- if ((y & 0x0f) == 0x0f)
- BIO_printf(STDout, "\n");
- }
- if (y % 16 != 0)
- BIO_printf(STDout, "\n");
- BIO_printf(STDout, "};\n");
-
- OPENSSL_free(m);
- } else if (text == i) {
- X509_print_ex(STDout, x, nmflag, certflag);
- } else if (startdate == i) {
- BIO_puts(STDout, "notBefore=");
- ASN1_TIME_print(STDout, X509_get_notBefore(x));
- BIO_puts(STDout, "\n");
- } else if (enddate == i) {
- BIO_puts(STDout, "notAfter=");
- ASN1_TIME_print(STDout, X509_get_notAfter(x));
- BIO_puts(STDout, "\n");
- } else if (fingerprint == i) {
- int j;
- unsigned int n;
- unsigned char md[EVP_MAX_MD_SIZE];
- const EVP_MD *fdig = digest;
-
- if (!fdig)
- fdig = EVP_sha1();
-
- if (!X509_digest(x, fdig, md, &n)) {
- BIO_printf(bio_err, "out of memory\n");
- goto end;
- }
- BIO_printf(STDout, "%s Fingerprint=",
- OBJ_nid2sn(EVP_MD_type(fdig)));
- for (j = 0; j < (int)n; j++) {
- BIO_printf(STDout, "%02X%c", md[j], (j + 1 == (int)n)
- ? '\n' : ':');
- }
- }
-
- /* should be in the library */
- else if ((sign_flag == i) && (x509req == 0)) {
- BIO_printf(bio_err, "Getting Private key\n");
- if (Upkey == NULL) {
- Upkey = load_key(bio_err,
- keyfile, keyformat, 0,
- passin, e, "Private key");
- if (Upkey == NULL)
- goto end;
- }
-
- assert(need_rand);
- if (!sign(x, Upkey, days, clrext, digest, extconf, extsect))
- goto end;
- } else if (CA_flag == i) {
- BIO_printf(bio_err, "Getting CA Private Key\n");
- if (CAkeyfile != NULL) {
- CApkey = load_key(bio_err,
- CAkeyfile, CAkeyformat,
- 0, passin, e, "CA Private Key");
- if (CApkey == NULL)
- goto end;
- }
-
- assert(need_rand);
- if (!x509_certify(ctx, CAfile, digest, x, xca,
- CApkey, sigopts,
- CAserial, CA_createserial, days, clrext,
- extconf, extsect, sno))
- goto end;
- } else if (x509req == i) {
- EVP_PKEY *pk;
-
- BIO_printf(bio_err, "Getting request Private Key\n");
- if (keyfile == NULL) {
- BIO_printf(bio_err, "no request key file specified\n");
- goto end;
- } else {
- pk = load_key(bio_err,
- keyfile, keyformat, 0,
- passin, e, "request key");
- if (pk == NULL)
- goto end;
- }
-
- BIO_printf(bio_err, "Generating certificate request\n");
-
- rq = X509_to_X509_REQ(x, pk, digest);
- EVP_PKEY_free(pk);
- if (rq == NULL) {
- ERR_print_errors(bio_err);
- goto end;
- }
- if (!noout) {
- X509_REQ_print(out, rq);
- PEM_write_bio_X509_REQ(out, rq);
- }
- noout = 1;
- } else if (ocspid == i) {
- X509_ocspid_print(out, x);
- }
- }
- }
-
- if (checkend) {
- time_t tcheck = time(NULL) + checkoffset;
-
- if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0) {
- BIO_printf(out, "Certificate will expire\n");
- ret = 1;
- } else {
- BIO_printf(out, "Certificate will not expire\n");
- ret = 0;
- }
- goto end;
- }
-
- if (noout) {
- ret = 0;
- goto end;
- }
-
- if (outformat == FORMAT_ASN1)
- i = i2d_X509_bio(out, x);
- else if (outformat == FORMAT_PEM) {
- if (trustout)
- i = PEM_write_bio_X509_AUX(out, x);
- else
- i = PEM_write_bio_X509(out, x);
- } else if (outformat == FORMAT_NETSCAPE) {
- NETSCAPE_X509 nx;
- ASN1_OCTET_STRING hdr;
-
- hdr.data = (unsigned char *)NETSCAPE_CERT_HDR;
- hdr.length = strlen(NETSCAPE_CERT_HDR);
- nx.header = &hdr;
- nx.cert = x;
-
- i = ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509), out, &nx);
- } else {
- BIO_printf(bio_err, "bad output format specified for outfile\n");
- goto end;
- }
- if (!i) {
- BIO_printf(bio_err, "unable to write certificate\n");
- ERR_print_errors(bio_err);
- goto end;
- }
- ret = 0;
- end:
- if (need_rand)
- app_RAND_write_file(NULL, bio_err);
- OBJ_cleanup();
- NCONF_free(extconf);
- BIO_free_all(out);
- BIO_free_all(STDout);
- X509_STORE_free(ctx);
- X509_REQ_free(req);
- X509_free(x);
- X509_free(xca);
- EVP_PKEY_free(Upkey);
- EVP_PKEY_free(CApkey);
- if (sigopts)
- sk_OPENSSL_STRING_free(sigopts);
- X509_REQ_free(rq);
- ASN1_INTEGER_free(sno);
- sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
- sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
- if (passin)
- OPENSSL_free(passin);
- apps_shutdown();
- OPENSSL_EXIT(ret);
-}
-
-static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile,
- int create)
-{
- char *buf = NULL, *p;
- ASN1_INTEGER *bs = NULL;
- BIGNUM *serial = NULL;
- size_t len;
-
- len = ((serialfile == NULL)
- ? (strlen(CAfile) + strlen(POSTFIX) + 1)
- : (strlen(serialfile))) + 1;
- buf = OPENSSL_malloc(len);
- if (buf == NULL) {
- BIO_printf(bio_err, "out of mem\n");
- goto end;
- }
- if (serialfile == NULL) {
- BUF_strlcpy(buf, CAfile, len);
- for (p = buf; *p; p++)
- if (*p == '.') {
- *p = '\0';
- break;
- }
- BUF_strlcat(buf, POSTFIX, len);
- } else
- BUF_strlcpy(buf, serialfile, len);
-
- serial = load_serial(buf, create, NULL);
- if (serial == NULL)
- goto end;
-
- if (!BN_add_word(serial, 1)) {
- BIO_printf(bio_err, "add_word failure\n");
- goto end;
- }
-
- if (!save_serial(buf, NULL, serial, &bs))
- goto end;
-
- end:
- if (buf)
- OPENSSL_free(buf);
- BN_free(serial);
- return bs;
-}
-
-static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
- X509 *x, X509 *xca, EVP_PKEY *pkey,
- STACK_OF(OPENSSL_STRING) *sigopts,
- char *serialfile, int create,
- int days, int clrext, CONF *conf, char *section,
- ASN1_INTEGER *sno)
-{
- int ret = 0;
- ASN1_INTEGER *bs = NULL;
- X509_STORE_CTX xsc;
- EVP_PKEY *upkey;
-
- upkey = X509_get_pubkey(xca);
- EVP_PKEY_copy_parameters(upkey, pkey);
- EVP_PKEY_free(upkey);
-
- if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) {
- BIO_printf(bio_err, "Error initialising X509 store\n");
- goto end;
- }
- if (sno)
- bs = sno;
- else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
- goto end;
-
-/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
-
- /*
- * NOTE: this certificate can/should be self signed, unless it was a
- * certificate request in which case it is not.
- */
- X509_STORE_CTX_set_cert(&xsc, x);
- X509_STORE_CTX_set_flags(&xsc, X509_V_FLAG_CHECK_SS_SIGNATURE);
- if (!reqfile && X509_verify_cert(&xsc) <= 0)
- goto end;
-
- if (!X509_check_private_key(xca, pkey)) {
- BIO_printf(bio_err,
- "CA certificate and CA private key do not match\n");
- goto end;
- }
-
- if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
- goto end;
- if (!X509_set_serialNumber(x, bs))
- goto end;
-
- if (X509_gmtime_adj(X509_get_notBefore(x), 0L) == NULL)
- goto end;
-
- /* hardwired expired */
- if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
- goto end;
-
- if (clrext) {
- while (X509_get_ext_count(x) > 0)
- X509_delete_ext(x, 0);
- }
-
- if (conf) {
- X509V3_CTX ctx2;
- X509_set_version(x, 2); /* version 3 certificate */
- X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
- X509V3_set_nconf(&ctx2, conf);
- if (!X509V3_EXT_add_nconf(conf, &ctx2, section, x))
- goto end;
- }
-
- if (!do_X509_sign(bio_err, x, pkey, digest, sigopts))
- goto end;
- ret = 1;
- end:
- X509_STORE_CTX_cleanup(&xsc);
- if (!ret)
- ERR_print_errors(bio_err);
- if (!sno)
- ASN1_INTEGER_free(bs);
- return ret;
-}
-
-static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx)
-{
- int err;
- X509 *err_cert;
-
- /*
- * it is ok to use a self signed certificate This case will catch both
- * the initial ok == 0 and the final ok == 1 calls to this function
- */
- err = X509_STORE_CTX_get_error(ctx);
- if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
- return 1;
-
- /*
- * BAD we should have gotten an error. Normally if everything worked
- * X509_STORE_CTX_get_error(ctx) will still be set to
- * DEPTH_ZERO_SELF_....
- */
- if (ok) {
- BIO_printf(bio_err,
- "error with certificate to be certified - should be self signed\n");
- return 0;
- } else {
- err_cert = X509_STORE_CTX_get_current_cert(ctx);
- print_name(bio_err, NULL, X509_get_subject_name(err_cert), 0);
- BIO_printf(bio_err,
- "error with certificate - error %d at depth %d\n%s\n", err,
- X509_STORE_CTX_get_error_depth(ctx),
- X509_verify_cert_error_string(err));
- return 1;
- }
-}
-
-/* self sign */
-static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
- const EVP_MD *digest, CONF *conf, char *section)
-{
-
- EVP_PKEY *pktmp;
-
- pktmp = X509_get_pubkey(x);
- EVP_PKEY_copy_parameters(pktmp, pkey);
- EVP_PKEY_save_parameters(pktmp, 1);
- EVP_PKEY_free(pktmp);
-
- if (!X509_set_issuer_name(x, X509_get_subject_name(x)))
- goto err;
- if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL)
- goto err;
-
- /* Lets just make it 12:00am GMT, Jan 1 1970 */
- /* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
- /* 28 days to be certified */
-
- if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) ==
- NULL)
- goto err;
-
- if (!X509_set_pubkey(x, pkey))
- goto err;
- if (clrext) {
- while (X509_get_ext_count(x) > 0)
- X509_delete_ext(x, 0);
- }
- if (conf) {
- X509V3_CTX ctx;
- X509_set_version(x, 2); /* version 3 certificate */
- X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);
- X509V3_set_nconf(&ctx, conf);
- if (!X509V3_EXT_add_nconf(conf, &ctx, section, x))
- goto err;
- }
- if (!X509_sign(x, pkey, digest))
- goto err;
- return 1;
- err:
- ERR_print_errors(bio_err);
- return 0;
-}
-
-static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
-{
- int id, i, idret;
- char *pname;
- id = X509_PURPOSE_get_id(pt);
- pname = X509_PURPOSE_get0_name(pt);
- for (i = 0; i < 2; i++) {
- idret = X509_check_purpose(cert, id, i);
- BIO_printf(bio, "%s%s : ", pname, i ? " CA" : "");
- if (idret == 1)
- BIO_printf(bio, "Yes\n");
- else if (idret == 0)
- BIO_printf(bio, "No\n");
- else
- BIO_printf(bio, "Yes (WARNING code=%d)\n", idret);
- }
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/apps/x509.c (from rev 11605, vendor-crypto/openssl/dist/apps/x509.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/apps/x509.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/apps/x509.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1221 @@
+/* apps/x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/objects.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#undef PROG
+#define PROG x509_main
+
+#undef POSTFIX
+#define POSTFIX ".srl"
+#define DEF_DAYS 30
+
+static const char *x509_usage[] = {
+ "usage: x509 args\n",
+ " -inform arg - input format - default PEM (one of DER, NET or PEM)\n",
+ " -outform arg - output format - default PEM (one of DER, NET or PEM)\n",
+ " -keyform arg - private key format - default PEM\n",
+ " -CAform arg - CA format - default PEM\n",
+ " -CAkeyform arg - CA key format - default PEM\n",
+ " -in arg - input file - default stdin\n",
+ " -out arg - output file - default stdout\n",
+ " -passin arg - private key password source\n",
+ " -serial - print serial number value\n",
+ " -subject_hash - print subject hash value\n",
+#ifndef OPENSSL_NO_MD5
+ " -subject_hash_old - print old-style (MD5) subject hash value\n",
+#endif
+ " -issuer_hash - print issuer hash value\n",
+#ifndef OPENSSL_NO_MD5
+ " -issuer_hash_old - print old-style (MD5) issuer hash value\n",
+#endif
+ " -hash - synonym for -subject_hash\n",
+ " -subject - print subject DN\n",
+ " -issuer - print issuer DN\n",
+ " -email - print email address(es)\n",
+ " -startdate - notBefore field\n",
+ " -enddate - notAfter field\n",
+ " -purpose - print out certificate purposes\n",
+ " -dates - both Before and After dates\n",
+ " -modulus - print the RSA key modulus\n",
+ " -pubkey - output the public key\n",
+ " -fingerprint - print the certificate fingerprint\n",
+ " -alias - output certificate alias\n",
+ " -noout - no certificate output\n",
+ " -ocspid - print OCSP hash values for the subject name and public key\n",
+ " -ocsp_uri - print OCSP Responder URL(s)\n",
+ " -trustout - output a \"trusted\" certificate\n",
+ " -clrtrust - clear all trusted purposes\n",
+ " -clrreject - clear all rejected purposes\n",
+ " -addtrust arg - trust certificate for a given purpose\n",
+ " -addreject arg - reject certificate for a given purpose\n",
+ " -setalias arg - set certificate alias\n",
+ " -days arg - How long till expiry of a signed certificate - def 30 days\n",
+ " -checkend arg - check whether the cert expires in the next arg seconds\n",
+ " exit 1 if so, 0 if not\n",
+ " -signkey arg - self sign cert with arg\n",
+ " -x509toreq - output a certification request object\n",
+ " -req - input is a certificate request, sign and output.\n",
+ " -CA arg - set the CA certificate, must be PEM format.\n",
+ " -CAkey arg - set the CA key, must be PEM format\n",
+ " missing, it is assumed to be in the CA file.\n",
+ " -CAcreateserial - create serial number file if it does not exist\n",
+ " -CAserial arg - serial file\n",
+ " -set_serial - serial number to use\n",
+ " -text - print the certificate in text form\n",
+ " -C - print out C code forms\n",
+ " -md2/-md5/-sha1/-mdc2 - digest to use\n",
+ " -extfile - configuration file with X509V3 extensions to add\n",
+ " -extensions - section from config file with X509V3 extensions to add\n",
+ " -clrext - delete extensions before signing and input certificate\n",
+ " -nameopt arg - various certificate name options\n",
+#ifndef OPENSSL_NO_ENGINE
+ " -engine e - use engine e, possibly a hardware device.\n",
+#endif
+ " -certopt arg - various certificate text options\n",
+ NULL
+};
+
+static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
+static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
+ const EVP_MD *digest, CONF *conf, char *section);
+static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
+ X509 *x, X509 *xca, EVP_PKEY *pkey,
+ STACK_OF(OPENSSL_STRING) *sigopts, char *serial,
+ int create, int days, int clrext, CONF *conf,
+ char *section, ASN1_INTEGER *sno);
+static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
+static int reqfile = 0;
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ ENGINE *e = NULL;
+ int ret = 1;
+ X509_REQ *req = NULL;
+ X509 *x = NULL, *xca = NULL;
+ ASN1_OBJECT *objtmp;
+ STACK_OF(OPENSSL_STRING) *sigopts = NULL;
+ EVP_PKEY *Upkey = NULL, *CApkey = NULL;
+ ASN1_INTEGER *sno = NULL;
+ int i, num, badops = 0;
+ BIO *out = NULL;
+ BIO *STDout = NULL;
+ STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
+ int informat, outformat, keyformat, CAformat, CAkeyformat;
+ char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
+ char *CAkeyfile = NULL, *CAserial = NULL;
+ char *alias = NULL;
+ int text = 0, serial = 0, subject = 0, issuer = 0, startdate =
+ 0, enddate = 0;
+ int next_serial = 0;
+ int subject_hash = 0, issuer_hash = 0, ocspid = 0;
+#ifndef OPENSSL_NO_MD5
+ int subject_hash_old = 0, issuer_hash_old = 0;
+#endif
+ int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0, email = 0;
+ int ocsp_uri = 0;
+ int trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0, clrext = 0;
+ int C = 0;
+ int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0;
+ int pprint = 0;
+ const char **pp;
+ X509_STORE *ctx = NULL;
+ X509_REQ *rq = NULL;
+ int fingerprint = 0;
+ char buf[256];
+ const EVP_MD *md_alg, *digest = NULL;
+ CONF *extconf = NULL;
+ char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
+ int need_rand = 0;
+ int checkend = 0, checkoffset = 0;
+ unsigned long nmflag = 0, certflag = 0;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
+
+ reqfile = 0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+ STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ STDout = BIO_push(tmpbio, STDout);
+ }
+#endif
+
+ informat = FORMAT_PEM;
+ outformat = FORMAT_PEM;
+ keyformat = FORMAT_PEM;
+ CAformat = FORMAT_PEM;
+ CAkeyformat = FORMAT_PEM;
+
+ ctx = X509_STORE_new();
+ if (ctx == NULL)
+ goto end;
+ X509_STORE_set_verify_cb(ctx, callb);
+
+ argc--;
+ argv++;
+ num = 0;
+ while (argc >= 1) {
+ if (strcmp(*argv, "-inform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ informat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-outform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ outformat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-keyform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keyformat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-req") == 0) {
+ reqfile = 1;
+ need_rand = 1;
+ } else if (strcmp(*argv, "-CAform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAformat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-CAkeyform") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAkeyformat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-sigopt") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!sigopts)
+ sigopts = sk_OPENSSL_STRING_new_null();
+ if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+ goto bad;
+ } else if (strcmp(*argv, "-days") == 0) {
+ if (--argc < 1)
+ goto bad;
+ days = atoi(*(++argv));
+ if (days == 0) {
+ BIO_printf(bio_err, "bad number of days\n");
+ goto bad;
+ }
+ } else if (strcmp(*argv, "-passin") == 0) {
+ if (--argc < 1)
+ goto bad;
+ passargin = *(++argv);
+ } else if (strcmp(*argv, "-extfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ extfile = *(++argv);
+ } else if (strcmp(*argv, "-extensions") == 0) {
+ if (--argc < 1)
+ goto bad;
+ extsect = *(++argv);
+ } else if (strcmp(*argv, "-in") == 0) {
+ if (--argc < 1)
+ goto bad;
+ infile = *(++argv);
+ } else if (strcmp(*argv, "-out") == 0) {
+ if (--argc < 1)
+ goto bad;
+ outfile = *(++argv);
+ } else if (strcmp(*argv, "-signkey") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keyfile = *(++argv);
+ sign_flag = ++num;
+ need_rand = 1;
+ } else if (strcmp(*argv, "-CA") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAfile = *(++argv);
+ CA_flag = ++num;
+ need_rand = 1;
+ } else if (strcmp(*argv, "-CAkey") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAkeyfile = *(++argv);
+ } else if (strcmp(*argv, "-CAserial") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAserial = *(++argv);
+ } else if (strcmp(*argv, "-set_serial") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!(sno = s2i_ASN1_INTEGER(NULL, *(++argv))))
+ goto bad;
+ } else if (strcmp(*argv, "-addtrust") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) {
+ BIO_printf(bio_err, "Invalid trust object value %s\n", *argv);
+ goto bad;
+ }
+ if (!trust)
+ trust = sk_ASN1_OBJECT_new_null();
+ sk_ASN1_OBJECT_push(trust, objtmp);
+ trustout = 1;
+ } else if (strcmp(*argv, "-addreject") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) {
+ BIO_printf(bio_err,
+ "Invalid reject object value %s\n", *argv);
+ goto bad;
+ }
+ if (!reject)
+ reject = sk_ASN1_OBJECT_new_null();
+ sk_ASN1_OBJECT_push(reject, objtmp);
+ trustout = 1;
+ } else if (strcmp(*argv, "-setalias") == 0) {
+ if (--argc < 1)
+ goto bad;
+ alias = *(++argv);
+ trustout = 1;
+ } else if (strcmp(*argv, "-certopt") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!set_cert_ex(&certflag, *(++argv)))
+ goto bad;
+ } else if (strcmp(*argv, "-nameopt") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!set_name_ex(&nmflag, *(++argv)))
+ goto bad;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*argv, "-engine") == 0) {
+ if (--argc < 1)
+ goto bad;
+ engine = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-C") == 0)
+ C = ++num;
+ else if (strcmp(*argv, "-email") == 0)
+ email = ++num;
+ else if (strcmp(*argv, "-ocsp_uri") == 0)
+ ocsp_uri = ++num;
+ else if (strcmp(*argv, "-serial") == 0)
+ serial = ++num;
+ else if (strcmp(*argv, "-next_serial") == 0)
+ next_serial = ++num;
+ else if (strcmp(*argv, "-modulus") == 0)
+ modulus = ++num;
+ else if (strcmp(*argv, "-pubkey") == 0)
+ pubkey = ++num;
+ else if (strcmp(*argv, "-x509toreq") == 0)
+ x509req = ++num;
+ else if (strcmp(*argv, "-text") == 0)
+ text = ++num;
+ else if (strcmp(*argv, "-hash") == 0
+ || strcmp(*argv, "-subject_hash") == 0)
+ subject_hash = ++num;
+#ifndef OPENSSL_NO_MD5
+ else if (strcmp(*argv, "-subject_hash_old") == 0)
+ subject_hash_old = ++num;
+#endif
+ else if (strcmp(*argv, "-issuer_hash") == 0)
+ issuer_hash = ++num;
+#ifndef OPENSSL_NO_MD5
+ else if (strcmp(*argv, "-issuer_hash_old") == 0)
+ issuer_hash_old = ++num;
+#endif
+ else if (strcmp(*argv, "-subject") == 0)
+ subject = ++num;
+ else if (strcmp(*argv, "-issuer") == 0)
+ issuer = ++num;
+ else if (strcmp(*argv, "-fingerprint") == 0)
+ fingerprint = ++num;
+ else if (strcmp(*argv, "-dates") == 0) {
+ startdate = ++num;
+ enddate = ++num;
+ } else if (strcmp(*argv, "-purpose") == 0)
+ pprint = ++num;
+ else if (strcmp(*argv, "-startdate") == 0)
+ startdate = ++num;
+ else if (strcmp(*argv, "-enddate") == 0)
+ enddate = ++num;
+ else if (strcmp(*argv, "-checkend") == 0) {
+ if (--argc < 1)
+ goto bad;
+ checkoffset = atoi(*(++argv));
+ checkend = 1;
+ } else if (strcmp(*argv, "-noout") == 0)
+ noout = ++num;
+ else if (strcmp(*argv, "-trustout") == 0)
+ trustout = 1;
+ else if (strcmp(*argv, "-clrtrust") == 0)
+ clrtrust = ++num;
+ else if (strcmp(*argv, "-clrreject") == 0)
+ clrreject = ++num;
+ else if (strcmp(*argv, "-alias") == 0)
+ aliasout = ++num;
+ else if (strcmp(*argv, "-CAcreateserial") == 0)
+ CA_createserial = ++num;
+ else if (strcmp(*argv, "-clrext") == 0)
+ clrext = 1;
+#if 1 /* stay backwards-compatible with 0.9.5; this
+ * should go away soon */
+ else if (strcmp(*argv, "-crlext") == 0) {
+ BIO_printf(bio_err, "use -clrext instead of -crlext\n");
+ clrext = 1;
+ }
+#endif
+ else if (strcmp(*argv, "-ocspid") == 0)
+ ocspid = ++num;
+ else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
+ /* ok */
+ digest = md_alg;
+ } else {
+ BIO_printf(bio_err, "unknown option %s\n", *argv);
+ badops = 1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops) {
+ bad:
+ for (pp = x509_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err, "%s", *pp);
+ goto end;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine, 0);
+#endif
+
+ if (need_rand)
+ app_RAND_load_file(NULL, bio_err, 0);
+
+ ERR_load_crypto_strings();
+
+ if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+
+ if (!X509_STORE_set_default_paths(ctx)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM)) {
+ CAkeyfile = CAfile;
+ } else if ((CA_flag) && (CAkeyfile == NULL)) {
+ BIO_printf(bio_err,
+ "need to specify a CAkey if using the CA command\n");
+ goto end;
+ }
+
+ if (extfile) {
+ long errorline = -1;
+ X509V3_CTX ctx2;
+ extconf = NCONF_new(NULL);
+ if (!NCONF_load(extconf, extfile, &errorline)) {
+ if (errorline <= 0)
+ BIO_printf(bio_err,
+ "error loading the config file '%s'\n", extfile);
+ else
+ BIO_printf(bio_err,
+ "error on line %ld of config file '%s'\n",
+ errorline, extfile);
+ goto end;
+ }
+ if (!extsect) {
+ extsect = NCONF_get_string(extconf, "default", "extensions");
+ if (!extsect) {
+ ERR_clear_error();
+ extsect = "default";
+ }
+ }
+ X509V3_set_ctx_test(&ctx2);
+ X509V3_set_nconf(&ctx2, extconf);
+ if (!X509V3_EXT_add_nconf(extconf, &ctx2, extsect, NULL)) {
+ BIO_printf(bio_err,
+ "Error Loading extension section %s\n", extsect);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (reqfile) {
+ EVP_PKEY *pkey;
+ BIO *in;
+
+ if (!sign_flag && !CA_flag) {
+ BIO_printf(bio_err, "We need a private key to sign with\n");
+ goto end;
+ }
+ in = BIO_new(BIO_s_file());
+ if (in == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in, stdin, BIO_NOCLOSE | BIO_FP_TEXT);
+ else {
+ if (BIO_read_filename(in, infile) <= 0) {
+ perror(infile);
+ BIO_free(in);
+ goto end;
+ }
+ }
+ req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
+ BIO_free(in);
+
+ if (req == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if ((req->req_info == NULL) ||
+ (req->req_info->pubkey == NULL) ||
+ (req->req_info->pubkey->public_key == NULL) ||
+ (req->req_info->pubkey->public_key->data == NULL)) {
+ BIO_printf(bio_err,
+ "The certificate request appears to corrupted\n");
+ BIO_printf(bio_err, "It does not contain a public key\n");
+ goto end;
+ }
+ if ((pkey = X509_REQ_get_pubkey(req)) == NULL) {
+ BIO_printf(bio_err, "error unpacking public key\n");
+ goto end;
+ }
+ i = X509_REQ_verify(req, pkey);
+ EVP_PKEY_free(pkey);
+ if (i < 0) {
+ BIO_printf(bio_err, "Signature verification error\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (i == 0) {
+ BIO_printf(bio_err,
+ "Signature did not match the certificate request\n");
+ goto end;
+ } else
+ BIO_printf(bio_err, "Signature ok\n");
+
+ print_name(bio_err, "subject=", X509_REQ_get_subject_name(req),
+ nmflag);
+
+ if ((x = X509_new()) == NULL)
+ goto end;
+
+ if (sno == NULL) {
+ sno = ASN1_INTEGER_new();
+ if (!sno || !rand_serial(NULL, sno))
+ goto end;
+ if (!X509_set_serialNumber(x, sno))
+ goto end;
+ ASN1_INTEGER_free(sno);
+ sno = NULL;
+ } else if (!X509_set_serialNumber(x, sno))
+ goto end;
+
+ if (!X509_set_issuer_name(x, req->req_info->subject))
+ goto end;
+ if (!X509_set_subject_name(x, req->req_info->subject))
+ goto end;
+
+ X509_gmtime_adj(X509_get_notBefore(x), 0);
+ X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL);
+
+ pkey = X509_REQ_get_pubkey(req);
+ X509_set_pubkey(x, pkey);
+ EVP_PKEY_free(pkey);
+ } else
+ x = load_cert(bio_err, infile, informat, NULL, e, "Certificate");
+
+ if (x == NULL)
+ goto end;
+ if (CA_flag) {
+ xca = load_cert(bio_err, CAfile, CAformat, NULL, e, "CA Certificate");
+ if (xca == NULL)
+ goto end;
+ }
+
+ if (!noout || text || next_serial) {
+ OBJ_create("2.99999.3", "SET.ex3", "SET x509v3 extension 3");
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (outfile == NULL) {
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ } else {
+ if (BIO_write_filename(out, outfile) <= 0) {
+ perror(outfile);
+ goto end;
+ }
+ }
+ }
+
+ if (alias)
+ X509_alias_set1(x, (unsigned char *)alias, -1);
+
+ if (clrtrust)
+ X509_trust_clear(x);
+ if (clrreject)
+ X509_reject_clear(x);
+
+ if (trust) {
+ for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) {
+ objtmp = sk_ASN1_OBJECT_value(trust, i);
+ X509_add1_trust_object(x, objtmp);
+ }
+ }
+
+ if (reject) {
+ for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++) {
+ objtmp = sk_ASN1_OBJECT_value(reject, i);
+ X509_add1_reject_object(x, objtmp);
+ }
+ }
+
+ if (num) {
+ for (i = 1; i <= num; i++) {
+ if (issuer == i) {
+ print_name(STDout, "issuer= ",
+ X509_get_issuer_name(x), nmflag);
+ } else if (subject == i) {
+ print_name(STDout, "subject= ",
+ X509_get_subject_name(x), nmflag);
+ } else if (serial == i) {
+ BIO_printf(STDout, "serial=");
+ i2a_ASN1_INTEGER(STDout, X509_get_serialNumber(x));
+ BIO_printf(STDout, "\n");
+ } else if (next_serial == i) {
+ BIGNUM *bnser;
+ ASN1_INTEGER *ser;
+ ser = X509_get_serialNumber(x);
+ bnser = ASN1_INTEGER_to_BN(ser, NULL);
+ if (!bnser)
+ goto end;
+ if (!BN_add_word(bnser, 1))
+ goto end;
+ ser = BN_to_ASN1_INTEGER(bnser, NULL);
+ if (!ser)
+ goto end;
+ BN_free(bnser);
+ i2a_ASN1_INTEGER(out, ser);
+ ASN1_INTEGER_free(ser);
+ BIO_puts(out, "\n");
+ } else if ((email == i) || (ocsp_uri == i)) {
+ int j;
+ STACK_OF(OPENSSL_STRING) *emlst;
+ if (email == i)
+ emlst = X509_get1_email(x);
+ else
+ emlst = X509_get1_ocsp(x);
+ for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
+ BIO_printf(STDout, "%s\n",
+ sk_OPENSSL_STRING_value(emlst, j));
+ X509_email_free(emlst);
+ } else if (aliasout == i) {
+ unsigned char *alstr;
+ alstr = X509_alias_get0(x, NULL);
+ if (alstr)
+ BIO_printf(STDout, "%s\n", alstr);
+ else
+ BIO_puts(STDout, "<No Alias>\n");
+ } else if (subject_hash == i) {
+ BIO_printf(STDout, "%08lx\n", X509_subject_name_hash(x));
+ }
+#ifndef OPENSSL_NO_MD5
+ else if (subject_hash_old == i) {
+ BIO_printf(STDout, "%08lx\n", X509_subject_name_hash_old(x));
+ }
+#endif
+ else if (issuer_hash == i) {
+ BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash(x));
+ }
+#ifndef OPENSSL_NO_MD5
+ else if (issuer_hash_old == i) {
+ BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash_old(x));
+ }
+#endif
+ else if (pprint == i) {
+ X509_PURPOSE *ptmp;
+ int j;
+ BIO_printf(STDout, "Certificate purposes:\n");
+ for (j = 0; j < X509_PURPOSE_get_count(); j++) {
+ ptmp = X509_PURPOSE_get0(j);
+ purpose_print(STDout, x, ptmp);
+ }
+ } else if (modulus == i) {
+ EVP_PKEY *pkey;
+
+ pkey = X509_get_pubkey(x);
+ if (pkey == NULL) {
+ BIO_printf(bio_err, "Modulus=unavailable\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_printf(STDout, "Modulus=");
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ BN_print(STDout, pkey->pkey.rsa->n);
+ else
+#endif
+#ifndef OPENSSL_NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ BN_print(STDout, pkey->pkey.dsa->pub_key);
+ else
+#endif
+ BIO_printf(STDout, "Wrong Algorithm type");
+ BIO_printf(STDout, "\n");
+ EVP_PKEY_free(pkey);
+ } else if (pubkey == i) {
+ EVP_PKEY *pkey;
+
+ pkey = X509_get_pubkey(x);
+ if (pkey == NULL) {
+ BIO_printf(bio_err, "Error getting public key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ PEM_write_bio_PUBKEY(STDout, pkey);
+ EVP_PKEY_free(pkey);
+ } else if (C == i) {
+ unsigned char *d;
+ char *m;
+ int y, z;
+
+ X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
+ BIO_printf(STDout, "/* subject:%s */\n", buf);
+ m = X509_NAME_oneline(X509_get_issuer_name(x), buf,
+ sizeof buf);
+ BIO_printf(STDout, "/* issuer :%s */\n", buf);
+
+ z = i2d_X509(x, NULL);
+ m = OPENSSL_malloc(z);
+ if (!m) {
+ BIO_printf(bio_err, "Out of memory\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ d = (unsigned char *)m;
+ z = i2d_X509_NAME(X509_get_subject_name(x), &d);
+ BIO_printf(STDout, "unsigned char XXX_subject_name[%d]={\n",
+ z);
+ d = (unsigned char *)m;
+ for (y = 0; y < z; y++) {
+ BIO_printf(STDout, "0x%02X,", d[y]);
+ if ((y & 0x0f) == 0x0f)
+ BIO_printf(STDout, "\n");
+ }
+ if (y % 16 != 0)
+ BIO_printf(STDout, "\n");
+ BIO_printf(STDout, "};\n");
+
+ z = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &d);
+ BIO_printf(STDout, "unsigned char XXX_public_key[%d]={\n", z);
+ d = (unsigned char *)m;
+ for (y = 0; y < z; y++) {
+ BIO_printf(STDout, "0x%02X,", d[y]);
+ if ((y & 0x0f) == 0x0f)
+ BIO_printf(STDout, "\n");
+ }
+ if (y % 16 != 0)
+ BIO_printf(STDout, "\n");
+ BIO_printf(STDout, "};\n");
+
+ z = i2d_X509(x, &d);
+ BIO_printf(STDout, "unsigned char XXX_certificate[%d]={\n",
+ z);
+ d = (unsigned char *)m;
+ for (y = 0; y < z; y++) {
+ BIO_printf(STDout, "0x%02X,", d[y]);
+ if ((y & 0x0f) == 0x0f)
+ BIO_printf(STDout, "\n");
+ }
+ if (y % 16 != 0)
+ BIO_printf(STDout, "\n");
+ BIO_printf(STDout, "};\n");
+
+ OPENSSL_free(m);
+ } else if (text == i) {
+ X509_print_ex(STDout, x, nmflag, certflag);
+ } else if (startdate == i) {
+ BIO_puts(STDout, "notBefore=");
+ ASN1_TIME_print(STDout, X509_get_notBefore(x));
+ BIO_puts(STDout, "\n");
+ } else if (enddate == i) {
+ BIO_puts(STDout, "notAfter=");
+ ASN1_TIME_print(STDout, X509_get_notAfter(x));
+ BIO_puts(STDout, "\n");
+ } else if (fingerprint == i) {
+ int j;
+ unsigned int n;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ const EVP_MD *fdig = digest;
+
+ if (!fdig)
+ fdig = EVP_sha1();
+
+ if (!X509_digest(x, fdig, md, &n)) {
+ BIO_printf(bio_err, "out of memory\n");
+ goto end;
+ }
+ BIO_printf(STDout, "%s Fingerprint=",
+ OBJ_nid2sn(EVP_MD_type(fdig)));
+ for (j = 0; j < (int)n; j++) {
+ BIO_printf(STDout, "%02X%c", md[j], (j + 1 == (int)n)
+ ? '\n' : ':');
+ }
+ }
+
+ /* should be in the library */
+ else if ((sign_flag == i) && (x509req == 0)) {
+ BIO_printf(bio_err, "Getting Private key\n");
+ if (Upkey == NULL) {
+ Upkey = load_key(bio_err,
+ keyfile, keyformat, 0,
+ passin, e, "Private key");
+ if (Upkey == NULL)
+ goto end;
+ }
+
+ assert(need_rand);
+ if (!sign(x, Upkey, days, clrext, digest, extconf, extsect))
+ goto end;
+ } else if (CA_flag == i) {
+ BIO_printf(bio_err, "Getting CA Private Key\n");
+ if (CAkeyfile != NULL) {
+ CApkey = load_key(bio_err,
+ CAkeyfile, CAkeyformat,
+ 0, passin, e, "CA Private Key");
+ if (CApkey == NULL)
+ goto end;
+ }
+
+ assert(need_rand);
+ if (!x509_certify(ctx, CAfile, digest, x, xca,
+ CApkey, sigopts,
+ CAserial, CA_createserial, days, clrext,
+ extconf, extsect, sno))
+ goto end;
+ } else if (x509req == i) {
+ EVP_PKEY *pk;
+
+ BIO_printf(bio_err, "Getting request Private Key\n");
+ if (keyfile == NULL) {
+ BIO_printf(bio_err, "no request key file specified\n");
+ goto end;
+ } else {
+ pk = load_key(bio_err,
+ keyfile, keyformat, 0,
+ passin, e, "request key");
+ if (pk == NULL)
+ goto end;
+ }
+
+ BIO_printf(bio_err, "Generating certificate request\n");
+
+ rq = X509_to_X509_REQ(x, pk, digest);
+ EVP_PKEY_free(pk);
+ if (rq == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (!noout) {
+ X509_REQ_print(out, rq);
+ PEM_write_bio_X509_REQ(out, rq);
+ }
+ noout = 1;
+ } else if (ocspid == i) {
+ X509_ocspid_print(out, x);
+ }
+ }
+ }
+
+ if (checkend) {
+ time_t tcheck = time(NULL) + checkoffset;
+
+ if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0) {
+ BIO_printf(out, "Certificate will expire\n");
+ ret = 1;
+ } else {
+ BIO_printf(out, "Certificate will not expire\n");
+ ret = 0;
+ }
+ goto end;
+ }
+
+ if (noout) {
+ ret = 0;
+ goto end;
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i = i2d_X509_bio(out, x);
+ else if (outformat == FORMAT_PEM) {
+ if (trustout)
+ i = PEM_write_bio_X509_AUX(out, x);
+ else
+ i = PEM_write_bio_X509(out, x);
+ } else if (outformat == FORMAT_NETSCAPE) {
+ NETSCAPE_X509 nx;
+ ASN1_OCTET_STRING hdr;
+
+ hdr.data = (unsigned char *)NETSCAPE_CERT_HDR;
+ hdr.length = strlen(NETSCAPE_CERT_HDR);
+ nx.header = &hdr;
+ nx.cert = x;
+
+ i = ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509), out, &nx);
+ } else {
+ BIO_printf(bio_err, "bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err, "unable to write certificate\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret = 0;
+ end:
+ if (need_rand)
+ app_RAND_write_file(NULL, bio_err);
+ OBJ_cleanup();
+ NCONF_free(extconf);
+ BIO_free_all(out);
+ BIO_free_all(STDout);
+ X509_STORE_free(ctx);
+ X509_REQ_free(req);
+ X509_free(x);
+ X509_free(xca);
+ EVP_PKEY_free(Upkey);
+ EVP_PKEY_free(CApkey);
+ if (sigopts)
+ sk_OPENSSL_STRING_free(sigopts);
+ X509_REQ_free(rq);
+ ASN1_INTEGER_free(sno);
+ sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
+ sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
+ if (passin)
+ OPENSSL_free(passin);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+
+static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile,
+ int create)
+{
+ char *buf = NULL, *p;
+ ASN1_INTEGER *bs = NULL;
+ BIGNUM *serial = NULL;
+ size_t len;
+
+ len = ((serialfile == NULL)
+ ? (strlen(CAfile) + strlen(POSTFIX) + 1)
+ : (strlen(serialfile))) + 1;
+ buf = OPENSSL_malloc(len);
+ if (buf == NULL) {
+ BIO_printf(bio_err, "out of mem\n");
+ goto end;
+ }
+ if (serialfile == NULL) {
+ BUF_strlcpy(buf, CAfile, len);
+ for (p = buf; *p; p++)
+ if (*p == '.') {
+ *p = '\0';
+ break;
+ }
+ BUF_strlcat(buf, POSTFIX, len);
+ } else
+ BUF_strlcpy(buf, serialfile, len);
+
+ serial = load_serial(buf, create, NULL);
+ if (serial == NULL)
+ goto end;
+
+ if (!BN_add_word(serial, 1)) {
+ BIO_printf(bio_err, "add_word failure\n");
+ goto end;
+ }
+
+ if (!save_serial(buf, NULL, serial, &bs))
+ goto end;
+
+ end:
+ if (buf)
+ OPENSSL_free(buf);
+ BN_free(serial);
+ return bs;
+}
+
+static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
+ X509 *x, X509 *xca, EVP_PKEY *pkey,
+ STACK_OF(OPENSSL_STRING) *sigopts,
+ char *serialfile, int create,
+ int days, int clrext, CONF *conf, char *section,
+ ASN1_INTEGER *sno)
+{
+ int ret = 0;
+ ASN1_INTEGER *bs = NULL;
+ X509_STORE_CTX xsc;
+ EVP_PKEY *upkey;
+
+ upkey = X509_get_pubkey(xca);
+ if (upkey == NULL) {
+ BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
+ goto end;
+ }
+ EVP_PKEY_copy_parameters(upkey, pkey);
+ EVP_PKEY_free(upkey);
+
+ if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) {
+ BIO_printf(bio_err, "Error initialising X509 store\n");
+ goto end;
+ }
+ if (sno)
+ bs = sno;
+ else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
+ goto end;
+
+/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
+
+ /*
+ * NOTE: this certificate can/should be self signed, unless it was a
+ * certificate request in which case it is not.
+ */
+ X509_STORE_CTX_set_cert(&xsc, x);
+ X509_STORE_CTX_set_flags(&xsc, X509_V_FLAG_CHECK_SS_SIGNATURE);
+ if (!reqfile && X509_verify_cert(&xsc) <= 0)
+ goto end;
+
+ if (!X509_check_private_key(xca, pkey)) {
+ BIO_printf(bio_err,
+ "CA certificate and CA private key do not match\n");
+ goto end;
+ }
+
+ if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
+ goto end;
+ if (!X509_set_serialNumber(x, bs))
+ goto end;
+
+ if (X509_gmtime_adj(X509_get_notBefore(x), 0L) == NULL)
+ goto end;
+
+ /* hardwired expired */
+ if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
+ goto end;
+
+ if (clrext) {
+ while (X509_get_ext_count(x) > 0)
+ X509_delete_ext(x, 0);
+ }
+
+ if (conf) {
+ X509V3_CTX ctx2;
+ X509_set_version(x, 2); /* version 3 certificate */
+ X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
+ X509V3_set_nconf(&ctx2, conf);
+ if (!X509V3_EXT_add_nconf(conf, &ctx2, section, x))
+ goto end;
+ }
+
+ if (!do_X509_sign(bio_err, x, pkey, digest, sigopts))
+ goto end;
+ ret = 1;
+ end:
+ X509_STORE_CTX_cleanup(&xsc);
+ if (!ret)
+ ERR_print_errors(bio_err);
+ if (!sno)
+ ASN1_INTEGER_free(bs);
+ return ret;
+}
+
+static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx)
+{
+ int err;
+ X509 *err_cert;
+
+ /*
+ * it is ok to use a self signed certificate This case will catch both
+ * the initial ok == 0 and the final ok == 1 calls to this function
+ */
+ err = X509_STORE_CTX_get_error(ctx);
+ if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
+ return 1;
+
+ /*
+ * BAD we should have gotten an error. Normally if everything worked
+ * X509_STORE_CTX_get_error(ctx) will still be set to
+ * DEPTH_ZERO_SELF_....
+ */
+ if (ok) {
+ BIO_printf(bio_err,
+ "error with certificate to be certified - should be self signed\n");
+ return 0;
+ } else {
+ err_cert = X509_STORE_CTX_get_current_cert(ctx);
+ print_name(bio_err, NULL, X509_get_subject_name(err_cert), 0);
+ BIO_printf(bio_err,
+ "error with certificate - error %d at depth %d\n%s\n", err,
+ X509_STORE_CTX_get_error_depth(ctx),
+ X509_verify_cert_error_string(err));
+ return 1;
+ }
+}
+
+/* self sign */
+static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
+ const EVP_MD *digest, CONF *conf, char *section)
+{
+
+ EVP_PKEY *pktmp;
+
+ pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
+ EVP_PKEY_copy_parameters(pktmp, pkey);
+ EVP_PKEY_save_parameters(pktmp, 1);
+ EVP_PKEY_free(pktmp);
+
+ if (!X509_set_issuer_name(x, X509_get_subject_name(x)))
+ goto err;
+ if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL)
+ goto err;
+
+ if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
+ goto err;
+
+ if (!X509_set_pubkey(x, pkey))
+ goto err;
+ if (clrext) {
+ while (X509_get_ext_count(x) > 0)
+ X509_delete_ext(x, 0);
+ }
+ if (conf) {
+ X509V3_CTX ctx;
+ X509_set_version(x, 2); /* version 3 certificate */
+ X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);
+ X509V3_set_nconf(&ctx, conf);
+ if (!X509V3_EXT_add_nconf(conf, &ctx, section, x))
+ goto err;
+ }
+ if (!X509_sign(x, pkey, digest))
+ goto err;
+ return 1;
+ err:
+ ERR_print_errors(bio_err);
+ return 0;
+}
+
+static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
+{
+ int id, i, idret;
+ char *pname;
+ id = X509_PURPOSE_get_id(pt);
+ pname = X509_PURPOSE_get0_name(pt);
+ for (i = 0; i < 2; i++) {
+ idret = X509_check_purpose(cert, id, i);
+ BIO_printf(bio, "%s%s : ", pname, i ? " CA" : "");
+ if (idret == 1)
+ BIO_printf(bio, "Yes\n");
+ else if (idret == 0)
+ BIO_printf(bio, "No\n");
+ else
+ BIO_printf(bio, "Yes (WARNING code=%d)\n", idret);
+ }
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,149 +0,0 @@
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_H
-# define HEADER_AES_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_AES
-# error AES is disabled.
-# endif
-
-# include <stddef.h>
-
-# define AES_ENCRYPT 1
-# define AES_DECRYPT 0
-
-/*
- * Because array size can't be a const in C, the following two are macros.
- * Both sizes are in bytes.
- */
-# define AES_MAXNR 14
-# define AES_BLOCK_SIZE 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-struct aes_key_st {
-# ifdef AES_LONG
- unsigned long rd_key[4 * (AES_MAXNR + 1)];
-# else
- unsigned int rd_key[4 * (AES_MAXNR + 1)];
-# endif
- int rounds;
-};
-typedef struct aes_key_st AES_KEY;
-
-const char *AES_options(void);
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
-
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
-
-void AES_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key);
-void AES_decrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key);
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key, const int enc);
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc);
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num);
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char ivec[AES_BLOCK_SIZE],
- unsigned char ecount_buf[AES_BLOCK_SIZE],
- unsigned int *num);
-/* NB: the IV is _two_ blocks long */
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc);
-/* NB: the IV is _four_ blocks long */
-void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- const AES_KEY *key2, const unsigned char *ivec,
- const int enc);
-
-int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen);
-int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen);
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !HEADER_AES_H */
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,149 @@
+/* crypto/aes/aes.h */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_H
+# define HEADER_AES_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_AES
+# error AES is disabled.
+# endif
+
+# include <stddef.h>
+
+# define AES_ENCRYPT 1
+# define AES_DECRYPT 0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+# define AES_MAXNR 14
+# define AES_BLOCK_SIZE 16
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+struct aes_key_st {
+# ifdef AES_LONG
+ unsigned long rd_key[4 * (AES_MAXNR + 1)];
+# else
+ unsigned int rd_key[4 * (AES_MAXNR + 1)];
+# endif
+ int rounds;
+};
+typedef struct aes_key_st AES_KEY;
+
+const char *AES_options(void);
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+
+void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key, const int enc);
+void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
+void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num);
+void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char ivec[AES_BLOCK_SIZE],
+ unsigned char ecount_buf[AES_BLOCK_SIZE],
+ unsigned int *num);
+/* NB: the IV is _two_ blocks long */
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
+/* NB: the IV is _four_ blocks long */
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ const AES_KEY *key2, const unsigned char *ivec,
+ const int enc);
+
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, unsigned int inlen);
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, unsigned int inlen);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !HEADER_AES_H */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_cbc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,66 +0,0 @@
-/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const AES_KEY *key,
- unsigned char *ivec, const int enc)
-{
-
- if (enc)
- CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
- (block128_f) AES_encrypt);
- else
- CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
- (block128_f) AES_decrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_cbc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cbc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,66 @@
+/* crypto/aes/aes_cbc.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const AES_KEY *key,
+ unsigned char *ivec, const int enc)
+{
+
+ if (enc)
+ CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+ (block128_f) AES_encrypt);
+ else
+ CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+ (block128_f) AES_decrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_cfb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,85 +0,0 @@
-/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit cfb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc)
-{
-
- CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
- (block128_f) AES_encrypt);
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc)
-{
- CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
- (block128_f) AES_encrypt);
-}
-
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc)
-{
- CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
- (block128_f) AES_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_cfb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_cfb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,85 @@
+/* crypto/aes/aes_cfb.c */
+/* ====================================================================
+ * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+/*
+ * The input and output encrypted as though 128bit cfb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+
+void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
+{
+
+ CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) AES_encrypt);
+}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
+{
+ CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) AES_encrypt);
+}
+
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
+{
+ CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) AES_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_core.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1363 +0,0 @@
-/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen at esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers at esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto at terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* Note: rewritten a little bit to provide error control and an OpenSSL-
- compatible API */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-#ifndef AES_ASM
-/*-
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01];
-*/
-
-static const u32 Te0[256] = {
- 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
- 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
- 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
- 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
- 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
- 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
- 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
- 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
- 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
- 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
- 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
- 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
- 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
- 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
- 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
- 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
- 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
- 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
- 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
- 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
- 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
- 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
- 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
- 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
- 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
- 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
- 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
- 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
- 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
- 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
- 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
- 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
- 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
- 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
- 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
- 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
- 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
- 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
- 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
- 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
- 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
- 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
- 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
- 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
- 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
- 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
- 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
- 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
- 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
- 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
- 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
- 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
- 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
- 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
- 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
- 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
- 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
- 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
- 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
- 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
- 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
- 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
- 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
- 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
-};
-static const u32 Te1[256] = {
- 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
- 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
- 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
- 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
- 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
- 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
- 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
- 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
- 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
- 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
- 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
- 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
- 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
- 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
- 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
- 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
- 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
- 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
- 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
- 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
- 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
- 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
- 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
- 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
- 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
- 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
- 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
- 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
- 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
- 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
- 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
- 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
- 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
- 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
- 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
- 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
- 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
- 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
- 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
- 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
- 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
- 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
- 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
- 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
- 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
- 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
- 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
- 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
- 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
- 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
- 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
- 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
- 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
- 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
- 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
- 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
- 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
- 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
- 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
- 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
- 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
- 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
- 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
- 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
-};
-static const u32 Te2[256] = {
- 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
- 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
- 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
- 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
- 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
- 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
- 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
- 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
- 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
- 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
- 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
- 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
- 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
- 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
- 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
- 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
- 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
- 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
- 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
- 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
- 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
- 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
- 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
- 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
- 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
- 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
- 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
- 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
- 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
- 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
- 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
- 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
- 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
- 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
- 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
- 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
- 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
- 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
- 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
- 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
- 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
- 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
- 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
- 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
- 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
- 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
- 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
- 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
- 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
- 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
- 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
- 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
- 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
- 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
- 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
- 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
- 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
- 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
- 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
- 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
- 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
- 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
- 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
- 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
-};
-static const u32 Te3[256] = {
- 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
- 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
- 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
- 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
- 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
- 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
- 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
- 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
- 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
- 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
- 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
- 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
- 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
- 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
- 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
- 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
- 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
- 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
- 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
- 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
- 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
- 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
- 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
- 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
- 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
- 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
- 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
- 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
- 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
- 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
- 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
- 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
- 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
- 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
- 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
- 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
- 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
- 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
- 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
- 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
- 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
- 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
- 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
- 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
- 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
- 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
- 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
- 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
- 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
- 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
- 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
- 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
- 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
- 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
- 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
- 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
- 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
- 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
- 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
- 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
- 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
- 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
- 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
- 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
-};
-
-static const u32 Td0[256] = {
- 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
- 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
- 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
- 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
- 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
- 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
- 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
- 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
- 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
- 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
- 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
- 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
- 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
- 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
- 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
- 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
- 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
- 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
- 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
- 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
- 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
- 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
- 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
- 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
- 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
- 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
- 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
- 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
- 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
- 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
- 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
- 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
- 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
- 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
- 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
- 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
- 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
- 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
- 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
- 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
- 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
- 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
- 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
- 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
- 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
- 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
- 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
- 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
- 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
- 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
- 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
- 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
- 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
- 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
- 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
- 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
- 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
- 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
- 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
- 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
- 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
- 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
- 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
- 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
-};
-static const u32 Td1[256] = {
- 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
- 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
- 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
- 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
- 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
- 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
- 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
- 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
- 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
- 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
- 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
- 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
- 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
- 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
- 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
- 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
- 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
- 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
- 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
- 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
- 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
- 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
- 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
- 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
- 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
- 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
- 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
- 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
- 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
- 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
- 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
- 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
- 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
- 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
- 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
- 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
- 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
- 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
- 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
- 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
- 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
- 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
- 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
- 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
- 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
- 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
- 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
- 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
- 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
- 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
- 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
- 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
- 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
- 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
- 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
- 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
- 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
- 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
- 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
- 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
- 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
- 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
- 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
- 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
-};
-static const u32 Td2[256] = {
- 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
- 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
- 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
- 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
- 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
- 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
- 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
- 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
- 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
- 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
- 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
- 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
- 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
- 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
- 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
- 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
- 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
- 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
- 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
- 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
- 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
- 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
- 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
- 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
- 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
- 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
- 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
- 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
- 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
- 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
- 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
- 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
- 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
- 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
- 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
- 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
- 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
- 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
- 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
- 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
- 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
- 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
- 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
- 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
- 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
- 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
- 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
- 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
- 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
- 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
- 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
- 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
- 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
- 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
- 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
- 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
- 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
- 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
- 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
- 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
- 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
- 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
- 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
- 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
-};
-static const u32 Td3[256] = {
- 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
- 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
- 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
- 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
- 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
- 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
- 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
- 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
- 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
- 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
- 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
- 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
- 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
- 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
- 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
- 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
- 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
- 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
- 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
- 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
- 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
- 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
- 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
- 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
- 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
- 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
- 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
- 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
- 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
- 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
- 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
- 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
- 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
- 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
- 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
- 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
- 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
- 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
- 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
- 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
- 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
- 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
- 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
- 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
- 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
- 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
- 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
- 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
- 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
- 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
- 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
- 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
- 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
- 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
- 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
- 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
- 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
- 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
- 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
- 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
- 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
- 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
- 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
- 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
-};
-static const u8 Td4[256] = {
- 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
- 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
- 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
- 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
- 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
- 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
- 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
- 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
- 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
- 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
- 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
- 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
- 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
- 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
- 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
- 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
- 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
- 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
- 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
- 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
- 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
- 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
- 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
- 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
- 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
- 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
- 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
- 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
- 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
- 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
- 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
- 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
-};
-static const u32 rcon[] = {
- 0x01000000, 0x02000000, 0x04000000, 0x08000000,
- 0x10000000, 0x20000000, 0x40000000, 0x80000000,
- 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-
- u32 *rk;
- int i = 0;
- u32 temp;
-
- if (!userKey || !key)
- return -1;
- if (bits != 128 && bits != 192 && bits != 256)
- return -2;
-
- rk = key->rd_key;
-
- if (bits==128)
- key->rounds = 10;
- else if (bits==192)
- key->rounds = 12;
- else
- key->rounds = 14;
-
- rk[0] = GETU32(userKey );
- rk[1] = GETU32(userKey + 4);
- rk[2] = GETU32(userKey + 8);
- rk[3] = GETU32(userKey + 12);
- if (bits == 128) {
- while (1) {
- temp = rk[3];
- rk[4] = rk[0] ^
- (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
- (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
- (Te0[(temp ) & 0xff] & 0x0000ff00) ^
- (Te1[(temp >> 24) ] & 0x000000ff) ^
- rcon[i];
- rk[5] = rk[1] ^ rk[4];
- rk[6] = rk[2] ^ rk[5];
- rk[7] = rk[3] ^ rk[6];
- if (++i == 10) {
- return 0;
- }
- rk += 4;
- }
- }
- rk[4] = GETU32(userKey + 16);
- rk[5] = GETU32(userKey + 20);
- if (bits == 192) {
- while (1) {
- temp = rk[ 5];
- rk[ 6] = rk[ 0] ^
- (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
- (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
- (Te0[(temp ) & 0xff] & 0x0000ff00) ^
- (Te1[(temp >> 24) ] & 0x000000ff) ^
- rcon[i];
- rk[ 7] = rk[ 1] ^ rk[ 6];
- rk[ 8] = rk[ 2] ^ rk[ 7];
- rk[ 9] = rk[ 3] ^ rk[ 8];
- if (++i == 8) {
- return 0;
- }
- rk[10] = rk[ 4] ^ rk[ 9];
- rk[11] = rk[ 5] ^ rk[10];
- rk += 6;
- }
- }
- rk[6] = GETU32(userKey + 24);
- rk[7] = GETU32(userKey + 28);
- if (bits == 256) {
- while (1) {
- temp = rk[ 7];
- rk[ 8] = rk[ 0] ^
- (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
- (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
- (Te0[(temp ) & 0xff] & 0x0000ff00) ^
- (Te1[(temp >> 24) ] & 0x000000ff) ^
- rcon[i];
- rk[ 9] = rk[ 1] ^ rk[ 8];
- rk[10] = rk[ 2] ^ rk[ 9];
- rk[11] = rk[ 3] ^ rk[10];
- if (++i == 7) {
- return 0;
- }
- temp = rk[11];
- rk[12] = rk[ 4] ^
- (Te2[(temp >> 24) ] & 0xff000000) ^
- (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
- (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
- (Te1[(temp ) & 0xff] & 0x000000ff);
- rk[13] = rk[ 5] ^ rk[12];
- rk[14] = rk[ 6] ^ rk[13];
- rk[15] = rk[ 7] ^ rk[14];
-
- rk += 8;
- }
- }
- return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-
- u32 *rk;
- int i, j, status;
- u32 temp;
-
- /* first, start with an encryption schedule */
- status = private_AES_set_encrypt_key(userKey, bits, key);
- if (status < 0)
- return status;
-
- rk = key->rd_key;
-
- /* invert the order of the round keys: */
- for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
- temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
- temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
- temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
- temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
- }
- /* apply the inverse MixColumn transform to all round keys but the first and the last: */
- for (i = 1; i < (key->rounds); i++) {
- rk += 4;
- rk[0] =
- Td0[Te1[(rk[0] >> 24) ] & 0xff] ^
- Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
- Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
- Td3[Te1[(rk[0] ) & 0xff] & 0xff];
- rk[1] =
- Td0[Te1[(rk[1] >> 24) ] & 0xff] ^
- Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
- Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
- Td3[Te1[(rk[1] ) & 0xff] & 0xff];
- rk[2] =
- Td0[Te1[(rk[2] >> 24) ] & 0xff] ^
- Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
- Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
- Td3[Te1[(rk[2] ) & 0xff] & 0xff];
- rk[3] =
- Td0[Te1[(rk[3] >> 24) ] & 0xff] ^
- Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
- Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
- Td3[Te1[(rk[3] ) & 0xff] & 0xff];
- }
- return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void AES_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key) {
-
- const u32 *rk;
- u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
- int r;
-#endif /* ?FULL_UNROLL */
-
- assert(in && out && key);
- rk = key->rd_key;
-
- /*
- * map byte array block to cipher state
- * and add initial round key:
- */
- s0 = GETU32(in ) ^ rk[0];
- s1 = GETU32(in + 4) ^ rk[1];
- s2 = GETU32(in + 8) ^ rk[2];
- s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
- /* round 1: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
- /* round 2: */
- s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
- s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
- s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
- s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
- /* round 3: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
- /* round 4: */
- s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
- s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
- s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
- s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
- /* round 5: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
- /* round 6: */
- s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
- s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
- s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
- s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
- /* round 7: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
- /* round 8: */
- s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
- s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
- s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
- s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
- /* round 9: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
- if (key->rounds > 10) {
- /* round 10: */
- s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
- s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
- s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
- s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
- /* round 11: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
- if (key->rounds > 12) {
- /* round 12: */
- s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
- s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
- s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
- s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
- /* round 13: */
- t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
- t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
- t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
- t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
- }
- }
- rk += key->rounds << 2;
-#else /* !FULL_UNROLL */
- /*
- * Nr - 1 full rounds:
- */
- r = key->rounds >> 1;
- for (;;) {
- t0 =
- Te0[(s0 >> 24) ] ^
- Te1[(s1 >> 16) & 0xff] ^
- Te2[(s2 >> 8) & 0xff] ^
- Te3[(s3 ) & 0xff] ^
- rk[4];
- t1 =
- Te0[(s1 >> 24) ] ^
- Te1[(s2 >> 16) & 0xff] ^
- Te2[(s3 >> 8) & 0xff] ^
- Te3[(s0 ) & 0xff] ^
- rk[5];
- t2 =
- Te0[(s2 >> 24) ] ^
- Te1[(s3 >> 16) & 0xff] ^
- Te2[(s0 >> 8) & 0xff] ^
- Te3[(s1 ) & 0xff] ^
- rk[6];
- t3 =
- Te0[(s3 >> 24) ] ^
- Te1[(s0 >> 16) & 0xff] ^
- Te2[(s1 >> 8) & 0xff] ^
- Te3[(s2 ) & 0xff] ^
- rk[7];
-
- rk += 8;
- if (--r == 0) {
- break;
- }
-
- s0 =
- Te0[(t0 >> 24) ] ^
- Te1[(t1 >> 16) & 0xff] ^
- Te2[(t2 >> 8) & 0xff] ^
- Te3[(t3 ) & 0xff] ^
- rk[0];
- s1 =
- Te0[(t1 >> 24) ] ^
- Te1[(t2 >> 16) & 0xff] ^
- Te2[(t3 >> 8) & 0xff] ^
- Te3[(t0 ) & 0xff] ^
- rk[1];
- s2 =
- Te0[(t2 >> 24) ] ^
- Te1[(t3 >> 16) & 0xff] ^
- Te2[(t0 >> 8) & 0xff] ^
- Te3[(t1 ) & 0xff] ^
- rk[2];
- s3 =
- Te0[(t3 >> 24) ] ^
- Te1[(t0 >> 16) & 0xff] ^
- Te2[(t1 >> 8) & 0xff] ^
- Te3[(t2 ) & 0xff] ^
- rk[3];
- }
-#endif /* ?FULL_UNROLL */
- /*
- * apply last round and
- * map cipher state to byte array block:
- */
- s0 =
- (Te2[(t0 >> 24) ] & 0xff000000) ^
- (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
- (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
- (Te1[(t3 ) & 0xff] & 0x000000ff) ^
- rk[0];
- PUTU32(out , s0);
- s1 =
- (Te2[(t1 >> 24) ] & 0xff000000) ^
- (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
- (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
- (Te1[(t0 ) & 0xff] & 0x000000ff) ^
- rk[1];
- PUTU32(out + 4, s1);
- s2 =
- (Te2[(t2 >> 24) ] & 0xff000000) ^
- (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
- (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
- (Te1[(t1 ) & 0xff] & 0x000000ff) ^
- rk[2];
- PUTU32(out + 8, s2);
- s3 =
- (Te2[(t3 >> 24) ] & 0xff000000) ^
- (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
- (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
- (Te1[(t2 ) & 0xff] & 0x000000ff) ^
- rk[3];
- PUTU32(out + 12, s3);
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void AES_decrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key)
-{
-
- const u32 *rk;
- u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
- int r;
-#endif /* ?FULL_UNROLL */
-
- assert(in && out && key);
- rk = key->rd_key;
-
- /*
- * map byte array block to cipher state
- * and add initial round key:
- */
- s0 = GETU32(in ) ^ rk[0];
- s1 = GETU32(in + 4) ^ rk[1];
- s2 = GETU32(in + 8) ^ rk[2];
- s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
- /* round 1: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
- /* round 2: */
- s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
- s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
- s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
- s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
- /* round 3: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
- /* round 4: */
- s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
- s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
- s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
- s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
- /* round 5: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
- /* round 6: */
- s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
- s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
- s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
- s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
- /* round 7: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
- /* round 8: */
- s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
- s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
- s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
- s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
- /* round 9: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
- if (key->rounds > 10) {
- /* round 10: */
- s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
- s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
- s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
- s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
- /* round 11: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
- if (key->rounds > 12) {
- /* round 12: */
- s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
- s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
- s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
- s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
- /* round 13: */
- t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
- t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
- t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
- t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
- }
- }
- rk += key->rounds << 2;
-#else /* !FULL_UNROLL */
- /*
- * Nr - 1 full rounds:
- */
- r = key->rounds >> 1;
- for (;;) {
- t0 =
- Td0[(s0 >> 24) ] ^
- Td1[(s3 >> 16) & 0xff] ^
- Td2[(s2 >> 8) & 0xff] ^
- Td3[(s1 ) & 0xff] ^
- rk[4];
- t1 =
- Td0[(s1 >> 24) ] ^
- Td1[(s0 >> 16) & 0xff] ^
- Td2[(s3 >> 8) & 0xff] ^
- Td3[(s2 ) & 0xff] ^
- rk[5];
- t2 =
- Td0[(s2 >> 24) ] ^
- Td1[(s1 >> 16) & 0xff] ^
- Td2[(s0 >> 8) & 0xff] ^
- Td3[(s3 ) & 0xff] ^
- rk[6];
- t3 =
- Td0[(s3 >> 24) ] ^
- Td1[(s2 >> 16) & 0xff] ^
- Td2[(s1 >> 8) & 0xff] ^
- Td3[(s0 ) & 0xff] ^
- rk[7];
-
- rk += 8;
- if (--r == 0) {
- break;
- }
-
- s0 =
- Td0[(t0 >> 24) ] ^
- Td1[(t3 >> 16) & 0xff] ^
- Td2[(t2 >> 8) & 0xff] ^
- Td3[(t1 ) & 0xff] ^
- rk[0];
- s1 =
- Td0[(t1 >> 24) ] ^
- Td1[(t0 >> 16) & 0xff] ^
- Td2[(t3 >> 8) & 0xff] ^
- Td3[(t2 ) & 0xff] ^
- rk[1];
- s2 =
- Td0[(t2 >> 24) ] ^
- Td1[(t1 >> 16) & 0xff] ^
- Td2[(t0 >> 8) & 0xff] ^
- Td3[(t3 ) & 0xff] ^
- rk[2];
- s3 =
- Td0[(t3 >> 24) ] ^
- Td1[(t2 >> 16) & 0xff] ^
- Td2[(t1 >> 8) & 0xff] ^
- Td3[(t0 ) & 0xff] ^
- rk[3];
- }
-#endif /* ?FULL_UNROLL */
- /*
- * apply last round and
- * map cipher state to byte array block:
- */
- s0 =
- ((u32)Td4[(t0 >> 24) ] << 24) ^
- ((u32)Td4[(t3 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(t2 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(t1 ) & 0xff]) ^
- rk[0];
- PUTU32(out , s0);
- s1 =
- ((u32)Td4[(t1 >> 24) ] << 24) ^
- ((u32)Td4[(t0 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(t3 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(t2 ) & 0xff]) ^
- rk[1];
- PUTU32(out + 4, s1);
- s2 =
- ((u32)Td4[(t2 >> 24) ] << 24) ^
- ((u32)Td4[(t1 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(t0 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(t3 ) & 0xff]) ^
- rk[2];
- PUTU32(out + 8, s2);
- s3 =
- ((u32)Td4[(t3 >> 24) ] << 24) ^
- ((u32)Td4[(t2 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(t1 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(t0 ) & 0xff]) ^
- rk[3];
- PUTU32(out + 12, s3);
-}
-
-#else /* AES_ASM */
-
-static const u8 Te4[256] = {
- 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
- 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
- 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
- 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
- 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
- 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
- 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
- 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
- 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
- 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
- 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
- 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
- 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
- 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
- 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
- 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
- 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
- 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
- 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
- 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
- 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
- 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
- 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
- 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
- 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
- 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
- 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
- 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
- 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
- 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
- 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
- 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-static const u32 rcon[] = {
- 0x01000000, 0x02000000, 0x04000000, 0x08000000,
- 0x10000000, 0x20000000, 0x40000000, 0x80000000,
- 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
- u32 *rk;
- int i = 0;
- u32 temp;
-
- if (!userKey || !key)
- return -1;
- if (bits != 128 && bits != 192 && bits != 256)
- return -2;
-
- rk = key->rd_key;
-
- if (bits==128)
- key->rounds = 10;
- else if (bits==192)
- key->rounds = 12;
- else
- key->rounds = 14;
-
- rk[0] = GETU32(userKey );
- rk[1] = GETU32(userKey + 4);
- rk[2] = GETU32(userKey + 8);
- rk[3] = GETU32(userKey + 12);
- if (bits == 128) {
- while (1) {
- temp = rk[3];
- rk[4] = rk[0] ^
- ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
- ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
- ((u32)Te4[(temp ) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 24) ]) ^
- rcon[i];
- rk[5] = rk[1] ^ rk[4];
- rk[6] = rk[2] ^ rk[5];
- rk[7] = rk[3] ^ rk[6];
- if (++i == 10) {
- return 0;
- }
- rk += 4;
- }
- }
- rk[4] = GETU32(userKey + 16);
- rk[5] = GETU32(userKey + 20);
- if (bits == 192) {
- while (1) {
- temp = rk[ 5];
- rk[ 6] = rk[ 0] ^
- ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
- ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
- ((u32)Te4[(temp ) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 24) ]) ^
- rcon[i];
- rk[ 7] = rk[ 1] ^ rk[ 6];
- rk[ 8] = rk[ 2] ^ rk[ 7];
- rk[ 9] = rk[ 3] ^ rk[ 8];
- if (++i == 8) {
- return 0;
- }
- rk[10] = rk[ 4] ^ rk[ 9];
- rk[11] = rk[ 5] ^ rk[10];
- rk += 6;
- }
- }
- rk[6] = GETU32(userKey + 24);
- rk[7] = GETU32(userKey + 28);
- if (bits == 256) {
- while (1) {
- temp = rk[ 7];
- rk[ 8] = rk[ 0] ^
- ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
- ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
- ((u32)Te4[(temp ) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 24) ]) ^
- rcon[i];
- rk[ 9] = rk[ 1] ^ rk[ 8];
- rk[10] = rk[ 2] ^ rk[ 9];
- rk[11] = rk[ 3] ^ rk[10];
- if (++i == 7) {
- return 0;
- }
- temp = rk[11];
- rk[12] = rk[ 4] ^
- ((u32)Te4[(temp >> 24) ] << 24) ^
- ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
- ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
- ((u32)Te4[(temp ) & 0xff]);
- rk[13] = rk[ 5] ^ rk[12];
- rk[14] = rk[ 6] ^ rk[13];
- rk[15] = rk[ 7] ^ rk[14];
-
- rk += 8;
- }
- }
- return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-
- u32 *rk;
- int i, j, status;
- u32 temp;
-
- /* first, start with an encryption schedule */
- status = private_AES_set_encrypt_key(userKey, bits, key);
- if (status < 0)
- return status;
-
- rk = key->rd_key;
-
- /* invert the order of the round keys: */
- for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
- temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
- temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
- temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
- temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
- }
- /* apply the inverse MixColumn transform to all round keys but the first and the last: */
- for (i = 1; i < (key->rounds); i++) {
- rk += 4;
- for (j = 0; j < 4; j++) {
- u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
- tp1 = rk[j];
- m = tp1 & 0x80808080;
- tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp2 & 0x80808080;
- tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp4 & 0x80808080;
- tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- tp9 = tp8 ^ tp1;
- tpb = tp9 ^ tp2;
- tpd = tp9 ^ tp4;
- tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
- rk[j] = tpe ^ ROTATE(tpd,16) ^
- ROTATE(tp9,24) ^ ROTATE(tpb,8);
-#else
- rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
- (tp9 >> 8) ^ (tp9 << 24) ^
- (tpb >> 24) ^ (tpb << 8);
-#endif
- }
- }
- return 0;
-}
-
-#endif /* AES_ASM */
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_core.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_core.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1363 @@
+/* crypto/aes/aes_core.c */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen at esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers at esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto at terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Note: rewritten a little bit to provide error control and an OpenSSL-
+ compatible API */
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+#ifndef AES_ASM
+/*-
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01];
+*/
+
+static const u32 Te0[256] = {
+ 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
+ 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
+ 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
+ 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
+ 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
+ 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
+ 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
+ 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
+ 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
+ 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
+ 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
+ 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
+ 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
+ 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
+ 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
+ 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
+ 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
+ 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
+ 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
+ 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
+ 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
+ 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
+ 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
+ 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
+ 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
+ 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
+ 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
+ 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
+ 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
+ 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
+ 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
+ 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
+ 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
+ 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
+ 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
+ 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
+ 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
+ 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
+ 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
+ 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
+ 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
+ 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
+ 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
+ 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
+ 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
+ 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
+ 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
+ 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
+ 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
+ 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
+ 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
+ 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
+ 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
+ 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
+ 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
+ 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
+ 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
+ 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
+ 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
+ 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
+ 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
+ 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
+ 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
+ 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
+};
+static const u32 Te1[256] = {
+ 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
+ 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
+ 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
+ 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
+ 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
+ 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
+ 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
+ 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
+ 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
+ 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
+ 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
+ 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
+ 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
+ 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
+ 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
+ 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
+ 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
+ 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
+ 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
+ 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
+ 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
+ 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
+ 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
+ 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
+ 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
+ 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
+ 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
+ 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
+ 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
+ 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
+ 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
+ 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
+ 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
+ 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
+ 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
+ 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
+ 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
+ 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
+ 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
+ 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
+ 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
+ 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
+ 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
+ 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
+ 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
+ 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
+ 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
+ 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
+ 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
+ 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
+ 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
+ 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
+ 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
+ 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
+ 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
+ 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
+ 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
+ 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
+ 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
+ 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
+ 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
+ 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
+ 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
+ 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
+};
+static const u32 Te2[256] = {
+ 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
+ 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
+ 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
+ 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
+ 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
+ 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
+ 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
+ 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
+ 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
+ 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
+ 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
+ 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
+ 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
+ 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
+ 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
+ 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
+ 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
+ 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
+ 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
+ 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
+ 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
+ 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
+ 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
+ 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
+ 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
+ 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
+ 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
+ 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
+ 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
+ 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
+ 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
+ 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
+ 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
+ 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
+ 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
+ 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
+ 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
+ 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
+ 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
+ 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
+ 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
+ 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
+ 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
+ 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
+ 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
+ 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
+ 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
+ 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
+ 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
+ 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
+ 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
+ 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
+ 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
+ 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
+ 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
+ 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
+ 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
+ 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
+ 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
+ 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
+ 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
+ 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
+ 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
+ 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
+};
+static const u32 Te3[256] = {
+ 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
+ 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
+ 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
+ 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
+ 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
+ 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
+ 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
+ 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
+ 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
+ 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
+ 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
+ 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
+ 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
+ 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
+ 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
+ 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
+ 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
+ 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
+ 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
+ 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
+ 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
+ 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
+ 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
+ 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
+ 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
+ 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
+ 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
+ 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
+ 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
+ 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
+ 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
+ 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
+ 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
+ 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
+ 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
+ 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
+ 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
+ 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
+ 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
+ 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
+ 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
+ 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
+ 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
+ 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
+ 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
+ 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
+ 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
+ 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
+ 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
+ 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
+ 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
+ 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
+ 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
+ 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
+ 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
+ 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
+ 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
+ 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
+ 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
+ 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
+ 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
+ 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
+ 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
+ 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
+};
+
+static const u32 Td0[256] = {
+ 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
+ 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
+ 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
+ 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
+ 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
+ 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
+ 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
+ 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
+ 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
+ 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
+ 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
+ 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
+ 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
+ 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
+ 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
+ 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
+ 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
+ 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
+ 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
+ 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
+ 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
+ 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
+ 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
+ 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
+ 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
+ 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
+ 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
+ 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
+ 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
+ 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
+ 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
+ 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
+ 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
+ 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
+ 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
+ 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
+ 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
+ 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
+ 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
+ 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
+ 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
+ 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
+ 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
+ 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
+ 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
+ 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
+ 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
+ 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
+ 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
+ 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
+ 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
+ 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
+ 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
+ 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
+ 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
+ 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
+ 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
+ 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
+ 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
+ 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
+ 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
+ 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
+ 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
+ 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
+};
+static const u32 Td1[256] = {
+ 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
+ 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
+ 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
+ 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
+ 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
+ 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
+ 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
+ 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
+ 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
+ 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
+ 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
+ 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
+ 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
+ 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
+ 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
+ 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
+ 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
+ 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
+ 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
+ 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
+ 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
+ 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
+ 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
+ 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
+ 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
+ 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
+ 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
+ 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
+ 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
+ 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
+ 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
+ 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
+ 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
+ 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
+ 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
+ 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
+ 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
+ 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
+ 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
+ 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
+ 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
+ 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
+ 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
+ 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
+ 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
+ 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
+ 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
+ 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
+ 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
+ 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
+ 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
+ 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
+ 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
+ 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
+ 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
+ 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
+ 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
+ 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
+ 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
+ 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
+ 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
+ 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
+ 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
+ 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
+};
+static const u32 Td2[256] = {
+ 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
+ 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
+ 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
+ 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
+ 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
+ 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
+ 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
+ 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
+ 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
+ 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
+ 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
+ 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
+ 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
+ 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
+ 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
+ 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
+ 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
+ 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
+ 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
+ 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
+ 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
+ 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
+ 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
+ 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
+ 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
+ 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
+ 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
+ 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
+ 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
+ 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
+ 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
+ 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
+ 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
+ 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
+ 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
+ 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
+ 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
+ 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
+ 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
+ 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
+ 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
+ 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
+ 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
+ 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
+ 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
+ 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
+ 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
+ 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
+ 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
+ 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
+ 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
+ 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
+ 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
+ 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
+ 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
+ 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
+ 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
+ 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
+ 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
+ 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
+ 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
+ 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
+ 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
+ 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
+};
+static const u32 Td3[256] = {
+ 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
+ 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
+ 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
+ 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
+ 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
+ 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
+ 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
+ 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
+ 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
+ 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
+ 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
+ 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
+ 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
+ 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
+ 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
+ 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
+ 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
+ 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
+ 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
+ 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
+ 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
+ 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
+ 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
+ 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
+ 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
+ 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
+ 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
+ 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
+ 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
+ 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
+ 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
+ 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
+ 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
+ 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
+ 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
+ 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
+ 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
+ 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
+ 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
+ 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
+ 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
+ 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
+ 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
+ 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
+ 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
+ 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
+ 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
+ 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
+ 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
+ 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
+ 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
+ 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
+ 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
+ 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
+ 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
+ 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
+ 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
+ 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
+ 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
+ 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
+ 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
+ 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
+ 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
+ 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
+};
+static const u8 Td4[256] = {
+ 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+ 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+ 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+ 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+ 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+ 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+ 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+ 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+ 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+ 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+ 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+ 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+ 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+ 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+ 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+ 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+ 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+ 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+ 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+ 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+ 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+ 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+ 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+ 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+ 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+ 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+ 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+ 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+ 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+ 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+ 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+ 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
+};
+static const u32 rcon[] = {
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000,
+ 0x10000000, 0x20000000, 0x40000000, 0x80000000,
+ 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i = 0;
+ u32 temp;
+
+ if (!userKey || !key)
+ return -1;
+ if (bits != 128 && bits != 192 && bits != 256)
+ return -2;
+
+ rk = key->rd_key;
+
+ if (bits==128)
+ key->rounds = 10;
+ else if (bits==192)
+ key->rounds = 12;
+ else
+ key->rounds = 14;
+
+ rk[0] = GETU32(userKey );
+ rk[1] = GETU32(userKey + 4);
+ rk[2] = GETU32(userKey + 8);
+ rk[3] = GETU32(userKey + 12);
+ if (bits == 128) {
+ while (1) {
+ temp = rk[3];
+ rk[4] = rk[0] ^
+ (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+ (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
+ (Te0[(temp ) & 0xff] & 0x0000ff00) ^
+ (Te1[(temp >> 24) ] & 0x000000ff) ^
+ rcon[i];
+ rk[5] = rk[1] ^ rk[4];
+ rk[6] = rk[2] ^ rk[5];
+ rk[7] = rk[3] ^ rk[6];
+ if (++i == 10) {
+ return 0;
+ }
+ rk += 4;
+ }
+ }
+ rk[4] = GETU32(userKey + 16);
+ rk[5] = GETU32(userKey + 20);
+ if (bits == 192) {
+ while (1) {
+ temp = rk[ 5];
+ rk[ 6] = rk[ 0] ^
+ (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+ (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
+ (Te0[(temp ) & 0xff] & 0x0000ff00) ^
+ (Te1[(temp >> 24) ] & 0x000000ff) ^
+ rcon[i];
+ rk[ 7] = rk[ 1] ^ rk[ 6];
+ rk[ 8] = rk[ 2] ^ rk[ 7];
+ rk[ 9] = rk[ 3] ^ rk[ 8];
+ if (++i == 8) {
+ return 0;
+ }
+ rk[10] = rk[ 4] ^ rk[ 9];
+ rk[11] = rk[ 5] ^ rk[10];
+ rk += 6;
+ }
+ }
+ rk[6] = GETU32(userKey + 24);
+ rk[7] = GETU32(userKey + 28);
+ if (bits == 256) {
+ while (1) {
+ temp = rk[ 7];
+ rk[ 8] = rk[ 0] ^
+ (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+ (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
+ (Te0[(temp ) & 0xff] & 0x0000ff00) ^
+ (Te1[(temp >> 24) ] & 0x000000ff) ^
+ rcon[i];
+ rk[ 9] = rk[ 1] ^ rk[ 8];
+ rk[10] = rk[ 2] ^ rk[ 9];
+ rk[11] = rk[ 3] ^ rk[10];
+ if (++i == 7) {
+ return 0;
+ }
+ temp = rk[11];
+ rk[12] = rk[ 4] ^
+ (Te2[(temp >> 24) ] & 0xff000000) ^
+ (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
+ (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
+ (Te1[(temp ) & 0xff] & 0x000000ff);
+ rk[13] = rk[ 5] ^ rk[12];
+ rk[14] = rk[ 6] ^ rk[13];
+ rk[15] = rk[ 7] ^ rk[14];
+
+ rk += 8;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i, j, status;
+ u32 temp;
+
+ /* first, start with an encryption schedule */
+ status = private_AES_set_encrypt_key(userKey, bits, key);
+ if (status < 0)
+ return status;
+
+ rk = key->rd_key;
+
+ /* invert the order of the round keys: */
+ for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+ temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
+ temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+ temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+ temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+ }
+ /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+ for (i = 1; i < (key->rounds); i++) {
+ rk += 4;
+ rk[0] =
+ Td0[Te1[(rk[0] >> 24) ] & 0xff] ^
+ Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
+ Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
+ Td3[Te1[(rk[0] ) & 0xff] & 0xff];
+ rk[1] =
+ Td0[Te1[(rk[1] >> 24) ] & 0xff] ^
+ Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
+ Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
+ Td3[Te1[(rk[1] ) & 0xff] & 0xff];
+ rk[2] =
+ Td0[Te1[(rk[2] >> 24) ] & 0xff] ^
+ Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
+ Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
+ Td3[Te1[(rk[2] ) & 0xff] & 0xff];
+ rk[3] =
+ Td0[Te1[(rk[3] >> 24) ] & 0xff] ^
+ Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
+ Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
+ Td3[Te1[(rk[3] ) & 0xff] & 0xff];
+ }
+ return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key) {
+
+ const u32 *rk;
+ u32 s0, s1, s2, s3, t0, t1, t2, t3;
+#ifndef FULL_UNROLL
+ int r;
+#endif /* ?FULL_UNROLL */
+
+ assert(in && out && key);
+ rk = key->rd_key;
+
+ /*
+ * map byte array block to cipher state
+ * and add initial round key:
+ */
+ s0 = GETU32(in ) ^ rk[0];
+ s1 = GETU32(in + 4) ^ rk[1];
+ s2 = GETU32(in + 8) ^ rk[2];
+ s3 = GETU32(in + 12) ^ rk[3];
+#ifdef FULL_UNROLL
+ /* round 1: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
+ /* round 2: */
+ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
+ s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
+ s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
+ s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
+ /* round 3: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
+ /* round 4: */
+ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
+ s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
+ s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
+ s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
+ /* round 5: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
+ /* round 6: */
+ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
+ s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
+ s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
+ s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
+ /* round 7: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
+ /* round 8: */
+ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
+ s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
+ s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
+ s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
+ /* round 9: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
+ if (key->rounds > 10) {
+ /* round 10: */
+ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
+ s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
+ s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
+ s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
+ /* round 11: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
+ if (key->rounds > 12) {
+ /* round 12: */
+ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
+ s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
+ s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
+ s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
+ /* round 13: */
+ t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
+ t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
+ t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
+ t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
+ }
+ }
+ rk += key->rounds << 2;
+#else /* !FULL_UNROLL */
+ /*
+ * Nr - 1 full rounds:
+ */
+ r = key->rounds >> 1;
+ for (;;) {
+ t0 =
+ Te0[(s0 >> 24) ] ^
+ Te1[(s1 >> 16) & 0xff] ^
+ Te2[(s2 >> 8) & 0xff] ^
+ Te3[(s3 ) & 0xff] ^
+ rk[4];
+ t1 =
+ Te0[(s1 >> 24) ] ^
+ Te1[(s2 >> 16) & 0xff] ^
+ Te2[(s3 >> 8) & 0xff] ^
+ Te3[(s0 ) & 0xff] ^
+ rk[5];
+ t2 =
+ Te0[(s2 >> 24) ] ^
+ Te1[(s3 >> 16) & 0xff] ^
+ Te2[(s0 >> 8) & 0xff] ^
+ Te3[(s1 ) & 0xff] ^
+ rk[6];
+ t3 =
+ Te0[(s3 >> 24) ] ^
+ Te1[(s0 >> 16) & 0xff] ^
+ Te2[(s1 >> 8) & 0xff] ^
+ Te3[(s2 ) & 0xff] ^
+ rk[7];
+
+ rk += 8;
+ if (--r == 0) {
+ break;
+ }
+
+ s0 =
+ Te0[(t0 >> 24) ] ^
+ Te1[(t1 >> 16) & 0xff] ^
+ Te2[(t2 >> 8) & 0xff] ^
+ Te3[(t3 ) & 0xff] ^
+ rk[0];
+ s1 =
+ Te0[(t1 >> 24) ] ^
+ Te1[(t2 >> 16) & 0xff] ^
+ Te2[(t3 >> 8) & 0xff] ^
+ Te3[(t0 ) & 0xff] ^
+ rk[1];
+ s2 =
+ Te0[(t2 >> 24) ] ^
+ Te1[(t3 >> 16) & 0xff] ^
+ Te2[(t0 >> 8) & 0xff] ^
+ Te3[(t1 ) & 0xff] ^
+ rk[2];
+ s3 =
+ Te0[(t3 >> 24) ] ^
+ Te1[(t0 >> 16) & 0xff] ^
+ Te2[(t1 >> 8) & 0xff] ^
+ Te3[(t2 ) & 0xff] ^
+ rk[3];
+ }
+#endif /* ?FULL_UNROLL */
+ /*
+ * apply last round and
+ * map cipher state to byte array block:
+ */
+ s0 =
+ (Te2[(t0 >> 24) ] & 0xff000000) ^
+ (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+ (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
+ (Te1[(t3 ) & 0xff] & 0x000000ff) ^
+ rk[0];
+ PUTU32(out , s0);
+ s1 =
+ (Te2[(t1 >> 24) ] & 0xff000000) ^
+ (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+ (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
+ (Te1[(t0 ) & 0xff] & 0x000000ff) ^
+ rk[1];
+ PUTU32(out + 4, s1);
+ s2 =
+ (Te2[(t2 >> 24) ] & 0xff000000) ^
+ (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+ (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
+ (Te1[(t1 ) & 0xff] & 0x000000ff) ^
+ rk[2];
+ PUTU32(out + 8, s2);
+ s3 =
+ (Te2[(t3 >> 24) ] & 0xff000000) ^
+ (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+ (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
+ (Te1[(t2 ) & 0xff] & 0x000000ff) ^
+ rk[3];
+ PUTU32(out + 12, s3);
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key)
+{
+
+ const u32 *rk;
+ u32 s0, s1, s2, s3, t0, t1, t2, t3;
+#ifndef FULL_UNROLL
+ int r;
+#endif /* ?FULL_UNROLL */
+
+ assert(in && out && key);
+ rk = key->rd_key;
+
+ /*
+ * map byte array block to cipher state
+ * and add initial round key:
+ */
+ s0 = GETU32(in ) ^ rk[0];
+ s1 = GETU32(in + 4) ^ rk[1];
+ s2 = GETU32(in + 8) ^ rk[2];
+ s3 = GETU32(in + 12) ^ rk[3];
+#ifdef FULL_UNROLL
+ /* round 1: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
+ /* round 2: */
+ s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
+ s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
+ s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
+ s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
+ /* round 3: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
+ /* round 4: */
+ s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
+ s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
+ s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
+ s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
+ /* round 5: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
+ /* round 6: */
+ s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
+ s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
+ s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
+ s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
+ /* round 7: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
+ /* round 8: */
+ s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
+ s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
+ s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
+ s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
+ /* round 9: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
+ if (key->rounds > 10) {
+ /* round 10: */
+ s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
+ s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
+ s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
+ s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
+ /* round 11: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
+ if (key->rounds > 12) {
+ /* round 12: */
+ s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
+ s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
+ s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
+ s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
+ /* round 13: */
+ t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
+ t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
+ t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
+ t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
+ }
+ }
+ rk += key->rounds << 2;
+#else /* !FULL_UNROLL */
+ /*
+ * Nr - 1 full rounds:
+ */
+ r = key->rounds >> 1;
+ for (;;) {
+ t0 =
+ Td0[(s0 >> 24) ] ^
+ Td1[(s3 >> 16) & 0xff] ^
+ Td2[(s2 >> 8) & 0xff] ^
+ Td3[(s1 ) & 0xff] ^
+ rk[4];
+ t1 =
+ Td0[(s1 >> 24) ] ^
+ Td1[(s0 >> 16) & 0xff] ^
+ Td2[(s3 >> 8) & 0xff] ^
+ Td3[(s2 ) & 0xff] ^
+ rk[5];
+ t2 =
+ Td0[(s2 >> 24) ] ^
+ Td1[(s1 >> 16) & 0xff] ^
+ Td2[(s0 >> 8) & 0xff] ^
+ Td3[(s3 ) & 0xff] ^
+ rk[6];
+ t3 =
+ Td0[(s3 >> 24) ] ^
+ Td1[(s2 >> 16) & 0xff] ^
+ Td2[(s1 >> 8) & 0xff] ^
+ Td3[(s0 ) & 0xff] ^
+ rk[7];
+
+ rk += 8;
+ if (--r == 0) {
+ break;
+ }
+
+ s0 =
+ Td0[(t0 >> 24) ] ^
+ Td1[(t3 >> 16) & 0xff] ^
+ Td2[(t2 >> 8) & 0xff] ^
+ Td3[(t1 ) & 0xff] ^
+ rk[0];
+ s1 =
+ Td0[(t1 >> 24) ] ^
+ Td1[(t0 >> 16) & 0xff] ^
+ Td2[(t3 >> 8) & 0xff] ^
+ Td3[(t2 ) & 0xff] ^
+ rk[1];
+ s2 =
+ Td0[(t2 >> 24) ] ^
+ Td1[(t1 >> 16) & 0xff] ^
+ Td2[(t0 >> 8) & 0xff] ^
+ Td3[(t3 ) & 0xff] ^
+ rk[2];
+ s3 =
+ Td0[(t3 >> 24) ] ^
+ Td1[(t2 >> 16) & 0xff] ^
+ Td2[(t1 >> 8) & 0xff] ^
+ Td3[(t0 ) & 0xff] ^
+ rk[3];
+ }
+#endif /* ?FULL_UNROLL */
+ /*
+ * apply last round and
+ * map cipher state to byte array block:
+ */
+ s0 =
+ ((u32)Td4[(t0 >> 24) ] << 24) ^
+ ((u32)Td4[(t3 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t2 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t1 ) & 0xff]) ^
+ rk[0];
+ PUTU32(out , s0);
+ s1 =
+ ((u32)Td4[(t1 >> 24) ] << 24) ^
+ ((u32)Td4[(t0 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t3 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t2 ) & 0xff]) ^
+ rk[1];
+ PUTU32(out + 4, s1);
+ s2 =
+ ((u32)Td4[(t2 >> 24) ] << 24) ^
+ ((u32)Td4[(t1 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t0 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t3 ) & 0xff]) ^
+ rk[2];
+ PUTU32(out + 8, s2);
+ s3 =
+ ((u32)Td4[(t3 >> 24) ] << 24) ^
+ ((u32)Td4[(t2 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t1 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t0 ) & 0xff]) ^
+ rk[3];
+ PUTU32(out + 12, s3);
+}
+
+#else /* AES_ASM */
+
+static const u8 Te4[256] = {
+ 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+ 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+ 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+ 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+ 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+ 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+ 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+ 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+ 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+ 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+ 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+ 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+ 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+ 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+ 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+ 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+ 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+ 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+ 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+ 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+ 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+ 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+ 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+ 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+ 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+ 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+ 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+ 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+ 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+ 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+ 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+ 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+static const u32 rcon[] = {
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000,
+ 0x10000000, 0x20000000, 0x40000000, 0x80000000,
+ 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+ u32 *rk;
+ int i = 0;
+ u32 temp;
+
+ if (!userKey || !key)
+ return -1;
+ if (bits != 128 && bits != 192 && bits != 256)
+ return -2;
+
+ rk = key->rd_key;
+
+ if (bits==128)
+ key->rounds = 10;
+ else if (bits==192)
+ key->rounds = 12;
+ else
+ key->rounds = 14;
+
+ rk[0] = GETU32(userKey );
+ rk[1] = GETU32(userKey + 4);
+ rk[2] = GETU32(userKey + 8);
+ rk[3] = GETU32(userKey + 12);
+ if (bits == 128) {
+ while (1) {
+ temp = rk[3];
+ rk[4] = rk[0] ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
+ rcon[i];
+ rk[5] = rk[1] ^ rk[4];
+ rk[6] = rk[2] ^ rk[5];
+ rk[7] = rk[3] ^ rk[6];
+ if (++i == 10) {
+ return 0;
+ }
+ rk += 4;
+ }
+ }
+ rk[4] = GETU32(userKey + 16);
+ rk[5] = GETU32(userKey + 20);
+ if (bits == 192) {
+ while (1) {
+ temp = rk[ 5];
+ rk[ 6] = rk[ 0] ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
+ rcon[i];
+ rk[ 7] = rk[ 1] ^ rk[ 6];
+ rk[ 8] = rk[ 2] ^ rk[ 7];
+ rk[ 9] = rk[ 3] ^ rk[ 8];
+ if (++i == 8) {
+ return 0;
+ }
+ rk[10] = rk[ 4] ^ rk[ 9];
+ rk[11] = rk[ 5] ^ rk[10];
+ rk += 6;
+ }
+ }
+ rk[6] = GETU32(userKey + 24);
+ rk[7] = GETU32(userKey + 28);
+ if (bits == 256) {
+ while (1) {
+ temp = rk[ 7];
+ rk[ 8] = rk[ 0] ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
+ rcon[i];
+ rk[ 9] = rk[ 1] ^ rk[ 8];
+ rk[10] = rk[ 2] ^ rk[ 9];
+ rk[11] = rk[ 3] ^ rk[10];
+ if (++i == 7) {
+ return 0;
+ }
+ temp = rk[11];
+ rk[12] = rk[ 4] ^
+ ((u32)Te4[(temp >> 24) ] << 24) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
+ ((u32)Te4[(temp ) & 0xff]);
+ rk[13] = rk[ 5] ^ rk[12];
+ rk[14] = rk[ 6] ^ rk[13];
+ rk[15] = rk[ 7] ^ rk[14];
+
+ rk += 8;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i, j, status;
+ u32 temp;
+
+ /* first, start with an encryption schedule */
+ status = private_AES_set_encrypt_key(userKey, bits, key);
+ if (status < 0)
+ return status;
+
+ rk = key->rd_key;
+
+ /* invert the order of the round keys: */
+ for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+ temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
+ temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+ temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+ temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+ }
+ /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+ for (i = 1; i < (key->rounds); i++) {
+ rk += 4;
+ for (j = 0; j < 4; j++) {
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ tp1 = rk[j];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ rk[j] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,24) ^ ROTATE(tpb,8);
+#else
+ rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 8) ^ (tp9 << 24) ^
+ (tpb >> 24) ^ (tpb << 8);
+#endif
+ }
+ }
+ return 0;
+}
+
+#endif /* AES_ASM */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_ctr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,63 +0,0 @@
-/* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char ivec[AES_BLOCK_SIZE],
- unsigned char ecount_buf[AES_BLOCK_SIZE],
- unsigned int *num)
-{
- CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
- (block128_f) AES_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_ctr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ctr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,63 @@
+/* crypto/aes/aes_ctr.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char ivec[AES_BLOCK_SIZE],
+ unsigned char ecount_buf[AES_BLOCK_SIZE],
+ unsigned int *num)
+{
+ CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+ (block128_f) AES_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_ecb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,73 +0,0 @@
-/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key, const int enc)
-{
-
- assert(in && out && key);
- assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
-
- if (AES_ENCRYPT == enc)
- AES_encrypt(in, out, key);
- else
- AES_decrypt(in, out, key);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_ecb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ecb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,73 @@
+/* crypto/aes/aes_ecb.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key, const int enc)
+{
+
+ assert(in && out && key);
+ assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
+
+ if (AES_ENCRYPT == enc)
+ AES_encrypt(in, out, key);
+ else
+ AES_decrypt(in, out, key);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_ige.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,323 +0,0 @@
-/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include "cryptlib.h"
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
-typedef struct {
- unsigned long data[N_WORDS];
-} aes_block_t;
-
-/* XXX: probably some better way to do this */
-#if defined(__i386__) || defined(__x86_64__)
-# define UNALIGNED_MEMOPS_ARE_FAST 1
-#else
-# define UNALIGNED_MEMOPS_ARE_FAST 0
-#endif
-
-#if UNALIGNED_MEMOPS_ARE_FAST
-# define load_block(d, s) (d) = *(const aes_block_t *)(s)
-# define store_block(d, s) *(aes_block_t *)(d) = (s)
-#else
-# define load_block(d, s) memcpy((d).data, (s), AES_BLOCK_SIZE)
-# define store_block(d, s) memcpy((d), (s).data, AES_BLOCK_SIZE)
-#endif
-
-/* N.B. The IV for this mode is _twice_ the block size */
-
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc)
-{
- size_t n;
- size_t len = length;
-
- OPENSSL_assert(in && out && key && ivec);
- OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
- OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
-
- len = length / AES_BLOCK_SIZE;
-
- if (AES_ENCRYPT == enc) {
- if (in != out &&
- (UNALIGNED_MEMOPS_ARE_FAST
- || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
- 0)) {
- aes_block_t *ivp = (aes_block_t *) ivec;
- aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
-
- while (len) {
- aes_block_t *inp = (aes_block_t *) in;
- aes_block_t *outp = (aes_block_t *) out;
-
- for (n = 0; n < N_WORDS; ++n)
- outp->data[n] = inp->data[n] ^ ivp->data[n];
- AES_encrypt((unsigned char *)outp->data,
- (unsigned char *)outp->data, key);
- for (n = 0; n < N_WORDS; ++n)
- outp->data[n] ^= iv2p->data[n];
- ivp = outp;
- iv2p = inp;
- --len;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
- memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
- } else {
- aes_block_t tmp, tmp2;
- aes_block_t iv;
- aes_block_t iv2;
-
- load_block(iv, ivec);
- load_block(iv2, ivec + AES_BLOCK_SIZE);
-
- while (len) {
- load_block(tmp, in);
- for (n = 0; n < N_WORDS; ++n)
- tmp2.data[n] = tmp.data[n] ^ iv.data[n];
- AES_encrypt((unsigned char *)tmp2.data,
- (unsigned char *)tmp2.data, key);
- for (n = 0; n < N_WORDS; ++n)
- tmp2.data[n] ^= iv2.data[n];
- store_block(out, tmp2);
- iv = tmp2;
- iv2 = tmp;
- --len;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- memcpy(ivec, iv.data, AES_BLOCK_SIZE);
- memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
- }
- } else {
- if (in != out &&
- (UNALIGNED_MEMOPS_ARE_FAST
- || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
- 0)) {
- aes_block_t *ivp = (aes_block_t *) ivec;
- aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
-
- while (len) {
- aes_block_t tmp;
- aes_block_t *inp = (aes_block_t *) in;
- aes_block_t *outp = (aes_block_t *) out;
-
- for (n = 0; n < N_WORDS; ++n)
- tmp.data[n] = inp->data[n] ^ iv2p->data[n];
- AES_decrypt((unsigned char *)tmp.data,
- (unsigned char *)outp->data, key);
- for (n = 0; n < N_WORDS; ++n)
- outp->data[n] ^= ivp->data[n];
- ivp = inp;
- iv2p = outp;
- --len;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
- memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
- } else {
- aes_block_t tmp, tmp2;
- aes_block_t iv;
- aes_block_t iv2;
-
- load_block(iv, ivec);
- load_block(iv2, ivec + AES_BLOCK_SIZE);
-
- while (len) {
- load_block(tmp, in);
- tmp2 = tmp;
- for (n = 0; n < N_WORDS; ++n)
- tmp.data[n] ^= iv2.data[n];
- AES_decrypt((unsigned char *)tmp.data,
- (unsigned char *)tmp.data, key);
- for (n = 0; n < N_WORDS; ++n)
- tmp.data[n] ^= iv.data[n];
- store_block(out, tmp);
- iv = tmp2;
- iv2 = tmp;
- --len;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- memcpy(ivec, iv.data, AES_BLOCK_SIZE);
- memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
- }
- }
-}
-
-/*
- * Note that its effectively impossible to do biIGE in anything other
- * than a single pass, so no provision is made for chaining.
- */
-
-/* N.B. The IV for this mode is _four times_ the block size */
-
-void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- const AES_KEY *key2, const unsigned char *ivec,
- const int enc)
-{
- size_t n;
- size_t len = length;
- unsigned char tmp[AES_BLOCK_SIZE];
- unsigned char tmp2[AES_BLOCK_SIZE];
- unsigned char tmp3[AES_BLOCK_SIZE];
- unsigned char prev[AES_BLOCK_SIZE];
- const unsigned char *iv;
- const unsigned char *iv2;
-
- OPENSSL_assert(in && out && key && ivec);
- OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
- OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
-
- if (AES_ENCRYPT == enc) {
- /*
- * XXX: Do a separate case for when in != out (strictly should check
- * for overlap, too)
- */
-
- /* First the forward pass */
- iv = ivec;
- iv2 = ivec + AES_BLOCK_SIZE;
- while (len >= AES_BLOCK_SIZE) {
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] = in[n] ^ iv[n];
- AES_encrypt(out, out, key);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv2[n];
- iv = out;
- memcpy(prev, in, AES_BLOCK_SIZE);
- iv2 = prev;
- len -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
-
- /* And now backwards */
- iv = ivec + AES_BLOCK_SIZE * 2;
- iv2 = ivec + AES_BLOCK_SIZE * 3;
- len = length;
- while (len >= AES_BLOCK_SIZE) {
- out -= AES_BLOCK_SIZE;
- /*
- * XXX: reduce copies by alternating between buffers
- */
- memcpy(tmp, out, AES_BLOCK_SIZE);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv[n];
- /*
- * hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE);
- */
- AES_encrypt(out, out, key);
- /*
- * hexdump(stdout,"enc", out, AES_BLOCK_SIZE);
- */
- /*
- * hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE);
- */
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv2[n];
- /*
- * hexdump(stdout,"out", out, AES_BLOCK_SIZE);
- */
- iv = out;
- memcpy(prev, tmp, AES_BLOCK_SIZE);
- iv2 = prev;
- len -= AES_BLOCK_SIZE;
- }
- } else {
- /* First backwards */
- iv = ivec + AES_BLOCK_SIZE * 2;
- iv2 = ivec + AES_BLOCK_SIZE * 3;
- in += length;
- out += length;
- while (len >= AES_BLOCK_SIZE) {
- in -= AES_BLOCK_SIZE;
- out -= AES_BLOCK_SIZE;
- memcpy(tmp, in, AES_BLOCK_SIZE);
- memcpy(tmp2, in, AES_BLOCK_SIZE);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- tmp[n] ^= iv2[n];
- AES_decrypt(tmp, out, key);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv[n];
- memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
- iv = tmp3;
- iv2 = out;
- len -= AES_BLOCK_SIZE;
- }
-
- /* And now forwards */
- iv = ivec;
- iv2 = ivec + AES_BLOCK_SIZE;
- len = length;
- while (len >= AES_BLOCK_SIZE) {
- memcpy(tmp, out, AES_BLOCK_SIZE);
- memcpy(tmp2, out, AES_BLOCK_SIZE);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- tmp[n] ^= iv2[n];
- AES_decrypt(tmp, out, key);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv[n];
- memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
- iv = tmp3;
- iv2 = out;
- len -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- }
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_ige.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ige.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,323 @@
+/* crypto/aes/aes_ige.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "cryptlib.h"
+
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
+typedef struct {
+ unsigned long data[N_WORDS];
+} aes_block_t;
+
+/* XXX: probably some better way to do this */
+#if defined(__i386__) || defined(__x86_64__)
+# define UNALIGNED_MEMOPS_ARE_FAST 1
+#else
+# define UNALIGNED_MEMOPS_ARE_FAST 0
+#endif
+
+#if UNALIGNED_MEMOPS_ARE_FAST
+# define load_block(d, s) (d) = *(const aes_block_t *)(s)
+# define store_block(d, s) *(aes_block_t *)(d) = (s)
+#else
+# define load_block(d, s) memcpy((d).data, (s), AES_BLOCK_SIZE)
+# define store_block(d, s) memcpy((d), (s).data, AES_BLOCK_SIZE)
+#endif
+
+/* N.B. The IV for this mode is _twice_ the block size */
+
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc)
+{
+ size_t n;
+ size_t len = length;
+
+ OPENSSL_assert(in && out && key && ivec);
+ OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
+ OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
+
+ len = length / AES_BLOCK_SIZE;
+
+ if (AES_ENCRYPT == enc) {
+ if (in != out &&
+ (UNALIGNED_MEMOPS_ARE_FAST
+ || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
+ 0)) {
+ aes_block_t *ivp = (aes_block_t *) ivec;
+ aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
+
+ while (len) {
+ aes_block_t *inp = (aes_block_t *) in;
+ aes_block_t *outp = (aes_block_t *) out;
+
+ for (n = 0; n < N_WORDS; ++n)
+ outp->data[n] = inp->data[n] ^ ivp->data[n];
+ AES_encrypt((unsigned char *)outp->data,
+ (unsigned char *)outp->data, key);
+ for (n = 0; n < N_WORDS; ++n)
+ outp->data[n] ^= iv2p->data[n];
+ ivp = outp;
+ iv2p = inp;
+ --len;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+ memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
+ memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
+ } else {
+ aes_block_t tmp, tmp2;
+ aes_block_t iv;
+ aes_block_t iv2;
+
+ load_block(iv, ivec);
+ load_block(iv2, ivec + AES_BLOCK_SIZE);
+
+ while (len) {
+ load_block(tmp, in);
+ for (n = 0; n < N_WORDS; ++n)
+ tmp2.data[n] = tmp.data[n] ^ iv.data[n];
+ AES_encrypt((unsigned char *)tmp2.data,
+ (unsigned char *)tmp2.data, key);
+ for (n = 0; n < N_WORDS; ++n)
+ tmp2.data[n] ^= iv2.data[n];
+ store_block(out, tmp2);
+ iv = tmp2;
+ iv2 = tmp;
+ --len;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+ memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+ memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+ }
+ } else {
+ if (in != out &&
+ (UNALIGNED_MEMOPS_ARE_FAST
+ || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
+ 0)) {
+ aes_block_t *ivp = (aes_block_t *) ivec;
+ aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
+
+ while (len) {
+ aes_block_t tmp;
+ aes_block_t *inp = (aes_block_t *) in;
+ aes_block_t *outp = (aes_block_t *) out;
+
+ for (n = 0; n < N_WORDS; ++n)
+ tmp.data[n] = inp->data[n] ^ iv2p->data[n];
+ AES_decrypt((unsigned char *)tmp.data,
+ (unsigned char *)outp->data, key);
+ for (n = 0; n < N_WORDS; ++n)
+ outp->data[n] ^= ivp->data[n];
+ ivp = inp;
+ iv2p = outp;
+ --len;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+ memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
+ memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
+ } else {
+ aes_block_t tmp, tmp2;
+ aes_block_t iv;
+ aes_block_t iv2;
+
+ load_block(iv, ivec);
+ load_block(iv2, ivec + AES_BLOCK_SIZE);
+
+ while (len) {
+ load_block(tmp, in);
+ tmp2 = tmp;
+ for (n = 0; n < N_WORDS; ++n)
+ tmp.data[n] ^= iv2.data[n];
+ AES_decrypt((unsigned char *)tmp.data,
+ (unsigned char *)tmp.data, key);
+ for (n = 0; n < N_WORDS; ++n)
+ tmp.data[n] ^= iv.data[n];
+ store_block(out, tmp);
+ iv = tmp2;
+ iv2 = tmp;
+ --len;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+ memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+ memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+ }
+ }
+}
+
+/*
+ * Note that its effectively impossible to do biIGE in anything other
+ * than a single pass, so no provision is made for chaining.
+ */
+
+/* N.B. The IV for this mode is _four times_ the block size */
+
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ const AES_KEY *key2, const unsigned char *ivec,
+ const int enc)
+{
+ size_t n;
+ size_t len = length;
+ unsigned char tmp[AES_BLOCK_SIZE];
+ unsigned char tmp2[AES_BLOCK_SIZE];
+ unsigned char tmp3[AES_BLOCK_SIZE];
+ unsigned char prev[AES_BLOCK_SIZE];
+ const unsigned char *iv;
+ const unsigned char *iv2;
+
+ OPENSSL_assert(in && out && key && ivec);
+ OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
+ OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
+
+ if (AES_ENCRYPT == enc) {
+ /*
+ * XXX: Do a separate case for when in != out (strictly should check
+ * for overlap, too)
+ */
+
+ /* First the forward pass */
+ iv = ivec;
+ iv2 = ivec + AES_BLOCK_SIZE;
+ while (len >= AES_BLOCK_SIZE) {
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ out[n] = in[n] ^ iv[n];
+ AES_encrypt(out, out, key);
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ out[n] ^= iv2[n];
+ iv = out;
+ memcpy(prev, in, AES_BLOCK_SIZE);
+ iv2 = prev;
+ len -= AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+
+ /* And now backwards */
+ iv = ivec + AES_BLOCK_SIZE * 2;
+ iv2 = ivec + AES_BLOCK_SIZE * 3;
+ len = length;
+ while (len >= AES_BLOCK_SIZE) {
+ out -= AES_BLOCK_SIZE;
+ /*
+ * XXX: reduce copies by alternating between buffers
+ */
+ memcpy(tmp, out, AES_BLOCK_SIZE);
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ out[n] ^= iv[n];
+ /*
+ * hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE);
+ */
+ AES_encrypt(out, out, key);
+ /*
+ * hexdump(stdout,"enc", out, AES_BLOCK_SIZE);
+ */
+ /*
+ * hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE);
+ */
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ out[n] ^= iv2[n];
+ /*
+ * hexdump(stdout,"out", out, AES_BLOCK_SIZE);
+ */
+ iv = out;
+ memcpy(prev, tmp, AES_BLOCK_SIZE);
+ iv2 = prev;
+ len -= AES_BLOCK_SIZE;
+ }
+ } else {
+ /* First backwards */
+ iv = ivec + AES_BLOCK_SIZE * 2;
+ iv2 = ivec + AES_BLOCK_SIZE * 3;
+ in += length;
+ out += length;
+ while (len >= AES_BLOCK_SIZE) {
+ in -= AES_BLOCK_SIZE;
+ out -= AES_BLOCK_SIZE;
+ memcpy(tmp, in, AES_BLOCK_SIZE);
+ memcpy(tmp2, in, AES_BLOCK_SIZE);
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ tmp[n] ^= iv2[n];
+ AES_decrypt(tmp, out, key);
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ out[n] ^= iv[n];
+ memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
+ iv = tmp3;
+ iv2 = out;
+ len -= AES_BLOCK_SIZE;
+ }
+
+ /* And now forwards */
+ iv = ivec;
+ iv2 = ivec + AES_BLOCK_SIZE;
+ len = length;
+ while (len >= AES_BLOCK_SIZE) {
+ memcpy(tmp, out, AES_BLOCK_SIZE);
+ memcpy(tmp2, out, AES_BLOCK_SIZE);
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ tmp[n] ^= iv2[n];
+ AES_decrypt(tmp, out, key);
+ for (n = 0; n < AES_BLOCK_SIZE; ++n)
+ out[n] ^= iv[n];
+ memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
+ iv = tmp3;
+ iv2 = out;
+ len -= AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+ }
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_locl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,89 +0,0 @@
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_LOCL_H
-# define HEADER_AES_LOCL_H
-
-# include <openssl/e_os2.h>
-
-# ifdef OPENSSL_NO_AES
-# error AES is disabled.
-# endif
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-
-# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
-# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-# define GETU32(p) SWAP(*((u32 *)(p)))
-# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
-# else
-# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
-# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
-# endif
-
-# ifdef AES_LONG
-typedef unsigned long u32;
-# else
-typedef unsigned int u32;
-# endif
-typedef unsigned short u16;
-typedef unsigned char u8;
-
-# define MAXKC (256/32)
-# define MAXKB (256/8)
-# define MAXNR 14
-
-/* This controls loop-unrolling in aes_core.c */
-# undef FULL_UNROLL
-
-#endif /* !HEADER_AES_LOCL_H */
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_locl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,89 @@
+/* crypto/aes/aes.h */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_LOCL_H
+# define HEADER_AES_LOCL_H
+
+# include <openssl/e_os2.h>
+
+# ifdef OPENSSL_NO_AES
+# error AES is disabled.
+# endif
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+
+# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
+# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+# define GETU32(p) SWAP(*((u32 *)(p)))
+# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
+# else
+# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
+# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
+# endif
+
+# ifdef AES_LONG
+typedef unsigned long u32;
+# else
+typedef unsigned int u32;
+# endif
+typedef unsigned short u16;
+typedef unsigned char u8;
+
+# define MAXKC (256/32)
+# define MAXKB (256/8)
+# define MAXNR 14
+
+/* This controls loop-unrolling in aes_core.c */
+# undef FULL_UNROLL
+
+#endif /* !HEADER_AES_LOCL_H */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_misc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,86 +0,0 @@
-/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-const char AES_version[] = "AES" OPENSSL_VERSION_PTEXT;
-
-const char *AES_options(void)
-{
-#ifdef FULL_UNROLL
- return "aes(full)";
-#else
- return "aes(partial)";
-#endif
-}
-
-/* FIPS wrapper functions to block low level AES calls in FIPS mode */
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-#ifdef OPENSSL_FIPS
- fips_cipher_abort(AES);
-#endif
- return private_AES_set_encrypt_key(userKey, bits, key);
-}
-
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-#ifdef OPENSSL_FIPS
- fips_cipher_abort(AES);
-#endif
- return private_AES_set_decrypt_key(userKey, bits, key);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_misc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_misc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,86 @@
+/* crypto/aes/aes_misc.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+const char AES_version[] = "AES" OPENSSL_VERSION_PTEXT;
+
+const char *AES_options(void)
+{
+#ifdef FULL_UNROLL
+ return "aes(full)";
+#else
+ return "aes(partial)";
+#endif
+}
+
+/* FIPS wrapper functions to block low level AES calls in FIPS mode */
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(AES);
+#endif
+ return private_AES_set_encrypt_key(userKey, bits, key);
+}
+
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(AES);
+#endif
+ return private_AES_set_decrypt_key(userKey, bits, key);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_ofb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,61 +0,0 @@
-/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num)
-{
- CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
- (block128_f) AES_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_ofb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_ofb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,61 @@
+/* crypto/aes/aes_ofb.c */
+/* ====================================================================
+ * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num)
+{
+ CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+ (block128_f) AES_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_x86core.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1070 +0,0 @@
-/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen at esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers at esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto at terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This is experimental x86[_64] derivative. It assumes little-endian
- * byte order and expects CPU to sustain unaligned memory references.
- * It is used as playground for cache-time attack mitigations and
- * serves as reference C implementation for x86[_64] assembler.
- *
- * <appro at fy.chalmers.se>
- */
-
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/*
- * These two parameters control which table, 256-byte or 2KB, is
- * referenced in outer and respectively inner rounds.
- */
-#define AES_COMPACT_IN_OUTER_ROUNDS
-#ifdef AES_COMPACT_IN_OUTER_ROUNDS
-/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
- * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
- * by factor of ~2. */
-# undef AES_COMPACT_IN_INNER_ROUNDS
-#endif
-
-#if 1
-static void prefetch256(const void *table)
-{
- volatile unsigned long *t=(void *)table,ret;
- unsigned long sum;
- int i;
-
- /* 32 is common least cache-line size */
- for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0])) sum ^= t[i];
-
- ret = sum;
-}
-#else
-# define prefetch256(t)
-#endif
-
-#undef GETU32
-#define GETU32(p) (*((u32*)(p)))
-
-#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-typedef unsigned __int64 u64;
-#define U64(C) C##UI64
-#elif defined(__arch64__)
-typedef unsigned long u64;
-#define U64(C) C##UL
-#else
-typedef unsigned long long u64;
-#define U64(C) C##ULL
-#endif
-
-#undef ROTATE
-#if defined(_MSC_VER) || defined(__ICC)
-# define ROTATE(a,n) _lrotl(a,n)
-#elif defined(__GNUC__) && __GNUC__>=2
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-# define ROTATE(a,n) ({ register unsigned int ret; \
- asm ( \
- "roll %1,%0" \
- : "=r"(ret) \
- : "I"(n), "0"(a) \
- : "cc"); \
- ret; \
- })
-# endif
-#endif
-/*-
-Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-*/
-#define Te0 (u32)((u64*)((u8*)Te+0))
-#define Te1 (u32)((u64*)((u8*)Te+3))
-#define Te2 (u32)((u64*)((u8*)Te+2))
-#define Te3 (u32)((u64*)((u8*)Te+1))
-/*-
-Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01];
-*/
-#define Td0 (u32)((u64*)((u8*)Td+0))
-#define Td1 (u32)((u64*)((u8*)Td+3))
-#define Td2 (u32)((u64*)((u8*)Td+2))
-#define Td3 (u32)((u64*)((u8*)Td+1))
-
-static const u64 Te[256] = {
- U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
- U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
- U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
- U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
- U64(0x5030306050303060), U64(0x0301010203010102),
- U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
- U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
- U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
- U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
- U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
- U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
- U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
- U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
- U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
- U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
- U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
- U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
- U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
- U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
- U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
- U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
- U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
- U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
- U64(0x5331316253313162), U64(0x3f15152a3f15152a),
- U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
- U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
- U64(0x2818183028181830), U64(0xa1969637a1969637),
- U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
- U64(0x0907070e0907070e), U64(0x3612122436121224),
- U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
- U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
- U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
- U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
- U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
- U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
- U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
- U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
- U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
- U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
- U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
- U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
- U64(0x0000000000000000), U64(0x2cededc12cededc1),
- U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
- U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
- U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
- U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
- U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
- U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
- U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
- U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
- U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
- U64(0x5533336655333366), U64(0x9485851194858511),
- U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
- U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
- U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
- U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
- U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
- U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
- U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
- U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
- U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
- U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
- U64(0x3010102030101020), U64(0x1affffe51affffe5),
- U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
- U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
- U64(0x3513132635131326), U64(0x2fececc32fececc3),
- U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
- U64(0xcc444488cc444488), U64(0x3917172e3917172e),
- U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
- U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
- U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
- U64(0x2b1919322b191932), U64(0x957373e6957373e6),
- U64(0xa06060c0a06060c0), U64(0x9881811998818119),
- U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
- U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
- U64(0xab90903bab90903b), U64(0x8388880b8388880b),
- U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
- U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
- U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
- U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
- U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
- U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
- U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
- U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
- U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
- U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
- U64(0xa8919139a8919139), U64(0xa4959531a4959531),
- U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
- U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
- U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
- U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
- U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
- U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
- U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
- U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
- U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
- U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
- U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
- U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
- U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
- U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
- U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
- U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
- U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
- U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
- U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
- U64(0xd8484890d8484890), U64(0x0503030605030306),
- U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
- U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
- U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
- U64(0x9186861791868617), U64(0x58c1c19958c1c199),
- U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
- U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
- U64(0xb398982bb398982b), U64(0x3311112233111122),
- U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
- U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
- U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
- U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
- U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
- U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
- U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
- U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
- U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
- U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
- U64(0xc3414182c3414182), U64(0xb0999929b0999929),
- U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
- U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
- U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
-};
-
-static const u8 Te4[256] = {
- 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
- 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
- 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
- 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
- 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
- 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
- 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
- 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
- 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
- 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
- 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
- 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
- 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
- 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
- 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
- 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
- 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
- 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
- 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
- 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
- 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
- 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
- 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
- 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
- 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
- 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
- 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
- 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
- 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
- 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
- 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
- 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-
-static const u64 Td[256] = {
- U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
- U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
- U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
- U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
- U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
- U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
- U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
- U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
- U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
- U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
- U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
- U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
- U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
- U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
- U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
- U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
- U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
- U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
- U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
- U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
- U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
- U64(0x6033519760335197), U64(0x457f5362457f5362),
- U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
- U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
- U64(0x5868487058684870), U64(0x19fd458f19fd458f),
- U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
- U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
- U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
- U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
- U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
- U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
- U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
- U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
- U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
- U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
- U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
- U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
- U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
- U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
- U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
- U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
- U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
- U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
- U64(0x6fd406046fd40604), U64(0xff155060ff155060),
- U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
- U64(0xcc434089cc434089), U64(0x779ed967779ed967),
- U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
- U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
- U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
- U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
- U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
- U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
- U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
- U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
- U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
- U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
- U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
- U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
- U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
- U64(0x694b775a694b775a), U64(0x161a121c161a121c),
- U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
- U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
- U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
- U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
- U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
- U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
- U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
- U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
- U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
- U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
- U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
- U64(0x4022971340229713), U64(0x2011c6842011c684),
- U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
- U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
- U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
- U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
- U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
- U64(0xfa489411fa489411), U64(0x2264e9472264e947),
- U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
- U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
- U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
- U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
- U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
- U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
- U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
- U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
- U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
- U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
- U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
- U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
- U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
- U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
- U64(0x097826cd097826cd), U64(0xf418596ef418596e),
- U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
- U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
- U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
- U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
- U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
- U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
- U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
- U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
- U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
- U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
- U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
- U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
- U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
- U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
- U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
- U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
- U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
- U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
- U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
- U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
- U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
- U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
- U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
- U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
- U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
- U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
- U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
- U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
- U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
- U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
- U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
- U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
- U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
- U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
- U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
-};
-static const u8 Td4[256] = {
- 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
- 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
- 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
- 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
- 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
- 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
- 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
- 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
- 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
- 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
- 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
- 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
- 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
- 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
- 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
- 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
- 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
- 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
- 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
- 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
- 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
- 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
- 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
- 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
- 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
- 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
- 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
- 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
- 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
- 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
- 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
- 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
-};
-
-static const u32 rcon[] = {
- 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
- 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
- 0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-
- u32 *rk;
- int i = 0;
- u32 temp;
-
- if (!userKey || !key)
- return -1;
- if (bits != 128 && bits != 192 && bits != 256)
- return -2;
-
- rk = key->rd_key;
-
- if (bits==128)
- key->rounds = 10;
- else if (bits==192)
- key->rounds = 12;
- else
- key->rounds = 14;
-
- rk[0] = GETU32(userKey );
- rk[1] = GETU32(userKey + 4);
- rk[2] = GETU32(userKey + 8);
- rk[3] = GETU32(userKey + 12);
- if (bits == 128) {
- while (1) {
- temp = rk[3];
- rk[4] = rk[0] ^
- ((u32)Te4[(temp >> 8) & 0xff] ) ^
- ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 24) ] << 16) ^
- ((u32)Te4[(temp ) & 0xff] << 24) ^
- rcon[i];
- rk[5] = rk[1] ^ rk[4];
- rk[6] = rk[2] ^ rk[5];
- rk[7] = rk[3] ^ rk[6];
- if (++i == 10) {
- return 0;
- }
- rk += 4;
- }
- }
- rk[4] = GETU32(userKey + 16);
- rk[5] = GETU32(userKey + 20);
- if (bits == 192) {
- while (1) {
- temp = rk[ 5];
- rk[ 6] = rk[ 0] ^
- ((u32)Te4[(temp >> 8) & 0xff] ) ^
- ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 24) ] << 16) ^
- ((u32)Te4[(temp ) & 0xff] << 24) ^
- rcon[i];
- rk[ 7] = rk[ 1] ^ rk[ 6];
- rk[ 8] = rk[ 2] ^ rk[ 7];
- rk[ 9] = rk[ 3] ^ rk[ 8];
- if (++i == 8) {
- return 0;
- }
- rk[10] = rk[ 4] ^ rk[ 9];
- rk[11] = rk[ 5] ^ rk[10];
- rk += 6;
- }
- }
- rk[6] = GETU32(userKey + 24);
- rk[7] = GETU32(userKey + 28);
- if (bits == 256) {
- while (1) {
- temp = rk[ 7];
- rk[ 8] = rk[ 0] ^
- ((u32)Te4[(temp >> 8) & 0xff] ) ^
- ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 24) ] << 16) ^
- ((u32)Te4[(temp ) & 0xff] << 24) ^
- rcon[i];
- rk[ 9] = rk[ 1] ^ rk[ 8];
- rk[10] = rk[ 2] ^ rk[ 9];
- rk[11] = rk[ 3] ^ rk[10];
- if (++i == 7) {
- return 0;
- }
- temp = rk[11];
- rk[12] = rk[ 4] ^
- ((u32)Te4[(temp ) & 0xff] ) ^
- ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
- ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
- ((u32)Te4[(temp >> 24) ] << 24);
- rk[13] = rk[ 5] ^ rk[12];
- rk[14] = rk[ 6] ^ rk[13];
- rk[15] = rk[ 7] ^ rk[14];
-
- rk += 8;
- }
- }
- return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
-{
-
- u32 *rk;
- int i, j, status;
- u32 temp;
-
- /* first, start with an encryption schedule */
- status = AES_set_encrypt_key(userKey, bits, key);
- if (status < 0)
- return status;
-
- rk = key->rd_key;
-
- /* invert the order of the round keys: */
- for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
- temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
- temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
- temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
- temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
- }
- /* apply the inverse MixColumn transform to all round keys but the first and the last: */
- for (i = 1; i < (key->rounds); i++) {
- rk += 4;
-#if 1
- for (j = 0; j < 4; j++) {
- u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
- tp1 = rk[j];
- m = tp1 & 0x80808080;
- tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp2 & 0x80808080;
- tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp4 & 0x80808080;
- tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- tp9 = tp8 ^ tp1;
- tpb = tp9 ^ tp2;
- tpd = tp9 ^ tp4;
- tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
- rk[j] = tpe ^ ROTATE(tpd,16) ^
- ROTATE(tp9,8) ^ ROTATE(tpb,24);
-#else
- rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
- (tp9 >> 24) ^ (tp9 << 8) ^
- (tpb >> 8) ^ (tpb << 24);
-#endif
- }
-#else
- rk[0] =
- Td0[Te2[(rk[0] ) & 0xff] & 0xff] ^
- Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
- Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
- Td3[Te2[(rk[0] >> 24) ] & 0xff];
- rk[1] =
- Td0[Te2[(rk[1] ) & 0xff] & 0xff] ^
- Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
- Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
- Td3[Te2[(rk[1] >> 24) ] & 0xff];
- rk[2] =
- Td0[Te2[(rk[2] ) & 0xff] & 0xff] ^
- Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
- Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
- Td3[Te2[(rk[2] >> 24) ] & 0xff];
- rk[3] =
- Td0[Te2[(rk[3] ) & 0xff] & 0xff] ^
- Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
- Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
- Td3[Te2[(rk[3] >> 24) ] & 0xff];
-#endif
- }
- return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void AES_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key)
-{
-
- const u32 *rk;
- u32 s0, s1, s2, s3, t[4];
- int r;
-
- assert(in && out && key);
- rk = key->rd_key;
-
- /*
- * map byte array block to cipher state
- * and add initial round key:
- */
- s0 = GETU32(in ) ^ rk[0];
- s1 = GETU32(in + 4) ^ rk[1];
- s2 = GETU32(in + 8) ^ rk[2];
- s3 = GETU32(in + 12) ^ rk[3];
-
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
- prefetch256(Te4);
-
- t[0] = (u32)Te4[(s0 ) & 0xff] ^
- (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s3 >> 24) ] << 24;
- t[1] = (u32)Te4[(s1 ) & 0xff] ^
- (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s0 >> 24) ] << 24;
- t[2] = (u32)Te4[(s2 ) & 0xff] ^
- (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s1 >> 24) ] << 24;
- t[3] = (u32)Te4[(s3 ) & 0xff] ^
- (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s2 >> 24) ] << 24;
-
- /* now do the linear transform using words */
- { int i;
- u32 r0, r1, r2;
-
- for (i = 0; i < 4; i++) {
- r0 = t[i];
- r1 = r0 & 0x80808080;
- r2 = ((r0 & 0x7f7f7f7f) << 1) ^
- ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
-#if defined(ROTATE)
- t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
- ROTATE(r0,16) ^ ROTATE(r0,8);
-#else
- t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
- (r0 << 16) ^ (r0 >> 16) ^
- (r0 << 8) ^ (r0 >> 24);
-#endif
- t[i] ^= rk[4+i];
- }
- }
-#else
- t[0] = Te0[(s0 ) & 0xff] ^
- Te1[(s1 >> 8) & 0xff] ^
- Te2[(s2 >> 16) & 0xff] ^
- Te3[(s3 >> 24) ] ^
- rk[4];
- t[1] = Te0[(s1 ) & 0xff] ^
- Te1[(s2 >> 8) & 0xff] ^
- Te2[(s3 >> 16) & 0xff] ^
- Te3[(s0 >> 24) ] ^
- rk[5];
- t[2] = Te0[(s2 ) & 0xff] ^
- Te1[(s3 >> 8) & 0xff] ^
- Te2[(s0 >> 16) & 0xff] ^
- Te3[(s1 >> 24) ] ^
- rk[6];
- t[3] = Te0[(s3 ) & 0xff] ^
- Te1[(s0 >> 8) & 0xff] ^
- Te2[(s1 >> 16) & 0xff] ^
- Te3[(s2 >> 24) ] ^
- rk[7];
-#endif
- s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
-
- /*
- * Nr - 2 full rounds:
- */
- for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
-#if defined(AES_COMPACT_IN_INNER_ROUNDS)
- t[0] = (u32)Te4[(s0 ) & 0xff] ^
- (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s3 >> 24) ] << 24;
- t[1] = (u32)Te4[(s1 ) & 0xff] ^
- (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s0 >> 24) ] << 24;
- t[2] = (u32)Te4[(s2 ) & 0xff] ^
- (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s1 >> 24) ] << 24;
- t[3] = (u32)Te4[(s3 ) & 0xff] ^
- (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s2 >> 24) ] << 24;
-
- /* now do the linear transform using words */
- {
- int i;
- u32 r0, r1, r2;
-
- for (i = 0; i < 4; i++) {
- r0 = t[i];
- r1 = r0 & 0x80808080;
- r2 = ((r0 & 0x7f7f7f7f) << 1) ^
- ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
-#if defined(ROTATE)
- t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
- ROTATE(r0,16) ^ ROTATE(r0,8);
-#else
- t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
- (r0 << 16) ^ (r0 >> 16) ^
- (r0 << 8) ^ (r0 >> 24);
-#endif
- t[i] ^= rk[i];
- }
- }
-#else
- t[0] = Te0[(s0 ) & 0xff] ^
- Te1[(s1 >> 8) & 0xff] ^
- Te2[(s2 >> 16) & 0xff] ^
- Te3[(s3 >> 24) ] ^
- rk[0];
- t[1] = Te0[(s1 ) & 0xff] ^
- Te1[(s2 >> 8) & 0xff] ^
- Te2[(s3 >> 16) & 0xff] ^
- Te3[(s0 >> 24) ] ^
- rk[1];
- t[2] = Te0[(s2 ) & 0xff] ^
- Te1[(s3 >> 8) & 0xff] ^
- Te2[(s0 >> 16) & 0xff] ^
- Te3[(s1 >> 24) ] ^
- rk[2];
- t[3] = Te0[(s3 ) & 0xff] ^
- Te1[(s0 >> 8) & 0xff] ^
- Te2[(s1 >> 16) & 0xff] ^
- Te3[(s2 >> 24) ] ^
- rk[3];
-#endif
- s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
- }
- /*
- * apply last round and
- * map cipher state to byte array block:
- */
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
- prefetch256(Te4);
-
- *(u32*)(out+0) =
- (u32)Te4[(s0 ) & 0xff] ^
- (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s3 >> 24) ] << 24 ^
- rk[0];
- *(u32*)(out+4) =
- (u32)Te4[(s1 ) & 0xff] ^
- (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s0 >> 24) ] << 24 ^
- rk[1];
- *(u32*)(out+8) =
- (u32)Te4[(s2 ) & 0xff] ^
- (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s1 >> 24) ] << 24 ^
- rk[2];
- *(u32*)(out+12) =
- (u32)Te4[(s3 ) & 0xff] ^
- (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
- (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
- (u32)Te4[(s2 >> 24) ] << 24 ^
- rk[3];
-#else
- *(u32*)(out+0) =
- (Te2[(s0 ) & 0xff] & 0x000000ffU) ^
- (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
- (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
- (Te1[(s3 >> 24) ] & 0xff000000U) ^
- rk[0];
- *(u32*)(out+4) =
- (Te2[(s1 ) & 0xff] & 0x000000ffU) ^
- (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
- (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
- (Te1[(s0 >> 24) ] & 0xff000000U) ^
- rk[1];
- *(u32*)(out+8) =
- (Te2[(s2 ) & 0xff] & 0x000000ffU) ^
- (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
- (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
- (Te1[(s1 >> 24) ] & 0xff000000U) ^
- rk[2];
- *(u32*)(out+12) =
- (Te2[(s3 ) & 0xff] & 0x000000ffU) ^
- (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
- (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
- (Te1[(s2 >> 24) ] & 0xff000000U) ^
- rk[3];
-#endif
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void AES_decrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key)
-{
-
- const u32 *rk;
- u32 s0, s1, s2, s3, t[4];
- int r;
-
- assert(in && out && key);
- rk = key->rd_key;
-
- /*
- * map byte array block to cipher state
- * and add initial round key:
- */
- s0 = GETU32(in ) ^ rk[0];
- s1 = GETU32(in + 4) ^ rk[1];
- s2 = GETU32(in + 8) ^ rk[2];
- s3 = GETU32(in + 12) ^ rk[3];
-
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
- prefetch256(Td4);
-
- t[0] = (u32)Td4[(s0 ) & 0xff] ^
- (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s1 >> 24) ] << 24;
- t[1] = (u32)Td4[(s1 ) & 0xff] ^
- (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s2 >> 24) ] << 24;
- t[2] = (u32)Td4[(s2 ) & 0xff] ^
- (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s3 >> 24) ] << 24;
- t[3] = (u32)Td4[(s3 ) & 0xff] ^
- (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s0 >> 24) ] << 24;
-
- /* now do the linear transform using words */
- {
- int i;
- u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
- for (i = 0; i < 4; i++) {
- tp1 = t[i];
- m = tp1 & 0x80808080;
- tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp2 & 0x80808080;
- tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp4 & 0x80808080;
- tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- tp9 = tp8 ^ tp1;
- tpb = tp9 ^ tp2;
- tpd = tp9 ^ tp4;
- tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
- t[i] = tpe ^ ROTATE(tpd,16) ^
- ROTATE(tp9,8) ^ ROTATE(tpb,24);
-#else
- t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
- (tp9 >> 24) ^ (tp9 << 8) ^
- (tpb >> 8) ^ (tpb << 24);
-#endif
- t[i] ^= rk[4+i];
- }
- }
-#else
- t[0] = Td0[(s0 ) & 0xff] ^
- Td1[(s3 >> 8) & 0xff] ^
- Td2[(s2 >> 16) & 0xff] ^
- Td3[(s1 >> 24) ] ^
- rk[4];
- t[1] = Td0[(s1 ) & 0xff] ^
- Td1[(s0 >> 8) & 0xff] ^
- Td2[(s3 >> 16) & 0xff] ^
- Td3[(s2 >> 24) ] ^
- rk[5];
- t[2] = Td0[(s2 ) & 0xff] ^
- Td1[(s1 >> 8) & 0xff] ^
- Td2[(s0 >> 16) & 0xff] ^
- Td3[(s3 >> 24) ] ^
- rk[6];
- t[3] = Td0[(s3 ) & 0xff] ^
- Td1[(s2 >> 8) & 0xff] ^
- Td2[(s1 >> 16) & 0xff] ^
- Td3[(s0 >> 24) ] ^
- rk[7];
-#endif
- s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
-
- /*
- * Nr - 2 full rounds:
- */
- for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
-#if defined(AES_COMPACT_IN_INNER_ROUNDS)
- t[0] = (u32)Td4[(s0 ) & 0xff] ^
- (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s1 >> 24) ] << 24;
- t[1] = (u32)Td4[(s1 ) & 0xff] ^
- (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s2 >> 24) ] << 24;
- t[2] = (u32)Td4[(s2 ) & 0xff] ^
- (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s3 >> 24) ] << 24;
- t[3] = (u32)Td4[(s3 ) & 0xff] ^
- (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
- (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
- (u32)Td4[(s0 >> 24) ] << 24;
-
- /* now do the linear transform using words */
- {
- int i;
- u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
- for (i = 0; i < 4; i++) {
- tp1 = t[i];
- m = tp1 & 0x80808080;
- tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp2 & 0x80808080;
- tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- m = tp4 & 0x80808080;
- tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
- ((m - (m >> 7)) & 0x1b1b1b1b);
- tp9 = tp8 ^ tp1;
- tpb = tp9 ^ tp2;
- tpd = tp9 ^ tp4;
- tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
- t[i] = tpe ^ ROTATE(tpd,16) ^
- ROTATE(tp9,8) ^ ROTATE(tpb,24);
-#else
- t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
- (tp9 >> 24) ^ (tp9 << 8) ^
- (tpb >> 8) ^ (tpb << 24);
-#endif
- t[i] ^= rk[i];
- }
- }
-#else
- t[0] = Td0[(s0 ) & 0xff] ^
- Td1[(s3 >> 8) & 0xff] ^
- Td2[(s2 >> 16) & 0xff] ^
- Td3[(s1 >> 24) ] ^
- rk[0];
- t[1] = Td0[(s1 ) & 0xff] ^
- Td1[(s0 >> 8) & 0xff] ^
- Td2[(s3 >> 16) & 0xff] ^
- Td3[(s2 >> 24) ] ^
- rk[1];
- t[2] = Td0[(s2 ) & 0xff] ^
- Td1[(s1 >> 8) & 0xff] ^
- Td2[(s0 >> 16) & 0xff] ^
- Td3[(s3 >> 24) ] ^
- rk[2];
- t[3] = Td0[(s3 ) & 0xff] ^
- Td1[(s2 >> 8) & 0xff] ^
- Td2[(s1 >> 16) & 0xff] ^
- Td3[(s0 >> 24) ] ^
- rk[3];
-#endif
- s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
- }
- /*
- * apply last round and
- * map cipher state to byte array block:
- */
- prefetch256(Td4);
-
- *(u32*)(out+0) =
- ((u32)Td4[(s0 ) & 0xff]) ^
- ((u32)Td4[(s3 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(s2 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(s1 >> 24) ] << 24) ^
- rk[0];
- *(u32*)(out+4) =
- ((u32)Td4[(s1 ) & 0xff]) ^
- ((u32)Td4[(s0 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(s3 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(s2 >> 24) ] << 24) ^
- rk[1];
- *(u32*)(out+8) =
- ((u32)Td4[(s2 ) & 0xff]) ^
- ((u32)Td4[(s1 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(s0 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(s3 >> 24) ] << 24) ^
- rk[2];
- *(u32*)(out+12) =
- ((u32)Td4[(s3 ) & 0xff]) ^
- ((u32)Td4[(s2 >> 8) & 0xff] << 8) ^
- ((u32)Td4[(s1 >> 16) & 0xff] << 16) ^
- ((u32)Td4[(s0 >> 24) ] << 24) ^
- rk[3];
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c (from rev 11605, vendor-crypto/openssl/dist/crypto/aes/aes_x86core.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/aes/aes_x86core.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1070 @@
+/* crypto/aes/aes_core.c */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen at esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers at esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto at terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This is experimental x86[_64] derivative. It assumes little-endian
+ * byte order and expects CPU to sustain unaligned memory references.
+ * It is used as playground for cache-time attack mitigations and
+ * serves as reference C implementation for x86[_64] assembler.
+ *
+ * <appro at fy.chalmers.se>
+ */
+
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+/*
+ * These two parameters control which table, 256-byte or 2KB, is
+ * referenced in outer and respectively inner rounds.
+ */
+#define AES_COMPACT_IN_OUTER_ROUNDS
+#ifdef AES_COMPACT_IN_OUTER_ROUNDS
+/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
+ * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
+ * by factor of ~2. */
+# undef AES_COMPACT_IN_INNER_ROUNDS
+#endif
+
+#if 1
+static void prefetch256(const void *table)
+{
+ volatile unsigned long *t=(void *)table,ret;
+ unsigned long sum;
+ int i;
+
+ /* 32 is common least cache-line size */
+ for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0])) sum ^= t[i];
+
+ ret = sum;
+}
+#else
+# define prefetch256(t)
+#endif
+
+#undef GETU32
+#define GETU32(p) (*((u32*)(p)))
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef unsigned __int64 u64;
+#define U64(C) C##UI64
+#elif defined(__arch64__)
+typedef unsigned long u64;
+#define U64(C) C##UL
+#else
+typedef unsigned long long u64;
+#define U64(C) C##ULL
+#endif
+
+#undef ROTATE
+#if defined(_MSC_VER) || defined(__ICC)
+# define ROTATE(a,n) _lrotl(a,n)
+#elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+# define ROTATE(a,n) ({ register unsigned int ret; \
+ asm ( \
+ "roll %1,%0" \
+ : "=r"(ret) \
+ : "I"(n), "0"(a) \
+ : "cc"); \
+ ret; \
+ })
+# endif
+#endif
+/*-
+Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+*/
+#define Te0 (u32)((u64*)((u8*)Te+0))
+#define Te1 (u32)((u64*)((u8*)Te+3))
+#define Te2 (u32)((u64*)((u8*)Te+2))
+#define Te3 (u32)((u64*)((u8*)Te+1))
+/*-
+Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01];
+*/
+#define Td0 (u32)((u64*)((u8*)Td+0))
+#define Td1 (u32)((u64*)((u8*)Td+3))
+#define Td2 (u32)((u64*)((u8*)Td+2))
+#define Td3 (u32)((u64*)((u8*)Td+1))
+
+static const u64 Te[256] = {
+ U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
+ U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
+ U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
+ U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
+ U64(0x5030306050303060), U64(0x0301010203010102),
+ U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
+ U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
+ U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
+ U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
+ U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
+ U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
+ U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
+ U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
+ U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
+ U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
+ U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
+ U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
+ U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
+ U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
+ U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
+ U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
+ U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
+ U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
+ U64(0x5331316253313162), U64(0x3f15152a3f15152a),
+ U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
+ U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
+ U64(0x2818183028181830), U64(0xa1969637a1969637),
+ U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
+ U64(0x0907070e0907070e), U64(0x3612122436121224),
+ U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
+ U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
+ U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
+ U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
+ U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
+ U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
+ U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
+ U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
+ U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
+ U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
+ U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
+ U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
+ U64(0x0000000000000000), U64(0x2cededc12cededc1),
+ U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
+ U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
+ U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
+ U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
+ U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
+ U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
+ U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
+ U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
+ U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
+ U64(0x5533336655333366), U64(0x9485851194858511),
+ U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
+ U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
+ U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
+ U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
+ U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
+ U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
+ U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
+ U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
+ U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
+ U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
+ U64(0x3010102030101020), U64(0x1affffe51affffe5),
+ U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
+ U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
+ U64(0x3513132635131326), U64(0x2fececc32fececc3),
+ U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
+ U64(0xcc444488cc444488), U64(0x3917172e3917172e),
+ U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
+ U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
+ U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
+ U64(0x2b1919322b191932), U64(0x957373e6957373e6),
+ U64(0xa06060c0a06060c0), U64(0x9881811998818119),
+ U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
+ U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
+ U64(0xab90903bab90903b), U64(0x8388880b8388880b),
+ U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
+ U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
+ U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
+ U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
+ U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
+ U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
+ U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
+ U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
+ U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
+ U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
+ U64(0xa8919139a8919139), U64(0xa4959531a4959531),
+ U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
+ U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
+ U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
+ U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
+ U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
+ U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
+ U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
+ U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
+ U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
+ U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
+ U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
+ U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
+ U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
+ U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
+ U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
+ U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
+ U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
+ U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
+ U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
+ U64(0xd8484890d8484890), U64(0x0503030605030306),
+ U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
+ U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
+ U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
+ U64(0x9186861791868617), U64(0x58c1c19958c1c199),
+ U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
+ U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
+ U64(0xb398982bb398982b), U64(0x3311112233111122),
+ U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
+ U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
+ U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
+ U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
+ U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
+ U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
+ U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
+ U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
+ U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
+ U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
+ U64(0xc3414182c3414182), U64(0xb0999929b0999929),
+ U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
+ U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
+ U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
+};
+
+static const u8 Te4[256] = {
+ 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+ 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+ 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+ 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+ 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+ 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+ 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+ 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+ 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+ 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+ 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+ 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+ 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+ 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+ 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+ 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+ 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+ 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+ 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+ 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+ 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+ 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+ 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+ 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+ 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+ 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+ 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+ 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+ 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+ 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+ 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+ 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+
+static const u64 Td[256] = {
+ U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
+ U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
+ U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
+ U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
+ U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
+ U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
+ U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
+ U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
+ U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
+ U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
+ U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
+ U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
+ U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
+ U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
+ U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
+ U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
+ U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
+ U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
+ U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
+ U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
+ U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
+ U64(0x6033519760335197), U64(0x457f5362457f5362),
+ U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
+ U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
+ U64(0x5868487058684870), U64(0x19fd458f19fd458f),
+ U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
+ U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
+ U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
+ U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
+ U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
+ U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
+ U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
+ U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
+ U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
+ U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
+ U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
+ U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
+ U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
+ U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
+ U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
+ U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
+ U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
+ U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
+ U64(0x6fd406046fd40604), U64(0xff155060ff155060),
+ U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
+ U64(0xcc434089cc434089), U64(0x779ed967779ed967),
+ U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
+ U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
+ U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
+ U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
+ U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
+ U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
+ U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
+ U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
+ U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
+ U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
+ U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
+ U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
+ U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
+ U64(0x694b775a694b775a), U64(0x161a121c161a121c),
+ U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
+ U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
+ U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
+ U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
+ U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
+ U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
+ U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
+ U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
+ U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
+ U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
+ U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
+ U64(0x4022971340229713), U64(0x2011c6842011c684),
+ U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
+ U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
+ U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
+ U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
+ U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
+ U64(0xfa489411fa489411), U64(0x2264e9472264e947),
+ U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
+ U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
+ U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
+ U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
+ U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
+ U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
+ U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
+ U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
+ U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
+ U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
+ U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
+ U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
+ U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
+ U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
+ U64(0x097826cd097826cd), U64(0xf418596ef418596e),
+ U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
+ U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
+ U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
+ U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
+ U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
+ U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
+ U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
+ U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
+ U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
+ U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
+ U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
+ U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
+ U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
+ U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
+ U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
+ U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
+ U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
+ U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
+ U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
+ U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
+ U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
+ U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
+ U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
+ U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
+ U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
+ U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
+ U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
+ U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
+ U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
+ U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
+ U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
+ U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
+ U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
+ U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
+ U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
+};
+static const u8 Td4[256] = {
+ 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+ 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+ 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+ 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+ 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+ 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+ 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+ 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+ 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+ 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+ 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+ 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+ 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+ 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+ 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+ 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+ 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+ 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+ 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+ 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+ 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+ 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+ 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+ 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+ 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+ 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+ 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+ 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+ 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+ 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+ 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+ 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
+};
+
+static const u32 rcon[] = {
+ 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
+ 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
+ 0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i = 0;
+ u32 temp;
+
+ if (!userKey || !key)
+ return -1;
+ if (bits != 128 && bits != 192 && bits != 256)
+ return -2;
+
+ rk = key->rd_key;
+
+ if (bits==128)
+ key->rounds = 10;
+ else if (bits==192)
+ key->rounds = 12;
+ else
+ key->rounds = 14;
+
+ rk[0] = GETU32(userKey );
+ rk[1] = GETU32(userKey + 4);
+ rk[2] = GETU32(userKey + 8);
+ rk[3] = GETU32(userKey + 12);
+ if (bits == 128) {
+ while (1) {
+ temp = rk[3];
+ rk[4] = rk[0] ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
+ rcon[i];
+ rk[5] = rk[1] ^ rk[4];
+ rk[6] = rk[2] ^ rk[5];
+ rk[7] = rk[3] ^ rk[6];
+ if (++i == 10) {
+ return 0;
+ }
+ rk += 4;
+ }
+ }
+ rk[4] = GETU32(userKey + 16);
+ rk[5] = GETU32(userKey + 20);
+ if (bits == 192) {
+ while (1) {
+ temp = rk[ 5];
+ rk[ 6] = rk[ 0] ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
+ rcon[i];
+ rk[ 7] = rk[ 1] ^ rk[ 6];
+ rk[ 8] = rk[ 2] ^ rk[ 7];
+ rk[ 9] = rk[ 3] ^ rk[ 8];
+ if (++i == 8) {
+ return 0;
+ }
+ rk[10] = rk[ 4] ^ rk[ 9];
+ rk[11] = rk[ 5] ^ rk[10];
+ rk += 6;
+ }
+ }
+ rk[6] = GETU32(userKey + 24);
+ rk[7] = GETU32(userKey + 28);
+ if (bits == 256) {
+ while (1) {
+ temp = rk[ 7];
+ rk[ 8] = rk[ 0] ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
+ rcon[i];
+ rk[ 9] = rk[ 1] ^ rk[ 8];
+ rk[10] = rk[ 2] ^ rk[ 9];
+ rk[11] = rk[ 3] ^ rk[10];
+ if (++i == 7) {
+ return 0;
+ }
+ temp = rk[11];
+ rk[12] = rk[ 4] ^
+ ((u32)Te4[(temp ) & 0xff] ) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
+ ((u32)Te4[(temp >> 24) ] << 24);
+ rk[13] = rk[ 5] ^ rk[12];
+ rk[14] = rk[ 6] ^ rk[13];
+ rk[15] = rk[ 7] ^ rk[14];
+
+ rk += 8;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i, j, status;
+ u32 temp;
+
+ /* first, start with an encryption schedule */
+ status = AES_set_encrypt_key(userKey, bits, key);
+ if (status < 0)
+ return status;
+
+ rk = key->rd_key;
+
+ /* invert the order of the round keys: */
+ for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+ temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
+ temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+ temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+ temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+ }
+ /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+ for (i = 1; i < (key->rounds); i++) {
+ rk += 4;
+#if 1
+ for (j = 0; j < 4; j++) {
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ tp1 = rk[j];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ rk[j] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+ rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 24) ^ (tp9 << 8) ^
+ (tpb >> 8) ^ (tpb << 24);
+#endif
+ }
+#else
+ rk[0] =
+ Td0[Te2[(rk[0] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[0] >> 24) ] & 0xff];
+ rk[1] =
+ Td0[Te2[(rk[1] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[1] >> 24) ] & 0xff];
+ rk[2] =
+ Td0[Te2[(rk[2] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[2] >> 24) ] & 0xff];
+ rk[3] =
+ Td0[Te2[(rk[3] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[3] >> 24) ] & 0xff];
+#endif
+ }
+ return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key)
+{
+
+ const u32 *rk;
+ u32 s0, s1, s2, s3, t[4];
+ int r;
+
+ assert(in && out && key);
+ rk = key->rd_key;
+
+ /*
+ * map byte array block to cipher state
+ * and add initial round key:
+ */
+ s0 = GETU32(in ) ^ rk[0];
+ s1 = GETU32(in + 4) ^ rk[1];
+ s2 = GETU32(in + 8) ^ rk[2];
+ s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+ prefetch256(Te4);
+
+ t[0] = (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24;
+ t[1] = (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24;
+ t[2] = (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24;
+ t[3] = (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ { int i;
+ u32 r0, r1, r2;
+
+ for (i = 0; i < 4; i++) {
+ r0 = t[i];
+ r1 = r0 & 0x80808080;
+ r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+ ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+ t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+ ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+ t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+ (r0 << 16) ^ (r0 >> 16) ^
+ (r0 << 8) ^ (r0 >> 24);
+#endif
+ t[i] ^= rk[4+i];
+ }
+ }
+#else
+ t[0] = Te0[(s0 ) & 0xff] ^
+ Te1[(s1 >> 8) & 0xff] ^
+ Te2[(s2 >> 16) & 0xff] ^
+ Te3[(s3 >> 24) ] ^
+ rk[4];
+ t[1] = Te0[(s1 ) & 0xff] ^
+ Te1[(s2 >> 8) & 0xff] ^
+ Te2[(s3 >> 16) & 0xff] ^
+ Te3[(s0 >> 24) ] ^
+ rk[5];
+ t[2] = Te0[(s2 ) & 0xff] ^
+ Te1[(s3 >> 8) & 0xff] ^
+ Te2[(s0 >> 16) & 0xff] ^
+ Te3[(s1 >> 24) ] ^
+ rk[6];
+ t[3] = Te0[(s3 ) & 0xff] ^
+ Te1[(s0 >> 8) & 0xff] ^
+ Te2[(s1 >> 16) & 0xff] ^
+ Te3[(s2 >> 24) ] ^
+ rk[7];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+ /*
+ * Nr - 2 full rounds:
+ */
+ for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+ t[0] = (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24;
+ t[1] = (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24;
+ t[2] = (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24;
+ t[3] = (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ {
+ int i;
+ u32 r0, r1, r2;
+
+ for (i = 0; i < 4; i++) {
+ r0 = t[i];
+ r1 = r0 & 0x80808080;
+ r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+ ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+ t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+ ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+ t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+ (r0 << 16) ^ (r0 >> 16) ^
+ (r0 << 8) ^ (r0 >> 24);
+#endif
+ t[i] ^= rk[i];
+ }
+ }
+#else
+ t[0] = Te0[(s0 ) & 0xff] ^
+ Te1[(s1 >> 8) & 0xff] ^
+ Te2[(s2 >> 16) & 0xff] ^
+ Te3[(s3 >> 24) ] ^
+ rk[0];
+ t[1] = Te0[(s1 ) & 0xff] ^
+ Te1[(s2 >> 8) & 0xff] ^
+ Te2[(s3 >> 16) & 0xff] ^
+ Te3[(s0 >> 24) ] ^
+ rk[1];
+ t[2] = Te0[(s2 ) & 0xff] ^
+ Te1[(s3 >> 8) & 0xff] ^
+ Te2[(s0 >> 16) & 0xff] ^
+ Te3[(s1 >> 24) ] ^
+ rk[2];
+ t[3] = Te0[(s3 ) & 0xff] ^
+ Te1[(s0 >> 8) & 0xff] ^
+ Te2[(s1 >> 16) & 0xff] ^
+ Te3[(s2 >> 24) ] ^
+ rk[3];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+ }
+ /*
+ * apply last round and
+ * map cipher state to byte array block:
+ */
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+ prefetch256(Te4);
+
+ *(u32*)(out+0) =
+ (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24 ^
+ rk[0];
+ *(u32*)(out+4) =
+ (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24 ^
+ rk[1];
+ *(u32*)(out+8) =
+ (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24 ^
+ rk[2];
+ *(u32*)(out+12) =
+ (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24 ^
+ rk[3];
+#else
+ *(u32*)(out+0) =
+ (Te2[(s0 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s3 >> 24) ] & 0xff000000U) ^
+ rk[0];
+ *(u32*)(out+4) =
+ (Te2[(s1 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s0 >> 24) ] & 0xff000000U) ^
+ rk[1];
+ *(u32*)(out+8) =
+ (Te2[(s2 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s1 >> 24) ] & 0xff000000U) ^
+ rk[2];
+ *(u32*)(out+12) =
+ (Te2[(s3 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s2 >> 24) ] & 0xff000000U) ^
+ rk[3];
+#endif
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key)
+{
+
+ const u32 *rk;
+ u32 s0, s1, s2, s3, t[4];
+ int r;
+
+ assert(in && out && key);
+ rk = key->rd_key;
+
+ /*
+ * map byte array block to cipher state
+ * and add initial round key:
+ */
+ s0 = GETU32(in ) ^ rk[0];
+ s1 = GETU32(in + 4) ^ rk[1];
+ s2 = GETU32(in + 8) ^ rk[2];
+ s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+ prefetch256(Td4);
+
+ t[0] = (u32)Td4[(s0 ) & 0xff] ^
+ (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s1 >> 24) ] << 24;
+ t[1] = (u32)Td4[(s1 ) & 0xff] ^
+ (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s2 >> 24) ] << 24;
+ t[2] = (u32)Td4[(s2 ) & 0xff] ^
+ (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s3 >> 24) ] << 24;
+ t[3] = (u32)Td4[(s3 ) & 0xff] ^
+ (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s0 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ {
+ int i;
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ for (i = 0; i < 4; i++) {
+ tp1 = t[i];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ t[i] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+ t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 24) ^ (tp9 << 8) ^
+ (tpb >> 8) ^ (tpb << 24);
+#endif
+ t[i] ^= rk[4+i];
+ }
+ }
+#else
+ t[0] = Td0[(s0 ) & 0xff] ^
+ Td1[(s3 >> 8) & 0xff] ^
+ Td2[(s2 >> 16) & 0xff] ^
+ Td3[(s1 >> 24) ] ^
+ rk[4];
+ t[1] = Td0[(s1 ) & 0xff] ^
+ Td1[(s0 >> 8) & 0xff] ^
+ Td2[(s3 >> 16) & 0xff] ^
+ Td3[(s2 >> 24) ] ^
+ rk[5];
+ t[2] = Td0[(s2 ) & 0xff] ^
+ Td1[(s1 >> 8) & 0xff] ^
+ Td2[(s0 >> 16) & 0xff] ^
+ Td3[(s3 >> 24) ] ^
+ rk[6];
+ t[3] = Td0[(s3 ) & 0xff] ^
+ Td1[(s2 >> 8) & 0xff] ^
+ Td2[(s1 >> 16) & 0xff] ^
+ Td3[(s0 >> 24) ] ^
+ rk[7];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+ /*
+ * Nr - 2 full rounds:
+ */
+ for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+ t[0] = (u32)Td4[(s0 ) & 0xff] ^
+ (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s1 >> 24) ] << 24;
+ t[1] = (u32)Td4[(s1 ) & 0xff] ^
+ (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s2 >> 24) ] << 24;
+ t[2] = (u32)Td4[(s2 ) & 0xff] ^
+ (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s3 >> 24) ] << 24;
+ t[3] = (u32)Td4[(s3 ) & 0xff] ^
+ (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s0 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ {
+ int i;
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ for (i = 0; i < 4; i++) {
+ tp1 = t[i];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ t[i] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+ t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 24) ^ (tp9 << 8) ^
+ (tpb >> 8) ^ (tpb << 24);
+#endif
+ t[i] ^= rk[i];
+ }
+ }
+#else
+ t[0] = Td0[(s0 ) & 0xff] ^
+ Td1[(s3 >> 8) & 0xff] ^
+ Td2[(s2 >> 16) & 0xff] ^
+ Td3[(s1 >> 24) ] ^
+ rk[0];
+ t[1] = Td0[(s1 ) & 0xff] ^
+ Td1[(s0 >> 8) & 0xff] ^
+ Td2[(s3 >> 16) & 0xff] ^
+ Td3[(s2 >> 24) ] ^
+ rk[1];
+ t[2] = Td0[(s2 ) & 0xff] ^
+ Td1[(s1 >> 8) & 0xff] ^
+ Td2[(s0 >> 16) & 0xff] ^
+ Td3[(s3 >> 24) ] ^
+ rk[2];
+ t[3] = Td0[(s3 ) & 0xff] ^
+ Td1[(s2 >> 8) & 0xff] ^
+ Td2[(s1 >> 16) & 0xff] ^
+ Td3[(s0 >> 24) ] ^
+ rk[3];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+ }
+ /*
+ * apply last round and
+ * map cipher state to byte array block:
+ */
+ prefetch256(Td4);
+
+ *(u32*)(out+0) =
+ ((u32)Td4[(s0 ) & 0xff]) ^
+ ((u32)Td4[(s3 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s2 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s1 >> 24) ] << 24) ^
+ rk[0];
+ *(u32*)(out+4) =
+ ((u32)Td4[(s1 ) & 0xff]) ^
+ ((u32)Td4[(s0 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s3 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s2 >> 24) ] << 24) ^
+ rk[1];
+ *(u32*)(out+8) =
+ ((u32)Td4[(s2 ) & 0xff]) ^
+ ((u32)Td4[(s1 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s0 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s3 >> 24) ] << 24) ^
+ rk[2];
+ *(u32*)(out+12) =
+ ((u32)Td4[(s3 ) & 0xff]) ^
+ ((u32)Td4[(s2 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s1 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s0 >> 24) ] << 24) ^
+ rk[3];
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/a_bytes.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,306 +0,0 @@
-/* crypto/asn1/a_bytes.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
-/*
- * type is a 'bitmap' of acceptable string types.
- */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
- long length, int type)
-{
- ASN1_STRING *ret = NULL;
- const unsigned char *p;
- unsigned char *s;
- long len;
- int inf, tag, xclass;
- int i = 0;
-
- p = *pp;
- inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
- if (inf & 0x80)
- goto err;
-
- if (tag >= 32) {
- i = ASN1_R_TAG_VALUE_TOO_HIGH;
- goto err;
- }
- if (!(ASN1_tag2bit(tag) & type)) {
- i = ASN1_R_WRONG_TYPE;
- goto err;
- }
-
- /* If a bit-string, exit early */
- if (tag == V_ASN1_BIT_STRING)
- return (d2i_ASN1_BIT_STRING(a, pp, length));
-
- if ((a == NULL) || ((*a) == NULL)) {
- if ((ret = ASN1_STRING_new()) == NULL)
- return (NULL);
- } else
- ret = (*a);
-
- if (len != 0) {
- s = (unsigned char *)OPENSSL_malloc((int)len + 1);
- if (s == NULL) {
- i = ERR_R_MALLOC_FAILURE;
- goto err;
- }
- memcpy(s, p, (int)len);
- s[len] = '\0';
- p += len;
- } else
- s = NULL;
-
- if (ret->data != NULL)
- OPENSSL_free(ret->data);
- ret->length = (int)len;
- ret->data = s;
- ret->type = tag;
- if (a != NULL)
- (*a) = ret;
- *pp = p;
- return (ret);
- err:
- ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_STRING_free(ret);
- return (NULL);
-}
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
-{
- int ret, r, constructed;
- unsigned char *p;
-
- if (a == NULL)
- return (0);
-
- if (tag == V_ASN1_BIT_STRING)
- return (i2d_ASN1_BIT_STRING(a, pp));
-
- ret = a->length;
- r = ASN1_object_size(0, ret, tag);
- if (pp == NULL)
- return (r);
- p = *pp;
-
- if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
- constructed = 1;
- else
- constructed = 0;
- ASN1_put_object(&p, constructed, ret, tag, xclass);
- memcpy(p, a->data, a->length);
- p += a->length;
- *pp = p;
- return (r);
-}
-
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
- long length, int Ptag, int Pclass)
-{
- ASN1_STRING *ret = NULL;
- const unsigned char *p;
- unsigned char *s;
- long len;
- int inf, tag, xclass;
- int i = 0;
-
- if ((a == NULL) || ((*a) == NULL)) {
- if ((ret = ASN1_STRING_new()) == NULL)
- return (NULL);
- } else
- ret = (*a);
-
- p = *pp;
- inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
- if (inf & 0x80) {
- i = ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != Ptag) {
- i = ASN1_R_WRONG_TAG;
- goto err;
- }
-
- if (inf & V_ASN1_CONSTRUCTED) {
- ASN1_const_CTX c;
-
- c.pp = pp;
- c.p = p;
- c.inf = inf;
- c.slen = len;
- c.tag = Ptag;
- c.xclass = Pclass;
- c.max = (length == 0) ? 0 : (p + length);
- if (!asn1_collate_primitive(ret, &c))
- goto err;
- else {
- p = c.p;
- }
- } else {
- if (len != 0) {
- if ((ret->length < len) || (ret->data == NULL)) {
- if (ret->data != NULL)
- OPENSSL_free(ret->data);
- s = (unsigned char *)OPENSSL_malloc((int)len + 1);
- if (s == NULL) {
- i = ERR_R_MALLOC_FAILURE;
- goto err;
- }
- } else
- s = ret->data;
- memcpy(s, p, (int)len);
- s[len] = '\0';
- p += len;
- } else {
- s = NULL;
- if (ret->data != NULL)
- OPENSSL_free(ret->data);
- }
-
- ret->length = (int)len;
- ret->data = s;
- ret->type = Ptag;
- }
-
- if (a != NULL)
- (*a) = ret;
- *pp = p;
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_STRING_free(ret);
- ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
- return (NULL);
-}
-
-/*
- * We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse them
- * into the one structure that is then returned
- */
-/*
- * There have been a few bug fixes for this function from Paul Keogh
- * <paul.keogh at sse.ie>, many thanks to him
- */
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
-{
- ASN1_STRING *os = NULL;
- BUF_MEM b;
- int num;
-
- b.length = 0;
- b.max = 0;
- b.data = NULL;
-
- if (a == NULL) {
- c->error = ERR_R_PASSED_NULL_PARAMETER;
- goto err;
- }
-
- num = 0;
- for (;;) {
- if (c->inf & 1) {
- c->eos = ASN1_const_check_infinite_end(&c->p,
- (long)(c->max - c->p));
- if (c->eos)
- break;
- } else {
- if (c->slen <= 0)
- break;
- }
-
- c->q = c->p;
- if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass)
- == NULL) {
- c->error = ERR_R_ASN1_LIB;
- goto err;
- }
-
- if (!BUF_MEM_grow_clean(&b, num + os->length)) {
- c->error = ERR_R_BUF_LIB;
- goto err;
- }
- memcpy(&(b.data[num]), os->data, os->length);
- if (!(c->inf & 1))
- c->slen -= (c->p - c->q);
- num += os->length;
- }
-
- if (!asn1_const_Finish(c))
- goto err;
-
- a->length = num;
- if (a->data != NULL)
- OPENSSL_free(a->data);
- a->data = (unsigned char *)b.data;
- if (os != NULL)
- ASN1_STRING_free(os);
- return (1);
- err:
- ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
- if (os != NULL)
- ASN1_STRING_free(os);
- if (b.data != NULL)
- OPENSSL_free(b.data);
- return (0);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/a_bytes.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_bytes.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,334 @@
+/* crypto/asn1/a_bytes.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
+ int depth);
+static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
+ const unsigned char **pp, long length,
+ int Ptag, int Pclass, int depth,
+ int *perr);
+/*
+ * type is a 'bitmap' of acceptable string types.
+ */
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
+ long length, int type)
+{
+ ASN1_STRING *ret = NULL;
+ const unsigned char *p;
+ unsigned char *s;
+ long len;
+ int inf, tag, xclass;
+ int i = 0;
+
+ p = *pp;
+ inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+ if (inf & 0x80)
+ goto err;
+
+ if (tag >= 32) {
+ i = ASN1_R_TAG_VALUE_TOO_HIGH;
+ goto err;
+ }
+ if (!(ASN1_tag2bit(tag) & type)) {
+ i = ASN1_R_WRONG_TYPE;
+ goto err;
+ }
+
+ /* If a bit-string, exit early */
+ if (tag == V_ASN1_BIT_STRING)
+ return (d2i_ASN1_BIT_STRING(a, pp, length));
+
+ if ((a == NULL) || ((*a) == NULL)) {
+ if ((ret = ASN1_STRING_new()) == NULL)
+ return (NULL);
+ } else
+ ret = (*a);
+
+ if (len != 0) {
+ s = OPENSSL_malloc((int)len + 1);
+ if (s == NULL) {
+ i = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ memcpy(s, p, (int)len);
+ s[len] = '\0';
+ p += len;
+ } else
+ s = NULL;
+
+ if (ret->data != NULL)
+ OPENSSL_free(ret->data);
+ ret->length = (int)len;
+ ret->data = s;
+ ret->type = tag;
+ if (a != NULL)
+ (*a) = ret;
+ *pp = p;
+ return (ret);
+ err:
+ ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_STRING_free(ret);
+ return (NULL);
+}
+
+int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
+{
+ int ret, r, constructed;
+ unsigned char *p;
+
+ if (a == NULL)
+ return (0);
+
+ if (tag == V_ASN1_BIT_STRING)
+ return (i2d_ASN1_BIT_STRING(a, pp));
+
+ ret = a->length;
+ r = ASN1_object_size(0, ret, tag);
+ if (pp == NULL)
+ return (r);
+ p = *pp;
+
+ if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
+ constructed = 1;
+ else
+ constructed = 0;
+ ASN1_put_object(&p, constructed, ret, tag, xclass);
+ memcpy(p, a->data, a->length);
+ p += a->length;
+ *pp = p;
+ return (r);
+}
+
+/*
+ * Maximum recursion depth of d2i_ASN1_bytes(): much more than should be
+ * encountered in pratice.
+ */
+
+#define ASN1_BYTES_MAXDEPTH 20
+
+ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
+ long length, int Ptag, int Pclass)
+{
+ int err = 0;
+ ASN1_STRING *s = int_d2i_ASN1_bytes(a, pp, length, Ptag, Pclass, 0, &err);
+ if (err != 0)
+ ASN1err(ASN1_F_D2I_ASN1_BYTES, err);
+ return s;
+}
+
+static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
+ const unsigned char **pp, long length,
+ int Ptag, int Pclass,
+ int depth, int *perr)
+{
+ ASN1_STRING *ret = NULL;
+ const unsigned char *p;
+ unsigned char *s;
+ long len;
+ int inf, tag, xclass;
+
+ if (depth > ASN1_BYTES_MAXDEPTH) {
+ *perr = ASN1_R_NESTED_ASN1_STRING;
+ return NULL;
+ }
+
+ if ((a == NULL) || ((*a) == NULL)) {
+ if ((ret = ASN1_STRING_new()) == NULL)
+ return (NULL);
+ } else
+ ret = (*a);
+
+ p = *pp;
+ inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+ if (inf & 0x80) {
+ *perr = ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != Ptag) {
+ *perr = ASN1_R_WRONG_TAG;
+ goto err;
+ }
+
+ if (inf & V_ASN1_CONSTRUCTED) {
+ ASN1_const_CTX c;
+
+ c.error = 0;
+ c.pp = pp;
+ c.p = p;
+ c.inf = inf;
+ c.slen = len;
+ c.tag = Ptag;
+ c.xclass = Pclass;
+ c.max = (length == 0) ? 0 : (p + length);
+ if (!asn1_collate_primitive(ret, &c, depth)) {
+ *perr = c.error;
+ goto err;
+ } else {
+ p = c.p;
+ }
+ } else {
+ if (len != 0) {
+ if ((ret->length < len) || (ret->data == NULL)) {
+ s = OPENSSL_malloc((int)len + 1);
+ if (s == NULL) {
+ *perr = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ if (ret->data != NULL)
+ OPENSSL_free(ret->data);
+ } else
+ s = ret->data;
+ memcpy(s, p, (int)len);
+ s[len] = '\0';
+ p += len;
+ } else {
+ s = NULL;
+ if (ret->data != NULL)
+ OPENSSL_free(ret->data);
+ }
+
+ ret->length = (int)len;
+ ret->data = s;
+ ret->type = Ptag;
+ }
+
+ if (a != NULL)
+ (*a) = ret;
+ *pp = p;
+ return (ret);
+ err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_STRING_free(ret);
+ return (NULL);
+}
+
+/*
+ * We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse them
+ * into the one structure that is then returned
+ */
+/*
+ * There have been a few bug fixes for this function from Paul Keogh
+ * <paul.keogh at sse.ie>, many thanks to him
+ */
+static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
+ int depth)
+{
+ ASN1_STRING *os = NULL;
+ BUF_MEM b;
+ int num;
+
+ b.length = 0;
+ b.max = 0;
+ b.data = NULL;
+
+ if (a == NULL) {
+ c->error = ERR_R_PASSED_NULL_PARAMETER;
+ goto err;
+ }
+
+ num = 0;
+ for (;;) {
+ if (c->inf & 1) {
+ c->eos = ASN1_const_check_infinite_end(&c->p,
+ (long)(c->max - c->p));
+ if (c->eos)
+ break;
+ } else {
+ if (c->slen <= 0)
+ break;
+ }
+
+ c->q = c->p;
+ if (int_d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass,
+ depth + 1, &c->error) == NULL) {
+ goto err;
+ }
+
+ if (!BUF_MEM_grow_clean(&b, num + os->length)) {
+ c->error = ERR_R_BUF_LIB;
+ goto err;
+ }
+ memcpy(&(b.data[num]), os->data, os->length);
+ if (!(c->inf & 1))
+ c->slen -= (c->p - c->q);
+ num += os->length;
+ }
+
+ if (!asn1_const_Finish(c))
+ goto err;
+
+ a->length = num;
+ if (a->data != NULL)
+ OPENSSL_free(a->data);
+ a->data = (unsigned char *)b.data;
+ if (os != NULL)
+ ASN1_STRING_free(os);
+ return (1);
+ err:
+ if (os != NULL)
+ ASN1_STRING_free(os);
+ if (b.data != NULL)
+ OPENSSL_free(b.data);
+ return (0);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/a_d2i_fp.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,268 +0,0 @@
-/* crypto/asn1/a_d2i_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
-
-#ifndef NO_OLD_ASN1
-# ifndef OPENSSL_NO_FP_API
-
-void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
-{
- BIO *b;
- void *ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
- return (NULL);
- }
- BIO_set_fp(b, in, BIO_NOCLOSE);
- ret = ASN1_d2i_bio(xnew, d2i, b, x);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
-{
- BUF_MEM *b = NULL;
- const unsigned char *p;
- void *ret = NULL;
- int len;
-
- len = asn1_d2i_read_bio(in, &b);
- if (len < 0)
- goto err;
-
- p = (unsigned char *)b->data;
- ret = d2i(x, &p, len);
- err:
- if (b != NULL)
- BUF_MEM_free(b);
- return (ret);
-}
-
-#endif
-
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
-{
- BUF_MEM *b = NULL;
- const unsigned char *p;
- void *ret = NULL;
- int len;
-
- len = asn1_d2i_read_bio(in, &b);
- if (len < 0)
- goto err;
-
- p = (const unsigned char *)b->data;
- ret = ASN1_item_d2i(x, &p, len, it);
- err:
- if (b != NULL)
- BUF_MEM_free(b);
- return (ret);
-}
-
-#ifndef OPENSSL_NO_FP_API
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
-{
- BIO *b;
- char *ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
- return (NULL);
- }
- BIO_set_fp(b, in, BIO_NOCLOSE);
- ret = ASN1_item_d2i_bio(it, b, x);
- BIO_free(b);
- return (ret);
-}
-#endif
-
-#define HEADER_SIZE 8
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
-{
- BUF_MEM *b;
- unsigned char *p;
- int i;
- ASN1_const_CTX c;
- size_t want = HEADER_SIZE;
- int eos = 0;
- size_t off = 0;
- size_t len = 0;
-
- b = BUF_MEM_new();
- if (b == NULL) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
- return -1;
- }
-
- ERR_clear_error();
- for (;;) {
- if (want >= (len - off)) {
- want -= (len - off);
-
- if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- i = BIO_read(in, &(b->data[len]), want);
- if ((i < 0) && ((len - off) == 0)) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA);
- goto err;
- }
- if (i > 0) {
- if (len + i < len) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
- goto err;
- }
- len += i;
- }
- }
- /* else data already loaded */
-
- p = (unsigned char *)&(b->data[off]);
- c.p = p;
- c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass),
- len - off);
- if (c.inf & 0x80) {
- unsigned long e;
-
- e = ERR_GET_REASON(ERR_peek_error());
- if (e != ASN1_R_TOO_LONG)
- goto err;
- else
- ERR_clear_error(); /* clear error */
- }
- i = c.p - p; /* header length */
- off += i; /* end of data */
-
- if (c.inf & 1) {
- /* no data body so go round again */
- eos++;
- if (eos < 0) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG);
- goto err;
- }
- want = HEADER_SIZE;
- } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
- /* eos value, so go back and read another header */
- eos--;
- if (eos <= 0)
- break;
- else
- want = HEADER_SIZE;
- } else {
- /* suck in c.slen bytes of data */
- want = c.slen;
- if (want > (len - off)) {
- want -= (len - off);
- if (want > INT_MAX /* BIO_read takes an int length */ ||
- len + want < len) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
- goto err;
- }
- if (!BUF_MEM_grow_clean(b, len + want)) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- while (want > 0) {
- i = BIO_read(in, &(b->data[len]), want);
- if (i <= 0) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
- ASN1_R_NOT_ENOUGH_DATA);
- goto err;
- }
- /*
- * This can't overflow because |len+want| didn't
- * overflow.
- */
- len += i;
- want -= i;
- }
- }
- if (off + c.slen < off) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
- goto err;
- }
- off += c.slen;
- if (eos <= 0) {
- break;
- } else
- want = HEADER_SIZE;
- }
- }
-
- if (off > INT_MAX) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
- goto err;
- }
-
- *pb = b;
- return off;
- err:
- if (b != NULL)
- BUF_MEM_free(b);
- return -1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/a_d2i_fp.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_d2i_fp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,284 @@
+/* crypto/asn1/a_d2i_fp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1_mac.h>
+
+static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
+
+#ifndef NO_OLD_ASN1
+# ifndef OPENSSL_NO_FP_API
+
+void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
+{
+ BIO *b;
+ void *ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
+ return (NULL);
+ }
+ BIO_set_fp(b, in, BIO_NOCLOSE);
+ ret = ASN1_d2i_bio(xnew, d2i, b, x);
+ BIO_free(b);
+ return (ret);
+}
+# endif
+
+void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
+{
+ BUF_MEM *b = NULL;
+ const unsigned char *p;
+ void *ret = NULL;
+ int len;
+
+ len = asn1_d2i_read_bio(in, &b);
+ if (len < 0)
+ goto err;
+
+ p = (unsigned char *)b->data;
+ ret = d2i(x, &p, len);
+ err:
+ if (b != NULL)
+ BUF_MEM_free(b);
+ return (ret);
+}
+
+#endif
+
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
+{
+ BUF_MEM *b = NULL;
+ const unsigned char *p;
+ void *ret = NULL;
+ int len;
+
+ len = asn1_d2i_read_bio(in, &b);
+ if (len < 0)
+ goto err;
+
+ p = (const unsigned char *)b->data;
+ ret = ASN1_item_d2i(x, &p, len, it);
+ err:
+ if (b != NULL)
+ BUF_MEM_free(b);
+ return (ret);
+}
+
+#ifndef OPENSSL_NO_FP_API
+void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
+{
+ BIO *b;
+ char *ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
+ return (NULL);
+ }
+ BIO_set_fp(b, in, BIO_NOCLOSE);
+ ret = ASN1_item_d2i_bio(it, b, x);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+#define HEADER_SIZE 8
+#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
+static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
+{
+ BUF_MEM *b;
+ unsigned char *p;
+ int i;
+ ASN1_const_CTX c;
+ size_t want = HEADER_SIZE;
+ int eos = 0;
+ size_t off = 0;
+ size_t len = 0;
+
+ b = BUF_MEM_new();
+ if (b == NULL) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+
+ ERR_clear_error();
+ for (;;) {
+ if (want >= (len - off)) {
+ want -= (len - off);
+
+ if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i = BIO_read(in, &(b->data[len]), want);
+ if ((i < 0) && ((len - off) == 0)) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
+ if (i > 0) {
+ if (len + i < len) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+ goto err;
+ }
+ len += i;
+ }
+ }
+ /* else data already loaded */
+
+ p = (unsigned char *)&(b->data[off]);
+ c.p = p;
+ c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass),
+ len - off);
+ if (c.inf & 0x80) {
+ unsigned long e;
+
+ e = ERR_GET_REASON(ERR_peek_error());
+ if (e != ASN1_R_TOO_LONG)
+ goto err;
+ else
+ ERR_clear_error(); /* clear error */
+ }
+ i = c.p - p; /* header length */
+ off += i; /* end of data */
+
+ if (c.inf & 1) {
+ /* no data body so go round again */
+ eos++;
+ if (eos < 0) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG);
+ goto err;
+ }
+ want = HEADER_SIZE;
+ } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
+ /* eos value, so go back and read another header */
+ eos--;
+ if (eos <= 0)
+ break;
+ else
+ want = HEADER_SIZE;
+ } else {
+ /* suck in c.slen bytes of data */
+ want = c.slen;
+ if (want > (len - off)) {
+ size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
+
+ want -= (len - off);
+ if (want > INT_MAX /* BIO_read takes an int length */ ||
+ len + want < len) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+ goto err;
+ }
+ while (want > 0) {
+ /*
+ * Read content in chunks of increasing size
+ * so we can return an error for EOF without
+ * having to allocate the entire content length
+ * in one go.
+ */
+ size_t chunk = want > chunk_max ? chunk_max : want;
+
+ if (!BUF_MEM_grow_clean(b, len + chunk)) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ want -= chunk;
+ while (chunk > 0) {
+ i = BIO_read(in, &(b->data[len]), chunk);
+ if (i <= 0) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
+ ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
+ /*
+ * This can't overflow because |len+want| didn't
+ * overflow.
+ */
+ len += i;
+ chunk -= i;
+ }
+ if (chunk_max < INT_MAX/2)
+ chunk_max *= 2;
+ }
+ }
+ if (off + c.slen < off) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+ goto err;
+ }
+ off += c.slen;
+ if (eos <= 0) {
+ break;
+ } else
+ want = HEADER_SIZE;
+ }
+ }
+
+ if (off > INT_MAX) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+ goto err;
+ }
+
+ *pb = b;
+ return off;
+ err:
+ if (b != NULL)
+ BUF_MEM_free(b);
+ return -1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/a_object.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,402 +0,0 @@
-/* crypto/asn1/a_object.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
-{
- unsigned char *p;
- int objsize;
-
- if ((a == NULL) || (a->data == NULL))
- return (0);
-
- objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
- if (pp == NULL)
- return objsize;
-
- p = *pp;
- ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
- memcpy(p, a->data, a->length);
- p += a->length;
-
- *pp = p;
- return (objsize);
-}
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
-{
- int i, first, len = 0, c, use_bn;
- char ftmp[24], *tmp = ftmp;
- int tmpsize = sizeof ftmp;
- const char *p;
- unsigned long l;
- BIGNUM *bl = NULL;
-
- if (num == 0)
- return (0);
- else if (num == -1)
- num = strlen(buf);
-
- p = buf;
- c = *(p++);
- num--;
- if ((c >= '0') && (c <= '2')) {
- first = c - '0';
- } else {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
- goto err;
- }
-
- if (num <= 0) {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
- goto err;
- }
- c = *(p++);
- num--;
- for (;;) {
- if (num <= 0)
- break;
- if ((c != '.') && (c != ' ')) {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
- goto err;
- }
- l = 0;
- use_bn = 0;
- for (;;) {
- if (num <= 0)
- break;
- num--;
- c = *(p++);
- if ((c == ' ') || (c == '.'))
- break;
- if ((c < '0') || (c > '9')) {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
- goto err;
- }
- if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
- use_bn = 1;
- if (!bl)
- bl = BN_new();
- if (!bl || !BN_set_word(bl, l))
- goto err;
- }
- if (use_bn) {
- if (!BN_mul_word(bl, 10L)
- || !BN_add_word(bl, c - '0'))
- goto err;
- } else
- l = l * 10L + (long)(c - '0');
- }
- if (len == 0) {
- if ((first < 2) && (l >= 40)) {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,
- ASN1_R_SECOND_NUMBER_TOO_LARGE);
- goto err;
- }
- if (use_bn) {
- if (!BN_add_word(bl, first * 40))
- goto err;
- } else
- l += (long)first *40;
- }
- i = 0;
- if (use_bn) {
- int blsize;
- blsize = BN_num_bits(bl);
- blsize = (blsize + 6) / 7;
- if (blsize > tmpsize) {
- if (tmp != ftmp)
- OPENSSL_free(tmp);
- tmpsize = blsize + 32;
- tmp = OPENSSL_malloc(tmpsize);
- if (!tmp)
- goto err;
- }
- while (blsize--)
- tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
- } else {
-
- for (;;) {
- tmp[i++] = (unsigned char)l & 0x7f;
- l >>= 7L;
- if (l == 0L)
- break;
- }
-
- }
- if (out != NULL) {
- if (len + i > olen) {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
- goto err;
- }
- while (--i > 0)
- out[len++] = tmp[i] | 0x80;
- out[len++] = tmp[0];
- } else
- len += i;
- }
- if (tmp != ftmp)
- OPENSSL_free(tmp);
- if (bl)
- BN_free(bl);
- return (len);
- err:
- if (tmp != ftmp)
- OPENSSL_free(tmp);
- if (bl)
- BN_free(bl);
- return (0);
-}
-
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
-{
- return OBJ_obj2txt(buf, buf_len, a, 0);
-}
-
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
-{
- char buf[80], *p = buf;
- int i;
-
- if ((a == NULL) || (a->data == NULL))
- return (BIO_write(bp, "NULL", 4));
- i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
- if (i > (int)(sizeof(buf) - 1)) {
- p = OPENSSL_malloc(i + 1);
- if (!p)
- return -1;
- i2t_ASN1_OBJECT(p, i + 1, a);
- }
- if (i <= 0)
- return BIO_write(bp, "<INVALID>", 9);
- BIO_write(bp, p, i);
- if (p != buf)
- OPENSSL_free(p);
- return (i);
-}
-
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
- long length)
-{
- const unsigned char *p;
- long len;
- int tag, xclass;
- int inf, i;
- ASN1_OBJECT *ret = NULL;
- p = *pp;
- inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
- if (inf & 0x80) {
- i = ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_OBJECT) {
- i = ASN1_R_EXPECTING_AN_OBJECT;
- goto err;
- }
- ret = c2i_ASN1_OBJECT(a, &p, len);
- if (ret)
- *pp = p;
- return ret;
- err:
- ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
- return (NULL);
-}
-
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
- long len)
-{
- ASN1_OBJECT *ret = NULL;
- const unsigned char *p;
- unsigned char *data;
- int i, length;
-
- /*
- * Sanity check OID encoding. Need at least one content octet. MSB must
- * be clear in the last octet. can't have leading 0x80 in subidentifiers,
- * see: X.690 8.19.2
- */
- if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
- p[len - 1] & 0x80) {
- ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
- return NULL;
- }
- /* Now 0 < len <= INT_MAX, so the cast is safe. */
- length = (int)len;
- for (i = 0; i < length; i++, p++) {
- if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
- ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
- return NULL;
- }
- }
-
- /*
- * only the ASN1_OBJECTs from the 'table' will have values for ->sn or
- * ->ln
- */
- if ((a == NULL) || ((*a) == NULL) ||
- !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
- if ((ret = ASN1_OBJECT_new()) == NULL)
- return (NULL);
- } else
- ret = (*a);
-
- p = *pp;
- /* detach data from object */
- data = (unsigned char *)ret->data;
- ret->data = NULL;
- /* once detached we can change it */
- if ((data == NULL) || (ret->length < length)) {
- ret->length = 0;
- if (data != NULL)
- OPENSSL_free(data);
- data = (unsigned char *)OPENSSL_malloc(length);
- if (data == NULL) {
- i = ERR_R_MALLOC_FAILURE;
- goto err;
- }
- ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- }
- memcpy(data, p, length);
- /* reattach data to object, after which it remains const */
- ret->data = data;
- ret->length = length;
- ret->sn = NULL;
- ret->ln = NULL;
- /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
- p += length;
-
- if (a != NULL)
- (*a) = ret;
- *pp = p;
- return (ret);
- err:
- ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_OBJECT_free(ret);
- return (NULL);
-}
-
-ASN1_OBJECT *ASN1_OBJECT_new(void)
-{
- ASN1_OBJECT *ret;
-
- ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
- if (ret == NULL) {
- ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- ret->length = 0;
- ret->data = NULL;
- ret->nid = 0;
- ret->sn = NULL;
- ret->ln = NULL;
- ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
- return (ret);
-}
-
-void ASN1_OBJECT_free(ASN1_OBJECT *a)
-{
- if (a == NULL)
- return;
- if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
-#ifndef CONST_STRICT /* disable purely for compile-time strict
- * const checking. Doing this on a "real"
- * compile will cause memory leaks */
- if (a->sn != NULL)
- OPENSSL_free((void *)a->sn);
- if (a->ln != NULL)
- OPENSSL_free((void *)a->ln);
-#endif
- a->sn = a->ln = NULL;
- }
- if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
- if (a->data != NULL)
- OPENSSL_free((void *)a->data);
- a->data = NULL;
- a->length = 0;
- }
- if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
- OPENSSL_free(a);
-}
-
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
- const char *sn, const char *ln)
-{
- ASN1_OBJECT o;
-
- o.sn = sn;
- o.ln = ln;
- o.data = data;
- o.nid = nid;
- o.length = len;
- o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
- ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- return (OBJ_dup(&o));
-}
-
-IMPLEMENT_STACK_OF(ASN1_OBJECT)
-
-IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/a_object.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_object.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,406 @@
+/* crypto/asn1/a_object.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
+{
+ unsigned char *p;
+ int objsize;
+
+ if ((a == NULL) || (a->data == NULL))
+ return (0);
+
+ objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
+ if (pp == NULL || objsize == -1)
+ return objsize;
+
+ p = *pp;
+ ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
+ memcpy(p, a->data, a->length);
+ p += a->length;
+
+ *pp = p;
+ return (objsize);
+}
+
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
+{
+ int i, first, len = 0, c, use_bn;
+ char ftmp[24], *tmp = ftmp;
+ int tmpsize = sizeof ftmp;
+ const char *p;
+ unsigned long l;
+ BIGNUM *bl = NULL;
+
+ if (num == 0)
+ return (0);
+ else if (num == -1)
+ num = strlen(buf);
+
+ p = buf;
+ c = *(p++);
+ num--;
+ if ((c >= '0') && (c <= '2')) {
+ first = c - '0';
+ } else {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
+ goto err;
+ }
+
+ if (num <= 0) {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
+ goto err;
+ }
+ c = *(p++);
+ num--;
+ for (;;) {
+ if (num <= 0)
+ break;
+ if ((c != '.') && (c != ' ')) {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
+ goto err;
+ }
+ l = 0;
+ use_bn = 0;
+ for (;;) {
+ if (num <= 0)
+ break;
+ num--;
+ c = *(p++);
+ if ((c == ' ') || (c == '.'))
+ break;
+ if ((c < '0') || (c > '9')) {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
+ goto err;
+ }
+ if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
+ use_bn = 1;
+ if (!bl)
+ bl = BN_new();
+ if (!bl || !BN_set_word(bl, l))
+ goto err;
+ }
+ if (use_bn) {
+ if (!BN_mul_word(bl, 10L)
+ || !BN_add_word(bl, c - '0'))
+ goto err;
+ } else
+ l = l * 10L + (long)(c - '0');
+ }
+ if (len == 0) {
+ if ((first < 2) && (l >= 40)) {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,
+ ASN1_R_SECOND_NUMBER_TOO_LARGE);
+ goto err;
+ }
+ if (use_bn) {
+ if (!BN_add_word(bl, first * 40))
+ goto err;
+ } else
+ l += (long)first *40;
+ }
+ i = 0;
+ if (use_bn) {
+ int blsize;
+ blsize = BN_num_bits(bl);
+ blsize = (blsize + 6) / 7;
+ if (blsize > tmpsize) {
+ if (tmp != ftmp)
+ OPENSSL_free(tmp);
+ tmpsize = blsize + 32;
+ tmp = OPENSSL_malloc(tmpsize);
+ if (!tmp)
+ goto err;
+ }
+ while (blsize--) {
+ BN_ULONG t = BN_div_word(bl, 0x80L);
+ if (t == (BN_ULONG)-1)
+ goto err;
+ tmp[i++] = (unsigned char)t;
+ }
+ } else {
+
+ for (;;) {
+ tmp[i++] = (unsigned char)l & 0x7f;
+ l >>= 7L;
+ if (l == 0L)
+ break;
+ }
+
+ }
+ if (out != NULL) {
+ if (len + i > olen) {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+ while (--i > 0)
+ out[len++] = tmp[i] | 0x80;
+ out[len++] = tmp[0];
+ } else
+ len += i;
+ }
+ if (tmp != ftmp)
+ OPENSSL_free(tmp);
+ if (bl)
+ BN_free(bl);
+ return (len);
+ err:
+ if (tmp != ftmp)
+ OPENSSL_free(tmp);
+ if (bl)
+ BN_free(bl);
+ return (0);
+}
+
+int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
+{
+ return OBJ_obj2txt(buf, buf_len, a, 0);
+}
+
+int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
+{
+ char buf[80], *p = buf;
+ int i;
+
+ if ((a == NULL) || (a->data == NULL))
+ return (BIO_write(bp, "NULL", 4));
+ i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
+ if (i > (int)(sizeof(buf) - 1)) {
+ p = OPENSSL_malloc(i + 1);
+ if (!p)
+ return -1;
+ i2t_ASN1_OBJECT(p, i + 1, a);
+ }
+ if (i <= 0)
+ return BIO_write(bp, "<INVALID>", 9);
+ BIO_write(bp, p, i);
+ if (p != buf)
+ OPENSSL_free(p);
+ return (i);
+}
+
+ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long length)
+{
+ const unsigned char *p;
+ long len;
+ int tag, xclass;
+ int inf, i;
+ ASN1_OBJECT *ret = NULL;
+ p = *pp;
+ inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+ if (inf & 0x80) {
+ i = ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_OBJECT) {
+ i = ASN1_R_EXPECTING_AN_OBJECT;
+ goto err;
+ }
+ ret = c2i_ASN1_OBJECT(a, &p, len);
+ if (ret)
+ *pp = p;
+ return ret;
+ err:
+ ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
+ return (NULL);
+}
+
+ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long len)
+{
+ ASN1_OBJECT *ret = NULL;
+ const unsigned char *p;
+ unsigned char *data;
+ int i, length;
+
+ /*
+ * Sanity check OID encoding. Need at least one content octet. MSB must
+ * be clear in the last octet. can't have leading 0x80 in subidentifiers,
+ * see: X.690 8.19.2
+ */
+ if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
+ p[len - 1] & 0x80) {
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
+ return NULL;
+ }
+ /* Now 0 < len <= INT_MAX, so the cast is safe. */
+ length = (int)len;
+ for (i = 0; i < length; i++, p++) {
+ if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
+ return NULL;
+ }
+ }
+
+ /*
+ * only the ASN1_OBJECTs from the 'table' will have values for ->sn or
+ * ->ln
+ */
+ if ((a == NULL) || ((*a) == NULL) ||
+ !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
+ if ((ret = ASN1_OBJECT_new()) == NULL)
+ return (NULL);
+ } else
+ ret = (*a);
+
+ p = *pp;
+ /* detach data from object */
+ data = (unsigned char *)ret->data;
+ ret->data = NULL;
+ /* once detached we can change it */
+ if ((data == NULL) || (ret->length < length)) {
+ ret->length = 0;
+ if (data != NULL)
+ OPENSSL_free(data);
+ data = (unsigned char *)OPENSSL_malloc(length);
+ if (data == NULL) {
+ i = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ }
+ memcpy(data, p, length);
+ /* reattach data to object, after which it remains const */
+ ret->data = data;
+ ret->length = length;
+ ret->sn = NULL;
+ ret->ln = NULL;
+ /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
+ p += length;
+
+ if (a != NULL)
+ (*a) = ret;
+ *pp = p;
+ return (ret);
+ err:
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_OBJECT_free(ret);
+ return (NULL);
+}
+
+ASN1_OBJECT *ASN1_OBJECT_new(void)
+{
+ ASN1_OBJECT *ret;
+
+ ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
+ if (ret == NULL) {
+ ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ ret->length = 0;
+ ret->data = NULL;
+ ret->nid = 0;
+ ret->sn = NULL;
+ ret->ln = NULL;
+ ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
+ return (ret);
+}
+
+void ASN1_OBJECT_free(ASN1_OBJECT *a)
+{
+ if (a == NULL)
+ return;
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
+#ifndef CONST_STRICT /* disable purely for compile-time strict
+ * const checking. Doing this on a "real"
+ * compile will cause memory leaks */
+ if (a->sn != NULL)
+ OPENSSL_free((void *)a->sn);
+ if (a->ln != NULL)
+ OPENSSL_free((void *)a->ln);
+#endif
+ a->sn = a->ln = NULL;
+ }
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
+ if (a->data != NULL)
+ OPENSSL_free((void *)a->data);
+ a->data = NULL;
+ a->length = 0;
+ }
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
+ OPENSSL_free(a);
+}
+
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
+ const char *sn, const char *ln)
+{
+ ASN1_OBJECT o;
+
+ o.sn = sn;
+ o.ln = ln;
+ o.data = data;
+ o.nid = nid;
+ o.length = len;
+ o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
+ ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ return (OBJ_dup(&o));
+}
+
+IMPLEMENT_STACK_OF(ASN1_OBJECT)
+
+IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/a_set.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,238 +0,0 @@
-/* crypto/asn1/a_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_ASN1_OLD
-
-typedef struct {
- unsigned char *pbData;
- int cbData;
-} MYBLOB;
-
-/*
- * SetBlobCmp This function compares two elements of SET_OF block
- */
-static int SetBlobCmp(const void *elem1, const void *elem2)
-{
- const MYBLOB *b1 = (const MYBLOB *)elem1;
- const MYBLOB *b2 = (const MYBLOB *)elem2;
- int r;
-
- r = memcmp(b1->pbData, b2->pbData,
- b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
- if (r != 0)
- return r;
- return b1->cbData - b2->cbData;
-}
-
-/*
- * int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)
- */
-int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
- i2d_of_void *i2d, int ex_tag, int ex_class, int is_set)
-{
- int ret = 0, r;
- int i;
- unsigned char *p;
- unsigned char *pStart, *pTempMem;
- MYBLOB *rgSetBlob;
- int totSize;
-
- if (a == NULL)
- return (0);
- for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
- ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
- r = ASN1_object_size(1, ret, ex_tag);
- if (pp == NULL)
- return (r);
-
- p = *pp;
- ASN1_put_object(&p, 1, ret, ex_tag, ex_class);
-
-/* Modified by gp at nsj.co.jp */
- /* And then again by Ben */
- /* And again by Steve */
-
- if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
- for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
- i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
-
- *pp = p;
- return (r);
- }
-
- pStart = p; /* Catch the beg of Setblobs */
- /* In this array we will store the SET blobs */
- rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB));
- if (rgSetBlob == NULL) {
- ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
- return (0);
- }
-
- for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
- rgSetBlob[i].pbData = p; /* catch each set encode blob */
- i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
- rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
- * SetBlob */
- }
- *pp = p;
- totSize = p - pStart; /* This is the total size of all set blobs */
-
- /*
- * Now we have to sort the blobs. I am using a simple algo. *Sort ptrs
- * *Copy to temp-mem *Copy from temp-mem to user-mem
- */
- qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
- if (!(pTempMem = OPENSSL_malloc(totSize))) {
- ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
- return (0);
- }
-
-/* Copy to temp mem */
- p = pTempMem;
- for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
- memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
- p += rgSetBlob[i].cbData;
- }
-
-/* Copy back to user mem*/
- memcpy(pStart, pTempMem, totSize);
- OPENSSL_free(pTempMem);
- OPENSSL_free(rgSetBlob);
-
- return (r);
-}
-
-STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
- const unsigned char **pp,
- long length, d2i_of_void *d2i,
- void (*free_func) (OPENSSL_BLOCK),
- int ex_tag, int ex_class)
-{
- ASN1_const_CTX c;
- STACK_OF(OPENSSL_BLOCK) *ret = NULL;
-
- if ((a == NULL) || ((*a) == NULL)) {
- if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
- ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- } else
- ret = (*a);
-
- c.p = *pp;
- c.max = (length == 0) ? 0 : (c.p + length);
-
- c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p);
- if (c.inf & 0x80)
- goto err;
- if (ex_class != c.xclass) {
- ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS);
- goto err;
- }
- if (ex_tag != c.tag) {
- ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG);
- goto err;
- }
- if ((c.slen + c.p) > c.max) {
- ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR);
- goto err;
- }
- /*
- * check for infinite constructed - it can be as long as the amount of
- * data passed to us
- */
- if (c.inf == (V_ASN1_CONSTRUCTED + 1))
- c.slen = length + *pp - c.p;
- c.max = c.p + c.slen;
-
- while (c.p < c.max) {
- char *s;
-
- if (M_ASN1_D2I_end_sequence())
- break;
- /*
- * XXX: This was called with 4 arguments, incorrectly, it seems if
- * ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
- */
- if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
- ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_ERROR_PARSING_SET_ELEMENT);
- asn1_add_error(*pp, (int)(c.p - *pp));
- goto err;
- }
- if (!sk_OPENSSL_BLOCK_push(ret, s))
- goto err;
- }
- if (a != NULL)
- (*a) = ret;
- *pp = c.p;
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) {
- if (free_func != NULL)
- sk_OPENSSL_BLOCK_pop_free(ret, free_func);
- else
- sk_OPENSSL_BLOCK_free(ret);
- }
- return (NULL);
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/a_set.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_set.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,243 @@
+/* crypto/asn1/a_set.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/asn1_mac.h>
+
+#ifndef NO_ASN1_OLD
+
+typedef struct {
+ unsigned char *pbData;
+ int cbData;
+} MYBLOB;
+
+/*
+ * SetBlobCmp This function compares two elements of SET_OF block
+ */
+static int SetBlobCmp(const void *elem1, const void *elem2)
+{
+ const MYBLOB *b1 = (const MYBLOB *)elem1;
+ const MYBLOB *b2 = (const MYBLOB *)elem2;
+ int r;
+
+ r = memcmp(b1->pbData, b2->pbData,
+ b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
+ if (r != 0)
+ return r;
+ return b1->cbData - b2->cbData;
+}
+
+/*
+ * int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)
+ */
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+ i2d_of_void *i2d, int ex_tag, int ex_class, int is_set)
+{
+ int ret = 0, r;
+ int i;
+ unsigned char *p;
+ unsigned char *pStart, *pTempMem;
+ MYBLOB *rgSetBlob;
+ int totSize;
+
+ if (a == NULL)
+ return (0);
+ for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) {
+ int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
+ if (tmplen > INT_MAX - ret)
+ return -1;
+ ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
+ }
+ r = ASN1_object_size(1, ret, ex_tag);
+ if (pp == NULL || r == -1)
+ return (r);
+
+ p = *pp;
+ ASN1_put_object(&p, 1, ret, ex_tag, ex_class);
+
+/* Modified by gp at nsj.co.jp */
+ /* And then again by Ben */
+ /* And again by Steve */
+
+ if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
+ for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
+ i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
+
+ *pp = p;
+ return (r);
+ }
+
+ pStart = p; /* Catch the beg of Setblobs */
+ /* In this array we will store the SET blobs */
+ rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB));
+ if (rgSetBlob == NULL) {
+ ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+
+ for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
+ rgSetBlob[i].pbData = p; /* catch each set encode blob */
+ i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
+ rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
+ * SetBlob */
+ }
+ *pp = p;
+ totSize = p - pStart; /* This is the total size of all set blobs */
+
+ /*
+ * Now we have to sort the blobs. I am using a simple algo. *Sort ptrs
+ * *Copy to temp-mem *Copy from temp-mem to user-mem
+ */
+ qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
+ if (!(pTempMem = OPENSSL_malloc(totSize))) {
+ ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+
+/* Copy to temp mem */
+ p = pTempMem;
+ for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
+ memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
+ p += rgSetBlob[i].cbData;
+ }
+
+/* Copy back to user mem*/
+ memcpy(pStart, pTempMem, totSize);
+ OPENSSL_free(pTempMem);
+ OPENSSL_free(rgSetBlob);
+
+ return (r);
+}
+
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+ const unsigned char **pp,
+ long length, d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK),
+ int ex_tag, int ex_class)
+{
+ ASN1_const_CTX c;
+ STACK_OF(OPENSSL_BLOCK) *ret = NULL;
+
+ if ((a == NULL) || ((*a) == NULL)) {
+ if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
+ ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ } else
+ ret = (*a);
+
+ c.p = *pp;
+ c.max = (length == 0) ? 0 : (c.p + length);
+
+ c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p);
+ if (c.inf & 0x80)
+ goto err;
+ if (ex_class != c.xclass) {
+ ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS);
+ goto err;
+ }
+ if (ex_tag != c.tag) {
+ ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG);
+ goto err;
+ }
+ if ((c.slen + c.p) > c.max) {
+ ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR);
+ goto err;
+ }
+ /*
+ * check for infinite constructed - it can be as long as the amount of
+ * data passed to us
+ */
+ if (c.inf == (V_ASN1_CONSTRUCTED + 1))
+ c.slen = length + *pp - c.p;
+ c.max = c.p + c.slen;
+
+ while (c.p < c.max) {
+ char *s;
+
+ if (M_ASN1_D2I_end_sequence())
+ break;
+ /*
+ * XXX: This was called with 4 arguments, incorrectly, it seems if
+ * ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
+ */
+ if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
+ ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_ERROR_PARSING_SET_ELEMENT);
+ asn1_add_error(*pp, (int)(c.p - *pp));
+ goto err;
+ }
+ if (!sk_OPENSSL_BLOCK_push(ret, s))
+ goto err;
+ }
+ if (a != NULL)
+ (*a) = ret;
+ *pp = c.p;
+ return (ret);
+ err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) {
+ if (free_func != NULL)
+ sk_OPENSSL_BLOCK_pop_free(ret, free_func);
+ else
+ sk_OPENSSL_BLOCK_free(ret);
+ }
+ return (NULL);
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/a_type.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,157 +0,0 @@
-/* crypto/asn1/a_type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-int ASN1_TYPE_get(ASN1_TYPE *a)
-{
- if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
- return (a->type);
- else
- return (0);
-}
-
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
-{
- if (a->value.ptr != NULL) {
- ASN1_TYPE **tmp_a = &a;
- ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
- }
- a->type = type;
- if (type == V_ASN1_BOOLEAN)
- a->value.boolean = value ? 0xff : 0;
- else
- a->value.ptr = value;
-}
-
-int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
-{
- if (!value || (type == V_ASN1_BOOLEAN)) {
- void *p = (void *)value;
- ASN1_TYPE_set(a, type, p);
- } else if (type == V_ASN1_OBJECT) {
- ASN1_OBJECT *odup;
- odup = OBJ_dup(value);
- if (!odup)
- return 0;
- ASN1_TYPE_set(a, type, odup);
- } else {
- ASN1_STRING *sdup;
- sdup = ASN1_STRING_dup(value);
- if (!sdup)
- return 0;
- ASN1_TYPE_set(a, type, sdup);
- }
- return 1;
-}
-
-IMPLEMENT_STACK_OF(ASN1_TYPE)
-
-IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
-{
- int result = -1;
-
- if (!a || !b || a->type != b->type)
- return -1;
-
- switch (a->type) {
- case V_ASN1_OBJECT:
- result = OBJ_cmp(a->value.object, b->value.object);
- break;
- case V_ASN1_BOOLEAN:
- result = a->value.boolean - b->value.boolean;
- break;
- case V_ASN1_NULL:
- result = 0; /* They do not have content. */
- break;
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- case V_ASN1_BIT_STRING:
- case V_ASN1_OCTET_STRING:
- case V_ASN1_SEQUENCE:
- case V_ASN1_SET:
- case V_ASN1_NUMERICSTRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_VIDEOTEXSTRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UTCTIME:
- case V_ASN1_GENERALIZEDTIME:
- case V_ASN1_GRAPHICSTRING:
- case V_ASN1_VISIBLESTRING:
- case V_ASN1_GENERALSTRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_BMPSTRING:
- case V_ASN1_UTF8STRING:
- case V_ASN1_OTHER:
- default:
- result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
- (ASN1_STRING *)b->value.ptr);
- break;
- }
-
- return result;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/a_type.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/a_type.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,155 @@
+/* crypto/asn1/a_type.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+int ASN1_TYPE_get(ASN1_TYPE *a)
+{
+ if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
+ return (a->type);
+ else
+ return (0);
+}
+
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
+{
+ if (a->value.ptr != NULL) {
+ ASN1_TYPE **tmp_a = &a;
+ ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
+ }
+ a->type = type;
+ if (type == V_ASN1_BOOLEAN)
+ a->value.boolean = value ? 0xff : 0;
+ else
+ a->value.ptr = value;
+}
+
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
+{
+ if (!value || (type == V_ASN1_BOOLEAN)) {
+ void *p = (void *)value;
+ ASN1_TYPE_set(a, type, p);
+ } else if (type == V_ASN1_OBJECT) {
+ ASN1_OBJECT *odup;
+ odup = OBJ_dup(value);
+ if (!odup)
+ return 0;
+ ASN1_TYPE_set(a, type, odup);
+ } else {
+ ASN1_STRING *sdup;
+ sdup = ASN1_STRING_dup(value);
+ if (!sdup)
+ return 0;
+ ASN1_TYPE_set(a, type, sdup);
+ }
+ return 1;
+}
+
+IMPLEMENT_STACK_OF(ASN1_TYPE)
+
+IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
+{
+ int result = -1;
+
+ if (!a || !b || a->type != b->type)
+ return -1;
+
+ switch (a->type) {
+ case V_ASN1_OBJECT:
+ result = OBJ_cmp(a->value.object, b->value.object);
+ break;
+ case V_ASN1_BOOLEAN:
+ result = a->value.boolean - b->value.boolean;
+ break;
+ case V_ASN1_NULL:
+ result = 0; /* They do not have content. */
+ break;
+ case V_ASN1_INTEGER:
+ case V_ASN1_ENUMERATED:
+ case V_ASN1_BIT_STRING:
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_SEQUENCE:
+ case V_ASN1_SET:
+ case V_ASN1_NUMERICSTRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_VIDEOTEXSTRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_GENERALIZEDTIME:
+ case V_ASN1_GRAPHICSTRING:
+ case V_ASN1_VISIBLESTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_BMPSTRING:
+ case V_ASN1_UTF8STRING:
+ case V_ASN1_OTHER:
+ default:
+ result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
+ (ASN1_STRING *)b->value.ptr);
+ break;
+ }
+
+ return result;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/asn1_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,483 +0,0 @@
-/* crypto/asn1/asn1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
- int max);
-static void asn1_put_length(unsigned char **pp, int length);
-const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT;
-
-static int _asn1_check_infinite_end(const unsigned char **p, long len)
-{
- /*
- * If there is 0 or 1 byte left, the length check should pick things up
- */
- if (len <= 0)
- return (1);
- else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
- (*p) += 2;
- return (1);
- }
- return (0);
-}
-
-int ASN1_check_infinite_end(unsigned char **p, long len)
-{
- return _asn1_check_infinite_end((const unsigned char **)p, len);
-}
-
-int ASN1_const_check_infinite_end(const unsigned char **p, long len)
-{
- return _asn1_check_infinite_end(p, len);
-}
-
-int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
- int *pclass, long omax)
-{
- int i, ret;
- long l;
- const unsigned char *p = *pp;
- int tag, xclass, inf;
- long max = omax;
-
- if (!max)
- goto err;
- ret = (*p & V_ASN1_CONSTRUCTED);
- xclass = (*p & V_ASN1_PRIVATE);
- i = *p & V_ASN1_PRIMITIVE_TAG;
- if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
- p++;
- if (--max == 0)
- goto err;
- l = 0;
- while (*p & 0x80) {
- l <<= 7L;
- l |= *(p++) & 0x7f;
- if (--max == 0)
- goto err;
- if (l > (INT_MAX >> 7L))
- goto err;
- }
- l <<= 7L;
- l |= *(p++) & 0x7f;
- tag = (int)l;
- if (--max == 0)
- goto err;
- } else {
- tag = i;
- p++;
- if (--max == 0)
- goto err;
- }
- *ptag = tag;
- *pclass = xclass;
- if (!asn1_get_length(&p, &inf, plength, (int)max))
- goto err;
-
- if (inf && !(ret & V_ASN1_CONSTRUCTED))
- goto err;
-
-#if 0
- fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
- (int)p, *plength, omax, (int)*pp, (int)(p + *plength),
- (int)(omax + *pp));
-
-#endif
- if (*plength > (omax - (p - *pp))) {
- ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
- /*
- * Set this so that even if things are not long enough the values are
- * set correctly
- */
- ret |= 0x80;
- }
- *pp = p;
- return (ret | inf);
- err:
- ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG);
- return (0x80);
-}
-
-static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
- int max)
-{
- const unsigned char *p = *pp;
- unsigned long ret = 0;
- unsigned int i;
-
- if (max-- < 1)
- return (0);
- if (*p == 0x80) {
- *inf = 1;
- ret = 0;
- p++;
- } else {
- *inf = 0;
- i = *p & 0x7f;
- if (*(p++) & 0x80) {
- if (i > sizeof(long))
- return 0;
- if (max-- == 0)
- return (0);
- while (i-- > 0) {
- ret <<= 8L;
- ret |= *(p++);
- if (max-- == 0)
- return (0);
- }
- } else
- ret = i;
- }
- if (ret > LONG_MAX)
- return 0;
- *pp = p;
- *rl = (long)ret;
- return (1);
-}
-
-/*
- * class 0 is constructed constructed == 2 for indefinite length constructed
- */
-void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
- int xclass)
-{
- unsigned char *p = *pp;
- int i, ttag;
-
- i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
- i |= (xclass & V_ASN1_PRIVATE);
- if (tag < 31)
- *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
- else {
- *(p++) = i | V_ASN1_PRIMITIVE_TAG;
- for (i = 0, ttag = tag; ttag > 0; i++)
- ttag >>= 7;
- ttag = i;
- while (i-- > 0) {
- p[i] = tag & 0x7f;
- if (i != (ttag - 1))
- p[i] |= 0x80;
- tag >>= 7;
- }
- p += ttag;
- }
- if (constructed == 2)
- *(p++) = 0x80;
- else
- asn1_put_length(&p, length);
- *pp = p;
-}
-
-int ASN1_put_eoc(unsigned char **pp)
-{
- unsigned char *p = *pp;
- *p++ = 0;
- *p++ = 0;
- *pp = p;
- return 2;
-}
-
-static void asn1_put_length(unsigned char **pp, int length)
-{
- unsigned char *p = *pp;
- int i, l;
- if (length <= 127)
- *(p++) = (unsigned char)length;
- else {
- l = length;
- for (i = 0; l > 0; i++)
- l >>= 8;
- *(p++) = i | 0x80;
- l = i;
- while (i-- > 0) {
- p[i] = length & 0xff;
- length >>= 8;
- }
- p += l;
- }
- *pp = p;
-}
-
-int ASN1_object_size(int constructed, int length, int tag)
-{
- int ret;
-
- ret = length;
- ret++;
- if (tag >= 31) {
- while (tag > 0) {
- tag >>= 7;
- ret++;
- }
- }
- if (constructed == 2)
- return ret + 3;
- ret++;
- if (length > 127) {
- while (length > 0) {
- length >>= 8;
- ret++;
- }
- }
- return (ret);
-}
-
-static int _asn1_Finish(ASN1_const_CTX *c)
-{
- if ((c->inf == (1 | V_ASN1_CONSTRUCTED)) && (!c->eos)) {
- if (!ASN1_const_check_infinite_end(&c->p, c->slen)) {
- c->error = ERR_R_MISSING_ASN1_EOS;
- return (0);
- }
- }
- if (((c->slen != 0) && !(c->inf & 1)) || ((c->slen < 0) && (c->inf & 1))) {
- c->error = ERR_R_ASN1_LENGTH_MISMATCH;
- return (0);
- }
- return (1);
-}
-
-int asn1_Finish(ASN1_CTX *c)
-{
- return _asn1_Finish((ASN1_const_CTX *)c);
-}
-
-int asn1_const_Finish(ASN1_const_CTX *c)
-{
- return _asn1_Finish(c);
-}
-
-int asn1_GetSequence(ASN1_const_CTX *c, long *length)
-{
- const unsigned char *q;
-
- q = c->p;
- c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass),
- *length);
- if (c->inf & 0x80) {
- c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL;
- return (0);
- }
- if (c->tag != V_ASN1_SEQUENCE) {
- c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
- return (0);
- }
- (*length) -= (c->p - q);
- if (c->max && (*length < 0)) {
- c->error = ERR_R_ASN1_LENGTH_MISMATCH;
- return (0);
- }
- if (c->inf == (1 | V_ASN1_CONSTRUCTED))
- c->slen = *length + *(c->pp) - c->p;
- c->eos = 0;
- return (1);
-}
-
-int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
-{
- if (str == NULL)
- return 0;
- dst->type = str->type;
- if (!ASN1_STRING_set(dst, str->data, str->length))
- return 0;
- dst->flags = str->flags;
- return 1;
-}
-
-ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
-{
- ASN1_STRING *ret;
- if (!str)
- return NULL;
- ret = ASN1_STRING_new();
- if (!ret)
- return NULL;
- if (!ASN1_STRING_copy(ret, str)) {
- ASN1_STRING_free(ret);
- return NULL;
- }
- return ret;
-}
-
-int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
-{
- unsigned char *c;
- const char *data = _data;
-
- if (len < 0) {
- if (data == NULL)
- return (0);
- else
- len = strlen(data);
- }
- if ((str->length < len) || (str->data == NULL)) {
- c = str->data;
- if (c == NULL)
- str->data = OPENSSL_malloc(len + 1);
- else
- str->data = OPENSSL_realloc(c, len + 1);
-
- if (str->data == NULL) {
- ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
- str->data = c;
- return (0);
- }
- }
- str->length = len;
- if (data != NULL) {
- memcpy(str->data, data, len);
- /* an allowance for strings :-) */
- str->data[len] = '\0';
- }
- return (1);
-}
-
-void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
-{
- if (str->data)
- OPENSSL_free(str->data);
- str->data = data;
- str->length = len;
-}
-
-ASN1_STRING *ASN1_STRING_new(void)
-{
- return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
-}
-
-ASN1_STRING *ASN1_STRING_type_new(int type)
-{
- ASN1_STRING *ret;
-
- ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
- if (ret == NULL) {
- ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- ret->length = 0;
- ret->type = type;
- ret->data = NULL;
- ret->flags = 0;
- return (ret);
-}
-
-void ASN1_STRING_free(ASN1_STRING *a)
-{
- if (a == NULL)
- return;
- if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
- OPENSSL_free(a->data);
- OPENSSL_free(a);
-}
-
-void ASN1_STRING_clear_free(ASN1_STRING *a)
-{
- if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
- OPENSSL_cleanse(a->data, a->length);
- ASN1_STRING_free(a);
-}
-
-int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
- int i;
-
- i = (a->length - b->length);
- if (i == 0) {
- i = memcmp(a->data, b->data, a->length);
- if (i == 0)
- return (a->type - b->type);
- else
- return (i);
- } else
- return (i);
-}
-
-void asn1_add_error(const unsigned char *address, int offset)
-{
- char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
-
- BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
- BIO_snprintf(buf2, sizeof buf2, "%d", offset);
- ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
-}
-
-int ASN1_STRING_length(const ASN1_STRING *x)
-{
- return M_ASN1_STRING_length(x);
-}
-
-void ASN1_STRING_length_set(ASN1_STRING *x, int len)
-{
- M_ASN1_STRING_length_set(x, len);
- return;
-}
-
-int ASN1_STRING_type(ASN1_STRING *x)
-{
- return M_ASN1_STRING_type(x);
-}
-
-unsigned char *ASN1_STRING_data(ASN1_STRING *x)
-{
- return M_ASN1_STRING_data(x);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/asn1_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,483 @@
+/* crypto/asn1/asn1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+
+static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
+ long max);
+static void asn1_put_length(unsigned char **pp, int length);
+const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT;
+
+static int _asn1_check_infinite_end(const unsigned char **p, long len)
+{
+ /*
+ * If there is 0 or 1 byte left, the length check should pick things up
+ */
+ if (len <= 0)
+ return (1);
+ else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
+ (*p) += 2;
+ return (1);
+ }
+ return (0);
+}
+
+int ASN1_check_infinite_end(unsigned char **p, long len)
+{
+ return _asn1_check_infinite_end((const unsigned char **)p, len);
+}
+
+int ASN1_const_check_infinite_end(const unsigned char **p, long len)
+{
+ return _asn1_check_infinite_end(p, len);
+}
+
+int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
+ int *pclass, long omax)
+{
+ int i, ret;
+ long l;
+ const unsigned char *p = *pp;
+ int tag, xclass, inf;
+ long max = omax;
+
+ if (!max)
+ goto err;
+ ret = (*p & V_ASN1_CONSTRUCTED);
+ xclass = (*p & V_ASN1_PRIVATE);
+ i = *p & V_ASN1_PRIMITIVE_TAG;
+ if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
+ p++;
+ if (--max == 0)
+ goto err;
+ l = 0;
+ while (*p & 0x80) {
+ l <<= 7L;
+ l |= *(p++) & 0x7f;
+ if (--max == 0)
+ goto err;
+ if (l > (INT_MAX >> 7L))
+ goto err;
+ }
+ l <<= 7L;
+ l |= *(p++) & 0x7f;
+ tag = (int)l;
+ if (--max == 0)
+ goto err;
+ } else {
+ tag = i;
+ p++;
+ if (--max == 0)
+ goto err;
+ }
+ *ptag = tag;
+ *pclass = xclass;
+ if (!asn1_get_length(&p, &inf, plength, max))
+ goto err;
+
+ if (inf && !(ret & V_ASN1_CONSTRUCTED))
+ goto err;
+
+#if 0
+ fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
+ (int)p, *plength, omax, (int)*pp, (int)(p + *plength),
+ (int)(omax + *pp));
+
+#endif
+ if (*plength > (omax - (p - *pp))) {
+ ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
+ /*
+ * Set this so that even if things are not long enough the values are
+ * set correctly
+ */
+ ret |= 0x80;
+ }
+ *pp = p;
+ return (ret | inf);
+ err:
+ ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG);
+ return (0x80);
+}
+
+static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
+ long max)
+{
+ const unsigned char *p = *pp;
+ unsigned long ret = 0;
+ unsigned long i;
+
+ if (max-- < 1)
+ return 0;
+ if (*p == 0x80) {
+ *inf = 1;
+ ret = 0;
+ p++;
+ } else {
+ *inf = 0;
+ i = *p & 0x7f;
+ if (*(p++) & 0x80) {
+ if (i > sizeof(ret) || max < (long)i)
+ return 0;
+ while (i-- > 0) {
+ ret <<= 8L;
+ ret |= *(p++);
+ }
+ } else
+ ret = i;
+ }
+ if (ret > LONG_MAX)
+ return 0;
+ *pp = p;
+ *rl = (long)ret;
+ return 1;
+}
+
+/*
+ * class 0 is constructed constructed == 2 for indefinite length constructed
+ */
+void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
+ int xclass)
+{
+ unsigned char *p = *pp;
+ int i, ttag;
+
+ i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
+ i |= (xclass & V_ASN1_PRIVATE);
+ if (tag < 31)
+ *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
+ else {
+ *(p++) = i | V_ASN1_PRIMITIVE_TAG;
+ for (i = 0, ttag = tag; ttag > 0; i++)
+ ttag >>= 7;
+ ttag = i;
+ while (i-- > 0) {
+ p[i] = tag & 0x7f;
+ if (i != (ttag - 1))
+ p[i] |= 0x80;
+ tag >>= 7;
+ }
+ p += ttag;
+ }
+ if (constructed == 2)
+ *(p++) = 0x80;
+ else
+ asn1_put_length(&p, length);
+ *pp = p;
+}
+
+int ASN1_put_eoc(unsigned char **pp)
+{
+ unsigned char *p = *pp;
+ *p++ = 0;
+ *p++ = 0;
+ *pp = p;
+ return 2;
+}
+
+static void asn1_put_length(unsigned char **pp, int length)
+{
+ unsigned char *p = *pp;
+ int i, l;
+ if (length <= 127)
+ *(p++) = (unsigned char)length;
+ else {
+ l = length;
+ for (i = 0; l > 0; i++)
+ l >>= 8;
+ *(p++) = i | 0x80;
+ l = i;
+ while (i-- > 0) {
+ p[i] = length & 0xff;
+ length >>= 8;
+ }
+ p += l;
+ }
+ *pp = p;
+}
+
+int ASN1_object_size(int constructed, int length, int tag)
+{
+ int ret = 1;
+ if (length < 0)
+ return -1;
+ if (tag >= 31) {
+ while (tag > 0) {
+ tag >>= 7;
+ ret++;
+ }
+ }
+ if (constructed == 2) {
+ ret += 3;
+ } else {
+ ret++;
+ if (length > 127) {
+ int tmplen = length;
+ while (tmplen > 0) {
+ tmplen >>= 8;
+ ret++;
+ }
+ }
+ }
+ if (ret >= INT_MAX - length)
+ return -1;
+ return ret + length;
+}
+
+static int _asn1_Finish(ASN1_const_CTX *c)
+{
+ if ((c->inf == (1 | V_ASN1_CONSTRUCTED)) && (!c->eos)) {
+ if (!ASN1_const_check_infinite_end(&c->p, c->slen)) {
+ c->error = ERR_R_MISSING_ASN1_EOS;
+ return (0);
+ }
+ }
+ if (((c->slen != 0) && !(c->inf & 1)) || ((c->slen < 0) && (c->inf & 1))) {
+ c->error = ERR_R_ASN1_LENGTH_MISMATCH;
+ return (0);
+ }
+ return (1);
+}
+
+int asn1_Finish(ASN1_CTX *c)
+{
+ return _asn1_Finish((ASN1_const_CTX *)c);
+}
+
+int asn1_const_Finish(ASN1_const_CTX *c)
+{
+ return _asn1_Finish(c);
+}
+
+int asn1_GetSequence(ASN1_const_CTX *c, long *length)
+{
+ const unsigned char *q;
+
+ q = c->p;
+ c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass),
+ *length);
+ if (c->inf & 0x80) {
+ c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL;
+ return (0);
+ }
+ if (c->tag != V_ASN1_SEQUENCE) {
+ c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
+ return (0);
+ }
+ (*length) -= (c->p - q);
+ if (c->max && (*length < 0)) {
+ c->error = ERR_R_ASN1_LENGTH_MISMATCH;
+ return (0);
+ }
+ if (c->inf == (1 | V_ASN1_CONSTRUCTED))
+ c->slen = *length;
+ c->eos = 0;
+ return (1);
+}
+
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
+{
+ if (str == NULL)
+ return 0;
+ dst->type = str->type;
+ if (!ASN1_STRING_set(dst, str->data, str->length))
+ return 0;
+ dst->flags = str->flags;
+ return 1;
+}
+
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
+{
+ ASN1_STRING *ret;
+ if (!str)
+ return NULL;
+ ret = ASN1_STRING_new();
+ if (!ret)
+ return NULL;
+ if (!ASN1_STRING_copy(ret, str)) {
+ ASN1_STRING_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
+{
+ unsigned char *c;
+ const char *data = _data;
+
+ if (len < 0) {
+ if (data == NULL)
+ return (0);
+ else
+ len = strlen(data);
+ }
+ if ((str->length <= len) || (str->data == NULL)) {
+ c = str->data;
+ if (c == NULL)
+ str->data = OPENSSL_malloc(len + 1);
+ else
+ str->data = OPENSSL_realloc(c, len + 1);
+
+ if (str->data == NULL) {
+ ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
+ str->data = c;
+ return (0);
+ }
+ }
+ str->length = len;
+ if (data != NULL) {
+ memcpy(str->data, data, len);
+ /* an allowance for strings :-) */
+ str->data[len] = '\0';
+ }
+ return (1);
+}
+
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
+{
+ if (str->data)
+ OPENSSL_free(str->data);
+ str->data = data;
+ str->length = len;
+}
+
+ASN1_STRING *ASN1_STRING_new(void)
+{
+ return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
+}
+
+ASN1_STRING *ASN1_STRING_type_new(int type)
+{
+ ASN1_STRING *ret;
+
+ ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
+ if (ret == NULL) {
+ ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ ret->length = 0;
+ ret->type = type;
+ ret->data = NULL;
+ ret->flags = 0;
+ return (ret);
+}
+
+void ASN1_STRING_free(ASN1_STRING *a)
+{
+ if (a == NULL)
+ return;
+ if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+ OPENSSL_free(a->data);
+ OPENSSL_free(a);
+}
+
+void ASN1_STRING_clear_free(ASN1_STRING *a)
+{
+ if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+ OPENSSL_cleanse(a->data, a->length);
+ ASN1_STRING_free(a);
+}
+
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
+{
+ int i;
+
+ i = (a->length - b->length);
+ if (i == 0) {
+ i = memcmp(a->data, b->data, a->length);
+ if (i == 0)
+ return (a->type - b->type);
+ else
+ return (i);
+ } else
+ return (i);
+}
+
+void asn1_add_error(const unsigned char *address, int offset)
+{
+ char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
+
+ BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
+ BIO_snprintf(buf2, sizeof buf2, "%d", offset);
+ ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
+}
+
+int ASN1_STRING_length(const ASN1_STRING *x)
+{
+ return M_ASN1_STRING_length(x);
+}
+
+void ASN1_STRING_length_set(ASN1_STRING *x, int len)
+{
+ M_ASN1_STRING_length_set(x, len);
+ return;
+}
+
+int ASN1_STRING_type(ASN1_STRING *x)
+{
+ return M_ASN1_STRING_type(x);
+}
+
+unsigned char *ASN1_STRING_data(ASN1_STRING *x)
+{
+ return M_ASN1_STRING_data(x);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/asn1_par.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,415 +0,0 @@
-/* crypto/asn1/asn1_par.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-
-#ifndef ASN1_PARSE_MAXDEPTH
-#define ASN1_PARSE_MAXDEPTH 128
-#endif
-
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
- int indent);
-static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
- int offset, int depth, int indent, int dump);
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
- int indent)
-{
- static const char fmt[] = "%-18s";
- char str[128];
- const char *p;
-
- if (constructed & V_ASN1_CONSTRUCTED)
- p = "cons: ";
- else
- p = "prim: ";
- if (BIO_write(bp, p, 6) < 6)
- goto err;
- BIO_indent(bp, indent, 128);
-
- p = str;
- if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
- BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
- else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
- BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
- else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
- BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
- else if (tag > 30)
- BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
- else
- p = ASN1_tag2str(tag);
-
- if (BIO_printf(bp, fmt, p) <= 0)
- goto err;
- return (1);
- err:
- return (0);
-}
-
-int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
-{
- return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0));
-}
-
-int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
- int dump)
-{
- return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump));
-}
-
-static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
- int offset, int depth, int indent, int dump)
-{
- const unsigned char *p, *ep, *tot, *op, *opp;
- long len;
- int tag, xclass, ret = 0;
- int nl, hl, j, r;
- ASN1_OBJECT *o = NULL;
- ASN1_OCTET_STRING *os = NULL;
- /* ASN1_BMPSTRING *bmp=NULL; */
- int dump_indent;
-
-#if 0
- dump_indent = indent;
-#else
- dump_indent = 6; /* Because we know BIO_dump_indent() */
-#endif
-
- if (depth > ASN1_PARSE_MAXDEPTH) {
- BIO_puts(bp, "BAD RECURSION DEPTH\n");
- return 0;
- }
-
- p = *pp;
- tot = p + length;
- op = p - 1;
- while ((p < tot) && (op < p)) {
- op = p;
- j = ASN1_get_object(&p, &len, &tag, &xclass, length);
-#ifdef LINT
- j = j;
-#endif
- if (j & 0x80) {
- if (BIO_write(bp, "Error in encoding\n", 18) <= 0)
- goto end;
- ret = 0;
- goto end;
- }
- hl = (p - op);
- length -= hl;
- /*
- * if j == 0x21 it is a constructed indefinite length object
- */
- if (BIO_printf(bp, "%5ld:", (long)offset + (long)(op - *pp))
- <= 0)
- goto end;
-
- if (j != (V_ASN1_CONSTRUCTED | 1)) {
- if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ",
- depth, (long)hl, len) <= 0)
- goto end;
- } else {
- if (BIO_printf(bp, "d=%-2d hl=%ld l=inf ", depth, (long)hl) <= 0)
- goto end;
- }
- if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
- goto end;
- if (j & V_ASN1_CONSTRUCTED) {
- ep = p + len;
- if (BIO_write(bp, "\n", 1) <= 0)
- goto end;
- if (len > length) {
- BIO_printf(bp, "length is greater than %ld\n", length);
- ret = 0;
- goto end;
- }
- if ((j == 0x21) && (len == 0)) {
- for (;;) {
- r = asn1_parse2(bp, &p, (long)(tot - p),
- offset + (p - *pp), depth + 1,
- indent, dump);
- if (r == 0) {
- ret = 0;
- goto end;
- }
- if ((r == 2) || (p >= tot))
- break;
- }
- } else
- while (p < ep) {
- r = asn1_parse2(bp, &p, (long)len,
- offset + (p - *pp), depth + 1,
- indent, dump);
- if (r == 0) {
- ret = 0;
- goto end;
- }
- }
- } else if (xclass != 0) {
- p += len;
- if (BIO_write(bp, "\n", 1) <= 0)
- goto end;
- } else {
- nl = 0;
- if ((tag == V_ASN1_PRINTABLESTRING) ||
- (tag == V_ASN1_T61STRING) ||
- (tag == V_ASN1_IA5STRING) ||
- (tag == V_ASN1_VISIBLESTRING) ||
- (tag == V_ASN1_NUMERICSTRING) ||
- (tag == V_ASN1_UTF8STRING) ||
- (tag == V_ASN1_UTCTIME) || (tag == V_ASN1_GENERALIZEDTIME)) {
- if (BIO_write(bp, ":", 1) <= 0)
- goto end;
- if ((len > 0) && BIO_write(bp, (const char *)p, (int)len)
- != (int)len)
- goto end;
- } else if (tag == V_ASN1_OBJECT) {
- opp = op;
- if (d2i_ASN1_OBJECT(&o, &opp, len + hl) != NULL) {
- if (BIO_write(bp, ":", 1) <= 0)
- goto end;
- i2a_ASN1_OBJECT(bp, o);
- } else {
- if (BIO_write(bp, ":BAD OBJECT", 11) <= 0)
- goto end;
- }
- } else if (tag == V_ASN1_BOOLEAN) {
- int ii;
-
- opp = op;
- ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl);
- if (ii < 0) {
- if (BIO_write(bp, "Bad boolean\n", 12) <= 0)
- goto end;
- }
- BIO_printf(bp, ":%d", ii);
- } else if (tag == V_ASN1_BMPSTRING) {
- /* do the BMP thang */
- } else if (tag == V_ASN1_OCTET_STRING) {
- int i, printable = 1;
-
- opp = op;
- os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl);
- if (os != NULL && os->length > 0) {
- opp = os->data;
- /*
- * testing whether the octet string is printable
- */
- for (i = 0; i < os->length; i++) {
- if (((opp[i] < ' ') &&
- (opp[i] != '\n') &&
- (opp[i] != '\r') &&
- (opp[i] != '\t')) || (opp[i] > '~')) {
- printable = 0;
- break;
- }
- }
- if (printable)
- /* printable string */
- {
- if (BIO_write(bp, ":", 1) <= 0)
- goto end;
- if (BIO_write(bp, (const char *)opp, os->length) <= 0)
- goto end;
- } else if (!dump)
- /*
- * not printable => print octet string as hex dump
- */
- {
- if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0)
- goto end;
- for (i = 0; i < os->length; i++) {
- if (BIO_printf(bp, "%02X", opp[i]) <= 0)
- goto end;
- }
- } else
- /* print the normal dump */
- {
- if (!nl) {
- if (BIO_write(bp, "\n", 1) <= 0)
- goto end;
- }
- if (BIO_dump_indent(bp,
- (const char *)opp,
- ((dump == -1 || dump >
- os->
- length) ? os->length : dump),
- dump_indent) <= 0)
- goto end;
- nl = 1;
- }
- }
- if (os != NULL) {
- M_ASN1_OCTET_STRING_free(os);
- os = NULL;
- }
- } else if (tag == V_ASN1_INTEGER) {
- ASN1_INTEGER *bs;
- int i;
-
- opp = op;
- bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
- if (bs != NULL) {
- if (BIO_write(bp, ":", 1) <= 0)
- goto end;
- if (bs->type == V_ASN1_NEG_INTEGER)
- if (BIO_write(bp, "-", 1) <= 0)
- goto end;
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
- goto end;
- }
- if (bs->length == 0) {
- if (BIO_write(bp, "00", 2) <= 0)
- goto end;
- }
- } else {
- if (BIO_write(bp, "BAD INTEGER", 11) <= 0)
- goto end;
- }
- M_ASN1_INTEGER_free(bs);
- } else if (tag == V_ASN1_ENUMERATED) {
- ASN1_ENUMERATED *bs;
- int i;
-
- opp = op;
- bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
- if (bs != NULL) {
- if (BIO_write(bp, ":", 1) <= 0)
- goto end;
- if (bs->type == V_ASN1_NEG_ENUMERATED)
- if (BIO_write(bp, "-", 1) <= 0)
- goto end;
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
- goto end;
- }
- if (bs->length == 0) {
- if (BIO_write(bp, "00", 2) <= 0)
- goto end;
- }
- } else {
- if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
- goto end;
- }
- M_ASN1_ENUMERATED_free(bs);
- } else if (len > 0 && dump) {
- if (!nl) {
- if (BIO_write(bp, "\n", 1) <= 0)
- goto end;
- }
- if (BIO_dump_indent(bp, (const char *)p,
- ((dump == -1 || dump > len) ? len : dump),
- dump_indent) <= 0)
- goto end;
- nl = 1;
- }
-
- if (!nl) {
- if (BIO_write(bp, "\n", 1) <= 0)
- goto end;
- }
- p += len;
- if ((tag == V_ASN1_EOC) && (xclass == 0)) {
- ret = 2; /* End of sequence */
- goto end;
- }
- }
- length -= len;
- }
- ret = 1;
- end:
- if (o != NULL)
- ASN1_OBJECT_free(o);
- if (os != NULL)
- M_ASN1_OCTET_STRING_free(os);
- *pp = p;
- return (ret);
-}
-
-const char *ASN1_tag2str(int tag)
-{
- static const char *const tag2str[] = {
- /* 0-4 */
- "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING",
- /* 5-9 */
- "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL",
- /* 10-13 */
- "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>",
- /* 15-17 */
- "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET",
- /* 18-20 */
- "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
- /* 21-24 */
- "VIDEOTEXSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
- /* 25-27 */
- "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING",
- /* 28-30 */
- "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING"
- };
-
- if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
- tag &= ~0x100;
-
- if (tag < 0 || tag > 30)
- return "(unknown)";
- return tag2str[tag];
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/asn1_par.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/asn1_par.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,424 @@
+/* crypto/asn1/asn1_par.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/asn1.h>
+
+#ifndef ASN1_PARSE_MAXDEPTH
+#define ASN1_PARSE_MAXDEPTH 128
+#endif
+
+static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
+ int indent);
+static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
+ int offset, int depth, int indent, int dump);
+static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
+ int indent)
+{
+ static const char fmt[] = "%-18s";
+ char str[128];
+ const char *p;
+
+ if (constructed & V_ASN1_CONSTRUCTED)
+ p = "cons: ";
+ else
+ p = "prim: ";
+ if (BIO_write(bp, p, 6) < 6)
+ goto err;
+ BIO_indent(bp, indent, 128);
+
+ p = str;
+ if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
+ BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
+ else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
+ BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
+ else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
+ BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
+ else if (tag > 30)
+ BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
+ else
+ p = ASN1_tag2str(tag);
+
+ if (BIO_printf(bp, fmt, p) <= 0)
+ goto err;
+ return (1);
+ err:
+ return (0);
+}
+
+int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
+{
+ return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0));
+}
+
+int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
+ int dump)
+{
+ return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump));
+}
+
+static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
+ int offset, int depth, int indent, int dump)
+{
+ const unsigned char *p, *ep, *tot, *op, *opp;
+ long len;
+ int tag, xclass, ret = 0;
+ int nl, hl, j, r;
+ ASN1_OBJECT *o = NULL;
+ ASN1_OCTET_STRING *os = NULL;
+ /* ASN1_BMPSTRING *bmp=NULL; */
+ int dump_indent;
+
+#if 0
+ dump_indent = indent;
+#else
+ dump_indent = 6; /* Because we know BIO_dump_indent() */
+#endif
+
+ if (depth > ASN1_PARSE_MAXDEPTH) {
+ BIO_puts(bp, "BAD RECURSION DEPTH\n");
+ return 0;
+ }
+
+ p = *pp;
+ tot = p + length;
+ op = p - 1;
+ while ((p < tot) && (op < p)) {
+ op = p;
+ j = ASN1_get_object(&p, &len, &tag, &xclass, length);
+#ifdef LINT
+ j = j;
+#endif
+ if (j & 0x80) {
+ if (BIO_write(bp, "Error in encoding\n", 18) <= 0)
+ goto end;
+ ret = 0;
+ goto end;
+ }
+ hl = (p - op);
+ length -= hl;
+ /*
+ * if j == 0x21 it is a constructed indefinite length object
+ */
+ if (BIO_printf(bp, "%5ld:", (long)offset + (long)(op - *pp))
+ <= 0)
+ goto end;
+
+ if (j != (V_ASN1_CONSTRUCTED | 1)) {
+ if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ",
+ depth, (long)hl, len) <= 0)
+ goto end;
+ } else {
+ if (BIO_printf(bp, "d=%-2d hl=%ld l=inf ", depth, (long)hl) <= 0)
+ goto end;
+ }
+ if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
+ goto end;
+ if (j & V_ASN1_CONSTRUCTED) {
+ const unsigned char *sp;
+
+ ep = p + len;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto end;
+ if (len > length) {
+ BIO_printf(bp, "length is greater than %ld\n", length);
+ ret = 0;
+ goto end;
+ }
+ if ((j == 0x21) && (len == 0)) {
+ sp = p;
+ for (;;) {
+ r = asn1_parse2(bp, &p, (long)(tot - p),
+ offset + (p - *pp), depth + 1,
+ indent, dump);
+ if (r == 0) {
+ ret = 0;
+ goto end;
+ }
+ if ((r == 2) || (p >= tot)) {
+ len = p - sp;
+ break;
+ }
+ }
+ } else {
+ long tmp = len;
+
+ while (p < ep) {
+ sp = p;
+ r = asn1_parse2(bp, &p, tmp, offset + (p - *pp), depth + 1,
+ indent, dump);
+ if (r == 0) {
+ ret = 0;
+ goto end;
+ }
+ tmp -= p - sp;
+ }
+ }
+ } else if (xclass != 0) {
+ p += len;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto end;
+ } else {
+ nl = 0;
+ if ((tag == V_ASN1_PRINTABLESTRING) ||
+ (tag == V_ASN1_T61STRING) ||
+ (tag == V_ASN1_IA5STRING) ||
+ (tag == V_ASN1_VISIBLESTRING) ||
+ (tag == V_ASN1_NUMERICSTRING) ||
+ (tag == V_ASN1_UTF8STRING) ||
+ (tag == V_ASN1_UTCTIME) || (tag == V_ASN1_GENERALIZEDTIME)) {
+ if (BIO_write(bp, ":", 1) <= 0)
+ goto end;
+ if ((len > 0) && BIO_write(bp, (const char *)p, (int)len)
+ != (int)len)
+ goto end;
+ } else if (tag == V_ASN1_OBJECT) {
+ opp = op;
+ if (d2i_ASN1_OBJECT(&o, &opp, len + hl) != NULL) {
+ if (BIO_write(bp, ":", 1) <= 0)
+ goto end;
+ i2a_ASN1_OBJECT(bp, o);
+ } else {
+ if (BIO_write(bp, ":BAD OBJECT", 11) <= 0)
+ goto end;
+ }
+ } else if (tag == V_ASN1_BOOLEAN) {
+ int ii;
+
+ opp = op;
+ ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl);
+ if (ii < 0) {
+ if (BIO_write(bp, "Bad boolean\n", 12) <= 0)
+ goto end;
+ }
+ BIO_printf(bp, ":%d", ii);
+ } else if (tag == V_ASN1_BMPSTRING) {
+ /* do the BMP thang */
+ } else if (tag == V_ASN1_OCTET_STRING) {
+ int i, printable = 1;
+
+ opp = op;
+ os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl);
+ if (os != NULL && os->length > 0) {
+ opp = os->data;
+ /*
+ * testing whether the octet string is printable
+ */
+ for (i = 0; i < os->length; i++) {
+ if (((opp[i] < ' ') &&
+ (opp[i] != '\n') &&
+ (opp[i] != '\r') &&
+ (opp[i] != '\t')) || (opp[i] > '~')) {
+ printable = 0;
+ break;
+ }
+ }
+ if (printable)
+ /* printable string */
+ {
+ if (BIO_write(bp, ":", 1) <= 0)
+ goto end;
+ if (BIO_write(bp, (const char *)opp, os->length) <= 0)
+ goto end;
+ } else if (!dump)
+ /*
+ * not printable => print octet string as hex dump
+ */
+ {
+ if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0)
+ goto end;
+ for (i = 0; i < os->length; i++) {
+ if (BIO_printf(bp, "%02X", opp[i]) <= 0)
+ goto end;
+ }
+ } else
+ /* print the normal dump */
+ {
+ if (!nl) {
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto end;
+ }
+ if (BIO_dump_indent(bp,
+ (const char *)opp,
+ ((dump == -1 || dump >
+ os->
+ length) ? os->length : dump),
+ dump_indent) <= 0)
+ goto end;
+ nl = 1;
+ }
+ }
+ if (os != NULL) {
+ M_ASN1_OCTET_STRING_free(os);
+ os = NULL;
+ }
+ } else if (tag == V_ASN1_INTEGER) {
+ ASN1_INTEGER *bs;
+ int i;
+
+ opp = op;
+ bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
+ if (bs != NULL) {
+ if (BIO_write(bp, ":", 1) <= 0)
+ goto end;
+ if (bs->type == V_ASN1_NEG_INTEGER)
+ if (BIO_write(bp, "-", 1) <= 0)
+ goto end;
+ for (i = 0; i < bs->length; i++) {
+ if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+ goto end;
+ }
+ if (bs->length == 0) {
+ if (BIO_write(bp, "00", 2) <= 0)
+ goto end;
+ }
+ } else {
+ if (BIO_write(bp, "BAD INTEGER", 11) <= 0)
+ goto end;
+ }
+ M_ASN1_INTEGER_free(bs);
+ } else if (tag == V_ASN1_ENUMERATED) {
+ ASN1_ENUMERATED *bs;
+ int i;
+
+ opp = op;
+ bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
+ if (bs != NULL) {
+ if (BIO_write(bp, ":", 1) <= 0)
+ goto end;
+ if (bs->type == V_ASN1_NEG_ENUMERATED)
+ if (BIO_write(bp, "-", 1) <= 0)
+ goto end;
+ for (i = 0; i < bs->length; i++) {
+ if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+ goto end;
+ }
+ if (bs->length == 0) {
+ if (BIO_write(bp, "00", 2) <= 0)
+ goto end;
+ }
+ } else {
+ if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
+ goto end;
+ }
+ M_ASN1_ENUMERATED_free(bs);
+ } else if (len > 0 && dump) {
+ if (!nl) {
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto end;
+ }
+ if (BIO_dump_indent(bp, (const char *)p,
+ ((dump == -1 || dump > len) ? len : dump),
+ dump_indent) <= 0)
+ goto end;
+ nl = 1;
+ }
+
+ if (!nl) {
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto end;
+ }
+ p += len;
+ if ((tag == V_ASN1_EOC) && (xclass == 0)) {
+ ret = 2; /* End of sequence */
+ goto end;
+ }
+ }
+ length -= len;
+ }
+ ret = 1;
+ end:
+ if (o != NULL)
+ ASN1_OBJECT_free(o);
+ if (os != NULL)
+ M_ASN1_OCTET_STRING_free(os);
+ *pp = p;
+ return (ret);
+}
+
+const char *ASN1_tag2str(int tag)
+{
+ static const char *const tag2str[] = {
+ /* 0-4 */
+ "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING",
+ /* 5-9 */
+ "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL",
+ /* 10-13 */
+ "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>",
+ /* 15-17 */
+ "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET",
+ /* 18-20 */
+ "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
+ /* 21-24 */
+ "VIDEOTEXSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
+ /* 25-27 */
+ "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING",
+ /* 28-30 */
+ "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING"
+ };
+
+ if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
+ tag &= ~0x100;
+
+ if (tag < 0 || tag > 30)
+ return "(unknown)";
+ return tag2str[tag];
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/asn_mime.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,974 +0,0 @@
-/* asn_mime.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include "asn1_locl.h"
-
-/*
- * Generalised MIME like utilities for streaming ASN1. Although many have a
- * PKCS7/CMS like flavour others are more general purpose.
- */
-
-/*
- * MIME format structures Note that all are translated to lower case apart
- * from parameter values. Quotes are stripped off
- */
-
-typedef struct {
- char *param_name; /* Param name e.g. "micalg" */
- char *param_value; /* Param value e.g. "sha1" */
-} MIME_PARAM;
-
-DECLARE_STACK_OF(MIME_PARAM)
-IMPLEMENT_STACK_OF(MIME_PARAM)
-
-typedef struct {
- char *name; /* Name of line e.g. "content-type" */
- char *value; /* Value of line e.g. "text/plain" */
- STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
-} MIME_HEADER;
-
-DECLARE_STACK_OF(MIME_HEADER)
-IMPLEMENT_STACK_OF(MIME_HEADER)
-
-static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
- const ASN1_ITEM *it);
-static char *strip_ends(char *name);
-static char *strip_start(char *name);
-static char *strip_end(char *name);
-static MIME_HEADER *mime_hdr_new(char *name, char *value);
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
-static int mime_hdr_cmp(const MIME_HEADER *const *a,
- const MIME_HEADER *const *b);
-static int mime_param_cmp(const MIME_PARAM *const *a,
- const MIME_PARAM *const *b);
-static void mime_param_free(MIME_PARAM *param);
-static int mime_bound_check(char *line, int linelen, char *bound, int blen);
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
-static int strip_eol(char *linebuf, int *plen);
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
-static void mime_hdr_free(MIME_HEADER *hdr);
-
-#define MAX_SMLEN 1024
-#define mime_debug(x) /* x */
-
-/* Output an ASN1 structure in BER format streaming if necessary */
-
-int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
- const ASN1_ITEM *it)
-{
- /* If streaming create stream BIO and copy all content through it */
- if (flags & SMIME_STREAM) {
- BIO *bio, *tbio;
- bio = BIO_new_NDEF(out, val, it);
- if (!bio) {
- ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- SMIME_crlf_copy(in, bio, flags);
- (void)BIO_flush(bio);
- /* Free up successive BIOs until we hit the old output BIO */
- do {
- tbio = BIO_pop(bio);
- BIO_free(bio);
- bio = tbio;
- } while (bio != out);
- }
- /*
- * else just write out ASN1 structure which will have all content stored
- * internally
- */
- else
- ASN1_item_i2d_bio(it, out, val);
- return 1;
-}
-
-/* Base 64 read and write of ASN1 structure */
-
-static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
- const ASN1_ITEM *it)
-{
- BIO *b64;
- int r;
- b64 = BIO_new(BIO_f_base64());
- if (!b64) {
- ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- /*
- * prepend the b64 BIO so all data is base64 encoded.
- */
- out = BIO_push(b64, out);
- r = i2d_ASN1_bio_stream(out, val, in, flags, it);
- (void)BIO_flush(out);
- BIO_pop(out);
- BIO_free(b64);
- return r;
-}
-
-/* Streaming ASN1 PEM write */
-
-int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
- const char *hdr, const ASN1_ITEM *it)
-{
- int r;
- BIO_printf(out, "-----BEGIN %s-----\n", hdr);
- r = B64_write_ASN1(out, val, in, flags, it);
- BIO_printf(out, "-----END %s-----\n", hdr);
- return r;
-}
-
-static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
-{
- BIO *b64;
- ASN1_VALUE *val;
- if (!(b64 = BIO_new(BIO_f_base64()))) {
- ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- bio = BIO_push(b64, bio);
- val = ASN1_item_d2i_bio(it, bio, NULL);
- if (!val)
- ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
- (void)BIO_flush(bio);
- bio = BIO_pop(bio);
- BIO_free(b64);
- return val;
-}
-
-/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
-
-static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
-{
- const EVP_MD *md;
- int i, have_unknown = 0, write_comma, ret = 0, md_nid;
- have_unknown = 0;
- write_comma = 0;
- for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
- if (write_comma)
- BIO_write(out, ",", 1);
- write_comma = 1;
- md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
- md = EVP_get_digestbynid(md_nid);
- if (md && md->md_ctrl) {
- int rv;
- char *micstr;
- rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
- if (rv > 0) {
- BIO_puts(out, micstr);
- OPENSSL_free(micstr);
- continue;
- }
- if (rv != -2)
- goto err;
- }
- switch (md_nid) {
- case NID_sha1:
- BIO_puts(out, "sha1");
- break;
-
- case NID_md5:
- BIO_puts(out, "md5");
- break;
-
- case NID_sha256:
- BIO_puts(out, "sha-256");
- break;
-
- case NID_sha384:
- BIO_puts(out, "sha-384");
- break;
-
- case NID_sha512:
- BIO_puts(out, "sha-512");
- break;
-
- case NID_id_GostR3411_94:
- BIO_puts(out, "gostr3411-94");
- goto err;
- break;
-
- default:
- if (have_unknown)
- write_comma = 0;
- else {
- BIO_puts(out, "unknown");
- have_unknown = 1;
- }
- break;
-
- }
- }
-
- ret = 1;
- err:
-
- return ret;
-
-}
-
-/* SMIME sender */
-
-int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
-{
- char bound[33], c;
- int i;
- const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
- const char *msg_type = NULL;
- if (flags & SMIME_OLDMIME)
- mime_prefix = "application/x-pkcs7-";
- else
- mime_prefix = "application/pkcs7-";
-
- if (flags & SMIME_CRLFEOL)
- mime_eol = "\r\n";
- else
- mime_eol = "\n";
- if ((flags & SMIME_DETACHED) && data) {
- /* We want multipart/signed */
- /* Generate a random boundary */
- if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0)
- return 0;
- for (i = 0; i < 32; i++) {
- c = bound[i] & 0xf;
- if (c < 10)
- c += '0';
- else
- c += 'A' - 10;
- bound[i] = c;
- }
- bound[32] = 0;
- BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
- BIO_printf(bio, "Content-Type: multipart/signed;");
- BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
- BIO_puts(bio, " micalg=\"");
- asn1_write_micalg(bio, mdalgs);
- BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
- bound, mime_eol, mime_eol);
- BIO_printf(bio, "This is an S/MIME signed message%s%s",
- mime_eol, mime_eol);
- /* Now write out the first part */
- BIO_printf(bio, "------%s%s", bound, mime_eol);
- if (!asn1_output_data(bio, data, val, flags, it))
- return 0;
- BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
-
- /* Headers for signature */
-
- BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
- BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
- BIO_printf(bio, "Content-Transfer-Encoding: base64%s", mime_eol);
- BIO_printf(bio, "Content-Disposition: attachment;");
- BIO_printf(bio, " filename=\"smime.p7s\"%s%s", mime_eol, mime_eol);
- B64_write_ASN1(bio, val, NULL, 0, it);
- BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
- mime_eol, mime_eol);
- return 1;
- }
-
- /* Determine smime-type header */
-
- if (ctype_nid == NID_pkcs7_enveloped)
- msg_type = "enveloped-data";
- else if (ctype_nid == NID_pkcs7_signed) {
- if (econt_nid == NID_id_smime_ct_receipt)
- msg_type = "signed-receipt";
- else if (sk_X509_ALGOR_num(mdalgs) >= 0)
- msg_type = "signed-data";
- else
- msg_type = "certs-only";
- } else if (ctype_nid == NID_id_smime_ct_compressedData) {
- msg_type = "compressed-data";
- cname = "smime.p7z";
- }
- /* MIME headers */
- BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
- BIO_printf(bio, "Content-Disposition: attachment;");
- BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
- BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
- if (msg_type)
- BIO_printf(bio, " smime-type=%s;", msg_type);
- BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
- BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
- mime_eol, mime_eol);
- if (!B64_write_ASN1(bio, val, data, flags, it))
- return 0;
- BIO_printf(bio, "%s", mime_eol);
- return 1;
-}
-
-/* Handle output of ASN1 data */
-
-static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
- const ASN1_ITEM *it)
-{
- BIO *tmpbio;
- const ASN1_AUX *aux = it->funcs;
- ASN1_STREAM_ARG sarg;
- int rv = 1;
-
- /*
- * If data is not deteched or resigning then the output BIO is already
- * set up to finalise when it is written through.
- */
- if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
- SMIME_crlf_copy(data, out, flags);
- return 1;
- }
-
- if (!aux || !aux->asn1_cb) {
- ASN1err(ASN1_F_ASN1_OUTPUT_DATA, ASN1_R_STREAMING_NOT_SUPPORTED);
- return 0;
- }
-
- sarg.out = out;
- sarg.ndef_bio = NULL;
- sarg.boundary = NULL;
-
- /* Let ASN1 code prepend any needed BIOs */
-
- if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
- return 0;
-
- /* Copy data across, passing through filter BIOs for processing */
- SMIME_crlf_copy(data, sarg.ndef_bio, flags);
-
- /* Finalize structure */
- if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
- rv = 0;
-
- /* Now remove any digests prepended to the BIO */
-
- while (sarg.ndef_bio != out) {
- tmpbio = BIO_pop(sarg.ndef_bio);
- BIO_free(sarg.ndef_bio);
- sarg.ndef_bio = tmpbio;
- }
-
- return rv;
-
-}
-
-/*
- * SMIME reader: handle multipart/signed and opaque signing. in multipart
- * case the content is placed in a memory BIO pointed to by "bcont". In
- * opaque this is set to NULL
- */
-
-ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
-{
- BIO *asnin;
- STACK_OF(MIME_HEADER) *headers = NULL;
- STACK_OF(BIO) *parts = NULL;
- MIME_HEADER *hdr;
- MIME_PARAM *prm;
- ASN1_VALUE *val;
- int ret;
-
- if (bcont)
- *bcont = NULL;
-
- if (!(headers = mime_parse_hdr(bio))) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
- return NULL;
- }
-
- if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
- return NULL;
- }
-
- /* Handle multipart/signed */
-
- if (!strcmp(hdr->value, "multipart/signed")) {
- /* Split into two parts */
- prm = mime_param_find(hdr, "boundary");
- if (!prm || !prm->param_value) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
- return NULL;
- }
- ret = multi_split(bio, prm->param_value, &parts);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- if (!ret || (sk_BIO_num(parts) != 2)) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
-
- /* Parse the signature piece */
- asnin = sk_BIO_value(parts, 1);
-
- if (!(headers = mime_parse_hdr(asnin))) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
-
- /* Get content type */
-
- if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
- return NULL;
- }
-
- if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
- strcmp(hdr->value, "application/pkcs7-signature")) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE);
- ERR_add_error_data(2, "type: ", hdr->value);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- /* Read in ASN1 */
- if (!(val = b64_read_asn1(asnin, it))) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
-
- if (bcont) {
- *bcont = sk_BIO_value(parts, 0);
- BIO_free(asnin);
- sk_BIO_free(parts);
- } else
- sk_BIO_pop_free(parts, BIO_vfree);
- return val;
- }
-
- /* OK, if not multipart/signed try opaque signature */
-
- if (strcmp(hdr->value, "application/x-pkcs7-mime") &&
- strcmp(hdr->value, "application/pkcs7-mime")) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
- ERR_add_error_data(2, "type: ", hdr->value);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- return NULL;
- }
-
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-
- if (!(val = b64_read_asn1(bio, it))) {
- ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
- return NULL;
- }
- return val;
-
-}
-
-/* Copy text from one BIO to another making the output CRLF at EOL */
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
-{
- BIO *bf;
- char eol;
- int len;
- char linebuf[MAX_SMLEN];
- /*
- * Buffer output so we don't write one line at a time. This is useful
- * when streaming as we don't end up with one OCTET STRING per line.
- */
- bf = BIO_new(BIO_f_buffer());
- if (!bf)
- return 0;
- out = BIO_push(bf, out);
- if (flags & SMIME_BINARY) {
- while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
- BIO_write(out, linebuf, len);
- } else {
- if (flags & SMIME_TEXT)
- BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
- while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
- eol = strip_eol(linebuf, &len);
- if (len)
- BIO_write(out, linebuf, len);
- if (eol)
- BIO_write(out, "\r\n", 2);
- }
- }
- (void)BIO_flush(out);
- BIO_pop(out);
- BIO_free(bf);
- return 1;
-}
-
-/* Strip off headers if they are text/plain */
-int SMIME_text(BIO *in, BIO *out)
-{
- char iobuf[4096];
- int len;
- STACK_OF(MIME_HEADER) *headers;
- MIME_HEADER *hdr;
-
- if (!(headers = mime_parse_hdr(in))) {
- ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
- return 0;
- }
- if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
- ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- return 0;
- }
- if (strcmp(hdr->value, "text/plain")) {
- ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
- ERR_add_error_data(2, "type: ", hdr->value);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- return 0;
- }
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
- BIO_write(out, iobuf, len);
- if (len < 0)
- return 0;
- return 1;
-}
-
-/*
- * Split a multipart/XXX message body into component parts: result is
- * canonical parts in a STACK of bios
- */
-
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
-{
- char linebuf[MAX_SMLEN];
- int len, blen;
- int eol = 0, next_eol = 0;
- BIO *bpart = NULL;
- STACK_OF(BIO) *parts;
- char state, part, first;
-
- blen = strlen(bound);
- part = 0;
- state = 0;
- first = 1;
- parts = sk_BIO_new_null();
- *ret = parts;
- while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
- state = mime_bound_check(linebuf, len, bound, blen);
- if (state == 1) {
- first = 1;
- part++;
- } else if (state == 2) {
- sk_BIO_push(parts, bpart);
- return 1;
- } else if (part) {
- /* Strip CR+LF from linebuf */
- next_eol = strip_eol(linebuf, &len);
- if (first) {
- first = 0;
- if (bpart)
- sk_BIO_push(parts, bpart);
- bpart = BIO_new(BIO_s_mem());
- BIO_set_mem_eof_return(bpart, 0);
- } else if (eol)
- BIO_write(bpart, "\r\n", 2);
- eol = next_eol;
- if (len)
- BIO_write(bpart, linebuf, len);
- }
- }
- return 0;
-}
-
-/* This is the big one: parse MIME header lines up to message body */
-
-#define MIME_INVALID 0
-#define MIME_START 1
-#define MIME_TYPE 2
-#define MIME_NAME 3
-#define MIME_VALUE 4
-#define MIME_QUOTE 5
-#define MIME_COMMENT 6
-
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
-{
- char *p, *q, c;
- char *ntmp;
- char linebuf[MAX_SMLEN];
- MIME_HEADER *mhdr = NULL;
- STACK_OF(MIME_HEADER) *headers;
- int len, state, save_state = 0;
-
- headers = sk_MIME_HEADER_new(mime_hdr_cmp);
- if (!headers)
- return NULL;
- while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
- /* If whitespace at line start then continuation line */
- if (mhdr && isspace((unsigned char)linebuf[0]))
- state = MIME_NAME;
- else
- state = MIME_START;
- ntmp = NULL;
- /* Go through all characters */
- for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
- p++) {
-
- /*
- * State machine to handle MIME headers if this looks horrible
- * that's because it *is*
- */
-
- switch (state) {
- case MIME_START:
- if (c == ':') {
- state = MIME_TYPE;
- *p = 0;
- ntmp = strip_ends(q);
- q = p + 1;
- }
- break;
-
- case MIME_TYPE:
- if (c == ';') {
- mime_debug("Found End Value\n");
- *p = 0;
- mhdr = mime_hdr_new(ntmp, strip_ends(q));
- sk_MIME_HEADER_push(headers, mhdr);
- ntmp = NULL;
- q = p + 1;
- state = MIME_NAME;
- } else if (c == '(') {
- save_state = state;
- state = MIME_COMMENT;
- }
- break;
-
- case MIME_COMMENT:
- if (c == ')') {
- state = save_state;
- }
- break;
-
- case MIME_NAME:
- if (c == '=') {
- state = MIME_VALUE;
- *p = 0;
- ntmp = strip_ends(q);
- q = p + 1;
- }
- break;
-
- case MIME_VALUE:
- if (c == ';') {
- state = MIME_NAME;
- *p = 0;
- mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
- ntmp = NULL;
- q = p + 1;
- } else if (c == '"') {
- mime_debug("Found Quote\n");
- state = MIME_QUOTE;
- } else if (c == '(') {
- save_state = state;
- state = MIME_COMMENT;
- }
- break;
-
- case MIME_QUOTE:
- if (c == '"') {
- mime_debug("Found Match Quote\n");
- state = MIME_VALUE;
- }
- break;
- }
- }
-
- if (state == MIME_TYPE) {
- mhdr = mime_hdr_new(ntmp, strip_ends(q));
- sk_MIME_HEADER_push(headers, mhdr);
- } else if (state == MIME_VALUE)
- mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
- if (p == linebuf)
- break; /* Blank line means end of headers */
- }
-
- return headers;
-
-}
-
-static char *strip_ends(char *name)
-{
- return strip_end(strip_start(name));
-}
-
-/* Strip a parameter of whitespace from start of param */
-static char *strip_start(char *name)
-{
- char *p, c;
- /* Look for first non white space or quote */
- for (p = name; (c = *p); p++) {
- if (c == '"') {
- /* Next char is start of string if non null */
- if (p[1])
- return p + 1;
- /* Else null string */
- return NULL;
- }
- if (!isspace((unsigned char)c))
- return p;
- }
- return NULL;
-}
-
-/* As above but strip from end of string : maybe should handle brackets? */
-static char *strip_end(char *name)
-{
- char *p, c;
- if (!name)
- return NULL;
- /* Look for first non white space or quote */
- for (p = name + strlen(name) - 1; p >= name; p--) {
- c = *p;
- if (c == '"') {
- if (p - 1 == name)
- return NULL;
- *p = 0;
- return name;
- }
- if (isspace((unsigned char)c))
- *p = 0;
- else
- return name;
- }
- return NULL;
-}
-
-static MIME_HEADER *mime_hdr_new(char *name, char *value)
-{
- MIME_HEADER *mhdr;
- char *tmpname, *tmpval, *p;
- int c;
- if (name) {
- if (!(tmpname = BUF_strdup(name)))
- return NULL;
- for (p = tmpname; *p; p++) {
- c = (unsigned char)*p;
- if (isupper(c)) {
- c = tolower(c);
- *p = c;
- }
- }
- } else
- tmpname = NULL;
- if (value) {
- if (!(tmpval = BUF_strdup(value)))
- return NULL;
- for (p = tmpval; *p; p++) {
- c = (unsigned char)*p;
- if (isupper(c)) {
- c = tolower(c);
- *p = c;
- }
- }
- } else
- tmpval = NULL;
- mhdr = (MIME_HEADER *)OPENSSL_malloc(sizeof(MIME_HEADER));
- if (!mhdr)
- return NULL;
- mhdr->name = tmpname;
- mhdr->value = tmpval;
- if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)))
- return NULL;
- return mhdr;
-}
-
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
-{
- char *tmpname, *tmpval, *p;
- int c;
- MIME_PARAM *mparam;
- if (name) {
- tmpname = BUF_strdup(name);
- if (!tmpname)
- return 0;
- for (p = tmpname; *p; p++) {
- c = (unsigned char)*p;
- if (isupper(c)) {
- c = tolower(c);
- *p = c;
- }
- }
- } else
- tmpname = NULL;
- if (value) {
- tmpval = BUF_strdup(value);
- if (!tmpval)
- return 0;
- } else
- tmpval = NULL;
- /* Parameter values are case sensitive so leave as is */
- mparam = (MIME_PARAM *)OPENSSL_malloc(sizeof(MIME_PARAM));
- if (!mparam)
- return 0;
- mparam->param_name = tmpname;
- mparam->param_value = tmpval;
- sk_MIME_PARAM_push(mhdr->params, mparam);
- return 1;
-}
-
-static int mime_hdr_cmp(const MIME_HEADER *const *a,
- const MIME_HEADER *const *b)
-{
- if (!(*a)->name || !(*b)->name)
- return ! !(*a)->name - ! !(*b)->name;
-
- return (strcmp((*a)->name, (*b)->name));
-}
-
-static int mime_param_cmp(const MIME_PARAM *const *a,
- const MIME_PARAM *const *b)
-{
- if (!(*a)->param_name || !(*b)->param_name)
- return ! !(*a)->param_name - ! !(*b)->param_name;
- return (strcmp((*a)->param_name, (*b)->param_name));
-}
-
-/* Find a header with a given name (if possible) */
-
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
-{
- MIME_HEADER htmp;
- int idx;
- htmp.name = name;
- idx = sk_MIME_HEADER_find(hdrs, &htmp);
- if (idx < 0)
- return NULL;
- return sk_MIME_HEADER_value(hdrs, idx);
-}
-
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
-{
- MIME_PARAM param;
- int idx;
- param.param_name = name;
- idx = sk_MIME_PARAM_find(hdr->params, ¶m);
- if (idx < 0)
- return NULL;
- return sk_MIME_PARAM_value(hdr->params, idx);
-}
-
-static void mime_hdr_free(MIME_HEADER *hdr)
-{
- if (hdr->name)
- OPENSSL_free(hdr->name);
- if (hdr->value)
- OPENSSL_free(hdr->value);
- if (hdr->params)
- sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
- OPENSSL_free(hdr);
-}
-
-static void mime_param_free(MIME_PARAM *param)
-{
- if (param->param_name)
- OPENSSL_free(param->param_name);
- if (param->param_value)
- OPENSSL_free(param->param_value);
- OPENSSL_free(param);
-}
-
-/*-
- * Check for a multipart boundary. Returns:
- * 0 : no boundary
- * 1 : part boundary
- * 2 : final boundary
- */
-static int mime_bound_check(char *line, int linelen, char *bound, int blen)
-{
- if (linelen == -1)
- linelen = strlen(line);
- if (blen == -1)
- blen = strlen(bound);
- /* Quickly eliminate if line length too short */
- if (blen + 2 > linelen)
- return 0;
- /* Check for part boundary */
- if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
- if (!strncmp(line + blen + 2, "--", 2))
- return 2;
- else
- return 1;
- }
- return 0;
-}
-
-static int strip_eol(char *linebuf, int *plen)
-{
- int len = *plen;
- char *p, c;
- int is_eol = 0;
- p = linebuf + len - 1;
- for (p = linebuf + len - 1; len > 0; len--, p--) {
- c = *p;
- if (c == '\n')
- is_eol = 1;
- else if (c != '\r')
- break;
- }
- *plen = len;
- return is_eol;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/asn_mime.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/asn_mime.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,974 @@
+/* asn_mime.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include "asn1_locl.h"
+
+/*
+ * Generalised MIME like utilities for streaming ASN1. Although many have a
+ * PKCS7/CMS like flavour others are more general purpose.
+ */
+
+/*
+ * MIME format structures Note that all are translated to lower case apart
+ * from parameter values. Quotes are stripped off
+ */
+
+typedef struct {
+ char *param_name; /* Param name e.g. "micalg" */
+ char *param_value; /* Param value e.g. "sha1" */
+} MIME_PARAM;
+
+DECLARE_STACK_OF(MIME_PARAM)
+IMPLEMENT_STACK_OF(MIME_PARAM)
+
+typedef struct {
+ char *name; /* Name of line e.g. "content-type" */
+ char *value; /* Value of line e.g. "text/plain" */
+ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
+} MIME_HEADER;
+
+DECLARE_STACK_OF(MIME_HEADER)
+IMPLEMENT_STACK_OF(MIME_HEADER)
+
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+ const ASN1_ITEM *it);
+static char *strip_ends(char *name);
+static char *strip_start(char *name);
+static char *strip_end(char *name);
+static MIME_HEADER *mime_hdr_new(char *name, char *value);
+static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
+static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
+static int mime_hdr_cmp(const MIME_HEADER *const *a,
+ const MIME_HEADER *const *b);
+static int mime_param_cmp(const MIME_PARAM *const *a,
+ const MIME_PARAM *const *b);
+static void mime_param_free(MIME_PARAM *param);
+static int mime_bound_check(char *line, int linelen, char *bound, int blen);
+static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
+static int strip_eol(char *linebuf, int *plen);
+static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
+static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
+static void mime_hdr_free(MIME_HEADER *hdr);
+
+#define MAX_SMLEN 1024
+#define mime_debug(x) /* x */
+
+/* Output an ASN1 structure in BER format streaming if necessary */
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it)
+{
+ /* If streaming create stream BIO and copy all content through it */
+ if (flags & SMIME_STREAM) {
+ BIO *bio, *tbio;
+ bio = BIO_new_NDEF(out, val, it);
+ if (!bio) {
+ ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ SMIME_crlf_copy(in, bio, flags);
+ (void)BIO_flush(bio);
+ /* Free up successive BIOs until we hit the old output BIO */
+ do {
+ tbio = BIO_pop(bio);
+ BIO_free(bio);
+ bio = tbio;
+ } while (bio != out);
+ }
+ /*
+ * else just write out ASN1 structure which will have all content stored
+ * internally
+ */
+ else
+ ASN1_item_i2d_bio(it, out, val);
+ return 1;
+}
+
+/* Base 64 read and write of ASN1 structure */
+
+static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it)
+{
+ BIO *b64;
+ int r;
+ b64 = BIO_new(BIO_f_base64());
+ if (!b64) {
+ ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ /*
+ * prepend the b64 BIO so all data is base64 encoded.
+ */
+ out = BIO_push(b64, out);
+ r = i2d_ASN1_bio_stream(out, val, in, flags, it);
+ (void)BIO_flush(out);
+ BIO_pop(out);
+ BIO_free(b64);
+ return r;
+}
+
+/* Streaming ASN1 PEM write */
+
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const char *hdr, const ASN1_ITEM *it)
+{
+ int r;
+ BIO_printf(out, "-----BEGIN %s-----\n", hdr);
+ r = B64_write_ASN1(out, val, in, flags, it);
+ BIO_printf(out, "-----END %s-----\n", hdr);
+ return r;
+}
+
+static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
+{
+ BIO *b64;
+ ASN1_VALUE *val;
+ if (!(b64 = BIO_new(BIO_f_base64()))) {
+ ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ bio = BIO_push(b64, bio);
+ val = ASN1_item_d2i_bio(it, bio, NULL);
+ if (!val)
+ ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
+ (void)BIO_flush(bio);
+ bio = BIO_pop(bio);
+ BIO_free(b64);
+ return val;
+}
+
+/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
+
+static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
+{
+ const EVP_MD *md;
+ int i, have_unknown = 0, write_comma, ret = 0, md_nid;
+ have_unknown = 0;
+ write_comma = 0;
+ for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
+ if (write_comma)
+ BIO_write(out, ",", 1);
+ write_comma = 1;
+ md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
+ md = EVP_get_digestbynid(md_nid);
+ if (md && md->md_ctrl) {
+ int rv;
+ char *micstr;
+ rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
+ if (rv > 0) {
+ BIO_puts(out, micstr);
+ OPENSSL_free(micstr);
+ continue;
+ }
+ if (rv != -2)
+ goto err;
+ }
+ switch (md_nid) {
+ case NID_sha1:
+ BIO_puts(out, "sha1");
+ break;
+
+ case NID_md5:
+ BIO_puts(out, "md5");
+ break;
+
+ case NID_sha256:
+ BIO_puts(out, "sha-256");
+ break;
+
+ case NID_sha384:
+ BIO_puts(out, "sha-384");
+ break;
+
+ case NID_sha512:
+ BIO_puts(out, "sha-512");
+ break;
+
+ case NID_id_GostR3411_94:
+ BIO_puts(out, "gostr3411-94");
+ goto err;
+ break;
+
+ default:
+ if (have_unknown)
+ write_comma = 0;
+ else {
+ BIO_puts(out, "unknown");
+ have_unknown = 1;
+ }
+ break;
+
+ }
+ }
+
+ ret = 1;
+ err:
+
+ return ret;
+
+}
+
+/* SMIME sender */
+
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
+{
+ char bound[33], c;
+ int i;
+ const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
+ const char *msg_type = NULL;
+ if (flags & SMIME_OLDMIME)
+ mime_prefix = "application/x-pkcs7-";
+ else
+ mime_prefix = "application/pkcs7-";
+
+ if (flags & SMIME_CRLFEOL)
+ mime_eol = "\r\n";
+ else
+ mime_eol = "\n";
+ if ((flags & SMIME_DETACHED) && data) {
+ /* We want multipart/signed */
+ /* Generate a random boundary */
+ if (RAND_bytes((unsigned char *)bound, 32) <= 0)
+ return 0;
+ for (i = 0; i < 32; i++) {
+ c = bound[i] & 0xf;
+ if (c < 10)
+ c += '0';
+ else
+ c += 'A' - 10;
+ bound[i] = c;
+ }
+ bound[32] = 0;
+ BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
+ BIO_printf(bio, "Content-Type: multipart/signed;");
+ BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
+ BIO_puts(bio, " micalg=\"");
+ asn1_write_micalg(bio, mdalgs);
+ BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
+ bound, mime_eol, mime_eol);
+ BIO_printf(bio, "This is an S/MIME signed message%s%s",
+ mime_eol, mime_eol);
+ /* Now write out the first part */
+ BIO_printf(bio, "------%s%s", bound, mime_eol);
+ if (!asn1_output_data(bio, data, val, flags, it))
+ return 0;
+ BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
+
+ /* Headers for signature */
+
+ BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
+ BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
+ BIO_printf(bio, "Content-Transfer-Encoding: base64%s", mime_eol);
+ BIO_printf(bio, "Content-Disposition: attachment;");
+ BIO_printf(bio, " filename=\"smime.p7s\"%s%s", mime_eol, mime_eol);
+ B64_write_ASN1(bio, val, NULL, 0, it);
+ BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
+ mime_eol, mime_eol);
+ return 1;
+ }
+
+ /* Determine smime-type header */
+
+ if (ctype_nid == NID_pkcs7_enveloped)
+ msg_type = "enveloped-data";
+ else if (ctype_nid == NID_pkcs7_signed) {
+ if (econt_nid == NID_id_smime_ct_receipt)
+ msg_type = "signed-receipt";
+ else if (sk_X509_ALGOR_num(mdalgs) >= 0)
+ msg_type = "signed-data";
+ else
+ msg_type = "certs-only";
+ } else if (ctype_nid == NID_id_smime_ct_compressedData) {
+ msg_type = "compressed-data";
+ cname = "smime.p7z";
+ }
+ /* MIME headers */
+ BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
+ BIO_printf(bio, "Content-Disposition: attachment;");
+ BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
+ BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
+ if (msg_type)
+ BIO_printf(bio, " smime-type=%s;", msg_type);
+ BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
+ BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
+ mime_eol, mime_eol);
+ if (!B64_write_ASN1(bio, val, data, flags, it))
+ return 0;
+ BIO_printf(bio, "%s", mime_eol);
+ return 1;
+}
+
+/* Handle output of ASN1 data */
+
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+ const ASN1_ITEM *it)
+{
+ BIO *tmpbio;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_STREAM_ARG sarg;
+ int rv = 1;
+
+ /*
+ * If data is not deteched or resigning then the output BIO is already
+ * set up to finalise when it is written through.
+ */
+ if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
+ SMIME_crlf_copy(data, out, flags);
+ return 1;
+ }
+
+ if (!aux || !aux->asn1_cb) {
+ ASN1err(ASN1_F_ASN1_OUTPUT_DATA, ASN1_R_STREAMING_NOT_SUPPORTED);
+ return 0;
+ }
+
+ sarg.out = out;
+ sarg.ndef_bio = NULL;
+ sarg.boundary = NULL;
+
+ /* Let ASN1 code prepend any needed BIOs */
+
+ if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
+ return 0;
+
+ /* Copy data across, passing through filter BIOs for processing */
+ SMIME_crlf_copy(data, sarg.ndef_bio, flags);
+
+ /* Finalize structure */
+ if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
+ rv = 0;
+
+ /* Now remove any digests prepended to the BIO */
+
+ while (sarg.ndef_bio != out) {
+ tmpbio = BIO_pop(sarg.ndef_bio);
+ BIO_free(sarg.ndef_bio);
+ sarg.ndef_bio = tmpbio;
+ }
+
+ return rv;
+
+}
+
+/*
+ * SMIME reader: handle multipart/signed and opaque signing. in multipart
+ * case the content is placed in a memory BIO pointed to by "bcont". In
+ * opaque this is set to NULL
+ */
+
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
+{
+ BIO *asnin;
+ STACK_OF(MIME_HEADER) *headers = NULL;
+ STACK_OF(BIO) *parts = NULL;
+ MIME_HEADER *hdr;
+ MIME_PARAM *prm;
+ ASN1_VALUE *val;
+ int ret;
+
+ if (bcont)
+ *bcont = NULL;
+
+ if (!(headers = mime_parse_hdr(bio))) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
+ return NULL;
+ }
+
+ if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
+ return NULL;
+ }
+
+ /* Handle multipart/signed */
+
+ if (!strcmp(hdr->value, "multipart/signed")) {
+ /* Split into two parts */
+ prm = mime_param_find(hdr, "boundary");
+ if (!prm || !prm->param_value) {
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
+ return NULL;
+ }
+ ret = multi_split(bio, prm->param_value, &parts);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ if (!ret || (sk_BIO_num(parts) != 2)) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+
+ /* Parse the signature piece */
+ asnin = sk_BIO_value(parts, 1);
+
+ if (!(headers = mime_parse_hdr(asnin))) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+
+ /* Get content type */
+
+ if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
+ return NULL;
+ }
+
+ if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
+ strcmp(hdr->value, "application/pkcs7-signature")) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ /* Read in ASN1 */
+ if (!(val = b64_read_asn1(asnin, it))) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+
+ if (bcont) {
+ *bcont = sk_BIO_value(parts, 0);
+ BIO_free(asnin);
+ sk_BIO_free(parts);
+ } else
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return val;
+ }
+
+ /* OK, if not multipart/signed try opaque signature */
+
+ if (strcmp(hdr->value, "application/x-pkcs7-mime") &&
+ strcmp(hdr->value, "application/pkcs7-mime")) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ return NULL;
+ }
+
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+
+ if (!(val = b64_read_asn1(bio, it))) {
+ ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
+ return NULL;
+ }
+ return val;
+
+}
+
+/* Copy text from one BIO to another making the output CRLF at EOL */
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
+{
+ BIO *bf;
+ char eol;
+ int len;
+ char linebuf[MAX_SMLEN];
+ /*
+ * Buffer output so we don't write one line at a time. This is useful
+ * when streaming as we don't end up with one OCTET STRING per line.
+ */
+ bf = BIO_new(BIO_f_buffer());
+ if (!bf)
+ return 0;
+ out = BIO_push(bf, out);
+ if (flags & SMIME_BINARY) {
+ while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
+ BIO_write(out, linebuf, len);
+ } else {
+ if (flags & SMIME_TEXT)
+ BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
+ while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
+ eol = strip_eol(linebuf, &len);
+ if (len)
+ BIO_write(out, linebuf, len);
+ if (eol)
+ BIO_write(out, "\r\n", 2);
+ }
+ }
+ (void)BIO_flush(out);
+ BIO_pop(out);
+ BIO_free(bf);
+ return 1;
+}
+
+/* Strip off headers if they are text/plain */
+int SMIME_text(BIO *in, BIO *out)
+{
+ char iobuf[4096];
+ int len;
+ STACK_OF(MIME_HEADER) *headers;
+ MIME_HEADER *hdr;
+
+ if (!(headers = mime_parse_hdr(in))) {
+ ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
+ return 0;
+ }
+ if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+ ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ return 0;
+ }
+ if (strcmp(hdr->value, "text/plain")) {
+ ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ return 0;
+ }
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
+ BIO_write(out, iobuf, len);
+ if (len < 0)
+ return 0;
+ return 1;
+}
+
+/*
+ * Split a multipart/XXX message body into component parts: result is
+ * canonical parts in a STACK of bios
+ */
+
+static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
+{
+ char linebuf[MAX_SMLEN];
+ int len, blen;
+ int eol = 0, next_eol = 0;
+ BIO *bpart = NULL;
+ STACK_OF(BIO) *parts;
+ char state, part, first;
+
+ blen = strlen(bound);
+ part = 0;
+ state = 0;
+ first = 1;
+ parts = sk_BIO_new_null();
+ *ret = parts;
+ while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
+ state = mime_bound_check(linebuf, len, bound, blen);
+ if (state == 1) {
+ first = 1;
+ part++;
+ } else if (state == 2) {
+ sk_BIO_push(parts, bpart);
+ return 1;
+ } else if (part) {
+ /* Strip CR+LF from linebuf */
+ next_eol = strip_eol(linebuf, &len);
+ if (first) {
+ first = 0;
+ if (bpart)
+ sk_BIO_push(parts, bpart);
+ bpart = BIO_new(BIO_s_mem());
+ BIO_set_mem_eof_return(bpart, 0);
+ } else if (eol)
+ BIO_write(bpart, "\r\n", 2);
+ eol = next_eol;
+ if (len)
+ BIO_write(bpart, linebuf, len);
+ }
+ }
+ return 0;
+}
+
+/* This is the big one: parse MIME header lines up to message body */
+
+#define MIME_INVALID 0
+#define MIME_START 1
+#define MIME_TYPE 2
+#define MIME_NAME 3
+#define MIME_VALUE 4
+#define MIME_QUOTE 5
+#define MIME_COMMENT 6
+
+static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
+{
+ char *p, *q, c;
+ char *ntmp;
+ char linebuf[MAX_SMLEN];
+ MIME_HEADER *mhdr = NULL;
+ STACK_OF(MIME_HEADER) *headers;
+ int len, state, save_state = 0;
+
+ headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+ if (!headers)
+ return NULL;
+ while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
+ /* If whitespace at line start then continuation line */
+ if (mhdr && isspace((unsigned char)linebuf[0]))
+ state = MIME_NAME;
+ else
+ state = MIME_START;
+ ntmp = NULL;
+ /* Go through all characters */
+ for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
+ p++) {
+
+ /*
+ * State machine to handle MIME headers if this looks horrible
+ * that's because it *is*
+ */
+
+ switch (state) {
+ case MIME_START:
+ if (c == ':') {
+ state = MIME_TYPE;
+ *p = 0;
+ ntmp = strip_ends(q);
+ q = p + 1;
+ }
+ break;
+
+ case MIME_TYPE:
+ if (c == ';') {
+ mime_debug("Found End Value\n");
+ *p = 0;
+ mhdr = mime_hdr_new(ntmp, strip_ends(q));
+ sk_MIME_HEADER_push(headers, mhdr);
+ ntmp = NULL;
+ q = p + 1;
+ state = MIME_NAME;
+ } else if (c == '(') {
+ save_state = state;
+ state = MIME_COMMENT;
+ }
+ break;
+
+ case MIME_COMMENT:
+ if (c == ')') {
+ state = save_state;
+ }
+ break;
+
+ case MIME_NAME:
+ if (c == '=') {
+ state = MIME_VALUE;
+ *p = 0;
+ ntmp = strip_ends(q);
+ q = p + 1;
+ }
+ break;
+
+ case MIME_VALUE:
+ if (c == ';') {
+ state = MIME_NAME;
+ *p = 0;
+ mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
+ ntmp = NULL;
+ q = p + 1;
+ } else if (c == '"') {
+ mime_debug("Found Quote\n");
+ state = MIME_QUOTE;
+ } else if (c == '(') {
+ save_state = state;
+ state = MIME_COMMENT;
+ }
+ break;
+
+ case MIME_QUOTE:
+ if (c == '"') {
+ mime_debug("Found Match Quote\n");
+ state = MIME_VALUE;
+ }
+ break;
+ }
+ }
+
+ if (state == MIME_TYPE) {
+ mhdr = mime_hdr_new(ntmp, strip_ends(q));
+ sk_MIME_HEADER_push(headers, mhdr);
+ } else if (state == MIME_VALUE)
+ mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
+ if (p == linebuf)
+ break; /* Blank line means end of headers */
+ }
+
+ return headers;
+
+}
+
+static char *strip_ends(char *name)
+{
+ return strip_end(strip_start(name));
+}
+
+/* Strip a parameter of whitespace from start of param */
+static char *strip_start(char *name)
+{
+ char *p, c;
+ /* Look for first non white space or quote */
+ for (p = name; (c = *p); p++) {
+ if (c == '"') {
+ /* Next char is start of string if non null */
+ if (p[1])
+ return p + 1;
+ /* Else null string */
+ return NULL;
+ }
+ if (!isspace((unsigned char)c))
+ return p;
+ }
+ return NULL;
+}
+
+/* As above but strip from end of string : maybe should handle brackets? */
+static char *strip_end(char *name)
+{
+ char *p, c;
+ if (!name)
+ return NULL;
+ /* Look for first non white space or quote */
+ for (p = name + strlen(name) - 1; p >= name; p--) {
+ c = *p;
+ if (c == '"') {
+ if (p - 1 == name)
+ return NULL;
+ *p = 0;
+ return name;
+ }
+ if (isspace((unsigned char)c))
+ *p = 0;
+ else
+ return name;
+ }
+ return NULL;
+}
+
+static MIME_HEADER *mime_hdr_new(char *name, char *value)
+{
+ MIME_HEADER *mhdr;
+ char *tmpname, *tmpval, *p;
+ int c;
+ if (name) {
+ if (!(tmpname = BUF_strdup(name)))
+ return NULL;
+ for (p = tmpname; *p; p++) {
+ c = (unsigned char)*p;
+ if (isupper(c)) {
+ c = tolower(c);
+ *p = c;
+ }
+ }
+ } else
+ tmpname = NULL;
+ if (value) {
+ if (!(tmpval = BUF_strdup(value)))
+ return NULL;
+ for (p = tmpval; *p; p++) {
+ c = (unsigned char)*p;
+ if (isupper(c)) {
+ c = tolower(c);
+ *p = c;
+ }
+ }
+ } else
+ tmpval = NULL;
+ mhdr = (MIME_HEADER *)OPENSSL_malloc(sizeof(MIME_HEADER));
+ if (!mhdr)
+ return NULL;
+ mhdr->name = tmpname;
+ mhdr->value = tmpval;
+ if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)))
+ return NULL;
+ return mhdr;
+}
+
+static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
+{
+ char *tmpname, *tmpval, *p;
+ int c;
+ MIME_PARAM *mparam;
+ if (name) {
+ tmpname = BUF_strdup(name);
+ if (!tmpname)
+ return 0;
+ for (p = tmpname; *p; p++) {
+ c = (unsigned char)*p;
+ if (isupper(c)) {
+ c = tolower(c);
+ *p = c;
+ }
+ }
+ } else
+ tmpname = NULL;
+ if (value) {
+ tmpval = BUF_strdup(value);
+ if (!tmpval)
+ return 0;
+ } else
+ tmpval = NULL;
+ /* Parameter values are case sensitive so leave as is */
+ mparam = (MIME_PARAM *)OPENSSL_malloc(sizeof(MIME_PARAM));
+ if (!mparam)
+ return 0;
+ mparam->param_name = tmpname;
+ mparam->param_value = tmpval;
+ sk_MIME_PARAM_push(mhdr->params, mparam);
+ return 1;
+}
+
+static int mime_hdr_cmp(const MIME_HEADER *const *a,
+ const MIME_HEADER *const *b)
+{
+ if (!(*a)->name || !(*b)->name)
+ return ! !(*a)->name - ! !(*b)->name;
+
+ return (strcmp((*a)->name, (*b)->name));
+}
+
+static int mime_param_cmp(const MIME_PARAM *const *a,
+ const MIME_PARAM *const *b)
+{
+ if (!(*a)->param_name || !(*b)->param_name)
+ return ! !(*a)->param_name - ! !(*b)->param_name;
+ return (strcmp((*a)->param_name, (*b)->param_name));
+}
+
+/* Find a header with a given name (if possible) */
+
+static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
+{
+ MIME_HEADER htmp;
+ int idx;
+ htmp.name = name;
+ idx = sk_MIME_HEADER_find(hdrs, &htmp);
+ if (idx < 0)
+ return NULL;
+ return sk_MIME_HEADER_value(hdrs, idx);
+}
+
+static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
+{
+ MIME_PARAM param;
+ int idx;
+ param.param_name = name;
+ idx = sk_MIME_PARAM_find(hdr->params, ¶m);
+ if (idx < 0)
+ return NULL;
+ return sk_MIME_PARAM_value(hdr->params, idx);
+}
+
+static void mime_hdr_free(MIME_HEADER *hdr)
+{
+ if (hdr->name)
+ OPENSSL_free(hdr->name);
+ if (hdr->value)
+ OPENSSL_free(hdr->value);
+ if (hdr->params)
+ sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
+ OPENSSL_free(hdr);
+}
+
+static void mime_param_free(MIME_PARAM *param)
+{
+ if (param->param_name)
+ OPENSSL_free(param->param_name);
+ if (param->param_value)
+ OPENSSL_free(param->param_value);
+ OPENSSL_free(param);
+}
+
+/*-
+ * Check for a multipart boundary. Returns:
+ * 0 : no boundary
+ * 1 : part boundary
+ * 2 : final boundary
+ */
+static int mime_bound_check(char *line, int linelen, char *bound, int blen)
+{
+ if (linelen == -1)
+ linelen = strlen(line);
+ if (blen == -1)
+ blen = strlen(bound);
+ /* Quickly eliminate if line length too short */
+ if (blen + 2 > linelen)
+ return 0;
+ /* Check for part boundary */
+ if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
+ if (!strncmp(line + blen + 2, "--", 2))
+ return 2;
+ else
+ return 1;
+ }
+ return 0;
+}
+
+static int strip_eol(char *linebuf, int *plen)
+{
+ int len = *plen;
+ char *p, c;
+ int is_eol = 0;
+ p = linebuf + len - 1;
+ for (p = linebuf + len - 1; len > 0; len--, p--) {
+ c = *p;
+ if (c == '\n')
+ is_eol = 1;
+ else if (c != '\r')
+ break;
+ }
+ *plen = len;
+ return is_eol;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/d2i_pr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,175 +0,0 @@
-/* crypto/asn1/d2i_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include "asn1_locl.h"
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
- long length)
-{
- EVP_PKEY *ret;
- const unsigned char *p = *pp;
-
- if ((a == NULL) || (*a == NULL)) {
- if ((ret = EVP_PKEY_new()) == NULL) {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
- return (NULL);
- }
- } else {
- ret = *a;
-#ifndef OPENSSL_NO_ENGINE
- if (ret->engine) {
- ENGINE_finish(ret->engine);
- ret->engine = NULL;
- }
-#endif
- }
-
- if (!EVP_PKEY_set_type(ret, type)) {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
- goto err;
- }
-
- if (!ret->ameth->old_priv_decode ||
- !ret->ameth->old_priv_decode(ret, &p, length)) {
- if (ret->ameth->priv_decode) {
- PKCS8_PRIV_KEY_INFO *p8 = NULL;
- p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
- if (!p8)
- goto err;
- EVP_PKEY_free(ret);
- ret = EVP_PKCS82PKEY(p8);
- PKCS8_PRIV_KEY_INFO_free(p8);
- if (ret == NULL)
- goto err;
- } else {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
- goto err;
- }
- }
- *pp = p;
- if (a != NULL)
- (*a) = ret;
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- EVP_PKEY_free(ret);
- return (NULL);
-}
-
-/*
- * This works like d2i_PrivateKey() except it automatically works out the
- * type
- */
-
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
- long length)
-{
- STACK_OF(ASN1_TYPE) *inkey;
- const unsigned char *p;
- int keytype;
- p = *pp;
- /*
- * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
- * analyzing it we can determine the passed structure: this assumes the
- * input is surrounded by an ASN1 SEQUENCE.
- */
- inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
- p = *pp;
- /*
- * Since we only need to discern "traditional format" RSA and DSA keys we
- * can just count the elements.
- */
- if (sk_ASN1_TYPE_num(inkey) == 6)
- keytype = EVP_PKEY_DSA;
- else if (sk_ASN1_TYPE_num(inkey) == 4)
- keytype = EVP_PKEY_EC;
- else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
- * traditional format */
- PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
- EVP_PKEY *ret;
-
- sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
- if (!p8) {
- ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
- ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
- return NULL;
- }
- ret = EVP_PKCS82PKEY(p8);
- PKCS8_PRIV_KEY_INFO_free(p8);
- if (ret == NULL)
- return NULL;
- *pp = p;
- if (a) {
- *a = ret;
- }
- return ret;
- } else
- keytype = EVP_PKEY_RSA;
- sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
- return d2i_PrivateKey(keytype, a, pp, length);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/d2i_pr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/d2i_pr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,177 @@
+/* crypto/asn1/d2i_pr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include "asn1_locl.h"
+
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length)
+{
+ EVP_PKEY *ret;
+ const unsigned char *p = *pp;
+
+ if ((a == NULL) || (*a == NULL)) {
+ if ((ret = EVP_PKEY_new()) == NULL) {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
+ return (NULL);
+ }
+ } else {
+ ret = *a;
+#ifndef OPENSSL_NO_ENGINE
+ if (ret->engine) {
+ ENGINE_finish(ret->engine);
+ ret->engine = NULL;
+ }
+#endif
+ }
+
+ if (!EVP_PKEY_set_type(ret, type)) {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ goto err;
+ }
+
+ if (!ret->ameth->old_priv_decode ||
+ !ret->ameth->old_priv_decode(ret, &p, length)) {
+ if (ret->ameth->priv_decode) {
+ EVP_PKEY *tmp;
+ PKCS8_PRIV_KEY_INFO *p8 = NULL;
+ p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
+ if (!p8)
+ goto err;
+ tmp = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ if (tmp == NULL)
+ goto err;
+ EVP_PKEY_free(ret);
+ ret = tmp;
+ } else {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+ *pp = p;
+ if (a != NULL)
+ (*a) = ret;
+ return (ret);
+ err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ EVP_PKEY_free(ret);
+ return (NULL);
+}
+
+/*
+ * This works like d2i_PrivateKey() except it automatically works out the
+ * type
+ */
+
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+ long length)
+{
+ STACK_OF(ASN1_TYPE) *inkey;
+ const unsigned char *p;
+ int keytype;
+ p = *pp;
+ /*
+ * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
+ * analyzing it we can determine the passed structure: this assumes the
+ * input is surrounded by an ASN1 SEQUENCE.
+ */
+ inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
+ p = *pp;
+ /*
+ * Since we only need to discern "traditional format" RSA and DSA keys we
+ * can just count the elements.
+ */
+ if (sk_ASN1_TYPE_num(inkey) == 6)
+ keytype = EVP_PKEY_DSA;
+ else if (sk_ASN1_TYPE_num(inkey) == 4)
+ keytype = EVP_PKEY_EC;
+ else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
+ * traditional format */
+ PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
+ EVP_PKEY *ret;
+
+ sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+ if (!p8) {
+ ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
+ ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return NULL;
+ }
+ ret = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ if (ret == NULL)
+ return NULL;
+ *pp = p;
+ if (a) {
+ *a = ret;
+ }
+ return ret;
+ } else
+ keytype = EVP_PKEY_RSA;
+ sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+ return d2i_PrivateKey(keytype, a, pp, length);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/f_enum.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,203 +0,0 @@
-/* crypto/asn1/f_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-/* Based on a_int.c: equivalent ENUMERATED functions */
-
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
-{
- int i, n = 0;
- static const char *h = "0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL)
- return (0);
-
- if (a->length == 0) {
- if (BIO_write(bp, "00", 2) != 2)
- goto err;
- n = 2;
- } else {
- for (i = 0; i < a->length; i++) {
- if ((i != 0) && (i % 35 == 0)) {
- if (BIO_write(bp, "\\\n", 2) != 2)
- goto err;
- n += 2;
- }
- buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
- buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
- if (BIO_write(bp, buf, 2) != 2)
- goto err;
- n += 2;
- }
- }
- return (n);
- err:
- return (-1);
-}
-
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
-{
- int ret = 0;
- int i, j, k, m, n, again, bufsize;
- unsigned char *s = NULL, *sp;
- unsigned char *bufp;
- int num = 0, slen = 0, first = 1;
-
- bs->type = V_ASN1_ENUMERATED;
-
- bufsize = BIO_gets(bp, buf, size);
- for (;;) {
- if (bufsize < 1)
- goto err_sl;
- i = bufsize;
- if (buf[i - 1] == '\n')
- buf[--i] = '\0';
- if (i == 0)
- goto err_sl;
- if (buf[i - 1] == '\r')
- buf[--i] = '\0';
- if (i == 0)
- goto err_sl;
- again = (buf[i - 1] == '\\');
-
- for (j = 0; j < i; j++) {
- if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
- i = j;
- break;
- }
- }
- buf[i] = '\0';
- /*
- * We have now cleared all the crap off the end of the line
- */
- if (i < 2)
- goto err_sl;
-
- bufp = (unsigned char *)buf;
- if (first) {
- first = 0;
- if ((bufp[0] == '0') && (buf[1] == '0')) {
- bufp += 2;
- i -= 2;
- }
- }
- k = 0;
- i -= again;
- if (i % 2 != 0) {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS);
- goto err;
- }
- i /= 2;
- if (num + i > slen) {
- if (s == NULL)
- sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
- i * 2);
- else
- sp = (unsigned char *)OPENSSL_realloc(s,
- (unsigned int)num +
- i * 2);
- if (sp == NULL) {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
- if (s != NULL)
- OPENSSL_free(s);
- goto err;
- }
- s = sp;
- slen = num + i * 2;
- }
- for (j = 0; j < i; j++, k += 2) {
- for (n = 0; n < 2; n++) {
- m = bufp[k + n];
- if ((m >= '0') && (m <= '9'))
- m -= '0';
- else if ((m >= 'a') && (m <= 'f'))
- m = m - 'a' + 10;
- else if ((m >= 'A') && (m <= 'F'))
- m = m - 'A' + 10;
- else {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
- ASN1_R_NON_HEX_CHARACTERS);
- goto err;
- }
- s[num + j] <<= 4;
- s[num + j] |= m;
- }
- }
- num += i;
- if (again)
- bufsize = BIO_gets(bp, buf, size);
- else
- break;
- }
- bs->length = num;
- bs->data = s;
- ret = 1;
- err:
- if (0) {
- err_sl:
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
- }
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/f_enum.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/f_enum.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,203 @@
+/* crypto/asn1/f_enum.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+/* Based on a_int.c: equivalent ENUMERATED functions */
+
+int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
+{
+ int i, n = 0;
+ static const char *h = "0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL)
+ return (0);
+
+ if (a->length == 0) {
+ if (BIO_write(bp, "00", 2) != 2)
+ goto err;
+ n = 2;
+ } else {
+ for (i = 0; i < a->length; i++) {
+ if ((i != 0) && (i % 35 == 0)) {
+ if (BIO_write(bp, "\\\n", 2) != 2)
+ goto err;
+ n += 2;
+ }
+ buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
+ buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
+ if (BIO_write(bp, buf, 2) != 2)
+ goto err;
+ n += 2;
+ }
+ }
+ return (n);
+ err:
+ return (-1);
+}
+
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
+{
+ int ret = 0;
+ int i, j, k, m, n, again, bufsize;
+ unsigned char *s = NULL, *sp;
+ unsigned char *bufp;
+ int num = 0, slen = 0, first = 1;
+
+ bs->type = V_ASN1_ENUMERATED;
+
+ bufsize = BIO_gets(bp, buf, size);
+ for (;;) {
+ if (bufsize < 1)
+ goto err_sl;
+ i = bufsize;
+ if (buf[i - 1] == '\n')
+ buf[--i] = '\0';
+ if (i == 0)
+ goto err_sl;
+ if (buf[i - 1] == '\r')
+ buf[--i] = '\0';
+ if (i == 0)
+ goto err_sl;
+ again = (buf[i - 1] == '\\');
+
+ for (j = 0; j < i; j++) {
+ if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
+ i = j;
+ break;
+ }
+ }
+ buf[i] = '\0';
+ /*
+ * We have now cleared all the crap off the end of the line
+ */
+ if (i < 2)
+ goto err_sl;
+
+ bufp = (unsigned char *)buf;
+ if (first) {
+ first = 0;
+ if ((bufp[0] == '0') && (buf[1] == '0')) {
+ bufp += 2;
+ i -= 2;
+ }
+ }
+ k = 0;
+ i -= again;
+ if (i % 2 != 0) {
+ ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i /= 2;
+ if (num + i > slen) {
+ if (s == NULL)
+ sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
+ i * 2);
+ else
+ sp = (unsigned char *)OPENSSL_realloc(s,
+ (unsigned int)num +
+ i * 2);
+ if (sp == NULL) {
+ ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ s = sp;
+ slen = num + i * 2;
+ }
+ for (j = 0; j < i; j++, k += 2) {
+ for (n = 0; n < 2; n++) {
+ m = bufp[k + n];
+ if ((m >= '0') && (m <= '9'))
+ m -= '0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m = m - 'a' + 10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m = m - 'A' + 10;
+ else {
+ ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
+ ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num + j] <<= 4;
+ s[num + j] |= m;
+ }
+ }
+ num += i;
+ if (again)
+ bufsize = BIO_gets(bp, buf, size);
+ else
+ break;
+ }
+ bs->length = num;
+ bs->data = s;
+ ret = 1;
+ err:
+ if (0) {
+ err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
+ }
+ if (ret != 1)
+ OPENSSL_free(s);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/f_int.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,215 +0,0 @@
-/* crypto/asn1/f_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
-{
- int i, n = 0;
- static const char *h = "0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL)
- return (0);
-
- if (a->type & V_ASN1_NEG) {
- if (BIO_write(bp, "-", 1) != 1)
- goto err;
- n = 1;
- }
-
- if (a->length == 0) {
- if (BIO_write(bp, "00", 2) != 2)
- goto err;
- n += 2;
- } else {
- for (i = 0; i < a->length; i++) {
- if ((i != 0) && (i % 35 == 0)) {
- if (BIO_write(bp, "\\\n", 2) != 2)
- goto err;
- n += 2;
- }
- buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
- buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
- if (BIO_write(bp, buf, 2) != 2)
- goto err;
- n += 2;
- }
- }
- return (n);
- err:
- return (-1);
-}
-
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
-{
- int ret = 0;
- int i, j, k, m, n, again, bufsize;
- unsigned char *s = NULL, *sp;
- unsigned char *bufp;
- int num = 0, slen = 0, first = 1;
-
- bs->type = V_ASN1_INTEGER;
-
- bufsize = BIO_gets(bp, buf, size);
- for (;;) {
- if (bufsize < 1)
- goto err_sl;
- i = bufsize;
- if (buf[i - 1] == '\n')
- buf[--i] = '\0';
- if (i == 0)
- goto err_sl;
- if (buf[i - 1] == '\r')
- buf[--i] = '\0';
- if (i == 0)
- goto err_sl;
- again = (buf[i - 1] == '\\');
-
- for (j = 0; j < i; j++) {
-#ifndef CHARSET_EBCDIC
- if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
- /*
- * This #ifdef is not strictly necessary, since the characters
- * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
- * not the whole alphabet). Nevertheless, isxdigit() is faster.
- */
- if (!isxdigit(buf[j]))
-#endif
- {
- i = j;
- break;
- }
- }
- buf[i] = '\0';
- /*
- * We have now cleared all the crap off the end of the line
- */
- if (i < 2)
- goto err_sl;
-
- bufp = (unsigned char *)buf;
- if (first) {
- first = 0;
- if ((bufp[0] == '0') && (buf[1] == '0')) {
- bufp += 2;
- i -= 2;
- }
- }
- k = 0;
- i -= again;
- if (i % 2 != 0) {
- ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS);
- goto err;
- }
- i /= 2;
- if (num + i > slen) {
- if (s == NULL)
- sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
- i * 2);
- else
- sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
- if (sp == NULL) {
- ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
- if (s != NULL)
- OPENSSL_free(s);
- goto err;
- }
- s = sp;
- slen = num + i * 2;
- }
- for (j = 0; j < i; j++, k += 2) {
- for (n = 0; n < 2; n++) {
- m = bufp[k + n];
- if ((m >= '0') && (m <= '9'))
- m -= '0';
- else if ((m >= 'a') && (m <= 'f'))
- m = m - 'a' + 10;
- else if ((m >= 'A') && (m <= 'F'))
- m = m - 'A' + 10;
- else {
- ASN1err(ASN1_F_A2I_ASN1_INTEGER,
- ASN1_R_NON_HEX_CHARACTERS);
- goto err;
- }
- s[num + j] <<= 4;
- s[num + j] |= m;
- }
- }
- num += i;
- if (again)
- bufsize = BIO_gets(bp, buf, size);
- else
- break;
- }
- bs->length = num;
- bs->data = s;
- ret = 1;
- err:
- if (0) {
- err_sl:
- ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
- }
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/f_int.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/f_int.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,215 @@
+/* crypto/asn1/f_int.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
+{
+ int i, n = 0;
+ static const char *h = "0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL)
+ return (0);
+
+ if (a->type & V_ASN1_NEG) {
+ if (BIO_write(bp, "-", 1) != 1)
+ goto err;
+ n = 1;
+ }
+
+ if (a->length == 0) {
+ if (BIO_write(bp, "00", 2) != 2)
+ goto err;
+ n += 2;
+ } else {
+ for (i = 0; i < a->length; i++) {
+ if ((i != 0) && (i % 35 == 0)) {
+ if (BIO_write(bp, "\\\n", 2) != 2)
+ goto err;
+ n += 2;
+ }
+ buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
+ buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
+ if (BIO_write(bp, buf, 2) != 2)
+ goto err;
+ n += 2;
+ }
+ }
+ return (n);
+ err:
+ return (-1);
+}
+
+int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
+{
+ int ret = 0;
+ int i, j, k, m, n, again, bufsize;
+ unsigned char *s = NULL, *sp;
+ unsigned char *bufp;
+ int num = 0, slen = 0, first = 1;
+
+ bs->type = V_ASN1_INTEGER;
+
+ bufsize = BIO_gets(bp, buf, size);
+ for (;;) {
+ if (bufsize < 1)
+ goto err_sl;
+ i = bufsize;
+ if (buf[i - 1] == '\n')
+ buf[--i] = '\0';
+ if (i == 0)
+ goto err_sl;
+ if (buf[i - 1] == '\r')
+ buf[--i] = '\0';
+ if (i == 0)
+ goto err_sl;
+ again = (buf[i - 1] == '\\');
+
+ for (j = 0; j < i; j++) {
+#ifndef CHARSET_EBCDIC
+ if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+#else
+ /*
+ * This #ifdef is not strictly necessary, since the characters
+ * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
+ * not the whole alphabet). Nevertheless, isxdigit() is faster.
+ */
+ if (!isxdigit(buf[j]))
+#endif
+ {
+ i = j;
+ break;
+ }
+ }
+ buf[i] = '\0';
+ /*
+ * We have now cleared all the crap off the end of the line
+ */
+ if (i < 2)
+ goto err_sl;
+
+ bufp = (unsigned char *)buf;
+ if (first) {
+ first = 0;
+ if ((bufp[0] == '0') && (buf[1] == '0')) {
+ bufp += 2;
+ i -= 2;
+ }
+ }
+ k = 0;
+ i -= again;
+ if (i % 2 != 0) {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i /= 2;
+ if (num + i > slen) {
+ if (s == NULL)
+ sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
+ i * 2);
+ else
+ sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
+ if (sp == NULL) {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ s = sp;
+ slen = num + i * 2;
+ }
+ for (j = 0; j < i; j++, k += 2) {
+ for (n = 0; n < 2; n++) {
+ m = bufp[k + n];
+ if ((m >= '0') && (m <= '9'))
+ m -= '0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m = m - 'a' + 10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m = m - 'A' + 10;
+ else {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,
+ ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num + j] <<= 4;
+ s[num + j] |= m;
+ }
+ }
+ num += i;
+ if (again)
+ bufsize = BIO_gets(bp, buf, size);
+ else
+ break;
+ }
+ bs->length = num;
+ bs->data = s;
+ ret = 1;
+ err:
+ if (0) {
+ err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
+ }
+ if (ret != 1)
+ OPENSSL_free(s);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/f_string.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,209 +0,0 @@
-/* crypto/asn1/f_string.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
-{
- int i, n = 0;
- static const char *h = "0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL)
- return (0);
-
- if (a->length == 0) {
- if (BIO_write(bp, "0", 1) != 1)
- goto err;
- n = 1;
- } else {
- for (i = 0; i < a->length; i++) {
- if ((i != 0) && (i % 35 == 0)) {
- if (BIO_write(bp, "\\\n", 2) != 2)
- goto err;
- n += 2;
- }
- buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
- buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
- if (BIO_write(bp, buf, 2) != 2)
- goto err;
- n += 2;
- }
- }
- return (n);
- err:
- return (-1);
-}
-
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
-{
- int ret = 0;
- int i, j, k, m, n, again, bufsize;
- unsigned char *s = NULL, *sp;
- unsigned char *bufp;
- int num = 0, slen = 0, first = 1;
-
- bufsize = BIO_gets(bp, buf, size);
- for (;;) {
- if (bufsize < 1) {
- if (first)
- break;
- else
- goto err_sl;
- }
- first = 0;
-
- i = bufsize;
- if (buf[i - 1] == '\n')
- buf[--i] = '\0';
- if (i == 0)
- goto err_sl;
- if (buf[i - 1] == '\r')
- buf[--i] = '\0';
- if (i == 0)
- goto err_sl;
- again = (buf[i - 1] == '\\');
-
- for (j = i - 1; j > 0; j--) {
-#ifndef CHARSET_EBCDIC
- if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
- /*
- * This #ifdef is not strictly necessary, since the characters
- * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
- * not the whole alphabet). Nevertheless, isxdigit() is faster.
- */
- if (!isxdigit(buf[j]))
-#endif
- {
- i = j;
- break;
- }
- }
- buf[i] = '\0';
- /*
- * We have now cleared all the crap off the end of the line
- */
- if (i < 2)
- goto err_sl;
-
- bufp = (unsigned char *)buf;
-
- k = 0;
- i -= again;
- if (i % 2 != 0) {
- ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS);
- goto err;
- }
- i /= 2;
- if (num + i > slen) {
- if (s == NULL)
- sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
- i * 2);
- else
- sp = (unsigned char *)OPENSSL_realloc(s,
- (unsigned int)num +
- i * 2);
- if (sp == NULL) {
- ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
- if (s != NULL)
- OPENSSL_free(s);
- goto err;
- }
- s = sp;
- slen = num + i * 2;
- }
- for (j = 0; j < i; j++, k += 2) {
- for (n = 0; n < 2; n++) {
- m = bufp[k + n];
- if ((m >= '0') && (m <= '9'))
- m -= '0';
- else if ((m >= 'a') && (m <= 'f'))
- m = m - 'a' + 10;
- else if ((m >= 'A') && (m <= 'F'))
- m = m - 'A' + 10;
- else {
- ASN1err(ASN1_F_A2I_ASN1_STRING,
- ASN1_R_NON_HEX_CHARACTERS);
- goto err;
- }
- s[num + j] <<= 4;
- s[num + j] |= m;
- }
- }
- num += i;
- if (again)
- bufsize = BIO_gets(bp, buf, size);
- else
- break;
- }
- bs->length = num;
- bs->data = s;
- ret = 1;
- err:
- if (0) {
- err_sl:
- ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
- }
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/f_string.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/f_string.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,209 @@
+/* crypto/asn1/f_string.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
+{
+ int i, n = 0;
+ static const char *h = "0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL)
+ return (0);
+
+ if (a->length == 0) {
+ if (BIO_write(bp, "0", 1) != 1)
+ goto err;
+ n = 1;
+ } else {
+ for (i = 0; i < a->length; i++) {
+ if ((i != 0) && (i % 35 == 0)) {
+ if (BIO_write(bp, "\\\n", 2) != 2)
+ goto err;
+ n += 2;
+ }
+ buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
+ buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
+ if (BIO_write(bp, buf, 2) != 2)
+ goto err;
+ n += 2;
+ }
+ }
+ return (n);
+ err:
+ return (-1);
+}
+
+int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
+{
+ int ret = 0;
+ int i, j, k, m, n, again, bufsize;
+ unsigned char *s = NULL, *sp;
+ unsigned char *bufp;
+ int num = 0, slen = 0, first = 1;
+
+ bufsize = BIO_gets(bp, buf, size);
+ for (;;) {
+ if (bufsize < 1) {
+ if (first)
+ break;
+ else
+ goto err_sl;
+ }
+ first = 0;
+
+ i = bufsize;
+ if (buf[i - 1] == '\n')
+ buf[--i] = '\0';
+ if (i == 0)
+ goto err_sl;
+ if (buf[i - 1] == '\r')
+ buf[--i] = '\0';
+ if (i == 0)
+ goto err_sl;
+ again = (buf[i - 1] == '\\');
+
+ for (j = i - 1; j > 0; j--) {
+#ifndef CHARSET_EBCDIC
+ if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+#else
+ /*
+ * This #ifdef is not strictly necessary, since the characters
+ * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
+ * not the whole alphabet). Nevertheless, isxdigit() is faster.
+ */
+ if (!isxdigit(buf[j]))
+#endif
+ {
+ i = j;
+ break;
+ }
+ }
+ buf[i] = '\0';
+ /*
+ * We have now cleared all the crap off the end of the line
+ */
+ if (i < 2)
+ goto err_sl;
+
+ bufp = (unsigned char *)buf;
+
+ k = 0;
+ i -= again;
+ if (i % 2 != 0) {
+ ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i /= 2;
+ if (num + i > slen) {
+ if (s == NULL)
+ sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
+ i * 2);
+ else
+ sp = (unsigned char *)OPENSSL_realloc(s,
+ (unsigned int)num +
+ i * 2);
+ if (sp == NULL) {
+ ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ s = sp;
+ slen = num + i * 2;
+ }
+ for (j = 0; j < i; j++, k += 2) {
+ for (n = 0; n < 2; n++) {
+ m = bufp[k + n];
+ if ((m >= '0') && (m <= '9'))
+ m -= '0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m = m - 'a' + 10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m = m - 'A' + 10;
+ else {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,
+ ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num + j] <<= 4;
+ s[num + j] |= m;
+ }
+ }
+ num += i;
+ if (again)
+ bufsize = BIO_gets(bp, buf, size);
+ else
+ break;
+ }
+ bs->length = num;
+ bs->data = s;
+ ret = 1;
+ err:
+ if (0) {
+ err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
+ }
+ if (ret != 1)
+ OPENSSL_free(s);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/p5_pbe.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,143 +0,0 @@
-/* p5_pbe.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 password based encryption structure */
-
-ASN1_SEQUENCE(PBEPARAM) = {
- ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
- ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PBEPARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
-
-/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
-
-int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
- const unsigned char *salt, int saltlen)
-{
- PBEPARAM *pbe = NULL;
- ASN1_STRING *pbe_str = NULL;
- unsigned char *sstr;
-
- pbe = PBEPARAM_new();
- if (!pbe) {
- ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (iter <= 0)
- iter = PKCS5_DEFAULT_ITER;
- if (!ASN1_INTEGER_set(pbe->iter, iter)) {
- ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!saltlen)
- saltlen = PKCS5_SALT_LEN;
- if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
- ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- sstr = ASN1_STRING_data(pbe->salt);
- if (salt)
- memcpy(sstr, salt, saltlen);
- else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
- goto err;
-
- if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
- ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- PBEPARAM_free(pbe);
- pbe = NULL;
-
- if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
- return 1;
-
- err:
- if (pbe != NULL)
- PBEPARAM_free(pbe);
- if (pbe_str != NULL)
- ASN1_STRING_free(pbe_str);
- return 0;
-}
-
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
- const unsigned char *salt, int saltlen)
-{
- X509_ALGOR *ret;
- ret = X509_ALGOR_new();
- if (!ret) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
- return ret;
-
- X509_ALGOR_free(ret);
- return NULL;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/p5_pbe.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbe.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,143 @@
+/* p5_pbe.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+
+/* PKCS#5 password based encryption structure */
+
+ASN1_SEQUENCE(PBEPARAM) = {
+ ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PBEPARAM)
+
+IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
+
+/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen)
+{
+ PBEPARAM *pbe = NULL;
+ ASN1_STRING *pbe_str = NULL;
+ unsigned char *sstr;
+
+ pbe = PBEPARAM_new();
+ if (!pbe) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (iter <= 0)
+ iter = PKCS5_DEFAULT_ITER;
+ if (!ASN1_INTEGER_set(pbe->iter, iter)) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!saltlen)
+ saltlen = PKCS5_SALT_LEN;
+ if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ sstr = ASN1_STRING_data(pbe->salt);
+ if (salt)
+ memcpy(sstr, salt, saltlen);
+ else if (RAND_bytes(sstr, saltlen) <= 0)
+ goto err;
+
+ if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ PBEPARAM_free(pbe);
+ pbe = NULL;
+
+ if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
+ return 1;
+
+ err:
+ if (pbe != NULL)
+ PBEPARAM_free(pbe);
+ if (pbe_str != NULL)
+ ASN1_STRING_free(pbe_str);
+ return 0;
+}
+
+/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+ const unsigned char *salt, int saltlen)
+{
+ X509_ALGOR *ret;
+ ret = X509_ALGOR_new();
+ if (!ret) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
+ return ret;
+
+ X509_ALGOR_free(ret);
+ return NULL;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/p5_pbev2.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,280 +0,0 @@
-/* p5_pbev2.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 1999-2004.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 v2.0 password based encryption structures */
-
-ASN1_SEQUENCE(PBE2PARAM) = {
- ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
- ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
-} ASN1_SEQUENCE_END(PBE2PARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
-
-ASN1_SEQUENCE(PBKDF2PARAM) = {
- ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
- ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
- ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
- ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
-} ASN1_SEQUENCE_END(PBKDF2PARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-/*
- * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: yes I know
- * this is horrible! Extended version to allow application supplied PRF NID
- * and IV.
- */
-
-X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen,
- unsigned char *aiv, int prf_nid)
-{
- X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
- int alg_nid, keylen;
- EVP_CIPHER_CTX ctx;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- PBE2PARAM *pbe2 = NULL;
- ASN1_OBJECT *obj;
-
- alg_nid = EVP_CIPHER_type(cipher);
- if (alg_nid == NID_undef) {
- ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
- ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
- goto err;
- }
- obj = OBJ_nid2obj(alg_nid);
-
- if (!(pbe2 = PBE2PARAM_new()))
- goto merr;
-
- /* Setup the AlgorithmIdentifier for the encryption scheme */
- scheme = pbe2->encryption;
-
- scheme->algorithm = obj;
- if (!(scheme->parameter = ASN1_TYPE_new()))
- goto merr;
-
- /* Create random IV */
- if (EVP_CIPHER_iv_length(cipher)) {
- if (aiv)
- memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
- else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
- goto err;
- }
-
- EVP_CIPHER_CTX_init(&ctx);
-
- /* Dummy cipherinit to just setup the IV, and PRF */
- if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
- goto err;
- if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
- ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
- EVP_CIPHER_CTX_cleanup(&ctx);
- goto err;
- }
- /*
- * If prf NID unspecified see if cipher has a preference. An error is OK
- * here: just means use default PRF.
- */
- if ((prf_nid == -1) &&
- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
- ERR_clear_error();
- prf_nid = NID_hmacWithSHA1;
- }
- EVP_CIPHER_CTX_cleanup(&ctx);
-
- /* If its RC2 then we'd better setup the key length */
-
- if (alg_nid == NID_rc2_cbc)
- keylen = EVP_CIPHER_key_length(cipher);
- else
- keylen = -1;
-
- /* Setup keyfunc */
-
- X509_ALGOR_free(pbe2->keyfunc);
-
- pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
-
- if (!pbe2->keyfunc)
- goto merr;
-
- /* Now set up top level AlgorithmIdentifier */
-
- if (!(ret = X509_ALGOR_new()))
- goto merr;
- if (!(ret->parameter = ASN1_TYPE_new()))
- goto merr;
-
- ret->algorithm = OBJ_nid2obj(NID_pbes2);
-
- /* Encode PBE2PARAM into parameter */
-
- if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
- &ret->parameter->value.sequence))
- goto merr;
- ret->parameter->type = V_ASN1_SEQUENCE;
-
- PBE2PARAM_free(pbe2);
- pbe2 = NULL;
-
- return ret;
-
- merr:
- ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
-
- err:
- PBE2PARAM_free(pbe2);
- /* Note 'scheme' is freed as part of pbe2 */
- X509_ALGOR_free(kalg);
- X509_ALGOR_free(ret);
-
- return NULL;
-
-}
-
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen)
-{
- return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
-}
-
-X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
- int prf_nid, int keylen)
-{
- X509_ALGOR *keyfunc = NULL;
- PBKDF2PARAM *kdf = NULL;
- ASN1_OCTET_STRING *osalt = NULL;
-
- if (!(kdf = PBKDF2PARAM_new()))
- goto merr;
- if (!(osalt = M_ASN1_OCTET_STRING_new()))
- goto merr;
-
- kdf->salt->value.octet_string = osalt;
- kdf->salt->type = V_ASN1_OCTET_STRING;
-
- if (!saltlen)
- saltlen = PKCS5_SALT_LEN;
- if (!(osalt->data = OPENSSL_malloc(saltlen)))
- goto merr;
-
- osalt->length = saltlen;
-
- if (salt)
- memcpy(osalt->data, salt, saltlen);
- else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
- goto merr;
-
- if (iter <= 0)
- iter = PKCS5_DEFAULT_ITER;
-
- if (!ASN1_INTEGER_set(kdf->iter, iter))
- goto merr;
-
- /* If have a key len set it up */
-
- if (keylen > 0) {
- if (!(kdf->keylength = M_ASN1_INTEGER_new()))
- goto merr;
- if (!ASN1_INTEGER_set(kdf->keylength, keylen))
- goto merr;
- }
-
- /* prf can stay NULL if we are using hmacWithSHA1 */
- if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
- kdf->prf = X509_ALGOR_new();
- if (!kdf->prf)
- goto merr;
- X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), V_ASN1_NULL, NULL);
- }
-
- /* Finally setup the keyfunc structure */
-
- keyfunc = X509_ALGOR_new();
- if (!keyfunc)
- goto merr;
-
- keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
-
- /* Encode PBKDF2PARAM into parameter of pbe2 */
-
- if (!(keyfunc->parameter = ASN1_TYPE_new()))
- goto merr;
-
- if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
- &keyfunc->parameter->value.sequence))
- goto merr;
- keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
- PBKDF2PARAM_free(kdf);
- return keyfunc;
-
- merr:
- ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
- PBKDF2PARAM_free(kdf);
- X509_ALGOR_free(keyfunc);
- return NULL;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/p5_pbev2.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/p5_pbev2.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,280 @@
+/* p5_pbev2.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 1999-2004.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+
+/* PKCS#5 v2.0 password based encryption structures */
+
+ASN1_SEQUENCE(PBE2PARAM) = {
+ ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
+ ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBE2PARAM)
+
+IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
+
+ASN1_SEQUENCE(PBKDF2PARAM) = {
+ ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
+ ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
+ ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
+ ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBKDF2PARAM)
+
+IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
+
+/*
+ * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: yes I know
+ * this is horrible! Extended version to allow application supplied PRF NID
+ * and IV.
+ */
+
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid)
+{
+ X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
+ int alg_nid, keylen;
+ EVP_CIPHER_CTX ctx;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ PBE2PARAM *pbe2 = NULL;
+ ASN1_OBJECT *obj;
+
+ alg_nid = EVP_CIPHER_type(cipher);
+ if (alg_nid == NID_undef) {
+ ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
+ ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
+ goto err;
+ }
+ obj = OBJ_nid2obj(alg_nid);
+
+ if (!(pbe2 = PBE2PARAM_new()))
+ goto merr;
+
+ /* Setup the AlgorithmIdentifier for the encryption scheme */
+ scheme = pbe2->encryption;
+
+ scheme->algorithm = obj;
+ if (!(scheme->parameter = ASN1_TYPE_new()))
+ goto merr;
+
+ /* Create random IV */
+ if (EVP_CIPHER_iv_length(cipher)) {
+ if (aiv)
+ memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+ else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
+ goto err;
+ }
+
+ EVP_CIPHER_CTX_init(&ctx);
+
+ /* Dummy cipherinit to just setup the IV, and PRF */
+ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
+ goto err;
+ if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
+ ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ goto err;
+ }
+ /*
+ * If prf NID unspecified see if cipher has a preference. An error is OK
+ * here: just means use default PRF.
+ */
+ if ((prf_nid == -1) &&
+ EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
+ ERR_clear_error();
+ prf_nid = NID_hmacWithSHA1;
+ }
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
+ /* If its RC2 then we'd better setup the key length */
+
+ if (alg_nid == NID_rc2_cbc)
+ keylen = EVP_CIPHER_key_length(cipher);
+ else
+ keylen = -1;
+
+ /* Setup keyfunc */
+
+ X509_ALGOR_free(pbe2->keyfunc);
+
+ pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
+
+ if (!pbe2->keyfunc)
+ goto merr;
+
+ /* Now set up top level AlgorithmIdentifier */
+
+ if (!(ret = X509_ALGOR_new()))
+ goto merr;
+ if (!(ret->parameter = ASN1_TYPE_new()))
+ goto merr;
+
+ ret->algorithm = OBJ_nid2obj(NID_pbes2);
+
+ /* Encode PBE2PARAM into parameter */
+
+ if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
+ &ret->parameter->value.sequence))
+ goto merr;
+ ret->parameter->type = V_ASN1_SEQUENCE;
+
+ PBE2PARAM_free(pbe2);
+ pbe2 = NULL;
+
+ return ret;
+
+ merr:
+ ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
+
+ err:
+ PBE2PARAM_free(pbe2);
+ /* Note 'scheme' is freed as part of pbe2 */
+ X509_ALGOR_free(kalg);
+ X509_ALGOR_free(ret);
+
+ return NULL;
+
+}
+
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen)
+{
+ return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
+}
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen)
+{
+ X509_ALGOR *keyfunc = NULL;
+ PBKDF2PARAM *kdf = NULL;
+ ASN1_OCTET_STRING *osalt = NULL;
+
+ if (!(kdf = PBKDF2PARAM_new()))
+ goto merr;
+ if (!(osalt = M_ASN1_OCTET_STRING_new()))
+ goto merr;
+
+ kdf->salt->value.octet_string = osalt;
+ kdf->salt->type = V_ASN1_OCTET_STRING;
+
+ if (!saltlen)
+ saltlen = PKCS5_SALT_LEN;
+ if (!(osalt->data = OPENSSL_malloc(saltlen)))
+ goto merr;
+
+ osalt->length = saltlen;
+
+ if (salt)
+ memcpy(osalt->data, salt, saltlen);
+ else if (RAND_bytes(osalt->data, saltlen) <= 0)
+ goto merr;
+
+ if (iter <= 0)
+ iter = PKCS5_DEFAULT_ITER;
+
+ if (!ASN1_INTEGER_set(kdf->iter, iter))
+ goto merr;
+
+ /* If have a key len set it up */
+
+ if (keylen > 0) {
+ if (!(kdf->keylength = M_ASN1_INTEGER_new()))
+ goto merr;
+ if (!ASN1_INTEGER_set(kdf->keylength, keylen))
+ goto merr;
+ }
+
+ /* prf can stay NULL if we are using hmacWithSHA1 */
+ if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
+ kdf->prf = X509_ALGOR_new();
+ if (!kdf->prf)
+ goto merr;
+ X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), V_ASN1_NULL, NULL);
+ }
+
+ /* Finally setup the keyfunc structure */
+
+ keyfunc = X509_ALGOR_new();
+ if (!keyfunc)
+ goto merr;
+
+ keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+
+ /* Encode PBKDF2PARAM into parameter of pbe2 */
+
+ if (!(keyfunc->parameter = ASN1_TYPE_new()))
+ goto merr;
+
+ if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
+ &keyfunc->parameter->value.sequence))
+ goto merr;
+ keyfunc->parameter->type = V_ASN1_SEQUENCE;
+
+ PBKDF2PARAM_free(kdf);
+ return keyfunc;
+
+ merr:
+ ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
+ PBKDF2PARAM_free(kdf);
+ X509_ALGOR_free(keyfunc);
+ return NULL;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/t_x509.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,540 +0,0 @@
-/* crypto/asn1/t_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include "asn1_locl.h"
-
-#ifndef OPENSSL_NO_FP_API
-int X509_print_fp(FILE *fp, X509 *x)
-{
- return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
- unsigned long cflag)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = X509_print_ex(b, x, nmflag, cflag);
- BIO_free(b);
- return (ret);
-}
-#endif
-
-int X509_print(BIO *bp, X509 *x)
-{
- return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
- unsigned long cflag)
-{
- long l;
- int ret = 0, i;
- char *m = NULL, mlch = ' ';
- int nmindent = 0;
- X509_CINF *ci;
- ASN1_INTEGER *bs;
- EVP_PKEY *pkey = NULL;
- const char *neg;
-
- if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
- mlch = '\n';
- nmindent = 12;
- }
-
- if (nmflags == X509_FLAG_COMPAT)
- nmindent = 16;
-
- ci = x->cert_info;
- if (!(cflag & X509_FLAG_NO_HEADER)) {
- if (BIO_write(bp, "Certificate:\n", 13) <= 0)
- goto err;
- if (BIO_write(bp, " Data:\n", 10) <= 0)
- goto err;
- }
- if (!(cflag & X509_FLAG_NO_VERSION)) {
- l = X509_get_version(x);
- if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
- goto err;
- }
- if (!(cflag & X509_FLAG_NO_SERIAL)) {
-
- if (BIO_write(bp, " Serial Number:", 22) <= 0)
- goto err;
-
- bs = X509_get_serialNumber(x);
- if (bs->length <= (int)sizeof(long)) {
- l = ASN1_INTEGER_get(bs);
- if (bs->type == V_ASN1_NEG_INTEGER) {
- l = -l;
- neg = "-";
- } else
- neg = "";
- if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, l, neg, l) <= 0)
- goto err;
- } else {
- neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
- if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
- goto err;
-
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02x%c", bs->data[i],
- ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
- goto err;
- }
- }
-
- }
-
- if (!(cflag & X509_FLAG_NO_SIGNAME)) {
- if (X509_signature_print(bp, ci->signature, NULL) <= 0)
- goto err;
-#if 0
- if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
- goto err;
- if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
- goto err;
- if (BIO_puts(bp, "\n") <= 0)
- goto err;
-#endif
- }
-
- if (!(cflag & X509_FLAG_NO_ISSUER)) {
- if (BIO_printf(bp, " Issuer:%c", mlch) <= 0)
- goto err;
- if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), nmindent, nmflags)
- < 0)
- goto err;
- if (BIO_write(bp, "\n", 1) <= 0)
- goto err;
- }
- if (!(cflag & X509_FLAG_NO_VALIDITY)) {
- if (BIO_write(bp, " Validity\n", 17) <= 0)
- goto err;
- if (BIO_write(bp, " Not Before: ", 24) <= 0)
- goto err;
- if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
- goto err;
- if (BIO_write(bp, "\n Not After : ", 25) <= 0)
- goto err;
- if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
- goto err;
- if (BIO_write(bp, "\n", 1) <= 0)
- goto err;
- }
- if (!(cflag & X509_FLAG_NO_SUBJECT)) {
- if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
- goto err;
- if (X509_NAME_print_ex
- (bp, X509_get_subject_name(x), nmindent, nmflags) < 0)
- goto err;
- if (BIO_write(bp, "\n", 1) <= 0)
- goto err;
- }
- if (!(cflag & X509_FLAG_NO_PUBKEY)) {
- if (BIO_write(bp, " Subject Public Key Info:\n", 33) <= 0)
- goto err;
- if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
- goto err;
- if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
- goto err;
- if (BIO_puts(bp, "\n") <= 0)
- goto err;
-
- pkey = X509_get_pubkey(x);
- if (pkey == NULL) {
- BIO_printf(bp, "%12sUnable to load Public Key\n", "");
- ERR_print_errors(bp);
- } else {
- EVP_PKEY_print_public(bp, pkey, 16, NULL);
- EVP_PKEY_free(pkey);
- }
- }
-
- if (!(cflag & X509_FLAG_NO_EXTENSIONS))
- X509V3_extensions_print(bp, "X509v3 extensions",
- ci->extensions, cflag, 8);
-
- if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
- if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
- goto err;
- }
- if (!(cflag & X509_FLAG_NO_AUX)) {
- if (!X509_CERT_AUX_print(bp, x->aux, 0))
- goto err;
- }
- ret = 1;
- err:
- if (m != NULL)
- OPENSSL_free(m);
- return (ret);
-}
-
-int X509_ocspid_print(BIO *bp, X509 *x)
-{
- unsigned char *der = NULL;
- unsigned char *dertmp;
- int derlen;
- int i;
- unsigned char SHA1md[SHA_DIGEST_LENGTH];
-
- /*
- * display the hash of the subject as it would appear in OCSP requests
- */
- if (BIO_printf(bp, " Subject OCSP hash: ") <= 0)
- goto err;
- derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
- if ((der = dertmp = (unsigned char *)OPENSSL_malloc(derlen)) == NULL)
- goto err;
- i2d_X509_NAME(x->cert_info->subject, &dertmp);
-
- if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
- goto err;
- for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
- if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
- goto err;
- }
- OPENSSL_free(der);
- der = NULL;
-
- /*
- * display the hash of the public key as it would appear in OCSP requests
- */
- if (BIO_printf(bp, "\n Public key OCSP hash: ") <= 0)
- goto err;
-
- if (!EVP_Digest(x->cert_info->key->public_key->data,
- x->cert_info->key->public_key->length,
- SHA1md, NULL, EVP_sha1(), NULL))
- goto err;
- for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
- if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
- goto err;
- }
- BIO_printf(bp, "\n");
-
- return (1);
- err:
- if (der != NULL)
- OPENSSL_free(der);
- return (0);
-}
-
-int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
-{
- const unsigned char *s;
- int i, n;
-
- n = sig->length;
- s = sig->data;
- for (i = 0; i < n; i++) {
- if ((i % 18) == 0) {
- if (BIO_write(bp, "\n", 1) <= 0)
- return 0;
- if (BIO_indent(bp, indent, indent) <= 0)
- return 0;
- }
- if (BIO_printf(bp, "%02x%s", s[i], ((i + 1) == n) ? "" : ":") <= 0)
- return 0;
- }
- if (BIO_write(bp, "\n", 1) != 1)
- return 0;
-
- return 1;
-}
-
-int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
-{
- int sig_nid;
- if (BIO_puts(bp, " Signature Algorithm: ") <= 0)
- return 0;
- if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
- return 0;
-
- sig_nid = OBJ_obj2nid(sigalg->algorithm);
- if (sig_nid != NID_undef) {
- int pkey_nid, dig_nid;
- const EVP_PKEY_ASN1_METHOD *ameth;
- if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
- ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
- if (ameth && ameth->sig_print)
- return ameth->sig_print(bp, sigalg, sig, 9, 0);
- }
- }
- if (sig)
- return X509_signature_dump(bp, sig, 9);
- else if (BIO_puts(bp, "\n") <= 0)
- return 0;
- return 1;
-}
-
-int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
-{
- int i, n;
- char buf[80];
- const char *p;
-
- if (v == NULL)
- return (0);
- n = 0;
- p = (const char *)v->data;
- for (i = 0; i < v->length; i++) {
- if ((p[i] > '~') || ((p[i] < ' ') &&
- (p[i] != '\n') && (p[i] != '\r')))
- buf[n] = '.';
- else
- buf[n] = p[i];
- n++;
- if (n >= 80) {
- if (BIO_write(bp, buf, n) <= 0)
- return (0);
- n = 0;
- }
- }
- if (n > 0)
- if (BIO_write(bp, buf, n) <= 0)
- return (0);
- return (1);
-}
-
-int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
-{
- if (tm->type == V_ASN1_UTCTIME)
- return ASN1_UTCTIME_print(bp, tm);
- if (tm->type == V_ASN1_GENERALIZEDTIME)
- return ASN1_GENERALIZEDTIME_print(bp, tm);
- BIO_write(bp, "Bad time value", 14);
- return (0);
-}
-
-static const char *mon[12] = {
- "Jan", "Feb", "Mar", "Apr", "May", "Jun",
- "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
-};
-
-int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
-{
- char *v;
- int gmt = 0;
- int i;
- int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
- char *f = NULL;
- int f_len = 0;
-
- i = tm->length;
- v = (char *)tm->data;
-
- if (i < 12)
- goto err;
- if (v[i - 1] == 'Z')
- gmt = 1;
- for (i = 0; i < 12; i++)
- if ((v[i] > '9') || (v[i] < '0'))
- goto err;
- y = (v[0] - '0') * 1000 + (v[1] - '0') * 100
- + (v[2] - '0') * 10 + (v[3] - '0');
- M = (v[4] - '0') * 10 + (v[5] - '0');
- if ((M > 12) || (M < 1))
- goto err;
- d = (v[6] - '0') * 10 + (v[7] - '0');
- h = (v[8] - '0') * 10 + (v[9] - '0');
- m = (v[10] - '0') * 10 + (v[11] - '0');
- if (tm->length >= 14 &&
- (v[12] >= '0') && (v[12] <= '9') &&
- (v[13] >= '0') && (v[13] <= '9')) {
- s = (v[12] - '0') * 10 + (v[13] - '0');
- /* Check for fractions of seconds. */
- if (tm->length >= 15 && v[14] == '.') {
- int l = tm->length;
- f = &v[14]; /* The decimal point. */
- f_len = 1;
- while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
- ++f_len;
- }
- }
-
- if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
- mon[M - 1], d, h, m, s, f_len, f, y,
- (gmt) ? " GMT" : "") <= 0)
- return (0);
- else
- return (1);
- err:
- BIO_write(bp, "Bad time value", 14);
- return (0);
-}
-
-int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
-{
- const char *v;
- int gmt = 0;
- int i;
- int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
-
- i = tm->length;
- v = (const char *)tm->data;
-
- if (i < 10)
- goto err;
- if (v[i - 1] == 'Z')
- gmt = 1;
- for (i = 0; i < 10; i++)
- if ((v[i] > '9') || (v[i] < '0'))
- goto err;
- y = (v[0] - '0') * 10 + (v[1] - '0');
- if (y < 50)
- y += 100;
- M = (v[2] - '0') * 10 + (v[3] - '0');
- if ((M > 12) || (M < 1))
- goto err;
- d = (v[4] - '0') * 10 + (v[5] - '0');
- h = (v[6] - '0') * 10 + (v[7] - '0');
- m = (v[8] - '0') * 10 + (v[9] - '0');
- if (tm->length >= 12 &&
- (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9'))
- s = (v[10] - '0') * 10 + (v[11] - '0');
-
- if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
- mon[M - 1], d, h, m, s, y + 1900,
- (gmt) ? " GMT" : "") <= 0)
- return (0);
- else
- return (1);
- err:
- BIO_write(bp, "Bad time value", 14);
- return (0);
-}
-
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
-{
- char *s, *c, *b;
- int ret = 0, l, i;
-
- l = 80 - 2 - obase;
-
- b = X509_NAME_oneline(name, NULL, 0);
- if (!b)
- return 0;
- if (!*b) {
- OPENSSL_free(b);
- return 1;
- }
- s = b + 1; /* skip the first slash */
-
- c = s;
- for (;;) {
-#ifndef CHARSET_EBCDIC
- if (((*s == '/') &&
- ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') ||
- ((s[2] >= 'A')
- && (s[2] <= 'Z')
- && (s[3] == '='))
- ))) || (*s == '\0'))
-#else
- if (((*s == '/') &&
- (isupper(s[1]) && ((s[2] == '=') ||
- (isupper(s[2]) && (s[3] == '='))
- ))) || (*s == '\0'))
-#endif
- {
- i = s - c;
- if (BIO_write(bp, c, i) != i)
- goto err;
- c = s + 1; /* skip following slash */
- if (*s != '\0') {
- if (BIO_write(bp, ", ", 2) != 2)
- goto err;
- }
- l--;
- }
- if (*s == '\0')
- break;
- s++;
- l--;
- }
-
- ret = 1;
- if (0) {
- err:
- X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB);
- }
- OPENSSL_free(b);
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/t_x509.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/t_x509.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,541 @@
+/* crypto/asn1/t_x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+#endif
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include "asn1_locl.h"
+
+#ifndef OPENSSL_NO_FP_API
+int X509_print_fp(FILE *fp, X509 *x)
+{
+ return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
+
+int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
+ unsigned long cflag)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = X509_print_ex(b, x, nmflag, cflag);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int X509_print(BIO *bp, X509 *x)
+{
+ return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
+
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
+ unsigned long cflag)
+{
+ long l;
+ int ret = 0, i;
+ char *m = NULL, mlch = ' ';
+ int nmindent = 0;
+ X509_CINF *ci;
+ ASN1_INTEGER *bs;
+ EVP_PKEY *pkey = NULL;
+ const char *neg;
+
+ if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+ mlch = '\n';
+ nmindent = 12;
+ }
+
+ if (nmflags == X509_FLAG_COMPAT)
+ nmindent = 16;
+
+ ci = x->cert_info;
+ if (!(cflag & X509_FLAG_NO_HEADER)) {
+ if (BIO_write(bp, "Certificate:\n", 13) <= 0)
+ goto err;
+ if (BIO_write(bp, " Data:\n", 10) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_VERSION)) {
+ l = X509_get_version(x);
+ if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_SERIAL)) {
+
+ if (BIO_write(bp, " Serial Number:", 22) <= 0)
+ goto err;
+
+ bs = X509_get_serialNumber(x);
+ if (bs->length < (int)sizeof(long)
+ || (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) {
+ l = ASN1_INTEGER_get(bs);
+ if (bs->type == V_ASN1_NEG_INTEGER) {
+ l = -l;
+ neg = "-";
+ } else
+ neg = "";
+ if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, l, neg, l) <= 0)
+ goto err;
+ } else {
+ neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
+ if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
+ goto err;
+
+ for (i = 0; i < bs->length; i++) {
+ if (BIO_printf(bp, "%02x%c", bs->data[i],
+ ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
+ goto err;
+ }
+ }
+
+ }
+
+ if (!(cflag & X509_FLAG_NO_SIGNAME)) {
+ if (X509_signature_print(bp, ci->signature, NULL) <= 0)
+ goto err;
+#if 0
+ if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
+ goto err;
+ if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+#endif
+ }
+
+ if (!(cflag & X509_FLAG_NO_ISSUER)) {
+ if (BIO_printf(bp, " Issuer:%c", mlch) <= 0)
+ goto err;
+ if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), nmindent, nmflags)
+ < 0)
+ goto err;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_VALIDITY)) {
+ if (BIO_write(bp, " Validity\n", 17) <= 0)
+ goto err;
+ if (BIO_write(bp, " Not Before: ", 24) <= 0)
+ goto err;
+ if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
+ goto err;
+ if (BIO_write(bp, "\n Not After : ", 25) <= 0)
+ goto err;
+ if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
+ goto err;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_SUBJECT)) {
+ if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
+ goto err;
+ if (X509_NAME_print_ex
+ (bp, X509_get_subject_name(x), nmindent, nmflags) < 0)
+ goto err;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_PUBKEY)) {
+ if (BIO_write(bp, " Subject Public Key Info:\n", 33) <= 0)
+ goto err;
+ if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
+ goto err;
+ if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+
+ pkey = X509_get_pubkey(x);
+ if (pkey == NULL) {
+ BIO_printf(bp, "%12sUnable to load Public Key\n", "");
+ ERR_print_errors(bp);
+ } else {
+ EVP_PKEY_print_public(bp, pkey, 16, NULL);
+ EVP_PKEY_free(pkey);
+ }
+ }
+
+ if (!(cflag & X509_FLAG_NO_EXTENSIONS))
+ X509V3_extensions_print(bp, "X509v3 extensions",
+ ci->extensions, cflag, 8);
+
+ if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
+ if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_AUX)) {
+ if (!X509_CERT_AUX_print(bp, x->aux, 0))
+ goto err;
+ }
+ ret = 1;
+ err:
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
+}
+
+int X509_ocspid_print(BIO *bp, X509 *x)
+{
+ unsigned char *der = NULL;
+ unsigned char *dertmp;
+ int derlen;
+ int i;
+ unsigned char SHA1md[SHA_DIGEST_LENGTH];
+
+ /*
+ * display the hash of the subject as it would appear in OCSP requests
+ */
+ if (BIO_printf(bp, " Subject OCSP hash: ") <= 0)
+ goto err;
+ derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
+ if ((der = dertmp = (unsigned char *)OPENSSL_malloc(derlen)) == NULL)
+ goto err;
+ i2d_X509_NAME(x->cert_info->subject, &dertmp);
+
+ if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
+ for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
+ if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
+ goto err;
+ }
+ OPENSSL_free(der);
+ der = NULL;
+
+ /*
+ * display the hash of the public key as it would appear in OCSP requests
+ */
+ if (BIO_printf(bp, "\n Public key OCSP hash: ") <= 0)
+ goto err;
+
+ if (!EVP_Digest(x->cert_info->key->public_key->data,
+ x->cert_info->key->public_key->length,
+ SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
+ for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
+ if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
+ goto err;
+ }
+ BIO_printf(bp, "\n");
+
+ return (1);
+ err:
+ if (der != NULL)
+ OPENSSL_free(der);
+ return (0);
+}
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
+{
+ const unsigned char *s;
+ int i, n;
+
+ n = sig->length;
+ s = sig->data;
+ for (i = 0; i < n; i++) {
+ if ((i % 18) == 0) {
+ if (BIO_write(bp, "\n", 1) <= 0)
+ return 0;
+ if (BIO_indent(bp, indent, indent) <= 0)
+ return 0;
+ }
+ if (BIO_printf(bp, "%02x%s", s[i], ((i + 1) == n) ? "" : ":") <= 0)
+ return 0;
+ }
+ if (BIO_write(bp, "\n", 1) != 1)
+ return 0;
+
+ return 1;
+}
+
+int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+{
+ int sig_nid;
+ if (BIO_puts(bp, " Signature Algorithm: ") <= 0)
+ return 0;
+ if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
+ return 0;
+
+ sig_nid = OBJ_obj2nid(sigalg->algorithm);
+ if (sig_nid != NID_undef) {
+ int pkey_nid, dig_nid;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
+ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
+ if (ameth && ameth->sig_print)
+ return ameth->sig_print(bp, sigalg, sig, 9, 0);
+ }
+ }
+ if (sig)
+ return X509_signature_dump(bp, sig, 9);
+ else if (BIO_puts(bp, "\n") <= 0)
+ return 0;
+ return 1;
+}
+
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
+{
+ int i, n;
+ char buf[80];
+ const char *p;
+
+ if (v == NULL)
+ return (0);
+ n = 0;
+ p = (const char *)v->data;
+ for (i = 0; i < v->length; i++) {
+ if ((p[i] > '~') || ((p[i] < ' ') &&
+ (p[i] != '\n') && (p[i] != '\r')))
+ buf[n] = '.';
+ else
+ buf[n] = p[i];
+ n++;
+ if (n >= 80) {
+ if (BIO_write(bp, buf, n) <= 0)
+ return (0);
+ n = 0;
+ }
+ }
+ if (n > 0)
+ if (BIO_write(bp, buf, n) <= 0)
+ return (0);
+ return (1);
+}
+
+int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
+{
+ if (tm->type == V_ASN1_UTCTIME)
+ return ASN1_UTCTIME_print(bp, tm);
+ if (tm->type == V_ASN1_GENERALIZEDTIME)
+ return ASN1_GENERALIZEDTIME_print(bp, tm);
+ BIO_write(bp, "Bad time value", 14);
+ return (0);
+}
+
+static const char *mon[12] = {
+ "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
+};
+
+int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
+{
+ char *v;
+ int gmt = 0;
+ int i;
+ int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
+ char *f = NULL;
+ int f_len = 0;
+
+ i = tm->length;
+ v = (char *)tm->data;
+
+ if (i < 12)
+ goto err;
+ if (v[i - 1] == 'Z')
+ gmt = 1;
+ for (i = 0; i < 12; i++)
+ if ((v[i] > '9') || (v[i] < '0'))
+ goto err;
+ y = (v[0] - '0') * 1000 + (v[1] - '0') * 100
+ + (v[2] - '0') * 10 + (v[3] - '0');
+ M = (v[4] - '0') * 10 + (v[5] - '0');
+ if ((M > 12) || (M < 1))
+ goto err;
+ d = (v[6] - '0') * 10 + (v[7] - '0');
+ h = (v[8] - '0') * 10 + (v[9] - '0');
+ m = (v[10] - '0') * 10 + (v[11] - '0');
+ if (tm->length >= 14 &&
+ (v[12] >= '0') && (v[12] <= '9') &&
+ (v[13] >= '0') && (v[13] <= '9')) {
+ s = (v[12] - '0') * 10 + (v[13] - '0');
+ /* Check for fractions of seconds. */
+ if (tm->length >= 15 && v[14] == '.') {
+ int l = tm->length;
+ f = &v[14]; /* The decimal point. */
+ f_len = 1;
+ while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
+ ++f_len;
+ }
+ }
+
+ if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
+ mon[M - 1], d, h, m, s, f_len, f, y,
+ (gmt) ? " GMT" : "") <= 0)
+ return (0);
+ else
+ return (1);
+ err:
+ BIO_write(bp, "Bad time value", 14);
+ return (0);
+}
+
+int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
+{
+ const char *v;
+ int gmt = 0;
+ int i;
+ int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
+
+ i = tm->length;
+ v = (const char *)tm->data;
+
+ if (i < 10)
+ goto err;
+ if (v[i - 1] == 'Z')
+ gmt = 1;
+ for (i = 0; i < 10; i++)
+ if ((v[i] > '9') || (v[i] < '0'))
+ goto err;
+ y = (v[0] - '0') * 10 + (v[1] - '0');
+ if (y < 50)
+ y += 100;
+ M = (v[2] - '0') * 10 + (v[3] - '0');
+ if ((M > 12) || (M < 1))
+ goto err;
+ d = (v[4] - '0') * 10 + (v[5] - '0');
+ h = (v[6] - '0') * 10 + (v[7] - '0');
+ m = (v[8] - '0') * 10 + (v[9] - '0');
+ if (tm->length >= 12 &&
+ (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9'))
+ s = (v[10] - '0') * 10 + (v[11] - '0');
+
+ if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
+ mon[M - 1], d, h, m, s, y + 1900,
+ (gmt) ? " GMT" : "") <= 0)
+ return (0);
+ else
+ return (1);
+ err:
+ BIO_write(bp, "Bad time value", 14);
+ return (0);
+}
+
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
+{
+ char *s, *c, *b;
+ int ret = 0, l, i;
+
+ l = 80 - 2 - obase;
+
+ b = X509_NAME_oneline(name, NULL, 0);
+ if (!b)
+ return 0;
+ if (!*b) {
+ OPENSSL_free(b);
+ return 1;
+ }
+ s = b + 1; /* skip the first slash */
+
+ c = s;
+ for (;;) {
+#ifndef CHARSET_EBCDIC
+ if (((*s == '/') &&
+ ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') ||
+ ((s[2] >= 'A')
+ && (s[2] <= 'Z')
+ && (s[3] == '='))
+ ))) || (*s == '\0'))
+#else
+ if (((*s == '/') &&
+ (isupper(s[1]) && ((s[2] == '=') ||
+ (isupper(s[2]) && (s[3] == '='))
+ ))) || (*s == '\0'))
+#endif
+ {
+ i = s - c;
+ if (BIO_write(bp, c, i) != i)
+ goto err;
+ c = s + 1; /* skip following slash */
+ if (*s != '\0') {
+ if (BIO_write(bp, ", ", 2) != 2)
+ goto err;
+ }
+ l--;
+ }
+ if (*s == '\0')
+ break;
+ s++;
+ l--;
+ }
+
+ ret = 1;
+ if (0) {
+ err:
+ X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB);
+ }
+ OPENSSL_free(b);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1231 +0,0 @@
-/* tasn_dec.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static int asn1_check_eoc(const unsigned char **in, long len);
-static int asn1_find_end(const unsigned char **in, long len, char inf);
-
-static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
- char inf, int tag, int aclass, int depth);
-
-static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
-
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
- char *inf, char *cst,
- const unsigned char **in, long len,
- int exptag, int expclass, char opt, ASN1_TLC *ctx);
-
-static int asn1_template_ex_d2i(ASN1_VALUE **pval,
- const unsigned char **in, long len,
- const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx);
-static int asn1_template_noexp_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len,
- const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx);
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
- const unsigned char **in, long len,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt,
- ASN1_TLC *ctx);
-
-/* Table to convert tags to bit values, used for MSTRING type */
-static const unsigned long tag2bit[32] = {
- /* tags 0 - 3 */
- 0, 0, 0, B_ASN1_BIT_STRING,
- /* tags 4- 7 */
- B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,
- /* tags 8-11 */
- B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
- /* tags 12-15 */
- B_ASN1_UTF8STRING, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
- /* tags 16-19 */
- B_ASN1_SEQUENCE, 0, B_ASN1_NUMERICSTRING, B_ASN1_PRINTABLESTRING,
- /* tags 20-22 */
- B_ASN1_T61STRING, B_ASN1_VIDEOTEXSTRING, B_ASN1_IA5STRING,
- /* tags 23-24 */
- B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,
- /* tags 25-27 */
- B_ASN1_GRAPHICSTRING, B_ASN1_ISO64STRING, B_ASN1_GENERALSTRING,
- /* tags 28-31 */
- B_ASN1_UNIVERSALSTRING, B_ASN1_UNKNOWN, B_ASN1_BMPSTRING, B_ASN1_UNKNOWN,
-};
-
-unsigned long ASN1_tag2bit(int tag)
-{
- if ((tag < 0) || (tag > 30))
- return 0;
- return tag2bit[tag];
-}
-
-/* Macro to initialize and invalidate the cache */
-
-#define asn1_tlc_clear(c) if (c) (c)->valid = 0
-/* Version to avoid compiler warning about 'c' always non-NULL */
-#define asn1_tlc_clear_nc(c) (c)->valid = 0
-
-/*
- * Decode an ASN1 item, this currently behaves just like a standard 'd2i'
- * function. 'in' points to a buffer to read the data from, in future we
- * will have more advanced versions that can input data a piece at a time and
- * this will simply be a special case.
- */
-
-ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
- const unsigned char **in, long len,
- const ASN1_ITEM *it)
-{
- ASN1_TLC c;
- ASN1_VALUE *ptmpval = NULL;
- if (!pval)
- pval = &ptmpval;
- asn1_tlc_clear_nc(&c);
- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
- return *pval;
- return NULL;
-}
-
-int ASN1_template_d2i(ASN1_VALUE **pval,
- const unsigned char **in, long len,
- const ASN1_TEMPLATE *tt)
-{
- ASN1_TLC c;
- asn1_tlc_clear_nc(&c);
- return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
-}
-
-/*
- * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
- * tag mismatch return -1 to handle OPTIONAL
- */
-
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
- const ASN1_TEMPLATE *tt, *errtt = NULL;
- const ASN1_COMPAT_FUNCS *cf;
- const ASN1_EXTERN_FUNCS *ef;
- const ASN1_AUX *aux = it->funcs;
- ASN1_aux_cb *asn1_cb;
- const unsigned char *p = NULL, *q;
- unsigned char *wp = NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */
- unsigned char imphack = 0, oclass;
- char seq_eoc, seq_nolen, cst, isopt;
- long tmplen;
- int i;
- int otag;
- int ret = 0;
- ASN1_VALUE **pchptr, *ptmpval;
- int combine = aclass & ASN1_TFLG_COMBINE;
- aclass &= ~ASN1_TFLG_COMBINE;
- if (!pval)
- return 0;
- if (aux && aux->asn1_cb)
- asn1_cb = aux->asn1_cb;
- else
- asn1_cb = 0;
-
- switch (it->itype) {
- case ASN1_ITYPE_PRIMITIVE:
- if (it->templates) {
- /*
- * tagging or OPTIONAL is currently illegal on an item template
- * because the flags can't get passed down. In practice this
- * isn't a problem: we include the relevant flags from the item
- * template in the template itself.
- */
- if ((tag != -1) || opt) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
- ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
- goto err;
- }
- return asn1_template_ex_d2i(pval, in, len,
- it->templates, opt, ctx);
- }
- return asn1_d2i_ex_primitive(pval, in, len, it,
- tag, aclass, opt, ctx);
- break;
-
- case ASN1_ITYPE_MSTRING:
- p = *in;
- /* Just read in tag and class */
- ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
- &p, len, -1, 0, 1, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
-
- /* Must be UNIVERSAL class */
- if (oclass != V_ASN1_UNIVERSAL) {
- /* If OPTIONAL, assume this is OK */
- if (opt)
- return -1;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
- goto err;
- }
- /* Check tag matches bit map */
- if (!(ASN1_tag2bit(otag) & it->utype)) {
- /* If OPTIONAL, assume this is OK */
- if (opt)
- return -1;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
- goto err;
- }
- return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
-
- case ASN1_ITYPE_EXTERN:
- /* Use new style d2i */
- ef = it->funcs;
- return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
-
- case ASN1_ITYPE_COMPAT:
- /* we must resort to old style evil hackery */
- cf = it->funcs;
-
- /* If OPTIONAL see if it is there */
- if (opt) {
- int exptag;
- p = *in;
- if (tag == -1)
- exptag = it->utype;
- else
- exptag = tag;
- /*
- * Don't care about anything other than presence of expected tag
- */
-
- ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
- &p, len, exptag, aclass, 1, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- if (ret == -1)
- return -1;
- }
-
- /*
- * This is the old style evil hack IMPLICIT handling: since the
- * underlying code is expecting a tag and class other than the one
- * present we change the buffer temporarily then change it back
- * afterwards. This doesn't and never did work for tags > 30. Yes
- * this is *horrible* but it is only needed for old style d2i which
- * will hopefully not be around for much longer. FIXME: should copy
- * the buffer then modify it so the input buffer can be const: we
- * should *always* copy because the old style d2i might modify the
- * buffer.
- */
-
- if (tag != -1) {
- wp = *(unsigned char **)in;
- imphack = *wp;
- if (p == NULL) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
- | it->utype);
- }
-
- ptmpval = cf->asn1_d2i(pval, in, len);
-
- if (tag != -1)
- *wp = imphack;
-
- if (ptmpval)
- return 1;
-
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
-
- case ASN1_ITYPE_CHOICE:
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
- goto auxerr;
- if (*pval) {
- /* Free up and zero CHOICE value if initialised */
- i = asn1_get_choice_selector(pval, it);
- if ((i >= 0) && (i < it->tcount)) {
- tt = it->templates + i;
- pchptr = asn1_get_field_ptr(pval, tt);
- ASN1_template_free(pchptr, tt);
- asn1_set_choice_selector(pval, -1, it);
- }
- } else if (!ASN1_item_ex_new(pval, it)) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- /* CHOICE type, try each possibility in turn */
- p = *in;
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
- pchptr = asn1_get_field_ptr(pval, tt);
- /*
- * We mark field as OPTIONAL so its absence can be recognised.
- */
- ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
- /* If field not present, try the next one */
- if (ret == -1)
- continue;
- /* If positive return, read OK, break loop */
- if (ret > 0)
- break;
- /* Otherwise must be an ASN1 parsing error */
- errtt = tt;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
-
- /* Did we fall off the end without reading anything? */
- if (i == it->tcount) {
- /* If OPTIONAL, this is OK */
- if (opt) {
- /* Free and zero it */
- ASN1_item_ex_free(pval, it);
- return -1;
- }
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
- goto err;
- }
-
- asn1_set_choice_selector(pval, i, it);
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
- goto auxerr;
- *in = p;
- return 1;
-
- case ASN1_ITYPE_NDEF_SEQUENCE:
- case ASN1_ITYPE_SEQUENCE:
- p = *in;
- tmplen = len;
-
- /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
- if (tag == -1) {
- tag = V_ASN1_SEQUENCE;
- aclass = V_ASN1_UNIVERSAL;
- }
- /* Get SEQUENCE length and update len, p */
- ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
- &p, len, tag, aclass, opt, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- } else if (ret == -1)
- return -1;
- if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
- len = tmplen - (p - *in);
- seq_nolen = 1;
- }
- /* If indefinite we don't do a length check */
- else
- seq_nolen = seq_eoc;
- if (!cst) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
- goto err;
- }
-
- if (!*pval && !ASN1_item_ex_new(pval, it)) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
-
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
- goto auxerr;
-
- /* Free up and zero any ADB found */
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
- if (tt->flags & ASN1_TFLG_ADB_MASK) {
- const ASN1_TEMPLATE *seqtt;
- ASN1_VALUE **pseqval;
- seqtt = asn1_do_adb(pval, tt, 1);
- pseqval = asn1_get_field_ptr(pval, seqtt);
- ASN1_template_free(pseqval, seqtt);
- }
- }
-
- /* Get each field entry */
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
- const ASN1_TEMPLATE *seqtt;
- ASN1_VALUE **pseqval;
- seqtt = asn1_do_adb(pval, tt, 1);
- if (!seqtt)
- goto err;
- pseqval = asn1_get_field_ptr(pval, seqtt);
- /* Have we ran out of data? */
- if (!len)
- break;
- q = p;
- if (asn1_check_eoc(&p, len)) {
- if (!seq_eoc) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
- goto err;
- }
- len -= p - q;
- seq_eoc = 0;
- q = p;
- break;
- }
- /*
- * This determines the OPTIONAL flag value. The field cannot be
- * omitted if it is the last of a SEQUENCE and there is still
- * data to be read. This isn't strictly necessary but it
- * increases efficiency in some cases.
- */
- if (i == (it->tcount - 1))
- isopt = 0;
- else
- isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
- /*
- * attempt to read in field, allowing each to be OPTIONAL
- */
-
- ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
- if (!ret) {
- errtt = seqtt;
- goto err;
- } else if (ret == -1) {
- /*
- * OPTIONAL component absent. Free and zero the field.
- */
- ASN1_template_free(pseqval, seqtt);
- continue;
- }
- /* Update length */
- len -= p - q;
- }
-
- /* Check for EOC if expecting one */
- if (seq_eoc && !asn1_check_eoc(&p, len)) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
- goto err;
- }
- /* Check all data read */
- if (!seq_nolen && len) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
- goto err;
- }
-
- /*
- * If we get here we've got no more data in the SEQUENCE, however we
- * may not have read all fields so check all remaining are OPTIONAL
- * and clear any that are.
- */
- for (; i < it->tcount; tt++, i++) {
- const ASN1_TEMPLATE *seqtt;
- seqtt = asn1_do_adb(pval, tt, 1);
- if (!seqtt)
- goto err;
- if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
- ASN1_VALUE **pseqval;
- pseqval = asn1_get_field_ptr(pval, seqtt);
- ASN1_template_free(pseqval, seqtt);
- } else {
- errtt = seqtt;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
- goto err;
- }
- }
- /* Save encoding */
- if (!asn1_enc_save(pval, *in, p - *in, it))
- goto auxerr;
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
- goto auxerr;
- *in = p;
- return 1;
-
- default:
- return 0;
- }
- auxerr:
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
- err:
- if (combine == 0)
- ASN1_item_ex_free(pval, it);
- if (errtt)
- ERR_add_error_data(4, "Field=", errtt->field_name,
- ", Type=", it->sname);
- else
- ERR_add_error_data(2, "Type=", it->sname);
- return 0;
-}
-
-/*
- * Templates are handled with two separate functions. One handles any
- * EXPLICIT tag and the other handles the rest.
- */
-
-static int asn1_template_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long inlen,
- const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx)
-{
- int flags, aclass;
- int ret;
- long len;
- const unsigned char *p, *q;
- char exp_eoc;
- if (!val)
- return 0;
- flags = tt->flags;
- aclass = flags & ASN1_TFLG_TAG_CLASS;
-
- p = *in;
-
- /* Check if EXPLICIT tag expected */
- if (flags & ASN1_TFLG_EXPTAG) {
- char cst;
- /*
- * Need to work out amount of data available to the inner content and
- * where it starts: so read in EXPLICIT header to get the info.
- */
- ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
- &p, inlen, tt->tag, aclass, opt, ctx);
- q = p;
- if (!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- } else if (ret == -1)
- return -1;
- if (!cst) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
- ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
- return 0;
- }
- /* We've found the field so it can't be OPTIONAL now */
- ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- }
- /* We read the field in OK so update length */
- len -= p - q;
- if (exp_eoc) {
- /* If NDEF we must have an EOC here */
- if (!asn1_check_eoc(&p, len)) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC);
- goto err;
- }
- } else {
- /*
- * Otherwise we must hit the EXPLICIT tag end or its an error
- */
- if (len) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
- ASN1_R_EXPLICIT_LENGTH_MISMATCH);
- goto err;
- }
- }
- } else
- return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
-
- *in = p;
- return 1;
-
- err:
- ASN1_template_free(val, tt);
- return 0;
-}
-
-static int asn1_template_noexp_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len,
- const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx)
-{
- int flags, aclass;
- int ret;
- const unsigned char *p, *q;
- if (!val)
- return 0;
- flags = tt->flags;
- aclass = flags & ASN1_TFLG_TAG_CLASS;
-
- p = *in;
- q = p;
-
- if (flags & ASN1_TFLG_SK_MASK) {
- /* SET OF, SEQUENCE OF */
- int sktag, skaclass;
- char sk_eoc;
- /* First work out expected inner tag value */
- if (flags & ASN1_TFLG_IMPTAG) {
- sktag = tt->tag;
- skaclass = aclass;
- } else {
- skaclass = V_ASN1_UNIVERSAL;
- if (flags & ASN1_TFLG_SET_OF)
- sktag = V_ASN1_SET;
- else
- sktag = V_ASN1_SEQUENCE;
- }
- /* Get the tag */
- ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
- &p, len, sktag, skaclass, opt, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- } else if (ret == -1)
- return -1;
- if (!*val)
- *val = (ASN1_VALUE *)sk_new_null();
- else {
- /*
- * We've got a valid STACK: free up any items present
- */
- STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
- ASN1_VALUE *vtmp;
- while (sk_ASN1_VALUE_num(sktmp) > 0) {
- vtmp = sk_ASN1_VALUE_pop(sktmp);
- ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
- }
- }
-
- if (!*val) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* Read as many items as we can */
- while (len > 0) {
- ASN1_VALUE *skfield;
- q = p;
- /* See if EOC found */
- if (asn1_check_eoc(&p, len)) {
- if (!sk_eoc) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
- ASN1_R_UNEXPECTED_EOC);
- goto err;
- }
- len -= p - q;
- sk_eoc = 0;
- break;
- }
- skfield = NULL;
- if (!ASN1_item_ex_d2i(&skfield, &p, len,
- ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
- ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- len -= p - q;
- if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- if (sk_eoc) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
- goto err;
- }
- } else if (flags & ASN1_TFLG_IMPTAG) {
- /* IMPLICIT tagging */
- ret = ASN1_item_ex_d2i(val, &p, len,
- ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
- ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- } else if (ret == -1)
- return -1;
- } else {
- /* Nothing special */
- ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
- -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- } else if (ret == -1)
- return -1;
- }
-
- *in = p;
- return 1;
-
- err:
- ASN1_template_free(val, tt);
- return 0;
-}
-
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
- const unsigned char **in, long inlen,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
- int ret = 0, utype;
- long plen;
- char cst, inf, free_cont = 0;
- const unsigned char *p;
- BUF_MEM buf;
- const unsigned char *cont = NULL;
- long len;
- if (!pval) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
- return 0; /* Should never happen */
- }
-
- if (it->itype == ASN1_ITYPE_MSTRING) {
- utype = tag;
- tag = -1;
- } else
- utype = it->utype;
-
- if (utype == V_ASN1_ANY) {
- /* If type is ANY need to figure out type from tag */
- unsigned char oclass;
- if (tag >= 0) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
- return 0;
- }
- if (opt) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
- ASN1_R_ILLEGAL_OPTIONAL_ANY);
- return 0;
- }
- p = *in;
- ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
- &p, inlen, -1, 0, 0, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- }
- if (oclass != V_ASN1_UNIVERSAL)
- utype = V_ASN1_OTHER;
- }
- if (tag == -1) {
- tag = utype;
- aclass = V_ASN1_UNIVERSAL;
- }
- p = *in;
- /* Check header */
- ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
- &p, inlen, tag, aclass, opt, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- } else if (ret == -1)
- return -1;
- ret = 0;
- /* SEQUENCE, SET and "OTHER" are left in encoded form */
- if ((utype == V_ASN1_SEQUENCE)
- || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
- /*
- * Clear context cache for type OTHER because the auto clear when we
- * have a exact match wont work
- */
- if (utype == V_ASN1_OTHER) {
- asn1_tlc_clear(ctx);
- }
- /* SEQUENCE and SET must be constructed */
- else if (!cst) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
- ASN1_R_TYPE_NOT_CONSTRUCTED);
- return 0;
- }
-
- cont = *in;
- /* If indefinite length constructed find the real end */
- if (inf) {
- if (!asn1_find_end(&p, plen, inf))
- goto err;
- len = p - cont;
- } else {
- len = p - cont + plen;
- p += plen;
- buf.data = NULL;
- }
- } else if (cst) {
- if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
- || utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
- || utype == V_ASN1_ENUMERATED) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
- return 0;
- }
- buf.length = 0;
- buf.max = 0;
- buf.data = NULL;
- /*
- * Should really check the internal tags are correct but some things
- * may get this wrong. The relevant specs say that constructed string
- * types should be OCTET STRINGs internally irrespective of the type.
- * So instead just check for UNIVERSAL class and ignore the tag.
- */
- if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
- free_cont = 1;
- goto err;
- }
- len = buf.length;
- /* Append a final null to string */
- if (!BUF_MEM_grow_clean(&buf, len + 1)) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- buf.data[len] = 0;
- cont = (const unsigned char *)buf.data;
- free_cont = 1;
- } else {
- cont = p;
- len = plen;
- p += plen;
- }
-
- /* We now have content length and type: translate into a structure */
- if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
- goto err;
-
- *in = p;
- ret = 1;
- err:
- if (free_cont && buf.data)
- OPENSSL_free(buf.data);
- return ret;
-}
-
-/* Translate ASN1 content octets into a structure */
-
-int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
- int utype, char *free_cont, const ASN1_ITEM *it)
-{
- ASN1_VALUE **opval = NULL;
- ASN1_STRING *stmp;
- ASN1_TYPE *typ = NULL;
- int ret = 0;
- const ASN1_PRIMITIVE_FUNCS *pf;
- ASN1_INTEGER **tint;
- pf = it->funcs;
-
- if (pf && pf->prim_c2i)
- return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
- /* If ANY type clear type and set pointer to internal value */
- if (it->utype == V_ASN1_ANY) {
- if (!*pval) {
- typ = ASN1_TYPE_new();
- if (typ == NULL)
- goto err;
- *pval = (ASN1_VALUE *)typ;
- } else
- typ = (ASN1_TYPE *)*pval;
-
- if (utype != typ->type)
- ASN1_TYPE_set(typ, utype, NULL);
- opval = pval;
- pval = &typ->value.asn1_value;
- }
- switch (utype) {
- case V_ASN1_OBJECT:
- if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
- goto err;
- break;
-
- case V_ASN1_NULL:
- if (len) {
- ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH);
- goto err;
- }
- *pval = (ASN1_VALUE *)1;
- break;
-
- case V_ASN1_BOOLEAN:
- if (len != 1) {
- ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
- goto err;
- } else {
- ASN1_BOOLEAN *tbool;
- tbool = (ASN1_BOOLEAN *)pval;
- *tbool = *cont;
- }
- break;
-
- case V_ASN1_BIT_STRING:
- if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
- goto err;
- break;
-
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- tint = (ASN1_INTEGER **)pval;
- if (!c2i_ASN1_INTEGER(tint, &cont, len))
- goto err;
- /* Fixup type to match the expected form */
- (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
- break;
-
- case V_ASN1_OCTET_STRING:
- case V_ASN1_NUMERICSTRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_VIDEOTEXSTRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UTCTIME:
- case V_ASN1_GENERALIZEDTIME:
- case V_ASN1_GRAPHICSTRING:
- case V_ASN1_VISIBLESTRING:
- case V_ASN1_GENERALSTRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_BMPSTRING:
- case V_ASN1_UTF8STRING:
- case V_ASN1_OTHER:
- case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
- default:
- if (utype == V_ASN1_BMPSTRING && (len & 1)) {
- ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
- goto err;
- }
- if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
- ASN1err(ASN1_F_ASN1_EX_C2I,
- ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
- goto err;
- }
- /* All based on ASN1_STRING and handled the same */
- if (!*pval) {
- stmp = ASN1_STRING_type_new(utype);
- if (!stmp) {
- ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- *pval = (ASN1_VALUE *)stmp;
- } else {
- stmp = (ASN1_STRING *)*pval;
- stmp->type = utype;
- }
- /* If we've already allocated a buffer use it */
- if (*free_cont) {
- if (stmp->data)
- OPENSSL_free(stmp->data);
- stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
- stmp->length = len;
- *free_cont = 0;
- } else {
- if (!ASN1_STRING_set(stmp, cont, len)) {
- ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
- ASN1_STRING_free(stmp);
- *pval = NULL;
- goto err;
- }
- }
- break;
- }
- /* If ASN1_ANY and NULL type fix up value */
- if (typ && (utype == V_ASN1_NULL))
- typ->value.ptr = NULL;
-
- ret = 1;
- err:
- if (!ret) {
- ASN1_TYPE_free(typ);
- if (opval)
- *opval = NULL;
- }
- return ret;
-}
-
-/*
- * This function finds the end of an ASN1 structure when passed its maximum
- * length, whether it is indefinite length and a pointer to the content. This
- * is more efficient than calling asn1_collect because it does not recurse on
- * each indefinite length header.
- */
-
-static int asn1_find_end(const unsigned char **in, long len, char inf)
-{
- int expected_eoc;
- long plen;
- const unsigned char *p = *in, *q;
- /* If not indefinite length constructed just add length */
- if (inf == 0) {
- *in += len;
- return 1;
- }
- expected_eoc = 1;
- /*
- * Indefinite length constructed form. Find the end when enough EOCs are
- * found. If more indefinite length constructed headers are encountered
- * increment the expected eoc count otherwise just skip to the end of the
- * data.
- */
- while (len > 0) {
- if (asn1_check_eoc(&p, len)) {
- expected_eoc--;
- if (expected_eoc == 0)
- break;
- len -= 2;
- continue;
- }
- q = p;
- /* Just read in a header: only care about the length */
- if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
- -1, 0, 0, NULL)) {
- ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- }
- if (inf)
- expected_eoc++;
- else
- p += plen;
- len -= p - q;
- }
- if (expected_eoc) {
- ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
- return 0;
- }
- *in = p;
- return 1;
-}
-
-/*
- * This function collects the asn1 data from a constructred string type into
- * a buffer. The values of 'in' and 'len' should refer to the contents of the
- * constructed type and 'inf' should be set if it is indefinite length.
- */
-
-#ifndef ASN1_MAX_STRING_NEST
-/*
- * This determines how many levels of recursion are permitted in ASN1 string
- * types. If it is not limited stack overflows can occur. If set to zero no
- * recursion is allowed at all. Although zero should be adequate examples
- * exist that require a value of 1. So 5 should be more than enough.
- */
-# define ASN1_MAX_STRING_NEST 5
-#endif
-
-static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
- char inf, int tag, int aclass, int depth)
-{
- const unsigned char *p, *q;
- long plen;
- char cst, ininf;
- p = *in;
- inf &= 1;
- /*
- * If no buffer and not indefinite length constructed just pass over the
- * encoded data
- */
- if (!buf && !inf) {
- *in += len;
- return 1;
- }
- while (len > 0) {
- q = p;
- /* Check for EOC */
- if (asn1_check_eoc(&p, len)) {
- /*
- * EOC is illegal outside indefinite length constructed form
- */
- if (!inf) {
- ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
- return 0;
- }
- inf = 0;
- break;
- }
-
- if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
- len, tag, aclass, 0, NULL)) {
- ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- }
-
- /* If indefinite length constructed update max length */
- if (cst) {
- if (depth >= ASN1_MAX_STRING_NEST) {
- ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
- return 0;
- }
- if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1))
- return 0;
- } else if (plen && !collect_data(buf, &p, plen))
- return 0;
- len -= p - q;
- }
- if (inf) {
- ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
- return 0;
- }
- *in = p;
- return 1;
-}
-
-static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
-{
- int len;
- if (buf) {
- len = buf->length;
- if (!BUF_MEM_grow_clean(buf, len + plen)) {
- ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- memcpy(buf->data + len, *p, plen);
- }
- *p += plen;
- return 1;
-}
-
-/* Check for ASN1 EOC and swallow it if found */
-
-static int asn1_check_eoc(const unsigned char **in, long len)
-{
- const unsigned char *p;
- if (len < 2)
- return 0;
- p = *in;
- if (!p[0] && !p[1]) {
- *in += 2;
- return 1;
- }
- return 0;
-}
-
-/*
- * Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the
- * length for indefinite length constructed form, we don't know the exact
- * length but we can set an upper bound to the amount of data available minus
- * the header length just read.
- */
-
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
- char *inf, char *cst,
- const unsigned char **in, long len,
- int exptag, int expclass, char opt, ASN1_TLC *ctx)
-{
- int i;
- int ptag, pclass;
- long plen;
- const unsigned char *p, *q;
- p = *in;
- q = p;
-
- if (ctx && ctx->valid) {
- i = ctx->ret;
- plen = ctx->plen;
- pclass = ctx->pclass;
- ptag = ctx->ptag;
- p += ctx->hdrlen;
- } else {
- i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
- if (ctx) {
- ctx->ret = i;
- ctx->plen = plen;
- ctx->pclass = pclass;
- ctx->ptag = ptag;
- ctx->hdrlen = p - q;
- ctx->valid = 1;
- /*
- * If definite length, and no error, length + header can't exceed
- * total amount of data available.
- */
- if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
- ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
- asn1_tlc_clear(ctx);
- return 0;
- }
- }
- }
-
- if (i & 0x80) {
- ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
- asn1_tlc_clear(ctx);
- return 0;
- }
- if (exptag >= 0) {
- if ((exptag != ptag) || (expclass != pclass)) {
- /*
- * If type is OPTIONAL, not an error: indicate missing type.
- */
- if (opt)
- return -1;
- asn1_tlc_clear(ctx);
- ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
- return 0;
- }
- /*
- * We have a tag and class match: assume we are going to do something
- * with it
- */
- asn1_tlc_clear(ctx);
- }
-
- if (i & 1)
- plen = len - (p - q);
-
- if (inf)
- *inf = i & 1;
-
- if (cst)
- *cst = i & V_ASN1_CONSTRUCTED;
-
- if (olen)
- *olen = plen;
-
- if (oclass)
- *oclass = pclass;
-
- if (otag)
- *otag = ptag;
-
- *in = p;
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_dec.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1229 @@
+/* tasn_dec.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+static int asn1_check_eoc(const unsigned char **in, long len);
+static int asn1_find_end(const unsigned char **in, long len, char inf);
+
+static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
+ char inf, int tag, int aclass, int depth);
+
+static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
+ char *inf, char *cst,
+ const unsigned char **in, long len,
+ int exptag, int expclass, char opt, ASN1_TLC *ctx);
+
+static int asn1_template_ex_d2i(ASN1_VALUE **pval,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx);
+static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx);
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
+
+/* Table to convert tags to bit values, used for MSTRING type */
+static const unsigned long tag2bit[32] = {
+ /* tags 0 - 3 */
+ 0, 0, 0, B_ASN1_BIT_STRING,
+ /* tags 4- 7 */
+ B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,
+ /* tags 8-11 */
+ B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
+ /* tags 12-15 */
+ B_ASN1_UTF8STRING, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
+ /* tags 16-19 */
+ B_ASN1_SEQUENCE, 0, B_ASN1_NUMERICSTRING, B_ASN1_PRINTABLESTRING,
+ /* tags 20-22 */
+ B_ASN1_T61STRING, B_ASN1_VIDEOTEXSTRING, B_ASN1_IA5STRING,
+ /* tags 23-24 */
+ B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,
+ /* tags 25-27 */
+ B_ASN1_GRAPHICSTRING, B_ASN1_ISO64STRING, B_ASN1_GENERALSTRING,
+ /* tags 28-31 */
+ B_ASN1_UNIVERSALSTRING, B_ASN1_UNKNOWN, B_ASN1_BMPSTRING, B_ASN1_UNKNOWN,
+};
+
+unsigned long ASN1_tag2bit(int tag)
+{
+ if ((tag < 0) || (tag > 30))
+ return 0;
+ return tag2bit[tag];
+}
+
+/* Macro to initialize and invalidate the cache */
+
+#define asn1_tlc_clear(c) if (c) (c)->valid = 0
+/* Version to avoid compiler warning about 'c' always non-NULL */
+#define asn1_tlc_clear_nc(c) (c)->valid = 0
+
+/*
+ * Decode an ASN1 item, this currently behaves just like a standard 'd2i'
+ * function. 'in' points to a buffer to read the data from, in future we
+ * will have more advanced versions that can input data a piece at a time and
+ * this will simply be a special case.
+ */
+
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it)
+{
+ ASN1_TLC c;
+ ASN1_VALUE *ptmpval = NULL;
+ if (!pval)
+ pval = &ptmpval;
+ asn1_tlc_clear_nc(&c);
+ if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+ return *pval;
+ return NULL;
+}
+
+int ASN1_template_d2i(ASN1_VALUE **pval,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt)
+{
+ ASN1_TLC c;
+ asn1_tlc_clear_nc(&c);
+ return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
+}
+
+/*
+ * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
+ * tag mismatch return -1 to handle OPTIONAL
+ */
+
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+ const ASN1_TEMPLATE *tt, *errtt = NULL;
+ const ASN1_COMPAT_FUNCS *cf;
+ const ASN1_EXTERN_FUNCS *ef;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ const unsigned char *p = NULL, *q;
+ unsigned char *wp = NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */
+ unsigned char imphack = 0, oclass;
+ char seq_eoc, seq_nolen, cst, isopt;
+ long tmplen;
+ int i;
+ int otag;
+ int ret = 0;
+ ASN1_VALUE **pchptr, *ptmpval;
+ int combine = aclass & ASN1_TFLG_COMBINE;
+ aclass &= ~ASN1_TFLG_COMBINE;
+ if (!pval)
+ return 0;
+ if (aux && aux->asn1_cb)
+ asn1_cb = aux->asn1_cb;
+ else
+ asn1_cb = 0;
+
+ switch (it->itype) {
+ case ASN1_ITYPE_PRIMITIVE:
+ if (it->templates) {
+ /*
+ * tagging or OPTIONAL is currently illegal on an item template
+ * because the flags can't get passed down. In practice this
+ * isn't a problem: we include the relevant flags from the item
+ * template in the template itself.
+ */
+ if ((tag != -1) || opt) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
+ goto err;
+ }
+ return asn1_template_ex_d2i(pval, in, len,
+ it->templates, opt, ctx);
+ }
+ return asn1_d2i_ex_primitive(pval, in, len, it,
+ tag, aclass, opt, ctx);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ p = *in;
+ /* Just read in tag and class */
+ ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
+ &p, len, -1, 0, 1, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+
+ /* Must be UNIVERSAL class */
+ if (oclass != V_ASN1_UNIVERSAL) {
+ /* If OPTIONAL, assume this is OK */
+ if (opt)
+ return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
+ goto err;
+ }
+ /* Check tag matches bit map */
+ if (!(ASN1_tag2bit(otag) & it->utype)) {
+ /* If OPTIONAL, assume this is OK */
+ if (opt)
+ return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
+ goto err;
+ }
+ return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
+
+ case ASN1_ITYPE_EXTERN:
+ /* Use new style d2i */
+ ef = it->funcs;
+ return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
+
+ case ASN1_ITYPE_COMPAT:
+ /* we must resort to old style evil hackery */
+ cf = it->funcs;
+
+ /* If OPTIONAL see if it is there */
+ if (opt) {
+ int exptag;
+ p = *in;
+ if (tag == -1)
+ exptag = it->utype;
+ else
+ exptag = tag;
+ /*
+ * Don't care about anything other than presence of expected tag
+ */
+
+ ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
+ &p, len, exptag, aclass, 1, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ if (ret == -1)
+ return -1;
+ }
+
+ /*
+ * This is the old style evil hack IMPLICIT handling: since the
+ * underlying code is expecting a tag and class other than the one
+ * present we change the buffer temporarily then change it back
+ * afterwards. This doesn't and never did work for tags > 30. Yes
+ * this is *horrible* but it is only needed for old style d2i which
+ * will hopefully not be around for much longer. FIXME: should copy
+ * the buffer then modify it so the input buffer can be const: we
+ * should *always* copy because the old style d2i might modify the
+ * buffer.
+ */
+
+ if (tag != -1) {
+ wp = *(unsigned char **)in;
+ imphack = *wp;
+ if (p == NULL) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
+ | it->utype);
+ }
+
+ ptmpval = cf->asn1_d2i(pval, in, len);
+
+ if (tag != -1)
+ *wp = imphack;
+
+ if (ptmpval)
+ return 1;
+
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+
+ case ASN1_ITYPE_CHOICE:
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
+ goto auxerr;
+ if (*pval) {
+ /* Free up and zero CHOICE value if initialised */
+ i = asn1_get_choice_selector(pval, it);
+ if ((i >= 0) && (i < it->tcount)) {
+ tt = it->templates + i;
+ pchptr = asn1_get_field_ptr(pval, tt);
+ ASN1_template_free(pchptr, tt);
+ asn1_set_choice_selector(pval, -1, it);
+ }
+ } else if (!ASN1_item_ex_new(pval, it)) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ /* CHOICE type, try each possibility in turn */
+ p = *in;
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ pchptr = asn1_get_field_ptr(pval, tt);
+ /*
+ * We mark field as OPTIONAL so its absence can be recognised.
+ */
+ ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
+ /* If field not present, try the next one */
+ if (ret == -1)
+ continue;
+ /* If positive return, read OK, break loop */
+ if (ret > 0)
+ break;
+ /* Otherwise must be an ASN1 parsing error */
+ errtt = tt;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+
+ /* Did we fall off the end without reading anything? */
+ if (i == it->tcount) {
+ /* If OPTIONAL, this is OK */
+ if (opt) {
+ /* Free and zero it */
+ ASN1_item_ex_free(pval, it);
+ return -1;
+ }
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
+ goto err;
+ }
+
+ asn1_set_choice_selector(pval, i, it);
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
+ goto auxerr;
+ *in = p;
+ return 1;
+
+ case ASN1_ITYPE_NDEF_SEQUENCE:
+ case ASN1_ITYPE_SEQUENCE:
+ p = *in;
+ tmplen = len;
+
+ /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+ if (tag == -1) {
+ tag = V_ASN1_SEQUENCE;
+ aclass = V_ASN1_UNIVERSAL;
+ }
+ /* Get SEQUENCE length and update len, p */
+ ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
+ &p, len, tag, aclass, opt, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ } else if (ret == -1)
+ return -1;
+ if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
+ len = tmplen - (p - *in);
+ seq_nolen = 1;
+ }
+ /* If indefinite we don't do a length check */
+ else
+ seq_nolen = seq_eoc;
+ if (!cst) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
+ goto err;
+ }
+
+ if (!*pval && !ASN1_item_ex_new(pval, it)) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
+ goto auxerr;
+
+ /* Free up and zero any ADB found */
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ if (tt->flags & ASN1_TFLG_ADB_MASK) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ ASN1_template_free(pseqval, seqtt);
+ }
+ }
+
+ /* Get each field entry */
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if (!seqtt)
+ goto err;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ /* Have we ran out of data? */
+ if (!len)
+ break;
+ q = p;
+ if (asn1_check_eoc(&p, len)) {
+ if (!seq_eoc) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
+ goto err;
+ }
+ len -= p - q;
+ seq_eoc = 0;
+ q = p;
+ break;
+ }
+ /*
+ * This determines the OPTIONAL flag value. The field cannot be
+ * omitted if it is the last of a SEQUENCE and there is still
+ * data to be read. This isn't strictly necessary but it
+ * increases efficiency in some cases.
+ */
+ if (i == (it->tcount - 1))
+ isopt = 0;
+ else
+ isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
+ /*
+ * attempt to read in field, allowing each to be OPTIONAL
+ */
+
+ ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
+ if (!ret) {
+ errtt = seqtt;
+ goto err;
+ } else if (ret == -1) {
+ /*
+ * OPTIONAL component absent. Free and zero the field.
+ */
+ ASN1_template_free(pseqval, seqtt);
+ continue;
+ }
+ /* Update length */
+ len -= p - q;
+ }
+
+ /* Check for EOC if expecting one */
+ if (seq_eoc && !asn1_check_eoc(&p, len)) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
+ goto err;
+ }
+ /* Check all data read */
+ if (!seq_nolen && len) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ /*
+ * If we get here we've got no more data in the SEQUENCE, however we
+ * may not have read all fields so check all remaining are OPTIONAL
+ * and clear any that are.
+ */
+ for (; i < it->tcount; tt++, i++) {
+ const ASN1_TEMPLATE *seqtt;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if (!seqtt)
+ goto err;
+ if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
+ ASN1_VALUE **pseqval;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ ASN1_template_free(pseqval, seqtt);
+ } else {
+ errtt = seqtt;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
+ goto err;
+ }
+ }
+ /* Save encoding */
+ if (!asn1_enc_save(pval, *in, p - *in, it))
+ goto auxerr;
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
+ goto auxerr;
+ *in = p;
+ return 1;
+
+ default:
+ return 0;
+ }
+ auxerr:
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
+ err:
+ if (combine == 0)
+ ASN1_item_ex_free(pval, it);
+ if (errtt)
+ ERR_add_error_data(4, "Field=", errtt->field_name,
+ ", Type=", it->sname);
+ else
+ ERR_add_error_data(2, "Type=", it->sname);
+ return 0;
+}
+
+/*
+ * Templates are handled with two separate functions. One handles any
+ * EXPLICIT tag and the other handles the rest.
+ */
+
+static int asn1_template_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long inlen,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx)
+{
+ int flags, aclass;
+ int ret;
+ long len;
+ const unsigned char *p, *q;
+ char exp_eoc;
+ if (!val)
+ return 0;
+ flags = tt->flags;
+ aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+ p = *in;
+
+ /* Check if EXPLICIT tag expected */
+ if (flags & ASN1_TFLG_EXPTAG) {
+ char cst;
+ /*
+ * Need to work out amount of data available to the inner content and
+ * where it starts: so read in EXPLICIT header to get the info.
+ */
+ ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
+ &p, inlen, tt->tag, aclass, opt, ctx);
+ q = p;
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ } else if (ret == -1)
+ return -1;
+ if (!cst) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
+ return 0;
+ }
+ /* We've found the field so it can't be OPTIONAL now */
+ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ /* We read the field in OK so update length */
+ len -= p - q;
+ if (exp_eoc) {
+ /* If NDEF we must have an EOC here */
+ if (!asn1_check_eoc(&p, len)) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC);
+ goto err;
+ }
+ } else {
+ /*
+ * Otherwise we must hit the EXPLICIT tag end or its an error
+ */
+ if (len) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ASN1_R_EXPLICIT_LENGTH_MISMATCH);
+ goto err;
+ }
+ }
+ } else
+ return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+
+ *in = p;
+ return 1;
+
+ err:
+ ASN1_template_free(val, tt);
+ return 0;
+}
+
+static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx)
+{
+ int flags, aclass;
+ int ret;
+ const unsigned char *p, *q;
+ if (!val)
+ return 0;
+ flags = tt->flags;
+ aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+ p = *in;
+ q = p;
+
+ if (flags & ASN1_TFLG_SK_MASK) {
+ /* SET OF, SEQUENCE OF */
+ int sktag, skaclass;
+ char sk_eoc;
+ /* First work out expected inner tag value */
+ if (flags & ASN1_TFLG_IMPTAG) {
+ sktag = tt->tag;
+ skaclass = aclass;
+ } else {
+ skaclass = V_ASN1_UNIVERSAL;
+ if (flags & ASN1_TFLG_SET_OF)
+ sktag = V_ASN1_SET;
+ else
+ sktag = V_ASN1_SEQUENCE;
+ }
+ /* Get the tag */
+ ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
+ &p, len, sktag, skaclass, opt, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ } else if (ret == -1)
+ return -1;
+ if (!*val)
+ *val = (ASN1_VALUE *)sk_new_null();
+ else {
+ /*
+ * We've got a valid STACK: free up any items present
+ */
+ STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
+ ASN1_VALUE *vtmp;
+ while (sk_ASN1_VALUE_num(sktmp) > 0) {
+ vtmp = sk_ASN1_VALUE_pop(sktmp);
+ ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
+ }
+ }
+
+ if (!*val) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Read as many items as we can */
+ while (len > 0) {
+ ASN1_VALUE *skfield;
+ q = p;
+ /* See if EOC found */
+ if (asn1_check_eoc(&p, len)) {
+ if (!sk_eoc) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ASN1_R_UNEXPECTED_EOC);
+ goto err;
+ }
+ len -= p - q;
+ sk_eoc = 0;
+ break;
+ }
+ skfield = NULL;
+ if (!ASN1_item_ex_d2i(&skfield, &p, len,
+ ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ len -= p - q;
+ if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ if (sk_eoc) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
+ goto err;
+ }
+ } else if (flags & ASN1_TFLG_IMPTAG) {
+ /* IMPLICIT tagging */
+ ret = ASN1_item_ex_d2i(val, &p, len,
+ ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
+ ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ } else if (ret == -1)
+ return -1;
+ } else {
+ /* Nothing special */
+ ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
+ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ } else if (ret == -1)
+ return -1;
+ }
+
+ *in = p;
+ return 1;
+
+ err:
+ ASN1_template_free(val, tt);
+ return 0;
+}
+
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
+ const unsigned char **in, long inlen,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+ int ret = 0, utype;
+ long plen;
+ char cst, inf, free_cont = 0;
+ const unsigned char *p;
+ BUF_MEM buf;
+ const unsigned char *cont = NULL;
+ long len;
+ if (!pval) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
+ return 0; /* Should never happen */
+ }
+
+ if (it->itype == ASN1_ITYPE_MSTRING) {
+ utype = tag;
+ tag = -1;
+ } else
+ utype = it->utype;
+
+ if (utype == V_ASN1_ANY) {
+ /* If type is ANY need to figure out type from tag */
+ unsigned char oclass;
+ if (tag >= 0) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
+ return 0;
+ }
+ if (opt) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ASN1_R_ILLEGAL_OPTIONAL_ANY);
+ return 0;
+ }
+ p = *in;
+ ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
+ &p, inlen, -1, 0, 0, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ if (oclass != V_ASN1_UNIVERSAL)
+ utype = V_ASN1_OTHER;
+ }
+ if (tag == -1) {
+ tag = utype;
+ aclass = V_ASN1_UNIVERSAL;
+ }
+ p = *in;
+ /* Check header */
+ ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
+ &p, inlen, tag, aclass, opt, ctx);
+ if (!ret) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ } else if (ret == -1)
+ return -1;
+ ret = 0;
+ /* SEQUENCE, SET and "OTHER" are left in encoded form */
+ if ((utype == V_ASN1_SEQUENCE)
+ || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
+ /*
+ * Clear context cache for type OTHER because the auto clear when we
+ * have a exact match wont work
+ */
+ if (utype == V_ASN1_OTHER) {
+ asn1_tlc_clear(ctx);
+ }
+ /* SEQUENCE and SET must be constructed */
+ else if (!cst) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ASN1_R_TYPE_NOT_CONSTRUCTED);
+ return 0;
+ }
+
+ cont = *in;
+ /* If indefinite length constructed find the real end */
+ if (inf) {
+ if (!asn1_find_end(&p, plen, inf))
+ goto err;
+ len = p - cont;
+ } else {
+ len = p - cont + plen;
+ p += plen;
+ buf.data = NULL;
+ }
+ } else if (cst) {
+ if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
+ || utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
+ || utype == V_ASN1_ENUMERATED) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
+ return 0;
+ }
+ buf.length = 0;
+ buf.max = 0;
+ buf.data = NULL;
+ /*
+ * Should really check the internal tags are correct but some things
+ * may get this wrong. The relevant specs say that constructed string
+ * types should be OCTET STRINGs internally irrespective of the type.
+ * So instead just check for UNIVERSAL class and ignore the tag.
+ */
+ if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
+ free_cont = 1;
+ goto err;
+ }
+ len = buf.length;
+ /* Append a final null to string */
+ if (!BUF_MEM_grow_clean(&buf, len + 1)) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ buf.data[len] = 0;
+ cont = (const unsigned char *)buf.data;
+ free_cont = 1;
+ } else {
+ cont = p;
+ len = plen;
+ p += plen;
+ }
+
+ /* We now have content length and type: translate into a structure */
+ if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
+ goto err;
+
+ *in = p;
+ ret = 1;
+ err:
+ if (free_cont && buf.data)
+ OPENSSL_free(buf.data);
+ return ret;
+}
+
+/* Translate ASN1 content octets into a structure */
+
+int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+ int utype, char *free_cont, const ASN1_ITEM *it)
+{
+ ASN1_VALUE **opval = NULL;
+ ASN1_STRING *stmp;
+ ASN1_TYPE *typ = NULL;
+ int ret = 0;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ ASN1_INTEGER **tint;
+ pf = it->funcs;
+
+ if (pf && pf->prim_c2i)
+ return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
+ /* If ANY type clear type and set pointer to internal value */
+ if (it->utype == V_ASN1_ANY) {
+ if (!*pval) {
+ typ = ASN1_TYPE_new();
+ if (typ == NULL)
+ goto err;
+ *pval = (ASN1_VALUE *)typ;
+ } else
+ typ = (ASN1_TYPE *)*pval;
+
+ if (utype != typ->type)
+ ASN1_TYPE_set(typ, utype, NULL);
+ opval = pval;
+ pval = &typ->value.asn1_value;
+ }
+ switch (utype) {
+ case V_ASN1_OBJECT:
+ if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
+ goto err;
+ break;
+
+ case V_ASN1_NULL:
+ if (len) {
+ ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH);
+ goto err;
+ }
+ *pval = (ASN1_VALUE *)1;
+ break;
+
+ case V_ASN1_BOOLEAN:
+ if (len != 1) {
+ ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ goto err;
+ } else {
+ ASN1_BOOLEAN *tbool;
+ tbool = (ASN1_BOOLEAN *)pval;
+ *tbool = *cont;
+ }
+ break;
+
+ case V_ASN1_BIT_STRING:
+ if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
+ goto err;
+ break;
+
+ case V_ASN1_INTEGER:
+ case V_ASN1_ENUMERATED:
+ tint = (ASN1_INTEGER **)pval;
+ if (!c2i_ASN1_INTEGER(tint, &cont, len))
+ goto err;
+ /* Fixup type to match the expected form */
+ (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_NUMERICSTRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_VIDEOTEXSTRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_GENERALIZEDTIME:
+ case V_ASN1_GRAPHICSTRING:
+ case V_ASN1_VISIBLESTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_BMPSTRING:
+ case V_ASN1_UTF8STRING:
+ case V_ASN1_OTHER:
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ default:
+ if (utype == V_ASN1_BMPSTRING && (len & 1)) {
+ ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
+ goto err;
+ }
+ if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
+ ASN1err(ASN1_F_ASN1_EX_C2I,
+ ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
+ goto err;
+ }
+ /* All based on ASN1_STRING and handled the same */
+ if (!*pval) {
+ stmp = ASN1_STRING_type_new(utype);
+ if (!stmp) {
+ ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ *pval = (ASN1_VALUE *)stmp;
+ } else {
+ stmp = (ASN1_STRING *)*pval;
+ stmp->type = utype;
+ }
+ /* If we've already allocated a buffer use it */
+ if (*free_cont) {
+ if (stmp->data)
+ OPENSSL_free(stmp->data);
+ stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
+ stmp->length = len;
+ *free_cont = 0;
+ } else {
+ if (!ASN1_STRING_set(stmp, cont, len)) {
+ ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
+ ASN1_STRING_free(stmp);
+ *pval = NULL;
+ goto err;
+ }
+ }
+ break;
+ }
+ /* If ASN1_ANY and NULL type fix up value */
+ if (typ && (utype == V_ASN1_NULL))
+ typ->value.ptr = NULL;
+
+ ret = 1;
+ err:
+ if (!ret) {
+ ASN1_TYPE_free(typ);
+ if (opval)
+ *opval = NULL;
+ }
+ return ret;
+}
+
+/*
+ * This function finds the end of an ASN1 structure when passed its maximum
+ * length, whether it is indefinite length and a pointer to the content. This
+ * is more efficient than calling asn1_collect because it does not recurse on
+ * each indefinite length header.
+ */
+
+static int asn1_find_end(const unsigned char **in, long len, char inf)
+{
+ int expected_eoc;
+ long plen;
+ const unsigned char *p = *in, *q;
+ /* If not indefinite length constructed just add length */
+ if (inf == 0) {
+ *in += len;
+ return 1;
+ }
+ expected_eoc = 1;
+ /*
+ * Indefinite length constructed form. Find the end when enough EOCs are
+ * found. If more indefinite length constructed headers are encountered
+ * increment the expected eoc count otherwise just skip to the end of the
+ * data.
+ */
+ while (len > 0) {
+ if (asn1_check_eoc(&p, len)) {
+ expected_eoc--;
+ if (expected_eoc == 0)
+ break;
+ len -= 2;
+ continue;
+ }
+ q = p;
+ /* Just read in a header: only care about the length */
+ if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
+ -1, 0, 0, NULL)) {
+ ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ if (inf)
+ expected_eoc++;
+ else
+ p += plen;
+ len -= p - q;
+ }
+ if (expected_eoc) {
+ ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
+ return 0;
+ }
+ *in = p;
+ return 1;
+}
+
+/*
+ * This function collects the asn1 data from a constructred string type into
+ * a buffer. The values of 'in' and 'len' should refer to the contents of the
+ * constructed type and 'inf' should be set if it is indefinite length.
+ */
+
+#ifndef ASN1_MAX_STRING_NEST
+/*
+ * This determines how many levels of recursion are permitted in ASN1 string
+ * types. If it is not limited stack overflows can occur. If set to zero no
+ * recursion is allowed at all. Although zero should be adequate examples
+ * exist that require a value of 1. So 5 should be more than enough.
+ */
+# define ASN1_MAX_STRING_NEST 5
+#endif
+
+static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
+ char inf, int tag, int aclass, int depth)
+{
+ const unsigned char *p, *q;
+ long plen;
+ char cst, ininf;
+ p = *in;
+ inf &= 1;
+ /*
+ * If no buffer and not indefinite length constructed just pass over the
+ * encoded data
+ */
+ if (!buf && !inf) {
+ *in += len;
+ return 1;
+ }
+ while (len > 0) {
+ q = p;
+ /* Check for EOC */
+ if (asn1_check_eoc(&p, len)) {
+ /*
+ * EOC is illegal outside indefinite length constructed form
+ */
+ if (!inf) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
+ return 0;
+ }
+ inf = 0;
+ break;
+ }
+
+ if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
+ len, tag, aclass, 0, NULL)) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+
+ /* If indefinite length constructed update max length */
+ if (cst) {
+ if (depth >= ASN1_MAX_STRING_NEST) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
+ return 0;
+ }
+ if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1))
+ return 0;
+ } else if (plen && !collect_data(buf, &p, plen))
+ return 0;
+ len -= p - q;
+ }
+ if (inf) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
+ return 0;
+ }
+ *in = p;
+ return 1;
+}
+
+static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
+{
+ int len;
+ if (buf) {
+ len = buf->length;
+ if (!BUF_MEM_grow_clean(buf, len + plen)) {
+ ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ memcpy(buf->data + len, *p, plen);
+ }
+ *p += plen;
+ return 1;
+}
+
+/* Check for ASN1 EOC and swallow it if found */
+
+static int asn1_check_eoc(const unsigned char **in, long len)
+{
+ const unsigned char *p;
+ if (len < 2)
+ return 0;
+ p = *in;
+ if (!p[0] && !p[1]) {
+ *in += 2;
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the
+ * length for indefinite length constructed form, we don't know the exact
+ * length but we can set an upper bound to the amount of data available minus
+ * the header length just read.
+ */
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
+ char *inf, char *cst,
+ const unsigned char **in, long len,
+ int exptag, int expclass, char opt, ASN1_TLC *ctx)
+{
+ int i;
+ int ptag, pclass;
+ long plen;
+ const unsigned char *p, *q;
+ p = *in;
+ q = p;
+
+ if (ctx && ctx->valid) {
+ i = ctx->ret;
+ plen = ctx->plen;
+ pclass = ctx->pclass;
+ ptag = ctx->ptag;
+ p += ctx->hdrlen;
+ } else {
+ i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
+ if (ctx) {
+ ctx->ret = i;
+ ctx->plen = plen;
+ ctx->pclass = pclass;
+ ctx->ptag = ptag;
+ ctx->hdrlen = p - q;
+ ctx->valid = 1;
+ /*
+ * If definite length, and no error, length + header can't exceed
+ * total amount of data available.
+ */
+ if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
+ asn1_tlc_clear(ctx);
+ return 0;
+ }
+ }
+ }
+
+ if (i & 0x80) {
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
+ asn1_tlc_clear(ctx);
+ return 0;
+ }
+ if (exptag >= 0) {
+ if ((exptag != ptag) || (expclass != pclass)) {
+ /*
+ * If type is OPTIONAL, not an error: indicate missing type.
+ */
+ if (opt)
+ return -1;
+ asn1_tlc_clear(ctx);
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
+ return 0;
+ }
+ /*
+ * We have a tag and class match: assume we are going to do something
+ * with it
+ */
+ asn1_tlc_clear(ctx);
+ }
+
+ if (i & 1)
+ plen = len - (p - q);
+
+ if (inf)
+ *inf = i & 1;
+
+ if (cst)
+ *cst = i & V_ASN1_CONSTRUCTED;
+
+ if (olen)
+ *olen = plen;
+
+ if (oclass)
+ *oclass = pclass;
+
+ if (otag)
+ *otag = ptag;
+
+ *in = p;
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/tasn_enc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,661 +0,0 @@
-/* tasn_enc.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass);
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
- int skcontlen, const ASN1_ITEM *item,
- int do_sort, int iclass);
-static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_TEMPLATE *tt, int tag, int aclass);
-static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
- const ASN1_ITEM *it, int flags);
-
-/*
- * Top level i2d equivalents: the 'ndef' variant instructs the encoder to use
- * indefinite length constructed encoding, where appropriate
- */
-
-int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
- const ASN1_ITEM *it)
-{
- return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
-}
-
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
-{
- return asn1_item_flags_i2d(val, out, it, 0);
-}
-
-/*
- * Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
- * points to a buffer to output the data to. The new i2d has one additional
- * feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
- * allocated and populated with the encoding.
- */
-
-static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
- const ASN1_ITEM *it, int flags)
-{
- if (out && !*out) {
- unsigned char *p, *buf;
- int len;
- len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
- if (len <= 0)
- return len;
- buf = OPENSSL_malloc(len);
- if (!buf)
- return -1;
- p = buf;
- ASN1_item_ex_i2d(&val, &p, it, -1, flags);
- *out = buf;
- return len;
- }
-
- return ASN1_item_ex_i2d(&val, out, it, -1, flags);
-}
-
-/*
- * Encode an item, taking care of IMPLICIT tagging (if any). This function
- * performs the normal item handling: it can be used in external types.
- */
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass)
-{
- const ASN1_TEMPLATE *tt = NULL;
- unsigned char *p = NULL;
- int i, seqcontlen, seqlen, ndef = 1;
- const ASN1_COMPAT_FUNCS *cf;
- const ASN1_EXTERN_FUNCS *ef;
- const ASN1_AUX *aux = it->funcs;
- ASN1_aux_cb *asn1_cb = 0;
-
- if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
- return 0;
-
- if (aux && aux->asn1_cb)
- asn1_cb = aux->asn1_cb;
-
- switch (it->itype) {
-
- case ASN1_ITYPE_PRIMITIVE:
- if (it->templates)
- return asn1_template_ex_i2d(pval, out, it->templates,
- tag, aclass);
- return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
- break;
-
- case ASN1_ITYPE_MSTRING:
- return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
-
- case ASN1_ITYPE_CHOICE:
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
- return 0;
- i = asn1_get_choice_selector(pval, it);
- if ((i >= 0) && (i < it->tcount)) {
- ASN1_VALUE **pchval;
- const ASN1_TEMPLATE *chtt;
- chtt = it->templates + i;
- pchval = asn1_get_field_ptr(pval, chtt);
- return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
- }
- /* Fixme: error condition if selector out of range */
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
- return 0;
- break;
-
- case ASN1_ITYPE_EXTERN:
- /* If new style i2d it does all the work */
- ef = it->funcs;
- return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
-
- case ASN1_ITYPE_COMPAT:
- /* old style hackery... */
- cf = it->funcs;
- if (out)
- p = *out;
- i = cf->asn1_i2d(*pval, out);
- /*
- * Fixup for IMPLICIT tag: note this messes up for tags > 30, but so
- * did the old code. Tags > 30 are very rare anyway.
- */
- if (out && (tag != -1))
- *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
- return i;
-
- case ASN1_ITYPE_NDEF_SEQUENCE:
- /* Use indefinite length constructed if requested */
- if (aclass & ASN1_TFLG_NDEF)
- ndef = 2;
- /* fall through */
-
- case ASN1_ITYPE_SEQUENCE:
- i = asn1_enc_restore(&seqcontlen, out, pval, it);
- /* An error occurred */
- if (i < 0)
- return 0;
- /* We have a valid cached encoding... */
- if (i > 0)
- return seqcontlen;
- /* Otherwise carry on */
- seqcontlen = 0;
- /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
- if (tag == -1) {
- tag = V_ASN1_SEQUENCE;
- /* Retain any other flags in aclass */
- aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
- | V_ASN1_UNIVERSAL;
- }
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
- return 0;
- /* First work out sequence content length */
- for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
- const ASN1_TEMPLATE *seqtt;
- ASN1_VALUE **pseqval;
- seqtt = asn1_do_adb(pval, tt, 1);
- if (!seqtt)
- return 0;
- pseqval = asn1_get_field_ptr(pval, seqtt);
- /* FIXME: check for errors in enhanced version */
- seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
- -1, aclass);
- }
-
- seqlen = ASN1_object_size(ndef, seqcontlen, tag);
- if (!out)
- return seqlen;
- /* Output SEQUENCE header */
- ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
- for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
- const ASN1_TEMPLATE *seqtt;
- ASN1_VALUE **pseqval;
- seqtt = asn1_do_adb(pval, tt, 1);
- if (!seqtt)
- return 0;
- pseqval = asn1_get_field_ptr(pval, seqtt);
- /* FIXME: check for errors in enhanced version */
- asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
- }
- if (ndef == 2)
- ASN1_put_eoc(out);
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
- return 0;
- return seqlen;
-
- default:
- return 0;
-
- }
- return 0;
-}
-
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_TEMPLATE *tt)
-{
- return asn1_template_ex_i2d(pval, out, tt, -1, 0);
-}
-
-static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_TEMPLATE *tt, int tag, int iclass)
-{
- int i, ret, flags, ttag, tclass, ndef;
- flags = tt->flags;
- /*
- * Work out tag and class to use: tagging may come either from the
- * template or the arguments, not both because this would create
- * ambiguity. Additionally the iclass argument may contain some
- * additional flags which should be noted and passed down to other
- * levels.
- */
- if (flags & ASN1_TFLG_TAG_MASK) {
- /* Error if argument and template tagging */
- if (tag != -1)
- /* FIXME: error code here */
- return -1;
- /* Get tagging from template */
- ttag = tt->tag;
- tclass = flags & ASN1_TFLG_TAG_CLASS;
- } else if (tag != -1) {
- /* No template tagging, get from arguments */
- ttag = tag;
- tclass = iclass & ASN1_TFLG_TAG_CLASS;
- } else {
- ttag = -1;
- tclass = 0;
- }
- /*
- * Remove any class mask from iflag.
- */
- iclass &= ~ASN1_TFLG_TAG_CLASS;
-
- /*
- * At this point 'ttag' contains the outer tag to use, 'tclass' is the
- * class and iclass is any flags passed to this function.
- */
-
- /* if template and arguments require ndef, use it */
- if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
- ndef = 2;
- else
- ndef = 1;
-
- if (flags & ASN1_TFLG_SK_MASK) {
- /* SET OF, SEQUENCE OF */
- STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
- int isset, sktag, skaclass;
- int skcontlen, sklen;
- ASN1_VALUE *skitem;
-
- if (!*pval)
- return 0;
-
- if (flags & ASN1_TFLG_SET_OF) {
- isset = 1;
- /* 2 means we reorder */
- if (flags & ASN1_TFLG_SEQUENCE_OF)
- isset = 2;
- } else
- isset = 0;
-
- /*
- * Work out inner tag value: if EXPLICIT or no tagging use underlying
- * type.
- */
- if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
- sktag = ttag;
- skaclass = tclass;
- } else {
- skaclass = V_ASN1_UNIVERSAL;
- if (isset)
- sktag = V_ASN1_SET;
- else
- sktag = V_ASN1_SEQUENCE;
- }
-
- /* Determine total length of items */
- skcontlen = 0;
- for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
- skitem = sk_ASN1_VALUE_value(sk, i);
- skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
- ASN1_ITEM_ptr(tt->item),
- -1, iclass);
- }
- sklen = ASN1_object_size(ndef, skcontlen, sktag);
- /* If EXPLICIT need length of surrounding tag */
- if (flags & ASN1_TFLG_EXPTAG)
- ret = ASN1_object_size(ndef, sklen, ttag);
- else
- ret = sklen;
-
- if (!out)
- return ret;
-
- /* Now encode this lot... */
- /* EXPLICIT tag */
- if (flags & ASN1_TFLG_EXPTAG)
- ASN1_put_object(out, ndef, sklen, ttag, tclass);
- /* SET or SEQUENCE and IMPLICIT tag */
- ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
- /* And the stuff itself */
- asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
- isset, iclass);
- if (ndef == 2) {
- ASN1_put_eoc(out);
- if (flags & ASN1_TFLG_EXPTAG)
- ASN1_put_eoc(out);
- }
-
- return ret;
- }
-
- if (flags & ASN1_TFLG_EXPTAG) {
- /* EXPLICIT tagging */
- /* Find length of tagged item */
- i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass);
- if (!i)
- return 0;
- /* Find length of EXPLICIT tag */
- ret = ASN1_object_size(ndef, i, ttag);
- if (out) {
- /* Output tag and item */
- ASN1_put_object(out, ndef, i, ttag, tclass);
- ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
- if (ndef == 2)
- ASN1_put_eoc(out);
- }
- return ret;
- }
-
- /* Either normal or IMPLICIT tagging: combine class and flags */
- return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
- ttag, tclass | iclass);
-
-}
-
-/* Temporary structure used to hold DER encoding of items for SET OF */
-
-typedef struct {
- unsigned char *data;
- int length;
- ASN1_VALUE *field;
-} DER_ENC;
-
-static int der_cmp(const void *a, const void *b)
-{
- const DER_ENC *d1 = a, *d2 = b;
- int cmplen, i;
- cmplen = (d1->length < d2->length) ? d1->length : d2->length;
- i = memcmp(d1->data, d2->data, cmplen);
- if (i)
- return i;
- return d1->length - d2->length;
-}
-
-/* Output the content octets of SET OF or SEQUENCE OF */
-
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
- int skcontlen, const ASN1_ITEM *item,
- int do_sort, int iclass)
-{
- int i;
- ASN1_VALUE *skitem;
- unsigned char *tmpdat = NULL, *p = NULL;
- DER_ENC *derlst = NULL, *tder;
- if (do_sort) {
- /* Don't need to sort less than 2 items */
- if (sk_ASN1_VALUE_num(sk) < 2)
- do_sort = 0;
- else {
- derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
- * sizeof(*derlst));
- if (!derlst)
- return 0;
- tmpdat = OPENSSL_malloc(skcontlen);
- if (!tmpdat) {
- OPENSSL_free(derlst);
- return 0;
- }
- }
- }
- /* If not sorting just output each item */
- if (!do_sort) {
- for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
- skitem = sk_ASN1_VALUE_value(sk, i);
- ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
- }
- return 1;
- }
- p = tmpdat;
-
- /* Doing sort: build up a list of each member's DER encoding */
- for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
- skitem = sk_ASN1_VALUE_value(sk, i);
- tder->data = p;
- tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
- tder->field = skitem;
- }
-
- /* Now sort them */
- qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
- /* Output sorted DER encoding */
- p = *out;
- for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
- memcpy(p, tder->data, tder->length);
- p += tder->length;
- }
- *out = p;
- /* If do_sort is 2 then reorder the STACK */
- if (do_sort == 2) {
- for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
- (void)sk_ASN1_VALUE_set(sk, i, tder->field);
- }
- OPENSSL_free(derlst);
- OPENSSL_free(tmpdat);
- return 1;
-}
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass)
-{
- int len;
- int utype;
- int usetag;
- int ndef = 0;
-
- utype = it->utype;
-
- /*
- * Get length of content octets and maybe find out the underlying type.
- */
-
- len = asn1_ex_i2c(pval, NULL, &utype, it);
-
- /*
- * If SEQUENCE, SET or OTHER then header is included in pseudo content
- * octets so don't include tag+length. We need to check here because the
- * call to asn1_ex_i2c() could change utype.
- */
- if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
- (utype == V_ASN1_OTHER))
- usetag = 0;
- else
- usetag = 1;
-
- /* -1 means omit type */
-
- if (len == -1)
- return 0;
-
- /* -2 return is special meaning use ndef */
- if (len == -2) {
- ndef = 2;
- len = 0;
- }
-
- /* If not implicitly tagged get tag from underlying type */
- if (tag == -1)
- tag = utype;
-
- /* Output tag+length followed by content octets */
- if (out) {
- if (usetag)
- ASN1_put_object(out, ndef, len, tag, aclass);
- asn1_ex_i2c(pval, *out, &utype, it);
- if (ndef)
- ASN1_put_eoc(out);
- else
- *out += len;
- }
-
- if (usetag)
- return ASN1_object_size(ndef, len, tag);
- return len;
-}
-
-/* Produce content octets from a structure */
-
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
- const ASN1_ITEM *it)
-{
- ASN1_BOOLEAN *tbool = NULL;
- ASN1_STRING *strtmp;
- ASN1_OBJECT *otmp;
- int utype;
- const unsigned char *cont;
- unsigned char c;
- int len;
- const ASN1_PRIMITIVE_FUNCS *pf;
- pf = it->funcs;
- if (pf && pf->prim_i2c)
- return pf->prim_i2c(pval, cout, putype, it);
-
- /* Should type be omitted? */
- if ((it->itype != ASN1_ITYPE_PRIMITIVE)
- || (it->utype != V_ASN1_BOOLEAN)) {
- if (!*pval)
- return -1;
- }
-
- if (it->itype == ASN1_ITYPE_MSTRING) {
- /* If MSTRING type set the underlying type */
- strtmp = (ASN1_STRING *)*pval;
- utype = strtmp->type;
- *putype = utype;
- } else if (it->utype == V_ASN1_ANY) {
- /* If ANY set type and pointer to value */
- ASN1_TYPE *typ;
- typ = (ASN1_TYPE *)*pval;
- utype = typ->type;
- *putype = utype;
- pval = &typ->value.asn1_value;
- } else
- utype = *putype;
-
- switch (utype) {
- case V_ASN1_OBJECT:
- otmp = (ASN1_OBJECT *)*pval;
- cont = otmp->data;
- len = otmp->length;
- break;
-
- case V_ASN1_NULL:
- cont = NULL;
- len = 0;
- break;
-
- case V_ASN1_BOOLEAN:
- tbool = (ASN1_BOOLEAN *)pval;
- if (*tbool == -1)
- return -1;
- if (it->utype != V_ASN1_ANY) {
- /*
- * Default handling if value == size field then omit
- */
- if (*tbool && (it->size > 0))
- return -1;
- if (!*tbool && !it->size)
- return -1;
- }
- c = (unsigned char)*tbool;
- cont = &c;
- len = 1;
- break;
-
- case V_ASN1_BIT_STRING:
- return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
- cout ? &cout : NULL);
- break;
-
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- /*
- * These are all have the same content format as ASN1_INTEGER
- */
- return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
- break;
-
- case V_ASN1_OCTET_STRING:
- case V_ASN1_NUMERICSTRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_VIDEOTEXSTRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UTCTIME:
- case V_ASN1_GENERALIZEDTIME:
- case V_ASN1_GRAPHICSTRING:
- case V_ASN1_VISIBLESTRING:
- case V_ASN1_GENERALSTRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_BMPSTRING:
- case V_ASN1_UTF8STRING:
- case V_ASN1_SEQUENCE:
- case V_ASN1_SET:
- default:
- /* All based on ASN1_STRING and handled the same */
- strtmp = (ASN1_STRING *)*pval;
- /* Special handling for NDEF */
- if ((it->size == ASN1_TFLG_NDEF)
- && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
- if (cout) {
- strtmp->data = cout;
- strtmp->length = 0;
- }
- /* Special return code */
- return -2;
- }
- cont = strtmp->data;
- len = strtmp->length;
-
- break;
-
- }
- if (cout && len)
- memcpy(cout, cont, len);
- return len;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/tasn_enc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,667 @@
+/* tasn_enc.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
+ int skcontlen, const ASN1_ITEM *item,
+ int do_sort, int iclass);
+static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_TEMPLATE *tt, int tag, int aclass);
+static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
+ const ASN1_ITEM *it, int flags);
+
+/*
+ * Top level i2d equivalents: the 'ndef' variant instructs the encoder to use
+ * indefinite length constructed encoding, where appropriate
+ */
+
+int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
+ const ASN1_ITEM *it)
+{
+ return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
+}
+
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
+{
+ return asn1_item_flags_i2d(val, out, it, 0);
+}
+
+/*
+ * Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
+ * points to a buffer to output the data to. The new i2d has one additional
+ * feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
+ * allocated and populated with the encoding.
+ */
+
+static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
+ const ASN1_ITEM *it, int flags)
+{
+ if (out && !*out) {
+ unsigned char *p, *buf;
+ int len;
+ len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
+ if (len <= 0)
+ return len;
+ buf = OPENSSL_malloc(len);
+ if (!buf)
+ return -1;
+ p = buf;
+ ASN1_item_ex_i2d(&val, &p, it, -1, flags);
+ *out = buf;
+ return len;
+ }
+
+ return ASN1_item_ex_i2d(&val, out, it, -1, flags);
+}
+
+/*
+ * Encode an item, taking care of IMPLICIT tagging (if any). This function
+ * performs the normal item handling: it can be used in external types.
+ */
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass)
+{
+ const ASN1_TEMPLATE *tt = NULL;
+ unsigned char *p = NULL;
+ int i, seqcontlen, seqlen, ndef = 1;
+ const ASN1_COMPAT_FUNCS *cf;
+ const ASN1_EXTERN_FUNCS *ef;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb = 0;
+
+ if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
+ return 0;
+
+ if (aux && aux->asn1_cb)
+ asn1_cb = aux->asn1_cb;
+
+ switch (it->itype) {
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if (it->templates)
+ return asn1_template_ex_i2d(pval, out, it->templates,
+ tag, aclass);
+ return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
+
+ case ASN1_ITYPE_CHOICE:
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
+ return 0;
+ i = asn1_get_choice_selector(pval, it);
+ if ((i >= 0) && (i < it->tcount)) {
+ ASN1_VALUE **pchval;
+ const ASN1_TEMPLATE *chtt;
+ chtt = it->templates + i;
+ pchval = asn1_get_field_ptr(pval, chtt);
+ return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
+ }
+ /* Fixme: error condition if selector out of range */
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
+ return 0;
+ break;
+
+ case ASN1_ITYPE_EXTERN:
+ /* If new style i2d it does all the work */
+ ef = it->funcs;
+ return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
+
+ case ASN1_ITYPE_COMPAT:
+ /* old style hackery... */
+ cf = it->funcs;
+ if (out)
+ p = *out;
+ i = cf->asn1_i2d(*pval, out);
+ /*
+ * Fixup for IMPLICIT tag: note this messes up for tags > 30, but so
+ * did the old code. Tags > 30 are very rare anyway.
+ */
+ if (out && (tag != -1))
+ *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
+ return i;
+
+ case ASN1_ITYPE_NDEF_SEQUENCE:
+ /* Use indefinite length constructed if requested */
+ if (aclass & ASN1_TFLG_NDEF)
+ ndef = 2;
+ /* fall through */
+
+ case ASN1_ITYPE_SEQUENCE:
+ i = asn1_enc_restore(&seqcontlen, out, pval, it);
+ /* An error occurred */
+ if (i < 0)
+ return 0;
+ /* We have a valid cached encoding... */
+ if (i > 0)
+ return seqcontlen;
+ /* Otherwise carry on */
+ seqcontlen = 0;
+ /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+ if (tag == -1) {
+ tag = V_ASN1_SEQUENCE;
+ /* Retain any other flags in aclass */
+ aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
+ | V_ASN1_UNIVERSAL;
+ }
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
+ return 0;
+ /* First work out sequence content length */
+ for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ int tmplen;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if (!seqtt)
+ return 0;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
+ if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
+ return -1;
+ seqcontlen += tmplen;
+ }
+
+ seqlen = ASN1_object_size(ndef, seqcontlen, tag);
+ if (!out || seqlen == -1)
+ return seqlen;
+ /* Output SEQUENCE header */
+ ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
+ for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if (!seqtt)
+ return 0;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ /* FIXME: check for errors in enhanced version */
+ asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
+ }
+ if (ndef == 2)
+ ASN1_put_eoc(out);
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
+ return 0;
+ return seqlen;
+
+ default:
+ return 0;
+
+ }
+ return 0;
+}
+
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_TEMPLATE *tt)
+{
+ return asn1_template_ex_i2d(pval, out, tt, -1, 0);
+}
+
+static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_TEMPLATE *tt, int tag, int iclass)
+{
+ int i, ret, flags, ttag, tclass, ndef;
+ flags = tt->flags;
+ /*
+ * Work out tag and class to use: tagging may come either from the
+ * template or the arguments, not both because this would create
+ * ambiguity. Additionally the iclass argument may contain some
+ * additional flags which should be noted and passed down to other
+ * levels.
+ */
+ if (flags & ASN1_TFLG_TAG_MASK) {
+ /* Error if argument and template tagging */
+ if (tag != -1)
+ /* FIXME: error code here */
+ return -1;
+ /* Get tagging from template */
+ ttag = tt->tag;
+ tclass = flags & ASN1_TFLG_TAG_CLASS;
+ } else if (tag != -1) {
+ /* No template tagging, get from arguments */
+ ttag = tag;
+ tclass = iclass & ASN1_TFLG_TAG_CLASS;
+ } else {
+ ttag = -1;
+ tclass = 0;
+ }
+ /*
+ * Remove any class mask from iflag.
+ */
+ iclass &= ~ASN1_TFLG_TAG_CLASS;
+
+ /*
+ * At this point 'ttag' contains the outer tag to use, 'tclass' is the
+ * class and iclass is any flags passed to this function.
+ */
+
+ /* if template and arguments require ndef, use it */
+ if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
+ ndef = 2;
+ else
+ ndef = 1;
+
+ if (flags & ASN1_TFLG_SK_MASK) {
+ /* SET OF, SEQUENCE OF */
+ STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+ int isset, sktag, skaclass;
+ int skcontlen, sklen;
+ ASN1_VALUE *skitem;
+
+ if (!*pval)
+ return 0;
+
+ if (flags & ASN1_TFLG_SET_OF) {
+ isset = 1;
+ /* 2 means we reorder */
+ if (flags & ASN1_TFLG_SEQUENCE_OF)
+ isset = 2;
+ } else
+ isset = 0;
+
+ /*
+ * Work out inner tag value: if EXPLICIT or no tagging use underlying
+ * type.
+ */
+ if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
+ sktag = ttag;
+ skaclass = tclass;
+ } else {
+ skaclass = V_ASN1_UNIVERSAL;
+ if (isset)
+ sktag = V_ASN1_SET;
+ else
+ sktag = V_ASN1_SEQUENCE;
+ }
+
+ /* Determine total length of items */
+ skcontlen = 0;
+ for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+ int tmplen;
+ skitem = sk_ASN1_VALUE_value(sk, i);
+ tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
+ -1, iclass);
+ if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
+ return -1;
+ skcontlen += tmplen;
+ }
+ sklen = ASN1_object_size(ndef, skcontlen, sktag);
+ if (sklen == -1)
+ return -1;
+ /* If EXPLICIT need length of surrounding tag */
+ if (flags & ASN1_TFLG_EXPTAG)
+ ret = ASN1_object_size(ndef, sklen, ttag);
+ else
+ ret = sklen;
+
+ if (!out || ret == -1)
+ return ret;
+
+ /* Now encode this lot... */
+ /* EXPLICIT tag */
+ if (flags & ASN1_TFLG_EXPTAG)
+ ASN1_put_object(out, ndef, sklen, ttag, tclass);
+ /* SET or SEQUENCE and IMPLICIT tag */
+ ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
+ /* And the stuff itself */
+ asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
+ isset, iclass);
+ if (ndef == 2) {
+ ASN1_put_eoc(out);
+ if (flags & ASN1_TFLG_EXPTAG)
+ ASN1_put_eoc(out);
+ }
+
+ return ret;
+ }
+
+ if (flags & ASN1_TFLG_EXPTAG) {
+ /* EXPLICIT tagging */
+ /* Find length of tagged item */
+ i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass);
+ if (!i)
+ return 0;
+ /* Find length of EXPLICIT tag */
+ ret = ASN1_object_size(ndef, i, ttag);
+ if (out && ret != -1) {
+ /* Output tag and item */
+ ASN1_put_object(out, ndef, i, ttag, tclass);
+ ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
+ if (ndef == 2)
+ ASN1_put_eoc(out);
+ }
+ return ret;
+ }
+
+ /* Either normal or IMPLICIT tagging: combine class and flags */
+ return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
+ ttag, tclass | iclass);
+
+}
+
+/* Temporary structure used to hold DER encoding of items for SET OF */
+
+typedef struct {
+ unsigned char *data;
+ int length;
+ ASN1_VALUE *field;
+} DER_ENC;
+
+static int der_cmp(const void *a, const void *b)
+{
+ const DER_ENC *d1 = a, *d2 = b;
+ int cmplen, i;
+ cmplen = (d1->length < d2->length) ? d1->length : d2->length;
+ i = memcmp(d1->data, d2->data, cmplen);
+ if (i)
+ return i;
+ return d1->length - d2->length;
+}
+
+/* Output the content octets of SET OF or SEQUENCE OF */
+
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
+ int skcontlen, const ASN1_ITEM *item,
+ int do_sort, int iclass)
+{
+ int i;
+ ASN1_VALUE *skitem;
+ unsigned char *tmpdat = NULL, *p = NULL;
+ DER_ENC *derlst = NULL, *tder;
+ if (do_sort) {
+ /* Don't need to sort less than 2 items */
+ if (sk_ASN1_VALUE_num(sk) < 2)
+ do_sort = 0;
+ else {
+ derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
+ * sizeof(*derlst));
+ if (!derlst)
+ return 0;
+ tmpdat = OPENSSL_malloc(skcontlen);
+ if (!tmpdat) {
+ OPENSSL_free(derlst);
+ return 0;
+ }
+ }
+ }
+ /* If not sorting just output each item */
+ if (!do_sort) {
+ for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+ skitem = sk_ASN1_VALUE_value(sk, i);
+ ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
+ }
+ return 1;
+ }
+ p = tmpdat;
+
+ /* Doing sort: build up a list of each member's DER encoding */
+ for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+ skitem = sk_ASN1_VALUE_value(sk, i);
+ tder->data = p;
+ tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
+ tder->field = skitem;
+ }
+
+ /* Now sort them */
+ qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
+ /* Output sorted DER encoding */
+ p = *out;
+ for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+ memcpy(p, tder->data, tder->length);
+ p += tder->length;
+ }
+ *out = p;
+ /* If do_sort is 2 then reorder the STACK */
+ if (do_sort == 2) {
+ for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
+ (void)sk_ASN1_VALUE_set(sk, i, tder->field);
+ }
+ OPENSSL_free(derlst);
+ OPENSSL_free(tmpdat);
+ return 1;
+}
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass)
+{
+ int len;
+ int utype;
+ int usetag;
+ int ndef = 0;
+
+ utype = it->utype;
+
+ /*
+ * Get length of content octets and maybe find out the underlying type.
+ */
+
+ len = asn1_ex_i2c(pval, NULL, &utype, it);
+
+ /*
+ * If SEQUENCE, SET or OTHER then header is included in pseudo content
+ * octets so don't include tag+length. We need to check here because the
+ * call to asn1_ex_i2c() could change utype.
+ */
+ if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
+ (utype == V_ASN1_OTHER))
+ usetag = 0;
+ else
+ usetag = 1;
+
+ /* -1 means omit type */
+
+ if (len == -1)
+ return 0;
+
+ /* -2 return is special meaning use ndef */
+ if (len == -2) {
+ ndef = 2;
+ len = 0;
+ }
+
+ /* If not implicitly tagged get tag from underlying type */
+ if (tag == -1)
+ tag = utype;
+
+ /* Output tag+length followed by content octets */
+ if (out) {
+ if (usetag)
+ ASN1_put_object(out, ndef, len, tag, aclass);
+ asn1_ex_i2c(pval, *out, &utype, it);
+ if (ndef)
+ ASN1_put_eoc(out);
+ else
+ *out += len;
+ }
+
+ if (usetag)
+ return ASN1_object_size(ndef, len, tag);
+ return len;
+}
+
+/* Produce content octets from a structure */
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
+ const ASN1_ITEM *it)
+{
+ ASN1_BOOLEAN *tbool = NULL;
+ ASN1_STRING *strtmp;
+ ASN1_OBJECT *otmp;
+ int utype;
+ const unsigned char *cont;
+ unsigned char c;
+ int len;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if (pf && pf->prim_i2c)
+ return pf->prim_i2c(pval, cout, putype, it);
+
+ /* Should type be omitted? */
+ if ((it->itype != ASN1_ITYPE_PRIMITIVE)
+ || (it->utype != V_ASN1_BOOLEAN)) {
+ if (!*pval)
+ return -1;
+ }
+
+ if (it->itype == ASN1_ITYPE_MSTRING) {
+ /* If MSTRING type set the underlying type */
+ strtmp = (ASN1_STRING *)*pval;
+ utype = strtmp->type;
+ *putype = utype;
+ } else if (it->utype == V_ASN1_ANY) {
+ /* If ANY set type and pointer to value */
+ ASN1_TYPE *typ;
+ typ = (ASN1_TYPE *)*pval;
+ utype = typ->type;
+ *putype = utype;
+ pval = &typ->value.asn1_value;
+ } else
+ utype = *putype;
+
+ switch (utype) {
+ case V_ASN1_OBJECT:
+ otmp = (ASN1_OBJECT *)*pval;
+ cont = otmp->data;
+ len = otmp->length;
+ break;
+
+ case V_ASN1_NULL:
+ cont = NULL;
+ len = 0;
+ break;
+
+ case V_ASN1_BOOLEAN:
+ tbool = (ASN1_BOOLEAN *)pval;
+ if (*tbool == -1)
+ return -1;
+ if (it->utype != V_ASN1_ANY) {
+ /*
+ * Default handling if value == size field then omit
+ */
+ if (*tbool && (it->size > 0))
+ return -1;
+ if (!*tbool && !it->size)
+ return -1;
+ }
+ c = (unsigned char)*tbool;
+ cont = &c;
+ len = 1;
+ break;
+
+ case V_ASN1_BIT_STRING:
+ return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
+ cout ? &cout : NULL);
+ break;
+
+ case V_ASN1_INTEGER:
+ case V_ASN1_ENUMERATED:
+ /*
+ * These are all have the same content format as ASN1_INTEGER
+ */
+ return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_NUMERICSTRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_VIDEOTEXSTRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_GENERALIZEDTIME:
+ case V_ASN1_GRAPHICSTRING:
+ case V_ASN1_VISIBLESTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_BMPSTRING:
+ case V_ASN1_UTF8STRING:
+ case V_ASN1_SEQUENCE:
+ case V_ASN1_SET:
+ default:
+ /* All based on ASN1_STRING and handled the same */
+ strtmp = (ASN1_STRING *)*pval;
+ /* Special handling for NDEF */
+ if ((it->size == ASN1_TFLG_NDEF)
+ && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
+ if (cout) {
+ strtmp->data = cout;
+ strtmp->length = 0;
+ }
+ /* Special return code */
+ return -2;
+ }
+ cont = strtmp->data;
+ len = strtmp->length;
+
+ break;
+
+ }
+ if (cout && len)
+ memcpy(cout, cont, len);
+ return len;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/tasn_prn.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,585 +0,0 @@
-/* tasn_prn.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-#include "asn1_locl.h"
-
-/*
- * Print routines.
- */
-
-/* ASN1_PCTX routines */
-
-ASN1_PCTX default_pctx = {
- ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
- 0, /* nm_flags */
- 0, /* cert_flags */
- 0, /* oid_flags */
- 0 /* str_flags */
-};
-
-ASN1_PCTX *ASN1_PCTX_new(void)
-{
- ASN1_PCTX *ret;
- ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
- if (ret == NULL) {
- ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- ret->flags = 0;
- ret->nm_flags = 0;
- ret->cert_flags = 0;
- ret->oid_flags = 0;
- ret->str_flags = 0;
- return ret;
-}
-
-void ASN1_PCTX_free(ASN1_PCTX *p)
-{
- OPENSSL_free(p);
-}
-
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
-{
- return p->flags;
-}
-
-void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
-{
- p->flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
-{
- return p->nm_flags;
-}
-
-void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
-{
- p->nm_flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
-{
- return p->cert_flags;
-}
-
-void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
-{
- p->cert_flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
-{
- return p->oid_flags;
-}
-
-void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
-{
- p->oid_flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
-{
- return p->str_flags;
-}
-
-void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
-{
- p->str_flags = flags;
-}
-
-/* Main print routines */
-
-static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
- const ASN1_ITEM *it,
- const char *fname, const char *sname,
- int nohdr, const ASN1_PCTX *pctx);
-
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
- const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
-
-static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
- const ASN1_ITEM *it, int indent,
- const char *fname, const char *sname,
- const ASN1_PCTX *pctx);
-
-static int asn1_print_fsname(BIO *out, int indent,
- const char *fname, const char *sname,
- const ASN1_PCTX *pctx);
-
-int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
- const ASN1_ITEM *it, const ASN1_PCTX *pctx)
-{
- const char *sname;
- if (pctx == NULL)
- pctx = &default_pctx;
- if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
- sname = NULL;
- else
- sname = it->sname;
- return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, 0, pctx);
-}
-
-static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
- const ASN1_ITEM *it,
- const char *fname, const char *sname,
- int nohdr, const ASN1_PCTX *pctx)
-{
- const ASN1_TEMPLATE *tt;
- const ASN1_EXTERN_FUNCS *ef;
- ASN1_VALUE **tmpfld;
- const ASN1_AUX *aux = it->funcs;
- ASN1_aux_cb *asn1_cb;
- ASN1_PRINT_ARG parg;
- int i;
- if (aux && aux->asn1_cb) {
- parg.out = out;
- parg.indent = indent;
- parg.pctx = pctx;
- asn1_cb = aux->asn1_cb;
- } else
- asn1_cb = 0;
-
- if (*fld == NULL) {
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
- if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
- if (BIO_puts(out, "<ABSENT>\n") <= 0)
- return 0;
- }
- return 1;
- }
-
- switch (it->itype) {
- case ASN1_ITYPE_PRIMITIVE:
- if (it->templates) {
- if (!asn1_template_print_ctx(out, fld, indent,
- it->templates, pctx))
- return 0;
- break;
- }
- /* fall thru */
- case ASN1_ITYPE_MSTRING:
- if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
- return 0;
- break;
-
- case ASN1_ITYPE_EXTERN:
- if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
- /* Use new style print routine if possible */
- ef = it->funcs;
- if (ef && ef->asn1_ex_print) {
- i = ef->asn1_ex_print(out, fld, indent, "", pctx);
- if (!i)
- return 0;
- if ((i == 2) && (BIO_puts(out, "\n") <= 0))
- return 0;
- return 1;
- } else if (sname &&
- BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
- return 0;
- break;
-
- case ASN1_ITYPE_CHOICE:
-#if 0
- if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
-#endif
- /* CHOICE type, get selector */
- i = asn1_get_choice_selector(fld, it);
- /* This should never happen... */
- if ((i < 0) || (i >= it->tcount)) {
- if (BIO_printf(out, "ERROR: selector [%d] invalid\n", i) <= 0)
- return 0;
- return 1;
- }
- tt = it->templates + i;
- tmpfld = asn1_get_field_ptr(fld, tt);
- if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
- return 0;
- break;
-
- case ASN1_ITYPE_SEQUENCE:
- case ASN1_ITYPE_NDEF_SEQUENCE:
- if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
- if (fname || sname) {
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
- if (BIO_puts(out, " {\n") <= 0)
- return 0;
- } else {
- if (BIO_puts(out, "\n") <= 0)
- return 0;
- }
- }
-
- if (asn1_cb) {
- i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
- if (i == 0)
- return 0;
- if (i == 2)
- return 1;
- }
-
- /* Print each field entry */
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
- const ASN1_TEMPLATE *seqtt;
- seqtt = asn1_do_adb(fld, tt, 1);
- if (!seqtt)
- return 0;
- tmpfld = asn1_get_field_ptr(fld, seqtt);
- if (!asn1_template_print_ctx(out, tmpfld,
- indent + 2, seqtt, pctx))
- return 0;
- }
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
- if (BIO_printf(out, "%*s}\n", indent, "") < 0)
- return 0;
- }
-
- if (asn1_cb) {
- i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
- if (i == 0)
- return 0;
- }
- break;
-
- default:
- BIO_printf(out, "Unprocessed type %d\n", it->itype);
- return 0;
- }
-
- return 1;
-}
-
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
- const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
-{
- int i, flags;
- const char *sname, *fname;
- flags = tt->flags;
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
- sname = ASN1_ITEM_ptr(tt->item)->sname;
- else
- sname = NULL;
- if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
- fname = NULL;
- else
- fname = tt->field_name;
- if (flags & ASN1_TFLG_SK_MASK) {
- char *tname;
- ASN1_VALUE *skitem;
- STACK_OF(ASN1_VALUE) *stack;
-
- /* SET OF, SEQUENCE OF */
- if (fname) {
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
- if (flags & ASN1_TFLG_SET_OF)
- tname = "SET";
- else
- tname = "SEQUENCE";
- if (BIO_printf(out, "%*s%s OF %s {\n",
- indent, "", tname, tt->field_name) <= 0)
- return 0;
- } else if (BIO_printf(out, "%*s%s:\n", indent, "", fname) <= 0)
- return 0;
- }
- stack = (STACK_OF(ASN1_VALUE) *)*fld;
- for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
- if ((i > 0) && (BIO_puts(out, "\n") <= 0))
- return 0;
-
- skitem = sk_ASN1_VALUE_value(stack, i);
- if (!asn1_item_print_ctx(out, &skitem, indent + 2,
- ASN1_ITEM_ptr(tt->item), NULL, NULL, 1,
- pctx))
- return 0;
- }
- if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
- return 0;
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
- if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
- return 0;
- }
- return 1;
- }
- return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
- fname, sname, 0, pctx);
-}
-
-static int asn1_print_fsname(BIO *out, int indent,
- const char *fname, const char *sname,
- const ASN1_PCTX *pctx)
-{
- static char spaces[] = " ";
- const int nspaces = sizeof(spaces) - 1;
-
-#if 0
- if (!sname && !fname)
- return 1;
-#endif
-
- while (indent > nspaces) {
- if (BIO_write(out, spaces, nspaces) != nspaces)
- return 0;
- indent -= nspaces;
- }
- if (BIO_write(out, spaces, indent) != indent)
- return 0;
- if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
- sname = NULL;
- if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
- fname = NULL;
- if (!sname && !fname)
- return 1;
- if (fname) {
- if (BIO_puts(out, fname) <= 0)
- return 0;
- }
- if (sname) {
- if (fname) {
- if (BIO_printf(out, " (%s)", sname) <= 0)
- return 0;
- } else {
- if (BIO_puts(out, sname) <= 0)
- return 0;
- }
- }
- if (BIO_write(out, ": ", 2) != 2)
- return 0;
- return 1;
-}
-
-static int asn1_print_boolean_ctx(BIO *out, int boolval,
- const ASN1_PCTX *pctx)
-{
- const char *str;
- switch (boolval) {
- case -1:
- str = "BOOL ABSENT";
- break;
-
- case 0:
- str = "FALSE";
- break;
-
- default:
- str = "TRUE";
- break;
-
- }
-
- if (BIO_puts(out, str) <= 0)
- return 0;
- return 1;
-
-}
-
-static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
- const ASN1_PCTX *pctx)
-{
- char *s;
- int ret = 1;
- s = i2s_ASN1_INTEGER(NULL, str);
- if (BIO_puts(out, s) <= 0)
- ret = 0;
- OPENSSL_free(s);
- return ret;
-}
-
-static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
- const ASN1_PCTX *pctx)
-{
- char objbuf[80];
- const char *ln;
- ln = OBJ_nid2ln(OBJ_obj2nid(oid));
- if (!ln)
- ln = "";
- OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
- if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
- return 0;
- return 1;
-}
-
-static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
- const ASN1_PCTX *pctx)
-{
- if (str->type == V_ASN1_BIT_STRING) {
- if (BIO_printf(out, " (%ld unused bits)\n", str->flags & 0x7) <= 0)
- return 0;
- } else if (BIO_puts(out, "\n") <= 0)
- return 0;
- if ((str->length > 0)
- && BIO_dump_indent(out, (char *)str->data, str->length,
- indent + 2) <= 0)
- return 0;
- return 1;
-}
-
-static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
- const ASN1_ITEM *it, int indent,
- const char *fname, const char *sname,
- const ASN1_PCTX *pctx)
-{
- long utype;
- ASN1_STRING *str;
- int ret = 1, needlf = 1;
- const char *pname;
- const ASN1_PRIMITIVE_FUNCS *pf;
- pf = it->funcs;
- if (!asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
- if (pf && pf->prim_print)
- return pf->prim_print(out, fld, it, indent, pctx);
- str = (ASN1_STRING *)*fld;
- if (it->itype == ASN1_ITYPE_MSTRING)
- utype = str->type & ~V_ASN1_NEG;
- else
- utype = it->utype;
- if (utype == V_ASN1_ANY) {
- ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
- utype = atype->type;
- fld = &atype->value.asn1_value;
- str = (ASN1_STRING *)*fld;
- if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
- pname = NULL;
- else
- pname = ASN1_tag2str(utype);
- } else {
- if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
- pname = ASN1_tag2str(utype);
- else
- pname = NULL;
- }
-
- if (utype == V_ASN1_NULL) {
- if (BIO_puts(out, "NULL\n") <= 0)
- return 0;
- return 1;
- }
-
- if (pname) {
- if (BIO_puts(out, pname) <= 0)
- return 0;
- if (BIO_puts(out, ":") <= 0)
- return 0;
- }
-
- switch (utype) {
- case V_ASN1_BOOLEAN:
- {
- int boolval = *(int *)fld;
- if (boolval == -1)
- boolval = it->size;
- ret = asn1_print_boolean_ctx(out, boolval, pctx);
- }
- break;
-
- case V_ASN1_INTEGER:
- case V_ASN1_ENUMERATED:
- ret = asn1_print_integer_ctx(out, str, pctx);
- break;
-
- case V_ASN1_UTCTIME:
- ret = ASN1_UTCTIME_print(out, str);
- break;
-
- case V_ASN1_GENERALIZEDTIME:
- ret = ASN1_GENERALIZEDTIME_print(out, str);
- break;
-
- case V_ASN1_OBJECT:
- ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
- break;
-
- case V_ASN1_OCTET_STRING:
- case V_ASN1_BIT_STRING:
- ret = asn1_print_obstring_ctx(out, str, indent, pctx);
- needlf = 0;
- break;
-
- case V_ASN1_SEQUENCE:
- case V_ASN1_SET:
- case V_ASN1_OTHER:
- if (BIO_puts(out, "\n") <= 0)
- return 0;
- if (ASN1_parse_dump(out, str->data, str->length, indent, 0) <= 0)
- ret = 0;
- needlf = 0;
- break;
-
- default:
- ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
-
- }
- if (!ret)
- return 0;
- if (needlf && BIO_puts(out, "\n") <= 0)
- return 0;
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/tasn_prn.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/tasn_prn.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,587 @@
+/* tasn_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/x509v3.h>
+#include "asn1_locl.h"
+
+/*
+ * Print routines.
+ */
+
+/* ASN1_PCTX routines */
+
+ASN1_PCTX default_pctx = {
+ ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
+ 0, /* nm_flags */
+ 0, /* cert_flags */
+ 0, /* oid_flags */
+ 0 /* str_flags */
+};
+
+ASN1_PCTX *ASN1_PCTX_new(void)
+{
+ ASN1_PCTX *ret;
+ ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
+ if (ret == NULL) {
+ ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ ret->flags = 0;
+ ret->nm_flags = 0;
+ ret->cert_flags = 0;
+ ret->oid_flags = 0;
+ ret->str_flags = 0;
+ return ret;
+}
+
+void ASN1_PCTX_free(ASN1_PCTX *p)
+{
+ OPENSSL_free(p);
+}
+
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
+{
+ return p->flags;
+}
+
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
+{
+ return p->nm_flags;
+}
+
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->nm_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
+{
+ return p->cert_flags;
+}
+
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->cert_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
+{
+ return p->oid_flags;
+}
+
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->oid_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
+{
+ return p->str_flags;
+}
+
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->str_flags = flags;
+}
+
+/* Main print routines */
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_ITEM *it,
+ const char *fname, const char *sname,
+ int nohdr, const ASN1_PCTX *pctx);
+
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+ const ASN1_ITEM *it, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx);
+
+static int asn1_print_fsname(BIO *out, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx);
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+ const ASN1_ITEM *it, const ASN1_PCTX *pctx)
+{
+ const char *sname;
+ if (pctx == NULL)
+ pctx = &default_pctx;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+ sname = NULL;
+ else
+ sname = it->sname;
+ return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, 0, pctx);
+}
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_ITEM *it,
+ const char *fname, const char *sname,
+ int nohdr, const ASN1_PCTX *pctx)
+{
+ const ASN1_TEMPLATE *tt;
+ const ASN1_EXTERN_FUNCS *ef;
+ ASN1_VALUE **tmpfld;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ ASN1_PRINT_ARG parg;
+ int i;
+ if (aux && aux->asn1_cb) {
+ parg.out = out;
+ parg.indent = indent;
+ parg.pctx = pctx;
+ asn1_cb = aux->asn1_cb;
+ } else
+ asn1_cb = 0;
+
+ if (*fld == NULL) {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ if (BIO_puts(out, "<ABSENT>\n") <= 0)
+ return 0;
+ }
+ return 1;
+ }
+
+ switch (it->itype) {
+ case ASN1_ITYPE_PRIMITIVE:
+ if (it->templates) {
+ if (!asn1_template_print_ctx(out, fld, indent,
+ it->templates, pctx))
+ return 0;
+ break;
+ }
+ /* fall thru */
+ case ASN1_ITYPE_MSTRING:
+ if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
+ return 0;
+ break;
+
+ case ASN1_ITYPE_EXTERN:
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ /* Use new style print routine if possible */
+ ef = it->funcs;
+ if (ef && ef->asn1_ex_print) {
+ i = ef->asn1_ex_print(out, fld, indent, "", pctx);
+ if (!i)
+ return 0;
+ if ((i == 2) && (BIO_puts(out, "\n") <= 0))
+ return 0;
+ return 1;
+ } else if (sname &&
+ BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
+ return 0;
+ break;
+
+ case ASN1_ITYPE_CHOICE:
+#if 0
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+#endif
+ /* CHOICE type, get selector */
+ i = asn1_get_choice_selector(fld, it);
+ /* This should never happen... */
+ if ((i < 0) || (i >= it->tcount)) {
+ if (BIO_printf(out, "ERROR: selector [%d] invalid\n", i) <= 0)
+ return 0;
+ return 1;
+ }
+ tt = it->templates + i;
+ tmpfld = asn1_get_field_ptr(fld, tt);
+ if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
+ return 0;
+ break;
+
+ case ASN1_ITYPE_SEQUENCE:
+ case ASN1_ITYPE_NDEF_SEQUENCE:
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ if (fname || sname) {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+ if (BIO_puts(out, " {\n") <= 0)
+ return 0;
+ } else {
+ if (BIO_puts(out, "\n") <= 0)
+ return 0;
+ }
+ }
+
+ if (asn1_cb) {
+ i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
+ if (i == 0)
+ return 0;
+ if (i == 2)
+ return 1;
+ }
+
+ /* Print each field entry */
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ const ASN1_TEMPLATE *seqtt;
+ seqtt = asn1_do_adb(fld, tt, 1);
+ if (!seqtt)
+ return 0;
+ tmpfld = asn1_get_field_ptr(fld, seqtt);
+ if (!asn1_template_print_ctx(out, tmpfld,
+ indent + 2, seqtt, pctx))
+ return 0;
+ }
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+ if (BIO_printf(out, "%*s}\n", indent, "") < 0)
+ return 0;
+ }
+
+ if (asn1_cb) {
+ i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
+ if (i == 0)
+ return 0;
+ }
+ break;
+
+ default:
+ BIO_printf(out, "Unprocessed type %d\n", it->itype);
+ return 0;
+ }
+
+ return 1;
+}
+
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
+{
+ int i, flags;
+ const char *sname, *fname;
+ flags = tt->flags;
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
+ sname = ASN1_ITEM_ptr(tt->item)->sname;
+ else
+ sname = NULL;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+ fname = NULL;
+ else
+ fname = tt->field_name;
+ if (flags & ASN1_TFLG_SK_MASK) {
+ char *tname;
+ ASN1_VALUE *skitem;
+ STACK_OF(ASN1_VALUE) *stack;
+
+ /* SET OF, SEQUENCE OF */
+ if (fname) {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
+ if (flags & ASN1_TFLG_SET_OF)
+ tname = "SET";
+ else
+ tname = "SEQUENCE";
+ if (BIO_printf(out, "%*s%s OF %s {\n",
+ indent, "", tname, tt->field_name) <= 0)
+ return 0;
+ } else if (BIO_printf(out, "%*s%s:\n", indent, "", fname) <= 0)
+ return 0;
+ }
+ stack = (STACK_OF(ASN1_VALUE) *)*fld;
+ for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
+ if ((i > 0) && (BIO_puts(out, "\n") <= 0))
+ return 0;
+
+ skitem = sk_ASN1_VALUE_value(stack, i);
+ if (!asn1_item_print_ctx(out, &skitem, indent + 2,
+ ASN1_ITEM_ptr(tt->item), NULL, NULL, 1,
+ pctx))
+ return 0;
+ }
+ if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
+ return 0;
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+ if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
+ return 0;
+ }
+ return 1;
+ }
+ return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
+ fname, sname, 0, pctx);
+}
+
+static int asn1_print_fsname(BIO *out, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx)
+{
+ static char spaces[] = " ";
+ const int nspaces = sizeof(spaces) - 1;
+
+#if 0
+ if (!sname && !fname)
+ return 1;
+#endif
+
+ while (indent > nspaces) {
+ if (BIO_write(out, spaces, nspaces) != nspaces)
+ return 0;
+ indent -= nspaces;
+ }
+ if (BIO_write(out, spaces, indent) != indent)
+ return 0;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+ sname = NULL;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+ fname = NULL;
+ if (!sname && !fname)
+ return 1;
+ if (fname) {
+ if (BIO_puts(out, fname) <= 0)
+ return 0;
+ }
+ if (sname) {
+ if (fname) {
+ if (BIO_printf(out, " (%s)", sname) <= 0)
+ return 0;
+ } else {
+ if (BIO_puts(out, sname) <= 0)
+ return 0;
+ }
+ }
+ if (BIO_write(out, ": ", 2) != 2)
+ return 0;
+ return 1;
+}
+
+static int asn1_print_boolean_ctx(BIO *out, int boolval,
+ const ASN1_PCTX *pctx)
+{
+ const char *str;
+ switch (boolval) {
+ case -1:
+ str = "BOOL ABSENT";
+ break;
+
+ case 0:
+ str = "FALSE";
+ break;
+
+ default:
+ str = "TRUE";
+ break;
+
+ }
+
+ if (BIO_puts(out, str) <= 0)
+ return 0;
+ return 1;
+
+}
+
+static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
+ const ASN1_PCTX *pctx)
+{
+ char *s;
+ int ret = 1;
+ s = i2s_ASN1_INTEGER(NULL, str);
+ if (s == NULL)
+ return 0;
+ if (BIO_puts(out, s) <= 0)
+ ret = 0;
+ OPENSSL_free(s);
+ return ret;
+}
+
+static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
+ const ASN1_PCTX *pctx)
+{
+ char objbuf[80];
+ const char *ln;
+ ln = OBJ_nid2ln(OBJ_obj2nid(oid));
+ if (!ln)
+ ln = "";
+ OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
+ if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
+ return 0;
+ return 1;
+}
+
+static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
+ const ASN1_PCTX *pctx)
+{
+ if (str->type == V_ASN1_BIT_STRING) {
+ if (BIO_printf(out, " (%ld unused bits)\n", str->flags & 0x7) <= 0)
+ return 0;
+ } else if (BIO_puts(out, "\n") <= 0)
+ return 0;
+ if ((str->length > 0)
+ && BIO_dump_indent(out, (char *)str->data, str->length,
+ indent + 2) <= 0)
+ return 0;
+ return 1;
+}
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+ const ASN1_ITEM *it, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx)
+{
+ long utype;
+ ASN1_STRING *str;
+ int ret = 1, needlf = 1;
+ const char *pname;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if (!asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ if (pf && pf->prim_print)
+ return pf->prim_print(out, fld, it, indent, pctx);
+ str = (ASN1_STRING *)*fld;
+ if (it->itype == ASN1_ITYPE_MSTRING)
+ utype = str->type & ~V_ASN1_NEG;
+ else
+ utype = it->utype;
+ if (utype == V_ASN1_ANY) {
+ ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
+ utype = atype->type;
+ fld = &atype->value.asn1_value;
+ str = (ASN1_STRING *)*fld;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
+ pname = NULL;
+ else
+ pname = ASN1_tag2str(utype);
+ } else {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
+ pname = ASN1_tag2str(utype);
+ else
+ pname = NULL;
+ }
+
+ if (utype == V_ASN1_NULL) {
+ if (BIO_puts(out, "NULL\n") <= 0)
+ return 0;
+ return 1;
+ }
+
+ if (pname) {
+ if (BIO_puts(out, pname) <= 0)
+ return 0;
+ if (BIO_puts(out, ":") <= 0)
+ return 0;
+ }
+
+ switch (utype) {
+ case V_ASN1_BOOLEAN:
+ {
+ int boolval = *(int *)fld;
+ if (boolval == -1)
+ boolval = it->size;
+ ret = asn1_print_boolean_ctx(out, boolval, pctx);
+ }
+ break;
+
+ case V_ASN1_INTEGER:
+ case V_ASN1_ENUMERATED:
+ ret = asn1_print_integer_ctx(out, str, pctx);
+ break;
+
+ case V_ASN1_UTCTIME:
+ ret = ASN1_UTCTIME_print(out, str);
+ break;
+
+ case V_ASN1_GENERALIZEDTIME:
+ ret = ASN1_GENERALIZEDTIME_print(out, str);
+ break;
+
+ case V_ASN1_OBJECT:
+ ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_BIT_STRING:
+ ret = asn1_print_obstring_ctx(out, str, indent, pctx);
+ needlf = 0;
+ break;
+
+ case V_ASN1_SEQUENCE:
+ case V_ASN1_SET:
+ case V_ASN1_OTHER:
+ if (BIO_puts(out, "\n") <= 0)
+ return 0;
+ if (ASN1_parse_dump(out, str->data, str->length, indent, 0) <= 0)
+ ret = 0;
+ needlf = 0;
+ break;
+
+ default:
+ ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
+
+ }
+ if (!ret)
+ return 0;
+ if (needlf && BIO_puts(out, "\n") <= 0)
+ return 0;
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/x_name.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,527 +0,0 @@
-/* crypto/asn1/x_name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include "asn1_locl.h"
-
-typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
-DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
-
-static int x509_name_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass);
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
-static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
-
-static int x509_name_encode(X509_NAME *a);
-static int x509_name_canon(X509_NAME *a);
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname,
- unsigned char **in);
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
- int indent,
- const char *fname, const ASN1_PCTX *pctx);
-
-ASN1_SEQUENCE(X509_NAME_ENTRY) = {
- ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
- ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
-} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
-
-/*
- * For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so
- * declare two template wrappers for this
- */
-
-ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
-ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
-
-ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
-ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
-
-/*
- * Normally that's where it would end: we'd have two nested STACK structures
- * representing the ASN1. Unfortunately X509_NAME uses a completely different
- * form and caches encodings so we have to process the internal form and
- * convert to the external form.
- */
-
-const ASN1_EXTERN_FUNCS x509_name_ff = {
- NULL,
- x509_name_ex_new,
- x509_name_ex_free,
- 0, /* Default clear behaviour is OK */
- x509_name_ex_d2i,
- x509_name_ex_i2d,
- x509_name_ex_print
-};
-
-IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
-
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
-{
- X509_NAME *ret = NULL;
- ret = OPENSSL_malloc(sizeof(X509_NAME));
- if (!ret)
- goto memerr;
- if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
- goto memerr;
- if ((ret->bytes = BUF_MEM_new()) == NULL)
- goto memerr;
- ret->canon_enc = NULL;
- ret->canon_enclen = 0;
- ret->modified = 1;
- *val = (ASN1_VALUE *)ret;
- return 1;
-
- memerr:
- ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
- if (ret) {
- if (ret->entries)
- sk_X509_NAME_ENTRY_free(ret->entries);
- OPENSSL_free(ret);
- }
- return 0;
-}
-
-static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
- X509_NAME *a;
- if (!pval || !*pval)
- return;
- a = (X509_NAME *)*pval;
-
- BUF_MEM_free(a->bytes);
- sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
- if (a->canon_enc)
- OPENSSL_free(a->canon_enc);
- OPENSSL_free(a);
- *pval = NULL;
-}
-
-static int x509_name_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len,
- const ASN1_ITEM *it, int tag, int aclass,
- char opt, ASN1_TLC *ctx)
-{
- const unsigned char *p = *in, *q;
- union {
- STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
- ASN1_VALUE *a;
- } intname = {
- NULL
- };
- union {
- X509_NAME *x;
- ASN1_VALUE *a;
- } nm = {
- NULL
- };
- int i, j, ret;
- STACK_OF(X509_NAME_ENTRY) *entries;
- X509_NAME_ENTRY *entry;
- q = p;
-
- /* Get internal representation of Name */
- ret = ASN1_item_ex_d2i(&intname.a,
- &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
- tag, aclass, opt, ctx);
-
- if (ret <= 0)
- return ret;
-
- if (*val)
- x509_name_ex_free(val, NULL);
- if (!x509_name_ex_new(&nm.a, NULL))
- goto err;
- /* We've decoded it: now cache encoding */
- if (!BUF_MEM_grow(nm.x->bytes, p - q))
- goto err;
- memcpy(nm.x->bytes->data, q, p - q);
-
- /* Convert internal representation to X509_NAME structure */
- for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
- entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
- for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
- entry = sk_X509_NAME_ENTRY_value(entries, j);
- entry->set = i;
- if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
- goto err;
- }
- sk_X509_NAME_ENTRY_free(entries);
- }
- sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
- ret = x509_name_canon(nm.x);
- if (!ret)
- goto err;
- nm.x->modified = 0;
- *val = nm.a;
- *in = p;
- return ret;
- err:
- if (nm.x != NULL)
- X509_NAME_free(nm.x);
- ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- return 0;
-}
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass)
-{
- int ret;
- X509_NAME *a = (X509_NAME *)*val;
- if (a->modified) {
- ret = x509_name_encode(a);
- if (ret < 0)
- return ret;
- ret = x509_name_canon(a);
- if (ret < 0)
- return ret;
- }
- ret = a->bytes->length;
- if (out != NULL) {
- memcpy(*out, a->bytes->data, ret);
- *out += ret;
- }
- return ret;
-}
-
-static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
- sk_X509_NAME_ENTRY_free(ne);
-}
-
-static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
- sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
-}
-
-static int x509_name_encode(X509_NAME *a)
-{
- union {
- STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
- ASN1_VALUE *a;
- } intname = {
- NULL
- };
- int len;
- unsigned char *p;
- STACK_OF(X509_NAME_ENTRY) *entries = NULL;
- X509_NAME_ENTRY *entry;
- int i, set = -1;
- intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
- if (!intname.s)
- goto memerr;
- for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
- entry = sk_X509_NAME_ENTRY_value(a->entries, i);
- if (entry->set != set) {
- entries = sk_X509_NAME_ENTRY_new_null();
- if (!entries)
- goto memerr;
- if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
- goto memerr;
- set = entry->set;
- }
- if (!sk_X509_NAME_ENTRY_push(entries, entry))
- goto memerr;
- }
- len = ASN1_item_ex_i2d(&intname.a, NULL,
- ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
- if (!BUF_MEM_grow(a->bytes, len))
- goto memerr;
- p = (unsigned char *)a->bytes->data;
- ASN1_item_ex_i2d(&intname.a,
- &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
- sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
- local_sk_X509_NAME_ENTRY_free);
- a->modified = 0;
- return len;
- memerr:
- sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
- local_sk_X509_NAME_ENTRY_free);
- ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
- return -1;
-}
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
- int indent,
- const char *fname, const ASN1_PCTX *pctx)
-{
- if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
- indent, pctx->nm_flags) <= 0)
- return 0;
- return 2;
-}
-
-/*
- * This function generates the canonical encoding of the Name structure. In
- * it all strings are converted to UTF8, leading, trailing and multiple
- * spaces collapsed, converted to lower case and the leading SEQUENCE header
- * removed. In future we could also normalize the UTF8 too. By doing this
- * comparison of Name structures can be rapidly perfomed by just using
- * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
- * constraints of type dirName can also be checked with a simple memcmp().
- */
-
-static int x509_name_canon(X509_NAME *a)
-{
- unsigned char *p;
- STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
- STACK_OF(X509_NAME_ENTRY) *entries = NULL;
- X509_NAME_ENTRY *entry, *tmpentry = NULL;
- int i, set = -1, ret = 0;
-
- if (a->canon_enc) {
- OPENSSL_free(a->canon_enc);
- a->canon_enc = NULL;
- }
- /* Special case: empty X509_NAME => null encoding */
- if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
- a->canon_enclen = 0;
- return 1;
- }
- intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
- if (!intname)
- goto err;
- for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
- entry = sk_X509_NAME_ENTRY_value(a->entries, i);
- if (entry->set != set) {
- entries = sk_X509_NAME_ENTRY_new_null();
- if (!entries)
- goto err;
- if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
- goto err;
- set = entry->set;
- }
- tmpentry = X509_NAME_ENTRY_new();
- if (!tmpentry)
- goto err;
- tmpentry->object = OBJ_dup(entry->object);
- if (!asn1_string_canon(tmpentry->value, entry->value))
- goto err;
- if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
- goto err;
- tmpentry = NULL;
- }
-
- /* Finally generate encoding */
-
- a->canon_enclen = i2d_name_canon(intname, NULL);
-
- p = OPENSSL_malloc(a->canon_enclen);
-
- if (!p)
- goto err;
-
- a->canon_enc = p;
-
- i2d_name_canon(intname, &p);
-
- ret = 1;
-
- err:
-
- if (tmpentry)
- X509_NAME_ENTRY_free(tmpentry);
- if (intname)
- sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
- local_sk_X509_NAME_ENTRY_pop_free);
- return ret;
-}
-
-/* Bitmap of all the types of string that will be canonicalized. */
-
-#define ASN1_MASK_CANON \
- (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
- | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
- | B_ASN1_VISIBLESTRING)
-
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
-{
- unsigned char *to, *from;
- int len, i;
-
- /* If type not in bitmask just copy string across */
- if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
- if (!ASN1_STRING_copy(out, in))
- return 0;
- return 1;
- }
-
- out->type = V_ASN1_UTF8STRING;
- out->length = ASN1_STRING_to_UTF8(&out->data, in);
- if (out->length == -1)
- return 0;
-
- to = out->data;
- from = to;
-
- len = out->length;
-
- /*
- * Convert string in place to canonical form. Ultimately we may need to
- * handle a wider range of characters but for now ignore anything with
- * MSB set and rely on the isspace() and tolower() functions.
- */
-
- /* Ignore leading spaces */
- while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
- from++;
- len--;
- }
-
- to = from + len - 1;
-
- /* Ignore trailing spaces */
- while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
- to--;
- len--;
- }
-
- to = out->data;
-
- i = 0;
- while (i < len) {
- /* If MSB set just copy across */
- if (*from & 0x80) {
- *to++ = *from++;
- i++;
- }
- /* Collapse multiple spaces */
- else if (isspace(*from)) {
- /* Copy one space across */
- *to++ = ' ';
- /*
- * Ignore subsequent spaces. Note: don't need to check len here
- * because we know the last character is a non-space so we can't
- * overflow.
- */
- do {
- from++;
- i++;
- }
- while (!(*from & 0x80) && isspace(*from));
- } else {
- *to++ = tolower(*from);
- from++;
- i++;
- }
- }
-
- out->length = to - out->data;
-
- return 1;
-
-}
-
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
- unsigned char **in)
-{
- int i, len, ltmp;
- ASN1_VALUE *v;
- STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
-
- len = 0;
- for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
- v = sk_ASN1_VALUE_value(intname, i);
- ltmp = ASN1_item_ex_i2d(&v, in,
- ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
- if (ltmp < 0)
- return ltmp;
- len += ltmp;
- }
- return len;
-}
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
-{
- X509_NAME *in;
-
- if (!xn || !name)
- return (0);
-
- if (*xn != name) {
- in = X509_NAME_dup(name);
- if (in != NULL) {
- X509_NAME_free(*xn);
- *xn = in;
- }
- }
- return (*xn != NULL);
-}
-
-IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
-
-IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/x_name.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/x_name.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,536 @@
+/* crypto/asn1/x_name.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include "asn1_locl.h"
+
+typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
+DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
+
+/*
+ * Maximum length of X509_NAME: much larger than anything we should
+ * ever see in practice.
+ */
+
+#define X509_NAME_MAX (1024 * 1024)
+
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
+static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
+
+static int x509_name_encode(X509_NAME *a);
+static int x509_name_canon(X509_NAME *a);
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname,
+ unsigned char **in);
+
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+ int indent,
+ const char *fname, const ASN1_PCTX *pctx);
+
+ASN1_SEQUENCE(X509_NAME_ENTRY) = {
+ ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
+ ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
+} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
+
+/*
+ * For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so
+ * declare two template wrappers for this
+ */
+
+ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
+
+ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
+
+/*
+ * Normally that's where it would end: we'd have two nested STACK structures
+ * representing the ASN1. Unfortunately X509_NAME uses a completely different
+ * form and caches encodings so we have to process the internal form and
+ * convert to the external form.
+ */
+
+const ASN1_EXTERN_FUNCS x509_name_ff = {
+ NULL,
+ x509_name_ex_new,
+ x509_name_ex_free,
+ 0, /* Default clear behaviour is OK */
+ x509_name_ex_d2i,
+ x509_name_ex_i2d,
+ x509_name_ex_print
+};
+
+IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
+
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
+{
+ X509_NAME *ret = NULL;
+ ret = OPENSSL_malloc(sizeof(X509_NAME));
+ if (!ret)
+ goto memerr;
+ if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
+ goto memerr;
+ if ((ret->bytes = BUF_MEM_new()) == NULL)
+ goto memerr;
+ ret->canon_enc = NULL;
+ ret->canon_enclen = 0;
+ ret->modified = 1;
+ *val = (ASN1_VALUE *)ret;
+ return 1;
+
+ memerr:
+ ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
+ if (ret) {
+ if (ret->entries)
+ sk_X509_NAME_ENTRY_free(ret->entries);
+ OPENSSL_free(ret);
+ }
+ return 0;
+}
+
+static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ X509_NAME *a;
+ if (!pval || !*pval)
+ return;
+ a = (X509_NAME *)*pval;
+
+ BUF_MEM_free(a->bytes);
+ sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
+ if (a->canon_enc)
+ OPENSSL_free(a->canon_enc);
+ OPENSSL_free(a);
+ *pval = NULL;
+}
+
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass,
+ char opt, ASN1_TLC *ctx)
+{
+ const unsigned char *p = *in, *q;
+ union {
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+ ASN1_VALUE *a;
+ } intname = {
+ NULL
+ };
+ union {
+ X509_NAME *x;
+ ASN1_VALUE *a;
+ } nm = {
+ NULL
+ };
+ int i, j, ret;
+ STACK_OF(X509_NAME_ENTRY) *entries;
+ X509_NAME_ENTRY *entry;
+ if (len > X509_NAME_MAX)
+ len = X509_NAME_MAX;
+ q = p;
+
+ /* Get internal representation of Name */
+ ret = ASN1_item_ex_d2i(&intname.a,
+ &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
+ tag, aclass, opt, ctx);
+
+ if (ret <= 0)
+ return ret;
+
+ if (*val)
+ x509_name_ex_free(val, NULL);
+ if (!x509_name_ex_new(&nm.a, NULL))
+ goto err;
+ /* We've decoded it: now cache encoding */
+ if (!BUF_MEM_grow(nm.x->bytes, p - q))
+ goto err;
+ memcpy(nm.x->bytes->data, q, p - q);
+
+ /* Convert internal representation to X509_NAME structure */
+ for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
+ entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
+ for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
+ entry = sk_X509_NAME_ENTRY_value(entries, j);
+ entry->set = i;
+ if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
+ goto err;
+ }
+ sk_X509_NAME_ENTRY_free(entries);
+ }
+ sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
+ ret = x509_name_canon(nm.x);
+ if (!ret)
+ goto err;
+ nm.x->modified = 0;
+ *val = nm.a;
+ *in = p;
+ return ret;
+ err:
+ if (nm.x != NULL)
+ X509_NAME_free(nm.x);
+ ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+}
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass)
+{
+ int ret;
+ X509_NAME *a = (X509_NAME *)*val;
+ if (a->modified) {
+ ret = x509_name_encode(a);
+ if (ret < 0)
+ return ret;
+ ret = x509_name_canon(a);
+ if (ret < 0)
+ return ret;
+ }
+ ret = a->bytes->length;
+ if (out != NULL) {
+ memcpy(*out, a->bytes->data, ret);
+ *out += ret;
+ }
+ return ret;
+}
+
+static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+ sk_X509_NAME_ENTRY_free(ne);
+}
+
+static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+ sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
+}
+
+static int x509_name_encode(X509_NAME *a)
+{
+ union {
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+ ASN1_VALUE *a;
+ } intname = {
+ NULL
+ };
+ int len;
+ unsigned char *p;
+ STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+ X509_NAME_ENTRY *entry;
+ int i, set = -1;
+ intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+ if (!intname.s)
+ goto memerr;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+ if (entry->set != set) {
+ entries = sk_X509_NAME_ENTRY_new_null();
+ if (!entries)
+ goto memerr;
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
+ goto memerr;
+ set = entry->set;
+ }
+ if (!sk_X509_NAME_ENTRY_push(entries, entry))
+ goto memerr;
+ }
+ len = ASN1_item_ex_i2d(&intname.a, NULL,
+ ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ if (!BUF_MEM_grow(a->bytes, len))
+ goto memerr;
+ p = (unsigned char *)a->bytes->data;
+ ASN1_item_ex_i2d(&intname.a,
+ &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+ local_sk_X509_NAME_ENTRY_free);
+ a->modified = 0;
+ return len;
+ memerr:
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+ local_sk_X509_NAME_ENTRY_free);
+ ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
+ return -1;
+}
+
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+ int indent,
+ const char *fname, const ASN1_PCTX *pctx)
+{
+ if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
+ indent, pctx->nm_flags) <= 0)
+ return 0;
+ return 2;
+}
+
+/*
+ * This function generates the canonical encoding of the Name structure. In
+ * it all strings are converted to UTF8, leading, trailing and multiple
+ * spaces collapsed, converted to lower case and the leading SEQUENCE header
+ * removed. In future we could also normalize the UTF8 too. By doing this
+ * comparison of Name structures can be rapidly perfomed by just using
+ * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
+ * constraints of type dirName can also be checked with a simple memcmp().
+ */
+
+static int x509_name_canon(X509_NAME *a)
+{
+ unsigned char *p;
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
+ STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+ X509_NAME_ENTRY *entry, *tmpentry = NULL;
+ int i, set = -1, ret = 0;
+
+ if (a->canon_enc) {
+ OPENSSL_free(a->canon_enc);
+ a->canon_enc = NULL;
+ }
+ /* Special case: empty X509_NAME => null encoding */
+ if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
+ a->canon_enclen = 0;
+ return 1;
+ }
+ intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+ if (!intname)
+ goto err;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+ if (entry->set != set) {
+ entries = sk_X509_NAME_ENTRY_new_null();
+ if (!entries)
+ goto err;
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+ goto err;
+ set = entry->set;
+ }
+ tmpentry = X509_NAME_ENTRY_new();
+ if (!tmpentry)
+ goto err;
+ tmpentry->object = OBJ_dup(entry->object);
+ if (!asn1_string_canon(tmpentry->value, entry->value))
+ goto err;
+ if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
+ goto err;
+ tmpentry = NULL;
+ }
+
+ /* Finally generate encoding */
+
+ a->canon_enclen = i2d_name_canon(intname, NULL);
+
+ p = OPENSSL_malloc(a->canon_enclen);
+
+ if (!p)
+ goto err;
+
+ a->canon_enc = p;
+
+ i2d_name_canon(intname, &p);
+
+ ret = 1;
+
+ err:
+
+ if (tmpentry)
+ X509_NAME_ENTRY_free(tmpentry);
+ if (intname)
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
+ local_sk_X509_NAME_ENTRY_pop_free);
+ return ret;
+}
+
+/* Bitmap of all the types of string that will be canonicalized. */
+
+#define ASN1_MASK_CANON \
+ (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
+ | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
+ | B_ASN1_VISIBLESTRING)
+
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
+{
+ unsigned char *to, *from;
+ int len, i;
+
+ /* If type not in bitmask just copy string across */
+ if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
+ if (!ASN1_STRING_copy(out, in))
+ return 0;
+ return 1;
+ }
+
+ out->type = V_ASN1_UTF8STRING;
+ out->length = ASN1_STRING_to_UTF8(&out->data, in);
+ if (out->length == -1)
+ return 0;
+
+ to = out->data;
+ from = to;
+
+ len = out->length;
+
+ /*
+ * Convert string in place to canonical form. Ultimately we may need to
+ * handle a wider range of characters but for now ignore anything with
+ * MSB set and rely on the isspace() and tolower() functions.
+ */
+
+ /* Ignore leading spaces */
+ while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
+ from++;
+ len--;
+ }
+
+ to = from + len - 1;
+
+ /* Ignore trailing spaces */
+ while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
+ to--;
+ len--;
+ }
+
+ to = out->data;
+
+ i = 0;
+ while (i < len) {
+ /* If MSB set just copy across */
+ if (*from & 0x80) {
+ *to++ = *from++;
+ i++;
+ }
+ /* Collapse multiple spaces */
+ else if (isspace(*from)) {
+ /* Copy one space across */
+ *to++ = ' ';
+ /*
+ * Ignore subsequent spaces. Note: don't need to check len here
+ * because we know the last character is a non-space so we can't
+ * overflow.
+ */
+ do {
+ from++;
+ i++;
+ }
+ while (!(*from & 0x80) && isspace(*from));
+ } else {
+ *to++ = tolower(*from);
+ from++;
+ i++;
+ }
+ }
+
+ out->length = to - out->data;
+
+ return 1;
+
+}
+
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
+ unsigned char **in)
+{
+ int i, len, ltmp;
+ ASN1_VALUE *v;
+ STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
+
+ len = 0;
+ for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
+ v = sk_ASN1_VALUE_value(intname, i);
+ ltmp = ASN1_item_ex_i2d(&v, in,
+ ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
+ if (ltmp < 0)
+ return ltmp;
+ len += ltmp;
+ }
+ return len;
+}
+
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
+{
+ X509_NAME *in;
+
+ if (!xn || !name)
+ return (0);
+
+ if (*xn != name) {
+ in = X509_NAME_dup(name);
+ if (in != NULL) {
+ X509_NAME_free(*xn);
+ *xn = in;
+ }
+ }
+ return (*xn != NULL);
+}
+
+IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
+
+IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
Deleted: vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/x_x509.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,209 +0,0 @@
-/* crypto/asn1/x_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
- ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
- ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
- ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
- ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
- ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
- ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
- ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
- ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
- ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
- ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
-} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
-/* X509 top level structure needs a bit of customisation */
-
-extern void policy_cache_free(X509_POLICY_CACHE *cache);
-
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
-{
- X509 *ret = (X509 *)*pval;
-
- switch (operation) {
-
- case ASN1_OP_NEW_POST:
- ret->valid = 0;
- ret->name = NULL;
- ret->ex_flags = 0;
- ret->ex_pathlen = -1;
- ret->skid = NULL;
- ret->akid = NULL;
-#ifndef OPENSSL_NO_RFC3779
- ret->rfc3779_addr = NULL;
- ret->rfc3779_asid = NULL;
-#endif
- ret->aux = NULL;
- ret->crldp = NULL;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
- break;
-
- case ASN1_OP_D2I_POST:
- if (ret->name != NULL)
- OPENSSL_free(ret->name);
- ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
- break;
-
- case ASN1_OP_FREE_POST:
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
- X509_CERT_AUX_free(ret->aux);
- ASN1_OCTET_STRING_free(ret->skid);
- AUTHORITY_KEYID_free(ret->akid);
- CRL_DIST_POINTS_free(ret->crldp);
- policy_cache_free(ret->policy_cache);
- GENERAL_NAMES_free(ret->altname);
- NAME_CONSTRAINTS_free(ret->nc);
-#ifndef OPENSSL_NO_RFC3779
- sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
- ASIdentifiers_free(ret->rfc3779_asid);
-#endif
-
- if (ret->name != NULL)
- OPENSSL_free(ret->name);
- break;
-
- }
-
- return 1;
-
-}
-
-ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
- ASN1_SIMPLE(X509, cert_info, X509_CINF),
- ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
- ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509, X509)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int X509_set_ex_data(X509 *r, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *X509_get_ex_data(X509 *r, int idx)
-{
- return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-/*
- * X509_AUX ASN1 routines. X509_AUX is the name given to a certificate with
- * extra info tagged on the end. Since these functions set how a certificate
- * is trusted they should only be used when the certificate comes from a
- * reliable source such as local storage.
- */
-
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
-{
- const unsigned char *q;
- X509 *ret;
- int freeret = 0;
-
- /* Save start position */
- q = *pp;
-
- if (!a || *a == NULL) {
- freeret = 1;
- }
- ret = d2i_X509(a, &q, length);
- /* If certificate unreadable then forget it */
- if (!ret)
- return NULL;
- /* update length */
- length -= q - *pp;
- if (length > 0 && !d2i_X509_CERT_AUX(&ret->aux, &q, length))
- goto err;
- *pp = q;
- return ret;
- err:
- if (freeret) {
- X509_free(ret);
- if (a)
- *a = NULL;
- }
- return NULL;
-}
-
-int i2d_X509_AUX(X509 *a, unsigned char **pp)
-{
- int length;
- length = i2d_X509(a, pp);
- if (a)
- length += i2d_X509_CERT_AUX(a->aux, pp);
- return length;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c (from rev 11605, vendor-crypto/openssl/dist/crypto/asn1/x_x509.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/asn1/x_x509.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,219 @@
+/* crypto/asn1/x_x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
+ ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
+ ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
+ ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
+ ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
+ ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
+ ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
+ ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
+ ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
+ ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
+} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
+/* X509 top level structure needs a bit of customisation */
+
+extern void policy_cache_free(X509_POLICY_CACHE *cache);
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
+{
+ X509 *ret = (X509 *)*pval;
+
+ switch (operation) {
+
+ case ASN1_OP_NEW_POST:
+ ret->valid = 0;
+ ret->name = NULL;
+ ret->ex_flags = 0;
+ ret->ex_pathlen = -1;
+ ret->skid = NULL;
+ ret->akid = NULL;
+#ifndef OPENSSL_NO_RFC3779
+ ret->rfc3779_addr = NULL;
+ ret->rfc3779_asid = NULL;
+#endif
+ ret->aux = NULL;
+ ret->crldp = NULL;
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
+ break;
+
+ case ASN1_OP_D2I_POST:
+ if (ret->name != NULL)
+ OPENSSL_free(ret->name);
+ ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
+ break;
+
+ case ASN1_OP_FREE_POST:
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
+ X509_CERT_AUX_free(ret->aux);
+ ASN1_OCTET_STRING_free(ret->skid);
+ AUTHORITY_KEYID_free(ret->akid);
+ CRL_DIST_POINTS_free(ret->crldp);
+ policy_cache_free(ret->policy_cache);
+ GENERAL_NAMES_free(ret->altname);
+ NAME_CONSTRAINTS_free(ret->nc);
+#ifndef OPENSSL_NO_RFC3779
+ sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
+ ASIdentifiers_free(ret->rfc3779_asid);
+#endif
+
+ if (ret->name != NULL)
+ OPENSSL_free(ret->name);
+ break;
+
+ }
+
+ return 1;
+
+}
+
+ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
+ ASN1_SIMPLE(X509, cert_info, X509_CINF),
+ ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
+ ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509, X509)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509)
+
+int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int X509_set_ex_data(X509 *r, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *X509_get_ex_data(X509 *r, int idx)
+{
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+/*
+ * X509_AUX ASN1 routines. X509_AUX is the name given to a certificate with
+ * extra info tagged on the end. Since these functions set how a certificate
+ * is trusted they should only be used when the certificate comes from a
+ * reliable source such as local storage.
+ */
+
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
+{
+ const unsigned char *q;
+ X509 *ret;
+ int freeret = 0;
+
+ /* Save start position */
+ q = *pp;
+
+ if (!a || *a == NULL) {
+ freeret = 1;
+ }
+ ret = d2i_X509(a, &q, length);
+ /* If certificate unreadable then forget it */
+ if (!ret)
+ return NULL;
+ /* update length */
+ length -= q - *pp;
+ if (length > 0 && !d2i_X509_CERT_AUX(&ret->aux, &q, length))
+ goto err;
+ *pp = q;
+ return ret;
+ err:
+ if (freeret) {
+ X509_free(ret);
+ if (a)
+ *a = NULL;
+ }
+ return NULL;
+}
+
+int i2d_X509_AUX(X509 *a, unsigned char **pp)
+{
+ int length, tmplen;
+ unsigned char *start = pp != NULL ? *pp : NULL;
+ length = i2d_X509(a, pp);
+ if (length < 0 || a == NULL)
+ return length;
+
+ tmplen = i2d_X509_CERT_AUX(a->aux, pp);
+ if (tmplen < 0) {
+ if (start != NULL)
+ *pp = start;
+ return tmplen;
+ }
+ length += tmplen;
+
+ return length;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bio/b_print.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,818 +0,0 @@
-/* crypto/bio/b_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* disable assert() unless BIO_DEBUG has been defined */
-#ifndef BIO_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-
-/*
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <assert.h>
-#include <limits.h>
-#include "cryptlib.h"
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#include <openssl/bn.h> /* To get BN_LLONG properly defined */
-#include <openssl/bio.h>
-
-#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
-# ifndef HAVE_LONG_LONG
-# define HAVE_LONG_LONG 1
-# endif
-#endif
-
-/***************************************************************************/
-
-/*
- * Copyright Patrick Powell 1995
- * This code is based on code written by Patrick Powell <papowell at astart.com>
- * It may be used for any purpose as long as this notice remains intact
- * on all source code distributions.
- */
-
-/*-
- * This code contains numerious changes and enhancements which were
- * made by lots of contributors over the last years to Patrick Powell's
- * original code:
- *
- * o Patrick Powell <papowell at astart.com> (1995)
- * o Brandon Long <blong at fiction.net> (1996, for Mutt)
- * o Thomas Roessler <roessler at guug.de> (1998, for Mutt)
- * o Michael Elkins <me at cs.hmc.edu> (1998, for Mutt)
- * o Andrew Tridgell <tridge at samba.org> (1998, for Samba)
- * o Luke Mewburn <lukem at netbsd.org> (1999, for LukemFTP)
- * o Ralf S. Engelschall <rse at engelschall.com> (1999, for Pth)
- * o ... (for OpenSSL)
- */
-
-#ifdef HAVE_LONG_DOUBLE
-# define LDOUBLE long double
-#else
-# define LDOUBLE double
-#endif
-
-#ifdef HAVE_LONG_LONG
-# if defined(_WIN32) && !defined(__GNUC__)
-# define LLONG __int64
-# else
-# define LLONG long long
-# endif
-#else
-# define LLONG long
-#endif
-
-static void fmtstr(char **, char **, size_t *, size_t *,
- const char *, int, int, int);
-static void fmtint(char **, char **, size_t *, size_t *,
- LLONG, int, int, int, int);
-static void fmtfp(char **, char **, size_t *, size_t *,
- LDOUBLE, int, int, int);
-static void doapr_outch(char **, char **, size_t *, size_t *, int);
-static void _dopr(char **sbuffer, char **buffer,
- size_t *maxlen, size_t *retlen, int *truncated,
- const char *format, va_list args);
-
-/* format read states */
-#define DP_S_DEFAULT 0
-#define DP_S_FLAGS 1
-#define DP_S_MIN 2
-#define DP_S_DOT 3
-#define DP_S_MAX 4
-#define DP_S_MOD 5
-#define DP_S_CONV 6
-#define DP_S_DONE 7
-
-/* format flags - Bits */
-#define DP_F_MINUS (1 << 0)
-#define DP_F_PLUS (1 << 1)
-#define DP_F_SPACE (1 << 2)
-#define DP_F_NUM (1 << 3)
-#define DP_F_ZERO (1 << 4)
-#define DP_F_UP (1 << 5)
-#define DP_F_UNSIGNED (1 << 6)
-
-/* conversion flags */
-#define DP_C_SHORT 1
-#define DP_C_LONG 2
-#define DP_C_LDOUBLE 3
-#define DP_C_LLONG 4
-
-/* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static void
-_dopr(char **sbuffer,
- char **buffer,
- size_t *maxlen,
- size_t *retlen, int *truncated, const char *format, va_list args)
-{
- char ch;
- LLONG value;
- LDOUBLE fvalue;
- char *strvalue;
- int min;
- int max;
- int state;
- int flags;
- int cflags;
- size_t currlen;
-
- state = DP_S_DEFAULT;
- flags = currlen = cflags = min = 0;
- max = -1;
- ch = *format++;
-
- while (state != DP_S_DONE) {
- if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
- state = DP_S_DONE;
-
- switch (state) {
- case DP_S_DEFAULT:
- if (ch == '%')
- state = DP_S_FLAGS;
- else
- doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
- ch = *format++;
- break;
- case DP_S_FLAGS:
- switch (ch) {
- case '-':
- flags |= DP_F_MINUS;
- ch = *format++;
- break;
- case '+':
- flags |= DP_F_PLUS;
- ch = *format++;
- break;
- case ' ':
- flags |= DP_F_SPACE;
- ch = *format++;
- break;
- case '#':
- flags |= DP_F_NUM;
- ch = *format++;
- break;
- case '0':
- flags |= DP_F_ZERO;
- ch = *format++;
- break;
- default:
- state = DP_S_MIN;
- break;
- }
- break;
- case DP_S_MIN:
- if (isdigit((unsigned char)ch)) {
- min = 10 * min + char_to_int(ch);
- ch = *format++;
- } else if (ch == '*') {
- min = va_arg(args, int);
- ch = *format++;
- state = DP_S_DOT;
- } else
- state = DP_S_DOT;
- break;
- case DP_S_DOT:
- if (ch == '.') {
- state = DP_S_MAX;
- ch = *format++;
- } else
- state = DP_S_MOD;
- break;
- case DP_S_MAX:
- if (isdigit((unsigned char)ch)) {
- if (max < 0)
- max = 0;
- max = 10 * max + char_to_int(ch);
- ch = *format++;
- } else if (ch == '*') {
- max = va_arg(args, int);
- ch = *format++;
- state = DP_S_MOD;
- } else
- state = DP_S_MOD;
- break;
- case DP_S_MOD:
- switch (ch) {
- case 'h':
- cflags = DP_C_SHORT;
- ch = *format++;
- break;
- case 'l':
- if (*format == 'l') {
- cflags = DP_C_LLONG;
- format++;
- } else
- cflags = DP_C_LONG;
- ch = *format++;
- break;
- case 'q':
- cflags = DP_C_LLONG;
- ch = *format++;
- break;
- case 'L':
- cflags = DP_C_LDOUBLE;
- ch = *format++;
- break;
- default:
- break;
- }
- state = DP_S_CONV;
- break;
- case DP_S_CONV:
- switch (ch) {
- case 'd':
- case 'i':
- switch (cflags) {
- case DP_C_SHORT:
- value = (short int)va_arg(args, int);
- break;
- case DP_C_LONG:
- value = va_arg(args, long int);
- break;
- case DP_C_LLONG:
- value = va_arg(args, LLONG);
- break;
- default:
- value = va_arg(args, int);
- break;
- }
- fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 10, min, max, flags);
- break;
- case 'X':
- flags |= DP_F_UP;
- /* FALLTHROUGH */
- case 'x':
- case 'o':
- case 'u':
- flags |= DP_F_UNSIGNED;
- switch (cflags) {
- case DP_C_SHORT:
- value = (unsigned short int)va_arg(args, unsigned int);
- break;
- case DP_C_LONG:
- value = (LLONG) va_arg(args, unsigned long int);
- break;
- case DP_C_LLONG:
- value = va_arg(args, unsigned LLONG);
- break;
- default:
- value = (LLONG) va_arg(args, unsigned int);
- break;
- }
- fmtint(sbuffer, buffer, &currlen, maxlen, value,
- ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
- min, max, flags);
- break;
- case 'f':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- fmtfp(sbuffer, buffer, &currlen, maxlen,
- fvalue, min, max, flags);
- break;
- case 'E':
- flags |= DP_F_UP;
- case 'e':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- break;
- case 'G':
- flags |= DP_F_UP;
- case 'g':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- break;
- case 'c':
- doapr_outch(sbuffer, buffer, &currlen, maxlen,
- va_arg(args, int));
- break;
- case 's':
- strvalue = va_arg(args, char *);
- if (max < 0) {
- if (buffer)
- max = INT_MAX;
- else
- max = *maxlen;
- }
- fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
- flags, min, max);
- break;
- case 'p':
- value = (long)va_arg(args, void *);
- fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 16, min, max, flags | DP_F_NUM);
- break;
- case 'n': /* XXX */
- if (cflags == DP_C_SHORT) {
- short int *num;
- num = va_arg(args, short int *);
- *num = currlen;
- } else if (cflags == DP_C_LONG) { /* XXX */
- long int *num;
- num = va_arg(args, long int *);
- *num = (long int)currlen;
- } else if (cflags == DP_C_LLONG) { /* XXX */
- LLONG *num;
- num = va_arg(args, LLONG *);
- *num = (LLONG) currlen;
- } else {
- int *num;
- num = va_arg(args, int *);
- *num = currlen;
- }
- break;
- case '%':
- doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
- break;
- case 'w':
- /* not supported yet, treat as next char */
- ch = *format++;
- break;
- default:
- /* unknown, skip */
- break;
- }
- ch = *format++;
- state = DP_S_DEFAULT;
- flags = cflags = min = 0;
- max = -1;
- break;
- case DP_S_DONE:
- break;
- default:
- break;
- }
- }
- *truncated = (currlen > *maxlen - 1);
- if (*truncated)
- currlen = *maxlen - 1;
- doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
- *retlen = currlen - 1;
- return;
-}
-
-static void
-fmtstr(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, const char *value, int flags, int min, int max)
-{
- int padlen, strln;
- int cnt = 0;
-
- if (value == 0)
- value = "<NULL>";
- for (strln = 0; value[strln]; ++strln) ;
- padlen = min - strln;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- while ((padlen > 0) && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --padlen;
- ++cnt;
- }
- while (*value && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
- ++cnt;
- }
- while ((padlen < 0) && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++padlen;
- ++cnt;
- }
-}
-
-static void
-fmtint(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, LLONG value, int base, int min, int max, int flags)
-{
- int signvalue = 0;
- const char *prefix = "";
- unsigned LLONG uvalue;
- char convert[DECIMAL_SIZE(value) + 3];
- int place = 0;
- int spadlen = 0;
- int zpadlen = 0;
- int caps = 0;
-
- if (max < 0)
- max = 0;
- uvalue = value;
- if (!(flags & DP_F_UNSIGNED)) {
- if (value < 0) {
- signvalue = '-';
- uvalue = -value;
- } else if (flags & DP_F_PLUS)
- signvalue = '+';
- else if (flags & DP_F_SPACE)
- signvalue = ' ';
- }
- if (flags & DP_F_NUM) {
- if (base == 8)
- prefix = "0";
- if (base == 16)
- prefix = "0x";
- }
- if (flags & DP_F_UP)
- caps = 1;
- do {
- convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef")
- [uvalue % (unsigned)base];
- uvalue = (uvalue / (unsigned)base);
- } while (uvalue && (place < (int)sizeof(convert)));
- if (place == sizeof(convert))
- place--;
- convert[place] = 0;
-
- zpadlen = max - place;
- spadlen =
- min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
- if (zpadlen < 0)
- zpadlen = 0;
- if (spadlen < 0)
- spadlen = 0;
- if (flags & DP_F_ZERO) {
- zpadlen = OSSL_MAX(zpadlen, spadlen);
- spadlen = 0;
- }
- if (flags & DP_F_MINUS)
- spadlen = -spadlen;
-
- /* spaces */
- while (spadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --spadlen;
- }
-
- /* sign */
- if (signvalue)
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
- /* prefix */
- while (*prefix) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix);
- prefix++;
- }
-
- /* zeros */
- if (zpadlen > 0) {
- while (zpadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --zpadlen;
- }
- }
- /* digits */
- while (place > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
-
- /* left justified spaces */
- while (spadlen < 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++spadlen;
- }
- return;
-}
-
-static LDOUBLE abs_val(LDOUBLE value)
-{
- LDOUBLE result = value;
- if (value < 0)
- result = -value;
- return result;
-}
-
-static LDOUBLE pow_10(int in_exp)
-{
- LDOUBLE result = 1;
- while (in_exp) {
- result *= 10;
- in_exp--;
- }
- return result;
-}
-
-static long roundv(LDOUBLE value)
-{
- long intpart;
- intpart = (long)value;
- value = value - intpart;
- if (value >= 0.5)
- intpart++;
- return intpart;
-}
-
-static void
-fmtfp(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
-{
- int signvalue = 0;
- LDOUBLE ufvalue;
- char iconvert[20];
- char fconvert[20];
- int iplace = 0;
- int fplace = 0;
- int padlen = 0;
- int zpadlen = 0;
- long intpart;
- long fracpart;
- long max10;
-
- if (max < 0)
- max = 6;
- ufvalue = abs_val(fvalue);
- if (fvalue < 0)
- signvalue = '-';
- else if (flags & DP_F_PLUS)
- signvalue = '+';
- else if (flags & DP_F_SPACE)
- signvalue = ' ';
-
- intpart = (long)ufvalue;
-
- /*
- * sorry, we only support 9 digits past the decimal because of our
- * conversion method
- */
- if (max > 9)
- max = 9;
-
- /*
- * we "cheat" by converting the fractional part to integer by multiplying
- * by a factor of 10
- */
- max10 = roundv(pow_10(max));
- fracpart = roundv(pow_10(max) * (ufvalue - intpart));
-
- if (fracpart >= max10) {
- intpart++;
- fracpart -= max10;
- }
-
- /* convert integer part */
- do {
- iconvert[iplace++] = "0123456789"[intpart % 10];
- intpart = (intpart / 10);
- } while (intpart && (iplace < (int)sizeof(iconvert)));
- if (iplace == sizeof iconvert)
- iplace--;
- iconvert[iplace] = 0;
-
- /* convert fractional part */
- do {
- fconvert[fplace++] = "0123456789"[fracpart % 10];
- fracpart = (fracpart / 10);
- } while (fplace < max);
- if (fplace == sizeof fconvert)
- fplace--;
- fconvert[fplace] = 0;
-
- /* -1 for decimal point, another -1 if we are printing a sign */
- padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
- zpadlen = max - fplace;
- if (zpadlen < 0)
- zpadlen = 0;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- if ((flags & DP_F_ZERO) && (padlen > 0)) {
- if (signvalue) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
- --padlen;
- signvalue = 0;
- }
- while (padlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --padlen;
- }
- }
- while (padlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --padlen;
- }
- if (signvalue)
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
- while (iplace > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
-
- /*
- * Decimal point. This should probably use locale to find the correct
- * char to print out.
- */
- if (max > 0 || (flags & DP_F_NUM)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
-
- while (fplace > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
- }
- while (zpadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --zpadlen;
- }
-
- while (padlen < 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++padlen;
- }
-}
-
-static void
-doapr_outch(char **sbuffer,
- char **buffer, size_t *currlen, size_t *maxlen, int c)
-{
- /* If we haven't at least one buffer, someone has doe a big booboo */
- assert(*sbuffer != NULL || buffer != NULL);
-
- /* |currlen| must always be <= |*maxlen| */
- assert(*currlen <= *maxlen);
-
- if (buffer && *currlen == *maxlen) {
- *maxlen += 1024;
- if (*buffer == NULL) {
- *buffer = OPENSSL_malloc(*maxlen);
- if (!*buffer) {
- /* Panic! Can't really do anything sensible. Just return */
- return;
- }
- if (*currlen > 0) {
- assert(*sbuffer != NULL);
- memcpy(*buffer, *sbuffer, *currlen);
- }
- *sbuffer = NULL;
- } else {
- *buffer = OPENSSL_realloc(*buffer, *maxlen);
- if (!*buffer) {
- /* Panic! Can't really do anything sensible. Just return */
- return;
- }
- }
- }
-
- if (*currlen < *maxlen) {
- if (*sbuffer)
- (*sbuffer)[(*currlen)++] = (char)c;
- else
- (*buffer)[(*currlen)++] = (char)c;
- }
-
- return;
-}
-
-/***************************************************************************/
-
-int BIO_printf(BIO *bio, const char *format, ...)
-{
- va_list args;
- int ret;
-
- va_start(args, format);
-
- ret = BIO_vprintf(bio, format, args);
-
- va_end(args);
- return (ret);
-}
-
-int BIO_vprintf(BIO *bio, const char *format, va_list args)
-{
- int ret;
- size_t retlen;
- char hugebuf[1024 * 2]; /* Was previously 10k, which is unreasonable
- * in small-stack environments, like threads
- * or DOS programs. */
- char *hugebufp = hugebuf;
- size_t hugebufsize = sizeof(hugebuf);
- char *dynbuf = NULL;
- int ignored;
-
- dynbuf = NULL;
- CRYPTO_push_info("doapr()");
- _dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, args);
- if (dynbuf) {
- ret = BIO_write(bio, dynbuf, (int)retlen);
- OPENSSL_free(dynbuf);
- } else {
- ret = BIO_write(bio, hugebuf, (int)retlen);
- }
- CRYPTO_pop_info();
- return (ret);
-}
-
-/*
- * As snprintf is not available everywhere, we provide our own
- * implementation. This function has nothing to do with BIOs, but it's
- * closely related to BIO_printf, and we need *some* name prefix ... (XXX the
- * function should be renamed, but to what?)
- */
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-{
- va_list args;
- int ret;
-
- va_start(args, format);
-
- ret = BIO_vsnprintf(buf, n, format, args);
-
- va_end(args);
- return (ret);
-}
-
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-{
- size_t retlen;
- int truncated;
-
- _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
-
- if (truncated)
- /*
- * In case of truncation, return -1 like traditional snprintf.
- * (Current drafts for ISO/IEC 9899 say snprintf should return the
- * number of characters that would have been written, had the buffer
- * been large enough.)
- */
- return -1;
- else
- return (retlen <= INT_MAX) ? (int)retlen : -1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bio/b_print.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/b_print.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,863 @@
+/* crypto/bio/b_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* disable assert() unless BIO_DEBUG has been defined */
+#ifndef BIO_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <assert.h>
+#include <limits.h>
+#include "cryptlib.h"
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#include <openssl/bn.h> /* To get BN_LLONG properly defined */
+#include <openssl/bio.h>
+
+#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
+# ifndef HAVE_LONG_LONG
+# define HAVE_LONG_LONG 1
+# endif
+#endif
+
+/***************************************************************************/
+
+/*
+ * Copyright Patrick Powell 1995
+ * This code is based on code written by Patrick Powell <papowell at astart.com>
+ * It may be used for any purpose as long as this notice remains intact
+ * on all source code distributions.
+ */
+
+/*-
+ * This code contains numerious changes and enhancements which were
+ * made by lots of contributors over the last years to Patrick Powell's
+ * original code:
+ *
+ * o Patrick Powell <papowell at astart.com> (1995)
+ * o Brandon Long <blong at fiction.net> (1996, for Mutt)
+ * o Thomas Roessler <roessler at guug.de> (1998, for Mutt)
+ * o Michael Elkins <me at cs.hmc.edu> (1998, for Mutt)
+ * o Andrew Tridgell <tridge at samba.org> (1998, for Samba)
+ * o Luke Mewburn <lukem at netbsd.org> (1999, for LukemFTP)
+ * o Ralf S. Engelschall <rse at engelschall.com> (1999, for Pth)
+ * o ... (for OpenSSL)
+ */
+
+#ifdef HAVE_LONG_DOUBLE
+# define LDOUBLE long double
+#else
+# define LDOUBLE double
+#endif
+
+#ifdef HAVE_LONG_LONG
+# if defined(_WIN32) && !defined(__GNUC__)
+# define LLONG __int64
+# else
+# define LLONG long long
+# endif
+#else
+# define LLONG long
+#endif
+
+static int fmtstr(char **, char **, size_t *, size_t *,
+ const char *, int, int, int);
+static int fmtint(char **, char **, size_t *, size_t *,
+ LLONG, int, int, int, int);
+static int fmtfp(char **, char **, size_t *, size_t *,
+ LDOUBLE, int, int, int);
+static int doapr_outch(char **, char **, size_t *, size_t *, int);
+static int _dopr(char **sbuffer, char **buffer,
+ size_t *maxlen, size_t *retlen, int *truncated,
+ const char *format, va_list args);
+
+/* format read states */
+#define DP_S_DEFAULT 0
+#define DP_S_FLAGS 1
+#define DP_S_MIN 2
+#define DP_S_DOT 3
+#define DP_S_MAX 4
+#define DP_S_MOD 5
+#define DP_S_CONV 6
+#define DP_S_DONE 7
+
+/* format flags - Bits */
+#define DP_F_MINUS (1 << 0)
+#define DP_F_PLUS (1 << 1)
+#define DP_F_SPACE (1 << 2)
+#define DP_F_NUM (1 << 3)
+#define DP_F_ZERO (1 << 4)
+#define DP_F_UP (1 << 5)
+#define DP_F_UNSIGNED (1 << 6)
+
+/* conversion flags */
+#define DP_C_SHORT 1
+#define DP_C_LONG 2
+#define DP_C_LDOUBLE 3
+#define DP_C_LLONG 4
+
+/* some handy macros */
+#define char_to_int(p) (p - '0')
+#define OSSL_MAX(p,q) ((p >= q) ? p : q)
+
+static int
+_dopr(char **sbuffer,
+ char **buffer,
+ size_t *maxlen,
+ size_t *retlen, int *truncated, const char *format, va_list args)
+{
+ char ch;
+ LLONG value;
+ LDOUBLE fvalue;
+ char *strvalue;
+ int min;
+ int max;
+ int state;
+ int flags;
+ int cflags;
+ size_t currlen;
+
+ state = DP_S_DEFAULT;
+ flags = currlen = cflags = min = 0;
+ max = -1;
+ ch = *format++;
+
+ while (state != DP_S_DONE) {
+ if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
+ state = DP_S_DONE;
+
+ switch (state) {
+ case DP_S_DEFAULT:
+ if (ch == '%')
+ state = DP_S_FLAGS;
+ else
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
+ return 0;
+ ch = *format++;
+ break;
+ case DP_S_FLAGS:
+ switch (ch) {
+ case '-':
+ flags |= DP_F_MINUS;
+ ch = *format++;
+ break;
+ case '+':
+ flags |= DP_F_PLUS;
+ ch = *format++;
+ break;
+ case ' ':
+ flags |= DP_F_SPACE;
+ ch = *format++;
+ break;
+ case '#':
+ flags |= DP_F_NUM;
+ ch = *format++;
+ break;
+ case '0':
+ flags |= DP_F_ZERO;
+ ch = *format++;
+ break;
+ default:
+ state = DP_S_MIN;
+ break;
+ }
+ break;
+ case DP_S_MIN:
+ if (isdigit((unsigned char)ch)) {
+ min = 10 * min + char_to_int(ch);
+ ch = *format++;
+ } else if (ch == '*') {
+ min = va_arg(args, int);
+ ch = *format++;
+ state = DP_S_DOT;
+ } else
+ state = DP_S_DOT;
+ break;
+ case DP_S_DOT:
+ if (ch == '.') {
+ state = DP_S_MAX;
+ ch = *format++;
+ } else
+ state = DP_S_MOD;
+ break;
+ case DP_S_MAX:
+ if (isdigit((unsigned char)ch)) {
+ if (max < 0)
+ max = 0;
+ max = 10 * max + char_to_int(ch);
+ ch = *format++;
+ } else if (ch == '*') {
+ max = va_arg(args, int);
+ ch = *format++;
+ state = DP_S_MOD;
+ } else
+ state = DP_S_MOD;
+ break;
+ case DP_S_MOD:
+ switch (ch) {
+ case 'h':
+ cflags = DP_C_SHORT;
+ ch = *format++;
+ break;
+ case 'l':
+ if (*format == 'l') {
+ cflags = DP_C_LLONG;
+ format++;
+ } else
+ cflags = DP_C_LONG;
+ ch = *format++;
+ break;
+ case 'q':
+ cflags = DP_C_LLONG;
+ ch = *format++;
+ break;
+ case 'L':
+ cflags = DP_C_LDOUBLE;
+ ch = *format++;
+ break;
+ default:
+ break;
+ }
+ state = DP_S_CONV;
+ break;
+ case DP_S_CONV:
+ switch (ch) {
+ case 'd':
+ case 'i':
+ switch (cflags) {
+ case DP_C_SHORT:
+ value = (short int)va_arg(args, int);
+ break;
+ case DP_C_LONG:
+ value = va_arg(args, long int);
+ break;
+ case DP_C_LLONG:
+ value = va_arg(args, LLONG);
+ break;
+ default:
+ value = va_arg(args, int);
+ break;
+ }
+ if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
+ max, flags))
+ return 0;
+ break;
+ case 'X':
+ flags |= DP_F_UP;
+ /* FALLTHROUGH */
+ case 'x':
+ case 'o':
+ case 'u':
+ flags |= DP_F_UNSIGNED;
+ switch (cflags) {
+ case DP_C_SHORT:
+ value = (unsigned short int)va_arg(args, unsigned int);
+ break;
+ case DP_C_LONG:
+ value = (LLONG) va_arg(args, unsigned long int);
+ break;
+ case DP_C_LLONG:
+ value = va_arg(args, unsigned LLONG);
+ break;
+ default:
+ value = (LLONG) va_arg(args, unsigned int);
+ break;
+ }
+ if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
+ ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
+ min, max, flags))
+ return 0;
+ break;
+ case 'f':
+ if (cflags == DP_C_LDOUBLE)
+ fvalue = va_arg(args, LDOUBLE);
+ else
+ fvalue = va_arg(args, double);
+ if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
+ flags))
+ return 0;
+ break;
+ case 'E':
+ flags |= DP_F_UP;
+ case 'e':
+ if (cflags == DP_C_LDOUBLE)
+ fvalue = va_arg(args, LDOUBLE);
+ else
+ fvalue = va_arg(args, double);
+ break;
+ case 'G':
+ flags |= DP_F_UP;
+ case 'g':
+ if (cflags == DP_C_LDOUBLE)
+ fvalue = va_arg(args, LDOUBLE);
+ else
+ fvalue = va_arg(args, double);
+ break;
+ case 'c':
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
+ va_arg(args, int)))
+ return 0;
+ break;
+ case 's':
+ strvalue = va_arg(args, char *);
+ if (max < 0) {
+ if (buffer)
+ max = INT_MAX;
+ else
+ max = *maxlen;
+ }
+ if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
+ flags, min, max))
+ return 0;
+ break;
+ case 'p':
+ value = (long)va_arg(args, void *);
+ if (!fmtint(sbuffer, buffer, &currlen, maxlen,
+ value, 16, min, max, flags | DP_F_NUM))
+ return 0;
+ break;
+ case 'n': /* XXX */
+ if (cflags == DP_C_SHORT) {
+ short int *num;
+ num = va_arg(args, short int *);
+ *num = currlen;
+ } else if (cflags == DP_C_LONG) { /* XXX */
+ long int *num;
+ num = va_arg(args, long int *);
+ *num = (long int)currlen;
+ } else if (cflags == DP_C_LLONG) { /* XXX */
+ LLONG *num;
+ num = va_arg(args, LLONG *);
+ *num = (LLONG) currlen;
+ } else {
+ int *num;
+ num = va_arg(args, int *);
+ *num = currlen;
+ }
+ break;
+ case '%':
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
+ return 0;
+ break;
+ case 'w':
+ /* not supported yet, treat as next char */
+ ch = *format++;
+ break;
+ default:
+ /* unknown, skip */
+ break;
+ }
+ ch = *format++;
+ state = DP_S_DEFAULT;
+ flags = cflags = min = 0;
+ max = -1;
+ break;
+ case DP_S_DONE:
+ break;
+ default:
+ break;
+ }
+ }
+ *truncated = (currlen > *maxlen - 1);
+ if (*truncated)
+ currlen = *maxlen - 1;
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
+ return 0;
+ *retlen = currlen - 1;
+ return 1;
+}
+
+static int
+fmtstr(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
+ size_t *maxlen, const char *value, int flags, int min, int max)
+{
+ int padlen;
+ size_t strln;
+ int cnt = 0;
+
+ if (value == 0)
+ value = "<NULL>";
+
+ strln = strlen(value);
+ if (strln > INT_MAX)
+ strln = INT_MAX;
+
+ padlen = min - strln;
+ if (min < 0 || padlen < 0)
+ padlen = 0;
+ if (flags & DP_F_MINUS)
+ padlen = -padlen;
+
+ while ((padlen > 0) && (cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --padlen;
+ ++cnt;
+ }
+ while (*value && (cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
+ return 0;
+ ++cnt;
+ }
+ while ((padlen < 0) && (cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++padlen;
+ ++cnt;
+ }
+ return 1;
+}
+
+static int
+fmtint(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
+ size_t *maxlen, LLONG value, int base, int min, int max, int flags)
+{
+ int signvalue = 0;
+ const char *prefix = "";
+ unsigned LLONG uvalue;
+ char convert[DECIMAL_SIZE(value) + 3];
+ int place = 0;
+ int spadlen = 0;
+ int zpadlen = 0;
+ int caps = 0;
+
+ if (max < 0)
+ max = 0;
+ uvalue = value;
+ if (!(flags & DP_F_UNSIGNED)) {
+ if (value < 0) {
+ signvalue = '-';
+ uvalue = -value;
+ } else if (flags & DP_F_PLUS)
+ signvalue = '+';
+ else if (flags & DP_F_SPACE)
+ signvalue = ' ';
+ }
+ if (flags & DP_F_NUM) {
+ if (base == 8)
+ prefix = "0";
+ if (base == 16)
+ prefix = "0x";
+ }
+ if (flags & DP_F_UP)
+ caps = 1;
+ do {
+ convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef")
+ [uvalue % (unsigned)base];
+ uvalue = (uvalue / (unsigned)base);
+ } while (uvalue && (place < (int)sizeof(convert)));
+ if (place == sizeof(convert))
+ place--;
+ convert[place] = 0;
+
+ zpadlen = max - place;
+ spadlen =
+ min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
+ if (zpadlen < 0)
+ zpadlen = 0;
+ if (spadlen < 0)
+ spadlen = 0;
+ if (flags & DP_F_ZERO) {
+ zpadlen = OSSL_MAX(zpadlen, spadlen);
+ spadlen = 0;
+ }
+ if (flags & DP_F_MINUS)
+ spadlen = -spadlen;
+
+ /* spaces */
+ while (spadlen > 0) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --spadlen;
+ }
+
+ /* sign */
+ if (signvalue)
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+ return 0;
+
+ /* prefix */
+ while (*prefix) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
+ return 0;
+ prefix++;
+ }
+
+ /* zeros */
+ if (zpadlen > 0) {
+ while (zpadlen > 0) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+ return 0;
+ --zpadlen;
+ }
+ }
+ /* digits */
+ while (place > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
+ return 0;
+ }
+
+ /* left justified spaces */
+ while (spadlen < 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++spadlen;
+ }
+ return 1;
+}
+
+static LDOUBLE abs_val(LDOUBLE value)
+{
+ LDOUBLE result = value;
+ if (value < 0)
+ result = -value;
+ return result;
+}
+
+static LDOUBLE pow_10(int in_exp)
+{
+ LDOUBLE result = 1;
+ while (in_exp) {
+ result *= 10;
+ in_exp--;
+ }
+ return result;
+}
+
+static long roundv(LDOUBLE value)
+{
+ long intpart;
+ intpart = (long)value;
+ value = value - intpart;
+ if (value >= 0.5)
+ intpart++;
+ return intpart;
+}
+
+static int
+fmtfp(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
+ size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
+{
+ int signvalue = 0;
+ LDOUBLE ufvalue;
+ char iconvert[20];
+ char fconvert[20];
+ int iplace = 0;
+ int fplace = 0;
+ int padlen = 0;
+ int zpadlen = 0;
+ long intpart;
+ long fracpart;
+ long max10;
+
+ if (max < 0)
+ max = 6;
+ ufvalue = abs_val(fvalue);
+ if (fvalue < 0)
+ signvalue = '-';
+ else if (flags & DP_F_PLUS)
+ signvalue = '+';
+ else if (flags & DP_F_SPACE)
+ signvalue = ' ';
+
+ intpart = (long)ufvalue;
+
+ /*
+ * sorry, we only support 9 digits past the decimal because of our
+ * conversion method
+ */
+ if (max > 9)
+ max = 9;
+
+ /*
+ * we "cheat" by converting the fractional part to integer by multiplying
+ * by a factor of 10
+ */
+ max10 = roundv(pow_10(max));
+ fracpart = roundv(pow_10(max) * (ufvalue - intpart));
+
+ if (fracpart >= max10) {
+ intpart++;
+ fracpart -= max10;
+ }
+
+ /* convert integer part */
+ do {
+ iconvert[iplace++] = "0123456789"[intpart % 10];
+ intpart = (intpart / 10);
+ } while (intpart && (iplace < (int)sizeof(iconvert)));
+ if (iplace == sizeof iconvert)
+ iplace--;
+ iconvert[iplace] = 0;
+
+ /* convert fractional part */
+ do {
+ fconvert[fplace++] = "0123456789"[fracpart % 10];
+ fracpart = (fracpart / 10);
+ } while (fplace < max);
+ if (fplace == sizeof fconvert)
+ fplace--;
+ fconvert[fplace] = 0;
+
+ /* -1 for decimal point, another -1 if we are printing a sign */
+ padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
+ zpadlen = max - fplace;
+ if (zpadlen < 0)
+ zpadlen = 0;
+ if (padlen < 0)
+ padlen = 0;
+ if (flags & DP_F_MINUS)
+ padlen = -padlen;
+
+ if ((flags & DP_F_ZERO) && (padlen > 0)) {
+ if (signvalue) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+ return 0;
+ --padlen;
+ signvalue = 0;
+ }
+ while (padlen > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+ return 0;
+ --padlen;
+ }
+ }
+ while (padlen > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --padlen;
+ }
+ if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+ return 0;
+
+ while (iplace > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
+ return 0;
+ }
+
+ /*
+ * Decimal point. This should probably use locale to find the correct
+ * char to print out.
+ */
+ if (max > 0 || (flags & DP_F_NUM)) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
+ return 0;
+
+ while (fplace > 0) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
+ fconvert[--fplace]))
+ return 0;
+ }
+ }
+ while (zpadlen > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+ return 0;
+ --zpadlen;
+ }
+
+ while (padlen < 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++padlen;
+ }
+ return 1;
+}
+
+#define BUFFER_INC 1024
+
+static int
+doapr_outch(char **sbuffer,
+ char **buffer, size_t *currlen, size_t *maxlen, int c)
+{
+ /* If we haven't at least one buffer, someone has doe a big booboo */
+ assert(*sbuffer != NULL || buffer != NULL);
+
+ /* |currlen| must always be <= |*maxlen| */
+ assert(*currlen <= *maxlen);
+
+ if (buffer && *currlen == *maxlen) {
+ if (*maxlen > INT_MAX - BUFFER_INC)
+ return 0;
+
+ *maxlen += BUFFER_INC;
+ if (*buffer == NULL) {
+ *buffer = OPENSSL_malloc(*maxlen);
+ if (*buffer == NULL)
+ return 0;
+ if (*currlen > 0) {
+ assert(*sbuffer != NULL);
+ memcpy(*buffer, *sbuffer, *currlen);
+ }
+ *sbuffer = NULL;
+ } else {
+ char *tmpbuf;
+ tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
+ if (tmpbuf == NULL)
+ return 0;
+ *buffer = tmpbuf;
+ }
+ }
+
+ if (*currlen < *maxlen) {
+ if (*sbuffer)
+ (*sbuffer)[(*currlen)++] = (char)c;
+ else
+ (*buffer)[(*currlen)++] = (char)c;
+ }
+
+ return 1;
+}
+
+/***************************************************************************/
+
+int BIO_printf(BIO *bio, const char *format, ...)
+{
+ va_list args;
+ int ret;
+
+ va_start(args, format);
+
+ ret = BIO_vprintf(bio, format, args);
+
+ va_end(args);
+ return (ret);
+}
+
+int BIO_vprintf(BIO *bio, const char *format, va_list args)
+{
+ int ret;
+ size_t retlen;
+ char hugebuf[1024 * 2]; /* Was previously 10k, which is unreasonable
+ * in small-stack environments, like threads
+ * or DOS programs. */
+ char *hugebufp = hugebuf;
+ size_t hugebufsize = sizeof(hugebuf);
+ char *dynbuf = NULL;
+ int ignored;
+
+ dynbuf = NULL;
+ CRYPTO_push_info("doapr()");
+ if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
+ args)) {
+ OPENSSL_free(dynbuf);
+ return -1;
+ }
+ if (dynbuf) {
+ ret = BIO_write(bio, dynbuf, (int)retlen);
+ OPENSSL_free(dynbuf);
+ } else {
+ ret = BIO_write(bio, hugebuf, (int)retlen);
+ }
+ CRYPTO_pop_info();
+ return (ret);
+}
+
+/*
+ * As snprintf is not available everywhere, we provide our own
+ * implementation. This function has nothing to do with BIOs, but it's
+ * closely related to BIO_printf, and we need *some* name prefix ... (XXX the
+ * function should be renamed, but to what?)
+ */
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+{
+ va_list args;
+ int ret;
+
+ va_start(args, format);
+
+ ret = BIO_vsnprintf(buf, n, format, args);
+
+ va_end(args);
+ return (ret);
+}
+
+int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+{
+ size_t retlen;
+ int truncated;
+
+ if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
+ return -1;
+
+ if (truncated)
+ /*
+ * In case of truncation, return -1 like traditional snprintf.
+ * (Current drafts for ISO/IEC 9899 say snprintf should return the
+ * number of characters that would have been written, had the buffer
+ * been large enough.)
+ */
+ return -1;
+ else
+ return (retlen <= INT_MAX) ? (int)retlen : -1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,253 +0,0 @@
-/* crypto/bio/bf_nbio.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-
-/*
- * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
- */
-
-static int nbiof_write(BIO *h, const char *buf, int num);
-static int nbiof_read(BIO *h, char *buf, int size);
-static int nbiof_puts(BIO *h, const char *str);
-static int nbiof_gets(BIO *h, char *str, int size);
-static long nbiof_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nbiof_new(BIO *h);
-static int nbiof_free(BIO *data);
-static long nbiof_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct nbio_test_st {
- /* only set if we sent a 'should retry' error */
- int lrn;
- int lwn;
-} NBIO_TEST;
-
-static BIO_METHOD methods_nbiof = {
- BIO_TYPE_NBIO_TEST,
- "non-blocking IO test filter",
- nbiof_write,
- nbiof_read,
- nbiof_puts,
- nbiof_gets,
- nbiof_ctrl,
- nbiof_new,
- nbiof_free,
- nbiof_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_nbio_test(void)
-{
- return (&methods_nbiof);
-}
-
-static int nbiof_new(BIO *bi)
-{
- NBIO_TEST *nt;
-
- if (!(nt = (NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST))))
- return (0);
- nt->lrn = -1;
- nt->lwn = -1;
- bi->ptr = (char *)nt;
- bi->init = 1;
- bi->flags = 0;
- return (1);
-}
-
-static int nbiof_free(BIO *a)
-{
- if (a == NULL)
- return (0);
- if (a->ptr != NULL)
- OPENSSL_free(a->ptr);
- a->ptr = NULL;
- a->init = 0;
- a->flags = 0;
- return (1);
-}
-
-static int nbiof_read(BIO *b, char *out, int outl)
-{
- int ret = 0;
-#if 1
- int num;
- unsigned char n;
-#endif
-
- if (out == NULL)
- return (0);
- if (b->next_bio == NULL)
- return (0);
-
- BIO_clear_retry_flags(b);
-#if 1
- if (RAND_pseudo_bytes(&n, 1) < 0)
- return -1;
- num = (n & 0x07);
-
- if (outl > num)
- outl = num;
-
- if (num == 0) {
- ret = -1;
- BIO_set_retry_read(b);
- } else
-#endif
- {
- ret = BIO_read(b->next_bio, out, outl);
- if (ret < 0)
- BIO_copy_next_retry(b);
- }
- return (ret);
-}
-
-static int nbiof_write(BIO *b, const char *in, int inl)
-{
- NBIO_TEST *nt;
- int ret = 0;
- int num;
- unsigned char n;
-
- if ((in == NULL) || (inl <= 0))
- return (0);
- if (b->next_bio == NULL)
- return (0);
- nt = (NBIO_TEST *)b->ptr;
-
- BIO_clear_retry_flags(b);
-
-#if 1
- if (nt->lwn > 0) {
- num = nt->lwn;
- nt->lwn = 0;
- } else {
- if (RAND_pseudo_bytes(&n, 1) < 0)
- return -1;
- num = (n & 7);
- }
-
- if (inl > num)
- inl = num;
-
- if (num == 0) {
- ret = -1;
- BIO_set_retry_write(b);
- } else
-#endif
- {
- ret = BIO_write(b->next_bio, in, inl);
- if (ret < 0) {
- BIO_copy_next_retry(b);
- nt->lwn = inl;
- }
- }
- return (ret);
-}
-
-static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
- long ret;
-
- if (b->next_bio == NULL)
- return (0);
- switch (cmd) {
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_CTRL_DUP:
- ret = 0L;
- break;
- default:
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- }
- return (ret);
-}
-
-static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
- long ret = 1;
-
- if (b->next_bio == NULL)
- return (0);
- switch (cmd) {
- default:
- ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
- break;
- }
- return (ret);
-}
-
-static int nbiof_gets(BIO *bp, char *buf, int size)
-{
- if (bp->next_bio == NULL)
- return (0);
- return (BIO_gets(bp->next_bio, buf, size));
-}
-
-static int nbiof_puts(BIO *bp, const char *str)
-{
- if (bp->next_bio == NULL)
- return (0);
- return (BIO_puts(bp->next_bio, str));
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bf_nbio.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,253 @@
+/* crypto/bio/bf_nbio.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/bio.h>
+
+/*
+ * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
+ */
+
+static int nbiof_write(BIO *h, const char *buf, int num);
+static int nbiof_read(BIO *h, char *buf, int size);
+static int nbiof_puts(BIO *h, const char *str);
+static int nbiof_gets(BIO *h, char *str, int size);
+static long nbiof_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int nbiof_new(BIO *h);
+static int nbiof_free(BIO *data);
+static long nbiof_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+typedef struct nbio_test_st {
+ /* only set if we sent a 'should retry' error */
+ int lrn;
+ int lwn;
+} NBIO_TEST;
+
+static BIO_METHOD methods_nbiof = {
+ BIO_TYPE_NBIO_TEST,
+ "non-blocking IO test filter",
+ nbiof_write,
+ nbiof_read,
+ nbiof_puts,
+ nbiof_gets,
+ nbiof_ctrl,
+ nbiof_new,
+ nbiof_free,
+ nbiof_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_nbio_test(void)
+{
+ return (&methods_nbiof);
+}
+
+static int nbiof_new(BIO *bi)
+{
+ NBIO_TEST *nt;
+
+ if (!(nt = (NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST))))
+ return (0);
+ nt->lrn = -1;
+ nt->lwn = -1;
+ bi->ptr = (char *)nt;
+ bi->init = 1;
+ bi->flags = 0;
+ return (1);
+}
+
+static int nbiof_free(BIO *a)
+{
+ if (a == NULL)
+ return (0);
+ if (a->ptr != NULL)
+ OPENSSL_free(a->ptr);
+ a->ptr = NULL;
+ a->init = 0;
+ a->flags = 0;
+ return (1);
+}
+
+static int nbiof_read(BIO *b, char *out, int outl)
+{
+ int ret = 0;
+#if 1
+ int num;
+ unsigned char n;
+#endif
+
+ if (out == NULL)
+ return (0);
+ if (b->next_bio == NULL)
+ return (0);
+
+ BIO_clear_retry_flags(b);
+#if 1
+ if (RAND_bytes(&n, 1) <= 0)
+ return -1;
+ num = (n & 0x07);
+
+ if (outl > num)
+ outl = num;
+
+ if (num == 0) {
+ ret = -1;
+ BIO_set_retry_read(b);
+ } else
+#endif
+ {
+ ret = BIO_read(b->next_bio, out, outl);
+ if (ret < 0)
+ BIO_copy_next_retry(b);
+ }
+ return (ret);
+}
+
+static int nbiof_write(BIO *b, const char *in, int inl)
+{
+ NBIO_TEST *nt;
+ int ret = 0;
+ int num;
+ unsigned char n;
+
+ if ((in == NULL) || (inl <= 0))
+ return (0);
+ if (b->next_bio == NULL)
+ return (0);
+ nt = (NBIO_TEST *)b->ptr;
+
+ BIO_clear_retry_flags(b);
+
+#if 1
+ if (nt->lwn > 0) {
+ num = nt->lwn;
+ nt->lwn = 0;
+ } else {
+ if (RAND_bytes(&n, 1) <= 0)
+ return -1;
+ num = (n & 7);
+ }
+
+ if (inl > num)
+ inl = num;
+
+ if (num == 0) {
+ ret = -1;
+ BIO_set_retry_write(b);
+ } else
+#endif
+ {
+ ret = BIO_write(b->next_bio, in, inl);
+ if (ret < 0) {
+ BIO_copy_next_retry(b);
+ nt->lwn = inl;
+ }
+ }
+ return (ret);
+}
+
+static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ long ret;
+
+ if (b->next_bio == NULL)
+ return (0);
+ switch (cmd) {
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_DUP:
+ ret = 0L;
+ break;
+ default:
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ }
+ return (ret);
+}
+
+static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+ long ret = 1;
+
+ if (b->next_bio == NULL)
+ return (0);
+ switch (cmd) {
+ default:
+ ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+ break;
+ }
+ return (ret);
+}
+
+static int nbiof_gets(BIO *bp, char *buf, int size)
+{
+ if (bp->next_bio == NULL)
+ return (0);
+ return (BIO_gets(bp->next_bio, buf, size));
+}
+
+static int nbiof_puts(BIO *bp, const char *str)
+{
+ if (bp->next_bio == NULL)
+ return (0);
+ return (BIO_puts(bp->next_bio, str));
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bio.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,875 +0,0 @@
-/* crypto/bio/bio.h */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-# define HEADER_BIO_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_FP_API
-# include <stdio.h>
-# endif
-# include <stdarg.h>
-
-# include <openssl/crypto.h>
-
-# ifndef OPENSSL_NO_SCTP
-# ifndef OPENSSL_SYS_VMS
-# include <stdint.h>
-# else
-# include <inttypes.h>
-# endif
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-# define BIO_TYPE_NONE 0
-# define BIO_TYPE_MEM (1|0x0400)
-# define BIO_TYPE_FILE (2|0x0400)
-
-# define BIO_TYPE_FD (4|0x0400|0x0100)
-# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
-# define BIO_TYPE_NULL (6|0x0400)
-# define BIO_TYPE_SSL (7|0x0200)
-# define BIO_TYPE_MD (8|0x0200)/* passive filter */
-# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
-# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
-# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
-# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
-# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
-# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
-# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
-# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
-# define BIO_TYPE_NULL_FILTER (17|0x0200)
-# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
-# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
-# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
-# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
-# ifndef OPENSSL_NO_SCTP
-# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
-# endif
-# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
-# define BIO_TYPE_COMP (23|0x0200)/* filter */
-
-# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
-# define BIO_TYPE_FILTER 0x0200
-# define BIO_TYPE_SOURCE_SINK 0x0400
-
-/*
- * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE);
- */
-# define BIO_NOCLOSE 0x00
-# define BIO_CLOSE 0x01
-
-/*
- * These are used in the following macros and are passed to BIO_ctrl()
- */
-# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
-# define BIO_CTRL_EOF 2/* opt - are we at the eof */
-# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
-# define BIO_CTRL_SET 4/* man - set the 'IO' type */
-# define BIO_CTRL_GET 5/* man - get the 'IO' type */
-# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
-# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
-# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
-# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
-# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
-# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
-# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
-# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
-# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
-
-# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
-
-/* dgram BIO stuff */
-# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
-# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
- * socket to be passed in */
-# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
-# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
-# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
-
-# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
-
-/* #ifdef IP_MTU_DISCOVER */
-# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
-/* #endif */
-
-# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
-# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
-# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
-# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
- * want to use this if asking
- * the kernel fails */
-
-# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
- * exceed in the previous write
- * operation */
-
-# define BIO_CTRL_DGRAM_GET_PEER 46
-# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
-
-# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
- * to adjust socket timeouts */
-
-# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
-
-# ifndef OPENSSL_NO_SCTP
-/* SCTP stuff */
-# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
-# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
-# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
-# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
-# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
-# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
-# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
-# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
-# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
-# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
-# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
-# endif
-
-/* modifiers */
-# define BIO_FP_READ 0x02
-# define BIO_FP_WRITE 0x04
-# define BIO_FP_APPEND 0x08
-# define BIO_FP_TEXT 0x10
-
-# define BIO_FLAGS_READ 0x01
-# define BIO_FLAGS_WRITE 0x02
-# define BIO_FLAGS_IO_SPECIAL 0x04
-# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-# define BIO_FLAGS_SHOULD_RETRY 0x08
-# ifndef BIO_FLAGS_UPLINK
-/*
- * "UPLINK" flag denotes file descriptors provided by application. It
- * defaults to 0, as most platforms don't require UPLINK interface.
- */
-# define BIO_FLAGS_UPLINK 0
-# endif
-
-/* Used in BIO_gethostbyname() */
-# define BIO_GHBN_CTRL_HITS 1
-# define BIO_GHBN_CTRL_MISSES 2
-# define BIO_GHBN_CTRL_CACHE_SIZE 3
-# define BIO_GHBN_CTRL_GET_ENTRY 4
-# define BIO_GHBN_CTRL_FLUSH 5
-
-/* Mostly used in the SSL BIO */
-/*-
- * Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
- */
-
-# define BIO_FLAGS_BASE64_NO_NL 0x100
-
-/*
- * This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-# define BIO_FLAGS_MEM_RDONLY 0x200
-
-typedef struct bio_st BIO;
-
-void BIO_set_flags(BIO *b, int flags);
-int BIO_test_flags(const BIO *b, int flags);
-void BIO_clear_flags(BIO *b, int flags);
-
-# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
-# define BIO_set_retry_special(b) \
- BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_set_retry_read(b) \
- BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_set_retry_write(b) \
- BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-# define BIO_clear_retry_flags(b) \
- BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_get_retry_flags(b) \
- BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
-# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
-# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
-# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
-
-/*
- * The next three are used in conjunction with the BIO_should_io_special()
- * condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
- * *reason); will walk the BIO stack and return the 'reason' for the special
- * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
- * the code.
- */
-/*
- * Returned from the SSL bio when the certificate retrieval code had an error
- */
-# define BIO_RR_SSL_X509_LOOKUP 0x01
-/* Returned from the connect BIO when a connect would have blocked */
-# define BIO_RR_CONNECT 0x02
-/* Returned from the accept BIO when an accept would have blocked */
-# define BIO_RR_ACCEPT 0x03
-
-/* These are passed by the BIO callback */
-# define BIO_CB_FREE 0x01
-# define BIO_CB_READ 0x02
-# define BIO_CB_WRITE 0x03
-# define BIO_CB_PUTS 0x04
-# define BIO_CB_GETS 0x05
-# define BIO_CB_CTRL 0x06
-
-/*
- * The callback is called before and after the underling operation, The
- * BIO_CB_RETURN flag indicates if it is after the call
- */
-# define BIO_CB_RETURN 0x80
-# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
-# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
-# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
-
-long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
- int, long, long);
-void BIO_set_callback(BIO *b,
- long (*callback) (struct bio_st *, int, const char *,
- int, long, long));
-char *BIO_get_callback_arg(const BIO *b);
-void BIO_set_callback_arg(BIO *b, char *arg);
-
-const char *BIO_method_name(const BIO *b);
-int BIO_method_type(const BIO *b);
-
-typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
- long);
-
-typedef struct bio_method_st {
- int type;
- const char *name;
- int (*bwrite) (BIO *, const char *, int);
- int (*bread) (BIO *, char *, int);
- int (*bputs) (BIO *, const char *);
- int (*bgets) (BIO *, char *, int);
- long (*ctrl) (BIO *, int, long, void *);
- int (*create) (BIO *);
- int (*destroy) (BIO *);
- long (*callback_ctrl) (BIO *, int, bio_info_cb *);
-} BIO_METHOD;
-
-struct bio_st {
- BIO_METHOD *method;
- /* bio, mode, argp, argi, argl, ret */
- long (*callback) (struct bio_st *, int, const char *, int, long, long);
- char *cb_arg; /* first argument for the callback */
- int init;
- int shutdown;
- int flags; /* extra storage */
- int retry_reason;
- int num;
- void *ptr;
- struct bio_st *next_bio; /* used by filter BIOs */
- struct bio_st *prev_bio; /* used by filter BIOs */
- int references;
- unsigned long num_read;
- unsigned long num_write;
- CRYPTO_EX_DATA ex_data;
-};
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct {
- /*-
- * Buffers are setup like this:
- *
- * <---------------------- size ----------------------->
- * +---------------------------------------------------+
- * | consumed | remaining | free space |
- * +---------------------------------------------------+
- * <-- off --><------- len ------->
- */
- /*- BIO *bio; *//*
- * this is now in the BIO struct
- */
- int ibuf_size; /* how big is the input buffer */
- int obuf_size; /* how big is the output buffer */
- char *ibuf; /* the char array */
- int ibuf_len; /* how many bytes are in it */
- int ibuf_off; /* write/read offset */
- char *obuf; /* the char array */
- int obuf_len; /* how many bytes are in it */
- int obuf_off; /* write/read offset */
-} BIO_F_BUFFER_CTX;
-
-/* Prefix and suffix callback in ASN1 BIO */
-typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
- void *parg);
-
-# ifndef OPENSSL_NO_SCTP
-/* SCTP parameter structs */
-struct bio_dgram_sctp_sndinfo {
- uint16_t snd_sid;
- uint16_t snd_flags;
- uint32_t snd_ppid;
- uint32_t snd_context;
-};
-
-struct bio_dgram_sctp_rcvinfo {
- uint16_t rcv_sid;
- uint16_t rcv_ssn;
- uint16_t rcv_flags;
- uint32_t rcv_ppid;
- uint32_t rcv_tsn;
- uint32_t rcv_cumtsn;
- uint32_t rcv_context;
-};
-
-struct bio_dgram_sctp_prinfo {
- uint16_t pr_policy;
- uint32_t pr_value;
-};
-# endif
-
-/* connect BIO stuff */
-# define BIO_CONN_S_BEFORE 1
-# define BIO_CONN_S_GET_IP 2
-# define BIO_CONN_S_GET_PORT 3
-# define BIO_CONN_S_CREATE_SOCKET 4
-# define BIO_CONN_S_CONNECT 5
-# define BIO_CONN_S_OK 6
-# define BIO_CONN_S_BLOCKED_CONNECT 7
-# define BIO_CONN_S_NBIO 8
-/*
- * #define BIO_CONN_get_param_hostname BIO_ctrl
- */
-
-# define BIO_C_SET_CONNECT 100
-# define BIO_C_DO_STATE_MACHINE 101
-# define BIO_C_SET_NBIO 102
-# define BIO_C_SET_PROXY_PARAM 103
-# define BIO_C_SET_FD 104
-# define BIO_C_GET_FD 105
-# define BIO_C_SET_FILE_PTR 106
-# define BIO_C_GET_FILE_PTR 107
-# define BIO_C_SET_FILENAME 108
-# define BIO_C_SET_SSL 109
-# define BIO_C_GET_SSL 110
-# define BIO_C_SET_MD 111
-# define BIO_C_GET_MD 112
-# define BIO_C_GET_CIPHER_STATUS 113
-# define BIO_C_SET_BUF_MEM 114
-# define BIO_C_GET_BUF_MEM_PTR 115
-# define BIO_C_GET_BUFF_NUM_LINES 116
-# define BIO_C_SET_BUFF_SIZE 117
-# define BIO_C_SET_ACCEPT 118
-# define BIO_C_SSL_MODE 119
-# define BIO_C_GET_MD_CTX 120
-# define BIO_C_GET_PROXY_PARAM 121
-# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
-# define BIO_C_GET_CONNECT 123
-# define BIO_C_GET_ACCEPT 124
-# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
-# define BIO_C_FILE_SEEK 128
-# define BIO_C_GET_CIPHER_CTX 129
-# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
- * value */
-# define BIO_C_SET_BIND_MODE 131
-# define BIO_C_GET_BIND_MODE 132
-# define BIO_C_FILE_TELL 133
-# define BIO_C_GET_SOCKS 134
-# define BIO_C_SET_SOCKS 135
-
-# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
-# define BIO_C_GET_WRITE_BUF_SIZE 137
-# define BIO_C_MAKE_BIO_PAIR 138
-# define BIO_C_DESTROY_BIO_PAIR 139
-# define BIO_C_GET_WRITE_GUARANTEE 140
-# define BIO_C_GET_READ_REQUEST 141
-# define BIO_C_SHUTDOWN_WR 142
-# define BIO_C_NREAD0 143
-# define BIO_C_NREAD 144
-# define BIO_C_NWRITE0 145
-# define BIO_C_NWRITE 146
-# define BIO_C_RESET_READ_REQUEST 147
-# define BIO_C_SET_MD_CTX 148
-
-# define BIO_C_SET_PREFIX 149
-# define BIO_C_GET_PREFIX 150
-# define BIO_C_SET_SUFFIX 151
-# define BIO_C_GET_SUFFIX 152
-
-# define BIO_C_SET_EX_ARG 153
-# define BIO_C_GET_EX_ARG 154
-
-# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
-# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
-
-# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept_socket() */
-# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
-# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-# define BIO_BIND_NORMAL 0
-# define BIO_BIND_REUSEADDR_IF_UNUSED 1
-# define BIO_BIND_REUSEADDR 2
-# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-# define BIO_do_connect(b) BIO_do_handshake(b)
-# define BIO_do_accept(b) BIO_do_handshake(b)
-# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/*
- * name is cast to lose const, but might be better to route through a
- * function so we can do it safely
- */
-# ifdef CONST_STRICT
-/*
- * If you are wondering why this isn't defined, its because CONST_STRICT is
- * purely a compile-time kludge to allow const to be checked.
- */
-int BIO_read_filename(BIO *b, const char *name);
-# else
-# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ,(char *)name)
-# endif
-# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_WRITE,name)
-# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_APPEND,name)
-# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/*
- * WARNING WARNING, this ups the reference count on the read bio of the SSL
- * structure. This is because the ssl read BIO is now pointed to by the
- * next_bio field in the bio. So when you free the BIO, make sure you are
- * doing a BIO_free_all() to catch the underlying BIO.
- */
-# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-# define BIO_set_ssl_renegotiate_bytes(b,num) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-# define BIO_get_num_renegotiates(b) \
- BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
-# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-# define BIO_set_mem_eof_return(b,v) \
- BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
- cbp)
-# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
-
-/* For the BIO_f_buffer() type */
-# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* ctrl macros for dgram */
-# define BIO_ctrl_dgram_connect(b,peer) \
- (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
-# define BIO_ctrl_set_connected(b, state, peer) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
-# define BIO_dgram_recv_timedout(b) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
-# define BIO_dgram_send_timedout(b) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
-# define BIO_dgram_get_peer(b,peer) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
-# define BIO_dgram_set_peer(b,peer) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
-# define BIO_dgram_get_mtu_overhead(b) \
- (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio, int idx, void *data);
-void *BIO_get_ex_data(BIO *bio, int idx);
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-/* For BIO_f_asn1() */
-int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
- asn1_ps_func *prefix_free);
-int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
- asn1_ps_func **pprefix_free);
-int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
- asn1_ps_func *suffix_free);
-int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
- asn1_ps_func **psuffix_free);
-
-# ifndef OPENSSL_NO_FP_API
-BIO_METHOD *BIO_s_file(void);
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal BIO_s_file
-# endif
-BIO *BIO_new(BIO_METHOD *type);
-int BIO_set(BIO *a, BIO_METHOD *type);
-int BIO_free(BIO *a);
-void BIO_vfree(BIO *a);
-int BIO_read(BIO *b, void *data, int len);
-int BIO_gets(BIO *bp, char *buf, int size);
-int BIO_write(BIO *b, const void *data, int len);
-int BIO_puts(BIO *bp, const char *buf);
-int BIO_indent(BIO *b, int indent, int max);
-long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd,
- void (*fp) (struct bio_st *, int, const char *, int,
- long, long));
-char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
-long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
-BIO *BIO_push(BIO *b, BIO *append);
-BIO *BIO_pop(BIO *b);
-void BIO_free_all(BIO *a);
-BIO *BIO_find_type(BIO *b, int bio_type);
-BIO *BIO_next(BIO *b);
-BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
-int BIO_get_retry_reason(BIO *bio);
-BIO *BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
- long argl, long ret);
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-# ifndef OPENSSL_SYS_OS2
-BIO_METHOD *BIO_s_log(void);
-# endif
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-# ifdef OPENSSL_SYS_VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-# endif
-BIO_METHOD *BIO_f_nbio_test(void);
-# ifndef OPENSSL_NO_DGRAM
-BIO_METHOD *BIO_s_datagram(void);
-# ifndef OPENSSL_NO_SCTP
-BIO_METHOD *BIO_s_datagram_sctp(void);
-# endif
-# endif
-
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int error);
-int BIO_dgram_non_fatal_error(int error);
-
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int error);
-int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
- void *u, const char *s, int len);
-int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
- void *u, const char *s, int len, int indent);
-int BIO_dump(BIO *b, const char *bytes, int len);
-int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
-# ifndef OPENSSL_NO_FP_API
-int BIO_dump_fp(FILE *fp, const char *s, int len);
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-# endif
-struct hostent *BIO_gethostbyname(const char *name);
-/*-
- * We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- * struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd, int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port, int mode);
-int BIO_accept(int sock, char **ip_port);
-int BIO_sock_init(void);
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock, int turn_on);
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_dgram(int fd, int close_flag);
-# ifndef OPENSSL_NO_SCTP
-BIO *BIO_new_dgram_sctp(int fd, int close_flag);
-int BIO_dgram_is_sctp(BIO *bio);
-int BIO_dgram_sctp_notification_cb(BIO *b,
- void (*handle_notifications) (BIO *bio,
- void
- *context,
- void *buf),
- void *context);
-int BIO_dgram_sctp_wait_for_dry(BIO *b);
-int BIO_dgram_sctp_msg_waiting(BIO *b);
-# endif
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(char *host_port);
-BIO *BIO_new_accept(char *host_port);
-
-int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
- BIO **bio2, size_t writebuf2);
-/*
- * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
- * value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-/*
- * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
- */
-
-# ifdef __GNUC__
-# define __bio_h__attr__ __attribute__
-# else
-# define __bio_h__attr__(x)
-# endif
-int BIO_printf(BIO *bio, const char *format, ...)
-__bio_h__attr__((__format__(__printf__, 2, 3)));
-int BIO_vprintf(BIO *bio, const char *format, va_list args)
-__bio_h__attr__((__format__(__printf__, 2, 0)));
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-__bio_h__attr__((__format__(__printf__, 3, 4)));
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-__bio_h__attr__((__format__(__printf__, 3, 0)));
-# undef __bio_h__attr__
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BIO_strings(void);
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-# define BIO_F_ACPT_STATE 100
-# define BIO_F_BIO_ACCEPT 101
-# define BIO_F_BIO_BER_GET_HEADER 102
-# define BIO_F_BIO_CALLBACK_CTRL 131
-# define BIO_F_BIO_CTRL 103
-# define BIO_F_BIO_GETHOSTBYNAME 120
-# define BIO_F_BIO_GETS 104
-# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
-# define BIO_F_BIO_GET_HOST_IP 106
-# define BIO_F_BIO_GET_PORT 107
-# define BIO_F_BIO_MAKE_PAIR 121
-# define BIO_F_BIO_NEW 108
-# define BIO_F_BIO_NEW_FILE 109
-# define BIO_F_BIO_NEW_MEM_BUF 126
-# define BIO_F_BIO_NREAD 123
-# define BIO_F_BIO_NREAD0 124
-# define BIO_F_BIO_NWRITE 125
-# define BIO_F_BIO_NWRITE0 122
-# define BIO_F_BIO_PUTS 110
-# define BIO_F_BIO_READ 111
-# define BIO_F_BIO_SOCK_INIT 112
-# define BIO_F_BIO_WRITE 113
-# define BIO_F_BUFFER_CTRL 114
-# define BIO_F_CONN_CTRL 127
-# define BIO_F_CONN_STATE 115
-# define BIO_F_DGRAM_SCTP_READ 132
-# define BIO_F_DGRAM_SCTP_WRITE 133
-# define BIO_F_FILE_CTRL 116
-# define BIO_F_FILE_READ 130
-# define BIO_F_LINEBUFFER_CTRL 129
-# define BIO_F_MEM_READ 128
-# define BIO_F_MEM_WRITE 117
-# define BIO_F_SSL_NEW 118
-# define BIO_F_WSASTARTUP 119
-
-/* Reason codes. */
-# define BIO_R_ACCEPT_ERROR 100
-# define BIO_R_BAD_FOPEN_MODE 101
-# define BIO_R_BAD_HOSTNAME_LOOKUP 102
-# define BIO_R_BROKEN_PIPE 124
-# define BIO_R_CONNECT_ERROR 103
-# define BIO_R_EOF_ON_MEMORY_BIO 127
-# define BIO_R_ERROR_SETTING_NBIO 104
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
-# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
-# define BIO_R_INVALID_ARGUMENT 125
-# define BIO_R_INVALID_IP_ADDRESS 108
-# define BIO_R_IN_USE 123
-# define BIO_R_KEEPALIVE 109
-# define BIO_R_NBIO_CONNECT_ERROR 110
-# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
-# define BIO_R_NO_HOSTNAME_SPECIFIED 112
-# define BIO_R_NO_PORT_DEFINED 113
-# define BIO_R_NO_PORT_SPECIFIED 114
-# define BIO_R_NO_SUCH_FILE 128
-# define BIO_R_NULL_PARAMETER 115
-# define BIO_R_TAG_MISMATCH 116
-# define BIO_R_UNABLE_TO_BIND_SOCKET 117
-# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
-# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
-# define BIO_R_UNINITIALIZED 120
-# define BIO_R_UNSUPPORTED_METHOD 121
-# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
-# define BIO_R_WSASTARTUP 122
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h (from rev 11605, vendor-crypto/openssl/dist/crypto/bio/bio.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bio.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,879 @@
+/* crypto/bio/bio.h */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BIO_H
+# define HEADER_BIO_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_FP_API
+# include <stdio.h>
+# endif
+# include <stdarg.h>
+
+# include <openssl/crypto.h>
+
+# ifndef OPENSSL_NO_SCTP
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* These are the 'types' of BIOs */
+# define BIO_TYPE_NONE 0
+# define BIO_TYPE_MEM (1|0x0400)
+# define BIO_TYPE_FILE (2|0x0400)
+
+# define BIO_TYPE_FD (4|0x0400|0x0100)
+# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
+# define BIO_TYPE_NULL (6|0x0400)
+# define BIO_TYPE_SSL (7|0x0200)
+# define BIO_TYPE_MD (8|0x0200)/* passive filter */
+# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
+# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
+# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
+# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
+# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
+# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
+# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NULL_FILTER (17|0x0200)
+# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
+# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
+# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
+# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
+# ifndef OPENSSL_NO_SCTP
+# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
+# endif
+# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
+# define BIO_TYPE_COMP (23|0x0200)/* filter */
+
+# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
+# define BIO_TYPE_FILTER 0x0200
+# define BIO_TYPE_SOURCE_SINK 0x0400
+
+/*
+ * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ */
+# define BIO_NOCLOSE 0x00
+# define BIO_CLOSE 0x01
+
+/*
+ * These are used in the following macros and are passed to BIO_ctrl()
+ */
+# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
+# define BIO_CTRL_EOF 2/* opt - are we at the eof */
+# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
+# define BIO_CTRL_SET 4/* man - set the 'IO' type */
+# define BIO_CTRL_GET 5/* man - get the 'IO' type */
+# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
+# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
+# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
+# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
+# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
+# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
+# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
+# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
+/* callback is int cb(BIO *bio,state,ret); */
+# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
+# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
+
+# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
+
+/* dgram BIO stuff */
+# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
+# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
+ * socket to be passed in */
+# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
+# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
+
+# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
+
+/* #ifdef IP_MTU_DISCOVER */
+# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
+/* #endif */
+
+# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
+# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
+# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
+# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
+ * want to use this if asking
+ * the kernel fails */
+
+# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
+ * exceed in the previous write
+ * operation */
+
+# define BIO_CTRL_DGRAM_GET_PEER 46
+# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
+
+# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
+ * to adjust socket timeouts */
+
+# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
+# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
+# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
+# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
+# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
+# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
+# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
+# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
+# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
+# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
+# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
+# endif
+
+/* modifiers */
+# define BIO_FP_READ 0x02
+# define BIO_FP_WRITE 0x04
+# define BIO_FP_APPEND 0x08
+# define BIO_FP_TEXT 0x10
+
+# define BIO_FLAGS_READ 0x01
+# define BIO_FLAGS_WRITE 0x02
+# define BIO_FLAGS_IO_SPECIAL 0x04
+# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+# define BIO_FLAGS_SHOULD_RETRY 0x08
+# ifndef BIO_FLAGS_UPLINK
+/*
+ * "UPLINK" flag denotes file descriptors provided by application. It
+ * defaults to 0, as most platforms don't require UPLINK interface.
+ */
+# define BIO_FLAGS_UPLINK 0
+# endif
+
+/* Used in BIO_gethostbyname() */
+# define BIO_GHBN_CTRL_HITS 1
+# define BIO_GHBN_CTRL_MISSES 2
+# define BIO_GHBN_CTRL_CACHE_SIZE 3
+# define BIO_GHBN_CTRL_GET_ENTRY 4
+# define BIO_GHBN_CTRL_FLUSH 5
+
+/* Mostly used in the SSL BIO */
+/*-
+ * Not used anymore
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+ * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
+ */
+
+# define BIO_FLAGS_BASE64_NO_NL 0x100
+
+/*
+ * This is used with memory BIOs: it means we shouldn't free up or change the
+ * data in any way.
+ */
+# define BIO_FLAGS_MEM_RDONLY 0x200
+
+typedef struct bio_st BIO;
+
+void BIO_set_flags(BIO *b, int flags);
+int BIO_test_flags(const BIO *b, int flags);
+void BIO_clear_flags(BIO *b, int flags);
+
+# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+# define BIO_set_retry_special(b) \
+ BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_read(b) \
+ BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_write(b) \
+ BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+# define BIO_clear_retry_flags(b) \
+ BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_get_retry_flags(b) \
+ BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These should be used by the application to tell why we should retry */
+# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
+# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
+# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
+# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+
+/*
+ * The next three are used in conjunction with the BIO_should_io_special()
+ * condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
+ * *reason); will walk the BIO stack and return the 'reason' for the special
+ * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
+ * the code.
+ */
+/*
+ * Returned from the SSL bio when the certificate retrieval code had an error
+ */
+# define BIO_RR_SSL_X509_LOOKUP 0x01
+/* Returned from the connect BIO when a connect would have blocked */
+# define BIO_RR_CONNECT 0x02
+/* Returned from the accept BIO when an accept would have blocked */
+# define BIO_RR_ACCEPT 0x03
+
+/* These are passed by the BIO callback */
+# define BIO_CB_FREE 0x01
+# define BIO_CB_READ 0x02
+# define BIO_CB_WRITE 0x03
+# define BIO_CB_PUTS 0x04
+# define BIO_CB_GETS 0x05
+# define BIO_CB_CTRL 0x06
+
+/*
+ * The callback is called before and after the underling operation, The
+ * BIO_CB_RETURN flag indicates if it is after the call
+ */
+# define BIO_CB_RETURN 0x80
+# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
+# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
+ int, long, long);
+void BIO_set_callback(BIO *b,
+ long (*callback) (struct bio_st *, int, const char *,
+ int, long, long));
+char *BIO_get_callback_arg(const BIO *b);
+void BIO_set_callback_arg(BIO *b, char *arg);
+
+const char *BIO_method_name(const BIO *b);
+int BIO_method_type(const BIO *b);
+
+typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
+ long);
+
+typedef struct bio_method_st {
+ int type;
+ const char *name;
+ int (*bwrite) (BIO *, const char *, int);
+ int (*bread) (BIO *, char *, int);
+ int (*bputs) (BIO *, const char *);
+ int (*bgets) (BIO *, char *, int);
+ long (*ctrl) (BIO *, int, long, void *);
+ int (*create) (BIO *);
+ int (*destroy) (BIO *);
+ long (*callback_ctrl) (BIO *, int, bio_info_cb *);
+} BIO_METHOD;
+
+struct bio_st {
+ BIO_METHOD *method;
+ /* bio, mode, argp, argi, argl, ret */
+ long (*callback) (struct bio_st *, int, const char *, int, long, long);
+ char *cb_arg; /* first argument for the callback */
+ int init;
+ int shutdown;
+ int flags; /* extra storage */
+ int retry_reason;
+ int num;
+ void *ptr;
+ struct bio_st *next_bio; /* used by filter BIOs */
+ struct bio_st *prev_bio; /* used by filter BIOs */
+ int references;
+ unsigned long num_read;
+ unsigned long num_write;
+ CRYPTO_EX_DATA ex_data;
+};
+
+DECLARE_STACK_OF(BIO)
+
+typedef struct bio_f_buffer_ctx_struct {
+ /*-
+ * Buffers are setup like this:
+ *
+ * <---------------------- size ----------------------->
+ * +---------------------------------------------------+
+ * | consumed | remaining | free space |
+ * +---------------------------------------------------+
+ * <-- off --><------- len ------->
+ */
+ /*- BIO *bio; *//*
+ * this is now in the BIO struct
+ */
+ int ibuf_size; /* how big is the input buffer */
+ int obuf_size; /* how big is the output buffer */
+ char *ibuf; /* the char array */
+ int ibuf_len; /* how many bytes are in it */
+ int ibuf_off; /* write/read offset */
+ char *obuf; /* the char array */
+ int obuf_len; /* how many bytes are in it */
+ int obuf_off; /* write/read offset */
+} BIO_F_BUFFER_CTX;
+
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo {
+ uint16_t snd_sid;
+ uint16_t snd_flags;
+ uint32_t snd_ppid;
+ uint32_t snd_context;
+};
+
+struct bio_dgram_sctp_rcvinfo {
+ uint16_t rcv_sid;
+ uint16_t rcv_ssn;
+ uint16_t rcv_flags;
+ uint32_t rcv_ppid;
+ uint32_t rcv_tsn;
+ uint32_t rcv_cumtsn;
+ uint32_t rcv_context;
+};
+
+struct bio_dgram_sctp_prinfo {
+ uint16_t pr_policy;
+ uint32_t pr_value;
+};
+# endif
+
+/* connect BIO stuff */
+# define BIO_CONN_S_BEFORE 1
+# define BIO_CONN_S_GET_IP 2
+# define BIO_CONN_S_GET_PORT 3
+# define BIO_CONN_S_CREATE_SOCKET 4
+# define BIO_CONN_S_CONNECT 5
+# define BIO_CONN_S_OK 6
+# define BIO_CONN_S_BLOCKED_CONNECT 7
+# define BIO_CONN_S_NBIO 8
+/*
+ * #define BIO_CONN_get_param_hostname BIO_ctrl
+ */
+
+# define BIO_C_SET_CONNECT 100
+# define BIO_C_DO_STATE_MACHINE 101
+# define BIO_C_SET_NBIO 102
+# define BIO_C_SET_PROXY_PARAM 103
+# define BIO_C_SET_FD 104
+# define BIO_C_GET_FD 105
+# define BIO_C_SET_FILE_PTR 106
+# define BIO_C_GET_FILE_PTR 107
+# define BIO_C_SET_FILENAME 108
+# define BIO_C_SET_SSL 109
+# define BIO_C_GET_SSL 110
+# define BIO_C_SET_MD 111
+# define BIO_C_GET_MD 112
+# define BIO_C_GET_CIPHER_STATUS 113
+# define BIO_C_SET_BUF_MEM 114
+# define BIO_C_GET_BUF_MEM_PTR 115
+# define BIO_C_GET_BUFF_NUM_LINES 116
+# define BIO_C_SET_BUFF_SIZE 117
+# define BIO_C_SET_ACCEPT 118
+# define BIO_C_SSL_MODE 119
+# define BIO_C_GET_MD_CTX 120
+# define BIO_C_GET_PROXY_PARAM 121
+# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
+# define BIO_C_GET_CONNECT 123
+# define BIO_C_GET_ACCEPT 124
+# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
+# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
+# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
+# define BIO_C_FILE_SEEK 128
+# define BIO_C_GET_CIPHER_CTX 129
+# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
+ * value */
+# define BIO_C_SET_BIND_MODE 131
+# define BIO_C_GET_BIND_MODE 132
+# define BIO_C_FILE_TELL 133
+# define BIO_C_GET_SOCKS 134
+# define BIO_C_SET_SOCKS 135
+
+# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
+# define BIO_C_GET_WRITE_BUF_SIZE 137
+# define BIO_C_MAKE_BIO_PAIR 138
+# define BIO_C_DESTROY_BIO_PAIR 139
+# define BIO_C_GET_WRITE_GUARANTEE 140
+# define BIO_C_GET_READ_REQUEST 141
+# define BIO_C_SHUTDOWN_WR 142
+# define BIO_C_NREAD0 143
+# define BIO_C_NREAD 144
+# define BIO_C_NWRITE0 145
+# define BIO_C_NWRITE 146
+# define BIO_C_RESET_READ_REQUEST 147
+# define BIO_C_SET_MD_CTX 148
+
+# define BIO_C_SET_PREFIX 149
+# define BIO_C_GET_PREFIX 150
+# define BIO_C_SET_SUFFIX 151
+# define BIO_C_GET_SUFFIX 152
+
+# define BIO_C_SET_EX_ARG 153
+# define BIO_C_GET_EX_ARG 154
+
+# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
+# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
+
+/* BIO_s_connect() and BIO_s_socks4a_connect() */
+# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
+# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
+# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
+# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
+# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
+# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
+
+# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+/* BIO_s_accept() */
+# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
+/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
+# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+
+# define BIO_BIND_NORMAL 0
+# define BIO_BIND_REUSEADDR_IF_UNUSED 1
+# define BIO_BIND_REUSEADDR 2
+# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
+# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
+
+/* BIO_s_accept() and BIO_s_connect() */
+# define BIO_do_connect(b) BIO_do_handshake(b)
+# define BIO_do_accept(b) BIO_do_handshake(b)
+# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_proxy_client() */
+# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+/* BIO_set_nbio(b,n) */
+# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+/* BIO *BIO_get_filter_bio(BIO *bio); */
+# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
+# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
+
+# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
+
+/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
+# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+/* BIO_s_file() */
+# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+
+/* BIO_s_fd() and BIO_s_file() */
+# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
+# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
+
+/*
+ * name is cast to lose const, but might be better to route through a
+ * function so we can do it safely
+ */
+# ifdef CONST_STRICT
+/*
+ * If you are wondering why this isn't defined, its because CONST_STRICT is
+ * purely a compile-time kludge to allow const to be checked.
+ */
+int BIO_read_filename(BIO *b, const char *name);
+# else
+# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ,(char *)name)
+# endif
+# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_WRITE,name)
+# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_APPEND,name)
+# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
+
+/*
+ * WARNING WARNING, this ups the reference count on the read bio of the SSL
+ * structure. This is because the ssl read BIO is now pointed to by the
+ * next_bio field in the bio. So when you free the BIO, make sure you are
+ * doing a BIO_free_all() to catch the underlying BIO.
+ */
+# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+# define BIO_set_ssl_renegotiate_bytes(b,num) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+# define BIO_get_num_renegotiates(b) \
+ BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
+# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+
+# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
+# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+# define BIO_set_mem_eof_return(b,v) \
+ BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
+
+/* For the BIO_f_buffer() type */
+# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+
+/* Don't use the next one unless you know what you are doing :-) */
+# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
+
+# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+/* ...pending macros have inappropriate return type */
+size_t BIO_ctrl_pending(BIO *b);
+size_t BIO_ctrl_wpending(BIO *b);
+# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
+ cbp)
+# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
+
+/* For the BIO_f_buffer() type */
+# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+
+/* For BIO_s_bio() */
+# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
+# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
+# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
+/* macros with inappropriate type -- but ...pending macros use int too: */
+# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
+# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
+size_t BIO_ctrl_get_write_guarantee(BIO *b);
+size_t BIO_ctrl_get_read_request(BIO *b);
+int BIO_ctrl_reset_read_request(BIO *b);
+
+/* ctrl macros for dgram */
+# define BIO_ctrl_dgram_connect(b,peer) \
+ (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
+# define BIO_ctrl_set_connected(b, state, peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
+# define BIO_dgram_recv_timedout(b) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
+# define BIO_dgram_send_timedout(b) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
+# define BIO_dgram_get_peer(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
+# define BIO_dgram_set_peer(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
+# define BIO_dgram_get_mtu_overhead(b) \
+ (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
+
+/* These two aren't currently implemented */
+/* int BIO_get_ex_num(BIO *bio); */
+/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
+int BIO_set_ex_data(BIO *bio, int idx, void *data);
+void *BIO_get_ex_data(BIO *bio, int idx);
+int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+unsigned long BIO_number_read(BIO *bio);
+unsigned long BIO_number_written(BIO *bio);
+
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+ asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+ asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+ asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+ asn1_ps_func **psuffix_free);
+
+# ifndef OPENSSL_NO_FP_API
+BIO_METHOD *BIO_s_file(void);
+BIO *BIO_new_file(const char *filename, const char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+# define BIO_s_file_internal BIO_s_file
+# endif
+BIO *BIO_new(BIO_METHOD *type);
+int BIO_set(BIO *a, BIO_METHOD *type);
+int BIO_free(BIO *a);
+void BIO_vfree(BIO *a);
+int BIO_read(BIO *b, void *data, int len);
+int BIO_gets(BIO *bp, char *buf, int size);
+int BIO_write(BIO *b, const void *data, int len);
+int BIO_puts(BIO *bp, const char *buf);
+int BIO_indent(BIO *b, int indent, int max);
+long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+long BIO_callback_ctrl(BIO *b, int cmd,
+ void (*fp) (struct bio_st *, int, const char *, int,
+ long, long));
+char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+BIO *BIO_push(BIO *b, BIO *append);
+BIO *BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO *BIO_find_type(BIO *b, int bio_type);
+BIO *BIO_next(BIO *b);
+BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+BIO *BIO_dup_chain(BIO *in);
+
+int BIO_nread0(BIO *bio, char **buf);
+int BIO_nread(BIO *bio, char **buf, int num);
+int BIO_nwrite0(BIO *bio, char **buf);
+int BIO_nwrite(BIO *bio, char **buf, int num);
+
+long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+ long argl, long ret);
+
+BIO_METHOD *BIO_s_mem(void);
+BIO *BIO_new_mem_buf(void *buf, int len);
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_connect(void);
+BIO_METHOD *BIO_s_accept(void);
+BIO_METHOD *BIO_s_fd(void);
+# ifndef OPENSSL_SYS_OS2
+BIO_METHOD *BIO_s_log(void);
+# endif
+BIO_METHOD *BIO_s_bio(void);
+BIO_METHOD *BIO_s_null(void);
+BIO_METHOD *BIO_f_null(void);
+BIO_METHOD *BIO_f_buffer(void);
+# ifdef OPENSSL_SYS_VMS
+BIO_METHOD *BIO_f_linebuffer(void);
+# endif
+BIO_METHOD *BIO_f_nbio_test(void);
+# ifndef OPENSSL_NO_DGRAM
+BIO_METHOD *BIO_s_datagram(void);
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void);
+# endif
+# endif
+
+/* BIO_METHOD *BIO_f_ber(void); */
+
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_dgram_non_fatal_error(int error);
+
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const char *s, int len);
+int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const char *s, int len, int indent);
+int BIO_dump(BIO *b, const char *bytes, int len);
+int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
+# ifndef OPENSSL_NO_FP_API
+int BIO_dump_fp(FILE *fp, const char *s, int len);
+int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
+# endif
+struct hostent *BIO_gethostbyname(const char *name);
+/*-
+ * We might want a thread-safe interface too:
+ * struct hostent *BIO_gethostbyname_r(const char *name,
+ * struct hostent *result, void *buffer, size_t buflen);
+ * or something similar (caller allocates a struct hostent,
+ * pointed to by "result", and additional buffer space for the various
+ * substructures; if the buffer does not suffice, NULL is returned
+ * and an appropriate error code is set).
+ */
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, void *arg);
+int BIO_socket_nbio(int fd, int mode);
+int BIO_get_port(const char *str, unsigned short *port_ptr);
+int BIO_get_host_ip(const char *str, unsigned char *ip);
+int BIO_get_accept_socket(char *host_port, int mode);
+int BIO_accept(int sock, char **ip_port);
+int BIO_sock_init(void);
+void BIO_sock_cleanup(void);
+int BIO_set_tcp_ndelay(int sock, int turn_on);
+
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_dgram(int fd, int close_flag);
+# ifndef OPENSSL_NO_SCTP
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications) (BIO *bio,
+ void
+ *context,
+ void *buf),
+ void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+# endif
+BIO *BIO_new_fd(int fd, int close_flag);
+BIO *BIO_new_connect(char *host_port);
+BIO *BIO_new_accept(char *host_port);
+
+int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
+ BIO **bio2, size_t writebuf2);
+/*
+ * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+ * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+ * value.
+ */
+
+void BIO_copy_next_retry(BIO *b);
+
+/*
+ * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+ */
+
+# ifdef __GNUC__
+# define __bio_h__attr__ __attribute__
+# else
+# define __bio_h__attr__(x)
+# endif
+int BIO_printf(BIO *bio, const char *format, ...)
+__bio_h__attr__((__format__(__printf__, 2, 3)));
+int BIO_vprintf(BIO *bio, const char *format, va_list args)
+__bio_h__attr__((__format__(__printf__, 2, 0)));
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+__bio_h__attr__((__format__(__printf__, 3, 4)));
+int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+__bio_h__attr__((__format__(__printf__, 3, 0)));
+# undef __bio_h__attr__
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BIO_strings(void);
+
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+# define BIO_F_ACPT_STATE 100
+# define BIO_F_BIO_ACCEPT 101
+# define BIO_F_BIO_BER_GET_HEADER 102
+# define BIO_F_BIO_CALLBACK_CTRL 131
+# define BIO_F_BIO_CTRL 103
+# define BIO_F_BIO_GETHOSTBYNAME 120
+# define BIO_F_BIO_GETS 104
+# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
+# define BIO_F_BIO_GET_HOST_IP 106
+# define BIO_F_BIO_GET_PORT 107
+# define BIO_F_BIO_MAKE_PAIR 121
+# define BIO_F_BIO_NEW 108
+# define BIO_F_BIO_NEW_FILE 109
+# define BIO_F_BIO_NEW_MEM_BUF 126
+# define BIO_F_BIO_NREAD 123
+# define BIO_F_BIO_NREAD0 124
+# define BIO_F_BIO_NWRITE 125
+# define BIO_F_BIO_NWRITE0 122
+# define BIO_F_BIO_PUTS 110
+# define BIO_F_BIO_READ 111
+# define BIO_F_BIO_SOCK_INIT 112
+# define BIO_F_BIO_WRITE 113
+# define BIO_F_BUFFER_CTRL 114
+# define BIO_F_CONN_CTRL 127
+# define BIO_F_CONN_STATE 115
+# define BIO_F_DGRAM_SCTP_READ 132
+# define BIO_F_DGRAM_SCTP_WRITE 133
+# define BIO_F_FILE_CTRL 116
+# define BIO_F_FILE_READ 130
+# define BIO_F_LINEBUFFER_CTRL 129
+# define BIO_F_MEM_READ 128
+# define BIO_F_MEM_WRITE 117
+# define BIO_F_SSL_NEW 118
+# define BIO_F_WSASTARTUP 119
+
+/* Reason codes. */
+# define BIO_R_ACCEPT_ERROR 100
+# define BIO_R_BAD_FOPEN_MODE 101
+# define BIO_R_BAD_HOSTNAME_LOOKUP 102
+# define BIO_R_BROKEN_PIPE 124
+# define BIO_R_CONNECT_ERROR 103
+# define BIO_R_EOF_ON_MEMORY_BIO 127
+# define BIO_R_ERROR_SETTING_NBIO 104
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+# define BIO_R_INVALID_ARGUMENT 125
+# define BIO_R_INVALID_IP_ADDRESS 108
+# define BIO_R_IN_USE 123
+# define BIO_R_KEEPALIVE 109
+# define BIO_R_NBIO_CONNECT_ERROR 110
+# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
+# define BIO_R_NO_HOSTNAME_SPECIFIED 112
+# define BIO_R_NO_PORT_DEFINED 113
+# define BIO_R_NO_PORT_SPECIFIED 114
+# define BIO_R_NO_SUCH_FILE 128
+# define BIO_R_NULL_PARAMETER 115
+# define BIO_R_TAG_MISMATCH 116
+# define BIO_R_UNABLE_TO_BIND_SOCKET 117
+# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
+# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
+# define BIO_R_UNINITIALIZED 120
+# define BIO_R_UNSUPPORTED_METHOD 121
+# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
+# define BIO_R_WSASTARTUP 122
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bss_bio.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,886 +0,0 @@
-/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- * Special method for a BIO where the other endpoint is also a BIO of this
- * kind, handled by the same thread (i.e. the "peer" is actually ourselves,
- * wearing a different hat). Such "BIO pairs" are mainly for using the SSL
- * library with I/O interfaces for which no specific BIO method is available.
- * See ssl/ssltest.c for some hints on how this can be used.
- */
-
-/* BIO_DEBUG implies BIO_PAIR_DEBUG */
-#ifdef BIO_DEBUG
-# ifndef BIO_PAIR_DEBUG
-# define BIO_PAIR_DEBUG
-# endif
-#endif
-
-/* disable assert() unless BIO_PAIR_DEBUG has been defined */
-#ifndef BIO_PAIR_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-#include "e_os.h"
-
-/* VxWorks defines SSIZE_MAX with an empty value causing compile errors */
-#if defined(OPENSSL_SYS_VXWORKS)
-# undef SSIZE_MAX
-#endif
-#ifndef SSIZE_MAX
-# define SSIZE_MAX INT_MAX
-#endif
-
-static int bio_new(BIO *bio);
-static int bio_free(BIO *bio);
-static int bio_read(BIO *bio, char *buf, int size);
-static int bio_write(BIO *bio, const char *buf, int num);
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
-static int bio_puts(BIO *bio, const char *str);
-
-static int bio_make_pair(BIO *bio1, BIO *bio2);
-static void bio_destroy_pair(BIO *bio);
-
-static BIO_METHOD methods_biop = {
- BIO_TYPE_BIO,
- "BIO pair",
- bio_write,
- bio_read,
- bio_puts,
- NULL /* no bio_gets */ ,
- bio_ctrl,
- bio_new,
- bio_free,
- NULL /* no bio_callback_ctrl */
-};
-
-BIO_METHOD *BIO_s_bio(void)
-{
- return &methods_biop;
-}
-
-struct bio_bio_st {
- BIO *peer; /* NULL if buf == NULL. If peer != NULL, then
- * peer->ptr is also a bio_bio_st, and its
- * "peer" member points back to us. peer !=
- * NULL iff init != 0 in the BIO. */
- /* This is for what we write (i.e. reading uses peer's struct): */
- int closed; /* valid iff peer != NULL */
- size_t len; /* valid iff buf != NULL; 0 if peer == NULL */
- size_t offset; /* valid iff buf != NULL; 0 if len == 0 */
- size_t size;
- char *buf; /* "size" elements (if != NULL) */
- size_t request; /* valid iff peer != NULL; 0 if len != 0,
- * otherwise set by peer to number of bytes
- * it (unsuccessfully) tried to read, never
- * more than buffer space (size-len)
- * warrants. */
-};
-
-static int bio_new(BIO *bio)
-{
- struct bio_bio_st *b;
-
- b = OPENSSL_malloc(sizeof *b);
- if (b == NULL)
- return 0;
-
- b->peer = NULL;
- /* enough for one TLS record (just a default) */
- b->size = 17 * 1024;
- b->buf = NULL;
-
- bio->ptr = b;
- return 1;
-}
-
-static int bio_free(BIO *bio)
-{
- struct bio_bio_st *b;
-
- if (bio == NULL)
- return 0;
- b = bio->ptr;
-
- assert(b != NULL);
-
- if (b->peer)
- bio_destroy_pair(bio);
-
- if (b->buf != NULL) {
- OPENSSL_free(b->buf);
- }
-
- OPENSSL_free(b);
-
- return 1;
-}
-
-static int bio_read(BIO *bio, char *buf, int size_)
-{
- size_t size = size_;
- size_t rest;
- struct bio_bio_st *b, *peer_b;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- peer_b = b->peer->ptr;
- assert(peer_b != NULL);
- assert(peer_b->buf != NULL);
-
- peer_b->request = 0; /* will be set in "retry_read" situation */
-
- if (buf == NULL || size == 0)
- return 0;
-
- if (peer_b->len == 0) {
- if (peer_b->closed)
- return 0; /* writer has closed, and no data is left */
- else {
- BIO_set_retry_read(bio); /* buffer is empty */
- if (size <= peer_b->size)
- peer_b->request = size;
- else
- /*
- * don't ask for more than the peer can deliver in one write
- */
- peer_b->request = peer_b->size;
- return -1;
- }
- }
-
- /* we can read */
- if (peer_b->len < size)
- size = peer_b->len;
-
- /* now read "size" bytes */
-
- rest = size;
-
- assert(rest > 0);
- do { /* one or two iterations */
- size_t chunk;
-
- assert(rest <= peer_b->len);
- if (peer_b->offset + rest <= peer_b->size)
- chunk = rest;
- else
- /* wrap around ring buffer */
- chunk = peer_b->size - peer_b->offset;
- assert(peer_b->offset + chunk <= peer_b->size);
-
- memcpy(buf, peer_b->buf + peer_b->offset, chunk);
-
- peer_b->len -= chunk;
- if (peer_b->len) {
- peer_b->offset += chunk;
- assert(peer_b->offset <= peer_b->size);
- if (peer_b->offset == peer_b->size)
- peer_b->offset = 0;
- buf += chunk;
- } else {
- /* buffer now empty, no need to advance "buf" */
- assert(chunk == rest);
- peer_b->offset = 0;
- }
- rest -= chunk;
- }
- while (rest);
-
- return size;
-}
-
-/*-
- * non-copying interface: provide pointer to available data in buffer
- * bio_nread0: return number of available bytes
- * bio_nread: also advance index
- * (example usage: bio_nread0(), read from buffer, bio_nread()
- * or just bio_nread(), read from buffer)
- */
-/*
- * WARNING: The non-copying interface is largely untested as of yet and may
- * contain bugs.
- */
-static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
-{
- struct bio_bio_st *b, *peer_b;
- ossl_ssize_t num;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- peer_b = b->peer->ptr;
- assert(peer_b != NULL);
- assert(peer_b->buf != NULL);
-
- peer_b->request = 0;
-
- if (peer_b->len == 0) {
- char dummy;
-
- /* avoid code duplication -- nothing available for reading */
- return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
- }
-
- num = peer_b->len;
- if (peer_b->size < peer_b->offset + num)
- /* no ring buffer wrap-around for non-copying interface */
- num = peer_b->size - peer_b->offset;
- assert(num > 0);
-
- if (buf != NULL)
- *buf = peer_b->buf + peer_b->offset;
- return num;
-}
-
-static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
-{
- struct bio_bio_st *b, *peer_b;
- ossl_ssize_t num, available;
-
- if (num_ > SSIZE_MAX)
- num = SSIZE_MAX;
- else
- num = (ossl_ssize_t) num_;
-
- available = bio_nread0(bio, buf);
- if (num > available)
- num = available;
- if (num <= 0)
- return num;
-
- b = bio->ptr;
- peer_b = b->peer->ptr;
-
- peer_b->len -= num;
- if (peer_b->len) {
- peer_b->offset += num;
- assert(peer_b->offset <= peer_b->size);
- if (peer_b->offset == peer_b->size)
- peer_b->offset = 0;
- } else
- peer_b->offset = 0;
-
- return num;
-}
-
-static int bio_write(BIO *bio, const char *buf, int num_)
-{
- size_t num = num_;
- size_t rest;
- struct bio_bio_st *b;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init || buf == NULL || num == 0)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- assert(b->buf != NULL);
-
- b->request = 0;
- if (b->closed) {
- /* we already closed */
- BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
- return -1;
- }
-
- assert(b->len <= b->size);
-
- if (b->len == b->size) {
- BIO_set_retry_write(bio); /* buffer is full */
- return -1;
- }
-
- /* we can write */
- if (num > b->size - b->len)
- num = b->size - b->len;
-
- /* now write "num" bytes */
-
- rest = num;
-
- assert(rest > 0);
- do { /* one or two iterations */
- size_t write_offset;
- size_t chunk;
-
- assert(b->len + rest <= b->size);
-
- write_offset = b->offset + b->len;
- if (write_offset >= b->size)
- write_offset -= b->size;
- /* b->buf[write_offset] is the first byte we can write to. */
-
- if (write_offset + rest <= b->size)
- chunk = rest;
- else
- /* wrap around ring buffer */
- chunk = b->size - write_offset;
-
- memcpy(b->buf + write_offset, buf, chunk);
-
- b->len += chunk;
-
- assert(b->len <= b->size);
-
- rest -= chunk;
- buf += chunk;
- }
- while (rest);
-
- return num;
-}
-
-/*-
- * non-copying interface: provide pointer to region to write to
- * bio_nwrite0: check how much space is available
- * bio_nwrite: also increase length
- * (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
- * or just bio_nwrite(), write to buffer)
- */
-static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
-{
- struct bio_bio_st *b;
- size_t num;
- size_t write_offset;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- assert(b->buf != NULL);
-
- b->request = 0;
- if (b->closed) {
- BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
- return -1;
- }
-
- assert(b->len <= b->size);
-
- if (b->len == b->size) {
- BIO_set_retry_write(bio);
- return -1;
- }
-
- num = b->size - b->len;
- write_offset = b->offset + b->len;
- if (write_offset >= b->size)
- write_offset -= b->size;
- if (write_offset + num > b->size)
- /*
- * no ring buffer wrap-around for non-copying interface (to fulfil
- * the promise by BIO_ctrl_get_write_guarantee, BIO_nwrite may have
- * to be called twice)
- */
- num = b->size - write_offset;
-
- if (buf != NULL)
- *buf = b->buf + write_offset;
- assert(write_offset + num <= b->size);
-
- return num;
-}
-
-static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
-{
- struct bio_bio_st *b;
- ossl_ssize_t num, space;
-
- if (num_ > SSIZE_MAX)
- num = SSIZE_MAX;
- else
- num = (ossl_ssize_t) num_;
-
- space = bio_nwrite0(bio, buf);
- if (num > space)
- num = space;
- if (num <= 0)
- return num;
- b = bio->ptr;
- assert(b != NULL);
- b->len += num;
- assert(b->len <= b->size);
-
- return num;
-}
-
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
-{
- long ret;
- struct bio_bio_st *b = bio->ptr;
-
- assert(b != NULL);
-
- switch (cmd) {
- /* specific CTRL codes */
-
- case BIO_C_SET_WRITE_BUF_SIZE:
- if (b->peer) {
- BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
- ret = 0;
- } else if (num == 0) {
- BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
- ret = 0;
- } else {
- size_t new_size = num;
-
- if (b->size != new_size) {
- if (b->buf) {
- OPENSSL_free(b->buf);
- b->buf = NULL;
- }
- b->size = new_size;
- }
- ret = 1;
- }
- break;
-
- case BIO_C_GET_WRITE_BUF_SIZE:
- ret = (long)b->size;
- break;
-
- case BIO_C_MAKE_BIO_PAIR:
- {
- BIO *other_bio = ptr;
-
- if (bio_make_pair(bio, other_bio))
- ret = 1;
- else
- ret = 0;
- }
- break;
-
- case BIO_C_DESTROY_BIO_PAIR:
- /*
- * Affects both BIOs in the pair -- call just once! Or let
- * BIO_free(bio1); BIO_free(bio2); do the job.
- */
- bio_destroy_pair(bio);
- ret = 1;
- break;
-
- case BIO_C_GET_WRITE_GUARANTEE:
- /*
- * How many bytes can the caller feed to the next write without
- * having to keep any?
- */
- if (b->peer == NULL || b->closed)
- ret = 0;
- else
- ret = (long)b->size - b->len;
- break;
-
- case BIO_C_GET_READ_REQUEST:
- /*
- * If the peer unsuccessfully tried to read, how many bytes were
- * requested? (As with BIO_CTRL_PENDING, that number can usually be
- * treated as boolean.)
- */
- ret = (long)b->request;
- break;
-
- case BIO_C_RESET_READ_REQUEST:
- /*
- * Reset request. (Can be useful after read attempts at the other
- * side that are meant to be non-blocking, e.g. when probing SSL_read
- * to see if any data is available.)
- */
- b->request = 0;
- ret = 1;
- break;
-
- case BIO_C_SHUTDOWN_WR:
- /* similar to shutdown(..., SHUT_WR) */
- b->closed = 1;
- ret = 1;
- break;
-
- case BIO_C_NREAD0:
- /* prepare for non-copying read */
- ret = (long)bio_nread0(bio, ptr);
- break;
-
- case BIO_C_NREAD:
- /* non-copying read */
- ret = (long)bio_nread(bio, ptr, (size_t)num);
- break;
-
- case BIO_C_NWRITE0:
- /* prepare for non-copying write */
- ret = (long)bio_nwrite0(bio, ptr);
- break;
-
- case BIO_C_NWRITE:
- /* non-copying write */
- ret = (long)bio_nwrite(bio, ptr, (size_t)num);
- break;
-
- /* standard CTRL codes follow */
-
- case BIO_CTRL_RESET:
- if (b->buf != NULL) {
- b->len = 0;
- b->offset = 0;
- }
- ret = 0;
- break;
-
- case BIO_CTRL_GET_CLOSE:
- ret = bio->shutdown;
- break;
-
- case BIO_CTRL_SET_CLOSE:
- bio->shutdown = (int)num;
- ret = 1;
- break;
-
- case BIO_CTRL_PENDING:
- if (b->peer != NULL) {
- struct bio_bio_st *peer_b = b->peer->ptr;
-
- ret = (long)peer_b->len;
- } else
- ret = 0;
- break;
-
- case BIO_CTRL_WPENDING:
- if (b->buf != NULL)
- ret = (long)b->len;
- else
- ret = 0;
- break;
-
- case BIO_CTRL_DUP:
- /* See BIO_dup_chain for circumstances we have to expect. */
- {
- BIO *other_bio = ptr;
- struct bio_bio_st *other_b;
-
- assert(other_bio != NULL);
- other_b = other_bio->ptr;
- assert(other_b != NULL);
-
- assert(other_b->buf == NULL); /* other_bio is always fresh */
-
- other_b->size = b->size;
- }
-
- ret = 1;
- break;
-
- case BIO_CTRL_FLUSH:
- ret = 1;
- break;
-
- case BIO_CTRL_EOF:
- {
- BIO *other_bio = ptr;
-
- if (other_bio) {
- struct bio_bio_st *other_b = other_bio->ptr;
-
- assert(other_b != NULL);
- ret = other_b->len == 0 && other_b->closed;
- } else
- ret = 1;
- }
- break;
-
- default:
- ret = 0;
- }
- return ret;
-}
-
-static int bio_puts(BIO *bio, const char *str)
-{
- return bio_write(bio, str, strlen(str));
-}
-
-static int bio_make_pair(BIO *bio1, BIO *bio2)
-{
- struct bio_bio_st *b1, *b2;
-
- assert(bio1 != NULL);
- assert(bio2 != NULL);
-
- b1 = bio1->ptr;
- b2 = bio2->ptr;
-
- if (b1->peer != NULL || b2->peer != NULL) {
- BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
- return 0;
- }
-
- if (b1->buf == NULL) {
- b1->buf = OPENSSL_malloc(b1->size);
- if (b1->buf == NULL) {
- BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- b1->len = 0;
- b1->offset = 0;
- }
-
- if (b2->buf == NULL) {
- b2->buf = OPENSSL_malloc(b2->size);
- if (b2->buf == NULL) {
- BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- b2->len = 0;
- b2->offset = 0;
- }
-
- b1->peer = bio2;
- b1->closed = 0;
- b1->request = 0;
- b2->peer = bio1;
- b2->closed = 0;
- b2->request = 0;
-
- bio1->init = 1;
- bio2->init = 1;
-
- return 1;
-}
-
-static void bio_destroy_pair(BIO *bio)
-{
- struct bio_bio_st *b = bio->ptr;
-
- if (b != NULL) {
- BIO *peer_bio = b->peer;
-
- if (peer_bio != NULL) {
- struct bio_bio_st *peer_b = peer_bio->ptr;
-
- assert(peer_b != NULL);
- assert(peer_b->peer == bio);
-
- peer_b->peer = NULL;
- peer_bio->init = 0;
- assert(peer_b->buf != NULL);
- peer_b->len = 0;
- peer_b->offset = 0;
-
- b->peer = NULL;
- bio->init = 0;
- assert(b->buf != NULL);
- b->len = 0;
- b->offset = 0;
- }
- }
-}
-
-/* Exported convenience functions */
-int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
- BIO **bio2_p, size_t writebuf2)
-{
- BIO *bio1 = NULL, *bio2 = NULL;
- long r;
- int ret = 0;
-
- bio1 = BIO_new(BIO_s_bio());
- if (bio1 == NULL)
- goto err;
- bio2 = BIO_new(BIO_s_bio());
- if (bio2 == NULL)
- goto err;
-
- if (writebuf1) {
- r = BIO_set_write_buf_size(bio1, writebuf1);
- if (!r)
- goto err;
- }
- if (writebuf2) {
- r = BIO_set_write_buf_size(bio2, writebuf2);
- if (!r)
- goto err;
- }
-
- r = BIO_make_bio_pair(bio1, bio2);
- if (!r)
- goto err;
- ret = 1;
-
- err:
- if (ret == 0) {
- if (bio1) {
- BIO_free(bio1);
- bio1 = NULL;
- }
- if (bio2) {
- BIO_free(bio2);
- bio2 = NULL;
- }
- }
-
- *bio1_p = bio1;
- *bio2_p = bio2;
- return ret;
-}
-
-size_t BIO_ctrl_get_write_guarantee(BIO *bio)
-{
- return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
-}
-
-size_t BIO_ctrl_get_read_request(BIO *bio)
-{
- return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
-}
-
-int BIO_ctrl_reset_read_request(BIO *bio)
-{
- return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
-}
-
-/*
- * BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
- * (conceivably some other BIOs could allow non-copying reads and writes
- * too.)
- */
-int BIO_nread0(BIO *bio, char **buf)
-{
- long ret;
-
- if (!bio->init) {
- BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
- if (ret > INT_MAX)
- return INT_MAX;
- else
- return (int)ret;
-}
-
-int BIO_nread(BIO *bio, char **buf, int num)
-{
- int ret;
-
- if (!bio->init) {
- BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = (int)BIO_ctrl(bio, BIO_C_NREAD, num, buf);
- if (ret > 0)
- bio->num_read += ret;
- return ret;
-}
-
-int BIO_nwrite0(BIO *bio, char **buf)
-{
- long ret;
-
- if (!bio->init) {
- BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
- if (ret > INT_MAX)
- return INT_MAX;
- else
- return (int)ret;
-}
-
-int BIO_nwrite(BIO *bio, char **buf, int num)
-{
- int ret;
-
- if (!bio->init) {
- BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
- if (ret > 0)
- bio->num_write += ret;
- return ret;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bio/bss_bio.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bss_bio.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,886 @@
+/* crypto/bio/bss_bio.c */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * Special method for a BIO where the other endpoint is also a BIO of this
+ * kind, handled by the same thread (i.e. the "peer" is actually ourselves,
+ * wearing a different hat). Such "BIO pairs" are mainly for using the SSL
+ * library with I/O interfaces for which no specific BIO method is available.
+ * See ssl/ssltest.c for some hints on how this can be used.
+ */
+
+/* BIO_DEBUG implies BIO_PAIR_DEBUG */
+#ifdef BIO_DEBUG
+# ifndef BIO_PAIR_DEBUG
+# define BIO_PAIR_DEBUG
+# endif
+#endif
+
+/* disable assert() unless BIO_PAIR_DEBUG has been defined */
+#ifndef BIO_PAIR_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+
+#include <assert.h>
+#include <limits.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/crypto.h>
+
+#include "e_os.h"
+
+/* VxWorks defines SSIZE_MAX with an empty value causing compile errors */
+#if defined(OPENSSL_SYS_VXWORKS)
+# undef SSIZE_MAX
+#endif
+#ifndef SSIZE_MAX
+# define SSIZE_MAX INT_MAX
+#endif
+
+static int bio_new(BIO *bio);
+static int bio_free(BIO *bio);
+static int bio_read(BIO *bio, char *buf, int size);
+static int bio_write(BIO *bio, const char *buf, int num);
+static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
+static int bio_puts(BIO *bio, const char *str);
+
+static int bio_make_pair(BIO *bio1, BIO *bio2);
+static void bio_destroy_pair(BIO *bio);
+
+static BIO_METHOD methods_biop = {
+ BIO_TYPE_BIO,
+ "BIO pair",
+ bio_write,
+ bio_read,
+ bio_puts,
+ NULL /* no bio_gets */ ,
+ bio_ctrl,
+ bio_new,
+ bio_free,
+ NULL /* no bio_callback_ctrl */
+};
+
+BIO_METHOD *BIO_s_bio(void)
+{
+ return &methods_biop;
+}
+
+struct bio_bio_st {
+ BIO *peer; /* NULL if buf == NULL. If peer != NULL, then
+ * peer->ptr is also a bio_bio_st, and its
+ * "peer" member points back to us. peer !=
+ * NULL iff init != 0 in the BIO. */
+ /* This is for what we write (i.e. reading uses peer's struct): */
+ int closed; /* valid iff peer != NULL */
+ size_t len; /* valid iff buf != NULL; 0 if peer == NULL */
+ size_t offset; /* valid iff buf != NULL; 0 if len == 0 */
+ size_t size;
+ char *buf; /* "size" elements (if != NULL) */
+ size_t request; /* valid iff peer != NULL; 0 if len != 0,
+ * otherwise set by peer to number of bytes
+ * it (unsuccessfully) tried to read, never
+ * more than buffer space (size-len)
+ * warrants. */
+};
+
+static int bio_new(BIO *bio)
+{
+ struct bio_bio_st *b;
+
+ b = OPENSSL_malloc(sizeof *b);
+ if (b == NULL)
+ return 0;
+
+ b->peer = NULL;
+ /* enough for one TLS record (just a default) */
+ b->size = 17 * 1024;
+ b->buf = NULL;
+
+ bio->ptr = b;
+ return 1;
+}
+
+static int bio_free(BIO *bio)
+{
+ struct bio_bio_st *b;
+
+ if (bio == NULL)
+ return 0;
+ b = bio->ptr;
+
+ assert(b != NULL);
+
+ if (b->peer)
+ bio_destroy_pair(bio);
+
+ if (b->buf != NULL) {
+ OPENSSL_free(b->buf);
+ }
+
+ OPENSSL_free(b);
+
+ return 1;
+}
+
+static int bio_read(BIO *bio, char *buf, int size_)
+{
+ size_t size = size_;
+ size_t rest;
+ struct bio_bio_st *b, *peer_b;
+
+ BIO_clear_retry_flags(bio);
+
+ if (!bio->init)
+ return 0;
+
+ b = bio->ptr;
+ assert(b != NULL);
+ assert(b->peer != NULL);
+ peer_b = b->peer->ptr;
+ assert(peer_b != NULL);
+ assert(peer_b->buf != NULL);
+
+ peer_b->request = 0; /* will be set in "retry_read" situation */
+
+ if (buf == NULL || size == 0)
+ return 0;
+
+ if (peer_b->len == 0) {
+ if (peer_b->closed)
+ return 0; /* writer has closed, and no data is left */
+ else {
+ BIO_set_retry_read(bio); /* buffer is empty */
+ if (size <= peer_b->size)
+ peer_b->request = size;
+ else
+ /*
+ * don't ask for more than the peer can deliver in one write
+ */
+ peer_b->request = peer_b->size;
+ return -1;
+ }
+ }
+
+ /* we can read */
+ if (peer_b->len < size)
+ size = peer_b->len;
+
+ /* now read "size" bytes */
+
+ rest = size;
+
+ assert(rest > 0);
+ do { /* one or two iterations */
+ size_t chunk;
+
+ assert(rest <= peer_b->len);
+ if (peer_b->offset + rest <= peer_b->size)
+ chunk = rest;
+ else
+ /* wrap around ring buffer */
+ chunk = peer_b->size - peer_b->offset;
+ assert(peer_b->offset + chunk <= peer_b->size);
+
+ memcpy(buf, peer_b->buf + peer_b->offset, chunk);
+
+ peer_b->len -= chunk;
+ if (peer_b->len) {
+ peer_b->offset += chunk;
+ assert(peer_b->offset <= peer_b->size);
+ if (peer_b->offset == peer_b->size)
+ peer_b->offset = 0;
+ buf += chunk;
+ } else {
+ /* buffer now empty, no need to advance "buf" */
+ assert(chunk == rest);
+ peer_b->offset = 0;
+ }
+ rest -= chunk;
+ }
+ while (rest);
+
+ return size;
+}
+
+/*-
+ * non-copying interface: provide pointer to available data in buffer
+ * bio_nread0: return number of available bytes
+ * bio_nread: also advance index
+ * (example usage: bio_nread0(), read from buffer, bio_nread()
+ * or just bio_nread(), read from buffer)
+ */
+/*
+ * WARNING: The non-copying interface is largely untested as of yet and may
+ * contain bugs.
+ */
+static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
+{
+ struct bio_bio_st *b, *peer_b;
+ ossl_ssize_t num;
+
+ BIO_clear_retry_flags(bio);
+
+ if (!bio->init)
+ return 0;
+
+ b = bio->ptr;
+ assert(b != NULL);
+ assert(b->peer != NULL);
+ peer_b = b->peer->ptr;
+ assert(peer_b != NULL);
+ assert(peer_b->buf != NULL);
+
+ peer_b->request = 0;
+
+ if (peer_b->len == 0) {
+ char dummy;
+
+ /* avoid code duplication -- nothing available for reading */
+ return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
+ }
+
+ num = peer_b->len;
+ if (peer_b->size < peer_b->offset + num)
+ /* no ring buffer wrap-around for non-copying interface */
+ num = peer_b->size - peer_b->offset;
+ assert(num > 0);
+
+ if (buf != NULL)
+ *buf = peer_b->buf + peer_b->offset;
+ return num;
+}
+
+static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
+{
+ struct bio_bio_st *b, *peer_b;
+ ossl_ssize_t num, available;
+
+ if (num_ > SSIZE_MAX)
+ num = SSIZE_MAX;
+ else
+ num = (ossl_ssize_t) num_;
+
+ available = bio_nread0(bio, buf);
+ if (num > available)
+ num = available;
+ if (num <= 0)
+ return num;
+
+ b = bio->ptr;
+ peer_b = b->peer->ptr;
+
+ peer_b->len -= num;
+ if (peer_b->len) {
+ peer_b->offset += num;
+ assert(peer_b->offset <= peer_b->size);
+ if (peer_b->offset == peer_b->size)
+ peer_b->offset = 0;
+ } else
+ peer_b->offset = 0;
+
+ return num;
+}
+
+static int bio_write(BIO *bio, const char *buf, int num_)
+{
+ size_t num = num_;
+ size_t rest;
+ struct bio_bio_st *b;
+
+ BIO_clear_retry_flags(bio);
+
+ if (!bio->init || buf == NULL || num == 0)
+ return 0;
+
+ b = bio->ptr;
+ assert(b != NULL);
+ assert(b->peer != NULL);
+ assert(b->buf != NULL);
+
+ b->request = 0;
+ if (b->closed) {
+ /* we already closed */
+ BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
+ return -1;
+ }
+
+ assert(b->len <= b->size);
+
+ if (b->len == b->size) {
+ BIO_set_retry_write(bio); /* buffer is full */
+ return -1;
+ }
+
+ /* we can write */
+ if (num > b->size - b->len)
+ num = b->size - b->len;
+
+ /* now write "num" bytes */
+
+ rest = num;
+
+ assert(rest > 0);
+ do { /* one or two iterations */
+ size_t write_offset;
+ size_t chunk;
+
+ assert(b->len + rest <= b->size);
+
+ write_offset = b->offset + b->len;
+ if (write_offset >= b->size)
+ write_offset -= b->size;
+ /* b->buf[write_offset] is the first byte we can write to. */
+
+ if (write_offset + rest <= b->size)
+ chunk = rest;
+ else
+ /* wrap around ring buffer */
+ chunk = b->size - write_offset;
+
+ memcpy(b->buf + write_offset, buf, chunk);
+
+ b->len += chunk;
+
+ assert(b->len <= b->size);
+
+ rest -= chunk;
+ buf += chunk;
+ }
+ while (rest);
+
+ return num;
+}
+
+/*-
+ * non-copying interface: provide pointer to region to write to
+ * bio_nwrite0: check how much space is available
+ * bio_nwrite: also increase length
+ * (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
+ * or just bio_nwrite(), write to buffer)
+ */
+static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
+{
+ struct bio_bio_st *b;
+ size_t num;
+ size_t write_offset;
+
+ BIO_clear_retry_flags(bio);
+
+ if (!bio->init)
+ return 0;
+
+ b = bio->ptr;
+ assert(b != NULL);
+ assert(b->peer != NULL);
+ assert(b->buf != NULL);
+
+ b->request = 0;
+ if (b->closed) {
+ BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
+ return -1;
+ }
+
+ assert(b->len <= b->size);
+
+ if (b->len == b->size) {
+ BIO_set_retry_write(bio);
+ return -1;
+ }
+
+ num = b->size - b->len;
+ write_offset = b->offset + b->len;
+ if (write_offset >= b->size)
+ write_offset -= b->size;
+ if (write_offset + num > b->size)
+ /*
+ * no ring buffer wrap-around for non-copying interface (to fulfil
+ * the promise by BIO_ctrl_get_write_guarantee, BIO_nwrite may have
+ * to be called twice)
+ */
+ num = b->size - write_offset;
+
+ if (buf != NULL)
+ *buf = b->buf + write_offset;
+ assert(write_offset + num <= b->size);
+
+ return num;
+}
+
+static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
+{
+ struct bio_bio_st *b;
+ ossl_ssize_t num, space;
+
+ if (num_ > SSIZE_MAX)
+ num = SSIZE_MAX;
+ else
+ num = (ossl_ssize_t) num_;
+
+ space = bio_nwrite0(bio, buf);
+ if (num > space)
+ num = space;
+ if (num <= 0)
+ return num;
+ b = bio->ptr;
+ assert(b != NULL);
+ b->len += num;
+ assert(b->len <= b->size);
+
+ return num;
+}
+
+static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
+{
+ long ret;
+ struct bio_bio_st *b = bio->ptr;
+
+ assert(b != NULL);
+
+ switch (cmd) {
+ /* specific CTRL codes */
+
+ case BIO_C_SET_WRITE_BUF_SIZE:
+ if (b->peer) {
+ BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
+ ret = 0;
+ } else if (num == 0) {
+ BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
+ ret = 0;
+ } else {
+ size_t new_size = num;
+
+ if (b->size != new_size) {
+ if (b->buf) {
+ OPENSSL_free(b->buf);
+ b->buf = NULL;
+ }
+ b->size = new_size;
+ }
+ ret = 1;
+ }
+ break;
+
+ case BIO_C_GET_WRITE_BUF_SIZE:
+ ret = (long)b->size;
+ break;
+
+ case BIO_C_MAKE_BIO_PAIR:
+ {
+ BIO *other_bio = ptr;
+
+ if (bio_make_pair(bio, other_bio))
+ ret = 1;
+ else
+ ret = 0;
+ }
+ break;
+
+ case BIO_C_DESTROY_BIO_PAIR:
+ /*
+ * Affects both BIOs in the pair -- call just once! Or let
+ * BIO_free(bio1); BIO_free(bio2); do the job.
+ */
+ bio_destroy_pair(bio);
+ ret = 1;
+ break;
+
+ case BIO_C_GET_WRITE_GUARANTEE:
+ /*
+ * How many bytes can the caller feed to the next write without
+ * having to keep any?
+ */
+ if (b->peer == NULL || b->closed)
+ ret = 0;
+ else
+ ret = (long)b->size - b->len;
+ break;
+
+ case BIO_C_GET_READ_REQUEST:
+ /*
+ * If the peer unsuccessfully tried to read, how many bytes were
+ * requested? (As with BIO_CTRL_PENDING, that number can usually be
+ * treated as boolean.)
+ */
+ ret = (long)b->request;
+ break;
+
+ case BIO_C_RESET_READ_REQUEST:
+ /*
+ * Reset request. (Can be useful after read attempts at the other
+ * side that are meant to be non-blocking, e.g. when probing SSL_read
+ * to see if any data is available.)
+ */
+ b->request = 0;
+ ret = 1;
+ break;
+
+ case BIO_C_SHUTDOWN_WR:
+ /* similar to shutdown(..., SHUT_WR) */
+ b->closed = 1;
+ ret = 1;
+ break;
+
+ case BIO_C_NREAD0:
+ /* prepare for non-copying read */
+ ret = (long)bio_nread0(bio, ptr);
+ break;
+
+ case BIO_C_NREAD:
+ /* non-copying read */
+ ret = (long)bio_nread(bio, ptr, (size_t)num);
+ break;
+
+ case BIO_C_NWRITE0:
+ /* prepare for non-copying write */
+ ret = (long)bio_nwrite0(bio, ptr);
+ break;
+
+ case BIO_C_NWRITE:
+ /* non-copying write */
+ ret = (long)bio_nwrite(bio, ptr, (size_t)num);
+ break;
+
+ /* standard CTRL codes follow */
+
+ case BIO_CTRL_RESET:
+ if (b->buf != NULL) {
+ b->len = 0;
+ b->offset = 0;
+ }
+ ret = 0;
+ break;
+
+ case BIO_CTRL_GET_CLOSE:
+ ret = bio->shutdown;
+ break;
+
+ case BIO_CTRL_SET_CLOSE:
+ bio->shutdown = (int)num;
+ ret = 1;
+ break;
+
+ case BIO_CTRL_PENDING:
+ if (b->peer != NULL) {
+ struct bio_bio_st *peer_b = b->peer->ptr;
+
+ ret = (long)peer_b->len;
+ } else
+ ret = 0;
+ break;
+
+ case BIO_CTRL_WPENDING:
+ if (b->buf != NULL)
+ ret = (long)b->len;
+ else
+ ret = 0;
+ break;
+
+ case BIO_CTRL_DUP:
+ /* See BIO_dup_chain for circumstances we have to expect. */
+ {
+ BIO *other_bio = ptr;
+ struct bio_bio_st *other_b;
+
+ assert(other_bio != NULL);
+ other_b = other_bio->ptr;
+ assert(other_b != NULL);
+
+ assert(other_b->buf == NULL); /* other_bio is always fresh */
+
+ other_b->size = b->size;
+ }
+
+ ret = 1;
+ break;
+
+ case BIO_CTRL_FLUSH:
+ ret = 1;
+ break;
+
+ case BIO_CTRL_EOF:
+ {
+ BIO *other_bio = ptr;
+
+ if (other_bio) {
+ struct bio_bio_st *other_b = other_bio->ptr;
+
+ assert(other_b != NULL);
+ ret = other_b->len == 0 && other_b->closed;
+ } else
+ ret = 1;
+ }
+ break;
+
+ default:
+ ret = 0;
+ }
+ return ret;
+}
+
+static int bio_puts(BIO *bio, const char *str)
+{
+ return bio_write(bio, str, strlen(str));
+}
+
+static int bio_make_pair(BIO *bio1, BIO *bio2)
+{
+ struct bio_bio_st *b1, *b2;
+
+ assert(bio1 != NULL);
+ assert(bio2 != NULL);
+
+ b1 = bio1->ptr;
+ b2 = bio2->ptr;
+
+ if (b1->peer != NULL || b2->peer != NULL) {
+ BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
+ return 0;
+ }
+
+ if (b1->buf == NULL) {
+ b1->buf = OPENSSL_malloc(b1->size);
+ if (b1->buf == NULL) {
+ BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ b1->len = 0;
+ b1->offset = 0;
+ }
+
+ if (b2->buf == NULL) {
+ b2->buf = OPENSSL_malloc(b2->size);
+ if (b2->buf == NULL) {
+ BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ b2->len = 0;
+ b2->offset = 0;
+ }
+
+ b1->peer = bio2;
+ b1->closed = 0;
+ b1->request = 0;
+ b2->peer = bio1;
+ b2->closed = 0;
+ b2->request = 0;
+
+ bio1->init = 1;
+ bio2->init = 1;
+
+ return 1;
+}
+
+static void bio_destroy_pair(BIO *bio)
+{
+ struct bio_bio_st *b = bio->ptr;
+
+ if (b != NULL) {
+ BIO *peer_bio = b->peer;
+
+ if (peer_bio != NULL) {
+ struct bio_bio_st *peer_b = peer_bio->ptr;
+
+ assert(peer_b != NULL);
+ assert(peer_b->peer == bio);
+
+ peer_b->peer = NULL;
+ peer_bio->init = 0;
+ assert(peer_b->buf != NULL);
+ peer_b->len = 0;
+ peer_b->offset = 0;
+
+ b->peer = NULL;
+ bio->init = 0;
+ assert(b->buf != NULL);
+ b->len = 0;
+ b->offset = 0;
+ }
+ }
+}
+
+/* Exported convenience functions */
+int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
+ BIO **bio2_p, size_t writebuf2)
+{
+ BIO *bio1 = NULL, *bio2 = NULL;
+ long r;
+ int ret = 0;
+
+ bio1 = BIO_new(BIO_s_bio());
+ if (bio1 == NULL)
+ goto err;
+ bio2 = BIO_new(BIO_s_bio());
+ if (bio2 == NULL)
+ goto err;
+
+ if (writebuf1) {
+ r = BIO_set_write_buf_size(bio1, writebuf1);
+ if (!r)
+ goto err;
+ }
+ if (writebuf2) {
+ r = BIO_set_write_buf_size(bio2, writebuf2);
+ if (!r)
+ goto err;
+ }
+
+ r = BIO_make_bio_pair(bio1, bio2);
+ if (!r)
+ goto err;
+ ret = 1;
+
+ err:
+ if (ret == 0) {
+ if (bio1) {
+ BIO_free(bio1);
+ bio1 = NULL;
+ }
+ if (bio2) {
+ BIO_free(bio2);
+ bio2 = NULL;
+ }
+ }
+
+ *bio1_p = bio1;
+ *bio2_p = bio2;
+ return ret;
+}
+
+size_t BIO_ctrl_get_write_guarantee(BIO *bio)
+{
+ return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
+}
+
+size_t BIO_ctrl_get_read_request(BIO *bio)
+{
+ return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
+}
+
+int BIO_ctrl_reset_read_request(BIO *bio)
+{
+ return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
+}
+
+/*
+ * BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
+ * (conceivably some other BIOs could allow non-copying reads and writes
+ * too.)
+ */
+int BIO_nread0(BIO *bio, char **buf)
+{
+ long ret;
+
+ if (!bio->init) {
+ BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
+ return -2;
+ }
+
+ ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
+ if (ret > INT_MAX)
+ return INT_MAX;
+ else
+ return (int)ret;
+}
+
+int BIO_nread(BIO *bio, char **buf, int num)
+{
+ int ret;
+
+ if (!bio->init) {
+ BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
+ return -2;
+ }
+
+ ret = (int)BIO_ctrl(bio, BIO_C_NREAD, num, buf);
+ if (ret > 0)
+ bio->num_read += ret;
+ return ret;
+}
+
+int BIO_nwrite0(BIO *bio, char **buf)
+{
+ long ret;
+
+ if (!bio->init) {
+ BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
+ return -2;
+ }
+
+ ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
+ if (ret > INT_MAX)
+ return INT_MAX;
+ else
+ return (int)ret;
+}
+
+int BIO_nwrite(BIO *bio, char **buf, int num)
+{
+ int ret;
+
+ if (!bio->init) {
+ BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
+ return -2;
+ }
+
+ ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
+ if (ret > 0)
+ bio->num_write += ret;
+ return ret;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bss_conn.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,603 +0,0 @@
-/* crypto/bio/bss_conn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifndef OPENSSL_NO_SOCK
-
-# ifdef OPENSSL_SYS_WIN16
-# define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-# else
-# define SOCKET_PROTOCOL IPPROTO_TCP
-# endif
-
-# if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-# undef FIONBIO
-# endif
-
-typedef struct bio_connect_st {
- int state;
- char *param_hostname;
- char *param_port;
- int nbio;
- unsigned char ip[4];
- unsigned short port;
- struct sockaddr_in them;
- /*
- * int socket; this will be kept in bio->num so that it is compatible
- * with the bss_sock bio
- */
- /*
- * called when the connection is initially made callback(BIO,state,ret);
- * The callback should return 'ret'. state is for compatibility with the
- * ssl info_callback
- */
- int (*info_callback) (const BIO *bio, int state, int ret);
-} BIO_CONNECT;
-
-static int conn_write(BIO *h, const char *buf, int num);
-static int conn_read(BIO *h, char *buf, int size);
-static int conn_puts(BIO *h, const char *str);
-static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int conn_new(BIO *h);
-static int conn_free(BIO *data);
-static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
-
-static int conn_state(BIO *b, BIO_CONNECT *c);
-static void conn_close_socket(BIO *data);
-BIO_CONNECT *BIO_CONNECT_new(void);
-void BIO_CONNECT_free(BIO_CONNECT *a);
-
-static BIO_METHOD methods_connectp = {
- BIO_TYPE_CONNECT,
- "socket connect",
- conn_write,
- conn_read,
- conn_puts,
- NULL, /* connect_gets, */
- conn_ctrl,
- conn_new,
- conn_free,
- conn_callback_ctrl,
-};
-
-static int conn_state(BIO *b, BIO_CONNECT *c)
-{
- int ret = -1, i;
- unsigned long l;
- char *p, *q;
- int (*cb) (const BIO *, int, int) = NULL;
-
- if (c->info_callback != NULL)
- cb = c->info_callback;
-
- for (;;) {
- switch (c->state) {
- case BIO_CONN_S_BEFORE:
- p = c->param_hostname;
- if (p == NULL) {
- BIOerr(BIO_F_CONN_STATE, BIO_R_NO_HOSTNAME_SPECIFIED);
- goto exit_loop;
- }
- for (; *p != '\0'; p++) {
- if ((*p == ':') || (*p == '/'))
- break;
- }
-
- i = *p;
- if ((i == ':') || (i == '/')) {
-
- *(p++) = '\0';
- if (i == ':') {
- for (q = p; *q; q++)
- if (*q == '/') {
- *q = '\0';
- break;
- }
- if (c->param_port != NULL)
- OPENSSL_free(c->param_port);
- c->param_port = BUF_strdup(p);
- }
- }
-
- if (c->param_port == NULL) {
- BIOerr(BIO_F_CONN_STATE, BIO_R_NO_PORT_SPECIFIED);
- ERR_add_error_data(2, "host=", c->param_hostname);
- goto exit_loop;
- }
- c->state = BIO_CONN_S_GET_IP;
- break;
-
- case BIO_CONN_S_GET_IP:
- if (BIO_get_host_ip(c->param_hostname, &(c->ip[0])) <= 0)
- goto exit_loop;
- c->state = BIO_CONN_S_GET_PORT;
- break;
-
- case BIO_CONN_S_GET_PORT:
- if (c->param_port == NULL) {
- /* abort(); */
- goto exit_loop;
- } else if (BIO_get_port(c->param_port, &c->port) <= 0)
- goto exit_loop;
- c->state = BIO_CONN_S_CREATE_SOCKET;
- break;
-
- case BIO_CONN_S_CREATE_SOCKET:
- /* now setup address */
- memset((char *)&c->them, 0, sizeof(c->them));
- c->them.sin_family = AF_INET;
- c->them.sin_port = htons((unsigned short)c->port);
- l = (unsigned long)
- ((unsigned long)c->ip[0] << 24L) |
- ((unsigned long)c->ip[1] << 16L) |
- ((unsigned long)c->ip[2] << 8L) | ((unsigned long)c->ip[3]);
- c->them.sin_addr.s_addr = htonl(l);
- c->state = BIO_CONN_S_CREATE_SOCKET;
-
- ret = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
- if (ret == INVALID_SOCKET) {
- SYSerr(SYS_F_SOCKET, get_last_socket_error());
- ERR_add_error_data(4, "host=", c->param_hostname,
- ":", c->param_port);
- BIOerr(BIO_F_CONN_STATE, BIO_R_UNABLE_TO_CREATE_SOCKET);
- goto exit_loop;
- }
- b->num = ret;
- c->state = BIO_CONN_S_NBIO;
- break;
-
- case BIO_CONN_S_NBIO:
- if (c->nbio) {
- if (!BIO_socket_nbio(b->num, 1)) {
- BIOerr(BIO_F_CONN_STATE, BIO_R_ERROR_SETTING_NBIO);
- ERR_add_error_data(4, "host=",
- c->param_hostname, ":", c->param_port);
- goto exit_loop;
- }
- }
- c->state = BIO_CONN_S_CONNECT;
-
-# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
- i = 1;
- i = setsockopt(b->num, SOL_SOCKET, SO_KEEPALIVE, (char *)&i,
- sizeof(i));
- if (i < 0) {
- SYSerr(SYS_F_SOCKET, get_last_socket_error());
- ERR_add_error_data(4, "host=", c->param_hostname,
- ":", c->param_port);
- BIOerr(BIO_F_CONN_STATE, BIO_R_KEEPALIVE);
- goto exit_loop;
- }
-# endif
- break;
-
- case BIO_CONN_S_CONNECT:
- BIO_clear_retry_flags(b);
- ret = connect(b->num,
- (struct sockaddr *)&c->them, sizeof(c->them));
- b->retry_reason = 0;
- if (ret < 0) {
- if (BIO_sock_should_retry(ret)) {
- BIO_set_retry_special(b);
- c->state = BIO_CONN_S_BLOCKED_CONNECT;
- b->retry_reason = BIO_RR_CONNECT;
- } else {
- SYSerr(SYS_F_CONNECT, get_last_socket_error());
- ERR_add_error_data(4, "host=",
- c->param_hostname, ":", c->param_port);
- BIOerr(BIO_F_CONN_STATE, BIO_R_CONNECT_ERROR);
- }
- goto exit_loop;
- } else
- c->state = BIO_CONN_S_OK;
- break;
-
- case BIO_CONN_S_BLOCKED_CONNECT:
- i = BIO_sock_error(b->num);
- if (i) {
- BIO_clear_retry_flags(b);
- SYSerr(SYS_F_CONNECT, i);
- ERR_add_error_data(4, "host=",
- c->param_hostname, ":", c->param_port);
- BIOerr(BIO_F_CONN_STATE, BIO_R_NBIO_CONNECT_ERROR);
- ret = 0;
- goto exit_loop;
- } else
- c->state = BIO_CONN_S_OK;
- break;
-
- case BIO_CONN_S_OK:
- ret = 1;
- goto exit_loop;
- default:
- /* abort(); */
- goto exit_loop;
- }
-
- if (cb != NULL) {
- if (!(ret = cb((BIO *)b, c->state, ret)))
- goto end;
- }
- }
-
- /* Loop does not exit */
- exit_loop:
- if (cb != NULL)
- ret = cb((BIO *)b, c->state, ret);
- end:
- return (ret);
-}
-
-BIO_CONNECT *BIO_CONNECT_new(void)
-{
- BIO_CONNECT *ret;
-
- if ((ret = (BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
- return (NULL);
- ret->state = BIO_CONN_S_BEFORE;
- ret->param_hostname = NULL;
- ret->param_port = NULL;
- ret->info_callback = NULL;
- ret->nbio = 0;
- ret->ip[0] = 0;
- ret->ip[1] = 0;
- ret->ip[2] = 0;
- ret->ip[3] = 0;
- ret->port = 0;
- memset((char *)&ret->them, 0, sizeof(ret->them));
- return (ret);
-}
-
-void BIO_CONNECT_free(BIO_CONNECT *a)
-{
- if (a == NULL)
- return;
-
- if (a->param_hostname != NULL)
- OPENSSL_free(a->param_hostname);
- if (a->param_port != NULL)
- OPENSSL_free(a->param_port);
- OPENSSL_free(a);
-}
-
-BIO_METHOD *BIO_s_connect(void)
-{
- return (&methods_connectp);
-}
-
-static int conn_new(BIO *bi)
-{
- bi->init = 0;
- bi->num = INVALID_SOCKET;
- bi->flags = 0;
- if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
- return (0);
- else
- return (1);
-}
-
-static void conn_close_socket(BIO *bio)
-{
- BIO_CONNECT *c;
-
- c = (BIO_CONNECT *)bio->ptr;
- if (bio->num != INVALID_SOCKET) {
- /* Only do a shutdown if things were established */
- if (c->state == BIO_CONN_S_OK)
- shutdown(bio->num, 2);
- closesocket(bio->num);
- bio->num = INVALID_SOCKET;
- }
-}
-
-static int conn_free(BIO *a)
-{
- BIO_CONNECT *data;
-
- if (a == NULL)
- return (0);
- data = (BIO_CONNECT *)a->ptr;
-
- if (a->shutdown) {
- conn_close_socket(a);
- BIO_CONNECT_free(data);
- a->ptr = NULL;
- a->flags = 0;
- a->init = 0;
- }
- return (1);
-}
-
-static int conn_read(BIO *b, char *out, int outl)
-{
- int ret = 0;
- BIO_CONNECT *data;
-
- data = (BIO_CONNECT *)b->ptr;
- if (data->state != BIO_CONN_S_OK) {
- ret = conn_state(b, data);
- if (ret <= 0)
- return (ret);
- }
-
- if (out != NULL) {
- clear_socket_error();
- ret = readsocket(b->num, out, outl);
- BIO_clear_retry_flags(b);
- if (ret <= 0) {
- if (BIO_sock_should_retry(ret))
- BIO_set_retry_read(b);
- }
- }
- return (ret);
-}
-
-static int conn_write(BIO *b, const char *in, int inl)
-{
- int ret;
- BIO_CONNECT *data;
-
- data = (BIO_CONNECT *)b->ptr;
- if (data->state != BIO_CONN_S_OK) {
- ret = conn_state(b, data);
- if (ret <= 0)
- return (ret);
- }
-
- clear_socket_error();
- ret = writesocket(b->num, in, inl);
- BIO_clear_retry_flags(b);
- if (ret <= 0) {
- if (BIO_sock_should_retry(ret))
- BIO_set_retry_write(b);
- }
- return (ret);
-}
-
-static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
- BIO *dbio;
- int *ip;
- const char **pptr;
- long ret = 1;
- BIO_CONNECT *data;
-
- data = (BIO_CONNECT *)b->ptr;
-
- switch (cmd) {
- case BIO_CTRL_RESET:
- ret = 0;
- data->state = BIO_CONN_S_BEFORE;
- conn_close_socket(b);
- b->flags = 0;
- break;
- case BIO_C_DO_STATE_MACHINE:
- /* use this one to start the connection */
- if (data->state != BIO_CONN_S_OK)
- ret = (long)conn_state(b, data);
- else
- ret = 1;
- break;
- case BIO_C_GET_CONNECT:
- if (ptr != NULL) {
- pptr = (const char **)ptr;
- if (num == 0) {
- *pptr = data->param_hostname;
-
- } else if (num == 1) {
- *pptr = data->param_port;
- } else if (num == 2) {
- *pptr = (char *)&(data->ip[0]);
- } else if (num == 3) {
- *((int *)ptr) = data->port;
- }
- if ((!b->init) || (ptr == NULL))
- *pptr = "not initialized";
- ret = 1;
- }
- break;
- case BIO_C_SET_CONNECT:
- if (ptr != NULL) {
- b->init = 1;
- if (num == 0) {
- if (data->param_hostname != NULL)
- OPENSSL_free(data->param_hostname);
- data->param_hostname = BUF_strdup(ptr);
- } else if (num == 1) {
- if (data->param_port != NULL)
- OPENSSL_free(data->param_port);
- data->param_port = BUF_strdup(ptr);
- } else if (num == 2) {
- char buf[16];
- unsigned char *p = ptr;
-
- BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
- p[0], p[1], p[2], p[3]);
- if (data->param_hostname != NULL)
- OPENSSL_free(data->param_hostname);
- data->param_hostname = BUF_strdup(buf);
- memcpy(&(data->ip[0]), ptr, 4);
- } else if (num == 3) {
- char buf[DECIMAL_SIZE(int) + 1];
-
- BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
- if (data->param_port != NULL)
- OPENSSL_free(data->param_port);
- data->param_port = BUF_strdup(buf);
- data->port = *(int *)ptr;
- }
- }
- break;
- case BIO_C_SET_NBIO:
- data->nbio = (int)num;
- break;
- case BIO_C_GET_FD:
- if (b->init) {
- ip = (int *)ptr;
- if (ip != NULL)
- *ip = b->num;
- ret = b->num;
- } else
- ret = -1;
- break;
- case BIO_CTRL_GET_CLOSE:
- ret = b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown = (int)num;
- break;
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- ret = 0;
- break;
- case BIO_CTRL_FLUSH:
- break;
- case BIO_CTRL_DUP:
- {
- dbio = (BIO *)ptr;
- if (data->param_port)
- BIO_set_conn_port(dbio, data->param_port);
- if (data->param_hostname)
- BIO_set_conn_hostname(dbio, data->param_hostname);
- BIO_set_nbio(dbio, data->nbio);
- /*
- * FIXME: the cast of the function seems unlikely to be a good
- * idea
- */
- (void)BIO_set_info_callback(dbio,
- (bio_info_cb *)data->info_callback);
- }
- break;
- case BIO_CTRL_SET_CALLBACK:
- {
-# if 0 /* FIXME: Should this be used? -- Richard
- * Levitte */
- BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- ret = -1;
-# else
- ret = 0;
-# endif
- }
- break;
- case BIO_CTRL_GET_CALLBACK:
- {
- int (**fptr) (const BIO *bio, int state, int xret);
-
- fptr = (int (**)(const BIO *bio, int state, int xret))ptr;
- *fptr = data->info_callback;
- }
- break;
- default:
- ret = 0;
- break;
- }
- return (ret);
-}
-
-static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
- long ret = 1;
- BIO_CONNECT *data;
-
- data = (BIO_CONNECT *)b->ptr;
-
- switch (cmd) {
- case BIO_CTRL_SET_CALLBACK:
- {
- data->info_callback =
- (int (*)(const struct bio_st *, int, int))fp;
- }
- break;
- default:
- ret = 0;
- break;
- }
- return (ret);
-}
-
-static int conn_puts(BIO *bp, const char *str)
-{
- int n, ret;
-
- n = strlen(str);
- ret = conn_write(bp, str, n);
- return (ret);
-}
-
-BIO *BIO_new_connect(char *str)
-{
- BIO *ret;
-
- ret = BIO_new(BIO_s_connect());
- if (ret == NULL)
- return (NULL);
- if (BIO_set_conn_hostname(ret, str))
- return (ret);
- else {
- BIO_free(ret);
- return (NULL);
- }
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bio/bss_conn.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bss_conn.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,612 @@
+/* crypto/bio/bss_conn.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+#ifndef OPENSSL_NO_SOCK
+
+# ifdef OPENSSL_SYS_WIN16
+# define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+# else
+# define SOCKET_PROTOCOL IPPROTO_TCP
+# endif
+
+# if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
+/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
+# undef FIONBIO
+# endif
+
+typedef struct bio_connect_st {
+ int state;
+ char *param_hostname;
+ char *param_port;
+ int nbio;
+ unsigned char ip[4];
+ unsigned short port;
+ struct sockaddr_in them;
+ /*
+ * int socket; this will be kept in bio->num so that it is compatible
+ * with the bss_sock bio
+ */
+ /*
+ * called when the connection is initially made callback(BIO,state,ret);
+ * The callback should return 'ret'. state is for compatibility with the
+ * ssl info_callback
+ */
+ int (*info_callback) (const BIO *bio, int state, int ret);
+} BIO_CONNECT;
+
+static int conn_write(BIO *h, const char *buf, int num);
+static int conn_read(BIO *h, char *buf, int size);
+static int conn_puts(BIO *h, const char *str);
+static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int conn_new(BIO *h);
+static int conn_free(BIO *data);
+static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
+
+static int conn_state(BIO *b, BIO_CONNECT *c);
+static void conn_close_socket(BIO *data);
+BIO_CONNECT *BIO_CONNECT_new(void);
+void BIO_CONNECT_free(BIO_CONNECT *a);
+
+static BIO_METHOD methods_connectp = {
+ BIO_TYPE_CONNECT,
+ "socket connect",
+ conn_write,
+ conn_read,
+ conn_puts,
+ NULL, /* connect_gets, */
+ conn_ctrl,
+ conn_new,
+ conn_free,
+ conn_callback_ctrl,
+};
+
+static int conn_state(BIO *b, BIO_CONNECT *c)
+{
+ int ret = -1, i;
+ unsigned long l;
+ char *p, *q;
+ int (*cb) (const BIO *, int, int) = NULL;
+
+ if (c->info_callback != NULL)
+ cb = c->info_callback;
+
+ for (;;) {
+ switch (c->state) {
+ case BIO_CONN_S_BEFORE:
+ p = c->param_hostname;
+ if (p == NULL) {
+ BIOerr(BIO_F_CONN_STATE, BIO_R_NO_HOSTNAME_SPECIFIED);
+ goto exit_loop;
+ }
+ for (; *p != '\0'; p++) {
+ if ((*p == ':') || (*p == '/'))
+ break;
+ }
+
+ i = *p;
+ if ((i == ':') || (i == '/')) {
+
+ *(p++) = '\0';
+ if (i == ':') {
+ for (q = p; *q; q++)
+ if (*q == '/') {
+ *q = '\0';
+ break;
+ }
+ if (c->param_port != NULL)
+ OPENSSL_free(c->param_port);
+ c->param_port = BUF_strdup(p);
+ }
+ }
+
+ if (c->param_port == NULL) {
+ BIOerr(BIO_F_CONN_STATE, BIO_R_NO_PORT_SPECIFIED);
+ ERR_add_error_data(2, "host=", c->param_hostname);
+ goto exit_loop;
+ }
+ c->state = BIO_CONN_S_GET_IP;
+ break;
+
+ case BIO_CONN_S_GET_IP:
+ if (BIO_get_host_ip(c->param_hostname, &(c->ip[0])) <= 0)
+ goto exit_loop;
+ c->state = BIO_CONN_S_GET_PORT;
+ break;
+
+ case BIO_CONN_S_GET_PORT:
+ if (c->param_port == NULL) {
+ /* abort(); */
+ goto exit_loop;
+ } else if (BIO_get_port(c->param_port, &c->port) <= 0)
+ goto exit_loop;
+ c->state = BIO_CONN_S_CREATE_SOCKET;
+ break;
+
+ case BIO_CONN_S_CREATE_SOCKET:
+ /* now setup address */
+ memset((char *)&c->them, 0, sizeof(c->them));
+ c->them.sin_family = AF_INET;
+ c->them.sin_port = htons((unsigned short)c->port);
+ l = (unsigned long)
+ ((unsigned long)c->ip[0] << 24L) |
+ ((unsigned long)c->ip[1] << 16L) |
+ ((unsigned long)c->ip[2] << 8L) | ((unsigned long)c->ip[3]);
+ c->them.sin_addr.s_addr = htonl(l);
+ c->state = BIO_CONN_S_CREATE_SOCKET;
+
+ ret = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+ if (ret == INVALID_SOCKET) {
+ SYSerr(SYS_F_SOCKET, get_last_socket_error());
+ ERR_add_error_data(4, "host=", c->param_hostname,
+ ":", c->param_port);
+ BIOerr(BIO_F_CONN_STATE, BIO_R_UNABLE_TO_CREATE_SOCKET);
+ goto exit_loop;
+ }
+ b->num = ret;
+ c->state = BIO_CONN_S_NBIO;
+ break;
+
+ case BIO_CONN_S_NBIO:
+ if (c->nbio) {
+ if (!BIO_socket_nbio(b->num, 1)) {
+ BIOerr(BIO_F_CONN_STATE, BIO_R_ERROR_SETTING_NBIO);
+ ERR_add_error_data(4, "host=",
+ c->param_hostname, ":", c->param_port);
+ goto exit_loop;
+ }
+ }
+ c->state = BIO_CONN_S_CONNECT;
+
+# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
+ i = 1;
+ i = setsockopt(b->num, SOL_SOCKET, SO_KEEPALIVE, (char *)&i,
+ sizeof(i));
+ if (i < 0) {
+ SYSerr(SYS_F_SOCKET, get_last_socket_error());
+ ERR_add_error_data(4, "host=", c->param_hostname,
+ ":", c->param_port);
+ BIOerr(BIO_F_CONN_STATE, BIO_R_KEEPALIVE);
+ goto exit_loop;
+ }
+# endif
+ break;
+
+ case BIO_CONN_S_CONNECT:
+ BIO_clear_retry_flags(b);
+ ret = connect(b->num,
+ (struct sockaddr *)&c->them, sizeof(c->them));
+ b->retry_reason = 0;
+ if (ret < 0) {
+ if (BIO_sock_should_retry(ret)) {
+ BIO_set_retry_special(b);
+ c->state = BIO_CONN_S_BLOCKED_CONNECT;
+ b->retry_reason = BIO_RR_CONNECT;
+ } else {
+ SYSerr(SYS_F_CONNECT, get_last_socket_error());
+ ERR_add_error_data(4, "host=",
+ c->param_hostname, ":", c->param_port);
+ BIOerr(BIO_F_CONN_STATE, BIO_R_CONNECT_ERROR);
+ }
+ goto exit_loop;
+ } else
+ c->state = BIO_CONN_S_OK;
+ break;
+
+ case BIO_CONN_S_BLOCKED_CONNECT:
+ i = BIO_sock_error(b->num);
+ if (i) {
+ BIO_clear_retry_flags(b);
+ SYSerr(SYS_F_CONNECT, i);
+ ERR_add_error_data(4, "host=",
+ c->param_hostname, ":", c->param_port);
+ BIOerr(BIO_F_CONN_STATE, BIO_R_NBIO_CONNECT_ERROR);
+ ret = 0;
+ goto exit_loop;
+ } else
+ c->state = BIO_CONN_S_OK;
+ break;
+
+ case BIO_CONN_S_OK:
+ ret = 1;
+ goto exit_loop;
+ default:
+ /* abort(); */
+ goto exit_loop;
+ }
+
+ if (cb != NULL) {
+ if (!(ret = cb((BIO *)b, c->state, ret)))
+ goto end;
+ }
+ }
+
+ /* Loop does not exit */
+ exit_loop:
+ if (cb != NULL)
+ ret = cb((BIO *)b, c->state, ret);
+ end:
+ return (ret);
+}
+
+BIO_CONNECT *BIO_CONNECT_new(void)
+{
+ BIO_CONNECT *ret;
+
+ if ((ret = (BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
+ return (NULL);
+ ret->state = BIO_CONN_S_BEFORE;
+ ret->param_hostname = NULL;
+ ret->param_port = NULL;
+ ret->info_callback = NULL;
+ ret->nbio = 0;
+ ret->ip[0] = 0;
+ ret->ip[1] = 0;
+ ret->ip[2] = 0;
+ ret->ip[3] = 0;
+ ret->port = 0;
+ memset((char *)&ret->them, 0, sizeof(ret->them));
+ return (ret);
+}
+
+void BIO_CONNECT_free(BIO_CONNECT *a)
+{
+ if (a == NULL)
+ return;
+
+ if (a->param_hostname != NULL)
+ OPENSSL_free(a->param_hostname);
+ if (a->param_port != NULL)
+ OPENSSL_free(a->param_port);
+ OPENSSL_free(a);
+}
+
+BIO_METHOD *BIO_s_connect(void)
+{
+ return (&methods_connectp);
+}
+
+static int conn_new(BIO *bi)
+{
+ bi->init = 0;
+ bi->num = INVALID_SOCKET;
+ bi->flags = 0;
+ if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
+ return (0);
+ else
+ return (1);
+}
+
+static void conn_close_socket(BIO *bio)
+{
+ BIO_CONNECT *c;
+
+ c = (BIO_CONNECT *)bio->ptr;
+ if (bio->num != INVALID_SOCKET) {
+ /* Only do a shutdown if things were established */
+ if (c->state == BIO_CONN_S_OK)
+ shutdown(bio->num, 2);
+ closesocket(bio->num);
+ bio->num = INVALID_SOCKET;
+ }
+}
+
+static int conn_free(BIO *a)
+{
+ BIO_CONNECT *data;
+
+ if (a == NULL)
+ return (0);
+ data = (BIO_CONNECT *)a->ptr;
+
+ if (a->shutdown) {
+ conn_close_socket(a);
+ BIO_CONNECT_free(data);
+ a->ptr = NULL;
+ a->flags = 0;
+ a->init = 0;
+ }
+ return (1);
+}
+
+static int conn_read(BIO *b, char *out, int outl)
+{
+ int ret = 0;
+ BIO_CONNECT *data;
+
+ data = (BIO_CONNECT *)b->ptr;
+ if (data->state != BIO_CONN_S_OK) {
+ ret = conn_state(b, data);
+ if (ret <= 0)
+ return (ret);
+ }
+
+ if (out != NULL) {
+ clear_socket_error();
+ ret = readsocket(b->num, out, outl);
+ BIO_clear_retry_flags(b);
+ if (ret <= 0) {
+ if (BIO_sock_should_retry(ret))
+ BIO_set_retry_read(b);
+ }
+ }
+ return (ret);
+}
+
+static int conn_write(BIO *b, const char *in, int inl)
+{
+ int ret;
+ BIO_CONNECT *data;
+
+ data = (BIO_CONNECT *)b->ptr;
+ if (data->state != BIO_CONN_S_OK) {
+ ret = conn_state(b, data);
+ if (ret <= 0)
+ return (ret);
+ }
+
+ clear_socket_error();
+ ret = writesocket(b->num, in, inl);
+ BIO_clear_retry_flags(b);
+ if (ret <= 0) {
+ if (BIO_sock_should_retry(ret))
+ BIO_set_retry_write(b);
+ }
+ return (ret);
+}
+
+static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ BIO *dbio;
+ int *ip;
+ const char **pptr = NULL;
+ long ret = 1;
+ BIO_CONNECT *data;
+
+ data = (BIO_CONNECT *)b->ptr;
+
+ switch (cmd) {
+ case BIO_CTRL_RESET:
+ ret = 0;
+ data->state = BIO_CONN_S_BEFORE;
+ conn_close_socket(b);
+ b->flags = 0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ /* use this one to start the connection */
+ if (data->state != BIO_CONN_S_OK)
+ ret = (long)conn_state(b, data);
+ else
+ ret = 1;
+ break;
+ case BIO_C_GET_CONNECT:
+ if (ptr != NULL) {
+ pptr = (const char **)ptr;
+ }
+
+ if (b->init) {
+ if (pptr != NULL) {
+ ret = 1;
+ if (num == 0) {
+ *pptr = data->param_hostname;
+ } else if (num == 1) {
+ *pptr = data->param_port;
+ } else if (num == 2) {
+ *pptr = (char *)&(data->ip[0]);
+ } else {
+ ret = 0;
+ }
+ }
+ if (num == 3) {
+ ret = data->port;
+ }
+ } else {
+ if (pptr != NULL)
+ *pptr = "not initialized";
+ ret = 0;
+ }
+ break;
+ case BIO_C_SET_CONNECT:
+ if (ptr != NULL) {
+ b->init = 1;
+ if (num == 0) {
+ if (data->param_hostname != NULL)
+ OPENSSL_free(data->param_hostname);
+ data->param_hostname = BUF_strdup(ptr);
+ } else if (num == 1) {
+ if (data->param_port != NULL)
+ OPENSSL_free(data->param_port);
+ data->param_port = BUF_strdup(ptr);
+ } else if (num == 2) {
+ char buf[16];
+ unsigned char *p = ptr;
+
+ BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
+ p[0], p[1], p[2], p[3]);
+ if (data->param_hostname != NULL)
+ OPENSSL_free(data->param_hostname);
+ data->param_hostname = BUF_strdup(buf);
+ memcpy(&(data->ip[0]), ptr, 4);
+ } else if (num == 3) {
+ char buf[DECIMAL_SIZE(int) + 1];
+
+ BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
+ if (data->param_port != NULL)
+ OPENSSL_free(data->param_port);
+ data->param_port = BUF_strdup(buf);
+ data->port = *(int *)ptr;
+ }
+ }
+ break;
+ case BIO_C_SET_NBIO:
+ data->nbio = (int)num;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init) {
+ ip = (int *)ptr;
+ if (ip != NULL)
+ *ip = b->num;
+ ret = b->num;
+ } else
+ ret = -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret = b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown = (int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret = 0;
+ break;
+ case BIO_CTRL_FLUSH:
+ break;
+ case BIO_CTRL_DUP:
+ {
+ dbio = (BIO *)ptr;
+ if (data->param_port)
+ BIO_set_conn_port(dbio, data->param_port);
+ if (data->param_hostname)
+ BIO_set_conn_hostname(dbio, data->param_hostname);
+ BIO_set_nbio(dbio, data->nbio);
+ /*
+ * FIXME: the cast of the function seems unlikely to be a good
+ * idea
+ */
+ (void)BIO_set_info_callback(dbio,
+ (bio_info_cb *)data->info_callback);
+ }
+ break;
+ case BIO_CTRL_SET_CALLBACK:
+ {
+# if 0 /* FIXME: Should this be used? -- Richard
+ * Levitte */
+ BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ ret = -1;
+# else
+ ret = 0;
+# endif
+ }
+ break;
+ case BIO_CTRL_GET_CALLBACK:
+ {
+ int (**fptr) (const BIO *bio, int state, int xret);
+
+ fptr = (int (**)(const BIO *bio, int state, int xret))ptr;
+ *fptr = data->info_callback;
+ }
+ break;
+ default:
+ ret = 0;
+ break;
+ }
+ return (ret);
+}
+
+static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+ long ret = 1;
+ BIO_CONNECT *data;
+
+ data = (BIO_CONNECT *)b->ptr;
+
+ switch (cmd) {
+ case BIO_CTRL_SET_CALLBACK:
+ {
+ data->info_callback =
+ (int (*)(const struct bio_st *, int, int))fp;
+ }
+ break;
+ default:
+ ret = 0;
+ break;
+ }
+ return (ret);
+}
+
+static int conn_puts(BIO *bp, const char *str)
+{
+ int n, ret;
+
+ n = strlen(str);
+ ret = conn_write(bp, str, n);
+ return (ret);
+}
+
+BIO *BIO_new_connect(char *str)
+{
+ BIO *ret;
+
+ ret = BIO_new(BIO_s_connect());
+ if (ret == NULL)
+ return (NULL);
+ if (BIO_set_conn_hostname(ret, str))
+ return (ret);
+ else {
+ BIO_free(ret);
+ return (NULL);
+ }
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2013 +0,0 @@
-/* crypto/bio/bio_dgram.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-
-#include <openssl/bio.h>
-#ifndef OPENSSL_NO_DGRAM
-
-# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
-# include <sys/timeb.h>
-# endif
-
-# ifndef OPENSSL_NO_SCTP
-# include <netinet/sctp.h>
-# include <fcntl.h>
-# define OPENSSL_SCTP_DATA_CHUNK_TYPE 0x00
-# define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
-# endif
-
-# if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
-# define IP_MTU 14 /* linux is lame */
-# endif
-
-# if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
-/* Standard definition causes type-punning problems. */
-# undef IN6_IS_ADDR_V4MAPPED
-# define s6_addr32 __u6_addr.__u6_addr32
-# define IN6_IS_ADDR_V4MAPPED(a) \
- (((a)->s6_addr32[0] == 0) && \
- ((a)->s6_addr32[1] == 0) && \
- ((a)->s6_addr32[2] == htonl(0x0000ffff)))
-# endif
-
-# ifdef WATT32
-# define sock_write SockWrite /* Watt-32 uses same names */
-# define sock_read SockRead
-# define sock_puts SockPuts
-# endif
-
-static int dgram_write(BIO *h, const char *buf, int num);
-static int dgram_read(BIO *h, char *buf, int size);
-static int dgram_puts(BIO *h, const char *str);
-static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int dgram_new(BIO *h);
-static int dgram_free(BIO *data);
-static int dgram_clear(BIO *bio);
-
-# ifndef OPENSSL_NO_SCTP
-static int dgram_sctp_write(BIO *h, const char *buf, int num);
-static int dgram_sctp_read(BIO *h, char *buf, int size);
-static int dgram_sctp_puts(BIO *h, const char *str);
-static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int dgram_sctp_new(BIO *h);
-static int dgram_sctp_free(BIO *data);
-# ifdef SCTP_AUTHENTICATION_EVENT
-static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
- *snp);
-# endif
-# endif
-
-static int BIO_dgram_should_retry(int s);
-
-static void get_current_time(struct timeval *t);
-
-static BIO_METHOD methods_dgramp = {
- BIO_TYPE_DGRAM,
- "datagram socket",
- dgram_write,
- dgram_read,
- dgram_puts,
- NULL, /* dgram_gets, */
- dgram_ctrl,
- dgram_new,
- dgram_free,
- NULL,
-};
-
-# ifndef OPENSSL_NO_SCTP
-static BIO_METHOD methods_dgramp_sctp = {
- BIO_TYPE_DGRAM_SCTP,
- "datagram sctp socket",
- dgram_sctp_write,
- dgram_sctp_read,
- dgram_sctp_puts,
- NULL, /* dgram_gets, */
- dgram_sctp_ctrl,
- dgram_sctp_new,
- dgram_sctp_free,
- NULL,
-};
-# endif
-
-typedef struct bio_dgram_data_st {
- union {
- struct sockaddr sa;
- struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
- struct sockaddr_in6 sa_in6;
-# endif
- } peer;
- unsigned int connected;
- unsigned int _errno;
- unsigned int mtu;
- struct timeval next_timeout;
- struct timeval socket_timeout;
-} bio_dgram_data;
-
-# ifndef OPENSSL_NO_SCTP
-typedef struct bio_dgram_sctp_save_message_st {
- BIO *bio;
- char *data;
- int length;
-} bio_dgram_sctp_save_message;
-
-typedef struct bio_dgram_sctp_data_st {
- union {
- struct sockaddr sa;
- struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
- struct sockaddr_in6 sa_in6;
-# endif
- } peer;
- unsigned int connected;
- unsigned int _errno;
- unsigned int mtu;
- struct bio_dgram_sctp_sndinfo sndinfo;
- struct bio_dgram_sctp_rcvinfo rcvinfo;
- struct bio_dgram_sctp_prinfo prinfo;
- void (*handle_notifications) (BIO *bio, void *context, void *buf);
- void *notification_context;
- int in_handshake;
- int ccs_rcvd;
- int ccs_sent;
- int save_shutdown;
- int peer_auth_tested;
- bio_dgram_sctp_save_message saved_message;
-} bio_dgram_sctp_data;
-# endif
-
-BIO_METHOD *BIO_s_datagram(void)
-{
- return (&methods_dgramp);
-}
-
-BIO *BIO_new_dgram(int fd, int close_flag)
-{
- BIO *ret;
-
- ret = BIO_new(BIO_s_datagram());
- if (ret == NULL)
- return (NULL);
- BIO_set_fd(ret, fd, close_flag);
- return (ret);
-}
-
-static int dgram_new(BIO *bi)
-{
- bio_dgram_data *data = NULL;
-
- bi->init = 0;
- bi->num = 0;
- data = OPENSSL_malloc(sizeof(bio_dgram_data));
- if (data == NULL)
- return 0;
- memset(data, 0x00, sizeof(bio_dgram_data));
- bi->ptr = data;
-
- bi->flags = 0;
- return (1);
-}
-
-static int dgram_free(BIO *a)
-{
- bio_dgram_data *data;
-
- if (a == NULL)
- return (0);
- if (!dgram_clear(a))
- return 0;
-
- data = (bio_dgram_data *)a->ptr;
- if (data != NULL)
- OPENSSL_free(data);
-
- return (1);
-}
-
-static int dgram_clear(BIO *a)
-{
- if (a == NULL)
- return (0);
- if (a->shutdown) {
- if (a->init) {
- SHUTDOWN2(a->num);
- }
- a->init = 0;
- a->flags = 0;
- }
- return (1);
-}
-
-static void dgram_adjust_rcv_timeout(BIO *b)
-{
-# if defined(SO_RCVTIMEO)
- bio_dgram_data *data = (bio_dgram_data *)b->ptr;
- union {
- size_t s;
- int i;
- } sz = {
- 0
- };
-
- /* Is a timer active? */
- if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
- struct timeval timenow, timeleft;
-
- /* Read current socket timeout */
-# ifdef OPENSSL_SYS_WINDOWS
- int timeout;
-
- sz.i = sizeof(timeout);
- if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, &sz.i) < 0) {
- perror("getsockopt");
- } else {
- data->socket_timeout.tv_sec = timeout / 1000;
- data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
- }
-# else
- sz.i = sizeof(data->socket_timeout);
- if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- &(data->socket_timeout), (void *)&sz) < 0) {
- perror("getsockopt");
- } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0)
- OPENSSL_assert(sz.s <= sizeof(data->socket_timeout));
-# endif
-
- /* Get current time */
- get_current_time(&timenow);
-
- /* Calculate time left until timer expires */
- memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
- if (timeleft.tv_usec < timenow.tv_usec) {
- timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
- timeleft.tv_sec--;
- } else {
- timeleft.tv_usec -= timenow.tv_usec;
- }
- if (timeleft.tv_sec < timenow.tv_sec) {
- timeleft.tv_sec = 0;
- timeleft.tv_usec = 1;
- } else {
- timeleft.tv_sec -= timenow.tv_sec;
- }
-
- /*
- * Adjust socket timeout if next handhake message timer will expire
- * earlier.
- */
- if ((data->socket_timeout.tv_sec == 0
- && data->socket_timeout.tv_usec == 0)
- || (data->socket_timeout.tv_sec > timeleft.tv_sec)
- || (data->socket_timeout.tv_sec == timeleft.tv_sec
- && data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
-# ifdef OPENSSL_SYS_WINDOWS
- timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
- if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, sizeof(timeout)) < 0) {
- perror("setsockopt");
- }
-# else
- if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
- sizeof(struct timeval)) < 0) {
- perror("setsockopt");
- }
-# endif
- }
- }
-# endif
-}
-
-static void dgram_reset_rcv_timeout(BIO *b)
-{
-# if defined(SO_RCVTIMEO)
- bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
- /* Is a timer active? */
- if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
-# ifdef OPENSSL_SYS_WINDOWS
- int timeout = data->socket_timeout.tv_sec * 1000 +
- data->socket_timeout.tv_usec / 1000;
- if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, sizeof(timeout)) < 0) {
- perror("setsockopt");
- }
-# else
- if (setsockopt
- (b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
- sizeof(struct timeval)) < 0) {
- perror("setsockopt");
- }
-# endif
- }
-# endif
-}
-
-static int dgram_read(BIO *b, char *out, int outl)
-{
- int ret = 0;
- bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
- struct {
- /*
- * See commentary in b_sock.c. <appro>
- */
- union {
- size_t s;
- int i;
- } len;
- union {
- struct sockaddr sa;
- struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
- struct sockaddr_in6 sa_in6;
-# endif
- } peer;
- } sa;
-
- sa.len.s = 0;
- sa.len.i = sizeof(sa.peer);
-
- if (out != NULL) {
- clear_socket_error();
- memset(&sa.peer, 0x00, sizeof(sa.peer));
- dgram_adjust_rcv_timeout(b);
- ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, (void *)&sa.len);
- if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
- OPENSSL_assert(sa.len.s <= sizeof(sa.peer));
- sa.len.i = (int)sa.len.s;
- }
-
- if (!data->connected && ret >= 0)
- BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
-
- BIO_clear_retry_flags(b);
- if (ret < 0) {
- if (BIO_dgram_should_retry(ret)) {
- BIO_set_retry_read(b);
- data->_errno = get_last_socket_error();
- }
- }
-
- dgram_reset_rcv_timeout(b);
- }
- return (ret);
-}
-
-static int dgram_write(BIO *b, const char *in, int inl)
-{
- int ret;
- bio_dgram_data *data = (bio_dgram_data *)b->ptr;
- clear_socket_error();
-
- if (data->connected)
- ret = writesocket(b->num, in, inl);
- else {
- int peerlen = sizeof(data->peer);
-
- if (data->peer.sa.sa_family == AF_INET)
- peerlen = sizeof(data->peer.sa_in);
-# if OPENSSL_USE_IPV6
- else if (data->peer.sa.sa_family == AF_INET6)
- peerlen = sizeof(data->peer.sa_in6);
-# endif
-# if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
- ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
-# else
- ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
-# endif
- }
-
- BIO_clear_retry_flags(b);
- if (ret <= 0) {
- if (BIO_dgram_should_retry(ret)) {
- BIO_set_retry_write(b);
- data->_errno = get_last_socket_error();
-
-# if 0 /* higher layers are responsible for querying
- * MTU, if necessary */
- if (data->_errno == EMSGSIZE)
- /* retrieve the new MTU */
- BIO_ctrl(b, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
-# endif
- }
- }
- return (ret);
-}
-
-static long dgram_get_mtu_overhead(bio_dgram_data *data)
-{
- long ret;
-
- switch (data->peer.sa.sa_family) {
- case AF_INET:
- /*
- * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
- */
- ret = 28;
- break;
-# if OPENSSL_USE_IPV6
- case AF_INET6:
-# ifdef IN6_IS_ADDR_V4MAPPED
- if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
- /*
- * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
- */
- ret = 28;
- else
-# endif
- /*
- * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
- */
- ret = 48;
- break;
-# endif
- default:
- /* We don't know. Go with the historical default */
- ret = 28;
- break;
- }
- return ret;
-}
-
-static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
- long ret = 1;
- int *ip;
- struct sockaddr *to = NULL;
- bio_dgram_data *data = NULL;
-# if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
- int sockopt_val = 0;
- socklen_t sockopt_len; /* assume that system supporting IP_MTU is
- * modern enough to define socklen_t */
- socklen_t addr_len;
- union {
- struct sockaddr sa;
- struct sockaddr_in s4;
-# if OPENSSL_USE_IPV6
- struct sockaddr_in6 s6;
-# endif
- } addr;
-# endif
-
- data = (bio_dgram_data *)b->ptr;
-
- switch (cmd) {
- case BIO_CTRL_RESET:
- num = 0;
- case BIO_C_FILE_SEEK:
- ret = 0;
- break;
- case BIO_C_FILE_TELL:
- case BIO_CTRL_INFO:
- ret = 0;
- break;
- case BIO_C_SET_FD:
- dgram_clear(b);
- b->num = *((int *)ptr);
- b->shutdown = (int)num;
- b->init = 1;
- break;
- case BIO_C_GET_FD:
- if (b->init) {
- ip = (int *)ptr;
- if (ip != NULL)
- *ip = b->num;
- ret = b->num;
- } else
- ret = -1;
- break;
- case BIO_CTRL_GET_CLOSE:
- ret = b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown = (int)num;
- break;
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- ret = 0;
- break;
- case BIO_CTRL_DUP:
- case BIO_CTRL_FLUSH:
- ret = 1;
- break;
- case BIO_CTRL_DGRAM_CONNECT:
- to = (struct sockaddr *)ptr;
-# if 0
- if (connect(b->num, to, sizeof(struct sockaddr)) < 0) {
- perror("connect");
- ret = 0;
- } else {
-# endif
- switch (to->sa_family) {
- case AF_INET:
- memcpy(&data->peer, to, sizeof(data->peer.sa_in));
- break;
-# if OPENSSL_USE_IPV6
- case AF_INET6:
- memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
- break;
-# endif
- default:
- memcpy(&data->peer, to, sizeof(data->peer.sa));
- break;
- }
-# if 0
- }
-# endif
- break;
- /* (Linux)kernel sets DF bit on outgoing IP packets */
- case BIO_CTRL_DGRAM_MTU_DISCOVER:
-# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
- addr_len = (socklen_t) sizeof(addr);
- memset((void *)&addr, 0, sizeof(addr));
- if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
- ret = 0;
- break;
- }
- switch (addr.sa.sa_family) {
- case AF_INET:
- sockopt_val = IP_PMTUDISC_DO;
- if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
- &sockopt_val, sizeof(sockopt_val))) < 0)
- perror("setsockopt");
- break;
-# if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
- case AF_INET6:
- sockopt_val = IPV6_PMTUDISC_DO;
- if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
- &sockopt_val, sizeof(sockopt_val))) < 0)
- perror("setsockopt");
- break;
-# endif
- default:
- ret = -1;
- break;
- }
- ret = -1;
-# else
- break;
-# endif
- case BIO_CTRL_DGRAM_QUERY_MTU:
-# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
- addr_len = (socklen_t) sizeof(addr);
- memset((void *)&addr, 0, sizeof(addr));
- if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
- ret = 0;
- break;
- }
- sockopt_len = sizeof(sockopt_val);
- switch (addr.sa.sa_family) {
- case AF_INET:
- if ((ret =
- getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
- &sockopt_len)) < 0 || sockopt_val < 0) {
- ret = 0;
- } else {
- /*
- * we assume that the transport protocol is UDP and no IP
- * options are used.
- */
- data->mtu = sockopt_val - 8 - 20;
- ret = data->mtu;
- }
- break;
-# if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
- case AF_INET6:
- if ((ret =
- getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
- (void *)&sockopt_val, &sockopt_len)) < 0
- || sockopt_val < 0) {
- ret = 0;
- } else {
- /*
- * we assume that the transport protocol is UDP and no IPV6
- * options are used.
- */
- data->mtu = sockopt_val - 8 - 40;
- ret = data->mtu;
- }
- break;
-# endif
- default:
- ret = 0;
- break;
- }
-# else
- ret = 0;
-# endif
- break;
- case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
- ret = -dgram_get_mtu_overhead(data);
- switch (data->peer.sa.sa_family) {
- case AF_INET:
- ret += 576;
- break;
-# if OPENSSL_USE_IPV6
- case AF_INET6:
-# ifdef IN6_IS_ADDR_V4MAPPED
- if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
- ret += 576;
- else
-# endif
- ret += 1280;
- break;
-# endif
- default:
- ret += 576;
- break;
- }
- break;
- case BIO_CTRL_DGRAM_GET_MTU:
- return data->mtu;
- break;
- case BIO_CTRL_DGRAM_SET_MTU:
- data->mtu = num;
- ret = num;
- break;
- case BIO_CTRL_DGRAM_SET_CONNECTED:
- to = (struct sockaddr *)ptr;
-
- if (to != NULL) {
- data->connected = 1;
- switch (to->sa_family) {
- case AF_INET:
- memcpy(&data->peer, to, sizeof(data->peer.sa_in));
- break;
-# if OPENSSL_USE_IPV6
- case AF_INET6:
- memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
- break;
-# endif
- default:
- memcpy(&data->peer, to, sizeof(data->peer.sa));
- break;
- }
- } else {
- data->connected = 0;
- memset(&(data->peer), 0x00, sizeof(data->peer));
- }
- break;
- case BIO_CTRL_DGRAM_GET_PEER:
- switch (data->peer.sa.sa_family) {
- case AF_INET:
- ret = sizeof(data->peer.sa_in);
- break;
-# if OPENSSL_USE_IPV6
- case AF_INET6:
- ret = sizeof(data->peer.sa_in6);
- break;
-# endif
- default:
- ret = sizeof(data->peer.sa);
- break;
- }
- if (num == 0 || num > ret)
- num = ret;
- memcpy(ptr, &data->peer, (ret = num));
- break;
- case BIO_CTRL_DGRAM_SET_PEER:
- to = (struct sockaddr *)ptr;
- switch (to->sa_family) {
- case AF_INET:
- memcpy(&data->peer, to, sizeof(data->peer.sa_in));
- break;
-# if OPENSSL_USE_IPV6
- case AF_INET6:
- memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
- break;
-# endif
- default:
- memcpy(&data->peer, to, sizeof(data->peer.sa));
- break;
- }
- break;
- case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
- memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
- break;
-# if defined(SO_RCVTIMEO)
- case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
-# ifdef OPENSSL_SYS_WINDOWS
- {
- struct timeval *tv = (struct timeval *)ptr;
- int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
- if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, sizeof(timeout)) < 0) {
- perror("setsockopt");
- ret = -1;
- }
- }
-# else
- if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
- sizeof(struct timeval)) < 0) {
- perror("setsockopt");
- ret = -1;
- }
-# endif
- break;
- case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
- {
- union {
- size_t s;
- int i;
- } sz = {
- 0
- };
-# ifdef OPENSSL_SYS_WINDOWS
- int timeout;
- struct timeval *tv = (struct timeval *)ptr;
-
- sz.i = sizeof(timeout);
- if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, &sz.i) < 0) {
- perror("getsockopt");
- ret = -1;
- } else {
- tv->tv_sec = timeout / 1000;
- tv->tv_usec = (timeout % 1000) * 1000;
- ret = sizeof(*tv);
- }
-# else
- sz.i = sizeof(struct timeval);
- if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- ptr, (void *)&sz) < 0) {
- perror("getsockopt");
- ret = -1;
- } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
- OPENSSL_assert(sz.s <= sizeof(struct timeval));
- ret = (int)sz.s;
- } else
- ret = sz.i;
-# endif
- }
- break;
-# endif
-# if defined(SO_SNDTIMEO)
- case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
-# ifdef OPENSSL_SYS_WINDOWS
- {
- struct timeval *tv = (struct timeval *)ptr;
- int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
- if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- (void *)&timeout, sizeof(timeout)) < 0) {
- perror("setsockopt");
- ret = -1;
- }
- }
-# else
- if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
- sizeof(struct timeval)) < 0) {
- perror("setsockopt");
- ret = -1;
- }
-# endif
- break;
- case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
- {
- union {
- size_t s;
- int i;
- } sz = {
- 0
- };
-# ifdef OPENSSL_SYS_WINDOWS
- int timeout;
- struct timeval *tv = (struct timeval *)ptr;
-
- sz.i = sizeof(timeout);
- if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- (void *)&timeout, &sz.i) < 0) {
- perror("getsockopt");
- ret = -1;
- } else {
- tv->tv_sec = timeout / 1000;
- tv->tv_usec = (timeout % 1000) * 1000;
- ret = sizeof(*tv);
- }
-# else
- sz.i = sizeof(struct timeval);
- if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- ptr, (void *)&sz) < 0) {
- perror("getsockopt");
- ret = -1;
- } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
- OPENSSL_assert(sz.s <= sizeof(struct timeval));
- ret = (int)sz.s;
- } else
- ret = sz.i;
-# endif
- }
- break;
-# endif
- case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
- /* fall-through */
- case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
-# ifdef OPENSSL_SYS_WINDOWS
- if (data->_errno == WSAETIMEDOUT)
-# else
- if (data->_errno == EAGAIN)
-# endif
- {
- ret = 1;
- data->_errno = 0;
- } else
- ret = 0;
- break;
-# ifdef EMSGSIZE
- case BIO_CTRL_DGRAM_MTU_EXCEEDED:
- if (data->_errno == EMSGSIZE) {
- ret = 1;
- data->_errno = 0;
- } else
- ret = 0;
- break;
-# endif
- case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
- ret = dgram_get_mtu_overhead(data);
- break;
- default:
- ret = 0;
- break;
- }
- return (ret);
-}
-
-static int dgram_puts(BIO *bp, const char *str)
-{
- int n, ret;
-
- n = strlen(str);
- ret = dgram_write(bp, str, n);
- return (ret);
-}
-
-# ifndef OPENSSL_NO_SCTP
-BIO_METHOD *BIO_s_datagram_sctp(void)
-{
- return (&methods_dgramp_sctp);
-}
-
-BIO *BIO_new_dgram_sctp(int fd, int close_flag)
-{
- BIO *bio;
- int ret, optval = 20000;
- int auth_data = 0, auth_forward = 0;
- unsigned char *p;
- struct sctp_authchunk auth;
- struct sctp_authchunks *authchunks;
- socklen_t sockopt_len;
-# ifdef SCTP_AUTHENTICATION_EVENT
-# ifdef SCTP_EVENT
- struct sctp_event event;
-# else
- struct sctp_event_subscribe event;
-# endif
-# endif
-
- bio = BIO_new(BIO_s_datagram_sctp());
- if (bio == NULL)
- return (NULL);
- BIO_set_fd(bio, fd, close_flag);
-
- /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
- auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
- ret =
- setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
- sizeof(struct sctp_authchunk));
- if (ret < 0) {
- BIO_vfree(bio);
- return (NULL);
- }
- auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
- ret =
- setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
- sizeof(struct sctp_authchunk));
- if (ret < 0) {
- BIO_vfree(bio);
- return (NULL);
- }
-
- /*
- * Test if activation was successful. When using accept(), SCTP-AUTH has
- * to be activated for the listening socket already, otherwise the
- * connected socket won't use it.
- */
- sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
- authchunks = OPENSSL_malloc(sockopt_len);
- if (!authchunks) {
- BIO_vfree(bio);
- return (NULL);
- }
- memset(authchunks, 0, sizeof(sockopt_len));
- ret =
- getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
- &sockopt_len);
-
- if (ret < 0) {
- OPENSSL_free(authchunks);
- BIO_vfree(bio);
- return (NULL);
- }
-
- for (p = (unsigned char *)authchunks->gauth_chunks;
- p < (unsigned char *)authchunks + sockopt_len;
- p += sizeof(uint8_t)) {
- if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
- auth_data = 1;
- if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
- auth_forward = 1;
- }
-
- OPENSSL_free(authchunks);
-
- OPENSSL_assert(auth_data);
- OPENSSL_assert(auth_forward);
-
-# ifdef SCTP_AUTHENTICATION_EVENT
-# ifdef SCTP_EVENT
- memset(&event, 0, sizeof(struct sctp_event));
- event.se_assoc_id = 0;
- event.se_type = SCTP_AUTHENTICATION_EVENT;
- event.se_on = 1;
- ret =
- setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
- sizeof(struct sctp_event));
- if (ret < 0) {
- BIO_vfree(bio);
- return (NULL);
- }
-# else
- sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
- ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
- if (ret < 0) {
- BIO_vfree(bio);
- return (NULL);
- }
-
- event.sctp_authentication_event = 1;
-
- ret =
- setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
- sizeof(struct sctp_event_subscribe));
- if (ret < 0) {
- BIO_vfree(bio);
- return (NULL);
- }
-# endif
-# endif
-
- /*
- * Disable partial delivery by setting the min size larger than the max
- * record size of 2^14 + 2048 + 13
- */
- ret =
- setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
- sizeof(optval));
- if (ret < 0) {
- BIO_vfree(bio);
- return (NULL);
- }
-
- return (bio);
-}
-
-int BIO_dgram_is_sctp(BIO *bio)
-{
- return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
-}
-
-static int dgram_sctp_new(BIO *bi)
-{
- bio_dgram_sctp_data *data = NULL;
-
- bi->init = 0;
- bi->num = 0;
- data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
- if (data == NULL)
- return 0;
- memset(data, 0x00, sizeof(bio_dgram_sctp_data));
-# ifdef SCTP_PR_SCTP_NONE
- data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
-# endif
- bi->ptr = data;
-
- bi->flags = 0;
- return (1);
-}
-
-static int dgram_sctp_free(BIO *a)
-{
- bio_dgram_sctp_data *data;
-
- if (a == NULL)
- return (0);
- if (!dgram_clear(a))
- return 0;
-
- data = (bio_dgram_sctp_data *) a->ptr;
- if (data != NULL) {
- if (data->saved_message.data != NULL)
- OPENSSL_free(data->saved_message.data);
- OPENSSL_free(data);
- }
-
- return (1);
-}
-
-# ifdef SCTP_AUTHENTICATION_EVENT
-void dgram_sctp_handle_auth_free_key_event(BIO *b,
- union sctp_notification *snp)
-{
- int ret;
- struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
-
- if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
- struct sctp_authkeyid authkeyid;
-
- /* delete key */
- authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
- ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
- &authkeyid, sizeof(struct sctp_authkeyid));
- }
-}
-# endif
-
-static int dgram_sctp_read(BIO *b, char *out, int outl)
-{
- int ret = 0, n = 0, i, optval;
- socklen_t optlen;
- bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
- union sctp_notification *snp;
- struct msghdr msg;
- struct iovec iov;
- struct cmsghdr *cmsg;
- char cmsgbuf[512];
-
- if (out != NULL) {
- clear_socket_error();
-
- do {
- memset(&data->rcvinfo, 0x00,
- sizeof(struct bio_dgram_sctp_rcvinfo));
- iov.iov_base = out;
- iov.iov_len = outl;
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_control = cmsgbuf;
- msg.msg_controllen = 512;
- msg.msg_flags = 0;
- n = recvmsg(b->num, &msg, 0);
-
- if (n <= 0) {
- if (n < 0)
- ret = n;
- break;
- }
-
- if (msg.msg_controllen > 0) {
- for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
- cmsg = CMSG_NXTHDR(&msg, cmsg)) {
- if (cmsg->cmsg_level != IPPROTO_SCTP)
- continue;
-# ifdef SCTP_RCVINFO
- if (cmsg->cmsg_type == SCTP_RCVINFO) {
- struct sctp_rcvinfo *rcvinfo;
-
- rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
- data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
- data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
- data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
- data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
- data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
- data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
- data->rcvinfo.rcv_context = rcvinfo->rcv_context;
- }
-# endif
-# ifdef SCTP_SNDRCV
- if (cmsg->cmsg_type == SCTP_SNDRCV) {
- struct sctp_sndrcvinfo *sndrcvinfo;
-
- sndrcvinfo =
- (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
- data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
- data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
- data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
- data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
- data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
- data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
- data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
- }
-# endif
- }
- }
-
- if (msg.msg_flags & MSG_NOTIFICATION) {
- snp = (union sctp_notification *)out;
- if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
-# ifdef SCTP_EVENT
- struct sctp_event event;
-# else
- struct sctp_event_subscribe event;
- socklen_t eventsize;
-# endif
- /*
- * If a message has been delayed until the socket is dry,
- * it can be sent now.
- */
- if (data->saved_message.length > 0) {
- dgram_sctp_write(data->saved_message.bio,
- data->saved_message.data,
- data->saved_message.length);
- OPENSSL_free(data->saved_message.data);
- data->saved_message.data = NULL;
- data->saved_message.length = 0;
- }
-
- /* disable sender dry event */
-# ifdef SCTP_EVENT
- memset(&event, 0, sizeof(struct sctp_event));
- event.se_assoc_id = 0;
- event.se_type = SCTP_SENDER_DRY_EVENT;
- event.se_on = 0;
- i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
- sizeof(struct sctp_event));
- if (i < 0) {
- ret = i;
- break;
- }
-# else
- eventsize = sizeof(struct sctp_event_subscribe);
- i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
- &eventsize);
- if (i < 0) {
- ret = i;
- break;
- }
-
- event.sctp_sender_dry_event = 0;
-
- i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
- sizeof(struct sctp_event_subscribe));
- if (i < 0) {
- ret = i;
- break;
- }
-# endif
- }
-# ifdef SCTP_AUTHENTICATION_EVENT
- if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
- dgram_sctp_handle_auth_free_key_event(b, snp);
-# endif
-
- if (data->handle_notifications != NULL)
- data->handle_notifications(b, data->notification_context,
- (void *)out);
-
- memset(out, 0, outl);
- } else
- ret += n;
- }
- while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
- && (ret < outl));
-
- if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
- /* Partial message read, this should never happen! */
-
- /*
- * The buffer was too small, this means the peer sent a message
- * that was larger than allowed.
- */
- if (ret == outl)
- return -1;
-
- /*
- * Test if socket buffer can handle max record size (2^14 + 2048
- * + 13)
- */
- optlen = (socklen_t) sizeof(int);
- ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
- if (ret >= 0)
- OPENSSL_assert(optval >= 18445);
-
- /*
- * Test if SCTP doesn't partially deliver below max record size
- * (2^14 + 2048 + 13)
- */
- optlen = (socklen_t) sizeof(int);
- ret =
- getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
- &optval, &optlen);
- if (ret >= 0)
- OPENSSL_assert(optval >= 18445);
-
- /*
- * Partially delivered notification??? Probably a bug....
- */
- OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
-
- /*
- * Everything seems ok till now, so it's most likely a message
- * dropped by PR-SCTP.
- */
- memset(out, 0, outl);
- BIO_set_retry_read(b);
- return -1;
- }
-
- BIO_clear_retry_flags(b);
- if (ret < 0) {
- if (BIO_dgram_should_retry(ret)) {
- BIO_set_retry_read(b);
- data->_errno = get_last_socket_error();
- }
- }
-
- /* Test if peer uses SCTP-AUTH before continuing */
- if (!data->peer_auth_tested) {
- int ii, auth_data = 0, auth_forward = 0;
- unsigned char *p;
- struct sctp_authchunks *authchunks;
-
- optlen =
- (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
- authchunks = OPENSSL_malloc(optlen);
- if (!authchunks) {
- BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- memset(authchunks, 0, sizeof(optlen));
- ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
- authchunks, &optlen);
-
- if (ii >= 0)
- for (p = (unsigned char *)authchunks->gauth_chunks;
- p < (unsigned char *)authchunks + optlen;
- p += sizeof(uint8_t)) {
- if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
- auth_data = 1;
- if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
- auth_forward = 1;
- }
-
- OPENSSL_free(authchunks);
-
- if (!auth_data || !auth_forward) {
- BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR);
- return -1;
- }
-
- data->peer_auth_tested = 1;
- }
- }
- return (ret);
-}
-
-static int dgram_sctp_write(BIO *b, const char *in, int inl)
-{
- int ret;
- bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
- struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
- struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
- struct bio_dgram_sctp_sndinfo handshake_sinfo;
- struct iovec iov[1];
- struct msghdr msg;
- struct cmsghdr *cmsg;
-# if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
- char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
- CMSG_SPACE(sizeof(struct sctp_prinfo))];
- struct sctp_sndinfo *sndinfo;
- struct sctp_prinfo *prinfo;
-# else
- char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
- struct sctp_sndrcvinfo *sndrcvinfo;
-# endif
-
- clear_socket_error();
-
- /*
- * If we're send anything else than application data, disable all user
- * parameters and flags.
- */
- if (in[0] != 23) {
- memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
-# ifdef SCTP_SACK_IMMEDIATELY
- handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
-# endif
- sinfo = &handshake_sinfo;
- }
-
- /*
- * If we have to send a shutdown alert message and the socket is not dry
- * yet, we have to save it and send it as soon as the socket gets dry.
- */
- if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
- char *tmp;
- data->saved_message.bio = b;
- if (!(tmp = OPENSSL_malloc(inl))) {
- BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- if (data->saved_message.data)
- OPENSSL_free(data->saved_message.data);
- data->saved_message.data = tmp;
- memcpy(data->saved_message.data, in, inl);
- data->saved_message.length = inl;
- return inl;
- }
-
- iov[0].iov_base = (char *)in;
- iov[0].iov_len = inl;
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = iov;
- msg.msg_iovlen = 1;
- msg.msg_control = (caddr_t) cmsgbuf;
- msg.msg_controllen = 0;
- msg.msg_flags = 0;
-# if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
- cmsg = (struct cmsghdr *)cmsgbuf;
- cmsg->cmsg_level = IPPROTO_SCTP;
- cmsg->cmsg_type = SCTP_SNDINFO;
- cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
- sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
- memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
- sndinfo->snd_sid = sinfo->snd_sid;
- sndinfo->snd_flags = sinfo->snd_flags;
- sndinfo->snd_ppid = sinfo->snd_ppid;
- sndinfo->snd_context = sinfo->snd_context;
- msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
-
- cmsg =
- (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
- cmsg->cmsg_level = IPPROTO_SCTP;
- cmsg->cmsg_type = SCTP_PRINFO;
- cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
- prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
- memset(prinfo, 0, sizeof(struct sctp_prinfo));
- prinfo->pr_policy = pinfo->pr_policy;
- prinfo->pr_value = pinfo->pr_value;
- msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
-# else
- cmsg = (struct cmsghdr *)cmsgbuf;
- cmsg->cmsg_level = IPPROTO_SCTP;
- cmsg->cmsg_type = SCTP_SNDRCV;
- cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
- sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
- memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
- sndrcvinfo->sinfo_stream = sinfo->snd_sid;
- sndrcvinfo->sinfo_flags = sinfo->snd_flags;
-# ifdef __FreeBSD__
- sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
-# endif
- sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
- sndrcvinfo->sinfo_context = sinfo->snd_context;
- sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
- msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
-# endif
-
- ret = sendmsg(b->num, &msg, 0);
-
- BIO_clear_retry_flags(b);
- if (ret <= 0) {
- if (BIO_dgram_should_retry(ret)) {
- BIO_set_retry_write(b);
- data->_errno = get_last_socket_error();
- }
- }
- return (ret);
-}
-
-static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
- long ret = 1;
- bio_dgram_sctp_data *data = NULL;
- socklen_t sockopt_len = 0;
- struct sctp_authkeyid authkeyid;
- struct sctp_authkey *authkey = NULL;
-
- data = (bio_dgram_sctp_data *) b->ptr;
-
- switch (cmd) {
- case BIO_CTRL_DGRAM_QUERY_MTU:
- /*
- * Set to maximum (2^14) and ignore user input to enable transport
- * protocol fragmentation. Returns always 2^14.
- */
- data->mtu = 16384;
- ret = data->mtu;
- break;
- case BIO_CTRL_DGRAM_SET_MTU:
- /*
- * Set to maximum (2^14) and ignore input to enable transport
- * protocol fragmentation. Returns always 2^14.
- */
- data->mtu = 16384;
- ret = data->mtu;
- break;
- case BIO_CTRL_DGRAM_SET_CONNECTED:
- case BIO_CTRL_DGRAM_CONNECT:
- /* Returns always -1. */
- ret = -1;
- break;
- case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
- /*
- * SCTP doesn't need the DTLS timer Returns always 1.
- */
- break;
- case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
- /*
- * We allow transport protocol fragmentation so this is irrelevant
- */
- ret = 0;
- break;
- case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
- if (num > 0)
- data->in_handshake = 1;
- else
- data->in_handshake = 0;
-
- ret =
- setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
- &data->in_handshake, sizeof(int));
- break;
- case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
- /*
- * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
- */
-
- /* Get active key */
- sockopt_len = sizeof(struct sctp_authkeyid);
- ret =
- getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
- &sockopt_len);
- if (ret < 0)
- break;
-
- /* Add new key */
- sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
- authkey = OPENSSL_malloc(sockopt_len);
- if (authkey == NULL) {
- ret = -1;
- break;
- }
- memset(authkey, 0x00, sockopt_len);
- authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
-# ifndef __FreeBSD__
- /*
- * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
- * and higher work without it.
- */
- authkey->sca_keylength = 64;
-# endif
- memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
-
- ret =
- setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
- sockopt_len);
- OPENSSL_free(authkey);
- authkey = NULL;
- if (ret < 0)
- break;
-
- /* Reset active key */
- ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
- &authkeyid, sizeof(struct sctp_authkeyid));
- if (ret < 0)
- break;
-
- break;
- case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
- /* Returns 0 on success, -1 otherwise. */
-
- /* Get active key */
- sockopt_len = sizeof(struct sctp_authkeyid);
- ret =
- getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
- &sockopt_len);
- if (ret < 0)
- break;
-
- /* Set active key */
- authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
- ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
- &authkeyid, sizeof(struct sctp_authkeyid));
- if (ret < 0)
- break;
-
- /*
- * CCS has been sent, so remember that and fall through to check if
- * we need to deactivate an old key
- */
- data->ccs_sent = 1;
-
- case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
- /* Returns 0 on success, -1 otherwise. */
-
- /*
- * Has this command really been called or is this just a
- * fall-through?
- */
- if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
- data->ccs_rcvd = 1;
-
- /*
- * CSS has been both, received and sent, so deactivate an old key
- */
- if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
- /* Get active key */
- sockopt_len = sizeof(struct sctp_authkeyid);
- ret =
- getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
- &authkeyid, &sockopt_len);
- if (ret < 0)
- break;
-
- /*
- * Deactivate key or delete second last key if
- * SCTP_AUTHENTICATION_EVENT is not available.
- */
- authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
-# ifdef SCTP_AUTH_DEACTIVATE_KEY
- sockopt_len = sizeof(struct sctp_authkeyid);
- ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
- &authkeyid, sockopt_len);
- if (ret < 0)
- break;
-# endif
-# ifndef SCTP_AUTHENTICATION_EVENT
- if (authkeyid.scact_keynumber > 0) {
- authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
- ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
- &authkeyid, sizeof(struct sctp_authkeyid));
- if (ret < 0)
- break;
- }
-# endif
-
- data->ccs_rcvd = 0;
- data->ccs_sent = 0;
- }
- break;
- case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
- /* Returns the size of the copied struct. */
- if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
- num = sizeof(struct bio_dgram_sctp_sndinfo);
-
- memcpy(ptr, &(data->sndinfo), num);
- ret = num;
- break;
- case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
- /* Returns the size of the copied struct. */
- if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
- num = sizeof(struct bio_dgram_sctp_sndinfo);
-
- memcpy(&(data->sndinfo), ptr, num);
- break;
- case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
- /* Returns the size of the copied struct. */
- if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
- num = sizeof(struct bio_dgram_sctp_rcvinfo);
-
- memcpy(ptr, &data->rcvinfo, num);
-
- ret = num;
- break;
- case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
- /* Returns the size of the copied struct. */
- if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
- num = sizeof(struct bio_dgram_sctp_rcvinfo);
-
- memcpy(&(data->rcvinfo), ptr, num);
- break;
- case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
- /* Returns the size of the copied struct. */
- if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
- num = sizeof(struct bio_dgram_sctp_prinfo);
-
- memcpy(ptr, &(data->prinfo), num);
- ret = num;
- break;
- case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
- /* Returns the size of the copied struct. */
- if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
- num = sizeof(struct bio_dgram_sctp_prinfo);
-
- memcpy(&(data->prinfo), ptr, num);
- break;
- case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
- /* Returns always 1. */
- if (num > 0)
- data->save_shutdown = 1;
- else
- data->save_shutdown = 0;
- break;
-
- default:
- /*
- * Pass to default ctrl function to process SCTP unspecific commands
- */
- ret = dgram_ctrl(b, cmd, num, ptr);
- break;
- }
- return (ret);
-}
-
-int BIO_dgram_sctp_notification_cb(BIO *b,
- void (*handle_notifications) (BIO *bio,
- void
- *context,
- void *buf),
- void *context)
-{
- bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-
- if (handle_notifications != NULL) {
- data->handle_notifications = handle_notifications;
- data->notification_context = context;
- } else
- return -1;
-
- return 0;
-}
-
-int BIO_dgram_sctp_wait_for_dry(BIO *b)
-{
- int is_dry = 0;
- int n, sockflags, ret;
- union sctp_notification snp;
- struct msghdr msg;
- struct iovec iov;
-# ifdef SCTP_EVENT
- struct sctp_event event;
-# else
- struct sctp_event_subscribe event;
- socklen_t eventsize;
-# endif
- bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-
- /* set sender dry event */
-# ifdef SCTP_EVENT
- memset(&event, 0, sizeof(struct sctp_event));
- event.se_assoc_id = 0;
- event.se_type = SCTP_SENDER_DRY_EVENT;
- event.se_on = 1;
- ret =
- setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
- sizeof(struct sctp_event));
-# else
- eventsize = sizeof(struct sctp_event_subscribe);
- ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
- if (ret < 0)
- return -1;
-
- event.sctp_sender_dry_event = 1;
-
- ret =
- setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
- sizeof(struct sctp_event_subscribe));
-# endif
- if (ret < 0)
- return -1;
-
- /* peek for notification */
- memset(&snp, 0x00, sizeof(union sctp_notification));
- iov.iov_base = (char *)&snp;
- iov.iov_len = sizeof(union sctp_notification);
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_control = NULL;
- msg.msg_controllen = 0;
- msg.msg_flags = 0;
-
- n = recvmsg(b->num, &msg, MSG_PEEK);
- if (n <= 0) {
- if ((n < 0) && (get_last_socket_error() != EAGAIN)
- && (get_last_socket_error() != EWOULDBLOCK))
- return -1;
- else
- return 0;
- }
-
- /* if we find a notification, process it and try again if necessary */
- while (msg.msg_flags & MSG_NOTIFICATION) {
- memset(&snp, 0x00, sizeof(union sctp_notification));
- iov.iov_base = (char *)&snp;
- iov.iov_len = sizeof(union sctp_notification);
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_control = NULL;
- msg.msg_controllen = 0;
- msg.msg_flags = 0;
-
- n = recvmsg(b->num, &msg, 0);
- if (n <= 0) {
- if ((n < 0) && (get_last_socket_error() != EAGAIN)
- && (get_last_socket_error() != EWOULDBLOCK))
- return -1;
- else
- return is_dry;
- }
-
- if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
- is_dry = 1;
-
- /* disable sender dry event */
-# ifdef SCTP_EVENT
- memset(&event, 0, sizeof(struct sctp_event));
- event.se_assoc_id = 0;
- event.se_type = SCTP_SENDER_DRY_EVENT;
- event.se_on = 0;
- ret =
- setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
- sizeof(struct sctp_event));
-# else
- eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
- ret =
- getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
- &eventsize);
- if (ret < 0)
- return -1;
-
- event.sctp_sender_dry_event = 0;
-
- ret =
- setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
- sizeof(struct sctp_event_subscribe));
-# endif
- if (ret < 0)
- return -1;
- }
-# ifdef SCTP_AUTHENTICATION_EVENT
- if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
- dgram_sctp_handle_auth_free_key_event(b, &snp);
-# endif
-
- if (data->handle_notifications != NULL)
- data->handle_notifications(b, data->notification_context,
- (void *)&snp);
-
- /* found notification, peek again */
- memset(&snp, 0x00, sizeof(union sctp_notification));
- iov.iov_base = (char *)&snp;
- iov.iov_len = sizeof(union sctp_notification);
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_control = NULL;
- msg.msg_controllen = 0;
- msg.msg_flags = 0;
-
- /* if we have seen the dry already, don't wait */
- if (is_dry) {
- sockflags = fcntl(b->num, F_GETFL, 0);
- fcntl(b->num, F_SETFL, O_NONBLOCK);
- }
-
- n = recvmsg(b->num, &msg, MSG_PEEK);
-
- if (is_dry) {
- fcntl(b->num, F_SETFL, sockflags);
- }
-
- if (n <= 0) {
- if ((n < 0) && (get_last_socket_error() != EAGAIN)
- && (get_last_socket_error() != EWOULDBLOCK))
- return -1;
- else
- return is_dry;
- }
- }
-
- /* read anything else */
- return is_dry;
-}
-
-int BIO_dgram_sctp_msg_waiting(BIO *b)
-{
- int n, sockflags;
- union sctp_notification snp;
- struct msghdr msg;
- struct iovec iov;
- bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-
- /* Check if there are any messages waiting to be read */
- do {
- memset(&snp, 0x00, sizeof(union sctp_notification));
- iov.iov_base = (char *)&snp;
- iov.iov_len = sizeof(union sctp_notification);
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_control = NULL;
- msg.msg_controllen = 0;
- msg.msg_flags = 0;
-
- sockflags = fcntl(b->num, F_GETFL, 0);
- fcntl(b->num, F_SETFL, O_NONBLOCK);
- n = recvmsg(b->num, &msg, MSG_PEEK);
- fcntl(b->num, F_SETFL, sockflags);
-
- /* if notification, process and try again */
- if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
-# ifdef SCTP_AUTHENTICATION_EVENT
- if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
- dgram_sctp_handle_auth_free_key_event(b, &snp);
-# endif
-
- memset(&snp, 0x00, sizeof(union sctp_notification));
- iov.iov_base = (char *)&snp;
- iov.iov_len = sizeof(union sctp_notification);
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_control = NULL;
- msg.msg_controllen = 0;
- msg.msg_flags = 0;
- n = recvmsg(b->num, &msg, 0);
-
- if (data->handle_notifications != NULL)
- data->handle_notifications(b, data->notification_context,
- (void *)&snp);
- }
-
- } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
-
- /* Return 1 if there is a message to be read, return 0 otherwise. */
- if (n > 0)
- return 1;
- else
- return 0;
-}
-
-static int dgram_sctp_puts(BIO *bp, const char *str)
-{
- int n, ret;
-
- n = strlen(str);
- ret = dgram_sctp_write(bp, str, n);
- return (ret);
-}
-# endif
-
-static int BIO_dgram_should_retry(int i)
-{
- int err;
-
- if ((i == 0) || (i == -1)) {
- err = get_last_socket_error();
-
-# if defined(OPENSSL_SYS_WINDOWS)
- /*
- * If the socket return value (i) is -1 and err is unexpectedly 0 at
- * this point, the error code was overwritten by another system call
- * before this error handling is called.
- */
-# endif
-
- return (BIO_dgram_non_fatal_error(err));
- }
- return (0);
-}
-
-int BIO_dgram_non_fatal_error(int err)
-{
- switch (err) {
-# if defined(OPENSSL_SYS_WINDOWS)
-# if defined(WSAEWOULDBLOCK)
- case WSAEWOULDBLOCK:
-# endif
-
-# if 0 /* This appears to always be an error */
-# if defined(WSAENOTCONN)
- case WSAENOTCONN:
-# endif
-# endif
-# endif
-
-# ifdef EWOULDBLOCK
-# ifdef WSAEWOULDBLOCK
-# if WSAEWOULDBLOCK != EWOULDBLOCK
- case EWOULDBLOCK:
-# endif
-# else
- case EWOULDBLOCK:
-# endif
-# endif
-
-# ifdef EINTR
- case EINTR:
-# endif
-
-# ifdef EAGAIN
-# if EWOULDBLOCK != EAGAIN
- case EAGAIN:
-# endif
-# endif
-
-# ifdef EPROTO
- case EPROTO:
-# endif
-
-# ifdef EINPROGRESS
- case EINPROGRESS:
-# endif
-
-# ifdef EALREADY
- case EALREADY:
-# endif
-
- return (1);
- /* break; */
- default:
- break;
- }
- return (0);
-}
-
-static void get_current_time(struct timeval *t)
-{
-# ifdef OPENSSL_SYS_WIN32
- struct _timeb tb;
- _ftime(&tb);
- t->tv_sec = (long)tb.time;
- t->tv_usec = (long)tb.millitm * 1000;
-# elif defined(OPENSSL_SYS_VMS)
- struct timeb tb;
- ftime(&tb);
- t->tv_sec = (long)tb.time;
- t->tv_usec = (long)tb.millitm * 1000;
-# else
- gettimeofday(t, NULL);
-# endif
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bio/bss_dgram.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2011 @@
+/* crypto/bio/bio_dgram.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+
+#include <openssl/bio.h>
+#ifndef OPENSSL_NO_DGRAM
+
+# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
+# include <sys/timeb.h>
+# endif
+
+# ifndef OPENSSL_NO_SCTP
+# include <netinet/sctp.h>
+# include <fcntl.h>
+# define OPENSSL_SCTP_DATA_CHUNK_TYPE 0x00
+# define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
+# endif
+
+# if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
+# define IP_MTU 14 /* linux is lame */
+# endif
+
+# if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
+/* Standard definition causes type-punning problems. */
+# undef IN6_IS_ADDR_V4MAPPED
+# define s6_addr32 __u6_addr.__u6_addr32
+# define IN6_IS_ADDR_V4MAPPED(a) \
+ (((a)->s6_addr32[0] == 0) && \
+ ((a)->s6_addr32[1] == 0) && \
+ ((a)->s6_addr32[2] == htonl(0x0000ffff)))
+# endif
+
+# ifdef WATT32
+# define sock_write SockWrite /* Watt-32 uses same names */
+# define sock_read SockRead
+# define sock_puts SockPuts
+# endif
+
+static int dgram_write(BIO *h, const char *buf, int num);
+static int dgram_read(BIO *h, char *buf, int size);
+static int dgram_puts(BIO *h, const char *str);
+static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_new(BIO *h);
+static int dgram_free(BIO *data);
+static int dgram_clear(BIO *bio);
+
+# ifndef OPENSSL_NO_SCTP
+static int dgram_sctp_write(BIO *h, const char *buf, int num);
+static int dgram_sctp_read(BIO *h, char *buf, int size);
+static int dgram_sctp_puts(BIO *h, const char *str);
+static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_sctp_new(BIO *h);
+static int dgram_sctp_free(BIO *data);
+# ifdef SCTP_AUTHENTICATION_EVENT
+static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
+ *snp);
+# endif
+# endif
+
+static int BIO_dgram_should_retry(int s);
+
+static void get_current_time(struct timeval *t);
+
+static BIO_METHOD methods_dgramp = {
+ BIO_TYPE_DGRAM,
+ "datagram socket",
+ dgram_write,
+ dgram_read,
+ dgram_puts,
+ NULL, /* dgram_gets, */
+ dgram_ctrl,
+ dgram_new,
+ dgram_free,
+ NULL,
+};
+
+# ifndef OPENSSL_NO_SCTP
+static BIO_METHOD methods_dgramp_sctp = {
+ BIO_TYPE_DGRAM_SCTP,
+ "datagram sctp socket",
+ dgram_sctp_write,
+ dgram_sctp_read,
+ dgram_sctp_puts,
+ NULL, /* dgram_gets, */
+ dgram_sctp_ctrl,
+ dgram_sctp_new,
+ dgram_sctp_free,
+ NULL,
+};
+# endif
+
+typedef struct bio_dgram_data_st {
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } peer;
+ unsigned int connected;
+ unsigned int _errno;
+ unsigned int mtu;
+ struct timeval next_timeout;
+ struct timeval socket_timeout;
+} bio_dgram_data;
+
+# ifndef OPENSSL_NO_SCTP
+typedef struct bio_dgram_sctp_save_message_st {
+ BIO *bio;
+ char *data;
+ int length;
+} bio_dgram_sctp_save_message;
+
+typedef struct bio_dgram_sctp_data_st {
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } peer;
+ unsigned int connected;
+ unsigned int _errno;
+ unsigned int mtu;
+ struct bio_dgram_sctp_sndinfo sndinfo;
+ struct bio_dgram_sctp_rcvinfo rcvinfo;
+ struct bio_dgram_sctp_prinfo prinfo;
+ void (*handle_notifications) (BIO *bio, void *context, void *buf);
+ void *notification_context;
+ int in_handshake;
+ int ccs_rcvd;
+ int ccs_sent;
+ int save_shutdown;
+ int peer_auth_tested;
+ bio_dgram_sctp_save_message saved_message;
+} bio_dgram_sctp_data;
+# endif
+
+BIO_METHOD *BIO_s_datagram(void)
+{
+ return (&methods_dgramp);
+}
+
+BIO *BIO_new_dgram(int fd, int close_flag)
+{
+ BIO *ret;
+
+ ret = BIO_new(BIO_s_datagram());
+ if (ret == NULL)
+ return (NULL);
+ BIO_set_fd(ret, fd, close_flag);
+ return (ret);
+}
+
+static int dgram_new(BIO *bi)
+{
+ bio_dgram_data *data = NULL;
+
+ bi->init = 0;
+ bi->num = 0;
+ data = OPENSSL_malloc(sizeof(bio_dgram_data));
+ if (data == NULL)
+ return 0;
+ memset(data, 0x00, sizeof(bio_dgram_data));
+ bi->ptr = data;
+
+ bi->flags = 0;
+ return (1);
+}
+
+static int dgram_free(BIO *a)
+{
+ bio_dgram_data *data;
+
+ if (a == NULL)
+ return (0);
+ if (!dgram_clear(a))
+ return 0;
+
+ data = (bio_dgram_data *)a->ptr;
+ if (data != NULL)
+ OPENSSL_free(data);
+
+ return (1);
+}
+
+static int dgram_clear(BIO *a)
+{
+ if (a == NULL)
+ return (0);
+ if (a->shutdown) {
+ if (a->init) {
+ SHUTDOWN2(a->num);
+ }
+ a->init = 0;
+ a->flags = 0;
+ }
+ return (1);
+}
+
+static void dgram_adjust_rcv_timeout(BIO *b)
+{
+# if defined(SO_RCVTIMEO)
+ bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+ union {
+ size_t s;
+ int i;
+ } sz = {
+ 0
+ };
+
+ /* Is a timer active? */
+ if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
+ struct timeval timenow, timeleft;
+
+ /* Read current socket timeout */
+# ifdef OPENSSL_SYS_WINDOWS
+ int timeout;
+
+ sz.i = sizeof(timeout);
+ if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ (void *)&timeout, &sz.i) < 0) {
+ perror("getsockopt");
+ } else {
+ data->socket_timeout.tv_sec = timeout / 1000;
+ data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
+ }
+# else
+ sz.i = sizeof(data->socket_timeout);
+ if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ &(data->socket_timeout), (void *)&sz) < 0) {
+ perror("getsockopt");
+ } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0)
+ OPENSSL_assert(sz.s <= sizeof(data->socket_timeout));
+# endif
+
+ /* Get current time */
+ get_current_time(&timenow);
+
+ /* Calculate time left until timer expires */
+ memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
+ if (timeleft.tv_usec < timenow.tv_usec) {
+ timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
+ timeleft.tv_sec--;
+ } else {
+ timeleft.tv_usec -= timenow.tv_usec;
+ }
+ if (timeleft.tv_sec < timenow.tv_sec) {
+ timeleft.tv_sec = 0;
+ timeleft.tv_usec = 1;
+ } else {
+ timeleft.tv_sec -= timenow.tv_sec;
+ }
+
+ /*
+ * Adjust socket timeout if next handhake message timer will expire
+ * earlier.
+ */
+ if ((data->socket_timeout.tv_sec == 0
+ && data->socket_timeout.tv_usec == 0)
+ || (data->socket_timeout.tv_sec > timeleft.tv_sec)
+ || (data->socket_timeout.tv_sec == timeleft.tv_sec
+ && data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
+# ifdef OPENSSL_SYS_WINDOWS
+ timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
+ if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ (void *)&timeout, sizeof(timeout)) < 0) {
+ perror("setsockopt");
+ }
+# else
+ if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
+ sizeof(struct timeval)) < 0) {
+ perror("setsockopt");
+ }
+# endif
+ }
+ }
+# endif
+}
+
+static void dgram_reset_rcv_timeout(BIO *b)
+{
+# if defined(SO_RCVTIMEO)
+ bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+ /* Is a timer active? */
+ if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
+# ifdef OPENSSL_SYS_WINDOWS
+ int timeout = data->socket_timeout.tv_sec * 1000 +
+ data->socket_timeout.tv_usec / 1000;
+ if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ (void *)&timeout, sizeof(timeout)) < 0) {
+ perror("setsockopt");
+ }
+# else
+ if (setsockopt
+ (b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
+ sizeof(struct timeval)) < 0) {
+ perror("setsockopt");
+ }
+# endif
+ }
+# endif
+}
+
+static int dgram_read(BIO *b, char *out, int outl)
+{
+ int ret = 0;
+ bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+ struct {
+ /*
+ * See commentary in b_sock.c. <appro>
+ */
+ union {
+ size_t s;
+ int i;
+ } len;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } peer;
+ } sa;
+
+ sa.len.s = 0;
+ sa.len.i = sizeof(sa.peer);
+
+ if (out != NULL) {
+ clear_socket_error();
+ memset(&sa.peer, 0x00, sizeof(sa.peer));
+ dgram_adjust_rcv_timeout(b);
+ ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, (void *)&sa.len);
+ if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
+ OPENSSL_assert(sa.len.s <= sizeof(sa.peer));
+ sa.len.i = (int)sa.len.s;
+ }
+
+ if (!data->connected && ret >= 0)
+ BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
+
+ BIO_clear_retry_flags(b);
+ if (ret < 0) {
+ if (BIO_dgram_should_retry(ret)) {
+ BIO_set_retry_read(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+
+ dgram_reset_rcv_timeout(b);
+ }
+ return (ret);
+}
+
+static int dgram_write(BIO *b, const char *in, int inl)
+{
+ int ret;
+ bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+ clear_socket_error();
+
+ if (data->connected)
+ ret = writesocket(b->num, in, inl);
+ else {
+ int peerlen = sizeof(data->peer);
+
+ if (data->peer.sa.sa_family == AF_INET)
+ peerlen = sizeof(data->peer.sa_in);
+# if OPENSSL_USE_IPV6
+ else if (data->peer.sa.sa_family == AF_INET6)
+ peerlen = sizeof(data->peer.sa_in6);
+# endif
+# if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
+ ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
+# else
+ ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
+# endif
+ }
+
+ BIO_clear_retry_flags(b);
+ if (ret <= 0) {
+ if (BIO_dgram_should_retry(ret)) {
+ BIO_set_retry_write(b);
+ data->_errno = get_last_socket_error();
+
+# if 0 /* higher layers are responsible for querying
+ * MTU, if necessary */
+ if (data->_errno == EMSGSIZE)
+ /* retrieve the new MTU */
+ BIO_ctrl(b, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+# endif
+ }
+ }
+ return (ret);
+}
+
+static long dgram_get_mtu_overhead(bio_dgram_data *data)
+{
+ long ret;
+
+ switch (data->peer.sa.sa_family) {
+ case AF_INET:
+ /*
+ * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+ */
+ ret = 28;
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+# ifdef IN6_IS_ADDR_V4MAPPED
+ if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+ /*
+ * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+ */
+ ret = 28;
+ else
+# endif
+ /*
+ * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
+ */
+ ret = 48;
+ break;
+# endif
+ default:
+ /* We don't know. Go with the historical default */
+ ret = 28;
+ break;
+ }
+ return ret;
+}
+
+static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ long ret = 1;
+ int *ip;
+ struct sockaddr *to = NULL;
+ bio_dgram_data *data = NULL;
+# if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
+ int sockopt_val = 0;
+ socklen_t sockopt_len; /* assume that system supporting IP_MTU is
+ * modern enough to define socklen_t */
+ socklen_t addr_len;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in s4;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 s6;
+# endif
+ } addr;
+# endif
+
+ data = (bio_dgram_data *)b->ptr;
+
+ switch (cmd) {
+ case BIO_CTRL_RESET:
+ num = 0;
+ ret = 0;
+ break;
+ case BIO_CTRL_INFO:
+ ret = 0;
+ break;
+ case BIO_C_SET_FD:
+ dgram_clear(b);
+ b->num = *((int *)ptr);
+ b->shutdown = (int)num;
+ b->init = 1;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init) {
+ ip = (int *)ptr;
+ if (ip != NULL)
+ *ip = b->num;
+ ret = b->num;
+ } else
+ ret = -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret = b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown = (int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret = 0;
+ break;
+ case BIO_CTRL_DUP:
+ case BIO_CTRL_FLUSH:
+ ret = 1;
+ break;
+ case BIO_CTRL_DGRAM_CONNECT:
+ to = (struct sockaddr *)ptr;
+# if 0
+ if (connect(b->num, to, sizeof(struct sockaddr)) < 0) {
+ perror("connect");
+ ret = 0;
+ } else {
+# endif
+ switch (to->sa_family) {
+ case AF_INET:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+ break;
+# endif
+ default:
+ memcpy(&data->peer, to, sizeof(data->peer.sa));
+ break;
+ }
+# if 0
+ }
+# endif
+ break;
+ /* (Linux)kernel sets DF bit on outgoing IP packets */
+ case BIO_CTRL_DGRAM_MTU_DISCOVER:
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
+ addr_len = (socklen_t) sizeof(addr);
+ memset((void *)&addr, 0, sizeof(addr));
+ if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
+ ret = 0;
+ break;
+ }
+ switch (addr.sa.sa_family) {
+ case AF_INET:
+ sockopt_val = IP_PMTUDISC_DO;
+ if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
+ &sockopt_val, sizeof(sockopt_val))) < 0)
+ perror("setsockopt");
+ break;
+# if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
+ case AF_INET6:
+ sockopt_val = IPV6_PMTUDISC_DO;
+ if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+ &sockopt_val, sizeof(sockopt_val))) < 0)
+ perror("setsockopt");
+ break;
+# endif
+ default:
+ ret = -1;
+ break;
+ }
+ ret = -1;
+# else
+ break;
+# endif
+ case BIO_CTRL_DGRAM_QUERY_MTU:
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
+ addr_len = (socklen_t) sizeof(addr);
+ memset((void *)&addr, 0, sizeof(addr));
+ if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
+ ret = 0;
+ break;
+ }
+ sockopt_len = sizeof(sockopt_val);
+ switch (addr.sa.sa_family) {
+ case AF_INET:
+ if ((ret =
+ getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
+ &sockopt_len)) < 0 || sockopt_val < 0) {
+ ret = 0;
+ } else {
+ /*
+ * we assume that the transport protocol is UDP and no IP
+ * options are used.
+ */
+ data->mtu = sockopt_val - 8 - 20;
+ ret = data->mtu;
+ }
+ break;
+# if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
+ case AF_INET6:
+ if ((ret =
+ getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
+ (void *)&sockopt_val, &sockopt_len)) < 0
+ || sockopt_val < 0) {
+ ret = 0;
+ } else {
+ /*
+ * we assume that the transport protocol is UDP and no IPV6
+ * options are used.
+ */
+ data->mtu = sockopt_val - 8 - 40;
+ ret = data->mtu;
+ }
+ break;
+# endif
+ default:
+ ret = 0;
+ break;
+ }
+# else
+ ret = 0;
+# endif
+ break;
+ case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
+ ret = -dgram_get_mtu_overhead(data);
+ switch (data->peer.sa.sa_family) {
+ case AF_INET:
+ ret += 576;
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+# ifdef IN6_IS_ADDR_V4MAPPED
+ if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+ ret += 576;
+ else
+# endif
+ ret += 1280;
+ break;
+# endif
+ default:
+ ret += 576;
+ break;
+ }
+ break;
+ case BIO_CTRL_DGRAM_GET_MTU:
+ return data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_MTU:
+ data->mtu = num;
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SET_CONNECTED:
+ to = (struct sockaddr *)ptr;
+
+ if (to != NULL) {
+ data->connected = 1;
+ switch (to->sa_family) {
+ case AF_INET:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+ break;
+# endif
+ default:
+ memcpy(&data->peer, to, sizeof(data->peer.sa));
+ break;
+ }
+ } else {
+ data->connected = 0;
+ memset(&(data->peer), 0x00, sizeof(data->peer));
+ }
+ break;
+ case BIO_CTRL_DGRAM_GET_PEER:
+ switch (data->peer.sa.sa_family) {
+ case AF_INET:
+ ret = sizeof(data->peer.sa_in);
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ ret = sizeof(data->peer.sa_in6);
+ break;
+# endif
+ default:
+ ret = sizeof(data->peer.sa);
+ break;
+ }
+ if (num == 0 || num > ret)
+ num = ret;
+ memcpy(ptr, &data->peer, (ret = num));
+ break;
+ case BIO_CTRL_DGRAM_SET_PEER:
+ to = (struct sockaddr *)ptr;
+ switch (to->sa_family) {
+ case AF_INET:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+ break;
+# endif
+ default:
+ memcpy(&data->peer, to, sizeof(data->peer.sa));
+ break;
+ }
+ break;
+ case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+ memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
+ break;
+# if defined(SO_RCVTIMEO)
+ case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
+# ifdef OPENSSL_SYS_WINDOWS
+ {
+ struct timeval *tv = (struct timeval *)ptr;
+ int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
+ if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ (void *)&timeout, sizeof(timeout)) < 0) {
+ perror("setsockopt");
+ ret = -1;
+ }
+ }
+# else
+ if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
+ sizeof(struct timeval)) < 0) {
+ perror("setsockopt");
+ ret = -1;
+ }
+# endif
+ break;
+ case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
+ {
+ union {
+ size_t s;
+ int i;
+ } sz = {
+ 0
+ };
+# ifdef OPENSSL_SYS_WINDOWS
+ int timeout;
+ struct timeval *tv = (struct timeval *)ptr;
+
+ sz.i = sizeof(timeout);
+ if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ (void *)&timeout, &sz.i) < 0) {
+ perror("getsockopt");
+ ret = -1;
+ } else {
+ tv->tv_sec = timeout / 1000;
+ tv->tv_usec = (timeout % 1000) * 1000;
+ ret = sizeof(*tv);
+ }
+# else
+ sz.i = sizeof(struct timeval);
+ if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ ptr, (void *)&sz) < 0) {
+ perror("getsockopt");
+ ret = -1;
+ } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
+ OPENSSL_assert(sz.s <= sizeof(struct timeval));
+ ret = (int)sz.s;
+ } else
+ ret = sz.i;
+# endif
+ }
+ break;
+# endif
+# if defined(SO_SNDTIMEO)
+ case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
+# ifdef OPENSSL_SYS_WINDOWS
+ {
+ struct timeval *tv = (struct timeval *)ptr;
+ int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
+ if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+ (void *)&timeout, sizeof(timeout)) < 0) {
+ perror("setsockopt");
+ ret = -1;
+ }
+ }
+# else
+ if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
+ sizeof(struct timeval)) < 0) {
+ perror("setsockopt");
+ ret = -1;
+ }
+# endif
+ break;
+ case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
+ {
+ union {
+ size_t s;
+ int i;
+ } sz = {
+ 0
+ };
+# ifdef OPENSSL_SYS_WINDOWS
+ int timeout;
+ struct timeval *tv = (struct timeval *)ptr;
+
+ sz.i = sizeof(timeout);
+ if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+ (void *)&timeout, &sz.i) < 0) {
+ perror("getsockopt");
+ ret = -1;
+ } else {
+ tv->tv_sec = timeout / 1000;
+ tv->tv_usec = (timeout % 1000) * 1000;
+ ret = sizeof(*tv);
+ }
+# else
+ sz.i = sizeof(struct timeval);
+ if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+ ptr, (void *)&sz) < 0) {
+ perror("getsockopt");
+ ret = -1;
+ } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
+ OPENSSL_assert(sz.s <= sizeof(struct timeval));
+ ret = (int)sz.s;
+ } else
+ ret = sz.i;
+# endif
+ }
+ break;
+# endif
+ case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
+ /* fall-through */
+ case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
+# ifdef OPENSSL_SYS_WINDOWS
+ if (data->_errno == WSAETIMEDOUT)
+# else
+ if (data->_errno == EAGAIN)
+# endif
+ {
+ ret = 1;
+ data->_errno = 0;
+ } else
+ ret = 0;
+ break;
+# ifdef EMSGSIZE
+ case BIO_CTRL_DGRAM_MTU_EXCEEDED:
+ if (data->_errno == EMSGSIZE) {
+ ret = 1;
+ data->_errno = 0;
+ } else
+ ret = 0;
+ break;
+# endif
+ case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+ ret = dgram_get_mtu_overhead(data);
+ break;
+ default:
+ ret = 0;
+ break;
+ }
+ return (ret);
+}
+
+static int dgram_puts(BIO *bp, const char *str)
+{
+ int n, ret;
+
+ n = strlen(str);
+ ret = dgram_write(bp, str, n);
+ return (ret);
+}
+
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void)
+{
+ return (&methods_dgramp_sctp);
+}
+
+BIO *BIO_new_dgram_sctp(int fd, int close_flag)
+{
+ BIO *bio;
+ int ret, optval = 20000;
+ int auth_data = 0, auth_forward = 0;
+ unsigned char *p;
+ struct sctp_authchunk auth;
+ struct sctp_authchunks *authchunks;
+ socklen_t sockopt_len;
+# ifdef SCTP_AUTHENTICATION_EVENT
+# ifdef SCTP_EVENT
+ struct sctp_event event;
+# else
+ struct sctp_event_subscribe event;
+# endif
+# endif
+
+ bio = BIO_new(BIO_s_datagram_sctp());
+ if (bio == NULL)
+ return (NULL);
+ BIO_set_fd(bio, fd, close_flag);
+
+ /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
+ auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+ sizeof(struct sctp_authchunk));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+ auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+ sizeof(struct sctp_authchunk));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ /*
+ * Test if activation was successful. When using accept(), SCTP-AUTH has
+ * to be activated for the listening socket already, otherwise the
+ * connected socket won't use it.
+ */
+ sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+ authchunks = OPENSSL_malloc(sockopt_len);
+ if (!authchunks) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+ memset(authchunks, 0, sizeof(sockopt_len));
+ ret =
+ getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
+ &sockopt_len);
+
+ if (ret < 0) {
+ OPENSSL_free(authchunks);
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ for (p = (unsigned char *)authchunks->gauth_chunks;
+ p < (unsigned char *)authchunks + sockopt_len;
+ p += sizeof(uint8_t)) {
+ if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+ auth_data = 1;
+ if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+ auth_forward = 1;
+ }
+
+ OPENSSL_free(authchunks);
+
+ OPENSSL_assert(auth_data);
+ OPENSSL_assert(auth_forward);
+
+# ifdef SCTP_AUTHENTICATION_EVENT
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_AUTHENTICATION_EVENT;
+ event.se_on = 1;
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+# else
+ sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ event.sctp_authentication_event = 1;
+
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+# endif
+# endif
+
+ /*
+ * Disable partial delivery by setting the min size larger than the max
+ * record size of 2^14 + 2048 + 13
+ */
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
+ sizeof(optval));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ return (bio);
+}
+
+int BIO_dgram_is_sctp(BIO *bio)
+{
+ return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
+}
+
+static int dgram_sctp_new(BIO *bi)
+{
+ bio_dgram_sctp_data *data = NULL;
+
+ bi->init = 0;
+ bi->num = 0;
+ data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
+ if (data == NULL)
+ return 0;
+ memset(data, 0x00, sizeof(bio_dgram_sctp_data));
+# ifdef SCTP_PR_SCTP_NONE
+ data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
+# endif
+ bi->ptr = data;
+
+ bi->flags = 0;
+ return (1);
+}
+
+static int dgram_sctp_free(BIO *a)
+{
+ bio_dgram_sctp_data *data;
+
+ if (a == NULL)
+ return (0);
+ if (!dgram_clear(a))
+ return 0;
+
+ data = (bio_dgram_sctp_data *) a->ptr;
+ if (data != NULL) {
+ if (data->saved_message.data != NULL)
+ OPENSSL_free(data->saved_message.data);
+ OPENSSL_free(data);
+ }
+
+ return (1);
+}
+
+# ifdef SCTP_AUTHENTICATION_EVENT
+void dgram_sctp_handle_auth_free_key_event(BIO *b,
+ union sctp_notification *snp)
+{
+ int ret;
+ struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
+
+ if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
+ struct sctp_authkeyid authkeyid;
+
+ /* delete key */
+ authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ }
+}
+# endif
+
+static int dgram_sctp_read(BIO *b, char *out, int outl)
+{
+ int ret = 0, n = 0, i, optval;
+ socklen_t optlen;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+ union sctp_notification *snp;
+ struct msghdr msg;
+ struct iovec iov;
+ struct cmsghdr *cmsg;
+ char cmsgbuf[512];
+
+ if (out != NULL) {
+ clear_socket_error();
+
+ do {
+ memset(&data->rcvinfo, 0x00,
+ sizeof(struct bio_dgram_sctp_rcvinfo));
+ iov.iov_base = out;
+ iov.iov_len = outl;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = cmsgbuf;
+ msg.msg_controllen = 512;
+ msg.msg_flags = 0;
+ n = recvmsg(b->num, &msg, 0);
+
+ if (n <= 0) {
+ if (n < 0)
+ ret = n;
+ break;
+ }
+
+ if (msg.msg_controllen > 0) {
+ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
+ cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+ if (cmsg->cmsg_level != IPPROTO_SCTP)
+ continue;
+# ifdef SCTP_RCVINFO
+ if (cmsg->cmsg_type == SCTP_RCVINFO) {
+ struct sctp_rcvinfo *rcvinfo;
+
+ rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
+ data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
+ data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
+ data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
+ data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
+ data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
+ data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
+ data->rcvinfo.rcv_context = rcvinfo->rcv_context;
+ }
+# endif
+# ifdef SCTP_SNDRCV
+ if (cmsg->cmsg_type == SCTP_SNDRCV) {
+ struct sctp_sndrcvinfo *sndrcvinfo;
+
+ sndrcvinfo =
+ (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+ data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
+ data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
+ data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
+ data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
+ data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
+ data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
+ data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
+ }
+# endif
+ }
+ }
+
+ if (msg.msg_flags & MSG_NOTIFICATION) {
+ snp = (union sctp_notification *)out;
+ if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+# ifdef SCTP_EVENT
+ struct sctp_event event;
+# else
+ struct sctp_event_subscribe event;
+ socklen_t eventsize;
+# endif
+ /*
+ * If a message has been delayed until the socket is dry,
+ * it can be sent now.
+ */
+ if (data->saved_message.length > 0) {
+ dgram_sctp_write(data->saved_message.bio,
+ data->saved_message.data,
+ data->saved_message.length);
+ OPENSSL_free(data->saved_message.data);
+ data->saved_message.data = NULL;
+ data->saved_message.length = 0;
+ }
+
+ /* disable sender dry event */
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 0;
+ i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+# else
+ eventsize = sizeof(struct sctp_event_subscribe);
+ i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ &eventsize);
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+
+ event.sctp_sender_dry_event = 0;
+
+ i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+# endif
+ }
+# ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, snp);
+# endif
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context,
+ (void *)out);
+
+ memset(out, 0, outl);
+ } else
+ ret += n;
+ }
+ while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
+ && (ret < outl));
+
+ if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
+ /* Partial message read, this should never happen! */
+
+ /*
+ * The buffer was too small, this means the peer sent a message
+ * that was larger than allowed.
+ */
+ if (ret == outl)
+ return -1;
+
+ /*
+ * Test if socket buffer can handle max record size (2^14 + 2048
+ * + 13)
+ */
+ optlen = (socklen_t) sizeof(int);
+ ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
+ if (ret >= 0)
+ OPENSSL_assert(optval >= 18445);
+
+ /*
+ * Test if SCTP doesn't partially deliver below max record size
+ * (2^14 + 2048 + 13)
+ */
+ optlen = (socklen_t) sizeof(int);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
+ &optval, &optlen);
+ if (ret >= 0)
+ OPENSSL_assert(optval >= 18445);
+
+ /*
+ * Partially delivered notification??? Probably a bug....
+ */
+ OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
+
+ /*
+ * Everything seems ok till now, so it's most likely a message
+ * dropped by PR-SCTP.
+ */
+ memset(out, 0, outl);
+ BIO_set_retry_read(b);
+ return -1;
+ }
+
+ BIO_clear_retry_flags(b);
+ if (ret < 0) {
+ if (BIO_dgram_should_retry(ret)) {
+ BIO_set_retry_read(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+
+ /* Test if peer uses SCTP-AUTH before continuing */
+ if (!data->peer_auth_tested) {
+ int ii, auth_data = 0, auth_forward = 0;
+ unsigned char *p;
+ struct sctp_authchunks *authchunks;
+
+ optlen =
+ (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+ authchunks = OPENSSL_malloc(optlen);
+ if (!authchunks) {
+ BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ memset(authchunks, 0, sizeof(optlen));
+ ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
+ authchunks, &optlen);
+
+ if (ii >= 0)
+ for (p = (unsigned char *)authchunks->gauth_chunks;
+ p < (unsigned char *)authchunks + optlen;
+ p += sizeof(uint8_t)) {
+ if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+ auth_data = 1;
+ if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+ auth_forward = 1;
+ }
+
+ OPENSSL_free(authchunks);
+
+ if (!auth_data || !auth_forward) {
+ BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR);
+ return -1;
+ }
+
+ data->peer_auth_tested = 1;
+ }
+ }
+ return (ret);
+}
+
+static int dgram_sctp_write(BIO *b, const char *in, int inl)
+{
+ int ret;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+ struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
+ struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
+ struct bio_dgram_sctp_sndinfo handshake_sinfo;
+ struct iovec iov[1];
+ struct msghdr msg;
+ struct cmsghdr *cmsg;
+# if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+ char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
+ CMSG_SPACE(sizeof(struct sctp_prinfo))];
+ struct sctp_sndinfo *sndinfo;
+ struct sctp_prinfo *prinfo;
+# else
+ char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
+ struct sctp_sndrcvinfo *sndrcvinfo;
+# endif
+
+ clear_socket_error();
+
+ /*
+ * If we're send anything else than application data, disable all user
+ * parameters and flags.
+ */
+ if (in[0] != 23) {
+ memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
+# ifdef SCTP_SACK_IMMEDIATELY
+ handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
+# endif
+ sinfo = &handshake_sinfo;
+ }
+
+ /*
+ * If we have to send a shutdown alert message and the socket is not dry
+ * yet, we have to save it and send it as soon as the socket gets dry.
+ */
+ if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
+ char *tmp;
+ data->saved_message.bio = b;
+ if (!(tmp = OPENSSL_malloc(inl))) {
+ BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ if (data->saved_message.data)
+ OPENSSL_free(data->saved_message.data);
+ data->saved_message.data = tmp;
+ memcpy(data->saved_message.data, in, inl);
+ data->saved_message.length = inl;
+ return inl;
+ }
+
+ iov[0].iov_base = (char *)in;
+ iov[0].iov_len = inl;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = (caddr_t) cmsgbuf;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+# if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+ cmsg = (struct cmsghdr *)cmsgbuf;
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_SNDINFO;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
+ sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
+ memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
+ sndinfo->snd_sid = sinfo->snd_sid;
+ sndinfo->snd_flags = sinfo->snd_flags;
+ sndinfo->snd_ppid = sinfo->snd_ppid;
+ sndinfo->snd_context = sinfo->snd_context;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
+
+ cmsg =
+ (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_PRINFO;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
+ prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
+ memset(prinfo, 0, sizeof(struct sctp_prinfo));
+ prinfo->pr_policy = pinfo->pr_policy;
+ prinfo->pr_value = pinfo->pr_value;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
+# else
+ cmsg = (struct cmsghdr *)cmsgbuf;
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_SNDRCV;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
+ sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+ memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
+ sndrcvinfo->sinfo_stream = sinfo->snd_sid;
+ sndrcvinfo->sinfo_flags = sinfo->snd_flags;
+# ifdef __FreeBSD__
+ sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
+# endif
+ sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
+ sndrcvinfo->sinfo_context = sinfo->snd_context;
+ sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
+# endif
+
+ ret = sendmsg(b->num, &msg, 0);
+
+ BIO_clear_retry_flags(b);
+ if (ret <= 0) {
+ if (BIO_dgram_should_retry(ret)) {
+ BIO_set_retry_write(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+ return (ret);
+}
+
+static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ long ret = 1;
+ bio_dgram_sctp_data *data = NULL;
+ socklen_t sockopt_len = 0;
+ struct sctp_authkeyid authkeyid;
+ struct sctp_authkey *authkey = NULL;
+
+ data = (bio_dgram_sctp_data *) b->ptr;
+
+ switch (cmd) {
+ case BIO_CTRL_DGRAM_QUERY_MTU:
+ /*
+ * Set to maximum (2^14) and ignore user input to enable transport
+ * protocol fragmentation. Returns always 2^14.
+ */
+ data->mtu = 16384;
+ ret = data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_MTU:
+ /*
+ * Set to maximum (2^14) and ignore input to enable transport
+ * protocol fragmentation. Returns always 2^14.
+ */
+ data->mtu = 16384;
+ ret = data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_CONNECTED:
+ case BIO_CTRL_DGRAM_CONNECT:
+ /* Returns always -1. */
+ ret = -1;
+ break;
+ case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+ /*
+ * SCTP doesn't need the DTLS timer Returns always 1.
+ */
+ break;
+ case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+ /*
+ * We allow transport protocol fragmentation so this is irrelevant
+ */
+ ret = 0;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
+ if (num > 0)
+ data->in_handshake = 1;
+ else
+ data->in_handshake = 0;
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
+ &data->in_handshake, sizeof(int));
+ break;
+ case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
+ /*
+ * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
+ */
+
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+ &sockopt_len);
+ if (ret < 0)
+ break;
+
+ /* Add new key */
+ sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
+ authkey = OPENSSL_malloc(sockopt_len);
+ if (authkey == NULL) {
+ ret = -1;
+ break;
+ }
+ memset(authkey, 0x00, sockopt_len);
+ authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
+# ifndef __FreeBSD__
+ /*
+ * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
+ * and higher work without it.
+ */
+ authkey->sca_keylength = 64;
+# endif
+ memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
+ sockopt_len);
+ OPENSSL_free(authkey);
+ authkey = NULL;
+ if (ret < 0)
+ break;
+
+ /* Reset active key */
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0)
+ break;
+
+ break;
+ case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
+ /* Returns 0 on success, -1 otherwise. */
+
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+ &sockopt_len);
+ if (ret < 0)
+ break;
+
+ /* Set active key */
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0)
+ break;
+
+ /*
+ * CCS has been sent, so remember that and fall through to check if
+ * we need to deactivate an old key
+ */
+ data->ccs_sent = 1;
+
+ case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
+ /* Returns 0 on success, -1 otherwise. */
+
+ /*
+ * Has this command really been called or is this just a
+ * fall-through?
+ */
+ if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
+ data->ccs_rcvd = 1;
+
+ /*
+ * CSS has been both, received and sent, so deactivate an old key
+ */
+ if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, &sockopt_len);
+ if (ret < 0)
+ break;
+
+ /*
+ * Deactivate key or delete second last key if
+ * SCTP_AUTHENTICATION_EVENT is not available.
+ */
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+# ifdef SCTP_AUTH_DEACTIVATE_KEY
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
+ &authkeyid, sockopt_len);
+ if (ret < 0)
+ break;
+# endif
+# ifndef SCTP_AUTHENTICATION_EVENT
+ if (authkeyid.scact_keynumber > 0) {
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0)
+ break;
+ }
+# endif
+
+ data->ccs_rcvd = 0;
+ data->ccs_sent = 0;
+ }
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+ num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+ memcpy(ptr, &(data->sndinfo), num);
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+ num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+ memcpy(&(data->sndinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+ num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+ memcpy(ptr, &data->rcvinfo, num);
+
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+ num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+ memcpy(&(data->rcvinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+ num = sizeof(struct bio_dgram_sctp_prinfo);
+
+ memcpy(ptr, &(data->prinfo), num);
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+ num = sizeof(struct bio_dgram_sctp_prinfo);
+
+ memcpy(&(data->prinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
+ /* Returns always 1. */
+ if (num > 0)
+ data->save_shutdown = 1;
+ else
+ data->save_shutdown = 0;
+ break;
+
+ default:
+ /*
+ * Pass to default ctrl function to process SCTP unspecific commands
+ */
+ ret = dgram_ctrl(b, cmd, num, ptr);
+ break;
+ }
+ return (ret);
+}
+
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications) (BIO *bio,
+ void
+ *context,
+ void *buf),
+ void *context)
+{
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ if (handle_notifications != NULL) {
+ data->handle_notifications = handle_notifications;
+ data->notification_context = context;
+ } else
+ return -1;
+
+ return 0;
+}
+
+int BIO_dgram_sctp_wait_for_dry(BIO *b)
+{
+ int is_dry = 0;
+ int n, sockflags, ret;
+ union sctp_notification snp;
+ struct msghdr msg;
+ struct iovec iov;
+# ifdef SCTP_EVENT
+ struct sctp_event event;
+# else
+ struct sctp_event_subscribe event;
+ socklen_t eventsize;
+# endif
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ /* set sender dry event */
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 1;
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+# else
+ eventsize = sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+ if (ret < 0)
+ return -1;
+
+ event.sctp_sender_dry_event = 1;
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+# endif
+ if (ret < 0)
+ return -1;
+
+ /* peek for notification */
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+ if (n <= 0) {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN)
+ && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return 0;
+ }
+
+ /* if we find a notification, process it and try again if necessary */
+ while (msg.msg_flags & MSG_NOTIFICATION) {
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ n = recvmsg(b->num, &msg, 0);
+ if (n <= 0) {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN)
+ && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return is_dry;
+ }
+
+ if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+ is_dry = 1;
+
+ /* disable sender dry event */
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 0;
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+# else
+ eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ &eventsize);
+ if (ret < 0)
+ return -1;
+
+ event.sctp_sender_dry_event = 0;
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+# endif
+ if (ret < 0)
+ return -1;
+ }
+# ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, &snp);
+# endif
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context,
+ (void *)&snp);
+
+ /* found notification, peek again */
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ /* if we have seen the dry already, don't wait */
+ if (is_dry) {
+ sockflags = fcntl(b->num, F_GETFL, 0);
+ fcntl(b->num, F_SETFL, O_NONBLOCK);
+ }
+
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+
+ if (is_dry) {
+ fcntl(b->num, F_SETFL, sockflags);
+ }
+
+ if (n <= 0) {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN)
+ && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return is_dry;
+ }
+ }
+
+ /* read anything else */
+ return is_dry;
+}
+
+int BIO_dgram_sctp_msg_waiting(BIO *b)
+{
+ int n, sockflags;
+ union sctp_notification snp;
+ struct msghdr msg;
+ struct iovec iov;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ /* Check if there are any messages waiting to be read */
+ do {
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ sockflags = fcntl(b->num, F_GETFL, 0);
+ fcntl(b->num, F_SETFL, O_NONBLOCK);
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+ fcntl(b->num, F_SETFL, sockflags);
+
+ /* if notification, process and try again */
+ if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
+# ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, &snp);
+# endif
+
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+ n = recvmsg(b->num, &msg, 0);
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context,
+ (void *)&snp);
+ }
+
+ } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
+
+ /* Return 1 if there is a message to be read, return 0 otherwise. */
+ if (n > 0)
+ return 1;
+ else
+ return 0;
+}
+
+static int dgram_sctp_puts(BIO *bp, const char *str)
+{
+ int n, ret;
+
+ n = strlen(str);
+ ret = dgram_sctp_write(bp, str, n);
+ return (ret);
+}
+# endif
+
+static int BIO_dgram_should_retry(int i)
+{
+ int err;
+
+ if ((i == 0) || (i == -1)) {
+ err = get_last_socket_error();
+
+# if defined(OPENSSL_SYS_WINDOWS)
+ /*
+ * If the socket return value (i) is -1 and err is unexpectedly 0 at
+ * this point, the error code was overwritten by another system call
+ * before this error handling is called.
+ */
+# endif
+
+ return (BIO_dgram_non_fatal_error(err));
+ }
+ return (0);
+}
+
+int BIO_dgram_non_fatal_error(int err)
+{
+ switch (err) {
+# if defined(OPENSSL_SYS_WINDOWS)
+# if defined(WSAEWOULDBLOCK)
+ case WSAEWOULDBLOCK:
+# endif
+
+# if 0 /* This appears to always be an error */
+# if defined(WSAENOTCONN)
+ case WSAENOTCONN:
+# endif
+# endif
+# endif
+
+# ifdef EWOULDBLOCK
+# ifdef WSAEWOULDBLOCK
+# if WSAEWOULDBLOCK != EWOULDBLOCK
+ case EWOULDBLOCK:
+# endif
+# else
+ case EWOULDBLOCK:
+# endif
+# endif
+
+# ifdef EINTR
+ case EINTR:
+# endif
+
+# ifdef EAGAIN
+# if EWOULDBLOCK != EAGAIN
+ case EAGAIN:
+# endif
+# endif
+
+# ifdef EPROTO
+ case EPROTO:
+# endif
+
+# ifdef EINPROGRESS
+ case EINPROGRESS:
+# endif
+
+# ifdef EALREADY
+ case EALREADY:
+# endif
+
+ return (1);
+ /* break; */
+ default:
+ break;
+ }
+ return (0);
+}
+
+static void get_current_time(struct timeval *t)
+{
+# ifdef OPENSSL_SYS_WIN32
+ struct _timeb tb;
+ _ftime(&tb);
+ t->tv_sec = (long)tb.time;
+ t->tv_usec = (long)tb.millitm * 1000;
+# elif defined(OPENSSL_SYS_VMS)
+ struct timeb tb;
+ ftime(&tb);
+ t->tv_sec = (long)tb.time;
+ t->tv_usec = (long)tb.millitm * 1000;
+# else
+ gettimeofday(t, NULL);
+# endif
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/Makefile 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,379 +0,0 @@
-#
-# OpenSSL/crypto/bn/Makefile
-#
-
-DIR= bn
-TOP= ../..
-CC= cc
-CPP= $(CC) -E
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-
-BN_ASM= bn_asm.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=bntest.c exptest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
- bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
- bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
- bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
- bn_depr.c bn_const.c bn_x931p.c
-
-LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
- bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
- bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
- bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
- bn_depr.o bn_const.o bn_x931p.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bn.h
-HEADER= bn_lcl.h bn_prime.h $(EXHEADER)
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all: lib
-
-bn_prime.h: bn_prime.pl
- $(PERL) bn_prime.pl >bn_prime.h
-
-divtest: divtest.c ../../libcrypto.a
- cc -I../../include divtest.c -o divtest ../../libcrypto.a
-
-bnbug: bnbug.c ../../libcrypto.a top
- cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
-
-lib: $(LIBOBJ)
- $(AR) $(LIB) $(LIBOBJ)
- $(RANLIB) $(LIB) || echo Never mind.
- @touch lib
-
-bn-586.s: asm/bn-586.pl ../perlasm/x86asm.pl
- $(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-co-586.s: asm/co-586.pl ../perlasm/x86asm.pl
- $(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl
- $(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-x86-gf2m.s: asm/x86-gf2m.pl ../perlasm/x86asm.pl
- $(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-
-sparcv8.o: asm/sparcv8.S
- $(CC) $(CFLAGS) -c asm/sparcv8.S
-bn-sparcv9.o: asm/sparcv8plus.S
- $(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
-sparcv9a-mont.s: asm/sparcv9a-mont.pl
- $(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
-sparcv9-mont.s: asm/sparcv9-mont.pl
- $(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
-
-bn-mips3.o: asm/mips3.s
- @if [ "$(CC)" = "gcc" ]; then \
- ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
- as -$$ABI -O -o $@ asm/mips3.s; \
- else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
-
-bn-mips.s: asm/mips.pl
- $(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
-mips-mont.s: asm/mips-mont.pl
- $(PERL) asm/mips-mont.pl $(PERLASM_SCHEME) $@
-
-bn-s390x.o: asm/s390x.S
- $(CC) $(CFLAGS) -c -o $@ asm/s390x.S
-s390x-gf2m.s: asm/s390x-gf2m.pl
- $(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
-
-x86_64-gcc.o: asm/x86_64-gcc.c
- $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
-x86_64-mont.s: asm/x86_64-mont.pl
- $(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
-x86_64-mont5.s: asm/x86_64-mont5.pl
- $(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
-x86_64-gf2m.s: asm/x86_64-gf2m.pl
- $(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
-modexp512-x86_64.s: asm/modexp512-x86_64.pl
- $(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
-
-bn-ia64.s: asm/ia64.S
- $(CC) $(CFLAGS) -E asm/ia64.S > $@
-ia64-mont.s: asm/ia64-mont.pl
- $(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
-
-# GNU assembler fails to compile PA-RISC2 modules, insist on calling
-# vendor assembler...
-pa-risc2W.o: asm/pa-risc2W.s
- /usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
-pa-risc2.o: asm/pa-risc2.s
- /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
-parisc-mont.s: asm/parisc-mont.pl
- $(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
-
-# ppc - AIX, Linux, MacOS X...
-bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
-ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
-ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
-
-alpha-mont.s: asm/alpha-mont.pl
- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
- $(PERL) asm/alpha-mont.pl > $$preproc && \
- $(CC) -E $$preproc > $@ && rm $$preproc)
-
-# GNU make "catch all"
-%-mont.s: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
-%-gf2m.S: asm/%-gf2m.pl; $(PERL) $< $(PERLASM_SCHEME) $@
-
-armv4-gf2m.o: armv4-gf2m.S
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
- @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
- @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-
-exptest:
- rm -f exptest
- gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
-
-div:
- rm -f a.out
- gcc -I.. -g div.c ../../libcrypto.a
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-update: bn_prime.h depend
-
-depend:
- @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
-bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
-bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
-bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_const.o: ../../include/openssl/opensslconf.h
-bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
-bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
-bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
-bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
-bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_err.o: bn_err.c
-bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
-bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
-bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
-bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
-bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
-bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
-bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
-bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
-bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
-bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
-bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
-bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
-bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
-bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
-bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
-bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
-bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
-bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
-bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
-bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/Makefile)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,380 @@
+#
+# OpenSSL/crypto/bn/Makefile
+#
+
+DIR= bn
+TOP= ../..
+CC= cc
+CPP= $(CC) -E
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+
+BN_ASM= bn_asm.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
+ bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+ bn_depr.c bn_const.c bn_x931p.c
+
+LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
+ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
+ bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
+ bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
+ bn_depr.o bn_const.o bn_x931p.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER= bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+bn_prime.h: bn_prime.pl
+ $(PERL) bn_prime.pl >bn_prime.h
+
+divtest: divtest.c ../../libcrypto.a
+ cc -I../../include divtest.c -o divtest ../../libcrypto.a
+
+bnbug: bnbug.c ../../libcrypto.a top
+ cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+ @touch lib
+
+bn-586.s: asm/bn-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+co-586.s: asm/co-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl
+ $(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-gf2m.s: asm/x86-gf2m.pl ../perlasm/x86asm.pl
+ $(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sparcv8.o: asm/sparcv8.S
+ $(CC) $(CFLAGS) -c asm/sparcv8.S
+bn-sparcv9.o: asm/sparcv8plus.S
+ $(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
+sparcv9a-mont.s: asm/sparcv9a-mont.pl
+ $(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
+sparcv9-mont.s: asm/sparcv9-mont.pl
+ $(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
+
+bn-mips3.o: asm/mips3.s
+ @if [ "$(CC)" = "gcc" ]; then \
+ ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
+ as -$$ABI -O -o $@ asm/mips3.s; \
+ else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
+
+bn-mips.s: asm/mips.pl
+ $(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+mips-mont.s: asm/mips-mont.pl
+ $(PERL) asm/mips-mont.pl $(PERLASM_SCHEME) $@
+
+bn-s390x.o: asm/s390x.S
+ $(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+s390x-gf2m.s: asm/s390x-gf2m.pl
+ $(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
+
+x86_64-gcc.o: asm/x86_64-gcc.c
+ $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
+x86_64-mont.s: asm/x86_64-mont.pl
+ $(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
+x86_64-mont5.s: asm/x86_64-mont5.pl
+ $(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
+x86_64-gf2m.s: asm/x86_64-gf2m.pl
+ $(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
+modexp512-x86_64.s: asm/modexp512-x86_64.pl
+ $(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
+
+bn-ia64.s: asm/ia64.S
+ $(CC) $(CFLAGS) -E asm/ia64.S > $@
+ia64-mont.s: asm/ia64-mont.pl
+ $(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
+
+# GNU assembler fails to compile PA-RISC2 modules, insist on calling
+# vendor assembler...
+pa-risc2W.o: asm/pa-risc2W.s
+ /usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
+pa-risc2.o: asm/pa-risc2.s
+ /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
+parisc-mont.s: asm/parisc-mont.pl
+ $(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
+
+# ppc - AIX, Linux, MacOS X...
+bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
+ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
+
+alpha-mont.s: asm/alpha-mont.pl
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) asm/alpha-mont.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
+
+# GNU make "catch all"
+%-mont.s: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+%-gf2m.S: asm/%-gf2m.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
+armv4-gf2m.o: armv4-gf2m.S
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+ @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+ @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+
+exptest:
+ rm -f exptest
+ gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+ rm -f a.out
+ gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+update: bn_prime.h depend
+
+depend:
+ @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+ $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
+bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
+bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
+bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_const.o: ../../include/openssl/opensslconf.h
+bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
+bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
+bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
+bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_err.o: bn_err.c
+bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h
+bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
+bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
+bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
+bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
+bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
+bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
+bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
+bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
+bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
+bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
+bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
+bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
+bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
+bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
+bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
+bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/asm/x86-mont.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,593 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# October 2005
-#
-# This is a "teaser" code, as it can be improved in several ways...
-# First of all non-SSE2 path should be implemented (yes, for now it
-# performs Montgomery multiplication/convolution only on SSE2-capable
-# CPUs such as P4, others fall down to original code). Then inner loop
-# can be unrolled and modulo-scheduled to improve ILP and possibly
-# moved to 128-bit XMM register bank (though it would require input
-# rearrangement and/or increase bus bandwidth utilization). Dedicated
-# squaring procedure should give further performance improvement...
-# Yet, for being draft, the code improves rsa512 *sign* benchmark by
-# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
-
-# December 2006
-#
-# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
-# Integer-only code [being equipped with dedicated squaring procedure]
-# gives ~40% on rsa512 sign benchmark...
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&external_label("OPENSSL_ia32cap_P") if ($sse2);
-
-&function_begin("bn_mul_mont");
-
-$i="edx";
-$j="ecx";
-$ap="esi"; $tp="esi"; # overlapping variables!!!
-$rp="edi"; $bp="edi"; # overlapping variables!!!
-$np="ebp";
-$num="ebx";
-
-$_num=&DWP(4*0,"esp"); # stack top layout
-$_rp=&DWP(4*1,"esp");
-$_ap=&DWP(4*2,"esp");
-$_bp=&DWP(4*3,"esp");
-$_np=&DWP(4*4,"esp");
-$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp");
-$_sp=&DWP(4*6,"esp");
-$_bpend=&DWP(4*7,"esp");
-$frame=32; # size of above frame rounded up to 16n
-
- &xor ("eax","eax");
- &mov ("edi",&wparam(5)); # int num
- &cmp ("edi",4);
- &jl (&label("just_leave"));
-
- &lea ("esi",&wparam(0)); # put aside pointer to argument block
- &lea ("edx",&wparam(1)); # load ap
- &mov ("ebp","esp"); # saved stack pointer!
- &add ("edi",2); # extra two words on top of tp
- &neg ("edi");
- &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2))
- &neg ("edi");
-
- # minimize cache contention by arraning 2K window between stack
- # pointer and ap argument [np is also position sensitive vector,
- # but it's assumed to be near ap, as it's allocated at ~same
- # time].
- &mov ("eax","esp");
- &sub ("eax","edx");
- &and ("eax",2047);
- &sub ("esp","eax"); # this aligns sp and ap modulo 2048
-
- &xor ("edx","esp");
- &and ("edx",2048);
- &xor ("edx",2048);
- &sub ("esp","edx"); # this splits them apart modulo 4096
-
- &and ("esp",-64); # align to cache line
-
- ################################# load argument block...
- &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
- &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
- &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
- &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
- &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
- #&mov ("edi",&DWP(5*4,"esi"));# int num
-
- &mov ("esi",&DWP(0,"esi")); # pull n0[0]
- &mov ($_rp,"eax"); # ... save a copy of argument block
- &mov ($_ap,"ebx");
- &mov ($_bp,"ecx");
- &mov ($_np,"edx");
- &mov ($_n0,"esi");
- &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling
- #&mov ($_num,$num); # redundant as $num is not reused
- &mov ($_sp,"ebp"); # saved stack pointer!
-
-if($sse2) {
-$acc0="mm0"; # mmx register bank layout
-$acc1="mm1";
-$car0="mm2";
-$car1="mm3";
-$mul0="mm4";
-$mul1="mm5";
-$temp="mm6";
-$mask="mm7";
-
- &picmeup("eax","OPENSSL_ia32cap_P");
- &bt (&DWP(0,"eax"),26);
- &jnc (&label("non_sse2"));
-
- &mov ("eax",-1);
- &movd ($mask,"eax"); # mask 32 lower bits
-
- &mov ($ap,$_ap); # load input pointers
- &mov ($bp,$_bp);
- &mov ($np,$_np);
-
- &xor ($i,$i); # i=0
- &xor ($j,$j); # j=0
-
- &movd ($mul0,&DWP(0,$bp)); # bp[0]
- &movd ($mul1,&DWP(0,$ap)); # ap[0]
- &movd ($car1,&DWP(0,$np)); # np[0]
-
- &pmuludq($mul1,$mul0); # ap[0]*bp[0]
- &movq ($car0,$mul1);
- &movq ($acc0,$mul1); # I wish movd worked for
- &pand ($acc0,$mask); # inter-register transfers
-
- &pmuludq($mul1,$_n0q); # *=n0
-
- &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0
- &paddq ($car1,$acc0);
-
- &movd ($acc1,&DWP(4,$np)); # np[1]
- &movd ($acc0,&DWP(4,$ap)); # ap[1]
-
- &psrlq ($car0,32);
- &psrlq ($car1,32);
-
- &inc ($j); # j++
-&set_label("1st",16);
- &pmuludq($acc0,$mul0); # ap[j]*bp[0]
- &pmuludq($acc1,$mul1); # np[j]*m1
- &paddq ($car0,$acc0); # +=c0
- &paddq ($car1,$acc1); # +=c1
-
- &movq ($acc0,$car0);
- &pand ($acc0,$mask);
- &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
- &paddq ($car1,$acc0); # +=ap[j]*bp[0];
- &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
- &psrlq ($car0,32);
- &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]=
- &psrlq ($car1,32);
-
- &lea ($j,&DWP(1,$j));
- &cmp ($j,$num);
- &jl (&label("1st"));
-
- &pmuludq($acc0,$mul0); # ap[num-1]*bp[0]
- &pmuludq($acc1,$mul1); # np[num-1]*m1
- &paddq ($car0,$acc0); # +=c0
- &paddq ($car1,$acc1); # +=c1
-
- &movq ($acc0,$car0);
- &pand ($acc0,$mask);
- &paddq ($car1,$acc0); # +=ap[num-1]*bp[0];
- &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
-
- &psrlq ($car0,32);
- &psrlq ($car1,32);
-
- &paddq ($car1,$car0);
- &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
-
- &inc ($i); # i++
-&set_label("outer");
- &xor ($j,$j); # j=0
-
- &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i]
- &movd ($mul1,&DWP(0,$ap)); # ap[0]
- &movd ($temp,&DWP($frame,"esp")); # tp[0]
- &movd ($car1,&DWP(0,$np)); # np[0]
- &pmuludq($mul1,$mul0); # ap[0]*bp[i]
-
- &paddq ($mul1,$temp); # +=tp[0]
- &movq ($acc0,$mul1);
- &movq ($car0,$mul1);
- &pand ($acc0,$mask);
-
- &pmuludq($mul1,$_n0q); # *=n0
-
- &pmuludq($car1,$mul1);
- &paddq ($car1,$acc0);
-
- &movd ($temp,&DWP($frame+4,"esp")); # tp[1]
- &movd ($acc1,&DWP(4,$np)); # np[1]
- &movd ($acc0,&DWP(4,$ap)); # ap[1]
-
- &psrlq ($car0,32);
- &psrlq ($car1,32);
- &paddq ($car0,$temp); # +=tp[1]
-
- &inc ($j); # j++
- &dec ($num);
-&set_label("inner");
- &pmuludq($acc0,$mul0); # ap[j]*bp[i]
- &pmuludq($acc1,$mul1); # np[j]*m1
- &paddq ($car0,$acc0); # +=c0
- &paddq ($car1,$acc1); # +=c1
-
- &movq ($acc0,$car0);
- &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
- &pand ($acc0,$mask);
- &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
- &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j]
- &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
- &psrlq ($car0,32);
- &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
- &psrlq ($car1,32);
- &paddq ($car0,$temp); # +=tp[j+1]
-
- &dec ($num);
- &lea ($j,&DWP(1,$j)); # j++
- &jnz (&label("inner"));
-
- &mov ($num,$j);
- &pmuludq($acc0,$mul0); # ap[num-1]*bp[i]
- &pmuludq($acc1,$mul1); # np[num-1]*m1
- &paddq ($car0,$acc0); # +=c0
- &paddq ($car1,$acc1); # +=c1
-
- &movq ($acc0,$car0);
- &pand ($acc0,$mask);
- &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1]
- &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
- &psrlq ($car0,32);
- &psrlq ($car1,32);
-
- &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num]
- &paddq ($car1,$car0);
- &paddq ($car1,$temp);
- &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
-
- &lea ($i,&DWP(1,$i)); # i++
- &cmp ($i,$num);
- &jle (&label("outer"));
-
- &emms (); # done with mmx bank
- &jmp (&label("common_tail"));
-
-&set_label("non_sse2",16);
-}
-
-if (0) {
- &mov ("esp",$_sp);
- &xor ("eax","eax"); # signal "not fast enough [yet]"
- &jmp (&label("just_leave"));
- # While the below code provides competitive performance for
- # all key lengthes on modern Intel cores, it's still more
- # than 10% slower for 4096-bit key elsewhere:-( "Competitive"
- # means compared to the original integer-only assembler.
- # 512-bit RSA sign is better by ~40%, but that's about all
- # one can say about all CPUs...
-} else {
-$inp="esi"; # integer path uses these registers differently
-$word="edi";
-$carry="ebp";
-
- &mov ($inp,$_ap);
- &lea ($carry,&DWP(1,$num));
- &mov ($word,$_bp);
- &xor ($j,$j); # j=0
- &mov ("edx",$inp);
- &and ($carry,1); # see if num is even
- &sub ("edx",$word); # see if ap==bp
- &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num]
- &or ($carry,"edx");
- &mov ($word,&DWP(0,$word)); # bp[0]
- &jz (&label("bn_sqr_mont"));
- &mov ($_bpend,"eax");
- &mov ("eax",&DWP(0,$inp));
- &xor ("edx","edx");
-
-&set_label("mull",16);
- &mov ($carry,"edx");
- &mul ($word); # ap[j]*bp[0]
- &add ($carry,"eax");
- &lea ($j,&DWP(1,$j));
- &adc ("edx",0);
- &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
- &cmp ($j,$num);
- &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
- &jl (&label("mull"));
-
- &mov ($carry,"edx");
- &mul ($word); # ap[num-1]*bp[0]
- &mov ($word,$_n0);
- &add ("eax",$carry);
- &mov ($inp,$_np);
- &adc ("edx",0);
- &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
-
- &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]=
- &xor ($j,$j);
- &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
- &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
-
- &mov ("eax",&DWP(0,$inp)); # np[0]
- &mul ($word); # np[0]*m
- &add ("eax",&DWP($frame,"esp")); # +=tp[0]
- &mov ("eax",&DWP(4,$inp)); # np[1]
- &adc ("edx",0);
- &inc ($j);
-
- &jmp (&label("2ndmadd"));
-
-&set_label("1stmadd",16);
- &mov ($carry,"edx");
- &mul ($word); # ap[j]*bp[i]
- &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
- &lea ($j,&DWP(1,$j));
- &adc ("edx",0);
- &add ($carry,"eax");
- &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
- &adc ("edx",0);
- &cmp ($j,$num);
- &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
- &jl (&label("1stmadd"));
-
- &mov ($carry,"edx");
- &mul ($word); # ap[num-1]*bp[i]
- &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1]
- &mov ($word,$_n0);
- &adc ("edx",0);
- &mov ($inp,$_np);
- &add ($carry,"eax");
- &adc ("edx",0);
- &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
-
- &xor ($j,$j);
- &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
- &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]=
- &adc ($j,0);
- &mov ("eax",&DWP(0,$inp)); # np[0]
- &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
- &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
-
- &mul ($word); # np[0]*m
- &add ("eax",&DWP($frame,"esp")); # +=tp[0]
- &mov ("eax",&DWP(4,$inp)); # np[1]
- &adc ("edx",0);
- &mov ($j,1);
-
-&set_label("2ndmadd",16);
- &mov ($carry,"edx");
- &mul ($word); # np[j]*m
- &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
- &lea ($j,&DWP(1,$j));
- &adc ("edx",0);
- &add ($carry,"eax");
- &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1]
- &adc ("edx",0);
- &cmp ($j,$num);
- &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]=
- &jl (&label("2ndmadd"));
-
- &mov ($carry,"edx");
- &mul ($word); # np[j]*m
- &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
- &adc ("edx",0);
- &add ($carry,"eax");
- &adc ("edx",0);
- &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
-
- &xor ("eax","eax");
- &mov ($j,$_bp); # &bp[i]
- &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
- &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
- &lea ($j,&DWP(4,$j));
- &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
- &cmp ($j,$_bpend);
- &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
- &je (&label("common_tail"));
-
- &mov ($word,&DWP(0,$j)); # bp[i+1]
- &mov ($inp,$_ap);
- &mov ($_bp,$j); # &bp[++i]
- &xor ($j,$j);
- &xor ("edx","edx");
- &mov ("eax",&DWP(0,$inp));
- &jmp (&label("1stmadd"));
-
-&set_label("bn_sqr_mont",16);
-$sbit=$num;
- &mov ($_num,$num);
- &mov ($_bp,$j); # i=0
-
- &mov ("eax",$word); # ap[0]
- &mul ($word); # ap[0]*ap[0]
- &mov (&DWP($frame,"esp"),"eax"); # tp[0]=
- &mov ($sbit,"edx");
- &shr ("edx",1);
- &and ($sbit,1);
- &inc ($j);
-&set_label("sqr",16);
- &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
- &mov ($carry,"edx");
- &mul ($word); # ap[j]*ap[0]
- &add ("eax",$carry);
- &lea ($j,&DWP(1,$j));
- &adc ("edx",0);
- &lea ($carry,&DWP(0,$sbit,"eax",2));
- &shr ("eax",31);
- &cmp ($j,$_num);
- &mov ($sbit,"eax");
- &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
- &jl (&label("sqr"));
-
- &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1]
- &mov ($carry,"edx");
- &mul ($word); # ap[num-1]*ap[0]
- &add ("eax",$carry);
- &mov ($word,$_n0);
- &adc ("edx",0);
- &mov ($inp,$_np);
- &lea ($carry,&DWP(0,$sbit,"eax",2));
- &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
- &shr ("eax",31);
- &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]=
-
- &lea ($carry,&DWP(0,"eax","edx",2));
- &mov ("eax",&DWP(0,$inp)); # np[0]
- &shr ("edx",31);
- &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]=
- &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]=
-
- &mul ($word); # np[0]*m
- &add ("eax",&DWP($frame,"esp")); # +=tp[0]
- &mov ($num,$j);
- &adc ("edx",0);
- &mov ("eax",&DWP(4,$inp)); # np[1]
- &mov ($j,1);
-
-&set_label("3rdmadd",16);
- &mov ($carry,"edx");
- &mul ($word); # np[j]*m
- &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
- &adc ("edx",0);
- &add ($carry,"eax");
- &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1]
- &adc ("edx",0);
- &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]=
-
- &mov ($carry,"edx");
- &mul ($word); # np[j+1]*m
- &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1]
- &lea ($j,&DWP(2,$j));
- &adc ("edx",0);
- &add ($carry,"eax");
- &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2]
- &adc ("edx",0);
- &cmp ($j,$num);
- &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]=
- &jl (&label("3rdmadd"));
-
- &mov ($carry,"edx");
- &mul ($word); # np[j]*m
- &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
- &adc ("edx",0);
- &add ($carry,"eax");
- &adc ("edx",0);
- &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
-
- &mov ($j,$_bp); # i
- &xor ("eax","eax");
- &mov ($inp,$_ap);
- &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
- &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
- &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
- &cmp ($j,$num);
- &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
- &je (&label("common_tail"));
-
- &mov ($word,&DWP(4,$inp,$j,4)); # ap[i]
- &lea ($j,&DWP(1,$j));
- &mov ("eax",$word);
- &mov ($_bp,$j); # ++i
- &mul ($word); # ap[i]*ap[i]
- &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i]
- &adc ("edx",0);
- &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]=
- &xor ($carry,$carry);
- &cmp ($j,$num);
- &lea ($j,&DWP(1,$j));
- &je (&label("sqrlast"));
-
- &mov ($sbit,"edx"); # zaps $num
- &shr ("edx",1);
- &and ($sbit,1);
-&set_label("sqradd",16);
- &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
- &mov ($carry,"edx");
- &mul ($word); # ap[j]*ap[i]
- &add ("eax",$carry);
- &lea ($carry,&DWP(0,"eax","eax"));
- &adc ("edx",0);
- &shr ("eax",31);
- &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
- &lea ($j,&DWP(1,$j));
- &adc ("eax",0);
- &add ($carry,$sbit);
- &adc ("eax",0);
- &cmp ($j,$_num);
- &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
- &mov ($sbit,"eax");
- &jle (&label("sqradd"));
-
- &mov ($carry,"edx");
- &add ("edx","edx");
- &shr ($carry,31);
- &add ("edx",$sbit);
- &adc ($carry,0);
-&set_label("sqrlast");
- &mov ($word,$_n0);
- &mov ($inp,$_np);
- &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
-
- &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num]
- &mov ("eax",&DWP(0,$inp)); # np[0]
- &adc ($carry,0);
- &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]=
- &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]=
-
- &mul ($word); # np[0]*m
- &add ("eax",&DWP($frame,"esp")); # +=tp[0]
- &lea ($num,&DWP(-1,$j));
- &adc ("edx",0);
- &mov ($j,1);
- &mov ("eax",&DWP(4,$inp)); # np[1]
-
- &jmp (&label("3rdmadd"));
-}
-
-&set_label("common_tail",16);
- &mov ($np,$_np); # load modulus pointer
- &mov ($rp,$_rp); # load result pointer
- &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped]
-
- &mov ("eax",&DWP(0,$tp)); # tp[0]
- &mov ($j,$num); # j=num-1
- &xor ($i,$i); # i=0 and clear CF!
-
-&set_label("sub",16);
- &sbb ("eax",&DWP(0,$np,$i,4));
- &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i]
- &dec ($j); # doesn't affect CF!
- &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1]
- &lea ($i,&DWP(1,$i)); # i++
- &jge (&label("sub"));
-
- &sbb ("eax",0); # handle upmost overflow bit
- &and ($tp,"eax");
- ¬ ("eax");
- &mov ($np,$rp);
- &and ($np,"eax");
- &or ($tp,$np); # tp=carry?tp:rp
-
-&set_label("copy",16); # copy or in-place refresh
- &mov ("eax",&DWP(0,$tp,$num,4));
- &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i]
- &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector
- &dec ($num);
- &jge (&label("copy"));
-
- &mov ("esp",$_sp); # pull saved stack pointer
- &mov ("eax",1);
-&set_label("just_leave");
-&function_end("bn_mul_mont");
-
-&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/asm/x86-mont.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86-mont.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,608 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# This is a "teaser" code, as it can be improved in several ways...
+# First of all non-SSE2 path should be implemented (yes, for now it
+# performs Montgomery multiplication/convolution only on SSE2-capable
+# CPUs such as P4, others fall down to original code). Then inner loop
+# can be unrolled and modulo-scheduled to improve ILP and possibly
+# moved to 128-bit XMM register bank (though it would require input
+# rearrangement and/or increase bus bandwidth utilization). Dedicated
+# squaring procedure should give further performance improvement...
+# Yet, for being draft, the code improves rsa512 *sign* benchmark by
+# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
+
+# December 2006
+#
+# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
+# Integer-only code [being equipped with dedicated squaring procedure]
+# gives ~40% on rsa512 sign benchmark...
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+&function_begin("bn_mul_mont");
+
+$i="edx";
+$j="ecx";
+$ap="esi"; $tp="esi"; # overlapping variables!!!
+$rp="edi"; $bp="edi"; # overlapping variables!!!
+$np="ebp";
+$num="ebx";
+
+$_num=&DWP(4*0,"esp"); # stack top layout
+$_rp=&DWP(4*1,"esp");
+$_ap=&DWP(4*2,"esp");
+$_bp=&DWP(4*3,"esp");
+$_np=&DWP(4*4,"esp");
+$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp");
+$_sp=&DWP(4*6,"esp");
+$_bpend=&DWP(4*7,"esp");
+$frame=32; # size of above frame rounded up to 16n
+
+ &xor ("eax","eax");
+ &mov ("edi",&wparam(5)); # int num
+ &cmp ("edi",4);
+ &jl (&label("just_leave"));
+
+ &lea ("esi",&wparam(0)); # put aside pointer to argument block
+ &lea ("edx",&wparam(1)); # load ap
+ &mov ("ebp","esp"); # saved stack pointer!
+ &add ("edi",2); # extra two words on top of tp
+ &neg ("edi");
+ &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2))
+ &neg ("edi");
+
+ # minimize cache contention by arraning 2K window between stack
+ # pointer and ap argument [np is also position sensitive vector,
+ # but it's assumed to be near ap, as it's allocated at ~same
+ # time].
+ &mov ("eax","esp");
+ &sub ("eax","edx");
+ &and ("eax",2047);
+ &sub ("esp","eax"); # this aligns sp and ap modulo 2048
+
+ &xor ("edx","esp");
+ &and ("edx",2048);
+ &xor ("edx",2048);
+ &sub ("esp","edx"); # this splits them apart modulo 4096
+
+ &and ("esp",-64); # align to cache line
+
+ # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # physical memory in strictly sequential manner, i.e. if stack
+ # allocation spans two pages, then reference to farmost one can
+ # be punishable by SEGV. But page walking can do good even on
+ # other OSes, because it guarantees that villain thread hits
+ # the guard page before it can make damage to innocent one...
+ &mov ("eax","ebp");
+ &sub ("eax","esp");
+ &and ("eax",-4096);
+&set_label("page_walk");
+ &mov ("edx",&DWP(0,"esp","eax"));
+ &sub ("eax",4096);
+ &data_byte(0x2e);
+ &jnc (&label("page_walk"));
+
+ ################################# load argument block...
+ &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
+ &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
+ &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
+ &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
+ &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
+ #&mov ("edi",&DWP(5*4,"esi"));# int num
+
+ &mov ("esi",&DWP(0,"esi")); # pull n0[0]
+ &mov ($_rp,"eax"); # ... save a copy of argument block
+ &mov ($_ap,"ebx");
+ &mov ($_bp,"ecx");
+ &mov ($_np,"edx");
+ &mov ($_n0,"esi");
+ &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling
+ #&mov ($_num,$num); # redundant as $num is not reused
+ &mov ($_sp,"ebp"); # saved stack pointer!
+
+if($sse2) {
+$acc0="mm0"; # mmx register bank layout
+$acc1="mm1";
+$car0="mm2";
+$car1="mm3";
+$mul0="mm4";
+$mul1="mm5";
+$temp="mm6";
+$mask="mm7";
+
+ &picmeup("eax","OPENSSL_ia32cap_P");
+ &bt (&DWP(0,"eax"),26);
+ &jnc (&label("non_sse2"));
+
+ &mov ("eax",-1);
+ &movd ($mask,"eax"); # mask 32 lower bits
+
+ &mov ($ap,$_ap); # load input pointers
+ &mov ($bp,$_bp);
+ &mov ($np,$_np);
+
+ &xor ($i,$i); # i=0
+ &xor ($j,$j); # j=0
+
+ &movd ($mul0,&DWP(0,$bp)); # bp[0]
+ &movd ($mul1,&DWP(0,$ap)); # ap[0]
+ &movd ($car1,&DWP(0,$np)); # np[0]
+
+ &pmuludq($mul1,$mul0); # ap[0]*bp[0]
+ &movq ($car0,$mul1);
+ &movq ($acc0,$mul1); # I wish movd worked for
+ &pand ($acc0,$mask); # inter-register transfers
+
+ &pmuludq($mul1,$_n0q); # *=n0
+
+ &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0
+ &paddq ($car1,$acc0);
+
+ &movd ($acc1,&DWP(4,$np)); # np[1]
+ &movd ($acc0,&DWP(4,$ap)); # ap[1]
+
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+
+ &inc ($j); # j++
+&set_label("1st",16);
+ &pmuludq($acc0,$mul0); # ap[j]*bp[0]
+ &pmuludq($acc1,$mul1); # np[j]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &pand ($acc0,$mask);
+ &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
+ &paddq ($car1,$acc0); # +=ap[j]*bp[0];
+ &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
+ &psrlq ($car0,32);
+ &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]=
+ &psrlq ($car1,32);
+
+ &lea ($j,&DWP(1,$j));
+ &cmp ($j,$num);
+ &jl (&label("1st"));
+
+ &pmuludq($acc0,$mul0); # ap[num-1]*bp[0]
+ &pmuludq($acc1,$mul1); # np[num-1]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &pand ($acc0,$mask);
+ &paddq ($car1,$acc0); # +=ap[num-1]*bp[0];
+ &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
+
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+
+ &paddq ($car1,$car0);
+ &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
+
+ &inc ($i); # i++
+&set_label("outer");
+ &xor ($j,$j); # j=0
+
+ &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i]
+ &movd ($mul1,&DWP(0,$ap)); # ap[0]
+ &movd ($temp,&DWP($frame,"esp")); # tp[0]
+ &movd ($car1,&DWP(0,$np)); # np[0]
+ &pmuludq($mul1,$mul0); # ap[0]*bp[i]
+
+ &paddq ($mul1,$temp); # +=tp[0]
+ &movq ($acc0,$mul1);
+ &movq ($car0,$mul1);
+ &pand ($acc0,$mask);
+
+ &pmuludq($mul1,$_n0q); # *=n0
+
+ &pmuludq($car1,$mul1);
+ &paddq ($car1,$acc0);
+
+ &movd ($temp,&DWP($frame+4,"esp")); # tp[1]
+ &movd ($acc1,&DWP(4,$np)); # np[1]
+ &movd ($acc0,&DWP(4,$ap)); # ap[1]
+
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+ &paddq ($car0,$temp); # +=tp[1]
+
+ &inc ($j); # j++
+ &dec ($num);
+&set_label("inner");
+ &pmuludq($acc0,$mul0); # ap[j]*bp[i]
+ &pmuludq($acc1,$mul1); # np[j]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
+ &pand ($acc0,$mask);
+ &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
+ &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j]
+ &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
+ &psrlq ($car0,32);
+ &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
+ &psrlq ($car1,32);
+ &paddq ($car0,$temp); # +=tp[j+1]
+
+ &dec ($num);
+ &lea ($j,&DWP(1,$j)); # j++
+ &jnz (&label("inner"));
+
+ &mov ($num,$j);
+ &pmuludq($acc0,$mul0); # ap[num-1]*bp[i]
+ &pmuludq($acc1,$mul1); # np[num-1]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &pand ($acc0,$mask);
+ &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1]
+ &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+
+ &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num]
+ &paddq ($car1,$car0);
+ &paddq ($car1,$temp);
+ &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
+
+ &lea ($i,&DWP(1,$i)); # i++
+ &cmp ($i,$num);
+ &jle (&label("outer"));
+
+ &emms (); # done with mmx bank
+ &jmp (&label("common_tail"));
+
+&set_label("non_sse2",16);
+}
+
+if (0) {
+ &mov ("esp",$_sp);
+ &xor ("eax","eax"); # signal "not fast enough [yet]"
+ &jmp (&label("just_leave"));
+ # While the below code provides competitive performance for
+ # all key lengthes on modern Intel cores, it's still more
+ # than 10% slower for 4096-bit key elsewhere:-( "Competitive"
+ # means compared to the original integer-only assembler.
+ # 512-bit RSA sign is better by ~40%, but that's about all
+ # one can say about all CPUs...
+} else {
+$inp="esi"; # integer path uses these registers differently
+$word="edi";
+$carry="ebp";
+
+ &mov ($inp,$_ap);
+ &lea ($carry,&DWP(1,$num));
+ &mov ($word,$_bp);
+ &xor ($j,$j); # j=0
+ &mov ("edx",$inp);
+ &and ($carry,1); # see if num is even
+ &sub ("edx",$word); # see if ap==bp
+ &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num]
+ &or ($carry,"edx");
+ &mov ($word,&DWP(0,$word)); # bp[0]
+ &jz (&label("bn_sqr_mont"));
+ &mov ($_bpend,"eax");
+ &mov ("eax",&DWP(0,$inp));
+ &xor ("edx","edx");
+
+&set_label("mull",16);
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*bp[0]
+ &add ($carry,"eax");
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
+ &cmp ($j,$num);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("mull"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # ap[num-1]*bp[0]
+ &mov ($word,$_n0);
+ &add ("eax",$carry);
+ &mov ($inp,$_np);
+ &adc ("edx",0);
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+
+ &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]=
+ &xor ($j,$j);
+ &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
+ &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
+
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+ &adc ("edx",0);
+ &inc ($j);
+
+ &jmp (&label("2ndmadd"));
+
+&set_label("1stmadd",16);
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*bp[i]
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
+ &adc ("edx",0);
+ &cmp ($j,$num);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("1stmadd"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # ap[num-1]*bp[i]
+ &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1]
+ &mov ($word,$_n0);
+ &adc ("edx",0);
+ &mov ($inp,$_np);
+ &add ($carry,"eax");
+ &adc ("edx",0);
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+
+ &xor ($j,$j);
+ &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
+ &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]=
+ &adc ($j,0);
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
+ &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
+
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+ &adc ("edx",0);
+ &mov ($j,1);
+
+&set_label("2ndmadd",16);
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1]
+ &adc ("edx",0);
+ &cmp ($j,$num);
+ &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]=
+ &jl (&label("2ndmadd"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &adc ("edx",0);
+ &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
+
+ &xor ("eax","eax");
+ &mov ($j,$_bp); # &bp[i]
+ &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
+ &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
+ &lea ($j,&DWP(4,$j));
+ &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
+ &cmp ($j,$_bpend);
+ &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
+ &je (&label("common_tail"));
+
+ &mov ($word,&DWP(0,$j)); # bp[i+1]
+ &mov ($inp,$_ap);
+ &mov ($_bp,$j); # &bp[++i]
+ &xor ($j,$j);
+ &xor ("edx","edx");
+ &mov ("eax",&DWP(0,$inp));
+ &jmp (&label("1stmadd"));
+
+&set_label("bn_sqr_mont",16);
+$sbit=$num;
+ &mov ($_num,$num);
+ &mov ($_bp,$j); # i=0
+
+ &mov ("eax",$word); # ap[0]
+ &mul ($word); # ap[0]*ap[0]
+ &mov (&DWP($frame,"esp"),"eax"); # tp[0]=
+ &mov ($sbit,"edx");
+ &shr ("edx",1);
+ &and ($sbit,1);
+ &inc ($j);
+&set_label("sqr",16);
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*ap[0]
+ &add ("eax",$carry);
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &lea ($carry,&DWP(0,$sbit,"eax",2));
+ &shr ("eax",31);
+ &cmp ($j,$_num);
+ &mov ($sbit,"eax");
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("sqr"));
+
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1]
+ &mov ($carry,"edx");
+ &mul ($word); # ap[num-1]*ap[0]
+ &add ("eax",$carry);
+ &mov ($word,$_n0);
+ &adc ("edx",0);
+ &mov ($inp,$_np);
+ &lea ($carry,&DWP(0,$sbit,"eax",2));
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+ &shr ("eax",31);
+ &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]=
+
+ &lea ($carry,&DWP(0,"eax","edx",2));
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &shr ("edx",31);
+ &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]=
+ &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]=
+
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &mov ($num,$j);
+ &adc ("edx",0);
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+ &mov ($j,1);
+
+&set_label("3rdmadd",16);
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1]
+ &adc ("edx",0);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]=
+
+ &mov ($carry,"edx");
+ &mul ($word); # np[j+1]*m
+ &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1]
+ &lea ($j,&DWP(2,$j));
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2]
+ &adc ("edx",0);
+ &cmp ($j,$num);
+ &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("3rdmadd"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &adc ("edx",0);
+ &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
+
+ &mov ($j,$_bp); # i
+ &xor ("eax","eax");
+ &mov ($inp,$_ap);
+ &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
+ &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
+ &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
+ &cmp ($j,$num);
+ &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
+ &je (&label("common_tail"));
+
+ &mov ($word,&DWP(4,$inp,$j,4)); # ap[i]
+ &lea ($j,&DWP(1,$j));
+ &mov ("eax",$word);
+ &mov ($_bp,$j); # ++i
+ &mul ($word); # ap[i]*ap[i]
+ &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i]
+ &adc ("edx",0);
+ &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]=
+ &xor ($carry,$carry);
+ &cmp ($j,$num);
+ &lea ($j,&DWP(1,$j));
+ &je (&label("sqrlast"));
+
+ &mov ($sbit,"edx"); # zaps $num
+ &shr ("edx",1);
+ &and ($sbit,1);
+&set_label("sqradd",16);
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*ap[i]
+ &add ("eax",$carry);
+ &lea ($carry,&DWP(0,"eax","eax"));
+ &adc ("edx",0);
+ &shr ("eax",31);
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &lea ($j,&DWP(1,$j));
+ &adc ("eax",0);
+ &add ($carry,$sbit);
+ &adc ("eax",0);
+ &cmp ($j,$_num);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &mov ($sbit,"eax");
+ &jle (&label("sqradd"));
+
+ &mov ($carry,"edx");
+ &add ("edx","edx");
+ &shr ($carry,31);
+ &add ("edx",$sbit);
+ &adc ($carry,0);
+&set_label("sqrlast");
+ &mov ($word,$_n0);
+ &mov ($inp,$_np);
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+
+ &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num]
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &adc ($carry,0);
+ &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]=
+ &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]=
+
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &lea ($num,&DWP(-1,$j));
+ &adc ("edx",0);
+ &mov ($j,1);
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+
+ &jmp (&label("3rdmadd"));
+}
+
+&set_label("common_tail",16);
+ &mov ($np,$_np); # load modulus pointer
+ &mov ($rp,$_rp); # load result pointer
+ &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped]
+
+ &mov ("eax",&DWP(0,$tp)); # tp[0]
+ &mov ($j,$num); # j=num-1
+ &xor ($i,$i); # i=0 and clear CF!
+
+&set_label("sub",16);
+ &sbb ("eax",&DWP(0,$np,$i,4));
+ &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i]
+ &dec ($j); # doesn't affect CF!
+ &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1]
+ &lea ($i,&DWP(1,$i)); # i++
+ &jge (&label("sub"));
+
+ &sbb ("eax",0); # handle upmost overflow bit
+ &and ($tp,"eax");
+ ¬ ("eax");
+ &mov ($np,$rp);
+ &and ($np,"eax");
+ &or ($tp,$np); # tp=carry?tp:rp
+
+&set_label("copy",16); # copy or in-place refresh
+ &mov ("eax",&DWP(0,$tp,$num,4));
+ &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i]
+ &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector
+ &dec ($num);
+ &jge (&label("copy"));
+
+ &mov ("esp",$_sp); # pull saved stack pointer
+ &mov ("eax",1);
+&set_label("just_leave");
+&function_end("bn_mul_mont");
+
+&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1681 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# October 2005.
-#
-# Montgomery multiplication routine for x86_64. While it gives modest
-# 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more
-# than twice, >2x, as fast. Most common rsa1024 sign is improved by
-# respectful 50%. It remains to be seen if loop unrolling and
-# dedicated squaring routine can provide further improvement...
-
-# July 2011.
-#
-# Add dedicated squaring procedure. Performance improvement varies
-# from platform to platform, but in average it's ~5%/15%/25%/33%
-# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
-
-# August 2011.
-#
-# Unroll and modulo-schedule inner loops in such manner that they
-# are "fallen through" for input lengths of 8, which is critical for
-# 1024-bit RSA *sign*. Average performance improvement in comparison
-# to *initial* version of this module from 2005 is ~0%/30%/40%/45%
-# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
-
-$flavour = shift;
-$output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-# int bn_mul_mont(
-$rp="%rdi"; # BN_ULONG *rp,
-$ap="%rsi"; # const BN_ULONG *ap,
-$bp="%rdx"; # const BN_ULONG *bp,
-$np="%rcx"; # const BN_ULONG *np,
-$n0="%r8"; # const BN_ULONG *n0,
-$num="%r9"; # int num);
-$lo0="%r10";
-$hi0="%r11";
-$hi1="%r13";
-$i="%r14";
-$j="%r15";
-$m0="%rbx";
-$m1="%rbp";
-
-$code=<<___;
-.text
-
-.globl bn_mul_mont
-.type bn_mul_mont,\@function,6
-.align 16
-bn_mul_mont:
- test \$3,${num}d
- jnz .Lmul_enter
- cmp \$8,${num}d
- jb .Lmul_enter
- cmp $ap,$bp
- jne .Lmul4x_enter
- jmp .Lsqr4x_enter
-
-.align 16
-.Lmul_enter:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- mov ${num}d,${num}d
- lea 2($num),%r10
- mov %rsp,%r11
- neg %r10
- lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+2))
- and \$-1024,%rsp # minimize TLB usage
-
- mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
-.Lmul_body:
- mov $bp,%r12 # reassign $bp
-___
- $bp="%r12";
-$code.=<<___;
- mov ($n0),$n0 # pull n0[0] value
- mov ($bp),$m0 # m0=bp[0]
- mov ($ap),%rax
-
- xor $i,$i # i=0
- xor $j,$j # j=0
-
- mov $n0,$m1
- mulq $m0 # ap[0]*bp[0]
- mov %rax,$lo0
- mov ($np),%rax
-
- imulq $lo0,$m1 # "tp[0]"*n0
- mov %rdx,$hi0
-
- mulq $m1 # np[0]*m1
- add %rax,$lo0 # discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov %rdx,$hi1
-
- lea 1($j),$j # j++
- jmp .L1st_enter
-
-.align 16
-.L1st:
- add %rax,$hi1
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
- mov $lo0,$hi0
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
-
-.L1st_enter:
- mulq $m0 # ap[j]*bp[0]
- add %rax,$hi0
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- lea 1($j),$j # j++
- mov %rdx,$lo0
-
- mulq $m1 # np[j]*m1
- cmp $num,$j
- jne .L1st
-
- add %rax,$hi1
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
- mov $lo0,$hi0
-
- xor %rdx,%rdx
- add $hi0,$hi1
- adc \$0,%rdx
- mov $hi1,-8(%rsp,$num,8)
- mov %rdx,(%rsp,$num,8) # store upmost overflow bit
-
- lea 1($i),$i # i++
- jmp .Louter
-.align 16
-.Louter:
- mov ($bp,$i,8),$m0 # m0=bp[i]
- xor $j,$j # j=0
- mov $n0,$m1
- mov (%rsp),$lo0
- mulq $m0 # ap[0]*bp[i]
- add %rax,$lo0 # ap[0]*bp[i]+tp[0]
- mov ($np),%rax
- adc \$0,%rdx
-
- imulq $lo0,$m1 # tp[0]*n0
- mov %rdx,$hi0
-
- mulq $m1 # np[0]*m1
- add %rax,$lo0 # discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov 8(%rsp),$lo0 # tp[1]
- mov %rdx,$hi1
-
- lea 1($j),$j # j++
- jmp .Linner_enter
-
-.align 16
-.Linner:
- add %rax,$hi1
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
- mov (%rsp,$j,8),$lo0
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
-
-.Linner_enter:
- mulq $m0 # ap[j]*bp[i]
- add %rax,$hi0
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
- mov %rdx,$hi0
- adc \$0,$hi0
- lea 1($j),$j # j++
-
- mulq $m1 # np[j]*m1
- cmp $num,$j
- jne .Linner
-
- add %rax,$hi1
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
- mov (%rsp,$j,8),$lo0
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
-
- xor %rdx,%rdx
- add $hi0,$hi1
- adc \$0,%rdx
- add $lo0,$hi1 # pull upmost overflow bit
- adc \$0,%rdx
- mov $hi1,-8(%rsp,$num,8)
- mov %rdx,(%rsp,$num,8) # store upmost overflow bit
-
- lea 1($i),$i # i++
- cmp $num,$i
- jl .Louter
-
- xor $i,$i # i=0 and clear CF!
- mov (%rsp),%rax # tp[0]
- lea (%rsp),$ap # borrow ap for tp
- mov $num,$j # j=num
- jmp .Lsub
-.align 16
-.Lsub: sbb ($np,$i,8),%rax
- mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov 8($ap,$i,8),%rax # tp[i+1]
- lea 1($i),$i # i++
- dec $j # doesnn't affect CF!
- jnz .Lsub
-
- sbb \$0,%rax # handle upmost overflow bit
- xor $i,$i
- and %rax,$ap
- not %rax
- mov $rp,$np
- and %rax,$np
- mov $num,$j # j=num
- or $np,$ap # ap=borrow?tp:rp
-.align 16
-.Lcopy: # copy or in-place refresh
- mov ($ap,$i,8),%rax
- mov $i,(%rsp,$i,8) # zap temporary vector
- mov %rax,($rp,$i,8) # rp[i]=tp[i]
- lea 1($i),$i
- sub \$1,$j
- jnz .Lcopy
-
- mov 8(%rsp,$num,8),%rsi # restore %rsp
- mov \$1,%rax
- mov (%rsi),%r15
- mov 8(%rsi),%r14
- mov 16(%rsi),%r13
- mov 24(%rsi),%r12
- mov 32(%rsi),%rbp
- mov 40(%rsi),%rbx
- lea 48(%rsi),%rsp
-.Lmul_epilogue:
- ret
-.size bn_mul_mont,.-bn_mul_mont
-___
-{{{
-my @A=("%r10","%r11");
-my @N=("%r13","%rdi");
-$code.=<<___;
-.type bn_mul4x_mont,\@function,6
-.align 16
-bn_mul4x_mont:
-.Lmul4x_enter:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- mov ${num}d,${num}d
- lea 4($num),%r10
- mov %rsp,%r11
- neg %r10
- lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4))
- and \$-1024,%rsp # minimize TLB usage
-
- mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
-.Lmul4x_body:
- mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
- mov %rdx,%r12 # reassign $bp
-___
- $bp="%r12";
-$code.=<<___;
- mov ($n0),$n0 # pull n0[0] value
- mov ($bp),$m0 # m0=bp[0]
- mov ($ap),%rax
-
- xor $i,$i # i=0
- xor $j,$j # j=0
-
- mov $n0,$m1
- mulq $m0 # ap[0]*bp[0]
- mov %rax,$A[0]
- mov ($np),%rax
-
- imulq $A[0],$m1 # "tp[0]"*n0
- mov %rdx,$A[1]
-
- mulq $m1 # np[0]*m1
- add %rax,$A[0] # discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov %rdx,$N[1]
-
- mulq $m0
- add %rax,$A[1]
- mov 8($np),%rax
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1
- add %rax,$N[1]
- mov 16($ap),%rax
- adc \$0,%rdx
- add $A[1],$N[1]
- lea 4($j),$j # j++
- adc \$0,%rdx
- mov $N[1],(%rsp)
- mov %rdx,$N[0]
- jmp .L1st4x
-.align 16
-.L1st4x:
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[0]
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov 8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[0],-8(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[1]
- mov 8($np,$j,8),%rax
- adc \$0,%rdx
- lea 4($j),$j # j++
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov -16($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[1],-32(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
- cmp $num,$j
- jl .L1st4x
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- xor $N[1],$N[1]
- add $A[0],$N[0]
- adc \$0,$N[1]
- mov $N[0],-8(%rsp,$j,8)
- mov $N[1],(%rsp,$j,8) # store upmost overflow bit
-
- lea 1($i),$i # i++
-.align 4
-.Louter4x:
- mov ($bp,$i,8),$m0 # m0=bp[i]
- xor $j,$j # j=0
- mov (%rsp),$A[0]
- mov $n0,$m1
- mulq $m0 # ap[0]*bp[i]
- add %rax,$A[0] # ap[0]*bp[i]+tp[0]
- mov ($np),%rax
- adc \$0,%rdx
-
- imulq $A[0],$m1 # tp[0]*n0
- mov %rdx,$A[1]
-
- mulq $m1 # np[0]*m1
- add %rax,$A[0] # "$N[0]", discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov 8($np),%rax
- adc \$0,%rdx
- add 8(%rsp),$A[1] # +tp[1]
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov 16($ap),%rax
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
- lea 4($j),$j # j+=2
- adc \$0,%rdx
- mov $N[1],(%rsp) # tp[j-1]
- mov %rdx,$N[0]
- jmp .Linner4x
-.align 16
-.Linner4x:
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- add -8(%rsp,$j,8),$A[1]
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[0]
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov 8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0]
- adc \$0,%rdx
- mov $N[0],-8(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov 8($np,$j,8),%rax
- adc \$0,%rdx
- add 8(%rsp,$j,8),$A[1]
- adc \$0,%rdx
- lea 4($j),$j # j++
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov -16($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1]
- adc \$0,%rdx
- mov $N[1],-32(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
- cmp $num,$j
- jl .Linner4x
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- add -8(%rsp,$j,8),$A[1]
- adc \$0,%rdx
- lea 1($i),$i # i++
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $A[1],$N[1]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- xor $N[1],$N[1]
- add $A[0],$N[0]
- adc \$0,$N[1]
- add (%rsp,$num,8),$N[0] # pull upmost overflow bit
- adc \$0,$N[1]
- mov $N[0],-8(%rsp,$j,8)
- mov $N[1],(%rsp,$j,8) # store upmost overflow bit
-
- cmp $num,$i
- jl .Louter4x
-___
-{
-my @ri=("%rax","%rdx",$m0,$m1);
-$code.=<<___;
- mov 16(%rsp,$num,8),$rp # restore $rp
- mov 0(%rsp), at ri[0] # tp[0]
- pxor %xmm0,%xmm0
- mov 8(%rsp), at ri[1] # tp[1]
- shr \$2,$num # num/=4
- lea (%rsp),$ap # borrow ap for tp
- xor $i,$i # i=0 and clear CF!
-
- sub 0($np), at ri[0]
- mov 16($ap), at ri[2] # tp[2]
- mov 24($ap), at ri[3] # tp[3]
- sbb 8($np), at ri[1]
- lea -1($num),$j # j=num/4-1
- jmp .Lsub4x
-.align 16
-.Lsub4x:
- mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
- sbb 16($np,$i,8), at ri[2]
- mov 32($ap,$i,8), at ri[0] # tp[i+1]
- mov 40($ap,$i,8), at ri[1]
- sbb 24($np,$i,8), at ri[3]
- mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
- sbb 32($np,$i,8), at ri[0]
- mov 48($ap,$i,8), at ri[2]
- mov 56($ap,$i,8), at ri[3]
- sbb 40($np,$i,8), at ri[1]
- lea 4($i),$i # i++
- dec $j # doesnn't affect CF!
- jnz .Lsub4x
-
- mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov 32($ap,$i,8), at ri[0] # load overflow bit
- sbb 16($np,$i,8), at ri[2]
- mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
- sbb 24($np,$i,8), at ri[3]
- mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
-
- sbb \$0, at ri[0] # handle upmost overflow bit
- mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
- xor $i,$i # i=0
- and @ri[0],$ap
- not @ri[0]
- mov $rp,$np
- and @ri[0],$np
- lea -1($num),$j
- or $np,$ap # ap=borrow?tp:rp
-
- movdqu ($ap),%xmm1
- movdqa %xmm0,(%rsp)
- movdqu %xmm1,($rp)
- jmp .Lcopy4x
-.align 16
-.Lcopy4x: # copy or in-place refresh
- movdqu 16($ap,$i),%xmm2
- movdqu 32($ap,$i),%xmm1
- movdqa %xmm0,16(%rsp,$i)
- movdqu %xmm2,16($rp,$i)
- movdqa %xmm0,32(%rsp,$i)
- movdqu %xmm1,32($rp,$i)
- lea 32($i),$i
- dec $j
- jnz .Lcopy4x
-
- shl \$2,$num
- movdqu 16($ap,$i),%xmm2
- movdqa %xmm0,16(%rsp,$i)
- movdqu %xmm2,16($rp,$i)
-___
-}
-$code.=<<___;
- mov 8(%rsp,$num,8),%rsi # restore %rsp
- mov \$1,%rax
- mov (%rsi),%r15
- mov 8(%rsi),%r14
- mov 16(%rsi),%r13
- mov 24(%rsi),%r12
- mov 32(%rsi),%rbp
- mov 40(%rsi),%rbx
- lea 48(%rsi),%rsp
-.Lmul4x_epilogue:
- ret
-.size bn_mul4x_mont,.-bn_mul4x_mont
-___
-}}}
-
{{{
-######################################################################
-# void bn_sqr4x_mont(
-my $rptr="%rdi"; # const BN_ULONG *rptr,
-my $aptr="%rsi"; # const BN_ULONG *aptr,
-my $bptr="%rdx"; # not used
-my $nptr="%rcx"; # const BN_ULONG *nptr,
-my $n0 ="%r8"; # const BN_ULONG *n0);
-my $num ="%r9"; # int num, has to be divisible by 4 and
- # not less than 8
-
-my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
-my @A0=("%r10","%r11");
-my @A1=("%r12","%r13");
-my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
-
-$code.=<<___;
-.type bn_sqr4x_mont,\@function,6
-.align 16
-bn_sqr4x_mont:
-.Lsqr4x_enter:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- shl \$3,${num}d # convert $num to bytes
- xor %r10,%r10
- mov %rsp,%r11 # put aside %rsp
- sub $num,%r10 # -$num
- mov ($n0),$n0 # *n0
- lea -72(%rsp,%r10,2),%rsp # alloca(frame+2*$num)
- and \$-1024,%rsp # minimize TLB usage
- ##############################################################
- # Stack layout
- #
- # +0 saved $num, used in reduction section
- # +8 &t[2*$num], used in reduction section
- # +32 saved $rptr
- # +40 saved $nptr
- # +48 saved *n0
- # +56 saved %rsp
- # +64 t[2*$num]
- #
- mov $rptr,32(%rsp) # save $rptr
- mov $nptr,40(%rsp)
- mov $n0, 48(%rsp)
- mov %r11, 56(%rsp) # save original %rsp
-.Lsqr4x_body:
- ##############################################################
- # Squaring part:
- #
- # a) multiply-n-add everything but a[i]*a[i];
- # b) shift result of a) by 1 to the left and accumulate
- # a[i]*a[i] products;
- #
- lea 32(%r10),$i # $i=-($num-32)
- lea ($aptr,$num),$aptr # end of a[] buffer, ($aptr,$i)=&ap[2]
-
- mov $num,$j # $j=$num
-
- # comments apply to $num==8 case
- mov -32($aptr,$i),$a0 # a[0]
- lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
- mov -24($aptr,$i),%rax # a[1]
- lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
- mov -16($aptr,$i),$ai # a[2]
- mov %rax,$a1
-
- mul $a0 # a[1]*a[0]
- mov %rax,$A0[0] # a[1]*a[0]
- mov $ai,%rax # a[2]
- mov %rdx,$A0[1]
- mov $A0[0],-24($tptr,$i) # t[1]
-
- xor $A0[0],$A0[0]
- mul $a0 # a[2]*a[0]
- add %rax,$A0[1]
- mov $ai,%rax
- adc %rdx,$A0[0]
- mov $A0[1],-16($tptr,$i) # t[2]
-
- lea -16($i),$j # j=-16
-
-
- mov 8($aptr,$j),$ai # a[3]
- mul $a1 # a[2]*a[1]
- mov %rax,$A1[0] # a[2]*a[1]+t[3]
- mov $ai,%rax
- mov %rdx,$A1[1]
-
- xor $A0[1],$A0[1]
- add $A1[0],$A0[0]
- lea 16($j),$j
- adc \$0,$A0[1]
- mul $a0 # a[3]*a[0]
- add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
- mov $ai,%rax
- adc %rdx,$A0[1]
- mov $A0[0],-8($tptr,$j) # t[3]
- jmp .Lsqr4x_1st
-
-.align 16
-.Lsqr4x_1st:
- mov ($aptr,$j),$ai # a[4]
- xor $A1[0],$A1[0]
- mul $a1 # a[3]*a[1]
- add %rax,$A1[1] # a[3]*a[1]+t[4]
- mov $ai,%rax
- adc %rdx,$A1[0]
-
- xor $A0[0],$A0[0]
- add $A1[1],$A0[1]
- adc \$0,$A0[0]
- mul $a0 # a[4]*a[0]
- add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
- mov $ai,%rax # a[3]
- adc %rdx,$A0[0]
- mov $A0[1],($tptr,$j) # t[4]
-
-
- mov 8($aptr,$j),$ai # a[5]
- xor $A1[1],$A1[1]
- mul $a1 # a[4]*a[3]
- add %rax,$A1[0] # a[4]*a[3]+t[5]
- mov $ai,%rax
- adc %rdx,$A1[1]
-
- xor $A0[1],$A0[1]
- add $A1[0],$A0[0]
- adc \$0,$A0[1]
- mul $a0 # a[5]*a[2]
- add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
- mov $ai,%rax
- adc %rdx,$A0[1]
- mov $A0[0],8($tptr,$j) # t[5]
-
- mov 16($aptr,$j),$ai # a[6]
- xor $A1[0],$A1[0]
- mul $a1 # a[5]*a[3]
- add %rax,$A1[1] # a[5]*a[3]+t[6]
- mov $ai,%rax
- adc %rdx,$A1[0]
-
- xor $A0[0],$A0[0]
- add $A1[1],$A0[1]
- adc \$0,$A0[0]
- mul $a0 # a[6]*a[2]
- add %rax,$A0[1] # a[6]*a[2]+a[5]*a[3]+t[6]
- mov $ai,%rax # a[3]
- adc %rdx,$A0[0]
- mov $A0[1],16($tptr,$j) # t[6]
-
-
- mov 24($aptr,$j),$ai # a[7]
- xor $A1[1],$A1[1]
- mul $a1 # a[6]*a[5]
- add %rax,$A1[0] # a[6]*a[5]+t[7]
- mov $ai,%rax
- adc %rdx,$A1[1]
-
- xor $A0[1],$A0[1]
- add $A1[0],$A0[0]
- lea 32($j),$j
- adc \$0,$A0[1]
- mul $a0 # a[7]*a[4]
- add %rax,$A0[0] # a[7]*a[4]+a[6]*a[5]+t[6]
- mov $ai,%rax
- adc %rdx,$A0[1]
- mov $A0[0],-8($tptr,$j) # t[7]
-
- cmp \$0,$j
- jne .Lsqr4x_1st
-
- xor $A1[0],$A1[0]
- add $A0[1],$A1[1]
- adc \$0,$A1[0]
- mul $a1 # a[7]*a[5]
- add %rax,$A1[1]
- adc %rdx,$A1[0]
-
- mov $A1[1],($tptr) # t[8]
- lea 16($i),$i
- mov $A1[0],8($tptr) # t[9]
- jmp .Lsqr4x_outer
-
-.align 16
-.Lsqr4x_outer: # comments apply to $num==6 case
- mov -32($aptr,$i),$a0 # a[0]
- lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
- mov -24($aptr,$i),%rax # a[1]
- lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
- mov -16($aptr,$i),$ai # a[2]
- mov %rax,$a1
-
- mov -24($tptr,$i),$A0[0] # t[1]
- xor $A0[1],$A0[1]
- mul $a0 # a[1]*a[0]
- add %rax,$A0[0] # a[1]*a[0]+t[1]
- mov $ai,%rax # a[2]
- adc %rdx,$A0[1]
- mov $A0[0],-24($tptr,$i) # t[1]
-
- xor $A0[0],$A0[0]
- add -16($tptr,$i),$A0[1] # a[2]*a[0]+t[2]
- adc \$0,$A0[0]
- mul $a0 # a[2]*a[0]
- add %rax,$A0[1]
- mov $ai,%rax
- adc %rdx,$A0[0]
- mov $A0[1],-16($tptr,$i) # t[2]
-
- lea -16($i),$j # j=-16
- xor $A1[0],$A1[0]
-
-
- mov 8($aptr,$j),$ai # a[3]
- xor $A1[1],$A1[1]
- add 8($tptr,$j),$A1[0]
- adc \$0,$A1[1]
- mul $a1 # a[2]*a[1]
- add %rax,$A1[0] # a[2]*a[1]+t[3]
- mov $ai,%rax
- adc %rdx,$A1[1]
-
- xor $A0[1],$A0[1]
- add $A1[0],$A0[0]
- adc \$0,$A0[1]
- mul $a0 # a[3]*a[0]
- add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
- mov $ai,%rax
- adc %rdx,$A0[1]
- mov $A0[0],8($tptr,$j) # t[3]
-
- lea 16($j),$j
- jmp .Lsqr4x_inner
-
-.align 16
-.Lsqr4x_inner:
- mov ($aptr,$j),$ai # a[4]
- xor $A1[0],$A1[0]
- add ($tptr,$j),$A1[1]
- adc \$0,$A1[0]
- mul $a1 # a[3]*a[1]
- add %rax,$A1[1] # a[3]*a[1]+t[4]
- mov $ai,%rax
- adc %rdx,$A1[0]
-
- xor $A0[0],$A0[0]
- add $A1[1],$A0[1]
- adc \$0,$A0[0]
- mul $a0 # a[4]*a[0]
- add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
- mov $ai,%rax # a[3]
- adc %rdx,$A0[0]
- mov $A0[1],($tptr,$j) # t[4]
-
- mov 8($aptr,$j),$ai # a[5]
- xor $A1[1],$A1[1]
- add 8($tptr,$j),$A1[0]
- adc \$0,$A1[1]
- mul $a1 # a[4]*a[3]
- add %rax,$A1[0] # a[4]*a[3]+t[5]
- mov $ai,%rax
- adc %rdx,$A1[1]
-
- xor $A0[1],$A0[1]
- add $A1[0],$A0[0]
- lea 16($j),$j # j++
- adc \$0,$A0[1]
- mul $a0 # a[5]*a[2]
- add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
- mov $ai,%rax
- adc %rdx,$A0[1]
- mov $A0[0],-8($tptr,$j) # t[5], "preloaded t[1]" below
-
- cmp \$0,$j
- jne .Lsqr4x_inner
-
- xor $A1[0],$A1[0]
- add $A0[1],$A1[1]
- adc \$0,$A1[0]
- mul $a1 # a[5]*a[3]
- add %rax,$A1[1]
- adc %rdx,$A1[0]
-
- mov $A1[1],($tptr) # t[6], "preloaded t[2]" below
- mov $A1[0],8($tptr) # t[7], "preloaded t[3]" below
-
- add \$16,$i
- jnz .Lsqr4x_outer
-
- # comments apply to $num==4 case
- mov -32($aptr),$a0 # a[0]
- lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
- mov -24($aptr),%rax # a[1]
- lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
- mov -16($aptr),$ai # a[2]
- mov %rax,$a1
-
- xor $A0[1],$A0[1]
- mul $a0 # a[1]*a[0]
- add %rax,$A0[0] # a[1]*a[0]+t[1], preloaded t[1]
- mov $ai,%rax # a[2]
- adc %rdx,$A0[1]
- mov $A0[0],-24($tptr) # t[1]
-
- xor $A0[0],$A0[0]
- add $A1[1],$A0[1] # a[2]*a[0]+t[2], preloaded t[2]
- adc \$0,$A0[0]
- mul $a0 # a[2]*a[0]
- add %rax,$A0[1]
- mov $ai,%rax
- adc %rdx,$A0[0]
- mov $A0[1],-16($tptr) # t[2]
-
- mov -8($aptr),$ai # a[3]
- mul $a1 # a[2]*a[1]
- add %rax,$A1[0] # a[2]*a[1]+t[3], preloaded t[3]
- mov $ai,%rax
- adc \$0,%rdx
-
- xor $A0[1],$A0[1]
- add $A1[0],$A0[0]
- mov %rdx,$A1[1]
- adc \$0,$A0[1]
- mul $a0 # a[3]*a[0]
- add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
- mov $ai,%rax
- adc %rdx,$A0[1]
- mov $A0[0],-8($tptr) # t[3]
-
- xor $A1[0],$A1[0]
- add $A0[1],$A1[1]
- adc \$0,$A1[0]
- mul $a1 # a[3]*a[1]
- add %rax,$A1[1]
- mov -16($aptr),%rax # a[2]
- adc %rdx,$A1[0]
-
- mov $A1[1],($tptr) # t[4]
- mov $A1[0],8($tptr) # t[5]
-
- mul $ai # a[2]*a[3]
-___
-{
-my ($shift,$carry)=($a0,$a1);
-my @S=(@A1,$ai,$n0);
-$code.=<<___;
- add \$16,$i
- xor $shift,$shift
- sub $num,$i # $i=16-$num
- xor $carry,$carry
-
- add $A1[0],%rax # t[5]
- adc \$0,%rdx
- mov %rax,8($tptr) # t[5]
- mov %rdx,16($tptr) # t[6]
- mov $carry,24($tptr) # t[7]
-
- mov -16($aptr,$i),%rax # a[0]
- lea 64(%rsp,$num,2),$tptr
- xor $A0[0],$A0[0] # t[0]
- mov -24($tptr,$i,2),$A0[1] # t[1]
-
- lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[1] # | t[2*i]>>63
- mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[0]
- mov -8($aptr,$i),%rax # a[i+1] # prefetch
- mov $S[0],-32($tptr,$i,2)
- adc %rdx,$S[1]
-
- lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
- mov $S[1],-24($tptr,$i,2)
- sbb $carry,$carry # mov cf,$carry
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[3] # | t[2*i]>>63
- mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[2]
- mov 0($aptr,$i),%rax # a[i+1] # prefetch
- mov $S[2],-16($tptr,$i,2)
- adc %rdx,$S[3]
- lea 16($i),$i
- mov $S[3],-40($tptr,$i,2)
- sbb $carry,$carry # mov cf,$carry
- jmp .Lsqr4x_shift_n_add
-
-.align 16
-.Lsqr4x_shift_n_add:
- lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[1] # | t[2*i]>>63
- mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[0]
- mov -8($aptr,$i),%rax # a[i+1] # prefetch
- mov $S[0],-32($tptr,$i,2)
- adc %rdx,$S[1]
-
- lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
- mov $S[1],-24($tptr,$i,2)
- sbb $carry,$carry # mov cf,$carry
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[3] # | t[2*i]>>63
- mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[2]
- mov 0($aptr,$i),%rax # a[i+1] # prefetch
- mov $S[2],-16($tptr,$i,2)
- adc %rdx,$S[3]
-
- lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
- mov $S[3],-8($tptr,$i,2)
- sbb $carry,$carry # mov cf,$carry
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[1] # | t[2*i]>>63
- mov 16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov 24($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[0]
- mov 8($aptr,$i),%rax # a[i+1] # prefetch
- mov $S[0],0($tptr,$i,2)
- adc %rdx,$S[1]
-
- lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
- mov $S[1],8($tptr,$i,2)
- sbb $carry,$carry # mov cf,$carry
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[3] # | t[2*i]>>63
- mov 32($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov 40($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[2]
- mov 16($aptr,$i),%rax # a[i+1] # prefetch
- mov $S[2],16($tptr,$i,2)
- adc %rdx,$S[3]
- mov $S[3],24($tptr,$i,2)
- sbb $carry,$carry # mov cf,$carry
- add \$32,$i
- jnz .Lsqr4x_shift_n_add
-
- lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[1] # | t[2*i]>>63
- mov -16($tptr),$A0[0] # t[2*i+2] # prefetch
- mov $A0[1],$shift # shift=t[2*i+1]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- mov -8($tptr),$A0[1] # t[2*i+2+1] # prefetch
- adc %rax,$S[0]
- mov -8($aptr),%rax # a[i+1] # prefetch
- mov $S[0],-32($tptr)
- adc %rdx,$S[1]
-
- lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1|shift
- mov $S[1],-24($tptr)
- sbb $carry,$carry # mov cf,$carry
- shr \$63,$A0[0]
- lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
- shr \$63,$A0[1]
- or $A0[0],$S[3] # | t[2*i]>>63
- mul %rax # a[i]*a[i]
- neg $carry # mov $carry,cf
- adc %rax,$S[2]
- adc %rdx,$S[3]
- mov $S[2],-16($tptr)
- mov $S[3],-8($tptr)
-___
-}
-##############################################################
-# Montgomery reduction part, "word-by-word" algorithm.
-#
-{
-my ($topbit,$nptr)=("%rbp",$aptr);
-my ($m0,$m1)=($a0,$a1);
-my @Ni=("%rbx","%r9");
-$code.=<<___;
- mov 40(%rsp),$nptr # restore $nptr
- mov 48(%rsp),$n0 # restore *n0
- xor $j,$j
- mov $num,0(%rsp) # save $num
- sub $num,$j # $j=-$num
- mov 64(%rsp),$A0[0] # t[0] # modsched #
- mov $n0,$m0 # # modsched #
- lea 64(%rsp,$num,2),%rax # end of t[] buffer
- lea 64(%rsp,$num),$tptr # end of t[] window
- mov %rax,8(%rsp) # save end of t[] buffer
- lea ($nptr,$num),$nptr # end of n[] buffer
- xor $topbit,$topbit # $topbit=0
-
- mov 0($nptr,$j),%rax # n[0] # modsched #
- mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
- imulq $A0[0],$m0 # m0=t[0]*n0 # modsched #
- mov %rax,$Ni[0] # # modsched #
- jmp .Lsqr4x_mont_outer
-
-.align 16
-.Lsqr4x_mont_outer:
- xor $A0[1],$A0[1]
- mul $m0 # n[0]*m0
- add %rax,$A0[0] # n[0]*m0+t[0]
- mov $Ni[1],%rax
- adc %rdx,$A0[1]
- mov $n0,$m1
-
- xor $A0[0],$A0[0]
- add 8($tptr,$j),$A0[1]
- adc \$0,$A0[0]
- mul $m0 # n[1]*m0
- add %rax,$A0[1] # n[1]*m0+t[1]
- mov $Ni[0],%rax
- adc %rdx,$A0[0]
-
- imulq $A0[1],$m1
-
- mov 16($nptr,$j),$Ni[0] # n[2]
- xor $A1[1],$A1[1]
- add $A0[1],$A1[0]
- adc \$0,$A1[1]
- mul $m1 # n[0]*m1
- add %rax,$A1[0] # n[0]*m1+"t[1]"
- mov $Ni[0],%rax
- adc %rdx,$A1[1]
- mov $A1[0],8($tptr,$j) # "t[1]"
-
- xor $A0[1],$A0[1]
- add 16($tptr,$j),$A0[0]
- adc \$0,$A0[1]
- mul $m0 # n[2]*m0
- add %rax,$A0[0] # n[2]*m0+t[2]
- mov $Ni[1],%rax
- adc %rdx,$A0[1]
-
- mov 24($nptr,$j),$Ni[1] # n[3]
- xor $A1[0],$A1[0]
- add $A0[0],$A1[1]
- adc \$0,$A1[0]
- mul $m1 # n[1]*m1
- add %rax,$A1[1] # n[1]*m1+"t[2]"
- mov $Ni[1],%rax
- adc %rdx,$A1[0]
- mov $A1[1],16($tptr,$j) # "t[2]"
-
- xor $A0[0],$A0[0]
- add 24($tptr,$j),$A0[1]
- lea 32($j),$j
- adc \$0,$A0[0]
- mul $m0 # n[3]*m0
- add %rax,$A0[1] # n[3]*m0+t[3]
- mov $Ni[0],%rax
- adc %rdx,$A0[0]
- jmp .Lsqr4x_mont_inner
-
-.align 16
-.Lsqr4x_mont_inner:
- mov ($nptr,$j),$Ni[0] # n[4]
- xor $A1[1],$A1[1]
- add $A0[1],$A1[0]
- adc \$0,$A1[1]
- mul $m1 # n[2]*m1
- add %rax,$A1[0] # n[2]*m1+"t[3]"
- mov $Ni[0],%rax
- adc %rdx,$A1[1]
- mov $A1[0],-8($tptr,$j) # "t[3]"
-
- xor $A0[1],$A0[1]
- add ($tptr,$j),$A0[0]
- adc \$0,$A0[1]
- mul $m0 # n[4]*m0
- add %rax,$A0[0] # n[4]*m0+t[4]
- mov $Ni[1],%rax
- adc %rdx,$A0[1]
-
- mov 8($nptr,$j),$Ni[1] # n[5]
- xor $A1[0],$A1[0]
- add $A0[0],$A1[1]
- adc \$0,$A1[0]
- mul $m1 # n[3]*m1
- add %rax,$A1[1] # n[3]*m1+"t[4]"
- mov $Ni[1],%rax
- adc %rdx,$A1[0]
- mov $A1[1],($tptr,$j) # "t[4]"
-
- xor $A0[0],$A0[0]
- add 8($tptr,$j),$A0[1]
- adc \$0,$A0[0]
- mul $m0 # n[5]*m0
- add %rax,$A0[1] # n[5]*m0+t[5]
- mov $Ni[0],%rax
- adc %rdx,$A0[0]
-
-
- mov 16($nptr,$j),$Ni[0] # n[6]
- xor $A1[1],$A1[1]
- add $A0[1],$A1[0]
- adc \$0,$A1[1]
- mul $m1 # n[4]*m1
- add %rax,$A1[0] # n[4]*m1+"t[5]"
- mov $Ni[0],%rax
- adc %rdx,$A1[1]
- mov $A1[0],8($tptr,$j) # "t[5]"
-
- xor $A0[1],$A0[1]
- add 16($tptr,$j),$A0[0]
- adc \$0,$A0[1]
- mul $m0 # n[6]*m0
- add %rax,$A0[0] # n[6]*m0+t[6]
- mov $Ni[1],%rax
- adc %rdx,$A0[1]
-
- mov 24($nptr,$j),$Ni[1] # n[7]
- xor $A1[0],$A1[0]
- add $A0[0],$A1[1]
- adc \$0,$A1[0]
- mul $m1 # n[5]*m1
- add %rax,$A1[1] # n[5]*m1+"t[6]"
- mov $Ni[1],%rax
- adc %rdx,$A1[0]
- mov $A1[1],16($tptr,$j) # "t[6]"
-
- xor $A0[0],$A0[0]
- add 24($tptr,$j),$A0[1]
- lea 32($j),$j
- adc \$0,$A0[0]
- mul $m0 # n[7]*m0
- add %rax,$A0[1] # n[7]*m0+t[7]
- mov $Ni[0],%rax
- adc %rdx,$A0[0]
- cmp \$0,$j
- jne .Lsqr4x_mont_inner
-
- sub 0(%rsp),$j # $j=-$num # modsched #
- mov $n0,$m0 # # modsched #
-
- xor $A1[1],$A1[1]
- add $A0[1],$A1[0]
- adc \$0,$A1[1]
- mul $m1 # n[6]*m1
- add %rax,$A1[0] # n[6]*m1+"t[7]"
- mov $Ni[1],%rax
- adc %rdx,$A1[1]
- mov $A1[0],-8($tptr) # "t[7]"
-
- xor $A0[1],$A0[1]
- add ($tptr),$A0[0] # +t[8]
- adc \$0,$A0[1]
- mov 0($nptr,$j),$Ni[0] # n[0] # modsched #
- add $topbit,$A0[0]
- adc \$0,$A0[1]
-
- imulq 16($tptr,$j),$m0 # m0=t[0]*n0 # modsched #
- xor $A1[0],$A1[0]
- mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
- add $A0[0],$A1[1]
- mov 16($tptr,$j),$A0[0] # t[0] # modsched #
- adc \$0,$A1[0]
- mul $m1 # n[7]*m1
- add %rax,$A1[1] # n[7]*m1+"t[8]"
- mov $Ni[0],%rax # # modsched #
- adc %rdx,$A1[0]
- mov $A1[1],($tptr) # "t[8]"
-
- xor $topbit,$topbit
- add 8($tptr),$A1[0] # +t[9]
- adc $topbit,$topbit
- add $A0[1],$A1[0]
- lea 16($tptr),$tptr # "t[$num]>>128"
- adc \$0,$topbit
- mov $A1[0],-8($tptr) # "t[9]"
- cmp 8(%rsp),$tptr # are we done?
- jb .Lsqr4x_mont_outer
-
- mov 0(%rsp),$num # restore $num
- mov $topbit,($tptr) # save $topbit
-___
-}
-##############################################################
-# Post-condition, 4x unrolled copy from bn_mul_mont
-#
-{
-my ($tptr,$nptr)=("%rbx",$aptr);
-my @ri=("%rax","%rdx","%r10","%r11");
-$code.=<<___;
- mov 64(%rsp,$num), at ri[0] # tp[0]
- lea 64(%rsp,$num),$tptr # upper half of t[2*$num] holds result
- mov 40(%rsp),$nptr # restore $nptr
- shr \$5,$num # num/4
- mov 8($tptr), at ri[1] # t[1]
- xor $i,$i # i=0 and clear CF!
-
- mov 32(%rsp),$rptr # restore $rptr
- sub 0($nptr), at ri[0]
- mov 16($tptr), at ri[2] # t[2]
- mov 24($tptr), at ri[3] # t[3]
- sbb 8($nptr), at ri[1]
- lea -1($num),$j # j=num/4-1
- jmp .Lsqr4x_sub
-.align 16
-.Lsqr4x_sub:
- mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
- mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
- sbb 16($nptr,$i,8), at ri[2]
- mov 32($tptr,$i,8), at ri[0] # tp[i+1]
- mov 40($tptr,$i,8), at ri[1]
- sbb 24($nptr,$i,8), at ri[3]
- mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
- mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
- sbb 32($nptr,$i,8), at ri[0]
- mov 48($tptr,$i,8), at ri[2]
- mov 56($tptr,$i,8), at ri[3]
- sbb 40($nptr,$i,8), at ri[1]
- lea 4($i),$i # i++
- dec $j # doesn't affect CF!
- jnz .Lsqr4x_sub
-
- mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
- mov 32($tptr,$i,8), at ri[0] # load overflow bit
- sbb 16($nptr,$i,8), at ri[2]
- mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
- sbb 24($nptr,$i,8), at ri[3]
- mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
-
- sbb \$0, at ri[0] # handle upmost overflow bit
- mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
- xor $i,$i # i=0
- and @ri[0],$tptr
- not @ri[0]
- mov $rptr,$nptr
- and @ri[0],$nptr
- lea -1($num),$j
- or $nptr,$tptr # tp=borrow?tp:rp
-
- pxor %xmm0,%xmm0
- lea 64(%rsp,$num,8),$nptr
- movdqu ($tptr),%xmm1
- lea ($nptr,$num,8),$nptr
- movdqa %xmm0,64(%rsp) # zap lower half of temporary vector
- movdqa %xmm0,($nptr) # zap upper half of temporary vector
- movdqu %xmm1,($rptr)
- jmp .Lsqr4x_copy
-.align 16
-.Lsqr4x_copy: # copy or in-place refresh
- movdqu 16($tptr,$i),%xmm2
- movdqu 32($tptr,$i),%xmm1
- movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
- movdqa %xmm0,96(%rsp,$i) # zap lower half of temporary vector
- movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
- movdqa %xmm0,32($nptr,$i) # zap upper half of temporary vector
- movdqu %xmm2,16($rptr,$i)
- movdqu %xmm1,32($rptr,$i)
- lea 32($i),$i
- dec $j
- jnz .Lsqr4x_copy
-
- movdqu 16($tptr,$i),%xmm2
- movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
- movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
- movdqu %xmm2,16($rptr,$i)
-___
-}
-$code.=<<___;
- mov 56(%rsp),%rsi # restore %rsp
- mov \$1,%rax
- mov 0(%rsi),%r15
- mov 8(%rsi),%r14
- mov 16(%rsi),%r13
- mov 24(%rsi),%r12
- mov 32(%rsi),%rbp
- mov 40(%rsi),%rbx
- lea 48(%rsi),%rsp
-.Lsqr4x_epilogue:
- ret
-.size bn_sqr4x_mont,.-bn_sqr4x_mont
-___
-}}}
-$code.=<<___;
-.asciz "Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align 16
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-# CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern __imp_RtlVirtualUnwind
-.type mul_handler,\@abi-omnipotent
-.align 16
-mul_handler:
- push %rsi
- push %rdi
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
- pushfq
- sub \$64,%rsp
-
- mov 120($context),%rax # pull context->Rax
- mov 248($context),%rbx # pull context->Rip
-
- mov 8($disp),%rsi # disp->ImageBase
- mov 56($disp),%r11 # disp->HandlerData
-
- mov 0(%r11),%r10d # HandlerData[0]
- lea (%rsi,%r10),%r10 # end of prologue label
- cmp %r10,%rbx # context->Rip<end of prologue label
- jb .Lcommon_seh_tail
-
- mov 152($context),%rax # pull context->Rsp
-
- mov 4(%r11),%r10d # HandlerData[1]
- lea (%rsi,%r10),%r10 # epilogue label
- cmp %r10,%rbx # context->Rip>=epilogue label
- jae .Lcommon_seh_tail
-
- mov 192($context),%r10 # pull $num
- mov 8(%rax,%r10,8),%rax # pull saved stack pointer
- lea 48(%rax),%rax
-
- mov -8(%rax),%rbx
- mov -16(%rax),%rbp
- mov -24(%rax),%r12
- mov -32(%rax),%r13
- mov -40(%rax),%r14
- mov -48(%rax),%r15
- mov %rbx,144($context) # restore context->Rbx
- mov %rbp,160($context) # restore context->Rbp
- mov %r12,216($context) # restore context->R12
- mov %r13,224($context) # restore context->R13
- mov %r14,232($context) # restore context->R14
- mov %r15,240($context) # restore context->R15
-
- jmp .Lcommon_seh_tail
-.size mul_handler,.-mul_handler
-
-.type sqr_handler,\@abi-omnipotent
-.align 16
-sqr_handler:
- push %rsi
- push %rdi
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
- pushfq
- sub \$64,%rsp
-
- mov 120($context),%rax # pull context->Rax
- mov 248($context),%rbx # pull context->Rip
-
- lea .Lsqr4x_body(%rip),%r10
- cmp %r10,%rbx # context->Rip<.Lsqr_body
- jb .Lcommon_seh_tail
-
- mov 152($context),%rax # pull context->Rsp
-
- lea .Lsqr4x_epilogue(%rip),%r10
- cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
- jae .Lcommon_seh_tail
-
- mov 56(%rax),%rax # pull saved stack pointer
- lea 48(%rax),%rax
-
- mov -8(%rax),%rbx
- mov -16(%rax),%rbp
- mov -24(%rax),%r12
- mov -32(%rax),%r13
- mov -40(%rax),%r14
- mov -48(%rax),%r15
- mov %rbx,144($context) # restore context->Rbx
- mov %rbp,160($context) # restore context->Rbp
- mov %r12,216($context) # restore context->R12
- mov %r13,224($context) # restore context->R13
- mov %r14,232($context) # restore context->R14
- mov %r15,240($context) # restore context->R15
-
-.Lcommon_seh_tail:
- mov 8(%rax),%rdi
- mov 16(%rax),%rsi
- mov %rax,152($context) # restore context->Rsp
- mov %rsi,168($context) # restore context->Rsi
- mov %rdi,176($context) # restore context->Rdi
-
- mov 40($disp),%rdi # disp->ContextRecord
- mov $context,%rsi # context
- mov \$154,%ecx # sizeof(CONTEXT)
- .long 0xa548f3fc # cld; rep movsq
-
- mov $disp,%rsi
- xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
- mov 8(%rsi),%rdx # arg2, disp->ImageBase
- mov 0(%rsi),%r8 # arg3, disp->ControlPc
- mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
- mov 40(%rsi),%r10 # disp->ContextRecord
- lea 56(%rsi),%r11 # &disp->HandlerData
- lea 24(%rsi),%r12 # &disp->EstablisherFrame
- mov %r10,32(%rsp) # arg5
- mov %r11,40(%rsp) # arg6
- mov %r12,48(%rsp) # arg7
- mov %rcx,56(%rsp) # arg8, (NULL)
- call *__imp_RtlVirtualUnwind(%rip)
-
- mov \$1,%eax # ExceptionContinueSearch
- add \$64,%rsp
- popfq
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
- pop %rdi
- pop %rsi
- ret
-.size sqr_handler,.-sqr_handler
-
-.section .pdata
-.align 4
- .rva .LSEH_begin_bn_mul_mont
- .rva .LSEH_end_bn_mul_mont
- .rva .LSEH_info_bn_mul_mont
-
- .rva .LSEH_begin_bn_mul4x_mont
- .rva .LSEH_end_bn_mul4x_mont
- .rva .LSEH_info_bn_mul4x_mont
-
- .rva .LSEH_begin_bn_sqr4x_mont
- .rva .LSEH_end_bn_sqr4x_mont
- .rva .LSEH_info_bn_sqr4x_mont
-
-.section .xdata
-.align 8
-.LSEH_info_bn_mul_mont:
- .byte 9,0,0,0
- .rva mul_handler
- .rva .Lmul_body,.Lmul_epilogue # HandlerData[]
-.LSEH_info_bn_mul4x_mont:
- .byte 9,0,0,0
- .rva mul_handler
- .rva .Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
-.LSEH_info_bn_sqr4x_mont:
- .byte 9,0,0,0
- .rva sqr_handler
-___
-}
-
-print $code;
-close STDOUT;
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1715 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005.
+#
+# Montgomery multiplication routine for x86_64. While it gives modest
+# 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more
+# than twice, >2x, as fast. Most common rsa1024 sign is improved by
+# respectful 50%. It remains to be seen if loop unrolling and
+# dedicated squaring routine can provide further improvement...
+
+# July 2011.
+#
+# Add dedicated squaring procedure. Performance improvement varies
+# from platform to platform, but in average it's ~5%/15%/25%/33%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
+# August 2011.
+#
+# Unroll and modulo-schedule inner loops in such manner that they
+# are "fallen through" for input lengths of 8, which is critical for
+# 1024-bit RSA *sign*. Average performance improvement in comparison
+# to *initial* version of this module from 2005 is ~0%/30%/40%/45%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# int bn_mul_mont(
+$rp="%rdi"; # BN_ULONG *rp,
+$ap="%rsi"; # const BN_ULONG *ap,
+$bp="%rdx"; # const BN_ULONG *bp,
+$np="%rcx"; # const BN_ULONG *np,
+$n0="%r8"; # const BN_ULONG *n0,
+$num="%r9"; # int num);
+$lo0="%r10";
+$hi0="%r11";
+$hi1="%r13";
+$i="%r14";
+$j="%r15";
+$m0="%rbx";
+$m1="%rbp";
+
+$code=<<___;
+.text
+
+.globl bn_mul_mont
+.type bn_mul_mont,\@function,6
+.align 16
+bn_mul_mont:
+ test \$3,${num}d
+ jnz .Lmul_enter
+ cmp \$8,${num}d
+ jb .Lmul_enter
+ cmp $ap,$bp
+ jne .Lmul4x_enter
+ jmp .Lsqr4x_enter
+
+.align 16
+.Lmul_enter:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ mov ${num}d,${num}d
+ lea 2($num),%r10
+ mov %rsp,%r11
+ neg %r10
+ lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+2))
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul_body:
+ # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # physical memory in strictly sequential manner, i.e. if stack
+ # allocation spans two pages, then reference to farmost one can
+ # be punishable by SEGV. But page walking can do good even on
+ # other OSes, because it guarantees that villain thread hits
+ # the guard page before it can make damage to innocent one...
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmul_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x66,0x2e # predict non-taken
+ jnc .Lmul_page_walk
+
+ mov $bp,%r12 # reassign $bp
+___
+ $bp="%r12";
+$code.=<<___;
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($bp),$m0 # m0=bp[0]
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$lo0
+ mov ($np),%rax
+
+ imulq $lo0,$m1 # "tp[0]"*n0
+ mov %rdx,$hi0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$hi1
+
+ lea 1($j),$j # j++
+ jmp .L1st_enter
+
+.align 16
+.L1st:
+ add %rax,$hi1
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ mov $lo0,$hi0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.L1st_enter:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 1($j),$j # j++
+ mov %rdx,$lo0
+
+ mulq $m1 # np[j]*m1
+ cmp $num,$j
+ jne .L1st
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+ mov $lo0,$hi0
+
+ xor %rdx,%rdx
+ add $hi0,$hi1
+ adc \$0,%rdx
+ mov $hi1,-8(%rsp,$num,8)
+ mov %rdx,(%rsp,$num,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+ jmp .Louter
+.align 16
+.Louter:
+ mov ($bp,$i,8),$m0 # m0=bp[i]
+ xor $j,$j # j=0
+ mov $n0,$m1
+ mov (%rsp),$lo0
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$lo0 # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ imulq $lo0,$m1 # tp[0]*n0
+ mov %rdx,$hi0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov 8(%rsp),$lo0 # tp[1]
+ mov %rdx,$hi1
+
+ lea 1($j),$j # j++
+ jmp .Linner_enter
+
+.align 16
+.Linner:
+ add %rax,$hi1
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.Linner_enter:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
+ mov %rdx,$hi0
+ adc \$0,$hi0
+ lea 1($j),$j # j++
+
+ mulq $m1 # np[j]*m1
+ cmp $num,$j
+ jne .Linner
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+ xor %rdx,%rdx
+ add $hi0,$hi1
+ adc \$0,%rdx
+ add $lo0,$hi1 # pull upmost overflow bit
+ adc \$0,%rdx
+ mov $hi1,-8(%rsp,$num,8)
+ mov %rdx,(%rsp,$num,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+ cmp $num,$i
+ jl .Louter
+
+ xor $i,$i # i=0 and clear CF!
+ mov (%rsp),%rax # tp[0]
+ lea (%rsp),$ap # borrow ap for tp
+ mov $num,$j # j=num
+ jmp .Lsub
+.align 16
+.Lsub: sbb ($np,$i,8),%rax
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 8($ap,$i,8),%rax # tp[i+1]
+ lea 1($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub
+
+ sbb \$0,%rax # handle upmost overflow bit
+ xor $i,$i
+ and %rax,$ap
+ not %rax
+ mov $rp,$np
+ and %rax,$np
+ mov $num,$j # j=num
+ or $np,$ap # ap=borrow?tp:rp
+.align 16
+.Lcopy: # copy or in-place refresh
+ mov ($ap,$i,8),%rax
+ mov $i,(%rsp,$i,8) # zap temporary vector
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]
+ lea 1($i),$i
+ sub \$1,$j
+ jnz .Lcopy
+
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul_epilogue:
+ ret
+.size bn_mul_mont,.-bn_mul_mont
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type bn_mul4x_mont,\@function,6
+.align 16
+bn_mul4x_mont:
+.Lmul4x_enter:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ mov ${num}d,${num}d
+ lea 4($num),%r10
+ mov %rsp,%r11
+ neg %r10
+ lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4))
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul4x_body:
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmul4x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lmul4x_page_walk
+
+ mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
+ mov %rdx,%r12 # reassign $bp
+___
+ $bp="%r12";
+$code.=<<___;
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($bp),$m0 # m0=bp[0]
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$A[0]
+ mov ($np),%rax
+
+ imulq $A[0],$m1 # "tp[0]"*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ lea 4($j),$j # j++
+ adc \$0,%rdx
+ mov $N[1],(%rsp)
+ mov %rdx,$N[0]
+ jmp .L1st4x
+.align 16
+.L1st4x:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .L1st4x
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+.align 4
+.Louter4x:
+ mov ($bp,$i,8),$m0 # m0=bp[i]
+ xor $j,$j # j=0
+ mov (%rsp),$A[0]
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$A[0] # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ imulq $A[0],$m1 # tp[0]*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # "$N[0]", discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ add 8(%rsp),$A[1] # +tp[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
+ lea 4($j),$j # j+=2
+ adc \$0,%rdx
+ mov $N[1],(%rsp) # tp[j-1]
+ mov %rdx,$N[0]
+ jmp .Linner4x
+.align 16
+.Linner4x:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ add 8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .Linner4x
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 1($i),$i # i++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ add (%rsp,$num,8),$N[0] # pull upmost overflow bit
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ cmp $num,$i
+ jl .Louter4x
+___
+{
+my @ri=("%rax","%rdx",$m0,$m1);
+$code.=<<___;
+ mov 16(%rsp,$num,8),$rp # restore $rp
+ mov 0(%rsp), at ri[0] # tp[0]
+ pxor %xmm0,%xmm0
+ mov 8(%rsp), at ri[1] # tp[1]
+ shr \$2,$num # num/=4
+ lea (%rsp),$ap # borrow ap for tp
+ xor $i,$i # i=0 and clear CF!
+
+ sub 0($np), at ri[0]
+ mov 16($ap), at ri[2] # tp[2]
+ mov 24($ap), at ri[3] # tp[3]
+ sbb 8($np), at ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsub4x
+.align 16
+.Lsub4x:
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($np,$i,8), at ri[2]
+ mov 32($ap,$i,8), at ri[0] # tp[i+1]
+ mov 40($ap,$i,8), at ri[1]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($np,$i,8), at ri[0]
+ mov 48($ap,$i,8), at ri[2]
+ mov 56($ap,$i,8), at ri[3]
+ sbb 40($np,$i,8), at ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub4x
+
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($ap,$i,8), at ri[0] # load overflow bit
+ sbb 16($np,$i,8), at ri[2]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0, at ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$ap
+ not @ri[0]
+ mov $rp,$np
+ and @ri[0],$np
+ lea -1($num),$j
+ or $np,$ap # ap=borrow?tp:rp
+
+ movdqu ($ap),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,($rp)
+ jmp .Lcopy4x
+.align 16
+.Lcopy4x: # copy or in-place refresh
+ movdqu 16($ap,$i),%xmm2
+ movdqu 32($ap,$i),%xmm1
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+ movdqa %xmm0,32(%rsp,$i)
+ movdqu %xmm1,32($rp,$i)
+ lea 32($i),$i
+ dec $j
+ jnz .Lcopy4x
+
+ shl \$2,$num
+ movdqu 16($ap,$i),%xmm2
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+___
+}
+$code.=<<___;
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul4x_epilogue:
+ ret
+.size bn_mul4x_mont,.-bn_mul4x_mont
+___
+}}}
+
{{{
+######################################################################
+# void bn_sqr4x_mont(
+my $rptr="%rdi"; # const BN_ULONG *rptr,
+my $aptr="%rsi"; # const BN_ULONG *aptr,
+my $bptr="%rdx"; # not used
+my $nptr="%rcx"; # const BN_ULONG *nptr,
+my $n0 ="%r8"; # const BN_ULONG *n0);
+my $num ="%r9"; # int num, has to be divisible by 4 and
+ # not less than 8
+
+my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
+my @A0=("%r10","%r11");
+my @A1=("%r12","%r13");
+my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
+
+$code.=<<___;
+.type bn_sqr4x_mont,\@function,6
+.align 16
+bn_sqr4x_mont:
+.Lsqr4x_enter:
+ mov %rsp,%rax
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ shl \$3,${num}d # convert $num to bytes
+ mov %rsp,%r11 # put aside %rsp
+ neg $num # -$num
+ mov ($n0),$n0 # *n0
+ lea -72(%rsp,$num,2),%rsp # alloca(frame+2*$num)
+ and \$-1024,%rsp # minimize TLB usage
+
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lsqr4x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lsqr4x_page_walk
+
+ mov $num,%r10
+ neg $num # restore $num
+ lea -48(%rax),%r11 # restore saved %rsp
+ ##############################################################
+ # Stack layout
+ #
+ # +0 saved $num, used in reduction section
+ # +8 &t[2*$num], used in reduction section
+ # +32 saved $rptr
+ # +40 saved $nptr
+ # +48 saved *n0
+ # +56 saved %rsp
+ # +64 t[2*$num]
+ #
+ mov $rptr,32(%rsp) # save $rptr
+ mov $nptr,40(%rsp)
+ mov $n0, 48(%rsp)
+ mov %r11, 56(%rsp) # save original %rsp
+.Lsqr4x_body:
+ ##############################################################
+ # Squaring part:
+ #
+ # a) multiply-n-add everything but a[i]*a[i];
+ # b) shift result of a) by 1 to the left and accumulate
+ # a[i]*a[i] products;
+ #
+ lea 32(%r10),$i # $i=-($num-32)
+ lea ($aptr,$num),$aptr # end of a[] buffer, ($aptr,$i)=&ap[2]
+
+ mov $num,$j # $j=$num
+
+ # comments apply to $num==8 case
+ mov -32($aptr,$i),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr,$i),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr,$i),$ai # a[2]
+ mov %rax,$a1
+
+ mul $a0 # a[1]*a[0]
+ mov %rax,$A0[0] # a[1]*a[0]
+ mov $ai,%rax # a[2]
+ mov %rdx,$A0[1]
+ mov $A0[0],-24($tptr,$i) # t[1]
+
+ xor $A0[0],$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr,$i) # t[2]
+
+ lea -16($i),$j # j=-16
+
+
+ mov 8($aptr,$j),$ai # a[3]
+ mul $a1 # a[2]*a[1]
+ mov %rax,$A1[0] # a[2]*a[1]+t[3]
+ mov $ai,%rax
+ mov %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 16($j),$j
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[3]
+ jmp .Lsqr4x_1st
+
+.align 16
+.Lsqr4x_1st:
+ mov ($aptr,$j),$ai # a[4]
+ xor $A1[0],$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1] # a[3]*a[1]+t[4]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[4]*a[0]
+ add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],($tptr,$j) # t[4]
+
+
+ mov 8($aptr,$j),$ai # a[5]
+ xor $A1[1],$A1[1]
+ mul $a1 # a[4]*a[3]
+ add %rax,$A1[0] # a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ adc \$0,$A0[1]
+ mul $a0 # a[5]*a[2]
+ add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],8($tptr,$j) # t[5]
+
+ mov 16($aptr,$j),$ai # a[6]
+ xor $A1[0],$A1[0]
+ mul $a1 # a[5]*a[3]
+ add %rax,$A1[1] # a[5]*a[3]+t[6]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[6]*a[2]
+ add %rax,$A0[1] # a[6]*a[2]+a[5]*a[3]+t[6]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],16($tptr,$j) # t[6]
+
+
+ mov 24($aptr,$j),$ai # a[7]
+ xor $A1[1],$A1[1]
+ mul $a1 # a[6]*a[5]
+ add %rax,$A1[0] # a[6]*a[5]+t[7]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 32($j),$j
+ adc \$0,$A0[1]
+ mul $a0 # a[7]*a[4]
+ add %rax,$A0[0] # a[7]*a[4]+a[6]*a[5]+t[6]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[7]
+
+ cmp \$0,$j
+ jne .Lsqr4x_1st
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[7]*a[5]
+ add %rax,$A1[1]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[8]
+ lea 16($i),$i
+ mov $A1[0],8($tptr) # t[9]
+ jmp .Lsqr4x_outer
+
+.align 16
+.Lsqr4x_outer: # comments apply to $num==6 case
+ mov -32($aptr,$i),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr,$i),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr,$i),$ai # a[2]
+ mov %rax,$a1
+
+ mov -24($tptr,$i),$A0[0] # t[1]
+ xor $A0[1],$A0[1]
+ mul $a0 # a[1]*a[0]
+ add %rax,$A0[0] # a[1]*a[0]+t[1]
+ mov $ai,%rax # a[2]
+ adc %rdx,$A0[1]
+ mov $A0[0],-24($tptr,$i) # t[1]
+
+ xor $A0[0],$A0[0]
+ add -16($tptr,$i),$A0[1] # a[2]*a[0]+t[2]
+ adc \$0,$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr,$i) # t[2]
+
+ lea -16($i),$j # j=-16
+ xor $A1[0],$A1[0]
+
+
+ mov 8($aptr,$j),$ai # a[3]
+ xor $A1[1],$A1[1]
+ add 8($tptr,$j),$A1[0]
+ adc \$0,$A1[1]
+ mul $a1 # a[2]*a[1]
+ add %rax,$A1[0] # a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],8($tptr,$j) # t[3]
+
+ lea 16($j),$j
+ jmp .Lsqr4x_inner
+
+.align 16
+.Lsqr4x_inner:
+ mov ($aptr,$j),$ai # a[4]
+ xor $A1[0],$A1[0]
+ add ($tptr,$j),$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1] # a[3]*a[1]+t[4]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[4]*a[0]
+ add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],($tptr,$j) # t[4]
+
+ mov 8($aptr,$j),$ai # a[5]
+ xor $A1[1],$A1[1]
+ add 8($tptr,$j),$A1[0]
+ adc \$0,$A1[1]
+ mul $a1 # a[4]*a[3]
+ add %rax,$A1[0] # a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 16($j),$j # j++
+ adc \$0,$A0[1]
+ mul $a0 # a[5]*a[2]
+ add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[5], "preloaded t[1]" below
+
+ cmp \$0,$j
+ jne .Lsqr4x_inner
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[5]*a[3]
+ add %rax,$A1[1]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[6], "preloaded t[2]" below
+ mov $A1[0],8($tptr) # t[7], "preloaded t[3]" below
+
+ add \$16,$i
+ jnz .Lsqr4x_outer
+
+ # comments apply to $num==4 case
+ mov -32($aptr),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr),$ai # a[2]
+ mov %rax,$a1
+
+ xor $A0[1],$A0[1]
+ mul $a0 # a[1]*a[0]
+ add %rax,$A0[0] # a[1]*a[0]+t[1], preloaded t[1]
+ mov $ai,%rax # a[2]
+ adc %rdx,$A0[1]
+ mov $A0[0],-24($tptr) # t[1]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1] # a[2]*a[0]+t[2], preloaded t[2]
+ adc \$0,$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr) # t[2]
+
+ mov -8($aptr),$ai # a[3]
+ mul $a1 # a[2]*a[1]
+ add %rax,$A1[0] # a[2]*a[1]+t[3], preloaded t[3]
+ mov $ai,%rax
+ adc \$0,%rdx
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ mov %rdx,$A1[1]
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr) # t[3]
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1]
+ mov -16($aptr),%rax # a[2]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[4]
+ mov $A1[0],8($tptr) # t[5]
+
+ mul $ai # a[2]*a[3]
+___
+{
+my ($shift,$carry)=($a0,$a1);
+my @S=(@A1,$ai,$n0);
+$code.=<<___;
+ add \$16,$i
+ xor $shift,$shift
+ sub $num,$i # $i=16-$num
+ xor $carry,$carry
+
+ add $A1[0],%rax # t[5]
+ adc \$0,%rdx
+ mov %rax,8($tptr) # t[5]
+ mov %rdx,16($tptr) # t[6]
+ mov $carry,24($tptr) # t[7]
+
+ mov -16($aptr,$i),%rax # a[0]
+ lea 64(%rsp,$num,2),$tptr
+ xor $A0[0],$A0[0] # t[0]
+ mov -24($tptr,$i,2),$A0[1] # t[1]
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],-24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 0($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],-16($tptr,$i,2)
+ adc %rdx,$S[3]
+ lea 16($i),$i
+ mov $S[3],-40($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ jmp .Lsqr4x_shift_n_add
+
+.align 16
+.Lsqr4x_shift_n_add:
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],-24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 0($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],-16($tptr,$i,2)
+ adc %rdx,$S[3]
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ mov $S[3],-8($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov 16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 24($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov 8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],0($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],8($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 32($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 40($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 16($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],16($tptr,$i,2)
+ adc %rdx,$S[3]
+ mov $S[3],24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ add \$32,$i
+ jnz .Lsqr4x_shift_n_add
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1|shift
+ mov $S[1],-24($tptr)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ adc %rax,$S[2]
+ adc %rdx,$S[3]
+ mov $S[2],-16($tptr)
+ mov $S[3],-8($tptr)
+___
+}
+##############################################################
+# Montgomery reduction part, "word-by-word" algorithm.
+#
+{
+my ($topbit,$nptr)=("%rbp",$aptr);
+my ($m0,$m1)=($a0,$a1);
+my @Ni=("%rbx","%r9");
+$code.=<<___;
+ mov 40(%rsp),$nptr # restore $nptr
+ mov 48(%rsp),$n0 # restore *n0
+ xor $j,$j
+ mov $num,0(%rsp) # save $num
+ sub $num,$j # $j=-$num
+ mov 64(%rsp),$A0[0] # t[0] # modsched #
+ mov $n0,$m0 # # modsched #
+ lea 64(%rsp,$num,2),%rax # end of t[] buffer
+ lea 64(%rsp,$num),$tptr # end of t[] window
+ mov %rax,8(%rsp) # save end of t[] buffer
+ lea ($nptr,$num),$nptr # end of n[] buffer
+ xor $topbit,$topbit # $topbit=0
+
+ mov 0($nptr,$j),%rax # n[0] # modsched #
+ mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
+ imulq $A0[0],$m0 # m0=t[0]*n0 # modsched #
+ mov %rax,$Ni[0] # # modsched #
+ jmp .Lsqr4x_mont_outer
+
+.align 16
+.Lsqr4x_mont_outer:
+ xor $A0[1],$A0[1]
+ mul $m0 # n[0]*m0
+ add %rax,$A0[0] # n[0]*m0+t[0]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+ mov $n0,$m1
+
+ xor $A0[0],$A0[0]
+ add 8($tptr,$j),$A0[1]
+ adc \$0,$A0[0]
+ mul $m0 # n[1]*m0
+ add %rax,$A0[1] # n[1]*m0+t[1]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+
+ imulq $A0[1],$m1
+
+ mov 16($nptr,$j),$Ni[0] # n[2]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[0]*m1
+ add %rax,$A1[0] # n[0]*m1+"t[1]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],8($tptr,$j) # "t[1]"
+
+ xor $A0[1],$A0[1]
+ add 16($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[2]*m0
+ add %rax,$A0[0] # n[2]*m0+t[2]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 24($nptr,$j),$Ni[1] # n[3]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[1]*m1
+ add %rax,$A1[1] # n[1]*m1+"t[2]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],16($tptr,$j) # "t[2]"
+
+ xor $A0[0],$A0[0]
+ add 24($tptr,$j),$A0[1]
+ lea 32($j),$j
+ adc \$0,$A0[0]
+ mul $m0 # n[3]*m0
+ add %rax,$A0[1] # n[3]*m0+t[3]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+ jmp .Lsqr4x_mont_inner
+
+.align 16
+.Lsqr4x_mont_inner:
+ mov ($nptr,$j),$Ni[0] # n[4]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[2]*m1
+ add %rax,$A1[0] # n[2]*m1+"t[3]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],-8($tptr,$j) # "t[3]"
+
+ xor $A0[1],$A0[1]
+ add ($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[4]*m0
+ add %rax,$A0[0] # n[4]*m0+t[4]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 8($nptr,$j),$Ni[1] # n[5]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[3]*m1
+ add %rax,$A1[1] # n[3]*m1+"t[4]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],($tptr,$j) # "t[4]"
+
+ xor $A0[0],$A0[0]
+ add 8($tptr,$j),$A0[1]
+ adc \$0,$A0[0]
+ mul $m0 # n[5]*m0
+ add %rax,$A0[1] # n[5]*m0+t[5]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+
+
+ mov 16($nptr,$j),$Ni[0] # n[6]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[4]*m1
+ add %rax,$A1[0] # n[4]*m1+"t[5]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],8($tptr,$j) # "t[5]"
+
+ xor $A0[1],$A0[1]
+ add 16($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[6]*m0
+ add %rax,$A0[0] # n[6]*m0+t[6]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 24($nptr,$j),$Ni[1] # n[7]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[5]*m1
+ add %rax,$A1[1] # n[5]*m1+"t[6]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],16($tptr,$j) # "t[6]"
+
+ xor $A0[0],$A0[0]
+ add 24($tptr,$j),$A0[1]
+ lea 32($j),$j
+ adc \$0,$A0[0]
+ mul $m0 # n[7]*m0
+ add %rax,$A0[1] # n[7]*m0+t[7]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+ cmp \$0,$j
+ jne .Lsqr4x_mont_inner
+
+ sub 0(%rsp),$j # $j=-$num # modsched #
+ mov $n0,$m0 # # modsched #
+
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[6]*m1
+ add %rax,$A1[0] # n[6]*m1+"t[7]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],-8($tptr) # "t[7]"
+
+ xor $A0[1],$A0[1]
+ add ($tptr),$A0[0] # +t[8]
+ adc \$0,$A0[1]
+ mov 0($nptr,$j),$Ni[0] # n[0] # modsched #
+ add $topbit,$A0[0]
+ adc \$0,$A0[1]
+
+ imulq 16($tptr,$j),$m0 # m0=t[0]*n0 # modsched #
+ xor $A1[0],$A1[0]
+ mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
+ add $A0[0],$A1[1]
+ mov 16($tptr,$j),$A0[0] # t[0] # modsched #
+ adc \$0,$A1[0]
+ mul $m1 # n[7]*m1
+ add %rax,$A1[1] # n[7]*m1+"t[8]"
+ mov $Ni[0],%rax # # modsched #
+ adc %rdx,$A1[0]
+ mov $A1[1],($tptr) # "t[8]"
+
+ xor $topbit,$topbit
+ add 8($tptr),$A1[0] # +t[9]
+ adc $topbit,$topbit
+ add $A0[1],$A1[0]
+ lea 16($tptr),$tptr # "t[$num]>>128"
+ adc \$0,$topbit
+ mov $A1[0],-8($tptr) # "t[9]"
+ cmp 8(%rsp),$tptr # are we done?
+ jb .Lsqr4x_mont_outer
+
+ mov 0(%rsp),$num # restore $num
+ mov $topbit,($tptr) # save $topbit
+___
+}
+##############################################################
+# Post-condition, 4x unrolled copy from bn_mul_mont
+#
+{
+my ($tptr,$nptr)=("%rbx",$aptr);
+my @ri=("%rax","%rdx","%r10","%r11");
+$code.=<<___;
+ mov 64(%rsp,$num), at ri[0] # tp[0]
+ lea 64(%rsp,$num),$tptr # upper half of t[2*$num] holds result
+ mov 40(%rsp),$nptr # restore $nptr
+ shr \$5,$num # num/4
+ mov 8($tptr), at ri[1] # t[1]
+ xor $i,$i # i=0 and clear CF!
+
+ mov 32(%rsp),$rptr # restore $rptr
+ sub 0($nptr), at ri[0]
+ mov 16($tptr), at ri[2] # t[2]
+ mov 24($tptr), at ri[3] # t[3]
+ sbb 8($nptr), at ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsqr4x_sub
+.align 16
+.Lsqr4x_sub:
+ mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($nptr,$i,8), at ri[2]
+ mov 32($tptr,$i,8), at ri[0] # tp[i+1]
+ mov 40($tptr,$i,8), at ri[1]
+ sbb 24($nptr,$i,8), at ri[3]
+ mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($nptr,$i,8), at ri[0]
+ mov 48($tptr,$i,8), at ri[2]
+ mov 56($tptr,$i,8), at ri[3]
+ sbb 40($nptr,$i,8), at ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesn't affect CF!
+ jnz .Lsqr4x_sub
+
+ mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($tptr,$i,8), at ri[0] # load overflow bit
+ sbb 16($nptr,$i,8), at ri[2]
+ mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($nptr,$i,8), at ri[3]
+ mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0, at ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$tptr
+ not @ri[0]
+ mov $rptr,$nptr
+ and @ri[0],$nptr
+ lea -1($num),$j
+ or $nptr,$tptr # tp=borrow?tp:rp
+
+ pxor %xmm0,%xmm0
+ lea 64(%rsp,$num,8),$nptr
+ movdqu ($tptr),%xmm1
+ lea ($nptr,$num,8),$nptr
+ movdqa %xmm0,64(%rsp) # zap lower half of temporary vector
+ movdqa %xmm0,($nptr) # zap upper half of temporary vector
+ movdqu %xmm1,($rptr)
+ jmp .Lsqr4x_copy
+.align 16
+.Lsqr4x_copy: # copy or in-place refresh
+ movdqu 16($tptr,$i),%xmm2
+ movdqu 32($tptr,$i),%xmm1
+ movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,96(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
+ movdqa %xmm0,32($nptr,$i) # zap upper half of temporary vector
+ movdqu %xmm2,16($rptr,$i)
+ movdqu %xmm1,32($rptr,$i)
+ lea 32($i),$i
+ dec $j
+ jnz .Lsqr4x_copy
+
+ movdqu 16($tptr,$i),%xmm2
+ movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
+ movdqu %xmm2,16($rptr,$i)
+___
+}
+$code.=<<___;
+ mov 56(%rsp),%rsi # restore %rsp
+ mov \$1,%rax
+ mov 0(%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lsqr4x_epilogue:
+ ret
+.size bn_sqr4x_mont,.-bn_sqr4x_mont
+___
+}}}
+$code.=<<___;
+.asciz "Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type mul_handler,\@abi-omnipotent
+.align 16
+mul_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # end of prologue label
+ cmp %r10,%rbx # context->Rip<end of prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ mov 192($context),%r10 # pull $num
+ mov 8(%rax,%r10,8),%rax # pull saved stack pointer
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+ jmp .Lcommon_seh_tail
+.size mul_handler,.-mul_handler
+
+.type sqr_handler,\@abi-omnipotent
+.align 16
+sqr_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lsqr4x_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lsqr_body
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lsqr4x_epilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
+ jae .Lcommon_seh_tail
+
+ mov 56(%rax),%rax # pull saved stack pointer
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size sqr_handler,.-sqr_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_bn_mul_mont
+ .rva .LSEH_end_bn_mul_mont
+ .rva .LSEH_info_bn_mul_mont
+
+ .rva .LSEH_begin_bn_mul4x_mont
+ .rva .LSEH_end_bn_mul4x_mont
+ .rva .LSEH_info_bn_mul4x_mont
+
+ .rva .LSEH_begin_bn_sqr4x_mont
+ .rva .LSEH_end_bn_sqr4x_mont
+ .rva .LSEH_info_bn_sqr4x_mont
+
+.section .xdata
+.align 8
+.LSEH_info_bn_mul_mont:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul_body,.Lmul_epilogue # HandlerData[]
+.LSEH_info_bn_mul4x_mont:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
+.LSEH_info_bn_sqr4x_mont:
+ .byte 9,0,0,0
+ .rva sqr_handler
+___
+}
+
+print $code;
+close STDOUT;
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1071 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# August 2011.
-#
-# Companion to x86_64-mont.pl that optimizes cache-timing attack
-# countermeasures. The subroutines are produced by replacing bp[i]
-# references in their x86_64-mont.pl counterparts with cache-neutral
-# references to powers table computed in BN_mod_exp_mont_consttime.
-# In addition subroutine that scatters elements of the powers table
-# is implemented, so that scatter-/gathering can be tuned without
-# bn_exp.c modifications.
-
-$flavour = shift;
-$output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-# int bn_mul_mont_gather5(
-$rp="%rdi"; # BN_ULONG *rp,
-$ap="%rsi"; # const BN_ULONG *ap,
-$bp="%rdx"; # const BN_ULONG *bp,
-$np="%rcx"; # const BN_ULONG *np,
-$n0="%r8"; # const BN_ULONG *n0,
-$num="%r9"; # int num,
- # int idx); # 0 to 2^5-1, "index" in $bp holding
- # pre-computed powers of a', interlaced
- # in such manner that b[0] is $bp[idx],
- # b[1] is [2^5+idx], etc.
-$lo0="%r10";
-$hi0="%r11";
-$hi1="%r13";
-$i="%r14";
-$j="%r15";
-$m0="%rbx";
-$m1="%rbp";
-
-$code=<<___;
-.text
-
-.globl bn_mul_mont_gather5
-.type bn_mul_mont_gather5,\@function,6
-.align 64
-bn_mul_mont_gather5:
- test \$3,${num}d
- jnz .Lmul_enter
- cmp \$8,${num}d
- jb .Lmul_enter
- jmp .Lmul4x_enter
-
-.align 16
-.Lmul_enter:
- mov ${num}d,${num}d
- mov `($win64?56:8)`(%rsp),%r10d # load 7th argument
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-___
-$code.=<<___ if ($win64);
- lea -0x28(%rsp),%rsp
- movaps %xmm6,(%rsp)
- movaps %xmm7,0x10(%rsp)
-.Lmul_alloca:
-___
-$code.=<<___;
- mov %rsp,%rax
- lea 2($num),%r11
- neg %r11
- lea (%rsp,%r11,8),%rsp # tp=alloca(8*(num+2))
- and \$-1024,%rsp # minimize TLB usage
-
- mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
-.Lmul_body:
- mov $bp,%r12 # reassign $bp
-___
- $bp="%r12";
- $STRIDE=2**5*8; # 5 is "window size"
- $N=$STRIDE/4; # should match cache line size
-$code.=<<___;
- mov %r10,%r11
- shr \$`log($N/8)/log(2)`,%r10
- and \$`$N/8-1`,%r11
- not %r10
- lea .Lmagic_masks(%rip),%rax
- and \$`2**5/($N/8)-1`,%r10 # 5 is "window size"
- lea 96($bp,%r11,8),$bp # pointer within 1st cache line
- movq 0(%rax,%r10,8),%xmm4 # set of masks denoting which
- movq 8(%rax,%r10,8),%xmm5 # cache line contains element
- movq 16(%rax,%r10,8),%xmm6 # denoted by 7th argument
- movq 24(%rax,%r10,8),%xmm7
-
- movq `0*$STRIDE/4-96`($bp),%xmm0
- movq `1*$STRIDE/4-96`($bp),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($bp),%xmm2
- pand %xmm5,%xmm1
- movq `3*$STRIDE/4-96`($bp),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
- por %xmm2,%xmm0
- lea $STRIDE($bp),$bp
- por %xmm3,%xmm0
-
- movq %xmm0,$m0 # m0=bp[0]
-
- mov ($n0),$n0 # pull n0[0] value
- mov ($ap),%rax
-
- xor $i,$i # i=0
- xor $j,$j # j=0
-
- movq `0*$STRIDE/4-96`($bp),%xmm0
- movq `1*$STRIDE/4-96`($bp),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($bp),%xmm2
- pand %xmm5,%xmm1
-
- mov $n0,$m1
- mulq $m0 # ap[0]*bp[0]
- mov %rax,$lo0
- mov ($np),%rax
-
- movq `3*$STRIDE/4-96`($bp),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
-
- imulq $lo0,$m1 # "tp[0]"*n0
- mov %rdx,$hi0
-
- por %xmm2,%xmm0
- lea $STRIDE($bp),$bp
- por %xmm3,%xmm0
-
- mulq $m1 # np[0]*m1
- add %rax,$lo0 # discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov %rdx,$hi1
-
- lea 1($j),$j # j++
- jmp .L1st_enter
-
-.align 16
-.L1st:
- add %rax,$hi1
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
- mov $lo0,$hi0
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
-
-.L1st_enter:
- mulq $m0 # ap[j]*bp[0]
- add %rax,$hi0
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- lea 1($j),$j # j++
- mov %rdx,$lo0
-
- mulq $m1 # np[j]*m1
- cmp $num,$j
- jne .L1st
-
- movq %xmm0,$m0 # bp[1]
-
- add %rax,$hi1
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
- mov $lo0,$hi0
-
- xor %rdx,%rdx
- add $hi0,$hi1
- adc \$0,%rdx
- mov $hi1,-8(%rsp,$num,8)
- mov %rdx,(%rsp,$num,8) # store upmost overflow bit
-
- lea 1($i),$i # i++
- jmp .Louter
-.align 16
-.Louter:
- xor $j,$j # j=0
- mov $n0,$m1
- mov (%rsp),$lo0
-
- movq `0*$STRIDE/4-96`($bp),%xmm0
- movq `1*$STRIDE/4-96`($bp),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($bp),%xmm2
- pand %xmm5,%xmm1
-
- mulq $m0 # ap[0]*bp[i]
- add %rax,$lo0 # ap[0]*bp[i]+tp[0]
- mov ($np),%rax
- adc \$0,%rdx
-
- movq `3*$STRIDE/4-96`($bp),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
-
- imulq $lo0,$m1 # tp[0]*n0
- mov %rdx,$hi0
-
- por %xmm2,%xmm0
- lea $STRIDE($bp),$bp
- por %xmm3,%xmm0
-
- mulq $m1 # np[0]*m1
- add %rax,$lo0 # discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov 8(%rsp),$lo0 # tp[1]
- mov %rdx,$hi1
-
- lea 1($j),$j # j++
- jmp .Linner_enter
-
-.align 16
-.Linner:
- add %rax,$hi1
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
- mov (%rsp,$j,8),$lo0
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
-
-.Linner_enter:
- mulq $m0 # ap[j]*bp[i]
- add %rax,$hi0
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
- mov %rdx,$hi0
- adc \$0,$hi0
- lea 1($j),$j # j++
-
- mulq $m1 # np[j]*m1
- cmp $num,$j
- jne .Linner
-
- movq %xmm0,$m0 # bp[i+1]
-
- add %rax,$hi1
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
- mov (%rsp,$j,8),$lo0
- adc \$0,%rdx
- mov $hi1,-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$hi1
-
- xor %rdx,%rdx
- add $hi0,$hi1
- adc \$0,%rdx
- add $lo0,$hi1 # pull upmost overflow bit
- adc \$0,%rdx
- mov $hi1,-8(%rsp,$num,8)
- mov %rdx,(%rsp,$num,8) # store upmost overflow bit
-
- lea 1($i),$i # i++
- cmp $num,$i
- jl .Louter
-
- xor $i,$i # i=0 and clear CF!
- mov (%rsp),%rax # tp[0]
- lea (%rsp),$ap # borrow ap for tp
- mov $num,$j # j=num
- jmp .Lsub
-.align 16
-.Lsub: sbb ($np,$i,8),%rax
- mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov 8($ap,$i,8),%rax # tp[i+1]
- lea 1($i),$i # i++
- dec $j # doesnn't affect CF!
- jnz .Lsub
-
- sbb \$0,%rax # handle upmost overflow bit
- xor $i,$i
- and %rax,$ap
- not %rax
- mov $rp,$np
- and %rax,$np
- mov $num,$j # j=num
- or $np,$ap # ap=borrow?tp:rp
-.align 16
-.Lcopy: # copy or in-place refresh
- mov ($ap,$i,8),%rax
- mov $i,(%rsp,$i,8) # zap temporary vector
- mov %rax,($rp,$i,8) # rp[i]=tp[i]
- lea 1($i),$i
- sub \$1,$j
- jnz .Lcopy
-
- mov 8(%rsp,$num,8),%rsi # restore %rsp
- mov \$1,%rax
-___
-$code.=<<___ if ($win64);
- movaps (%rsi),%xmm6
- movaps 0x10(%rsi),%xmm7
- lea 0x28(%rsi),%rsi
-___
-$code.=<<___;
- mov (%rsi),%r15
- mov 8(%rsi),%r14
- mov 16(%rsi),%r13
- mov 24(%rsi),%r12
- mov 32(%rsi),%rbp
- mov 40(%rsi),%rbx
- lea 48(%rsi),%rsp
-.Lmul_epilogue:
- ret
-.size bn_mul_mont_gather5,.-bn_mul_mont_gather5
-___
-{{{
-my @A=("%r10","%r11");
-my @N=("%r13","%rdi");
-$code.=<<___;
-.type bn_mul4x_mont_gather5,\@function,6
-.align 16
-bn_mul4x_mont_gather5:
-.Lmul4x_enter:
- mov ${num}d,${num}d
- mov `($win64?56:8)`(%rsp),%r10d # load 7th argument
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-___
-$code.=<<___ if ($win64);
- lea -0x28(%rsp),%rsp
- movaps %xmm6,(%rsp)
- movaps %xmm7,0x10(%rsp)
-.Lmul4x_alloca:
-___
-$code.=<<___;
- mov %rsp,%rax
- lea 4($num),%r11
- neg %r11
- lea (%rsp,%r11,8),%rsp # tp=alloca(8*(num+4))
- and \$-1024,%rsp # minimize TLB usage
-
- mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
-.Lmul4x_body:
- mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
- mov %rdx,%r12 # reassign $bp
-___
- $bp="%r12";
- $STRIDE=2**5*8; # 5 is "window size"
- $N=$STRIDE/4; # should match cache line size
-$code.=<<___;
- mov %r10,%r11
- shr \$`log($N/8)/log(2)`,%r10
- and \$`$N/8-1`,%r11
- not %r10
- lea .Lmagic_masks(%rip),%rax
- and \$`2**5/($N/8)-1`,%r10 # 5 is "window size"
- lea 96($bp,%r11,8),$bp # pointer within 1st cache line
- movq 0(%rax,%r10,8),%xmm4 # set of masks denoting which
- movq 8(%rax,%r10,8),%xmm5 # cache line contains element
- movq 16(%rax,%r10,8),%xmm6 # denoted by 7th argument
- movq 24(%rax,%r10,8),%xmm7
-
- movq `0*$STRIDE/4-96`($bp),%xmm0
- movq `1*$STRIDE/4-96`($bp),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($bp),%xmm2
- pand %xmm5,%xmm1
- movq `3*$STRIDE/4-96`($bp),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
- por %xmm2,%xmm0
- lea $STRIDE($bp),$bp
- por %xmm3,%xmm0
-
- movq %xmm0,$m0 # m0=bp[0]
- mov ($n0),$n0 # pull n0[0] value
- mov ($ap),%rax
-
- xor $i,$i # i=0
- xor $j,$j # j=0
-
- movq `0*$STRIDE/4-96`($bp),%xmm0
- movq `1*$STRIDE/4-96`($bp),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($bp),%xmm2
- pand %xmm5,%xmm1
-
- mov $n0,$m1
- mulq $m0 # ap[0]*bp[0]
- mov %rax,$A[0]
- mov ($np),%rax
-
- movq `3*$STRIDE/4-96`($bp),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
-
- imulq $A[0],$m1 # "tp[0]"*n0
- mov %rdx,$A[1]
-
- por %xmm2,%xmm0
- lea $STRIDE($bp),$bp
- por %xmm3,%xmm0
-
- mulq $m1 # np[0]*m1
- add %rax,$A[0] # discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov %rdx,$N[1]
-
- mulq $m0
- add %rax,$A[1]
- mov 8($np),%rax
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1
- add %rax,$N[1]
- mov 16($ap),%rax
- adc \$0,%rdx
- add $A[1],$N[1]
- lea 4($j),$j # j++
- adc \$0,%rdx
- mov $N[1],(%rsp)
- mov %rdx,$N[0]
- jmp .L1st4x
-.align 16
-.L1st4x:
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[0]
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov 8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[0],-8(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[1]
- mov 8($np,$j,8),%rax
- adc \$0,%rdx
- lea 4($j),$j # j++
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov -16($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[1],-32(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
- cmp $num,$j
- jl .L1st4x
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[0]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- movq %xmm0,$m0 # bp[1]
-
- xor $N[1],$N[1]
- add $A[0],$N[0]
- adc \$0,$N[1]
- mov $N[0],-8(%rsp,$j,8)
- mov $N[1],(%rsp,$j,8) # store upmost overflow bit
-
- lea 1($i),$i # i++
-.align 4
-.Louter4x:
- xor $j,$j # j=0
- movq `0*$STRIDE/4-96`($bp),%xmm0
- movq `1*$STRIDE/4-96`($bp),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($bp),%xmm2
- pand %xmm5,%xmm1
-
- mov (%rsp),$A[0]
- mov $n0,$m1
- mulq $m0 # ap[0]*bp[i]
- add %rax,$A[0] # ap[0]*bp[i]+tp[0]
- mov ($np),%rax
- adc \$0,%rdx
-
- movq `3*$STRIDE/4-96`($bp),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
-
- imulq $A[0],$m1 # tp[0]*n0
- mov %rdx,$A[1]
-
- por %xmm2,%xmm0
- lea $STRIDE($bp),$bp
- por %xmm3,%xmm0
-
- mulq $m1 # np[0]*m1
- add %rax,$A[0] # "$N[0]", discarded
- mov 8($ap),%rax
- adc \$0,%rdx
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov 8($np),%rax
- adc \$0,%rdx
- add 8(%rsp),$A[1] # +tp[1]
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov 16($ap),%rax
- adc \$0,%rdx
- add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
- lea 4($j),$j # j+=2
- adc \$0,%rdx
- mov %rdx,$N[0]
- jmp .Linner4x
-.align 16
-.Linner4x:
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0]
- adc \$0,%rdx
- mov $N[1],-32(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- add -8(%rsp,$j,8),$A[1]
- adc \$0,%rdx
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[0]
- mov ($np,$j,8),%rax
- adc \$0,%rdx
- add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov 8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0]
- adc \$0,%rdx
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov 8($np,$j,8),%rax
- adc \$0,%rdx
- add 8(%rsp,$j,8),$A[1]
- adc \$0,%rdx
- lea 4($j),$j # j++
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov -16($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[1],$N[1]
- adc \$0,%rdx
- mov $N[0],-40(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
- cmp $num,$j
- jl .Linner4x
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[0]
- mov -16($np,$j,8),%rax
- adc \$0,%rdx
- add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
- adc \$0,%rdx
- mov %rdx,$A[1]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[0]
- mov -8($ap,$j,8),%rax
- adc \$0,%rdx
- add $A[0],$N[0]
- adc \$0,%rdx
- mov $N[1],-32(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[1]
-
- mulq $m0 # ap[j]*bp[i]
- add %rax,$A[1]
- mov -8($np,$j,8),%rax
- adc \$0,%rdx
- add -8(%rsp,$j,8),$A[1]
- adc \$0,%rdx
- lea 1($i),$i # i++
- mov %rdx,$A[0]
-
- mulq $m1 # np[j]*m1
- add %rax,$N[1]
- mov ($ap),%rax # ap[0]
- adc \$0,%rdx
- add $A[1],$N[1]
- adc \$0,%rdx
- mov $N[0],-24(%rsp,$j,8) # tp[j-1]
- mov %rdx,$N[0]
-
- movq %xmm0,$m0 # bp[i+1]
- mov $N[1],-16(%rsp,$j,8) # tp[j-1]
-
- xor $N[1],$N[1]
- add $A[0],$N[0]
- adc \$0,$N[1]
- add (%rsp,$num,8),$N[0] # pull upmost overflow bit
- adc \$0,$N[1]
- mov $N[0],-8(%rsp,$j,8)
- mov $N[1],(%rsp,$j,8) # store upmost overflow bit
-
- cmp $num,$i
- jl .Louter4x
-___
-{
-my @ri=("%rax","%rdx",$m0,$m1);
-$code.=<<___;
- mov 16(%rsp,$num,8),$rp # restore $rp
- mov 0(%rsp), at ri[0] # tp[0]
- pxor %xmm0,%xmm0
- mov 8(%rsp), at ri[1] # tp[1]
- shr \$2,$num # num/=4
- lea (%rsp),$ap # borrow ap for tp
- xor $i,$i # i=0 and clear CF!
-
- sub 0($np), at ri[0]
- mov 16($ap), at ri[2] # tp[2]
- mov 24($ap), at ri[3] # tp[3]
- sbb 8($np), at ri[1]
- lea -1($num),$j # j=num/4-1
- jmp .Lsub4x
-.align 16
-.Lsub4x:
- mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
- sbb 16($np,$i,8), at ri[2]
- mov 32($ap,$i,8), at ri[0] # tp[i+1]
- mov 40($ap,$i,8), at ri[1]
- sbb 24($np,$i,8), at ri[3]
- mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
- sbb 32($np,$i,8), at ri[0]
- mov 48($ap,$i,8), at ri[2]
- mov 56($ap,$i,8), at ri[3]
- sbb 40($np,$i,8), at ri[1]
- lea 4($i),$i # i++
- dec $j # doesnn't affect CF!
- jnz .Lsub4x
-
- mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
- mov 32($ap,$i,8), at ri[0] # load overflow bit
- sbb 16($np,$i,8), at ri[2]
- mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
- sbb 24($np,$i,8), at ri[3]
- mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
-
- sbb \$0, at ri[0] # handle upmost overflow bit
- mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
- xor $i,$i # i=0
- and @ri[0],$ap
- not @ri[0]
- mov $rp,$np
- and @ri[0],$np
- lea -1($num),$j
- or $np,$ap # ap=borrow?tp:rp
-
- movdqu ($ap),%xmm1
- movdqa %xmm0,(%rsp)
- movdqu %xmm1,($rp)
- jmp .Lcopy4x
-.align 16
-.Lcopy4x: # copy or in-place refresh
- movdqu 16($ap,$i),%xmm2
- movdqu 32($ap,$i),%xmm1
- movdqa %xmm0,16(%rsp,$i)
- movdqu %xmm2,16($rp,$i)
- movdqa %xmm0,32(%rsp,$i)
- movdqu %xmm1,32($rp,$i)
- lea 32($i),$i
- dec $j
- jnz .Lcopy4x
-
- shl \$2,$num
- movdqu 16($ap,$i),%xmm2
- movdqa %xmm0,16(%rsp,$i)
- movdqu %xmm2,16($rp,$i)
-___
-}
-$code.=<<___;
- mov 8(%rsp,$num,8),%rsi # restore %rsp
- mov \$1,%rax
-___
-$code.=<<___ if ($win64);
- movaps (%rsi),%xmm6
- movaps 0x10(%rsi),%xmm7
- lea 0x28(%rsi),%rsi
-___
-$code.=<<___;
- mov (%rsi),%r15
- mov 8(%rsi),%r14
- mov 16(%rsi),%r13
- mov 24(%rsi),%r12
- mov 32(%rsi),%rbp
- mov 40(%rsi),%rbx
- lea 48(%rsi),%rsp
-.Lmul4x_epilogue:
- ret
-.size bn_mul4x_mont_gather5,.-bn_mul4x_mont_gather5
-___
-}}}
-
-{
-my ($inp,$num,$tbl,$idx)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
- ("%rdi","%rsi","%rdx","%rcx"); # Unix order
-my $out=$inp;
-my $STRIDE=2**5*8;
-my $N=$STRIDE/4;
-
-$code.=<<___;
-.globl bn_scatter5
-.type bn_scatter5,\@abi-omnipotent
-.align 16
-bn_scatter5:
- cmp \$0, $num
- jz .Lscatter_epilogue
- lea ($tbl,$idx,8),$tbl
-.Lscatter:
- mov ($inp),%rax
- lea 8($inp),$inp
- mov %rax,($tbl)
- lea 32*8($tbl),$tbl
- sub \$1,$num
- jnz .Lscatter
-.Lscatter_epilogue:
- ret
-.size bn_scatter5,.-bn_scatter5
-
-.globl bn_gather5
-.type bn_gather5,\@abi-omnipotent
-.align 16
-bn_gather5:
-___
-$code.=<<___ if ($win64);
-.LSEH_begin_bn_gather5:
- # I can't trust assembler to use specific encoding:-(
- .byte 0x48,0x83,0xec,0x28 #sub \$0x28,%rsp
- .byte 0x0f,0x29,0x34,0x24 #movaps %xmm6,(%rsp)
- .byte 0x0f,0x29,0x7c,0x24,0x10 #movdqa %xmm7,0x10(%rsp)
-___
-$code.=<<___;
- mov $idx,%r11
- shr \$`log($N/8)/log(2)`,$idx
- and \$`$N/8-1`,%r11
- not $idx
- lea .Lmagic_masks(%rip),%rax
- and \$`2**5/($N/8)-1`,$idx # 5 is "window size"
- lea 96($tbl,%r11,8),$tbl # pointer within 1st cache line
- movq 0(%rax,$idx,8),%xmm4 # set of masks denoting which
- movq 8(%rax,$idx,8),%xmm5 # cache line contains element
- movq 16(%rax,$idx,8),%xmm6 # denoted by 7th argument
- movq 24(%rax,$idx,8),%xmm7
- jmp .Lgather
-.align 16
-.Lgather:
- movq `0*$STRIDE/4-96`($tbl),%xmm0
- movq `1*$STRIDE/4-96`($tbl),%xmm1
- pand %xmm4,%xmm0
- movq `2*$STRIDE/4-96`($tbl),%xmm2
- pand %xmm5,%xmm1
- movq `3*$STRIDE/4-96`($tbl),%xmm3
- pand %xmm6,%xmm2
- por %xmm1,%xmm0
- pand %xmm7,%xmm3
- por %xmm2,%xmm0
- lea $STRIDE($tbl),$tbl
- por %xmm3,%xmm0
-
- movq %xmm0,($out) # m0=bp[0]
- lea 8($out),$out
- sub \$1,$num
- jnz .Lgather
-___
-$code.=<<___ if ($win64);
- movaps (%rsp),%xmm6
- movaps 0x10(%rsp),%xmm7
- lea 0x28(%rsp),%rsp
-___
-$code.=<<___;
- ret
-.LSEH_end_bn_gather5:
-.size bn_gather5,.-bn_gather5
-___
-}
-$code.=<<___;
-.align 64
-.Lmagic_masks:
- .long 0,0, 0,0, 0,0, -1,-1
- .long 0,0, 0,0, 0,0, 0,0
-.asciz "Montgomery Multiplication with scatter/gather for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-# CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern __imp_RtlVirtualUnwind
-.type mul_handler,\@abi-omnipotent
-.align 16
-mul_handler:
- push %rsi
- push %rdi
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
- pushfq
- sub \$64,%rsp
-
- mov 120($context),%rax # pull context->Rax
- mov 248($context),%rbx # pull context->Rip
-
- mov 8($disp),%rsi # disp->ImageBase
- mov 56($disp),%r11 # disp->HandlerData
-
- mov 0(%r11),%r10d # HandlerData[0]
- lea (%rsi,%r10),%r10 # end of prologue label
- cmp %r10,%rbx # context->Rip<end of prologue label
- jb .Lcommon_seh_tail
-
- lea `40+48`(%rax),%rax
-
- mov 4(%r11),%r10d # HandlerData[1]
- lea (%rsi,%r10),%r10 # end of alloca label
- cmp %r10,%rbx # context->Rip<end of alloca label
- jb .Lcommon_seh_tail
-
- mov 152($context),%rax # pull context->Rsp
-
- mov 8(%r11),%r10d # HandlerData[2]
- lea (%rsi,%r10),%r10 # epilogue label
- cmp %r10,%rbx # context->Rip>=epilogue label
- jae .Lcommon_seh_tail
-
- mov 192($context),%r10 # pull $num
- mov 8(%rax,%r10,8),%rax # pull saved stack pointer
-
- movaps (%rax),%xmm0
- movaps 16(%rax),%xmm1
- lea `40+48`(%rax),%rax
-
- mov -8(%rax),%rbx
- mov -16(%rax),%rbp
- mov -24(%rax),%r12
- mov -32(%rax),%r13
- mov -40(%rax),%r14
- mov -48(%rax),%r15
- mov %rbx,144($context) # restore context->Rbx
- mov %rbp,160($context) # restore context->Rbp
- mov %r12,216($context) # restore context->R12
- mov %r13,224($context) # restore context->R13
- mov %r14,232($context) # restore context->R14
- mov %r15,240($context) # restore context->R15
- movups %xmm0,512($context) # restore context->Xmm6
- movups %xmm1,528($context) # restore context->Xmm7
-
-.Lcommon_seh_tail:
- mov 8(%rax),%rdi
- mov 16(%rax),%rsi
- mov %rax,152($context) # restore context->Rsp
- mov %rsi,168($context) # restore context->Rsi
- mov %rdi,176($context) # restore context->Rdi
-
- mov 40($disp),%rdi # disp->ContextRecord
- mov $context,%rsi # context
- mov \$154,%ecx # sizeof(CONTEXT)
- .long 0xa548f3fc # cld; rep movsq
-
- mov $disp,%rsi
- xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
- mov 8(%rsi),%rdx # arg2, disp->ImageBase
- mov 0(%rsi),%r8 # arg3, disp->ControlPc
- mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
- mov 40(%rsi),%r10 # disp->ContextRecord
- lea 56(%rsi),%r11 # &disp->HandlerData
- lea 24(%rsi),%r12 # &disp->EstablisherFrame
- mov %r10,32(%rsp) # arg5
- mov %r11,40(%rsp) # arg6
- mov %r12,48(%rsp) # arg7
- mov %rcx,56(%rsp) # arg8, (NULL)
- call *__imp_RtlVirtualUnwind(%rip)
-
- mov \$1,%eax # ExceptionContinueSearch
- add \$64,%rsp
- popfq
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
- pop %rdi
- pop %rsi
- ret
-.size mul_handler,.-mul_handler
-
-.section .pdata
-.align 4
- .rva .LSEH_begin_bn_mul_mont_gather5
- .rva .LSEH_end_bn_mul_mont_gather5
- .rva .LSEH_info_bn_mul_mont_gather5
-
- .rva .LSEH_begin_bn_mul4x_mont_gather5
- .rva .LSEH_end_bn_mul4x_mont_gather5
- .rva .LSEH_info_bn_mul4x_mont_gather5
-
- .rva .LSEH_begin_bn_gather5
- .rva .LSEH_end_bn_gather5
- .rva .LSEH_info_bn_gather5
-
-.section .xdata
-.align 8
-.LSEH_info_bn_mul_mont_gather5:
- .byte 9,0,0,0
- .rva mul_handler
- .rva .Lmul_alloca,.Lmul_body,.Lmul_epilogue # HandlerData[]
-.align 8
-.LSEH_info_bn_mul4x_mont_gather5:
- .byte 9,0,0,0
- .rva mul_handler
- .rva .Lmul4x_alloca,.Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
-.align 8
-.LSEH_info_bn_gather5:
- .byte 0x01,0x0d,0x05,0x00
- .byte 0x0d,0x78,0x01,0x00 #movaps 0x10(rsp),xmm7
- .byte 0x08,0x68,0x00,0x00 #movaps (rsp),xmm6
- .byte 0x04,0x42,0x00,0x00 #sub rsp,0x28
-.align 8
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-close STDOUT;
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/asm/x86_64-mont5.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1208 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# August 2011.
+#
+# Companion to x86_64-mont.pl that optimizes cache-timing attack
+# countermeasures. The subroutines are produced by replacing bp[i]
+# references in their x86_64-mont.pl counterparts with cache-neutral
+# references to powers table computed in BN_mod_exp_mont_consttime.
+# In addition subroutine that scatters elements of the powers table
+# is implemented, so that scatter-/gathering can be tuned without
+# bn_exp.c modifications.
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# int bn_mul_mont_gather5(
+$rp="%rdi"; # BN_ULONG *rp,
+$ap="%rsi"; # const BN_ULONG *ap,
+$bp="%rdx"; # const BN_ULONG *bp,
+$np="%rcx"; # const BN_ULONG *np,
+$n0="%r8"; # const BN_ULONG *n0,
+$num="%r9"; # int num,
+ # int idx); # 0 to 2^5-1, "index" in $bp holding
+ # pre-computed powers of a', interlaced
+ # in such manner that b[0] is $bp[idx],
+ # b[1] is [2^5+idx], etc.
+$lo0="%r10";
+$hi0="%r11";
+$hi1="%r13";
+$i="%r14";
+$j="%r15";
+$m0="%rbx";
+$m1="%rbp";
+
+$code=<<___;
+.text
+
+.globl bn_mul_mont_gather5
+.type bn_mul_mont_gather5,\@function,6
+.align 64
+bn_mul_mont_gather5:
+ test \$3,${num}d
+ jnz .Lmul_enter
+ cmp \$8,${num}d
+ jb .Lmul_enter
+ jmp .Lmul4x_enter
+
+.align 16
+.Lmul_enter:
+ mov ${num}d,${num}d
+ movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument
+ lea .Linc(%rip),%r10
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+.Lmul_alloca:
+ mov %rsp,%rax
+ lea 2($num),%r11
+ neg %r11
+ lea -264(%rsp,%r11,8),%rsp # tp=alloca(8*(num+2)+256+8)
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul_body:
+ # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # physical memory in strictly sequential manner, i.e. if stack
+ # allocation spans two pages, then reference to farmost one can
+ # be punishable by SEGV. But page walking can do good even on
+ # other OSes, because it guarantees that villain thread hits
+ # the guard page before it can make damage to innocent one...
+ sub %rsp,%rax
+ and \$-4096,%rax
+.Lmul_page_walk:
+ mov (%rsp,%rax),%r11
+ sub \$4096,%rax
+ .byte 0x2e # predict non-taken
+ jnc .Lmul_page_walk
+
+ lea 128($bp),%r12 # reassign $bp (+size optimization)
+___
+ $bp="%r12";
+ $STRIDE=2**5*8; # 5 is "window size"
+ $N=$STRIDE/4; # should match cache line size
+$code.=<<___;
+ movdqa 0(%r10),%xmm0 # 00000001000000010000000000000000
+ movdqa 16(%r10),%xmm1 # 00000002000000020000000200000002
+ lea 24-112(%rsp,$num,8),%r10# place the mask after tp[num+3] (+ICache optimization)
+ and \$-16,%r10
+
+ pshufd \$0,%xmm5,%xmm5 # broadcast index
+ movdqa %xmm1,%xmm4
+ movdqa %xmm1,%xmm2
+___
+########################################################################
+# calculate mask by comparing 0..31 to index and save result to stack
+#
+$code.=<<___;
+ paddd %xmm0,%xmm1
+ pcmpeqd %xmm5,%xmm0 # compare to 1,0
+ .byte 0x67
+ movdqa %xmm4,%xmm3
+___
+for($k=0;$k<$STRIDE/16-4;$k+=4) {
+$code.=<<___;
+ paddd %xmm1,%xmm2
+ pcmpeqd %xmm5,%xmm1 # compare to 3,2
+ movdqa %xmm0,`16*($k+0)+112`(%r10)
+ movdqa %xmm4,%xmm0
+
+ paddd %xmm2,%xmm3
+ pcmpeqd %xmm5,%xmm2 # compare to 5,4
+ movdqa %xmm1,`16*($k+1)+112`(%r10)
+ movdqa %xmm4,%xmm1
+
+ paddd %xmm3,%xmm0
+ pcmpeqd %xmm5,%xmm3 # compare to 7,6
+ movdqa %xmm2,`16*($k+2)+112`(%r10)
+ movdqa %xmm4,%xmm2
+
+ paddd %xmm0,%xmm1
+ pcmpeqd %xmm5,%xmm0
+ movdqa %xmm3,`16*($k+3)+112`(%r10)
+ movdqa %xmm4,%xmm3
+___
+}
+$code.=<<___; # last iteration can be optimized
+ paddd %xmm1,%xmm2
+ pcmpeqd %xmm5,%xmm1
+ movdqa %xmm0,`16*($k+0)+112`(%r10)
+
+ paddd %xmm2,%xmm3
+ .byte 0x67
+ pcmpeqd %xmm5,%xmm2
+ movdqa %xmm1,`16*($k+1)+112`(%r10)
+
+ pcmpeqd %xmm5,%xmm3
+ movdqa %xmm2,`16*($k+2)+112`(%r10)
+ pand `16*($k+0)-128`($bp),%xmm0 # while it's still in register
+
+ pand `16*($k+1)-128`($bp),%xmm1
+ pand `16*($k+2)-128`($bp),%xmm2
+ movdqa %xmm3,`16*($k+3)+112`(%r10)
+ pand `16*($k+3)-128`($bp),%xmm3
+ por %xmm2,%xmm0
+ por %xmm3,%xmm1
+___
+for($k=0;$k<$STRIDE/16-4;$k+=4) {
+$code.=<<___;
+ movdqa `16*($k+0)-128`($bp),%xmm4
+ movdqa `16*($k+1)-128`($bp),%xmm5
+ movdqa `16*($k+2)-128`($bp),%xmm2
+ pand `16*($k+0)+112`(%r10),%xmm4
+ movdqa `16*($k+3)-128`($bp),%xmm3
+ pand `16*($k+1)+112`(%r10),%xmm5
+ por %xmm4,%xmm0
+ pand `16*($k+2)+112`(%r10),%xmm2
+ por %xmm5,%xmm1
+ pand `16*($k+3)+112`(%r10),%xmm3
+ por %xmm2,%xmm0
+ por %xmm3,%xmm1
+___
+}
+$code.=<<___;
+ por %xmm1,%xmm0
+ pshufd \$0x4e,%xmm0,%xmm1
+ por %xmm1,%xmm0
+ lea $STRIDE($bp),$bp
+ movq %xmm0,$m0 # m0=bp[0]
+
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$lo0
+ mov ($np),%rax
+
+ imulq $lo0,$m1 # "tp[0]"*n0
+ mov %rdx,$hi0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$hi1
+
+ lea 1($j),$j # j++
+ jmp .L1st_enter
+
+.align 16
+.L1st:
+ add %rax,$hi1
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ mov $lo0,$hi0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.L1st_enter:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 1($j),$j # j++
+ mov %rdx,$lo0
+
+ mulq $m1 # np[j]*m1
+ cmp $num,$j
+ jne .L1st
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+ mov $lo0,$hi0
+
+ xor %rdx,%rdx
+ add $hi0,$hi1
+ adc \$0,%rdx
+ mov $hi1,-8(%rsp,$num,8)
+ mov %rdx,(%rsp,$num,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+ jmp .Louter
+.align 16
+.Louter:
+ lea 24+128(%rsp,$num,8),%rdx # where 256-byte mask is (+size optimization)
+ and \$-16,%rdx
+ pxor %xmm4,%xmm4
+ pxor %xmm5,%xmm5
+___
+for($k=0;$k<$STRIDE/16;$k+=4) {
+$code.=<<___;
+ movdqa `16*($k+0)-128`($bp),%xmm0
+ movdqa `16*($k+1)-128`($bp),%xmm1
+ movdqa `16*($k+2)-128`($bp),%xmm2
+ movdqa `16*($k+3)-128`($bp),%xmm3
+ pand `16*($k+0)-128`(%rdx),%xmm0
+ pand `16*($k+1)-128`(%rdx),%xmm1
+ por %xmm0,%xmm4
+ pand `16*($k+2)-128`(%rdx),%xmm2
+ por %xmm1,%xmm5
+ pand `16*($k+3)-128`(%rdx),%xmm3
+ por %xmm2,%xmm4
+ por %xmm3,%xmm5
+___
+}
+$code.=<<___;
+ por %xmm5,%xmm4
+ pshufd \$0x4e,%xmm4,%xmm0
+ por %xmm4,%xmm0
+ lea $STRIDE($bp),$bp
+ movq %xmm0,$m0 # m0=bp[i]
+
+ xor $j,$j # j=0
+ mov $n0,$m1
+ mov (%rsp),$lo0
+
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$lo0 # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ imulq $lo0,$m1 # tp[0]*n0
+ mov %rdx,$hi0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov 8(%rsp),$lo0 # tp[1]
+ mov %rdx,$hi1
+
+ lea 1($j),$j # j++
+ jmp .Linner_enter
+
+.align 16
+.Linner:
+ add %rax,$hi1
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.Linner_enter:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
+ mov %rdx,$hi0
+ adc \$0,$hi0
+ lea 1($j),$j # j++
+
+ mulq $m1 # np[j]*m1
+ cmp $num,$j
+ jne .Linner
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+ xor %rdx,%rdx
+ add $hi0,$hi1
+ adc \$0,%rdx
+ add $lo0,$hi1 # pull upmost overflow bit
+ adc \$0,%rdx
+ mov $hi1,-8(%rsp,$num,8)
+ mov %rdx,(%rsp,$num,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+ cmp $num,$i
+ jl .Louter
+
+ xor $i,$i # i=0 and clear CF!
+ mov (%rsp),%rax # tp[0]
+ lea (%rsp),$ap # borrow ap for tp
+ mov $num,$j # j=num
+ jmp .Lsub
+.align 16
+.Lsub: sbb ($np,$i,8),%rax
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 8($ap,$i,8),%rax # tp[i+1]
+ lea 1($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub
+
+ sbb \$0,%rax # handle upmost overflow bit
+ xor $i,$i
+ and %rax,$ap
+ not %rax
+ mov $rp,$np
+ and %rax,$np
+ mov $num,$j # j=num
+ or $np,$ap # ap=borrow?tp:rp
+.align 16
+.Lcopy: # copy or in-place refresh
+ mov ($ap,$i,8),%rax
+ mov $i,(%rsp,$i,8) # zap temporary vector
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]
+ lea 1($i),$i
+ sub \$1,$j
+ jnz .Lcopy
+
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul_epilogue:
+ ret
+.size bn_mul_mont_gather5,.-bn_mul_mont_gather5
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type bn_mul4x_mont_gather5,\@function,6
+.align 16
+bn_mul4x_mont_gather5:
+.Lmul4x_enter:
+ mov ${num}d,${num}d
+ movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument
+ lea .Linc(%rip),%r10
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+.Lmul4x_alloca:
+ mov %rsp,%rax
+ lea 4($num),%r11
+ neg %r11
+ lea -256(%rsp,%r11,8),%rsp # tp=alloca(8*(num+4)+256)
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul4x_body:
+ sub %rsp,%rax
+ and \$-4096,%rax
+.Lmul4x_page_walk:
+ mov (%rsp,%rax),%r11
+ sub \$4096,%rax
+ .byte 0x2e # predict non-taken
+ jnc .Lmul4x_page_walk
+
+ mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
+ lea 128(%rdx),%r12 # reassign $bp (+size optimization)
+___
+ $bp="%r12";
+ $STRIDE=2**5*8; # 5 is "window size"
+ $N=$STRIDE/4; # should match cache line size
+$code.=<<___;
+ movdqa 0(%r10),%xmm0 # 00000001000000010000000000000000
+ movdqa 16(%r10),%xmm1 # 00000002000000020000000200000002
+ lea 32-112(%rsp,$num,8),%r10# place the mask after tp[num+4] (+ICache optimization)
+
+ pshufd \$0,%xmm5,%xmm5 # broadcast index
+ movdqa %xmm1,%xmm4
+ .byte 0x67,0x67
+ movdqa %xmm1,%xmm2
+___
+########################################################################
+# calculate mask by comparing 0..31 to index and save result to stack
+#
+$code.=<<___;
+ paddd %xmm0,%xmm1
+ pcmpeqd %xmm5,%xmm0 # compare to 1,0
+ .byte 0x67
+ movdqa %xmm4,%xmm3
+___
+for($k=0;$k<$STRIDE/16-4;$k+=4) {
+$code.=<<___;
+ paddd %xmm1,%xmm2
+ pcmpeqd %xmm5,%xmm1 # compare to 3,2
+ movdqa %xmm0,`16*($k+0)+112`(%r10)
+ movdqa %xmm4,%xmm0
+
+ paddd %xmm2,%xmm3
+ pcmpeqd %xmm5,%xmm2 # compare to 5,4
+ movdqa %xmm1,`16*($k+1)+112`(%r10)
+ movdqa %xmm4,%xmm1
+
+ paddd %xmm3,%xmm0
+ pcmpeqd %xmm5,%xmm3 # compare to 7,6
+ movdqa %xmm2,`16*($k+2)+112`(%r10)
+ movdqa %xmm4,%xmm2
+
+ paddd %xmm0,%xmm1
+ pcmpeqd %xmm5,%xmm0
+ movdqa %xmm3,`16*($k+3)+112`(%r10)
+ movdqa %xmm4,%xmm3
+___
+}
+$code.=<<___; # last iteration can be optimized
+ paddd %xmm1,%xmm2
+ pcmpeqd %xmm5,%xmm1
+ movdqa %xmm0,`16*($k+0)+112`(%r10)
+
+ paddd %xmm2,%xmm3
+ .byte 0x67
+ pcmpeqd %xmm5,%xmm2
+ movdqa %xmm1,`16*($k+1)+112`(%r10)
+
+ pcmpeqd %xmm5,%xmm3
+ movdqa %xmm2,`16*($k+2)+112`(%r10)
+ pand `16*($k+0)-128`($bp),%xmm0 # while it's still in register
+
+ pand `16*($k+1)-128`($bp),%xmm1
+ pand `16*($k+2)-128`($bp),%xmm2
+ movdqa %xmm3,`16*($k+3)+112`(%r10)
+ pand `16*($k+3)-128`($bp),%xmm3
+ por %xmm2,%xmm0
+ por %xmm3,%xmm1
+___
+for($k=0;$k<$STRIDE/16-4;$k+=4) {
+$code.=<<___;
+ movdqa `16*($k+0)-128`($bp),%xmm4
+ movdqa `16*($k+1)-128`($bp),%xmm5
+ movdqa `16*($k+2)-128`($bp),%xmm2
+ pand `16*($k+0)+112`(%r10),%xmm4
+ movdqa `16*($k+3)-128`($bp),%xmm3
+ pand `16*($k+1)+112`(%r10),%xmm5
+ por %xmm4,%xmm0
+ pand `16*($k+2)+112`(%r10),%xmm2
+ por %xmm5,%xmm1
+ pand `16*($k+3)+112`(%r10),%xmm3
+ por %xmm2,%xmm0
+ por %xmm3,%xmm1
+___
+}
+$code.=<<___;
+ por %xmm1,%xmm0
+ pshufd \$0x4e,%xmm0,%xmm1
+ por %xmm1,%xmm0
+ lea $STRIDE($bp),$bp
+ movq %xmm0,$m0 # m0=bp[0]
+
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$A[0]
+ mov ($np),%rax
+
+ imulq $A[0],$m1 # "tp[0]"*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ lea 4($j),$j # j++
+ adc \$0,%rdx
+ mov $N[1],(%rsp)
+ mov %rdx,$N[0]
+ jmp .L1st4x
+.align 16
+.L1st4x:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .L1st4x
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+.align 4
+.Louter4x:
+ lea 32+128(%rsp,$num,8),%rdx # where 256-byte mask is (+size optimization)
+ pxor %xmm4,%xmm4
+ pxor %xmm5,%xmm5
+___
+for($k=0;$k<$STRIDE/16;$k+=4) {
+$code.=<<___;
+ movdqa `16*($k+0)-128`($bp),%xmm0
+ movdqa `16*($k+1)-128`($bp),%xmm1
+ movdqa `16*($k+2)-128`($bp),%xmm2
+ movdqa `16*($k+3)-128`($bp),%xmm3
+ pand `16*($k+0)-128`(%rdx),%xmm0
+ pand `16*($k+1)-128`(%rdx),%xmm1
+ por %xmm0,%xmm4
+ pand `16*($k+2)-128`(%rdx),%xmm2
+ por %xmm1,%xmm5
+ pand `16*($k+3)-128`(%rdx),%xmm3
+ por %xmm2,%xmm4
+ por %xmm3,%xmm5
+___
+}
+$code.=<<___;
+ por %xmm5,%xmm4
+ pshufd \$0x4e,%xmm4,%xmm0
+ por %xmm4,%xmm0
+ lea $STRIDE($bp),$bp
+ movq %xmm0,$m0 # m0=bp[i]
+
+ xor $j,$j # j=0
+
+ mov (%rsp),$A[0]
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$A[0] # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ imulq $A[0],$m1 # tp[0]*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # "$N[0]", discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ add 8(%rsp),$A[1] # +tp[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
+ lea 4($j),$j # j+=2
+ adc \$0,%rdx
+ mov %rdx,$N[0]
+ jmp .Linner4x
+.align 16
+.Linner4x:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ add 8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[0],-40(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .Linner4x
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 1($i),$i # i++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ add (%rsp,$num,8),$N[0] # pull upmost overflow bit
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ cmp $num,$i
+ jl .Louter4x
+___
+{
+my @ri=("%rax","%rdx",$m0,$m1);
+$code.=<<___;
+ mov 16(%rsp,$num,8),$rp # restore $rp
+ mov 0(%rsp), at ri[0] # tp[0]
+ pxor %xmm0,%xmm0
+ mov 8(%rsp), at ri[1] # tp[1]
+ shr \$2,$num # num/=4
+ lea (%rsp),$ap # borrow ap for tp
+ xor $i,$i # i=0 and clear CF!
+
+ sub 0($np), at ri[0]
+ mov 16($ap), at ri[2] # tp[2]
+ mov 24($ap), at ri[3] # tp[3]
+ sbb 8($np), at ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsub4x
+.align 16
+.Lsub4x:
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($np,$i,8), at ri[2]
+ mov 32($ap,$i,8), at ri[0] # tp[i+1]
+ mov 40($ap,$i,8), at ri[1]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($np,$i,8), at ri[0]
+ mov 48($ap,$i,8), at ri[2]
+ mov 56($ap,$i,8), at ri[3]
+ sbb 40($np,$i,8), at ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub4x
+
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($ap,$i,8), at ri[0] # load overflow bit
+ sbb 16($np,$i,8), at ri[2]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0, at ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$ap
+ not @ri[0]
+ mov $rp,$np
+ and @ri[0],$np
+ lea -1($num),$j
+ or $np,$ap # ap=borrow?tp:rp
+
+ movdqu ($ap),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,($rp)
+ jmp .Lcopy4x
+.align 16
+.Lcopy4x: # copy or in-place refresh
+ movdqu 16($ap,$i),%xmm2
+ movdqu 32($ap,$i),%xmm1
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+ movdqa %xmm0,32(%rsp,$i)
+ movdqu %xmm1,32($rp,$i)
+ lea 32($i),$i
+ dec $j
+ jnz .Lcopy4x
+
+ shl \$2,$num
+ movdqu 16($ap,$i),%xmm2
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+___
+}
+$code.=<<___;
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul4x_epilogue:
+ ret
+.size bn_mul4x_mont_gather5,.-bn_mul4x_mont_gather5
+___
+}}}
+
+{
+my ($inp,$num,$tbl,$idx)=$win64?("%rcx","%rdx","%r8", "%r9d") : # Win64 order
+ ("%rdi","%rsi","%rdx","%ecx"); # Unix order
+my $out=$inp;
+my $STRIDE=2**5*8;
+my $N=$STRIDE/4;
+
+$code.=<<___;
+.globl bn_scatter5
+.type bn_scatter5,\@abi-omnipotent
+.align 16
+bn_scatter5:
+ cmp \$0, $num
+ jz .Lscatter_epilogue
+ lea ($tbl,$idx,8),$tbl
+.Lscatter:
+ mov ($inp),%rax
+ lea 8($inp),$inp
+ mov %rax,($tbl)
+ lea 32*8($tbl),$tbl
+ sub \$1,$num
+ jnz .Lscatter
+.Lscatter_epilogue:
+ ret
+.size bn_scatter5,.-bn_scatter5
+
+.globl bn_gather5
+.type bn_gather5,\@abi-omnipotent
+.align 16
+bn_gather5:
+.LSEH_begin_bn_gather5: # Win64 thing, but harmless in other cases
+ # I can't trust assembler to use specific encoding:-(
+ .byte 0x4c,0x8d,0x14,0x24 # lea (%rsp),%r10
+ .byte 0x48,0x81,0xec,0x08,0x01,0x00,0x00 # sub $0x108,%rsp
+ lea .Linc(%rip),%rax
+ and \$-16,%rsp # shouldn't be formally required
+
+ movd $idx,%xmm5
+ movdqa 0(%rax),%xmm0 # 00000001000000010000000000000000
+ movdqa 16(%rax),%xmm1 # 00000002000000020000000200000002
+ lea 128($tbl),%r11 # size optimization
+ lea 128(%rsp),%rax # size optimization
+
+ pshufd \$0,%xmm5,%xmm5 # broadcast $idx
+ movdqa %xmm1,%xmm4
+ movdqa %xmm1,%xmm2
+___
+########################################################################
+# calculate mask by comparing 0..31 to $idx and save result to stack
+#
+for($i=0;$i<$STRIDE/16;$i+=4) {
+$code.=<<___;
+ paddd %xmm0,%xmm1
+ pcmpeqd %xmm5,%xmm0 # compare to 1,0
+___
+$code.=<<___ if ($i);
+ movdqa %xmm3,`16*($i-1)-128`(%rax)
+___
+$code.=<<___;
+ movdqa %xmm4,%xmm3
+
+ paddd %xmm1,%xmm2
+ pcmpeqd %xmm5,%xmm1 # compare to 3,2
+ movdqa %xmm0,`16*($i+0)-128`(%rax)
+ movdqa %xmm4,%xmm0
+
+ paddd %xmm2,%xmm3
+ pcmpeqd %xmm5,%xmm2 # compare to 5,4
+ movdqa %xmm1,`16*($i+1)-128`(%rax)
+ movdqa %xmm4,%xmm1
+
+ paddd %xmm3,%xmm0
+ pcmpeqd %xmm5,%xmm3 # compare to 7,6
+ movdqa %xmm2,`16*($i+2)-128`(%rax)
+ movdqa %xmm4,%xmm2
+___
+}
+$code.=<<___;
+ movdqa %xmm3,`16*($i-1)-128`(%rax)
+ jmp .Lgather
+
+.align 32
+.Lgather:
+ pxor %xmm4,%xmm4
+ pxor %xmm5,%xmm5
+___
+for($i=0;$i<$STRIDE/16;$i+=4) {
+$code.=<<___;
+ movdqa `16*($i+0)-128`(%r11),%xmm0
+ movdqa `16*($i+1)-128`(%r11),%xmm1
+ movdqa `16*($i+2)-128`(%r11),%xmm2
+ pand `16*($i+0)-128`(%rax),%xmm0
+ movdqa `16*($i+3)-128`(%r11),%xmm3
+ pand `16*($i+1)-128`(%rax),%xmm1
+ por %xmm0,%xmm4
+ pand `16*($i+2)-128`(%rax),%xmm2
+ por %xmm1,%xmm5
+ pand `16*($i+3)-128`(%rax),%xmm3
+ por %xmm2,%xmm4
+ por %xmm3,%xmm5
+___
+}
+$code.=<<___;
+ por %xmm5,%xmm4
+ lea $STRIDE(%r11),%r11
+ pshufd \$0x4e,%xmm4,%xmm0
+ por %xmm4,%xmm0
+ movq %xmm0,($out) # m0=bp[0]
+ lea 8($out),$out
+ sub \$1,$num
+ jnz .Lgather
+
+ lea (%r10),%rsp
+ ret
+.LSEH_end_bn_gather5:
+.size bn_gather5,.-bn_gather5
+___
+}
+$code.=<<___;
+.align 64
+.Linc:
+ .long 0,0, 1,1
+ .long 2,2, 2,2
+.asciz "Montgomery Multiplication with scatter/gather for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type mul_handler,\@abi-omnipotent
+.align 16
+mul_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # end of prologue label
+ cmp %r10,%rbx # context->Rip<end of prologue label
+ jb .Lcommon_seh_tail
+
+ lea 48(%rax),%rax
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # end of alloca label
+ cmp %r10,%rbx # context->Rip<end of alloca label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 8(%r11),%r10d # HandlerData[2]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ mov 192($context),%r10 # pull $num
+ mov 8(%rax,%r10,8),%rax # pull saved stack pointer
+
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size mul_handler,.-mul_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_bn_mul_mont_gather5
+ .rva .LSEH_end_bn_mul_mont_gather5
+ .rva .LSEH_info_bn_mul_mont_gather5
+
+ .rva .LSEH_begin_bn_mul4x_mont_gather5
+ .rva .LSEH_end_bn_mul4x_mont_gather5
+ .rva .LSEH_info_bn_mul4x_mont_gather5
+
+ .rva .LSEH_begin_bn_gather5
+ .rva .LSEH_end_bn_gather5
+ .rva .LSEH_info_bn_gather5
+
+.section .xdata
+.align 8
+.LSEH_info_bn_mul_mont_gather5:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul_alloca,.Lmul_body,.Lmul_epilogue # HandlerData[]
+.align 8
+.LSEH_info_bn_mul4x_mont_gather5:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul4x_alloca,.Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
+.align 8
+.LSEH_info_bn_gather5:
+ .byte 0x01,0x0b,0x03,0x0a
+ .byte 0x0b,0x01,0x21,0x00 # sub rsp,0x108
+ .byte 0x04,0xa3,0x00,0x00 # lea r10,(rsp), set_frame r10
+.align 8
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+close STDOUT;
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,957 +0,0 @@
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_BN_H
-# define HEADER_BN_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_FP_API
-# include <stdio.h> /* FILE */
-# endif
-# include <openssl/ossl_typ.h>
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * These preprocessor symbols control various aspects of the bignum headers
- * and library code. They're not defined by any "normal" configuration, as
- * they are intended for development and testing purposes. NB: defining all
- * three can be useful for debugging application code as well as openssl
- * itself. BN_DEBUG - turn on various debugging alterations to the bignum
- * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
- * mismanagement of bignum internals. You must also define BN_DEBUG.
- */
-/* #define BN_DEBUG */
-/* #define BN_DEBUG_RAND */
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-# define BN_MUL_COMBA
-# define BN_SQR_COMBA
-# define BN_RECURSION
-# endif
-
-/*
- * This next option uses the C libraries (2 word)/(1 word) function. If it is
- * not defined, I use my C version (which is slower). The reason for this
- * flag is that when the particular C compiler library routine is used, and
- * the library is linked with a different compiler, the library is missing.
- * This mostly happens when the library is built with gcc and then linked
- * using normal cc. This would be a common occurrence because gcc normally
- * produces code that is 2 times faster than system compilers for the big
- * number stuff. For machines with only one compiler (or shared libraries),
- * this should be on. Again this in only really a problem on machines using
- * "long long's", are 32bit, and are not using my assembler code.
- */
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
- defined(OPENSSL_SYS_WIN32) || defined(linux)
-# ifndef BN_DIV2W
-# define BN_DIV2W
-# endif
-# endif
-
-/*
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
- */
-# ifdef SIXTY_FOUR_BIT_LONG
-# define BN_ULLONG unsigned long long
-# define BN_ULONG unsigned long
-# define BN_LONG long
-# define BN_BITS 128
-# define BN_BYTES 8
-# define BN_BITS2 64
-# define BN_BITS4 32
-# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
-# define BN_MASK2 (0xffffffffffffffffL)
-# define BN_MASK2l (0xffffffffL)
-# define BN_MASK2h (0xffffffff00000000L)
-# define BN_MASK2h1 (0xffffffff80000000L)
-# define BN_TBIT (0x8000000000000000L)
-# define BN_DEC_CONV (10000000000000000000UL)
-# define BN_DEC_FMT1 "%lu"
-# define BN_DEC_FMT2 "%019lu"
-# define BN_DEC_NUM 19
-# define BN_HEX_FMT1 "%lX"
-# define BN_HEX_FMT2 "%016lX"
-# endif
-
-/*
- * This is where the long long data type is 64 bits, but long is 32. For
- * machines where there are 64bit registers, this is the mode to use. IRIX,
- * on R4000 and above should use this mode, along with the relevant assembler
- * code :-). Do NOT define BN_LLONG.
- */
-# ifdef SIXTY_FOUR_BIT
-# undef BN_LLONG
-# undef BN_ULLONG
-# define BN_ULONG unsigned long long
-# define BN_LONG long long
-# define BN_BITS 128
-# define BN_BYTES 8
-# define BN_BITS2 64
-# define BN_BITS4 32
-# define BN_MASK2 (0xffffffffffffffffLL)
-# define BN_MASK2l (0xffffffffL)
-# define BN_MASK2h (0xffffffff00000000LL)
-# define BN_MASK2h1 (0xffffffff80000000LL)
-# define BN_TBIT (0x8000000000000000LL)
-# define BN_DEC_CONV (10000000000000000000ULL)
-# define BN_DEC_FMT1 "%llu"
-# define BN_DEC_FMT2 "%019llu"
-# define BN_DEC_NUM 19
-# define BN_HEX_FMT1 "%llX"
-# define BN_HEX_FMT2 "%016llX"
-# endif
-
-# ifdef THIRTY_TWO_BIT
-# ifdef BN_LLONG
-# if defined(_WIN32) && !defined(__GNUC__)
-# define BN_ULLONG unsigned __int64
-# define BN_MASK (0xffffffffffffffffI64)
-# else
-# define BN_ULLONG unsigned long long
-# define BN_MASK (0xffffffffffffffffLL)
-# endif
-# endif
-# define BN_ULONG unsigned int
-# define BN_LONG int
-# define BN_BITS 64
-# define BN_BYTES 4
-# define BN_BITS2 32
-# define BN_BITS4 16
-# define BN_MASK2 (0xffffffffL)
-# define BN_MASK2l (0xffff)
-# define BN_MASK2h1 (0xffff8000L)
-# define BN_MASK2h (0xffff0000L)
-# define BN_TBIT (0x80000000L)
-# define BN_DEC_CONV (1000000000L)
-# define BN_DEC_FMT1 "%u"
-# define BN_DEC_FMT2 "%09u"
-# define BN_DEC_NUM 9
-# define BN_HEX_FMT1 "%X"
-# define BN_HEX_FMT2 "%08X"
-# endif
-
-/*
- * 2011-02-22 SMS. In various places, a size_t variable or a type cast to
- * size_t was used to perform integer-only operations on pointers. This
- * failed on VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t
- * is still only 32 bits. What's needed in these cases is an integer type
- * with the same size as a pointer, which size_t is not certain to be. The
- * only fix here is VMS-specific.
- */
-# if defined(OPENSSL_SYS_VMS)
-# if __INITIAL_POINTER_SIZE == 64
-# define PTR_SIZE_INT long long
-# else /* __INITIAL_POINTER_SIZE == 64 */
-# define PTR_SIZE_INT int
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-# else /* defined(OPENSSL_SYS_VMS) */
-# define PTR_SIZE_INT size_t
-# endif /* defined(OPENSSL_SYS_VMS) [else] */
-
-# define BN_DEFAULT_BITS 1280
-
-# define BN_FLG_MALLOCED 0x01
-# define BN_FLG_STATIC_DATA 0x02
-
-/*
- * avoid leaking exponent information through timing,
- * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
- * BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch.
- */
-# define BN_FLG_CONSTTIME 0x04
-
-# ifdef OPENSSL_NO_DEPRECATED
-/* deprecated name for the flag */
-# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
-/*
- * avoid leaking exponent information through timings
- * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
- */
-# endif
-
-# ifndef OPENSSL_NO_DEPRECATED
-# define BN_FLG_FREE 0x8000
- /* used for debuging */
-# endif
-# define BN_set_flags(b,n) ((b)->flags|=(n))
-# define BN_get_flags(b,n) ((b)->flags&(n))
-
-/*
- * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
- * two BIGNUMs cannot not be used in parallel!)
- */
-# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
- (dest)->top=(b)->top, \
- (dest)->dmax=(b)->dmax, \
- (dest)->neg=(b)->neg, \
- (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
- | ((b)->flags & ~BN_FLG_MALLOCED) \
- | BN_FLG_STATIC_DATA \
- | (n)))
-
-/* Already declared in ossl_typ.h */
-# if 0
-typedef struct bignum_st BIGNUM;
-/* Used for temp variables (declaration hidden in bn_lcl.h) */
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-# endif
-
-struct bignum_st {
- BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
- * chunks. */
- int top; /* Index of last used d +1. */
- /* The next are internal book keeping for bn_expand. */
- int dmax; /* Size of the d array. */
- int neg; /* one if the number is negative */
- int flags;
-};
-
-/* Used for montgomery multiplication */
-struct bn_mont_ctx_st {
- int ri; /* number of bits in R */
- BIGNUM RR; /* used to convert to montgomery form */
- BIGNUM N; /* The modulus */
- BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
- * stored for bignum algorithm) */
- BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
- * changed with 0.9.9, was "BN_ULONG n0;"
- * before) */
- int flags;
-};
-
-/*
- * Used for reciprocal division/mod functions It cannot be shared between
- * threads
- */
-struct bn_recp_ctx_st {
- BIGNUM N; /* the divisor */
- BIGNUM Nr; /* the reciprocal */
- int num_bits;
- int shift;
- int flags;
-};
-
-/* Used for slow "generation" functions. */
-struct bn_gencb_st {
- unsigned int ver; /* To handle binary (in)compatibility */
- void *arg; /* callback-specific data */
- union {
- /* if(ver==1) - handles old style callbacks */
- void (*cb_1) (int, int, void *);
- /* if(ver==2) - new callback style */
- int (*cb_2) (int, int, BN_GENCB *);
- } cb;
-};
-/* Wrapper function to make using BN_GENCB easier, */
-int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 1; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_1 = (callback); }
-/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-# define BN_GENCB_set(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 2; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_2 = (callback); }
-
-# define BN_prime_checks 0 /* default: select number of iterations based
- * on the size of the number */
-
-/*
- * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
- * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
- * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error
- * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
- * 177-194)
- */
-# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
- (b) >= 850 ? 3 : \
- (b) >= 650 ? 4 : \
- (b) >= 550 ? 5 : \
- (b) >= 450 ? 6 : \
- (b) >= 400 ? 7 : \
- (b) >= 350 ? 8 : \
- (b) >= 300 ? 9 : \
- (b) >= 250 ? 12 : \
- (b) >= 200 ? 15 : \
- (b) >= 150 ? 18 : \
- /* b >= 100 */ 27)
-
-# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
-
-/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
- (((w) == 0) && ((a)->top == 0)))
-# define BN_is_zero(a) ((a)->top == 0)
-# define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
-# define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-# define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
-
-# define BN_one(a) (BN_set_word((a),1))
-# define BN_zero_ex(a) \
- do { \
- BIGNUM *_tmp_bn = (a); \
- _tmp_bn->top = 0; \
- _tmp_bn->neg = 0; \
- } while(0)
-# ifdef OPENSSL_NO_DEPRECATED
-# define BN_zero(a) BN_zero_ex(a)
-# else
-# define BN_zero(a) (BN_set_word((a),0))
-# endif
-
-const BIGNUM *BN_value_one(void);
-char *BN_options(void);
-BN_CTX *BN_CTX_new(void);
-# ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *c);
-# endif
-void BN_CTX_free(BN_CTX *c);
-void BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void BN_CTX_end(BN_CTX *ctx);
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_num_bits(const BIGNUM *a);
-int BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void BN_init(BIGNUM *);
-void BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/** BN_set_negative sets sign of a BIGNUM
- * \param b pointer to the BIGNUM object
- * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
- */
-void BN_set_negative(BIGNUM *b, int n);
-/** BN_is_negative returns 1 if the BIGNUM is negative
- * \param a pointer to the BIGNUM object
- * \return 1 if a < 0 and 0 otherwise
- */
-# define BN_is_negative(a) ((a)->neg != 0)
-
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
- BN_CTX *ctx);
-# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int BN_mul_word(BIGNUM *a, BN_ULONG w);
-int BN_add_word(BIGNUM *a, BN_ULONG w);
-int BN_sub_word(BIGNUM *a, BN_ULONG w);
-int BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void BN_free(BIGNUM *a);
-int BN_is_bit_set(const BIGNUM *a, int n);
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
-int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
- const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-int BN_mask_bits(BIGNUM *a, int n);
-# ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a);
-# endif
-# ifdef HEADER_BIO_H
-int BN_print(BIO *fp, const BIGNUM *a);
-# else
-int BN_print(void *fp, const BIGNUM *a);
-# endif
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int BN_set_bit(BIGNUM *a, int n);
-int BN_clear_bit(BIGNUM *a, int n);
-char *BN_bn2hex(const BIGNUM *a);
-char *BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
-int BN_asc2bn(BIGNUM **a, const char *str);
-int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
- * -2 for
- * error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-
-void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
-
-/* Deprecated versions */
-# ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
- const BIGNUM *add, const BIGNUM *rem,
- void (*callback) (int, int, void *), void *cb_arg);
-int BN_is_prime(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *),
- BN_CTX *ctx, void *cb_arg);
-int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *), BN_CTX *ctx,
- void *cb_arg, int do_trial_division);
-# endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* Newer versions */
-int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
- const BIGNUM *rem, BN_GENCB *cb);
-int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
- int do_trial_division, BN_GENCB *cb);
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
- const BIGNUM *Xp, const BIGNUM *Xp1,
- const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
- BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
- BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
- BN_CTX *ctx, BN_GENCB *cb);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void);
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-# define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
- (r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
- const BIGNUM *mod, BN_CTX *ctx);
-
-/* BN_BLINDING flags */
-# define BN_BLINDING_NO_UPDATE 0x00000001
-# define BN_BLINDING_NO_RECREATE 0x00000002
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
- BN_CTX *);
-# ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
-void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
-# endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
- const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
- int (*bn_mod_exp) (BIGNUM *r,
- const BIGNUM *a,
- const BIGNUM *p,
- const BIGNUM *m,
- BN_CTX *ctx,
- BN_MONT_CTX *m_ctx),
- BN_MONT_CTX *m_ctx);
-
-# ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul, int high, int low, int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-# endif
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_EC2M
-
-/*
- * Functions for arithmetic over binary polynomials represented by BIGNUMs.
- * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored. Note that input arguments are not const so that their bit arrays
- * can be expanded to the appropriate size if needed.
- */
-
-/*
- * r = a + b
- */
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-/*
- * r=a mod p
- */
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx);
-# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/*-
- * Some functions allow for representation of the irreducible polynomials
- * as an unsigned int[], say p. The irreducible f(t) is then of the form:
- * t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-/* r = a mod p */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
- BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
- BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
- const int p[], BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
- const int p[], BN_CTX *ctx);
-int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
-int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-
-# endif
-
-/*
- * faster mod functions for the 'NIST primes' 0 <= a < p^2
- */
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-const BIGNUM *BN_get0_nist_prime_192(void);
-const BIGNUM *BN_get0_nist_prime_224(void);
-const BIGNUM *BN_get0_nist_prime_256(void);
-const BIGNUM *BN_get0_nist_prime_384(void);
-const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
- (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
-# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-# ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-# endif
-
-/*-
- * Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- * bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- * - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- * consistent. (ed: only if BN_DEBUG_RAND is defined)
- * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-
-# ifdef BN_DEBUG
-
-/* We only need assert() when debugging */
-# include <assert.h>
-
-# ifdef BN_DEBUG_RAND
-/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
-# ifndef RAND_pseudo_bytes
-int RAND_pseudo_bytes(unsigned char *buf, int num);
-# define BN_DEBUG_TRIX
-# endif
-# define bn_pollute(a) \
- do { \
- const BIGNUM *_bnum1 = (a); \
- if(_bnum1->top < _bnum1->dmax) { \
- unsigned char _tmp_char; \
- /* We cast away const without the compiler knowing, any \
- * *genuinely* constant variables that aren't mutable \
- * wouldn't be constructed with top!=dmax. */ \
- BN_ULONG *_not_const; \
- memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
- /* Debug only - safe to ignore error return */ \
- RAND_pseudo_bytes(&_tmp_char, 1); \
- memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
- (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
- } \
- } while(0)
-# ifdef BN_DEBUG_TRIX
-# undef RAND_pseudo_bytes
-# endif
-# else
-# define bn_pollute(a)
-# endif
-# define bn_check_top(a) \
- do { \
- const BIGNUM *_bnum2 = (a); \
- if (_bnum2 != NULL) { \
- assert((_bnum2->top == 0) || \
- (_bnum2->d[_bnum2->top - 1] != 0)); \
- bn_pollute(_bnum2); \
- } \
- } while(0)
-
-# define bn_fix_top(a) bn_check_top(a)
-
-# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-# define bn_wcheck_size(bn, words) \
- do { \
- const BIGNUM *_bnum2 = (bn); \
- assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
- /* avoid unused variable warning with NDEBUG */ \
- (void)(_bnum2); \
- } while(0)
-
-# else /* !BN_DEBUG */
-
-# define bn_pollute(a)
-# define bn_check_top(a)
-# define bn_fix_top(a) bn_correct_top(a)
-# define bn_check_size(bn, bits)
-# define bn_wcheck_size(bn, words)
-
-# endif
-
-# define bn_correct_top(a) \
- { \
- BN_ULONG *ftl; \
- int tmp_top = (a)->top; \
- if (tmp_top > 0) \
- { \
- for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
- if (*(ftl--)) break; \
- (a)->top = tmp_top; \
- } \
- bn_pollute(a); \
- }
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
- BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- int num);
-
-/* Primes from RFC 2409 */
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
-
-/* Primes from RFC 3526 */
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-# define BN_F_BNRAND 127
-# define BN_F_BN_BLINDING_CONVERT_EX 100
-# define BN_F_BN_BLINDING_CREATE_PARAM 128
-# define BN_F_BN_BLINDING_INVERT_EX 101
-# define BN_F_BN_BLINDING_NEW 102
-# define BN_F_BN_BLINDING_UPDATE 103
-# define BN_F_BN_BN2DEC 104
-# define BN_F_BN_BN2HEX 105
-# define BN_F_BN_CTX_GET 116
-# define BN_F_BN_CTX_NEW 106
-# define BN_F_BN_CTX_START 129
-# define BN_F_BN_DIV 107
-# define BN_F_BN_DIV_NO_BRANCH 138
-# define BN_F_BN_DIV_RECP 130
-# define BN_F_BN_EXP 123
-# define BN_F_BN_EXPAND2 108
-# define BN_F_BN_EXPAND_INTERNAL 120
-# define BN_F_BN_GF2M_MOD 131
-# define BN_F_BN_GF2M_MOD_EXP 132
-# define BN_F_BN_GF2M_MOD_MUL 133
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
-# define BN_F_BN_GF2M_MOD_SQR 136
-# define BN_F_BN_GF2M_MOD_SQRT 137
-# define BN_F_BN_LSHIFT 145
-# define BN_F_BN_MOD_EXP2_MONT 118
-# define BN_F_BN_MOD_EXP_MONT 109
-# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
-# define BN_F_BN_MOD_EXP_MONT_WORD 117
-# define BN_F_BN_MOD_EXP_RECP 125
-# define BN_F_BN_MOD_EXP_SIMPLE 126
-# define BN_F_BN_MOD_INVERSE 110
-# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
-# define BN_F_BN_MOD_LSHIFT_QUICK 119
-# define BN_F_BN_MOD_MUL_RECIPROCAL 111
-# define BN_F_BN_MOD_SQRT 121
-# define BN_F_BN_MPI2BN 112
-# define BN_F_BN_NEW 113
-# define BN_F_BN_RAND 114
-# define BN_F_BN_RAND_RANGE 122
-# define BN_F_BN_RSHIFT 146
-# define BN_F_BN_USUB 115
-
-/* Reason codes. */
-# define BN_R_ARG2_LT_ARG3 100
-# define BN_R_BAD_RECIPROCAL 101
-# define BN_R_BIGNUM_TOO_LONG 114
-# define BN_R_BITS_TOO_SMALL 118
-# define BN_R_CALLED_WITH_EVEN_MODULUS 102
-# define BN_R_DIV_BY_ZERO 103
-# define BN_R_ENCODING_ERROR 104
-# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
-# define BN_R_INPUT_NOT_REDUCED 110
-# define BN_R_INVALID_LENGTH 106
-# define BN_R_INVALID_RANGE 115
-# define BN_R_INVALID_SHIFT 119
-# define BN_R_NOT_A_SQUARE 111
-# define BN_R_NOT_INITIALIZED 107
-# define BN_R_NO_INVERSE 108
-# define BN_R_NO_SOLUTION 116
-# define BN_R_P_IS_NOT_PRIME 112
-# define BN_R_TOO_MANY_ITERATIONS 113
-# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/bn.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,967 @@
+/* crypto/bn/bn.h */
+/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the Eric Young open source
+ * license provided above.
+ *
+ * The binary polynomial arithmetic software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifndef HEADER_BN_H
+# define HEADER_BN_H
+
+# include <limits.h>
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_FP_API
+# include <stdio.h> /* FILE */
+# endif
+# include <openssl/ossl_typ.h>
+# include <openssl/crypto.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * These preprocessor symbols control various aspects of the bignum headers
+ * and library code. They're not defined by any "normal" configuration, as
+ * they are intended for development and testing purposes. NB: defining all
+ * three can be useful for debugging application code as well as openssl
+ * itself. BN_DEBUG - turn on various debugging alterations to the bignum
+ * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
+ * mismanagement of bignum internals. You must also define BN_DEBUG.
+ */
+/* #define BN_DEBUG */
+/* #define BN_DEBUG_RAND */
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+# define BN_MUL_COMBA
+# define BN_SQR_COMBA
+# define BN_RECURSION
+# endif
+
+/*
+ * This next option uses the C libraries (2 word)/(1 word) function. If it is
+ * not defined, I use my C version (which is slower). The reason for this
+ * flag is that when the particular C compiler library routine is used, and
+ * the library is linked with a different compiler, the library is missing.
+ * This mostly happens when the library is built with gcc and then linked
+ * using normal cc. This would be a common occurrence because gcc normally
+ * produces code that is 2 times faster than system compilers for the big
+ * number stuff. For machines with only one compiler (or shared libraries),
+ * this should be on. Again this in only really a problem on machines using
+ * "long long's", are 32bit, and are not using my assembler code.
+ */
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
+ defined(OPENSSL_SYS_WIN32) || defined(linux)
+# ifndef BN_DIV2W
+# define BN_DIV2W
+# endif
+# endif
+
+/*
+ * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
+ * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
+ */
+# ifdef SIXTY_FOUR_BIT_LONG
+# define BN_ULLONG unsigned long long
+# define BN_ULONG unsigned long
+# define BN_LONG long
+# define BN_BITS 128
+# define BN_BYTES 8
+# define BN_BITS2 64
+# define BN_BITS4 32
+# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
+# define BN_MASK2 (0xffffffffffffffffL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000L)
+# define BN_MASK2h1 (0xffffffff80000000L)
+# define BN_TBIT (0x8000000000000000L)
+# define BN_DEC_CONV (10000000000000000000UL)
+# define BN_DEC_FMT1 "%lu"
+# define BN_DEC_FMT2 "%019lu"
+# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%lX"
+# define BN_HEX_FMT2 "%016lX"
+# endif
+
+/*
+ * This is where the long long data type is 64 bits, but long is 32. For
+ * machines where there are 64bit registers, this is the mode to use. IRIX,
+ * on R4000 and above should use this mode, along with the relevant assembler
+ * code :-). Do NOT define BN_LLONG.
+ */
+# ifdef SIXTY_FOUR_BIT
+# undef BN_LLONG
+# undef BN_ULLONG
+# define BN_ULONG unsigned long long
+# define BN_LONG long long
+# define BN_BITS 128
+# define BN_BYTES 8
+# define BN_BITS2 64
+# define BN_BITS4 32
+# define BN_MASK2 (0xffffffffffffffffLL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000LL)
+# define BN_MASK2h1 (0xffffffff80000000LL)
+# define BN_TBIT (0x8000000000000000LL)
+# define BN_DEC_CONV (10000000000000000000ULL)
+# define BN_DEC_FMT1 "%llu"
+# define BN_DEC_FMT2 "%019llu"
+# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%llX"
+# define BN_HEX_FMT2 "%016llX"
+# endif
+
+# ifdef THIRTY_TWO_BIT
+# ifdef BN_LLONG
+# if defined(_WIN32) && !defined(__GNUC__)
+# define BN_ULLONG unsigned __int64
+# define BN_MASK (0xffffffffffffffffI64)
+# else
+# define BN_ULLONG unsigned long long
+# define BN_MASK (0xffffffffffffffffLL)
+# endif
+# endif
+# define BN_ULONG unsigned int
+# define BN_LONG int
+# define BN_BITS 64
+# define BN_BYTES 4
+# define BN_BITS2 32
+# define BN_BITS4 16
+# define BN_MASK2 (0xffffffffL)
+# define BN_MASK2l (0xffff)
+# define BN_MASK2h1 (0xffff8000L)
+# define BN_MASK2h (0xffff0000L)
+# define BN_TBIT (0x80000000L)
+# define BN_DEC_CONV (1000000000L)
+# define BN_DEC_FMT1 "%u"
+# define BN_DEC_FMT2 "%09u"
+# define BN_DEC_NUM 9
+# define BN_HEX_FMT1 "%X"
+# define BN_HEX_FMT2 "%08X"
+# endif
+
+/*
+ * 2011-02-22 SMS. In various places, a size_t variable or a type cast to
+ * size_t was used to perform integer-only operations on pointers. This
+ * failed on VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t
+ * is still only 32 bits. What's needed in these cases is an integer type
+ * with the same size as a pointer, which size_t is not certain to be. The
+ * only fix here is VMS-specific.
+ */
+# if defined(OPENSSL_SYS_VMS)
+# if __INITIAL_POINTER_SIZE == 64
+# define PTR_SIZE_INT long long
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define PTR_SIZE_INT int
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+# else /* defined(OPENSSL_SYS_VMS) */
+# define PTR_SIZE_INT size_t
+# endif /* defined(OPENSSL_SYS_VMS) [else] */
+
+# define BN_DEFAULT_BITS 1280
+
+# define BN_FLG_MALLOCED 0x01
+# define BN_FLG_STATIC_DATA 0x02
+
+/*
+ * avoid leaking exponent information through timing,
+ * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+ * BN_div() will call BN_div_no_branch,
+ * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+ */
+# define BN_FLG_CONSTTIME 0x04
+
+# ifdef OPENSSL_NO_DEPRECATED
+/* deprecated name for the flag */
+# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
+/*
+ * avoid leaking exponent information through timings
+ * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
+ */
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED
+# define BN_FLG_FREE 0x8000
+ /* used for debuging */
+# endif
+# define BN_set_flags(b,n) ((b)->flags|=(n))
+# define BN_get_flags(b,n) ((b)->flags&(n))
+
+/*
+ * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+ * two BIGNUMs cannot not be used in parallel!)
+ */
+# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
+ (dest)->top=(b)->top, \
+ (dest)->dmax=(b)->dmax, \
+ (dest)->neg=(b)->neg, \
+ (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
+ | ((b)->flags & ~BN_FLG_MALLOCED) \
+ | BN_FLG_STATIC_DATA \
+ | (n)))
+
+/* Already declared in ossl_typ.h */
+# if 0
+typedef struct bignum_st BIGNUM;
+/* Used for temp variables (declaration hidden in bn_lcl.h) */
+typedef struct bignum_ctx BN_CTX;
+typedef struct bn_blinding_st BN_BLINDING;
+typedef struct bn_mont_ctx_st BN_MONT_CTX;
+typedef struct bn_recp_ctx_st BN_RECP_CTX;
+typedef struct bn_gencb_st BN_GENCB;
+# endif
+
+struct bignum_st {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
+ * chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int dmax; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ int flags;
+};
+
+/* Used for montgomery multiplication */
+struct bn_mont_ctx_st {
+ int ri; /* number of bits in R */
+ BIGNUM RR; /* used to convert to montgomery form */
+ BIGNUM N; /* The modulus */
+ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
+ * stored for bignum algorithm) */
+ BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
+ * changed with 0.9.9, was "BN_ULONG n0;"
+ * before) */
+ int flags;
+};
+
+/*
+ * Used for reciprocal division/mod functions It cannot be shared between
+ * threads
+ */
+struct bn_recp_ctx_st {
+ BIGNUM N; /* the divisor */
+ BIGNUM Nr; /* the reciprocal */
+ int num_bits;
+ int shift;
+ int flags;
+};
+
+/* Used for slow "generation" functions. */
+struct bn_gencb_st {
+ unsigned int ver; /* To handle binary (in)compatibility */
+ void *arg; /* callback-specific data */
+ union {
+ /* if(ver==1) - handles old style callbacks */
+ void (*cb_1) (int, int, void *);
+ /* if(ver==2) - new callback style */
+ int (*cb_2) (int, int, BN_GENCB *);
+ } cb;
+};
+/* Wrapper function to make using BN_GENCB easier, */
+int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+/* Macro to populate a BN_GENCB structure with an "old"-style callback */
+# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
+ BN_GENCB *tmp_gencb = (gencb); \
+ tmp_gencb->ver = 1; \
+ tmp_gencb->arg = (cb_arg); \
+ tmp_gencb->cb.cb_1 = (callback); }
+/* Macro to populate a BN_GENCB structure with a "new"-style callback */
+# define BN_GENCB_set(gencb, callback, cb_arg) { \
+ BN_GENCB *tmp_gencb = (gencb); \
+ tmp_gencb->ver = 2; \
+ tmp_gencb->arg = (cb_arg); \
+ tmp_gencb->cb.cb_2 = (callback); }
+
+# define BN_prime_checks 0 /* default: select number of iterations based
+ * on the size of the number */
+
+/*
+ * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
+ * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
+ * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
+ * original paper: Damgaard, Landrock, Pomerance: Average case error
+ * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
+ * 177-194)
+ */
+# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
+ (b) >= 850 ? 3 : \
+ (b) >= 650 ? 4 : \
+ (b) >= 550 ? 5 : \
+ (b) >= 450 ? 6 : \
+ (b) >= 400 ? 7 : \
+ (b) >= 350 ? 8 : \
+ (b) >= 300 ? 9 : \
+ (b) >= 250 ? 12 : \
+ (b) >= 200 ? 15 : \
+ (b) >= 150 ? 18 : \
+ /* b >= 100 */ 27)
+
+# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
+# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
+ (((w) == 0) && ((a)->top == 0)))
+# define BN_is_zero(a) ((a)->top == 0)
+# define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
+# define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
+# define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
+
+# define BN_one(a) (BN_set_word((a),1))
+# define BN_zero_ex(a) \
+ do { \
+ BIGNUM *_tmp_bn = (a); \
+ _tmp_bn->top = 0; \
+ _tmp_bn->neg = 0; \
+ } while(0)
+# ifdef OPENSSL_NO_DEPRECATED
+# define BN_zero(a) BN_zero_ex(a)
+# else
+# define BN_zero(a) (BN_set_word((a),0))
+# endif
+
+const BIGNUM *BN_value_one(void);
+char *BN_options(void);
+BN_CTX *BN_CTX_new(void);
+# ifndef OPENSSL_NO_DEPRECATED
+void BN_CTX_init(BN_CTX *c);
+# endif
+void BN_CTX_free(BN_CTX *c);
+void BN_CTX_start(BN_CTX *ctx);
+BIGNUM *BN_CTX_get(BN_CTX *ctx);
+void BN_CTX_end(BN_CTX *ctx);
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_num_bits(const BIGNUM *a);
+int BN_num_bits_word(BN_ULONG);
+BIGNUM *BN_new(void);
+void BN_init(BIGNUM *);
+void BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
+void BN_swap(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
+/** BN_set_negative sets sign of a BIGNUM
+ * \param b pointer to the BIGNUM object
+ * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
+ */
+void BN_set_negative(BIGNUM *b, int n);
+/** BN_is_negative returns 1 if the BIGNUM is negative
+ * \param a pointer to the BIGNUM object
+ * \return 1 if a < 0 and 0 otherwise
+ */
+# define BN_is_negative(a) ((a)->neg != 0)
+
+int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+ BN_CTX *ctx);
+# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
+int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
+
+BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+int BN_mul_word(BIGNUM *a, BN_ULONG w);
+int BN_add_word(BIGNUM *a, BN_ULONG w);
+int BN_sub_word(BIGNUM *a, BN_ULONG w);
+int BN_set_word(BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_get_word(const BIGNUM *a);
+
+int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(const BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, const BIGNUM *a);
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
+ const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+ BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+
+int BN_mask_bits(BIGNUM *a, int n);
+# ifndef OPENSSL_NO_FP_API
+int BN_print_fp(FILE *fp, const BIGNUM *a);
+# endif
+# ifdef HEADER_BIO_H
+int BN_print(BIO *fp, const BIGNUM *a);
+# else
+int BN_print(void *fp, const BIGNUM *a);
+# endif
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, const BIGNUM *a);
+void BN_clear(BIGNUM *a);
+BIGNUM *BN_dup(const BIGNUM *a);
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char *BN_bn2hex(const BIGNUM *a);
+char *BN_bn2dec(const BIGNUM *a);
+int BN_hex2bn(BIGNUM **a, const char *str);
+int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_asc2bn(BIGNUM **a, const char *str);
+int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
+ * -2 for
+ * error */
+BIGNUM *BN_mod_inverse(BIGNUM *ret,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+BIGNUM *BN_mod_sqrt(BIGNUM *ret,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+
+void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+
+/* Deprecated versions */
+# ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add, const BIGNUM *rem,
+ void (*callback) (int, int, void *), void *cb_arg);
+int BN_is_prime(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg);
+int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *), BN_CTX *ctx,
+ void *cb_arg, int do_trial_division);
+# endif /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* Newer versions */
+int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+ const BIGNUM *rem, BN_GENCB *cb);
+int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+ int do_trial_division, BN_GENCB *cb);
+
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
+
+int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+ const BIGNUM *Xp, const BIGNUM *Xp1,
+ const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb);
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
+ BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
+ BN_CTX *ctx, BN_GENCB *cb);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void);
+void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
+int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
+# define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
+ (r),(a),&((mont)->RR),(mont),(ctx))
+int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
+BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+ const BIGNUM *mod, BN_CTX *ctx);
+
+/* BN_BLINDING flags */
+# define BN_BLINDING_NO_UPDATE 0x00000001
+# define BN_BLINDING_NO_RECREATE 0x00000002
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
+void BN_BLINDING_free(BN_BLINDING *b);
+int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+ BN_CTX *);
+# ifndef OPENSSL_NO_DEPRECATED
+unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+# endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+ const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+ int (*bn_mod_exp) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx),
+ BN_MONT_CTX *m_ctx);
+
+# ifndef OPENSSL_NO_DEPRECATED
+void BN_set_params(int mul, int high, int low, int mont);
+int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
+# endif
+
+void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+BN_RECP_CTX *BN_RECP_CTX_new(void);
+void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_EC2M
+
+/*
+ * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+ * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+ * ignored. Note that input arguments are not const so that their bit arrays
+ * can be expanded to the appropriate size if needed.
+ */
+
+/*
+ * r = a + b
+ */
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+/*
+ * r=a mod p
+ */
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+/*-
+ * Some functions allow for representation of the irreducible polynomials
+ * as an unsigned int[], say p. The irreducible f(t) is then of the form:
+ * t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+/* r = a mod p */
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+ BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
+ BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
+
+# endif
+
+/*
+ * faster mod functions for the 'NIST primes' 0 <= a < p^2
+ */
+int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+const BIGNUM *BN_get0_nist_prime_192(void);
+const BIGNUM *BN_get0_nist_prime_224(void);
+const BIGNUM *BN_get0_nist_prime_256(void);
+const BIGNUM *BN_get0_nist_prime_384(void);
+const BIGNUM *BN_get0_nist_prime_521(void);
+
+/* library internal functions */
+
+# define bn_expand(a,bits) \
+ ( \
+ bits > (INT_MAX - BN_BITS2 + 1) ? \
+ NULL \
+ : \
+ (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
+ (a) \
+ : \
+ bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
+ )
+
+# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
+BIGNUM *bn_expand2(BIGNUM *a, int words);
+# ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
+# endif
+
+/*-
+ * Bignum consistency macros
+ * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
+ * bignum data after direct manipulations on the data. There is also an
+ * "internal" macro, bn_check_top(), for verifying that there are no leading
+ * zeroes. Unfortunately, some auditing is required due to the fact that
+ * bn_fix_top() has become an overabused duct-tape because bignum data is
+ * occasionally passed around in an inconsistent state. So the following
+ * changes have been made to sort this out;
+ * - bn_fix_top()s implementation has been moved to bn_correct_top()
+ * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
+ * bn_check_top() is as before.
+ * - if BN_DEBUG *is* defined;
+ * - bn_check_top() tries to pollute unused words even if the bignum 'top' is
+ * consistent. (ed: only if BN_DEBUG_RAND is defined)
+ * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
+ * The idea is to have debug builds flag up inconsistent bignums when they
+ * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
+ * the use of bn_fix_top() was appropriate (ie. it follows directly after code
+ * that manipulates the bignum) it is converted to bn_correct_top(), and if it
+ * was not appropriate, we convert it permanently to bn_check_top() and track
+ * down the cause of the bug. Eventually, no internal code should be using the
+ * bn_fix_top() macro. External applications and libraries should try this with
+ * their own code too, both in terms of building against the openssl headers
+ * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
+ * defined. This not only improves external code, it provides more test
+ * coverage for openssl's own code.
+ */
+
+# ifdef BN_DEBUG
+
+/* We only need assert() when debugging */
+# include <assert.h>
+
+# ifdef BN_DEBUG_RAND
+/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
+# ifndef RAND_pseudo_bytes
+int RAND_pseudo_bytes(unsigned char *buf, int num);
+# define BN_DEBUG_TRIX
+# endif
+# define bn_pollute(a) \
+ do { \
+ const BIGNUM *_bnum1 = (a); \
+ if(_bnum1->top < _bnum1->dmax) { \
+ unsigned char _tmp_char; \
+ /* We cast away const without the compiler knowing, any \
+ * *genuinely* constant variables that aren't mutable \
+ * wouldn't be constructed with top!=dmax. */ \
+ BN_ULONG *_not_const; \
+ memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
+ /* Debug only - safe to ignore error return */ \
+ RAND_pseudo_bytes(&_tmp_char, 1); \
+ memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
+ (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
+ } \
+ } while(0)
+# ifdef BN_DEBUG_TRIX
+# undef RAND_pseudo_bytes
+# endif
+# else
+# define bn_pollute(a)
+# endif
+# define bn_check_top(a) \
+ do { \
+ const BIGNUM *_bnum2 = (a); \
+ if (_bnum2 != NULL) { \
+ assert((_bnum2->top == 0) || \
+ (_bnum2->d[_bnum2->top - 1] != 0)); \
+ bn_pollute(_bnum2); \
+ } \
+ } while(0)
+
+# define bn_fix_top(a) bn_check_top(a)
+
+# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+# define bn_wcheck_size(bn, words) \
+ do { \
+ const BIGNUM *_bnum2 = (bn); \
+ assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
+ /* avoid unused variable warning with NDEBUG */ \
+ (void)(_bnum2); \
+ } while(0)
+
+# else /* !BN_DEBUG */
+
+# define bn_pollute(a)
+# define bn_check_top(a)
+# define bn_fix_top(a) bn_correct_top(a)
+# define bn_check_size(bn, bits)
+# define bn_wcheck_size(bn, words)
+
+# endif
+
+# define bn_correct_top(a) \
+ { \
+ BN_ULONG *ftl; \
+ int tmp_top = (a)->top; \
+ if (tmp_top > 0) \
+ { \
+ for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
+ if (*(ftl--)) break; \
+ (a)->top = tmp_top; \
+ } \
+ bn_pollute(a); \
+ }
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+ BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ int num);
+
+/* Primes from RFC 2409 */
+BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
+BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
+
+/* Primes from RFC 3526 */
+BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
+
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BN_strings(void);
+
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+# define BN_F_BNRAND 127
+# define BN_F_BN_BLINDING_CONVERT_EX 100
+# define BN_F_BN_BLINDING_CREATE_PARAM 128
+# define BN_F_BN_BLINDING_INVERT_EX 101
+# define BN_F_BN_BLINDING_NEW 102
+# define BN_F_BN_BLINDING_UPDATE 103
+# define BN_F_BN_BN2DEC 104
+# define BN_F_BN_BN2HEX 105
+# define BN_F_BN_CTX_GET 116
+# define BN_F_BN_CTX_NEW 106
+# define BN_F_BN_CTX_START 129
+# define BN_F_BN_DIV 107
+# define BN_F_BN_DIV_NO_BRANCH 138
+# define BN_F_BN_DIV_RECP 130
+# define BN_F_BN_EXP 123
+# define BN_F_BN_EXPAND2 108
+# define BN_F_BN_EXPAND_INTERNAL 120
+# define BN_F_BN_GF2M_MOD 131
+# define BN_F_BN_GF2M_MOD_EXP 132
+# define BN_F_BN_GF2M_MOD_MUL 133
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
+# define BN_F_BN_GF2M_MOD_SQR 136
+# define BN_F_BN_GF2M_MOD_SQRT 137
+# define BN_F_BN_LSHIFT 145
+# define BN_F_BN_MOD_EXP2_MONT 118
+# define BN_F_BN_MOD_EXP_MONT 109
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
+# define BN_F_BN_MOD_EXP_MONT_WORD 117
+# define BN_F_BN_MOD_EXP_RECP 125
+# define BN_F_BN_MOD_EXP_SIMPLE 126
+# define BN_F_BN_MOD_INVERSE 110
+# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
+# define BN_F_BN_MOD_LSHIFT_QUICK 119
+# define BN_F_BN_MOD_MUL_RECIPROCAL 111
+# define BN_F_BN_MOD_SQRT 121
+# define BN_F_BN_MPI2BN 112
+# define BN_F_BN_NEW 113
+# define BN_F_BN_RAND 114
+# define BN_F_BN_RAND_RANGE 122
+# define BN_F_BN_RSHIFT 146
+# define BN_F_BN_USUB 115
+
+/* Reason codes. */
+# define BN_R_ARG2_LT_ARG3 100
+# define BN_R_BAD_RECIPROCAL 101
+# define BN_R_BIGNUM_TOO_LONG 114
+# define BN_R_BITS_TOO_SMALL 118
+# define BN_R_CALLED_WITH_EVEN_MODULUS 102
+# define BN_R_DIV_BY_ZERO 103
+# define BN_R_ENCODING_ERROR 104
+# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
+# define BN_R_INPUT_NOT_REDUCED 110
+# define BN_R_INVALID_LENGTH 106
+# define BN_R_INVALID_RANGE 115
+# define BN_R_INVALID_SHIFT 119
+# define BN_R_NOT_A_SQUARE 111
+# define BN_R_NOT_INITIALIZED 107
+# define BN_R_NO_INVERSE 108
+# define BN_R_NO_SOLUTION 116
+# define BN_R_P_IS_NOT_PRIME 112
+# define BN_R_TOO_MANY_ITERATIONS 113
+# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_exp.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1121 +0,0 @@
-/* crypto/bn/bn_exp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#include <stdlib.h>
-#ifdef _WIN32
-# include <malloc.h>
-# ifndef alloca
-# define alloca _alloca
-# endif
-#elif defined(__GNUC__)
-# ifndef alloca
-# define alloca(s) __builtin_alloca((s))
-# endif
-#endif
-
-/* maximum precomputation table size for *variable* sliding windows */
-#define TABLE_SIZE 32
-
-/* this one works - simple but works */
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
- int i, bits, ret = 0;
- BIGNUM *v, *rr;
-
- if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
- /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
- BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return -1;
- }
-
- BN_CTX_start(ctx);
- if ((r == a) || (r == p))
- rr = BN_CTX_get(ctx);
- else
- rr = r;
- v = BN_CTX_get(ctx);
- if (rr == NULL || v == NULL)
- goto err;
-
- if (BN_copy(v, a) == NULL)
- goto err;
- bits = BN_num_bits(p);
-
- if (BN_is_odd(p)) {
- if (BN_copy(rr, a) == NULL)
- goto err;
- } else {
- if (!BN_one(rr))
- goto err;
- }
-
- for (i = 1; i < bits; i++) {
- if (!BN_sqr(v, v, ctx))
- goto err;
- if (BN_is_bit_set(p, i)) {
- if (!BN_mul(rr, rr, v, ctx))
- goto err;
- }
- }
- if (r != rr)
- BN_copy(r, rr);
- ret = 1;
- err:
- BN_CTX_end(ctx);
- bn_check_top(r);
- return (ret);
-}
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
- BN_CTX *ctx)
-{
- int ret;
-
- bn_check_top(a);
- bn_check_top(p);
- bn_check_top(m);
-
- /*-
- * For even modulus m = 2^k*m_odd, it might make sense to compute
- * a^p mod m_odd and a^p mod 2^k separately (with Montgomery
- * exponentiation for the odd part), using appropriate exponent
- * reductions, and combine the results using the CRT.
- *
- * For now, we use Montgomery only if the modulus is odd; otherwise,
- * exponentiation using the reciprocal-based quick remaindering
- * algorithm is used.
- *
- * (Timing obtained with expspeed.c [computations a^p mod m
- * where a, p, m are of the same length: 256, 512, 1024, 2048,
- * 4096, 8192 bits], compared to the running time of the
- * standard algorithm:
- *
- * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration]
- * 55 .. 77 % [UltraSparc processor, but
- * debug-solaris-sparcv8-gcc conf.]
- *
- * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration]
- * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc]
- *
- * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont
- * at 2048 and more bits, but at 512 and 1024 bits, it was
- * slower even than the standard algorithm!
- *
- * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations]
- * should be obtained when the new Montgomery reduction code
- * has been integrated into OpenSSL.)
- */
-
-#define MONT_MUL_MOD
-#define MONT_EXP_WORD
-#define RECP_MUL_MOD
-
-#ifdef MONT_MUL_MOD
- /*
- * I have finally been able to take out this pre-condition of the top bit
- * being set. It was caused by an error in BN_div with negatives. There
- * was also another problem when for a^b%m a >= m. eay 07-May-97
- */
- /* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
-
- if (BN_is_odd(m)) {
-# ifdef MONT_EXP_WORD
- if (a->top == 1 && !a->neg
- && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
- BN_ULONG A = a->d[0];
- ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
- } else
-# endif
- ret = BN_mod_exp_mont(r, a, p, m, ctx, NULL);
- } else
-#endif
-#ifdef RECP_MUL_MOD
- {
- ret = BN_mod_exp_recp(r, a, p, m, ctx);
- }
-#else
- {
- ret = BN_mod_exp_simple(r, a, p, m, ctx);
- }
-#endif
-
- bn_check_top(r);
- return (ret);
-}
-
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- int i, j, bits, ret = 0, wstart, wend, window, wvalue;
- int start = 1;
- BIGNUM *aa;
- /* Table of variables obtained from 'ctx' */
- BIGNUM *val[TABLE_SIZE];
- BN_RECP_CTX recp;
-
- if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
- /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
- BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return -1;
- }
-
- bits = BN_num_bits(p);
-
- if (bits == 0) {
- ret = BN_one(r);
- return ret;
- }
-
- BN_CTX_start(ctx);
- aa = BN_CTX_get(ctx);
- val[0] = BN_CTX_get(ctx);
- if (!aa || !val[0])
- goto err;
-
- BN_RECP_CTX_init(&recp);
- if (m->neg) {
- /* ignore sign of 'm' */
- if (!BN_copy(aa, m))
- goto err;
- aa->neg = 0;
- if (BN_RECP_CTX_set(&recp, aa, ctx) <= 0)
- goto err;
- } else {
- if (BN_RECP_CTX_set(&recp, m, ctx) <= 0)
- goto err;
- }
-
- if (!BN_nnmod(val[0], a, m, ctx))
- goto err; /* 1 */
- if (BN_is_zero(val[0])) {
- BN_zero(r);
- ret = 1;
- goto err;
- }
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1) {
- if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx))
- goto err; /* 2 */
- j = 1 << (window - 1);
- for (i = 1; i < j; i++) {
- if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
- !BN_mod_mul_reciprocal(val[i], val[i - 1], aa, &recp, ctx))
- goto err;
- }
- }
-
- start = 1; /* This is used to avoid multiplication etc
- * when there is only the value '1' in the
- * buffer. */
- wvalue = 0; /* The 'value' of the window */
- wstart = bits - 1; /* The top bit of the window */
- wend = 0; /* The bottom bit of the window */
-
- if (!BN_one(r))
- goto err;
-
- for (;;) {
- if (BN_is_bit_set(p, wstart) == 0) {
- if (!start)
- if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
- goto err;
- if (wstart == 0)
- break;
- wstart--;
- continue;
- }
- /*
- * We now have wstart on a 'set' bit, we now need to work out how bit
- * a window to do. To do this we need to scan forward until the last
- * set bit before the end of the window
- */
- j = wstart;
- wvalue = 1;
- wend = 0;
- for (i = 1; i < window; i++) {
- if (wstart - i < 0)
- break;
- if (BN_is_bit_set(p, wstart - i)) {
- wvalue <<= (i - wend);
- wvalue |= 1;
- wend = i;
- }
- }
-
- /* wend is the size of the current window */
- j = wend + 1;
- /* add the 'bytes above' */
- if (!start)
- for (i = 0; i < j; i++) {
- if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
- goto err;
- }
-
- /* wvalue will be an odd number < 2^window */
- if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], &recp, ctx))
- goto err;
-
- /* move the 'window' down further */
- wstart -= wend + 1;
- wvalue = 0;
- start = 0;
- if (wstart < 0)
- break;
- }
- ret = 1;
- err:
- BN_CTX_end(ctx);
- BN_RECP_CTX_free(&recp);
- bn_check_top(r);
- return (ret);
-}
-
-int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- int i, j, bits, ret = 0, wstart, wend, window, wvalue;
- int start = 1;
- BIGNUM *d, *r;
- const BIGNUM *aa;
- /* Table of variables obtained from 'ctx' */
- BIGNUM *val[TABLE_SIZE];
- BN_MONT_CTX *mont = NULL;
-
- if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
- return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
- }
-
- bn_check_top(a);
- bn_check_top(p);
- bn_check_top(m);
-
- if (!BN_is_odd(m)) {
- BNerr(BN_F_BN_MOD_EXP_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
- return (0);
- }
- bits = BN_num_bits(p);
- if (bits == 0) {
- ret = BN_one(rr);
- return ret;
- }
-
- BN_CTX_start(ctx);
- d = BN_CTX_get(ctx);
- r = BN_CTX_get(ctx);
- val[0] = BN_CTX_get(ctx);
- if (!d || !r || !val[0])
- goto err;
-
- /*
- * If this is not done, things will break in the montgomery part
- */
-
- if (in_mont != NULL)
- mont = in_mont;
- else {
- if ((mont = BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(mont, m, ctx))
- goto err;
- }
-
- if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_nnmod(val[0], a, m, ctx))
- goto err;
- aa = val[0];
- } else
- aa = a;
- if (BN_is_zero(aa)) {
- BN_zero(rr);
- ret = 1;
- goto err;
- }
- if (!BN_to_montgomery(val[0], aa, mont, ctx))
- goto err; /* 1 */
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1) {
- if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
- goto err; /* 2 */
- j = 1 << (window - 1);
- for (i = 1; i < j; i++) {
- if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
- !BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx))
- goto err;
- }
- }
-
- start = 1; /* This is used to avoid multiplication etc
- * when there is only the value '1' in the
- * buffer. */
- wvalue = 0; /* The 'value' of the window */
- wstart = bits - 1; /* The top bit of the window */
- wend = 0; /* The bottom bit of the window */
-
- if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
- goto err;
- for (;;) {
- if (BN_is_bit_set(p, wstart) == 0) {
- if (!start) {
- if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
- goto err;
- }
- if (wstart == 0)
- break;
- wstart--;
- continue;
- }
- /*
- * We now have wstart on a 'set' bit, we now need to work out how bit
- * a window to do. To do this we need to scan forward until the last
- * set bit before the end of the window
- */
- j = wstart;
- wvalue = 1;
- wend = 0;
- for (i = 1; i < window; i++) {
- if (wstart - i < 0)
- break;
- if (BN_is_bit_set(p, wstart - i)) {
- wvalue <<= (i - wend);
- wvalue |= 1;
- wend = i;
- }
- }
-
- /* wend is the size of the current window */
- j = wend + 1;
- /* add the 'bytes above' */
- if (!start)
- for (i = 0; i < j; i++) {
- if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
- goto err;
- }
-
- /* wvalue will be an odd number < 2^window */
- if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
- goto err;
-
- /* move the 'window' down further */
- wstart -= wend + 1;
- wvalue = 0;
- start = 0;
- if (wstart < 0)
- break;
- }
- if (!BN_from_montgomery(rr, r, mont, ctx))
- goto err;
- ret = 1;
- err:
- if ((in_mont == NULL) && (mont != NULL))
- BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
- bn_check_top(rr);
- return (ret);
-}
-
-/*
- * BN_mod_exp_mont_consttime() stores the precomputed powers in a specific
- * layout so that accessing any of these table values shows the same access
- * pattern as far as cache lines are concerned. The following functions are
- * used to transfer a BIGNUM from/to that table.
- */
-
-static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
- unsigned char *buf, int idx,
- int width)
-{
- size_t i, j;
-
- if (top > b->top)
- top = b->top; /* this works because 'buf' is explicitly
- * zeroed */
- for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
- buf[j] = ((unsigned char *)b->d)[i];
- }
-
- return 1;
-}
-
-static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
- unsigned char *buf, int idx,
- int width)
-{
- size_t i, j;
-
- if (bn_wexpand(b, top) == NULL)
- return 0;
-
- for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
- ((unsigned char *)b->d)[i] = buf[j];
- }
-
- b->top = top;
- bn_correct_top(b);
- return 1;
-}
-
-/*
- * Given a pointer value, compute the next address that is a cache line
- * multiple.
- */
-#define MOD_EXP_CTIME_ALIGN(x_) \
- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
-
-/*
- * This variant of BN_mod_exp_mont() uses fixed windows and the special
- * precomputation memory layout to limit data-dependency to a minimum to
- * protect secret exponents (cf. the hyper-threading timing attacks pointed
- * out by Colin Percival,
- * http://www.daemong-consideredperthreading-considered-harmful/)
- */
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont)
-{
- int i, bits, ret = 0, window, wvalue;
- int top;
- BN_MONT_CTX *mont = NULL;
-
- int numPowers;
- unsigned char *powerbufFree = NULL;
- int powerbufLen = 0;
- unsigned char *powerbuf = NULL;
- BIGNUM tmp, am;
-
- bn_check_top(a);
- bn_check_top(p);
- bn_check_top(m);
-
- if (!BN_is_odd(m)) {
- BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME, BN_R_CALLED_WITH_EVEN_MODULUS);
- return (0);
- }
-
- top = m->top;
-
- bits = BN_num_bits(p);
- if (bits == 0) {
- ret = BN_one(rr);
- return ret;
- }
-
- BN_CTX_start(ctx);
-
- /*
- * Allocate a montgomery context if it was not supplied by the caller. If
- * this is not done, things will break in the montgomery part.
- */
- if (in_mont != NULL)
- mont = in_mont;
- else {
- if ((mont = BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(mont, m, ctx))
- goto err;
- }
-
- /* Get the window size to use with size of p. */
- window = BN_window_bits_for_ctime_exponent_size(bits);
-#if defined(OPENSSL_BN_ASM_MONT5)
- if (window == 6 && bits <= 1024)
- window = 5; /* ~5% improvement of 2048-bit RSA sign */
-#endif
-
- /*
- * Allocate a buffer large enough to hold all of the pre-computed powers
- * of am, am itself and tmp.
- */
- numPowers = 1 << window;
- powerbufLen = sizeof(m->d[0]) * (top * numPowers +
- ((2 * top) >
- numPowers ? (2 * top) : numPowers));
-#ifdef alloca
- if (powerbufLen < 3072)
- powerbufFree =
- alloca(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
- else
-#endif
- if ((powerbufFree =
- (unsigned char *)OPENSSL_malloc(powerbufLen +
- MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
- == NULL)
- goto err;
-
- powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
- memset(powerbuf, 0, powerbufLen);
-
-#ifdef alloca
- if (powerbufLen < 3072)
- powerbufFree = NULL;
-#endif
-
- /* lay down tmp and am right after powers table */
- tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
- am.d = tmp.d + top;
- tmp.top = am.top = 0;
- tmp.dmax = am.dmax = top;
- tmp.neg = am.neg = 0;
- tmp.flags = am.flags = BN_FLG_STATIC_DATA;
-
- /* prepare a^0 in Montgomery domain */
-#if 1
- if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
- goto err;
-#else
- tmp.d[0] = (0 - m->d[0]) & BN_MASK2; /* 2^(top*BN_BITS2) - m */
- for (i = 1; i < top; i++)
- tmp.d[i] = (~m->d[i]) & BN_MASK2;
- tmp.top = top;
-#endif
-
- /* prepare a^1 in Montgomery domain */
- if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_mod(&am, a, m, ctx))
- goto err;
- if (!BN_to_montgomery(&am, &am, mont, ctx))
- goto err;
- } else if (!BN_to_montgomery(&am, a, mont, ctx))
- goto err;
-
-#if defined(OPENSSL_BN_ASM_MONT5)
- if (window == 5 && top > 1) {
- /*
- * This optimization uses ideas from http://eprint.iacr.org/2011/239,
- * specifically optimization of cache-timing attack countermeasures
- * and pre-computation optimization.
- */
-
- /*
- * Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
- * 512-bit RSA is hardly relevant, we omit it to spare size...
- */
- void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
- const void *table, const BN_ULONG *np,
- const BN_ULONG *n0, int num, int power);
- void bn_scatter5(const BN_ULONG *inp, size_t num,
- void *table, size_t power);
- void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power);
-
- BN_ULONG *np = mont->N.d, *n0 = mont->n0;
-
- /*
- * BN_to_montgomery can contaminate words above .top [in
- * BN_DEBUG[_DEBUG] build]...
- */
- for (i = am.top; i < top; i++)
- am.d[i] = 0;
- for (i = tmp.top; i < top; i++)
- tmp.d[i] = 0;
-
- bn_scatter5(tmp.d, top, powerbuf, 0);
- bn_scatter5(am.d, am.top, powerbuf, 1);
- bn_mul_mont(tmp.d, am.d, am.d, np, n0, top);
- bn_scatter5(tmp.d, top, powerbuf, 2);
-
-# if 0
- for (i = 3; i < 32; i++) {
- /* Calculate a^i = a^(i-1) * a */
- bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
- bn_scatter5(tmp.d, top, powerbuf, i);
- }
-# else
- /* same as above, but uses squaring for 1/2 of operations */
- for (i = 4; i < 32; i *= 2) {
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_scatter5(tmp.d, top, powerbuf, i);
- }
- for (i = 3; i < 8; i += 2) {
- int j;
- bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
- bn_scatter5(tmp.d, top, powerbuf, i);
- for (j = 2 * i; j < 32; j *= 2) {
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_scatter5(tmp.d, top, powerbuf, j);
- }
- }
- for (; i < 16; i += 2) {
- bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
- bn_scatter5(tmp.d, top, powerbuf, i);
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_scatter5(tmp.d, top, powerbuf, 2 * i);
- }
- for (; i < 32; i += 2) {
- bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
- bn_scatter5(tmp.d, top, powerbuf, i);
- }
-# endif
- bits--;
- for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
- wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
- bn_gather5(tmp.d, top, powerbuf, wvalue);
-
- /*
- * Scan the exponent one window at a time starting from the most
- * significant bits.
- */
- while (bits >= 0) {
- for (wvalue = 0, i = 0; i < 5; i++, bits--)
- wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
- bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue);
- }
-
- tmp.top = top;
- bn_correct_top(&tmp);
- } else
-#endif
- {
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, numPowers))
- goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, numPowers))
- goto err;
-
- /*
- * If the window size is greater than 1, then calculate
- * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) (even
- * powers could instead be computed as (a^(i/2))^2 to use the slight
- * performance advantage of sqr over mul).
- */
- if (window > 1) {
- if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
- goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF
- (&tmp, top, powerbuf, 2, numPowers))
- goto err;
- for (i = 3; i < numPowers; i++) {
- /* Calculate a^i = a^(i-1) * a */
- if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
- goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF
- (&tmp, top, powerbuf, i, numPowers))
- goto err;
- }
- }
-
- bits--;
- for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
- wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
- if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
- (&tmp, top, powerbuf, wvalue, numPowers))
- goto err;
-
- /*
- * Scan the exponent one window at a time starting from the most
- * significant bits.
- */
- while (bits >= 0) {
- wvalue = 0; /* The 'value' of the window */
-
- /* Scan the window, squaring the result as we go */
- for (i = 0; i < window; i++, bits--) {
- if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
- goto err;
- wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
- }
-
- /*
- * Fetch the appropriate pre-computed value from the pre-buf
- */
- if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
- (&am, top, powerbuf, wvalue, numPowers))
- goto err;
-
- /* Multiply the result into the intermediate result */
- if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
- goto err;
- }
- }
-
- /* Convert the final result from montgomery to standard format */
- if (!BN_from_montgomery(rr, &tmp, mont, ctx))
- goto err;
- ret = 1;
- err:
- if ((in_mont == NULL) && (mont != NULL))
- BN_MONT_CTX_free(mont);
- if (powerbuf != NULL) {
- OPENSSL_cleanse(powerbuf, powerbufLen);
- if (powerbufFree)
- OPENSSL_free(powerbufFree);
- }
- BN_CTX_end(ctx);
- return (ret);
-}
-
-int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- BN_MONT_CTX *mont = NULL;
- int b, bits, ret = 0;
- int r_is_one;
- BN_ULONG w, next_w;
- BIGNUM *d, *r, *t;
- BIGNUM *swap_tmp;
-#define BN_MOD_MUL_WORD(r, w, m) \
- (BN_mul_word(r, (w)) && \
- (/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \
- (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
- /*
- * BN_MOD_MUL_WORD is only used with 'w' large, so the BN_ucmp test is
- * probably more overhead than always using BN_mod (which uses BN_copy if
- * a similar test returns true).
- */
- /*
- * We can use BN_mod and do not need BN_nnmod because our accumulator is
- * never negative (the result of BN_mod does not depend on the sign of
- * the modulus).
- */
-#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
- (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
-
- if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
- /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
- BNerr(BN_F_BN_MOD_EXP_MONT_WORD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return -1;
- }
-
- bn_check_top(p);
- bn_check_top(m);
-
- if (!BN_is_odd(m)) {
- BNerr(BN_F_BN_MOD_EXP_MONT_WORD, BN_R_CALLED_WITH_EVEN_MODULUS);
- return (0);
- }
- if (m->top == 1)
- a %= m->d[0]; /* make sure that 'a' is reduced */
-
- bits = BN_num_bits(p);
- if (bits == 0) {
- /* x**0 mod 1 is still zero. */
- if (BN_is_one(m)) {
- ret = 1;
- BN_zero(rr);
- } else
- ret = BN_one(rr);
- return ret;
- }
- if (a == 0) {
- BN_zero(rr);
- ret = 1;
- return ret;
- }
-
- BN_CTX_start(ctx);
- d = BN_CTX_get(ctx);
- r = BN_CTX_get(ctx);
- t = BN_CTX_get(ctx);
- if (d == NULL || r == NULL || t == NULL)
- goto err;
-
- if (in_mont != NULL)
- mont = in_mont;
- else {
- if ((mont = BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(mont, m, ctx))
- goto err;
- }
-
- r_is_one = 1; /* except for Montgomery factor */
-
- /* bits-1 >= 0 */
-
- /* The result is accumulated in the product r*w. */
- w = a; /* bit 'bits-1' of 'p' is always set */
- for (b = bits - 2; b >= 0; b--) {
- /* First, square r*w. */
- next_w = w * w;
- if ((next_w / w) != w) { /* overflow */
- if (r_is_one) {
- if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
- goto err;
- r_is_one = 0;
- } else {
- if (!BN_MOD_MUL_WORD(r, w, m))
- goto err;
- }
- next_w = 1;
- }
- w = next_w;
- if (!r_is_one) {
- if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
- goto err;
- }
-
- /* Second, multiply r*w by 'a' if exponent bit is set. */
- if (BN_is_bit_set(p, b)) {
- next_w = w * a;
- if ((next_w / a) != w) { /* overflow */
- if (r_is_one) {
- if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
- goto err;
- r_is_one = 0;
- } else {
- if (!BN_MOD_MUL_WORD(r, w, m))
- goto err;
- }
- next_w = a;
- }
- w = next_w;
- }
- }
-
- /* Finally, set r:=r*w. */
- if (w != 1) {
- if (r_is_one) {
- if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
- goto err;
- r_is_one = 0;
- } else {
- if (!BN_MOD_MUL_WORD(r, w, m))
- goto err;
- }
- }
-
- if (r_is_one) { /* can happen only if a == 1 */
- if (!BN_one(rr))
- goto err;
- } else {
- if (!BN_from_montgomery(rr, r, mont, ctx))
- goto err;
- }
- ret = 1;
- err:
- if ((in_mont == NULL) && (mont != NULL))
- BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
- bn_check_top(rr);
- return (ret);
-}
-
-/* The old fallback, simple version :-) */
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- int i, j, bits, ret = 0, wstart, wend, window, wvalue;
- int start = 1;
- BIGNUM *d;
- /* Table of variables obtained from 'ctx' */
- BIGNUM *val[TABLE_SIZE];
-
- if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
- /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
- BNerr(BN_F_BN_MOD_EXP_SIMPLE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return -1;
- }
-
- bits = BN_num_bits(p);
-
- if (bits == 0) {
- ret = BN_one(r);
- return ret;
- }
-
- BN_CTX_start(ctx);
- d = BN_CTX_get(ctx);
- val[0] = BN_CTX_get(ctx);
- if (!d || !val[0])
- goto err;
-
- if (!BN_nnmod(val[0], a, m, ctx))
- goto err; /* 1 */
- if (BN_is_zero(val[0])) {
- BN_zero(r);
- ret = 1;
- goto err;
- }
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1) {
- if (!BN_mod_mul(d, val[0], val[0], m, ctx))
- goto err; /* 2 */
- j = 1 << (window - 1);
- for (i = 1; i < j; i++) {
- if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
- !BN_mod_mul(val[i], val[i - 1], d, m, ctx))
- goto err;
- }
- }
-
- start = 1; /* This is used to avoid multiplication etc
- * when there is only the value '1' in the
- * buffer. */
- wvalue = 0; /* The 'value' of the window */
- wstart = bits - 1; /* The top bit of the window */
- wend = 0; /* The bottom bit of the window */
-
- if (!BN_one(r))
- goto err;
-
- for (;;) {
- if (BN_is_bit_set(p, wstart) == 0) {
- if (!start)
- if (!BN_mod_mul(r, r, r, m, ctx))
- goto err;
- if (wstart == 0)
- break;
- wstart--;
- continue;
- }
- /*
- * We now have wstart on a 'set' bit, we now need to work out how bit
- * a window to do. To do this we need to scan forward until the last
- * set bit before the end of the window
- */
- j = wstart;
- wvalue = 1;
- wend = 0;
- for (i = 1; i < window; i++) {
- if (wstart - i < 0)
- break;
- if (BN_is_bit_set(p, wstart - i)) {
- wvalue <<= (i - wend);
- wvalue |= 1;
- wend = i;
- }
- }
-
- /* wend is the size of the current window */
- j = wend + 1;
- /* add the 'bytes above' */
- if (!start)
- for (i = 0; i < j; i++) {
- if (!BN_mod_mul(r, r, r, m, ctx))
- goto err;
- }
-
- /* wvalue will be an odd number < 2^window */
- if (!BN_mod_mul(r, r, val[wvalue >> 1], m, ctx))
- goto err;
-
- /* move the 'window' down further */
- wstart -= wend + 1;
- wvalue = 0;
- start = 0;
- if (wstart < 0)
- break;
- }
- ret = 1;
- err:
- BN_CTX_end(ctx);
- bn_check_top(r);
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/bn_exp.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_exp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1183 @@
+/* crypto/bn/bn_exp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "constant_time_locl.h"
+#include "bn_lcl.h"
+
+#include <stdlib.h>
+#ifdef _WIN32
+# include <malloc.h>
+# ifndef alloca
+# define alloca _alloca
+# endif
+#elif defined(__GNUC__)
+# ifndef alloca
+# define alloca(s) __builtin_alloca((s))
+# endif
+#endif
+
+/* maximum precomputation table size for *variable* sliding windows */
+#define TABLE_SIZE 32
+
+/* this one works - simple but works */
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
+{
+ int i, bits, ret = 0;
+ BIGNUM *v, *rr;
+
+ if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+ /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+ BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return -1;
+ }
+
+ BN_CTX_start(ctx);
+ if ((r == a) || (r == p))
+ rr = BN_CTX_get(ctx);
+ else
+ rr = r;
+ v = BN_CTX_get(ctx);
+ if (rr == NULL || v == NULL)
+ goto err;
+
+ if (BN_copy(v, a) == NULL)
+ goto err;
+ bits = BN_num_bits(p);
+
+ if (BN_is_odd(p)) {
+ if (BN_copy(rr, a) == NULL)
+ goto err;
+ } else {
+ if (!BN_one(rr))
+ goto err;
+ }
+
+ for (i = 1; i < bits; i++) {
+ if (!BN_sqr(v, v, ctx))
+ goto err;
+ if (BN_is_bit_set(p, i)) {
+ if (!BN_mul(rr, rr, v, ctx))
+ goto err;
+ }
+ }
+ if (r != rr)
+ BN_copy(r, rr);
+ ret = 1;
+ err:
+ BN_CTX_end(ctx);
+ bn_check_top(r);
+ return (ret);
+}
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
+ BN_CTX *ctx)
+{
+ int ret;
+
+ bn_check_top(a);
+ bn_check_top(p);
+ bn_check_top(m);
+
+ /*-
+ * For even modulus m = 2^k*m_odd, it might make sense to compute
+ * a^p mod m_odd and a^p mod 2^k separately (with Montgomery
+ * exponentiation for the odd part), using appropriate exponent
+ * reductions, and combine the results using the CRT.
+ *
+ * For now, we use Montgomery only if the modulus is odd; otherwise,
+ * exponentiation using the reciprocal-based quick remaindering
+ * algorithm is used.
+ *
+ * (Timing obtained with expspeed.c [computations a^p mod m
+ * where a, p, m are of the same length: 256, 512, 1024, 2048,
+ * 4096, 8192 bits], compared to the running time of the
+ * standard algorithm:
+ *
+ * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration]
+ * 55 .. 77 % [UltraSparc processor, but
+ * debug-solaris-sparcv8-gcc conf.]
+ *
+ * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration]
+ * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc]
+ *
+ * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont
+ * at 2048 and more bits, but at 512 and 1024 bits, it was
+ * slower even than the standard algorithm!
+ *
+ * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations]
+ * should be obtained when the new Montgomery reduction code
+ * has been integrated into OpenSSL.)
+ */
+
+#define MONT_MUL_MOD
+#define MONT_EXP_WORD
+#define RECP_MUL_MOD
+
+#ifdef MONT_MUL_MOD
+ /*
+ * I have finally been able to take out this pre-condition of the top bit
+ * being set. It was caused by an error in BN_div with negatives. There
+ * was also another problem when for a^b%m a >= m. eay 07-May-97
+ */
+ /* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
+
+ if (BN_is_odd(m)) {
+# ifdef MONT_EXP_WORD
+ if (a->top == 1 && !a->neg
+ && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
+ BN_ULONG A = a->d[0];
+ ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
+ } else
+# endif
+ ret = BN_mod_exp_mont(r, a, p, m, ctx, NULL);
+ } else
+#endif
+#ifdef RECP_MUL_MOD
+ {
+ ret = BN_mod_exp_recp(r, a, p, m, ctx);
+ }
+#else
+ {
+ ret = BN_mod_exp_simple(r, a, p, m, ctx);
+ }
+#endif
+
+ bn_check_top(r);
+ return (ret);
+}
+
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx)
+{
+ int i, j, bits, ret = 0, wstart, wend, window, wvalue;
+ int start = 1;
+ BIGNUM *aa;
+ /* Table of variables obtained from 'ctx' */
+ BIGNUM *val[TABLE_SIZE];
+ BN_RECP_CTX recp;
+
+ if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+ /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+ BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return -1;
+ }
+
+ bits = BN_num_bits(p);
+ if (bits == 0) {
+ /* x**0 mod 1 is still zero. */
+ if (BN_is_one(m)) {
+ ret = 1;
+ BN_zero(r);
+ } else {
+ ret = BN_one(r);
+ }
+ return ret;
+ }
+
+ BN_CTX_start(ctx);
+ aa = BN_CTX_get(ctx);
+ val[0] = BN_CTX_get(ctx);
+ if (!aa || !val[0])
+ goto err;
+
+ BN_RECP_CTX_init(&recp);
+ if (m->neg) {
+ /* ignore sign of 'm' */
+ if (!BN_copy(aa, m))
+ goto err;
+ aa->neg = 0;
+ if (BN_RECP_CTX_set(&recp, aa, ctx) <= 0)
+ goto err;
+ } else {
+ if (BN_RECP_CTX_set(&recp, m, ctx) <= 0)
+ goto err;
+ }
+
+ if (!BN_nnmod(val[0], a, m, ctx))
+ goto err; /* 1 */
+ if (BN_is_zero(val[0])) {
+ BN_zero(r);
+ ret = 1;
+ goto err;
+ }
+
+ window = BN_window_bits_for_exponent_size(bits);
+ if (window > 1) {
+ if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx))
+ goto err; /* 2 */
+ j = 1 << (window - 1);
+ for (i = 1; i < j; i++) {
+ if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
+ !BN_mod_mul_reciprocal(val[i], val[i - 1], aa, &recp, ctx))
+ goto err;
+ }
+ }
+
+ start = 1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue = 0; /* The 'value' of the window */
+ wstart = bits - 1; /* The top bit of the window */
+ wend = 0; /* The bottom bit of the window */
+
+ if (!BN_one(r))
+ goto err;
+
+ for (;;) {
+ if (BN_is_bit_set(p, wstart) == 0) {
+ if (!start)
+ if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
+ goto err;
+ if (wstart == 0)
+ break;
+ wstart--;
+ continue;
+ }
+ /*
+ * We now have wstart on a 'set' bit, we now need to work out how bit
+ * a window to do. To do this we need to scan forward until the last
+ * set bit before the end of the window
+ */
+ j = wstart;
+ wvalue = 1;
+ wend = 0;
+ for (i = 1; i < window; i++) {
+ if (wstart - i < 0)
+ break;
+ if (BN_is_bit_set(p, wstart - i)) {
+ wvalue <<= (i - wend);
+ wvalue |= 1;
+ wend = i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j = wend + 1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i = 0; i < j; i++) {
+ if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], &recp, ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart -= wend + 1;
+ wvalue = 0;
+ start = 0;
+ if (wstart < 0)
+ break;
+ }
+ ret = 1;
+ err:
+ BN_CTX_end(ctx);
+ BN_RECP_CTX_free(&recp);
+ bn_check_top(r);
+ return (ret);
+}
+
+int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+ int i, j, bits, ret = 0, wstart, wend, window, wvalue;
+ int start = 1;
+ BIGNUM *d, *r;
+ const BIGNUM *aa;
+ /* Table of variables obtained from 'ctx' */
+ BIGNUM *val[TABLE_SIZE];
+ BN_MONT_CTX *mont = NULL;
+
+ if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+ return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
+ }
+
+ bn_check_top(a);
+ bn_check_top(p);
+ bn_check_top(m);
+
+ if (!BN_is_odd(m)) {
+ BNerr(BN_F_BN_MOD_EXP_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
+ return (0);
+ }
+ bits = BN_num_bits(p);
+ if (bits == 0) {
+ /* x**0 mod 1 is still zero. */
+ if (BN_is_one(m)) {
+ ret = 1;
+ BN_zero(rr);
+ } else {
+ ret = BN_one(rr);
+ }
+ return ret;
+ }
+
+ BN_CTX_start(ctx);
+ d = BN_CTX_get(ctx);
+ r = BN_CTX_get(ctx);
+ val[0] = BN_CTX_get(ctx);
+ if (!d || !r || !val[0])
+ goto err;
+
+ /*
+ * If this is not done, things will break in the montgomery part
+ */
+
+ if (in_mont != NULL)
+ mont = in_mont;
+ else {
+ if ((mont = BN_MONT_CTX_new()) == NULL)
+ goto err;
+ if (!BN_MONT_CTX_set(mont, m, ctx))
+ goto err;
+ }
+
+ if (a->neg || BN_ucmp(a, m) >= 0) {
+ if (!BN_nnmod(val[0], a, m, ctx))
+ goto err;
+ aa = val[0];
+ } else
+ aa = a;
+ if (BN_is_zero(aa)) {
+ BN_zero(rr);
+ ret = 1;
+ goto err;
+ }
+ if (!BN_to_montgomery(val[0], aa, mont, ctx))
+ goto err; /* 1 */
+
+ window = BN_window_bits_for_exponent_size(bits);
+ if (window > 1) {
+ if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
+ goto err; /* 2 */
+ j = 1 << (window - 1);
+ for (i = 1; i < j; i++) {
+ if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
+ !BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx))
+ goto err;
+ }
+ }
+
+ start = 1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue = 0; /* The 'value' of the window */
+ wstart = bits - 1; /* The top bit of the window */
+ wend = 0; /* The bottom bit of the window */
+
+ if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
+ goto err;
+ for (;;) {
+ if (BN_is_bit_set(p, wstart) == 0) {
+ if (!start) {
+ if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+ goto err;
+ }
+ if (wstart == 0)
+ break;
+ wstart--;
+ continue;
+ }
+ /*
+ * We now have wstart on a 'set' bit, we now need to work out how bit
+ * a window to do. To do this we need to scan forward until the last
+ * set bit before the end of the window
+ */
+ j = wstart;
+ wvalue = 1;
+ wend = 0;
+ for (i = 1; i < window; i++) {
+ if (wstart - i < 0)
+ break;
+ if (BN_is_bit_set(p, wstart - i)) {
+ wvalue <<= (i - wend);
+ wvalue |= 1;
+ wend = i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j = wend + 1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i = 0; i < j; i++) {
+ if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart -= wend + 1;
+ wvalue = 0;
+ start = 0;
+ if (wstart < 0)
+ break;
+ }
+ if (!BN_from_montgomery(rr, r, mont, ctx))
+ goto err;
+ ret = 1;
+ err:
+ if ((in_mont == NULL) && (mont != NULL))
+ BN_MONT_CTX_free(mont);
+ BN_CTX_end(ctx);
+ bn_check_top(rr);
+ return (ret);
+}
+
+/*
+ * BN_mod_exp_mont_consttime() stores the precomputed powers in a specific
+ * layout so that accessing any of these table values shows the same access
+ * pattern as far as cache lines are concerned. The following functions are
+ * used to transfer a BIGNUM from/to that table.
+ */
+
+static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
+ unsigned char *buf, int idx,
+ int window)
+{
+ int i, j;
+ int width = 1 << window;
+ BN_ULONG *table = (BN_ULONG *)buf;
+
+ if (top > b->top)
+ top = b->top; /* this works because 'buf' is explicitly
+ * zeroed */
+ for (i = 0, j = idx; i < top; i++, j += width) {
+ table[j] = b->d[i];
+ }
+
+ return 1;
+}
+
+static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
+ unsigned char *buf, int idx,
+ int window)
+{
+ int i, j;
+ int width = 1 << window;
+ volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
+
+ if (bn_wexpand(b, top) == NULL)
+ return 0;
+
+ if (window <= 3) {
+ for (i = 0; i < top; i++, table += width) {
+ BN_ULONG acc = 0;
+
+ for (j = 0; j < width; j++) {
+ acc |= table[j] &
+ ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
+ }
+
+ b->d[i] = acc;
+ }
+ } else {
+ int xstride = 1 << (window - 2);
+ BN_ULONG y0, y1, y2, y3;
+
+ i = idx >> (window - 2); /* equivalent of idx / xstride */
+ idx &= xstride - 1; /* equivalent of idx % xstride */
+
+ y0 = (BN_ULONG)0 - (constant_time_eq_int(i,0)&1);
+ y1 = (BN_ULONG)0 - (constant_time_eq_int(i,1)&1);
+ y2 = (BN_ULONG)0 - (constant_time_eq_int(i,2)&1);
+ y3 = (BN_ULONG)0 - (constant_time_eq_int(i,3)&1);
+
+ for (i = 0; i < top; i++, table += width) {
+ BN_ULONG acc = 0;
+
+ for (j = 0; j < xstride; j++) {
+ acc |= ( (table[j + 0 * xstride] & y0) |
+ (table[j + 1 * xstride] & y1) |
+ (table[j + 2 * xstride] & y2) |
+ (table[j + 3 * xstride] & y3) )
+ & ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
+ }
+
+ b->d[i] = acc;
+ }
+ }
+
+ b->top = top;
+ bn_correct_top(b);
+ return 1;
+}
+
+/*
+ * Given a pointer value, compute the next address that is a cache line
+ * multiple.
+ */
+#define MOD_EXP_CTIME_ALIGN(x_) \
+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+
+/*
+ * This variant of BN_mod_exp_mont() uses fixed windows and the special
+ * precomputation memory layout to limit data-dependency to a minimum to
+ * protect secret exponents (cf. the hyper-threading timing attacks pointed
+ * out by Colin Percival,
+ * http://www.daemonology.net/hyperthreading-considered-harmful/)
+ */
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont)
+{
+ int i, bits, ret = 0, window, wvalue;
+ int top;
+ BN_MONT_CTX *mont = NULL;
+
+ int numPowers;
+ unsigned char *powerbufFree = NULL;
+ int powerbufLen = 0;
+ unsigned char *powerbuf = NULL;
+ BIGNUM tmp, am;
+
+ bn_check_top(a);
+ bn_check_top(p);
+ bn_check_top(m);
+
+ if (!BN_is_odd(m)) {
+ BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME, BN_R_CALLED_WITH_EVEN_MODULUS);
+ return (0);
+ }
+
+ top = m->top;
+
+ bits = BN_num_bits(p);
+ if (bits == 0) {
+ /* x**0 mod 1 is still zero. */
+ if (BN_is_one(m)) {
+ ret = 1;
+ BN_zero(rr);
+ } else {
+ ret = BN_one(rr);
+ }
+ return ret;
+ }
+
+ BN_CTX_start(ctx);
+
+ /*
+ * Allocate a montgomery context if it was not supplied by the caller. If
+ * this is not done, things will break in the montgomery part.
+ */
+ if (in_mont != NULL)
+ mont = in_mont;
+ else {
+ if ((mont = BN_MONT_CTX_new()) == NULL)
+ goto err;
+ if (!BN_MONT_CTX_set(mont, m, ctx))
+ goto err;
+ }
+
+ /* Get the window size to use with size of p. */
+ window = BN_window_bits_for_ctime_exponent_size(bits);
+#if defined(OPENSSL_BN_ASM_MONT5)
+ if (window == 6 && bits <= 1024)
+ window = 5; /* ~5% improvement of 2048-bit RSA sign */
+#endif
+
+ /*
+ * Allocate a buffer large enough to hold all of the pre-computed powers
+ * of am, am itself and tmp.
+ */
+ numPowers = 1 << window;
+ powerbufLen = sizeof(m->d[0]) * (top * numPowers +
+ ((2 * top) >
+ numPowers ? (2 * top) : numPowers));
+#ifdef alloca
+ if (powerbufLen < 3072)
+ powerbufFree =
+ alloca(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
+ else
+#endif
+ if ((powerbufFree =
+ (unsigned char *)OPENSSL_malloc(powerbufLen +
+ MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
+ == NULL)
+ goto err;
+
+ powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
+ memset(powerbuf, 0, powerbufLen);
+
+#ifdef alloca
+ if (powerbufLen < 3072)
+ powerbufFree = NULL;
+#endif
+
+ /* lay down tmp and am right after powers table */
+ tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
+ am.d = tmp.d + top;
+ tmp.top = am.top = 0;
+ tmp.dmax = am.dmax = top;
+ tmp.neg = am.neg = 0;
+ tmp.flags = am.flags = BN_FLG_STATIC_DATA;
+
+ /* prepare a^0 in Montgomery domain */
+#if 1
+ if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
+ goto err;
+#else
+ tmp.d[0] = (0 - m->d[0]) & BN_MASK2; /* 2^(top*BN_BITS2) - m */
+ for (i = 1; i < top; i++)
+ tmp.d[i] = (~m->d[i]) & BN_MASK2;
+ tmp.top = top;
+#endif
+
+ /* prepare a^1 in Montgomery domain */
+ if (a->neg || BN_ucmp(a, m) >= 0) {
+ if (!BN_mod(&am, a, m, ctx))
+ goto err;
+ if (!BN_to_montgomery(&am, &am, mont, ctx))
+ goto err;
+ } else if (!BN_to_montgomery(&am, a, mont, ctx))
+ goto err;
+
+#if defined(OPENSSL_BN_ASM_MONT5)
+ if (window == 5 && top > 1) {
+ /*
+ * This optimization uses ideas from http://eprint.iacr.org/2011/239,
+ * specifically optimization of cache-timing attack countermeasures
+ * and pre-computation optimization.
+ */
+
+ /*
+ * Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
+ * 512-bit RSA is hardly relevant, we omit it to spare size...
+ */
+ void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
+ const void *table, const BN_ULONG *np,
+ const BN_ULONG *n0, int num, int power);
+ void bn_scatter5(const BN_ULONG *inp, size_t num,
+ void *table, size_t power);
+ void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power);
+
+ BN_ULONG *np = mont->N.d, *n0 = mont->n0;
+
+ /*
+ * BN_to_montgomery can contaminate words above .top [in
+ * BN_DEBUG[_DEBUG] build]...
+ */
+ for (i = am.top; i < top; i++)
+ am.d[i] = 0;
+ for (i = tmp.top; i < top; i++)
+ tmp.d[i] = 0;
+
+ bn_scatter5(tmp.d, top, powerbuf, 0);
+ bn_scatter5(am.d, am.top, powerbuf, 1);
+ bn_mul_mont(tmp.d, am.d, am.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, 2);
+
+# if 0
+ for (i = 3; i < 32; i++) {
+ /* Calculate a^i = a^(i-1) * a */
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ }
+# else
+ /* same as above, but uses squaring for 1/2 of operations */
+ for (i = 4; i < 32; i *= 2) {
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ }
+ for (i = 3; i < 8; i += 2) {
+ int j;
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ for (j = 2 * i; j < 32; j *= 2) {
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, j);
+ }
+ }
+ for (; i < 16; i += 2) {
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, 2 * i);
+ }
+ for (; i < 32; i += 2) {
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ }
+# endif
+ bits--;
+ for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ bn_gather5(tmp.d, top, powerbuf, wvalue);
+
+ /*
+ * Scan the exponent one window at a time starting from the most
+ * significant bits.
+ */
+ while (bits >= 0) {
+ for (wvalue = 0, i = 0; i < 5; i++, bits--)
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue);
+ }
+
+ tmp.top = top;
+ bn_correct_top(&tmp);
+ } else
+#endif
+ {
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, window))
+ goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, window))
+ goto err;
+
+ /*
+ * If the window size is greater than 1, then calculate
+ * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) (even
+ * powers could instead be computed as (a^(i/2))^2 to use the slight
+ * performance advantage of sqr over mul).
+ */
+ if (window > 1) {
+ if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
+ goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 2,
+ window))
+ goto err;
+ for (i = 3; i < numPowers; i++) {
+ /* Calculate a^i = a^(i-1) * a */
+ if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
+ goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, i,
+ window))
+ goto err;
+ }
+ }
+
+ bits--;
+ for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&tmp, top, powerbuf, wvalue,
+ window))
+ goto err;
+
+ /*
+ * Scan the exponent one window at a time starting from the most
+ * significant bits.
+ */
+ while (bits >= 0) {
+ wvalue = 0; /* The 'value' of the window */
+
+ /* Scan the window, squaring the result as we go */
+ for (i = 0; i < window; i++, bits--) {
+ if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
+ goto err;
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ }
+
+ /*
+ * Fetch the appropriate pre-computed value from the pre-buf
+ */
+ if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&am, top, powerbuf, wvalue,
+ window))
+ goto err;
+
+ /* Multiply the result into the intermediate result */
+ if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
+ goto err;
+ }
+ }
+
+ /* Convert the final result from montgomery to standard format */
+ if (!BN_from_montgomery(rr, &tmp, mont, ctx))
+ goto err;
+ ret = 1;
+ err:
+ if ((in_mont == NULL) && (mont != NULL))
+ BN_MONT_CTX_free(mont);
+ if (powerbuf != NULL) {
+ OPENSSL_cleanse(powerbuf, powerbufLen);
+ if (powerbufFree)
+ OPENSSL_free(powerbufFree);
+ }
+ BN_CTX_end(ctx);
+ return (ret);
+}
+
+int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+ BN_MONT_CTX *mont = NULL;
+ int b, bits, ret = 0;
+ int r_is_one;
+ BN_ULONG w, next_w;
+ BIGNUM *d, *r, *t;
+ BIGNUM *swap_tmp;
+#define BN_MOD_MUL_WORD(r, w, m) \
+ (BN_mul_word(r, (w)) && \
+ (/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \
+ (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
+ /*
+ * BN_MOD_MUL_WORD is only used with 'w' large, so the BN_ucmp test is
+ * probably more overhead than always using BN_mod (which uses BN_copy if
+ * a similar test returns true).
+ */
+ /*
+ * We can use BN_mod and do not need BN_nnmod because our accumulator is
+ * never negative (the result of BN_mod does not depend on the sign of
+ * the modulus).
+ */
+#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
+ (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
+
+ if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+ /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+ BNerr(BN_F_BN_MOD_EXP_MONT_WORD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return -1;
+ }
+
+ bn_check_top(p);
+ bn_check_top(m);
+
+ if (!BN_is_odd(m)) {
+ BNerr(BN_F_BN_MOD_EXP_MONT_WORD, BN_R_CALLED_WITH_EVEN_MODULUS);
+ return (0);
+ }
+ if (m->top == 1)
+ a %= m->d[0]; /* make sure that 'a' is reduced */
+
+ bits = BN_num_bits(p);
+ if (bits == 0) {
+ /* x**0 mod 1 is still zero. */
+ if (BN_is_one(m)) {
+ ret = 1;
+ BN_zero(rr);
+ } else {
+ ret = BN_one(rr);
+ }
+ return ret;
+ }
+ if (a == 0) {
+ BN_zero(rr);
+ ret = 1;
+ return ret;
+ }
+
+ BN_CTX_start(ctx);
+ d = BN_CTX_get(ctx);
+ r = BN_CTX_get(ctx);
+ t = BN_CTX_get(ctx);
+ if (d == NULL || r == NULL || t == NULL)
+ goto err;
+
+ if (in_mont != NULL)
+ mont = in_mont;
+ else {
+ if ((mont = BN_MONT_CTX_new()) == NULL)
+ goto err;
+ if (!BN_MONT_CTX_set(mont, m, ctx))
+ goto err;
+ }
+
+ r_is_one = 1; /* except for Montgomery factor */
+
+ /* bits-1 >= 0 */
+
+ /* The result is accumulated in the product r*w. */
+ w = a; /* bit 'bits-1' of 'p' is always set */
+ for (b = bits - 2; b >= 0; b--) {
+ /* First, square r*w. */
+ next_w = w * w;
+ if ((next_w / w) != w) { /* overflow */
+ if (r_is_one) {
+ if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
+ goto err;
+ r_is_one = 0;
+ } else {
+ if (!BN_MOD_MUL_WORD(r, w, m))
+ goto err;
+ }
+ next_w = 1;
+ }
+ w = next_w;
+ if (!r_is_one) {
+ if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+ goto err;
+ }
+
+ /* Second, multiply r*w by 'a' if exponent bit is set. */
+ if (BN_is_bit_set(p, b)) {
+ next_w = w * a;
+ if ((next_w / a) != w) { /* overflow */
+ if (r_is_one) {
+ if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
+ goto err;
+ r_is_one = 0;
+ } else {
+ if (!BN_MOD_MUL_WORD(r, w, m))
+ goto err;
+ }
+ next_w = a;
+ }
+ w = next_w;
+ }
+ }
+
+ /* Finally, set r:=r*w. */
+ if (w != 1) {
+ if (r_is_one) {
+ if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
+ goto err;
+ r_is_one = 0;
+ } else {
+ if (!BN_MOD_MUL_WORD(r, w, m))
+ goto err;
+ }
+ }
+
+ if (r_is_one) { /* can happen only if a == 1 */
+ if (!BN_one(rr))
+ goto err;
+ } else {
+ if (!BN_from_montgomery(rr, r, mont, ctx))
+ goto err;
+ }
+ ret = 1;
+ err:
+ if ((in_mont == NULL) && (mont != NULL))
+ BN_MONT_CTX_free(mont);
+ BN_CTX_end(ctx);
+ bn_check_top(rr);
+ return (ret);
+}
+
+/* The old fallback, simple version :-) */
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx)
+{
+ int i, j, bits, ret = 0, wstart, wend, window, wvalue;
+ int start = 1;
+ BIGNUM *d;
+ /* Table of variables obtained from 'ctx' */
+ BIGNUM *val[TABLE_SIZE];
+
+ if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+ /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+ BNerr(BN_F_BN_MOD_EXP_SIMPLE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return -1;
+ }
+
+ bits = BN_num_bits(p);
+ if (bits == 0) {
+ /* x**0 mod 1 is still zero. */
+ if (BN_is_one(m)) {
+ ret = 1;
+ BN_zero(r);
+ } else {
+ ret = BN_one(r);
+ }
+ return ret;
+ }
+
+ BN_CTX_start(ctx);
+ d = BN_CTX_get(ctx);
+ val[0] = BN_CTX_get(ctx);
+ if (!d || !val[0])
+ goto err;
+
+ if (!BN_nnmod(val[0], a, m, ctx))
+ goto err; /* 1 */
+ if (BN_is_zero(val[0])) {
+ BN_zero(r);
+ ret = 1;
+ goto err;
+ }
+
+ window = BN_window_bits_for_exponent_size(bits);
+ if (window > 1) {
+ if (!BN_mod_mul(d, val[0], val[0], m, ctx))
+ goto err; /* 2 */
+ j = 1 << (window - 1);
+ for (i = 1; i < j; i++) {
+ if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
+ !BN_mod_mul(val[i], val[i - 1], d, m, ctx))
+ goto err;
+ }
+ }
+
+ start = 1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue = 0; /* The 'value' of the window */
+ wstart = bits - 1; /* The top bit of the window */
+ wend = 0; /* The bottom bit of the window */
+
+ if (!BN_one(r))
+ goto err;
+
+ for (;;) {
+ if (BN_is_bit_set(p, wstart) == 0) {
+ if (!start)
+ if (!BN_mod_mul(r, r, r, m, ctx))
+ goto err;
+ if (wstart == 0)
+ break;
+ wstart--;
+ continue;
+ }
+ /*
+ * We now have wstart on a 'set' bit, we now need to work out how bit
+ * a window to do. To do this we need to scan forward until the last
+ * set bit before the end of the window
+ */
+ j = wstart;
+ wvalue = 1;
+ wend = 0;
+ for (i = 1; i < window; i++) {
+ if (wstart - i < 0)
+ break;
+ if (BN_is_bit_set(p, wstart - i)) {
+ wvalue <<= (i - wend);
+ wvalue |= 1;
+ wend = i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j = wend + 1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i = 0; i < j; i++) {
+ if (!BN_mod_mul(r, r, r, m, ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul(r, r, val[wvalue >> 1], m, ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart -= wend + 1;
+ wvalue = 0;
+ start = 0;
+ if (wstart < 0)
+ break;
+ }
+ ret = 1;
+ err:
+ BN_CTX_end(ctx);
+ bn_check_top(r);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,916 +0,0 @@
-/* crypto/bn/bn_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-const char BN_version[] = "Big Number" OPENSSL_VERSION_PTEXT;
-
-/* This stuff appears to be completely unused, so is deprecated */
-#ifndef OPENSSL_NO_DEPRECATED
-/*-
- * For a 32 bit machine
- * 2 - 4 == 128
- * 3 - 8 == 256
- * 4 - 16 == 512
- * 5 - 32 == 1024
- * 6 - 64 == 2048
- * 7 - 128 == 4096
- * 8 - 256 == 8192
- */
-static int bn_limit_bits = 0;
-static int bn_limit_num = 8; /* (1<<bn_limit_bits) */
-static int bn_limit_bits_low = 0;
-static int bn_limit_num_low = 8; /* (1<<bn_limit_bits_low) */
-static int bn_limit_bits_high = 0;
-static int bn_limit_num_high = 8; /* (1<<bn_limit_bits_high) */
-static int bn_limit_bits_mont = 0;
-static int bn_limit_num_mont = 8; /* (1<<bn_limit_bits_mont) */
-
-void BN_set_params(int mult, int high, int low, int mont)
-{
- if (mult >= 0) {
- if (mult > (int)(sizeof(int) * 8) - 1)
- mult = sizeof(int) * 8 - 1;
- bn_limit_bits = mult;
- bn_limit_num = 1 << mult;
- }
- if (high >= 0) {
- if (high > (int)(sizeof(int) * 8) - 1)
- high = sizeof(int) * 8 - 1;
- bn_limit_bits_high = high;
- bn_limit_num_high = 1 << high;
- }
- if (low >= 0) {
- if (low > (int)(sizeof(int) * 8) - 1)
- low = sizeof(int) * 8 - 1;
- bn_limit_bits_low = low;
- bn_limit_num_low = 1 << low;
- }
- if (mont >= 0) {
- if (mont > (int)(sizeof(int) * 8) - 1)
- mont = sizeof(int) * 8 - 1;
- bn_limit_bits_mont = mont;
- bn_limit_num_mont = 1 << mont;
- }
-}
-
-int BN_get_params(int which)
-{
- if (which == 0)
- return (bn_limit_bits);
- else if (which == 1)
- return (bn_limit_bits_high);
- else if (which == 2)
- return (bn_limit_bits_low);
- else if (which == 3)
- return (bn_limit_bits_mont);
- else
- return (0);
-}
-#endif
-
-const BIGNUM *BN_value_one(void)
-{
- static const BN_ULONG data_one = 1L;
- static const BIGNUM const_one =
- { (BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA };
-
- return (&const_one);
-}
-
-int BN_num_bits_word(BN_ULONG l)
-{
- static const unsigned char bits[256] = {
- 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
- 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffffffff00000000L) {
- if (l & 0xffff000000000000L) {
- if (l & 0xff00000000000000L) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000L) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-#else
-# ifdef SIXTY_FOUR_BIT
- if (l & 0xffffffff00000000LL) {
- if (l & 0xffff000000000000LL) {
- if (l & 0xff00000000000000LL) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000LL) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-# endif
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffff0000L) {
- if (l & 0xff000000L)
- return (bits[(int)(l >> 24L)] + 24);
- else
- return (bits[(int)(l >> 16L)] + 16);
- } else
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xff00L)
- return (bits[(int)(l >> 8)] + 8);
- else
-#endif
- return (bits[(int)(l)]);
- }
- }
-}
-
-int BN_num_bits(const BIGNUM *a)
-{
- int i = a->top - 1;
- bn_check_top(a);
-
- if (BN_is_zero(a))
- return 0;
- return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
-}
-
-void BN_clear_free(BIGNUM *a)
-{
- int i;
-
- if (a == NULL)
- return;
- bn_check_top(a);
- if (a->d != NULL) {
- OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
- if (!(BN_get_flags(a, BN_FLG_STATIC_DATA)))
- OPENSSL_free(a->d);
- }
- i = BN_get_flags(a, BN_FLG_MALLOCED);
- OPENSSL_cleanse(a, sizeof(BIGNUM));
- if (i)
- OPENSSL_free(a);
-}
-
-void BN_free(BIGNUM *a)
-{
- if (a == NULL)
- return;
- bn_check_top(a);
- if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
- OPENSSL_free(a->d);
- if (a->flags & BN_FLG_MALLOCED)
- OPENSSL_free(a);
- else {
-#ifndef OPENSSL_NO_DEPRECATED
- a->flags |= BN_FLG_FREE;
-#endif
- a->d = NULL;
- }
-}
-
-void BN_init(BIGNUM *a)
-{
- memset(a, 0, sizeof(BIGNUM));
- bn_check_top(a);
-}
-
-BIGNUM *BN_new(void)
-{
- BIGNUM *ret;
-
- if ((ret = (BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) {
- BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- ret->flags = BN_FLG_MALLOCED;
- ret->top = 0;
- ret->neg = 0;
- ret->dmax = 0;
- ret->d = NULL;
- bn_check_top(ret);
- return (ret);
-}
-
-/* This is used both by bn_expand2() and bn_dup_expand() */
-/* The caller MUST check that words > b->dmax before calling this */
-static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
-{
- BN_ULONG *A, *a = NULL;
- const BN_ULONG *B;
- int i;
-
- bn_check_top(b);
-
- if (words > (INT_MAX / (4 * BN_BITS2))) {
- BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
- return NULL;
- }
- if (BN_get_flags(b, BN_FLG_STATIC_DATA)) {
- BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
- return (NULL);
- }
- a = A = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words);
- if (A == NULL) {
- BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
-#ifdef PURIFY
- /*
- * Valgrind complains in BN_consttime_swap because we process the whole
- * array even if it's not initialised yet. This doesn't matter in that
- * function - what's important is constant time operation (we're not
- * actually going to use the data)
- */
- memset(a, 0, sizeof(BN_ULONG) * words);
-#endif
-
-#if 1
- B = b->d;
- /* Check if the previous number needs to be copied */
- if (B != NULL) {
- for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
- /*
- * The fact that the loop is unrolled
- * 4-wise is a tribute to Intel. It's
- * the one that doesn't have enough
- * registers to accomodate more data.
- * I'd unroll it 8-wise otherwise:-)
- *
- * <appro at fy.chalmers.se>
- */
- BN_ULONG a0, a1, a2, a3;
- a0 = B[0];
- a1 = B[1];
- a2 = B[2];
- a3 = B[3];
- A[0] = a0;
- A[1] = a1;
- A[2] = a2;
- A[3] = a3;
- }
- /*
- * workaround for ultrix cc: without 'case 0', the optimizer does
- * the switch table by doing a=top&3; a--; goto jump_table[a];
- * which fails for top== 0
- */
- switch (b->top & 3) {
- case 3:
- A[2] = B[2];
- case 2:
- A[1] = B[1];
- case 1:
- A[0] = B[0];
- case 0:
- ;
- }
- }
-#else
- memset(A, 0, sizeof(BN_ULONG) * words);
- memcpy(A, b->d, sizeof(b->d[0]) * b->top);
-#endif
-
- return (a);
-}
-
-/*
- * This is an internal function that can be used instead of bn_expand2() when
- * there is a need to copy BIGNUMs instead of only expanding the data part,
- * while still expanding them. Especially useful when needing to expand
- * BIGNUMs that are declared 'const' and should therefore not be changed. The
- * reason to use this instead of a BN_dup() followed by a bn_expand2() is
- * memory allocation overhead. A BN_dup() followed by a bn_expand2() will
- * allocate new memory for the BIGNUM data twice, and free it once, while
- * bn_dup_expand() makes sure allocation is made only once.
- */
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
-{
- BIGNUM *r = NULL;
-
- bn_check_top(b);
-
- /*
- * This function does not work if words <= b->dmax && top < words because
- * BN_dup() does not preserve 'dmax'! (But bn_dup_expand() is not used
- * anywhere yet.)
- */
-
- if (words > b->dmax) {
- BN_ULONG *a = bn_expand_internal(b, words);
-
- if (a) {
- r = BN_new();
- if (r) {
- r->top = b->top;
- r->dmax = words;
- r->neg = b->neg;
- r->d = a;
- } else {
- /* r == NULL, BN_new failure */
- OPENSSL_free(a);
- }
- }
- /*
- * If a == NULL, there was an error in allocation in
- * bn_expand_internal(), and NULL should be returned
- */
- } else {
- r = BN_dup(b);
- }
-
- bn_check_top(r);
- return r;
-}
-#endif
-
-/*
- * This is an internal function that should not be used in applications. It
- * ensures that 'b' has enough room for a 'words' word number and initialises
- * any unused part of b->d with leading zeros. It is mostly used by the
- * various BIGNUM routines. If there is an error, NULL is returned. If not,
- * 'b' is returned.
- */
-
-BIGNUM *bn_expand2(BIGNUM *b, int words)
-{
- bn_check_top(b);
-
- if (words > b->dmax) {
- BN_ULONG *a = bn_expand_internal(b, words);
- if (!a)
- return NULL;
- if (b->d)
- OPENSSL_free(b->d);
- b->d = a;
- b->dmax = words;
- }
-
-/* None of this should be necessary because of what b->top means! */
-#if 0
- /*
- * NB: bn_wexpand() calls this only if the BIGNUM really has to grow
- */
- if (b->top < b->dmax) {
- int i;
- BN_ULONG *A = &(b->d[b->top]);
- for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
- A[0] = 0;
- A[1] = 0;
- A[2] = 0;
- A[3] = 0;
- A[4] = 0;
- A[5] = 0;
- A[6] = 0;
- A[7] = 0;
- }
- for (i = (b->dmax - b->top) & 7; i > 0; i--, A++)
- A[0] = 0;
- assert(A == &(b->d[b->dmax]));
- }
-#endif
- bn_check_top(b);
- return b;
-}
-
-BIGNUM *BN_dup(const BIGNUM *a)
-{
- BIGNUM *t;
-
- if (a == NULL)
- return NULL;
- bn_check_top(a);
-
- t = BN_new();
- if (t == NULL)
- return NULL;
- if (!BN_copy(t, a)) {
- BN_free(t);
- return NULL;
- }
- bn_check_top(t);
- return t;
-}
-
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
-{
- int i;
- BN_ULONG *A;
- const BN_ULONG *B;
-
- bn_check_top(b);
-
- if (a == b)
- return (a);
- if (bn_wexpand(a, b->top) == NULL)
- return (NULL);
-
-#if 1
- A = a->d;
- B = b->d;
- for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
- BN_ULONG a0, a1, a2, a3;
- a0 = B[0];
- a1 = B[1];
- a2 = B[2];
- a3 = B[3];
- A[0] = a0;
- A[1] = a1;
- A[2] = a2;
- A[3] = a3;
- }
- /* ultrix cc workaround, see comments in bn_expand_internal */
- switch (b->top & 3) {
- case 3:
- A[2] = B[2];
- case 2:
- A[1] = B[1];
- case 1:
- A[0] = B[0];
- case 0:;
- }
-#else
- memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
-#endif
-
- a->top = b->top;
- a->neg = b->neg;
- bn_check_top(a);
- return (a);
-}
-
-void BN_swap(BIGNUM *a, BIGNUM *b)
-{
- int flags_old_a, flags_old_b;
- BN_ULONG *tmp_d;
- int tmp_top, tmp_dmax, tmp_neg;
-
- bn_check_top(a);
- bn_check_top(b);
-
- flags_old_a = a->flags;
- flags_old_b = b->flags;
-
- tmp_d = a->d;
- tmp_top = a->top;
- tmp_dmax = a->dmax;
- tmp_neg = a->neg;
-
- a->d = b->d;
- a->top = b->top;
- a->dmax = b->dmax;
- a->neg = b->neg;
-
- b->d = tmp_d;
- b->top = tmp_top;
- b->dmax = tmp_dmax;
- b->neg = tmp_neg;
-
- a->flags =
- (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
- b->flags =
- (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
- bn_check_top(a);
- bn_check_top(b);
-}
-
-void BN_clear(BIGNUM *a)
-{
- bn_check_top(a);
- if (a->d != NULL)
- memset(a->d, 0, a->dmax * sizeof(a->d[0]));
- a->top = 0;
- a->neg = 0;
-}
-
-BN_ULONG BN_get_word(const BIGNUM *a)
-{
- if (a->top > 1)
- return BN_MASK2;
- else if (a->top == 1)
- return a->d[0];
- /* a->top == 0 */
- return 0;
-}
-
-int BN_set_word(BIGNUM *a, BN_ULONG w)
-{
- bn_check_top(a);
- if (bn_expand(a, (int)sizeof(BN_ULONG) * 8) == NULL)
- return (0);
- a->neg = 0;
- a->d[0] = w;
- a->top = (w ? 1 : 0);
- bn_check_top(a);
- return (1);
-}
-
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
-{
- unsigned int i, m;
- unsigned int n;
- BN_ULONG l;
- BIGNUM *bn = NULL;
-
- if (ret == NULL)
- ret = bn = BN_new();
- if (ret == NULL)
- return (NULL);
- bn_check_top(ret);
- l = 0;
- n = len;
- if (n == 0) {
- ret->top = 0;
- return (ret);
- }
- i = ((n - 1) / BN_BYTES) + 1;
- m = ((n - 1) % (BN_BYTES));
- if (bn_wexpand(ret, (int)i) == NULL) {
- if (bn)
- BN_free(bn);
- return NULL;
- }
- ret->top = i;
- ret->neg = 0;
- while (n--) {
- l = (l << 8L) | *(s++);
- if (m-- == 0) {
- ret->d[--i] = l;
- l = 0;
- m = BN_BYTES - 1;
- }
- }
- /*
- * need to call this due to clear byte at top if avoiding having the top
- * bit set (-ve number)
- */
- bn_correct_top(ret);
- return (ret);
-}
-
-/* ignore negative */
-int BN_bn2bin(const BIGNUM *a, unsigned char *to)
-{
- int n, i;
- BN_ULONG l;
-
- bn_check_top(a);
- n = i = BN_num_bytes(a);
- while (i--) {
- l = a->d[i / BN_BYTES];
- *(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
- }
- return (n);
-}
-
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
-{
- int i;
- BN_ULONG t1, t2, *ap, *bp;
-
- bn_check_top(a);
- bn_check_top(b);
-
- i = a->top - b->top;
- if (i != 0)
- return (i);
- ap = a->d;
- bp = b->d;
- for (i = a->top - 1; i >= 0; i--) {
- t1 = ap[i];
- t2 = bp[i];
- if (t1 != t2)
- return ((t1 > t2) ? 1 : -1);
- }
- return (0);
-}
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b)
-{
- int i;
- int gt, lt;
- BN_ULONG t1, t2;
-
- if ((a == NULL) || (b == NULL)) {
- if (a != NULL)
- return (-1);
- else if (b != NULL)
- return (1);
- else
- return (0);
- }
-
- bn_check_top(a);
- bn_check_top(b);
-
- if (a->neg != b->neg) {
- if (a->neg)
- return (-1);
- else
- return (1);
- }
- if (a->neg == 0) {
- gt = 1;
- lt = -1;
- } else {
- gt = -1;
- lt = 1;
- }
-
- if (a->top > b->top)
- return (gt);
- if (a->top < b->top)
- return (lt);
- for (i = a->top - 1; i >= 0; i--) {
- t1 = a->d[i];
- t2 = b->d[i];
- if (t1 > t2)
- return (gt);
- if (t1 < t2)
- return (lt);
- }
- return (0);
-}
-
-int BN_set_bit(BIGNUM *a, int n)
-{
- int i, j, k;
-
- if (n < 0)
- return 0;
-
- i = n / BN_BITS2;
- j = n % BN_BITS2;
- if (a->top <= i) {
- if (bn_wexpand(a, i + 1) == NULL)
- return (0);
- for (k = a->top; k < i + 1; k++)
- a->d[k] = 0;
- a->top = i + 1;
- }
-
- a->d[i] |= (((BN_ULONG)1) << j);
- bn_check_top(a);
- return (1);
-}
-
-int BN_clear_bit(BIGNUM *a, int n)
-{
- int i, j;
-
- bn_check_top(a);
- if (n < 0)
- return 0;
-
- i = n / BN_BITS2;
- j = n % BN_BITS2;
- if (a->top <= i)
- return (0);
-
- a->d[i] &= (~(((BN_ULONG)1) << j));
- bn_correct_top(a);
- return (1);
-}
-
-int BN_is_bit_set(const BIGNUM *a, int n)
-{
- int i, j;
-
- bn_check_top(a);
- if (n < 0)
- return 0;
- i = n / BN_BITS2;
- j = n % BN_BITS2;
- if (a->top <= i)
- return 0;
- return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
-}
-
-int BN_mask_bits(BIGNUM *a, int n)
-{
- int b, w;
-
- bn_check_top(a);
- if (n < 0)
- return 0;
-
- w = n / BN_BITS2;
- b = n % BN_BITS2;
- if (w >= a->top)
- return 0;
- if (b == 0)
- a->top = w;
- else {
- a->top = w + 1;
- a->d[w] &= ~(BN_MASK2 << b);
- }
- bn_correct_top(a);
- return (1);
-}
-
-void BN_set_negative(BIGNUM *a, int b)
-{
- if (b && !BN_is_zero(a))
- a->neg = 1;
- else
- a->neg = 0;
-}
-
-int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
-{
- int i;
- BN_ULONG aa, bb;
-
- aa = a[n - 1];
- bb = b[n - 1];
- if (aa != bb)
- return ((aa > bb) ? 1 : -1);
- for (i = n - 2; i >= 0; i--) {
- aa = a[i];
- bb = b[i];
- if (aa != bb)
- return ((aa > bb) ? 1 : -1);
- }
- return (0);
-}
-
-/*
- * Here follows a specialised variants of bn_cmp_words(). It has the
- * property of performing the operation on arrays of different sizes. The
- * sizes of those arrays is expressed through cl, which is the common length
- * ( basicall, min(len(a),len(b)) ), and dl, which is the delta between the
- * two lengths, calculated as len(a)-len(b). All lengths are the number of
- * BN_ULONGs...
- */
-
-int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl)
-{
- int n, i;
- n = cl - 1;
-
- if (dl < 0) {
- for (i = dl; i < 0; i++) {
- if (b[n - i] != 0)
- return -1; /* a < b */
- }
- }
- if (dl > 0) {
- for (i = dl; i > 0; i--) {
- if (a[n + i] != 0)
- return 1; /* a > b */
- }
- }
- return bn_cmp_words(a, b, cl);
-}
-
-/*
- * Constant-time conditional swap of a and b.
- * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
- * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
- * and that no more than nwords are used by either a or b.
- * a and b cannot be the same number
- */
-void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
-{
- BN_ULONG t;
- int i;
-
- bn_wcheck_size(a, nwords);
- bn_wcheck_size(b, nwords);
-
- assert(a != b);
- assert((condition & (condition - 1)) == 0);
- assert(sizeof(BN_ULONG) >= sizeof(int));
-
- condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
-
- t = (a->top ^ b->top) & condition;
- a->top ^= t;
- b->top ^= t;
-
-#define BN_CONSTTIME_SWAP(ind) \
- do { \
- t = (a->d[ind] ^ b->d[ind]) & condition; \
- a->d[ind] ^= t; \
- b->d[ind] ^= t; \
- } while (0)
-
- switch (nwords) {
- default:
- for (i = 10; i < nwords; i++)
- BN_CONSTTIME_SWAP(i);
- /* Fallthrough */
- case 10:
- BN_CONSTTIME_SWAP(9); /* Fallthrough */
- case 9:
- BN_CONSTTIME_SWAP(8); /* Fallthrough */
- case 8:
- BN_CONSTTIME_SWAP(7); /* Fallthrough */
- case 7:
- BN_CONSTTIME_SWAP(6); /* Fallthrough */
- case 6:
- BN_CONSTTIME_SWAP(5); /* Fallthrough */
- case 5:
- BN_CONSTTIME_SWAP(4); /* Fallthrough */
- case 4:
- BN_CONSTTIME_SWAP(3); /* Fallthrough */
- case 3:
- BN_CONSTTIME_SWAP(2); /* Fallthrough */
- case 2:
- BN_CONSTTIME_SWAP(1); /* Fallthrough */
- case 1:
- BN_CONSTTIME_SWAP(0);
- }
-#undef BN_CONSTTIME_SWAP
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/bn_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,916 @@
+/* crypto/bn/bn_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef BN_DEBUG
+# undef NDEBUG /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
+#include <assert.h>
+#include <limits.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+const char BN_version[] = "Big Number" OPENSSL_VERSION_PTEXT;
+
+/* This stuff appears to be completely unused, so is deprecated */
+#ifndef OPENSSL_NO_DEPRECATED
+/*-
+ * For a 32 bit machine
+ * 2 - 4 == 128
+ * 3 - 8 == 256
+ * 4 - 16 == 512
+ * 5 - 32 == 1024
+ * 6 - 64 == 2048
+ * 7 - 128 == 4096
+ * 8 - 256 == 8192
+ */
+static int bn_limit_bits = 0;
+static int bn_limit_num = 8; /* (1<<bn_limit_bits) */
+static int bn_limit_bits_low = 0;
+static int bn_limit_num_low = 8; /* (1<<bn_limit_bits_low) */
+static int bn_limit_bits_high = 0;
+static int bn_limit_num_high = 8; /* (1<<bn_limit_bits_high) */
+static int bn_limit_bits_mont = 0;
+static int bn_limit_num_mont = 8; /* (1<<bn_limit_bits_mont) */
+
+void BN_set_params(int mult, int high, int low, int mont)
+{
+ if (mult >= 0) {
+ if (mult > (int)(sizeof(int) * 8) - 1)
+ mult = sizeof(int) * 8 - 1;
+ bn_limit_bits = mult;
+ bn_limit_num = 1 << mult;
+ }
+ if (high >= 0) {
+ if (high > (int)(sizeof(int) * 8) - 1)
+ high = sizeof(int) * 8 - 1;
+ bn_limit_bits_high = high;
+ bn_limit_num_high = 1 << high;
+ }
+ if (low >= 0) {
+ if (low > (int)(sizeof(int) * 8) - 1)
+ low = sizeof(int) * 8 - 1;
+ bn_limit_bits_low = low;
+ bn_limit_num_low = 1 << low;
+ }
+ if (mont >= 0) {
+ if (mont > (int)(sizeof(int) * 8) - 1)
+ mont = sizeof(int) * 8 - 1;
+ bn_limit_bits_mont = mont;
+ bn_limit_num_mont = 1 << mont;
+ }
+}
+
+int BN_get_params(int which)
+{
+ if (which == 0)
+ return (bn_limit_bits);
+ else if (which == 1)
+ return (bn_limit_bits_high);
+ else if (which == 2)
+ return (bn_limit_bits_low);
+ else if (which == 3)
+ return (bn_limit_bits_mont);
+ else
+ return (0);
+}
+#endif
+
+const BIGNUM *BN_value_one(void)
+{
+ static const BN_ULONG data_one = 1L;
+ static const BIGNUM const_one =
+ { (BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA };
+
+ return (&const_one);
+}
+
+int BN_num_bits_word(BN_ULONG l)
+{
+ static const unsigned char bits[256] = {
+ 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
+ 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
+ 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+ };
+
+#if defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xffffffff00000000L) {
+ if (l & 0xffff000000000000L) {
+ if (l & 0xff00000000000000L) {
+ return (bits[(int)(l >> 56)] + 56);
+ } else
+ return (bits[(int)(l >> 48)] + 48);
+ } else {
+ if (l & 0x0000ff0000000000L) {
+ return (bits[(int)(l >> 40)] + 40);
+ } else
+ return (bits[(int)(l >> 32)] + 32);
+ }
+ } else
+#else
+# ifdef SIXTY_FOUR_BIT
+ if (l & 0xffffffff00000000LL) {
+ if (l & 0xffff000000000000LL) {
+ if (l & 0xff00000000000000LL) {
+ return (bits[(int)(l >> 56)] + 56);
+ } else
+ return (bits[(int)(l >> 48)] + 48);
+ } else {
+ if (l & 0x0000ff0000000000LL) {
+ return (bits[(int)(l >> 40)] + 40);
+ } else
+ return (bits[(int)(l >> 32)] + 32);
+ }
+ } else
+# endif
+#endif
+ {
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xffff0000L) {
+ if (l & 0xff000000L)
+ return (bits[(int)(l >> 24L)] + 24);
+ else
+ return (bits[(int)(l >> 16L)] + 16);
+ } else
+#endif
+ {
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xff00L)
+ return (bits[(int)(l >> 8)] + 8);
+ else
+#endif
+ return (bits[(int)(l)]);
+ }
+ }
+}
+
+int BN_num_bits(const BIGNUM *a)
+{
+ int i = a->top - 1;
+ bn_check_top(a);
+
+ if (BN_is_zero(a))
+ return 0;
+ return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
+}
+
+void BN_clear_free(BIGNUM *a)
+{
+ int i;
+
+ if (a == NULL)
+ return;
+ bn_check_top(a);
+ if (a->d != NULL) {
+ OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
+ if (!(BN_get_flags(a, BN_FLG_STATIC_DATA)))
+ OPENSSL_free(a->d);
+ }
+ i = BN_get_flags(a, BN_FLG_MALLOCED);
+ OPENSSL_cleanse(a, sizeof(BIGNUM));
+ if (i)
+ OPENSSL_free(a);
+}
+
+void BN_free(BIGNUM *a)
+{
+ if (a == NULL)
+ return;
+ bn_check_top(a);
+ if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
+ OPENSSL_free(a->d);
+ if (a->flags & BN_FLG_MALLOCED)
+ OPENSSL_free(a);
+ else {
+#ifndef OPENSSL_NO_DEPRECATED
+ a->flags |= BN_FLG_FREE;
+#endif
+ a->d = NULL;
+ }
+}
+
+void BN_init(BIGNUM *a)
+{
+ memset(a, 0, sizeof(BIGNUM));
+ bn_check_top(a);
+}
+
+BIGNUM *BN_new(void)
+{
+ BIGNUM *ret;
+
+ if ((ret = (BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) {
+ BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ ret->flags = BN_FLG_MALLOCED;
+ ret->top = 0;
+ ret->neg = 0;
+ ret->dmax = 0;
+ ret->d = NULL;
+ bn_check_top(ret);
+ return (ret);
+}
+
+/* This is used both by bn_expand2() and bn_dup_expand() */
+/* The caller MUST check that words > b->dmax before calling this */
+static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
+{
+ BN_ULONG *A, *a = NULL;
+ const BN_ULONG *B;
+ int i;
+
+ bn_check_top(b);
+
+ if (words > (INT_MAX / (4 * BN_BITS2))) {
+ BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
+ return NULL;
+ }
+ if (BN_get_flags(b, BN_FLG_STATIC_DATA)) {
+ BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
+ return (NULL);
+ }
+ a = A = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words);
+ if (A == NULL) {
+ BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+#ifdef PURIFY
+ /*
+ * Valgrind complains in BN_consttime_swap because we process the whole
+ * array even if it's not initialised yet. This doesn't matter in that
+ * function - what's important is constant time operation (we're not
+ * actually going to use the data)
+ */
+ memset(a, 0, sizeof(BN_ULONG) * words);
+#endif
+
+#if 1
+ B = b->d;
+ /* Check if the previous number needs to be copied */
+ if (B != NULL) {
+ for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
+ /*
+ * The fact that the loop is unrolled
+ * 4-wise is a tribute to Intel. It's
+ * the one that doesn't have enough
+ * registers to accomodate more data.
+ * I'd unroll it 8-wise otherwise:-)
+ *
+ * <appro at fy.chalmers.se>
+ */
+ BN_ULONG a0, a1, a2, a3;
+ a0 = B[0];
+ a1 = B[1];
+ a2 = B[2];
+ a3 = B[3];
+ A[0] = a0;
+ A[1] = a1;
+ A[2] = a2;
+ A[3] = a3;
+ }
+ /*
+ * workaround for ultrix cc: without 'case 0', the optimizer does
+ * the switch table by doing a=top&3; a--; goto jump_table[a];
+ * which fails for top== 0
+ */
+ switch (b->top & 3) {
+ case 3:
+ A[2] = B[2];
+ case 2:
+ A[1] = B[1];
+ case 1:
+ A[0] = B[0];
+ case 0:
+ ;
+ }
+ }
+#else
+ memset(A, 0, sizeof(BN_ULONG) * words);
+ memcpy(A, b->d, sizeof(b->d[0]) * b->top);
+#endif
+
+ return (a);
+}
+
+/*
+ * This is an internal function that can be used instead of bn_expand2() when
+ * there is a need to copy BIGNUMs instead of only expanding the data part,
+ * while still expanding them. Especially useful when needing to expand
+ * BIGNUMs that are declared 'const' and should therefore not be changed. The
+ * reason to use this instead of a BN_dup() followed by a bn_expand2() is
+ * memory allocation overhead. A BN_dup() followed by a bn_expand2() will
+ * allocate new memory for the BIGNUM data twice, and free it once, while
+ * bn_dup_expand() makes sure allocation is made only once.
+ */
+
+#ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
+{
+ BIGNUM *r = NULL;
+
+ bn_check_top(b);
+
+ /*
+ * This function does not work if words <= b->dmax && top < words because
+ * BN_dup() does not preserve 'dmax'! (But bn_dup_expand() is not used
+ * anywhere yet.)
+ */
+
+ if (words > b->dmax) {
+ BN_ULONG *a = bn_expand_internal(b, words);
+
+ if (a) {
+ r = BN_new();
+ if (r) {
+ r->top = b->top;
+ r->dmax = words;
+ r->neg = b->neg;
+ r->d = a;
+ } else {
+ /* r == NULL, BN_new failure */
+ OPENSSL_free(a);
+ }
+ }
+ /*
+ * If a == NULL, there was an error in allocation in
+ * bn_expand_internal(), and NULL should be returned
+ */
+ } else {
+ r = BN_dup(b);
+ }
+
+ bn_check_top(r);
+ return r;
+}
+#endif
+
+/*
+ * This is an internal function that should not be used in applications. It
+ * ensures that 'b' has enough room for a 'words' word number and initialises
+ * any unused part of b->d with leading zeros. It is mostly used by the
+ * various BIGNUM routines. If there is an error, NULL is returned. If not,
+ * 'b' is returned.
+ */
+
+BIGNUM *bn_expand2(BIGNUM *b, int words)
+{
+ bn_check_top(b);
+
+ if (words > b->dmax) {
+ BN_ULONG *a = bn_expand_internal(b, words);
+ if (!a)
+ return NULL;
+ if (b->d)
+ OPENSSL_free(b->d);
+ b->d = a;
+ b->dmax = words;
+ }
+
+/* None of this should be necessary because of what b->top means! */
+#if 0
+ /*
+ * NB: bn_wexpand() calls this only if the BIGNUM really has to grow
+ */
+ if (b->top < b->dmax) {
+ int i;
+ BN_ULONG *A = &(b->d[b->top]);
+ for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
+ A[0] = 0;
+ A[1] = 0;
+ A[2] = 0;
+ A[3] = 0;
+ A[4] = 0;
+ A[5] = 0;
+ A[6] = 0;
+ A[7] = 0;
+ }
+ for (i = (b->dmax - b->top) & 7; i > 0; i--, A++)
+ A[0] = 0;
+ assert(A == &(b->d[b->dmax]));
+ }
+#endif
+ bn_check_top(b);
+ return b;
+}
+
+BIGNUM *BN_dup(const BIGNUM *a)
+{
+ BIGNUM *t;
+
+ if (a == NULL)
+ return NULL;
+ bn_check_top(a);
+
+ t = BN_new();
+ if (t == NULL)
+ return NULL;
+ if (!BN_copy(t, a)) {
+ BN_free(t);
+ return NULL;
+ }
+ bn_check_top(t);
+ return t;
+}
+
+BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
+{
+ int i;
+ BN_ULONG *A;
+ const BN_ULONG *B;
+
+ bn_check_top(b);
+
+ if (a == b)
+ return (a);
+ if (bn_wexpand(a, b->top) == NULL)
+ return (NULL);
+
+#if 1
+ A = a->d;
+ B = b->d;
+ for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
+ BN_ULONG a0, a1, a2, a3;
+ a0 = B[0];
+ a1 = B[1];
+ a2 = B[2];
+ a3 = B[3];
+ A[0] = a0;
+ A[1] = a1;
+ A[2] = a2;
+ A[3] = a3;
+ }
+ /* ultrix cc workaround, see comments in bn_expand_internal */
+ switch (b->top & 3) {
+ case 3:
+ A[2] = B[2];
+ case 2:
+ A[1] = B[1];
+ case 1:
+ A[0] = B[0];
+ case 0:;
+ }
+#else
+ memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
+#endif
+
+ a->top = b->top;
+ a->neg = b->neg;
+ bn_check_top(a);
+ return (a);
+}
+
+void BN_swap(BIGNUM *a, BIGNUM *b)
+{
+ int flags_old_a, flags_old_b;
+ BN_ULONG *tmp_d;
+ int tmp_top, tmp_dmax, tmp_neg;
+
+ bn_check_top(a);
+ bn_check_top(b);
+
+ flags_old_a = a->flags;
+ flags_old_b = b->flags;
+
+ tmp_d = a->d;
+ tmp_top = a->top;
+ tmp_dmax = a->dmax;
+ tmp_neg = a->neg;
+
+ a->d = b->d;
+ a->top = b->top;
+ a->dmax = b->dmax;
+ a->neg = b->neg;
+
+ b->d = tmp_d;
+ b->top = tmp_top;
+ b->dmax = tmp_dmax;
+ b->neg = tmp_neg;
+
+ a->flags =
+ (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
+ b->flags =
+ (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
+ bn_check_top(a);
+ bn_check_top(b);
+}
+
+void BN_clear(BIGNUM *a)
+{
+ bn_check_top(a);
+ if (a->d != NULL)
+ OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
+ a->top = 0;
+ a->neg = 0;
+}
+
+BN_ULONG BN_get_word(const BIGNUM *a)
+{
+ if (a->top > 1)
+ return BN_MASK2;
+ else if (a->top == 1)
+ return a->d[0];
+ /* a->top == 0 */
+ return 0;
+}
+
+int BN_set_word(BIGNUM *a, BN_ULONG w)
+{
+ bn_check_top(a);
+ if (bn_expand(a, (int)sizeof(BN_ULONG) * 8) == NULL)
+ return (0);
+ a->neg = 0;
+ a->d[0] = w;
+ a->top = (w ? 1 : 0);
+ bn_check_top(a);
+ return (1);
+}
+
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
+{
+ unsigned int i, m;
+ unsigned int n;
+ BN_ULONG l;
+ BIGNUM *bn = NULL;
+
+ if (ret == NULL)
+ ret = bn = BN_new();
+ if (ret == NULL)
+ return (NULL);
+ bn_check_top(ret);
+ l = 0;
+ n = len;
+ if (n == 0) {
+ ret->top = 0;
+ return (ret);
+ }
+ i = ((n - 1) / BN_BYTES) + 1;
+ m = ((n - 1) % (BN_BYTES));
+ if (bn_wexpand(ret, (int)i) == NULL) {
+ if (bn)
+ BN_free(bn);
+ return NULL;
+ }
+ ret->top = i;
+ ret->neg = 0;
+ while (n--) {
+ l = (l << 8L) | *(s++);
+ if (m-- == 0) {
+ ret->d[--i] = l;
+ l = 0;
+ m = BN_BYTES - 1;
+ }
+ }
+ /*
+ * need to call this due to clear byte at top if avoiding having the top
+ * bit set (-ve number)
+ */
+ bn_correct_top(ret);
+ return (ret);
+}
+
+/* ignore negative */
+int BN_bn2bin(const BIGNUM *a, unsigned char *to)
+{
+ int n, i;
+ BN_ULONG l;
+
+ bn_check_top(a);
+ n = i = BN_num_bytes(a);
+ while (i--) {
+ l = a->d[i / BN_BYTES];
+ *(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
+ }
+ return (n);
+}
+
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
+{
+ int i;
+ BN_ULONG t1, t2, *ap, *bp;
+
+ bn_check_top(a);
+ bn_check_top(b);
+
+ i = a->top - b->top;
+ if (i != 0)
+ return (i);
+ ap = a->d;
+ bp = b->d;
+ for (i = a->top - 1; i >= 0; i--) {
+ t1 = ap[i];
+ t2 = bp[i];
+ if (t1 != t2)
+ return ((t1 > t2) ? 1 : -1);
+ }
+ return (0);
+}
+
+int BN_cmp(const BIGNUM *a, const BIGNUM *b)
+{
+ int i;
+ int gt, lt;
+ BN_ULONG t1, t2;
+
+ if ((a == NULL) || (b == NULL)) {
+ if (a != NULL)
+ return (-1);
+ else if (b != NULL)
+ return (1);
+ else
+ return (0);
+ }
+
+ bn_check_top(a);
+ bn_check_top(b);
+
+ if (a->neg != b->neg) {
+ if (a->neg)
+ return (-1);
+ else
+ return (1);
+ }
+ if (a->neg == 0) {
+ gt = 1;
+ lt = -1;
+ } else {
+ gt = -1;
+ lt = 1;
+ }
+
+ if (a->top > b->top)
+ return (gt);
+ if (a->top < b->top)
+ return (lt);
+ for (i = a->top - 1; i >= 0; i--) {
+ t1 = a->d[i];
+ t2 = b->d[i];
+ if (t1 > t2)
+ return (gt);
+ if (t1 < t2)
+ return (lt);
+ }
+ return (0);
+}
+
+int BN_set_bit(BIGNUM *a, int n)
+{
+ int i, j, k;
+
+ if (n < 0)
+ return 0;
+
+ i = n / BN_BITS2;
+ j = n % BN_BITS2;
+ if (a->top <= i) {
+ if (bn_wexpand(a, i + 1) == NULL)
+ return (0);
+ for (k = a->top; k < i + 1; k++)
+ a->d[k] = 0;
+ a->top = i + 1;
+ }
+
+ a->d[i] |= (((BN_ULONG)1) << j);
+ bn_check_top(a);
+ return (1);
+}
+
+int BN_clear_bit(BIGNUM *a, int n)
+{
+ int i, j;
+
+ bn_check_top(a);
+ if (n < 0)
+ return 0;
+
+ i = n / BN_BITS2;
+ j = n % BN_BITS2;
+ if (a->top <= i)
+ return (0);
+
+ a->d[i] &= (~(((BN_ULONG)1) << j));
+ bn_correct_top(a);
+ return (1);
+}
+
+int BN_is_bit_set(const BIGNUM *a, int n)
+{
+ int i, j;
+
+ bn_check_top(a);
+ if (n < 0)
+ return 0;
+ i = n / BN_BITS2;
+ j = n % BN_BITS2;
+ if (a->top <= i)
+ return 0;
+ return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
+}
+
+int BN_mask_bits(BIGNUM *a, int n)
+{
+ int b, w;
+
+ bn_check_top(a);
+ if (n < 0)
+ return 0;
+
+ w = n / BN_BITS2;
+ b = n % BN_BITS2;
+ if (w >= a->top)
+ return 0;
+ if (b == 0)
+ a->top = w;
+ else {
+ a->top = w + 1;
+ a->d[w] &= ~(BN_MASK2 << b);
+ }
+ bn_correct_top(a);
+ return (1);
+}
+
+void BN_set_negative(BIGNUM *a, int b)
+{
+ if (b && !BN_is_zero(a))
+ a->neg = 1;
+ else
+ a->neg = 0;
+}
+
+int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
+{
+ int i;
+ BN_ULONG aa, bb;
+
+ aa = a[n - 1];
+ bb = b[n - 1];
+ if (aa != bb)
+ return ((aa > bb) ? 1 : -1);
+ for (i = n - 2; i >= 0; i--) {
+ aa = a[i];
+ bb = b[i];
+ if (aa != bb)
+ return ((aa > bb) ? 1 : -1);
+ }
+ return (0);
+}
+
+/*
+ * Here follows a specialised variants of bn_cmp_words(). It has the
+ * property of performing the operation on arrays of different sizes. The
+ * sizes of those arrays is expressed through cl, which is the common length
+ * ( basicall, min(len(a),len(b)) ), and dl, which is the delta between the
+ * two lengths, calculated as len(a)-len(b). All lengths are the number of
+ * BN_ULONGs...
+ */
+
+int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl)
+{
+ int n, i;
+ n = cl - 1;
+
+ if (dl < 0) {
+ for (i = dl; i < 0; i++) {
+ if (b[n - i] != 0)
+ return -1; /* a < b */
+ }
+ }
+ if (dl > 0) {
+ for (i = dl; i > 0; i--) {
+ if (a[n + i] != 0)
+ return 1; /* a > b */
+ }
+ }
+ return bn_cmp_words(a, b, cl);
+}
+
+/*
+ * Constant-time conditional swap of a and b.
+ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
+ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
+ * and that no more than nwords are used by either a or b.
+ * a and b cannot be the same number
+ */
+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
+{
+ BN_ULONG t;
+ int i;
+
+ bn_wcheck_size(a, nwords);
+ bn_wcheck_size(b, nwords);
+
+ assert(a != b);
+ assert((condition & (condition - 1)) == 0);
+ assert(sizeof(BN_ULONG) >= sizeof(int));
+
+ condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
+
+ t = (a->top ^ b->top) & condition;
+ a->top ^= t;
+ b->top ^= t;
+
+#define BN_CONSTTIME_SWAP(ind) \
+ do { \
+ t = (a->d[ind] ^ b->d[ind]) & condition; \
+ a->d[ind] ^= t; \
+ b->d[ind] ^= t; \
+ } while (0)
+
+ switch (nwords) {
+ default:
+ for (i = 10; i < nwords; i++)
+ BN_CONSTTIME_SWAP(i);
+ /* Fallthrough */
+ case 10:
+ BN_CONSTTIME_SWAP(9); /* Fallthrough */
+ case 9:
+ BN_CONSTTIME_SWAP(8); /* Fallthrough */
+ case 8:
+ BN_CONSTTIME_SWAP(7); /* Fallthrough */
+ case 7:
+ BN_CONSTTIME_SWAP(6); /* Fallthrough */
+ case 6:
+ BN_CONSTTIME_SWAP(5); /* Fallthrough */
+ case 5:
+ BN_CONSTTIME_SWAP(4); /* Fallthrough */
+ case 4:
+ BN_CONSTTIME_SWAP(3); /* Fallthrough */
+ case 3:
+ BN_CONSTTIME_SWAP(2); /* Fallthrough */
+ case 2:
+ BN_CONSTTIME_SWAP(1); /* Fallthrough */
+ case 1:
+ BN_CONSTTIME_SWAP(0);
+ }
+#undef BN_CONSTTIME_SWAP
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_print.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,388 +0,0 @@
-/* crypto/bn/bn_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include "bn_lcl.h"
-
-static const char Hex[] = "0123456789ABCDEF";
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2hex(const BIGNUM *a)
-{
- int i, j, v, z = 0;
- char *buf;
- char *p;
-
- if (a->neg && BN_is_zero(a)) {
- /* "-0" == 3 bytes including NULL terminator */
- buf = OPENSSL_malloc(3);
- } else {
- buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
- }
- if (buf == NULL) {
- BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p = buf;
- if (a->neg)
- *(p++) = '-';
- if (BN_is_zero(a))
- *(p++) = '0';
- for (i = a->top - 1; i >= 0; i--) {
- for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
- /* strip leading zeros */
- v = ((int)(a->d[i] >> (long)j)) & 0xff;
- if (z || (v != 0)) {
- *(p++) = Hex[v >> 4];
- *(p++) = Hex[v & 0x0f];
- z = 1;
- }
- }
- }
- *p = '\0';
- err:
- return (buf);
-}
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2dec(const BIGNUM *a)
-{
- int i = 0, num, ok = 0;
- char *buf = NULL;
- char *p;
- BIGNUM *t = NULL;
- BN_ULONG *bn_data = NULL, *lp;
-
- /*-
- * get an upper bound for the length of the decimal integer
- * num <= (BN_num_bits(a) + 1) * log(2)
- * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error)
- * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
- */
- i = BN_num_bits(a) * 3;
- num = (i / 10 + i / 1000 + 1) + 1;
- bn_data =
- (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG));
- buf = (char *)OPENSSL_malloc(num + 3);
- if ((buf == NULL) || (bn_data == NULL)) {
- BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if ((t = BN_dup(a)) == NULL)
- goto err;
-
-#define BUF_REMAIN (num+3 - (size_t)(p - buf))
- p = buf;
- lp = bn_data;
- if (BN_is_zero(t)) {
- *(p++) = '0';
- *(p++) = '\0';
- } else {
- if (BN_is_negative(t))
- *p++ = '-';
-
- i = 0;
- while (!BN_is_zero(t)) {
- *lp = BN_div_word(t, BN_DEC_CONV);
- lp++;
- }
- lp--;
- /*
- * We now have a series of blocks, BN_DEC_NUM chars in length, where
- * the last one needs truncation. The blocks need to be reversed in
- * order.
- */
- BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT1, *lp);
- while (*p)
- p++;
- while (lp != bn_data) {
- lp--;
- BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT2, *lp);
- while (*p)
- p++;
- }
- }
- ok = 1;
- err:
- if (bn_data != NULL)
- OPENSSL_free(bn_data);
- if (t != NULL)
- BN_free(t);
- if (!ok && buf) {
- OPENSSL_free(buf);
- buf = NULL;
- }
-
- return (buf);
-}
-
-int BN_hex2bn(BIGNUM **bn, const char *a)
-{
- BIGNUM *ret = NULL;
- BN_ULONG l = 0;
- int neg = 0, h, m, i, j, k, c;
- int num;
-
- if ((a == NULL) || (*a == '\0'))
- return (0);
-
- if (*a == '-') {
- neg = 1;
- a++;
- }
-
- for (i = 0; isxdigit((unsigned char)a[i]); i++) ;
-
- num = i + neg;
- if (bn == NULL)
- return (num);
-
- /* a is the start of the hex digits, and it is 'i' long */
- if (*bn == NULL) {
- if ((ret = BN_new()) == NULL)
- return (0);
- } else {
- ret = *bn;
- BN_zero(ret);
- }
-
- /* i is the number of hex digests; */
- if (bn_expand(ret, i * 4) == NULL)
- goto err;
-
- j = i; /* least significant 'hex' */
- m = 0;
- h = 0;
- while (j > 0) {
- m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j;
- l = 0;
- for (;;) {
- c = a[j - m];
- if ((c >= '0') && (c <= '9'))
- k = c - '0';
- else if ((c >= 'a') && (c <= 'f'))
- k = c - 'a' + 10;
- else if ((c >= 'A') && (c <= 'F'))
- k = c - 'A' + 10;
- else
- k = 0; /* paranoia */
- l = (l << 4) | k;
-
- if (--m <= 0) {
- ret->d[h++] = l;
- break;
- }
- }
- j -= (BN_BYTES * 2);
- }
- ret->top = h;
- bn_correct_top(ret);
- ret->neg = neg;
-
- *bn = ret;
- bn_check_top(ret);
- return (num);
- err:
- if (*bn == NULL)
- BN_free(ret);
- return (0);
-}
-
-int BN_dec2bn(BIGNUM **bn, const char *a)
-{
- BIGNUM *ret = NULL;
- BN_ULONG l = 0;
- int neg = 0, i, j;
- int num;
-
- if ((a == NULL) || (*a == '\0'))
- return (0);
- if (*a == '-') {
- neg = 1;
- a++;
- }
-
- for (i = 0; isdigit((unsigned char)a[i]); i++) ;
-
- num = i + neg;
- if (bn == NULL)
- return (num);
-
- /*
- * a is the start of the digits, and it is 'i' long. We chop it into
- * BN_DEC_NUM digits at a time
- */
- if (*bn == NULL) {
- if ((ret = BN_new()) == NULL)
- return (0);
- } else {
- ret = *bn;
- BN_zero(ret);
- }
-
- /* i is the number of digests, a bit of an over expand; */
- if (bn_expand(ret, i * 4) == NULL)
- goto err;
-
- j = BN_DEC_NUM - (i % BN_DEC_NUM);
- if (j == BN_DEC_NUM)
- j = 0;
- l = 0;
- while (*a) {
- l *= 10;
- l += *a - '0';
- a++;
- if (++j == BN_DEC_NUM) {
- BN_mul_word(ret, BN_DEC_CONV);
- BN_add_word(ret, l);
- l = 0;
- j = 0;
- }
- }
- ret->neg = neg;
-
- bn_correct_top(ret);
- *bn = ret;
- bn_check_top(ret);
- return (num);
- err:
- if (*bn == NULL)
- BN_free(ret);
- return (0);
-}
-
-int BN_asc2bn(BIGNUM **bn, const char *a)
-{
- const char *p = a;
- if (*p == '-')
- p++;
-
- if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
- if (!BN_hex2bn(bn, p + 2))
- return 0;
- } else {
- if (!BN_dec2bn(bn, p))
- return 0;
- }
- if (*a == '-')
- (*bn)->neg = 1;
- return 1;
-}
-
-#ifndef OPENSSL_NO_BIO
-# ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL)
- return (0);
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = BN_print(b, a);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int BN_print(BIO *bp, const BIGNUM *a)
-{
- int i, j, v, z = 0;
- int ret = 0;
-
- if ((a->neg) && (BIO_write(bp, "-", 1) != 1))
- goto end;
- if (BN_is_zero(a) && (BIO_write(bp, "0", 1) != 1))
- goto end;
- for (i = a->top - 1; i >= 0; i--) {
- for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
- /* strip leading zeros */
- v = ((int)(a->d[i] >> (long)j)) & 0x0f;
- if (z || (v != 0)) {
- if (BIO_write(bp, &(Hex[v]), 1) != 1)
- goto end;
- z = 1;
- }
- }
- }
- ret = 1;
- end:
- return (ret);
-}
-#endif
-
-char *BN_options(void)
-{
- static int init = 0;
- static char data[16];
-
- if (!init) {
- init++;
-#ifdef BN_LLONG
- BIO_snprintf(data, sizeof data, "bn(%d,%d)",
- (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
-#else
- BIO_snprintf(data, sizeof data, "bn(%d,%d)",
- (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
-#endif
- }
- return (data);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/bn_print.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_print.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,401 @@
+/* crypto/bn/bn_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include "bn_lcl.h"
+
+static const char Hex[] = "0123456789ABCDEF";
+
+/* Must 'OPENSSL_free' the returned data */
+char *BN_bn2hex(const BIGNUM *a)
+{
+ int i, j, v, z = 0;
+ char *buf;
+ char *p;
+
+ if (a->neg && BN_is_zero(a)) {
+ /* "-0" == 3 bytes including NULL terminator */
+ buf = OPENSSL_malloc(3);
+ } else {
+ buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
+ }
+ if (buf == NULL) {
+ BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p = buf;
+ if (a->neg)
+ *(p++) = '-';
+ if (BN_is_zero(a))
+ *(p++) = '0';
+ for (i = a->top - 1; i >= 0; i--) {
+ for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
+ /* strip leading zeros */
+ v = ((int)(a->d[i] >> (long)j)) & 0xff;
+ if (z || (v != 0)) {
+ *(p++) = Hex[v >> 4];
+ *(p++) = Hex[v & 0x0f];
+ z = 1;
+ }
+ }
+ }
+ *p = '\0';
+ err:
+ return (buf);
+}
+
+/* Must 'OPENSSL_free' the returned data */
+char *BN_bn2dec(const BIGNUM *a)
+{
+ int i = 0, num, ok = 0;
+ char *buf = NULL;
+ char *p;
+ BIGNUM *t = NULL;
+ BN_ULONG *bn_data = NULL, *lp;
+ int bn_data_num;
+
+ /*-
+ * get an upper bound for the length of the decimal integer
+ * num <= (BN_num_bits(a) + 1) * log(2)
+ * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error)
+ * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
+ */
+ i = BN_num_bits(a) * 3;
+ num = (i / 10 + i / 1000 + 1) + 1;
+ bn_data_num = num / BN_DEC_NUM + 1;
+ bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
+ buf = OPENSSL_malloc(num + 3);
+ if ((buf == NULL) || (bn_data == NULL)) {
+ BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if ((t = BN_dup(a)) == NULL)
+ goto err;
+
+#define BUF_REMAIN (num+3 - (size_t)(p - buf))
+ p = buf;
+ lp = bn_data;
+ if (BN_is_zero(t)) {
+ *(p++) = '0';
+ *(p++) = '\0';
+ } else {
+ if (BN_is_negative(t))
+ *p++ = '-';
+
+ while (!BN_is_zero(t)) {
+ if (lp - bn_data >= bn_data_num)
+ goto err;
+ *lp = BN_div_word(t, BN_DEC_CONV);
+ if (*lp == (BN_ULONG)-1)
+ goto err;
+ lp++;
+ }
+ lp--;
+ /*
+ * We now have a series of blocks, BN_DEC_NUM chars in length, where
+ * the last one needs truncation. The blocks need to be reversed in
+ * order.
+ */
+ BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT1, *lp);
+ while (*p)
+ p++;
+ while (lp != bn_data) {
+ lp--;
+ BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT2, *lp);
+ while (*p)
+ p++;
+ }
+ }
+ ok = 1;
+ err:
+ if (bn_data != NULL)
+ OPENSSL_free(bn_data);
+ if (t != NULL)
+ BN_free(t);
+ if (!ok && buf) {
+ OPENSSL_free(buf);
+ buf = NULL;
+ }
+
+ return (buf);
+}
+
+int BN_hex2bn(BIGNUM **bn, const char *a)
+{
+ BIGNUM *ret = NULL;
+ BN_ULONG l = 0;
+ int neg = 0, h, m, i, j, k, c;
+ int num;
+
+ if ((a == NULL) || (*a == '\0'))
+ return (0);
+
+ if (*a == '-') {
+ neg = 1;
+ a++;
+ }
+
+ for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
+ continue;
+
+ if (i > INT_MAX/4)
+ goto err;
+
+ num = i + neg;
+ if (bn == NULL)
+ return (num);
+
+ /* a is the start of the hex digits, and it is 'i' long */
+ if (*bn == NULL) {
+ if ((ret = BN_new()) == NULL)
+ return (0);
+ } else {
+ ret = *bn;
+ BN_zero(ret);
+ }
+
+ /* i is the number of hex digits */
+ if (bn_expand(ret, i * 4) == NULL)
+ goto err;
+
+ j = i; /* least significant 'hex' */
+ m = 0;
+ h = 0;
+ while (j > 0) {
+ m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j;
+ l = 0;
+ for (;;) {
+ c = a[j - m];
+ if ((c >= '0') && (c <= '9'))
+ k = c - '0';
+ else if ((c >= 'a') && (c <= 'f'))
+ k = c - 'a' + 10;
+ else if ((c >= 'A') && (c <= 'F'))
+ k = c - 'A' + 10;
+ else
+ k = 0; /* paranoia */
+ l = (l << 4) | k;
+
+ if (--m <= 0) {
+ ret->d[h++] = l;
+ break;
+ }
+ }
+ j -= (BN_BYTES * 2);
+ }
+ ret->top = h;
+ bn_correct_top(ret);
+ ret->neg = neg;
+
+ *bn = ret;
+ bn_check_top(ret);
+ return (num);
+ err:
+ if (*bn == NULL)
+ BN_free(ret);
+ return (0);
+}
+
+int BN_dec2bn(BIGNUM **bn, const char *a)
+{
+ BIGNUM *ret = NULL;
+ BN_ULONG l = 0;
+ int neg = 0, i, j;
+ int num;
+
+ if ((a == NULL) || (*a == '\0'))
+ return (0);
+ if (*a == '-') {
+ neg = 1;
+ a++;
+ }
+
+ for (i = 0; i <= (INT_MAX/4) && isdigit((unsigned char)a[i]); i++)
+ continue;
+
+ if (i > INT_MAX/4)
+ goto err;
+
+ num = i + neg;
+ if (bn == NULL)
+ return (num);
+
+ /*
+ * a is the start of the digits, and it is 'i' long. We chop it into
+ * BN_DEC_NUM digits at a time
+ */
+ if (*bn == NULL) {
+ if ((ret = BN_new()) == NULL)
+ return (0);
+ } else {
+ ret = *bn;
+ BN_zero(ret);
+ }
+
+ /* i is the number of digits, a bit of an over expand */
+ if (bn_expand(ret, i * 4) == NULL)
+ goto err;
+
+ j = BN_DEC_NUM - (i % BN_DEC_NUM);
+ if (j == BN_DEC_NUM)
+ j = 0;
+ l = 0;
+ while (*a) {
+ l *= 10;
+ l += *a - '0';
+ a++;
+ if (++j == BN_DEC_NUM) {
+ BN_mul_word(ret, BN_DEC_CONV);
+ BN_add_word(ret, l);
+ l = 0;
+ j = 0;
+ }
+ }
+ ret->neg = neg;
+
+ bn_correct_top(ret);
+ *bn = ret;
+ bn_check_top(ret);
+ return (num);
+ err:
+ if (*bn == NULL)
+ BN_free(ret);
+ return (0);
+}
+
+int BN_asc2bn(BIGNUM **bn, const char *a)
+{
+ const char *p = a;
+ if (*p == '-')
+ p++;
+
+ if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
+ if (!BN_hex2bn(bn, p + 2))
+ return 0;
+ } else {
+ if (!BN_dec2bn(bn, p))
+ return 0;
+ }
+ if (*a == '-')
+ (*bn)->neg = 1;
+ return 1;
+}
+
+#ifndef OPENSSL_NO_BIO
+# ifndef OPENSSL_NO_FP_API
+int BN_print_fp(FILE *fp, const BIGNUM *a)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL)
+ return (0);
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = BN_print(b, a);
+ BIO_free(b);
+ return (ret);
+}
+# endif
+
+int BN_print(BIO *bp, const BIGNUM *a)
+{
+ int i, j, v, z = 0;
+ int ret = 0;
+
+ if ((a->neg) && (BIO_write(bp, "-", 1) != 1))
+ goto end;
+ if (BN_is_zero(a) && (BIO_write(bp, "0", 1) != 1))
+ goto end;
+ for (i = a->top - 1; i >= 0; i--) {
+ for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
+ /* strip leading zeros */
+ v = ((int)(a->d[i] >> (long)j)) & 0x0f;
+ if (z || (v != 0)) {
+ if (BIO_write(bp, &(Hex[v]), 1) != 1)
+ goto end;
+ z = 1;
+ }
+ }
+ }
+ ret = 1;
+ end:
+ return (ret);
+}
+#endif
+
+char *BN_options(void)
+{
+ static int init = 0;
+ static char data[16];
+
+ if (!init) {
+ init++;
+#ifdef BN_LLONG
+ BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+ (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
+#else
+ BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+ (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
+#endif
+ }
+ return (data);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_rand.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,295 +0,0 @@
-/* crypto/bn/bn_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
-{
- unsigned char *buf = NULL;
- int ret = 0, bit, bytes, mask;
- time_t tim;
-
- if (bits < 0 || (bits == 1 && top > 0)) {
- BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
- return 0;
- }
-
- if (bits == 0) {
- BN_zero(rnd);
- return 1;
- }
-
- bytes = (bits + 7) / 8;
- bit = (bits - 1) % 8;
- mask = 0xff << (bit + 1);
-
- buf = (unsigned char *)OPENSSL_malloc(bytes);
- if (buf == NULL) {
- BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* make a random number and set the top and bottom bits */
- time(&tim);
- RAND_add(&tim, sizeof(tim), 0.0);
-
- if (pseudorand) {
- if (RAND_pseudo_bytes(buf, bytes) == -1)
- goto err;
- } else {
- if (RAND_bytes(buf, bytes) <= 0)
- goto err;
- }
-
-#if 1
- if (pseudorand == 2) {
- /*
- * generate patterns that are more likely to trigger BN library bugs
- */
- int i;
- unsigned char c;
-
- for (i = 0; i < bytes; i++) {
- if (RAND_pseudo_bytes(&c, 1) < 0)
- goto err;
- if (c >= 128 && i > 0)
- buf[i] = buf[i - 1];
- else if (c < 42)
- buf[i] = 0;
- else if (c < 84)
- buf[i] = 255;
- }
- }
-#endif
-
- if (top >= 0) {
- if (top) {
- if (bit == 0) {
- buf[0] = 1;
- buf[1] |= 0x80;
- } else {
- buf[0] |= (3 << (bit - 1));
- }
- } else {
- buf[0] |= (1 << bit);
- }
- }
- buf[0] &= ~mask;
- if (bottom) /* set bottom bit if requested */
- buf[bytes - 1] |= 1;
- if (!BN_bin2bn(buf, bytes, rnd))
- goto err;
- ret = 1;
- err:
- if (buf != NULL) {
- OPENSSL_cleanse(buf, bytes);
- OPENSSL_free(buf);
- }
- bn_check_top(rnd);
- return (ret);
-}
-
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
- return bnrand(0, rnd, bits, top, bottom);
-}
-
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
- return bnrand(1, rnd, bits, top, bottom);
-}
-
-#if 1
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
- return bnrand(2, rnd, bits, top, bottom);
-}
-#endif
-
-/* random number r: 0 <= r < range */
-static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
-{
- int (*bn_rand) (BIGNUM *, int, int, int) =
- pseudo ? BN_pseudo_rand : BN_rand;
- int n;
- int count = 100;
-
- if (range->neg || BN_is_zero(range)) {
- BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
- return 0;
- }
-
- n = BN_num_bits(range); /* n > 0 */
-
- /* BN_is_bit_set(range, n - 1) always holds */
-
- if (n == 1)
- BN_zero(r);
- else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
- /*
- * range = 100..._2, so 3*range (= 11..._2) is exactly one bit longer
- * than range
- */
- do {
- if (!bn_rand(r, n + 1, -1, 0))
- return 0;
- /*
- * If r < 3*range, use r := r MOD range (which is either r, r -
- * range, or r - 2*range). Otherwise, iterate once more. Since
- * 3*range = 11..._2, each iteration succeeds with probability >=
- * .75.
- */
- if (BN_cmp(r, range) >= 0) {
- if (!BN_sub(r, r, range))
- return 0;
- if (BN_cmp(r, range) >= 0)
- if (!BN_sub(r, r, range))
- return 0;
- }
-
- if (!--count) {
- BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
- return 0;
- }
-
- }
- while (BN_cmp(r, range) >= 0);
- } else {
- do {
- /* range = 11..._2 or range = 101..._2 */
- if (!bn_rand(r, n, -1, 0))
- return 0;
-
- if (!--count) {
- BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
- return 0;
- }
- }
- while (BN_cmp(r, range) >= 0);
- }
-
- bn_check_top(r);
- return 1;
-}
-
-int BN_rand_range(BIGNUM *r, const BIGNUM *range)
-{
- return bn_rand_range(0, r, range);
-}
-
-int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
-{
- return bn_rand_range(1, r, range);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/bn_rand.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_rand.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,291 @@
+/* crypto/bn/bn_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include <openssl/rand.h>
+
+static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
+{
+ unsigned char *buf = NULL;
+ int ret = 0, bit, bytes, mask;
+ time_t tim;
+
+ if (bits < 0 || (bits == 1 && top > 0)) {
+ BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
+ return 0;
+ }
+
+ if (bits == 0) {
+ BN_zero(rnd);
+ return 1;
+ }
+
+ bytes = (bits + 7) / 8;
+ bit = (bits - 1) % 8;
+ mask = 0xff << (bit + 1);
+
+ buf = (unsigned char *)OPENSSL_malloc(bytes);
+ if (buf == NULL) {
+ BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* make a random number and set the top and bottom bits */
+ time(&tim);
+ RAND_add(&tim, sizeof(tim), 0.0);
+
+ /* We ignore the value of pseudorand and always call RAND_bytes */
+ if (RAND_bytes(buf, bytes) <= 0)
+ goto err;
+
+#if 1
+ if (pseudorand == 2) {
+ /*
+ * generate patterns that are more likely to trigger BN library bugs
+ */
+ int i;
+ unsigned char c;
+
+ for (i = 0; i < bytes; i++) {
+ if (RAND_pseudo_bytes(&c, 1) < 0)
+ goto err;
+ if (c >= 128 && i > 0)
+ buf[i] = buf[i - 1];
+ else if (c < 42)
+ buf[i] = 0;
+ else if (c < 84)
+ buf[i] = 255;
+ }
+ }
+#endif
+
+ if (top >= 0) {
+ if (top) {
+ if (bit == 0) {
+ buf[0] = 1;
+ buf[1] |= 0x80;
+ } else {
+ buf[0] |= (3 << (bit - 1));
+ }
+ } else {
+ buf[0] |= (1 << bit);
+ }
+ }
+ buf[0] &= ~mask;
+ if (bottom) /* set bottom bit if requested */
+ buf[bytes - 1] |= 1;
+ if (!BN_bin2bn(buf, bytes, rnd))
+ goto err;
+ ret = 1;
+ err:
+ if (buf != NULL) {
+ OPENSSL_cleanse(buf, bytes);
+ OPENSSL_free(buf);
+ }
+ bn_check_top(rnd);
+ return (ret);
+}
+
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
+{
+ return bnrand(0, rnd, bits, top, bottom);
+}
+
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
+{
+ return bnrand(1, rnd, bits, top, bottom);
+}
+
+#if 1
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
+{
+ return bnrand(2, rnd, bits, top, bottom);
+}
+#endif
+
+/* random number r: 0 <= r < range */
+static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
+{
+ int (*bn_rand) (BIGNUM *, int, int, int) =
+ pseudo ? BN_pseudo_rand : BN_rand;
+ int n;
+ int count = 100;
+
+ if (range->neg || BN_is_zero(range)) {
+ BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
+ return 0;
+ }
+
+ n = BN_num_bits(range); /* n > 0 */
+
+ /* BN_is_bit_set(range, n - 1) always holds */
+
+ if (n == 1)
+ BN_zero(r);
+ else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
+ /*
+ * range = 100..._2, so 3*range (= 11..._2) is exactly one bit longer
+ * than range
+ */
+ do {
+ if (!bn_rand(r, n + 1, -1, 0))
+ return 0;
+ /*
+ * If r < 3*range, use r := r MOD range (which is either r, r -
+ * range, or r - 2*range). Otherwise, iterate once more. Since
+ * 3*range = 11..._2, each iteration succeeds with probability >=
+ * .75.
+ */
+ if (BN_cmp(r, range) >= 0) {
+ if (!BN_sub(r, r, range))
+ return 0;
+ if (BN_cmp(r, range) >= 0)
+ if (!BN_sub(r, r, range))
+ return 0;
+ }
+
+ if (!--count) {
+ BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
+ return 0;
+ }
+
+ }
+ while (BN_cmp(r, range) >= 0);
+ } else {
+ do {
+ /* range = 11..._2 or range = 101..._2 */
+ if (!bn_rand(r, n, -1, 0))
+ return 0;
+
+ if (!--count) {
+ BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
+ return 0;
+ }
+ }
+ while (BN_cmp(r, range) >= 0);
+ }
+
+ bn_check_top(r);
+ return 1;
+}
+
+int BN_rand_range(BIGNUM *r, const BIGNUM *range)
+{
+ return bn_rand_range(0, r, range);
+}
+
+int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
+{
+ return bn_rand_range(1, r, range);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_recp.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,251 +0,0 @@
-/* crypto/bn/bn_recp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp)
-{
- BN_init(&(recp->N));
- BN_init(&(recp->Nr));
- recp->num_bits = 0;
- recp->flags = 0;
-}
-
-BN_RECP_CTX *BN_RECP_CTX_new(void)
-{
- BN_RECP_CTX *ret;
-
- if ((ret = (BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
- return (NULL);
-
- BN_RECP_CTX_init(ret);
- ret->flags = BN_FLG_MALLOCED;
- return (ret);
-}
-
-void BN_RECP_CTX_free(BN_RECP_CTX *recp)
-{
- if (recp == NULL)
- return;
-
- BN_free(&(recp->N));
- BN_free(&(recp->Nr));
- if (recp->flags & BN_FLG_MALLOCED)
- OPENSSL_free(recp);
-}
-
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
-{
- if (!BN_copy(&(recp->N), d))
- return 0;
- BN_zero(&(recp->Nr));
- recp->num_bits = BN_num_bits(d);
- recp->shift = 0;
- return (1);
-}
-
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp, BN_CTX *ctx)
-{
- int ret = 0;
- BIGNUM *a;
- const BIGNUM *ca;
-
- BN_CTX_start(ctx);
- if ((a = BN_CTX_get(ctx)) == NULL)
- goto err;
- if (y != NULL) {
- if (x == y) {
- if (!BN_sqr(a, x, ctx))
- goto err;
- } else {
- if (!BN_mul(a, x, y, ctx))
- goto err;
- }
- ca = a;
- } else
- ca = x; /* Just do the mod */
-
- ret = BN_div_recp(NULL, r, ca, recp, ctx);
- err:
- BN_CTX_end(ctx);
- bn_check_top(r);
- return (ret);
-}
-
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx)
-{
- int i, j, ret = 0;
- BIGNUM *a, *b, *d, *r;
-
- BN_CTX_start(ctx);
- a = BN_CTX_get(ctx);
- b = BN_CTX_get(ctx);
- if (dv != NULL)
- d = dv;
- else
- d = BN_CTX_get(ctx);
- if (rem != NULL)
- r = rem;
- else
- r = BN_CTX_get(ctx);
- if (a == NULL || b == NULL || d == NULL || r == NULL)
- goto err;
-
- if (BN_ucmp(m, &(recp->N)) < 0) {
- BN_zero(d);
- if (!BN_copy(r, m)) {
- BN_CTX_end(ctx);
- return 0;
- }
- BN_CTX_end(ctx);
- return (1);
- }
-
- /*
- * We want the remainder Given input of ABCDEF / ab we need multiply
- * ABCDEF by 3 digests of the reciprocal of ab
- */
-
- /* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */
- i = BN_num_bits(m);
- j = recp->num_bits << 1;
- if (j > i)
- i = j;
-
- /* Nr := round(2^i / N) */
- if (i != recp->shift)
- recp->shift = BN_reciprocal(&(recp->Nr), &(recp->N), i, ctx);
- /* BN_reciprocal could have returned -1 for an error */
- if (recp->shift == -1)
- goto err;
-
- /*-
- * d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
- * = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
- * <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
- * = |m/N|
- */
- if (!BN_rshift(a, m, recp->num_bits))
- goto err;
- if (!BN_mul(b, a, &(recp->Nr), ctx))
- goto err;
- if (!BN_rshift(d, b, i - recp->num_bits))
- goto err;
- d->neg = 0;
-
- if (!BN_mul(b, &(recp->N), d, ctx))
- goto err;
- if (!BN_usub(r, m, b))
- goto err;
- r->neg = 0;
-
-#if 1
- j = 0;
- while (BN_ucmp(r, &(recp->N)) >= 0) {
- if (j++ > 2) {
- BNerr(BN_F_BN_DIV_RECP, BN_R_BAD_RECIPROCAL);
- goto err;
- }
- if (!BN_usub(r, r, &(recp->N)))
- goto err;
- if (!BN_add_word(d, 1))
- goto err;
- }
-#endif
-
- r->neg = BN_is_zero(r) ? 0 : m->neg;
- d->neg = m->neg ^ recp->N.neg;
- ret = 1;
- err:
- BN_CTX_end(ctx);
- bn_check_top(dv);
- bn_check_top(rem);
- return (ret);
-}
-
-/*
- * len is the expected size of the result We actually calculate with an extra
- * word of precision, so we can do faster division if the remainder is not
- * required.
- */
-/* r := 2^len / m */
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
-{
- int ret = -1;
- BIGNUM *t;
-
- BN_CTX_start(ctx);
- if ((t = BN_CTX_get(ctx)) == NULL)
- goto err;
-
- if (!BN_set_bit(t, len))
- goto err;
-
- if (!BN_div(r, NULL, t, m, ctx))
- goto err;
-
- ret = len;
- err:
- bn_check_top(r);
- BN_CTX_end(ctx);
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/bn_recp.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/bn_recp.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,252 @@
+/* crypto/bn/bn_recp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+void BN_RECP_CTX_init(BN_RECP_CTX *recp)
+{
+ BN_init(&(recp->N));
+ BN_init(&(recp->Nr));
+ recp->num_bits = 0;
+ recp->shift = 0;
+ recp->flags = 0;
+}
+
+BN_RECP_CTX *BN_RECP_CTX_new(void)
+{
+ BN_RECP_CTX *ret;
+
+ if ((ret = (BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
+ return (NULL);
+
+ BN_RECP_CTX_init(ret);
+ ret->flags = BN_FLG_MALLOCED;
+ return (ret);
+}
+
+void BN_RECP_CTX_free(BN_RECP_CTX *recp)
+{
+ if (recp == NULL)
+ return;
+
+ BN_free(&(recp->N));
+ BN_free(&(recp->Nr));
+ if (recp->flags & BN_FLG_MALLOCED)
+ OPENSSL_free(recp);
+}
+
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
+{
+ if (!BN_copy(&(recp->N), d))
+ return 0;
+ BN_zero(&(recp->Nr));
+ recp->num_bits = BN_num_bits(d);
+ recp->shift = 0;
+ return (1);
+}
+
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+ BN_RECP_CTX *recp, BN_CTX *ctx)
+{
+ int ret = 0;
+ BIGNUM *a;
+ const BIGNUM *ca;
+
+ BN_CTX_start(ctx);
+ if ((a = BN_CTX_get(ctx)) == NULL)
+ goto err;
+ if (y != NULL) {
+ if (x == y) {
+ if (!BN_sqr(a, x, ctx))
+ goto err;
+ } else {
+ if (!BN_mul(a, x, y, ctx))
+ goto err;
+ }
+ ca = a;
+ } else
+ ca = x; /* Just do the mod */
+
+ ret = BN_div_recp(NULL, r, ca, recp, ctx);
+ err:
+ BN_CTX_end(ctx);
+ bn_check_top(r);
+ return (ret);
+}
+
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+ BN_RECP_CTX *recp, BN_CTX *ctx)
+{
+ int i, j, ret = 0;
+ BIGNUM *a, *b, *d, *r;
+
+ BN_CTX_start(ctx);
+ a = BN_CTX_get(ctx);
+ b = BN_CTX_get(ctx);
+ if (dv != NULL)
+ d = dv;
+ else
+ d = BN_CTX_get(ctx);
+ if (rem != NULL)
+ r = rem;
+ else
+ r = BN_CTX_get(ctx);
+ if (a == NULL || b == NULL || d == NULL || r == NULL)
+ goto err;
+
+ if (BN_ucmp(m, &(recp->N)) < 0) {
+ BN_zero(d);
+ if (!BN_copy(r, m)) {
+ BN_CTX_end(ctx);
+ return 0;
+ }
+ BN_CTX_end(ctx);
+ return (1);
+ }
+
+ /*
+ * We want the remainder Given input of ABCDEF / ab we need multiply
+ * ABCDEF by 3 digests of the reciprocal of ab
+ */
+
+ /* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */
+ i = BN_num_bits(m);
+ j = recp->num_bits << 1;
+ if (j > i)
+ i = j;
+
+ /* Nr := round(2^i / N) */
+ if (i != recp->shift)
+ recp->shift = BN_reciprocal(&(recp->Nr), &(recp->N), i, ctx);
+ /* BN_reciprocal could have returned -1 for an error */
+ if (recp->shift == -1)
+ goto err;
+
+ /*-
+ * d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
+ * = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
+ * <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
+ * = |m/N|
+ */
+ if (!BN_rshift(a, m, recp->num_bits))
+ goto err;
+ if (!BN_mul(b, a, &(recp->Nr), ctx))
+ goto err;
+ if (!BN_rshift(d, b, i - recp->num_bits))
+ goto err;
+ d->neg = 0;
+
+ if (!BN_mul(b, &(recp->N), d, ctx))
+ goto err;
+ if (!BN_usub(r, m, b))
+ goto err;
+ r->neg = 0;
+
+#if 1
+ j = 0;
+ while (BN_ucmp(r, &(recp->N)) >= 0) {
+ if (j++ > 2) {
+ BNerr(BN_F_BN_DIV_RECP, BN_R_BAD_RECIPROCAL);
+ goto err;
+ }
+ if (!BN_usub(r, r, &(recp->N)))
+ goto err;
+ if (!BN_add_word(d, 1))
+ goto err;
+ }
+#endif
+
+ r->neg = BN_is_zero(r) ? 0 : m->neg;
+ d->neg = m->neg ^ recp->N.neg;
+ ret = 1;
+ err:
+ BN_CTX_end(ctx);
+ bn_check_top(dv);
+ bn_check_top(rem);
+ return (ret);
+}
+
+/*
+ * len is the expected size of the result We actually calculate with an extra
+ * word of precision, so we can do faster division if the remainder is not
+ * required.
+ */
+/* r := 2^len / m */
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
+{
+ int ret = -1;
+ BIGNUM *t;
+
+ BN_CTX_start(ctx);
+ if ((t = BN_CTX_get(ctx)) == NULL)
+ goto err;
+
+ if (!BN_set_bit(t, len))
+ goto err;
+
+ if (!BN_div(r, NULL, t, m, ctx))
+ goto err;
+
+ ret = len;
+ err:
+ bn_check_top(r);
+ BN_CTX_end(ctx);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/bn/exptest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,249 +0,0 @@
-/* crypto/bn/exptest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#define NUM_BITS (BN_BITS*2)
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-/*
- * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
- */
-static int test_exp_mod_zero()
-{
- BIGNUM a, p, m;
- BIGNUM r;
- BN_CTX *ctx = BN_CTX_new();
- int ret = 1;
-
- BN_init(&m);
- BN_one(&m);
-
- BN_init(&a);
- BN_one(&a);
-
- BN_init(&p);
- BN_zero(&p);
-
- BN_init(&r);
- BN_mod_exp(&r, &a, &p, &m, ctx);
- BN_CTX_free(ctx);
-
- if (BN_is_zero(&r))
- ret = 0;
- else {
- printf("1**0 mod 1 = ");
- BN_print_fp(stdout, &r);
- printf(", should be 0\n");
- }
-
- BN_free(&r);
- BN_free(&a);
- BN_free(&p);
- BN_free(&m);
-
- return ret;
-}
-
-int main(int argc, char *argv[])
-{
- BN_CTX *ctx;
- BIO *out = NULL;
- int i, ret;
- unsigned char c;
- BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
-
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
- * don't even check its return
- * value (which we should) */
-
- ERR_load_BN_strings();
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
- r_mont = BN_new();
- r_mont_const = BN_new();
- r_recp = BN_new();
- r_simple = BN_new();
- a = BN_new();
- b = BN_new();
- m = BN_new();
- if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
- goto err;
-
- out = BIO_new(BIO_s_file());
-
- if (out == NULL)
- EXIT(1);
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-
- for (i = 0; i < 200; i++) {
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(a, NUM_BITS + c, 0, 0);
-
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(b, NUM_BITS + c, 0, 0);
-
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(m, NUM_BITS + c, 0, 1);
-
- BN_mod(a, a, m, ctx);
- BN_mod(b, b, m, ctx);
-
- ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
- if (ret <= 0) {
- printf("BN_mod_exp_mont() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
- if (ret <= 0) {
- printf("BN_mod_exp_recp() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
- if (ret <= 0) {
- printf("BN_mod_exp_simple() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
- if (ret <= 0) {
- printf("BN_mod_exp_mont_consttime() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- if (BN_cmp(r_simple, r_mont) == 0
- && BN_cmp(r_simple, r_recp) == 0
- && BN_cmp(r_simple, r_mont_const) == 0) {
- printf(".");
- fflush(stdout);
- } else {
- if (BN_cmp(r_simple, r_mont) != 0)
- printf("\nsimple and mont results differ\n");
- if (BN_cmp(r_simple, r_mont_const) != 0)
- printf("\nsimple and mont const time results differ\n");
- if (BN_cmp(r_simple, r_recp) != 0)
- printf("\nsimple and recp results differ\n");
-
- printf("a (%3d) = ", BN_num_bits(a));
- BN_print(out, a);
- printf("\nb (%3d) = ", BN_num_bits(b));
- BN_print(out, b);
- printf("\nm (%3d) = ", BN_num_bits(m));
- BN_print(out, m);
- printf("\nsimple =");
- BN_print(out, r_simple);
- printf("\nrecp =");
- BN_print(out, r_recp);
- printf("\nmont =");
- BN_print(out, r_mont);
- printf("\nmont_ct =");
- BN_print(out, r_mont_const);
- printf("\n");
- EXIT(1);
- }
- }
- BN_free(r_mont);
- BN_free(r_mont_const);
- BN_free(r_recp);
- BN_free(r_simple);
- BN_free(a);
- BN_free(b);
- BN_free(m);
- BN_CTX_free(ctx);
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks(out);
- BIO_free(out);
- printf("\n");
-
- if (test_exp_mod_zero() != 0)
- goto err;
-
- printf("done\n");
-
- EXIT(0);
- err:
- ERR_load_crypto_strings();
- ERR_print_errors(out);
-#ifdef OPENSSL_SYS_NETWARE
- printf("ERROR\n");
-#endif
- EXIT(1);
- return (1);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c (from rev 11605, vendor-crypto/openssl/dist/crypto/bn/exptest.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/bn/exptest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,313 @@
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#define NUM_BITS (BN_BITS*2)
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+/*
+ * Test that r == 0 in test_exp_mod_zero(). Returns one on success,
+ * returns zero and prints debug output otherwise.
+ */
+static int a_is_zero_mod_one(const char *method, const BIGNUM *r,
+ const BIGNUM *a) {
+ if (!BN_is_zero(r)) {
+ fprintf(stderr, "%s failed:\n", method);
+ fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n");
+ fprintf(stderr, "a = ");
+ BN_print_fp(stderr, a);
+ fprintf(stderr, "\nr = ");
+ BN_print_fp(stderr, r);
+ fprintf(stderr, "\n");
+ return 0;
+ }
+ return 1;
+}
+
+/*
+ * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
+ */
+static int test_exp_mod_zero()
+{
+ BIGNUM a, p, m;
+ BIGNUM r;
+ BN_ULONG one_word = 1;
+ BN_CTX *ctx = BN_CTX_new();
+ int ret = 1, failed = 0;
+
+ BN_init(&m);
+ BN_one(&m);
+
+ BN_init(&a);
+ BN_one(&a);
+
+ BN_init(&p);
+ BN_zero(&p);
+
+ BN_init(&r);
+
+ if (!BN_rand(&a, 1024, 0, 0))
+ goto err;
+
+ if (!BN_mod_exp(&r, &a, &p, &m, ctx))
+ goto err;
+
+ if (!a_is_zero_mod_one("BN_mod_exp", &r, &a))
+ failed = 1;
+
+ if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx))
+ goto err;
+
+ if (!a_is_zero_mod_one("BN_mod_exp_recp", &r, &a))
+ failed = 1;
+
+ if (!BN_mod_exp_simple(&r, &a, &p, &m, ctx))
+ goto err;
+
+ if (!a_is_zero_mod_one("BN_mod_exp_simple", &r, &a))
+ failed = 1;
+
+ if (!BN_mod_exp_mont(&r, &a, &p, &m, ctx, NULL))
+ goto err;
+
+ if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a))
+ failed = 1;
+
+ if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) {
+ goto err;
+ }
+
+ if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", &r, &a))
+ failed = 1;
+
+ /*
+ * A different codepath exists for single word multiplication
+ * in non-constant-time only.
+ */
+ if (!BN_mod_exp_mont_word(&r, one_word, &p, &m, ctx, NULL))
+ goto err;
+
+ if (!BN_is_zero(&r)) {
+ fprintf(stderr, "BN_mod_exp_mont_word failed:\n");
+ fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n");
+ fprintf(stderr, "r = ");
+ BN_print_fp(stderr, &r);
+ fprintf(stderr, "\n");
+ return 0;
+ }
+
+ ret = failed;
+
+ err:
+ BN_free(&r);
+ BN_free(&a);
+ BN_free(&p);
+ BN_free(&m);
+ BN_CTX_free(ctx);
+
+ return ret;
+}
+
+int main(int argc, char *argv[])
+{
+ BN_CTX *ctx;
+ BIO *out = NULL;
+ int i, ret;
+ unsigned char c;
+ BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
+
+ RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
+ * don't even check its return
+ * value (which we should) */
+
+ ERR_load_BN_strings();
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ EXIT(1);
+ r_mont = BN_new();
+ r_mont_const = BN_new();
+ r_recp = BN_new();
+ r_simple = BN_new();
+ a = BN_new();
+ b = BN_new();
+ m = BN_new();
+ if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
+ goto err;
+
+ out = BIO_new(BIO_s_file());
+
+ if (out == NULL)
+ EXIT(1);
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+ for (i = 0; i < 200; i++) {
+ RAND_bytes(&c, 1);
+ c = (c % BN_BITS) - BN_BITS2;
+ BN_rand(a, NUM_BITS + c, 0, 0);
+
+ RAND_bytes(&c, 1);
+ c = (c % BN_BITS) - BN_BITS2;
+ BN_rand(b, NUM_BITS + c, 0, 0);
+
+ RAND_bytes(&c, 1);
+ c = (c % BN_BITS) - BN_BITS2;
+ BN_rand(m, NUM_BITS + c, 0, 1);
+
+ BN_mod(a, a, m, ctx);
+ BN_mod(b, b, m, ctx);
+
+ ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
+ if (ret <= 0) {
+ printf("BN_mod_exp_mont() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
+ if (ret <= 0) {
+ printf("BN_mod_exp_recp() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
+ if (ret <= 0) {
+ printf("BN_mod_exp_simple() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
+ if (ret <= 0) {
+ printf("BN_mod_exp_mont_consttime() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ if (BN_cmp(r_simple, r_mont) == 0
+ && BN_cmp(r_simple, r_recp) == 0
+ && BN_cmp(r_simple, r_mont_const) == 0) {
+ printf(".");
+ fflush(stdout);
+ } else {
+ if (BN_cmp(r_simple, r_mont) != 0)
+ printf("\nsimple and mont results differ\n");
+ if (BN_cmp(r_simple, r_mont_const) != 0)
+ printf("\nsimple and mont const time results differ\n");
+ if (BN_cmp(r_simple, r_recp) != 0)
+ printf("\nsimple and recp results differ\n");
+
+ printf("a (%3d) = ", BN_num_bits(a));
+ BN_print(out, a);
+ printf("\nb (%3d) = ", BN_num_bits(b));
+ BN_print(out, b);
+ printf("\nm (%3d) = ", BN_num_bits(m));
+ BN_print(out, m);
+ printf("\nsimple =");
+ BN_print(out, r_simple);
+ printf("\nrecp =");
+ BN_print(out, r_recp);
+ printf("\nmont =");
+ BN_print(out, r_mont);
+ printf("\nmont_ct =");
+ BN_print(out, r_mont_const);
+ printf("\n");
+ EXIT(1);
+ }
+ }
+ BN_free(r_mont);
+ BN_free(r_mont_const);
+ BN_free(r_recp);
+ BN_free(r_simple);
+ BN_free(a);
+ BN_free(b);
+ BN_free(m);
+ BN_CTX_free(ctx);
+ ERR_remove_thread_state(NULL);
+ CRYPTO_mem_leaks(out);
+ BIO_free(out);
+ printf("\n");
+
+ if (test_exp_mod_zero() != 0)
+ goto err;
+
+ printf("done\n");
+
+ EXIT(0);
+ err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+#ifdef OPENSSL_SYS_NETWARE
+ printf("ERROR\n");
+#endif
+ EXIT(1);
+ return (1);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/camellia.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,584 +0,0 @@
-/* crypto/camellia/camellia.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- * http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-/*
- * Algorithm Specification
- * http://info.isl.llia/specicrypt/eng/camellia/specifications.html
- */
-
-/*
- * This release balances code size and performance. In particular key
- * schedule setup is fully unrolled, because doing so *significantly*
- * reduces amount of instructions per setup round and code increase is
- * justifiable. In block functions on the other hand only inner loops
- * are unrolled, as full unroll gives only nominal performance boost,
- * while code size grows 4 or 7 times. Also, unlike previous versions
- * this one "encourages" compiler to keep intermediate variables in
- * registers, which should give better "all round" results, in other
- * words reasonable performance even with not so modern compilers.
- */
-
-#include "camellia.h"
-#include "cmll_locl.h"
-#include <string.h>
-#include <stdlib.h>
-
-/* 32-bit rotations */
-#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
-# define RightRotate(x, s) _lrotr(x, s)
-# define LeftRotate(x, s) _lrotl(x, s)
-# if _MSC_VER >= 1400
-# define SWAP(x) _byteswap_ulong(x)
-# else
-# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-# endif
-# define GETU32(p) SWAP(*((u32 *)(p)))
-# define PUTU32(p,v) (*((u32 *)(p)) = SWAP((v)))
-# elif defined(__GNUC__) && __GNUC__>=2
-# if defined(__i386) || defined(__x86_64)
-# define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
-# define LeftRotate(x,s) ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
-# if defined(B_ENDIAN) /* stratus.com does it */
-# define GETU32(p) (*(u32 *)(p))
-# define PUTU32(p,v) (*(u32 *)(p)=(v))
-# else
-# define GETU32(p) ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
-# define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
-# endif
-# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
- defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
-# define LeftRotate(x,s) ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
-# define RightRotate(x,s) LeftRotate(x,(32-s))
-# elif defined(__s390x__)
-# define LeftRotate(x,s) ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
-# define RightRotate(x,s) LeftRotate(x,(32-s))
-# define GETU32(p) (*(u32 *)(p))
-# define PUTU32(p,v) (*(u32 *)(p)=(v))
-# endif
-# endif
-#endif
-
-#if !defined(RightRotate) && !defined(LeftRotate)
-# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
-# define LeftRotate(x, s) ( ((x) << (s)) + ((x) >> (32 - s)) )
-#endif
-
-#if !defined(GETU32) && !defined(PUTU32)
-# define GETU32(p) (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] << 8) ^ ((u32)(p)[3]))
-# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >> 8), (p)[3] = (u8)(v))
-#endif
-
-/* S-box data */
-#define SBOX1_1110 Camellia_SBOX[0]
-#define SBOX4_4404 Camellia_SBOX[1]
-#define SBOX2_0222 Camellia_SBOX[2]
-#define SBOX3_3033 Camellia_SBOX[3]
-static const u32 Camellia_SBOX[][256] = {
- {0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
- 0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
- 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
- 0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
- 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
- 0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
- 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
- 0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
- 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
- 0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
- 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
- 0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
- 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
- 0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
- 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
- 0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
- 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
- 0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
- 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
- 0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
- 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
- 0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
- 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
- 0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
- 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
- 0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
- 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
- 0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
- 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
- 0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
- 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
- 0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
- 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
- 0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
- 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
- 0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
- 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
- 0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
- 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
- 0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
- 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
- 0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
- 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00},
- {0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
- 0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
- 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
- 0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
- 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
- 0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
- 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
- 0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
- 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
- 0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
- 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
- 0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
- 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
- 0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
- 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
- 0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
- 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
- 0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
- 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
- 0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
- 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
- 0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
- 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
- 0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
- 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
- 0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
- 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
- 0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
- 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
- 0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
- 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
- 0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
- 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
- 0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
- 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
- 0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
- 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
- 0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
- 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
- 0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
- 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
- 0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
- 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e},
- {0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
- 0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
- 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
- 0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
- 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
- 0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
- 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
- 0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
- 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
- 0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
- 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
- 0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
- 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
- 0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
- 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
- 0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
- 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
- 0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
- 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
- 0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
- 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
- 0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
- 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
- 0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
- 0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
- 0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
- 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
- 0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
- 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
- 0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
- 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
- 0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
- 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
- 0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
- 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
- 0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
- 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
- 0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
- 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
- 0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
- 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
- 0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
- 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d},
- {0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
- 0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
- 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
- 0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
- 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
- 0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
- 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
- 0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
- 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
- 0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
- 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
- 0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
- 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
- 0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
- 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
- 0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
- 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
- 0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
- 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
- 0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
- 0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
- 0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
- 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
- 0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
- 0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
- 0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
- 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
- 0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
- 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
- 0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
- 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
- 0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
- 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
- 0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
- 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
- 0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
- 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
- 0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
- 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
- 0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
- 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
- 0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
- 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f}
-};
-
-/* Key generation constants */
-static const u32 SIGMA[] = {
- 0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
- 0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
-};
-
-/* The phi algorithm given in C.2.7 of the Camellia spec document. */
-/*
- * This version does not attempt to minimize amount of temporary
- * variables, but instead explicitly exposes algorithm's parallelism.
- * It is therefore most appropriate for platforms with not less than
- * ~16 registers. For platforms with less registers [well, x86 to be
- * specific] assembler version should be/is provided anyway...
- */
-#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) do {\
- register u32 _t0,_t1,_t2,_t3;\
-\
- _t0 = _s0 ^ (_key)[0];\
- _t3 = SBOX4_4404[_t0&0xff];\
- _t1 = _s1 ^ (_key)[1];\
- _t3 ^= SBOX3_3033[(_t0 >> 8)&0xff];\
- _t2 = SBOX1_1110[_t1&0xff];\
- _t3 ^= SBOX2_0222[(_t0 >> 16)&0xff];\
- _t2 ^= SBOX4_4404[(_t1 >> 8)&0xff];\
- _t3 ^= SBOX1_1110[(_t0 >> 24)];\
- _t2 ^= _t3;\
- _t3 = RightRotate(_t3,8);\
- _t2 ^= SBOX3_3033[(_t1 >> 16)&0xff];\
- _s3 ^= _t3;\
- _t2 ^= SBOX2_0222[(_t1 >> 24)];\
- _s2 ^= _t2; \
- _s3 ^= _t2;\
-} while(0)
-
-/*
- * Note that n has to be less than 32. Rotations for larger amount
- * of bits are achieved by "rotating" order of s-elements and
- * adjusting n accordingly, e.g. RotLeft128(s1,s2,s3,s0,n-32).
- */
-#define RotLeft128(_s0,_s1,_s2,_s3,_n) do {\
- u32 _t0=_s0>>(32-_n);\
- _s0 = (_s0<<_n) | (_s1>>(32-_n));\
- _s1 = (_s1<<_n) | (_s2>>(32-_n));\
- _s2 = (_s2<<_n) | (_s3>>(32-_n));\
- _s3 = (_s3<<_n) | _t0;\
-} while (0)
-
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
-{
- register u32 s0, s1, s2, s3;
-
- k[0] = s0 = GETU32(rawKey);
- k[1] = s1 = GETU32(rawKey + 4);
- k[2] = s2 = GETU32(rawKey + 8);
- k[3] = s3 = GETU32(rawKey + 12);
-
- if (keyBitLength != 128) {
- k[8] = s0 = GETU32(rawKey + 16);
- k[9] = s1 = GETU32(rawKey + 20);
- if (keyBitLength == 192) {
- k[10] = s2 = ~s0;
- k[11] = s3 = ~s1;
- } else {
- k[10] = s2 = GETU32(rawKey + 24);
- k[11] = s3 = GETU32(rawKey + 28);
- }
- s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
- }
-
- /* Use the Feistel routine to scramble the key material */
- Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0);
- Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2);
-
- s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
- Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4);
- Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6);
-
- /* Fill the keyTable. Requires many block rotations. */
- if (keyBitLength == 128) {
- k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
- RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
- k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
- RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 30 */
- k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
- RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 45 */
- k[24] = s0, k[25] = s1;
- RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 60 */
- k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
- RotLeft128(s1, s2, s3, s0, 2); /* KA <<< 94 */
- k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
- RotLeft128(s1, s2, s3, s0, 17); /* KA <<<111 */
- k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
-
- s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
- RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 15 */
- k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
- RotLeft128(s0, s1, s2, s3, 30); /* KL <<< 45 */
- k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
- RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 60 */
- k[26] = s2, k[27] = s3;
- RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 77 */
- k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
- RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 94 */
- k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
- RotLeft128(s0, s1, s2, s3, 17); /* KL <<<111 */
- k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
-
- return 3; /* grand rounds */
- } else {
- k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
- s0 ^= k[8], s1 ^= k[9], s2 ^= k[10], s3 ^= k[11];
- Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8));
- Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10));
-
- k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
- RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 30 */
- k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
- RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 60 */
- k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
- RotLeft128(s1, s2, s3, s0, 19); /* KB <<<111 */
- k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
-
- s0 = k[8], s1 = k[9], s2 = k[10], s3 = k[11];
- RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 15 */
- k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
- RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 30 */
- k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
- RotLeft128(s0, s1, s2, s3, 30); /* KR <<< 60 */
- k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
- RotLeft128(s1, s2, s3, s0, 2); /* KR <<< 94 */
- k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
-
- s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
- RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
- k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
- RotLeft128(s0, s1, s2, s3, 30); /* KA <<< 45 */
- k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
- /* KA <<< 77 */
- k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
- RotLeft128(s1, s2, s3, s0, 17); /* KA <<< 94 */
- k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
-
- s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
- RotLeft128(s1, s2, s3, s0, 13); /* KL <<< 45 */
- k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
- RotLeft128(s1, s2, s3, s0, 15); /* KL <<< 60 */
- k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
- RotLeft128(s1, s2, s3, s0, 17); /* KL <<< 77 */
- k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
- RotLeft128(s2, s3, s0, s1, 2); /* KL <<<111 */
- k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
-
- return 4; /* grand rounds */
- }
- /*
- * It is possible to perform certain precalculations, which
- * would spare few cycles in block procedure. It's not done,
- * because it upsets the performance balance between key
- * setup and block procedures, negatively affecting overall
- * throughput in applications operating on short messages
- * and volatile keys.
- */
-}
-
-void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable,
- u8 ciphertext[])
-{
- register u32 s0, s1, s2, s3;
- const u32 *k = keyTable, *kend = keyTable + grandRounds * 16;
-
- s0 = GETU32(plaintext) ^ k[0];
- s1 = GETU32(plaintext + 4) ^ k[1];
- s2 = GETU32(plaintext + 8) ^ k[2];
- s3 = GETU32(plaintext + 12) ^ k[3];
- k += 4;
-
- while (1) {
- /* Camellia makes 6 Feistel rounds */
- Camellia_Feistel(s0, s1, s2, s3, k + 0);
- Camellia_Feistel(s2, s3, s0, s1, k + 2);
- Camellia_Feistel(s0, s1, s2, s3, k + 4);
- Camellia_Feistel(s2, s3, s0, s1, k + 6);
- Camellia_Feistel(s0, s1, s2, s3, k + 8);
- Camellia_Feistel(s2, s3, s0, s1, k + 10);
- k += 12;
-
- if (k == kend)
- break;
-
- /*
- * This is the same function as the diffusion function D of the
- * accompanying documentation. See section 3.2 for properties of the
- * FLlayer function.
- */
- s1 ^= LeftRotate(s0 & k[0], 1);
- s2 ^= s3 | k[3];
- s0 ^= s1 | k[1];
- s3 ^= LeftRotate(s2 & k[2], 1);
- k += 4;
- }
-
- s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
-
- PUTU32(ciphertext, s2);
- PUTU32(ciphertext + 4, s3);
- PUTU32(ciphertext + 8, s0);
- PUTU32(ciphertext + 12, s1);
-}
-
-void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
- Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
- plaintext, keyTable, ciphertext);
-}
-
-void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
- const KEY_TABLE_TYPE keyTable,
- u8 plaintext[])
-{
- u32 s0, s1, s2, s3;
- const u32 *k = keyTable + grandRounds * 16, *kend = keyTable + 4;
-
- s0 = GETU32(ciphertext) ^ k[0];
- s1 = GETU32(ciphertext + 4) ^ k[1];
- s2 = GETU32(ciphertext + 8) ^ k[2];
- s3 = GETU32(ciphertext + 12) ^ k[3];
-
- while (1) {
- /* Camellia makes 6 Feistel rounds */
- k -= 12;
- Camellia_Feistel(s0, s1, s2, s3, k + 10);
- Camellia_Feistel(s2, s3, s0, s1, k + 8);
- Camellia_Feistel(s0, s1, s2, s3, k + 6);
- Camellia_Feistel(s2, s3, s0, s1, k + 4);
- Camellia_Feistel(s0, s1, s2, s3, k + 2);
- Camellia_Feistel(s2, s3, s0, s1, k + 0);
-
- if (k == kend)
- break;
-
- /*
- * This is the same function as the diffusion function D of the
- * accompanying documentation. See section 3.2 for properties of the
- * FLlayer function.
- */
- k -= 4;
- s1 ^= LeftRotate(s0 & k[2], 1);
- s2 ^= s3 | k[1];
- s0 ^= s1 | k[3];
- s3 ^= LeftRotate(s2 & k[0], 1);
- }
-
- k -= 4;
- s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
-
- PUTU32(plaintext, s2);
- PUTU32(plaintext + 4, s3);
- PUTU32(plaintext + 8, s0);
- PUTU32(plaintext + 12, s1);
-}
-
-void Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
- Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
- plaintext, keyTable, ciphertext);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/camellia.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,584 @@
+/* crypto/camellia/camellia.c */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ * http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+/*
+ * Algorithm Specification
+ * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
+ */
+
+/*
+ * This release balances code size and performance. In particular key
+ * schedule setup is fully unrolled, because doing so *significantly*
+ * reduces amount of instructions per setup round and code increase is
+ * justifiable. In block functions on the other hand only inner loops
+ * are unrolled, as full unroll gives only nominal performance boost,
+ * while code size grows 4 or 7 times. Also, unlike previous versions
+ * this one "encourages" compiler to keep intermediate variables in
+ * registers, which should give better "all round" results, in other
+ * words reasonable performance even with not so modern compilers.
+ */
+
+#include "camellia.h"
+#include "cmll_locl.h"
+#include <string.h>
+#include <stdlib.h>
+
+/* 32-bit rotations */
+#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
+# define RightRotate(x, s) _lrotr(x, s)
+# define LeftRotate(x, s) _lrotl(x, s)
+# if _MSC_VER >= 1400
+# define SWAP(x) _byteswap_ulong(x)
+# else
+# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+# endif
+# define GETU32(p) SWAP(*((u32 *)(p)))
+# define PUTU32(p,v) (*((u32 *)(p)) = SWAP((v)))
+# elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386) || defined(__x86_64)
+# define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+# define LeftRotate(x,s) ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+# if defined(B_ENDIAN) /* stratus.com does it */
+# define GETU32(p) (*(u32 *)(p))
+# define PUTU32(p,v) (*(u32 *)(p)=(v))
+# else
+# define GETU32(p) ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
+# define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
+# endif
+# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+ defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+# define LeftRotate(x,s) ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
+# define RightRotate(x,s) LeftRotate(x,(32-s))
+# elif defined(__s390x__)
+# define LeftRotate(x,s) ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
+# define RightRotate(x,s) LeftRotate(x,(32-s))
+# define GETU32(p) (*(u32 *)(p))
+# define PUTU32(p,v) (*(u32 *)(p)=(v))
+# endif
+# endif
+#endif
+
+#if !defined(RightRotate) && !defined(LeftRotate)
+# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
+# define LeftRotate(x, s) ( ((x) << (s)) + ((x) >> (32 - s)) )
+#endif
+
+#if !defined(GETU32) && !defined(PUTU32)
+# define GETU32(p) (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] << 8) ^ ((u32)(p)[3]))
+# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >> 8), (p)[3] = (u8)(v))
+#endif
+
+/* S-box data */
+#define SBOX1_1110 Camellia_SBOX[0]
+#define SBOX4_4404 Camellia_SBOX[1]
+#define SBOX2_0222 Camellia_SBOX[2]
+#define SBOX3_3033 Camellia_SBOX[3]
+static const u32 Camellia_SBOX[][256] = {
+ {0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
+ 0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
+ 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
+ 0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
+ 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
+ 0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
+ 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
+ 0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
+ 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
+ 0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
+ 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
+ 0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
+ 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
+ 0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
+ 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
+ 0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
+ 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
+ 0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
+ 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
+ 0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
+ 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
+ 0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
+ 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
+ 0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
+ 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
+ 0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
+ 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
+ 0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
+ 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
+ 0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
+ 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
+ 0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
+ 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
+ 0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
+ 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
+ 0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
+ 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
+ 0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
+ 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
+ 0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
+ 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
+ 0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
+ 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00},
+ {0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
+ 0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
+ 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
+ 0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
+ 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
+ 0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
+ 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
+ 0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
+ 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
+ 0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
+ 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
+ 0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
+ 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
+ 0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
+ 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
+ 0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
+ 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
+ 0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
+ 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
+ 0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
+ 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
+ 0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
+ 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
+ 0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
+ 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
+ 0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
+ 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
+ 0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
+ 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
+ 0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
+ 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
+ 0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
+ 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
+ 0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
+ 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
+ 0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
+ 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
+ 0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
+ 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
+ 0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
+ 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
+ 0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
+ 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e},
+ {0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
+ 0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
+ 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
+ 0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
+ 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
+ 0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
+ 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
+ 0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
+ 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
+ 0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
+ 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
+ 0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
+ 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
+ 0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
+ 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
+ 0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
+ 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
+ 0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
+ 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
+ 0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
+ 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
+ 0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
+ 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
+ 0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
+ 0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
+ 0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
+ 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
+ 0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
+ 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
+ 0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
+ 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
+ 0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
+ 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
+ 0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
+ 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
+ 0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
+ 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
+ 0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
+ 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
+ 0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
+ 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
+ 0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
+ 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d},
+ {0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
+ 0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
+ 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
+ 0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
+ 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
+ 0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
+ 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
+ 0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
+ 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
+ 0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
+ 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
+ 0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
+ 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
+ 0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
+ 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
+ 0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
+ 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
+ 0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
+ 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
+ 0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
+ 0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
+ 0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
+ 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
+ 0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
+ 0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
+ 0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
+ 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
+ 0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
+ 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
+ 0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
+ 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
+ 0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
+ 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
+ 0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
+ 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
+ 0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
+ 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
+ 0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
+ 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
+ 0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
+ 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
+ 0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
+ 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f}
+};
+
+/* Key generation constants */
+static const u32 SIGMA[] = {
+ 0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
+ 0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
+};
+
+/* The phi algorithm given in C.2.7 of the Camellia spec document. */
+/*
+ * This version does not attempt to minimize amount of temporary
+ * variables, but instead explicitly exposes algorithm's parallelism.
+ * It is therefore most appropriate for platforms with not less than
+ * ~16 registers. For platforms with less registers [well, x86 to be
+ * specific] assembler version should be/is provided anyway...
+ */
+#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) do {\
+ register u32 _t0,_t1,_t2,_t3;\
+\
+ _t0 = _s0 ^ (_key)[0];\
+ _t3 = SBOX4_4404[_t0&0xff];\
+ _t1 = _s1 ^ (_key)[1];\
+ _t3 ^= SBOX3_3033[(_t0 >> 8)&0xff];\
+ _t2 = SBOX1_1110[_t1&0xff];\
+ _t3 ^= SBOX2_0222[(_t0 >> 16)&0xff];\
+ _t2 ^= SBOX4_4404[(_t1 >> 8)&0xff];\
+ _t3 ^= SBOX1_1110[(_t0 >> 24)];\
+ _t2 ^= _t3;\
+ _t3 = RightRotate(_t3,8);\
+ _t2 ^= SBOX3_3033[(_t1 >> 16)&0xff];\
+ _s3 ^= _t3;\
+ _t2 ^= SBOX2_0222[(_t1 >> 24)];\
+ _s2 ^= _t2; \
+ _s3 ^= _t2;\
+} while(0)
+
+/*
+ * Note that n has to be less than 32. Rotations for larger amount
+ * of bits are achieved by "rotating" order of s-elements and
+ * adjusting n accordingly, e.g. RotLeft128(s1,s2,s3,s0,n-32).
+ */
+#define RotLeft128(_s0,_s1,_s2,_s3,_n) do {\
+ u32 _t0=_s0>>(32-_n);\
+ _s0 = (_s0<<_n) | (_s1>>(32-_n));\
+ _s1 = (_s1<<_n) | (_s2>>(32-_n));\
+ _s2 = (_s2<<_n) | (_s3>>(32-_n));\
+ _s3 = (_s3<<_n) | _t0;\
+} while (0)
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
+{
+ register u32 s0, s1, s2, s3;
+
+ k[0] = s0 = GETU32(rawKey);
+ k[1] = s1 = GETU32(rawKey + 4);
+ k[2] = s2 = GETU32(rawKey + 8);
+ k[3] = s3 = GETU32(rawKey + 12);
+
+ if (keyBitLength != 128) {
+ k[8] = s0 = GETU32(rawKey + 16);
+ k[9] = s1 = GETU32(rawKey + 20);
+ if (keyBitLength == 192) {
+ k[10] = s2 = ~s0;
+ k[11] = s3 = ~s1;
+ } else {
+ k[10] = s2 = GETU32(rawKey + 24);
+ k[11] = s3 = GETU32(rawKey + 28);
+ }
+ s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+ }
+
+ /* Use the Feistel routine to scramble the key material */
+ Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0);
+ Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2);
+
+ s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+ Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4);
+ Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6);
+
+ /* Fill the keyTable. Requires many block rotations. */
+ if (keyBitLength == 128) {
+ k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
+ k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 30 */
+ k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 45 */
+ k[24] = s0, k[25] = s1;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 60 */
+ k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+ RotLeft128(s1, s2, s3, s0, 2); /* KA <<< 94 */
+ k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
+ RotLeft128(s1, s2, s3, s0, 17); /* KA <<<111 */
+ k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+
+ s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
+ RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 15 */
+ k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KL <<< 45 */
+ k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 60 */
+ k[26] = s2, k[27] = s3;
+ RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 77 */
+ k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
+ RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 94 */
+ k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+ RotLeft128(s0, s1, s2, s3, 17); /* KL <<<111 */
+ k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
+
+ return 3; /* grand rounds */
+ } else {
+ k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+ s0 ^= k[8], s1 ^= k[9], s2 ^= k[10], s3 ^= k[11];
+ Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8));
+ Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10));
+
+ k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 30 */
+ k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 60 */
+ k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
+ RotLeft128(s1, s2, s3, s0, 19); /* KB <<<111 */
+ k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
+
+ s0 = k[8], s1 = k[9], s2 = k[10], s3 = k[11];
+ RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 15 */
+ k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 30 */
+ k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KR <<< 60 */
+ k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+ RotLeft128(s1, s2, s3, s0, 2); /* KR <<< 94 */
+ k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
+
+ s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
+ k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KA <<< 45 */
+ k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+ /* KA <<< 77 */
+ k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+ RotLeft128(s1, s2, s3, s0, 17); /* KA <<< 94 */
+ k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
+
+ s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
+ RotLeft128(s1, s2, s3, s0, 13); /* KL <<< 45 */
+ k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
+ RotLeft128(s1, s2, s3, s0, 15); /* KL <<< 60 */
+ k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
+ RotLeft128(s1, s2, s3, s0, 17); /* KL <<< 77 */
+ k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
+ RotLeft128(s2, s3, s0, s1, 2); /* KL <<<111 */
+ k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
+
+ return 4; /* grand rounds */
+ }
+ /*
+ * It is possible to perform certain precalculations, which
+ * would spare few cycles in block procedure. It's not done,
+ * because it upsets the performance balance between key
+ * setup and block procedures, negatively affecting overall
+ * throughput in applications operating on short messages
+ * and volatile keys.
+ */
+}
+
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 ciphertext[])
+{
+ register u32 s0, s1, s2, s3;
+ const u32 *k = keyTable, *kend = keyTable + grandRounds * 16;
+
+ s0 = GETU32(plaintext) ^ k[0];
+ s1 = GETU32(plaintext + 4) ^ k[1];
+ s2 = GETU32(plaintext + 8) ^ k[2];
+ s3 = GETU32(plaintext + 12) ^ k[3];
+ k += 4;
+
+ while (1) {
+ /* Camellia makes 6 Feistel rounds */
+ Camellia_Feistel(s0, s1, s2, s3, k + 0);
+ Camellia_Feistel(s2, s3, s0, s1, k + 2);
+ Camellia_Feistel(s0, s1, s2, s3, k + 4);
+ Camellia_Feistel(s2, s3, s0, s1, k + 6);
+ Camellia_Feistel(s0, s1, s2, s3, k + 8);
+ Camellia_Feistel(s2, s3, s0, s1, k + 10);
+ k += 12;
+
+ if (k == kend)
+ break;
+
+ /*
+ * This is the same function as the diffusion function D of the
+ * accompanying documentation. See section 3.2 for properties of the
+ * FLlayer function.
+ */
+ s1 ^= LeftRotate(s0 & k[0], 1);
+ s2 ^= s3 | k[3];
+ s0 ^= s1 | k[1];
+ s3 ^= LeftRotate(s2 & k[2], 1);
+ k += 4;
+ }
+
+ s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
+
+ PUTU32(ciphertext, s2);
+ PUTU32(ciphertext + 4, s3);
+ PUTU32(ciphertext + 8, s0);
+ PUTU32(ciphertext + 12, s1);
+}
+
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+{
+ Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
+ plaintext, keyTable, ciphertext);
+}
+
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 plaintext[])
+{
+ u32 s0, s1, s2, s3;
+ const u32 *k = keyTable + grandRounds * 16, *kend = keyTable + 4;
+
+ s0 = GETU32(ciphertext) ^ k[0];
+ s1 = GETU32(ciphertext + 4) ^ k[1];
+ s2 = GETU32(ciphertext + 8) ^ k[2];
+ s3 = GETU32(ciphertext + 12) ^ k[3];
+
+ while (1) {
+ /* Camellia makes 6 Feistel rounds */
+ k -= 12;
+ Camellia_Feistel(s0, s1, s2, s3, k + 10);
+ Camellia_Feistel(s2, s3, s0, s1, k + 8);
+ Camellia_Feistel(s0, s1, s2, s3, k + 6);
+ Camellia_Feistel(s2, s3, s0, s1, k + 4);
+ Camellia_Feistel(s0, s1, s2, s3, k + 2);
+ Camellia_Feistel(s2, s3, s0, s1, k + 0);
+
+ if (k == kend)
+ break;
+
+ /*
+ * This is the same function as the diffusion function D of the
+ * accompanying documentation. See section 3.2 for properties of the
+ * FLlayer function.
+ */
+ k -= 4;
+ s1 ^= LeftRotate(s0 & k[2], 1);
+ s2 ^= s3 | k[1];
+ s0 ^= s1 | k[3];
+ s3 ^= LeftRotate(s2 & k[0], 1);
+ }
+
+ k -= 4;
+ s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
+
+ PUTU32(plaintext, s2);
+ PUTU32(plaintext + 4, s3);
+ PUTU32(plaintext + 8, s0);
+ PUTU32(plaintext + 12, s1);
+}
+
+void Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+{
+ Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
+ plaintext, keyTable, ciphertext);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/camellia.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,132 +0,0 @@
-/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_CAMELLIA_H
-# define HEADER_CAMELLIA_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_CAMELLIA
-# error CAMELLIA is disabled.
-# endif
-
-# include <stddef.h>
-
-# define CAMELLIA_ENCRYPT 1
-# define CAMELLIA_DECRYPT 0
-
-/*
- * Because array size can't be a const in C, the following two are macros.
- * Both sizes are in bytes.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-
-# define CAMELLIA_BLOCK_SIZE 16
-# define CAMELLIA_TABLE_BYTE_LEN 272
-# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
-
-typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
- * with WORD */
-
-struct camellia_key_st {
- union {
- double d; /* ensures 64-bit align */
- KEY_TABLE_TYPE rd_key;
- } u;
- int grand_rounds;
-};
-typedef struct camellia_key_st CAMELLIA_KEY;
-
-# ifdef OPENSSL_FIPS
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key);
-# endif
-int Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key);
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key);
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key);
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key, const int enc);
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, const int enc);
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num);
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char ivec[CAMELLIA_BLOCK_SIZE],
- unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
- unsigned int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !HEADER_Camellia_H */
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/camellia.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/camellia.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,132 @@
+/* crypto/camellia/camellia.h */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_CAMELLIA_H
+# define HEADER_CAMELLIA_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_CAMELLIA
+# error CAMELLIA is disabled.
+# endif
+
+# include <stddef.h>
+
+# define CAMELLIA_ENCRYPT 1
+# define CAMELLIA_DECRYPT 0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+
+# define CAMELLIA_BLOCK_SIZE 16
+# define CAMELLIA_TABLE_BYTE_LEN 272
+# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
+
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
+ * with WORD */
+
+struct camellia_key_st {
+ union {
+ double d; /* ensures 64-bit align */
+ KEY_TABLE_TYPE rd_key;
+ } u;
+ int grand_rounds;
+};
+typedef struct camellia_key_st CAMELLIA_KEY;
+
+# ifdef OPENSSL_FIPS
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+# endif
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key);
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key);
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key, const int enc);
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, const int enc);
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num);
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+ unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+ unsigned int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !HEADER_Camellia_H */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_cbc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,66 +0,0 @@
-/* crypto/camellia/camellia_cbc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const CAMELLIA_KEY *key,
- unsigned char *ivec, const int enc)
-{
-
- if (enc)
- CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
- (block128_f) Camellia_encrypt);
- else
- CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
- (block128_f) Camellia_decrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_cbc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cbc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,66 @@
+/* crypto/camellia/camellia_cbc.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const CAMELLIA_KEY *key,
+ unsigned char *ivec, const int enc)
+{
+
+ if (enc)
+ CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+ (block128_f) Camellia_encrypt);
+ else
+ CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+ (block128_f) Camellia_decrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_cfb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,141 +0,0 @@
-/* crypto/camellia/camellia_cfb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit cfb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc)
-{
-
- CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
- (block128_f) Camellia_encrypt);
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc)
-{
- CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
- (block128_f) Camellia_encrypt);
-}
-
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc)
-{
- CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
- (block128_f) Camellia_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_cfb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_cfb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,141 @@
+/* crypto/camellia/camellia_cfb.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+/*
+ * The input and output encrypted as though 128bit cfb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
+{
+
+ CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) Camellia_encrypt);
+}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
+{
+ CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) Camellia_encrypt);
+}
+
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
+{
+ CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) Camellia_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_ctr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,64 +0,0 @@
-/* crypto/camellia/camellia_ctr.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char ivec[CAMELLIA_BLOCK_SIZE],
- unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
- unsigned int *num)
-{
-
- CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
- (block128_f) Camellia_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_ctr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ctr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,64 @@
+/* crypto/camellia/camellia_ctr.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+ unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+ unsigned int *num)
+{
+
+ CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+ (block128_f) Camellia_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_ecb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,73 +0,0 @@
-/* crypto/camellia/camellia_ecb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef CAMELLIA_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key, const int enc)
-{
-
- assert(in && out && key);
- assert((CAMELLIA_ENCRYPT == enc) || (CAMELLIA_DECRYPT == enc));
-
- if (CAMELLIA_ENCRYPT == enc)
- Camellia_encrypt(in, out, key);
- else
- Camellia_decrypt(in, out, key);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_ecb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ecb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,73 @@
+/* crypto/camellia/camellia_ecb.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef CAMELLIA_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key, const int enc)
+{
+
+ assert(in && out && key);
+ assert((CAMELLIA_ENCRYPT == enc) || (CAMELLIA_DECRYPT == enc));
+
+ if (CAMELLIA_ENCRYPT == enc)
+ Camellia_encrypt(in, out, key);
+ else
+ Camellia_decrypt(in, out, key);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_locl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,88 +0,0 @@
-/* crypto/camellia/camellia_locl.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- * http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CAMELLIA_LOCL_H
-# define HEADER_CAMELLIA_LOCL_H
-
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
- KEY_TABLE_TYPE keyTable);
-void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable,
- u8 ciphertext[]);
-void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
- const KEY_TABLE_TYPE keyTable,
- u8 plaintext[]);
-void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
-void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
- const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key);
-#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_locl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,88 @@
+/* crypto/camellia/camellia_locl.h */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ * http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CAMELLIA_LOCL_H
+# define HEADER_CAMELLIA_LOCL_H
+
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
+ KEY_TABLE_TYPE keyTable);
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 ciphertext[]);
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 plaintext[]);
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_misc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,80 +0,0 @@
-/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-const char CAMELLIA_version[] = "CAMELLIA" OPENSSL_VERSION_PTEXT;
-
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key)
-{
- if (!userKey || !key)
- return -1;
- if (bits != 128 && bits != 192 && bits != 256)
- return -2;
- key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key);
- return 0;
-}
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key)
-{
- Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
-}
-
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key)
-{
- Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_misc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_misc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,80 @@
+/* crypto/camellia/camellia_misc.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+const char CAMELLIA_version[] = "CAMELLIA" OPENSSL_VERSION_PTEXT;
+
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key)
+{
+ if (!userKey || !key)
+ return -1;
+ if (bits != 128 && bits != 192 && bits != 256)
+ return -2;
+ key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key);
+ return 0;
+}
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key)
+{
+ Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
+}
+
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key)
+{
+ Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_ofb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,122 +0,0 @@
-/* crypto/camellia/camellia_ofb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit ofb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num)
-{
- CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
- (block128_f) Camellia_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_ofb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_ofb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,122 @@
+/* crypto/camellia/camellia_ofb.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+/*
+ * The input and output encrypted as though 128bit ofb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num)
+{
+ CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+ (block128_f) Camellia_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/camellia/cmll_utl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,64 +0,0 @@
-/* crypto/camellia/cmll_utl.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-int Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key)
-{
-#ifdef OPENSSL_FIPS
- fips_cipher_abort(Camellia);
-#endif
- return private_Camellia_set_key(userKey, bits, key);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/camellia/cmll_utl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/camellia/cmll_utl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,64 @@
+/* crypto/camellia/cmll_utl.c */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(Camellia);
+#endif
+ return private_Camellia_set_key(userKey, bits, key);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/cms/cms_enc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,260 +0,0 @@
-/* crypto/cms/cms_enc.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/rand.h>
-#include "cms_lcl.h"
-
-/* CMS EncryptedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_EncryptedData)
-
-/* Return BIO based on EncryptedContentInfo and key */
-
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
-{
- BIO *b;
- EVP_CIPHER_CTX *ctx;
- const EVP_CIPHER *ciph;
- X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
- unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
- unsigned char *tkey = NULL;
- size_t tkeylen = 0;
-
- int ok = 0;
-
- int enc, keep_key = 0;
-
- enc = ec->cipher ? 1 : 0;
-
- b = BIO_new(BIO_f_cipher());
- if (!b) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- BIO_get_cipher_ctx(b, &ctx);
-
- if (enc) {
- ciph = ec->cipher;
- /*
- * If not keeping key set cipher to NULL so subsequent calls decrypt.
- */
- if (ec->key)
- ec->cipher = NULL;
- } else {
- ciph = EVP_get_cipherbyobj(calg->algorithm);
-
- if (!ciph) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
- goto err;
- }
- }
-
- if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
- CMS_R_CIPHER_INITIALISATION_ERROR);
- goto err;
- }
-
- if (enc) {
- int ivlen;
- calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
- /* Generate a random IV if we need one */
- ivlen = EVP_CIPHER_CTX_iv_length(ctx);
- if (ivlen > 0) {
- if (RAND_pseudo_bytes(iv, ivlen) <= 0)
- goto err;
- piv = iv;
- }
- } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
- CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
- goto err;
- }
- tkeylen = EVP_CIPHER_CTX_key_length(ctx);
- /* Generate random session key */
- if (!enc || !ec->key) {
- tkey = OPENSSL_malloc(tkeylen);
- if (!tkey) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
- goto err;
- }
-
- if (!ec->key) {
- ec->key = tkey;
- ec->keylen = tkeylen;
- tkey = NULL;
- if (enc)
- keep_key = 1;
- else
- ERR_clear_error();
-
- }
-
- if (ec->keylen != tkeylen) {
- /* If necessary set key length */
- if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
- /*
- * Only reveal failure if debugging so we don't leak information
- * which may be useful in MMA.
- */
- if (enc || ec->debug) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
- CMS_R_INVALID_KEY_LENGTH);
- goto err;
- } else {
- /* Use random key */
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
- ec->key = tkey;
- ec->keylen = tkeylen;
- tkey = NULL;
- ERR_clear_error();
- }
- }
- }
-
- if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
- CMS_R_CIPHER_INITIALISATION_ERROR);
- goto err;
- }
-
- if (piv) {
- calg->parameter = ASN1_TYPE_new();
- if (!calg->parameter) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
- CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
- goto err;
- }
- }
- ok = 1;
-
- err:
- if (ec->key && (!keep_key || !ok)) {
- OPENSSL_cleanse(ec->key, ec->keylen);
- OPENSSL_free(ec->key);
- ec->key = NULL;
- }
- if (tkey) {
- OPENSSL_cleanse(tkey, tkeylen);
- OPENSSL_free(tkey);
- }
- if (ok)
- return b;
- BIO_free(b);
- return NULL;
-}
-
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
- const EVP_CIPHER *cipher,
- const unsigned char *key, size_t keylen)
-{
- ec->cipher = cipher;
- if (key) {
- ec->key = OPENSSL_malloc(keylen);
- if (!ec->key)
- return 0;
- memcpy(ec->key, key, keylen);
- }
- ec->keylen = keylen;
- if (cipher)
- ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
- return 1;
-}
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
- const unsigned char *key, size_t keylen)
-{
- CMS_EncryptedContentInfo *ec;
- if (!key || !keylen) {
- CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
- return 0;
- }
- if (ciph) {
- cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
- if (!cms->d.encryptedData) {
- CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
- cms->d.encryptedData->version = 0;
- } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
- CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NOT_ENCRYPTED_DATA);
- return 0;
- }
- ec = cms->d.encryptedData->encryptedContentInfo;
- return cms_EncryptedContent_init(ec, ciph, key, keylen);
-}
-
-BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
-{
- CMS_EncryptedData *enc = cms->d.encryptedData;
- if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
- enc->version = 2;
- return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/cms/cms_enc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/cms/cms_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,264 @@
+/* crypto/cms/cms_enc.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include "cms_lcl.h"
+
+/* CMS EncryptedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_EncryptedData)
+
+/* Return BIO based on EncryptedContentInfo and key */
+
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
+{
+ BIO *b;
+ EVP_CIPHER_CTX *ctx;
+ const EVP_CIPHER *ciph;
+ X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
+ unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
+ unsigned char *tkey = NULL;
+ size_t tkeylen = 0;
+
+ int ok = 0;
+
+ int enc, keep_key = 0;
+
+ enc = ec->cipher ? 1 : 0;
+
+ b = BIO_new(BIO_f_cipher());
+ if (!b) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ BIO_get_cipher_ctx(b, &ctx);
+
+ if (enc) {
+ ciph = ec->cipher;
+ /*
+ * If not keeping key set cipher to NULL so subsequent calls decrypt.
+ */
+ if (ec->key)
+ ec->cipher = NULL;
+ } else {
+ ciph = EVP_get_cipherbyobj(calg->algorithm);
+
+ if (!ciph) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
+ goto err;
+ }
+ }
+
+ if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+ CMS_R_CIPHER_INITIALISATION_ERROR);
+ goto err;
+ }
+
+ if (enc) {
+ int ivlen;
+ calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+ /* Generate a random IV if we need one */
+ ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+ if (ivlen > 0) {
+ if (RAND_bytes(iv, ivlen) <= 0)
+ goto err;
+ piv = iv;
+ }
+ } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
+ tkeylen = EVP_CIPHER_CTX_key_length(ctx);
+ /* Generate random session key */
+ if (!enc || !ec->key) {
+ tkey = OPENSSL_malloc(tkeylen);
+ if (!tkey) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
+ goto err;
+ }
+
+ if (!ec->key) {
+ ec->key = tkey;
+ ec->keylen = tkeylen;
+ tkey = NULL;
+ if (enc)
+ keep_key = 1;
+ else
+ ERR_clear_error();
+
+ }
+
+ if (ec->keylen != tkeylen) {
+ /* If necessary set key length */
+ if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
+ /*
+ * Only reveal failure if debugging so we don't leak information
+ * which may be useful in MMA.
+ */
+ if (enc || ec->debug) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+ CMS_R_INVALID_KEY_LENGTH);
+ goto err;
+ } else {
+ /* Use random key */
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ ec->key = tkey;
+ ec->keylen = tkeylen;
+ tkey = NULL;
+ ERR_clear_error();
+ }
+ }
+ }
+
+ if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+ CMS_R_CIPHER_INITIALISATION_ERROR);
+ goto err;
+ }
+ if (enc) {
+ calg->parameter = ASN1_TYPE_new();
+ if (calg->parameter == NULL) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
+ /* If parameter type not set omit parameter */
+ if (calg->parameter->type == V_ASN1_UNDEF) {
+ ASN1_TYPE_free(calg->parameter);
+ calg->parameter = NULL;
+ }
+ }
+ ok = 1;
+
+ err:
+ if (ec->key && (!keep_key || !ok)) {
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ ec->key = NULL;
+ }
+ if (tkey) {
+ OPENSSL_cleanse(tkey, tkeylen);
+ OPENSSL_free(tkey);
+ }
+ if (ok)
+ return b;
+ BIO_free(b);
+ return NULL;
+}
+
+int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
+ const EVP_CIPHER *cipher,
+ const unsigned char *key, size_t keylen)
+{
+ ec->cipher = cipher;
+ if (key) {
+ ec->key = OPENSSL_malloc(keylen);
+ if (!ec->key)
+ return 0;
+ memcpy(ec->key, key, keylen);
+ }
+ ec->keylen = keylen;
+ if (cipher)
+ ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
+ return 1;
+}
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+ const unsigned char *key, size_t keylen)
+{
+ CMS_EncryptedContentInfo *ec;
+ if (!key || !keylen) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
+ return 0;
+ }
+ if (ciph) {
+ cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
+ if (!cms->d.encryptedData) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
+ cms->d.encryptedData->version = 0;
+ } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NOT_ENCRYPTED_DATA);
+ return 0;
+ }
+ ec = cms->d.encryptedData->encryptedContentInfo;
+ return cms_EncryptedContent_init(ec, ciph, key, keylen);
+}
+
+BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
+{
+ CMS_EncryptedData *enc = cms->d.encryptedData;
+ if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
+ enc->version = 2;
+ return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/cms/cms_ess.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,395 +0,0 @@
-/* crypto/cms/cms_ess.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
-DECLARE_ASN1_ITEM(CMS_Receipt)
-
-IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-
-/* ESS services: for now just Signed Receipt related */
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
-{
- ASN1_STRING *str;
- CMS_ReceiptRequest *rr = NULL;
- if (prr)
- *prr = NULL;
- str = CMS_signed_get0_data_by_OBJ(si,
- OBJ_nid2obj
- (NID_id_smime_aa_receiptRequest), -3,
- V_ASN1_SEQUENCE);
- if (!str)
- return 0;
-
- rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
- if (!rr)
- return -1;
- if (prr)
- *prr = rr;
- else
- CMS_ReceiptRequest_free(rr);
- return 1;
-}
-
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
- int allorfirst,
- STACK_OF(GENERAL_NAMES)
- *receiptList, STACK_OF(GENERAL_NAMES)
- *receiptsTo)
-{
- CMS_ReceiptRequest *rr = NULL;
-
- rr = CMS_ReceiptRequest_new();
- if (!rr)
- goto merr;
- if (id)
- ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
- else {
- if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
- goto merr;
- if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
- <= 0)
- goto err;
- }
-
- sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
- rr->receiptsTo = receiptsTo;
-
- if (receiptList) {
- rr->receiptsFrom->type = 1;
- rr->receiptsFrom->d.receiptList = receiptList;
- } else {
- rr->receiptsFrom->type = 0;
- rr->receiptsFrom->d.allOrFirstTier = allorfirst;
- }
-
- return rr;
-
- merr:
- CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
-
- err:
- if (rr)
- CMS_ReceiptRequest_free(rr);
-
- return NULL;
-
-}
-
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
-{
- unsigned char *rrder = NULL;
- int rrderlen, r = 0;
-
- rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
- if (rrderlen < 0)
- goto merr;
-
- if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
- V_ASN1_SEQUENCE, rrder, rrderlen))
- goto merr;
-
- r = 1;
-
- merr:
- if (!r)
- CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
-
- if (rrder)
- OPENSSL_free(rrder);
-
- return r;
-
-}
-
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
- ASN1_STRING **pcid,
- int *pallorfirst,
- STACK_OF(GENERAL_NAMES) **plist,
- STACK_OF(GENERAL_NAMES) **prto)
-{
- if (pcid)
- *pcid = rr->signedContentIdentifier;
- if (rr->receiptsFrom->type == 0) {
- if (pallorfirst)
- *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
- if (plist)
- *plist = NULL;
- } else {
- if (pallorfirst)
- *pallorfirst = -1;
- if (plist)
- *plist = rr->receiptsFrom->d.receiptList;
- }
- if (prto)
- *prto = rr->receiptsTo;
-}
-
-/* Digest a SignerInfo structure for msgSigDigest attribute processing */
-
-static int cms_msgSigDigest(CMS_SignerInfo *si,
- unsigned char *dig, unsigned int *diglen)
-{
- const EVP_MD *md;
- md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
- if (md == NULL)
- return 0;
- if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
- si->signedAttrs, dig, diglen))
- return 0;
- return 1;
-}
-
-/* Add a msgSigDigest attribute to a SignerInfo */
-
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
-{
- unsigned char dig[EVP_MAX_MD_SIZE];
- unsigned int diglen;
- if (!cms_msgSigDigest(src, dig, &diglen)) {
- CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
- return 0;
- }
- if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
- V_ASN1_OCTET_STRING, dig, diglen)) {
- CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- return 1;
-}
-
-/* Verify signed receipt after it has already passed normal CMS verify */
-
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
-{
- int r = 0, i;
- CMS_ReceiptRequest *rr = NULL;
- CMS_Receipt *rct = NULL;
- STACK_OF(CMS_SignerInfo) *sis, *osis;
- CMS_SignerInfo *si, *osi = NULL;
- ASN1_OCTET_STRING *msig, **pcont;
- ASN1_OBJECT *octype;
- unsigned char dig[EVP_MAX_MD_SIZE];
- unsigned int diglen;
-
- /* Get SignerInfos, also checks SignedData content type */
- osis = CMS_get0_SignerInfos(req_cms);
- sis = CMS_get0_SignerInfos(cms);
- if (!osis || !sis)
- goto err;
-
- if (sk_CMS_SignerInfo_num(sis) != 1) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
- goto err;
- }
-
- /* Check receipt content type */
- if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
- goto err;
- }
-
- /* Extract and decode receipt content */
- pcont = CMS_get0_content(cms);
- if (!pcont || !*pcont) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
- goto err;
- }
-
- rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
-
- if (!rct) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
- goto err;
- }
-
- /* Locate original request */
-
- for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
- osi = sk_CMS_SignerInfo_value(osis, i);
- if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
- break;
- }
-
- if (i == sk_CMS_SignerInfo_num(osis)) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
- goto err;
- }
-
- si = sk_CMS_SignerInfo_value(sis, 0);
-
- /* Get msgSigDigest value and compare */
-
- msig = CMS_signed_get0_data_by_OBJ(si,
- OBJ_nid2obj
- (NID_id_smime_aa_msgSigDigest), -3,
- V_ASN1_OCTET_STRING);
-
- if (!msig) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
- goto err;
- }
-
- if (!cms_msgSigDigest(osi, dig, &diglen)) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
- goto err;
- }
-
- if (diglen != (unsigned int)msig->length) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
- goto err;
- }
-
- if (memcmp(dig, msig->data, diglen)) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
- CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
- goto err;
- }
-
- /* Compare content types */
-
- octype = CMS_signed_get0_data_by_OBJ(osi,
- OBJ_nid2obj(NID_pkcs9_contentType),
- -3, V_ASN1_OBJECT);
- if (!octype) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
- goto err;
- }
-
- /* Compare details in receipt request */
-
- if (OBJ_cmp(octype, rct->contentType)) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
- goto err;
- }
-
- /* Get original receipt request details */
-
- if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
- goto err;
- }
-
- if (ASN1_STRING_cmp(rr->signedContentIdentifier,
- rct->signedContentIdentifier)) {
- CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
- goto err;
- }
-
- r = 1;
-
- err:
- if (rr)
- CMS_ReceiptRequest_free(rr);
- if (rct)
- M_ASN1_free_of(rct, CMS_Receipt);
-
- return r;
-
-}
-
-/*
- * Encode a Receipt into an OCTET STRING read for including into content of a
- * SignedData ContentInfo.
- */
-
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
-{
- CMS_Receipt rct;
- CMS_ReceiptRequest *rr = NULL;
- ASN1_OBJECT *ctype;
- ASN1_OCTET_STRING *os = NULL;
-
- /* Get original receipt request */
-
- /* Get original receipt request details */
-
- if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
- CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
- goto err;
- }
-
- /* Get original content type */
-
- ctype = CMS_signed_get0_data_by_OBJ(si,
- OBJ_nid2obj(NID_pkcs9_contentType),
- -3, V_ASN1_OBJECT);
- if (!ctype) {
- CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
- goto err;
- }
-
- rct.version = 1;
- rct.contentType = ctype;
- rct.signedContentIdentifier = rr->signedContentIdentifier;
- rct.originatorSignatureValue = si->signature;
-
- os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
-
- err:
- if (rr)
- CMS_ReceiptRequest_free(rr);
-
- return os;
-
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c (from rev 11605, vendor-crypto/openssl/dist/crypto/cms/cms_ess.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/cms/cms_ess.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,394 @@
+/* crypto/cms/cms_ess.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
+DECLARE_ASN1_ITEM(CMS_Receipt)
+
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+
+/* ESS services: for now just Signed Receipt related */
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
+{
+ ASN1_STRING *str;
+ CMS_ReceiptRequest *rr = NULL;
+ if (prr)
+ *prr = NULL;
+ str = CMS_signed_get0_data_by_OBJ(si,
+ OBJ_nid2obj
+ (NID_id_smime_aa_receiptRequest), -3,
+ V_ASN1_SEQUENCE);
+ if (!str)
+ return 0;
+
+ rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
+ if (!rr)
+ return -1;
+ if (prr)
+ *prr = rr;
+ else
+ CMS_ReceiptRequest_free(rr);
+ return 1;
+}
+
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+ int allorfirst,
+ STACK_OF(GENERAL_NAMES)
+ *receiptList, STACK_OF(GENERAL_NAMES)
+ *receiptsTo)
+{
+ CMS_ReceiptRequest *rr = NULL;
+
+ rr = CMS_ReceiptRequest_new();
+ if (!rr)
+ goto merr;
+ if (id)
+ ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
+ else {
+ if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
+ goto merr;
+ if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
+ goto err;
+ }
+
+ sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
+ rr->receiptsTo = receiptsTo;
+
+ if (receiptList) {
+ rr->receiptsFrom->type = 1;
+ rr->receiptsFrom->d.receiptList = receiptList;
+ } else {
+ rr->receiptsFrom->type = 0;
+ rr->receiptsFrom->d.allOrFirstTier = allorfirst;
+ }
+
+ return rr;
+
+ merr:
+ CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
+
+ err:
+ if (rr)
+ CMS_ReceiptRequest_free(rr);
+
+ return NULL;
+
+}
+
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
+{
+ unsigned char *rrder = NULL;
+ int rrderlen, r = 0;
+
+ rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
+ if (rrderlen < 0)
+ goto merr;
+
+ if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
+ V_ASN1_SEQUENCE, rrder, rrderlen))
+ goto merr;
+
+ r = 1;
+
+ merr:
+ if (!r)
+ CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
+
+ if (rrder)
+ OPENSSL_free(rrder);
+
+ return r;
+
+}
+
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+ ASN1_STRING **pcid,
+ int *pallorfirst,
+ STACK_OF(GENERAL_NAMES) **plist,
+ STACK_OF(GENERAL_NAMES) **prto)
+{
+ if (pcid)
+ *pcid = rr->signedContentIdentifier;
+ if (rr->receiptsFrom->type == 0) {
+ if (pallorfirst)
+ *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
+ if (plist)
+ *plist = NULL;
+ } else {
+ if (pallorfirst)
+ *pallorfirst = -1;
+ if (plist)
+ *plist = rr->receiptsFrom->d.receiptList;
+ }
+ if (prto)
+ *prto = rr->receiptsTo;
+}
+
+/* Digest a SignerInfo structure for msgSigDigest attribute processing */
+
+static int cms_msgSigDigest(CMS_SignerInfo *si,
+ unsigned char *dig, unsigned int *diglen)
+{
+ const EVP_MD *md;
+ md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+ if (md == NULL)
+ return 0;
+ if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
+ si->signedAttrs, dig, diglen))
+ return 0;
+ return 1;
+}
+
+/* Add a msgSigDigest attribute to a SignerInfo */
+
+int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
+{
+ unsigned char dig[EVP_MAX_MD_SIZE];
+ unsigned int diglen;
+ if (!cms_msgSigDigest(src, dig, &diglen)) {
+ CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
+ return 0;
+ }
+ if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
+ V_ASN1_OCTET_STRING, dig, diglen)) {
+ CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ return 1;
+}
+
+/* Verify signed receipt after it has already passed normal CMS verify */
+
+int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
+{
+ int r = 0, i;
+ CMS_ReceiptRequest *rr = NULL;
+ CMS_Receipt *rct = NULL;
+ STACK_OF(CMS_SignerInfo) *sis, *osis;
+ CMS_SignerInfo *si, *osi = NULL;
+ ASN1_OCTET_STRING *msig, **pcont;
+ ASN1_OBJECT *octype;
+ unsigned char dig[EVP_MAX_MD_SIZE];
+ unsigned int diglen;
+
+ /* Get SignerInfos, also checks SignedData content type */
+ osis = CMS_get0_SignerInfos(req_cms);
+ sis = CMS_get0_SignerInfos(cms);
+ if (!osis || !sis)
+ goto err;
+
+ if (sk_CMS_SignerInfo_num(sis) != 1) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
+ goto err;
+ }
+
+ /* Check receipt content type */
+ if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
+ goto err;
+ }
+
+ /* Extract and decode receipt content */
+ pcont = CMS_get0_content(cms);
+ if (!pcont || !*pcont) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
+ goto err;
+ }
+
+ rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
+
+ if (!rct) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
+ goto err;
+ }
+
+ /* Locate original request */
+
+ for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
+ osi = sk_CMS_SignerInfo_value(osis, i);
+ if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
+ break;
+ }
+
+ if (i == sk_CMS_SignerInfo_num(osis)) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
+ goto err;
+ }
+
+ si = sk_CMS_SignerInfo_value(sis, 0);
+
+ /* Get msgSigDigest value and compare */
+
+ msig = CMS_signed_get0_data_by_OBJ(si,
+ OBJ_nid2obj
+ (NID_id_smime_aa_msgSigDigest), -3,
+ V_ASN1_OCTET_STRING);
+
+ if (!msig) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
+ goto err;
+ }
+
+ if (!cms_msgSigDigest(osi, dig, &diglen)) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
+ goto err;
+ }
+
+ if (diglen != (unsigned int)msig->length) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
+ goto err;
+ }
+
+ if (memcmp(dig, msig->data, diglen)) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+ CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
+ goto err;
+ }
+
+ /* Compare content types */
+
+ octype = CMS_signed_get0_data_by_OBJ(osi,
+ OBJ_nid2obj(NID_pkcs9_contentType),
+ -3, V_ASN1_OBJECT);
+ if (!octype) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
+ goto err;
+ }
+
+ /* Compare details in receipt request */
+
+ if (OBJ_cmp(octype, rct->contentType)) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
+ goto err;
+ }
+
+ /* Get original receipt request details */
+
+ if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
+ goto err;
+ }
+
+ if (ASN1_STRING_cmp(rr->signedContentIdentifier,
+ rct->signedContentIdentifier)) {
+ CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
+ goto err;
+ }
+
+ r = 1;
+
+ err:
+ if (rr)
+ CMS_ReceiptRequest_free(rr);
+ if (rct)
+ M_ASN1_free_of(rct, CMS_Receipt);
+
+ return r;
+
+}
+
+/*
+ * Encode a Receipt into an OCTET STRING read for including into content of a
+ * SignedData ContentInfo.
+ */
+
+ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
+{
+ CMS_Receipt rct;
+ CMS_ReceiptRequest *rr = NULL;
+ ASN1_OBJECT *ctype;
+ ASN1_OCTET_STRING *os = NULL;
+
+ /* Get original receipt request */
+
+ /* Get original receipt request details */
+
+ if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
+ CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
+ goto err;
+ }
+
+ /* Get original content type */
+
+ ctype = CMS_signed_get0_data_by_OBJ(si,
+ OBJ_nid2obj(NID_pkcs9_contentType),
+ -3, V_ASN1_OBJECT);
+ if (!ctype) {
+ CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
+ goto err;
+ }
+
+ rct.version = 1;
+ rct.contentType = ctype;
+ rct.signedContentIdentifier = rr->signedContentIdentifier;
+ rct.originatorSignatureValue = si->signature;
+
+ os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
+
+ err:
+ if (rr)
+ CMS_ReceiptRequest_free(rr);
+
+ return os;
+
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/cms/cms_pwri.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,435 +0,0 @@
-/* crypto/cms/cms_pwri.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2009 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/rand.h>
-#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
- unsigned char *pass, ossl_ssize_t passlen)
-{
- CMS_PasswordRecipientInfo *pwri;
- if (ri->type != CMS_RECIPINFO_PASS) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
- return 0;
- }
-
- pwri = ri->d.pwri;
- pwri->pass = pass;
- if (pass && passlen < 0)
- passlen = strlen((char *)pass);
- pwri->passlen = passlen;
- return 1;
-}
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
- int iter, int wrap_nid,
- int pbe_nid,
- unsigned char *pass,
- ossl_ssize_t passlen,
- const EVP_CIPHER *kekciph)
-{
- CMS_RecipientInfo *ri = NULL;
- CMS_EnvelopedData *env;
- CMS_PasswordRecipientInfo *pwri;
- EVP_CIPHER_CTX ctx;
- X509_ALGOR *encalg = NULL;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- int ivlen;
-
- env = cms_get0_enveloped(cms);
- if (!env)
- return NULL;
-
- if (wrap_nid <= 0)
- wrap_nid = NID_id_alg_PWRI_KEK;
-
- if (pbe_nid <= 0)
- pbe_nid = NID_id_pbkdf2;
-
- /* Get from enveloped data */
- if (kekciph == NULL)
- kekciph = env->encryptedContentInfo->cipher;
-
- if (kekciph == NULL) {
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
- return NULL;
- }
- if (wrap_nid != NID_id_alg_PWRI_KEK) {
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
- CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
- return NULL;
- }
-
- /* Setup algorithm identifier for cipher */
- encalg = X509_ALGOR_new();
- if (encalg == NULL) {
- goto merr;
- }
- EVP_CIPHER_CTX_init(&ctx);
-
- if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
- goto err;
- }
-
- ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
-
- if (ivlen > 0) {
- if (RAND_pseudo_bytes(iv, ivlen) <= 0)
- goto err;
- if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
- goto err;
- }
- encalg->parameter = ASN1_TYPE_new();
- if (!encalg->parameter) {
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
- CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
- goto err;
- }
- }
-
- encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
-
- EVP_CIPHER_CTX_cleanup(&ctx);
-
- /* Initialize recipient info */
- ri = M_ASN1_new_of(CMS_RecipientInfo);
- if (!ri)
- goto merr;
-
- ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
- if (!ri->d.pwri)
- goto merr;
- ri->type = CMS_RECIPINFO_PASS;
-
- pwri = ri->d.pwri;
- /* Since this is overwritten, free up empty structure already there */
- X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
- pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
- if (!pwri->keyEncryptionAlgorithm)
- goto merr;
- pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
- pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
- if (!pwri->keyEncryptionAlgorithm->parameter)
- goto merr;
-
- if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
- &pwri->keyEncryptionAlgorithm->parameter->
- value.sequence))
- goto merr;
- pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
-
- X509_ALGOR_free(encalg);
- encalg = NULL;
-
- /* Setup PBE algorithm */
-
- pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
-
- if (!pwri->keyDerivationAlgorithm)
- goto err;
-
- CMS_RecipientInfo_set0_password(ri, pass, passlen);
- pwri->version = 0;
-
- if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
- goto merr;
-
- return ri;
-
- merr:
- CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
- err:
- EVP_CIPHER_CTX_cleanup(&ctx);
- if (ri)
- M_ASN1_free_of(ri, CMS_RecipientInfo);
- if (encalg)
- X509_ALGOR_free(encalg);
- return NULL;
-
-}
-
-/*
- * This is an implementation of the key wrapping mechanism in RFC3211, at
- * some point this should go into EVP.
- */
-
-static int kek_unwrap_key(unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen,
- EVP_CIPHER_CTX *ctx)
-{
- size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
- unsigned char *tmp;
- int outl, rv = 0;
- if (inlen < 2 * blocklen) {
- /* too small */
- return 0;
- }
- if (inlen % blocklen) {
- /* Invalid size */
- return 0;
- }
- tmp = OPENSSL_malloc(inlen);
- if (!tmp)
- return 0;
- /* setup IV by decrypting last two blocks */
- EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
- in + inlen - 2 * blocklen, blocklen * 2);
- /*
- * Do a decrypt of last decrypted block to set IV to correct value output
- * it to start of buffer so we don't corrupt decrypted block this works
- * because buffer is at least two block lengths long.
- */
- EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen);
- /* Can now decrypt first n - 1 blocks */
- EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
-
- /* Reset IV to original value */
- EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
- /* Decrypt again */
- EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
- /* Check check bytes */
- if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) {
- /* Check byte failure */
- goto err;
- }
- if (inlen < (size_t)(tmp[0] - 4)) {
- /* Invalid length value */
- goto err;
- }
- *outlen = (size_t)tmp[0];
- memcpy(out, tmp + 4, *outlen);
- rv = 1;
- err:
- OPENSSL_cleanse(tmp, inlen);
- OPENSSL_free(tmp);
- return rv;
-
-}
-
-static int kek_wrap_key(unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen,
- EVP_CIPHER_CTX *ctx)
-{
- size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
- size_t olen;
- int dummy;
- /*
- * First decide length of output buffer: need header and round up to
- * multiple of block length.
- */
- olen = (inlen + 4 + blocklen - 1) / blocklen;
- olen *= blocklen;
- if (olen < 2 * blocklen) {
- /* Key too small */
- return 0;
- }
- if (inlen > 0xFF) {
- /* Key too large */
- return 0;
- }
- if (out) {
- /* Set header */
- out[0] = (unsigned char)inlen;
- out[1] = in[0] ^ 0xFF;
- out[2] = in[1] ^ 0xFF;
- out[3] = in[2] ^ 0xFF;
- memcpy(out + 4, in, inlen);
- /* Add random padding to end */
- if (olen > inlen + 4
- && RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0)
- return 0;
- /* Encrypt twice */
- EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
- EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
- }
-
- *outlen = olen;
-
- return 1;
-}
-
-/* Encrypt/Decrypt content key in PWRI recipient info */
-
-int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
- int en_de)
-{
- CMS_EncryptedContentInfo *ec;
- CMS_PasswordRecipientInfo *pwri;
- const unsigned char *p = NULL;
- int plen;
- int r = 0;
- X509_ALGOR *algtmp, *kekalg = NULL;
- EVP_CIPHER_CTX kekctx;
- const EVP_CIPHER *kekcipher;
- unsigned char *key = NULL;
- size_t keylen;
-
- ec = cms->d.envelopedData->encryptedContentInfo;
-
- pwri = ri->d.pwri;
- EVP_CIPHER_CTX_init(&kekctx);
-
- if (!pwri->pass) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
- return 0;
- }
- algtmp = pwri->keyEncryptionAlgorithm;
-
- if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
- CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
- return 0;
- }
-
- if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
- p = algtmp->parameter->value.sequence->data;
- plen = algtmp->parameter->value.sequence->length;
- kekalg = d2i_X509_ALGOR(NULL, &p, plen);
- }
- if (kekalg == NULL) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
- CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
- return 0;
- }
-
- kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
-
- if (!kekcipher) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
- goto err;
- }
-
- /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
- if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
- goto err;
- EVP_CIPHER_CTX_set_padding(&kekctx, 0);
- if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
- CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
- goto err;
- }
-
- algtmp = pwri->keyDerivationAlgorithm;
-
- /* Finish password based key derivation to setup key in "ctx" */
-
- if (EVP_PBE_CipherInit(algtmp->algorithm,
- (char *)pwri->pass, pwri->passlen,
- algtmp->parameter, &kekctx, en_de) < 0) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
- goto err;
- }
-
- /* Finally wrap/unwrap the key */
-
- if (en_de) {
-
- if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
- goto err;
-
- key = OPENSSL_malloc(keylen);
-
- if (!key)
- goto err;
-
- if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
- goto err;
- pwri->encryptedKey->data = key;
- pwri->encryptedKey->length = keylen;
- } else {
- key = OPENSSL_malloc(pwri->encryptedKey->length);
-
- if (!key) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!kek_unwrap_key(key, &keylen,
- pwri->encryptedKey->data,
- pwri->encryptedKey->length, &kekctx)) {
- CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE);
- goto err;
- }
-
- ec->key = key;
- ec->keylen = keylen;
-
- }
-
- r = 1;
-
- err:
-
- EVP_CIPHER_CTX_cleanup(&kekctx);
-
- if (!r && key)
- OPENSSL_free(key);
- X509_ALGOR_free(kekalg);
-
- return r;
-
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c (from rev 11605, vendor-crypto/openssl/dist/crypto/cms/cms_pwri.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/cms/cms_pwri.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,435 @@
+/* crypto/cms/cms_pwri.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2009 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass, ossl_ssize_t passlen)
+{
+ CMS_PasswordRecipientInfo *pwri;
+ if (ri->type != CMS_RECIPINFO_PASS) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
+ return 0;
+ }
+
+ pwri = ri->d.pwri;
+ pwri->pass = pass;
+ if (pass && passlen < 0)
+ passlen = strlen((char *)pass);
+ pwri->passlen = passlen;
+ return 1;
+}
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid,
+ int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph)
+{
+ CMS_RecipientInfo *ri = NULL;
+ CMS_EnvelopedData *env;
+ CMS_PasswordRecipientInfo *pwri;
+ EVP_CIPHER_CTX ctx;
+ X509_ALGOR *encalg = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ int ivlen;
+
+ env = cms_get0_enveloped(cms);
+ if (!env)
+ return NULL;
+
+ if (wrap_nid <= 0)
+ wrap_nid = NID_id_alg_PWRI_KEK;
+
+ if (pbe_nid <= 0)
+ pbe_nid = NID_id_pbkdf2;
+
+ /* Get from enveloped data */
+ if (kekciph == NULL)
+ kekciph = env->encryptedContentInfo->cipher;
+
+ if (kekciph == NULL) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
+ return NULL;
+ }
+ if (wrap_nid != NID_id_alg_PWRI_KEK) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+ CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+ return NULL;
+ }
+
+ /* Setup algorithm identifier for cipher */
+ encalg = X509_ALGOR_new();
+ if (encalg == NULL) {
+ goto merr;
+ }
+ EVP_CIPHER_CTX_init(&ctx);
+
+ if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
+
+ if (ivlen > 0) {
+ if (RAND_bytes(iv, ivlen) <= 0)
+ goto err;
+ if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+ goto err;
+ }
+ encalg->parameter = ASN1_TYPE_new();
+ if (!encalg->parameter) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
+ }
+
+ encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
+
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
+ /* Initialize recipient info */
+ ri = M_ASN1_new_of(CMS_RecipientInfo);
+ if (!ri)
+ goto merr;
+
+ ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
+ if (!ri->d.pwri)
+ goto merr;
+ ri->type = CMS_RECIPINFO_PASS;
+
+ pwri = ri->d.pwri;
+ /* Since this is overwritten, free up empty structure already there */
+ X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
+ pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
+ if (!pwri->keyEncryptionAlgorithm)
+ goto merr;
+ pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
+ pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
+ if (!pwri->keyEncryptionAlgorithm->parameter)
+ goto merr;
+
+ if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
+ &pwri->keyEncryptionAlgorithm->parameter->
+ value.sequence))
+ goto merr;
+ pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
+
+ X509_ALGOR_free(encalg);
+ encalg = NULL;
+
+ /* Setup PBE algorithm */
+
+ pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
+
+ if (!pwri->keyDerivationAlgorithm)
+ goto err;
+
+ CMS_RecipientInfo_set0_password(ri, pass, passlen);
+ pwri->version = 0;
+
+ if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+ goto merr;
+
+ return ri;
+
+ merr:
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+ err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ri)
+ M_ASN1_free_of(ri, CMS_RecipientInfo);
+ if (encalg)
+ X509_ALGOR_free(encalg);
+ return NULL;
+
+}
+
+/*
+ * This is an implementation of the key wrapping mechanism in RFC3211, at
+ * some point this should go into EVP.
+ */
+
+static int kek_unwrap_key(unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen,
+ EVP_CIPHER_CTX *ctx)
+{
+ size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+ unsigned char *tmp;
+ int outl, rv = 0;
+ if (inlen < 2 * blocklen) {
+ /* too small */
+ return 0;
+ }
+ if (inlen % blocklen) {
+ /* Invalid size */
+ return 0;
+ }
+ tmp = OPENSSL_malloc(inlen);
+ if (!tmp)
+ return 0;
+ /* setup IV by decrypting last two blocks */
+ EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+ in + inlen - 2 * blocklen, blocklen * 2);
+ /*
+ * Do a decrypt of last decrypted block to set IV to correct value output
+ * it to start of buffer so we don't corrupt decrypted block this works
+ * because buffer is at least two block lengths long.
+ */
+ EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen);
+ /* Can now decrypt first n - 1 blocks */
+ EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
+
+ /* Reset IV to original value */
+ EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+ /* Decrypt again */
+ EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+ /* Check check bytes */
+ if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) {
+ /* Check byte failure */
+ goto err;
+ }
+ if (inlen < (size_t)(tmp[0] - 4)) {
+ /* Invalid length value */
+ goto err;
+ }
+ *outlen = (size_t)tmp[0];
+ memcpy(out, tmp + 4, *outlen);
+ rv = 1;
+ err:
+ OPENSSL_cleanse(tmp, inlen);
+ OPENSSL_free(tmp);
+ return rv;
+
+}
+
+static int kek_wrap_key(unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen,
+ EVP_CIPHER_CTX *ctx)
+{
+ size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+ size_t olen;
+ int dummy;
+ /*
+ * First decide length of output buffer: need header and round up to
+ * multiple of block length.
+ */
+ olen = (inlen + 4 + blocklen - 1) / blocklen;
+ olen *= blocklen;
+ if (olen < 2 * blocklen) {
+ /* Key too small */
+ return 0;
+ }
+ if (inlen > 0xFF) {
+ /* Key too large */
+ return 0;
+ }
+ if (out) {
+ /* Set header */
+ out[0] = (unsigned char)inlen;
+ out[1] = in[0] ^ 0xFF;
+ out[2] = in[1] ^ 0xFF;
+ out[3] = in[2] ^ 0xFF;
+ memcpy(out + 4, in, inlen);
+ /* Add random padding to end */
+ if (olen > inlen + 4
+ && RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
+ return 0;
+ /* Encrypt twice */
+ EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+ EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+ }
+
+ *outlen = olen;
+
+ return 1;
+}
+
+/* Encrypt/Decrypt content key in PWRI recipient info */
+
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ int en_de)
+{
+ CMS_EncryptedContentInfo *ec;
+ CMS_PasswordRecipientInfo *pwri;
+ const unsigned char *p = NULL;
+ int plen;
+ int r = 0;
+ X509_ALGOR *algtmp, *kekalg = NULL;
+ EVP_CIPHER_CTX kekctx;
+ const EVP_CIPHER *kekcipher;
+ unsigned char *key = NULL;
+ size_t keylen;
+
+ ec = cms->d.envelopedData->encryptedContentInfo;
+
+ pwri = ri->d.pwri;
+ EVP_CIPHER_CTX_init(&kekctx);
+
+ if (!pwri->pass) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
+ return 0;
+ }
+ algtmp = pwri->keyEncryptionAlgorithm;
+
+ if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+ CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+ return 0;
+ }
+
+ if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
+ p = algtmp->parameter->value.sequence->data;
+ plen = algtmp->parameter->value.sequence->length;
+ kekalg = d2i_X509_ALGOR(NULL, &p, plen);
+ }
+ if (kekalg == NULL) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+ CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
+ return 0;
+ }
+
+ kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+
+ if (!kekcipher) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
+ goto err;
+ }
+
+ /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
+ if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
+ goto err;
+ EVP_CIPHER_CTX_set_padding(&kekctx, 0);
+ if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
+
+ algtmp = pwri->keyDerivationAlgorithm;
+
+ /* Finish password based key derivation to setup key in "ctx" */
+
+ if (EVP_PBE_CipherInit(algtmp->algorithm,
+ (char *)pwri->pass, pwri->passlen,
+ algtmp->parameter, &kekctx, en_de) < 0) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ /* Finally wrap/unwrap the key */
+
+ if (en_de) {
+
+ if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
+ goto err;
+
+ key = OPENSSL_malloc(keylen);
+
+ if (!key)
+ goto err;
+
+ if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
+ goto err;
+ pwri->encryptedKey->data = key;
+ pwri->encryptedKey->length = keylen;
+ } else {
+ key = OPENSSL_malloc(pwri->encryptedKey->length);
+
+ if (!key) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!kek_unwrap_key(key, &keylen,
+ pwri->encryptedKey->data,
+ pwri->encryptedKey->length, &kekctx)) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE);
+ goto err;
+ }
+
+ ec->key = key;
+ ec->keylen = keylen;
+
+ }
+
+ r = 1;
+
+ err:
+
+ EVP_CIPHER_CTX_cleanup(&kekctx);
+
+ if (!r && key)
+ OPENSSL_free(key);
+ X509_ALGOR_free(kekalg);
+
+ return r;
+
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/comp/comp.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,79 +0,0 @@
-
-#ifndef HEADER_COMP_H
-# define HEADER_COMP_H
-
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_ctx_st COMP_CTX;
-
-typedef struct comp_method_st {
- int type; /* NID for compression library */
- const char *name; /* A text string to identify the library */
- int (*init) (COMP_CTX *ctx);
- void (*finish) (COMP_CTX *ctx);
- int (*compress) (COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- int (*expand) (COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- /*
- * The following two do NOTHING, but are kept for backward compatibility
- */
- long (*ctrl) (void);
- long (*callback_ctrl) (void);
-} COMP_METHOD;
-
-struct comp_ctx_st {
- COMP_METHOD *meth;
- unsigned long compress_in;
- unsigned long compress_out;
- unsigned long expand_in;
- unsigned long expand_out;
- CRYPTO_EX_DATA ex_data;
-};
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void);
-COMP_METHOD *COMP_zlib(void);
-void COMP_zlib_cleanup(void);
-
-# ifdef HEADER_BIO_H
-# ifdef ZLIB
-BIO_METHOD *BIO_f_zlib(void);
-# endif
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_COMP_strings(void);
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-# define COMP_F_BIO_ZLIB_FLUSH 99
-# define COMP_F_BIO_ZLIB_NEW 100
-# define COMP_F_BIO_ZLIB_READ 101
-# define COMP_F_BIO_ZLIB_WRITE 102
-
-/* Reason codes. */
-# define COMP_R_ZLIB_DEFLATE_ERROR 99
-# define COMP_R_ZLIB_INFLATE_ERROR 100
-# define COMP_R_ZLIB_NOT_SUPPORTED 101
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h (from rev 11605, vendor-crypto/openssl/dist/crypto/comp/comp.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/comp/comp.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,83 @@
+
+#ifndef HEADER_COMP_H
+# define HEADER_COMP_H
+
+# include <openssl/crypto.h>
+
+# ifdef OPENSSL_NO_COMP
+# error COMP is disabled.
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct comp_ctx_st COMP_CTX;
+
+typedef struct comp_method_st {
+ int type; /* NID for compression library */
+ const char *name; /* A text string to identify the library */
+ int (*init) (COMP_CTX *ctx);
+ void (*finish) (COMP_CTX *ctx);
+ int (*compress) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ int (*expand) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ /*
+ * The following two do NOTHING, but are kept for backward compatibility
+ */
+ long (*ctrl) (void);
+ long (*callback_ctrl) (void);
+} COMP_METHOD;
+
+struct comp_ctx_st {
+ COMP_METHOD *meth;
+ unsigned long compress_in;
+ unsigned long compress_out;
+ unsigned long expand_in;
+ unsigned long expand_out;
+ CRYPTO_EX_DATA ex_data;
+};
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+void COMP_CTX_free(COMP_CTX *ctx);
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+COMP_METHOD *COMP_rle(void);
+COMP_METHOD *COMP_zlib(void);
+void COMP_zlib_cleanup(void);
+
+# ifdef HEADER_BIO_H
+# ifdef ZLIB
+BIO_METHOD *BIO_f_zlib(void);
+# endif
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_COMP_strings(void);
+
+/* Error codes for the COMP functions. */
+
+/* Function codes. */
+# define COMP_F_BIO_ZLIB_FLUSH 99
+# define COMP_F_BIO_ZLIB_NEW 100
+# define COMP_F_BIO_ZLIB_READ 101
+# define COMP_F_BIO_ZLIB_WRITE 102
+
+/* Reason codes. */
+# define COMP_R_ZLIB_DEFLATE_ERROR 99
+# define COMP_R_ZLIB_INFLATE_ERROR 100
+# define COMP_R_ZLIB_NOT_SUPPORTED 101
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/des/des.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/des/des.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,868 +0,0 @@
-/* crypto/des/des.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_SYS_MSDOS
-# ifndef OPENSSL_SYS_VMS
-# include OPENSSL_UNISTD
-# else /* OPENSSL_SYS_VMS */
-# ifdef __DECC
-# include <unistd.h>
-# else /* not __DECC */
-# include <math.h>
-# endif /* __DECC */
-# endif /* OPENSSL_SYS_VMS */
-#else /* OPENSSL_SYS_MSDOS */
-# include <io.h>
-#endif
-
-#include <time.h>
-#include "des_ver.h"
-
-#ifdef OPENSSL_SYS_VMS
-# include <types.h>
-# include <stat.h>
-#else
-# ifndef _IRIX
-# include <sys/types.h>
-# endif
-# include <sys/stat.h>
-#endif
-#include <openssl/des.h>
-#include <openssl/rand.h>
-#include <openssl/ui_compat.h>
-
-void usage(void);
-void doencryption(void);
-int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
-void uufwriteEnd(FILE *fp);
-int uufread(unsigned char *out, int size, unsigned int num, FILE *fp);
-int uuencode(unsigned char *in, int num, unsigned char *out);
-int uudecode(unsigned char *in, int num, unsigned char *out);
-void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
- DES_key_schedule sk1, DES_key_schedule sk2,
- DES_cblock *ivec1, DES_cblock *ivec2, int enc);
-#ifdef OPENSSL_SYS_VMS
-# define EXIT(a) exit(a&0x10000000L)
-#else
-# define EXIT(a) exit(a)
-#endif
-
-#define BUFSIZE (8*1024)
-#define VERIFY 1
-#define KEYSIZ 8
-#define KEYSIZB 1024 /* should hit tty line limit first :-) */
-char key[KEYSIZB + 1];
-int do_encrypt, longk = 0;
-FILE *DES_IN, *DES_OUT, *CKSUM_OUT;
-char uuname[200];
-unsigned char uubuf[50];
-int uubufnum = 0;
-#define INUUBUFN (45*100)
-#define OUTUUBUF (65*100)
-unsigned char b[OUTUUBUF];
-unsigned char bb[300];
-DES_cblock cksum = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
-
-char cksumname[200] = "";
-
-int vflag, cflag, eflag, dflag, kflag, bflag, fflag, sflag, uflag, flag3,
- hflag, error;
-
-int main(int argc, char **argv)
-{
- int i;
- struct stat ins, outs;
- char *p;
- char *in = NULL, *out = NULL;
-
- vflag = cflag = eflag = dflag = kflag = hflag = bflag = fflag = sflag =
- uflag = flag3 = 0;
- error = 0;
- memset(key, 0, sizeof(key));
-
- for (i = 1; i < argc; i++) {
- p = argv[i];
- if ((p[0] == '-') && (p[1] != '\0')) {
- p++;
- while (*p) {
- switch (*(p++)) {
- case '3':
- flag3 = 1;
- longk = 1;
- break;
- case 'c':
- cflag = 1;
- strncpy(cksumname, p, 200);
- cksumname[sizeof(cksumname) - 1] = '\0';
- p += strlen(cksumname);
- break;
- case 'C':
- cflag = 1;
- longk = 1;
- strncpy(cksumname, p, 200);
- cksumname[sizeof(cksumname) - 1] = '\0';
- p += strlen(cksumname);
- break;
- case 'e':
- eflag = 1;
- break;
- case 'v':
- vflag = 1;
- break;
- case 'E':
- eflag = 1;
- longk = 1;
- break;
- case 'd':
- dflag = 1;
- break;
- case 'D':
- dflag = 1;
- longk = 1;
- break;
- case 'b':
- bflag = 1;
- break;
- case 'f':
- fflag = 1;
- break;
- case 's':
- sflag = 1;
- break;
- case 'u':
- uflag = 1;
- strncpy(uuname, p, 200);
- uuname[sizeof(uuname) - 1] = '\0';
- p += strlen(uuname);
- break;
- case 'h':
- hflag = 1;
- break;
- case 'k':
- kflag = 1;
- if ((i + 1) == argc) {
- fputs("must have a key with the -k option\n", stderr);
- error = 1;
- } else {
- int j;
-
- i++;
- strncpy(key, argv[i], KEYSIZB);
- for (j = strlen(argv[i]) - 1; j >= 0; j--)
- argv[i][j] = '\0';
- }
- break;
- default:
- fprintf(stderr, "'%c' unknown flag\n", p[-1]);
- error = 1;
- break;
- }
- }
- } else {
- if (in == NULL)
- in = argv[i];
- else if (out == NULL)
- out = argv[i];
- else
- error = 1;
- }
- }
- if (error)
- usage();
- /*-
- * We either
- * do checksum or
- * do encrypt or
- * do decrypt or
- * do decrypt then ckecksum or
- * do checksum then encrypt
- */
- if (((eflag + dflag) == 1) || cflag) {
- if (eflag)
- do_encrypt = DES_ENCRYPT;
- if (dflag)
- do_encrypt = DES_DECRYPT;
- } else {
- if (vflag) {
-#ifndef _Windows
- fprintf(stderr, "des(1) built with %s\n", libdes_version);
-#endif
- EXIT(1);
- } else
- usage();
- }
-
-#ifndef _Windows
- if (vflag)
- fprintf(stderr, "des(1) built with %s\n", libdes_version);
-#endif
- if ((in != NULL) && (out != NULL) &&
-#ifndef OPENSSL_SYS_MSDOS
- (stat(in, &ins) != -1) &&
- (stat(out, &outs) != -1) &&
- (ins.st_dev == outs.st_dev) && (ins.st_ino == outs.st_ino))
-#else /* OPENSSL_SYS_MSDOS */
- (strcmp(in, out) == 0))
-#endif
- {
- fputs("input and output file are the same\n", stderr);
- EXIT(3);
- }
-
- if (!kflag)
- if (des_read_pw_string
- (key, KEYSIZB + 1, "Enter key:", eflag ? VERIFY : 0)) {
- fputs("password error\n", stderr);
- EXIT(2);
- }
-
- if (in == NULL)
- DES_IN = stdin;
- else if ((DES_IN = fopen(in, "r")) == NULL) {
- perror("opening input file");
- EXIT(4);
- }
-
- CKSUM_OUT = stdout;
- if (out == NULL) {
- DES_OUT = stdout;
- CKSUM_OUT = stderr;
- } else if ((DES_OUT = fopen(out, "w")) == NULL) {
- perror("opening output file");
- EXIT(5);
- }
-#ifdef OPENSSL_SYS_MSDOS
- /* This should set the file to binary mode. */
- {
-# include <fcntl.h>
- if (!(uflag && dflag))
- setmode(fileno(DES_IN), O_BINARY);
- if (!(uflag && eflag))
- setmode(fileno(DES_OUT), O_BINARY);
- }
-#endif
-
- doencryption();
- fclose(DES_IN);
- fclose(DES_OUT);
- EXIT(0);
-}
-
-void usage(void)
-{
- char **u;
- static const char *Usage[] = {
- "des <options> [input-file [output-file]]",
- "options:",
- "-v : des(1) version number",
- "-e : encrypt using SunOS compatible user key to DES key conversion.",
- "-E : encrypt ",
- "-d : decrypt using SunOS compatible user key to DES key conversion.",
- "-D : decrypt ",
- "-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
- " DES key conversion and output to ckname (stdout default,",
- " stderr if data being output on stdout). The checksum is",
- " generated before encryption and after decryption if used",
- " in conjunction with -[eEdD].",
- "-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
- "-k key : use key 'key'",
- "-h : the key that is entered will be a hexadecimal number",
- " that is used directly as the des key",
- "-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
- " (uuname is the filename to put in the uuencode header).",
- "-b : encrypt using DES in ecb encryption mode, the default is cbc mode.",
- "-3 : encrypt using triple DES encryption. This uses 2 keys",
- " generated from the input key. If the input key is less",
- " than 8 characters long, this is equivalent to normal",
- " encryption. Default is triple cbc, -b makes it triple ecb.",
- NULL
- };
- for (u = (char **)Usage; *u; u++) {
- fputs(*u, stderr);
- fputc('\n', stderr);
- }
-
- EXIT(1);
-}
-
-void doencryption(void)
-{
-#ifdef _LIBC
- extern unsigned long time();
-#endif
-
- register int i;
- DES_key_schedule ks, ks2;
- DES_cblock iv, iv2;
- char *p;
- int num = 0, j, k, l, rem, ll, len, last, ex = 0;
- DES_cblock kk, k2;
- FILE *O;
- int Exit = 0;
-#ifndef OPENSSL_SYS_MSDOS
- static unsigned char buf[BUFSIZE + 8], obuf[BUFSIZE + 8];
-#else
- static unsigned char *buf = NULL, *obuf = NULL;
-
- if (buf == NULL) {
- if (((buf = OPENSSL_malloc(BUFSIZE + 8)) == NULL) ||
- ((obuf = OPENSSL_malloc(BUFSIZE + 8)) == NULL)) {
- fputs("Not enough memory\n", stderr);
- Exit = 10;
- goto problems;
- }
- }
-#endif
-
- if (hflag) {
- j = (flag3 ? 16 : 8);
- p = key;
- for (i = 0; i < j; i++) {
- k = 0;
- if ((*p <= '9') && (*p >= '0'))
- k = (*p - '0') << 4;
- else if ((*p <= 'f') && (*p >= 'a'))
- k = (*p - 'a' + 10) << 4;
- else if ((*p <= 'F') && (*p >= 'A'))
- k = (*p - 'A' + 10) << 4;
- else {
- fputs("Bad hex key\n", stderr);
- Exit = 9;
- goto problems;
- }
- p++;
- if ((*p <= '9') && (*p >= '0'))
- k |= (*p - '0');
- else if ((*p <= 'f') && (*p >= 'a'))
- k |= (*p - 'a' + 10);
- else if ((*p <= 'F') && (*p >= 'A'))
- k |= (*p - 'A' + 10);
- else {
- fputs("Bad hex key\n", stderr);
- Exit = 9;
- goto problems;
- }
- p++;
- if (i < 8)
- kk[i] = k;
- else
- k2[i - 8] = k;
- }
- DES_set_key_unchecked(&k2, &ks2);
- OPENSSL_cleanse(k2, sizeof(k2));
- } else if (longk || flag3) {
- if (flag3) {
- DES_string_to_2keys(key, &kk, &k2);
- DES_set_key_unchecked(&k2, &ks2);
- OPENSSL_cleanse(k2, sizeof(k2));
- } else
- DES_string_to_key(key, &kk);
- } else
- for (i = 0; i < KEYSIZ; i++) {
- l = 0;
- k = key[i];
- for (j = 0; j < 8; j++) {
- if (k & 1)
- l++;
- k >>= 1;
- }
- if (l & 1)
- kk[i] = key[i] & 0x7f;
- else
- kk[i] = key[i] | 0x80;
- }
-
- DES_set_key_unchecked(&kk, &ks);
- OPENSSL_cleanse(key, sizeof(key));
- OPENSSL_cleanse(kk, sizeof(kk));
- /* woops - A bug that does not showup under unix :-( */
- memset(iv, 0, sizeof(iv));
- memset(iv2, 0, sizeof(iv2));
-
- l = 1;
- rem = 0;
- /* first read */
- if (eflag || (!dflag && cflag)) {
- for (;;) {
- num = l = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
- l += rem;
- num += rem;
- if (l < 0) {
- perror("read error");
- Exit = 6;
- goto problems;
- }
-
- rem = l % 8;
- len = l - rem;
- if (feof(DES_IN)) {
- for (i = 7 - rem; i > 0; i--) {
- if (RAND_pseudo_bytes(buf + l++, 1) < 0)
- goto problems;
- }
- buf[l++] = rem;
- ex = 1;
- len += rem;
- } else
- l -= rem;
-
- if (cflag) {
- DES_cbc_cksum(buf, &cksum, (long)len, &ks, &cksum);
- if (!eflag) {
- if (feof(DES_IN))
- break;
- else
- continue;
- }
- }
-
- if (bflag && !flag3)
- for (i = 0; i < l; i += 8)
- DES_ecb_encrypt((DES_cblock *)&(buf[i]),
- (DES_cblock *)&(obuf[i]),
- &ks, do_encrypt);
- else if (flag3 && bflag)
- for (i = 0; i < l; i += 8)
- DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
- (DES_cblock *)&(obuf[i]),
- &ks, &ks2, do_encrypt);
- else if (flag3 && !bflag) {
- char tmpbuf[8];
-
- if (rem)
- memcpy(tmpbuf, &(buf[l]), (unsigned int)rem);
- DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
- (long)l, ks, ks2, &iv, &iv2, do_encrypt);
- if (rem)
- memcpy(&(buf[l]), tmpbuf, (unsigned int)rem);
- } else {
- DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
- if (l >= 8)
- memcpy(iv, &(obuf[l - 8]), 8);
- }
- if (rem)
- memcpy(buf, &(buf[l]), (unsigned int)rem);
-
- i = 0;
- while (i < l) {
- if (uflag)
- j = uufwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
- else
- j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
- if (j == -1) {
- perror("Write error");
- Exit = 7;
- goto problems;
- }
- i += j;
- }
- if (feof(DES_IN)) {
- if (uflag)
- uufwriteEnd(DES_OUT);
- break;
- }
- }
- } else { /* decrypt */
-
- ex = 1;
- for (;;) {
- if (ex) {
- if (uflag)
- l = uufread(buf, 1, BUFSIZE, DES_IN);
- else
- l = fread(buf, 1, BUFSIZE, DES_IN);
- ex = 0;
- rem = l % 8;
- l -= rem;
- }
- if (l < 0) {
- perror("read error");
- Exit = 6;
- goto problems;
- }
-
- if (bflag && !flag3)
- for (i = 0; i < l; i += 8)
- DES_ecb_encrypt((DES_cblock *)&(buf[i]),
- (DES_cblock *)&(obuf[i]),
- &ks, do_encrypt);
- else if (flag3 && bflag)
- for (i = 0; i < l; i += 8)
- DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
- (DES_cblock *)&(obuf[i]),
- &ks, &ks2, do_encrypt);
- else if (flag3 && !bflag) {
- DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
- (long)l, ks, ks2, &iv, &iv2, do_encrypt);
- } else {
- DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
- if (l >= 8)
- memcpy(iv, &(buf[l - 8]), 8);
- }
-
- if (uflag)
- ll = uufread(&(buf[rem]), 1, BUFSIZE, DES_IN);
- else
- ll = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
- ll += rem;
- rem = ll % 8;
- ll -= rem;
- if (feof(DES_IN) && (ll == 0)) {
- last = obuf[l - 1];
-
- if ((last > 7) || (last < 0)) {
- fputs("The file was not decrypted correctly.\n", stderr);
- Exit = 8;
- last = 0;
- }
- l = l - 8 + last;
- }
- i = 0;
- if (cflag)
- DES_cbc_cksum(obuf,
- (DES_cblock *)cksum, (long)l / 8 * 8, &ks,
- (DES_cblock *)cksum);
- while (i != l) {
- j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
- if (j == -1) {
- perror("Write error");
- Exit = 7;
- goto problems;
- }
- i += j;
- }
- l = ll;
- if ((l == 0) && feof(DES_IN))
- break;
- }
- }
- if (cflag) {
- l = 0;
- if (cksumname[0] != '\0') {
- if ((O = fopen(cksumname, "w")) != NULL) {
- CKSUM_OUT = O;
- l = 1;
- }
- }
- for (i = 0; i < 8; i++)
- fprintf(CKSUM_OUT, "%02X", cksum[i]);
- fprintf(CKSUM_OUT, "\n");
- if (l)
- fclose(CKSUM_OUT);
- }
- problems:
- OPENSSL_cleanse(buf, sizeof(buf));
- OPENSSL_cleanse(obuf, sizeof(obuf));
- OPENSSL_cleanse(&ks, sizeof(ks));
- OPENSSL_cleanse(&ks2, sizeof(ks2));
- OPENSSL_cleanse(iv, sizeof(iv));
- OPENSSL_cleanse(iv2, sizeof(iv2));
- OPENSSL_cleanse(kk, sizeof(kk));
- OPENSSL_cleanse(k2, sizeof(k2));
- OPENSSL_cleanse(uubuf, sizeof(uubuf));
- OPENSSL_cleanse(b, sizeof(b));
- OPENSSL_cleanse(bb, sizeof(bb));
- OPENSSL_cleanse(cksum, sizeof(cksum));
- if (Exit)
- EXIT(Exit);
-}
-
-/* We ignore this parameter but it should be > ~50 I believe */
-int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
-{
- int i, j, left, rem, ret = num;
- static int start = 1;
-
- if (start) {
- fprintf(fp, "begin 600 %s\n",
- (uuname[0] == '\0') ? "text.d" : uuname);
- start = 0;
- }
-
- if (uubufnum) {
- if (uubufnum + num < 45) {
- memcpy(&(uubuf[uubufnum]), data, (unsigned int)num);
- uubufnum += num;
- return (num);
- } else {
- i = 45 - uubufnum;
- memcpy(&(uubuf[uubufnum]), data, (unsigned int)i);
- j = uuencode((unsigned char *)uubuf, 45, b);
- fwrite(b, 1, (unsigned int)j, fp);
- uubufnum = 0;
- data += i;
- num -= i;
- }
- }
-
- for (i = 0; i < (((int)num) - INUUBUFN); i += INUUBUFN) {
- j = uuencode(&(data[i]), INUUBUFN, b);
- fwrite(b, 1, (unsigned int)j, fp);
- }
- rem = (num - i) % 45;
- left = (num - i - rem);
- if (left) {
- j = uuencode(&(data[i]), left, b);
- fwrite(b, 1, (unsigned int)j, fp);
- i += left;
- }
- if (i != num) {
- memcpy(uubuf, &(data[i]), (unsigned int)rem);
- uubufnum = rem;
- }
- return (ret);
-}
-
-void uufwriteEnd(FILE *fp)
-{
- int j;
- static const char *end = " \nend\n";
-
- if (uubufnum != 0) {
- uubuf[uubufnum] = '\0';
- uubuf[uubufnum + 1] = '\0';
- uubuf[uubufnum + 2] = '\0';
- j = uuencode(uubuf, uubufnum, b);
- fwrite(b, 1, (unsigned int)j, fp);
- }
- fwrite(end, 1, strlen(end), fp);
-}
-
-/*
- * int size: should always be > ~ 60; I actually ignore this parameter :-)
- */
-int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
-{
- int i, j, tot;
- static int done = 0;
- static int valid = 0;
- static int start = 1;
-
- if (start) {
- for (;;) {
- b[0] = '\0';
- fgets((char *)b, 300, fp);
- if (b[0] == '\0') {
- fprintf(stderr, "no 'begin' found in uuencoded input\n");
- return (-1);
- }
- if (strncmp((char *)b, "begin ", 6) == 0)
- break;
- }
- start = 0;
- }
- if (done)
- return (0);
- tot = 0;
- if (valid) {
- memcpy(out, bb, (unsigned int)valid);
- tot = valid;
- valid = 0;
- }
- for (;;) {
- b[0] = '\0';
- fgets((char *)b, 300, fp);
- if (b[0] == '\0')
- break;
- i = strlen((char *)b);
- if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd')) {
- done = 1;
- while (!feof(fp)) {
- fgets((char *)b, 300, fp);
- }
- break;
- }
- i = uudecode(b, i, bb);
- if (i < 0)
- break;
- if ((i + tot + 8) > num) {
- /* num to copy to make it a multiple of 8 */
- j = (num / 8 * 8) - tot - 8;
- memcpy(&(out[tot]), bb, (unsigned int)j);
- tot += j;
- memcpy(bb, &(bb[j]), (unsigned int)i - j);
- valid = i - j;
- break;
- }
- memcpy(&(out[tot]), bb, (unsigned int)i);
- tot += i;
- }
- return (tot);
-}
-
-#define ccc2l(c,l) (l =((DES_LONG)(*((c)++)))<<16, \
- l|=((DES_LONG)(*((c)++)))<< 8, \
- l|=((DES_LONG)(*((c)++))))
-
-#define l2ccc(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-int uuencode(unsigned char *in, int num, unsigned char *out)
-{
- int j, i, n, tot = 0;
- DES_LONG l;
- register unsigned char *p;
- p = out;
-
- for (j = 0; j < num; j += 45) {
- if (j + 45 > num)
- i = (num - j);
- else
- i = 45;
- *(p++) = i + ' ';
- for (n = 0; n < i; n += 3) {
- ccc2l(in, l);
- *(p++) = ((l >> 18) & 0x3f) + ' ';
- *(p++) = ((l >> 12) & 0x3f) + ' ';
- *(p++) = ((l >> 6) & 0x3f) + ' ';
- *(p++) = ((l) & 0x3f) + ' ';
- tot += 4;
- }
- *(p++) = '\n';
- tot += 2;
- }
- *p = '\0';
- l = 0;
- return (tot);
-}
-
-int uudecode(unsigned char *in, int num, unsigned char *out)
-{
- int j, i, k;
- unsigned int n = 0, space = 0;
- DES_LONG l;
- DES_LONG w, x, y, z;
- unsigned int blank = (unsigned int)'\n' - ' ';
-
- for (j = 0; j < num;) {
- n = *(in++) - ' ';
- if (n == blank) {
- n = 0;
- in--;
- }
- if (n > 60) {
- fprintf(stderr, "uuencoded line length too long\n");
- return (-1);
- }
- j++;
-
- for (i = 0; i < n; j += 4, i += 3) {
- /*
- * the following is for cases where spaces are removed from
- * lines.
- */
- if (space) {
- w = x = y = z = 0;
- } else {
- w = *(in++) - ' ';
- x = *(in++) - ' ';
- y = *(in++) - ' ';
- z = *(in++) - ' ';
- }
- if ((w > 63) || (x > 63) || (y > 63) || (z > 63)) {
- k = 0;
- if (w == blank)
- k = 1;
- if (x == blank)
- k = 2;
- if (y == blank)
- k = 3;
- if (z == blank)
- k = 4;
- space = 1;
- switch (k) {
- case 1:
- w = 0;
- in--;
- case 2:
- x = 0;
- in--;
- case 3:
- y = 0;
- in--;
- case 4:
- z = 0;
- in--;
- break;
- case 0:
- space = 0;
- fprintf(stderr, "bad uuencoded data values\n");
- w = x = y = z = 0;
- return (-1);
- break;
- }
- }
- l = (w << 18) | (x << 12) | (y << 6) | (z);
- l2ccc(l, out);
- }
- if (*(in++) != '\n') {
- fprintf(stderr, "missing nl in uuencoded line\n");
- w = x = y = z = 0;
- return (-1);
- }
- j++;
- }
- *out = '\0';
- w = x = y = z = 0;
- return (n);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/des/des.c (from rev 11605, vendor-crypto/openssl/dist/crypto/des/des.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/des/des.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,868 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_SYS_MSDOS
+# ifndef OPENSSL_SYS_VMS
+# include OPENSSL_UNISTD
+# else /* OPENSSL_SYS_VMS */
+# ifdef __DECC
+# include <unistd.h>
+# else /* not __DECC */
+# include <math.h>
+# endif /* __DECC */
+# endif /* OPENSSL_SYS_VMS */
+#else /* OPENSSL_SYS_MSDOS */
+# include <io.h>
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef OPENSSL_SYS_VMS
+# include <types.h>
+# include <stat.h>
+#else
+# ifndef _IRIX
+# include <sys/types.h>
+# endif
+# include <sys/stat.h>
+#endif
+#include <openssl/des.h>
+#include <openssl/rand.h>
+#include <openssl/ui_compat.h>
+
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out, int size, unsigned int num, FILE *fp);
+int uuencode(unsigned char *in, int num, unsigned char *out);
+int uudecode(unsigned char *in, int num, unsigned char *out);
+void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
+ DES_key_schedule sk1, DES_key_schedule sk2,
+ DES_cblock *ivec1, DES_cblock *ivec2, int enc);
+#ifdef OPENSSL_SYS_VMS
+# define EXIT(a) exit(a&0x10000000L)
+#else
+# define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY 1
+#define KEYSIZ 8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB + 1];
+int do_encrypt, longk = 0;
+FILE *DES_IN, *DES_OUT, *CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum = 0;
+#define INUUBUFN (45*100)
+#define OUTUUBUF (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+DES_cblock cksum = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+
+char cksumname[200] = "";
+
+int vflag, cflag, eflag, dflag, kflag, bflag, fflag, sflag, uflag, flag3,
+ hflag, error;
+
+int main(int argc, char **argv)
+{
+ int i;
+ struct stat ins, outs;
+ char *p;
+ char *in = NULL, *out = NULL;
+
+ vflag = cflag = eflag = dflag = kflag = hflag = bflag = fflag = sflag =
+ uflag = flag3 = 0;
+ error = 0;
+ memset(key, 0, sizeof(key));
+
+ for (i = 1; i < argc; i++) {
+ p = argv[i];
+ if ((p[0] == '-') && (p[1] != '\0')) {
+ p++;
+ while (*p) {
+ switch (*(p++)) {
+ case '3':
+ flag3 = 1;
+ longk = 1;
+ break;
+ case 'c':
+ cflag = 1;
+ strncpy(cksumname, p, 200);
+ cksumname[sizeof(cksumname) - 1] = '\0';
+ p += strlen(cksumname);
+ break;
+ case 'C':
+ cflag = 1;
+ longk = 1;
+ strncpy(cksumname, p, 200);
+ cksumname[sizeof(cksumname) - 1] = '\0';
+ p += strlen(cksumname);
+ break;
+ case 'e':
+ eflag = 1;
+ break;
+ case 'v':
+ vflag = 1;
+ break;
+ case 'E':
+ eflag = 1;
+ longk = 1;
+ break;
+ case 'd':
+ dflag = 1;
+ break;
+ case 'D':
+ dflag = 1;
+ longk = 1;
+ break;
+ case 'b':
+ bflag = 1;
+ break;
+ case 'f':
+ fflag = 1;
+ break;
+ case 's':
+ sflag = 1;
+ break;
+ case 'u':
+ uflag = 1;
+ strncpy(uuname, p, 200);
+ uuname[sizeof(uuname) - 1] = '\0';
+ p += strlen(uuname);
+ break;
+ case 'h':
+ hflag = 1;
+ break;
+ case 'k':
+ kflag = 1;
+ if ((i + 1) == argc) {
+ fputs("must have a key with the -k option\n", stderr);
+ error = 1;
+ } else {
+ int j;
+
+ i++;
+ strncpy(key, argv[i], KEYSIZB);
+ for (j = strlen(argv[i]) - 1; j >= 0; j--)
+ argv[i][j] = '\0';
+ }
+ break;
+ default:
+ fprintf(stderr, "'%c' unknown flag\n", p[-1]);
+ error = 1;
+ break;
+ }
+ }
+ } else {
+ if (in == NULL)
+ in = argv[i];
+ else if (out == NULL)
+ out = argv[i];
+ else
+ error = 1;
+ }
+ }
+ if (error)
+ usage();
+ /*-
+ * We either
+ * do checksum or
+ * do encrypt or
+ * do decrypt or
+ * do decrypt then ckecksum or
+ * do checksum then encrypt
+ */
+ if (((eflag + dflag) == 1) || cflag) {
+ if (eflag)
+ do_encrypt = DES_ENCRYPT;
+ if (dflag)
+ do_encrypt = DES_DECRYPT;
+ } else {
+ if (vflag) {
+#ifndef _Windows
+ fprintf(stderr, "des(1) built with %s\n", libdes_version);
+#endif
+ EXIT(1);
+ } else
+ usage();
+ }
+
+#ifndef _Windows
+ if (vflag)
+ fprintf(stderr, "des(1) built with %s\n", libdes_version);
+#endif
+ if ((in != NULL) && (out != NULL) &&
+#ifndef OPENSSL_SYS_MSDOS
+ (stat(in, &ins) != -1) &&
+ (stat(out, &outs) != -1) &&
+ (ins.st_dev == outs.st_dev) && (ins.st_ino == outs.st_ino))
+#else /* OPENSSL_SYS_MSDOS */
+ (strcmp(in, out) == 0))
+#endif
+ {
+ fputs("input and output file are the same\n", stderr);
+ EXIT(3);
+ }
+
+ if (!kflag)
+ if (des_read_pw_string
+ (key, KEYSIZB + 1, "Enter key:", eflag ? VERIFY : 0)) {
+ fputs("password error\n", stderr);
+ EXIT(2);
+ }
+
+ if (in == NULL)
+ DES_IN = stdin;
+ else if ((DES_IN = fopen(in, "r")) == NULL) {
+ perror("opening input file");
+ EXIT(4);
+ }
+
+ CKSUM_OUT = stdout;
+ if (out == NULL) {
+ DES_OUT = stdout;
+ CKSUM_OUT = stderr;
+ } else if ((DES_OUT = fopen(out, "w")) == NULL) {
+ perror("opening output file");
+ EXIT(5);
+ }
+#ifdef OPENSSL_SYS_MSDOS
+ /* This should set the file to binary mode. */
+ {
+# include <fcntl.h>
+ if (!(uflag && dflag))
+ setmode(fileno(DES_IN), O_BINARY);
+ if (!(uflag && eflag))
+ setmode(fileno(DES_OUT), O_BINARY);
+ }
+#endif
+
+ doencryption();
+ fclose(DES_IN);
+ fclose(DES_OUT);
+ EXIT(0);
+}
+
+void usage(void)
+{
+ char **u;
+ static const char *Usage[] = {
+ "des <options> [input-file [output-file]]",
+ "options:",
+ "-v : des(1) version number",
+ "-e : encrypt using SunOS compatible user key to DES key conversion.",
+ "-E : encrypt ",
+ "-d : decrypt using SunOS compatible user key to DES key conversion.",
+ "-D : decrypt ",
+ "-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
+ " DES key conversion and output to ckname (stdout default,",
+ " stderr if data being output on stdout). The checksum is",
+ " generated before encryption and after decryption if used",
+ " in conjunction with -[eEdD].",
+ "-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+ "-k key : use key 'key'",
+ "-h : the key that is entered will be a hexadecimal number",
+ " that is used directly as the des key",
+ "-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+ " (uuname is the filename to put in the uuencode header).",
+ "-b : encrypt using DES in ecb encryption mode, the default is cbc mode.",
+ "-3 : encrypt using triple DES encryption. This uses 2 keys",
+ " generated from the input key. If the input key is less",
+ " than 8 characters long, this is equivalent to normal",
+ " encryption. Default is triple cbc, -b makes it triple ecb.",
+ NULL
+ };
+ for (u = (char **)Usage; *u; u++) {
+ fputs(*u, stderr);
+ fputc('\n', stderr);
+ }
+
+ EXIT(1);
+}
+
+void doencryption(void)
+{
+#ifdef _LIBC
+ extern unsigned long time();
+#endif
+
+ register int i;
+ DES_key_schedule ks, ks2;
+ DES_cblock iv, iv2;
+ char *p;
+ int num = 0, j, k, l, rem, ll, len, last, ex = 0;
+ DES_cblock kk, k2;
+ FILE *O;
+ int Exit = 0;
+#ifndef OPENSSL_SYS_MSDOS
+ static unsigned char buf[BUFSIZE + 8], obuf[BUFSIZE + 8];
+#else
+ static unsigned char *buf = NULL, *obuf = NULL;
+
+ if (buf == NULL) {
+ if (((buf = OPENSSL_malloc(BUFSIZE + 8)) == NULL) ||
+ ((obuf = OPENSSL_malloc(BUFSIZE + 8)) == NULL)) {
+ fputs("Not enough memory\n", stderr);
+ Exit = 10;
+ goto problems;
+ }
+ }
+#endif
+
+ if (hflag) {
+ j = (flag3 ? 16 : 8);
+ p = key;
+ for (i = 0; i < j; i++) {
+ k = 0;
+ if ((*p <= '9') && (*p >= '0'))
+ k = (*p - '0') << 4;
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k = (*p - 'a' + 10) << 4;
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k = (*p - 'A' + 10) << 4;
+ else {
+ fputs("Bad hex key\n", stderr);
+ Exit = 9;
+ goto problems;
+ }
+ p++;
+ if ((*p <= '9') && (*p >= '0'))
+ k |= (*p - '0');
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k |= (*p - 'a' + 10);
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k |= (*p - 'A' + 10);
+ else {
+ fputs("Bad hex key\n", stderr);
+ Exit = 9;
+ goto problems;
+ }
+ p++;
+ if (i < 8)
+ kk[i] = k;
+ else
+ k2[i - 8] = k;
+ }
+ DES_set_key_unchecked(&k2, &ks2);
+ OPENSSL_cleanse(k2, sizeof(k2));
+ } else if (longk || flag3) {
+ if (flag3) {
+ DES_string_to_2keys(key, &kk, &k2);
+ DES_set_key_unchecked(&k2, &ks2);
+ OPENSSL_cleanse(k2, sizeof(k2));
+ } else
+ DES_string_to_key(key, &kk);
+ } else
+ for (i = 0; i < KEYSIZ; i++) {
+ l = 0;
+ k = key[i];
+ for (j = 0; j < 8; j++) {
+ if (k & 1)
+ l++;
+ k >>= 1;
+ }
+ if (l & 1)
+ kk[i] = key[i] & 0x7f;
+ else
+ kk[i] = key[i] | 0x80;
+ }
+
+ DES_set_key_unchecked(&kk, &ks);
+ OPENSSL_cleanse(key, sizeof(key));
+ OPENSSL_cleanse(kk, sizeof(kk));
+ /* woops - A bug that does not showup under unix :-( */
+ memset(iv, 0, sizeof(iv));
+ memset(iv2, 0, sizeof(iv2));
+
+ l = 1;
+ rem = 0;
+ /* first read */
+ if (eflag || (!dflag && cflag)) {
+ for (;;) {
+ num = l = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
+ l += rem;
+ num += rem;
+ if (l < 0) {
+ perror("read error");
+ Exit = 6;
+ goto problems;
+ }
+
+ rem = l % 8;
+ len = l - rem;
+ if (feof(DES_IN)) {
+ for (i = 7 - rem; i > 0; i--) {
+ if (RAND_bytes(buf + l++, 1) <= 0)
+ goto problems;
+ }
+ buf[l++] = rem;
+ ex = 1;
+ len += rem;
+ } else
+ l -= rem;
+
+ if (cflag) {
+ DES_cbc_cksum(buf, &cksum, (long)len, &ks, &cksum);
+ if (!eflag) {
+ if (feof(DES_IN))
+ break;
+ else
+ continue;
+ }
+ }
+
+ if (bflag && !flag3)
+ for (i = 0; i < l; i += 8)
+ DES_ecb_encrypt((DES_cblock *)&(buf[i]),
+ (DES_cblock *)&(obuf[i]),
+ &ks, do_encrypt);
+ else if (flag3 && bflag)
+ for (i = 0; i < l; i += 8)
+ DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
+ (DES_cblock *)&(obuf[i]),
+ &ks, &ks2, do_encrypt);
+ else if (flag3 && !bflag) {
+ char tmpbuf[8];
+
+ if (rem)
+ memcpy(tmpbuf, &(buf[l]), (unsigned int)rem);
+ DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
+ (long)l, ks, ks2, &iv, &iv2, do_encrypt);
+ if (rem)
+ memcpy(&(buf[l]), tmpbuf, (unsigned int)rem);
+ } else {
+ DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
+ if (l >= 8)
+ memcpy(iv, &(obuf[l - 8]), 8);
+ }
+ if (rem)
+ memcpy(buf, &(buf[l]), (unsigned int)rem);
+
+ i = 0;
+ while (i < l) {
+ if (uflag)
+ j = uufwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
+ else
+ j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
+ if (j == -1) {
+ perror("Write error");
+ Exit = 7;
+ goto problems;
+ }
+ i += j;
+ }
+ if (feof(DES_IN)) {
+ if (uflag)
+ uufwriteEnd(DES_OUT);
+ break;
+ }
+ }
+ } else { /* decrypt */
+
+ ex = 1;
+ for (;;) {
+ if (ex) {
+ if (uflag)
+ l = uufread(buf, 1, BUFSIZE, DES_IN);
+ else
+ l = fread(buf, 1, BUFSIZE, DES_IN);
+ ex = 0;
+ rem = l % 8;
+ l -= rem;
+ }
+ if (l < 0) {
+ perror("read error");
+ Exit = 6;
+ goto problems;
+ }
+
+ if (bflag && !flag3)
+ for (i = 0; i < l; i += 8)
+ DES_ecb_encrypt((DES_cblock *)&(buf[i]),
+ (DES_cblock *)&(obuf[i]),
+ &ks, do_encrypt);
+ else if (flag3 && bflag)
+ for (i = 0; i < l; i += 8)
+ DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
+ (DES_cblock *)&(obuf[i]),
+ &ks, &ks2, do_encrypt);
+ else if (flag3 && !bflag) {
+ DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
+ (long)l, ks, ks2, &iv, &iv2, do_encrypt);
+ } else {
+ DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
+ if (l >= 8)
+ memcpy(iv, &(buf[l - 8]), 8);
+ }
+
+ if (uflag)
+ ll = uufread(&(buf[rem]), 1, BUFSIZE, DES_IN);
+ else
+ ll = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
+ ll += rem;
+ rem = ll % 8;
+ ll -= rem;
+ if (feof(DES_IN) && (ll == 0)) {
+ last = obuf[l - 1];
+
+ if ((last > 7) || (last < 0)) {
+ fputs("The file was not decrypted correctly.\n", stderr);
+ Exit = 8;
+ last = 0;
+ }
+ l = l - 8 + last;
+ }
+ i = 0;
+ if (cflag)
+ DES_cbc_cksum(obuf,
+ (DES_cblock *)cksum, (long)l / 8 * 8, &ks,
+ (DES_cblock *)cksum);
+ while (i != l) {
+ j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
+ if (j == -1) {
+ perror("Write error");
+ Exit = 7;
+ goto problems;
+ }
+ i += j;
+ }
+ l = ll;
+ if ((l == 0) && feof(DES_IN))
+ break;
+ }
+ }
+ if (cflag) {
+ l = 0;
+ if (cksumname[0] != '\0') {
+ if ((O = fopen(cksumname, "w")) != NULL) {
+ CKSUM_OUT = O;
+ l = 1;
+ }
+ }
+ for (i = 0; i < 8; i++)
+ fprintf(CKSUM_OUT, "%02X", cksum[i]);
+ fprintf(CKSUM_OUT, "\n");
+ if (l)
+ fclose(CKSUM_OUT);
+ }
+ problems:
+ OPENSSL_cleanse(buf, sizeof(buf));
+ OPENSSL_cleanse(obuf, sizeof(obuf));
+ OPENSSL_cleanse(&ks, sizeof(ks));
+ OPENSSL_cleanse(&ks2, sizeof(ks2));
+ OPENSSL_cleanse(iv, sizeof(iv));
+ OPENSSL_cleanse(iv2, sizeof(iv2));
+ OPENSSL_cleanse(kk, sizeof(kk));
+ OPENSSL_cleanse(k2, sizeof(k2));
+ OPENSSL_cleanse(uubuf, sizeof(uubuf));
+ OPENSSL_cleanse(b, sizeof(b));
+ OPENSSL_cleanse(bb, sizeof(bb));
+ OPENSSL_cleanse(cksum, sizeof(cksum));
+ if (Exit)
+ EXIT(Exit);
+}
+
+/* We ignore this parameter but it should be > ~50 I believe */
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
+{
+ int i, j, left, rem, ret = num;
+ static int start = 1;
+
+ if (start) {
+ fprintf(fp, "begin 600 %s\n",
+ (uuname[0] == '\0') ? "text.d" : uuname);
+ start = 0;
+ }
+
+ if (uubufnum) {
+ if (uubufnum + num < 45) {
+ memcpy(&(uubuf[uubufnum]), data, (unsigned int)num);
+ uubufnum += num;
+ return (num);
+ } else {
+ i = 45 - uubufnum;
+ memcpy(&(uubuf[uubufnum]), data, (unsigned int)i);
+ j = uuencode((unsigned char *)uubuf, 45, b);
+ fwrite(b, 1, (unsigned int)j, fp);
+ uubufnum = 0;
+ data += i;
+ num -= i;
+ }
+ }
+
+ for (i = 0; i < (((int)num) - INUUBUFN); i += INUUBUFN) {
+ j = uuencode(&(data[i]), INUUBUFN, b);
+ fwrite(b, 1, (unsigned int)j, fp);
+ }
+ rem = (num - i) % 45;
+ left = (num - i - rem);
+ if (left) {
+ j = uuencode(&(data[i]), left, b);
+ fwrite(b, 1, (unsigned int)j, fp);
+ i += left;
+ }
+ if (i != num) {
+ memcpy(uubuf, &(data[i]), (unsigned int)rem);
+ uubufnum = rem;
+ }
+ return (ret);
+}
+
+void uufwriteEnd(FILE *fp)
+{
+ int j;
+ static const char *end = " \nend\n";
+
+ if (uubufnum != 0) {
+ uubuf[uubufnum] = '\0';
+ uubuf[uubufnum + 1] = '\0';
+ uubuf[uubufnum + 2] = '\0';
+ j = uuencode(uubuf, uubufnum, b);
+ fwrite(b, 1, (unsigned int)j, fp);
+ }
+ fwrite(end, 1, strlen(end), fp);
+}
+
+/*
+ * int size: should always be > ~ 60; I actually ignore this parameter :-)
+ */
+int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
+{
+ int i, j, tot;
+ static int done = 0;
+ static int valid = 0;
+ static int start = 1;
+
+ if (start) {
+ for (;;) {
+ b[0] = '\0';
+ fgets((char *)b, 300, fp);
+ if (b[0] == '\0') {
+ fprintf(stderr, "no 'begin' found in uuencoded input\n");
+ return (-1);
+ }
+ if (strncmp((char *)b, "begin ", 6) == 0)
+ break;
+ }
+ start = 0;
+ }
+ if (done)
+ return (0);
+ tot = 0;
+ if (valid) {
+ memcpy(out, bb, (unsigned int)valid);
+ tot = valid;
+ valid = 0;
+ }
+ for (;;) {
+ b[0] = '\0';
+ fgets((char *)b, 300, fp);
+ if (b[0] == '\0')
+ break;
+ i = strlen((char *)b);
+ if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd')) {
+ done = 1;
+ while (!feof(fp)) {
+ fgets((char *)b, 300, fp);
+ }
+ break;
+ }
+ i = uudecode(b, i, bb);
+ if (i < 0)
+ break;
+ if ((i + tot + 8) > num) {
+ /* num to copy to make it a multiple of 8 */
+ j = (num / 8 * 8) - tot - 8;
+ memcpy(&(out[tot]), bb, (unsigned int)j);
+ tot += j;
+ memcpy(bb, &(bb[j]), (unsigned int)i - j);
+ valid = i - j;
+ break;
+ }
+ memcpy(&(out[tot]), bb, (unsigned int)i);
+ tot += i;
+ }
+ return (tot);
+}
+
+#define ccc2l(c,l) (l =((DES_LONG)(*((c)++)))<<16, \
+ l|=((DES_LONG)(*((c)++)))<< 8, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+int uuencode(unsigned char *in, int num, unsigned char *out)
+{
+ int j, i, n, tot = 0;
+ DES_LONG l;
+ register unsigned char *p;
+ p = out;
+
+ for (j = 0; j < num; j += 45) {
+ if (j + 45 > num)
+ i = (num - j);
+ else
+ i = 45;
+ *(p++) = i + ' ';
+ for (n = 0; n < i; n += 3) {
+ ccc2l(in, l);
+ *(p++) = ((l >> 18) & 0x3f) + ' ';
+ *(p++) = ((l >> 12) & 0x3f) + ' ';
+ *(p++) = ((l >> 6) & 0x3f) + ' ';
+ *(p++) = ((l) & 0x3f) + ' ';
+ tot += 4;
+ }
+ *(p++) = '\n';
+ tot += 2;
+ }
+ *p = '\0';
+ l = 0;
+ return (tot);
+}
+
+int uudecode(unsigned char *in, int num, unsigned char *out)
+{
+ int j, i, k;
+ unsigned int n = 0, space = 0;
+ DES_LONG l;
+ DES_LONG w, x, y, z;
+ unsigned int blank = (unsigned int)'\n' - ' ';
+
+ for (j = 0; j < num;) {
+ n = *(in++) - ' ';
+ if (n == blank) {
+ n = 0;
+ in--;
+ }
+ if (n > 60) {
+ fprintf(stderr, "uuencoded line length too long\n");
+ return (-1);
+ }
+ j++;
+
+ for (i = 0; i < n; j += 4, i += 3) {
+ /*
+ * the following is for cases where spaces are removed from
+ * lines.
+ */
+ if (space) {
+ w = x = y = z = 0;
+ } else {
+ w = *(in++) - ' ';
+ x = *(in++) - ' ';
+ y = *(in++) - ' ';
+ z = *(in++) - ' ';
+ }
+ if ((w > 63) || (x > 63) || (y > 63) || (z > 63)) {
+ k = 0;
+ if (w == blank)
+ k = 1;
+ if (x == blank)
+ k = 2;
+ if (y == blank)
+ k = 3;
+ if (z == blank)
+ k = 4;
+ space = 1;
+ switch (k) {
+ case 1:
+ w = 0;
+ in--;
+ case 2:
+ x = 0;
+ in--;
+ case 3:
+ y = 0;
+ in--;
+ case 4:
+ z = 0;
+ in--;
+ break;
+ case 0:
+ space = 0;
+ fprintf(stderr, "bad uuencoded data values\n");
+ w = x = y = z = 0;
+ return (-1);
+ break;
+ }
+ }
+ l = (w << 18) | (x << 12) | (y << 6) | (z);
+ l2ccc(l, out);
+ }
+ if (*(in++) != '\n') {
+ fprintf(stderr, "missing nl in uuencoded line\n");
+ w = x = y = z = 0;
+ return (-1);
+ }
+ j++;
+ }
+ *out = '\0';
+ w = x = y = z = 0;
+ return (n);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/des/des_old.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,345 +0,0 @@
-/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
-
-/*-
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with libdes. OpenSSL now provides
- * functions where "des_" has been replaced with "DES_" in the names,
- * to make it possible to make incompatible changes that are needed
- * for C type security and other stuff.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones. The des_ functions will dissapear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#define OPENSSL_DES_LIBDES_COMPATIBILITY
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-const char *_ossl_old_des_options(void)
-{
- return DES_options();
-}
-
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output,
- des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, int enc)
-{
- DES_ecb3_encrypt((const_DES_cblock *)input, output,
- (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
- (DES_key_schedule *)ks3, enc);
-}
-
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec)
-{
- return DES_cbc_cksum((unsigned char *)input, output, length,
- (DES_key_schedule *)schedule, ivec);
-}
-
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc)
-{
- DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
- length, (DES_key_schedule *)schedule, ivec, enc);
-}
-
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc)
-{
- DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
- length, (DES_key_schedule *)schedule, ivec, enc);
-}
-
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec,
- _ossl_old_des_cblock *inw,
- _ossl_old_des_cblock *outw, int enc)
-{
- DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
- length, (DES_key_schedule *)schedule, ivec, inw, outw,
- enc);
-}
-
-void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
- int numbits, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc)
-{
- DES_cfb_encrypt(in, out, numbits, length,
- (DES_key_schedule *)schedule, ivec, enc);
-}
-
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output,
- des_key_schedule ks, int enc)
-{
- DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
-}
-
-void _ossl_old_des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
-{
- DES_encrypt1(data, (DES_key_schedule *)ks, enc);
-}
-
-void _ossl_old_des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
-{
- DES_encrypt2(data, (DES_key_schedule *)ks, enc);
-}
-
-void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3)
-{
- DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
- (DES_key_schedule *)ks3);
-}
-
-void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3)
-{
- DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
- (DES_key_schedule *)ks3);
-}
-
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- des_key_schedule ks1,
- des_key_schedule ks2,
- des_key_schedule ks3,
- _ossl_old_des_cblock *ivec, int enc)
-{
- DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
- length, (DES_key_schedule *)ks1,
- (DES_key_schedule *)ks2, (DES_key_schedule *)ks3,
- ivec, enc);
-}
-
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
- long length, des_key_schedule ks1,
- des_key_schedule ks2,
- des_key_schedule ks3,
- _ossl_old_des_cblock *ivec, int *num,
- int enc)
-{
- DES_ede3_cfb64_encrypt(in, out, length,
- (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
- (DES_key_schedule *)ks3, ivec, num, enc);
-}
-
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
- long length, des_key_schedule ks1,
- des_key_schedule ks2,
- des_key_schedule ks3,
- _ossl_old_des_cblock *ivec, int *num)
-{
- DES_ede3_ofb64_encrypt(in, out, length,
- (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
- (DES_key_schedule *)ks3, ivec, num);
-}
-
-#if 0 /* broken code, preserved just in case anyone
- * specifically looks for this */
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
- _ossl_old_des_cblock (*in_white),
- _ossl_old_des_cblock (*out_white))
-{
- DES_xwhite_in2out(des_key, in_white, out_white);
-}
-#endif
-
-int _ossl_old_des_enc_read(int fd, char *buf, int len, des_key_schedule sched,
- _ossl_old_des_cblock *iv)
-{
- return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
-}
-
-int _ossl_old_des_enc_write(int fd, char *buf, int len,
- des_key_schedule sched, _ossl_old_des_cblock *iv)
-{
- return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
-}
-
-char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret)
-{
- return DES_fcrypt(buf, salt, ret);
-}
-
-char *_ossl_old_des_crypt(const char *buf, const char *salt)
-{
- return DES_crypt(buf, salt);
-}
-
-char *_ossl_old_crypt(const char *buf, const char *salt)
-{
- return DES_crypt(buf, salt);
-}
-
-void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
- int numbits, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec)
-{
- DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
- ivec);
-}
-
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc)
-{
- DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
- length, (DES_key_schedule *)schedule, ivec, enc);
-}
-
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- int out_count, _ossl_old_des_cblock *seed)
-{
- return DES_quad_cksum((unsigned char *)input, output, length,
- out_count, seed);
-}
-
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
-{
- RAND_seed(key, sizeof(_ossl_old_des_cblock));
-}
-
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
-{
- DES_random_key((DES_cblock *)ret);
-}
-
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
- int verify)
-{
- return DES_read_password(key, prompt, verify);
-}
-
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
- _ossl_old_des_cblock *key2,
- const char *prompt, int verify)
-{
- return DES_read_2passwords(key1, key2, prompt, verify);
-}
-
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
-{
- DES_set_odd_parity(key);
-}
-
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
-{
- return DES_is_weak_key(key);
-}
-
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
- des_key_schedule schedule)
-{
- return DES_set_key(key, (DES_key_schedule *)schedule);
-}
-
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
- des_key_schedule schedule)
-{
- return DES_key_sched(key, (DES_key_schedule *)schedule);
-}
-
-void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key)
-{
- DES_string_to_key(str, key);
-}
-
-void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
- _ossl_old_des_cblock *key2)
-{
- DES_string_to_2keys(str, key1, key2);
-}
-
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
- long length, des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int *num,
- int enc)
-{
- DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
- ivec, num, enc);
-}
-
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
- long length, des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int *num)
-{
- DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
- ivec, num);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c (from rev 11605, vendor-crypto/openssl/dist/crypto/des/des_old.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des_old.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,345 @@
+/* crypto/des/des_old.c */
+
+/*-
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with libdes. OpenSSL now provides
+ * functions where "des_" has been replaced with "DES_" in the names,
+ * to make it possible to make incompatible changes that are needed
+ * for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones. The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+const char *_ossl_old_des_options(void)
+{
+ return DES_options();
+}
+
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output,
+ des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, int enc)
+{
+ DES_ecb3_encrypt((const_DES_cblock *)input, output,
+ (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+ (DES_key_schedule *)ks3, enc);
+}
+
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec)
+{
+ return DES_cbc_cksum((unsigned char *)input, output, length,
+ (DES_key_schedule *)schedule, ivec);
+}
+
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc)
+{
+ DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+ length, (DES_key_schedule *)schedule, ivec, enc);
+}
+
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc)
+{
+ DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
+ length, (DES_key_schedule *)schedule, ivec, enc);
+}
+
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec,
+ _ossl_old_des_cblock *inw,
+ _ossl_old_des_cblock *outw, int enc)
+{
+ DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+ length, (DES_key_schedule *)schedule, ivec, inw, outw,
+ enc);
+}
+
+void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
+ int numbits, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc)
+{
+ DES_cfb_encrypt(in, out, numbits, length,
+ (DES_key_schedule *)schedule, ivec, enc);
+}
+
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output,
+ des_key_schedule ks, int enc)
+{
+ DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
+}
+
+void _ossl_old_des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
+{
+ DES_encrypt1(data, (DES_key_schedule *)ks, enc);
+}
+
+void _ossl_old_des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
+{
+ DES_encrypt2(data, (DES_key_schedule *)ks, enc);
+}
+
+void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3)
+{
+ DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+ (DES_key_schedule *)ks3);
+}
+
+void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3)
+{
+ DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+ (DES_key_schedule *)ks3);
+}
+
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ des_key_schedule ks1,
+ des_key_schedule ks2,
+ des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int enc)
+{
+ DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+ length, (DES_key_schedule *)ks1,
+ (DES_key_schedule *)ks2, (DES_key_schedule *)ks3,
+ ivec, enc);
+}
+
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1,
+ des_key_schedule ks2,
+ des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int *num,
+ int enc)
+{
+ DES_ede3_cfb64_encrypt(in, out, length,
+ (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+ (DES_key_schedule *)ks3, ivec, num, enc);
+}
+
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1,
+ des_key_schedule ks2,
+ des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int *num)
+{
+ DES_ede3_ofb64_encrypt(in, out, length,
+ (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+ (DES_key_schedule *)ks3, ivec, num);
+}
+
+#if 0 /* broken code, preserved just in case anyone
+ * specifically looks for this */
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
+ _ossl_old_des_cblock (*in_white),
+ _ossl_old_des_cblock (*out_white))
+{
+ DES_xwhite_in2out(des_key, in_white, out_white);
+}
+#endif
+
+int _ossl_old_des_enc_read(int fd, char *buf, int len, des_key_schedule sched,
+ _ossl_old_des_cblock *iv)
+{
+ return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
+}
+
+int _ossl_old_des_enc_write(int fd, char *buf, int len,
+ des_key_schedule sched, _ossl_old_des_cblock *iv)
+{
+ return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
+}
+
+char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret)
+{
+ return DES_fcrypt(buf, salt, ret);
+}
+
+char *_ossl_old_des_crypt(const char *buf, const char *salt)
+{
+ return DES_crypt(buf, salt);
+}
+
+char *_ossl_old_crypt(const char *buf, const char *salt)
+{
+ return DES_crypt(buf, salt);
+}
+
+void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
+ int numbits, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec)
+{
+ DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
+ ivec);
+}
+
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc)
+{
+ DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+ length, (DES_key_schedule *)schedule, ivec, enc);
+}
+
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ int out_count, _ossl_old_des_cblock *seed)
+{
+ return DES_quad_cksum((unsigned char *)input, output, length,
+ out_count, seed);
+}
+
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
+{
+ RAND_seed(key, sizeof(_ossl_old_des_cblock));
+}
+
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
+{
+ DES_random_key((DES_cblock *)ret);
+}
+
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+ int verify)
+{
+ return DES_read_password(key, prompt, verify);
+}
+
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
+ _ossl_old_des_cblock *key2,
+ const char *prompt, int verify)
+{
+ return DES_read_2passwords(key1, key2, prompt, verify);
+}
+
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
+{
+ DES_set_odd_parity(key);
+}
+
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
+{
+ return DES_is_weak_key(key);
+}
+
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
+ des_key_schedule schedule)
+{
+ return DES_set_key(key, (DES_key_schedule *)schedule);
+}
+
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
+ des_key_schedule schedule)
+{
+ return DES_key_sched(key, (DES_key_schedule *)schedule);
+}
+
+void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key)
+{
+ DES_string_to_key(str, key);
+}
+
+void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
+ _ossl_old_des_cblock *key2)
+{
+ DES_string_to_2keys(str, key1, key2);
+}
+
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int *num,
+ int enc)
+{
+ DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+ ivec, num, enc);
+}
+
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int *num)
+{
+ DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+ ivec, num);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/des/des_old.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,497 +0,0 @@
-/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
-
-/*-
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with openssl 0.9.6 and older as
- * well as libdes. OpenSSL now provides functions where "des_" has
- * been replaced with "DES_" in the names, to make it possible to
- * make incompatible changes that are needed for C type security and
- * other stuff.
- *
- * This include files has two compatibility modes:
- *
- * - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
- * that is compatible with libdes and SSLeay.
- * - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
- * API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
- *
- * Note that these modes break earlier snapshots of OpenSSL, where
- * libdes compatibility was the only available mode or (later on) the
- * prefered compatibility mode. However, after much consideration
- * (and more or less violent discussions with external parties), it
- * was concluded that OpenSSL should be compatible with earlier versions
- * of itself before anything else. Also, in all honesty, libdes is
- * an old beast that shouldn't really be used any more.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones. The des_ functions will disappear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DES_H
-# define HEADER_DES_H
-
-# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
-
-# ifdef OPENSSL_NO_DES
-# error DES is disabled.
-# endif
-
-# ifndef HEADER_NEW_DES_H
-# error You must include des.h, not des_old.h directly.
-# endif
-
-# ifdef _KERBEROS_DES_H
-# error <openssl/des_old.h> replaces <kerberos/des.h>.
-# endif
-
-# include <openssl/symhacks.h>
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef _
-# undef _
-# endif
-
-typedef unsigned char _ossl_old_des_cblock[8];
-typedef struct _ossl_old_des_ks_struct {
- union {
- _ossl_old_des_cblock _;
- /*
- * make sure things are correct size on machines with 8 byte longs
- */
- DES_LONG pad[2];
- } ks;
-} _ossl_old_des_key_schedule[16];
-
-# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
-# define des_cblock DES_cblock
-# define const_des_cblock const_DES_cblock
-# define des_key_schedule DES_key_schedule
-# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
- DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
-# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
- DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
-# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
- DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
-# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
- DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
-# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
- DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
-# define des_options()\
- DES_options()
-# define des_cbc_cksum(i,o,l,k,iv)\
- DES_cbc_cksum((i),(o),(l),&(k),(iv))
-# define des_cbc_encrypt(i,o,l,k,iv,e)\
- DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
-# define des_ncbc_encrypt(i,o,l,k,iv,e)\
- DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
-# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
- DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
-# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
- DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
-# define des_ecb_encrypt(i,o,k,e)\
- DES_ecb_encrypt((i),(o),&(k),(e))
-# define des_encrypt1(d,k,e)\
- DES_encrypt1((d),&(k),(e))
-# define des_encrypt2(d,k,e)\
- DES_encrypt2((d),&(k),(e))
-# define des_encrypt3(d,k1,k2,k3)\
- DES_encrypt3((d),&(k1),&(k2),&(k3))
-# define des_decrypt3(d,k1,k2,k3)\
- DES_decrypt3((d),&(k1),&(k2),&(k3))
-# define des_xwhite_in2out(k,i,o)\
- DES_xwhite_in2out((k),(i),(o))
-# define des_enc_read(f,b,l,k,iv)\
- DES_enc_read((f),(b),(l),&(k),(iv))
-# define des_enc_write(f,b,l,k,iv)\
- DES_enc_write((f),(b),(l),&(k),(iv))
-# define des_fcrypt(b,s,r)\
- DES_fcrypt((b),(s),(r))
-# if 0
-# define des_crypt(b,s)\
- DES_crypt((b),(s))
-# if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
-# define crypt(b,s)\
- DES_crypt((b),(s))
-# endif
-# endif
-# define des_ofb_encrypt(i,o,n,l,k,iv)\
- DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
-# define des_pcbc_encrypt(i,o,l,k,iv,e)\
- DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
-# define des_quad_cksum(i,o,l,c,s)\
- DES_quad_cksum((i),(o),(l),(c),(s))
-# define des_random_seed(k)\
- _ossl_096_des_random_seed((k))
-# define des_random_key(r)\
- DES_random_key((r))
-# define des_read_password(k,p,v) \
- DES_read_password((k),(p),(v))
-# define des_read_2passwords(k1,k2,p,v) \
- DES_read_2passwords((k1),(k2),(p),(v))
-# define des_set_odd_parity(k)\
- DES_set_odd_parity((k))
-# define des_check_key_parity(k)\
- DES_check_key_parity((k))
-# define des_is_weak_key(k)\
- DES_is_weak_key((k))
-# define des_set_key(k,ks)\
- DES_set_key((k),&(ks))
-# define des_key_sched(k,ks)\
- DES_key_sched((k),&(ks))
-# define des_set_key_checked(k,ks)\
- DES_set_key_checked((k),&(ks))
-# define des_set_key_unchecked(k,ks)\
- DES_set_key_unchecked((k),&(ks))
-# define des_string_to_key(s,k)\
- DES_string_to_key((s),(k))
-# define des_string_to_2keys(s,k1,k2)\
- DES_string_to_2keys((s),(k1),(k2))
-# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
- DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
-# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
- DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
-
-# define des_ecb2_encrypt(i,o,k1,k2,e) \
- des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-# define des_check_key DES_check_key
-# define des_rw_mode DES_rw_mode
-# else /* libdes compatibility */
-/*
- * Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
- * libdes
- */
-# define des_cblock _ossl_old_des_cblock
-# define des_key_schedule _ossl_old_des_key_schedule
-# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
- _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
-# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
- _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
-# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
- _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
-# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
- _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
-# define des_options()\
- _ossl_old_des_options()
-# define des_cbc_cksum(i,o,l,k,iv)\
- _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
-# define des_cbc_encrypt(i,o,l,k,iv,e)\
- _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
-# define des_ncbc_encrypt(i,o,l,k,iv,e)\
- _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
-# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
- _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
-# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
- _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
-# define des_ecb_encrypt(i,o,k,e)\
- _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
-# define des_encrypt(d,k,e)\
- _ossl_old_des_encrypt((d),(k),(e))
-# define des_encrypt2(d,k,e)\
- _ossl_old_des_encrypt2((d),(k),(e))
-# define des_encrypt3(d,k1,k2,k3)\
- _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
-# define des_decrypt3(d,k1,k2,k3)\
- _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
-# define des_xwhite_in2out(k,i,o)\
- _ossl_old_des_xwhite_in2out((k),(i),(o))
-# define des_enc_read(f,b,l,k,iv)\
- _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
-# define des_enc_write(f,b,l,k,iv)\
- _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
-# define des_fcrypt(b,s,r)\
- _ossl_old_des_fcrypt((b),(s),(r))
-# define des_crypt(b,s)\
- _ossl_old_des_crypt((b),(s))
-# if 0
-# define crypt(b,s)\
- _ossl_old_crypt((b),(s))
-# endif
-# define des_ofb_encrypt(i,o,n,l,k,iv)\
- _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
-# define des_pcbc_encrypt(i,o,l,k,iv,e)\
- _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
-# define des_quad_cksum(i,o,l,c,s)\
- _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
-# define des_random_seed(k)\
- _ossl_old_des_random_seed((k))
-# define des_random_key(r)\
- _ossl_old_des_random_key((r))
-# define des_read_password(k,p,v) \
- _ossl_old_des_read_password((k),(p),(v))
-# define des_read_2passwords(k1,k2,p,v) \
- _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
-# define des_set_odd_parity(k)\
- _ossl_old_des_set_odd_parity((k))
-# define des_is_weak_key(k)\
- _ossl_old_des_is_weak_key((k))
-# define des_set_key(k,ks)\
- _ossl_old_des_set_key((k),(ks))
-# define des_key_sched(k,ks)\
- _ossl_old_des_key_sched((k),(ks))
-# define des_string_to_key(s,k)\
- _ossl_old_des_string_to_key((s),(k))
-# define des_string_to_2keys(s,k1,k2)\
- _ossl_old_des_string_to_2keys((s),(k1),(k2))
-# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
- _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
-# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
- _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
-
-# define des_ecb2_encrypt(i,o,k1,k2,e) \
- des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-# define des_check_key DES_check_key
-# define des_rw_mode DES_rw_mode
-# endif
-
-const char *_ossl_old_des_options(void);
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output,
- _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3, int enc);
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec);
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec,
- _ossl_old_des_cblock *inw,
- _ossl_old_des_cblock *outw, int enc);
-void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
- int numbits, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output,
- _ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
- int enc);
-void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
- int enc);
-void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3,
- _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
- long length,
- _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3,
- _ossl_old_des_cblock *ivec, int *num,
- int enc);
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
- long length,
- _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3,
- _ossl_old_des_cblock *ivec, int *num);
-# if 0
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
- _ossl_old_des_cblock (*in_white),
- _ossl_old_des_cblock (*out_white));
-# endif
-
-int _ossl_old_des_enc_read(int fd, char *buf, int len,
- _ossl_old_des_key_schedule sched,
- _ossl_old_des_cblock *iv);
-int _ossl_old_des_enc_write(int fd, char *buf, int len,
- _ossl_old_des_key_schedule sched,
- _ossl_old_des_cblock *iv);
-char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
-char *_ossl_old_des_crypt(const char *buf, const char *salt);
-# if !defined(PERL5) && !defined(NeXT)
-char *_ossl_old_crypt(const char *buf, const char *salt);
-# endif
-void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
- int numbits, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec);
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int enc);
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
- _ossl_old_des_cblock *output, long length,
- int out_count, _ossl_old_des_cblock *seed);
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
- int verify);
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
- _ossl_old_des_cblock *key2,
- const char *prompt, int verify);
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
- _ossl_old_des_key_schedule schedule);
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
- _ossl_old_des_key_schedule schedule);
-void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
-void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
- _ossl_old_des_cblock *key2);
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
- long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int *num,
- int enc);
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
- long length,
- _ossl_old_des_key_schedule schedule,
- _ossl_old_des_cblock *ivec, int *num);
-
-void _ossl_096_des_random_seed(des_cblock *key);
-
-/*
- * The following definitions provide compatibility with the MIT Kerberos
- * library. The _ossl_old_des_key_schedule structure is not binary
- * compatible.
- */
-
-# define _KERBEROS_DES_H
-
-# define KRBDES_ENCRYPT DES_ENCRYPT
-# define KRBDES_DECRYPT DES_DECRYPT
-
-# ifdef KERBEROS
-# define ENCRYPT DES_ENCRYPT
-# define DECRYPT DES_DECRYPT
-# endif
-
-# ifndef NCOMPAT
-# define C_Block des_cblock
-# define Key_schedule des_key_schedule
-# define KEY_SZ DES_KEY_SZ
-# define string_to_key des_string_to_key
-# define read_pw_string des_read_pw_string
-# define random_key des_random_key
-# define pcbc_encrypt des_pcbc_encrypt
-# define set_key des_set_key
-# define key_sched des_key_sched
-# define ecb_encrypt des_ecb_encrypt
-# define cbc_encrypt des_cbc_encrypt
-# define ncbc_encrypt des_ncbc_encrypt
-# define xcbc_encrypt des_xcbc_encrypt
-# define cbc_cksum des_cbc_cksum
-# define quad_cksum des_quad_cksum
-# define check_parity des_check_key_parity
-# endif
-
-# define des_fixup_key_parity DES_fixup_key_parity
-
-#ifdef __cplusplus
-}
-#endif
-
-/* for DES_read_pw_string et al */
-# include <openssl/ui_compat.h>
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h (from rev 11605, vendor-crypto/openssl/dist/crypto/des/des_old.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des_old.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,497 @@
+/* crypto/des/des_old.h */
+
+/*-
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with openssl 0.9.6 and older as
+ * well as libdes. OpenSSL now provides functions where "des_" has
+ * been replaced with "DES_" in the names, to make it possible to
+ * make incompatible changes that are needed for C type security and
+ * other stuff.
+ *
+ * This include files has two compatibility modes:
+ *
+ * - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
+ * that is compatible with libdes and SSLeay.
+ * - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
+ * API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
+ *
+ * Note that these modes break earlier snapshots of OpenSSL, where
+ * libdes compatibility was the only available mode or (later on) the
+ * prefered compatibility mode. However, after much consideration
+ * (and more or less violent discussions with external parties), it
+ * was concluded that OpenSSL should be compatible with earlier versions
+ * of itself before anything else. Also, in all honesty, libdes is
+ * an old beast that shouldn't really be used any more.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones. The des_ functions will disappear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DES_H
+# define HEADER_DES_H
+
+# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
+
+# ifdef OPENSSL_NO_DES
+# error DES is disabled.
+# endif
+
+# ifndef HEADER_NEW_DES_H
+# error You must include des.h, not des_old.h directly.
+# endif
+
+# ifdef _KERBEROS_DES_H
+# error <openssl/des_old.h> replaces <kerberos/des.h>.
+# endif
+
+# include <openssl/symhacks.h>
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef _
+# undef _
+# endif
+
+typedef unsigned char _ossl_old_des_cblock[8];
+typedef struct _ossl_old_des_ks_struct {
+ union {
+ _ossl_old_des_cblock _;
+ /*
+ * make sure things are correct size on machines with 8 byte longs
+ */
+ DES_LONG pad[2];
+ } ks;
+} _ossl_old_des_key_schedule[16];
+
+# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
+# define des_cblock DES_cblock
+# define const_des_cblock const_DES_cblock
+# define des_key_schedule DES_key_schedule
+# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+ DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
+# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+ DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
+# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
+ DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
+# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+ DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
+# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+ DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
+# define des_options()\
+ DES_options()
+# define des_cbc_cksum(i,o,l,k,iv)\
+ DES_cbc_cksum((i),(o),(l),&(k),(iv))
+# define des_cbc_encrypt(i,o,l,k,iv,e)\
+ DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
+# define des_ncbc_encrypt(i,o,l,k,iv,e)\
+ DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
+# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+ DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
+# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+ DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
+# define des_ecb_encrypt(i,o,k,e)\
+ DES_ecb_encrypt((i),(o),&(k),(e))
+# define des_encrypt1(d,k,e)\
+ DES_encrypt1((d),&(k),(e))
+# define des_encrypt2(d,k,e)\
+ DES_encrypt2((d),&(k),(e))
+# define des_encrypt3(d,k1,k2,k3)\
+ DES_encrypt3((d),&(k1),&(k2),&(k3))
+# define des_decrypt3(d,k1,k2,k3)\
+ DES_decrypt3((d),&(k1),&(k2),&(k3))
+# define des_xwhite_in2out(k,i,o)\
+ DES_xwhite_in2out((k),(i),(o))
+# define des_enc_read(f,b,l,k,iv)\
+ DES_enc_read((f),(b),(l),&(k),(iv))
+# define des_enc_write(f,b,l,k,iv)\
+ DES_enc_write((f),(b),(l),&(k),(iv))
+# define des_fcrypt(b,s,r)\
+ DES_fcrypt((b),(s),(r))
+# if 0
+# define des_crypt(b,s)\
+ DES_crypt((b),(s))
+# if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
+# define crypt(b,s)\
+ DES_crypt((b),(s))
+# endif
+# endif
+# define des_ofb_encrypt(i,o,n,l,k,iv)\
+ DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
+# define des_pcbc_encrypt(i,o,l,k,iv,e)\
+ DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
+# define des_quad_cksum(i,o,l,c,s)\
+ DES_quad_cksum((i),(o),(l),(c),(s))
+# define des_random_seed(k)\
+ _ossl_096_des_random_seed((k))
+# define des_random_key(r)\
+ DES_random_key((r))
+# define des_read_password(k,p,v) \
+ DES_read_password((k),(p),(v))
+# define des_read_2passwords(k1,k2,p,v) \
+ DES_read_2passwords((k1),(k2),(p),(v))
+# define des_set_odd_parity(k)\
+ DES_set_odd_parity((k))
+# define des_check_key_parity(k)\
+ DES_check_key_parity((k))
+# define des_is_weak_key(k)\
+ DES_is_weak_key((k))
+# define des_set_key(k,ks)\
+ DES_set_key((k),&(ks))
+# define des_key_sched(k,ks)\
+ DES_key_sched((k),&(ks))
+# define des_set_key_checked(k,ks)\
+ DES_set_key_checked((k),&(ks))
+# define des_set_key_unchecked(k,ks)\
+ DES_set_key_unchecked((k),&(ks))
+# define des_string_to_key(s,k)\
+ DES_string_to_key((s),(k))
+# define des_string_to_2keys(s,k1,k2)\
+ DES_string_to_2keys((s),(k1),(k2))
+# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+ DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
+# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+ DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
+
+# define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+# define des_check_key DES_check_key
+# define des_rw_mode DES_rw_mode
+# else /* libdes compatibility */
+/*
+ * Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
+ * libdes
+ */
+# define des_cblock _ossl_old_des_cblock
+# define des_key_schedule _ossl_old_des_key_schedule
+# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+ _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
+# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+ _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
+# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+ _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
+# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+ _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
+# define des_options()\
+ _ossl_old_des_options()
+# define des_cbc_cksum(i,o,l,k,iv)\
+ _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
+# define des_cbc_encrypt(i,o,l,k,iv,e)\
+ _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
+# define des_ncbc_encrypt(i,o,l,k,iv,e)\
+ _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
+# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+ _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
+# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+ _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
+# define des_ecb_encrypt(i,o,k,e)\
+ _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
+# define des_encrypt(d,k,e)\
+ _ossl_old_des_encrypt((d),(k),(e))
+# define des_encrypt2(d,k,e)\
+ _ossl_old_des_encrypt2((d),(k),(e))
+# define des_encrypt3(d,k1,k2,k3)\
+ _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
+# define des_decrypt3(d,k1,k2,k3)\
+ _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
+# define des_xwhite_in2out(k,i,o)\
+ _ossl_old_des_xwhite_in2out((k),(i),(o))
+# define des_enc_read(f,b,l,k,iv)\
+ _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
+# define des_enc_write(f,b,l,k,iv)\
+ _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
+# define des_fcrypt(b,s,r)\
+ _ossl_old_des_fcrypt((b),(s),(r))
+# define des_crypt(b,s)\
+ _ossl_old_des_crypt((b),(s))
+# if 0
+# define crypt(b,s)\
+ _ossl_old_crypt((b),(s))
+# endif
+# define des_ofb_encrypt(i,o,n,l,k,iv)\
+ _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
+# define des_pcbc_encrypt(i,o,l,k,iv,e)\
+ _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
+# define des_quad_cksum(i,o,l,c,s)\
+ _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
+# define des_random_seed(k)\
+ _ossl_old_des_random_seed((k))
+# define des_random_key(r)\
+ _ossl_old_des_random_key((r))
+# define des_read_password(k,p,v) \
+ _ossl_old_des_read_password((k),(p),(v))
+# define des_read_2passwords(k1,k2,p,v) \
+ _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
+# define des_set_odd_parity(k)\
+ _ossl_old_des_set_odd_parity((k))
+# define des_is_weak_key(k)\
+ _ossl_old_des_is_weak_key((k))
+# define des_set_key(k,ks)\
+ _ossl_old_des_set_key((k),(ks))
+# define des_key_sched(k,ks)\
+ _ossl_old_des_key_sched((k),(ks))
+# define des_string_to_key(s,k)\
+ _ossl_old_des_string_to_key((s),(k))
+# define des_string_to_2keys(s,k1,k2)\
+ _ossl_old_des_string_to_2keys((s),(k1),(k2))
+# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+ _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
+# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+ _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
+
+# define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+# define des_check_key DES_check_key
+# define des_rw_mode DES_rw_mode
+# endif
+
+const char *_ossl_old_des_options(void);
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3, int enc);
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec);
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec,
+ _ossl_old_des_cblock *inw,
+ _ossl_old_des_cblock *outw, int enc);
+void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
+ int numbits, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output,
+ _ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
+ int enc);
+void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
+ int enc);
+void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int *num,
+ int enc);
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int *num);
+# if 0
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
+ _ossl_old_des_cblock (*in_white),
+ _ossl_old_des_cblock (*out_white));
+# endif
+
+int _ossl_old_des_enc_read(int fd, char *buf, int len,
+ _ossl_old_des_key_schedule sched,
+ _ossl_old_des_cblock *iv);
+int _ossl_old_des_enc_write(int fd, char *buf, int len,
+ _ossl_old_des_key_schedule sched,
+ _ossl_old_des_cblock *iv);
+char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
+char *_ossl_old_des_crypt(const char *buf, const char *salt);
+# if !defined(PERL5) && !defined(NeXT)
+char *_ossl_old_crypt(const char *buf, const char *salt);
+# endif
+void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
+ int numbits, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec);
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ int out_count, _ossl_old_des_cblock *seed);
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+ int verify);
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
+ _ossl_old_des_cblock *key2,
+ const char *prompt, int verify);
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
+ _ossl_old_des_key_schedule schedule);
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
+ _ossl_old_des_key_schedule schedule);
+void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
+void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
+ _ossl_old_des_cblock *key2);
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int *num,
+ int enc);
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_096_des_random_seed(des_cblock *key);
+
+/*
+ * The following definitions provide compatibility with the MIT Kerberos
+ * library. The _ossl_old_des_key_schedule structure is not binary
+ * compatible.
+ */
+
+# define _KERBEROS_DES_H
+
+# define KRBDES_ENCRYPT DES_ENCRYPT
+# define KRBDES_DECRYPT DES_DECRYPT
+
+# ifdef KERBEROS
+# define ENCRYPT DES_ENCRYPT
+# define DECRYPT DES_DECRYPT
+# endif
+
+# ifndef NCOMPAT
+# define C_Block des_cblock
+# define Key_schedule des_key_schedule
+# define KEY_SZ DES_KEY_SZ
+# define string_to_key des_string_to_key
+# define read_pw_string des_read_pw_string
+# define random_key des_random_key
+# define pcbc_encrypt des_pcbc_encrypt
+# define set_key des_set_key
+# define key_sched des_key_sched
+# define ecb_encrypt des_ecb_encrypt
+# define cbc_encrypt des_cbc_encrypt
+# define ncbc_encrypt des_ncbc_encrypt
+# define xcbc_encrypt des_xcbc_encrypt
+# define cbc_cksum des_cbc_cksum
+# define quad_cksum des_quad_cksum
+# define check_parity des_check_key_parity
+# endif
+
+# define des_fixup_key_parity DES_fixup_key_parity
+
+#ifdef __cplusplus
+}
+#endif
+
+/* for DES_read_pw_string et al */
+# include <openssl/ui_compat.h>
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/des/des_old2.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,80 +0,0 @@
-/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
-
-/*
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The
- * function names in here are deprecated and are only present to provide an
- * interface compatible with OpenSSL 0.9.6c. OpenSSL now provides functions
- * where "des_" has been replaced with "DES_" in the names, to make it
- * possible to make incompatible changes that are needed for C type security
- * and other stuff. Please consider starting to use the DES_ functions
- * rather than the des_ ones. The des_ functions will dissapear completely
- * before OpenSSL 1.0! WARNING WARNING WARNING WARNING WARNING WARNING
- * WARNING WARNING
- */
-
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#undef OPENSSL_DES_LIBDES_COMPATIBILITY
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-void _ossl_096_des_random_seed(DES_cblock *key)
-{
- RAND_seed(key, sizeof(DES_cblock));
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c (from rev 11605, vendor-crypto/openssl/dist/crypto/des/des_old2.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/des_old2.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,80 @@
+/* crypto/des/des_old.c */
+
+/*
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The
+ * function names in here are deprecated and are only present to provide an
+ * interface compatible with OpenSSL 0.9.6c. OpenSSL now provides functions
+ * where "des_" has been replaced with "DES_" in the names, to make it
+ * possible to make incompatible changes that are needed for C type security
+ * and other stuff. Please consider starting to use the DES_ functions
+ * rather than the des_ ones. The des_ functions will dissapear completely
+ * before OpenSSL 1.0! WARNING WARNING WARNING WARNING WARNING WARNING
+ * WARNING WARNING
+ */
+
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#undef OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+void _ossl_096_des_random_seed(DES_cblock *key)
+{
+ RAND_seed(key, sizeof(DES_cblock));
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/des/enc_writ.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,182 +0,0 @@
-/* crypto/des/enc_writ.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <time.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-#include <openssl/rand.h>
-
-/*-
- * WARNINGS:
- *
- * - The data format used by DES_enc_write() and DES_enc_read()
- * has a cryptographic weakness: When asked to write more
- * than MAXWRITE bytes, DES_enc_write will split the data
- * into several chunks that are all encrypted
- * using the same IV. So don't use these functions unless you
- * are sure you know what you do (in which case you might
- * not want to use them anyway).
- *
- * - This code cannot handle non-blocking sockets.
- */
-
-int DES_enc_write(int fd, const void *_buf, int len,
- DES_key_schedule *sched, DES_cblock *iv)
-{
-#if defined(OPENSSL_NO_POSIX_IO)
- return (-1);
-#else
-# ifdef _LIBC
- extern unsigned long time();
- extern int write();
-# endif
- const unsigned char *buf = _buf;
- long rnum;
- int i, j, k, outnum;
- static unsigned char *outbuf = NULL;
- unsigned char shortbuf[8];
- unsigned char *p;
- const unsigned char *cp;
- static int start = 1;
-
- if (len < 0)
- return -1;
-
- if (outbuf == NULL) {
- outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
- if (outbuf == NULL)
- return (-1);
- }
- /*
- * If we are sending less than 8 bytes, the same char will look the same
- * if we don't pad it out with random bytes
- */
- if (start) {
- start = 0;
- }
-
- /* lets recurse if we want to send the data in small chunks */
- if (len > MAXWRITE) {
- j = 0;
- for (i = 0; i < len; i += k) {
- k = DES_enc_write(fd, &(buf[i]),
- ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
- sched, iv);
- if (k < 0)
- return (k);
- else
- j += k;
- }
- return (j);
- }
-
- /* write length first */
- p = outbuf;
- l2n(len, p);
-
- /* pad short strings */
- if (len < 8) {
- cp = shortbuf;
- memcpy(shortbuf, buf, len);
- if (RAND_pseudo_bytes(shortbuf + len, 8 - len) < 0) {
- return -1;
- }
- rnum = 8;
- } else {
- cp = buf;
- rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
- }
-
- if (DES_rw_mode & DES_PCBC_MODE)
- DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
- iv, DES_ENCRYPT);
- else
- DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
- iv, DES_ENCRYPT);
-
- /* output */
- outnum = rnum + HDRSIZE;
-
- for (j = 0; j < outnum; j += i) {
- /*
- * eay 26/08/92 I was not doing writing from where we got up to.
- */
-# ifndef _WIN32
- i = write(fd, (void *)&(outbuf[j]), outnum - j);
-# else
- i = _write(fd, (void *)&(outbuf[j]), outnum - j);
-# endif
- if (i == -1) {
-# ifdef EINTR
- if (errno == EINTR)
- i = 0;
- else
-# endif
- /*
- * This is really a bad error - very bad It will stuff-up
- * both ends.
- */
- return (-1);
- }
- }
-
- return (len);
-#endif /* OPENSSL_NO_POSIX_IO */
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c (from rev 11605, vendor-crypto/openssl/dist/crypto/des/enc_writ.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/des/enc_writ.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,182 @@
+/* crypto/des/enc_writ.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <errno.h>
+#include <time.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include "des_locl.h"
+#include <openssl/rand.h>
+
+/*-
+ * WARNINGS:
+ *
+ * - The data format used by DES_enc_write() and DES_enc_read()
+ * has a cryptographic weakness: When asked to write more
+ * than MAXWRITE bytes, DES_enc_write will split the data
+ * into several chunks that are all encrypted
+ * using the same IV. So don't use these functions unless you
+ * are sure you know what you do (in which case you might
+ * not want to use them anyway).
+ *
+ * - This code cannot handle non-blocking sockets.
+ */
+
+int DES_enc_write(int fd, const void *_buf, int len,
+ DES_key_schedule *sched, DES_cblock *iv)
+{
+#if defined(OPENSSL_NO_POSIX_IO)
+ return (-1);
+#else
+# ifdef _LIBC
+ extern unsigned long time();
+ extern int write();
+# endif
+ const unsigned char *buf = _buf;
+ long rnum;
+ int i, j, k, outnum;
+ static unsigned char *outbuf = NULL;
+ unsigned char shortbuf[8];
+ unsigned char *p;
+ const unsigned char *cp;
+ static int start = 1;
+
+ if (len < 0)
+ return -1;
+
+ if (outbuf == NULL) {
+ outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
+ if (outbuf == NULL)
+ return (-1);
+ }
+ /*
+ * If we are sending less than 8 bytes, the same char will look the same
+ * if we don't pad it out with random bytes
+ */
+ if (start) {
+ start = 0;
+ }
+
+ /* lets recurse if we want to send the data in small chunks */
+ if (len > MAXWRITE) {
+ j = 0;
+ for (i = 0; i < len; i += k) {
+ k = DES_enc_write(fd, &(buf[i]),
+ ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
+ sched, iv);
+ if (k < 0)
+ return (k);
+ else
+ j += k;
+ }
+ return (j);
+ }
+
+ /* write length first */
+ p = outbuf;
+ l2n(len, p);
+
+ /* pad short strings */
+ if (len < 8) {
+ cp = shortbuf;
+ memcpy(shortbuf, buf, len);
+ if (RAND_bytes(shortbuf + len, 8 - len) <= 0) {
+ return -1;
+ }
+ rnum = 8;
+ } else {
+ cp = buf;
+ rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
+ }
+
+ if (DES_rw_mode & DES_PCBC_MODE)
+ DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
+ iv, DES_ENCRYPT);
+ else
+ DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
+ iv, DES_ENCRYPT);
+
+ /* output */
+ outnum = rnum + HDRSIZE;
+
+ for (j = 0; j < outnum; j += i) {
+ /*
+ * eay 26/08/92 I was not doing writing from where we got up to.
+ */
+# ifndef _WIN32
+ i = write(fd, (void *)&(outbuf[j]), outnum - j);
+# else
+ i = _write(fd, (void *)&(outbuf[j]), outnum - j);
+# endif
+ if (i == -1) {
+# ifdef EINTR
+ if (errno == EINTR)
+ i = 0;
+ else
+# endif
+ /*
+ * This is really a bad error - very bad It will stuff-up
+ * both ends.
+ */
+ return (-1);
+ }
+ }
+
+ return (len);
+#endif /* OPENSSL_NO_POSIX_IO */
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dsa/dsa_ameth.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,674 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/dsa.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#include "asn1_locl.h"
-
-static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
- const unsigned char *p, *pm;
- int pklen, pmlen;
- int ptype;
- void *pval;
- ASN1_STRING *pstr;
- X509_ALGOR *palg;
- ASN1_INTEGER *public_key = NULL;
-
- DSA *dsa = NULL;
-
- if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
- return 0;
- X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
- if (ptype == V_ASN1_SEQUENCE) {
- pstr = pval;
- pm = pstr->data;
- pmlen = pstr->length;
-
- if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
- DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
- goto err;
- }
-
- } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
- if (!(dsa = DSA_new())) {
- DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- } else {
- DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
- goto err;
- }
-
- if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
- DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
- goto err;
- }
-
- if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
- DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
- goto err;
- }
-
- ASN1_INTEGER_free(public_key);
- EVP_PKEY_assign_DSA(pkey, dsa);
- return 1;
-
- err:
- if (public_key)
- ASN1_INTEGER_free(public_key);
- if (dsa)
- DSA_free(dsa);
- return 0;
-
-}
-
-static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
- DSA *dsa;
- int ptype;
- unsigned char *penc = NULL;
- int penclen;
- ASN1_STRING *str = NULL;
-
- dsa = pkey->pkey.dsa;
- if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
- str = ASN1_STRING_new();
- if (!str) {
- DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- str->length = i2d_DSAparams(dsa, &str->data);
- if (str->length <= 0) {
- DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ptype = V_ASN1_SEQUENCE;
- } else
- ptype = V_ASN1_UNDEF;
-
- dsa->write_params = 0;
-
- penclen = i2d_DSAPublicKey(dsa, &penc);
-
- if (penclen <= 0) {
- DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
- ptype, str, penc, penclen))
- return 1;
-
- err:
- if (penc)
- OPENSSL_free(penc);
- if (str)
- ASN1_STRING_free(str);
-
- return 0;
-}
-
-/*
- * In PKCS#8 DSA: you just get a private key integer and parameters in the
- * AlgorithmIdentifier the pubkey must be recalculated.
- */
-
-static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
- const unsigned char *p, *pm;
- int pklen, pmlen;
- int ptype;
- void *pval;
- ASN1_STRING *pstr;
- X509_ALGOR *palg;
- ASN1_INTEGER *privkey = NULL;
- BN_CTX *ctx = NULL;
-
- STACK_OF(ASN1_TYPE) *ndsa = NULL;
- DSA *dsa = NULL;
-
- if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
- return 0;
- X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
- /* Check for broken DSA PKCS#8, UGH! */
- if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
- ASN1_TYPE *t1, *t2;
- if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
- goto decerr;
- if (sk_ASN1_TYPE_num(ndsa) != 2)
- goto decerr;
- /*-
- * Handle Two broken types:
- * SEQUENCE {parameters, priv_key}
- * SEQUENCE {pub_key, priv_key}
- */
-
- t1 = sk_ASN1_TYPE_value(ndsa, 0);
- t2 = sk_ASN1_TYPE_value(ndsa, 1);
- if (t1->type == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_EMBEDDED_PARAM;
- pval = t1->value.ptr;
- } else if (ptype == V_ASN1_SEQUENCE)
- p8->broken = PKCS8_NS_DB;
- else
- goto decerr;
-
- if (t2->type != V_ASN1_INTEGER)
- goto decerr;
-
- privkey = t2->value.integer;
- } else {
- const unsigned char *q = p;
- if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
- goto decerr;
- if (privkey->type == V_ASN1_NEG_INTEGER) {
- p8->broken = PKCS8_NEG_PRIVKEY;
- ASN1_STRING_clear_free(privkey);
- if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
- goto decerr;
- }
- if (ptype != V_ASN1_SEQUENCE)
- goto decerr;
- }
-
- pstr = pval;
- pm = pstr->data;
- pmlen = pstr->length;
- if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
- goto decerr;
- /* We have parameters now set private key */
- if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
- DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
- goto dsaerr;
- }
- /* Calculate public key */
- if (!(dsa->pub_key = BN_new())) {
- DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
- goto dsaerr;
- }
- if (!(ctx = BN_CTX_new())) {
- DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
- goto dsaerr;
- }
-
- if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
- DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
- goto dsaerr;
- }
-
- EVP_PKEY_assign_DSA(pkey, dsa);
- BN_CTX_free(ctx);
- if (ndsa)
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- else
- ASN1_STRING_clear_free(privkey);
-
- return 1;
-
- decerr:
- DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
- dsaerr:
- BN_CTX_free(ctx);
- if (privkey)
- ASN1_STRING_clear_free(privkey);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- DSA_free(dsa);
- return 0;
-}
-
-static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
- ASN1_STRING *params = NULL;
- ASN1_INTEGER *prkey = NULL;
- unsigned char *dp = NULL;
- int dplen;
-
- if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
- DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
- goto err;
- }
-
- params = ASN1_STRING_new();
-
- if (!params) {
- DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data);
- if (params->length <= 0) {
- DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- params->type = V_ASN1_SEQUENCE;
-
- /* Get private key into integer */
- prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
-
- if (!prkey) {
- DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
- goto err;
- }
-
- dplen = i2d_ASN1_INTEGER(prkey, &dp);
-
- ASN1_STRING_clear_free(prkey);
- prkey = NULL;
-
- if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
- V_ASN1_SEQUENCE, params, dp, dplen))
- goto err;
-
- return 1;
-
- err:
- if (dp != NULL)
- OPENSSL_free(dp);
- if (params != NULL)
- ASN1_STRING_free(params);
- if (prkey != NULL)
- ASN1_STRING_clear_free(prkey);
- return 0;
-}
-
-static int int_dsa_size(const EVP_PKEY *pkey)
-{
- return (DSA_size(pkey->pkey.dsa));
-}
-
-static int dsa_bits(const EVP_PKEY *pkey)
-{
- return BN_num_bits(pkey->pkey.dsa->p);
-}
-
-static int dsa_missing_parameters(const EVP_PKEY *pkey)
-{
- DSA *dsa;
- dsa = pkey->pkey.dsa;
- if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
- return 1;
- return 0;
-}
-
-static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
- BIGNUM *a;
-
- if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
- return 0;
- if (to->pkey.dsa->p != NULL)
- BN_free(to->pkey.dsa->p);
- to->pkey.dsa->p = a;
-
- if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
- return 0;
- if (to->pkey.dsa->q != NULL)
- BN_free(to->pkey.dsa->q);
- to->pkey.dsa->q = a;
-
- if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
- return 0;
- if (to->pkey.dsa->g != NULL)
- BN_free(to->pkey.dsa->g);
- to->pkey.dsa->g = a;
- return 1;
-}
-
-static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
- if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
- BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
- BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
- return 0;
- else
- return 1;
-}
-
-static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
- if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
- return 0;
- else
- return 1;
-}
-
-static void int_dsa_free(EVP_PKEY *pkey)
-{
- DSA_free(pkey->pkey.dsa);
-}
-
-static void update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
- size_t i;
- if (!b)
- return;
- if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
- *pbuflen = i;
-}
-
-static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
-{
- unsigned char *m = NULL;
- int ret = 0;
- size_t buf_len = 0;
- const char *ktype = NULL;
-
- const BIGNUM *priv_key, *pub_key;
-
- if (ptype == 2)
- priv_key = x->priv_key;
- else
- priv_key = NULL;
-
- if (ptype > 0)
- pub_key = x->pub_key;
- else
- pub_key = NULL;
-
- if (ptype == 2)
- ktype = "Private-Key";
- else if (ptype == 1)
- ktype = "Public-Key";
- else
- ktype = "DSA-Parameters";
-
- update_buflen(x->p, &buf_len);
- update_buflen(x->q, &buf_len);
- update_buflen(x->g, &buf_len);
- update_buflen(priv_key, &buf_len);
- update_buflen(pub_key, &buf_len);
-
- m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
- if (m == NULL) {
- DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (priv_key) {
- if (!BIO_indent(bp, off, 128))
- goto err;
- if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
- <= 0)
- goto err;
- }
-
- if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
- goto err;
- if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
- goto err;
- if (!ASN1_bn_print(bp, "P: ", x->p, m, off))
- goto err;
- if (!ASN1_bn_print(bp, "Q: ", x->q, m, off))
- goto err;
- if (!ASN1_bn_print(bp, "G: ", x->g, m, off))
- goto err;
- ret = 1;
- err:
- if (m != NULL)
- OPENSSL_free(m);
- return (ret);
-}
-
-static int dsa_param_decode(EVP_PKEY *pkey,
- const unsigned char **pder, int derlen)
-{
- DSA *dsa;
- if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
- DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
- return 0;
- }
- EVP_PKEY_assign_DSA(pkey, dsa);
- return 1;
-}
-
-static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
- return i2d_DSAparams(pkey->pkey.dsa, pder);
-}
-
-static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *ctx)
-{
- return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
-}
-
-static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *ctx)
-{
- return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
-}
-
-static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *ctx)
-{
- return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
-}
-
-static int old_dsa_priv_decode(EVP_PKEY *pkey,
- const unsigned char **pder, int derlen)
-{
- DSA *dsa;
- if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
- DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
- return 0;
- }
- EVP_PKEY_assign_DSA(pkey, dsa);
- return 1;
-}
-
-static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
- return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
-}
-
-static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
- const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
-{
- DSA_SIG *dsa_sig;
- const unsigned char *p;
- if (!sig) {
- if (BIO_puts(bp, "\n") <= 0)
- return 0;
- else
- return 1;
- }
- p = sig->data;
- dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
- if (dsa_sig) {
- int rv = 0;
- size_t buf_len = 0;
- unsigned char *m = NULL;
- update_buflen(dsa_sig->r, &buf_len);
- update_buflen(dsa_sig->s, &buf_len);
- m = OPENSSL_malloc(buf_len + 10);
- if (m == NULL) {
- DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (BIO_write(bp, "\n", 1) != 1)
- goto err;
-
- if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent))
- goto err;
- if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent))
- goto err;
- rv = 1;
- err:
- if (m)
- OPENSSL_free(m);
- DSA_SIG_free(dsa_sig);
- return rv;
- }
- return X509_signature_dump(bp, sig, indent);
-}
-
-static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
- switch (op) {
- case ASN1_PKEY_CTRL_PKCS7_SIGN:
- if (arg1 == 0) {
- int snid, hnid;
- X509_ALGOR *alg1, *alg2;
- PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
- if (alg1 == NULL || alg1->algorithm == NULL)
- return -1;
- hnid = OBJ_obj2nid(alg1->algorithm);
- if (hnid == NID_undef)
- return -1;
- if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
- return -1;
- X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
- }
- return 1;
-#ifndef OPENSSL_NO_CMS
- case ASN1_PKEY_CTRL_CMS_SIGN:
- if (arg1 == 0) {
- int snid, hnid;
- X509_ALGOR *alg1, *alg2;
- CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
- if (alg1 == NULL || alg1->algorithm == NULL)
- return -1;
- hnid = OBJ_obj2nid(alg1->algorithm);
- if (hnid == NID_undef)
- return -1;
- if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
- return -1;
- X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
- }
- return 1;
-#endif
-
- case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
- *(int *)arg2 = NID_sha1;
- return 2;
-
- default:
- return -2;
-
- }
-
-}
-
-/* NB these are sorted in pkey_id order, lowest first */
-
-const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
-
- {
- EVP_PKEY_DSA2,
- EVP_PKEY_DSA,
- ASN1_PKEY_ALIAS},
-
- {
- EVP_PKEY_DSA1,
- EVP_PKEY_DSA,
- ASN1_PKEY_ALIAS},
-
- {
- EVP_PKEY_DSA4,
- EVP_PKEY_DSA,
- ASN1_PKEY_ALIAS},
-
- {
- EVP_PKEY_DSA3,
- EVP_PKEY_DSA,
- ASN1_PKEY_ALIAS},
-
- {
- EVP_PKEY_DSA,
- EVP_PKEY_DSA,
- 0,
-
- "DSA",
- "OpenSSL DSA method",
-
- dsa_pub_decode,
- dsa_pub_encode,
- dsa_pub_cmp,
- dsa_pub_print,
-
- dsa_priv_decode,
- dsa_priv_encode,
- dsa_priv_print,
-
- int_dsa_size,
- dsa_bits,
-
- dsa_param_decode,
- dsa_param_encode,
- dsa_missing_parameters,
- dsa_copy_parameters,
- dsa_cmp_parameters,
- dsa_param_print,
- dsa_sig_print,
-
- int_dsa_free,
- dsa_pkey_ctrl,
- old_dsa_priv_decode,
- old_dsa_priv_encode}
-};
Copied: vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dsa/dsa_ameth.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ameth.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,674 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+ const unsigned char *p, *pm;
+ int pklen, pmlen;
+ int ptype;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
+ ASN1_INTEGER *public_key = NULL;
+
+ DSA *dsa = NULL;
+
+ if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ if (ptype == V_ASN1_SEQUENCE) {
+ pstr = pval;
+ pm = pstr->data;
+ pmlen = pstr->length;
+
+ if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+ goto err;
+ }
+
+ } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
+ if (!(dsa = DSA_new())) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ } else {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
+ goto err;
+ }
+
+ if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+ goto err;
+ }
+
+ if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
+ goto err;
+ }
+
+ ASN1_INTEGER_free(public_key);
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ return 1;
+
+ err:
+ if (public_key)
+ ASN1_INTEGER_free(public_key);
+ if (dsa)
+ DSA_free(dsa);
+ return 0;
+
+}
+
+static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+ DSA *dsa;
+ int ptype;
+ unsigned char *penc = NULL;
+ int penclen;
+ ASN1_STRING *str = NULL;
+
+ dsa = pkey->pkey.dsa;
+ if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
+ str = ASN1_STRING_new();
+ if (!str) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ str->length = i2d_DSAparams(dsa, &str->data);
+ if (str->length <= 0) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ ptype = V_ASN1_SEQUENCE;
+ } else
+ ptype = V_ASN1_UNDEF;
+
+ dsa->write_params = 0;
+
+ penclen = i2d_DSAPublicKey(dsa, &penc);
+
+ if (penclen <= 0) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
+ ptype, str, penc, penclen))
+ return 1;
+
+ err:
+ if (penc)
+ OPENSSL_free(penc);
+ if (str)
+ ASN1_STRING_free(str);
+
+ return 0;
+}
+
+/*
+ * In PKCS#8 DSA: you just get a private key integer and parameters in the
+ * AlgorithmIdentifier the pubkey must be recalculated.
+ */
+
+static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+ const unsigned char *p, *pm;
+ int pklen, pmlen;
+ int ptype;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
+ ASN1_INTEGER *privkey = NULL;
+ BN_CTX *ctx = NULL;
+
+ STACK_OF(ASN1_TYPE) *ndsa = NULL;
+ DSA *dsa = NULL;
+
+ int ret = 0;
+
+ if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ /* Check for broken DSA PKCS#8, UGH! */
+ if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
+ ASN1_TYPE *t1, *t2;
+ if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
+ goto decerr;
+ if (sk_ASN1_TYPE_num(ndsa) != 2)
+ goto decerr;
+ /*-
+ * Handle Two broken types:
+ * SEQUENCE {parameters, priv_key}
+ * SEQUENCE {pub_key, priv_key}
+ */
+
+ t1 = sk_ASN1_TYPE_value(ndsa, 0);
+ t2 = sk_ASN1_TYPE_value(ndsa, 1);
+ if (t1->type == V_ASN1_SEQUENCE) {
+ p8->broken = PKCS8_EMBEDDED_PARAM;
+ pval = t1->value.ptr;
+ } else if (ptype == V_ASN1_SEQUENCE)
+ p8->broken = PKCS8_NS_DB;
+ else
+ goto decerr;
+
+ if (t2->type != V_ASN1_INTEGER)
+ goto decerr;
+
+ privkey = t2->value.integer;
+ } else {
+ const unsigned char *q = p;
+ if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
+ goto decerr;
+ if (privkey->type == V_ASN1_NEG_INTEGER) {
+ p8->broken = PKCS8_NEG_PRIVKEY;
+ ASN1_STRING_clear_free(privkey);
+ if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
+ goto decerr;
+ }
+ if (ptype != V_ASN1_SEQUENCE)
+ goto decerr;
+ }
+
+ pstr = pval;
+ pm = pstr->data;
+ pmlen = pstr->length;
+ if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
+ goto decerr;
+ /* We have parameters now set private key */
+ if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
+ goto dsaerr;
+ }
+ /* Calculate public key */
+ if (!(dsa->pub_key = BN_new())) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+ goto dsaerr;
+ }
+ if (!(ctx = BN_CTX_new())) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+ goto dsaerr;
+ }
+
+ if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
+ goto dsaerr;
+ }
+
+ EVP_PKEY_assign_DSA(pkey, dsa);
+
+ ret = 1;
+ goto done;
+
+ decerr:
+ DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
+ dsaerr:
+ DSA_free(dsa);
+ done:
+ BN_CTX_free(ctx);
+ if (ndsa)
+ sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+ else
+ ASN1_STRING_clear_free(privkey);
+ return ret;
+}
+
+static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+ ASN1_STRING *params = NULL;
+ ASN1_INTEGER *prkey = NULL;
+ unsigned char *dp = NULL;
+ int dplen;
+
+ if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
+ goto err;
+ }
+
+ params = ASN1_STRING_new();
+
+ if (!params) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data);
+ if (params->length <= 0) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ params->type = V_ASN1_SEQUENCE;
+
+ /* Get private key into integer */
+ prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
+
+ if (!prkey) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
+ goto err;
+ }
+
+ dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+ ASN1_STRING_clear_free(prkey);
+ prkey = NULL;
+
+ if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
+ V_ASN1_SEQUENCE, params, dp, dplen))
+ goto err;
+
+ return 1;
+
+ err:
+ if (dp != NULL)
+ OPENSSL_free(dp);
+ if (params != NULL)
+ ASN1_STRING_free(params);
+ if (prkey != NULL)
+ ASN1_STRING_clear_free(prkey);
+ return 0;
+}
+
+static int int_dsa_size(const EVP_PKEY *pkey)
+{
+ return (DSA_size(pkey->pkey.dsa));
+}
+
+static int dsa_bits(const EVP_PKEY *pkey)
+{
+ return BN_num_bits(pkey->pkey.dsa->p);
+}
+
+static int dsa_missing_parameters(const EVP_PKEY *pkey)
+{
+ DSA *dsa;
+ dsa = pkey->pkey.dsa;
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return 1;
+ return 0;
+}
+
+static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+ BIGNUM *a;
+
+ if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
+ return 0;
+ if (to->pkey.dsa->p != NULL)
+ BN_free(to->pkey.dsa->p);
+ to->pkey.dsa->p = a;
+
+ if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
+ return 0;
+ if (to->pkey.dsa->q != NULL)
+ BN_free(to->pkey.dsa->q);
+ to->pkey.dsa->q = a;
+
+ if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
+ return 0;
+ if (to->pkey.dsa->g != NULL)
+ BN_free(to->pkey.dsa->g);
+ to->pkey.dsa->g = a;
+ return 1;
+}
+
+static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
+ BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
+ BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
+ return 0;
+ else
+ return 1;
+}
+
+static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
+ return 0;
+ else
+ return 1;
+}
+
+static void int_dsa_free(EVP_PKEY *pkey)
+{
+ DSA_free(pkey->pkey.dsa);
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+ size_t i;
+ if (!b)
+ return;
+ if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+ *pbuflen = i;
+}
+
+static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
+{
+ unsigned char *m = NULL;
+ int ret = 0;
+ size_t buf_len = 0;
+ const char *ktype = NULL;
+
+ const BIGNUM *priv_key, *pub_key;
+
+ if (ptype == 2)
+ priv_key = x->priv_key;
+ else
+ priv_key = NULL;
+
+ if (ptype > 0)
+ pub_key = x->pub_key;
+ else
+ pub_key = NULL;
+
+ if (ptype == 2)
+ ktype = "Private-Key";
+ else if (ptype == 1)
+ ktype = "Public-Key";
+ else
+ ktype = "DSA-Parameters";
+
+ update_buflen(x->p, &buf_len);
+ update_buflen(x->q, &buf_len);
+ update_buflen(x->g, &buf_len);
+ update_buflen(priv_key, &buf_len);
+ update_buflen(pub_key, &buf_len);
+
+ m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (priv_key) {
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+ if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
+ <= 0)
+ goto err;
+ }
+
+ if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "P: ", x->p, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "Q: ", x->q, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "G: ", x->g, m, off))
+ goto err;
+ ret = 1;
+ err:
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
+}
+
+static int dsa_param_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ DSA *dsa;
+ if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
+ DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ return 1;
+}
+
+static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_DSAparams(pkey->pkey.dsa, pder);
+}
+
+static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
+}
+
+static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
+}
+
+static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
+}
+
+static int old_dsa_priv_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ DSA *dsa;
+ if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
+ DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ return 1;
+}
+
+static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
+}
+
+static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
+{
+ DSA_SIG *dsa_sig;
+ const unsigned char *p;
+ if (!sig) {
+ if (BIO_puts(bp, "\n") <= 0)
+ return 0;
+ else
+ return 1;
+ }
+ p = sig->data;
+ dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
+ if (dsa_sig) {
+ int rv = 0;
+ size_t buf_len = 0;
+ unsigned char *m = NULL;
+ update_buflen(dsa_sig->r, &buf_len);
+ update_buflen(dsa_sig->s, &buf_len);
+ m = OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (BIO_write(bp, "\n", 1) != 1)
+ goto err;
+
+ if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent))
+ goto err;
+ if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent))
+ goto err;
+ rv = 1;
+ err:
+ if (m)
+ OPENSSL_free(m);
+ DSA_SIG_free(dsa_sig);
+ return rv;
+ }
+ return X509_signature_dump(bp, sig, indent);
+}
+
+static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+ switch (op) {
+ case ASN1_PKEY_CTRL_PKCS7_SIGN:
+ if (arg1 == 0) {
+ int snid, hnid;
+ X509_ALGOR *alg1, *alg2;
+ PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+ if (alg1 == NULL || alg1->algorithm == NULL)
+ return -1;
+ hnid = OBJ_obj2nid(alg1->algorithm);
+ if (hnid == NID_undef)
+ return -1;
+ if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+ return -1;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+ }
+ return 1;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_SIGN:
+ if (arg1 == 0) {
+ int snid, hnid;
+ X509_ALGOR *alg1, *alg2;
+ CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
+ if (alg1 == NULL || alg1->algorithm == NULL)
+ return -1;
+ hnid = OBJ_obj2nid(alg1->algorithm);
+ if (hnid == NID_undef)
+ return -1;
+ if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+ return -1;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+ }
+ return 1;
+#endif
+
+ case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+ *(int *)arg2 = NID_sha1;
+ return 2;
+
+ default:
+ return -2;
+
+ }
+
+}
+
+/* NB these are sorted in pkey_id order, lowest first */
+
+const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
+
+ {
+ EVP_PKEY_DSA2,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA1,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA4,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA3,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA,
+ EVP_PKEY_DSA,
+ 0,
+
+ "DSA",
+ "OpenSSL DSA method",
+
+ dsa_pub_decode,
+ dsa_pub_encode,
+ dsa_pub_cmp,
+ dsa_pub_print,
+
+ dsa_priv_decode,
+ dsa_priv_encode,
+ dsa_priv_print,
+
+ int_dsa_size,
+ dsa_bits,
+
+ dsa_param_decode,
+ dsa_param_encode,
+ dsa_missing_parameters,
+ dsa_copy_parameters,
+ dsa_cmp_parameters,
+ dsa_param_print,
+ dsa_sig_print,
+
+ int_dsa_free,
+ dsa_pkey_ctrl,
+ old_dsa_priv_decode,
+ old_dsa_priv_encode}
+};
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dsa/dsa_gen.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,379 +0,0 @@
-/* crypto/dsa/dsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/*
- * Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
- */
-# define HASH EVP_sha()
-#else
-/*
- * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
- * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
- * 180-1)
- */
-# define HASH EVP_sha1()
-#endif
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
-
-#ifndef OPENSSL_NO_SHA
-
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
-# include "dsa_locl.h"
-
-# ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# endif
-
-int DSA_generate_parameters_ex(DSA *ret, int bits,
- const unsigned char *seed_in, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- BN_GENCB *cb)
-{
-# ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
- && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
- DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
- return 0;
- }
-# endif
- if (ret->meth->dsa_paramgen)
- return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
- counter_ret, h_ret, cb);
-# ifdef OPENSSL_FIPS
- else if (FIPS_mode()) {
- return FIPS_dsa_generate_parameters_ex(ret, bits,
- seed_in, seed_len,
- counter_ret, h_ret, cb);
- }
-# endif
- else {
- const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1();
- size_t qbits = EVP_MD_size(evpmd) * 8;
-
- return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
- seed_in, seed_len, NULL, counter_ret,
- h_ret, cb);
- }
-}
-
-int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
- const EVP_MD *evpmd, const unsigned char *seed_in,
- size_t seed_len, unsigned char *seed_out,
- int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
-{
- int ok = 0;
- unsigned char seed[SHA256_DIGEST_LENGTH];
- unsigned char md[SHA256_DIGEST_LENGTH];
- unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
- BIGNUM *r0, *W, *X, *c, *test;
- BIGNUM *g = NULL, *q = NULL, *p = NULL;
- BN_MONT_CTX *mont = NULL;
- int i, k, n = 0, m = 0, qsize = qbits >> 3;
- int counter = 0;
- int r = 0;
- BN_CTX *ctx = NULL;
- unsigned int h = 2;
-
- if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
- qsize != SHA256_DIGEST_LENGTH)
- /* invalid q size */
- return 0;
-
- if (evpmd == NULL)
- /* use SHA1 as default */
- evpmd = EVP_sha1();
-
- if (bits < 512)
- bits = 512;
-
- bits = (bits + 63) / 64 * 64;
-
- /*
- * NB: seed_len == 0 is special case: copy generated seed to seed_in if
- * it is not NULL.
- */
- if (seed_len && (seed_len < (size_t)qsize))
- seed_in = NULL; /* seed buffer too small -- ignore */
- if (seed_len > (size_t)qsize)
- seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger
- * SEED, but our internal buffers are
- * restricted to 160 bits */
- if (seed_in != NULL)
- memcpy(seed, seed_in, seed_len);
-
- if ((mont = BN_MONT_CTX_new()) == NULL)
- goto err;
-
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
-
- BN_CTX_start(ctx);
-
- r0 = BN_CTX_get(ctx);
- g = BN_CTX_get(ctx);
- W = BN_CTX_get(ctx);
- q = BN_CTX_get(ctx);
- X = BN_CTX_get(ctx);
- c = BN_CTX_get(ctx);
- p = BN_CTX_get(ctx);
- test = BN_CTX_get(ctx);
-
- if (!BN_lshift(test, BN_value_one(), bits - 1))
- goto err;
-
- for (;;) {
- for (;;) { /* find q */
- int seed_is_random;
-
- /* step 1 */
- if (!BN_GENCB_call(cb, 0, m++))
- goto err;
-
- if (!seed_len || !seed_in) {
- if (RAND_pseudo_bytes(seed, qsize) < 0)
- goto err;
- seed_is_random = 1;
- } else {
- seed_is_random = 0;
- seed_len = 0; /* use random seed if 'seed_in' turns out to
- * be bad */
- }
- memcpy(buf, seed, qsize);
- memcpy(buf2, seed, qsize);
- /* precompute "SEED + 1" for step 7: */
- for (i = qsize - 1; i >= 0; i--) {
- buf[i]++;
- if (buf[i] != 0)
- break;
- }
-
- /* step 2 */
- if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
- goto err;
- if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
- goto err;
- for (i = 0; i < qsize; i++)
- md[i] ^= buf2[i];
-
- /* step 3 */
- md[0] |= 0x80;
- md[qsize - 1] |= 0x01;
- if (!BN_bin2bn(md, qsize, q))
- goto err;
-
- /* step 4 */
- r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
- seed_is_random, cb);
- if (r > 0)
- break;
- if (r != 0)
- goto err;
-
- /* do a callback call */
- /* step 5 */
- }
-
- if (!BN_GENCB_call(cb, 2, 0))
- goto err;
- if (!BN_GENCB_call(cb, 3, 0))
- goto err;
-
- /* step 6 */
- counter = 0;
- /* "offset = 2" */
-
- n = (bits - 1) / 160;
-
- for (;;) {
- if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
- goto err;
-
- /* step 7 */
- BN_zero(W);
- /* now 'buf' contains "SEED + offset - 1" */
- for (k = 0; k <= n; k++) {
- /*
- * obtain "SEED + offset + k" by incrementing:
- */
- for (i = qsize - 1; i >= 0; i--) {
- buf[i]++;
- if (buf[i] != 0)
- break;
- }
-
- if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL))
- goto err;
-
- /* step 8 */
- if (!BN_bin2bn(md, qsize, r0))
- goto err;
- if (!BN_lshift(r0, r0, (qsize << 3) * k))
- goto err;
- if (!BN_add(W, W, r0))
- goto err;
- }
-
- /* more of step 8 */
- if (!BN_mask_bits(W, bits - 1))
- goto err;
- if (!BN_copy(X, W))
- goto err;
- if (!BN_add(X, X, test))
- goto err;
-
- /* step 9 */
- if (!BN_lshift1(r0, q))
- goto err;
- if (!BN_mod(c, X, r0, ctx))
- goto err;
- if (!BN_sub(r0, c, BN_value_one()))
- goto err;
- if (!BN_sub(p, X, r0))
- goto err;
-
- /* step 10 */
- if (BN_cmp(p, test) >= 0) {
- /* step 11 */
- r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
- if (r > 0)
- goto end; /* found it */
- if (r != 0)
- goto err;
- }
-
- /* step 13 */
- counter++;
- /* "offset = offset + n + 1" */
-
- /* step 14 */
- if (counter >= 4096)
- break;
- }
- }
- end:
- if (!BN_GENCB_call(cb, 2, 1))
- goto err;
-
- /* We now need to generate g */
- /* Set r0=(p-1)/q */
- if (!BN_sub(test, p, BN_value_one()))
- goto err;
- if (!BN_div(r0, NULL, test, q, ctx))
- goto err;
-
- if (!BN_set_word(test, h))
- goto err;
- if (!BN_MONT_CTX_set(mont, p, ctx))
- goto err;
-
- for (;;) {
- /* g=test^r0%p */
- if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
- goto err;
- if (!BN_is_one(g))
- break;
- if (!BN_add(test, test, BN_value_one()))
- goto err;
- h++;
- }
-
- if (!BN_GENCB_call(cb, 3, 1))
- goto err;
-
- ok = 1;
- err:
- if (ok) {
- if (ret->p)
- BN_free(ret->p);
- if (ret->q)
- BN_free(ret->q);
- if (ret->g)
- BN_free(ret->g);
- ret->p = BN_dup(p);
- ret->q = BN_dup(q);
- ret->g = BN_dup(g);
- if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
- ok = 0;
- goto err;
- }
- if (counter_ret != NULL)
- *counter_ret = counter;
- if (h_ret != NULL)
- *h_ret = h;
- if (seed_out)
- memcpy(seed_out, seed, qsize);
- }
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- if (mont != NULL)
- BN_MONT_CTX_free(mont);
- return ok;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dsa/dsa_gen.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_gen.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,379 @@
+/* crypto/dsa/dsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef GENUINE_DSA
+
+#ifdef GENUINE_DSA
+/*
+ * Parameter generation follows the original release of FIPS PUB 186,
+ * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
+ */
+# define HASH EVP_sha()
+#else
+/*
+ * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
+ * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
+ * 180-1)
+ */
+# define HASH EVP_sha1()
+#endif
+
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
+
+#ifndef OPENSSL_NO_SHA
+
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/rand.h>
+# include <openssl/sha.h>
+# include "dsa_locl.h"
+
+# ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# endif
+
+int DSA_generate_parameters_ex(DSA *ret, int bits,
+ const unsigned char *seed_in, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb)
+{
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+ DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
+ }
+# endif
+ if (ret->meth->dsa_paramgen)
+ return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
+ counter_ret, h_ret, cb);
+# ifdef OPENSSL_FIPS
+ else if (FIPS_mode()) {
+ return FIPS_dsa_generate_parameters_ex(ret, bits,
+ seed_in, seed_len,
+ counter_ret, h_ret, cb);
+ }
+# endif
+ else {
+ const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1();
+ size_t qbits = EVP_MD_size(evpmd) * 8;
+
+ return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
+ seed_in, seed_len, NULL, counter_ret,
+ h_ret, cb);
+ }
+}
+
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+ const EVP_MD *evpmd, const unsigned char *seed_in,
+ size_t seed_len, unsigned char *seed_out,
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
+{
+ int ok = 0;
+ unsigned char seed[SHA256_DIGEST_LENGTH];
+ unsigned char md[SHA256_DIGEST_LENGTH];
+ unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
+ BIGNUM *r0, *W, *X, *c, *test;
+ BIGNUM *g = NULL, *q = NULL, *p = NULL;
+ BN_MONT_CTX *mont = NULL;
+ int i, k, n = 0, m = 0, qsize = qbits >> 3;
+ int counter = 0;
+ int r = 0;
+ BN_CTX *ctx = NULL;
+ unsigned int h = 2;
+
+ if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
+ qsize != SHA256_DIGEST_LENGTH)
+ /* invalid q size */
+ return 0;
+
+ if (evpmd == NULL)
+ /* use SHA1 as default */
+ evpmd = EVP_sha1();
+
+ if (bits < 512)
+ bits = 512;
+
+ bits = (bits + 63) / 64 * 64;
+
+ /*
+ * NB: seed_len == 0 is special case: copy generated seed to seed_in if
+ * it is not NULL.
+ */
+ if (seed_len && (seed_len < (size_t)qsize))
+ seed_in = NULL; /* seed buffer too small -- ignore */
+ if (seed_len > (size_t)qsize)
+ seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger
+ * SEED, but our internal buffers are
+ * restricted to 160 bits */
+ if (seed_in != NULL)
+ memcpy(seed, seed_in, seed_len);
+
+ if ((mont = BN_MONT_CTX_new()) == NULL)
+ goto err;
+
+ if ((ctx = BN_CTX_new()) == NULL)
+ goto err;
+
+ BN_CTX_start(ctx);
+
+ r0 = BN_CTX_get(ctx);
+ g = BN_CTX_get(ctx);
+ W = BN_CTX_get(ctx);
+ q = BN_CTX_get(ctx);
+ X = BN_CTX_get(ctx);
+ c = BN_CTX_get(ctx);
+ p = BN_CTX_get(ctx);
+ test = BN_CTX_get(ctx);
+
+ if (!BN_lshift(test, BN_value_one(), bits - 1))
+ goto err;
+
+ for (;;) {
+ for (;;) { /* find q */
+ int seed_is_random;
+
+ /* step 1 */
+ if (!BN_GENCB_call(cb, 0, m++))
+ goto err;
+
+ if (!seed_len || !seed_in) {
+ if (RAND_bytes(seed, qsize) <= 0)
+ goto err;
+ seed_is_random = 1;
+ } else {
+ seed_is_random = 0;
+ seed_len = 0; /* use random seed if 'seed_in' turns out to
+ * be bad */
+ }
+ memcpy(buf, seed, qsize);
+ memcpy(buf2, seed, qsize);
+ /* precompute "SEED + 1" for step 7: */
+ for (i = qsize - 1; i >= 0; i--) {
+ buf[i]++;
+ if (buf[i] != 0)
+ break;
+ }
+
+ /* step 2 */
+ if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
+ goto err;
+ if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
+ goto err;
+ for (i = 0; i < qsize; i++)
+ md[i] ^= buf2[i];
+
+ /* step 3 */
+ md[0] |= 0x80;
+ md[qsize - 1] |= 0x01;
+ if (!BN_bin2bn(md, qsize, q))
+ goto err;
+
+ /* step 4 */
+ r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
+ seed_is_random, cb);
+ if (r > 0)
+ break;
+ if (r != 0)
+ goto err;
+
+ /* do a callback call */
+ /* step 5 */
+ }
+
+ if (!BN_GENCB_call(cb, 2, 0))
+ goto err;
+ if (!BN_GENCB_call(cb, 3, 0))
+ goto err;
+
+ /* step 6 */
+ counter = 0;
+ /* "offset = 2" */
+
+ n = (bits - 1) / 160;
+
+ for (;;) {
+ if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
+ goto err;
+
+ /* step 7 */
+ BN_zero(W);
+ /* now 'buf' contains "SEED + offset - 1" */
+ for (k = 0; k <= n; k++) {
+ /*
+ * obtain "SEED + offset + k" by incrementing:
+ */
+ for (i = qsize - 1; i >= 0; i--) {
+ buf[i]++;
+ if (buf[i] != 0)
+ break;
+ }
+
+ if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL))
+ goto err;
+
+ /* step 8 */
+ if (!BN_bin2bn(md, qsize, r0))
+ goto err;
+ if (!BN_lshift(r0, r0, (qsize << 3) * k))
+ goto err;
+ if (!BN_add(W, W, r0))
+ goto err;
+ }
+
+ /* more of step 8 */
+ if (!BN_mask_bits(W, bits - 1))
+ goto err;
+ if (!BN_copy(X, W))
+ goto err;
+ if (!BN_add(X, X, test))
+ goto err;
+
+ /* step 9 */
+ if (!BN_lshift1(r0, q))
+ goto err;
+ if (!BN_mod(c, X, r0, ctx))
+ goto err;
+ if (!BN_sub(r0, c, BN_value_one()))
+ goto err;
+ if (!BN_sub(p, X, r0))
+ goto err;
+
+ /* step 10 */
+ if (BN_cmp(p, test) >= 0) {
+ /* step 11 */
+ r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
+ if (r > 0)
+ goto end; /* found it */
+ if (r != 0)
+ goto err;
+ }
+
+ /* step 13 */
+ counter++;
+ /* "offset = offset + n + 1" */
+
+ /* step 14 */
+ if (counter >= 4096)
+ break;
+ }
+ }
+ end:
+ if (!BN_GENCB_call(cb, 2, 1))
+ goto err;
+
+ /* We now need to generate g */
+ /* Set r0=(p-1)/q */
+ if (!BN_sub(test, p, BN_value_one()))
+ goto err;
+ if (!BN_div(r0, NULL, test, q, ctx))
+ goto err;
+
+ if (!BN_set_word(test, h))
+ goto err;
+ if (!BN_MONT_CTX_set(mont, p, ctx))
+ goto err;
+
+ for (;;) {
+ /* g=test^r0%p */
+ if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
+ goto err;
+ if (!BN_is_one(g))
+ break;
+ if (!BN_add(test, test, BN_value_one()))
+ goto err;
+ h++;
+ }
+
+ if (!BN_GENCB_call(cb, 3, 1))
+ goto err;
+
+ ok = 1;
+ err:
+ if (ok) {
+ if (ret->p)
+ BN_free(ret->p);
+ if (ret->q)
+ BN_free(ret->q);
+ if (ret->g)
+ BN_free(ret->g);
+ ret->p = BN_dup(p);
+ ret->q = BN_dup(q);
+ ret->g = BN_dup(g);
+ if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
+ ok = 0;
+ goto err;
+ }
+ if (counter_ret != NULL)
+ *counter_ret = counter;
+ if (h_ret != NULL)
+ *h_ret = h;
+ if (seed_out)
+ memcpy(seed_out, seed, qsize);
+ }
+ if (ctx) {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
+ if (mont != NULL)
+ BN_MONT_CTX_free(mont);
+ return ok;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,426 +0,0 @@
-/* crypto/dsa/dsa_ossl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/sha.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-static int dsa_init(DSA *dsa);
-static int dsa_finish(DSA *dsa);
-
-static DSA_METHOD openssl_dsa_meth = {
- "OpenSSL DSA method",
- dsa_do_sign,
- dsa_sign_setup,
- dsa_do_verify,
- NULL, /* dsa_mod_exp, */
- NULL, /* dsa_bn_mod_exp, */
- dsa_init,
- dsa_finish,
- 0,
- NULL,
- NULL,
- NULL
-};
-
-/*-
- * These macro wrappers replace attempts to use the dsa_mod_exp() and
- * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
- * having a the macro work as an expression by bundling an "err_instr". So;
- *
- * if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
- * dsa->method_mont_p)) goto err;
- *
- * can be replaced by;
- *
- * DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
- * dsa->method_mont_p);
- */
-
-#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
- do { \
- int _tmp_res53; \
- if ((dsa)->meth->dsa_mod_exp) \
- _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
- (a2), (p2), (m), (ctx), (in_mont)); \
- else \
- _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
- (m), (ctx), (in_mont)); \
- if (!_tmp_res53) err_instr; \
- } while(0)
-#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
- do { \
- int _tmp_res53; \
- if ((dsa)->meth->bn_mod_exp) \
- _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
- (m), (ctx), (m_ctx)); \
- else \
- _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
- if (!_tmp_res53) err_instr; \
- } while(0)
-
-const DSA_METHOD *DSA_OpenSSL(void)
-{
- return &openssl_dsa_meth;
-}
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
- BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
- BIGNUM m;
- BIGNUM xr;
- BN_CTX *ctx = NULL;
- int reason = ERR_R_BN_LIB;
- DSA_SIG *ret = NULL;
- int noredo = 0;
-
- BN_init(&m);
- BN_init(&xr);
-
- if (!dsa->p || !dsa->q || !dsa->g) {
- reason = DSA_R_MISSING_PARAMETERS;
- goto err;
- }
-
- s = BN_new();
- if (s == NULL)
- goto err;
- ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
- redo:
- if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
- if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
- goto err;
- } else {
- kinv = dsa->kinv;
- dsa->kinv = NULL;
- r = dsa->r;
- dsa->r = NULL;
- noredo = 1;
- }
-
- if (dlen > BN_num_bytes(dsa->q))
- /*
- * if the digest length is greater than the size of q use the
- * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
- * 4.2
- */
- dlen = BN_num_bytes(dsa->q);
- if (BN_bin2bn(dgst, dlen, &m) == NULL)
- goto err;
-
- /* Compute s = inv(k) (m + xr) mod q */
- if (!BN_mod_mul(&xr, dsa->priv_key, r, dsa->q, ctx))
- goto err; /* s = xr */
- if (!BN_add(s, &xr, &m))
- goto err; /* s = m + xr */
- if (BN_cmp(s, dsa->q) > 0)
- if (!BN_sub(s, s, dsa->q))
- goto err;
- if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
- goto err;
-
- ret = DSA_SIG_new();
- if (ret == NULL)
- goto err;
- /*
- * Redo if r or s is zero as required by FIPS 186-3: this is very
- * unlikely.
- */
- if (BN_is_zero(r) || BN_is_zero(s)) {
- if (noredo) {
- reason = DSA_R_NEED_NEW_SETUP_VALUES;
- goto err;
- }
- goto redo;
- }
- ret->r = r;
- ret->s = s;
-
- err:
- if (!ret) {
- DSAerr(DSA_F_DSA_DO_SIGN, reason);
- BN_free(r);
- BN_free(s);
- }
- if (ctx != NULL)
- BN_CTX_free(ctx);
- BN_clear_free(&m);
- BN_clear_free(&xr);
- if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
- BN_clear_free(kinv);
- return (ret);
-}
-
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp)
-{
- BN_CTX *ctx;
- BIGNUM k, kq, *K, *kinv = NULL, *r = NULL;
- int ret = 0;
-
- if (!dsa->p || !dsa->q || !dsa->g) {
- DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
- return 0;
- }
-
- BN_init(&k);
- BN_init(&kq);
-
- if (ctx_in == NULL) {
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
- } else
- ctx = ctx_in;
-
- if ((r = BN_new()) == NULL)
- goto err;
-
- /* Get random k */
- do
- if (!BN_rand_range(&k, dsa->q))
- goto err;
- while (BN_is_zero(&k)) ;
- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
- BN_set_flags(&k, BN_FLG_CONSTTIME);
- }
-
- if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
- if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
- CRYPTO_LOCK_DSA, dsa->p, ctx))
- goto err;
- }
-
- /* Compute r = (g^k mod p) mod q */
-
- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
- if (!BN_copy(&kq, &k))
- goto err;
-
- /*
- * We do not want timing information to leak the length of k, so we
- * compute g^k using an equivalent exponent of fixed length. (This
- * is a kludge that we need because the BN_mod_exp_mont() does not
- * let us specify the desired timing behaviour.)
- */
-
- if (!BN_add(&kq, &kq, dsa->q))
- goto err;
- if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
- if (!BN_add(&kq, &kq, dsa->q))
- goto err;
- }
-
- K = &kq;
- } else {
- K = &k;
- }
- DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
- dsa->method_mont_p);
- if (!BN_mod(r, r, dsa->q, ctx))
- goto err;
-
- /* Compute part of 's = inv(k) (m + xr) mod q' */
- if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
- goto err;
-
- if (*kinvp != NULL)
- BN_clear_free(*kinvp);
- *kinvp = kinv;
- kinv = NULL;
- if (*rp != NULL)
- BN_clear_free(*rp);
- *rp = r;
- ret = 1;
- err:
- if (!ret) {
- DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
- if (r != NULL)
- BN_clear_free(r);
- }
- if (ctx_in == NULL)
- BN_CTX_free(ctx);
- BN_clear_free(&k);
- BN_clear_free(&kq);
- return (ret);
-}
-
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
-{
- BN_CTX *ctx;
- BIGNUM u1, u2, t1;
- BN_MONT_CTX *mont = NULL;
- int ret = -1, i;
- if (!dsa->p || !dsa->q || !dsa->g) {
- DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
- return -1;
- }
-
- i = BN_num_bits(dsa->q);
- /* fips 186-3 allows only different sizes for q */
- if (i != 160 && i != 224 && i != 256) {
- DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE);
- return -1;
- }
-
- if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
- DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE);
- return -1;
- }
- BN_init(&u1);
- BN_init(&u2);
- BN_init(&t1);
-
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
-
- if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
- BN_ucmp(sig->r, dsa->q) >= 0) {
- ret = 0;
- goto err;
- }
- if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
- BN_ucmp(sig->s, dsa->q) >= 0) {
- ret = 0;
- goto err;
- }
-
- /*
- * Calculate W = inv(S) mod Q save W in u2
- */
- if ((BN_mod_inverse(&u2, sig->s, dsa->q, ctx)) == NULL)
- goto err;
-
- /* save M in u1 */
- if (dgst_len > (i >> 3))
- /*
- * if the digest length is greater than the size of q use the
- * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
- * 4.2
- */
- dgst_len = (i >> 3);
- if (BN_bin2bn(dgst, dgst_len, &u1) == NULL)
- goto err;
-
- /* u1 = M * w mod q */
- if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx))
- goto err;
-
- /* u2 = r * w mod q */
- if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx))
- goto err;
-
- if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
- mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
- CRYPTO_LOCK_DSA, dsa->p, ctx);
- if (!mont)
- goto err;
- }
-
- DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p,
- ctx, mont);
- /* BN_copy(&u1,&t1); */
- /* let u1 = u1 mod q */
- if (!BN_mod(&u1, &t1, dsa->q, ctx))
- goto err;
-
- /*
- * V is now in u1. If the signature is correct, it will be equal to R.
- */
- ret = (BN_ucmp(&u1, sig->r) == 0);
-
- err:
- /*
- * XXX: surely this is wrong - if ret is 0, it just didn't verify; there
- * is no error in BN. Test should be ret == -1 (Ben)
- */
- if (ret != 1)
- DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
- if (ctx != NULL)
- BN_CTX_free(ctx);
- BN_free(&u1);
- BN_free(&u2);
- BN_free(&t1);
- return (ret);
-}
-
-static int dsa_init(DSA *dsa)
-{
- dsa->flags |= DSA_FLAG_CACHE_MONT_P;
- return (1);
-}
-
-static int dsa_finish(DSA *dsa)
-{
- if (dsa->method_mont_p)
- BN_MONT_CTX_free(dsa->method_mont_p);
- return (1);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dsa/dsa_ossl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,431 @@
+/* crypto/dsa/dsa_ossl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/sha.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+#include <openssl/asn1.h>
+
+static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
+static int dsa_init(DSA *dsa);
+static int dsa_finish(DSA *dsa);
+
+static DSA_METHOD openssl_dsa_meth = {
+ "OpenSSL DSA method",
+ dsa_do_sign,
+ dsa_sign_setup,
+ dsa_do_verify,
+ NULL, /* dsa_mod_exp, */
+ NULL, /* dsa_bn_mod_exp, */
+ dsa_init,
+ dsa_finish,
+ 0,
+ NULL,
+ NULL,
+ NULL
+};
+
+/*-
+ * These macro wrappers replace attempts to use the dsa_mod_exp() and
+ * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
+ * having a the macro work as an expression by bundling an "err_instr". So;
+ *
+ * if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+ * dsa->method_mont_p)) goto err;
+ *
+ * can be replaced by;
+ *
+ * DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
+ * dsa->method_mont_p);
+ */
+
+#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
+ do { \
+ int _tmp_res53; \
+ if ((dsa)->meth->dsa_mod_exp) \
+ _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
+ (a2), (p2), (m), (ctx), (in_mont)); \
+ else \
+ _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
+ (m), (ctx), (in_mont)); \
+ if (!_tmp_res53) err_instr; \
+ } while(0)
+#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
+ do { \
+ int _tmp_res53; \
+ if ((dsa)->meth->bn_mod_exp) \
+ _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
+ (m), (ctx), (m_ctx)); \
+ else \
+ _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
+ if (!_tmp_res53) err_instr; \
+ } while(0)
+
+const DSA_METHOD *DSA_OpenSSL(void)
+{
+ return &openssl_dsa_meth;
+}
+
+static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+ BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
+ BIGNUM m;
+ BIGNUM xr;
+ BN_CTX *ctx = NULL;
+ int reason = ERR_R_BN_LIB;
+ DSA_SIG *ret = NULL;
+ int noredo = 0;
+
+ BN_init(&m);
+ BN_init(&xr);
+
+ if (!dsa->p || !dsa->q || !dsa->g) {
+ reason = DSA_R_MISSING_PARAMETERS;
+ goto err;
+ }
+
+ s = BN_new();
+ if (s == NULL)
+ goto err;
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ goto err;
+ redo:
+ if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
+ if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
+ goto err;
+ } else {
+ kinv = dsa->kinv;
+ dsa->kinv = NULL;
+ r = dsa->r;
+ dsa->r = NULL;
+ noredo = 1;
+ }
+
+ if (dlen > BN_num_bytes(dsa->q))
+ /*
+ * if the digest length is greater than the size of q use the
+ * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
+ * 4.2
+ */
+ dlen = BN_num_bytes(dsa->q);
+ if (BN_bin2bn(dgst, dlen, &m) == NULL)
+ goto err;
+
+ /* Compute s = inv(k) (m + xr) mod q */
+ if (!BN_mod_mul(&xr, dsa->priv_key, r, dsa->q, ctx))
+ goto err; /* s = xr */
+ if (!BN_add(s, &xr, &m))
+ goto err; /* s = m + xr */
+ if (BN_cmp(s, dsa->q) > 0)
+ if (!BN_sub(s, s, dsa->q))
+ goto err;
+ if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
+ goto err;
+
+ /*
+ * Redo if r or s is zero as required by FIPS 186-3: this is very
+ * unlikely.
+ */
+ if (BN_is_zero(r) || BN_is_zero(s)) {
+ if (noredo) {
+ reason = DSA_R_NEED_NEW_SETUP_VALUES;
+ goto err;
+ }
+ goto redo;
+ }
+ ret = DSA_SIG_new();
+ if (ret == NULL)
+ goto err;
+ ret->r = r;
+ ret->s = s;
+
+ err:
+ if (ret == NULL) {
+ DSAerr(DSA_F_DSA_DO_SIGN, reason);
+ BN_free(r);
+ BN_free(s);
+ }
+ if (ctx != NULL)
+ BN_CTX_free(ctx);
+ BN_clear_free(&m);
+ BN_clear_free(&xr);
+ if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
+ BN_clear_free(kinv);
+ return (ret);
+}
+
+static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp)
+{
+ BN_CTX *ctx;
+ BIGNUM k, kq, *K, *kinv = NULL, *r = NULL;
+ int ret = 0;
+
+ if (!dsa->p || !dsa->q || !dsa->g) {
+ DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
+ return 0;
+ }
+
+ BN_init(&k);
+ BN_init(&kq);
+
+ if (ctx_in == NULL) {
+ if ((ctx = BN_CTX_new()) == NULL)
+ goto err;
+ } else
+ ctx = ctx_in;
+
+ if ((r = BN_new()) == NULL)
+ goto err;
+
+ /* Get random k */
+ do
+ if (!BN_rand_range(&k, dsa->q))
+ goto err;
+ while (BN_is_zero(&k));
+
+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+ BN_set_flags(&k, BN_FLG_CONSTTIME);
+ }
+
+
+ if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
+ if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+ CRYPTO_LOCK_DSA, dsa->p, ctx))
+ goto err;
+ }
+
+ /* Compute r = (g^k mod p) mod q */
+
+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+ if (!BN_copy(&kq, &k))
+ goto err;
+
+ BN_set_flags(&kq, BN_FLG_CONSTTIME);
+
+ /*
+ * We do not want timing information to leak the length of k, so we
+ * compute g^k using an equivalent exponent of fixed length. (This
+ * is a kludge that we need because the BN_mod_exp_mont() does not
+ * let us specify the desired timing behaviour.)
+ */
+
+ if (!BN_add(&kq, &kq, dsa->q))
+ goto err;
+ if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
+ if (!BN_add(&kq, &kq, dsa->q))
+ goto err;
+ }
+
+ K = &kq;
+ } else {
+ K = &k;
+ }
+
+ DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+ dsa->method_mont_p);
+ if (!BN_mod(r, r, dsa->q, ctx))
+ goto err;
+
+ /* Compute part of 's = inv(k) (m + xr) mod q' */
+ if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
+ goto err;
+
+ if (*kinvp != NULL)
+ BN_clear_free(*kinvp);
+ *kinvp = kinv;
+ kinv = NULL;
+ if (*rp != NULL)
+ BN_clear_free(*rp);
+ *rp = r;
+ ret = 1;
+ err:
+ if (!ret) {
+ DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
+ if (r != NULL)
+ BN_clear_free(r);
+ }
+ if (ctx_in == NULL)
+ BN_CTX_free(ctx);
+ BN_clear_free(&k);
+ BN_clear_free(&kq);
+ return (ret);
+}
+
+static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa)
+{
+ BN_CTX *ctx;
+ BIGNUM u1, u2, t1;
+ BN_MONT_CTX *mont = NULL;
+ int ret = -1, i;
+ if (!dsa->p || !dsa->q || !dsa->g) {
+ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
+ return -1;
+ }
+
+ i = BN_num_bits(dsa->q);
+ /* fips 186-3 allows only different sizes for q */
+ if (i != 160 && i != 224 && i != 256) {
+ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE);
+ return -1;
+ }
+
+ if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
+ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE);
+ return -1;
+ }
+ BN_init(&u1);
+ BN_init(&u2);
+ BN_init(&t1);
+
+ if ((ctx = BN_CTX_new()) == NULL)
+ goto err;
+
+ if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
+ BN_ucmp(sig->r, dsa->q) >= 0) {
+ ret = 0;
+ goto err;
+ }
+ if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
+ BN_ucmp(sig->s, dsa->q) >= 0) {
+ ret = 0;
+ goto err;
+ }
+
+ /*
+ * Calculate W = inv(S) mod Q save W in u2
+ */
+ if ((BN_mod_inverse(&u2, sig->s, dsa->q, ctx)) == NULL)
+ goto err;
+
+ /* save M in u1 */
+ if (dgst_len > (i >> 3))
+ /*
+ * if the digest length is greater than the size of q use the
+ * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
+ * 4.2
+ */
+ dgst_len = (i >> 3);
+ if (BN_bin2bn(dgst, dgst_len, &u1) == NULL)
+ goto err;
+
+ /* u1 = M * w mod q */
+ if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx))
+ goto err;
+
+ /* u2 = r * w mod q */
+ if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx))
+ goto err;
+
+ if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
+ mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+ CRYPTO_LOCK_DSA, dsa->p, ctx);
+ if (!mont)
+ goto err;
+ }
+
+ DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p,
+ ctx, mont);
+ /* BN_copy(&u1,&t1); */
+ /* let u1 = u1 mod q */
+ if (!BN_mod(&u1, &t1, dsa->q, ctx))
+ goto err;
+
+ /*
+ * V is now in u1. If the signature is correct, it will be equal to R.
+ */
+ ret = (BN_ucmp(&u1, sig->r) == 0);
+
+ err:
+ /*
+ * XXX: surely this is wrong - if ret is 0, it just didn't verify; there
+ * is no error in BN. Test should be ret == -1 (Ben)
+ */
+ if (ret != 1)
+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
+ if (ctx != NULL)
+ BN_CTX_free(ctx);
+ BN_free(&u1);
+ BN_free(&u2);
+ BN_free(&t1);
+ return (ret);
+}
+
+static int dsa_init(DSA *dsa)
+{
+ dsa->flags |= DSA_FLAG_CACHE_MONT_P;
+ return (1);
+}
+
+static int dsa_finish(DSA *dsa)
+{
+ if (dsa->method_mont_p)
+ BN_MONT_CTX_free(dsa->method_mont_p);
+ return (1);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/dso/dso.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,451 +0,0 @@
-/* dso.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-# define HEADER_DSO_H
-
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-# define DSO_CTRL_GET_FLAGS 1
-# define DSO_CTRL_SET_FLAGS 2
-# define DSO_CTRL_OR_FLAGS 3
-
-/*
- * By default, DSO_load() will translate the provided filename into a form
- * typical for the platform (more specifically the DSO_METHOD) using the
- * dso_name_converter function of the method. Eg. win32 will transform "blah"
- * into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overriden by setting the name_converter callback in the
- * DSO object (using DSO_set_name_converter()). This callback could even
- * utilise the DSO_METHOD's converter too if it only wants to override
- * behaviour for one or two possible DSO methods. However, the following flag
- * can be set in a DSO to prevent *any* native name-translation at all - eg.
- * if the caller has prompted the user for a path to a driver library so the
- * filename should be interpreted as-is.
- */
-# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
-/*
- * An extra flag to give if only the extension should be added as
- * translation. This is obviously only of importance on Unix and other
- * operating systems where the translation also may prefix the name with
- * something, like 'lib', and ignored everywhere else. This flag is also
- * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
- */
-# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
-
-/*
- * The following flag controls the translation of symbol names to upper case.
- * This is currently only being implemented for OpenVMS.
- */
-# define DSO_FLAG_UPCASE_SYMBOL 0x10
-
-/*
- * This flag loads the library with public symbols. Meaning: The exported
- * symbols of this library are public to all libraries loaded after this
- * library. At the moment only implemented in unix.
- */
-# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
-
-typedef void (*DSO_FUNC_TYPE) (void);
-
-typedef struct dso_st DSO;
-
-/*
- * The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure
- * pointer (or NULL if they are to be used independantly of a DSO object) and
- * a filename to transform. They should either return NULL (if there is an
- * error condition) or a newly allocated string containing the transformed
- * form that the caller will need to free with OPENSSL_free() when done.
- */
-typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-/*
- * The function prototype used for method functions (or caller-provided
- * callbacks) that merge two file specifications. They are passed a DSO
- * structure pointer (or NULL if they are to be used independantly of a DSO
- * object) and two file specifications to merge. They should either return
- * NULL (if there is an error condition) or a newly allocated string
- * containing the result of merging that the caller will need to free with
- * OPENSSL_free() when done. Here, merging means that bits and pieces are
- * taken from each of the file specifications and added together in whatever
- * fashion that is sensible for the DSO method in question. The only rule
- * that really applies is that if the two specification contain pieces of the
- * same type, the copy from the first string takes priority. One could see
- * it as the first specification is the one given by the user and the second
- * being a bunch of defaults to add on if they're missing in the first.
- */
-typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
-
-typedef struct dso_meth_st {
- const char *name;
- /*
- * Loads a shared library, NB: new DSO_METHODs must ensure that a
- * successful load populates the loaded_filename field, and likewise a
- * successful unload OPENSSL_frees and NULLs it out.
- */
- int (*dso_load) (DSO *dso);
- /* Unloads a shared library */
- int (*dso_unload) (DSO *dso);
- /* Binds a variable */
- void *(*dso_bind_var) (DSO *dso, const char *symname);
- /*
- * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
- * be cast to the real function prototype by the caller. Platforms that
- * don't have compatible representations for different prototypes (this
- * is possible within ANSI C) are highly unlikely to have shared
- * libraries at all, let alone a DSO_METHOD implemented for them.
- */
- DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
-/* I don't think this would actually be used in any circumstances. */
-# if 0
- /* Unbinds a variable */
- int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
- /* Unbinds a function */
- int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-# endif
- /*
- * The generic (yuck) "ctrl()" function. NB: Negative return values
- * (rather than zero) indicate errors.
- */
- long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
- /*
- * The default DSO_METHOD-specific function for converting filenames to a
- * canonical native form.
- */
- DSO_NAME_CONVERTER_FUNC dso_name_converter;
- /*
- * The default DSO_METHOD-specific function for converting filenames to a
- * canonical native form.
- */
- DSO_MERGER_FUNC dso_merger;
- /* [De]Initialisation handlers. */
- int (*init) (DSO *dso);
- int (*finish) (DSO *dso);
- /* Return pathname of the module containing location */
- int (*pathbyaddr) (void *addr, char *path, int sz);
- /* Perform global symbol lookup, i.e. among *all* modules */
- void *(*globallookup) (const char *symname);
-} DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st {
- DSO_METHOD *meth;
- /*
- * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
- * anything but will need to cache the filename for use in the dso_bind
- * handler. All in all, let each method control its own destiny.
- * "Handles" and such go in a STACK.
- */
- STACK_OF(void) *meth_data;
- int references;
- int flags;
- /*
- * For use by applications etc ... use this for your bits'n'pieces, don't
- * touch meth_data!
- */
- CRYPTO_EX_DATA ex_data;
- /*
- * If this callback function pointer is set to non-NULL, then it will be
- * used in DSO_load() in place of meth->dso_name_converter. NB: This
- * should normally set using DSO_set_name_converter().
- */
- DSO_NAME_CONVERTER_FUNC name_converter;
- /*
- * If this callback function pointer is set to non-NULL, then it will be
- * used in DSO_load() in place of meth->dso_merger. NB: This should
- * normally set using DSO_set_merger().
- */
- DSO_MERGER_FUNC merger;
- /*
- * This is populated with (a copy of) the platform-independant filename
- * used for this DSO.
- */
- char *filename;
- /*
- * This is populated with (a copy of) the translated filename by which
- * the DSO was actually loaded. It is NULL iff the DSO is not currently
- * loaded. NB: This is here because the filename translation process may
- * involve a callback being invoked more than once not only to convert to
- * a platform-specific form, but also to try different filenames in the
- * process of trying to perform a load. As such, this variable can be
- * used to indicate (a) whether this DSO structure corresponds to a
- * loaded library or not, and (b) the filename with which it was actually
- * loaded.
- */
- char *loaded_filename;
-};
-
-DSO *DSO_new(void);
-DSO *DSO_new_method(DSO_METHOD *method);
-int DSO_free(DSO *dso);
-int DSO_flags(DSO *dso);
-int DSO_up_ref(DSO *dso);
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/*
- * This function sets the DSO's name_converter callback. If it is non-NULL,
- * then it will be used instead of the associated DSO_METHOD's function. If
- * oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success.
- */
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
- DSO_NAME_CONVERTER_FUNC *oldcb);
-/*
- * These functions can be used to get/set the platform-independant filename
- * used for a DSO. NB: set will fail if the DSO is already loaded.
- */
-const char *DSO_get_filename(DSO *dso);
-int DSO_set_filename(DSO *dso, const char *filename);
-/*
- * This function will invoke the DSO's name_converter callback to translate a
- * filename, or if the callback isn't set it will instead use the DSO_METHOD's
- * converter. If "filename" is NULL, the "filename" in the DSO itself will be
- * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
- * simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
- * that caller-created DSO_METHODs can do the same thing. A non-NULL return
- * value will need to be OPENSSL_free()'d.
- */
-char *DSO_convert_filename(DSO *dso, const char *filename);
-/*
- * This function will invoke the DSO's merger callback to merge two file
- * specifications, or if the callback isn't set it will instead use the
- * DSO_METHOD's merger. A non-NULL return value will need to be
- * OPENSSL_free()'d.
- */
-char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
-/*
- * If the DSO is currently loaded, this returns the filename that it was
- * loaded under, otherwise it returns NULL. So it is also useful as a test as
- * to whether the DSO is currently loaded. NB: This will not necessarily
- * return the same value as DSO_convert_filename(dso, dso->filename), because
- * the DSO_METHOD's load function may have tried a variety of filenames (with
- * and/or without the aid of the converters) before settling on the one it
- * actually loaded.
- */
-const char *DSO_get_loaded_filename(DSO *dso);
-
-void DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/*
- * The all-singing all-dancing load function, you normally pass NULL for the
- * first and third parameters. Use DSO_up and DSO_free for subsequent
- * reference count handling. Any flags passed in will be set in the
- * constructed DSO after its init() function but before the load operation.
- * If 'dso' is non-NULL, 'flags' is ignored.
- */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/*
- * This method is the default, but will beg, borrow, or steal whatever method
- * should be the default on any particular platform (including
- * DSO_METH_null() if necessary).
- */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/*
- * This method is defined for all platforms - if a platform has no DSO
- * support then this will be the only method!
- */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/*
- * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
- * dlclose, dlsym, etc) will be used and incorporated into this method. If
- * not, this method will return NULL.
- */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/*
- * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
- * shl_unload, shl_findsym, etc) will be used and incorporated into this
- * method. If not, this method will return NULL.
- */
-DSO_METHOD *DSO_METHOD_dl(void);
-
-/* If WIN32 is defined, use DLLs. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_win32(void);
-
-/* If VMS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_vms(void);
-
-/*
- * This function writes null-terminated pathname of DSO module containing
- * 'addr' into 'sz' large caller-provided 'path' and returns the number of
- * characters [including trailing zero] written to it. If 'sz' is 0 or
- * negative, 'path' is ignored and required amount of charachers [including
- * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
- * pathname of cryptolib itself is returned. Negative or zero return value
- * denotes error.
- */
-int DSO_pathbyaddr(void *addr, char *path, int sz);
-
-/*
- * This function should be used with caution! It looks up symbols in *all*
- * loaded modules and if module gets unloaded by somebody else attempt to
- * dereference the pointer is doomed to have fatal consequences. Primary
- * usage for this function is to probe *core* system functionality, e.g.
- * check if getnameinfo(3) is available at run-time without bothering about
- * OS-specific details such as libc.so.versioning or where does it actually
- * reside: in libc itself or libsocket.
- */
-void *DSO_global_lookup(const char *name);
-
-/* If BeOS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_beos(void);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSO_strings(void);
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-# define DSO_F_BEOS_BIND_FUNC 144
-# define DSO_F_BEOS_BIND_VAR 145
-# define DSO_F_BEOS_LOAD 146
-# define DSO_F_BEOS_NAME_CONVERTER 147
-# define DSO_F_BEOS_UNLOAD 148
-# define DSO_F_DLFCN_BIND_FUNC 100
-# define DSO_F_DLFCN_BIND_VAR 101
-# define DSO_F_DLFCN_LOAD 102
-# define DSO_F_DLFCN_MERGER 130
-# define DSO_F_DLFCN_NAME_CONVERTER 123
-# define DSO_F_DLFCN_UNLOAD 103
-# define DSO_F_DL_BIND_FUNC 104
-# define DSO_F_DL_BIND_VAR 105
-# define DSO_F_DL_LOAD 106
-# define DSO_F_DL_MERGER 131
-# define DSO_F_DL_NAME_CONVERTER 124
-# define DSO_F_DL_UNLOAD 107
-# define DSO_F_DSO_BIND_FUNC 108
-# define DSO_F_DSO_BIND_VAR 109
-# define DSO_F_DSO_CONVERT_FILENAME 126
-# define DSO_F_DSO_CTRL 110
-# define DSO_F_DSO_FREE 111
-# define DSO_F_DSO_GET_FILENAME 127
-# define DSO_F_DSO_GET_LOADED_FILENAME 128
-# define DSO_F_DSO_GLOBAL_LOOKUP 139
-# define DSO_F_DSO_LOAD 112
-# define DSO_F_DSO_MERGE 132
-# define DSO_F_DSO_NEW_METHOD 113
-# define DSO_F_DSO_PATHBYADDR 140
-# define DSO_F_DSO_SET_FILENAME 129
-# define DSO_F_DSO_SET_NAME_CONVERTER 122
-# define DSO_F_DSO_UP_REF 114
-# define DSO_F_GLOBAL_LOOKUP_FUNC 138
-# define DSO_F_PATHBYADDR 137
-# define DSO_F_VMS_BIND_SYM 115
-# define DSO_F_VMS_LOAD 116
-# define DSO_F_VMS_MERGER 133
-# define DSO_F_VMS_UNLOAD 117
-# define DSO_F_WIN32_BIND_FUNC 118
-# define DSO_F_WIN32_BIND_VAR 119
-# define DSO_F_WIN32_GLOBALLOOKUP 142
-# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
-# define DSO_F_WIN32_JOINER 135
-# define DSO_F_WIN32_LOAD 120
-# define DSO_F_WIN32_MERGER 134
-# define DSO_F_WIN32_NAME_CONVERTER 125
-# define DSO_F_WIN32_PATHBYADDR 141
-# define DSO_F_WIN32_SPLITTER 136
-# define DSO_F_WIN32_UNLOAD 121
-
-/* Reason codes. */
-# define DSO_R_CTRL_FAILED 100
-# define DSO_R_DSO_ALREADY_LOADED 110
-# define DSO_R_EMPTY_FILE_STRUCTURE 113
-# define DSO_R_FAILURE 114
-# define DSO_R_FILENAME_TOO_BIG 101
-# define DSO_R_FINISH_FAILED 102
-# define DSO_R_INCORRECT_FILE_SYNTAX 115
-# define DSO_R_LOAD_FAILED 103
-# define DSO_R_NAME_TRANSLATION_FAILED 109
-# define DSO_R_NO_FILENAME 111
-# define DSO_R_NO_FILE_SPECIFICATION 116
-# define DSO_R_NULL_HANDLE 104
-# define DSO_R_SET_FILENAME_FAILED 112
-# define DSO_R_STACK_ERROR 105
-# define DSO_R_SYM_FAILURE 106
-# define DSO_R_UNLOAD_FAILED 107
-# define DSO_R_UNSUPPORTED 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h (from rev 11605, vendor-crypto/openssl/dist/crypto/dso/dso.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,451 @@
+/* dso.h */
+/*
+ * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DSO_H
+# define HEADER_DSO_H
+
+# include <openssl/crypto.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* These values are used as commands to DSO_ctrl() */
+# define DSO_CTRL_GET_FLAGS 1
+# define DSO_CTRL_SET_FLAGS 2
+# define DSO_CTRL_OR_FLAGS 3
+
+/*
+ * By default, DSO_load() will translate the provided filename into a form
+ * typical for the platform (more specifically the DSO_METHOD) using the
+ * dso_name_converter function of the method. Eg. win32 will transform "blah"
+ * into "blah.dll", and dlfcn will transform it into "libblah.so". The
+ * behaviour can be overriden by setting the name_converter callback in the
+ * DSO object (using DSO_set_name_converter()). This callback could even
+ * utilise the DSO_METHOD's converter too if it only wants to override
+ * behaviour for one or two possible DSO methods. However, the following flag
+ * can be set in a DSO to prevent *any* native name-translation at all - eg.
+ * if the caller has prompted the user for a path to a driver library so the
+ * filename should be interpreted as-is.
+ */
+# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
+/*
+ * An extra flag to give if only the extension should be added as
+ * translation. This is obviously only of importance on Unix and other
+ * operating systems where the translation also may prefix the name with
+ * something, like 'lib', and ignored everywhere else. This flag is also
+ * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
+ */
+# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
+
+/*
+ * The following flag controls the translation of symbol names to upper case.
+ * This is currently only being implemented for OpenVMS.
+ */
+# define DSO_FLAG_UPCASE_SYMBOL 0x10
+
+/*
+ * This flag loads the library with public symbols. Meaning: The exported
+ * symbols of this library are public to all libraries loaded after this
+ * library. At the moment only implemented in unix.
+ */
+# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
+
+typedef void (*DSO_FUNC_TYPE) (void);
+
+typedef struct dso_st DSO;
+
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that transform filenames. They are passed a DSO structure
+ * pointer (or NULL if they are to be used independantly of a DSO object) and
+ * a filename to transform. They should either return NULL (if there is an
+ * error condition) or a newly allocated string containing the transformed
+ * form that the caller will need to free with OPENSSL_free() when done.
+ */
+typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that merge two file specifications. They are passed a DSO
+ * structure pointer (or NULL if they are to be used independantly of a DSO
+ * object) and two file specifications to merge. They should either return
+ * NULL (if there is an error condition) or a newly allocated string
+ * containing the result of merging that the caller will need to free with
+ * OPENSSL_free() when done. Here, merging means that bits and pieces are
+ * taken from each of the file specifications and added together in whatever
+ * fashion that is sensible for the DSO method in question. The only rule
+ * that really applies is that if the two specification contain pieces of the
+ * same type, the copy from the first string takes priority. One could see
+ * it as the first specification is the one given by the user and the second
+ * being a bunch of defaults to add on if they're missing in the first.
+ */
+typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
+
+typedef struct dso_meth_st {
+ const char *name;
+ /*
+ * Loads a shared library, NB: new DSO_METHODs must ensure that a
+ * successful load populates the loaded_filename field, and likewise a
+ * successful unload OPENSSL_frees and NULLs it out.
+ */
+ int (*dso_load) (DSO *dso);
+ /* Unloads a shared library */
+ int (*dso_unload) (DSO *dso);
+ /* Binds a variable */
+ void *(*dso_bind_var) (DSO *dso, const char *symname);
+ /*
+ * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
+ * be cast to the real function prototype by the caller. Platforms that
+ * don't have compatible representations for different prototypes (this
+ * is possible within ANSI C) are highly unlikely to have shared
+ * libraries at all, let alone a DSO_METHOD implemented for them.
+ */
+ DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
+/* I don't think this would actually be used in any circumstances. */
+# if 0
+ /* Unbinds a variable */
+ int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
+ /* Unbinds a function */
+ int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+# endif
+ /*
+ * The generic (yuck) "ctrl()" function. NB: Negative return values
+ * (rather than zero) indicate errors.
+ */
+ long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
+ /*
+ * The default DSO_METHOD-specific function for converting filenames to a
+ * canonical native form.
+ */
+ DSO_NAME_CONVERTER_FUNC dso_name_converter;
+ /*
+ * The default DSO_METHOD-specific function for converting filenames to a
+ * canonical native form.
+ */
+ DSO_MERGER_FUNC dso_merger;
+ /* [De]Initialisation handlers. */
+ int (*init) (DSO *dso);
+ int (*finish) (DSO *dso);
+ /* Return pathname of the module containing location */
+ int (*pathbyaddr) (void *addr, char *path, int sz);
+ /* Perform global symbol lookup, i.e. among *all* modules */
+ void *(*globallookup) (const char *symname);
+} DSO_METHOD;
+
+/**********************************************************************/
+/* The low-level handle type used to refer to a loaded shared library */
+
+struct dso_st {
+ DSO_METHOD *meth;
+ /*
+ * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
+ * anything but will need to cache the filename for use in the dso_bind
+ * handler. All in all, let each method control its own destiny.
+ * "Handles" and such go in a STACK.
+ */
+ STACK_OF(void) *meth_data;
+ int references;
+ int flags;
+ /*
+ * For use by applications etc ... use this for your bits'n'pieces, don't
+ * touch meth_data!
+ */
+ CRYPTO_EX_DATA ex_data;
+ /*
+ * If this callback function pointer is set to non-NULL, then it will be
+ * used in DSO_load() in place of meth->dso_name_converter. NB: This
+ * should normally set using DSO_set_name_converter().
+ */
+ DSO_NAME_CONVERTER_FUNC name_converter;
+ /*
+ * If this callback function pointer is set to non-NULL, then it will be
+ * used in DSO_load() in place of meth->dso_merger. NB: This should
+ * normally set using DSO_set_merger().
+ */
+ DSO_MERGER_FUNC merger;
+ /*
+ * This is populated with (a copy of) the platform-independant filename
+ * used for this DSO.
+ */
+ char *filename;
+ /*
+ * This is populated with (a copy of) the translated filename by which
+ * the DSO was actually loaded. It is NULL iff the DSO is not currently
+ * loaded. NB: This is here because the filename translation process may
+ * involve a callback being invoked more than once not only to convert to
+ * a platform-specific form, but also to try different filenames in the
+ * process of trying to perform a load. As such, this variable can be
+ * used to indicate (a) whether this DSO structure corresponds to a
+ * loaded library or not, and (b) the filename with which it was actually
+ * loaded.
+ */
+ char *loaded_filename;
+};
+
+DSO *DSO_new(void);
+DSO *DSO_new_method(DSO_METHOD *method);
+int DSO_free(DSO *dso);
+int DSO_flags(DSO *dso);
+int DSO_up_ref(DSO *dso);
+long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
+
+/*
+ * This function sets the DSO's name_converter callback. If it is non-NULL,
+ * then it will be used instead of the associated DSO_METHOD's function. If
+ * oldcb is non-NULL then it is set to the function pointer value being
+ * replaced. Return value is non-zero for success.
+ */
+int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
+ DSO_NAME_CONVERTER_FUNC *oldcb);
+/*
+ * These functions can be used to get/set the platform-independant filename
+ * used for a DSO. NB: set will fail if the DSO is already loaded.
+ */
+const char *DSO_get_filename(DSO *dso);
+int DSO_set_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's name_converter callback to translate a
+ * filename, or if the callback isn't set it will instead use the DSO_METHOD's
+ * converter. If "filename" is NULL, the "filename" in the DSO itself will be
+ * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
+ * simply duplicated. NB: This function is usually called from within a
+ * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
+ * that caller-created DSO_METHODs can do the same thing. A non-NULL return
+ * value will need to be OPENSSL_free()'d.
+ */
+char *DSO_convert_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's merger callback to merge two file
+ * specifications, or if the callback isn't set it will instead use the
+ * DSO_METHOD's merger. A non-NULL return value will need to be
+ * OPENSSL_free()'d.
+ */
+char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
+/*
+ * If the DSO is currently loaded, this returns the filename that it was
+ * loaded under, otherwise it returns NULL. So it is also useful as a test as
+ * to whether the DSO is currently loaded. NB: This will not necessarily
+ * return the same value as DSO_convert_filename(dso, dso->filename), because
+ * the DSO_METHOD's load function may have tried a variety of filenames (with
+ * and/or without the aid of the converters) before settling on the one it
+ * actually loaded.
+ */
+const char *DSO_get_loaded_filename(DSO *dso);
+
+void DSO_set_default_method(DSO_METHOD *meth);
+DSO_METHOD *DSO_get_default_method(void);
+DSO_METHOD *DSO_get_method(DSO *dso);
+DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
+
+/*
+ * The all-singing all-dancing load function, you normally pass NULL for the
+ * first and third parameters. Use DSO_up and DSO_free for subsequent
+ * reference count handling. Any flags passed in will be set in the
+ * constructed DSO after its init() function but before the load operation.
+ * If 'dso' is non-NULL, 'flags' is ignored.
+ */
+DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
+
+/* This function binds to a variable inside a shared library. */
+void *DSO_bind_var(DSO *dso, const char *symname);
+
+/* This function binds to a function inside a shared library. */
+DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
+
+/*
+ * This method is the default, but will beg, borrow, or steal whatever method
+ * should be the default on any particular platform (including
+ * DSO_METH_null() if necessary).
+ */
+DSO_METHOD *DSO_METHOD_openssl(void);
+
+/*
+ * This method is defined for all platforms - if a platform has no DSO
+ * support then this will be the only method!
+ */
+DSO_METHOD *DSO_METHOD_null(void);
+
+/*
+ * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
+ * dlclose, dlsym, etc) will be used and incorporated into this method. If
+ * not, this method will return NULL.
+ */
+DSO_METHOD *DSO_METHOD_dlfcn(void);
+
+/*
+ * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
+ * shl_unload, shl_findsym, etc) will be used and incorporated into this
+ * method. If not, this method will return NULL.
+ */
+DSO_METHOD *DSO_METHOD_dl(void);
+
+/* If WIN32 is defined, use DLLs. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_win32(void);
+
+/* If VMS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_vms(void);
+
+/*
+ * This function writes null-terminated pathname of DSO module containing
+ * 'addr' into 'sz' large caller-provided 'path' and returns the number of
+ * characters [including trailing zero] written to it. If 'sz' is 0 or
+ * negative, 'path' is ignored and required amount of charachers [including
+ * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
+ * pathname of cryptolib itself is returned. Negative or zero return value
+ * denotes error.
+ */
+int DSO_pathbyaddr(void *addr, char *path, int sz);
+
+/*
+ * This function should be used with caution! It looks up symbols in *all*
+ * loaded modules and if module gets unloaded by somebody else attempt to
+ * dereference the pointer is doomed to have fatal consequences. Primary
+ * usage for this function is to probe *core* system functionality, e.g.
+ * check if getnameinfo(3) is available at run-time without bothering about
+ * OS-specific details such as libc.so.versioning or where does it actually
+ * reside: in libc itself or libsocket.
+ */
+void *DSO_global_lookup(const char *name);
+
+/* If BeOS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_beos(void);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DSO_strings(void);
+
+/* Error codes for the DSO functions. */
+
+/* Function codes. */
+# define DSO_F_BEOS_BIND_FUNC 144
+# define DSO_F_BEOS_BIND_VAR 145
+# define DSO_F_BEOS_LOAD 146
+# define DSO_F_BEOS_NAME_CONVERTER 147
+# define DSO_F_BEOS_UNLOAD 148
+# define DSO_F_DLFCN_BIND_FUNC 100
+# define DSO_F_DLFCN_BIND_VAR 101
+# define DSO_F_DLFCN_LOAD 102
+# define DSO_F_DLFCN_MERGER 130
+# define DSO_F_DLFCN_NAME_CONVERTER 123
+# define DSO_F_DLFCN_UNLOAD 103
+# define DSO_F_DL_BIND_FUNC 104
+# define DSO_F_DL_BIND_VAR 105
+# define DSO_F_DL_LOAD 106
+# define DSO_F_DL_MERGER 131
+# define DSO_F_DL_NAME_CONVERTER 124
+# define DSO_F_DL_UNLOAD 107
+# define DSO_F_DSO_BIND_FUNC 108
+# define DSO_F_DSO_BIND_VAR 109
+# define DSO_F_DSO_CONVERT_FILENAME 126
+# define DSO_F_DSO_CTRL 110
+# define DSO_F_DSO_FREE 111
+# define DSO_F_DSO_GET_FILENAME 127
+# define DSO_F_DSO_GET_LOADED_FILENAME 128
+# define DSO_F_DSO_GLOBAL_LOOKUP 139
+# define DSO_F_DSO_LOAD 112
+# define DSO_F_DSO_MERGE 132
+# define DSO_F_DSO_NEW_METHOD 113
+# define DSO_F_DSO_PATHBYADDR 140
+# define DSO_F_DSO_SET_FILENAME 129
+# define DSO_F_DSO_SET_NAME_CONVERTER 122
+# define DSO_F_DSO_UP_REF 114
+# define DSO_F_GLOBAL_LOOKUP_FUNC 138
+# define DSO_F_PATHBYADDR 137
+# define DSO_F_VMS_BIND_SYM 115
+# define DSO_F_VMS_LOAD 116
+# define DSO_F_VMS_MERGER 133
+# define DSO_F_VMS_UNLOAD 117
+# define DSO_F_WIN32_BIND_FUNC 118
+# define DSO_F_WIN32_BIND_VAR 119
+# define DSO_F_WIN32_GLOBALLOOKUP 142
+# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
+# define DSO_F_WIN32_JOINER 135
+# define DSO_F_WIN32_LOAD 120
+# define DSO_F_WIN32_MERGER 134
+# define DSO_F_WIN32_NAME_CONVERTER 125
+# define DSO_F_WIN32_PATHBYADDR 141
+# define DSO_F_WIN32_SPLITTER 136
+# define DSO_F_WIN32_UNLOAD 121
+
+/* Reason codes. */
+# define DSO_R_CTRL_FAILED 100
+# define DSO_R_DSO_ALREADY_LOADED 110
+# define DSO_R_EMPTY_FILE_STRUCTURE 113
+# define DSO_R_FAILURE 114
+# define DSO_R_FILENAME_TOO_BIG 101
+# define DSO_R_FINISH_FAILED 102
+# define DSO_R_INCORRECT_FILE_SYNTAX 115
+# define DSO_R_LOAD_FAILED 103
+# define DSO_R_NAME_TRANSLATION_FAILED 109
+# define DSO_R_NO_FILENAME 111
+# define DSO_R_NO_FILE_SPECIFICATION 116
+# define DSO_R_NULL_HANDLE 104
+# define DSO_R_SET_FILENAME_FAILED 112
+# define DSO_R_STACK_ERROR 105
+# define DSO_R_SYM_FAILURE 106
+# define DSO_R_UNLOAD_FAILED 107
+# define DSO_R_UNSUPPORTED 108
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dso/dso_dl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,380 +0,0 @@
-/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DL
-DSO_METHOD *DSO_METHOD_dl(void)
-{
- return NULL;
-}
-#else
-
-# include <dl.h>
-
-/* Part of the hack in "dl_load" ... */
-# define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dl_load(DSO *dso);
-static int dl_unload(DSO *dso);
-static void *dl_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname);
-# if 0
-static int dl_unbind_var(DSO *dso, char *symname, void *symptr);
-static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int dl_init(DSO *dso);
-static int dl_finish(DSO *dso);
-static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *dl_name_converter(DSO *dso, const char *filename);
-static char *dl_merger(DSO *dso, const char *filespec1,
- const char *filespec2);
-static int dl_pathbyaddr(void *addr, char *path, int sz);
-static void *dl_globallookup(const char *name);
-
-static DSO_METHOD dso_meth_dl = {
- "OpenSSL 'dl' shared library method",
- dl_load,
- dl_unload,
- dl_bind_var,
- dl_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
- NULL, /* unbind_var */
- NULL, /* unbind_func */
-# endif
- NULL, /* ctrl */
- dl_name_converter,
- dl_merger,
- NULL, /* init */
- NULL, /* finish */
- dl_pathbyaddr,
- dl_globallookup
-};
-
-DSO_METHOD *DSO_METHOD_dl(void)
-{
- return (&dso_meth_dl);
-}
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
- * (shl_t) returned from shl_load(). NB: I checked on HPUX11 and shl_t is
- * itself a pointer type so the cast is safe.
- */
-
-static int dl_load(DSO *dso)
-{
- shl_t ptr = NULL;
- /*
- * We don't do any fancy retries or anything, just take the method's (or
- * DSO's if it has the callback set) best translation of the
- * platform-independant filename and try once with that.
- */
- char *filename = DSO_convert_filename(dso, NULL);
-
- if (filename == NULL) {
- DSOerr(DSO_F_DL_LOAD, DSO_R_NO_FILENAME);
- goto err;
- }
- ptr = shl_load(filename, BIND_IMMEDIATE |
- (dso->flags & DSO_FLAG_NO_NAME_TRANSLATION ? 0 :
- DYNAMIC_PATH), 0L);
- if (ptr == NULL) {
- DSOerr(DSO_F_DL_LOAD, DSO_R_LOAD_FAILED);
- ERR_add_error_data(4, "filename(", filename, "): ", strerror(errno));
- goto err;
- }
- if (!sk_push(dso->meth_data, (char *)ptr)) {
- DSOerr(DSO_F_DL_LOAD, DSO_R_STACK_ERROR);
- goto err;
- }
- /*
- * Success, stick the converted filename we've loaded under into the DSO
- * (it also serves as the indicator that we are currently loaded).
- */
- dso->loaded_filename = filename;
- return (1);
- err:
- /* Cleanup! */
- if (filename != NULL)
- OPENSSL_free(filename);
- if (ptr != NULL)
- shl_unload(ptr);
- return (0);
-}
-
-static int dl_unload(DSO *dso)
-{
- shl_t ptr;
- if (dso == NULL) {
- DSOerr(DSO_F_DL_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (sk_num(dso->meth_data) < 1)
- return (1);
- /* Is this statement legal? */
- ptr = (shl_t) sk_pop(dso->meth_data);
- if (ptr == NULL) {
- DSOerr(DSO_F_DL_UNLOAD, DSO_R_NULL_HANDLE);
- /*
- * Should push the value back onto the stack in case of a retry.
- */
- sk_push(dso->meth_data, (char *)ptr);
- return (0);
- }
- shl_unload(ptr);
- return (1);
-}
-
-static void *dl_bind_var(DSO *dso, const char *symname)
-{
- shl_t ptr;
- void *sym;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_DL_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (sk_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_DL_BIND_VAR, DSO_R_STACK_ERROR);
- return (NULL);
- }
- ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_DL_BIND_VAR, DSO_R_NULL_HANDLE);
- return (NULL);
- }
- if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
- DSOerr(DSO_F_DL_BIND_VAR, DSO_R_SYM_FAILURE);
- ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
- return (NULL);
- }
- return (sym);
-}
-
-static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
-{
- shl_t ptr;
- void *sym;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_DL_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (sk_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_STACK_ERROR);
- return (NULL);
- }
- ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_NULL_HANDLE);
- return (NULL);
- }
- if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
- DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_SYM_FAILURE);
- ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
- return (NULL);
- }
- return ((DSO_FUNC_TYPE)sym);
-}
-
-static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2)
-{
- char *merged;
-
- if (!filespec1 && !filespec2) {
- DSOerr(DSO_F_DL_MERGER, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- /*
- * If the first file specification is a rooted path, it rules. same goes
- * if the second file specification is missing.
- */
- if (!filespec2 || filespec1[0] == '/') {
- merged = OPENSSL_malloc(strlen(filespec1) + 1);
- if (!merged) {
- DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec1);
- }
- /*
- * If the first file specification is missing, the second one rules.
- */
- else if (!filespec1) {
- merged = OPENSSL_malloc(strlen(filespec2) + 1);
- if (!merged) {
- DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec2);
- } else
- /*
- * This part isn't as trivial as it looks. It assumes that the
- * second file specification really is a directory, and makes no
- * checks whatsoever. Therefore, the result becomes the
- * concatenation of filespec2 followed by a slash followed by
- * filespec1.
- */
- {
- int spec2len, len;
-
- spec2len = (filespec2 ? strlen(filespec2) : 0);
- len = spec2len + (filespec1 ? strlen(filespec1) : 0);
-
- if (filespec2 && filespec2[spec2len - 1] == '/') {
- spec2len--;
- len--;
- }
- merged = OPENSSL_malloc(len + 2);
- if (!merged) {
- DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec2);
- merged[spec2len] = '/';
- strcpy(&merged[spec2len + 1], filespec1);
- }
- return (merged);
-}
-
-/*
- * This function is identical to the one in dso_dlfcn.c, but as it is highly
- * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at
- * the same time, there's no great duplicating the code. Figuring out an
- * elegant way to share one copy of the code would be more difficult and
- * would not leave the implementations independant.
- */
-# if defined(__hpux)
-static const char extension[] = ".sl";
-# else
-static const char extension[] = ".so";
-# endif
-static char *dl_name_converter(DSO *dso, const char *filename)
-{
- char *translated;
- int len, rsize, transform;
-
- len = strlen(filename);
- rsize = len + 1;
- transform = (strstr(filename, "/") == NULL);
- {
- /* We will convert this to "%s.s?" or "lib%s.s?" */
- rsize += strlen(extension); /* The length of ".s?" */
- if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
- rsize += 3; /* The length of "lib" */
- }
- translated = OPENSSL_malloc(rsize);
- if (translated == NULL) {
- DSOerr(DSO_F_DL_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
- return (NULL);
- }
- if (transform) {
- if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
- sprintf(translated, "lib%s%s", filename, extension);
- else
- sprintf(translated, "%s%s", filename, extension);
- } else
- sprintf(translated, "%s", filename);
- return (translated);
-}
-
-static int dl_pathbyaddr(void *addr, char *path, int sz)
-{
- struct shl_descriptor inf;
- int i, len;
-
- if (addr == NULL) {
- union {
- int (*f) (void *, char *, int);
- void *p;
- } t = {
- dl_pathbyaddr
- };
- addr = t.p;
- }
-
- for (i = -1; shl_get_r(i, &inf) == 0; i++) {
- if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
- ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) {
- len = (int)strlen(inf.filename);
- if (sz <= 0)
- return len + 1;
- if (len >= sz)
- len = sz - 1;
- memcpy(path, inf.filename, len);
- path[len++] = 0;
- return len;
- }
- }
-
- return -1;
-}
-
-static void *dl_globallookup(const char *name)
-{
- void *ret;
- shl_t h = NULL;
-
- return shl_findsym(&h, name, TYPE_UNDEFINED, &ret) ? NULL : ret;
-}
-#endif /* DSO_DL */
Copied: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dso/dso_dl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,380 @@
+/* dso_dl.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef DSO_DL
+DSO_METHOD *DSO_METHOD_dl(void)
+{
+ return NULL;
+}
+#else
+
+# include <dl.h>
+
+/* Part of the hack in "dl_load" ... */
+# define DSO_MAX_TRANSLATED_SIZE 256
+
+static int dl_load(DSO *dso);
+static int dl_unload(DSO *dso);
+static void *dl_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname);
+# if 0
+static int dl_unbind_var(DSO *dso, char *symname, void *symptr);
+static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int dl_init(DSO *dso);
+static int dl_finish(DSO *dso);
+static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *dl_name_converter(DSO *dso, const char *filename);
+static char *dl_merger(DSO *dso, const char *filespec1,
+ const char *filespec2);
+static int dl_pathbyaddr(void *addr, char *path, int sz);
+static void *dl_globallookup(const char *name);
+
+static DSO_METHOD dso_meth_dl = {
+ "OpenSSL 'dl' shared library method",
+ dl_load,
+ dl_unload,
+ dl_bind_var,
+ dl_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+ NULL, /* unbind_var */
+ NULL, /* unbind_func */
+# endif
+ NULL, /* ctrl */
+ dl_name_converter,
+ dl_merger,
+ NULL, /* init */
+ NULL, /* finish */
+ dl_pathbyaddr,
+ dl_globallookup
+};
+
+DSO_METHOD *DSO_METHOD_dl(void)
+{
+ return (&dso_meth_dl);
+}
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
+ * (shl_t) returned from shl_load(). NB: I checked on HPUX11 and shl_t is
+ * itself a pointer type so the cast is safe.
+ */
+
+static int dl_load(DSO *dso)
+{
+ shl_t ptr = NULL;
+ /*
+ * We don't do any fancy retries or anything, just take the method's (or
+ * DSO's if it has the callback set) best translation of the
+ * platform-independant filename and try once with that.
+ */
+ char *filename = DSO_convert_filename(dso, NULL);
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_DL_LOAD, DSO_R_NO_FILENAME);
+ goto err;
+ }
+ ptr = shl_load(filename, BIND_IMMEDIATE |
+ (dso->flags & DSO_FLAG_NO_NAME_TRANSLATION ? 0 :
+ DYNAMIC_PATH), 0L);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DL_LOAD, DSO_R_LOAD_FAILED);
+ ERR_add_error_data(4, "filename(", filename, "): ", strerror(errno));
+ goto err;
+ }
+ if (!sk_push(dso->meth_data, (char *)ptr)) {
+ DSOerr(DSO_F_DL_LOAD, DSO_R_STACK_ERROR);
+ goto err;
+ }
+ /*
+ * Success, stick the converted filename we've loaded under into the DSO
+ * (it also serves as the indicator that we are currently loaded).
+ */
+ dso->loaded_filename = filename;
+ return (1);
+ err:
+ /* Cleanup! */
+ if (filename != NULL)
+ OPENSSL_free(filename);
+ if (ptr != NULL)
+ shl_unload(ptr);
+ return (0);
+}
+
+static int dl_unload(DSO *dso)
+{
+ shl_t ptr;
+ if (dso == NULL) {
+ DSOerr(DSO_F_DL_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (sk_num(dso->meth_data) < 1)
+ return (1);
+ /* Is this statement legal? */
+ ptr = (shl_t) sk_pop(dso->meth_data);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DL_UNLOAD, DSO_R_NULL_HANDLE);
+ /*
+ * Should push the value back onto the stack in case of a retry.
+ */
+ sk_push(dso->meth_data, (char *)ptr);
+ return (0);
+ }
+ shl_unload(ptr);
+ return (1);
+}
+
+static void *dl_bind_var(DSO *dso, const char *symname)
+{
+ shl_t ptr;
+ void *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_DL_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_DL_BIND_VAR, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DL_BIND_VAR, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
+ DSOerr(DSO_F_DL_BIND_VAR, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
+ return (NULL);
+ }
+ return (sym);
+}
+
+static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
+{
+ shl_t ptr;
+ void *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_DL_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
+ DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
+ return (NULL);
+ }
+ return ((DSO_FUNC_TYPE)sym);
+}
+
+static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2)
+{
+ char *merged;
+
+ if (!filespec1 && !filespec2) {
+ DSOerr(DSO_F_DL_MERGER, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ /*
+ * If the first file specification is a rooted path, it rules. same goes
+ * if the second file specification is missing.
+ */
+ if (!filespec2 || filespec1[0] == '/') {
+ merged = OPENSSL_malloc(strlen(filespec1) + 1);
+ if (!merged) {
+ DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec1);
+ }
+ /*
+ * If the first file specification is missing, the second one rules.
+ */
+ else if (!filespec1) {
+ merged = OPENSSL_malloc(strlen(filespec2) + 1);
+ if (!merged) {
+ DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec2);
+ } else
+ /*
+ * This part isn't as trivial as it looks. It assumes that the
+ * second file specification really is a directory, and makes no
+ * checks whatsoever. Therefore, the result becomes the
+ * concatenation of filespec2 followed by a slash followed by
+ * filespec1.
+ */
+ {
+ int spec2len, len;
+
+ spec2len = (filespec2 ? strlen(filespec2) : 0);
+ len = spec2len + (filespec1 ? strlen(filespec1) : 0);
+
+ if (filespec2 && filespec2[spec2len - 1] == '/') {
+ spec2len--;
+ len--;
+ }
+ merged = OPENSSL_malloc(len + 2);
+ if (!merged) {
+ DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec2);
+ merged[spec2len] = '/';
+ strcpy(&merged[spec2len + 1], filespec1);
+ }
+ return (merged);
+}
+
+/*
+ * This function is identical to the one in dso_dlfcn.c, but as it is highly
+ * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at
+ * the same time, there's no great duplicating the code. Figuring out an
+ * elegant way to share one copy of the code would be more difficult and
+ * would not leave the implementations independant.
+ */
+# if defined(__hpux)
+static const char extension[] = ".sl";
+# else
+static const char extension[] = ".so";
+# endif
+static char *dl_name_converter(DSO *dso, const char *filename)
+{
+ char *translated;
+ int len, rsize, transform;
+
+ len = strlen(filename);
+ rsize = len + 1;
+ transform = (strstr(filename, "/") == NULL);
+ {
+ /* We will convert this to "%s.s?" or "lib%s.s?" */
+ rsize += strlen(extension); /* The length of ".s?" */
+ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+ rsize += 3; /* The length of "lib" */
+ }
+ translated = OPENSSL_malloc(rsize);
+ if (translated == NULL) {
+ DSOerr(DSO_F_DL_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+ return (NULL);
+ }
+ if (transform) {
+ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+ sprintf(translated, "lib%s%s", filename, extension);
+ else
+ sprintf(translated, "%s%s", filename, extension);
+ } else
+ sprintf(translated, "%s", filename);
+ return (translated);
+}
+
+static int dl_pathbyaddr(void *addr, char *path, int sz)
+{
+ struct shl_descriptor inf;
+ int i, len;
+
+ if (addr == NULL) {
+ union {
+ int (*f) (void *, char *, int);
+ void *p;
+ } t = {
+ dl_pathbyaddr
+ };
+ addr = t.p;
+ }
+
+ for (i = -1; shl_get_r(i, &inf) == 0; i++) {
+ if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
+ ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) {
+ len = (int)strlen(inf.filename);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ memcpy(path, inf.filename, len);
+ path[len++] = 0;
+ return len;
+ }
+ }
+
+ return -1;
+}
+
+static void *dl_globallookup(const char *name)
+{
+ void *ret;
+ shl_t h = NULL;
+
+ return shl_findsym(&h, name, TYPE_UNDEFINED, &ret) ? NULL : ret;
+}
+#endif /* DSO_DL */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dso/dso_dlfcn.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,465 +0,0 @@
-/* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- * We need to do this early, because stdio.h includes the header files that
- * handle _GNU_SOURCE and other similar macros. Defining it later is simply
- * too late, because those headers are protected from re- inclusion.
- */
-#ifndef _GNU_SOURCE
-# define _GNU_SOURCE /* make sure dladdr is declared */
-#endif
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DLFCN
-DSO_METHOD *DSO_METHOD_dlfcn(void)
-{
- return NULL;
-}
-#else
-
-# ifdef HAVE_DLFCN_H
-# ifdef __osf__
-# define __EXTENSIONS__
-# endif
-# include <dlfcn.h>
-# define HAVE_DLINFO 1
-# if defined(_AIX) || defined(__CYGWIN__) || \
- defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
- (defined(__osf__) && !defined(RTLD_NEXT)) || \
- (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
- defined(__ANDROID__)
-# undef HAVE_DLINFO
-# endif
-# endif
-
-/* Part of the hack in "dlfcn_load" ... */
-# define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dlfcn_load(DSO *dso);
-static int dlfcn_unload(DSO *dso);
-static void *dlfcn_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
-# if 0
-static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
-static int dlfcn_init(DSO *dso);
-static int dlfcn_finish(DSO *dso);
-static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *dlfcn_name_converter(DSO *dso, const char *filename);
-static char *dlfcn_merger(DSO *dso, const char *filespec1,
- const char *filespec2);
-static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
-static void *dlfcn_globallookup(const char *name);
-
-static DSO_METHOD dso_meth_dlfcn = {
- "OpenSSL 'dlfcn' shared library method",
- dlfcn_load,
- dlfcn_unload,
- dlfcn_bind_var,
- dlfcn_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
- NULL, /* unbind_var */
- NULL, /* unbind_func */
-# endif
- NULL, /* ctrl */
- dlfcn_name_converter,
- dlfcn_merger,
- NULL, /* init */
- NULL, /* finish */
- dlfcn_pathbyaddr,
- dlfcn_globallookup
-};
-
-DSO_METHOD *DSO_METHOD_dlfcn(void)
-{
- return (&dso_meth_dlfcn);
-}
-
-/*
- * Prior to using the dlopen() function, we should decide on the flag we
- * send. There's a few different ways of doing this and it's a messy
- * venn-diagram to match up which platforms support what. So as we don't have
- * autoconf yet, I'm implementing a hack that could be hacked further
- * relatively easily to deal with cases as we find them. Initially this is to
- * cope with OpenBSD.
- */
-# if defined(__OpenBSD__) || defined(__NetBSD__)
-# ifdef DL_LAZY
-# define DLOPEN_FLAG DL_LAZY
-# else
-# ifdef RTLD_NOW
-# define DLOPEN_FLAG RTLD_NOW
-# else
-# define DLOPEN_FLAG 0
-# endif
-# endif
-# else
-# ifdef OPENSSL_SYS_SUNOS
-# define DLOPEN_FLAG 1
-# else
-# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
-# endif
-# endif
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
- * (void*) returned from dlopen().
- */
-
-static int dlfcn_load(DSO *dso)
-{
- void *ptr = NULL;
- /* See applicable comments in dso_dl.c */
- char *filename = DSO_convert_filename(dso, NULL);
- int flags = DLOPEN_FLAG;
-
- if (filename == NULL) {
- DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
- goto err;
- }
-# ifdef RTLD_GLOBAL
- if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS)
- flags |= RTLD_GLOBAL;
-# endif
- ptr = dlopen(filename, flags);
- if (ptr == NULL) {
- DSOerr(DSO_F_DLFCN_LOAD, DSO_R_LOAD_FAILED);
- ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
- goto err;
- }
- if (!sk_void_push(dso->meth_data, (char *)ptr)) {
- DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
- goto err;
- }
- /* Success */
- dso->loaded_filename = filename;
- return (1);
- err:
- /* Cleanup! */
- if (filename != NULL)
- OPENSSL_free(filename);
- if (ptr != NULL)
- dlclose(ptr);
- return (0);
-}
-
-static int dlfcn_unload(DSO *dso)
-{
- void *ptr;
- if (dso == NULL) {
- DSOerr(DSO_F_DLFCN_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (sk_void_num(dso->meth_data) < 1)
- return (1);
- ptr = sk_void_pop(dso->meth_data);
- if (ptr == NULL) {
- DSOerr(DSO_F_DLFCN_UNLOAD, DSO_R_NULL_HANDLE);
- /*
- * Should push the value back onto the stack in case of a retry.
- */
- sk_void_push(dso->meth_data, ptr);
- return (0);
- }
- /* For now I'm not aware of any errors associated with dlclose() */
- dlclose(ptr);
- return (1);
-}
-
-static void *dlfcn_bind_var(DSO *dso, const char *symname)
-{
- void *ptr, *sym;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (sk_void_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
- return (NULL);
- }
- ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
- return (NULL);
- }
- sym = dlsym(ptr, symname);
- if (sym == NULL) {
- DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_SYM_FAILURE);
- ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
- return (NULL);
- }
- return (sym);
-}
-
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
-{
- void *ptr;
- union {
- DSO_FUNC_TYPE sym;
- void *dlret;
- } u;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (sk_void_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
- return (NULL);
- }
- ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
- return (NULL);
- }
- u.dlret = dlsym(ptr, symname);
- if (u.dlret == NULL) {
- DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_SYM_FAILURE);
- ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
- return (NULL);
- }
- return u.sym;
-}
-
-static char *dlfcn_merger(DSO *dso, const char *filespec1,
- const char *filespec2)
-{
- char *merged;
-
- if (!filespec1 && !filespec2) {
- DSOerr(DSO_F_DLFCN_MERGER, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- /*
- * If the first file specification is a rooted path, it rules. same goes
- * if the second file specification is missing.
- */
- if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
- merged = OPENSSL_malloc(strlen(filespec1) + 1);
- if (!merged) {
- DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec1);
- }
- /*
- * If the first file specification is missing, the second one rules.
- */
- else if (!filespec1) {
- merged = OPENSSL_malloc(strlen(filespec2) + 1);
- if (!merged) {
- DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec2);
- } else {
- /*
- * This part isn't as trivial as it looks. It assumes that the
- * second file specification really is a directory, and makes no
- * checks whatsoever. Therefore, the result becomes the
- * concatenation of filespec2 followed by a slash followed by
- * filespec1.
- */
- int spec2len, len;
-
- spec2len = strlen(filespec2);
- len = spec2len + strlen(filespec1);
-
- if (spec2len && filespec2[spec2len - 1] == '/') {
- spec2len--;
- len--;
- }
- merged = OPENSSL_malloc(len + 2);
- if (!merged) {
- DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec2);
- merged[spec2len] = '/';
- strcpy(&merged[spec2len + 1], filespec1);
- }
- return (merged);
-}
-
-# ifdef OPENSSL_SYS_MACOSX
-# define DSO_ext ".dylib"
-# define DSO_extlen 6
-# else
-# define DSO_ext ".so"
-# define DSO_extlen 3
-# endif
-
-static char *dlfcn_name_converter(DSO *dso, const char *filename)
-{
- char *translated;
- int len, rsize, transform;
-
- len = strlen(filename);
- rsize = len + 1;
- transform = (strstr(filename, "/") == NULL);
- if (transform) {
- /* We will convert this to "%s.so" or "lib%s.so" etc */
- rsize += DSO_extlen; /* The length of ".so" */
- if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
- rsize += 3; /* The length of "lib" */
- }
- translated = OPENSSL_malloc(rsize);
- if (translated == NULL) {
- DSOerr(DSO_F_DLFCN_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
- return (NULL);
- }
- if (transform) {
- if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
- sprintf(translated, "lib%s" DSO_ext, filename);
- else
- sprintf(translated, "%s" DSO_ext, filename);
- } else
- sprintf(translated, "%s", filename);
- return (translated);
-}
-
-# ifdef __sgi
-/*-
-This is a quote from IRIX manual for dladdr(3c):
-
- <dlfcn.h> does not contain a prototype for dladdr or definition of
- Dl_info. The #include <dlfcn.h> in the SYNOPSIS line is traditional,
- but contains no dladdr prototype and no IRIX library contains an
- implementation. Write your own declaration based on the code below.
-
- The following code is dependent on internal interfaces that are not
- part of the IRIX compatibility guarantee; however, there is no future
- intention to change this interface, so on a practical level, the code
- below is safe to use on IRIX.
-*/
-# include <rld_interface.h>
-# ifndef _RLD_INTERFACE_DLFCN_H_DLADDR
-# define _RLD_INTERFACE_DLFCN_H_DLADDR
-typedef struct Dl_info {
- const char *dli_fname;
- void *dli_fbase;
- const char *dli_sname;
- void *dli_saddr;
- int dli_version;
- int dli_reserved1;
- long dli_reserved[4];
-} Dl_info;
-# else
-typedef struct Dl_info Dl_info;
-# endif
-# define _RLD_DLADDR 14
-
-static int dladdr(void *address, Dl_info *dl)
-{
- void *v;
- v = _rld_new_interface(_RLD_DLADDR, address, dl);
- return (int)v;
-}
-# endif /* __sgi */
-
-static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
-{
-# ifdef HAVE_DLINFO
- Dl_info dli;
- int len;
-
- if (addr == NULL) {
- union {
- int (*f) (void *, char *, int);
- void *p;
- } t = {
- dlfcn_pathbyaddr
- };
- addr = t.p;
- }
-
- if (dladdr(addr, &dli)) {
- len = (int)strlen(dli.dli_fname);
- if (sz <= 0)
- return len + 1;
- if (len >= sz)
- len = sz - 1;
- memcpy(path, dli.dli_fname, len);
- path[len++] = 0;
- return len;
- }
-
- ERR_add_error_data(2, "dlfcn_pathbyaddr(): ", dlerror());
-# endif
- return -1;
-}
-
-static void *dlfcn_globallookup(const char *name)
-{
- void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
-
- if (handle) {
- ret = dlsym(handle, name);
- dlclose(handle);
- }
-
- return ret;
-}
-#endif /* DSO_DLFCN */
Copied: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dso/dso_dlfcn.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_dlfcn.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,465 @@
+/* dso_dlfcn.c */
+/*
+ * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * We need to do this early, because stdio.h includes the header files that
+ * handle _GNU_SOURCE and other similar macros. Defining it later is simply
+ * too late, because those headers are protected from re- inclusion.
+ */
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE /* make sure dladdr is declared */
+#endif
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef DSO_DLFCN
+DSO_METHOD *DSO_METHOD_dlfcn(void)
+{
+ return NULL;
+}
+#else
+
+# ifdef HAVE_DLFCN_H
+# ifdef __osf__
+# define __EXTENSIONS__
+# endif
+# include <dlfcn.h>
+# define HAVE_DLINFO 1
+# if defined(_AIX) || defined(__CYGWIN__) || \
+ defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
+ (defined(__osf__) && !defined(RTLD_NEXT)) || \
+ (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
+ defined(__ANDROID__)
+# undef HAVE_DLINFO
+# endif
+# endif
+
+/* Part of the hack in "dlfcn_load" ... */
+# define DSO_MAX_TRANSLATED_SIZE 256
+
+static int dlfcn_load(DSO *dso);
+static int dlfcn_unload(DSO *dso);
+static void *dlfcn_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
+# if 0
+static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
+static int dlfcn_init(DSO *dso);
+static int dlfcn_finish(DSO *dso);
+static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *dlfcn_name_converter(DSO *dso, const char *filename);
+static char *dlfcn_merger(DSO *dso, const char *filespec1,
+ const char *filespec2);
+static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
+static void *dlfcn_globallookup(const char *name);
+
+static DSO_METHOD dso_meth_dlfcn = {
+ "OpenSSL 'dlfcn' shared library method",
+ dlfcn_load,
+ dlfcn_unload,
+ dlfcn_bind_var,
+ dlfcn_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+ NULL, /* unbind_var */
+ NULL, /* unbind_func */
+# endif
+ NULL, /* ctrl */
+ dlfcn_name_converter,
+ dlfcn_merger,
+ NULL, /* init */
+ NULL, /* finish */
+ dlfcn_pathbyaddr,
+ dlfcn_globallookup
+};
+
+DSO_METHOD *DSO_METHOD_dlfcn(void)
+{
+ return (&dso_meth_dlfcn);
+}
+
+/*
+ * Prior to using the dlopen() function, we should decide on the flag we
+ * send. There's a few different ways of doing this and it's a messy
+ * venn-diagram to match up which platforms support what. So as we don't have
+ * autoconf yet, I'm implementing a hack that could be hacked further
+ * relatively easily to deal with cases as we find them. Initially this is to
+ * cope with OpenBSD.
+ */
+# if defined(__OpenBSD__) || defined(__NetBSD__)
+# ifdef DL_LAZY
+# define DLOPEN_FLAG DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define DLOPEN_FLAG RTLD_NOW
+# else
+# define DLOPEN_FLAG 0
+# endif
+# endif
+# else
+# ifdef OPENSSL_SYS_SUNOS
+# define DLOPEN_FLAG 1
+# else
+# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
+# endif
+# endif
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
+ * (void*) returned from dlopen().
+ */
+
+static int dlfcn_load(DSO *dso)
+{
+ void *ptr = NULL;
+ /* See applicable comments in dso_dl.c */
+ char *filename = DSO_convert_filename(dso, NULL);
+ int flags = DLOPEN_FLAG;
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
+ goto err;
+ }
+# ifdef RTLD_GLOBAL
+ if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS)
+ flags |= RTLD_GLOBAL;
+# endif
+ ptr = dlopen(filename, flags);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DLFCN_LOAD, DSO_R_LOAD_FAILED);
+ ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
+ goto err;
+ }
+ if (!sk_void_push(dso->meth_data, (char *)ptr)) {
+ DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
+ goto err;
+ }
+ /* Success */
+ dso->loaded_filename = filename;
+ return (1);
+ err:
+ /* Cleanup! */
+ if (filename != NULL)
+ OPENSSL_free(filename);
+ if (ptr != NULL)
+ dlclose(ptr);
+ return (0);
+}
+
+static int dlfcn_unload(DSO *dso)
+{
+ void *ptr;
+ if (dso == NULL) {
+ DSOerr(DSO_F_DLFCN_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (sk_void_num(dso->meth_data) < 1)
+ return (1);
+ ptr = sk_void_pop(dso->meth_data);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DLFCN_UNLOAD, DSO_R_NULL_HANDLE);
+ /*
+ * Should push the value back onto the stack in case of a retry.
+ */
+ sk_void_push(dso->meth_data, ptr);
+ return (0);
+ }
+ /* For now I'm not aware of any errors associated with dlclose() */
+ dlclose(ptr);
+ return (1);
+}
+
+static void *dlfcn_bind_var(DSO *dso, const char *symname)
+{
+ void *ptr, *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_void_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ sym = dlsym(ptr, symname);
+ if (sym == NULL) {
+ DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
+ return (NULL);
+ }
+ return (sym);
+}
+
+static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
+{
+ void *ptr;
+ union {
+ DSO_FUNC_TYPE sym;
+ void *dlret;
+ } u;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_void_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ u.dlret = dlsym(ptr, symname);
+ if (u.dlret == NULL) {
+ DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
+ return (NULL);
+ }
+ return u.sym;
+}
+
+static char *dlfcn_merger(DSO *dso, const char *filespec1,
+ const char *filespec2)
+{
+ char *merged;
+
+ if (!filespec1 && !filespec2) {
+ DSOerr(DSO_F_DLFCN_MERGER, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ /*
+ * If the first file specification is a rooted path, it rules. same goes
+ * if the second file specification is missing.
+ */
+ if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
+ merged = OPENSSL_malloc(strlen(filespec1) + 1);
+ if (!merged) {
+ DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec1);
+ }
+ /*
+ * If the first file specification is missing, the second one rules.
+ */
+ else if (!filespec1) {
+ merged = OPENSSL_malloc(strlen(filespec2) + 1);
+ if (!merged) {
+ DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec2);
+ } else {
+ /*
+ * This part isn't as trivial as it looks. It assumes that the
+ * second file specification really is a directory, and makes no
+ * checks whatsoever. Therefore, the result becomes the
+ * concatenation of filespec2 followed by a slash followed by
+ * filespec1.
+ */
+ int spec2len, len;
+
+ spec2len = strlen(filespec2);
+ len = spec2len + strlen(filespec1);
+
+ if (spec2len && filespec2[spec2len - 1] == '/') {
+ spec2len--;
+ len--;
+ }
+ merged = OPENSSL_malloc(len + 2);
+ if (!merged) {
+ DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec2);
+ merged[spec2len] = '/';
+ strcpy(&merged[spec2len + 1], filespec1);
+ }
+ return (merged);
+}
+
+# ifdef OPENSSL_SYS_MACOSX
+# define DSO_ext ".dylib"
+# define DSO_extlen 6
+# else
+# define DSO_ext ".so"
+# define DSO_extlen 3
+# endif
+
+static char *dlfcn_name_converter(DSO *dso, const char *filename)
+{
+ char *translated;
+ int len, rsize, transform;
+
+ len = strlen(filename);
+ rsize = len + 1;
+ transform = (strstr(filename, "/") == NULL);
+ if (transform) {
+ /* We will convert this to "%s.so" or "lib%s.so" etc */
+ rsize += DSO_extlen; /* The length of ".so" */
+ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+ rsize += 3; /* The length of "lib" */
+ }
+ translated = OPENSSL_malloc(rsize);
+ if (translated == NULL) {
+ DSOerr(DSO_F_DLFCN_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+ return (NULL);
+ }
+ if (transform) {
+ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+ sprintf(translated, "lib%s" DSO_ext, filename);
+ else
+ sprintf(translated, "%s" DSO_ext, filename);
+ } else
+ sprintf(translated, "%s", filename);
+ return (translated);
+}
+
+# ifdef __sgi
+/*-
+This is a quote from IRIX manual for dladdr(3c):
+
+ <dlfcn.h> does not contain a prototype for dladdr or definition of
+ Dl_info. The #include <dlfcn.h> in the SYNOPSIS line is traditional,
+ but contains no dladdr prototype and no IRIX library contains an
+ implementation. Write your own declaration based on the code below.
+
+ The following code is dependent on internal interfaces that are not
+ part of the IRIX compatibility guarantee; however, there is no future
+ intention to change this interface, so on a practical level, the code
+ below is safe to use on IRIX.
+*/
+# include <rld_interface.h>
+# ifndef _RLD_INTERFACE_DLFCN_H_DLADDR
+# define _RLD_INTERFACE_DLFCN_H_DLADDR
+typedef struct Dl_info {
+ const char *dli_fname;
+ void *dli_fbase;
+ const char *dli_sname;
+ void *dli_saddr;
+ int dli_version;
+ int dli_reserved1;
+ long dli_reserved[4];
+} Dl_info;
+# else
+typedef struct Dl_info Dl_info;
+# endif
+# define _RLD_DLADDR 14
+
+static int dladdr(void *address, Dl_info *dl)
+{
+ void *v;
+ v = _rld_new_interface(_RLD_DLADDR, address, dl);
+ return (int)v;
+}
+# endif /* __sgi */
+
+static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
+{
+# ifdef HAVE_DLINFO
+ Dl_info dli;
+ int len;
+
+ if (addr == NULL) {
+ union {
+ int (*f) (void *, char *, int);
+ void *p;
+ } t = {
+ dlfcn_pathbyaddr
+ };
+ addr = t.p;
+ }
+
+ if (dladdr(addr, &dli)) {
+ len = (int)strlen(dli.dli_fname);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ memcpy(path, dli.dli_fname, len);
+ path[len++] = 0;
+ return len;
+ }
+
+ ERR_add_error_data(2, "dlfcn_pathbyaddr(): ", dlerror());
+# endif
+ return -1;
+}
+
+static void *dlfcn_globallookup(const char *name)
+{
+ void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
+
+ if (handle) {
+ ret = dlsym(handle, name);
+ dlclose(handle);
+ }
+
+ return ret;
+}
+#endif /* DSO_DLFCN */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dso/dso_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,447 +0,0 @@
-/* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD *default_DSO_meth = NULL;
-
-DSO *DSO_new(void)
-{
- return (DSO_new_method(NULL));
-}
-
-void DSO_set_default_method(DSO_METHOD *meth)
-{
- default_DSO_meth = meth;
-}
-
-DSO_METHOD *DSO_get_default_method(void)
-{
- return (default_DSO_meth);
-}
-
-DSO_METHOD *DSO_get_method(DSO *dso)
-{
- return (dso->meth);
-}
-
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
-{
- DSO_METHOD *mtmp;
- mtmp = dso->meth;
- dso->meth = meth;
- return (mtmp);
-}
-
-DSO *DSO_new_method(DSO_METHOD *meth)
-{
- DSO *ret;
-
- if (default_DSO_meth == NULL)
- /*
- * We default to DSO_METH_openssl() which in turn defaults to
- * stealing the "best available" method. Will fallback to
- * DSO_METH_null() in the worst case.
- */
- default_DSO_meth = DSO_METHOD_openssl();
- ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
- if (ret == NULL) {
- DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- memset(ret, 0, sizeof(DSO));
- ret->meth_data = sk_void_new_null();
- if (ret->meth_data == NULL) {
- /* sk_new doesn't generate any errors so we do */
- DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(ret);
- return (NULL);
- }
- if (meth == NULL)
- ret->meth = default_DSO_meth;
- else
- ret->meth = meth;
- ret->references = 1;
- if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
- OPENSSL_free(ret);
- ret = NULL;
- }
- return (ret);
-}
-
-int DSO_free(DSO *dso)
-{
- int i;
-
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_FREE, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
-
- i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO);
-#ifdef REF_PRINT
- REF_PRINT("DSO", dso);
-#endif
- if (i > 0)
- return (1);
-#ifdef REF_CHECK
- if (i < 0) {
- fprintf(stderr, "DSO_free, bad reference count\n");
- abort();
- }
-#endif
-
- if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
- DSOerr(DSO_F_DSO_FREE, DSO_R_UNLOAD_FAILED);
- return (0);
- }
-
- if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
- DSOerr(DSO_F_DSO_FREE, DSO_R_FINISH_FAILED);
- return (0);
- }
-
- sk_void_free(dso->meth_data);
- if (dso->filename != NULL)
- OPENSSL_free(dso->filename);
- if (dso->loaded_filename != NULL)
- OPENSSL_free(dso->loaded_filename);
-
- OPENSSL_free(dso);
- return (1);
-}
-
-int DSO_flags(DSO *dso)
-{
- return ((dso == NULL) ? 0 : dso->flags);
-}
-
-int DSO_up_ref(DSO *dso)
-{
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
-
- CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO);
- return (1);
-}
-
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
-{
- DSO *ret;
- int allocated = 0;
-
- if (dso == NULL) {
- ret = DSO_new_method(meth);
- if (ret == NULL) {
- DSOerr(DSO_F_DSO_LOAD, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- allocated = 1;
- /* Pass the provided flags to the new DSO object */
- if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) {
- DSOerr(DSO_F_DSO_LOAD, DSO_R_CTRL_FAILED);
- goto err;
- }
- } else
- ret = dso;
- /* Don't load if we're currently already loaded */
- if (ret->filename != NULL) {
- DSOerr(DSO_F_DSO_LOAD, DSO_R_DSO_ALREADY_LOADED);
- goto err;
- }
- /*
- * filename can only be NULL if we were passed a dso that already has one
- * set.
- */
- if (filename != NULL)
- if (!DSO_set_filename(ret, filename)) {
- DSOerr(DSO_F_DSO_LOAD, DSO_R_SET_FILENAME_FAILED);
- goto err;
- }
- filename = ret->filename;
- if (filename == NULL) {
- DSOerr(DSO_F_DSO_LOAD, DSO_R_NO_FILENAME);
- goto err;
- }
- if (ret->meth->dso_load == NULL) {
- DSOerr(DSO_F_DSO_LOAD, DSO_R_UNSUPPORTED);
- goto err;
- }
- if (!ret->meth->dso_load(ret)) {
- DSOerr(DSO_F_DSO_LOAD, DSO_R_LOAD_FAILED);
- goto err;
- }
- /* Load succeeded */
- return (ret);
- err:
- if (allocated)
- DSO_free(ret);
- return (NULL);
-}
-
-void *DSO_bind_var(DSO *dso, const char *symname)
-{
- void *ret = NULL;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_DSO_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (dso->meth->dso_bind_var == NULL) {
- DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_UNSUPPORTED);
- return (NULL);
- }
- if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) {
- DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_SYM_FAILURE);
- return (NULL);
- }
- /* Success */
- return (ret);
-}
-
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
-{
- DSO_FUNC_TYPE ret = NULL;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_DSO_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (dso->meth->dso_bind_func == NULL) {
- DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_UNSUPPORTED);
- return (NULL);
- }
- if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) {
- DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_SYM_FAILURE);
- return (NULL);
- }
- /* Success */
- return (ret);
-}
-
-/*
- * I don't really like these *_ctrl functions very much to be perfectly
- * honest. For one thing, I think I have to return a negative value for any
- * error because possible DSO_ctrl() commands may return values such as
- * "size"s that can legitimately be zero (making the standard
- * "if (DSO_cmd(...))" form that works almost everywhere else fail at odd
- * times. I'd prefer "output" values to be passed by reference and the return
- * value as success/failure like usual ... but we conform when we must... :-)
- */
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
-{
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return (-1);
- }
- /*
- * We should intercept certain generic commands and only pass control to
- * the method-specific ctrl() function if it's something we don't handle.
- */
- switch (cmd) {
- case DSO_CTRL_GET_FLAGS:
- return dso->flags;
- case DSO_CTRL_SET_FLAGS:
- dso->flags = (int)larg;
- return (0);
- case DSO_CTRL_OR_FLAGS:
- dso->flags |= (int)larg;
- return (0);
- default:
- break;
- }
- if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) {
- DSOerr(DSO_F_DSO_CTRL, DSO_R_UNSUPPORTED);
- return (-1);
- }
- return (dso->meth->dso_ctrl(dso, cmd, larg, parg));
-}
-
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
- DSO_NAME_CONVERTER_FUNC *oldcb)
-{
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_SET_NAME_CONVERTER, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (oldcb)
- *oldcb = dso->name_converter;
- dso->name_converter = cb;
- return (1);
-}
-
-const char *DSO_get_filename(DSO *dso)
-{
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_GET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- return (dso->filename);
-}
-
-int DSO_set_filename(DSO *dso, const char *filename)
-{
- char *copied;
-
- if ((dso == NULL) || (filename == NULL)) {
- DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (dso->loaded_filename) {
- DSOerr(DSO_F_DSO_SET_FILENAME, DSO_R_DSO_ALREADY_LOADED);
- return (0);
- }
- /* We'll duplicate filename */
- copied = OPENSSL_malloc(strlen(filename) + 1);
- if (copied == NULL) {
- DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- BUF_strlcpy(copied, filename, strlen(filename) + 1);
- if (dso->filename)
- OPENSSL_free(dso->filename);
- dso->filename = copied;
- return (1);
-}
-
-char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
-{
- char *result = NULL;
-
- if (dso == NULL || filespec1 == NULL) {
- DSOerr(DSO_F_DSO_MERGE, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
- if (dso->merger != NULL)
- result = dso->merger(dso, filespec1, filespec2);
- else if (dso->meth->dso_merger != NULL)
- result = dso->meth->dso_merger(dso, filespec1, filespec2);
- }
- return (result);
-}
-
-char *DSO_convert_filename(DSO *dso, const char *filename)
-{
- char *result = NULL;
-
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (filename == NULL)
- filename = dso->filename;
- if (filename == NULL) {
- DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
- return (NULL);
- }
- if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
- if (dso->name_converter != NULL)
- result = dso->name_converter(dso, filename);
- else if (dso->meth->dso_name_converter != NULL)
- result = dso->meth->dso_name_converter(dso, filename);
- }
- if (result == NULL) {
- result = OPENSSL_malloc(strlen(filename) + 1);
- if (result == NULL) {
- DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- BUF_strlcpy(result, filename, strlen(filename) + 1);
- }
- return (result);
-}
-
-const char *DSO_get_loaded_filename(DSO *dso)
-{
- if (dso == NULL) {
- DSOerr(DSO_F_DSO_GET_LOADED_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- return (dso->loaded_filename);
-}
-
-int DSO_pathbyaddr(void *addr, char *path, int sz)
-{
- DSO_METHOD *meth = default_DSO_meth;
- if (meth == NULL)
- meth = DSO_METHOD_openssl();
- if (meth->pathbyaddr == NULL) {
- DSOerr(DSO_F_DSO_PATHBYADDR, DSO_R_UNSUPPORTED);
- return -1;
- }
- return (*meth->pathbyaddr) (addr, path, sz);
-}
-
-void *DSO_global_lookup(const char *name)
-{
- DSO_METHOD *meth = default_DSO_meth;
- if (meth == NULL)
- meth = DSO_METHOD_openssl();
- if (meth->globallookup == NULL) {
- DSOerr(DSO_F_DSO_GLOBAL_LOOKUP, DSO_R_UNSUPPORTED);
- return NULL;
- }
- return (*meth->globallookup) (name);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dso/dso_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,447 @@
+/* dso_lib.c */
+/*
+ * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+static DSO_METHOD *default_DSO_meth = NULL;
+
+DSO *DSO_new(void)
+{
+ return (DSO_new_method(NULL));
+}
+
+void DSO_set_default_method(DSO_METHOD *meth)
+{
+ default_DSO_meth = meth;
+}
+
+DSO_METHOD *DSO_get_default_method(void)
+{
+ return (default_DSO_meth);
+}
+
+DSO_METHOD *DSO_get_method(DSO *dso)
+{
+ return (dso->meth);
+}
+
+DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
+{
+ DSO_METHOD *mtmp;
+ mtmp = dso->meth;
+ dso->meth = meth;
+ return (mtmp);
+}
+
+DSO *DSO_new_method(DSO_METHOD *meth)
+{
+ DSO *ret;
+
+ if (default_DSO_meth == NULL)
+ /*
+ * We default to DSO_METH_openssl() which in turn defaults to
+ * stealing the "best available" method. Will fallback to
+ * DSO_METH_null() in the worst case.
+ */
+ default_DSO_meth = DSO_METHOD_openssl();
+ ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
+ if (ret == NULL) {
+ DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ memset(ret, 0, sizeof(DSO));
+ ret->meth_data = sk_void_new_null();
+ if (ret->meth_data == NULL) {
+ /* sk_new doesn't generate any errors so we do */
+ DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(ret);
+ return (NULL);
+ }
+ if (meth == NULL)
+ ret->meth = default_DSO_meth;
+ else
+ ret->meth = meth;
+ ret->references = 1;
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+ OPENSSL_free(ret);
+ ret = NULL;
+ }
+ return (ret);
+}
+
+int DSO_free(DSO *dso)
+{
+ int i;
+
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_FREE, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+
+ i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO);
+#ifdef REF_PRINT
+ REF_PRINT("DSO", dso);
+#endif
+ if (i > 0)
+ return (1);
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "DSO_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
+ DSOerr(DSO_F_DSO_FREE, DSO_R_UNLOAD_FAILED);
+ return (0);
+ }
+
+ if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
+ DSOerr(DSO_F_DSO_FREE, DSO_R_FINISH_FAILED);
+ return (0);
+ }
+
+ sk_void_free(dso->meth_data);
+ if (dso->filename != NULL)
+ OPENSSL_free(dso->filename);
+ if (dso->loaded_filename != NULL)
+ OPENSSL_free(dso->loaded_filename);
+
+ OPENSSL_free(dso);
+ return (1);
+}
+
+int DSO_flags(DSO *dso)
+{
+ return ((dso == NULL) ? 0 : dso->flags);
+}
+
+int DSO_up_ref(DSO *dso)
+{
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+
+ CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO);
+ return (1);
+}
+
+DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
+{
+ DSO *ret;
+ int allocated = 0;
+
+ if (dso == NULL) {
+ ret = DSO_new_method(meth);
+ if (ret == NULL) {
+ DSOerr(DSO_F_DSO_LOAD, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ allocated = 1;
+ /* Pass the provided flags to the new DSO object */
+ if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) {
+ DSOerr(DSO_F_DSO_LOAD, DSO_R_CTRL_FAILED);
+ goto err;
+ }
+ } else
+ ret = dso;
+ /* Don't load if we're currently already loaded */
+ if (ret->filename != NULL) {
+ DSOerr(DSO_F_DSO_LOAD, DSO_R_DSO_ALREADY_LOADED);
+ goto err;
+ }
+ /*
+ * filename can only be NULL if we were passed a dso that already has one
+ * set.
+ */
+ if (filename != NULL)
+ if (!DSO_set_filename(ret, filename)) {
+ DSOerr(DSO_F_DSO_LOAD, DSO_R_SET_FILENAME_FAILED);
+ goto err;
+ }
+ filename = ret->filename;
+ if (filename == NULL) {
+ DSOerr(DSO_F_DSO_LOAD, DSO_R_NO_FILENAME);
+ goto err;
+ }
+ if (ret->meth->dso_load == NULL) {
+ DSOerr(DSO_F_DSO_LOAD, DSO_R_UNSUPPORTED);
+ goto err;
+ }
+ if (!ret->meth->dso_load(ret)) {
+ DSOerr(DSO_F_DSO_LOAD, DSO_R_LOAD_FAILED);
+ goto err;
+ }
+ /* Load succeeded */
+ return (ret);
+ err:
+ if (allocated)
+ DSO_free(ret);
+ return (NULL);
+}
+
+void *DSO_bind_var(DSO *dso, const char *symname)
+{
+ void *ret = NULL;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_DSO_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (dso->meth->dso_bind_var == NULL) {
+ DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_UNSUPPORTED);
+ return (NULL);
+ }
+ if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) {
+ DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_SYM_FAILURE);
+ return (NULL);
+ }
+ /* Success */
+ return (ret);
+}
+
+DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
+{
+ DSO_FUNC_TYPE ret = NULL;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_DSO_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (dso->meth->dso_bind_func == NULL) {
+ DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_UNSUPPORTED);
+ return (NULL);
+ }
+ if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) {
+ DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_SYM_FAILURE);
+ return (NULL);
+ }
+ /* Success */
+ return (ret);
+}
+
+/*
+ * I don't really like these *_ctrl functions very much to be perfectly
+ * honest. For one thing, I think I have to return a negative value for any
+ * error because possible DSO_ctrl() commands may return values such as
+ * "size"s that can legitimately be zero (making the standard
+ * "if (DSO_cmd(...))" form that works almost everywhere else fail at odd
+ * times. I'd prefer "output" values to be passed by reference and the return
+ * value as success/failure like usual ... but we conform when we must... :-)
+ */
+long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
+{
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return (-1);
+ }
+ /*
+ * We should intercept certain generic commands and only pass control to
+ * the method-specific ctrl() function if it's something we don't handle.
+ */
+ switch (cmd) {
+ case DSO_CTRL_GET_FLAGS:
+ return dso->flags;
+ case DSO_CTRL_SET_FLAGS:
+ dso->flags = (int)larg;
+ return (0);
+ case DSO_CTRL_OR_FLAGS:
+ dso->flags |= (int)larg;
+ return (0);
+ default:
+ break;
+ }
+ if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) {
+ DSOerr(DSO_F_DSO_CTRL, DSO_R_UNSUPPORTED);
+ return (-1);
+ }
+ return (dso->meth->dso_ctrl(dso, cmd, larg, parg));
+}
+
+int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
+ DSO_NAME_CONVERTER_FUNC *oldcb)
+{
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_SET_NAME_CONVERTER, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (oldcb)
+ *oldcb = dso->name_converter;
+ dso->name_converter = cb;
+ return (1);
+}
+
+const char *DSO_get_filename(DSO *dso)
+{
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_GET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ return (dso->filename);
+}
+
+int DSO_set_filename(DSO *dso, const char *filename)
+{
+ char *copied;
+
+ if ((dso == NULL) || (filename == NULL)) {
+ DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (dso->loaded_filename) {
+ DSOerr(DSO_F_DSO_SET_FILENAME, DSO_R_DSO_ALREADY_LOADED);
+ return (0);
+ }
+ /* We'll duplicate filename */
+ copied = OPENSSL_malloc(strlen(filename) + 1);
+ if (copied == NULL) {
+ DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ BUF_strlcpy(copied, filename, strlen(filename) + 1);
+ if (dso->filename)
+ OPENSSL_free(dso->filename);
+ dso->filename = copied;
+ return (1);
+}
+
+char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
+{
+ char *result = NULL;
+
+ if (dso == NULL || filespec1 == NULL) {
+ DSOerr(DSO_F_DSO_MERGE, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
+ if (dso->merger != NULL)
+ result = dso->merger(dso, filespec1, filespec2);
+ else if (dso->meth->dso_merger != NULL)
+ result = dso->meth->dso_merger(dso, filespec1, filespec2);
+ }
+ return (result);
+}
+
+char *DSO_convert_filename(DSO *dso, const char *filename)
+{
+ char *result = NULL;
+
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (filename == NULL)
+ filename = dso->filename;
+ if (filename == NULL) {
+ DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
+ return (NULL);
+ }
+ if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
+ if (dso->name_converter != NULL)
+ result = dso->name_converter(dso, filename);
+ else if (dso->meth->dso_name_converter != NULL)
+ result = dso->meth->dso_name_converter(dso, filename);
+ }
+ if (result == NULL) {
+ result = OPENSSL_malloc(strlen(filename) + 1);
+ if (result == NULL) {
+ DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ BUF_strlcpy(result, filename, strlen(filename) + 1);
+ }
+ return (result);
+}
+
+const char *DSO_get_loaded_filename(DSO *dso)
+{
+ if (dso == NULL) {
+ DSOerr(DSO_F_DSO_GET_LOADED_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ return (dso->loaded_filename);
+}
+
+int DSO_pathbyaddr(void *addr, char *path, int sz)
+{
+ DSO_METHOD *meth = default_DSO_meth;
+ if (meth == NULL)
+ meth = DSO_METHOD_openssl();
+ if (meth->pathbyaddr == NULL) {
+ DSOerr(DSO_F_DSO_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+ return (*meth->pathbyaddr) (addr, path, sz);
+}
+
+void *DSO_global_lookup(const char *name)
+{
+ DSO_METHOD *meth = default_DSO_meth;
+ if (meth == NULL)
+ meth = DSO_METHOD_openssl();
+ if (meth->globallookup == NULL) {
+ DSOerr(DSO_F_DSO_GLOBAL_LOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+ return (*meth->globallookup) (name);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dso/dso_vms.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,547 +0,0 @@
-/* dso_vms.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef OPENSSL_SYS_VMS
-DSO_METHOD *DSO_METHOD_vms(void)
-{
- return NULL;
-}
-#else
-
-# pragma message disable DOLLARID
-# include <rms.h>
-# include <lib$routines.h>
-# include <stsdef.h>
-# include <descrip.h>
-# include <starlet.h>
-# include "vms_rms.h"
-
-/* Some compiler options may mask the declaration of "_malloc32". */
-# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
-# if __INITIAL_POINTER_SIZE == 64
-# pragma pointer_size save
-# pragma pointer_size 32
-void *_malloc32(__size_t);
-# pragma pointer_size restore
-# endif /* __INITIAL_POINTER_SIZE == 64 */
-# endif /* __INITIAL_POINTER_SIZE && defined
- * _ANSI_C_SOURCE */
-
-# pragma message disable DOLLARID
-
-static int vms_load(DSO *dso);
-static int vms_unload(DSO *dso);
-static void *vms_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname);
-# if 0
-static int vms_unbind_var(DSO *dso, char *symname, void *symptr);
-static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int vms_init(DSO *dso);
-static int vms_finish(DSO *dso);
-static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *vms_name_converter(DSO *dso, const char *filename);
-static char *vms_merger(DSO *dso, const char *filespec1,
- const char *filespec2);
-
-static DSO_METHOD dso_meth_vms = {
- "OpenSSL 'VMS' shared library method",
- vms_load,
- NULL, /* unload */
- vms_bind_var,
- vms_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
- NULL, /* unbind_var */
- NULL, /* unbind_func */
-# endif
- NULL, /* ctrl */
- vms_name_converter,
- vms_merger,
- NULL, /* init */
- NULL /* finish */
-};
-
-/*
- * On VMS, the only "handle" is the file name. LIB$FIND_IMAGE_SYMBOL depends
- * on the reference to the file name being the same for all calls regarding
- * one shared image, so we'll just store it in an instance of the following
- * structure and put a pointer to that instance in the meth_data stack.
- */
-typedef struct dso_internal_st {
- /*
- * This should contain the name only, no directory, no extension, nothing
- * but a name.
- */
- struct dsc$descriptor_s filename_dsc;
- char filename[NAMX_MAXRSS + 1];
- /*
- * This contains whatever is not in filename, if needed. Normally not
- * defined.
- */
- struct dsc$descriptor_s imagename_dsc;
- char imagename[NAMX_MAXRSS + 1];
-} DSO_VMS_INTERNAL;
-
-DSO_METHOD *DSO_METHOD_vms(void)
-{
- return (&dso_meth_vms);
-}
-
-static int vms_load(DSO *dso)
-{
- void *ptr = NULL;
- /* See applicable comments in dso_dl.c */
- char *filename = DSO_convert_filename(dso, NULL);
-
-/* Ensure 32-bit pointer for "p", and appropriate malloc() function. */
-# if __INITIAL_POINTER_SIZE == 64
-# define DSO_MALLOC _malloc32
-# pragma pointer_size save
-# pragma pointer_size 32
-# else /* __INITIAL_POINTER_SIZE == 64 */
-# define DSO_MALLOC OPENSSL_malloc
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-
- DSO_VMS_INTERNAL *p = NULL;
-
-# if __INITIAL_POINTER_SIZE == 64
-# pragma pointer_size restore
-# endif /* __INITIAL_POINTER_SIZE == 64 */
-
- const char *sp1, *sp2; /* Search result */
- const char *ext = NULL; /* possible extension to add */
-
- if (filename == NULL) {
- DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
- goto err;
- }
-
- /*-
- * A file specification may look like this:
- *
- * node::dev:[dir-spec]name.type;ver
- *
- * or (for compatibility with TOPS-20):
- *
- * node::dev:<dir-spec>name.type;ver
- *
- * and the dir-spec uses '.' as separator. Also, a dir-spec
- * may consist of several parts, with mixed use of [] and <>:
- *
- * [dir1.]<dir2>
- *
- * We need to split the file specification into the name and
- * the rest (both before and after the name itself).
- */
- /*
- * Start with trying to find the end of a dir-spec, and save the position
- * of the byte after in sp1
- */
- sp1 = strrchr(filename, ']');
- sp2 = strrchr(filename, '>');
- if (sp1 == NULL)
- sp1 = sp2;
- if (sp2 != NULL && sp2 > sp1)
- sp1 = sp2;
- if (sp1 == NULL)
- sp1 = strrchr(filename, ':');
- if (sp1 == NULL)
- sp1 = filename;
- else
- sp1++; /* The byte after the found character */
- /* Now, let's see if there's a type, and save the position in sp2 */
- sp2 = strchr(sp1, '.');
- /*
- * If there is a period and the next character is a semi-colon,
- * we need to add an extension
- */
- if (sp2 != NULL && sp2[1] == ';')
- ext = ".EXE";
- /*
- * If we found it, that's where we'll cut. Otherwise, look for a version
- * number and save the position in sp2
- */
- if (sp2 == NULL) {
- sp2 = strchr(sp1, ';');
- ext = ".EXE";
- }
- /*
- * If there was still nothing to find, set sp2 to point at the end of the
- * string
- */
- if (sp2 == NULL)
- sp2 = sp1 + strlen(sp1);
-
- /* Check that we won't get buffer overflows */
- if (sp2 - sp1 > FILENAME_MAX
- || (sp1 - filename) + strlen(sp2) > FILENAME_MAX) {
- DSOerr(DSO_F_VMS_LOAD, DSO_R_FILENAME_TOO_BIG);
- goto err;
- }
-
- p = DSO_MALLOC(sizeof(DSO_VMS_INTERNAL));
- if (p == NULL) {
- DSOerr(DSO_F_VMS_LOAD, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- strncpy(p->filename, sp1, sp2 - sp1);
- p->filename[sp2 - sp1] = '\0';
-
- strncpy(p->imagename, filename, sp1 - filename);
- p->imagename[sp1 - filename] = '\0';
- if (ext) {
- strcat(p->imagename, ext);
- if (*sp2 == '.')
- sp2++;
- }
- strcat(p->imagename, sp2);
-
- p->filename_dsc.dsc$w_length = strlen(p->filename);
- p->filename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- p->filename_dsc.dsc$b_class = DSC$K_CLASS_S;
- p->filename_dsc.dsc$a_pointer = p->filename;
- p->imagename_dsc.dsc$w_length = strlen(p->imagename);
- p->imagename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
- p->imagename_dsc.dsc$a_pointer = p->imagename;
-
- if (!sk_void_push(dso->meth_data, (char *)p)) {
- DSOerr(DSO_F_VMS_LOAD, DSO_R_STACK_ERROR);
- goto err;
- }
-
- /* Success (for now, we lie. We actually do not know...) */
- dso->loaded_filename = filename;
- return (1);
- err:
- /* Cleanup! */
- if (p != NULL)
- OPENSSL_free(p);
- if (filename != NULL)
- OPENSSL_free(filename);
- return (0);
-}
-
-/*
- * Note that this doesn't actually unload the shared image, as there is no
- * such thing in VMS. Next time it get loaded again, a new copy will
- * actually be loaded.
- */
-static int vms_unload(DSO *dso)
-{
- DSO_VMS_INTERNAL *p;
- if (dso == NULL) {
- DSOerr(DSO_F_VMS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (sk_void_num(dso->meth_data) < 1)
- return (1);
- p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data);
- if (p == NULL) {
- DSOerr(DSO_F_VMS_UNLOAD, DSO_R_NULL_HANDLE);
- return (0);
- }
- /* Cleanup */
- OPENSSL_free(p);
- return (1);
-}
-
-/*
- * We must do this in a separate function because of the way the exception
- * handler works (it makes this function return
- */
-static int do_find_symbol(DSO_VMS_INTERNAL *ptr,
- struct dsc$descriptor_s *symname_dsc, void **sym,
- unsigned long flags)
-{
- /*
- * Make sure that signals are caught and returned instead of aborting the
- * program. The exception handler gets unestablished automatically on
- * return from this function.
- */
- lib$establish(lib$sig_to_ret);
-
- if (ptr->imagename_dsc.dsc$w_length)
- return lib$find_image_symbol(&ptr->filename_dsc,
- symname_dsc, sym,
- &ptr->imagename_dsc, flags);
- else
- return lib$find_image_symbol(&ptr->filename_dsc,
- symname_dsc, sym, 0, flags);
-}
-
-void vms_bind_sym(DSO *dso, const char *symname, void **sym)
-{
- DSO_VMS_INTERNAL *ptr;
- int status;
-# if 0
- int flags = (1 << 4); /* LIB$M_FIS_MIXEDCASE, but this symbol isn't
- * defined in VMS older than 7.0 or so */
-# else
- int flags = 0;
-# endif
- struct dsc$descriptor_s symname_dsc;
-
-/* Arrange 32-bit pointer to (copied) string storage, if needed. */
-# if __INITIAL_POINTER_SIZE == 64
-# define SYMNAME symname_32p
-# pragma pointer_size save
-# pragma pointer_size 32
- char *symname_32p;
-# pragma pointer_size restore
- char symname_32[NAMX_MAXRSS + 1];
-# else /* __INITIAL_POINTER_SIZE == 64 */
-# define SYMNAME ((char *) symname)
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-
- *sym = NULL;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_VMS_BIND_SYM, ERR_R_PASSED_NULL_PARAMETER);
- return;
- }
-# if __INITIAL_POINTER_SIZE == 64
- /* Copy the symbol name to storage with a 32-bit pointer. */
- symname_32p = symname_32;
- strcpy(symname_32p, symname);
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-
- symname_dsc.dsc$w_length = strlen(SYMNAME);
- symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- symname_dsc.dsc$b_class = DSC$K_CLASS_S;
- symname_dsc.dsc$a_pointer = SYMNAME;
-
- if (sk_void_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_STACK_ERROR);
- return;
- }
- ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data,
- sk_void_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_NULL_HANDLE);
- return;
- }
-
- if (dso->flags & DSO_FLAG_UPCASE_SYMBOL)
- flags = 0;
-
- status = do_find_symbol(ptr, &symname_dsc, sym, flags);
-
- if (!$VMS_STATUS_SUCCESS(status)) {
- unsigned short length;
- char errstring[257];
- struct dsc$descriptor_s errstring_dsc;
-
- errstring_dsc.dsc$w_length = sizeof(errstring);
- errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
- errstring_dsc.dsc$a_pointer = errstring;
-
- *sym = NULL;
-
- status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
-
- if (!$VMS_STATUS_SUCCESS(status))
- lib$signal(status); /* This is really bad. Abort! */
- else {
- errstring[length] = '\0';
-
- DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_SYM_FAILURE);
- if (ptr->imagename_dsc.dsc$w_length)
- ERR_add_error_data(9,
- "Symbol ", symname,
- " in ", ptr->filename,
- " (", ptr->imagename, ")",
- ": ", errstring);
- else
- ERR_add_error_data(6,
- "Symbol ", symname,
- " in ", ptr->filename, ": ", errstring);
- }
- return;
- }
- return;
-}
-
-static void *vms_bind_var(DSO *dso, const char *symname)
-{
- void *sym = 0;
- vms_bind_sym(dso, symname, &sym);
- return sym;
-}
-
-static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname)
-{
- DSO_FUNC_TYPE sym = 0;
- vms_bind_sym(dso, symname, (void **)&sym);
- return sym;
-}
-
-static char *vms_merger(DSO *dso, const char *filespec1,
- const char *filespec2)
-{
- int status;
- int filespec1len, filespec2len;
- struct FAB fab;
- struct NAMX_STRUCT nam;
- char esa[NAMX_MAXRSS + 1];
- char *merged;
-
-/* Arrange 32-bit pointer to (copied) string storage, if needed. */
-# if __INITIAL_POINTER_SIZE == 64
-# define FILESPEC1 filespec1_32p;
-# define FILESPEC2 filespec2_32p;
-# pragma pointer_size save
-# pragma pointer_size 32
- char *filespec1_32p;
- char *filespec2_32p;
-# pragma pointer_size restore
- char filespec1_32[NAMX_MAXRSS + 1];
- char filespec2_32[NAMX_MAXRSS + 1];
-# else /* __INITIAL_POINTER_SIZE == 64 */
-# define FILESPEC1 ((char *) filespec1)
-# define FILESPEC2 ((char *) filespec2)
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-
- if (!filespec1)
- filespec1 = "";
- if (!filespec2)
- filespec2 = "";
- filespec1len = strlen(filespec1);
- filespec2len = strlen(filespec2);
-
-# if __INITIAL_POINTER_SIZE == 64
- /* Copy the file names to storage with a 32-bit pointer. */
- filespec1_32p = filespec1_32;
- filespec2_32p = filespec2_32;
- strcpy(filespec1_32p, filespec1);
- strcpy(filespec2_32p, filespec2);
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-
- fab = cc$rms_fab;
- nam = CC_RMS_NAMX;
-
- FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNA = FILESPEC1;
- FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNS = filespec1len;
- FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNA = FILESPEC2;
- FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNS = filespec2len;
- NAMX_DNA_FNA_SET(fab)
-
- nam.NAMX_ESA = esa;
- nam.NAMX_ESS = NAMX_MAXRSS;
- nam.NAMX_NOP = NAM$M_SYNCHK | NAM$M_PWD;
- SET_NAMX_NO_SHORT_UPCASE(nam);
-
- fab.FAB_NAMX = &nam;
-
- status = sys$parse(&fab, 0, 0);
-
- if (!$VMS_STATUS_SUCCESS(status)) {
- unsigned short length;
- char errstring[257];
- struct dsc$descriptor_s errstring_dsc;
-
- errstring_dsc.dsc$w_length = sizeof(errstring);
- errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
- errstring_dsc.dsc$a_pointer = errstring;
-
- status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
-
- if (!$VMS_STATUS_SUCCESS(status))
- lib$signal(status); /* This is really bad. Abort! */
- else {
- errstring[length] = '\0';
-
- DSOerr(DSO_F_VMS_MERGER, DSO_R_FAILURE);
- ERR_add_error_data(7,
- "filespec \"", filespec1, "\", ",
- "defaults \"", filespec2, "\": ", errstring);
- }
- return (NULL);
- }
-
- merged = OPENSSL_malloc(nam.NAMX_ESL + 1);
- if (!merged)
- goto malloc_err;
- strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL);
- merged[nam.NAMX_ESL] = '\0';
- return (merged);
- malloc_err:
- DSOerr(DSO_F_VMS_MERGER, ERR_R_MALLOC_FAILURE);
-}
-
-static char *vms_name_converter(DSO *dso, const char *filename)
-{
- int len = strlen(filename);
- char *not_translated = OPENSSL_malloc(len + 1);
- if (not_translated)
- strcpy(not_translated, filename);
- return (not_translated);
-}
-
-#endif /* OPENSSL_SYS_VMS */
Copied: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dso/dso_vms.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_vms.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,547 @@
+/* dso_vms.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef OPENSSL_SYS_VMS
+DSO_METHOD *DSO_METHOD_vms(void)
+{
+ return NULL;
+}
+#else
+
+# pragma message disable DOLLARID
+# include <rms.h>
+# include <lib$routines.h>
+# include <stsdef.h>
+# include <descrip.h>
+# include <starlet.h>
+# include "vms_rms.h"
+
+/* Some compiler options may mask the declaration of "_malloc32". */
+# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size save
+# pragma pointer_size 32
+void *_malloc32(__size_t);
+# pragma pointer_size restore
+# endif /* __INITIAL_POINTER_SIZE == 64 */
+# endif /* __INITIAL_POINTER_SIZE && defined
+ * _ANSI_C_SOURCE */
+
+# pragma message disable DOLLARID
+
+static int vms_load(DSO *dso);
+static int vms_unload(DSO *dso);
+static void *vms_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname);
+# if 0
+static int vms_unbind_var(DSO *dso, char *symname, void *symptr);
+static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int vms_init(DSO *dso);
+static int vms_finish(DSO *dso);
+static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *vms_name_converter(DSO *dso, const char *filename);
+static char *vms_merger(DSO *dso, const char *filespec1,
+ const char *filespec2);
+
+static DSO_METHOD dso_meth_vms = {
+ "OpenSSL 'VMS' shared library method",
+ vms_load,
+ NULL, /* unload */
+ vms_bind_var,
+ vms_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+ NULL, /* unbind_var */
+ NULL, /* unbind_func */
+# endif
+ NULL, /* ctrl */
+ vms_name_converter,
+ vms_merger,
+ NULL, /* init */
+ NULL /* finish */
+};
+
+/*
+ * On VMS, the only "handle" is the file name. LIB$FIND_IMAGE_SYMBOL depends
+ * on the reference to the file name being the same for all calls regarding
+ * one shared image, so we'll just store it in an instance of the following
+ * structure and put a pointer to that instance in the meth_data stack.
+ */
+typedef struct dso_internal_st {
+ /*
+ * This should contain the name only, no directory, no extension, nothing
+ * but a name.
+ */
+ struct dsc$descriptor_s filename_dsc;
+ char filename[NAMX_MAXRSS + 1];
+ /*
+ * This contains whatever is not in filename, if needed. Normally not
+ * defined.
+ */
+ struct dsc$descriptor_s imagename_dsc;
+ char imagename[NAMX_MAXRSS + 1];
+} DSO_VMS_INTERNAL;
+
+DSO_METHOD *DSO_METHOD_vms(void)
+{
+ return (&dso_meth_vms);
+}
+
+static int vms_load(DSO *dso)
+{
+ void *ptr = NULL;
+ /* See applicable comments in dso_dl.c */
+ char *filename = DSO_convert_filename(dso, NULL);
+
+/* Ensure 32-bit pointer for "p", and appropriate malloc() function. */
+# if __INITIAL_POINTER_SIZE == 64
+# define DSO_MALLOC _malloc32
+# pragma pointer_size save
+# pragma pointer_size 32
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define DSO_MALLOC OPENSSL_malloc
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ DSO_VMS_INTERNAL *p = NULL;
+
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size restore
+# endif /* __INITIAL_POINTER_SIZE == 64 */
+
+ const char *sp1, *sp2; /* Search result */
+ const char *ext = NULL; /* possible extension to add */
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
+ goto err;
+ }
+
+ /*-
+ * A file specification may look like this:
+ *
+ * node::dev:[dir-spec]name.type;ver
+ *
+ * or (for compatibility with TOPS-20):
+ *
+ * node::dev:<dir-spec>name.type;ver
+ *
+ * and the dir-spec uses '.' as separator. Also, a dir-spec
+ * may consist of several parts, with mixed use of [] and <>:
+ *
+ * [dir1.]<dir2>
+ *
+ * We need to split the file specification into the name and
+ * the rest (both before and after the name itself).
+ */
+ /*
+ * Start with trying to find the end of a dir-spec, and save the position
+ * of the byte after in sp1
+ */
+ sp1 = strrchr(filename, ']');
+ sp2 = strrchr(filename, '>');
+ if (sp1 == NULL)
+ sp1 = sp2;
+ if (sp2 != NULL && sp2 > sp1)
+ sp1 = sp2;
+ if (sp1 == NULL)
+ sp1 = strrchr(filename, ':');
+ if (sp1 == NULL)
+ sp1 = filename;
+ else
+ sp1++; /* The byte after the found character */
+ /* Now, let's see if there's a type, and save the position in sp2 */
+ sp2 = strchr(sp1, '.');
+ /*
+ * If there is a period and the next character is a semi-colon,
+ * we need to add an extension
+ */
+ if (sp2 != NULL && sp2[1] == ';')
+ ext = ".EXE";
+ /*
+ * If we found it, that's where we'll cut. Otherwise, look for a version
+ * number and save the position in sp2
+ */
+ if (sp2 == NULL) {
+ sp2 = strchr(sp1, ';');
+ ext = ".EXE";
+ }
+ /*
+ * If there was still nothing to find, set sp2 to point at the end of the
+ * string
+ */
+ if (sp2 == NULL)
+ sp2 = sp1 + strlen(sp1);
+
+ /* Check that we won't get buffer overflows */
+ if (sp2 - sp1 > FILENAME_MAX
+ || (sp1 - filename) + strlen(sp2) > FILENAME_MAX) {
+ DSOerr(DSO_F_VMS_LOAD, DSO_R_FILENAME_TOO_BIG);
+ goto err;
+ }
+
+ p = DSO_MALLOC(sizeof(DSO_VMS_INTERNAL));
+ if (p == NULL) {
+ DSOerr(DSO_F_VMS_LOAD, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ strncpy(p->filename, sp1, sp2 - sp1);
+ p->filename[sp2 - sp1] = '\0';
+
+ strncpy(p->imagename, filename, sp1 - filename);
+ p->imagename[sp1 - filename] = '\0';
+ if (ext) {
+ strcat(p->imagename, ext);
+ if (*sp2 == '.')
+ sp2++;
+ }
+ strcat(p->imagename, sp2);
+
+ p->filename_dsc.dsc$w_length = strlen(p->filename);
+ p->filename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+ p->filename_dsc.dsc$b_class = DSC$K_CLASS_S;
+ p->filename_dsc.dsc$a_pointer = p->filename;
+ p->imagename_dsc.dsc$w_length = strlen(p->imagename);
+ p->imagename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+ p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
+ p->imagename_dsc.dsc$a_pointer = p->imagename;
+
+ if (!sk_void_push(dso->meth_data, (char *)p)) {
+ DSOerr(DSO_F_VMS_LOAD, DSO_R_STACK_ERROR);
+ goto err;
+ }
+
+ /* Success (for now, we lie. We actually do not know...) */
+ dso->loaded_filename = filename;
+ return (1);
+ err:
+ /* Cleanup! */
+ if (p != NULL)
+ OPENSSL_free(p);
+ if (filename != NULL)
+ OPENSSL_free(filename);
+ return (0);
+}
+
+/*
+ * Note that this doesn't actually unload the shared image, as there is no
+ * such thing in VMS. Next time it get loaded again, a new copy will
+ * actually be loaded.
+ */
+static int vms_unload(DSO *dso)
+{
+ DSO_VMS_INTERNAL *p;
+ if (dso == NULL) {
+ DSOerr(DSO_F_VMS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (sk_void_num(dso->meth_data) < 1)
+ return (1);
+ p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data);
+ if (p == NULL) {
+ DSOerr(DSO_F_VMS_UNLOAD, DSO_R_NULL_HANDLE);
+ return (0);
+ }
+ /* Cleanup */
+ OPENSSL_free(p);
+ return (1);
+}
+
+/*
+ * We must do this in a separate function because of the way the exception
+ * handler works (it makes this function return
+ */
+static int do_find_symbol(DSO_VMS_INTERNAL *ptr,
+ struct dsc$descriptor_s *symname_dsc, void **sym,
+ unsigned long flags)
+{
+ /*
+ * Make sure that signals are caught and returned instead of aborting the
+ * program. The exception handler gets unestablished automatically on
+ * return from this function.
+ */
+ lib$establish(lib$sig_to_ret);
+
+ if (ptr->imagename_dsc.dsc$w_length)
+ return lib$find_image_symbol(&ptr->filename_dsc,
+ symname_dsc, sym,
+ &ptr->imagename_dsc, flags);
+ else
+ return lib$find_image_symbol(&ptr->filename_dsc,
+ symname_dsc, sym, 0, flags);
+}
+
+void vms_bind_sym(DSO *dso, const char *symname, void **sym)
+{
+ DSO_VMS_INTERNAL *ptr;
+ int status;
+# if 0
+ int flags = (1 << 4); /* LIB$M_FIS_MIXEDCASE, but this symbol isn't
+ * defined in VMS older than 7.0 or so */
+# else
+ int flags = 0;
+# endif
+ struct dsc$descriptor_s symname_dsc;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+# define SYMNAME symname_32p
+# pragma pointer_size save
+# pragma pointer_size 32
+ char *symname_32p;
+# pragma pointer_size restore
+ char symname_32[NAMX_MAXRSS + 1];
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define SYMNAME ((char *) symname)
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ *sym = NULL;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_VMS_BIND_SYM, ERR_R_PASSED_NULL_PARAMETER);
+ return;
+ }
+# if __INITIAL_POINTER_SIZE == 64
+ /* Copy the symbol name to storage with a 32-bit pointer. */
+ symname_32p = symname_32;
+ strcpy(symname_32p, symname);
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ symname_dsc.dsc$w_length = strlen(SYMNAME);
+ symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+ symname_dsc.dsc$b_class = DSC$K_CLASS_S;
+ symname_dsc.dsc$a_pointer = SYMNAME;
+
+ if (sk_void_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_STACK_ERROR);
+ return;
+ }
+ ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data,
+ sk_void_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_NULL_HANDLE);
+ return;
+ }
+
+ if (dso->flags & DSO_FLAG_UPCASE_SYMBOL)
+ flags = 0;
+
+ status = do_find_symbol(ptr, &symname_dsc, sym, flags);
+
+ if (!$VMS_STATUS_SUCCESS(status)) {
+ unsigned short length;
+ char errstring[257];
+ struct dsc$descriptor_s errstring_dsc;
+
+ errstring_dsc.dsc$w_length = sizeof(errstring);
+ errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+ errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
+ errstring_dsc.dsc$a_pointer = errstring;
+
+ *sym = NULL;
+
+ status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
+
+ if (!$VMS_STATUS_SUCCESS(status))
+ lib$signal(status); /* This is really bad. Abort! */
+ else {
+ errstring[length] = '\0';
+
+ DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_SYM_FAILURE);
+ if (ptr->imagename_dsc.dsc$w_length)
+ ERR_add_error_data(9,
+ "Symbol ", symname,
+ " in ", ptr->filename,
+ " (", ptr->imagename, ")",
+ ": ", errstring);
+ else
+ ERR_add_error_data(6,
+ "Symbol ", symname,
+ " in ", ptr->filename, ": ", errstring);
+ }
+ return;
+ }
+ return;
+}
+
+static void *vms_bind_var(DSO *dso, const char *symname)
+{
+ void *sym = 0;
+ vms_bind_sym(dso, symname, &sym);
+ return sym;
+}
+
+static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname)
+{
+ DSO_FUNC_TYPE sym = 0;
+ vms_bind_sym(dso, symname, (void **)&sym);
+ return sym;
+}
+
+static char *vms_merger(DSO *dso, const char *filespec1,
+ const char *filespec2)
+{
+ int status;
+ int filespec1len, filespec2len;
+ struct FAB fab;
+ struct NAMX_STRUCT nam;
+ char esa[NAMX_MAXRSS + 1];
+ char *merged;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+# define FILESPEC1 filespec1_32p;
+# define FILESPEC2 filespec2_32p;
+# pragma pointer_size save
+# pragma pointer_size 32
+ char *filespec1_32p;
+ char *filespec2_32p;
+# pragma pointer_size restore
+ char filespec1_32[NAMX_MAXRSS + 1];
+ char filespec2_32[NAMX_MAXRSS + 1];
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define FILESPEC1 ((char *) filespec1)
+# define FILESPEC2 ((char *) filespec2)
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ if (!filespec1)
+ filespec1 = "";
+ if (!filespec2)
+ filespec2 = "";
+ filespec1len = strlen(filespec1);
+ filespec2len = strlen(filespec2);
+
+# if __INITIAL_POINTER_SIZE == 64
+ /* Copy the file names to storage with a 32-bit pointer. */
+ filespec1_32p = filespec1_32;
+ filespec2_32p = filespec2_32;
+ strcpy(filespec1_32p, filespec1);
+ strcpy(filespec2_32p, filespec2);
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ fab = cc$rms_fab;
+ nam = CC_RMS_NAMX;
+
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNA = FILESPEC1;
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNS = filespec1len;
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNA = FILESPEC2;
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNS = filespec2len;
+ NAMX_DNA_FNA_SET(fab)
+
+ nam.NAMX_ESA = esa;
+ nam.NAMX_ESS = NAMX_MAXRSS;
+ nam.NAMX_NOP = NAM$M_SYNCHK | NAM$M_PWD;
+ SET_NAMX_NO_SHORT_UPCASE(nam);
+
+ fab.FAB_NAMX = &nam;
+
+ status = sys$parse(&fab, 0, 0);
+
+ if (!$VMS_STATUS_SUCCESS(status)) {
+ unsigned short length;
+ char errstring[257];
+ struct dsc$descriptor_s errstring_dsc;
+
+ errstring_dsc.dsc$w_length = sizeof(errstring);
+ errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+ errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
+ errstring_dsc.dsc$a_pointer = errstring;
+
+ status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
+
+ if (!$VMS_STATUS_SUCCESS(status))
+ lib$signal(status); /* This is really bad. Abort! */
+ else {
+ errstring[length] = '\0';
+
+ DSOerr(DSO_F_VMS_MERGER, DSO_R_FAILURE);
+ ERR_add_error_data(7,
+ "filespec \"", filespec1, "\", ",
+ "defaults \"", filespec2, "\": ", errstring);
+ }
+ return (NULL);
+ }
+
+ merged = OPENSSL_malloc(nam.NAMX_ESL + 1);
+ if (!merged)
+ goto malloc_err;
+ strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL);
+ merged[nam.NAMX_ESL] = '\0';
+ return (merged);
+ malloc_err:
+ DSOerr(DSO_F_VMS_MERGER, ERR_R_MALLOC_FAILURE);
+}
+
+static char *vms_name_converter(DSO *dso, const char *filename)
+{
+ int len = strlen(filename);
+ char *not_translated = OPENSSL_malloc(len + 1);
+ if (not_translated)
+ strcpy(not_translated, filename);
+ return (not_translated);
+}
+
+#endif /* OPENSSL_SYS_VMS */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/dso/dso_win32.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,785 +0,0 @@
-/* dso_win32.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#if !defined(DSO_WIN32)
-DSO_METHOD *DSO_METHOD_win32(void)
-{
- return NULL;
-}
-#else
-
-# ifdef _WIN32_WCE
-# if _WIN32_WCE < 300
-static FARPROC GetProcAddressA(HMODULE hModule, LPCSTR lpProcName)
-{
- WCHAR lpProcNameW[64];
- int i;
-
- for (i = 0; lpProcName[i] && i < 64; i++)
- lpProcNameW[i] = (WCHAR)lpProcName[i];
- if (i == 64)
- return NULL;
- lpProcNameW[i] = 0;
-
- return GetProcAddressW(hModule, lpProcNameW);
-}
-# endif
-# undef GetProcAddress
-# define GetProcAddress GetProcAddressA
-
-static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName)
-{
- WCHAR *fnamw;
- size_t len_0 = strlen(lpLibFileName) + 1, i;
-
-# ifdef _MSC_VER
- fnamw = (WCHAR *)_alloca(len_0 * sizeof(WCHAR));
-# else
- fnamw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
-# endif
- if (fnamw == NULL) {
- SetLastError(ERROR_NOT_ENOUGH_MEMORY);
- return NULL;
- }
-# if defined(_WIN32_WCE) && _WIN32_WCE>=101
- if (!MultiByteToWideChar(CP_ACP, 0, lpLibFileName, len_0, fnamw, len_0))
-# endif
- for (i = 0; i < len_0; i++)
- fnamw[i] = (WCHAR)lpLibFileName[i];
-
- return LoadLibraryW(fnamw);
-}
-# endif
-
-/* Part of the hack in "win32_load" ... */
-# define DSO_MAX_TRANSLATED_SIZE 256
-
-static int win32_load(DSO *dso);
-static int win32_unload(DSO *dso);
-static void *win32_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname);
-# if 0
-static int win32_unbind_var(DSO *dso, char *symname, void *symptr);
-static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int win32_init(DSO *dso);
-static int win32_finish(DSO *dso);
-static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *win32_name_converter(DSO *dso, const char *filename);
-static char *win32_merger(DSO *dso, const char *filespec1,
- const char *filespec2);
-static int win32_pathbyaddr(void *addr, char *path, int sz);
-static void *win32_globallookup(const char *name);
-
-static const char *openssl_strnchr(const char *string, int c, size_t len);
-
-static DSO_METHOD dso_meth_win32 = {
- "OpenSSL 'win32' shared library method",
- win32_load,
- win32_unload,
- win32_bind_var,
- win32_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
- NULL, /* unbind_var */
- NULL, /* unbind_func */
-# endif
- NULL, /* ctrl */
- win32_name_converter,
- win32_merger,
- NULL, /* init */
- NULL, /* finish */
- win32_pathbyaddr,
- win32_globallookup
-};
-
-DSO_METHOD *DSO_METHOD_win32(void)
-{
- return (&dso_meth_win32);
-}
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
- * the handle (HINSTANCE) returned from LoadLibrary(), and copied.
- */
-
-static int win32_load(DSO *dso)
-{
- HINSTANCE h = NULL, *p = NULL;
- /* See applicable comments from dso_dl.c */
- char *filename = DSO_convert_filename(dso, NULL);
-
- if (filename == NULL) {
- DSOerr(DSO_F_WIN32_LOAD, DSO_R_NO_FILENAME);
- goto err;
- }
- h = LoadLibraryA(filename);
- if (h == NULL) {
- DSOerr(DSO_F_WIN32_LOAD, DSO_R_LOAD_FAILED);
- ERR_add_error_data(3, "filename(", filename, ")");
- goto err;
- }
- p = (HINSTANCE *) OPENSSL_malloc(sizeof(HINSTANCE));
- if (p == NULL) {
- DSOerr(DSO_F_WIN32_LOAD, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- *p = h;
- if (!sk_void_push(dso->meth_data, p)) {
- DSOerr(DSO_F_WIN32_LOAD, DSO_R_STACK_ERROR);
- goto err;
- }
- /* Success */
- dso->loaded_filename = filename;
- return (1);
- err:
- /* Cleanup ! */
- if (filename != NULL)
- OPENSSL_free(filename);
- if (p != NULL)
- OPENSSL_free(p);
- if (h != NULL)
- FreeLibrary(h);
- return (0);
-}
-
-static int win32_unload(DSO *dso)
-{
- HINSTANCE *p;
- if (dso == NULL) {
- DSOerr(DSO_F_WIN32_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (sk_void_num(dso->meth_data) < 1)
- return (1);
- p = sk_void_pop(dso->meth_data);
- if (p == NULL) {
- DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_NULL_HANDLE);
- return (0);
- }
- if (!FreeLibrary(*p)) {
- DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_UNLOAD_FAILED);
- /*
- * We should push the value back onto the stack in case of a retry.
- */
- sk_void_push(dso->meth_data, p);
- return (0);
- }
- /* Cleanup */
- OPENSSL_free(p);
- return (1);
-}
-
-/*
- * Using GetProcAddress for variables? TODO: Check this out in the Win32 API
- * docs, there's probably a variant for variables.
- */
-static void *win32_bind_var(DSO *dso, const char *symname)
-{
- HINSTANCE *ptr;
- void *sym;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_WIN32_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (sk_void_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_STACK_ERROR);
- return (NULL);
- }
- ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_NULL_HANDLE);
- return (NULL);
- }
- sym = GetProcAddress(*ptr, symname);
- if (sym == NULL) {
- DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_SYM_FAILURE);
- ERR_add_error_data(3, "symname(", symname, ")");
- return (NULL);
- }
- return (sym);
-}
-
-static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
-{
- HINSTANCE *ptr;
- void *sym;
-
- if ((dso == NULL) || (symname == NULL)) {
- DSOerr(DSO_F_WIN32_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (sk_void_num(dso->meth_data) < 1) {
- DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_STACK_ERROR);
- return (NULL);
- }
- ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
- if (ptr == NULL) {
- DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_NULL_HANDLE);
- return (NULL);
- }
- sym = GetProcAddress(*ptr, symname);
- if (sym == NULL) {
- DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_SYM_FAILURE);
- ERR_add_error_data(3, "symname(", symname, ")");
- return (NULL);
- }
- return ((DSO_FUNC_TYPE)sym);
-}
-
-struct file_st {
- const char *node;
- int nodelen;
- const char *device;
- int devicelen;
- const char *predir;
- int predirlen;
- const char *dir;
- int dirlen;
- const char *file;
- int filelen;
-};
-
-static struct file_st *win32_splitter(DSO *dso, const char *filename,
- int assume_last_is_dir)
-{
- struct file_st *result = NULL;
- enum { IN_NODE, IN_DEVICE, IN_FILE } position;
- const char *start = filename;
- char last;
-
- if (!filename) {
- DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_NO_FILENAME);
- /*
- * goto err;
- */
- return (NULL);
- }
-
- result = OPENSSL_malloc(sizeof(struct file_st));
- if (result == NULL) {
- DSOerr(DSO_F_WIN32_SPLITTER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
-
- memset(result, 0, sizeof(struct file_st));
- position = IN_DEVICE;
-
- if ((filename[0] == '\\' && filename[1] == '\\')
- || (filename[0] == '/' && filename[1] == '/')) {
- position = IN_NODE;
- filename += 2;
- start = filename;
- result->node = start;
- }
-
- do {
- last = filename[0];
- switch (last) {
- case ':':
- if (position != IN_DEVICE) {
- DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_INCORRECT_FILE_SYNTAX);
- /*
- * goto err;
- */
- OPENSSL_free(result);
- return (NULL);
- }
- result->device = start;
- result->devicelen = (int)(filename - start);
- position = IN_FILE;
- start = ++filename;
- result->dir = start;
- break;
- case '\\':
- case '/':
- if (position == IN_NODE) {
- result->nodelen = (int)(filename - start);
- position = IN_FILE;
- start = ++filename;
- result->dir = start;
- } else if (position == IN_DEVICE) {
- position = IN_FILE;
- filename++;
- result->dir = start;
- result->dirlen = (int)(filename - start);
- start = filename;
- } else {
- filename++;
- result->dirlen += (int)(filename - start);
- start = filename;
- }
- break;
- case '\0':
- if (position == IN_NODE) {
- result->nodelen = (int)(filename - start);
- } else {
- if (filename - start > 0) {
- if (assume_last_is_dir) {
- if (position == IN_DEVICE) {
- result->dir = start;
- result->dirlen = 0;
- }
- result->dirlen += (int)(filename - start);
- } else {
- result->file = start;
- result->filelen = (int)(filename - start);
- }
- }
- }
- break;
- default:
- filename++;
- break;
- }
- }
- while (last);
-
- if (!result->nodelen)
- result->node = NULL;
- if (!result->devicelen)
- result->device = NULL;
- if (!result->dirlen)
- result->dir = NULL;
- if (!result->filelen)
- result->file = NULL;
-
- return (result);
-}
-
-static char *win32_joiner(DSO *dso, const struct file_st *file_split)
-{
- int len = 0, offset = 0;
- char *result = NULL;
- const char *start;
-
- if (!file_split) {
- DSOerr(DSO_F_WIN32_JOINER, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (file_split->node) {
- len += 2 + file_split->nodelen; /* 2 for starting \\ */
- if (file_split->predir || file_split->dir || file_split->file)
- len++; /* 1 for ending \ */
- } else if (file_split->device) {
- len += file_split->devicelen + 1; /* 1 for ending : */
- }
- len += file_split->predirlen;
- if (file_split->predir && (file_split->dir || file_split->file)) {
- len++; /* 1 for ending \ */
- }
- len += file_split->dirlen;
- if (file_split->dir && file_split->file) {
- len++; /* 1 for ending \ */
- }
- len += file_split->filelen;
-
- if (!len) {
- DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE);
- return (NULL);
- }
-
- result = OPENSSL_malloc(len + 1);
- if (!result) {
- DSOerr(DSO_F_WIN32_JOINER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
-
- if (file_split->node) {
- strcpy(&result[offset], "\\\\");
- offset += 2;
- strncpy(&result[offset], file_split->node, file_split->nodelen);
- offset += file_split->nodelen;
- if (file_split->predir || file_split->dir || file_split->file) {
- result[offset] = '\\';
- offset++;
- }
- } else if (file_split->device) {
- strncpy(&result[offset], file_split->device, file_split->devicelen);
- offset += file_split->devicelen;
- result[offset] = ':';
- offset++;
- }
- start = file_split->predir;
- while (file_split->predirlen > (start - file_split->predir)) {
- const char *end = openssl_strnchr(start, '/',
- file_split->predirlen - (start -
- file_split->predir));
- if (!end)
- end = start
- + file_split->predirlen - (start - file_split->predir);
- strncpy(&result[offset], start, end - start);
- offset += (int)(end - start);
- result[offset] = '\\';
- offset++;
- start = end + 1;
- }
-# if 0 /* Not needed, since the directory converter
- * above already appeneded a backslash */
- if (file_split->predir && (file_split->dir || file_split->file)) {
- result[offset] = '\\';
- offset++;
- }
-# endif
- start = file_split->dir;
- while (file_split->dirlen > (start - file_split->dir)) {
- const char *end = openssl_strnchr(start, '/',
- file_split->dirlen - (start -
- file_split->dir));
- if (!end)
- end = start + file_split->dirlen - (start - file_split->dir);
- strncpy(&result[offset], start, end - start);
- offset += (int)(end - start);
- result[offset] = '\\';
- offset++;
- start = end + 1;
- }
-# if 0 /* Not needed, since the directory converter
- * above already appeneded a backslash */
- if (file_split->dir && file_split->file) {
- result[offset] = '\\';
- offset++;
- }
-# endif
- strncpy(&result[offset], file_split->file, file_split->filelen);
- offset += file_split->filelen;
- result[offset] = '\0';
- return (result);
-}
-
-static char *win32_merger(DSO *dso, const char *filespec1,
- const char *filespec2)
-{
- char *merged = NULL;
- struct file_st *filespec1_split = NULL;
- struct file_st *filespec2_split = NULL;
-
- if (!filespec1 && !filespec2) {
- DSOerr(DSO_F_WIN32_MERGER, ERR_R_PASSED_NULL_PARAMETER);
- return (NULL);
- }
- if (!filespec2) {
- merged = OPENSSL_malloc(strlen(filespec1) + 1);
- if (!merged) {
- DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec1);
- } else if (!filespec1) {
- merged = OPENSSL_malloc(strlen(filespec2) + 1);
- if (!merged) {
- DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- strcpy(merged, filespec2);
- } else {
- filespec1_split = win32_splitter(dso, filespec1, 0);
- if (!filespec1_split) {
- DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
- return (NULL);
- }
- filespec2_split = win32_splitter(dso, filespec2, 1);
- if (!filespec2_split) {
- DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(filespec1_split);
- return (NULL);
- }
-
- /* Fill in into filespec1_split */
- if (!filespec1_split->node && !filespec1_split->device) {
- filespec1_split->node = filespec2_split->node;
- filespec1_split->nodelen = filespec2_split->nodelen;
- filespec1_split->device = filespec2_split->device;
- filespec1_split->devicelen = filespec2_split->devicelen;
- }
- if (!filespec1_split->dir) {
- filespec1_split->dir = filespec2_split->dir;
- filespec1_split->dirlen = filespec2_split->dirlen;
- } else if (filespec1_split->dir[0] != '\\'
- && filespec1_split->dir[0] != '/') {
- filespec1_split->predir = filespec2_split->dir;
- filespec1_split->predirlen = filespec2_split->dirlen;
- }
- if (!filespec1_split->file) {
- filespec1_split->file = filespec2_split->file;
- filespec1_split->filelen = filespec2_split->filelen;
- }
-
- merged = win32_joiner(dso, filespec1_split);
- }
- OPENSSL_free(filespec1_split);
- OPENSSL_free(filespec2_split);
- return (merged);
-}
-
-static char *win32_name_converter(DSO *dso, const char *filename)
-{
- char *translated;
- int len, transform;
-
- len = strlen(filename);
- transform = ((strstr(filename, "/") == NULL) &&
- (strstr(filename, "\\") == NULL) &&
- (strstr(filename, ":") == NULL));
- if (transform)
- /* We will convert this to "%s.dll" */
- translated = OPENSSL_malloc(len + 5);
- else
- /* We will simply duplicate filename */
- translated = OPENSSL_malloc(len + 1);
- if (translated == NULL) {
- DSOerr(DSO_F_WIN32_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
- return (NULL);
- }
- if (transform)
- sprintf(translated, "%s.dll", filename);
- else
- sprintf(translated, "%s", filename);
- return (translated);
-}
-
-static const char *openssl_strnchr(const char *string, int c, size_t len)
-{
- size_t i;
- const char *p;
- for (i = 0, p = string; i < len && *p; i++, p++) {
- if (*p == c)
- return p;
- }
- return NULL;
-}
-
-# include <tlhelp32.h>
-# ifdef _WIN32_WCE
-# define DLLNAME "TOOLHELP.DLL"
-# else
-# ifdef MODULEENTRY32
-# undef MODULEENTRY32 /* unmask the ASCII version! */
-# endif
-# define DLLNAME "KERNEL32.DLL"
-# endif
-
-typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
-typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
-typedef BOOL(WINAPI *MODULE32) (HANDLE, MODULEENTRY32 *);
-
-static int win32_pathbyaddr(void *addr, char *path, int sz)
-{
- HMODULE dll;
- HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
- MODULEENTRY32 me32;
- CREATETOOLHELP32SNAPSHOT create_snap;
- CLOSETOOLHELP32SNAPSHOT close_snap;
- MODULE32 module_first, module_next;
- int len;
-
- if (addr == NULL) {
- union {
- int (*f) (void *, char *, int);
- void *p;
- } t = {
- win32_pathbyaddr
- };
- addr = t.p;
- }
-
- dll = LoadLibrary(TEXT(DLLNAME));
- if (dll == NULL) {
- DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
- return -1;
- }
-
- create_snap = (CREATETOOLHELP32SNAPSHOT)
- GetProcAddress(dll, "CreateToolhelp32Snapshot");
- if (create_snap == NULL) {
- FreeLibrary(dll);
- DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
- return -1;
- }
- /* We take the rest for granted... */
-# ifdef _WIN32_WCE
- close_snap = (CLOSETOOLHELP32SNAPSHOT)
- GetProcAddress(dll, "CloseToolhelp32Snapshot");
-# else
- close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
-# endif
- module_first = (MODULE32) GetProcAddress(dll, "Module32First");
- module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
-
- hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
- if (hModuleSnap == INVALID_HANDLE_VALUE) {
- FreeLibrary(dll);
- DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
- return -1;
- }
-
- me32.dwSize = sizeof(me32);
-
- if (!(*module_first) (hModuleSnap, &me32)) {
- (*close_snap) (hModuleSnap);
- FreeLibrary(dll);
- DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_FAILURE);
- return -1;
- }
-
- do {
- if ((BYTE *) addr >= me32.modBaseAddr &&
- (BYTE *) addr < me32.modBaseAddr + me32.modBaseSize) {
- (*close_snap) (hModuleSnap);
- FreeLibrary(dll);
-# ifdef _WIN32_WCE
-# if _WIN32_WCE >= 101
- return WideCharToMultiByte(CP_ACP, 0, me32.szExePath, -1,
- path, sz, NULL, NULL);
-# else
- len = (int)wcslen(me32.szExePath);
- if (sz <= 0)
- return len + 1;
- if (len >= sz)
- len = sz - 1;
- for (i = 0; i < len; i++)
- path[i] = (char)me32.szExePath[i];
- path[len++] = 0;
- return len;
-# endif
-# else
- len = (int)strlen(me32.szExePath);
- if (sz <= 0)
- return len + 1;
- if (len >= sz)
- len = sz - 1;
- memcpy(path, me32.szExePath, len);
- path[len++] = 0;
- return len;
-# endif
- }
- } while ((*module_next) (hModuleSnap, &me32));
-
- (*close_snap) (hModuleSnap);
- FreeLibrary(dll);
- return 0;
-}
-
-static void *win32_globallookup(const char *name)
-{
- HMODULE dll;
- HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
- MODULEENTRY32 me32;
- CREATETOOLHELP32SNAPSHOT create_snap;
- CLOSETOOLHELP32SNAPSHOT close_snap;
- MODULE32 module_first, module_next;
- FARPROC ret = NULL;
-
- dll = LoadLibrary(TEXT(DLLNAME));
- if (dll == NULL) {
- DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
- return NULL;
- }
-
- create_snap = (CREATETOOLHELP32SNAPSHOT)
- GetProcAddress(dll, "CreateToolhelp32Snapshot");
- if (create_snap == NULL) {
- FreeLibrary(dll);
- DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
- return NULL;
- }
- /* We take the rest for granted... */
-# ifdef _WIN32_WCE
- close_snap = (CLOSETOOLHELP32SNAPSHOT)
- GetProcAddress(dll, "CloseToolhelp32Snapshot");
-# else
- close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
-# endif
- module_first = (MODULE32) GetProcAddress(dll, "Module32First");
- module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
-
- hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
- if (hModuleSnap == INVALID_HANDLE_VALUE) {
- FreeLibrary(dll);
- DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
- return NULL;
- }
-
- me32.dwSize = sizeof(me32);
-
- if (!(*module_first) (hModuleSnap, &me32)) {
- (*close_snap) (hModuleSnap);
- FreeLibrary(dll);
- return NULL;
- }
-
- do {
- if ((ret = GetProcAddress(me32.hModule, name))) {
- (*close_snap) (hModuleSnap);
- FreeLibrary(dll);
- return ret;
- }
- } while ((*module_next) (hModuleSnap, &me32));
-
- (*close_snap) (hModuleSnap);
- FreeLibrary(dll);
- return NULL;
-}
-#endif /* DSO_WIN32 */
Copied: vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c (from rev 11605, vendor-crypto/openssl/dist/crypto/dso/dso_win32.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/dso/dso_win32.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,785 @@
+/* dso_win32.c */
+/*
+ * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#if !defined(DSO_WIN32)
+DSO_METHOD *DSO_METHOD_win32(void)
+{
+ return NULL;
+}
+#else
+
+# ifdef _WIN32_WCE
+# if _WIN32_WCE < 300
+static FARPROC GetProcAddressA(HMODULE hModule, LPCSTR lpProcName)
+{
+ WCHAR lpProcNameW[64];
+ int i;
+
+ for (i = 0; lpProcName[i] && i < 64; i++)
+ lpProcNameW[i] = (WCHAR)lpProcName[i];
+ if (i == 64)
+ return NULL;
+ lpProcNameW[i] = 0;
+
+ return GetProcAddressW(hModule, lpProcNameW);
+}
+# endif
+# undef GetProcAddress
+# define GetProcAddress GetProcAddressA
+
+static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName)
+{
+ WCHAR *fnamw;
+ size_t len_0 = strlen(lpLibFileName) + 1, i;
+
+# ifdef _MSC_VER
+ fnamw = (WCHAR *)_alloca(len_0 * sizeof(WCHAR));
+# else
+ fnamw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
+# endif
+ if (fnamw == NULL) {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return NULL;
+ }
+# if defined(_WIN32_WCE) && _WIN32_WCE>=101
+ if (!MultiByteToWideChar(CP_ACP, 0, lpLibFileName, len_0, fnamw, len_0))
+# endif
+ for (i = 0; i < len_0; i++)
+ fnamw[i] = (WCHAR)lpLibFileName[i];
+
+ return LoadLibraryW(fnamw);
+}
+# endif
+
+/* Part of the hack in "win32_load" ... */
+# define DSO_MAX_TRANSLATED_SIZE 256
+
+static int win32_load(DSO *dso);
+static int win32_unload(DSO *dso);
+static void *win32_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname);
+# if 0
+static int win32_unbind_var(DSO *dso, char *symname, void *symptr);
+static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int win32_init(DSO *dso);
+static int win32_finish(DSO *dso);
+static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *win32_name_converter(DSO *dso, const char *filename);
+static char *win32_merger(DSO *dso, const char *filespec1,
+ const char *filespec2);
+static int win32_pathbyaddr(void *addr, char *path, int sz);
+static void *win32_globallookup(const char *name);
+
+static const char *openssl_strnchr(const char *string, int c, size_t len);
+
+static DSO_METHOD dso_meth_win32 = {
+ "OpenSSL 'win32' shared library method",
+ win32_load,
+ win32_unload,
+ win32_bind_var,
+ win32_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+ NULL, /* unbind_var */
+ NULL, /* unbind_func */
+# endif
+ NULL, /* ctrl */
+ win32_name_converter,
+ win32_merger,
+ NULL, /* init */
+ NULL, /* finish */
+ win32_pathbyaddr,
+ win32_globallookup
+};
+
+DSO_METHOD *DSO_METHOD_win32(void)
+{
+ return (&dso_meth_win32);
+}
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
+ * the handle (HINSTANCE) returned from LoadLibrary(), and copied.
+ */
+
+static int win32_load(DSO *dso)
+{
+ HINSTANCE h = NULL, *p = NULL;
+ /* See applicable comments from dso_dl.c */
+ char *filename = DSO_convert_filename(dso, NULL);
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_WIN32_LOAD, DSO_R_NO_FILENAME);
+ goto err;
+ }
+ h = LoadLibraryA(filename);
+ if (h == NULL) {
+ DSOerr(DSO_F_WIN32_LOAD, DSO_R_LOAD_FAILED);
+ ERR_add_error_data(3, "filename(", filename, ")");
+ goto err;
+ }
+ p = (HINSTANCE *) OPENSSL_malloc(sizeof(HINSTANCE));
+ if (p == NULL) {
+ DSOerr(DSO_F_WIN32_LOAD, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ *p = h;
+ if (!sk_void_push(dso->meth_data, p)) {
+ DSOerr(DSO_F_WIN32_LOAD, DSO_R_STACK_ERROR);
+ goto err;
+ }
+ /* Success */
+ dso->loaded_filename = filename;
+ return (1);
+ err:
+ /* Cleanup ! */
+ if (filename != NULL)
+ OPENSSL_free(filename);
+ if (p != NULL)
+ OPENSSL_free(p);
+ if (h != NULL)
+ FreeLibrary(h);
+ return (0);
+}
+
+static int win32_unload(DSO *dso)
+{
+ HINSTANCE *p;
+ if (dso == NULL) {
+ DSOerr(DSO_F_WIN32_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (sk_void_num(dso->meth_data) < 1)
+ return (1);
+ p = sk_void_pop(dso->meth_data);
+ if (p == NULL) {
+ DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_NULL_HANDLE);
+ return (0);
+ }
+ if (!FreeLibrary(*p)) {
+ DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_UNLOAD_FAILED);
+ /*
+ * We should push the value back onto the stack in case of a retry.
+ */
+ sk_void_push(dso->meth_data, p);
+ return (0);
+ }
+ /* Cleanup */
+ OPENSSL_free(p);
+ return (1);
+}
+
+/*
+ * Using GetProcAddress for variables? TODO: Check this out in the Win32 API
+ * docs, there's probably a variant for variables.
+ */
+static void *win32_bind_var(DSO *dso, const char *symname)
+{
+ HINSTANCE *ptr;
+ void *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_WIN32_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_void_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ sym = GetProcAddress(*ptr, symname);
+ if (sym == NULL) {
+ DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(3, "symname(", symname, ")");
+ return (NULL);
+ }
+ return (sym);
+}
+
+static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
+{
+ HINSTANCE *ptr;
+ void *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_WIN32_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_void_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+ if (ptr == NULL) {
+ DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ sym = GetProcAddress(*ptr, symname);
+ if (sym == NULL) {
+ DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(3, "symname(", symname, ")");
+ return (NULL);
+ }
+ return ((DSO_FUNC_TYPE)sym);
+}
+
+struct file_st {
+ const char *node;
+ int nodelen;
+ const char *device;
+ int devicelen;
+ const char *predir;
+ int predirlen;
+ const char *dir;
+ int dirlen;
+ const char *file;
+ int filelen;
+};
+
+static struct file_st *win32_splitter(DSO *dso, const char *filename,
+ int assume_last_is_dir)
+{
+ struct file_st *result = NULL;
+ enum { IN_NODE, IN_DEVICE, IN_FILE } position;
+ const char *start = filename;
+ char last;
+
+ if (!filename) {
+ DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_NO_FILENAME);
+ /*
+ * goto err;
+ */
+ return (NULL);
+ }
+
+ result = OPENSSL_malloc(sizeof(struct file_st));
+ if (result == NULL) {
+ DSOerr(DSO_F_WIN32_SPLITTER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+
+ memset(result, 0, sizeof(struct file_st));
+ position = IN_DEVICE;
+
+ if ((filename[0] == '\\' && filename[1] == '\\')
+ || (filename[0] == '/' && filename[1] == '/')) {
+ position = IN_NODE;
+ filename += 2;
+ start = filename;
+ result->node = start;
+ }
+
+ do {
+ last = filename[0];
+ switch (last) {
+ case ':':
+ if (position != IN_DEVICE) {
+ DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_INCORRECT_FILE_SYNTAX);
+ /*
+ * goto err;
+ */
+ OPENSSL_free(result);
+ return (NULL);
+ }
+ result->device = start;
+ result->devicelen = (int)(filename - start);
+ position = IN_FILE;
+ start = ++filename;
+ result->dir = start;
+ break;
+ case '\\':
+ case '/':
+ if (position == IN_NODE) {
+ result->nodelen = (int)(filename - start);
+ position = IN_FILE;
+ start = ++filename;
+ result->dir = start;
+ } else if (position == IN_DEVICE) {
+ position = IN_FILE;
+ filename++;
+ result->dir = start;
+ result->dirlen = (int)(filename - start);
+ start = filename;
+ } else {
+ filename++;
+ result->dirlen += (int)(filename - start);
+ start = filename;
+ }
+ break;
+ case '\0':
+ if (position == IN_NODE) {
+ result->nodelen = (int)(filename - start);
+ } else {
+ if (filename - start > 0) {
+ if (assume_last_is_dir) {
+ if (position == IN_DEVICE) {
+ result->dir = start;
+ result->dirlen = 0;
+ }
+ result->dirlen += (int)(filename - start);
+ } else {
+ result->file = start;
+ result->filelen = (int)(filename - start);
+ }
+ }
+ }
+ break;
+ default:
+ filename++;
+ break;
+ }
+ }
+ while (last);
+
+ if (!result->nodelen)
+ result->node = NULL;
+ if (!result->devicelen)
+ result->device = NULL;
+ if (!result->dirlen)
+ result->dir = NULL;
+ if (!result->filelen)
+ result->file = NULL;
+
+ return (result);
+}
+
+static char *win32_joiner(DSO *dso, const struct file_st *file_split)
+{
+ int len = 0, offset = 0;
+ char *result = NULL;
+ const char *start;
+
+ if (!file_split) {
+ DSOerr(DSO_F_WIN32_JOINER, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (file_split->node) {
+ len += 2 + file_split->nodelen; /* 2 for starting \\ */
+ if (file_split->predir || file_split->dir || file_split->file)
+ len++; /* 1 for ending \ */
+ } else if (file_split->device) {
+ len += file_split->devicelen + 1; /* 1 for ending : */
+ }
+ len += file_split->predirlen;
+ if (file_split->predir && (file_split->dir || file_split->file)) {
+ len++; /* 1 for ending \ */
+ }
+ len += file_split->dirlen;
+ if (file_split->dir && file_split->file) {
+ len++; /* 1 for ending \ */
+ }
+ len += file_split->filelen;
+
+ if (!len) {
+ DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE);
+ return (NULL);
+ }
+
+ result = OPENSSL_malloc(len + 1);
+ if (!result) {
+ DSOerr(DSO_F_WIN32_JOINER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+
+ if (file_split->node) {
+ strcpy(&result[offset], "\\\\");
+ offset += 2;
+ strncpy(&result[offset], file_split->node, file_split->nodelen);
+ offset += file_split->nodelen;
+ if (file_split->predir || file_split->dir || file_split->file) {
+ result[offset] = '\\';
+ offset++;
+ }
+ } else if (file_split->device) {
+ strncpy(&result[offset], file_split->device, file_split->devicelen);
+ offset += file_split->devicelen;
+ result[offset] = ':';
+ offset++;
+ }
+ start = file_split->predir;
+ while (file_split->predirlen > (start - file_split->predir)) {
+ const char *end = openssl_strnchr(start, '/',
+ file_split->predirlen - (start -
+ file_split->predir));
+ if (!end)
+ end = start
+ + file_split->predirlen - (start - file_split->predir);
+ strncpy(&result[offset], start, end - start);
+ offset += (int)(end - start);
+ result[offset] = '\\';
+ offset++;
+ start = end + 1;
+ }
+# if 0 /* Not needed, since the directory converter
+ * above already appeneded a backslash */
+ if (file_split->predir && (file_split->dir || file_split->file)) {
+ result[offset] = '\\';
+ offset++;
+ }
+# endif
+ start = file_split->dir;
+ while (file_split->dirlen > (start - file_split->dir)) {
+ const char *end = openssl_strnchr(start, '/',
+ file_split->dirlen - (start -
+ file_split->dir));
+ if (!end)
+ end = start + file_split->dirlen - (start - file_split->dir);
+ strncpy(&result[offset], start, end - start);
+ offset += (int)(end - start);
+ result[offset] = '\\';
+ offset++;
+ start = end + 1;
+ }
+# if 0 /* Not needed, since the directory converter
+ * above already appeneded a backslash */
+ if (file_split->dir && file_split->file) {
+ result[offset] = '\\';
+ offset++;
+ }
+# endif
+ strncpy(&result[offset], file_split->file, file_split->filelen);
+ offset += file_split->filelen;
+ result[offset] = '\0';
+ return (result);
+}
+
+static char *win32_merger(DSO *dso, const char *filespec1,
+ const char *filespec2)
+{
+ char *merged = NULL;
+ struct file_st *filespec1_split = NULL;
+ struct file_st *filespec2_split = NULL;
+
+ if (!filespec1 && !filespec2) {
+ DSOerr(DSO_F_WIN32_MERGER, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (!filespec2) {
+ merged = OPENSSL_malloc(strlen(filespec1) + 1);
+ if (!merged) {
+ DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec1);
+ } else if (!filespec1) {
+ merged = OPENSSL_malloc(strlen(filespec2) + 1);
+ if (!merged) {
+ DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ strcpy(merged, filespec2);
+ } else {
+ filespec1_split = win32_splitter(dso, filespec1, 0);
+ if (!filespec1_split) {
+ DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+ filespec2_split = win32_splitter(dso, filespec2, 1);
+ if (!filespec2_split) {
+ DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(filespec1_split);
+ return (NULL);
+ }
+
+ /* Fill in into filespec1_split */
+ if (!filespec1_split->node && !filespec1_split->device) {
+ filespec1_split->node = filespec2_split->node;
+ filespec1_split->nodelen = filespec2_split->nodelen;
+ filespec1_split->device = filespec2_split->device;
+ filespec1_split->devicelen = filespec2_split->devicelen;
+ }
+ if (!filespec1_split->dir) {
+ filespec1_split->dir = filespec2_split->dir;
+ filespec1_split->dirlen = filespec2_split->dirlen;
+ } else if (filespec1_split->dir[0] != '\\'
+ && filespec1_split->dir[0] != '/') {
+ filespec1_split->predir = filespec2_split->dir;
+ filespec1_split->predirlen = filespec2_split->dirlen;
+ }
+ if (!filespec1_split->file) {
+ filespec1_split->file = filespec2_split->file;
+ filespec1_split->filelen = filespec2_split->filelen;
+ }
+
+ merged = win32_joiner(dso, filespec1_split);
+ }
+ OPENSSL_free(filespec1_split);
+ OPENSSL_free(filespec2_split);
+ return (merged);
+}
+
+static char *win32_name_converter(DSO *dso, const char *filename)
+{
+ char *translated;
+ int len, transform;
+
+ len = strlen(filename);
+ transform = ((strstr(filename, "/") == NULL) &&
+ (strstr(filename, "\\") == NULL) &&
+ (strstr(filename, ":") == NULL));
+ if (transform)
+ /* We will convert this to "%s.dll" */
+ translated = OPENSSL_malloc(len + 5);
+ else
+ /* We will simply duplicate filename */
+ translated = OPENSSL_malloc(len + 1);
+ if (translated == NULL) {
+ DSOerr(DSO_F_WIN32_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+ return (NULL);
+ }
+ if (transform)
+ sprintf(translated, "%s.dll", filename);
+ else
+ sprintf(translated, "%s", filename);
+ return (translated);
+}
+
+static const char *openssl_strnchr(const char *string, int c, size_t len)
+{
+ size_t i;
+ const char *p;
+ for (i = 0, p = string; i < len && *p; i++, p++) {
+ if (*p == c)
+ return p;
+ }
+ return NULL;
+}
+
+# include <tlhelp32.h>
+# ifdef _WIN32_WCE
+# define DLLNAME "TOOLHELP.DLL"
+# else
+# ifdef MODULEENTRY32
+# undef MODULEENTRY32 /* unmask the ASCII version! */
+# endif
+# define DLLNAME "KERNEL32.DLL"
+# endif
+
+typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
+typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
+typedef BOOL(WINAPI *MODULE32) (HANDLE, MODULEENTRY32 *);
+
+static int win32_pathbyaddr(void *addr, char *path, int sz)
+{
+ HMODULE dll;
+ HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+ MODULEENTRY32 me32;
+ CREATETOOLHELP32SNAPSHOT create_snap;
+ CLOSETOOLHELP32SNAPSHOT close_snap;
+ MODULE32 module_first, module_next;
+ int len;
+
+ if (addr == NULL) {
+ union {
+ int (*f) (void *, char *, int);
+ void *p;
+ } t = {
+ win32_pathbyaddr
+ };
+ addr = t.p;
+ }
+
+ dll = LoadLibrary(TEXT(DLLNAME));
+ if (dll == NULL) {
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+
+ create_snap = (CREATETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CreateToolhelp32Snapshot");
+ if (create_snap == NULL) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+ /* We take the rest for granted... */
+# ifdef _WIN32_WCE
+ close_snap = (CLOSETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CloseToolhelp32Snapshot");
+# else
+ close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
+# endif
+ module_first = (MODULE32) GetProcAddress(dll, "Module32First");
+ module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
+
+ hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
+ if (hModuleSnap == INVALID_HANDLE_VALUE) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+
+ me32.dwSize = sizeof(me32);
+
+ if (!(*module_first) (hModuleSnap, &me32)) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_FAILURE);
+ return -1;
+ }
+
+ do {
+ if ((BYTE *) addr >= me32.modBaseAddr &&
+ (BYTE *) addr < me32.modBaseAddr + me32.modBaseSize) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+# ifdef _WIN32_WCE
+# if _WIN32_WCE >= 101
+ return WideCharToMultiByte(CP_ACP, 0, me32.szExePath, -1,
+ path, sz, NULL, NULL);
+# else
+ len = (int)wcslen(me32.szExePath);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ for (i = 0; i < len; i++)
+ path[i] = (char)me32.szExePath[i];
+ path[len++] = 0;
+ return len;
+# endif
+# else
+ len = (int)strlen(me32.szExePath);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ memcpy(path, me32.szExePath, len);
+ path[len++] = 0;
+ return len;
+# endif
+ }
+ } while ((*module_next) (hModuleSnap, &me32));
+
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return 0;
+}
+
+static void *win32_globallookup(const char *name)
+{
+ HMODULE dll;
+ HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+ MODULEENTRY32 me32;
+ CREATETOOLHELP32SNAPSHOT create_snap;
+ CLOSETOOLHELP32SNAPSHOT close_snap;
+ MODULE32 module_first, module_next;
+ FARPROC ret = NULL;
+
+ dll = LoadLibrary(TEXT(DLLNAME));
+ if (dll == NULL) {
+ DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+
+ create_snap = (CREATETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CreateToolhelp32Snapshot");
+ if (create_snap == NULL) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+ /* We take the rest for granted... */
+# ifdef _WIN32_WCE
+ close_snap = (CLOSETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CloseToolhelp32Snapshot");
+# else
+ close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
+# endif
+ module_first = (MODULE32) GetProcAddress(dll, "Module32First");
+ module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
+
+ hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
+ if (hModuleSnap == INVALID_HANDLE_VALUE) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+
+ me32.dwSize = sizeof(me32);
+
+ if (!(*module_first) (hModuleSnap, &me32)) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return NULL;
+ }
+
+ do {
+ if ((ret = GetProcAddress(me32.hModule, name))) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return ret;
+ }
+ } while ((*module_next) (hModuleSnap, &me32));
+
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return NULL;
+}
+#endif /* DSO_WIN32 */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ec/ectest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1861 +0,0 @@
-/* crypto/ec/ectest.c */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#ifdef FLAT_INC
-# include "e_os.h"
-#else
-# include "../e_os.h"
-#endif
-#include <string.h>
-#include <time.h>
-
-#ifdef OPENSSL_NO_EC
-int main(int argc, char *argv[])
-{
- puts("Elliptic curves are disabled.");
- return 0;
-}
-#else
-
-# include <openssl/ec.h>
-# ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-# endif
-# include <openssl/err.h>
-# include <openssl/obj_mac.h>
-# include <openssl/objects.h>
-# include <openssl/rand.h>
-# include <openssl/bn.h>
-# include <openssl/opensslconf.h>
-
-# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
-/* suppress "too big too optimize" warning */
-# pragma warning(disable:4959)
-# endif
-
-# define ABORT do { \
- fflush(stdout); \
- fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
- ERR_print_errors_fp(stderr); \
- EXIT(1); \
-} while (0)
-
-# define TIMING_BASE_PT 0
-# define TIMING_RAND_PT 1
-# define TIMING_SIMUL 2
-
-# if 0
-static void timings(EC_GROUP *group, int type, BN_CTX *ctx)
-{
- clock_t clck;
- int i, j;
- BIGNUM *s;
- BIGNUM *r[10], *r0[10];
- EC_POINT *P;
-
- s = BN_new();
- if (s == NULL)
- ABORT;
-
- fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group));
- if (!EC_GROUP_get_order(group, s, ctx))
- ABORT;
- fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s));
- fflush(stdout);
-
- P = EC_POINT_new(group);
- if (P == NULL)
- ABORT;
- EC_POINT_copy(P, EC_GROUP_get0_generator(group));
-
- for (i = 0; i < 10; i++) {
- if ((r[i] = BN_new()) == NULL)
- ABORT;
- if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0))
- ABORT;
- if (type != TIMING_BASE_PT) {
- if ((r0[i] = BN_new()) == NULL)
- ABORT;
- if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0))
- ABORT;
- }
- }
-
- clck = clock();
- for (i = 0; i < 10; i++) {
- for (j = 0; j < 10; j++) {
- if (!EC_POINT_mul
- (group, P, (type != TIMING_RAND_PT) ? r[i] : NULL,
- (type != TIMING_BASE_PT) ? P : NULL,
- (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx))
- ABORT;
- }
- }
- clck = clock() - clck;
-
- fprintf(stdout, "\n");
-
-# ifdef CLOCKS_PER_SEC
- /*
- * "To determine the time in seconds, the value returned by the clock
- * function should be divided by the value of the macro CLOCKS_PER_SEC."
- * -- ISO/IEC 9899
- */
-# define UNIT "s"
-# else
- /*
- * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
- * NeXTstep/OpenStep
- */
-# define UNIT "units"
-# define CLOCKS_PER_SEC 1
-# endif
-
- if (type == TIMING_BASE_PT) {
- fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
- "base point multiplications", (double)clck / CLOCKS_PER_SEC);
- } else if (type == TIMING_RAND_PT) {
- fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
- "random point multiplications",
- (double)clck / CLOCKS_PER_SEC);
- } else if (type == TIMING_SIMUL) {
- fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
- "s*P+t*Q operations", (double)clck / CLOCKS_PER_SEC);
- }
- fprintf(stdout, "average: %.4f " UNIT "\n",
- (double)clck / (CLOCKS_PER_SEC * i * j));
-
- EC_POINT_free(P);
- BN_free(s);
- for (i = 0; i < 10; i++) {
- BN_free(r[i]);
- if (type != TIMING_BASE_PT)
- BN_free(r0[i]);
- }
-}
-# endif
-
-/* test multiplication with group order, long and negative scalars */
-static void group_order_tests(EC_GROUP *group)
-{
- BIGNUM *n1, *n2, *order;
- EC_POINT *P = EC_POINT_new(group);
- EC_POINT *Q = EC_POINT_new(group);
- BN_CTX *ctx = BN_CTX_new();
- int i;
-
- n1 = BN_new();
- n2 = BN_new();
- order = BN_new();
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, order, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
- fprintf(stdout, "long/negative scalar tests ");
- for (i = 1; i <= 2; i++) {
- const BIGNUM *scalars[6];
- const EC_POINT *points[6];
-
- fprintf(stdout, i == 1 ?
- "allowing precomputation ... " :
- "without precomputation ... ");
- if (!BN_set_word(n1, i))
- ABORT;
- /*
- * If i == 1, P will be the predefined generator for which
- * EC_GROUP_precompute_mult has set up precomputation.
- */
- if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx))
- ABORT;
-
- if (!BN_one(n1))
- ABORT;
- /* n1 = 1 - order */
- if (!BN_sub(n1, n1, order))
- ABORT;
- if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, Q, P, ctx))
- ABORT;
-
- /* n2 = 1 + order */
- if (!BN_add(n2, order, BN_value_one()))
- ABORT;
- if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, Q, P, ctx))
- ABORT;
-
- /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
- if (!BN_mul(n2, n1, n2, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, Q, P, ctx))
- ABORT;
-
- /* n2 = order^2 - 1 */
- BN_set_negative(n2, 0);
- if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
- ABORT;
- /* Add P to verify the result. */
- if (!EC_POINT_add(group, Q, Q, P, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
-
- /* Exercise EC_POINTs_mul, including corner cases. */
- if (EC_POINT_is_at_infinity(group, P))
- ABORT;
- scalars[0] = n1;
- points[0] = Q; /* => infinity */
- scalars[1] = n2;
- points[1] = P; /* => -P */
- scalars[2] = n1;
- points[2] = Q; /* => infinity */
- scalars[3] = n2;
- points[3] = Q; /* => infinity */
- scalars[4] = n1;
- points[4] = P; /* => P */
- scalars[5] = n2;
- points[5] = Q; /* => infinity */
- if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
- }
- fprintf(stdout, "ok\n");
-
- EC_POINT_free(P);
- EC_POINT_free(Q);
- BN_free(n1);
- BN_free(n2);
- BN_free(order);
- BN_CTX_free(ctx);
-}
-
-static void prime_field_tests(void)
-{
- BN_CTX *ctx = NULL;
- BIGNUM *p, *a, *b;
- EC_GROUP *group;
- EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 =
- NULL, *P_384 = NULL, *P_521 = NULL;
- EC_POINT *P, *Q, *R;
- BIGNUM *x, *y, *z;
- unsigned char buf[100];
- size_t i, len;
- int k;
-
-# if 1 /* optional */
- ctx = BN_CTX_new();
- if (!ctx)
- ABORT;
-# endif
-
- p = BN_new();
- a = BN_new();
- b = BN_new();
- if (!p || !a || !b)
- ABORT;
-
- if (!BN_hex2bn(&p, "17"))
- ABORT;
- if (!BN_hex2bn(&a, "1"))
- ABORT;
- if (!BN_hex2bn(&b, "1"))
- ABORT;
-
- group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use
- * EC_GROUP_new_curve_GFp so
- * that the library gets to
- * choose the EC_METHOD */
- if (!group)
- ABORT;
-
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- {
- EC_GROUP *tmp;
- tmp = EC_GROUP_new(EC_GROUP_method_of(group));
- if (!tmp)
- ABORT;
- if (!EC_GROUP_copy(tmp, group))
- ABORT;
- EC_GROUP_free(group);
- group = tmp;
- }
-
- if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- fprintf(stdout,
- "Curve defined by Weierstrass equation\n y^2 = x^3 + a*x + b (mod 0x");
- BN_print_fp(stdout, p);
- fprintf(stdout, ")\n a = 0x");
- BN_print_fp(stdout, a);
- fprintf(stdout, "\n b = 0x");
- BN_print_fp(stdout, b);
- fprintf(stdout, "\n");
-
- P = EC_POINT_new(group);
- Q = EC_POINT_new(group);
- R = EC_POINT_new(group);
- if (!P || !Q || !R)
- ABORT;
-
- if (!EC_POINT_set_to_infinity(group, P))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- buf[0] = 0;
- if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
- ABORT;
-
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- x = BN_new();
- y = BN_new();
- z = BN_new();
- if (!x || !y || !z)
- ABORT;
-
- if (!BN_hex2bn(&x, "D"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
- if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx))
- ABORT;
- fprintf(stderr, "Point is not on curve: x = 0x");
- BN_print_fp(stderr, x);
- fprintf(stderr, ", y = 0x");
- BN_print_fp(stderr, y);
- fprintf(stderr, "\n");
- ABORT;
- }
-
- fprintf(stdout, "A cyclic subgroup:\n");
- k = 100;
- do {
- if (k-- == 0)
- ABORT;
-
- if (EC_POINT_is_at_infinity(group, P))
- fprintf(stdout, " point at infinity\n");
- else {
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
-
- fprintf(stdout, " x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, ", y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- }
-
- if (!EC_POINT_copy(R, P))
- ABORT;
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
-
-# if 0 /* optional */
- {
- EC_POINT *points[3];
-
- points[0] = R;
- points[1] = Q;
- points[2] = P;
- if (!EC_POINTs_make_affine(group, 2, points, ctx))
- ABORT;
- }
-# endif
-
- }
- while (!EC_POINT_is_at_infinity(group, P));
-
- if (!EC_POINT_add(group, P, Q, R, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "Generator as octet string, compressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
- ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
- if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx))
- ABORT;
- fprintf(stdout,
- "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n X = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, ", Y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, ", Z = 0x");
- BN_print_fp(stdout, z);
- fprintf(stdout, "\n");
-
- if (!EC_POINT_invert(group, P, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
-
- /*
- * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2,
- * 2000) -- not a NIST curve, but commonly used
- */
-
- if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82"))
- ABORT;
- if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32"))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 160)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_160, group))
- ABORT;
-
- /* Curve P-192 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-192 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 192)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_192, group))
- ABORT;
-
- /* Curve P-224 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn
- (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn
- (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))
- ABORT;
- if (!BN_hex2bn
- (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn
- (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!BN_hex2bn
- (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn
- (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 224)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_224, group))
- ABORT;
-
- /* Curve P-256 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn
- (&p,
- "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn
- (&a,
- "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"))
- ABORT;
- if (!BN_hex2bn
- (&b,
- "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn
- (&x,
- "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
- "84F3B9CAC2FC632551"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn
- (&z,
- "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 256)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_256, group))
- ABORT;
-
- /* Curve P-384 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
- "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
- "9859F741E082542A385502F25DBF55296C3A545E3872760AB7"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
- "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 384)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_384, group))
- ABORT;
-
- /* Curve P-521 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
- "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
- "DF883D2C34F1EF451FD46B503F00"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
- "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
- "3C1856A429BF97E7E31C2E5BD66"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
- "C9B8899C47AEBB6FB71E91386409"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-521 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
- "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
- "7086A272C24088BE94769FD16650"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 521)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_521, group))
- ABORT;
-
- /* more tests using the last curve */
-
- if (!EC_POINT_copy(Q, P))
- ABORT;
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- if (!EC_POINT_dbl(group, P, P, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!EC_POINT_invert(group, Q, ctx))
- ABORT; /* P = -2Q */
-
- if (!EC_POINT_add(group, R, P, Q, ctx))
- ABORT;
- if (!EC_POINT_add(group, R, R, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, R))
- ABORT; /* R = P + 2Q */
-
- {
- const EC_POINT *points[4];
- const BIGNUM *scalars[4];
- BIGNUM scalar3;
-
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- points[0] = Q;
- points[1] = Q;
- points[2] = Q;
- points[3] = Q;
-
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!BN_add(y, z, BN_value_one()))
- ABORT;
- if (BN_is_odd(y))
- ABORT;
- if (!BN_rshift1(y, y))
- ABORT;
- scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
- scalars[1] = y;
-
- fprintf(stdout, "combined multiplication ...");
- fflush(stdout);
-
- /* z is still the group order */
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, R, Q, ctx))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
- ABORT;
- if (!BN_add(z, z, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = y;
- scalars[1] = z; /* z = -(order + y) */
-
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
- ABORT;
- if (!BN_add(z, x, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = x;
- scalars[1] = y;
- scalars[2] = z; /* z = -(x+y) */
-
- BN_init(&scalar3);
- BN_zero(&scalar3);
- scalars[3] = &scalar3;
-
- if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, " ok\n\n");
-
- BN_free(&scalar3);
- }
-
-# if 0
- timings(P_160, TIMING_BASE_PT, ctx);
- timings(P_160, TIMING_RAND_PT, ctx);
- timings(P_160, TIMING_SIMUL, ctx);
- timings(P_192, TIMING_BASE_PT, ctx);
- timings(P_192, TIMING_RAND_PT, ctx);
- timings(P_192, TIMING_SIMUL, ctx);
- timings(P_224, TIMING_BASE_PT, ctx);
- timings(P_224, TIMING_RAND_PT, ctx);
- timings(P_224, TIMING_SIMUL, ctx);
- timings(P_256, TIMING_BASE_PT, ctx);
- timings(P_256, TIMING_RAND_PT, ctx);
- timings(P_256, TIMING_SIMUL, ctx);
- timings(P_384, TIMING_BASE_PT, ctx);
- timings(P_384, TIMING_RAND_PT, ctx);
- timings(P_384, TIMING_SIMUL, ctx);
- timings(P_521, TIMING_BASE_PT, ctx);
- timings(P_521, TIMING_RAND_PT, ctx);
- timings(P_521, TIMING_SIMUL, ctx);
-# endif
-
- if (ctx)
- BN_CTX_free(ctx);
- BN_free(p);
- BN_free(a);
- BN_free(b);
- EC_GROUP_free(group);
- EC_POINT_free(P);
- EC_POINT_free(Q);
- EC_POINT_free(R);
- BN_free(x);
- BN_free(y);
- BN_free(z);
-
- if (P_160)
- EC_GROUP_free(P_160);
- if (P_192)
- EC_GROUP_free(P_192);
- if (P_224)
- EC_GROUP_free(P_224);
- if (P_256)
- EC_GROUP_free(P_256);
- if (P_384)
- EC_GROUP_free(P_384);
- if (P_521)
- EC_GROUP_free(P_521);
-
-}
-
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
-# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- if (!BN_hex2bn(&x, _x)) ABORT; \
- if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \
- if (!BN_hex2bn(&z, _order)) ABORT; \
- if (!BN_hex2bn(&cof, _cof)) ABORT; \
- if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
- if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
- fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
- BN_print_fp(stdout, x); \
- fprintf(stdout, "\n y = 0x"); \
- BN_print_fp(stdout, y); \
- fprintf(stdout, "\n"); \
- /* G_y value taken from the standard: */ \
- if (!BN_hex2bn(&z, _y)) ABORT; \
- if (0 != BN_cmp(y, z)) ABORT;
-# else
-# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- if (!BN_hex2bn(&x, _x)) ABORT; \
- if (!BN_hex2bn(&y, _y)) ABORT; \
- if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \
- if (!BN_hex2bn(&z, _order)) ABORT; \
- if (!BN_hex2bn(&cof, _cof)) ABORT; \
- if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
- fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
- BN_print_fp(stdout, x); \
- fprintf(stdout, "\n y = 0x"); \
- BN_print_fp(stdout, y); \
- fprintf(stdout, "\n");
-# endif
-
-# define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- if (!BN_hex2bn(&p, _p)) ABORT; \
- if (!BN_hex2bn(&a, _a)) ABORT; \
- if (!BN_hex2bn(&b, _b)) ABORT; \
- if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \
- CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- fprintf(stdout, "verify degree ..."); \
- if (EC_GROUP_get_degree(group) != _degree) ABORT; \
- fprintf(stdout, " ok\n"); \
- group_order_tests(group); \
- if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
- if (!EC_GROUP_copy(_variable, group)) ABORT; \
-
-# ifndef OPENSSL_NO_EC2M
-
-static void char2_field_tests(void)
-{
- BN_CTX *ctx = NULL;
- BIGNUM *p, *a, *b;
- EC_GROUP *group;
- EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 =
- NULL, *C2_K571 = NULL;
- EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 =
- NULL, *C2_B571 = NULL;
- EC_POINT *P, *Q, *R;
- BIGNUM *x, *y, *z, *cof;
- unsigned char buf[100];
- size_t i, len;
- int k;
-
-# if 1 /* optional */
- ctx = BN_CTX_new();
- if (!ctx)
- ABORT;
-# endif
-
- p = BN_new();
- a = BN_new();
- b = BN_new();
- if (!p || !a || !b)
- ABORT;
-
- if (!BN_hex2bn(&p, "13"))
- ABORT;
- if (!BN_hex2bn(&a, "3"))
- ABORT;
- if (!BN_hex2bn(&b, "1"))
- ABORT;
-
- group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use
- * EC_GROUP_new_curve_GF2m
- * so that the library gets
- * to choose the EC_METHOD */
- if (!group)
- ABORT;
- if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx))
- ABORT;
-
- {
- EC_GROUP *tmp;
- tmp = EC_GROUP_new(EC_GROUP_method_of(group));
- if (!tmp)
- ABORT;
- if (!EC_GROUP_copy(tmp, group))
- ABORT;
- EC_GROUP_free(group);
- group = tmp;
- }
-
- if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx))
- ABORT;
-
- fprintf(stdout,
- "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x");
- BN_print_fp(stdout, p);
- fprintf(stdout, ")\n a = 0x");
- BN_print_fp(stdout, a);
- fprintf(stdout, "\n b = 0x");
- BN_print_fp(stdout, b);
- fprintf(stdout, "\n(0x... means binary polynomial)\n");
-
- P = EC_POINT_new(group);
- Q = EC_POINT_new(group);
- R = EC_POINT_new(group);
- if (!P || !Q || !R)
- ABORT;
-
- if (!EC_POINT_set_to_infinity(group, P))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- buf[0] = 0;
- if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
- ABORT;
-
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- x = BN_new();
- y = BN_new();
- z = BN_new();
- cof = BN_new();
- if (!x || !y || !z || !cof)
- ABORT;
-
- if (!BN_hex2bn(&x, "6"))
- ABORT;
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx))
- ABORT;
-# else
- if (!BN_hex2bn(&y, "8"))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
- ABORT;
-# endif
- if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
- ABORT;
-# endif
- fprintf(stderr, "Point is not on curve: x = 0x");
- BN_print_fp(stderr, x);
- fprintf(stderr, ", y = 0x");
- BN_print_fp(stderr, y);
- fprintf(stderr, "\n");
- ABORT;
- }
-
- fprintf(stdout, "A cyclic subgroup:\n");
- k = 100;
- do {
- if (k-- == 0)
- ABORT;
-
- if (EC_POINT_is_at_infinity(group, P))
- fprintf(stdout, " point at infinity\n");
- else {
- if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx))
- ABORT;
-
- fprintf(stdout, " x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, ", y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- }
-
- if (!EC_POINT_copy(R, P))
- ABORT;
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
- }
- while (!EC_POINT_is_at_infinity(group, P));
-
- if (!EC_POINT_add(group, P, Q, R, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "Generator as octet string, compressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-# endif
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
- ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-# endif
-
- fprintf(stdout, "\n");
-
- if (!EC_POINT_invert(group, P, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
-
- /* Curve K-163 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-163",
- "0800000000000000000000000000000000000000C9",
- "1",
- "1",
- "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
- "0289070FB05D38FF58321F2E800536D538CCDAA3D9",
- 1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163, C2_K163);
-
- /* Curve B-163 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-163",
- "0800000000000000000000000000000000000000C9",
- "1",
- "020A601907B8C953CA1481EB10512F78744A3205FD",
- "03F0EBA16286A2D57EA0991168D4994637E8343E36",
- "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
- 1, "040000000000000000000292FE77E70C12A4234C33", "2", 163, C2_B163);
-
- /* Curve K-233 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-233",
- "020000000000000000000000000000000000000004000000000000000001",
- "0",
- "1",
- "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
- "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
- 0,
- "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
- "4", 233, C2_K233);
-
- /* Curve B-233 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-233",
- "020000000000000000000000000000000000000004000000000000000001",
- "000000000000000000000000000000000000000000000000000000000001",
- "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
- "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
- "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
- 1,
- "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
- "2", 233, C2_B233);
-
- /* Curve K-283 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-283",
- "0800000000000000000000000000000000000000000000000000000000000000000010A1",
- "0",
- "1",
- "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
- "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
- 0,
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
- "4", 283, C2_K283);
-
- /* Curve B-283 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-283",
- "0800000000000000000000000000000000000000000000000000000000000000000010A1",
- "000000000000000000000000000000000000000000000000000000000000000000000001",
- "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
- "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
- "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
- 1,
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
- "2", 283, C2_B283);
-
- /* Curve K-409 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-409",
- "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
- "0",
- "1",
- "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
- "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
- 1,
- "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
- "4", 409, C2_K409);
-
- /* Curve B-409 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-409",
- "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
- "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
- "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
- "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
- "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
- 1,
- "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
- "2", 409, C2_B409);
-
- /* Curve K-571 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-571",
- "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
- "0",
- "1",
- "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
- "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
- 0,
- "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
- "4", 571, C2_K571);
-
- /* Curve B-571 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-571",
- "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
- "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
- "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
- "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
- "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
- 1,
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
- "2", 571, C2_B571);
-
- /* more tests using the last curve */
-
- if (!EC_POINT_copy(Q, P))
- ABORT;
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- if (!EC_POINT_dbl(group, P, P, ctx))
- ABORT;
- if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
- ABORT;
- if (!EC_POINT_invert(group, Q, ctx))
- ABORT; /* P = -2Q */
-
- if (!EC_POINT_add(group, R, P, Q, ctx))
- ABORT;
- if (!EC_POINT_add(group, R, R, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, R))
- ABORT; /* R = P + 2Q */
-
- {
- const EC_POINT *points[3];
- const BIGNUM *scalars[3];
-
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- points[0] = Q;
- points[1] = Q;
- points[2] = Q;
-
- if (!BN_add(y, z, BN_value_one()))
- ABORT;
- if (BN_is_odd(y))
- ABORT;
- if (!BN_rshift1(y, y))
- ABORT;
- scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
- scalars[1] = y;
-
- fprintf(stdout, "combined multiplication ...");
- fflush(stdout);
-
- /* z is still the group order */
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, R, Q, ctx))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
- ABORT;
- if (!BN_add(z, z, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = y;
- scalars[1] = z; /* z = -(order + y) */
-
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
- ABORT;
- if (!BN_add(z, x, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = x;
- scalars[1] = y;
- scalars[2] = z; /* z = -(x+y) */
-
- if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, " ok\n\n");
- }
-
-# if 0
- timings(C2_K163, TIMING_BASE_PT, ctx);
- timings(C2_K163, TIMING_RAND_PT, ctx);
- timings(C2_K163, TIMING_SIMUL, ctx);
- timings(C2_B163, TIMING_BASE_PT, ctx);
- timings(C2_B163, TIMING_RAND_PT, ctx);
- timings(C2_B163, TIMING_SIMUL, ctx);
- timings(C2_K233, TIMING_BASE_PT, ctx);
- timings(C2_K233, TIMING_RAND_PT, ctx);
- timings(C2_K233, TIMING_SIMUL, ctx);
- timings(C2_B233, TIMING_BASE_PT, ctx);
- timings(C2_B233, TIMING_RAND_PT, ctx);
- timings(C2_B233, TIMING_SIMUL, ctx);
- timings(C2_K283, TIMING_BASE_PT, ctx);
- timings(C2_K283, TIMING_RAND_PT, ctx);
- timings(C2_K283, TIMING_SIMUL, ctx);
- timings(C2_B283, TIMING_BASE_PT, ctx);
- timings(C2_B283, TIMING_RAND_PT, ctx);
- timings(C2_B283, TIMING_SIMUL, ctx);
- timings(C2_K409, TIMING_BASE_PT, ctx);
- timings(C2_K409, TIMING_RAND_PT, ctx);
- timings(C2_K409, TIMING_SIMUL, ctx);
- timings(C2_B409, TIMING_BASE_PT, ctx);
- timings(C2_B409, TIMING_RAND_PT, ctx);
- timings(C2_B409, TIMING_SIMUL, ctx);
- timings(C2_K571, TIMING_BASE_PT, ctx);
- timings(C2_K571, TIMING_RAND_PT, ctx);
- timings(C2_K571, TIMING_SIMUL, ctx);
- timings(C2_B571, TIMING_BASE_PT, ctx);
- timings(C2_B571, TIMING_RAND_PT, ctx);
- timings(C2_B571, TIMING_SIMUL, ctx);
-# endif
-
- if (ctx)
- BN_CTX_free(ctx);
- BN_free(p);
- BN_free(a);
- BN_free(b);
- EC_GROUP_free(group);
- EC_POINT_free(P);
- EC_POINT_free(Q);
- EC_POINT_free(R);
- BN_free(x);
- BN_free(y);
- BN_free(z);
- BN_free(cof);
-
- if (C2_K163)
- EC_GROUP_free(C2_K163);
- if (C2_B163)
- EC_GROUP_free(C2_B163);
- if (C2_K233)
- EC_GROUP_free(C2_K233);
- if (C2_B233)
- EC_GROUP_free(C2_B233);
- if (C2_K283)
- EC_GROUP_free(C2_K283);
- if (C2_B283)
- EC_GROUP_free(C2_B283);
- if (C2_K409)
- EC_GROUP_free(C2_K409);
- if (C2_B409)
- EC_GROUP_free(C2_B409);
- if (C2_K571)
- EC_GROUP_free(C2_K571);
- if (C2_B571)
- EC_GROUP_free(C2_B571);
-
-}
-# endif
-
-static void internal_curve_test(void)
-{
- EC_builtin_curve *curves = NULL;
- size_t crv_len = 0, n = 0;
- int ok = 1;
-
- crv_len = EC_get_builtin_curves(NULL, 0);
-
- curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
-
- if (curves == NULL)
- return;
-
- if (!EC_get_builtin_curves(curves, crv_len)) {
- OPENSSL_free(curves);
- return;
- }
-
- fprintf(stdout, "testing internal curves: ");
-
- for (n = 0; n < crv_len; n++) {
- EC_GROUP *group = NULL;
- int nid = curves[n].nid;
- if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) {
- ok = 0;
- fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
- " curve %s\n", OBJ_nid2sn(nid));
- /* try next curve */
- continue;
- }
- if (!EC_GROUP_check(group, NULL)) {
- ok = 0;
- fprintf(stdout, "\nEC_GROUP_check() failed with"
- " curve %s\n", OBJ_nid2sn(nid));
- EC_GROUP_free(group);
- /* try the next curve */
- continue;
- }
- fprintf(stdout, ".");
- fflush(stdout);
- EC_GROUP_free(group);
- }
- if (ok)
- fprintf(stdout, " ok\n\n");
- else {
- fprintf(stdout, " failed\n\n");
- ABORT;
- }
- OPENSSL_free(curves);
- return;
-}
-
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-/*
- * nistp_test_params contains magic numbers for testing our optimized
- * implementations of several NIST curves with characteristic > 3.
- */
-struct nistp_test_params {
- const EC_METHOD *(*meth) ();
- int degree;
- /*
- * Qx, Qy and D are taken from
- * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
- * Otherwise, values are standard curve parameters from FIPS 180-3
- */
- const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
-};
-
-static const struct nistp_test_params nistp_tests_params[] = {
- {
- /* P-224 */
- EC_GFp_nistp224_method,
- 224,
- /* p */
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
- /* a */
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
- /* b */
- "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
- /* Qx */
- "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E",
- /* Qy */
- "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555",
- /* Gx */
- "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
- /* Gy */
- "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
- /* order */
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
- /* d */
- "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8",
- },
- {
- /* P-256 */
- EC_GFp_nistp256_method,
- 256,
- /* p */
- "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
- /* a */
- "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
- /* b */
- "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
- /* Qx */
- "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19",
- /* Qy */
- "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09",
- /* Gx */
- "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
- /* Gy */
- "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
- /* order */
- "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
- /* d */
- "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96",
- },
- {
- /* P-521 */
- EC_GFp_nistp521_method,
- 521,
- /* p */
- "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
- /* a */
- "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
- /* b */
- "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
- /* Qx */
- "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4",
- /* Qy */
- "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e",
- /* Gx */
- "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
- /* Gy */
- "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
- /* order */
- "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
- /* d */
- "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722",
- },
-};
-
-static void nistp_single_test(const struct nistp_test_params *test)
-{
- BN_CTX *ctx;
- BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
- EC_GROUP *NISTP;
- EC_POINT *G, *P, *Q, *Q_CHECK;
-
- fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n",
- test->degree);
- ctx = BN_CTX_new();
- p = BN_new();
- a = BN_new();
- b = BN_new();
- x = BN_new();
- y = BN_new();
- m = BN_new();
- n = BN_new();
- order = BN_new();
-
- NISTP = EC_GROUP_new(test->meth());
- if (!NISTP)
- ABORT;
- if (!BN_hex2bn(&p, test->p))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, test->a))
- ABORT;
- if (!BN_hex2bn(&b, test->b))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx))
- ABORT;
- G = EC_POINT_new(NISTP);
- P = EC_POINT_new(NISTP);
- Q = EC_POINT_new(NISTP);
- Q_CHECK = EC_POINT_new(NISTP);
- if (!BN_hex2bn(&x, test->Qx))
- ABORT;
- if (!BN_hex2bn(&y, test->Qy))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx))
- ABORT;
- if (!BN_hex2bn(&x, test->Gx))
- ABORT;
- if (!BN_hex2bn(&y, test->Gy))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx))
- ABORT;
- if (!BN_hex2bn(&order, test->order))
- ABORT;
- if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
- ABORT;
-
- fprintf(stdout, "verify degree ... ");
- if (EC_GROUP_get_degree(NISTP) != test->degree)
- ABORT;
- fprintf(stdout, "ok\n");
-
- fprintf(stdout, "NIST test vectors ... ");
- if (!BN_hex2bn(&n, test->d))
- ABORT;
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- /* set generator to P = 2*G, where G is the standard generator */
- if (!EC_POINT_dbl(NISTP, P, G, ctx))
- ABORT;
- if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
- ABORT;
- /* set the scalar to m=n/2, where n is the NIST test scalar */
- if (!BN_rshift(m, n, 1))
- ABORT;
-
- /* test the non-standard generator */
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- /* now repeat all tests with precomputation */
- if (!EC_GROUP_precompute_mult(NISTP, ctx))
- ABORT;
-
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- /* reset generator */
- if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
- ABORT;
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- fprintf(stdout, "ok\n");
- group_order_tests(NISTP);
-# if 0
- timings(NISTP, TIMING_BASE_PT, ctx);
- timings(NISTP, TIMING_RAND_PT, ctx);
-# endif
- EC_GROUP_free(NISTP);
- EC_POINT_free(G);
- EC_POINT_free(P);
- EC_POINT_free(Q);
- EC_POINT_free(Q_CHECK);
- BN_free(n);
- BN_free(m);
- BN_free(p);
- BN_free(a);
- BN_free(b);
- BN_free(x);
- BN_free(y);
- BN_free(order);
- BN_CTX_free(ctx);
-}
-
-static void nistp_tests()
-{
- unsigned i;
-
- for (i = 0;
- i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params);
- i++) {
- nistp_single_test(&nistp_tests_params[i]);
- }
-}
-# endif
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-int main(int argc, char *argv[])
-{
-
- /* enable memory leak checking unless explicitly disabled */
- if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
- && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- } else {
- /* OPENSSL_DEBUG_MEMORY=off */
- CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
- }
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- ERR_load_crypto_strings();
-
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
-
- prime_field_tests();
- puts("");
-# ifndef OPENSSL_NO_EC2M
- char2_field_tests();
-# endif
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
- nistp_tests();
-# endif
- /* test the internal curves */
- internal_curve_test();
-
-# ifndef OPENSSL_NO_ENGINE
- ENGINE_cleanup();
-# endif
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks_fp(stderr);
-
- return 0;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ec/ectest.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ec/ectest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1861 @@
+/* crypto/ec/ectest.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef FLAT_INC
+# include "e_os.h"
+#else
+# include "../e_os.h"
+#endif
+#include <string.h>
+#include <time.h>
+
+#ifdef OPENSSL_NO_EC
+int main(int argc, char *argv[])
+{
+ puts("Elliptic curves are disabled.");
+ return 0;
+}
+#else
+
+# include <openssl/ec.h>
+# ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/obj_mac.h>
+# include <openssl/objects.h>
+# include <openssl/rand.h>
+# include <openssl/bn.h>
+# include <openssl/opensslconf.h>
+
+# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
+/* suppress "too big too optimize" warning */
+# pragma warning(disable:4959)
+# endif
+
+# define ABORT do { \
+ fflush(stdout); \
+ fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
+ ERR_print_errors_fp(stderr); \
+ EXIT(1); \
+} while (0)
+
+# define TIMING_BASE_PT 0
+# define TIMING_RAND_PT 1
+# define TIMING_SIMUL 2
+
+# if 0
+static void timings(EC_GROUP *group, int type, BN_CTX *ctx)
+{
+ clock_t clck;
+ int i, j;
+ BIGNUM *s;
+ BIGNUM *r[10], *r0[10];
+ EC_POINT *P;
+
+ s = BN_new();
+ if (s == NULL)
+ ABORT;
+
+ fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group));
+ if (!EC_GROUP_get_order(group, s, ctx))
+ ABORT;
+ fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s));
+ fflush(stdout);
+
+ P = EC_POINT_new(group);
+ if (P == NULL)
+ ABORT;
+ EC_POINT_copy(P, EC_GROUP_get0_generator(group));
+
+ for (i = 0; i < 10; i++) {
+ if ((r[i] = BN_new()) == NULL)
+ ABORT;
+ if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0))
+ ABORT;
+ if (type != TIMING_BASE_PT) {
+ if ((r0[i] = BN_new()) == NULL)
+ ABORT;
+ if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0))
+ ABORT;
+ }
+ }
+
+ clck = clock();
+ for (i = 0; i < 10; i++) {
+ for (j = 0; j < 10; j++) {
+ if (!EC_POINT_mul
+ (group, P, (type != TIMING_RAND_PT) ? r[i] : NULL,
+ (type != TIMING_BASE_PT) ? P : NULL,
+ (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx))
+ ABORT;
+ }
+ }
+ clck = clock() - clck;
+
+ fprintf(stdout, "\n");
+
+# ifdef CLOCKS_PER_SEC
+ /*
+ * "To determine the time in seconds, the value returned by the clock
+ * function should be divided by the value of the macro CLOCKS_PER_SEC."
+ * -- ISO/IEC 9899
+ */
+# define UNIT "s"
+# else
+ /*
+ * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
+ * NeXTstep/OpenStep
+ */
+# define UNIT "units"
+# define CLOCKS_PER_SEC 1
+# endif
+
+ if (type == TIMING_BASE_PT) {
+ fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
+ "base point multiplications", (double)clck / CLOCKS_PER_SEC);
+ } else if (type == TIMING_RAND_PT) {
+ fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
+ "random point multiplications",
+ (double)clck / CLOCKS_PER_SEC);
+ } else if (type == TIMING_SIMUL) {
+ fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
+ "s*P+t*Q operations", (double)clck / CLOCKS_PER_SEC);
+ }
+ fprintf(stdout, "average: %.4f " UNIT "\n",
+ (double)clck / (CLOCKS_PER_SEC * i * j));
+
+ EC_POINT_free(P);
+ BN_free(s);
+ for (i = 0; i < 10; i++) {
+ BN_free(r[i]);
+ if (type != TIMING_BASE_PT)
+ BN_free(r0[i]);
+ }
+}
+# endif
+
+/* test multiplication with group order, long and negative scalars */
+static void group_order_tests(EC_GROUP *group)
+{
+ BIGNUM *n1, *n2, *order;
+ EC_POINT *P = EC_POINT_new(group);
+ EC_POINT *Q = EC_POINT_new(group);
+ BN_CTX *ctx = BN_CTX_new();
+ int i;
+
+ n1 = BN_new();
+ n2 = BN_new();
+ order = BN_new();
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
+ if (!EC_GROUP_get_order(group, order, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ fprintf(stdout, " ok\n");
+ fprintf(stdout, "long/negative scalar tests ");
+ for (i = 1; i <= 2; i++) {
+ const BIGNUM *scalars[6];
+ const EC_POINT *points[6];
+
+ fprintf(stdout, i == 1 ?
+ "allowing precomputation ... " :
+ "without precomputation ... ");
+ if (!BN_set_word(n1, i))
+ ABORT;
+ /*
+ * If i == 1, P will be the predefined generator for which
+ * EC_GROUP_precompute_mult has set up precomputation.
+ */
+ if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx))
+ ABORT;
+
+ if (!BN_one(n1))
+ ABORT;
+ /* n1 = 1 - order */
+ if (!BN_sub(n1, n1, order))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = 1 + order */
+ if (!BN_add(n2, order, BN_value_one()))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
+ if (!BN_mul(n2, n1, n2, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = order^2 - 1 */
+ BN_set_negative(n2, 0);
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ /* Add P to verify the result. */
+ if (!EC_POINT_add(group, Q, Q, P, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+
+ /* Exercise EC_POINTs_mul, including corner cases. */
+ if (EC_POINT_is_at_infinity(group, P))
+ ABORT;
+ scalars[0] = n1;
+ points[0] = Q; /* => infinity */
+ scalars[1] = n2;
+ points[1] = P; /* => -P */
+ scalars[2] = n1;
+ points[2] = Q; /* => infinity */
+ scalars[3] = n2;
+ points[3] = Q; /* => infinity */
+ scalars[4] = n1;
+ points[4] = P; /* => P */
+ scalars[5] = n2;
+ points[5] = Q; /* => infinity */
+ if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+ }
+ fprintf(stdout, "ok\n");
+
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ BN_free(n1);
+ BN_free(n2);
+ BN_free(order);
+ BN_CTX_free(ctx);
+}
+
+static void prime_field_tests(void)
+{
+ BN_CTX *ctx = NULL;
+ BIGNUM *p, *a, *b;
+ EC_GROUP *group;
+ EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 =
+ NULL, *P_384 = NULL, *P_521 = NULL;
+ EC_POINT *P, *Q, *R;
+ BIGNUM *x, *y, *z;
+ unsigned char buf[100];
+ size_t i, len;
+ int k;
+
+# if 1 /* optional */
+ ctx = BN_CTX_new();
+ if (!ctx)
+ ABORT;
+# endif
+
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ if (!p || !a || !b)
+ ABORT;
+
+ if (!BN_hex2bn(&p, "17"))
+ ABORT;
+ if (!BN_hex2bn(&a, "1"))
+ ABORT;
+ if (!BN_hex2bn(&b, "1"))
+ ABORT;
+
+ group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use
+ * EC_GROUP_new_curve_GFp so
+ * that the library gets to
+ * choose the EC_METHOD */
+ if (!group)
+ ABORT;
+
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ {
+ EC_GROUP *tmp;
+ tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+ if (!tmp)
+ ABORT;
+ if (!EC_GROUP_copy(tmp, group))
+ ABORT;
+ EC_GROUP_free(group);
+ group = tmp;
+ }
+
+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ fprintf(stdout,
+ "Curve defined by Weierstrass equation\n y^2 = x^3 + a*x + b (mod 0x");
+ BN_print_fp(stdout, p);
+ fprintf(stdout, ")\n a = 0x");
+ BN_print_fp(stdout, a);
+ fprintf(stdout, "\n b = 0x");
+ BN_print_fp(stdout, b);
+ fprintf(stdout, "\n");
+
+ P = EC_POINT_new(group);
+ Q = EC_POINT_new(group);
+ R = EC_POINT_new(group);
+ if (!P || !Q || !R)
+ ABORT;
+
+ if (!EC_POINT_set_to_infinity(group, P))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ buf[0] = 0;
+ if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
+ ABORT;
+
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ x = BN_new();
+ y = BN_new();
+ z = BN_new();
+ if (!x || !y || !z)
+ ABORT;
+
+ if (!BN_hex2bn(&x, "D"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
+ if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx))
+ ABORT;
+ fprintf(stderr, "Point is not on curve: x = 0x");
+ BN_print_fp(stderr, x);
+ fprintf(stderr, ", y = 0x");
+ BN_print_fp(stderr, y);
+ fprintf(stderr, "\n");
+ ABORT;
+ }
+
+ fprintf(stdout, "A cyclic subgroup:\n");
+ k = 100;
+ do {
+ if (k-- == 0)
+ ABORT;
+
+ if (EC_POINT_is_at_infinity(group, P))
+ fprintf(stdout, " point at infinity\n");
+ else {
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+
+ fprintf(stdout, " x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, ", y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ }
+
+ if (!EC_POINT_copy(R, P))
+ ABORT;
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+
+# if 0 /* optional */
+ {
+ EC_POINT *points[3];
+
+ points[0] = R;
+ points[1] = Q;
+ points[2] = P;
+ if (!EC_POINTs_make_affine(group, 2, points, ctx))
+ ABORT;
+ }
+# endif
+
+ }
+ while (!EC_POINT_is_at_infinity(group, P));
+
+ if (!EC_POINT_add(group, P, Q, R, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "Generator as octet string, compressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+ ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+ if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx))
+ ABORT;
+ fprintf(stdout,
+ "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n X = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, ", Y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, ", Z = 0x");
+ BN_print_fp(stdout, z);
+ fprintf(stdout, "\n");
+
+ if (!EC_POINT_invert(group, P, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+
+ /*
+ * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2,
+ * 2000) -- not a NIST curve, but commonly used
+ */
+
+ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82"))
+ ABORT;
+ if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32"))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 160)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_160, group))
+ ABORT;
+
+ /* Curve P-192 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-192 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 192)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_192, group))
+ ABORT;
+
+ /* Curve P-224 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn
+ (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn
+ (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))
+ ABORT;
+ if (!BN_hex2bn
+ (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn
+ (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!BN_hex2bn
+ (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn
+ (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 224)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_224, group))
+ ABORT;
+
+ /* Curve P-256 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn
+ (&p,
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn
+ (&a,
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn
+ (&b,
+ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn
+ (&x,
+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
+ "84F3B9CAC2FC632551"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn
+ (&z,
+ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 256)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_256, group))
+ ABORT;
+
+ /* Curve P-384 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
+ "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
+ "9859F741E082542A385502F25DBF55296C3A545E3872760AB7"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
+ "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 384)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_384, group))
+ ABORT;
+
+ /* Curve P-521 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
+ "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
+ "DF883D2C34F1EF451FD46B503F00"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
+ "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
+ "3C1856A429BF97E7E31C2E5BD66"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
+ "C9B8899C47AEBB6FB71E91386409"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-521 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
+ "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
+ "7086A272C24088BE94769FD16650"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 521)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_521, group))
+ ABORT;
+
+ /* more tests using the last curve */
+
+ if (!EC_POINT_copy(Q, P))
+ ABORT;
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ if (!EC_POINT_dbl(group, P, P, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!EC_POINT_invert(group, Q, ctx))
+ ABORT; /* P = -2Q */
+
+ if (!EC_POINT_add(group, R, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_add(group, R, R, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, R))
+ ABORT; /* R = P + 2Q */
+
+ {
+ const EC_POINT *points[4];
+ const BIGNUM *scalars[4];
+ BIGNUM scalar3;
+
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ points[0] = Q;
+ points[1] = Q;
+ points[2] = Q;
+ points[3] = Q;
+
+ if (!EC_GROUP_get_order(group, z, ctx))
+ ABORT;
+ if (!BN_add(y, z, BN_value_one()))
+ ABORT;
+ if (BN_is_odd(y))
+ ABORT;
+ if (!BN_rshift1(y, y))
+ ABORT;
+ scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
+ scalars[1] = y;
+
+ fprintf(stdout, "combined multiplication ...");
+ fflush(stdout);
+
+ /* z is still the group order */
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, R, Q, ctx))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
+ ABORT;
+ if (!BN_add(z, z, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = y;
+ scalars[1] = z; /* z = -(order + y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
+ ABORT;
+ if (!BN_add(z, x, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = x;
+ scalars[1] = y;
+ scalars[2] = z; /* z = -(x+y) */
+
+ BN_init(&scalar3);
+ BN_zero(&scalar3);
+ scalars[3] = &scalar3;
+
+ if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, " ok\n\n");
+
+ BN_free(&scalar3);
+ }
+
+# if 0
+ timings(P_160, TIMING_BASE_PT, ctx);
+ timings(P_160, TIMING_RAND_PT, ctx);
+ timings(P_160, TIMING_SIMUL, ctx);
+ timings(P_192, TIMING_BASE_PT, ctx);
+ timings(P_192, TIMING_RAND_PT, ctx);
+ timings(P_192, TIMING_SIMUL, ctx);
+ timings(P_224, TIMING_BASE_PT, ctx);
+ timings(P_224, TIMING_RAND_PT, ctx);
+ timings(P_224, TIMING_SIMUL, ctx);
+ timings(P_256, TIMING_BASE_PT, ctx);
+ timings(P_256, TIMING_RAND_PT, ctx);
+ timings(P_256, TIMING_SIMUL, ctx);
+ timings(P_384, TIMING_BASE_PT, ctx);
+ timings(P_384, TIMING_RAND_PT, ctx);
+ timings(P_384, TIMING_SIMUL, ctx);
+ timings(P_521, TIMING_BASE_PT, ctx);
+ timings(P_521, TIMING_RAND_PT, ctx);
+ timings(P_521, TIMING_SIMUL, ctx);
+# endif
+
+ if (ctx)
+ BN_CTX_free(ctx);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ EC_GROUP_free(group);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(R);
+ BN_free(x);
+ BN_free(y);
+ BN_free(z);
+
+ if (P_160)
+ EC_GROUP_free(P_160);
+ if (P_192)
+ EC_GROUP_free(P_192);
+ if (P_224)
+ EC_GROUP_free(P_224);
+ if (P_256)
+ EC_GROUP_free(P_256);
+ if (P_384)
+ EC_GROUP_free(P_384);
+ if (P_521)
+ EC_GROUP_free(P_521);
+
+}
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ if (!BN_hex2bn(&x, _x)) ABORT; \
+ if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \
+ if (!BN_hex2bn(&z, _order)) ABORT; \
+ if (!BN_hex2bn(&cof, _cof)) ABORT; \
+ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
+ fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
+ BN_print_fp(stdout, x); \
+ fprintf(stdout, "\n y = 0x"); \
+ BN_print_fp(stdout, y); \
+ fprintf(stdout, "\n"); \
+ /* G_y value taken from the standard: */ \
+ if (!BN_hex2bn(&z, _y)) ABORT; \
+ if (0 != BN_cmp(y, z)) ABORT;
+# else
+# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ if (!BN_hex2bn(&x, _x)) ABORT; \
+ if (!BN_hex2bn(&y, _y)) ABORT; \
+ if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \
+ if (!BN_hex2bn(&z, _order)) ABORT; \
+ if (!BN_hex2bn(&cof, _cof)) ABORT; \
+ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
+ fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
+ BN_print_fp(stdout, x); \
+ fprintf(stdout, "\n y = 0x"); \
+ BN_print_fp(stdout, y); \
+ fprintf(stdout, "\n");
+# endif
+
+# define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ if (!BN_hex2bn(&p, _p)) ABORT; \
+ if (!BN_hex2bn(&a, _a)) ABORT; \
+ if (!BN_hex2bn(&b, _b)) ABORT; \
+ if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \
+ CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ fprintf(stdout, "verify degree ..."); \
+ if (EC_GROUP_get_degree(group) != _degree) ABORT; \
+ fprintf(stdout, " ok\n"); \
+ group_order_tests(group); \
+ if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
+ if (!EC_GROUP_copy(_variable, group)) ABORT; \
+
+# ifndef OPENSSL_NO_EC2M
+
+static void char2_field_tests(void)
+{
+ BN_CTX *ctx = NULL;
+ BIGNUM *p, *a, *b;
+ EC_GROUP *group;
+ EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 =
+ NULL, *C2_K571 = NULL;
+ EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 =
+ NULL, *C2_B571 = NULL;
+ EC_POINT *P, *Q, *R;
+ BIGNUM *x, *y, *z, *cof;
+ unsigned char buf[100];
+ size_t i, len;
+ int k;
+
+# if 1 /* optional */
+ ctx = BN_CTX_new();
+ if (!ctx)
+ ABORT;
+# endif
+
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ if (!p || !a || !b)
+ ABORT;
+
+ if (!BN_hex2bn(&p, "13"))
+ ABORT;
+ if (!BN_hex2bn(&a, "3"))
+ ABORT;
+ if (!BN_hex2bn(&b, "1"))
+ ABORT;
+
+ group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use
+ * EC_GROUP_new_curve_GF2m
+ * so that the library gets
+ * to choose the EC_METHOD */
+ if (!group)
+ ABORT;
+ if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx))
+ ABORT;
+
+ {
+ EC_GROUP *tmp;
+ tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+ if (!tmp)
+ ABORT;
+ if (!EC_GROUP_copy(tmp, group))
+ ABORT;
+ EC_GROUP_free(group);
+ group = tmp;
+ }
+
+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx))
+ ABORT;
+
+ fprintf(stdout,
+ "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x");
+ BN_print_fp(stdout, p);
+ fprintf(stdout, ")\n a = 0x");
+ BN_print_fp(stdout, a);
+ fprintf(stdout, "\n b = 0x");
+ BN_print_fp(stdout, b);
+ fprintf(stdout, "\n(0x... means binary polynomial)\n");
+
+ P = EC_POINT_new(group);
+ Q = EC_POINT_new(group);
+ R = EC_POINT_new(group);
+ if (!P || !Q || !R)
+ ABORT;
+
+ if (!EC_POINT_set_to_infinity(group, P))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ buf[0] = 0;
+ if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
+ ABORT;
+
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ x = BN_new();
+ y = BN_new();
+ z = BN_new();
+ cof = BN_new();
+ if (!x || !y || !z || !cof)
+ ABORT;
+
+ if (!BN_hex2bn(&x, "6"))
+ ABORT;
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx))
+ ABORT;
+# else
+ if (!BN_hex2bn(&y, "8"))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
+ ABORT;
+# endif
+ if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
+ ABORT;
+# endif
+ fprintf(stderr, "Point is not on curve: x = 0x");
+ BN_print_fp(stderr, x);
+ fprintf(stderr, ", y = 0x");
+ BN_print_fp(stderr, y);
+ fprintf(stderr, "\n");
+ ABORT;
+ }
+
+ fprintf(stdout, "A cyclic subgroup:\n");
+ k = 100;
+ do {
+ if (k-- == 0)
+ ABORT;
+
+ if (EC_POINT_is_at_infinity(group, P))
+ fprintf(stdout, " point at infinity\n");
+ else {
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx))
+ ABORT;
+
+ fprintf(stdout, " x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, ", y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ }
+
+ if (!EC_POINT_copy(R, P))
+ ABORT;
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+ }
+ while (!EC_POINT_is_at_infinity(group, P));
+
+ if (!EC_POINT_add(group, P, Q, R, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "Generator as octet string, compressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+# endif
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+ ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+# endif
+
+ fprintf(stdout, "\n");
+
+ if (!EC_POINT_invert(group, P, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+
+ /* Curve K-163 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-163",
+ "0800000000000000000000000000000000000000C9",
+ "1",
+ "1",
+ "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
+ "0289070FB05D38FF58321F2E800536D538CCDAA3D9",
+ 1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163, C2_K163);
+
+ /* Curve B-163 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-163",
+ "0800000000000000000000000000000000000000C9",
+ "1",
+ "020A601907B8C953CA1481EB10512F78744A3205FD",
+ "03F0EBA16286A2D57EA0991168D4994637E8343E36",
+ "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
+ 1, "040000000000000000000292FE77E70C12A4234C33", "2", 163, C2_B163);
+
+ /* Curve K-233 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-233",
+ "020000000000000000000000000000000000000004000000000000000001",
+ "0",
+ "1",
+ "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
+ "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
+ 0,
+ "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
+ "4", 233, C2_K233);
+
+ /* Curve B-233 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-233",
+ "020000000000000000000000000000000000000004000000000000000001",
+ "000000000000000000000000000000000000000000000000000000000001",
+ "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
+ "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
+ "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
+ 1,
+ "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
+ "2", 233, C2_B233);
+
+ /* Curve K-283 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-283",
+ "0800000000000000000000000000000000000000000000000000000000000000000010A1",
+ "0",
+ "1",
+ "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
+ "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
+ 0,
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
+ "4", 283, C2_K283);
+
+ /* Curve B-283 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-283",
+ "0800000000000000000000000000000000000000000000000000000000000000000010A1",
+ "000000000000000000000000000000000000000000000000000000000000000000000001",
+ "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
+ "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
+ "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
+ 1,
+ "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
+ "2", 283, C2_B283);
+
+ /* Curve K-409 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-409",
+ "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
+ "0",
+ "1",
+ "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
+ "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
+ 1,
+ "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
+ "4", 409, C2_K409);
+
+ /* Curve B-409 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-409",
+ "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
+ "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+ "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
+ "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
+ "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
+ 1,
+ "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
+ "2", 409, C2_B409);
+
+ /* Curve K-571 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-571",
+ "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
+ "0",
+ "1",
+ "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
+ "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
+ 0,
+ "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
+ "4", 571, C2_K571);
+
+ /* Curve B-571 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-571",
+ "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
+ "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+ "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
+ "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
+ "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
+ 1,
+ "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
+ "2", 571, C2_B571);
+
+ /* more tests using the last curve */
+
+ if (!EC_POINT_copy(Q, P))
+ ABORT;
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ if (!EC_POINT_dbl(group, P, P, ctx))
+ ABORT;
+ if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
+ ABORT;
+ if (!EC_POINT_invert(group, Q, ctx))
+ ABORT; /* P = -2Q */
+
+ if (!EC_POINT_add(group, R, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_add(group, R, R, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, R))
+ ABORT; /* R = P + 2Q */
+
+ {
+ const EC_POINT *points[3];
+ const BIGNUM *scalars[3];
+
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ points[0] = Q;
+ points[1] = Q;
+ points[2] = Q;
+
+ if (!BN_add(y, z, BN_value_one()))
+ ABORT;
+ if (BN_is_odd(y))
+ ABORT;
+ if (!BN_rshift1(y, y))
+ ABORT;
+ scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
+ scalars[1] = y;
+
+ fprintf(stdout, "combined multiplication ...");
+ fflush(stdout);
+
+ /* z is still the group order */
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, R, Q, ctx))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
+ ABORT;
+ if (!BN_add(z, z, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = y;
+ scalars[1] = z; /* z = -(order + y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
+ ABORT;
+ if (!BN_add(z, x, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = x;
+ scalars[1] = y;
+ scalars[2] = z; /* z = -(x+y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, " ok\n\n");
+ }
+
+# if 0
+ timings(C2_K163, TIMING_BASE_PT, ctx);
+ timings(C2_K163, TIMING_RAND_PT, ctx);
+ timings(C2_K163, TIMING_SIMUL, ctx);
+ timings(C2_B163, TIMING_BASE_PT, ctx);
+ timings(C2_B163, TIMING_RAND_PT, ctx);
+ timings(C2_B163, TIMING_SIMUL, ctx);
+ timings(C2_K233, TIMING_BASE_PT, ctx);
+ timings(C2_K233, TIMING_RAND_PT, ctx);
+ timings(C2_K233, TIMING_SIMUL, ctx);
+ timings(C2_B233, TIMING_BASE_PT, ctx);
+ timings(C2_B233, TIMING_RAND_PT, ctx);
+ timings(C2_B233, TIMING_SIMUL, ctx);
+ timings(C2_K283, TIMING_BASE_PT, ctx);
+ timings(C2_K283, TIMING_RAND_PT, ctx);
+ timings(C2_K283, TIMING_SIMUL, ctx);
+ timings(C2_B283, TIMING_BASE_PT, ctx);
+ timings(C2_B283, TIMING_RAND_PT, ctx);
+ timings(C2_B283, TIMING_SIMUL, ctx);
+ timings(C2_K409, TIMING_BASE_PT, ctx);
+ timings(C2_K409, TIMING_RAND_PT, ctx);
+ timings(C2_K409, TIMING_SIMUL, ctx);
+ timings(C2_B409, TIMING_BASE_PT, ctx);
+ timings(C2_B409, TIMING_RAND_PT, ctx);
+ timings(C2_B409, TIMING_SIMUL, ctx);
+ timings(C2_K571, TIMING_BASE_PT, ctx);
+ timings(C2_K571, TIMING_RAND_PT, ctx);
+ timings(C2_K571, TIMING_SIMUL, ctx);
+ timings(C2_B571, TIMING_BASE_PT, ctx);
+ timings(C2_B571, TIMING_RAND_PT, ctx);
+ timings(C2_B571, TIMING_SIMUL, ctx);
+# endif
+
+ if (ctx)
+ BN_CTX_free(ctx);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ EC_GROUP_free(group);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(R);
+ BN_free(x);
+ BN_free(y);
+ BN_free(z);
+ BN_free(cof);
+
+ if (C2_K163)
+ EC_GROUP_free(C2_K163);
+ if (C2_B163)
+ EC_GROUP_free(C2_B163);
+ if (C2_K233)
+ EC_GROUP_free(C2_K233);
+ if (C2_B233)
+ EC_GROUP_free(C2_B233);
+ if (C2_K283)
+ EC_GROUP_free(C2_K283);
+ if (C2_B283)
+ EC_GROUP_free(C2_B283);
+ if (C2_K409)
+ EC_GROUP_free(C2_K409);
+ if (C2_B409)
+ EC_GROUP_free(C2_B409);
+ if (C2_K571)
+ EC_GROUP_free(C2_K571);
+ if (C2_B571)
+ EC_GROUP_free(C2_B571);
+
+}
+# endif
+
+static void internal_curve_test(void)
+{
+ EC_builtin_curve *curves = NULL;
+ size_t crv_len = 0, n = 0;
+ int ok = 1;
+
+ crv_len = EC_get_builtin_curves(NULL, 0);
+
+ curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
+
+ if (curves == NULL)
+ return;
+
+ if (!EC_get_builtin_curves(curves, crv_len)) {
+ OPENSSL_free(curves);
+ return;
+ }
+
+ fprintf(stdout, "testing internal curves: ");
+
+ for (n = 0; n < crv_len; n++) {
+ EC_GROUP *group = NULL;
+ int nid = curves[n].nid;
+ if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) {
+ ok = 0;
+ fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
+ " curve %s\n", OBJ_nid2sn(nid));
+ /* try next curve */
+ continue;
+ }
+ if (!EC_GROUP_check(group, NULL)) {
+ ok = 0;
+ fprintf(stdout, "\nEC_GROUP_check() failed with"
+ " curve %s\n", OBJ_nid2sn(nid));
+ EC_GROUP_free(group);
+ /* try the next curve */
+ continue;
+ }
+ fprintf(stdout, ".");
+ fflush(stdout);
+ EC_GROUP_free(group);
+ }
+ if (ok)
+ fprintf(stdout, " ok\n\n");
+ else {
+ fprintf(stdout, " failed\n\n");
+ ABORT;
+ }
+ OPENSSL_free(curves);
+ return;
+}
+
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/*
+ * nistp_test_params contains magic numbers for testing our optimized
+ * implementations of several NIST curves with characteristic > 3.
+ */
+struct nistp_test_params {
+ const EC_METHOD *(*meth) ();
+ int degree;
+ /*
+ * Qx, Qy and D are taken from
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
+ * Otherwise, values are standard curve parameters from FIPS 180-3
+ */
+ const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
+};
+
+static const struct nistp_test_params nistp_tests_params[] = {
+ {
+ /* P-224 */
+ EC_GFp_nistp224_method,
+ 224,
+ /* p */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
+ /* a */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
+ /* b */
+ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
+ /* Qx */
+ "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E",
+ /* Qy */
+ "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555",
+ /* Gx */
+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
+ /* Gy */
+ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
+ /* order */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
+ /* d */
+ "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8",
+ },
+ {
+ /* P-256 */
+ EC_GFp_nistp256_method,
+ 256,
+ /* p */
+ "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
+ /* a */
+ "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
+ /* b */
+ "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
+ /* Qx */
+ "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19",
+ /* Qy */
+ "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09",
+ /* Gx */
+ "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
+ /* Gy */
+ "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
+ /* order */
+ "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
+ /* d */
+ "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96",
+ },
+ {
+ /* P-521 */
+ EC_GFp_nistp521_method,
+ 521,
+ /* p */
+ "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+ /* a */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
+ /* b */
+ "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
+ /* Qx */
+ "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4",
+ /* Qy */
+ "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e",
+ /* Gx */
+ "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
+ /* Gy */
+ "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
+ /* order */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
+ /* d */
+ "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722",
+ },
+};
+
+static void nistp_single_test(const struct nistp_test_params *test)
+{
+ BN_CTX *ctx;
+ BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
+ EC_GROUP *NISTP;
+ EC_POINT *G, *P, *Q, *Q_CHECK;
+
+ fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n",
+ test->degree);
+ ctx = BN_CTX_new();
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ x = BN_new();
+ y = BN_new();
+ m = BN_new();
+ n = BN_new();
+ order = BN_new();
+
+ NISTP = EC_GROUP_new(test->meth());
+ if (!NISTP)
+ ABORT;
+ if (!BN_hex2bn(&p, test->p))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, test->a))
+ ABORT;
+ if (!BN_hex2bn(&b, test->b))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx))
+ ABORT;
+ G = EC_POINT_new(NISTP);
+ P = EC_POINT_new(NISTP);
+ Q = EC_POINT_new(NISTP);
+ Q_CHECK = EC_POINT_new(NISTP);
+ if (!BN_hex2bn(&x, test->Qx))
+ ABORT;
+ if (!BN_hex2bn(&y, test->Qy))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx))
+ ABORT;
+ if (!BN_hex2bn(&x, test->Gx))
+ ABORT;
+ if (!BN_hex2bn(&y, test->Gy))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx))
+ ABORT;
+ if (!BN_hex2bn(&order, test->order))
+ ABORT;
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+ ABORT;
+
+ fprintf(stdout, "verify degree ... ");
+ if (EC_GROUP_get_degree(NISTP) != test->degree)
+ ABORT;
+ fprintf(stdout, "ok\n");
+
+ fprintf(stdout, "NIST test vectors ... ");
+ if (!BN_hex2bn(&n, test->d))
+ ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* set generator to P = 2*G, where G is the standard generator */
+ if (!EC_POINT_dbl(NISTP, P, G, ctx))
+ ABORT;
+ if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
+ ABORT;
+ /* set the scalar to m=n/2, where n is the NIST test scalar */
+ if (!BN_rshift(m, n, 1))
+ ABORT;
+
+ /* test the non-standard generator */
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* now repeat all tests with precomputation */
+ if (!EC_GROUP_precompute_mult(NISTP, ctx))
+ ABORT;
+
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* reset generator */
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+ ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ fprintf(stdout, "ok\n");
+ group_order_tests(NISTP);
+# if 0
+ timings(NISTP, TIMING_BASE_PT, ctx);
+ timings(NISTP, TIMING_RAND_PT, ctx);
+# endif
+ EC_GROUP_free(NISTP);
+ EC_POINT_free(G);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(Q_CHECK);
+ BN_free(n);
+ BN_free(m);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ BN_free(x);
+ BN_free(y);
+ BN_free(order);
+ BN_CTX_free(ctx);
+}
+
+static void nistp_tests()
+{
+ unsigned i;
+
+ for (i = 0;
+ i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params);
+ i++) {
+ nistp_single_test(&nistp_tests_params[i]);
+ }
+}
+# endif
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+{
+
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+ && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ } else {
+ /* OPENSSL_DEBUG_MEMORY=off */
+ CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+ }
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+ ERR_load_crypto_strings();
+
+ RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+
+ prime_field_tests();
+ puts("");
+# ifndef OPENSSL_NO_EC2M
+ char2_field_tests();
+# endif
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ nistp_tests();
+# endif
+ /* test the internal curves */
+ internal_curve_test();
+
+# ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+# endif
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+ ERR_remove_thread_state(NULL);
+ CRYPTO_mem_leaks_fp(stderr);
+
+ return 0;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/engine/eng_all.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,139 +0,0 @@
-/* crypto/engine/eng_all.c -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "eng_int.h"
-
-void ENGINE_load_builtin_engines(void)
-{
- /* Some ENGINEs need this */
- OPENSSL_cpuid_setup();
-#if 0
- /*
- * There's no longer any need for an "openssl" ENGINE unless, one day, it
- * is the *only* way for standard builtin implementations to be be
- * accessed (ie. it would be possible to statically link binaries with
- * *no* builtin implementations).
- */
- ENGINE_load_openssl();
-#endif
-#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
- ENGINE_load_cryptodev();
-#endif
-#ifndef OPENSSL_NO_RSAX
- ENGINE_load_rsax();
-#endif
-#ifndef OPENSSL_NO_RDRAND
- ENGINE_load_rdrand();
-#endif
- ENGINE_load_dynamic();
-#ifndef OPENSSL_NO_STATIC_ENGINE
-# ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_4758_CCA
- ENGINE_load_4758cca();
-# endif
-# ifndef OPENSSL_NO_HW_AEP
- ENGINE_load_aep();
-# endif
-# ifndef OPENSSL_NO_HW_ATALLA
- ENGINE_load_atalla();
-# endif
-# ifndef OPENSSL_NO_HW_CSWIFT
- ENGINE_load_cswift();
-# endif
-# ifndef OPENSSL_NO_HW_NCIPHER
- ENGINE_load_chil();
-# endif
-# ifndef OPENSSL_NO_HW_NURON
- ENGINE_load_nuron();
-# endif
-# ifndef OPENSSL_NO_HW_SUREWARE
- ENGINE_load_sureware();
-# endif
-# ifndef OPENSSL_NO_HW_UBSEC
- ENGINE_load_ubsec();
-# endif
-# ifndef OPENSSL_NO_HW_PADLOCK
- ENGINE_load_padlock();
-# endif
-# endif
-# ifndef OPENSSL_NO_GOST
- ENGINE_load_gost();
-# endif
-# ifndef OPENSSL_NO_GMP
- ENGINE_load_gmp();
-# endif
-# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
- ENGINE_load_capi();
-# endif
-#endif
- ENGINE_register_all_complete();
-}
-
-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
-void ENGINE_setup_bsd_cryptodev(void)
-{
- static int bsd_cryptodev_default_loaded = 0;
- if (!bsd_cryptodev_default_loaded) {
- ENGINE_load_cryptodev();
- ENGINE_register_all_complete();
- }
- bsd_cryptodev_default_loaded = 1;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c (from rev 11605, vendor-crypto/openssl/dist/crypto/engine/eng_all.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/engine/eng_all.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,139 @@
+/* crypto/engine/eng_all.c */
+/*
+ * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "eng_int.h"
+
+void ENGINE_load_builtin_engines(void)
+{
+ /* Some ENGINEs need this */
+ OPENSSL_cpuid_setup();
+#if 0
+ /*
+ * There's no longer any need for an "openssl" ENGINE unless, one day, it
+ * is the *only* way for standard builtin implementations to be be
+ * accessed (ie. it would be possible to statically link binaries with
+ * *no* builtin implementations).
+ */
+ ENGINE_load_openssl();
+#endif
+#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
+ ENGINE_load_cryptodev();
+#endif
+#ifndef OPENSSL_NO_RSAX
+ ENGINE_load_rsax();
+#endif
+#ifndef OPENSSL_NO_RDRAND
+ ENGINE_load_rdrand();
+#endif
+ ENGINE_load_dynamic();
+#ifndef OPENSSL_NO_STATIC_ENGINE
+# ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_4758_CCA
+ ENGINE_load_4758cca();
+# endif
+# ifndef OPENSSL_NO_HW_AEP
+ ENGINE_load_aep();
+# endif
+# ifndef OPENSSL_NO_HW_ATALLA
+ ENGINE_load_atalla();
+# endif
+# ifndef OPENSSL_NO_HW_CSWIFT
+ ENGINE_load_cswift();
+# endif
+# ifndef OPENSSL_NO_HW_NCIPHER
+ ENGINE_load_chil();
+# endif
+# ifndef OPENSSL_NO_HW_NURON
+ ENGINE_load_nuron();
+# endif
+# ifndef OPENSSL_NO_HW_SUREWARE
+ ENGINE_load_sureware();
+# endif
+# ifndef OPENSSL_NO_HW_UBSEC
+ ENGINE_load_ubsec();
+# endif
+# ifndef OPENSSL_NO_HW_PADLOCK
+ ENGINE_load_padlock();
+# endif
+# endif
+# ifndef OPENSSL_NO_GOST
+ ENGINE_load_gost();
+# endif
+# ifndef OPENSSL_NO_GMP
+ ENGINE_load_gmp();
+# endif
+# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
+ ENGINE_load_capi();
+# endif
+#endif
+ ENGINE_register_all_complete();
+}
+
+#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
+void ENGINE_setup_bsd_cryptodev(void)
+{
+ static int bsd_cryptodev_default_loaded = 0;
+ if (!bsd_cryptodev_default_loaded) {
+ ENGINE_load_cryptodev();
+ ENGINE_register_all_complete();
+ }
+ bsd_cryptodev_default_loaded = 1;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/Makefile 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,778 +0,0 @@
-#
-# OpenSSL/crypto/evp/Makefile
-#
-
-DIR= evp
-TOP= ../..
-CC= cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=evp_test.c evp_extra_test.c
-TESTDATA=evptests.txt
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
- e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
- e_rc4.c e_aes.c names.c e_seed.c \
- e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
- m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
- m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
- p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
- bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
- c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
- evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
- e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \
- e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
-
-LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
- e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
- e_rc4.o e_aes.o names.o e_seed.o \
- e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
- m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
- m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
- p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
- bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
- c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
- evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
- e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o evp_fips.o \
- e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= evp.h
-HEADER= evp_locl.h $(EXHEADER)
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all: lib
-
-lib: $(LIBOBJ)
- $(AR) $(LIB) $(LIBOBJ)
- $(RANLIB) $(LIB) || echo Never mind.
- @touch lib
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
- @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
- @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- @[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
- @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-update: depend
-
-depend:
- @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
-bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
-bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
-bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
-bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_md.o: ../cryptlib.h bio_md.c
-bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
-c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-c_all.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-c_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-c_all.o: ../cryptlib.h c_all.c
-c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-c_allc.o: ../cryptlib.h c_allc.c
-c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-c_alld.o: ../cryptlib.h c_alld.c
-digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-digest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-digest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-digest.o: ../cryptlib.h digest.c
-e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
-e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h e_aes_cbc_hmac_sha1.c
-e_aes_cbc_hmac_sha1.o: evp_locl.h
-e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
-e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
-e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
-e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_camellia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_camellia.o: ../../include/openssl/opensslconf.h
-e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_camellia.o: ../../include/openssl/symhacks.h e_camellia.c evp_locl.h
-e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
-e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
-e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
-e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h
-e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_null.o: ../cryptlib.h e_null.c
-e_old.o: e_old.c
-e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
-e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
-e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
-e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
-e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
-e_rc4_hmac_md5.o: ../../include/openssl/objects.h
-e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
-e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
-e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
-e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
-e_rc4_hmac_md5.o: ../../include/openssl/stack.h
-e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
-e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
-e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c
-e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
-e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_seed.o: e_seed.c evp_locl.h
-e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
-e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
-e_xcbc_d.o: evp_locl.h
-encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-encode.o: ../cryptlib.h encode.c
-evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_acnf.o: ../../include/openssl/opensslconf.h
-evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
-evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_cnf.o: ../../include/openssl/x509v3.h ../cryptlib.h evp_cnf.c
-evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_enc.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_enc.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
-evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_err.o: ../../include/openssl/symhacks.h evp_err.c
-evp_fips.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_fips.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_fips.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
-evp_fips.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_fips.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_fips.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_fips.o: ../../include/openssl/symhacks.h evp_fips.c
-evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c
-evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
-evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h evp_pbe.c
-evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pkey.o: ../../include/openssl/opensslconf.h
-evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
-m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss.o: ../cryptlib.h m_dss.c
-m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../cryptlib.h m_dss1.c
-m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
-m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_ecdsa.o: ../cryptlib.h m_ecdsa.c
-m_md2.o: ../../e_os.h ../../include/openssl/bio.h
-m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c
-m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h
-m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md4.c
-m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h
-m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md5.c
-m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_mdc2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
-m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_mdc2.c
-m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c
-m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
-m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_ripemd.o: ../../include/openssl/opensslconf.h
-m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
-m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
-m_ripemd.o: m_ripemd.c
-m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
-m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha1.o: ../cryptlib.h m_sha1.c
-m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
-m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_sigver.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_sigver.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_sigver.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_sigver.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sigver.o: ../../include/openssl/opensslconf.h
-m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
-m_sigver.o: m_sigver.c
-m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_wp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_wp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_wp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_wp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_wp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_wp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h
-m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_wp.o: ../cryptlib.h evp_locl.h m_wp.c
-names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c
-p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
-p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_crpt.o: ../cryptlib.h p5_crpt.c
-p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
-p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
-p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
-p5_crpt2.o: p5_crpt2.c
-p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
-p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
-p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c
-p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_open.o: ../cryptlib.h p_open.c
-p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
-p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c
-p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
-p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_verify.o: ../../include/openssl/opensslconf.h
-p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
-pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h
-pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-pmeth_fn.o: pmeth_fn.c
-pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h
-pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pmeth_gn.o: ../../include/openssl/opensslconf.h
-pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-pmeth_gn.o: pmeth_gn.c
-pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pmeth_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pmeth_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pmeth_lib.o: ../../include/openssl/objects.h
-pmeth_lib.o: ../../include/openssl/opensslconf.h
-pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pmeth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pmeth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pmeth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pmeth_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
-pmeth_lib.o: evp_locl.h pmeth_lib.c
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/Makefile)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,778 @@
+#
+# OpenSSL/crypto/evp/Makefile
+#
+
+DIR= evp
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=evp_test.c evp_extra_test.c
+TESTDATA=evptests.txt
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
+ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
+ e_rc4.c e_aes.c names.c e_seed.c \
+ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+ m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
+ m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
+ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
+ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
+ c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
+ evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
+ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \
+ e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
+
+LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
+ e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
+ e_rc4.o e_aes.o names.o e_seed.o \
+ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+ m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
+ m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
+ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
+ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
+ c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
+ evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
+ e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o evp_fips.o \
+ e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER= evp_locl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+ @touch lib
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+ @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+ @[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
+ @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+ @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+update: depend
+
+depend:
+ @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+ $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
+bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
+bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_md.o: ../cryptlib.h bio_md.c
+bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
+c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+c_all.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+c_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+c_all.o: ../cryptlib.h c_all.c
+c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+c_allc.o: ../cryptlib.h c_allc.c
+c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+c_alld.o: ../cryptlib.h c_alld.c
+digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+digest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+digest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+digest.o: ../cryptlib.h digest.c
+e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
+e_aes_cbc_hmac_sha1.o: ../../e_os.h ../../include/openssl/aes.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c evp_locl.h
+e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
+e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
+e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_camellia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_camellia.o: ../../include/openssl/opensslconf.h
+e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_camellia.o: ../../include/openssl/symhacks.h e_camellia.c evp_locl.h
+e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
+e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
+e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
+e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h
+e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_null.o: ../cryptlib.h e_null.c
+e_old.o: e_old.c
+e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
+e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
+e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
+e_rc4_hmac_md5.o: ../../include/openssl/objects.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
+e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
+e_rc4_hmac_md5.o: ../../include/openssl/stack.h
+e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
+e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
+e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c
+e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_seed.o: e_seed.c evp_locl.h
+e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
+e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
+e_xcbc_d.o: evp_locl.h
+encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+encode.o: ../cryptlib.h encode.c
+evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_acnf.o: ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
+evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_cnf.o: ../../include/openssl/x509v3.h ../cryptlib.h evp_cnf.c
+evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_enc.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+evp_enc.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
+evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_err.o: ../../include/openssl/symhacks.h evp_err.c
+evp_fips.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_fips.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_fips.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
+evp_fips.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_fips.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_fips.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_fips.o: ../../include/openssl/symhacks.h evp_fips.c
+evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
+evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c
+evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
+evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h evp_pbe.c
+evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_pkey.o: ../../include/openssl/opensslconf.h
+evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
+m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss.o: ../cryptlib.h m_dss.c
+m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss1.o: ../cryptlib.h m_dss1.c
+m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_ecdsa.o: ../cryptlib.h m_ecdsa.c
+m_md2.o: ../../e_os.h ../../include/openssl/bio.h
+m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c
+m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h
+m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md4.c
+m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h
+m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_mdc2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
+m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_mdc2.c
+m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c
+m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_ripemd.o: ../../include/openssl/opensslconf.h
+m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
+m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_ripemd.o: m_ripemd.c
+m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
+m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
+m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_sigver.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+m_sigver.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+m_sigver.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sigver.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sigver.o: ../../include/openssl/opensslconf.h
+m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_sigver.o: m_sigver.c
+m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_wp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_wp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_wp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_wp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_wp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_wp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h
+m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_wp.o: ../cryptlib.h evp_locl.h m_wp.c
+names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c
+p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_crpt.o: ../cryptlib.h p5_crpt.c
+p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+p5_crpt2.o: p5_crpt2.c
+p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
+p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
+p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c
+p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_open.o: ../cryptlib.h p_open.c
+p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
+p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c
+p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_verify.o: ../../include/openssl/opensslconf.h
+p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
+pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_fn.o: pmeth_fn.c
+pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pmeth_gn.o: ../../include/openssl/opensslconf.h
+pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_gn.o: pmeth_gn.c
+pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+pmeth_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_lib.o: ../../include/openssl/objects.h
+pmeth_lib.o: ../../include/openssl/opensslconf.h
+pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pmeth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pmeth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pmeth_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pmeth_lib.o: evp_locl.h pmeth_lib.c
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/bio_ok.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,624 +0,0 @@
-/* crypto/evp/bio_ok.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
- From: Arne Ansper <arne at cyber.ee>
-
- Why BIO_f_reliable?
-
- I wrote function which took BIO* as argument, read data from it
- and processed it. Then I wanted to store the input file in
- encrypted form. OK I pushed BIO_f_cipher to the BIO stack
- and everything was OK. BUT if user types wrong password
- BIO_f_cipher outputs only garbage and my function crashes. Yes
- I can and I should fix my function, but BIO_f_cipher is
- easy way to add encryption support to many existing applications
- and it's hard to debug and fix them all.
-
- So I wanted another BIO which would catch the incorrect passwords and
- file damages which cause garbage on BIO_f_cipher's output.
-
- The easy way is to push the BIO_f_md and save the checksum at
- the end of the file. However there are several problems with this
- approach:
-
- 1) you must somehow separate checksum from actual data.
- 2) you need lot's of memory when reading the file, because you
- must read to the end of the file and verify the checksum before
- letting the application to read the data.
-
- BIO_f_reliable tries to solve both problems, so that you can
- read and write arbitrary long streams using only fixed amount
- of memory.
-
- BIO_f_reliable splits data stream into blocks. Each block is prefixed
- with it's length and suffixed with it's digest. So you need only
- several Kbytes of memory to buffer single block before verifying
- it's digest.
-
- BIO_f_reliable goes further and adds several important capabilities:
-
- 1) the digest of the block is computed over the whole stream
- -- so nobody can rearrange the blocks or remove or replace them.
-
- 2) to detect invalid passwords right at the start BIO_f_reliable
- adds special prefix to the stream. In order to avoid known plain-text
- attacks this prefix is generated as follows:
-
- *) digest is initialized with random seed instead of
- standardized one.
- *) same seed is written to output
- *) well-known text is then hashed and the output
- of the digest is also written to output.
-
- reader can now read the seed from stream, hash the same string
- and then compare the digest output.
-
- Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
- initially wrote and tested this code on x86 machine and wrote the
- digests out in machine-dependent order :( There are people using
- this code and I cannot change this easily without making existing
- data files unreadable.
-
-*/
-
-#include <stdio.h>
-#include <errno.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-
-static int ok_write(BIO *h, const char *buf, int num);
-static int ok_read(BIO *h, char *buf, int size);
-static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ok_new(BIO *h);
-static int ok_free(BIO *data);
-static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static int sig_out(BIO *b);
-static int sig_in(BIO *b);
-static int block_out(BIO *b);
-static int block_in(BIO *b);
-#define OK_BLOCK_SIZE (1024*4)
-#define OK_BLOCK_BLOCK 4
-#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
-#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
-
-typedef struct ok_struct {
- size_t buf_len;
- size_t buf_off;
- size_t buf_len_save;
- size_t buf_off_save;
- int cont; /* <= 0 when finished */
- int finished;
- EVP_MD_CTX md;
- int blockout; /* output block is ready */
- int sigio; /* must process signature */
- unsigned char buf[IOBS];
-} BIO_OK_CTX;
-
-static BIO_METHOD methods_ok = {
- BIO_TYPE_CIPHER, "reliable",
- ok_write,
- ok_read,
- NULL, /* ok_puts, */
- NULL, /* ok_gets, */
- ok_ctrl,
- ok_new,
- ok_free,
- ok_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_reliable(void)
-{
- return (&methods_ok);
-}
-
-static int ok_new(BIO *bi)
-{
- BIO_OK_CTX *ctx;
-
- ctx = (BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX));
- if (ctx == NULL)
- return (0);
-
- ctx->buf_len = 0;
- ctx->buf_off = 0;
- ctx->buf_len_save = 0;
- ctx->buf_off_save = 0;
- ctx->cont = 1;
- ctx->finished = 0;
- ctx->blockout = 0;
- ctx->sigio = 1;
-
- EVP_MD_CTX_init(&ctx->md);
-
- bi->init = 0;
- bi->ptr = (char *)ctx;
- bi->flags = 0;
- return (1);
-}
-
-static int ok_free(BIO *a)
-{
- if (a == NULL)
- return (0);
- EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
- OPENSSL_cleanse(a->ptr, sizeof(BIO_OK_CTX));
- OPENSSL_free(a->ptr);
- a->ptr = NULL;
- a->init = 0;
- a->flags = 0;
- return (1);
-}
-
-static int ok_read(BIO *b, char *out, int outl)
-{
- int ret = 0, i, n;
- BIO_OK_CTX *ctx;
-
- if (out == NULL)
- return (0);
- ctx = (BIO_OK_CTX *)b->ptr;
-
- if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
- return (0);
-
- while (outl > 0) {
-
- /* copy clean bytes to output buffer */
- if (ctx->blockout) {
- i = ctx->buf_len - ctx->buf_off;
- if (i > outl)
- i = outl;
- memcpy(out, &(ctx->buf[ctx->buf_off]), i);
- ret += i;
- out += i;
- outl -= i;
- ctx->buf_off += i;
-
- /* all clean bytes are out */
- if (ctx->buf_len == ctx->buf_off) {
- ctx->buf_off = 0;
-
- /*
- * copy start of the next block into proper place
- */
- if (ctx->buf_len_save - ctx->buf_off_save > 0) {
- ctx->buf_len = ctx->buf_len_save - ctx->buf_off_save;
- memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
- ctx->buf_len);
- } else {
- ctx->buf_len = 0;
- }
- ctx->blockout = 0;
- }
- }
-
- /* output buffer full -- cancel */
- if (outl == 0)
- break;
-
- /* no clean bytes in buffer -- fill it */
- n = IOBS - ctx->buf_len;
- i = BIO_read(b->next_bio, &(ctx->buf[ctx->buf_len]), n);
-
- if (i <= 0)
- break; /* nothing new */
-
- ctx->buf_len += i;
-
- /* no signature yet -- check if we got one */
- if (ctx->sigio == 1) {
- if (!sig_in(b)) {
- BIO_clear_retry_flags(b);
- return 0;
- }
- }
-
- /* signature ok -- check if we got block */
- if (ctx->sigio == 0) {
- if (!block_in(b)) {
- BIO_clear_retry_flags(b);
- return 0;
- }
- }
-
- /* invalid block -- cancel */
- if (ctx->cont <= 0)
- break;
-
- }
-
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return (ret);
-}
-
-static int ok_write(BIO *b, const char *in, int inl)
-{
- int ret = 0, n, i;
- BIO_OK_CTX *ctx;
-
- if (inl <= 0)
- return inl;
-
- ctx = (BIO_OK_CTX *)b->ptr;
- ret = inl;
-
- if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
- return (0);
-
- if (ctx->sigio && !sig_out(b))
- return 0;
-
- do {
- BIO_clear_retry_flags(b);
- n = ctx->buf_len - ctx->buf_off;
- while (ctx->blockout && n > 0) {
- i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
- if (i <= 0) {
- BIO_copy_next_retry(b);
- if (!BIO_should_retry(b))
- ctx->cont = 0;
- return (i);
- }
- ctx->buf_off += i;
- n -= i;
- }
-
- /* at this point all pending data has been written */
- ctx->blockout = 0;
- if (ctx->buf_len == ctx->buf_off) {
- ctx->buf_len = OK_BLOCK_BLOCK;
- ctx->buf_off = 0;
- }
-
- if ((in == NULL) || (inl <= 0))
- return (0);
-
- n = (inl + ctx->buf_len > OK_BLOCK_SIZE + OK_BLOCK_BLOCK) ?
- (int)(OK_BLOCK_SIZE + OK_BLOCK_BLOCK - ctx->buf_len) : inl;
-
- memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),
- (unsigned char *)in, n);
- ctx->buf_len += n;
- inl -= n;
- in += n;
-
- if (ctx->buf_len >= OK_BLOCK_SIZE + OK_BLOCK_BLOCK) {
- if (!block_out(b)) {
- BIO_clear_retry_flags(b);
- return 0;
- }
- }
- } while (inl > 0);
-
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return (ret);
-}
-
-static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
- BIO_OK_CTX *ctx;
- EVP_MD *md;
- const EVP_MD **ppmd;
- long ret = 1;
- int i;
-
- ctx = b->ptr;
-
- switch (cmd) {
- case BIO_CTRL_RESET:
- ctx->buf_len = 0;
- ctx->buf_off = 0;
- ctx->buf_len_save = 0;
- ctx->buf_off_save = 0;
- ctx->cont = 1;
- ctx->finished = 0;
- ctx->blockout = 0;
- ctx->sigio = 1;
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- case BIO_CTRL_EOF: /* More to read */
- if (ctx->cont <= 0)
- ret = 1;
- else
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- case BIO_CTRL_PENDING: /* More to read in buffer */
- case BIO_CTRL_WPENDING: /* More to read in buffer */
- ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0;
- if (ret <= 0)
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- case BIO_CTRL_FLUSH:
- /* do a final write */
- if (ctx->blockout == 0)
- if (!block_out(b))
- return 0;
-
- while (ctx->blockout) {
- i = ok_write(b, NULL, 0);
- if (i < 0) {
- ret = i;
- break;
- }
- }
-
- ctx->finished = 1;
- ctx->buf_off = ctx->buf_len = 0;
- ctx->cont = (int)ret;
-
- /* Finally flush the underlying BIO */
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_CTRL_INFO:
- ret = (long)ctx->cont;
- break;
- case BIO_C_SET_MD:
- md = ptr;
- if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
- return 0;
- b->init = 1;
- break;
- case BIO_C_GET_MD:
- if (b->init) {
- ppmd = ptr;
- *ppmd = ctx->md.digest;
- } else
- ret = 0;
- break;
- default:
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- break;
- }
- return (ret);
-}
-
-static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
- long ret = 1;
-
- if (b->next_bio == NULL)
- return (0);
- switch (cmd) {
- default:
- ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
- break;
- }
- return (ret);
-}
-
-static void longswap(void *_ptr, size_t len)
-{
- const union {
- long one;
- char little;
- } is_endian = {
- 1
- };
-
- if (is_endian.little) {
- size_t i;
- unsigned char *p = _ptr, c;
-
- for (i = 0; i < len; i += 4) {
- c = p[0], p[0] = p[3], p[3] = c;
- c = p[1], p[1] = p[2], p[2] = c;
- }
- }
-}
-
-static int sig_out(BIO *b)
-{
- BIO_OK_CTX *ctx;
- EVP_MD_CTX *md;
-
- ctx = b->ptr;
- md = &ctx->md;
-
- if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE)
- return 1;
-
- if (!EVP_DigestInit_ex(md, md->digest, NULL))
- goto berr;
- /*
- * FIXME: there's absolutely no guarantee this makes any sense at all,
- * particularly now EVP_MD_CTX has been restructured.
- */
- if (RAND_pseudo_bytes(md->md_data, md->digest->md_size) < 0)
- goto berr;
- memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
- longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
- ctx->buf_len += md->digest->md_size;
-
- if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
- goto berr;
- if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
- goto berr;
- ctx->buf_len += md->digest->md_size;
- ctx->blockout = 1;
- ctx->sigio = 0;
- return 1;
- berr:
- BIO_clear_retry_flags(b);
- return 0;
-}
-
-static int sig_in(BIO *b)
-{
- BIO_OK_CTX *ctx;
- EVP_MD_CTX *md;
- unsigned char tmp[EVP_MAX_MD_SIZE];
- int ret = 0;
-
- ctx = b->ptr;
- md = &ctx->md;
-
- if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
- return 1;
-
- if (!EVP_DigestInit_ex(md, md->digest, NULL))
- goto berr;
- memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
- longswap(md->md_data, md->digest->md_size);
- ctx->buf_off += md->digest->md_size;
-
- if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
- goto berr;
- if (!EVP_DigestFinal_ex(md, tmp, NULL))
- goto berr;
- ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
- ctx->buf_off += md->digest->md_size;
- if (ret == 1) {
- ctx->sigio = 0;
- if (ctx->buf_len != ctx->buf_off) {
- memmove(ctx->buf, &(ctx->buf[ctx->buf_off]),
- ctx->buf_len - ctx->buf_off);
- }
- ctx->buf_len -= ctx->buf_off;
- ctx->buf_off = 0;
- } else {
- ctx->cont = 0;
- }
- return 1;
- berr:
- BIO_clear_retry_flags(b);
- return 0;
-}
-
-static int block_out(BIO *b)
-{
- BIO_OK_CTX *ctx;
- EVP_MD_CTX *md;
- unsigned long tl;
-
- ctx = b->ptr;
- md = &ctx->md;
-
- tl = ctx->buf_len - OK_BLOCK_BLOCK;
- ctx->buf[0] = (unsigned char)(tl >> 24);
- ctx->buf[1] = (unsigned char)(tl >> 16);
- ctx->buf[2] = (unsigned char)(tl >> 8);
- ctx->buf[3] = (unsigned char)(tl);
- if (!EVP_DigestUpdate(md,
- (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
- goto berr;
- if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
- goto berr;
- ctx->buf_len += md->digest->md_size;
- ctx->blockout = 1;
- return 1;
- berr:
- BIO_clear_retry_flags(b);
- return 0;
-}
-
-static int block_in(BIO *b)
-{
- BIO_OK_CTX *ctx;
- EVP_MD_CTX *md;
- unsigned long tl = 0;
- unsigned char tmp[EVP_MAX_MD_SIZE];
-
- ctx = b->ptr;
- md = &ctx->md;
-
- assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
- tl = ctx->buf[0];
- tl <<= 8;
- tl |= ctx->buf[1];
- tl <<= 8;
- tl |= ctx->buf[2];
- tl <<= 8;
- tl |= ctx->buf[3];
-
- if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size)
- return 1;
-
- if (!EVP_DigestUpdate(md,
- (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
- goto berr;
- if (!EVP_DigestFinal_ex(md, tmp, NULL))
- goto berr;
- if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) ==
- 0) {
- /* there might be parts from next block lurking around ! */
- ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size;
- ctx->buf_len_save = ctx->buf_len;
- ctx->buf_off = OK_BLOCK_BLOCK;
- ctx->buf_len = tl + OK_BLOCK_BLOCK;
- ctx->blockout = 1;
- } else {
- ctx->cont = 0;
- }
- return 1;
- berr:
- BIO_clear_retry_flags(b);
- return 0;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/bio_ok.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/bio_ok.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,624 @@
+/* crypto/evp/bio_ok.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+ From: Arne Ansper <arne at cyber.ee>
+
+ Why BIO_f_reliable?
+
+ I wrote function which took BIO* as argument, read data from it
+ and processed it. Then I wanted to store the input file in
+ encrypted form. OK I pushed BIO_f_cipher to the BIO stack
+ and everything was OK. BUT if user types wrong password
+ BIO_f_cipher outputs only garbage and my function crashes. Yes
+ I can and I should fix my function, but BIO_f_cipher is
+ easy way to add encryption support to many existing applications
+ and it's hard to debug and fix them all.
+
+ So I wanted another BIO which would catch the incorrect passwords and
+ file damages which cause garbage on BIO_f_cipher's output.
+
+ The easy way is to push the BIO_f_md and save the checksum at
+ the end of the file. However there are several problems with this
+ approach:
+
+ 1) you must somehow separate checksum from actual data.
+ 2) you need lot's of memory when reading the file, because you
+ must read to the end of the file and verify the checksum before
+ letting the application to read the data.
+
+ BIO_f_reliable tries to solve both problems, so that you can
+ read and write arbitrary long streams using only fixed amount
+ of memory.
+
+ BIO_f_reliable splits data stream into blocks. Each block is prefixed
+ with it's length and suffixed with it's digest. So you need only
+ several Kbytes of memory to buffer single block before verifying
+ it's digest.
+
+ BIO_f_reliable goes further and adds several important capabilities:
+
+ 1) the digest of the block is computed over the whole stream
+ -- so nobody can rearrange the blocks or remove or replace them.
+
+ 2) to detect invalid passwords right at the start BIO_f_reliable
+ adds special prefix to the stream. In order to avoid known plain-text
+ attacks this prefix is generated as follows:
+
+ *) digest is initialized with random seed instead of
+ standardized one.
+ *) same seed is written to output
+ *) well-known text is then hashed and the output
+ of the digest is also written to output.
+
+ reader can now read the seed from stream, hash the same string
+ and then compare the digest output.
+
+ Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
+ initially wrote and tested this code on x86 machine and wrote the
+ digests out in machine-dependent order :( There are people using
+ this code and I cannot change this easily without making existing
+ data files unreadable.
+
+*/
+
+#include <stdio.h>
+#include <errno.h>
+#include <assert.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
+static int ok_write(BIO *h, const char *buf, int num);
+static int ok_read(BIO *h, char *buf, int size);
+static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int ok_new(BIO *h);
+static int ok_free(BIO *data);
+static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+static int sig_out(BIO *b);
+static int sig_in(BIO *b);
+static int block_out(BIO *b);
+static int block_in(BIO *b);
+#define OK_BLOCK_SIZE (1024*4)
+#define OK_BLOCK_BLOCK 4
+#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
+#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
+
+typedef struct ok_struct {
+ size_t buf_len;
+ size_t buf_off;
+ size_t buf_len_save;
+ size_t buf_off_save;
+ int cont; /* <= 0 when finished */
+ int finished;
+ EVP_MD_CTX md;
+ int blockout; /* output block is ready */
+ int sigio; /* must process signature */
+ unsigned char buf[IOBS];
+} BIO_OK_CTX;
+
+static BIO_METHOD methods_ok = {
+ BIO_TYPE_CIPHER, "reliable",
+ ok_write,
+ ok_read,
+ NULL, /* ok_puts, */
+ NULL, /* ok_gets, */
+ ok_ctrl,
+ ok_new,
+ ok_free,
+ ok_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_reliable(void)
+{
+ return (&methods_ok);
+}
+
+static int ok_new(BIO *bi)
+{
+ BIO_OK_CTX *ctx;
+
+ ctx = (BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX));
+ if (ctx == NULL)
+ return (0);
+
+ ctx->buf_len = 0;
+ ctx->buf_off = 0;
+ ctx->buf_len_save = 0;
+ ctx->buf_off_save = 0;
+ ctx->cont = 1;
+ ctx->finished = 0;
+ ctx->blockout = 0;
+ ctx->sigio = 1;
+
+ EVP_MD_CTX_init(&ctx->md);
+
+ bi->init = 0;
+ bi->ptr = (char *)ctx;
+ bi->flags = 0;
+ return (1);
+}
+
+static int ok_free(BIO *a)
+{
+ if (a == NULL)
+ return (0);
+ EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
+ OPENSSL_cleanse(a->ptr, sizeof(BIO_OK_CTX));
+ OPENSSL_free(a->ptr);
+ a->ptr = NULL;
+ a->init = 0;
+ a->flags = 0;
+ return (1);
+}
+
+static int ok_read(BIO *b, char *out, int outl)
+{
+ int ret = 0, i, n;
+ BIO_OK_CTX *ctx;
+
+ if (out == NULL)
+ return (0);
+ ctx = (BIO_OK_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
+ return (0);
+
+ while (outl > 0) {
+
+ /* copy clean bytes to output buffer */
+ if (ctx->blockout) {
+ i = ctx->buf_len - ctx->buf_off;
+ if (i > outl)
+ i = outl;
+ memcpy(out, &(ctx->buf[ctx->buf_off]), i);
+ ret += i;
+ out += i;
+ outl -= i;
+ ctx->buf_off += i;
+
+ /* all clean bytes are out */
+ if (ctx->buf_len == ctx->buf_off) {
+ ctx->buf_off = 0;
+
+ /*
+ * copy start of the next block into proper place
+ */
+ if (ctx->buf_len_save - ctx->buf_off_save > 0) {
+ ctx->buf_len = ctx->buf_len_save - ctx->buf_off_save;
+ memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
+ ctx->buf_len);
+ } else {
+ ctx->buf_len = 0;
+ }
+ ctx->blockout = 0;
+ }
+ }
+
+ /* output buffer full -- cancel */
+ if (outl == 0)
+ break;
+
+ /* no clean bytes in buffer -- fill it */
+ n = IOBS - ctx->buf_len;
+ i = BIO_read(b->next_bio, &(ctx->buf[ctx->buf_len]), n);
+
+ if (i <= 0)
+ break; /* nothing new */
+
+ ctx->buf_len += i;
+
+ /* no signature yet -- check if we got one */
+ if (ctx->sigio == 1) {
+ if (!sig_in(b)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
+
+ /* signature ok -- check if we got block */
+ if (ctx->sigio == 0) {
+ if (!block_in(b)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
+
+ /* invalid block -- cancel */
+ if (ctx->cont <= 0)
+ break;
+
+ }
+
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return (ret);
+}
+
+static int ok_write(BIO *b, const char *in, int inl)
+{
+ int ret = 0, n, i;
+ BIO_OK_CTX *ctx;
+
+ if (inl <= 0)
+ return inl;
+
+ ctx = (BIO_OK_CTX *)b->ptr;
+ ret = inl;
+
+ if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
+ return (0);
+
+ if (ctx->sigio && !sig_out(b))
+ return 0;
+
+ do {
+ BIO_clear_retry_flags(b);
+ n = ctx->buf_len - ctx->buf_off;
+ while (ctx->blockout && n > 0) {
+ i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
+ if (i <= 0) {
+ BIO_copy_next_retry(b);
+ if (!BIO_should_retry(b))
+ ctx->cont = 0;
+ return (i);
+ }
+ ctx->buf_off += i;
+ n -= i;
+ }
+
+ /* at this point all pending data has been written */
+ ctx->blockout = 0;
+ if (ctx->buf_len == ctx->buf_off) {
+ ctx->buf_len = OK_BLOCK_BLOCK;
+ ctx->buf_off = 0;
+ }
+
+ if ((in == NULL) || (inl <= 0))
+ return (0);
+
+ n = (inl + ctx->buf_len > OK_BLOCK_SIZE + OK_BLOCK_BLOCK) ?
+ (int)(OK_BLOCK_SIZE + OK_BLOCK_BLOCK - ctx->buf_len) : inl;
+
+ memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),
+ (unsigned char *)in, n);
+ ctx->buf_len += n;
+ inl -= n;
+ in += n;
+
+ if (ctx->buf_len >= OK_BLOCK_SIZE + OK_BLOCK_BLOCK) {
+ if (!block_out(b)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
+ } while (inl > 0);
+
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return (ret);
+}
+
+static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ BIO_OK_CTX *ctx;
+ EVP_MD *md;
+ const EVP_MD **ppmd;
+ long ret = 1;
+ int i;
+
+ ctx = b->ptr;
+
+ switch (cmd) {
+ case BIO_CTRL_RESET:
+ ctx->buf_len = 0;
+ ctx->buf_off = 0;
+ ctx->buf_len_save = 0;
+ ctx->buf_off_save = 0;
+ ctx->cont = 1;
+ ctx->finished = 0;
+ ctx->blockout = 0;
+ ctx->sigio = 1;
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ case BIO_CTRL_EOF: /* More to read */
+ if (ctx->cont <= 0)
+ ret = 1;
+ else
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ case BIO_CTRL_PENDING: /* More to read in buffer */
+ case BIO_CTRL_WPENDING: /* More to read in buffer */
+ ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0;
+ if (ret <= 0)
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ case BIO_CTRL_FLUSH:
+ /* do a final write */
+ if (ctx->blockout == 0)
+ if (!block_out(b))
+ return 0;
+
+ while (ctx->blockout) {
+ i = ok_write(b, NULL, 0);
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+ }
+
+ ctx->finished = 1;
+ ctx->buf_off = ctx->buf_len = 0;
+ ctx->cont = (int)ret;
+
+ /* Finally flush the underlying BIO */
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_INFO:
+ ret = (long)ctx->cont;
+ break;
+ case BIO_C_SET_MD:
+ md = ptr;
+ if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+ return 0;
+ b->init = 1;
+ break;
+ case BIO_C_GET_MD:
+ if (b->init) {
+ ppmd = ptr;
+ *ppmd = ctx->md.digest;
+ } else
+ ret = 0;
+ break;
+ default:
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
+ }
+ return (ret);
+}
+
+static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+ long ret = 1;
+
+ if (b->next_bio == NULL)
+ return (0);
+ switch (cmd) {
+ default:
+ ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+ break;
+ }
+ return (ret);
+}
+
+static void longswap(void *_ptr, size_t len)
+{
+ const union {
+ long one;
+ char little;
+ } is_endian = {
+ 1
+ };
+
+ if (is_endian.little) {
+ size_t i;
+ unsigned char *p = _ptr, c;
+
+ for (i = 0; i < len; i += 4) {
+ c = p[0], p[0] = p[3], p[3] = c;
+ c = p[1], p[1] = p[2], p[2] = c;
+ }
+ }
+}
+
+static int sig_out(BIO *b)
+{
+ BIO_OK_CTX *ctx;
+ EVP_MD_CTX *md;
+
+ ctx = b->ptr;
+ md = &ctx->md;
+
+ if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE)
+ return 1;
+
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
+ /*
+ * FIXME: there's absolutely no guarantee this makes any sense at all,
+ * particularly now EVP_MD_CTX has been restructured.
+ */
+ if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
+ goto berr;
+ memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
+ longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
+ ctx->buf_len += md->digest->md_size;
+
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
+ ctx->buf_len += md->digest->md_size;
+ ctx->blockout = 1;
+ ctx->sigio = 0;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
+}
+
+static int sig_in(BIO *b)
+{
+ BIO_OK_CTX *ctx;
+ EVP_MD_CTX *md;
+ unsigned char tmp[EVP_MAX_MD_SIZE];
+ int ret = 0;
+
+ ctx = b->ptr;
+ md = &ctx->md;
+
+ if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
+ return 1;
+
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
+ memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
+ longswap(md->md_data, md->digest->md_size);
+ ctx->buf_off += md->digest->md_size;
+
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
+ ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
+ ctx->buf_off += md->digest->md_size;
+ if (ret == 1) {
+ ctx->sigio = 0;
+ if (ctx->buf_len != ctx->buf_off) {
+ memmove(ctx->buf, &(ctx->buf[ctx->buf_off]),
+ ctx->buf_len - ctx->buf_off);
+ }
+ ctx->buf_len -= ctx->buf_off;
+ ctx->buf_off = 0;
+ } else {
+ ctx->cont = 0;
+ }
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
+}
+
+static int block_out(BIO *b)
+{
+ BIO_OK_CTX *ctx;
+ EVP_MD_CTX *md;
+ unsigned long tl;
+
+ ctx = b->ptr;
+ md = &ctx->md;
+
+ tl = ctx->buf_len - OK_BLOCK_BLOCK;
+ ctx->buf[0] = (unsigned char)(tl >> 24);
+ ctx->buf[1] = (unsigned char)(tl >> 16);
+ ctx->buf[2] = (unsigned char)(tl >> 8);
+ ctx->buf[3] = (unsigned char)(tl);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
+ ctx->buf_len += md->digest->md_size;
+ ctx->blockout = 1;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
+}
+
+static int block_in(BIO *b)
+{
+ BIO_OK_CTX *ctx;
+ EVP_MD_CTX *md;
+ unsigned long tl = 0;
+ unsigned char tmp[EVP_MAX_MD_SIZE];
+
+ ctx = b->ptr;
+ md = &ctx->md;
+
+ assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
+ tl = ctx->buf[0];
+ tl <<= 8;
+ tl |= ctx->buf[1];
+ tl <<= 8;
+ tl |= ctx->buf[2];
+ tl <<= 8;
+ tl |= ctx->buf[3];
+
+ if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size)
+ return 1;
+
+ if (!EVP_DigestUpdate(md,
+ (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
+ if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) ==
+ 0) {
+ /* there might be parts from next block lurking around ! */
+ ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size;
+ ctx->buf_len_save = ctx->buf_len;
+ ctx->buf_off = OK_BLOCK_BLOCK;
+ ctx->buf_len = tl + OK_BLOCK_BLOCK;
+ ctx->blockout = 1;
+ } else {
+ ctx->cont = 0;
+ }
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/digest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,394 +0,0 @@
-/* crypto/evp/digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
-{
- memset(ctx, '\0', sizeof *ctx);
-}
-
-EVP_MD_CTX *EVP_MD_CTX_create(void)
-{
- EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
-
- if (ctx)
- EVP_MD_CTX_init(ctx);
-
- return ctx;
-}
-
-int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
-{
- EVP_MD_CTX_init(ctx);
- return EVP_DigestInit_ex(ctx, type, NULL);
-}
-
-int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
-{
- EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-#ifndef OPENSSL_NO_ENGINE
- /*
- * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
- * this context may already have an ENGINE! Try to avoid releasing the
- * previous handle, re-querying for an ENGINE, and having a
- * reinitialisation, when it may all be unecessary.
- */
- if (ctx->engine && ctx->digest && (!type ||
- (type
- && (type->type ==
- ctx->digest->type))))
- goto skip_to_init;
- if (type) {
- /*
- * Ensure an ENGINE left lying around from last time is cleared (the
- * previous check attempted to avoid this if the same ENGINE and
- * EVP_MD could be used).
- */
- if (ctx->engine)
- ENGINE_finish(ctx->engine);
- if (impl) {
- if (!ENGINE_init(impl)) {
- EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
- return 0;
- }
- } else
- /* Ask if an ENGINE is reserved for this job */
- impl = ENGINE_get_digest_engine(type->type);
- if (impl) {
- /* There's an ENGINE for this job ... (apparently) */
- const EVP_MD *d = ENGINE_get_digest(impl, type->type);
- if (!d) {
- /* Same comment from evp_enc.c */
- EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
- ENGINE_finish(impl);
- return 0;
- }
- /* We'll use the ENGINE's private digest definition */
- type = d;
- /*
- * Store the ENGINE functional reference so we know 'type' came
- * from an ENGINE and we need to release it when done.
- */
- ctx->engine = impl;
- } else
- ctx->engine = NULL;
- } else {
- if (!ctx->digest) {
- EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
- return 0;
- }
- type = ctx->digest;
- }
-#endif
- if (ctx->digest != type) {
- if (ctx->digest && ctx->digest->ctx_size)
- OPENSSL_free(ctx->md_data);
- ctx->digest = type;
- if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
- ctx->update = type->update;
- ctx->md_data = OPENSSL_malloc(type->ctx_size);
- if (ctx->md_data == NULL) {
- EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- }
-#ifndef OPENSSL_NO_ENGINE
- skip_to_init:
-#endif
- if (ctx->pctx) {
- int r;
- r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
- EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
- if (r <= 0 && (r != -2))
- return 0;
- }
- if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
- return 1;
-#ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- if (FIPS_digestinit(ctx, type))
- return 1;
- OPENSSL_free(ctx->md_data);
- ctx->md_data = NULL;
- return 0;
- }
-#endif
- return ctx->digest->init(ctx);
-}
-
-int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-#ifdef OPENSSL_FIPS
- return FIPS_digestupdate(ctx, data, count);
-#else
- return ctx->update(ctx, data, count);
-#endif
-}
-
-/* The caller can assume that this removes any secret data from the context */
-int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-{
- int ret;
- ret = EVP_DigestFinal_ex(ctx, md, size);
- EVP_MD_CTX_cleanup(ctx);
- return ret;
-}
-
-/* The caller can assume that this removes any secret data from the context */
-int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-{
-#ifdef OPENSSL_FIPS
- return FIPS_digestfinal(ctx, md, size);
-#else
- int ret;
-
- OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
- ret = ctx->digest->final(ctx, md);
- if (size != NULL)
- *size = ctx->digest->md_size;
- if (ctx->digest->cleanup) {
- ctx->digest->cleanup(ctx);
- EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
- }
- memset(ctx->md_data, 0, ctx->digest->ctx_size);
- return ret;
-#endif
-}
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
- EVP_MD_CTX_init(out);
- return EVP_MD_CTX_copy_ex(out, in);
-}
-
-int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
- unsigned char *tmp_buf;
- if ((in == NULL) || (in->digest == NULL)) {
- EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
- return 0;
- }
-#ifndef OPENSSL_NO_ENGINE
- /* Make sure it's safe to copy a digest context using an ENGINE */
- if (in->engine && !ENGINE_init(in->engine)) {
- EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
- return 0;
- }
-#endif
-
- if (out->digest == in->digest) {
- tmp_buf = out->md_data;
- EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
- } else
- tmp_buf = NULL;
- EVP_MD_CTX_cleanup(out);
- memcpy(out, in, sizeof *out);
-
- if (in->md_data && out->digest->ctx_size) {
- if (tmp_buf)
- out->md_data = tmp_buf;
- else {
- out->md_data = OPENSSL_malloc(out->digest->ctx_size);
- if (!out->md_data) {
- EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- memcpy(out->md_data, in->md_data, out->digest->ctx_size);
- }
-
- out->update = in->update;
-
- if (in->pctx) {
- out->pctx = EVP_PKEY_CTX_dup(in->pctx);
- if (!out->pctx) {
- EVP_MD_CTX_cleanup(out);
- return 0;
- }
- }
-
- if (out->digest->copy)
- return out->digest->copy(out, in);
-
- return 1;
-}
-
-int EVP_Digest(const void *data, size_t count,
- unsigned char *md, unsigned int *size, const EVP_MD *type,
- ENGINE *impl)
-{
- EVP_MD_CTX ctx;
- int ret;
-
- EVP_MD_CTX_init(&ctx);
- EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
- ret = EVP_DigestInit_ex(&ctx, type, impl)
- && EVP_DigestUpdate(&ctx, data, count)
- && EVP_DigestFinal_ex(&ctx, md, size);
- EVP_MD_CTX_cleanup(&ctx);
-
- return ret;
-}
-
-void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
-{
- if (ctx) {
- EVP_MD_CTX_cleanup(ctx);
- OPENSSL_free(ctx);
- }
-}
-
-/* This call frees resources associated with the context */
-int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
-{
-#ifndef OPENSSL_FIPS
- /*
- * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
- * sometimes only copies of the context are ever finalised.
- */
- if (ctx->digest && ctx->digest->cleanup
- && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
- ctx->digest->cleanup(ctx);
- if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
- && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
- OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
- OPENSSL_free(ctx->md_data);
- }
-#endif
- if (ctx->pctx)
- EVP_PKEY_CTX_free(ctx->pctx);
-#ifndef OPENSSL_NO_ENGINE
- if (ctx->engine)
- /*
- * The EVP_MD we used belongs to an ENGINE, release the functional
- * reference we held for this reason.
- */
- ENGINE_finish(ctx->engine);
-#endif
-#ifdef OPENSSL_FIPS
- FIPS_md_ctx_cleanup(ctx);
-#endif
- memset(ctx, '\0', sizeof *ctx);
-
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/digest.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/digest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,396 @@
+/* crypto/evp/digest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+{
+ memset(ctx, '\0', sizeof *ctx);
+}
+
+EVP_MD_CTX *EVP_MD_CTX_create(void)
+{
+ EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+
+ if (ctx)
+ EVP_MD_CTX_init(ctx);
+
+ return ctx;
+}
+
+int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+{
+ EVP_MD_CTX_init(ctx);
+ return EVP_DigestInit_ex(ctx, type, NULL);
+}
+
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
+{
+ EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
+#ifndef OPENSSL_NO_ENGINE
+ /*
+ * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
+ * this context may already have an ENGINE! Try to avoid releasing the
+ * previous handle, re-querying for an ENGINE, and having a
+ * reinitialisation, when it may all be unecessary.
+ */
+ if (ctx->engine && ctx->digest && (!type ||
+ (type
+ && (type->type ==
+ ctx->digest->type))))
+ goto skip_to_init;
+ if (type) {
+ /*
+ * Ensure an ENGINE left lying around from last time is cleared (the
+ * previous check attempted to avoid this if the same ENGINE and
+ * EVP_MD could be used).
+ */
+ if (ctx->engine)
+ ENGINE_finish(ctx->engine);
+ if (impl) {
+ if (!ENGINE_init(impl)) {
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ } else
+ /* Ask if an ENGINE is reserved for this job */
+ impl = ENGINE_get_digest_engine(type->type);
+ if (impl) {
+ /* There's an ENGINE for this job ... (apparently) */
+ const EVP_MD *d = ENGINE_get_digest(impl, type->type);
+ if (!d) {
+ /* Same comment from evp_enc.c */
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ ENGINE_finish(impl);
+ return 0;
+ }
+ /* We'll use the ENGINE's private digest definition */
+ type = d;
+ /*
+ * Store the ENGINE functional reference so we know 'type' came
+ * from an ENGINE and we need to release it when done.
+ */
+ ctx->engine = impl;
+ } else
+ ctx->engine = NULL;
+ } else {
+ if (!ctx->digest) {
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
+ return 0;
+ }
+ type = ctx->digest;
+ }
+#endif
+ if (ctx->digest != type) {
+ if (ctx->digest && ctx->digest->ctx_size) {
+ OPENSSL_free(ctx->md_data);
+ ctx->md_data = NULL;
+ }
+ ctx->digest = type;
+ if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
+ ctx->update = type->update;
+ ctx->md_data = OPENSSL_malloc(type->ctx_size);
+ if (ctx->md_data == NULL) {
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+ }
+#ifndef OPENSSL_NO_ENGINE
+ skip_to_init:
+#endif
+ if (ctx->pctx) {
+ int r;
+ r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
+ EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
+ if (r <= 0 && (r != -2))
+ return 0;
+ }
+ if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
+ return 1;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode()) {
+ if (FIPS_digestinit(ctx, type))
+ return 1;
+ OPENSSL_free(ctx->md_data);
+ ctx->md_data = NULL;
+ return 0;
+ }
+#endif
+ return ctx->digest->init(ctx);
+}
+
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_digestupdate(ctx, data, count);
+#endif
+ return ctx->update(ctx, data, count);
+}
+
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+{
+ int ret;
+ ret = EVP_DigestFinal_ex(ctx, md, size);
+ EVP_MD_CTX_cleanup(ctx);
+ return ret;
+}
+
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+{
+ int ret;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_digestfinal(ctx, md, size);
+#endif
+
+ OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
+ ret = ctx->digest->final(ctx, md);
+ if (size != NULL)
+ *size = ctx->digest->md_size;
+ if (ctx->digest->cleanup) {
+ ctx->digest->cleanup(ctx);
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
+ }
+ OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+ return ret;
+}
+
+int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+{
+ EVP_MD_CTX_init(out);
+ return EVP_MD_CTX_copy_ex(out, in);
+}
+
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+{
+ unsigned char *tmp_buf;
+ if ((in == NULL) || (in->digest == NULL)) {
+ EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
+ return 0;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ /* Make sure it's safe to copy a digest context using an ENGINE */
+ if (in->engine && !ENGINE_init(in->engine)) {
+ EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
+ return 0;
+ }
+#endif
+
+ if (out->digest == in->digest) {
+ tmp_buf = out->md_data;
+ EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
+ } else
+ tmp_buf = NULL;
+ EVP_MD_CTX_cleanup(out);
+ memcpy(out, in, sizeof *out);
+
+ if (in->md_data && out->digest->ctx_size) {
+ if (tmp_buf)
+ out->md_data = tmp_buf;
+ else {
+ out->md_data = OPENSSL_malloc(out->digest->ctx_size);
+ if (!out->md_data) {
+ EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+ memcpy(out->md_data, in->md_data, out->digest->ctx_size);
+ }
+
+ out->update = in->update;
+
+ if (in->pctx) {
+ out->pctx = EVP_PKEY_CTX_dup(in->pctx);
+ if (!out->pctx) {
+ EVP_MD_CTX_cleanup(out);
+ return 0;
+ }
+ }
+
+ if (out->digest->copy)
+ return out->digest->copy(out, in);
+
+ return 1;
+}
+
+int EVP_Digest(const void *data, size_t count,
+ unsigned char *md, unsigned int *size, const EVP_MD *type,
+ ENGINE *impl)
+{
+ EVP_MD_CTX ctx;
+ int ret;
+
+ EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ ret = EVP_DigestInit_ex(&ctx, type, impl)
+ && EVP_DigestUpdate(&ctx, data, count)
+ && EVP_DigestFinal_ex(&ctx, md, size);
+ EVP_MD_CTX_cleanup(&ctx);
+
+ return ret;
+}
+
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
+{
+ if (ctx) {
+ EVP_MD_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
+}
+
+/* This call frees resources associated with the context */
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+{
+#ifndef OPENSSL_FIPS
+ /*
+ * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
+ * sometimes only copies of the context are ever finalised.
+ */
+ if (ctx->digest && ctx->digest->cleanup
+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
+ ctx->digest->cleanup(ctx);
+ if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
+ OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+ OPENSSL_free(ctx->md_data);
+ }
+#endif
+ if (ctx->pctx)
+ EVP_PKEY_CTX_free(ctx->pctx);
+#ifndef OPENSSL_NO_ENGINE
+ if (ctx->engine)
+ /*
+ * The EVP_MD we used belongs to an ENGINE, release the functional
+ * reference we held for this reason.
+ */
+ ENGINE_finish(ctx->engine);
+#endif
+#ifdef OPENSSL_FIPS
+ FIPS_md_ctx_cleanup(ctx);
+#endif
+ memset(ctx, '\0', sizeof *ctx);
+
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/e_aes_cbc_hmac_sha1.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,599 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <string.h>
-
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/aes.h>
-# include <openssl/sha.h>
-# include "evp_locl.h"
-
-# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
-# define EVP_CTRL_AEAD_TLS1_AAD 0x16
-# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
-# endif
-
-# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-# endif
-
-# define TLS1_1_VERSION 0x0302
-
-typedef struct {
- AES_KEY ks;
- SHA_CTX head, tail, md;
- size_t payload_length; /* AAD length in decrypt case */
- union {
- unsigned int tls_ver;
- unsigned char tls_aad[16]; /* 13 used */
- } aux;
-} EVP_AES_HMAC_SHA1;
-
-# define NO_PAYLOAD_LENGTH ((size_t)-1)
-
-# if defined(AES_ASM) && ( \
- defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_AMD64) || defined(_M_X64) || \
- defined(__INTEL__) )
-
-# if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
-# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
-# endif
-
-extern unsigned int OPENSSL_ia32cap_P[2];
-# define AESNI_CAPABLE (1<<(57-32))
-
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
- AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
- AES_KEY *key);
-
-void aesni_cbc_encrypt(const unsigned char *in,
- unsigned char *out,
- size_t length,
- const AES_KEY *key, unsigned char *ivec, int enc);
-
-void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks,
- const AES_KEY *key, unsigned char iv[16],
- SHA_CTX *ctx, const void *in0);
-
-# define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
-
-static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
- const unsigned char *inkey,
- const unsigned char *iv, int enc)
-{
- EVP_AES_HMAC_SHA1 *key = data(ctx);
- int ret;
-
- if (enc)
- ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
- else
- ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
-
- SHA1_Init(&key->head); /* handy when benchmarking */
- key->tail = key->head;
- key->md = key->head;
-
- key->payload_length = NO_PAYLOAD_LENGTH;
-
- return ret < 0 ? 0 : 1;
-}
-
-# define STITCHED_CALL
-
-# if !defined(STITCHED_CALL)
-# define aes_off 0
-# endif
-
-void sha1_block_data_order(void *c, const void *p, size_t len);
-
-static void sha1_update(SHA_CTX *c, const void *data, size_t len)
-{
- const unsigned char *ptr = data;
- size_t res;
-
- if ((res = c->num)) {
- res = SHA_CBLOCK - res;
- if (len < res)
- res = len;
- SHA1_Update(c, ptr, res);
- ptr += res;
- len -= res;
- }
-
- res = len % SHA_CBLOCK;
- len -= res;
-
- if (len) {
- sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
-
- ptr += len;
- c->Nh += len >> 29;
- c->Nl += len <<= 3;
- if (c->Nl < (unsigned int)len)
- c->Nh++;
- }
-
- if (res)
- SHA1_Update(c, ptr, res);
-}
-
-# ifdef SHA1_Update
-# undef SHA1_Update
-# endif
-# define SHA1_Update sha1_update
-
-static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len)
-{
- EVP_AES_HMAC_SHA1 *key = data(ctx);
- unsigned int l;
- size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
- * later */
- sha_off = 0;
-# if defined(STITCHED_CALL)
- size_t aes_off = 0, blocks;
-
- sha_off = SHA_CBLOCK - key->md.num;
-# endif
-
- key->payload_length = NO_PAYLOAD_LENGTH;
-
- if (len % AES_BLOCK_SIZE)
- return 0;
-
- if (ctx->encrypt) {
- if (plen == NO_PAYLOAD_LENGTH)
- plen = len;
- else if (len !=
- ((plen + SHA_DIGEST_LENGTH +
- AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
- return 0;
- else if (key->aux.tls_ver >= TLS1_1_VERSION)
- iv = AES_BLOCK_SIZE;
-
-# if defined(STITCHED_CALL)
- if (plen > (sha_off + iv)
- && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
- SHA1_Update(&key->md, in + iv, sha_off);
-
- aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
- ctx->iv, &key->md, in + iv + sha_off);
- blocks *= SHA_CBLOCK;
- aes_off += blocks;
- sha_off += blocks;
- key->md.Nh += blocks >> 29;
- key->md.Nl += blocks <<= 3;
- if (key->md.Nl < (unsigned int)blocks)
- key->md.Nh++;
- } else {
- sha_off = 0;
- }
-# endif
- sha_off += iv;
- SHA1_Update(&key->md, in + sha_off, plen - sha_off);
-
- if (plen != len) { /* "TLS" mode of operation */
- if (in != out)
- memcpy(out + aes_off, in + aes_off, plen - aes_off);
-
- /* calculate HMAC and append it to payload */
- SHA1_Final(out + plen, &key->md);
- key->md = key->tail;
- SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
- SHA1_Final(out + plen, &key->md);
-
- /* pad the payload|hmac */
- plen += SHA_DIGEST_LENGTH;
- for (l = len - plen - 1; plen < len; plen++)
- out[plen] = l;
- /* encrypt HMAC|padding at once */
- aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
- &key->ks, ctx->iv, 1);
- } else {
- aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
- &key->ks, ctx->iv, 1);
- }
- } else {
- union {
- unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)];
- unsigned char c[32 + SHA_DIGEST_LENGTH];
- } mac, *pmac;
-
- /* arrange cache line alignment */
- pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
-
- /* decrypt HMAC|padding at once */
- aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
-
- if (plen) { /* "TLS" mode of operation */
- size_t inp_len, mask, j, i;
- unsigned int res, maxpad, pad, bitlen;
- int ret = 1;
- union {
- unsigned int u[SHA_LBLOCK];
- unsigned char c[SHA_CBLOCK];
- } *data = (void *)key->md.data;
-
- if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
- >= TLS1_1_VERSION)
- iv = AES_BLOCK_SIZE;
-
- if (len < (iv + SHA_DIGEST_LENGTH + 1))
- return 0;
-
- /* omit explicit iv */
- out += iv;
- len -= iv;
-
- /* figure out payload length */
- pad = out[len - 1];
- maxpad = len - (SHA_DIGEST_LENGTH + 1);
- maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
- maxpad &= 255;
-
- inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
- mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
- inp_len &= mask;
- ret &= (int)mask;
-
- key->aux.tls_aad[plen - 2] = inp_len >> 8;
- key->aux.tls_aad[plen - 1] = inp_len;
-
- /* calculate HMAC */
- key->md = key->head;
- SHA1_Update(&key->md, key->aux.tls_aad, plen);
-
-# if 1
- len -= SHA_DIGEST_LENGTH; /* amend mac */
- if (len >= (256 + SHA_CBLOCK)) {
- j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
- j += SHA_CBLOCK - key->md.num;
- SHA1_Update(&key->md, out, j);
- out += j;
- len -= j;
- inp_len -= j;
- }
-
- /* but pretend as if we hashed padded payload */
- bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
-# ifdef BSWAP
- bitlen = BSWAP(bitlen);
-# else
- mac.c[0] = 0;
- mac.c[1] = (unsigned char)(bitlen >> 16);
- mac.c[2] = (unsigned char)(bitlen >> 8);
- mac.c[3] = (unsigned char)bitlen;
- bitlen = mac.u[0];
-# endif
-
- pmac->u[0] = 0;
- pmac->u[1] = 0;
- pmac->u[2] = 0;
- pmac->u[3] = 0;
- pmac->u[4] = 0;
-
- for (res = key->md.num, j = 0; j < len; j++) {
- size_t c = out[j];
- mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
- c &= mask;
- c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
- data->c[res++] = (unsigned char)c;
-
- if (res != SHA_CBLOCK)
- continue;
-
- /* j is not incremented yet */
- mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
- data->u[SHA_LBLOCK - 1] |= bitlen & mask;
- sha1_block_data_order(&key->md, data, 1);
- mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
- pmac->u[0] |= key->md.h0 & mask;
- pmac->u[1] |= key->md.h1 & mask;
- pmac->u[2] |= key->md.h2 & mask;
- pmac->u[3] |= key->md.h3 & mask;
- pmac->u[4] |= key->md.h4 & mask;
- res = 0;
- }
-
- for (i = res; i < SHA_CBLOCK; i++, j++)
- data->c[i] = 0;
-
- if (res > SHA_CBLOCK - 8) {
- mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
- data->u[SHA_LBLOCK - 1] |= bitlen & mask;
- sha1_block_data_order(&key->md, data, 1);
- mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
- pmac->u[0] |= key->md.h0 & mask;
- pmac->u[1] |= key->md.h1 & mask;
- pmac->u[2] |= key->md.h2 & mask;
- pmac->u[3] |= key->md.h3 & mask;
- pmac->u[4] |= key->md.h4 & mask;
-
- memset(data, 0, SHA_CBLOCK);
- j += 64;
- }
- data->u[SHA_LBLOCK - 1] = bitlen;
- sha1_block_data_order(&key->md, data, 1);
- mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
- pmac->u[0] |= key->md.h0 & mask;
- pmac->u[1] |= key->md.h1 & mask;
- pmac->u[2] |= key->md.h2 & mask;
- pmac->u[3] |= key->md.h3 & mask;
- pmac->u[4] |= key->md.h4 & mask;
-
-# ifdef BSWAP
- pmac->u[0] = BSWAP(pmac->u[0]);
- pmac->u[1] = BSWAP(pmac->u[1]);
- pmac->u[2] = BSWAP(pmac->u[2]);
- pmac->u[3] = BSWAP(pmac->u[3]);
- pmac->u[4] = BSWAP(pmac->u[4]);
-# else
- for (i = 0; i < 5; i++) {
- res = pmac->u[i];
- pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
- pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
- pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
- pmac->c[4 * i + 3] = (unsigned char)res;
- }
-# endif
- len += SHA_DIGEST_LENGTH;
-# else
- SHA1_Update(&key->md, out, inp_len);
- res = key->md.num;
- SHA1_Final(pmac->c, &key->md);
-
- {
- unsigned int inp_blocks, pad_blocks;
-
- /* but pretend as if we hashed padded payload */
- inp_blocks =
- 1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
- res += (unsigned int)(len - inp_len);
- pad_blocks = res / SHA_CBLOCK;
- res %= SHA_CBLOCK;
- pad_blocks +=
- 1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
- for (; inp_blocks < pad_blocks; inp_blocks++)
- sha1_block_data_order(&key->md, data, 1);
- }
-# endif
- key->md = key->tail;
- SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
- SHA1_Final(pmac->c, &key->md);
-
- /* verify HMAC */
- out += inp_len;
- len -= inp_len;
-# if 1
- {
- unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
- size_t off = out - p;
- unsigned int c, cmask;
-
- maxpad += SHA_DIGEST_LENGTH;
- for (res = 0, i = 0, j = 0; j < maxpad; j++) {
- c = p[j];
- cmask =
- ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
- 8 - 1);
- res |= (c ^ pad) & ~cmask; /* ... and padding */
- cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
- res |= (c ^ pmac->c[i]) & cmask;
- i += 1 & cmask;
- }
- maxpad -= SHA_DIGEST_LENGTH;
-
- res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
- ret &= (int)~res;
- }
-# else
- for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
- res |= out[i] ^ pmac->c[i];
- res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
- ret &= (int)~res;
-
- /* verify padding */
- pad = (pad & ~res) | (maxpad & res);
- out = out + len - 1 - pad;
- for (res = 0, i = 0; i < pad; i++)
- res |= out[i] ^ pad;
-
- res = (0 - res) >> (sizeof(res) * 8 - 1);
- ret &= (int)~res;
-# endif
- return ret;
- } else {
- SHA1_Update(&key->md, out, len);
- }
- }
-
- return 1;
-}
-
-static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
- void *ptr)
-{
- EVP_AES_HMAC_SHA1 *key = data(ctx);
-
- switch (type) {
- case EVP_CTRL_AEAD_SET_MAC_KEY:
- {
- unsigned int i;
- unsigned char hmac_key[64];
-
- memset(hmac_key, 0, sizeof(hmac_key));
-
- if (arg > (int)sizeof(hmac_key)) {
- SHA1_Init(&key->head);
- SHA1_Update(&key->head, ptr, arg);
- SHA1_Final(hmac_key, &key->head);
- } else {
- memcpy(hmac_key, ptr, arg);
- }
-
- for (i = 0; i < sizeof(hmac_key); i++)
- hmac_key[i] ^= 0x36; /* ipad */
- SHA1_Init(&key->head);
- SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
-
- for (i = 0; i < sizeof(hmac_key); i++)
- hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
- SHA1_Init(&key->tail);
- SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
-
- OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
-
- return 1;
- }
- case EVP_CTRL_AEAD_TLS1_AAD:
- {
- unsigned char *p = ptr;
- unsigned int len;
-
- if (arg != EVP_AEAD_TLS1_AAD_LEN)
- return -1;
-
- len = p[arg - 2] << 8 | p[arg - 1];
-
- if (ctx->encrypt) {
- key->payload_length = len;
- if ((key->aux.tls_ver =
- p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
- len -= AES_BLOCK_SIZE;
- p[arg - 2] = len >> 8;
- p[arg - 1] = len;
- }
- key->md = key->head;
- SHA1_Update(&key->md, p, arg);
-
- return (int)(((len + SHA_DIGEST_LENGTH +
- AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
- - len);
- } else {
- memcpy(key->aux.tls_aad, ptr, arg);
- key->payload_length = arg;
-
- return SHA_DIGEST_LENGTH;
- }
- }
- default:
- return -1;
- }
-}
-
-static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
-# ifdef NID_aes_128_cbc_hmac_sha1
- NID_aes_128_cbc_hmac_sha1,
-# else
- NID_undef,
-# endif
- 16, 16, 16,
- EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
- EVP_CIPH_FLAG_AEAD_CIPHER,
- aesni_cbc_hmac_sha1_init_key,
- aesni_cbc_hmac_sha1_cipher,
- NULL,
- sizeof(EVP_AES_HMAC_SHA1),
- EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
- EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
- aesni_cbc_hmac_sha1_ctrl,
- NULL
-};
-
-static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
-# ifdef NID_aes_256_cbc_hmac_sha1
- NID_aes_256_cbc_hmac_sha1,
-# else
- NID_undef,
-# endif
- 16, 32, 16,
- EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
- EVP_CIPH_FLAG_AEAD_CIPHER,
- aesni_cbc_hmac_sha1_init_key,
- aesni_cbc_hmac_sha1_cipher,
- NULL,
- sizeof(EVP_AES_HMAC_SHA1),
- EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
- EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
- aesni_cbc_hmac_sha1_ctrl,
- NULL
-};
-
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
-{
- return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
- &aesni_128_cbc_hmac_sha1_cipher : NULL);
-}
-
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
-{
- return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
- &aesni_256_cbc_hmac_sha1_cipher : NULL);
-}
-# else
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
-{
- return NULL;
-}
-
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
-{
- return NULL;
-}
-# endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/e_aes_cbc_hmac_sha1.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_aes_cbc_hmac_sha1.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,602 @@
+/* ====================================================================
+ * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/aes.h>
+# include <openssl/sha.h>
+# include "evp_locl.h"
+# include "constant_time_locl.h"
+
+# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
+# define EVP_CTRL_AEAD_TLS1_AAD 0x16
+# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+# endif
+
+# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
+# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
+# endif
+
+# define TLS1_1_VERSION 0x0302
+
+typedef struct {
+ AES_KEY ks;
+ SHA_CTX head, tail, md;
+ size_t payload_length; /* AAD length in decrypt case */
+ union {
+ unsigned int tls_ver;
+ unsigned char tls_aad[16]; /* 13 used */
+ } aux;
+} EVP_AES_HMAC_SHA1;
+
+# define NO_PAYLOAD_LENGTH ((size_t)-1)
+
+# if defined(AES_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64) || \
+ defined(__INTEL__) )
+
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
+# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
+# endif
+
+extern unsigned int OPENSSL_ia32cap_P[2];
+# define AESNI_CAPABLE (1<<(57-32))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+
+void aesni_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key, unsigned char *ivec, int enc);
+
+void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks,
+ const AES_KEY *key, unsigned char iv[16],
+ SHA_CTX *ctx, const void *in0);
+
+# define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
+
+static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *inkey,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_HMAC_SHA1 *key = data(ctx);
+ int ret;
+
+ if (enc)
+ ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
+ else
+ ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
+
+ SHA1_Init(&key->head); /* handy when benchmarking */
+ key->tail = key->head;
+ key->md = key->head;
+
+ key->payload_length = NO_PAYLOAD_LENGTH;
+
+ return ret < 0 ? 0 : 1;
+}
+
+# define STITCHED_CALL
+
+# if !defined(STITCHED_CALL)
+# define aes_off 0
+# endif
+
+void sha1_block_data_order(void *c, const void *p, size_t len);
+
+static void sha1_update(SHA_CTX *c, const void *data, size_t len)
+{
+ const unsigned char *ptr = data;
+ size_t res;
+
+ if ((res = c->num)) {
+ res = SHA_CBLOCK - res;
+ if (len < res)
+ res = len;
+ SHA1_Update(c, ptr, res);
+ ptr += res;
+ len -= res;
+ }
+
+ res = len % SHA_CBLOCK;
+ len -= res;
+
+ if (len) {
+ sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
+
+ ptr += len;
+ c->Nh += len >> 29;
+ c->Nl += len <<= 3;
+ if (c->Nl < (unsigned int)len)
+ c->Nh++;
+ }
+
+ if (res)
+ SHA1_Update(c, ptr, res);
+}
+
+# ifdef SHA1_Update
+# undef SHA1_Update
+# endif
+# define SHA1_Update sha1_update
+
+static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_HMAC_SHA1 *key = data(ctx);
+ unsigned int l;
+ size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
+ * later */
+ sha_off = 0;
+# if defined(STITCHED_CALL)
+ size_t aes_off = 0, blocks;
+
+ sha_off = SHA_CBLOCK - key->md.num;
+# endif
+
+ key->payload_length = NO_PAYLOAD_LENGTH;
+
+ if (len % AES_BLOCK_SIZE)
+ return 0;
+
+ if (ctx->encrypt) {
+ if (plen == NO_PAYLOAD_LENGTH)
+ plen = len;
+ else if (len !=
+ ((plen + SHA_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
+ return 0;
+ else if (key->aux.tls_ver >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+# if defined(STITCHED_CALL)
+ if (plen > (sha_off + iv)
+ && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
+ SHA1_Update(&key->md, in + iv, sha_off);
+
+ aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
+ ctx->iv, &key->md, in + iv + sha_off);
+ blocks *= SHA_CBLOCK;
+ aes_off += blocks;
+ sha_off += blocks;
+ key->md.Nh += blocks >> 29;
+ key->md.Nl += blocks <<= 3;
+ if (key->md.Nl < (unsigned int)blocks)
+ key->md.Nh++;
+ } else {
+ sha_off = 0;
+ }
+# endif
+ sha_off += iv;
+ SHA1_Update(&key->md, in + sha_off, plen - sha_off);
+
+ if (plen != len) { /* "TLS" mode of operation */
+ if (in != out)
+ memcpy(out + aes_off, in + aes_off, plen - aes_off);
+
+ /* calculate HMAC and append it to payload */
+ SHA1_Final(out + plen, &key->md);
+ key->md = key->tail;
+ SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
+ SHA1_Final(out + plen, &key->md);
+
+ /* pad the payload|hmac */
+ plen += SHA_DIGEST_LENGTH;
+ for (l = len - plen - 1; plen < len; plen++)
+ out[plen] = l;
+ /* encrypt HMAC|padding at once */
+ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
+ &key->ks, ctx->iv, 1);
+ } else {
+ aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
+ &key->ks, ctx->iv, 1);
+ }
+ } else {
+ union {
+ unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)];
+ unsigned char c[32 + SHA_DIGEST_LENGTH];
+ } mac, *pmac;
+
+ /* arrange cache line alignment */
+ pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
+
+ /* decrypt HMAC|padding at once */
+ aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+
+ if (plen) { /* "TLS" mode of operation */
+ size_t inp_len, mask, j, i;
+ unsigned int res, maxpad, pad, bitlen;
+ int ret = 1;
+ union {
+ unsigned int u[SHA_LBLOCK];
+ unsigned char c[SHA_CBLOCK];
+ } *data = (void *)key->md.data;
+
+ if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
+ >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+ if (len < (iv + SHA_DIGEST_LENGTH + 1))
+ return 0;
+
+ /* omit explicit iv */
+ out += iv;
+ len -= iv;
+
+ /* figure out payload length */
+ pad = out[len - 1];
+ maxpad = len - (SHA_DIGEST_LENGTH + 1);
+ maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+ maxpad &= 255;
+
+ ret &= constant_time_ge(maxpad, pad);
+
+ inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
+ mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
+ inp_len &= mask;
+ ret &= (int)mask;
+
+ key->aux.tls_aad[plen - 2] = inp_len >> 8;
+ key->aux.tls_aad[plen - 1] = inp_len;
+
+ /* calculate HMAC */
+ key->md = key->head;
+ SHA1_Update(&key->md, key->aux.tls_aad, plen);
+
+# if 1
+ len -= SHA_DIGEST_LENGTH; /* amend mac */
+ if (len >= (256 + SHA_CBLOCK)) {
+ j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
+ j += SHA_CBLOCK - key->md.num;
+ SHA1_Update(&key->md, out, j);
+ out += j;
+ len -= j;
+ inp_len -= j;
+ }
+
+ /* but pretend as if we hashed padded payload */
+ bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
+# ifdef BSWAP
+ bitlen = BSWAP(bitlen);
+# else
+ mac.c[0] = 0;
+ mac.c[1] = (unsigned char)(bitlen >> 16);
+ mac.c[2] = (unsigned char)(bitlen >> 8);
+ mac.c[3] = (unsigned char)bitlen;
+ bitlen = mac.u[0];
+# endif
+
+ pmac->u[0] = 0;
+ pmac->u[1] = 0;
+ pmac->u[2] = 0;
+ pmac->u[3] = 0;
+ pmac->u[4] = 0;
+
+ for (res = key->md.num, j = 0; j < len; j++) {
+ size_t c = out[j];
+ mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
+ c &= mask;
+ c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
+ data->c[res++] = (unsigned char)c;
+
+ if (res != SHA_CBLOCK)
+ continue;
+
+ /* j is not incremented yet */
+ mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha1_block_data_order(&key->md, data, 1);
+ mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= key->md.h0 & mask;
+ pmac->u[1] |= key->md.h1 & mask;
+ pmac->u[2] |= key->md.h2 & mask;
+ pmac->u[3] |= key->md.h3 & mask;
+ pmac->u[4] |= key->md.h4 & mask;
+ res = 0;
+ }
+
+ for (i = res; i < SHA_CBLOCK; i++, j++)
+ data->c[i] = 0;
+
+ if (res > SHA_CBLOCK - 8) {
+ mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha1_block_data_order(&key->md, data, 1);
+ mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= key->md.h0 & mask;
+ pmac->u[1] |= key->md.h1 & mask;
+ pmac->u[2] |= key->md.h2 & mask;
+ pmac->u[3] |= key->md.h3 & mask;
+ pmac->u[4] |= key->md.h4 & mask;
+
+ memset(data, 0, SHA_CBLOCK);
+ j += 64;
+ }
+ data->u[SHA_LBLOCK - 1] = bitlen;
+ sha1_block_data_order(&key->md, data, 1);
+ mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= key->md.h0 & mask;
+ pmac->u[1] |= key->md.h1 & mask;
+ pmac->u[2] |= key->md.h2 & mask;
+ pmac->u[3] |= key->md.h3 & mask;
+ pmac->u[4] |= key->md.h4 & mask;
+
+# ifdef BSWAP
+ pmac->u[0] = BSWAP(pmac->u[0]);
+ pmac->u[1] = BSWAP(pmac->u[1]);
+ pmac->u[2] = BSWAP(pmac->u[2]);
+ pmac->u[3] = BSWAP(pmac->u[3]);
+ pmac->u[4] = BSWAP(pmac->u[4]);
+# else
+ for (i = 0; i < 5; i++) {
+ res = pmac->u[i];
+ pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
+ pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
+ pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
+ pmac->c[4 * i + 3] = (unsigned char)res;
+ }
+# endif
+ len += SHA_DIGEST_LENGTH;
+# else
+ SHA1_Update(&key->md, out, inp_len);
+ res = key->md.num;
+ SHA1_Final(pmac->c, &key->md);
+
+ {
+ unsigned int inp_blocks, pad_blocks;
+
+ /* but pretend as if we hashed padded payload */
+ inp_blocks =
+ 1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+ res += (unsigned int)(len - inp_len);
+ pad_blocks = res / SHA_CBLOCK;
+ res %= SHA_CBLOCK;
+ pad_blocks +=
+ 1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+ for (; inp_blocks < pad_blocks; inp_blocks++)
+ sha1_block_data_order(&key->md, data, 1);
+ }
+# endif
+ key->md = key->tail;
+ SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
+ SHA1_Final(pmac->c, &key->md);
+
+ /* verify HMAC */
+ out += inp_len;
+ len -= inp_len;
+# if 1
+ {
+ unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
+ size_t off = out - p;
+ unsigned int c, cmask;
+
+ maxpad += SHA_DIGEST_LENGTH;
+ for (res = 0, i = 0, j = 0; j < maxpad; j++) {
+ c = p[j];
+ cmask =
+ ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
+ 8 - 1);
+ res |= (c ^ pad) & ~cmask; /* ... and padding */
+ cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
+ res |= (c ^ pmac->c[i]) & cmask;
+ i += 1 & cmask;
+ }
+ maxpad -= SHA_DIGEST_LENGTH;
+
+ res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+ ret &= (int)~res;
+ }
+# else
+ for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
+ res |= out[i] ^ pmac->c[i];
+ res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+ ret &= (int)~res;
+
+ /* verify padding */
+ pad = (pad & ~res) | (maxpad & res);
+ out = out + len - 1 - pad;
+ for (res = 0, i = 0; i < pad; i++)
+ res |= out[i] ^ pad;
+
+ res = (0 - res) >> (sizeof(res) * 8 - 1);
+ ret &= (int)~res;
+# endif
+ return ret;
+ } else {
+ SHA1_Update(&key->md, out, len);
+ }
+ }
+
+ return 1;
+}
+
+static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr)
+{
+ EVP_AES_HMAC_SHA1 *key = data(ctx);
+
+ switch (type) {
+ case EVP_CTRL_AEAD_SET_MAC_KEY:
+ {
+ unsigned int i;
+ unsigned char hmac_key[64];
+
+ memset(hmac_key, 0, sizeof(hmac_key));
+
+ if (arg > (int)sizeof(hmac_key)) {
+ SHA1_Init(&key->head);
+ SHA1_Update(&key->head, ptr, arg);
+ SHA1_Final(hmac_key, &key->head);
+ } else {
+ memcpy(hmac_key, ptr, arg);
+ }
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36; /* ipad */
+ SHA1_Init(&key->head);
+ SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+ SHA1_Init(&key->tail);
+ SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
+
+ OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
+
+ return 1;
+ }
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ {
+ unsigned char *p = ptr;
+ unsigned int len;
+
+ if (arg != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ len = p[arg - 2] << 8 | p[arg - 1];
+
+ if (ctx->encrypt) {
+ key->payload_length = len;
+ if ((key->aux.tls_ver =
+ p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+ len -= AES_BLOCK_SIZE;
+ p[arg - 2] = len >> 8;
+ p[arg - 1] = len;
+ }
+ key->md = key->head;
+ SHA1_Update(&key->md, p, arg);
+
+ return (int)(((len + SHA_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
+ - len);
+ } else {
+ memcpy(key->aux.tls_aad, ptr, arg);
+ key->payload_length = arg;
+
+ return SHA_DIGEST_LENGTH;
+ }
+ }
+ default:
+ return -1;
+ }
+}
+
+static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
+# ifdef NID_aes_128_cbc_hmac_sha1
+ NID_aes_128_cbc_hmac_sha1,
+# else
+ NID_undef,
+# endif
+ 16, 16, 16,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+ EVP_CIPH_FLAG_AEAD_CIPHER,
+ aesni_cbc_hmac_sha1_init_key,
+ aesni_cbc_hmac_sha1_cipher,
+ NULL,
+ sizeof(EVP_AES_HMAC_SHA1),
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+ aesni_cbc_hmac_sha1_ctrl,
+ NULL
+};
+
+static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
+# ifdef NID_aes_256_cbc_hmac_sha1
+ NID_aes_256_cbc_hmac_sha1,
+# else
+ NID_undef,
+# endif
+ 16, 32, 16,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+ EVP_CIPH_FLAG_AEAD_CIPHER,
+ aesni_cbc_hmac_sha1_init_key,
+ aesni_cbc_hmac_sha1_cipher,
+ NULL,
+ sizeof(EVP_AES_HMAC_SHA1),
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+ aesni_cbc_hmac_sha1_ctrl,
+ NULL
+};
+
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
+{
+ return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
+ &aesni_128_cbc_hmac_sha1_cipher : NULL);
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
+{
+ return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
+ &aesni_256_cbc_hmac_sha1_cipher : NULL);
+}
+# else
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
+{
+ return NULL;
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
+{
+ return NULL;
+}
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/e_camellia.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,119 +0,0 @@
-/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_CAMELLIA
-# include <openssl/evp.h>
-# include <openssl/err.h>
-# include <string.h>
-# include <assert.h>
-# include <openssl/camellia.h>
-# include "evp_locl.h"
-
-static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-
-/* Camellia subkey Structure */
-typedef struct {
- CAMELLIA_KEY ks;
-} EVP_CAMELLIA_KEY;
-
-/* Attribute operation for Camellia */
-# define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
- NID_camellia_128, 16, 16, 16, 128,
- 0, camellia_init_key, NULL,
- EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
- IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
- NID_camellia_192, 16, 24, 16, 128,
- 0, camellia_init_key, NULL,
- EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
- IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
- NID_camellia_256, 16, 32, 16, 128,
- 0, camellia_init_key, NULL,
- EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-# define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
- IMPLEMENT_CAMELLIA_CFBR(128, 1)
- IMPLEMENT_CAMELLIA_CFBR(192, 1)
- IMPLEMENT_CAMELLIA_CFBR(256, 1)
-
- IMPLEMENT_CAMELLIA_CFBR(128, 8)
- IMPLEMENT_CAMELLIA_CFBR(192, 8)
- IMPLEMENT_CAMELLIA_CFBR(256, 8)
-
-/* The subkey for Camellia is generated. */
-static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- int ret;
-
- ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
-
- if (ret < 0) {
- EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
- return 0;
- }
-
- return 1;
-}
-
-#else
-
-# ifdef PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/e_camellia.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_camellia.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,119 @@
+/* crypto/evp/e_camellia.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_CAMELLIA
+# include <openssl/evp.h>
+# include <openssl/err.h>
+# include <string.h>
+# include <assert.h>
+# include <openssl/camellia.h>
+# include "evp_locl.h"
+
+static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+
+/* Camellia subkey Structure */
+typedef struct {
+ CAMELLIA_KEY ks;
+} EVP_CAMELLIA_KEY;
+
+/* Attribute operation for Camellia */
+# define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
+ NID_camellia_128, 16, 16, 16, 128,
+ 0, camellia_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+ IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
+ NID_camellia_192, 16, 24, 16, 128,
+ 0, camellia_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+ IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
+ NID_camellia_256, 16, 32, 16, 128,
+ 0, camellia_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+# define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
+ IMPLEMENT_CAMELLIA_CFBR(128, 1)
+ IMPLEMENT_CAMELLIA_CFBR(192, 1)
+ IMPLEMENT_CAMELLIA_CFBR(256, 1)
+
+ IMPLEMENT_CAMELLIA_CFBR(128, 8)
+ IMPLEMENT_CAMELLIA_CFBR(192, 8)
+ IMPLEMENT_CAMELLIA_CFBR(256, 8)
+
+/* The subkey for Camellia is generated. */
+static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ int ret;
+
+ ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
+
+ if (ret < 0) {
+ EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
+ return 0;
+ }
+
+ return 1;
+}
+
+#else
+
+# ifdef PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/e_old.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,164 +0,0 @@
-/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifdef OPENSSL_NO_DEPRECATED
-static void *dummy = &dummy;
-#else
-
-# include <openssl/evp.h>
-
-/*
- * Define some deprecated functions, so older programs don't crash and burn
- * too quickly. On Windows and VMS, these will never be used, since
- * functions and variables in shared libraries are selected by entry point
- * location, not by name.
- */
-
-# ifndef OPENSSL_NO_BF
-# undef EVP_bf_cfb
-const EVP_CIPHER *EVP_bf_cfb(void);
-const EVP_CIPHER *EVP_bf_cfb(void)
-{
- return EVP_bf_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_DES
-# undef EVP_des_cfb
-const EVP_CIPHER *EVP_des_cfb(void);
-const EVP_CIPHER *EVP_des_cfb(void)
-{
- return EVP_des_cfb64();
-}
-
-# undef EVP_des_ede3_cfb
-const EVP_CIPHER *EVP_des_ede3_cfb(void);
-const EVP_CIPHER *EVP_des_ede3_cfb(void)
-{
- return EVP_des_ede3_cfb64();
-}
-
-# undef EVP_des_ede_cfb
-const EVP_CIPHER *EVP_des_ede_cfb(void);
-const EVP_CIPHER *EVP_des_ede_cfb(void)
-{
- return EVP_des_ede_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_IDEA
-# undef EVP_idea_cfb
-const EVP_CIPHER *EVP_idea_cfb(void);
-const EVP_CIPHER *EVP_idea_cfb(void)
-{
- return EVP_idea_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_RC2
-# undef EVP_rc2_cfb
-const EVP_CIPHER *EVP_rc2_cfb(void);
-const EVP_CIPHER *EVP_rc2_cfb(void)
-{
- return EVP_rc2_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_CAST
-# undef EVP_cast5_cfb
-const EVP_CIPHER *EVP_cast5_cfb(void);
-const EVP_CIPHER *EVP_cast5_cfb(void)
-{
- return EVP_cast5_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_RC5
-# undef EVP_rc5_32_12_16_cfb
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
-{
- return EVP_rc5_32_12_16_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_AES
-# undef EVP_aes_128_cfb
-const EVP_CIPHER *EVP_aes_128_cfb(void);
-const EVP_CIPHER *EVP_aes_128_cfb(void)
-{
- return EVP_aes_128_cfb128();
-}
-
-# undef EVP_aes_192_cfb
-const EVP_CIPHER *EVP_aes_192_cfb(void);
-const EVP_CIPHER *EVP_aes_192_cfb(void)
-{
- return EVP_aes_192_cfb128();
-}
-
-# undef EVP_aes_256_cfb
-const EVP_CIPHER *EVP_aes_256_cfb(void);
-const EVP_CIPHER *EVP_aes_256_cfb(void)
-{
- return EVP_aes_256_cfb128();
-}
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/e_old.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_old.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,164 @@
+/* crypto/evp/e_old.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifdef OPENSSL_NO_DEPRECATED
+static void *dummy = &dummy;
+#else
+
+# include <openssl/evp.h>
+
+/*
+ * Define some deprecated functions, so older programs don't crash and burn
+ * too quickly. On Windows and VMS, these will never be used, since
+ * functions and variables in shared libraries are selected by entry point
+ * location, not by name.
+ */
+
+# ifndef OPENSSL_NO_BF
+# undef EVP_bf_cfb
+const EVP_CIPHER *EVP_bf_cfb(void);
+const EVP_CIPHER *EVP_bf_cfb(void)
+{
+ return EVP_bf_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_DES
+# undef EVP_des_cfb
+const EVP_CIPHER *EVP_des_cfb(void);
+const EVP_CIPHER *EVP_des_cfb(void)
+{
+ return EVP_des_cfb64();
+}
+
+# undef EVP_des_ede3_cfb
+const EVP_CIPHER *EVP_des_ede3_cfb(void);
+const EVP_CIPHER *EVP_des_ede3_cfb(void)
+{
+ return EVP_des_ede3_cfb64();
+}
+
+# undef EVP_des_ede_cfb
+const EVP_CIPHER *EVP_des_ede_cfb(void);
+const EVP_CIPHER *EVP_des_ede_cfb(void)
+{
+ return EVP_des_ede_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+# undef EVP_idea_cfb
+const EVP_CIPHER *EVP_idea_cfb(void);
+const EVP_CIPHER *EVP_idea_cfb(void)
+{
+ return EVP_idea_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_RC2
+# undef EVP_rc2_cfb
+const EVP_CIPHER *EVP_rc2_cfb(void);
+const EVP_CIPHER *EVP_rc2_cfb(void)
+{
+ return EVP_rc2_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_CAST
+# undef EVP_cast5_cfb
+const EVP_CIPHER *EVP_cast5_cfb(void);
+const EVP_CIPHER *EVP_cast5_cfb(void)
+{
+ return EVP_cast5_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_RC5
+# undef EVP_rc5_32_12_16_cfb
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+{
+ return EVP_rc5_32_12_16_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_AES
+# undef EVP_aes_128_cfb
+const EVP_CIPHER *EVP_aes_128_cfb(void);
+const EVP_CIPHER *EVP_aes_128_cfb(void)
+{
+ return EVP_aes_128_cfb128();
+}
+
+# undef EVP_aes_192_cfb
+const EVP_CIPHER *EVP_aes_192_cfb(void);
+const EVP_CIPHER *EVP_aes_192_cfb(void)
+{
+ return EVP_aes_192_cfb128();
+}
+
+# undef EVP_aes_256_cfb
+const EVP_CIPHER *EVP_aes_256_cfb(void);
+const EVP_CIPHER *EVP_aes_256_cfb(void)
+{
+ return EVP_aes_256_cfb128();
+}
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/e_seed.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,82 +0,0 @@
-/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_SEED
-# include <openssl/evp.h>
-# include <openssl/err.h>
-# include <string.h>
-# include <assert.h>
-# include <openssl/seed.h>
-# include "evp_locl.h"
-
-static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-
-typedef struct {
- SEED_KEY_SCHEDULE ks;
-} EVP_SEED_KEY;
-
-IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
- 16, 16, 16, 128, 0, seed_init_key, 0, 0, 0, 0)
-
-static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- SEED_set_key(key, ctx->cipher_data);
- return 1;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/e_seed.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/e_seed.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,83 @@
+/* crypto/evp/e_seed.c */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_SEED
+# include <openssl/evp.h>
+# include <openssl/err.h>
+# include <string.h>
+# include <assert.h>
+# include <openssl/seed.h>
+# include "evp_locl.h"
+
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+
+typedef struct {
+ SEED_KEY_SCHEDULE ks;
+} EVP_SEED_KEY;
+
+IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
+ 16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1,
+ seed_init_key, 0, 0, 0, 0)
+
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ SEED_set_key(key, ctx->cipher_data);
+ return 1;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/encode.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,454 +0,0 @@
-/* crypto/evp/encode.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-
-static unsigned char conv_ascii2bin(unsigned char a);
-#ifndef CHARSET_EBCDIC
-# define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
-#else
-/*
- * We assume that PEM encoded files are EBCDIC files (i.e., printable text
- * files). Convert them here while decoding. When encoding, output is EBCDIC
- * (text) format again. (No need for conversion in the conv_bin2ascii macro,
- * as the underlying textstring data_bin2ascii[] is already EBCDIC)
- */
-# define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
-#endif
-
-/*-
- * 64 char lines
- * pad input with 0
- * left over chars are set to =
- * 1 byte => xx==
- * 2 bytes => xxx=
- * 3 bytes => xxxx
- */
-#define BIN_PER_LINE (64/4*3)
-#define CHUNKS_PER_LINE (64/4)
-#define CHAR_PER_LINE (64+1)
-
-static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
-abcdefghijklmnopqrstuvwxyz0123456789+/";
-
-/*-
- * 0xF0 is a EOLN
- * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
- * 0xF2 is EOF
- * 0xE0 is ignore at start of line.
- * 0xFF is error
- */
-
-#define B64_EOLN 0xF0
-#define B64_CR 0xF1
-#define B64_EOF 0xF2
-#define B64_WS 0xE0
-#define B64_ERROR 0xFF
-#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
-#define B64_BASE64(a) !B64_NOT_BASE64(a)
-
-static const unsigned char data_ascii2bin[128] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
- 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
- 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
- 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
- 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
- 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
- 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-};
-
-#ifndef CHARSET_EBCDIC
-static unsigned char conv_ascii2bin(unsigned char a)
-{
- if (a & 0x80)
- return B64_ERROR;
- return data_ascii2bin[a];
-}
-#else
-static unsigned char conv_ascii2bin(unsigned char a)
-{
- a = os_toascii[a];
- if (a & 0x80)
- return B64_ERROR;
- return data_ascii2bin[a];
-}
-#endif
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
-{
- ctx->length = 48;
- ctx->num = 0;
- ctx->line_num = 0;
-}
-
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl)
-{
- int i, j;
- unsigned int total = 0;
-
- *outl = 0;
- if (inl <= 0)
- return;
- OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
- if ((ctx->num + inl) < ctx->length) {
- memcpy(&(ctx->enc_data[ctx->num]), in, inl);
- ctx->num += inl;
- return;
- }
- if (ctx->num != 0) {
- i = ctx->length - ctx->num;
- memcpy(&(ctx->enc_data[ctx->num]), in, i);
- in += i;
- inl -= i;
- j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
- ctx->num = 0;
- out += j;
- *(out++) = '\n';
- *out = '\0';
- total = j + 1;
- }
- while (inl >= ctx->length) {
- j = EVP_EncodeBlock(out, in, ctx->length);
- in += ctx->length;
- inl -= ctx->length;
- out += j;
- *(out++) = '\n';
- *out = '\0';
- total += j + 1;
- }
- if (inl != 0)
- memcpy(&(ctx->enc_data[0]), in, inl);
- ctx->num = inl;
- *outl = total;
-}
-
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-{
- unsigned int ret = 0;
-
- if (ctx->num != 0) {
- ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
- out[ret++] = '\n';
- out[ret] = '\0';
- ctx->num = 0;
- }
- *outl = ret;
-}
-
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
-{
- int i, ret = 0;
- unsigned long l;
-
- for (i = dlen; i > 0; i -= 3) {
- if (i >= 3) {
- l = (((unsigned long)f[0]) << 16L) |
- (((unsigned long)f[1]) << 8L) | f[2];
- *(t++) = conv_bin2ascii(l >> 18L);
- *(t++) = conv_bin2ascii(l >> 12L);
- *(t++) = conv_bin2ascii(l >> 6L);
- *(t++) = conv_bin2ascii(l);
- } else {
- l = ((unsigned long)f[0]) << 16L;
- if (i == 2)
- l |= ((unsigned long)f[1] << 8L);
-
- *(t++) = conv_bin2ascii(l >> 18L);
- *(t++) = conv_bin2ascii(l >> 12L);
- *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
- *(t++) = '=';
- }
- ret += 4;
- f += 3;
- }
-
- *t = '\0';
- return (ret);
-}
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
-{
- /* Only ctx->num is used during decoding. */
- ctx->num = 0;
- ctx->length = 0;
- ctx->line_num = 0;
- ctx->expect_nl = 0;
-}
-
-/*-
- * -1 for error
- * 0 for last line
- * 1 for full line
- *
- * Note: even though EVP_DecodeUpdate attempts to detect and report end of
- * content, the context doesn't currently remember it and will accept more data
- * in the next call. Therefore, the caller is responsible for checking and
- * rejecting a 0 return value in the middle of content.
- *
- * Note: even though EVP_DecodeUpdate has historically tried to detect end of
- * content based on line length, this has never worked properly. Therefore,
- * we now return 0 when one of the following is true:
- * - Padding or B64_EOF was detected and the last block is complete.
- * - Input has zero-length.
- * -1 is returned if:
- * - Invalid characters are detected.
- * - There is extra trailing padding, or data after padding.
- * - B64_EOF is detected after an incomplete base64 block.
- */
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl)
-{
- int seof = 0, eof = 0, rv = -1, ret = 0, i, v, tmp, n, decoded_len;
- unsigned char *d;
-
- n = ctx->num;
- d = ctx->enc_data;
-
- if (n > 0 && d[n - 1] == '=') {
- eof++;
- if (n > 1 && d[n - 2] == '=')
- eof++;
- }
-
- /* Legacy behaviour: an empty input chunk signals end of input. */
- if (inl == 0) {
- rv = 0;
- goto end;
- }
-
- for (i = 0; i < inl; i++) {
- tmp = *(in++);
- v = conv_ascii2bin(tmp);
- if (v == B64_ERROR) {
- rv = -1;
- goto end;
- }
-
- if (tmp == '=') {
- eof++;
- } else if (eof > 0 && B64_BASE64(v)) {
- /* More data after padding. */
- rv = -1;
- goto end;
- }
-
- if (eof > 2) {
- rv = -1;
- goto end;
- }
-
- if (v == B64_EOF) {
- seof = 1;
- goto tail;
- }
-
- /* Only save valid base64 characters. */
- if (B64_BASE64(v)) {
- if (n >= 64) {
- /*
- * We increment n once per loop, and empty the buffer as soon as
- * we reach 64 characters, so this can only happen if someone's
- * manually messed with the ctx. Refuse to write any more data.
- */
- rv = -1;
- goto end;
- }
- OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
- d[n++] = tmp;
- }
-
- if (n == 64) {
- decoded_len = EVP_DecodeBlock(out, d, n);
- n = 0;
- if (decoded_len < 0 || eof > decoded_len) {
- rv = -1;
- goto end;
- }
- ret += decoded_len - eof;
- out += decoded_len - eof;
- }
- }
-
- /*
- * Legacy behaviour: if the current line is a full base64-block (i.e., has
- * 0 mod 4 base64 characters), it is processed immediately. We keep this
- * behaviour as applications may not be calling EVP_DecodeFinal properly.
- */
-tail:
- if (n > 0) {
- if ((n & 3) == 0) {
- decoded_len = EVP_DecodeBlock(out, d, n);
- n = 0;
- if (decoded_len < 0 || eof > decoded_len) {
- rv = -1;
- goto end;
- }
- ret += (decoded_len - eof);
- } else if (seof) {
- /* EOF in the middle of a base64 block. */
- rv = -1;
- goto end;
- }
- }
-
- rv = seof || (n == 0 && eof) ? 0 : 1;
-end:
- /* Legacy behaviour. This should probably rather be zeroed on error. */
- *outl = ret;
- ctx->num = n;
- return (rv);
-}
-
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
-{
- int i, ret = 0, a, b, c, d;
- unsigned long l;
-
- /* trim white space from the start of the line. */
- while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
- f++;
- n--;
- }
-
- /*
- * strip off stuff at the end of the line ascii2bin values B64_WS,
- * B64_EOLN, B64_EOLN and B64_EOF
- */
- while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
- n--;
-
- if (n % 4 != 0)
- return (-1);
-
- for (i = 0; i < n; i += 4) {
- a = conv_ascii2bin(*(f++));
- b = conv_ascii2bin(*(f++));
- c = conv_ascii2bin(*(f++));
- d = conv_ascii2bin(*(f++));
- if ((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80))
- return (-1);
- l = ((((unsigned long)a) << 18L) |
- (((unsigned long)b) << 12L) |
- (((unsigned long)c) << 6L) | (((unsigned long)d)));
- *(t++) = (unsigned char)(l >> 16L) & 0xff;
- *(t++) = (unsigned char)(l >> 8L) & 0xff;
- *(t++) = (unsigned char)(l) & 0xff;
- ret += 3;
- }
- return (ret);
-}
-
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-{
- int i;
-
- *outl = 0;
- if (ctx->num != 0) {
- i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
- if (i < 0)
- return (-1);
- ctx->num = 0;
- *outl = i;
- return (1);
- } else
- return (1);
-}
-
-#ifdef undef
-int EVP_DecodeValid(unsigned char *buf, int len)
-{
- int i, num = 0, bad = 0;
-
- if (len == 0)
- return (-1);
- while (conv_ascii2bin(*buf) == B64_WS) {
- buf++;
- len--;
- if (len == 0)
- return (-1);
- }
-
- for (i = len; i >= 4; i -= 4) {
- if ((conv_ascii2bin(buf[0]) >= 0x40) ||
- (conv_ascii2bin(buf[1]) >= 0x40) ||
- (conv_ascii2bin(buf[2]) >= 0x40) ||
- (conv_ascii2bin(buf[3]) >= 0x40))
- return (-1);
- buf += 4;
- num += 1 + (buf[2] != '=') + (buf[3] != '=');
- }
- if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
- return (num);
- if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
- (conv_ascii2bin(buf[0]) == B64_EOLN))
- return (num);
- return (1);
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/encode.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/encode.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,460 @@
+/* crypto/evp/encode.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+
+static unsigned char conv_ascii2bin(unsigned char a);
+#ifndef CHARSET_EBCDIC
+# define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
+#else
+/*
+ * We assume that PEM encoded files are EBCDIC files (i.e., printable text
+ * files). Convert them here while decoding. When encoding, output is EBCDIC
+ * (text) format again. (No need for conversion in the conv_bin2ascii macro,
+ * as the underlying textstring data_bin2ascii[] is already EBCDIC)
+ */
+# define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
+#endif
+
+/*-
+ * 64 char lines
+ * pad input with 0
+ * left over chars are set to =
+ * 1 byte => xx==
+ * 2 bytes => xxx=
+ * 3 bytes => xxxx
+ */
+#define BIN_PER_LINE (64/4*3)
+#define CHUNKS_PER_LINE (64/4)
+#define CHAR_PER_LINE (64+1)
+
+static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+abcdefghijklmnopqrstuvwxyz0123456789+/";
+
+/*-
+ * 0xF0 is a EOLN
+ * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
+ * 0xF2 is EOF
+ * 0xE0 is ignore at start of line.
+ * 0xFF is error
+ */
+
+#define B64_EOLN 0xF0
+#define B64_CR 0xF1
+#define B64_EOF 0xF2
+#define B64_WS 0xE0
+#define B64_ERROR 0xFF
+#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
+#define B64_BASE64(a) !B64_NOT_BASE64(a)
+
+static const unsigned char data_ascii2bin[128] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
+ 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
+ 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
+ 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
+ 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+ 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+ 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
+ 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+#ifndef CHARSET_EBCDIC
+static unsigned char conv_ascii2bin(unsigned char a)
+{
+ if (a & 0x80)
+ return B64_ERROR;
+ return data_ascii2bin[a];
+}
+#else
+static unsigned char conv_ascii2bin(unsigned char a)
+{
+ a = os_toascii[a];
+ if (a & 0x80)
+ return B64_ERROR;
+ return data_ascii2bin[a];
+}
+#endif
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
+{
+ ctx->length = 48;
+ ctx->num = 0;
+ ctx->line_num = 0;
+}
+
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl)
+{
+ int i, j;
+ size_t total = 0;
+
+ *outl = 0;
+ if (inl <= 0)
+ return;
+ OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
+ if (ctx->length - ctx->num > inl) {
+ memcpy(&(ctx->enc_data[ctx->num]), in, inl);
+ ctx->num += inl;
+ return;
+ }
+ if (ctx->num != 0) {
+ i = ctx->length - ctx->num;
+ memcpy(&(ctx->enc_data[ctx->num]), in, i);
+ in += i;
+ inl -= i;
+ j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
+ ctx->num = 0;
+ out += j;
+ *(out++) = '\n';
+ *out = '\0';
+ total = j + 1;
+ }
+ while (inl >= ctx->length && total <= INT_MAX) {
+ j = EVP_EncodeBlock(out, in, ctx->length);
+ in += ctx->length;
+ inl -= ctx->length;
+ out += j;
+ *(out++) = '\n';
+ *out = '\0';
+ total += j + 1;
+ }
+ if (total > INT_MAX) {
+ /* Too much output data! */
+ *outl = 0;
+ return;
+ }
+ if (inl != 0)
+ memcpy(&(ctx->enc_data[0]), in, inl);
+ ctx->num = inl;
+ *outl = total;
+}
+
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
+{
+ unsigned int ret = 0;
+
+ if (ctx->num != 0) {
+ ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
+ out[ret++] = '\n';
+ out[ret] = '\0';
+ ctx->num = 0;
+ }
+ *outl = ret;
+}
+
+int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
+{
+ int i, ret = 0;
+ unsigned long l;
+
+ for (i = dlen; i > 0; i -= 3) {
+ if (i >= 3) {
+ l = (((unsigned long)f[0]) << 16L) |
+ (((unsigned long)f[1]) << 8L) | f[2];
+ *(t++) = conv_bin2ascii(l >> 18L);
+ *(t++) = conv_bin2ascii(l >> 12L);
+ *(t++) = conv_bin2ascii(l >> 6L);
+ *(t++) = conv_bin2ascii(l);
+ } else {
+ l = ((unsigned long)f[0]) << 16L;
+ if (i == 2)
+ l |= ((unsigned long)f[1] << 8L);
+
+ *(t++) = conv_bin2ascii(l >> 18L);
+ *(t++) = conv_bin2ascii(l >> 12L);
+ *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
+ *(t++) = '=';
+ }
+ ret += 4;
+ f += 3;
+ }
+
+ *t = '\0';
+ return (ret);
+}
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
+{
+ /* Only ctx->num is used during decoding. */
+ ctx->num = 0;
+ ctx->length = 0;
+ ctx->line_num = 0;
+ ctx->expect_nl = 0;
+}
+
+/*-
+ * -1 for error
+ * 0 for last line
+ * 1 for full line
+ *
+ * Note: even though EVP_DecodeUpdate attempts to detect and report end of
+ * content, the context doesn't currently remember it and will accept more data
+ * in the next call. Therefore, the caller is responsible for checking and
+ * rejecting a 0 return value in the middle of content.
+ *
+ * Note: even though EVP_DecodeUpdate has historically tried to detect end of
+ * content based on line length, this has never worked properly. Therefore,
+ * we now return 0 when one of the following is true:
+ * - Padding or B64_EOF was detected and the last block is complete.
+ * - Input has zero-length.
+ * -1 is returned if:
+ * - Invalid characters are detected.
+ * - There is extra trailing padding, or data after padding.
+ * - B64_EOF is detected after an incomplete base64 block.
+ */
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl)
+{
+ int seof = 0, eof = 0, rv = -1, ret = 0, i, v, tmp, n, decoded_len;
+ unsigned char *d;
+
+ n = ctx->num;
+ d = ctx->enc_data;
+
+ if (n > 0 && d[n - 1] == '=') {
+ eof++;
+ if (n > 1 && d[n - 2] == '=')
+ eof++;
+ }
+
+ /* Legacy behaviour: an empty input chunk signals end of input. */
+ if (inl == 0) {
+ rv = 0;
+ goto end;
+ }
+
+ for (i = 0; i < inl; i++) {
+ tmp = *(in++);
+ v = conv_ascii2bin(tmp);
+ if (v == B64_ERROR) {
+ rv = -1;
+ goto end;
+ }
+
+ if (tmp == '=') {
+ eof++;
+ } else if (eof > 0 && B64_BASE64(v)) {
+ /* More data after padding. */
+ rv = -1;
+ goto end;
+ }
+
+ if (eof > 2) {
+ rv = -1;
+ goto end;
+ }
+
+ if (v == B64_EOF) {
+ seof = 1;
+ goto tail;
+ }
+
+ /* Only save valid base64 characters. */
+ if (B64_BASE64(v)) {
+ if (n >= 64) {
+ /*
+ * We increment n once per loop, and empty the buffer as soon as
+ * we reach 64 characters, so this can only happen if someone's
+ * manually messed with the ctx. Refuse to write any more data.
+ */
+ rv = -1;
+ goto end;
+ }
+ OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
+ d[n++] = tmp;
+ }
+
+ if (n == 64) {
+ decoded_len = EVP_DecodeBlock(out, d, n);
+ n = 0;
+ if (decoded_len < 0 || eof > decoded_len) {
+ rv = -1;
+ goto end;
+ }
+ ret += decoded_len - eof;
+ out += decoded_len - eof;
+ }
+ }
+
+ /*
+ * Legacy behaviour: if the current line is a full base64-block (i.e., has
+ * 0 mod 4 base64 characters), it is processed immediately. We keep this
+ * behaviour as applications may not be calling EVP_DecodeFinal properly.
+ */
+tail:
+ if (n > 0) {
+ if ((n & 3) == 0) {
+ decoded_len = EVP_DecodeBlock(out, d, n);
+ n = 0;
+ if (decoded_len < 0 || eof > decoded_len) {
+ rv = -1;
+ goto end;
+ }
+ ret += (decoded_len - eof);
+ } else if (seof) {
+ /* EOF in the middle of a base64 block. */
+ rv = -1;
+ goto end;
+ }
+ }
+
+ rv = seof || (n == 0 && eof) ? 0 : 1;
+end:
+ /* Legacy behaviour. This should probably rather be zeroed on error. */
+ *outl = ret;
+ ctx->num = n;
+ return (rv);
+}
+
+int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
+{
+ int i, ret = 0, a, b, c, d;
+ unsigned long l;
+
+ /* trim white space from the start of the line. */
+ while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
+ f++;
+ n--;
+ }
+
+ /*
+ * strip off stuff at the end of the line ascii2bin values B64_WS,
+ * B64_EOLN, B64_EOLN and B64_EOF
+ */
+ while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
+ n--;
+
+ if (n % 4 != 0)
+ return (-1);
+
+ for (i = 0; i < n; i += 4) {
+ a = conv_ascii2bin(*(f++));
+ b = conv_ascii2bin(*(f++));
+ c = conv_ascii2bin(*(f++));
+ d = conv_ascii2bin(*(f++));
+ if ((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80))
+ return (-1);
+ l = ((((unsigned long)a) << 18L) |
+ (((unsigned long)b) << 12L) |
+ (((unsigned long)c) << 6L) | (((unsigned long)d)));
+ *(t++) = (unsigned char)(l >> 16L) & 0xff;
+ *(t++) = (unsigned char)(l >> 8L) & 0xff;
+ *(t++) = (unsigned char)(l) & 0xff;
+ ret += 3;
+ }
+ return (ret);
+}
+
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
+{
+ int i;
+
+ *outl = 0;
+ if (ctx->num != 0) {
+ i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
+ if (i < 0)
+ return (-1);
+ ctx->num = 0;
+ *outl = i;
+ return (1);
+ } else
+ return (1);
+}
+
+#ifdef undef
+int EVP_DecodeValid(unsigned char *buf, int len)
+{
+ int i, num = 0, bad = 0;
+
+ if (len == 0)
+ return (-1);
+ while (conv_ascii2bin(*buf) == B64_WS) {
+ buf++;
+ len--;
+ if (len == 0)
+ return (-1);
+ }
+
+ for (i = len; i >= 4; i -= 4) {
+ if ((conv_ascii2bin(buf[0]) >= 0x40) ||
+ (conv_ascii2bin(buf[1]) >= 0x40) ||
+ (conv_ascii2bin(buf[2]) >= 0x40) ||
+ (conv_ascii2bin(buf[3]) >= 0x40))
+ return (-1);
+ buf += 4;
+ num += 1 + (buf[2] != '=') + (buf[3] != '=');
+ }
+ if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
+ return (num);
+ if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
+ (conv_ascii2bin(buf[0]) == B64_EOLN))
+ return (num);
+ return (1);
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/evp/evp_enc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,653 +0,0 @@
-/* crypto/evp/evp_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#include "evp_locl.h"
-
-#ifdef OPENSSL_FIPS
-# define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
-#else
-# define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
-#endif
-
-const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
-{
- memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
- /* ctx->cipher=NULL; */
-}
-
-EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
-{
- EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
- if (ctx)
- EVP_CIPHER_CTX_init(ctx);
- return ctx;
-}
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- const unsigned char *key, const unsigned char *iv, int enc)
-{
- if (cipher)
- EVP_CIPHER_CTX_init(ctx);
- return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
-}
-
-int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- ENGINE *impl, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- if (enc == -1)
- enc = ctx->encrypt;
- else {
- if (enc)
- enc = 1;
- ctx->encrypt = enc;
- }
-#ifndef OPENSSL_NO_ENGINE
- /*
- * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
- * this context may already have an ENGINE! Try to avoid releasing the
- * previous handle, re-querying for an ENGINE, and having a
- * reinitialisation, when it may all be unecessary.
- */
- if (ctx->engine && ctx->cipher && (!cipher ||
- (cipher
- && (cipher->nid ==
- ctx->cipher->nid))))
- goto skip_to_init;
-#endif
- if (cipher) {
- /*
- * Ensure a context left lying around from last time is cleared (the
- * previous check attempted to avoid this if the same ENGINE and
- * EVP_CIPHER could be used).
- */
- if (ctx->cipher) {
- unsigned long flags = ctx->flags;
- EVP_CIPHER_CTX_cleanup(ctx);
- /* Restore encrypt and flags */
- ctx->encrypt = enc;
- ctx->flags = flags;
- }
-#ifndef OPENSSL_NO_ENGINE
- if (impl) {
- if (!ENGINE_init(impl)) {
- EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
- return 0;
- }
- } else
- /* Ask if an ENGINE is reserved for this job */
- impl = ENGINE_get_cipher_engine(cipher->nid);
- if (impl) {
- /* There's an ENGINE for this job ... (apparently) */
- const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
- if (!c) {
- /*
- * One positive side-effect of US's export control history,
- * is that we should at least be able to avoid using US
- * mispellings of "initialisation"?
- */
- EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
- return 0;
- }
- /* We'll use the ENGINE's private cipher definition */
- cipher = c;
- /*
- * Store the ENGINE functional reference so we know 'cipher' came
- * from an ENGINE and we need to release it when done.
- */
- ctx->engine = impl;
- } else
- ctx->engine = NULL;
-#endif
-
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- return FIPS_cipherinit(ctx, cipher, key, iv, enc);
-#endif
- ctx->cipher = cipher;
- if (ctx->cipher->ctx_size) {
- ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
- if (!ctx->cipher_data) {
- EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- } else {
- ctx->cipher_data = NULL;
- }
- ctx->key_len = cipher->key_len;
- ctx->flags = 0;
- if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
- EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
- return 0;
- }
- }
- } else if (!ctx->cipher) {
- EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
- return 0;
- }
-#ifndef OPENSSL_NO_ENGINE
- skip_to_init:
-#endif
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- return FIPS_cipherinit(ctx, cipher, key, iv, enc);
-#endif
- /* we assume block size is a power of 2 in *cryptUpdate */
- OPENSSL_assert(ctx->cipher->block_size == 1
- || ctx->cipher->block_size == 8
- || ctx->cipher->block_size == 16);
-
- if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
- switch (EVP_CIPHER_CTX_mode(ctx)) {
-
- case EVP_CIPH_STREAM_CIPHER:
- case EVP_CIPH_ECB_MODE:
- break;
-
- case EVP_CIPH_CFB_MODE:
- case EVP_CIPH_OFB_MODE:
-
- ctx->num = 0;
- /* fall-through */
-
- case EVP_CIPH_CBC_MODE:
-
- OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
- (int)sizeof(ctx->iv));
- if (iv)
- memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
- break;
-
- case EVP_CIPH_CTR_MODE:
- ctx->num = 0;
- /* Don't reuse IV for CTR mode */
- if (iv)
- memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
- break;
-
- default:
- return 0;
- break;
- }
- }
-
- if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
- if (!ctx->cipher->init(ctx, key, iv, enc))
- return 0;
- }
- ctx->buf_len = 0;
- ctx->final_used = 0;
- ctx->block_mask = ctx->cipher->block_size - 1;
- return 1;
-}
-
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl)
-{
- if (ctx->encrypt)
- return EVP_EncryptUpdate(ctx, out, outl, in, inl);
- else
- return EVP_DecryptUpdate(ctx, out, outl, in, inl);
-}
-
-int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
- if (ctx->encrypt)
- return EVP_EncryptFinal_ex(ctx, out, outl);
- else
- return EVP_DecryptFinal_ex(ctx, out, outl);
-}
-
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
- if (ctx->encrypt)
- return EVP_EncryptFinal(ctx, out, outl);
- else
- return EVP_DecryptFinal(ctx, out, outl);
-}
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- const unsigned char *key, const unsigned char *iv)
-{
- return EVP_CipherInit(ctx, cipher, key, iv, 1);
-}
-
-int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- ENGINE *impl, const unsigned char *key,
- const unsigned char *iv)
-{
- return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
-}
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- const unsigned char *key, const unsigned char *iv)
-{
- return EVP_CipherInit(ctx, cipher, key, iv, 0);
-}
-
-int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- ENGINE *impl, const unsigned char *key,
- const unsigned char *iv)
-{
- return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
-}
-
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl)
-{
- int i, j, bl;
-
- if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
- i = M_do_cipher(ctx, out, in, inl);
- if (i < 0)
- return 0;
- else
- *outl = i;
- return 1;
- }
-
- if (inl <= 0) {
- *outl = 0;
- return inl == 0;
- }
-
- if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) {
- if (M_do_cipher(ctx, out, in, inl)) {
- *outl = inl;
- return 1;
- } else {
- *outl = 0;
- return 0;
- }
- }
- i = ctx->buf_len;
- bl = ctx->cipher->block_size;
- OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
- if (i != 0) {
- if (i + inl < bl) {
- memcpy(&(ctx->buf[i]), in, inl);
- ctx->buf_len += inl;
- *outl = 0;
- return 1;
- } else {
- j = bl - i;
- memcpy(&(ctx->buf[i]), in, j);
- if (!M_do_cipher(ctx, out, ctx->buf, bl))
- return 0;
- inl -= j;
- in += j;
- out += bl;
- *outl = bl;
- }
- } else
- *outl = 0;
- i = inl & (bl - 1);
- inl -= i;
- if (inl > 0) {
- if (!M_do_cipher(ctx, out, in, inl))
- return 0;
- *outl += inl;
- }
-
- if (i != 0)
- memcpy(ctx->buf, &(in[inl]), i);
- ctx->buf_len = i;
- return 1;
-}
-
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
- int ret;
- ret = EVP_EncryptFinal_ex(ctx, out, outl);
- return ret;
-}
-
-int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
- int n, ret;
- unsigned int i, b, bl;
-
- if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
- ret = M_do_cipher(ctx, out, NULL, 0);
- if (ret < 0)
- return 0;
- else
- *outl = ret;
- return 1;
- }
-
- b = ctx->cipher->block_size;
- OPENSSL_assert(b <= sizeof ctx->buf);
- if (b == 1) {
- *outl = 0;
- return 1;
- }
- bl = ctx->buf_len;
- if (ctx->flags & EVP_CIPH_NO_PADDING) {
- if (bl) {
- EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
- EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
- return 0;
- }
- *outl = 0;
- return 1;
- }
-
- n = b - bl;
- for (i = bl; i < b; i++)
- ctx->buf[i] = n;
- ret = M_do_cipher(ctx, out, ctx->buf, b);
-
- if (ret)
- *outl = b;
-
- return ret;
-}
-
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl)
-{
- int fix_len;
- unsigned int b;
-
- if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
- fix_len = M_do_cipher(ctx, out, in, inl);
- if (fix_len < 0) {
- *outl = 0;
- return 0;
- } else
- *outl = fix_len;
- return 1;
- }
-
- if (inl <= 0) {
- *outl = 0;
- return inl == 0;
- }
-
- if (ctx->flags & EVP_CIPH_NO_PADDING)
- return EVP_EncryptUpdate(ctx, out, outl, in, inl);
-
- b = ctx->cipher->block_size;
- OPENSSL_assert(b <= sizeof ctx->final);
-
- if (ctx->final_used) {
- memcpy(out, ctx->final, b);
- out += b;
- fix_len = 1;
- } else
- fix_len = 0;
-
- if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
- return 0;
-
- /*
- * if we have 'decrypted' a multiple of block size, make sure we have a
- * copy of this last block
- */
- if (b > 1 && !ctx->buf_len) {
- *outl -= b;
- ctx->final_used = 1;
- memcpy(ctx->final, &out[*outl], b);
- } else
- ctx->final_used = 0;
-
- if (fix_len)
- *outl += b;
-
- return 1;
-}
-
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
- int ret;
- ret = EVP_DecryptFinal_ex(ctx, out, outl);
- return ret;
-}
-
-int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
- int i, n;
- unsigned int b;
- *outl = 0;
-
- if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
- i = M_do_cipher(ctx, out, NULL, 0);
- if (i < 0)
- return 0;
- else
- *outl = i;
- return 1;
- }
-
- b = ctx->cipher->block_size;
- if (ctx->flags & EVP_CIPH_NO_PADDING) {
- if (ctx->buf_len) {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
- EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
- return 0;
- }
- *outl = 0;
- return 1;
- }
- if (b > 1) {
- if (ctx->buf_len || !ctx->final_used) {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
- return (0);
- }
- OPENSSL_assert(b <= sizeof ctx->final);
-
- /*
- * The following assumes that the ciphertext has been authenticated.
- * Otherwise it provides a padding oracle.
- */
- n = ctx->final[b - 1];
- if (n == 0 || n > (int)b) {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
- return (0);
- }
- for (i = 0; i < n; i++) {
- if (ctx->final[--b] != n) {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
- return (0);
- }
- }
- n = ctx->cipher->block_size - n;
- for (i = 0; i < n; i++)
- out[i] = ctx->final[i];
- *outl = n;
- } else
- *outl = 0;
- return (1);
-}
-
-void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
-{
- if (ctx) {
- EVP_CIPHER_CTX_cleanup(ctx);
- OPENSSL_free(ctx);
- }
-}
-
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
-{
-#ifndef OPENSSL_FIPS
- if (c->cipher != NULL) {
- if (c->cipher->cleanup && !c->cipher->cleanup(c))
- return 0;
- /* Cleanse cipher context data */
- if (c->cipher_data)
- OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
- }
- if (c->cipher_data)
- OPENSSL_free(c->cipher_data);
-#endif
-#ifndef OPENSSL_NO_ENGINE
- if (c->engine)
- /*
- * The EVP_CIPHER we used belongs to an ENGINE, release the
- * functional reference we held for this reason.
- */
- ENGINE_finish(c->engine);
-#endif
-#ifdef OPENSSL_FIPS
- FIPS_cipher_ctx_cleanup(c);
-#endif
- memset(c, 0, sizeof(EVP_CIPHER_CTX));
- return 1;
-}
-
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
-{
- if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
- return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
- if (c->key_len == keylen)
- return 1;
- if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
- c->key_len = keylen;
- return 1;
- }
- EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
- return 0;
-}
-
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
-{
- if (pad)
- ctx->flags &= ~EVP_CIPH_NO_PADDING;
- else
- ctx->flags |= EVP_CIPH_NO_PADDING;
- return 1;
-}
-
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
- int ret;
- if (!ctx->cipher) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
- return 0;
- }
-
- if (!ctx->cipher->ctrl) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
- return 0;
- }
-
- ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
- if (ret == -1) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
- EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
- return 0;
- }
- return ret;
-}
-
-int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
-{
- if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
- return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
- if (RAND_bytes(key, ctx->key_len) <= 0)
- return 0;
- return 1;
-}
-
-int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
-{
- if ((in == NULL) || (in->cipher == NULL)) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
- return 0;
- }
-#ifndef OPENSSL_NO_ENGINE
- /* Make sure it's safe to copy a cipher context using an ENGINE */
- if (in->engine && !ENGINE_init(in->engine)) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
- return 0;
- }
-#endif
-
- EVP_CIPHER_CTX_cleanup(out);
- memcpy(out, in, sizeof *out);
-
- if (in->cipher_data && in->cipher->ctx_size) {
- out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
- if (!out->cipher_data) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
- }
-
- if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
- return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/evp/evp_enc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/evp/evp_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,653 @@
+/* crypto/evp/evp_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#include "evp_locl.h"
+
+#ifdef OPENSSL_FIPS
+# define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
+#else
+# define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
+#endif
+
+const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
+
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
+{
+ memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
+ /* ctx->cipher=NULL; */
+}
+
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
+{
+ EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+ if (ctx)
+ EVP_CIPHER_CTX_init(ctx);
+ return ctx;
+}
+
+int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv, int enc)
+{
+ if (cipher)
+ EVP_CIPHER_CTX_init(ctx);
+ return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
+}
+
+int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ ENGINE *impl, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ if (enc == -1)
+ enc = ctx->encrypt;
+ else {
+ if (enc)
+ enc = 1;
+ ctx->encrypt = enc;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ /*
+ * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
+ * this context may already have an ENGINE! Try to avoid releasing the
+ * previous handle, re-querying for an ENGINE, and having a
+ * reinitialisation, when it may all be unecessary.
+ */
+ if (ctx->engine && ctx->cipher && (!cipher ||
+ (cipher
+ && (cipher->nid ==
+ ctx->cipher->nid))))
+ goto skip_to_init;
+#endif
+ if (cipher) {
+ /*
+ * Ensure a context left lying around from last time is cleared (the
+ * previous check attempted to avoid this if the same ENGINE and
+ * EVP_CIPHER could be used).
+ */
+ if (ctx->cipher) {
+ unsigned long flags = ctx->flags;
+ EVP_CIPHER_CTX_cleanup(ctx);
+ /* Restore encrypt and flags */
+ ctx->encrypt = enc;
+ ctx->flags = flags;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ if (impl) {
+ if (!ENGINE_init(impl)) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ } else
+ /* Ask if an ENGINE is reserved for this job */
+ impl = ENGINE_get_cipher_engine(cipher->nid);
+ if (impl) {
+ /* There's an ENGINE for this job ... (apparently) */
+ const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
+ if (!c) {
+ /*
+ * One positive side-effect of US's export control history,
+ * is that we should at least be able to avoid using US
+ * mispellings of "initialisation"?
+ */
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ /* We'll use the ENGINE's private cipher definition */
+ cipher = c;
+ /*
+ * Store the ENGINE functional reference so we know 'cipher' came
+ * from an ENGINE and we need to release it when done.
+ */
+ ctx->engine = impl;
+ } else
+ ctx->engine = NULL;
+#endif
+
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
+ ctx->cipher = cipher;
+ if (ctx->cipher->ctx_size) {
+ ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
+ if (!ctx->cipher_data) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ } else {
+ ctx->cipher_data = NULL;
+ }
+ ctx->key_len = cipher->key_len;
+ ctx->flags = 0;
+ if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ }
+ } else if (!ctx->cipher) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ skip_to_init:
+#endif
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
+ /* we assume block size is a power of 2 in *cryptUpdate */
+ OPENSSL_assert(ctx->cipher->block_size == 1
+ || ctx->cipher->block_size == 8
+ || ctx->cipher->block_size == 16);
+
+ if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
+ switch (EVP_CIPHER_CTX_mode(ctx)) {
+
+ case EVP_CIPH_STREAM_CIPHER:
+ case EVP_CIPH_ECB_MODE:
+ break;
+
+ case EVP_CIPH_CFB_MODE:
+ case EVP_CIPH_OFB_MODE:
+
+ ctx->num = 0;
+ /* fall-through */
+
+ case EVP_CIPH_CBC_MODE:
+
+ OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
+ (int)sizeof(ctx->iv));
+ if (iv)
+ memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ break;
+
+ case EVP_CIPH_CTR_MODE:
+ ctx->num = 0;
+ /* Don't reuse IV for CTR mode */
+ if (iv)
+ memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ break;
+
+ default:
+ return 0;
+ break;
+ }
+ }
+
+ if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
+ if (!ctx->cipher->init(ctx, key, iv, enc))
+ return 0;
+ }
+ ctx->buf_len = 0;
+ ctx->final_used = 0;
+ ctx->block_mask = ctx->cipher->block_size - 1;
+ return 1;
+}
+
+int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl)
+{
+ if (ctx->encrypt)
+ return EVP_EncryptUpdate(ctx, out, outl, in, inl);
+ else
+ return EVP_DecryptUpdate(ctx, out, outl, in, inl);
+}
+
+int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+ if (ctx->encrypt)
+ return EVP_EncryptFinal_ex(ctx, out, outl);
+ else
+ return EVP_DecryptFinal_ex(ctx, out, outl);
+}
+
+int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+ if (ctx->encrypt)
+ return EVP_EncryptFinal(ctx, out, outl);
+ else
+ return EVP_DecryptFinal(ctx, out, outl);
+}
+
+int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv)
+{
+ return EVP_CipherInit(ctx, cipher, key, iv, 1);
+}
+
+int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ ENGINE *impl, const unsigned char *key,
+ const unsigned char *iv)
+{
+ return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
+}
+
+int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv)
+{
+ return EVP_CipherInit(ctx, cipher, key, iv, 0);
+}
+
+int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ ENGINE *impl, const unsigned char *key,
+ const unsigned char *iv)
+{
+ return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
+}
+
+int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl)
+{
+ int i, j, bl;
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ i = M_do_cipher(ctx, out, in, inl);
+ if (i < 0)
+ return 0;
+ else
+ *outl = i;
+ return 1;
+ }
+
+ if (inl <= 0) {
+ *outl = 0;
+ return inl == 0;
+ }
+
+ if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) {
+ if (M_do_cipher(ctx, out, in, inl)) {
+ *outl = inl;
+ return 1;
+ } else {
+ *outl = 0;
+ return 0;
+ }
+ }
+ i = ctx->buf_len;
+ bl = ctx->cipher->block_size;
+ OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
+ if (i != 0) {
+ if (bl - i > inl) {
+ memcpy(&(ctx->buf[i]), in, inl);
+ ctx->buf_len += inl;
+ *outl = 0;
+ return 1;
+ } else {
+ j = bl - i;
+ memcpy(&(ctx->buf[i]), in, j);
+ if (!M_do_cipher(ctx, out, ctx->buf, bl))
+ return 0;
+ inl -= j;
+ in += j;
+ out += bl;
+ *outl = bl;
+ }
+ } else
+ *outl = 0;
+ i = inl & (bl - 1);
+ inl -= i;
+ if (inl > 0) {
+ if (!M_do_cipher(ctx, out, in, inl))
+ return 0;
+ *outl += inl;
+ }
+
+ if (i != 0)
+ memcpy(ctx->buf, &(in[inl]), i);
+ ctx->buf_len = i;
+ return 1;
+}
+
+int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+ int ret;
+ ret = EVP_EncryptFinal_ex(ctx, out, outl);
+ return ret;
+}
+
+int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+ int n, ret;
+ unsigned int i, b, bl;
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ ret = M_do_cipher(ctx, out, NULL, 0);
+ if (ret < 0)
+ return 0;
+ else
+ *outl = ret;
+ return 1;
+ }
+
+ b = ctx->cipher->block_size;
+ OPENSSL_assert(b <= sizeof ctx->buf);
+ if (b == 1) {
+ *outl = 0;
+ return 1;
+ }
+ bl = ctx->buf_len;
+ if (ctx->flags & EVP_CIPH_NO_PADDING) {
+ if (bl) {
+ EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
+ EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+ return 0;
+ }
+ *outl = 0;
+ return 1;
+ }
+
+ n = b - bl;
+ for (i = bl; i < b; i++)
+ ctx->buf[i] = n;
+ ret = M_do_cipher(ctx, out, ctx->buf, b);
+
+ if (ret)
+ *outl = b;
+
+ return ret;
+}
+
+int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl)
+{
+ int fix_len;
+ unsigned int b;
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ fix_len = M_do_cipher(ctx, out, in, inl);
+ if (fix_len < 0) {
+ *outl = 0;
+ return 0;
+ } else
+ *outl = fix_len;
+ return 1;
+ }
+
+ if (inl <= 0) {
+ *outl = 0;
+ return inl == 0;
+ }
+
+ if (ctx->flags & EVP_CIPH_NO_PADDING)
+ return EVP_EncryptUpdate(ctx, out, outl, in, inl);
+
+ b = ctx->cipher->block_size;
+ OPENSSL_assert(b <= sizeof ctx->final);
+
+ if (ctx->final_used) {
+ memcpy(out, ctx->final, b);
+ out += b;
+ fix_len = 1;
+ } else
+ fix_len = 0;
+
+ if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
+ return 0;
+
+ /*
+ * if we have 'decrypted' a multiple of block size, make sure we have a
+ * copy of this last block
+ */
+ if (b > 1 && !ctx->buf_len) {
+ *outl -= b;
+ ctx->final_used = 1;
+ memcpy(ctx->final, &out[*outl], b);
+ } else
+ ctx->final_used = 0;
+
+ if (fix_len)
+ *outl += b;
+
+ return 1;
+}
+
+int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+ int ret;
+ ret = EVP_DecryptFinal_ex(ctx, out, outl);
+ return ret;
+}
+
+int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+ int i, n;
+ unsigned int b;
+ *outl = 0;
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ i = M_do_cipher(ctx, out, NULL, 0);
+ if (i < 0)
+ return 0;
+ else
+ *outl = i;
+ return 1;
+ }
+
+ b = ctx->cipher->block_size;
+ if (ctx->flags & EVP_CIPH_NO_PADDING) {
+ if (ctx->buf_len) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
+ EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+ return 0;
+ }
+ *outl = 0;
+ return 1;
+ }
+ if (b > 1) {
+ if (ctx->buf_len || !ctx->final_used) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+ return (0);
+ }
+ OPENSSL_assert(b <= sizeof ctx->final);
+
+ /*
+ * The following assumes that the ciphertext has been authenticated.
+ * Otherwise it provides a padding oracle.
+ */
+ n = ctx->final[b - 1];
+ if (n == 0 || n > (int)b) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+ return (0);
+ }
+ for (i = 0; i < n; i++) {
+ if (ctx->final[--b] != n) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+ return (0);
+ }
+ }
+ n = ctx->cipher->block_size - n;
+ for (i = 0; i < n; i++)
+ out[i] = ctx->final[i];
+ *outl = n;
+ } else
+ *outl = 0;
+ return (1);
+}
+
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+{
+ if (ctx) {
+ EVP_CIPHER_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
+}
+
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
+{
+#ifndef OPENSSL_FIPS
+ if (c->cipher != NULL) {
+ if (c->cipher->cleanup && !c->cipher->cleanup(c))
+ return 0;
+ /* Cleanse cipher context data */
+ if (c->cipher_data)
+ OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
+ }
+ if (c->cipher_data)
+ OPENSSL_free(c->cipher_data);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+ if (c->engine)
+ /*
+ * The EVP_CIPHER we used belongs to an ENGINE, release the
+ * functional reference we held for this reason.
+ */
+ ENGINE_finish(c->engine);
+#endif
+#ifdef OPENSSL_FIPS
+ FIPS_cipher_ctx_cleanup(c);
+#endif
+ memset(c, 0, sizeof(EVP_CIPHER_CTX));
+ return 1;
+}
+
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
+{
+ if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
+ return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
+ if (c->key_len == keylen)
+ return 1;
+ if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
+ c->key_len = keylen;
+ return 1;
+ }
+ EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
+ return 0;
+}
+
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
+{
+ if (pad)
+ ctx->flags &= ~EVP_CIPH_NO_PADDING;
+ else
+ ctx->flags |= EVP_CIPH_NO_PADDING;
+ return 1;
+}
+
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+{
+ int ret;
+ if (!ctx->cipher) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
+
+ if (!ctx->cipher->ctrl) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
+ return 0;
+ }
+
+ ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
+ if (ret == -1) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
+ EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
+ return 0;
+ }
+ return ret;
+}
+
+int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
+{
+ if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
+ return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
+ if (RAND_bytes(key, ctx->key_len) <= 0)
+ return 0;
+ return 1;
+}
+
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
+{
+ if ((in == NULL) || (in->cipher == NULL)) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
+ return 0;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ /* Make sure it's safe to copy a cipher context using an ENGINE */
+ if (in->engine && !ENGINE_init(in->engine)) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
+ return 0;
+ }
+#endif
+
+ EVP_CIPHER_CTX_cleanup(out);
+ memcpy(out, in, sizeof *out);
+
+ if (in->cipher_data && in->cipher->ctx_size) {
+ out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
+ if (!out->cipher_data) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
+ }
+
+ if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
+ return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/md2/md2_dgst.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,224 +0,0 @@
-/* crypto/md2/md2_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/md2.h>
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-const char MD2_version[] = "MD2" OPENSSL_VERSION_PTEXT;
-
-/*
- * Implemented from RFC1319 The MD2 Message-Digest Algorithm
- */
-
-#define UCHAR unsigned char
-
-static void md2_block(MD2_CTX *c, const unsigned char *d);
-/*
- * The magic S table - I have converted it to hex since it is basically just
- * a random byte string.
- */
-static const MD2_INT S[256] = {
- 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
- 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
- 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
- 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
- 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
- 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
- 0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
- 0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
- 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
- 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
- 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
- 0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
- 0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
- 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
- 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
- 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
- 0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
- 0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
- 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
- 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
- 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
- 0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
- 0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
- 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
- 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
- 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
- 0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
- 0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
- 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
- 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
- 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
- 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
-};
-
-const char *MD2_options(void)
-{
- if (sizeof(MD2_INT) == 1)
- return ("md2(char)");
- else
- return ("md2(int)");
-}
-
-fips_md_init(MD2)
-{
- c->num = 0;
- memset(c->state, 0, sizeof c->state);
- memset(c->cksm, 0, sizeof c->cksm);
- memset(c->data, 0, sizeof c->data);
- return 1;
-}
-
-int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len)
-{
- register UCHAR *p;
-
- if (len == 0)
- return 1;
-
- p = c->data;
- if (c->num != 0) {
- if ((c->num + len) >= MD2_BLOCK) {
- memcpy(&(p[c->num]), data, MD2_BLOCK - c->num);
- md2_block(c, c->data);
- data += (MD2_BLOCK - c->num);
- len -= (MD2_BLOCK - c->num);
- c->num = 0;
- /* drop through and do the rest */
- } else {
- memcpy(&(p[c->num]), data, len);
- /* data+=len; */
- c->num += (int)len;
- return 1;
- }
- }
- /*
- * we now can process the input data in blocks of MD2_BLOCK chars and
- * save the leftovers to c->data.
- */
- while (len >= MD2_BLOCK) {
- md2_block(c, data);
- data += MD2_BLOCK;
- len -= MD2_BLOCK;
- }
- memcpy(p, data, len);
- c->num = (int)len;
- return 1;
-}
-
-static void md2_block(MD2_CTX *c, const unsigned char *d)
-{
- register MD2_INT t, *sp1, *sp2;
- register int i, j;
- MD2_INT state[48];
-
- sp1 = c->state;
- sp2 = c->cksm;
- j = sp2[MD2_BLOCK - 1];
- for (i = 0; i < 16; i++) {
- state[i] = sp1[i];
- state[i + 16] = t = d[i];
- state[i + 32] = (t ^ sp1[i]);
- j = sp2[i] ^= S[t ^ j];
- }
- t = 0;
- for (i = 0; i < 18; i++) {
- for (j = 0; j < 48; j += 8) {
- t = state[j + 0] ^= S[t];
- t = state[j + 1] ^= S[t];
- t = state[j + 2] ^= S[t];
- t = state[j + 3] ^= S[t];
- t = state[j + 4] ^= S[t];
- t = state[j + 5] ^= S[t];
- t = state[j + 6] ^= S[t];
- t = state[j + 7] ^= S[t];
- }
- t = (t + i) & 0xff;
- }
- memcpy(sp1, state, 16 * sizeof(MD2_INT));
- OPENSSL_cleanse(state, 48 * sizeof(MD2_INT));
-}
-
-int MD2_Final(unsigned char *md, MD2_CTX *c)
-{
- int i, v;
- register UCHAR *cp;
- register MD2_INT *p1, *p2;
-
- cp = c->data;
- p1 = c->state;
- p2 = c->cksm;
- v = MD2_BLOCK - c->num;
- for (i = c->num; i < MD2_BLOCK; i++)
- cp[i] = (UCHAR) v;
-
- md2_block(c, cp);
-
- for (i = 0; i < MD2_BLOCK; i++)
- cp[i] = (UCHAR) p2[i];
- md2_block(c, cp);
-
- for (i = 0; i < 16; i++)
- md[i] = (UCHAR) (p1[i] & 0xff);
- memset((char *)&c, 0, sizeof(c));
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c (from rev 11605, vendor-crypto/openssl/dist/crypto/md2/md2_dgst.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/md2/md2_dgst.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,224 @@
+/* crypto/md2/md2_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/md2.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+
+const char MD2_version[] = "MD2" OPENSSL_VERSION_PTEXT;
+
+/*
+ * Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR unsigned char
+
+static void md2_block(MD2_CTX *c, const unsigned char *d);
+/*
+ * The magic S table - I have converted it to hex since it is basically just
+ * a random byte string.
+ */
+static const MD2_INT S[256] = {
+ 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+ 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+ 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+ 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+ 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+ 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+ 0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+ 0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+ 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+ 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+ 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+ 0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+ 0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+ 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+ 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+ 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+ 0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+ 0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+ 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+ 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+ 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+ 0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+ 0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+ 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+ 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+ 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+ 0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+ 0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+ 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+ 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+ 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+ 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+};
+
+const char *MD2_options(void)
+{
+ if (sizeof(MD2_INT) == 1)
+ return ("md2(char)");
+ else
+ return ("md2(int)");
+}
+
+fips_md_init(MD2)
+{
+ c->num = 0;
+ memset(c->state, 0, sizeof c->state);
+ memset(c->cksm, 0, sizeof c->cksm);
+ memset(c->data, 0, sizeof c->data);
+ return 1;
+}
+
+int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len)
+{
+ register UCHAR *p;
+
+ if (len == 0)
+ return 1;
+
+ p = c->data;
+ if (c->num != 0) {
+ if ((c->num + len) >= MD2_BLOCK) {
+ memcpy(&(p[c->num]), data, MD2_BLOCK - c->num);
+ md2_block(c, c->data);
+ data += (MD2_BLOCK - c->num);
+ len -= (MD2_BLOCK - c->num);
+ c->num = 0;
+ /* drop through and do the rest */
+ } else {
+ memcpy(&(p[c->num]), data, len);
+ /* data+=len; */
+ c->num += (int)len;
+ return 1;
+ }
+ }
+ /*
+ * we now can process the input data in blocks of MD2_BLOCK chars and
+ * save the leftovers to c->data.
+ */
+ while (len >= MD2_BLOCK) {
+ md2_block(c, data);
+ data += MD2_BLOCK;
+ len -= MD2_BLOCK;
+ }
+ memcpy(p, data, len);
+ c->num = (int)len;
+ return 1;
+}
+
+static void md2_block(MD2_CTX *c, const unsigned char *d)
+{
+ register MD2_INT t, *sp1, *sp2;
+ register int i, j;
+ MD2_INT state[48];
+
+ sp1 = c->state;
+ sp2 = c->cksm;
+ j = sp2[MD2_BLOCK - 1];
+ for (i = 0; i < 16; i++) {
+ state[i] = sp1[i];
+ state[i + 16] = t = d[i];
+ state[i + 32] = (t ^ sp1[i]);
+ j = sp2[i] ^= S[t ^ j];
+ }
+ t = 0;
+ for (i = 0; i < 18; i++) {
+ for (j = 0; j < 48; j += 8) {
+ t = state[j + 0] ^= S[t];
+ t = state[j + 1] ^= S[t];
+ t = state[j + 2] ^= S[t];
+ t = state[j + 3] ^= S[t];
+ t = state[j + 4] ^= S[t];
+ t = state[j + 5] ^= S[t];
+ t = state[j + 6] ^= S[t];
+ t = state[j + 7] ^= S[t];
+ }
+ t = (t + i) & 0xff;
+ }
+ memcpy(sp1, state, 16 * sizeof(MD2_INT));
+ OPENSSL_cleanse(state, 48 * sizeof(MD2_INT));
+}
+
+int MD2_Final(unsigned char *md, MD2_CTX *c)
+{
+ int i, v;
+ register UCHAR *cp;
+ register MD2_INT *p1, *p2;
+
+ cp = c->data;
+ p1 = c->state;
+ p2 = c->cksm;
+ v = MD2_BLOCK - c->num;
+ for (i = c->num; i < MD2_BLOCK; i++)
+ cp[i] = (UCHAR) v;
+
+ md2_block(c, cp);
+
+ for (i = 0; i < MD2_BLOCK; i++)
+ cp[i] = (UCHAR) p2[i];
+ md2_block(c, cp);
+
+ for (i = 0; i < 16; i++)
+ md[i] = (UCHAR) (p1[i] & 0xff);
+ OPENSSL_cleanse(c, sizeof(*c));
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/md32_common.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/md32_common.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/md32_common.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,410 +0,0 @@
-/* crypto/md32_common.h */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-/*-
- * This is a generic 32 bit "collector" for message digest algorithms.
- * Whenever needed it collects input character stream into chunks of
- * 32 bit values and invokes a block function that performs actual hash
- * calculations.
- *
- * Porting guide.
- *
- * Obligatory macros:
- *
- * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
- * this macro defines byte order of input stream.
- * HASH_CBLOCK
- * size of a unit chunk HASH_BLOCK operates on.
- * HASH_LONG
- * has to be at lest 32 bit wide, if it's wider, then
- * HASH_LONG_LOG2 *has to* be defined along
- * HASH_CTX
- * context structure that at least contains following
- * members:
- * typedef struct {
- * ...
- * HASH_LONG Nl,Nh;
- * either {
- * HASH_LONG data[HASH_LBLOCK];
- * unsigned char data[HASH_CBLOCK];
- * };
- * unsigned int num;
- * ...
- * } HASH_CTX;
- * data[] vector is expected to be zeroed upon first call to
- * HASH_UPDATE.
- * HASH_UPDATE
- * name of "Update" function, implemented here.
- * HASH_TRANSFORM
- * name of "Transform" function, implemented here.
- * HASH_FINAL
- * name of "Final" function, implemented here.
- * HASH_BLOCK_DATA_ORDER
- * name of "block" function capable of treating *unaligned* input
- * message in original (data) byte order, implemented externally.
- * HASH_MAKE_STRING
- * macro convering context variables to an ASCII hash string.
- *
- * MD5 example:
- *
- * #define DATA_ORDER_IS_LITTLE_ENDIAN
- *
- * #define HASH_LONG MD5_LONG
- * #define HASH_LONG_LOG2 MD5_LONG_LOG2
- * #define HASH_CTX MD5_CTX
- * #define HASH_CBLOCK MD5_CBLOCK
- * #define HASH_UPDATE MD5_Update
- * #define HASH_TRANSFORM MD5_Transform
- * #define HASH_FINAL MD5_Final
- * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
- *
- * <appro at fy.chalmers.se>
- */
-
-#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-# error "DATA_ORDER must be defined!"
-#endif
-
-#ifndef HASH_CBLOCK
-# error "HASH_CBLOCK must be defined!"
-#endif
-#ifndef HASH_LONG
-# error "HASH_LONG must be defined!"
-#endif
-#ifndef HASH_CTX
-# error "HASH_CTX must be defined!"
-#endif
-
-#ifndef HASH_UPDATE
-# error "HASH_UPDATE must be defined!"
-#endif
-#ifndef HASH_TRANSFORM
-# error "HASH_TRANSFORM must be defined!"
-#endif
-#ifndef HASH_FINAL
-# error "HASH_FINAL must be defined!"
-#endif
-
-#ifndef HASH_BLOCK_DATA_ORDER
-# error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-
-/*
- * Engage compiler specific rotate intrinsic function if available.
- */
-#undef ROTATE
-#ifndef PEDANTIC
-# if defined(_MSC_VER)
-# define ROTATE(a,n) _lrotl(a,n)
-# elif defined(__ICC)
-# define ROTATE(a,n) _rotl(a,n)
-# elif defined(__MWERKS__)
-# if defined(__POWERPC__)
-# define ROTATE(a,n) __rlwinm(a,n,0,31)
-# elif defined(__MC68K__)
- /* Motorola specific tweak. <appro at fy.chalmers.se> */
-# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) )
-# else
-# define ROTATE(a,n) __rol(a,n)
-# endif
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
- /*
- * Some GNU C inline assembler templates. Note that these are
- * rotates by *constant* number of bits! But that's exactly
- * what we need here...
- * <appro at fy.chalmers.se>
- */
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-# define ROTATE(a,n) ({ register unsigned int ret; \
- asm ( \
- "roll %1,%0" \
- : "=r"(ret) \
- : "I"(n), "0"((unsigned int)(a)) \
- : "cc"); \
- ret; \
- })
-# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
- defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
-# define ROTATE(a,n) ({ register unsigned int ret; \
- asm ( \
- "rlwinm %0,%1,%2,0,31" \
- : "=r"(ret) \
- : "r"(a), "I"(n)); \
- ret; \
- })
-# elif defined(__s390x__)
-# define ROTATE(a,n) ({ register unsigned int ret; \
- asm ("rll %0,%1,%2" \
- : "=r"(ret) \
- : "r"(a), "I"(n)); \
- ret; \
- })
-# endif
-# endif
-#endif /* PEDANTIC */
-
-#ifndef ROTATE
-# define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
-#endif
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
-
-# ifndef PEDANTIC
-# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
- (defined(__x86_64) || defined(__x86_64__))
-# if !defined(B_ENDIAN)
- /*
- * This gives ~30-40% performance improvement in SHA-256 compiled
- * with gcc [on P4]. Well, first macro to be frank. We can pull
- * this trick on x86* platforms only, because these CPUs can fetch
- * unaligned data without raising an exception.
- */
-# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \
- asm ("bswapl %0":"=r"(r):"0"(r)); \
- (c)+=4; (l)=r; })
-# define HOST_l2c(l,c) ({ unsigned int r=(l); \
- asm ("bswapl %0":"=r"(r):"0"(r)); \
- *((unsigned int *)(c))=r; (c)+=4; r; })
-# endif
-# endif
-# endif
-# endif
-# if defined(__s390__) || defined(__s390x__)
-# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
-# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
-# endif
-
-# ifndef HOST_c2l
-# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++))) ) )
-# endif
-# ifndef HOST_l2c
-# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff), \
- l)
-# endif
-
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-
-# ifndef PEDANTIC
-# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__s390x__)
-# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \
- :"=d"(l) :"m"(*(const unsigned int *)(c)));\
- (c)+=4; (l); })
-# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \
- :"=m"(*(unsigned int *)(c)) :"d"(l));\
- (c)+=4; (l); })
-# endif
-# endif
-# endif
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-# ifndef B_ENDIAN
- /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
-# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
-# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l)
-# endif
-# endif
-
-# ifndef HOST_c2l
-# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24) )
-# endif
-# ifndef HOST_l2c
-# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff), \
- l)
-# endif
-
-#endif
-
-/*
- * Time for some action:-)
- */
-
-int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
-{
- const unsigned char *data = data_;
- unsigned char *p;
- HASH_LONG l;
- size_t n;
-
- if (len == 0)
- return 1;
-
- l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
- /*
- * 95-05-24 eay Fixed a bug with the overflow handling, thanks to Wei Dai
- * <weidai at eskimo.com> for pointing it out.
- */
- if (l < c->Nl) /* overflow */
- c->Nh++;
- c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
- * 16-bit */
- c->Nl = l;
-
- n = c->num;
- if (n != 0) {
- p = (unsigned char *)c->data;
-
- if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
- memcpy(p + n, data, HASH_CBLOCK - n);
- HASH_BLOCK_DATA_ORDER(c, p, 1);
- n = HASH_CBLOCK - n;
- data += n;
- len -= n;
- c->num = 0;
- memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
- } else {
- memcpy(p + n, data, len);
- c->num += (unsigned int)len;
- return 1;
- }
- }
-
- n = len / HASH_CBLOCK;
- if (n > 0) {
- HASH_BLOCK_DATA_ORDER(c, data, n);
- n *= HASH_CBLOCK;
- data += n;
- len -= n;
- }
-
- if (len != 0) {
- p = (unsigned char *)c->data;
- c->num = (unsigned int)len;
- memcpy(p, data, len);
- }
- return 1;
-}
-
-void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
-{
- HASH_BLOCK_DATA_ORDER(c, data, 1);
-}
-
-int HASH_FINAL(unsigned char *md, HASH_CTX *c)
-{
- unsigned char *p = (unsigned char *)c->data;
- size_t n = c->num;
-
- p[n] = 0x80; /* there is always room for one */
- n++;
-
- if (n > (HASH_CBLOCK - 8)) {
- memset(p + n, 0, HASH_CBLOCK - n);
- n = 0;
- HASH_BLOCK_DATA_ORDER(c, p, 1);
- }
- memset(p + n, 0, HASH_CBLOCK - 8 - n);
-
- p += HASH_CBLOCK - 8;
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
- (void)HOST_l2c(c->Nh, p);
- (void)HOST_l2c(c->Nl, p);
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
- (void)HOST_l2c(c->Nl, p);
- (void)HOST_l2c(c->Nh, p);
-#endif
- p -= HASH_CBLOCK;
- HASH_BLOCK_DATA_ORDER(c, p, 1);
- c->num = 0;
- memset(p, 0, HASH_CBLOCK);
-
-#ifndef HASH_MAKE_STRING
-# error "HASH_MAKE_STRING must be defined!"
-#else
- HASH_MAKE_STRING(c, md);
-#endif
-
- return 1;
-}
-
-#ifndef MD32_REG_T
-# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
-# define MD32_REG_T long
-/*
- * This comment was originaly written for MD5, which is why it
- * discusses A-D. But it basically applies to all 32-bit digests,
- * which is why it was moved to common header file.
- *
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- * <appro at fy.chalmers.se>
- */
-# else
-/*
- * Above is not absolute and there are LP64 compilers that
- * generate better code if MD32_REG_T is defined int. The above
- * pre-processor condition reflects the circumstances under which
- * the conclusion was made and is subject to further extension.
- * <appro at fy.chalmers.se>
- */
-# define MD32_REG_T int
-# endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/md32_common.h (from rev 11605, vendor-crypto/openssl/dist/crypto/md32_common.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/md32_common.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/md32_common.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,418 @@
+/* crypto/md32_common.h */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+/*-
+ * This is a generic 32 bit "collector" for message digest algorithms.
+ * Whenever needed it collects input character stream into chunks of
+ * 32 bit values and invokes a block function that performs actual hash
+ * calculations.
+ *
+ * Porting guide.
+ *
+ * Obligatory macros:
+ *
+ * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
+ * this macro defines byte order of input stream.
+ * HASH_CBLOCK
+ * size of a unit chunk HASH_BLOCK operates on.
+ * HASH_LONG
+ * has to be at lest 32 bit wide, if it's wider, then
+ * HASH_LONG_LOG2 *has to* be defined along
+ * HASH_CTX
+ * context structure that at least contains following
+ * members:
+ * typedef struct {
+ * ...
+ * HASH_LONG Nl,Nh;
+ * either {
+ * HASH_LONG data[HASH_LBLOCK];
+ * unsigned char data[HASH_CBLOCK];
+ * };
+ * unsigned int num;
+ * ...
+ * } HASH_CTX;
+ * data[] vector is expected to be zeroed upon first call to
+ * HASH_UPDATE.
+ * HASH_UPDATE
+ * name of "Update" function, implemented here.
+ * HASH_TRANSFORM
+ * name of "Transform" function, implemented here.
+ * HASH_FINAL
+ * name of "Final" function, implemented here.
+ * HASH_BLOCK_DATA_ORDER
+ * name of "block" function capable of treating *unaligned* input
+ * message in original (data) byte order, implemented externally.
+ * HASH_MAKE_STRING
+ * macro convering context variables to an ASCII hash string.
+ *
+ * MD5 example:
+ *
+ * #define DATA_ORDER_IS_LITTLE_ENDIAN
+ *
+ * #define HASH_LONG MD5_LONG
+ * #define HASH_LONG_LOG2 MD5_LONG_LOG2
+ * #define HASH_CTX MD5_CTX
+ * #define HASH_CBLOCK MD5_CBLOCK
+ * #define HASH_UPDATE MD5_Update
+ * #define HASH_TRANSFORM MD5_Transform
+ * #define HASH_FINAL MD5_Final
+ * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
+ *
+ * <appro at fy.chalmers.se>
+ */
+
+#include <openssl/crypto.h>
+
+#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+# error "DATA_ORDER must be defined!"
+#endif
+
+#ifndef HASH_CBLOCK
+# error "HASH_CBLOCK must be defined!"
+#endif
+#ifndef HASH_LONG
+# error "HASH_LONG must be defined!"
+#endif
+#ifndef HASH_CTX
+# error "HASH_CTX must be defined!"
+#endif
+
+#ifndef HASH_UPDATE
+# error "HASH_UPDATE must be defined!"
+#endif
+#ifndef HASH_TRANSFORM
+# error "HASH_TRANSFORM must be defined!"
+#endif
+#ifndef HASH_FINAL
+# error "HASH_FINAL must be defined!"
+#endif
+
+#ifndef HASH_BLOCK_DATA_ORDER
+# error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+
+/*
+ * Engage compiler specific rotate intrinsic function if available.
+ */
+#undef ROTATE
+#ifndef PEDANTIC
+# if defined(_MSC_VER)
+# define ROTATE(a,n) _lrotl(a,n)
+# elif defined(__ICC)
+# define ROTATE(a,n) _rotl(a,n)
+# elif defined(__MWERKS__)
+# if defined(__POWERPC__)
+# define ROTATE(a,n) __rlwinm(a,n,0,31)
+# elif defined(__MC68K__)
+ /* Motorola specific tweak. <appro at fy.chalmers.se> */
+# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) )
+# else
+# define ROTATE(a,n) __rol(a,n)
+# endif
+# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+ /*
+ * Some GNU C inline assembler templates. Note that these are
+ * rotates by *constant* number of bits! But that's exactly
+ * what we need here...
+ * <appro at fy.chalmers.se>
+ */
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+# define ROTATE(a,n) ({ register unsigned int ret; \
+ asm ( \
+ "roll %1,%0" \
+ : "=r"(ret) \
+ : "I"(n), "0"((unsigned int)(a)) \
+ : "cc"); \
+ ret; \
+ })
+# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+ defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+# define ROTATE(a,n) ({ register unsigned int ret; \
+ asm ( \
+ "rlwinm %0,%1,%2,0,31" \
+ : "=r"(ret) \
+ : "r"(a), "I"(n)); \
+ ret; \
+ })
+# elif defined(__s390x__)
+# define ROTATE(a,n) ({ register unsigned int ret; \
+ asm ("rll %0,%1,%2" \
+ : "=r"(ret) \
+ : "r"(a), "I"(n)); \
+ ret; \
+ })
+# endif
+# endif
+#endif /* PEDANTIC */
+
+#ifndef ROTATE
+# define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+
+# ifndef PEDANTIC
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
+ (defined(__x86_64) || defined(__x86_64__))
+# if !defined(B_ENDIAN)
+ /*
+ * This gives ~30-40% performance improvement in SHA-256 compiled
+ * with gcc [on P4]. Well, first macro to be frank. We can pull
+ * this trick on x86* platforms only, because these CPUs can fetch
+ * unaligned data without raising an exception.
+ */
+# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \
+ asm ("bswapl %0":"=r"(r):"0"(r)); \
+ (c)+=4; (l)=r; })
+# define HOST_l2c(l,c) ({ unsigned int r=(l); \
+ asm ("bswapl %0":"=r"(r):"0"(r)); \
+ *((unsigned int *)(c))=r; (c)+=4; r; })
+# endif
+# endif
+# endif
+# endif
+# if defined(__s390__) || defined(__s390x__)
+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
+# endif
+
+# ifndef HOST_c2l
+# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++))) ) )
+# endif
+# ifndef HOST_l2c
+# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff), \
+ l)
+# endif
+
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+
+# ifndef PEDANTIC
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(__s390x__)
+# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \
+ :"=d"(l) :"m"(*(const unsigned int *)(c)));\
+ (c)+=4; (l); })
+# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \
+ :"=m"(*(unsigned int *)(c)) :"d"(l));\
+ (c)+=4; (l); })
+# endif
+# endif
+# endif
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+# ifndef B_ENDIAN
+ /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l)
+# endif
+# endif
+
+# ifndef HOST_c2l
+# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24) )
+# endif
+# ifndef HOST_l2c
+# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ l)
+# endif
+
+#endif
+
+/*
+ * Time for some action:-)
+ */
+
+int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
+{
+ const unsigned char *data = data_;
+ unsigned char *p;
+ HASH_LONG l;
+ size_t n;
+
+ if (len == 0)
+ return 1;
+
+ l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
+ /*
+ * 95-05-24 eay Fixed a bug with the overflow handling, thanks to Wei Dai
+ * <weidai at eskimo.com> for pointing it out.
+ */
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
+ * 16-bit */
+ c->Nl = l;
+
+ n = c->num;
+ if (n != 0) {
+ p = (unsigned char *)c->data;
+
+ if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
+ memcpy(p + n, data, HASH_CBLOCK - n);
+ HASH_BLOCK_DATA_ORDER(c, p, 1);
+ n = HASH_CBLOCK - n;
+ data += n;
+ len -= n;
+ c->num = 0;
+ /*
+ * We use memset rather than OPENSSL_cleanse() here deliberately.
+ * Using OPENSSL_cleanse() here could be a performance issue. It
+ * will get properly cleansed on finalisation so this isn't a
+ * security problem.
+ */
+ memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
+ } else {
+ memcpy(p + n, data, len);
+ c->num += (unsigned int)len;
+ return 1;
+ }
+ }
+
+ n = len / HASH_CBLOCK;
+ if (n > 0) {
+ HASH_BLOCK_DATA_ORDER(c, data, n);
+ n *= HASH_CBLOCK;
+ data += n;
+ len -= n;
+ }
+
+ if (len != 0) {
+ p = (unsigned char *)c->data;
+ c->num = (unsigned int)len;
+ memcpy(p, data, len);
+ }
+ return 1;
+}
+
+void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
+{
+ HASH_BLOCK_DATA_ORDER(c, data, 1);
+}
+
+int HASH_FINAL(unsigned char *md, HASH_CTX *c)
+{
+ unsigned char *p = (unsigned char *)c->data;
+ size_t n = c->num;
+
+ p[n] = 0x80; /* there is always room for one */
+ n++;
+
+ if (n > (HASH_CBLOCK - 8)) {
+ memset(p + n, 0, HASH_CBLOCK - n);
+ n = 0;
+ HASH_BLOCK_DATA_ORDER(c, p, 1);
+ }
+ memset(p + n, 0, HASH_CBLOCK - 8 - n);
+
+ p += HASH_CBLOCK - 8;
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+ (void)HOST_l2c(c->Nh, p);
+ (void)HOST_l2c(c->Nl, p);
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+ (void)HOST_l2c(c->Nl, p);
+ (void)HOST_l2c(c->Nh, p);
+#endif
+ p -= HASH_CBLOCK;
+ HASH_BLOCK_DATA_ORDER(c, p, 1);
+ c->num = 0;
+ OPENSSL_cleanse(p, HASH_CBLOCK);
+
+#ifndef HASH_MAKE_STRING
+# error "HASH_MAKE_STRING must be defined!"
+#else
+ HASH_MAKE_STRING(c, md);
+#endif
+
+ return 1;
+}
+
+#ifndef MD32_REG_T
+# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
+# define MD32_REG_T long
+/*
+ * This comment was originaly written for MD5, which is why it
+ * discusses A-D. But it basically applies to all 32-bit digests,
+ * which is why it was moved to common header file.
+ *
+ * In case you wonder why A-D are declared as long and not
+ * as MD5_LONG. Doing so results in slight performance
+ * boost on LP64 architectures. The catch is we don't
+ * really care if 32 MSBs of a 64-bit register get polluted
+ * with eventual overflows as we *save* only 32 LSBs in
+ * *either* case. Now declaring 'em long excuses the compiler
+ * from keeping 32 MSBs zeroed resulting in 13% performance
+ * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
+ * Well, to be honest it should say that this *prevents*
+ * performance degradation.
+ * <appro at fy.chalmers.se>
+ */
+# else
+/*
+ * Above is not absolute and there are LP64 compilers that
+ * generate better code if MD32_REG_T is defined int. The above
+ * pre-processor condition reflects the circumstances under which
+ * the conclusion was made and is subject to further extension.
+ * <appro at fy.chalmers.se>
+ */
+# define MD32_REG_T int
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/mdc2/mdc2dgst.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,196 +0,0 @@
-/* crypto/mdc2/mdc2dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/des.h>
-#include <openssl/mdc2.h>
-
-#undef c2l
-#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
- l|=((DES_LONG)(*((c)++)))<< 8L, \
- l|=((DES_LONG)(*((c)++)))<<16L, \
- l|=((DES_LONG)(*((c)++)))<<24L)
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
-fips_md_init(MDC2)
-{
- c->num = 0;
- c->pad_type = 1;
- memset(&(c->h[0]), 0x52, MDC2_BLOCK);
- memset(&(c->hh[0]), 0x25, MDC2_BLOCK);
- return 1;
-}
-
-int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
-{
- size_t i, j;
-
- i = c->num;
- if (i != 0) {
- if (i + len < MDC2_BLOCK) {
- /* partial block */
- memcpy(&(c->data[i]), in, len);
- c->num += (int)len;
- return 1;
- } else {
- /* filled one */
- j = MDC2_BLOCK - i;
- memcpy(&(c->data[i]), in, j);
- len -= j;
- in += j;
- c->num = 0;
- mdc2_body(c, &(c->data[0]), MDC2_BLOCK);
- }
- }
- i = len & ~((size_t)MDC2_BLOCK - 1);
- if (i > 0)
- mdc2_body(c, in, i);
- j = len - i;
- if (j > 0) {
- memcpy(&(c->data[0]), &(in[i]), j);
- c->num = (int)j;
- }
- return 1;
-}
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
-{
- register DES_LONG tin0, tin1;
- register DES_LONG ttin0, ttin1;
- DES_LONG d[2], dd[2];
- DES_key_schedule k;
- unsigned char *p;
- size_t i;
-
- for (i = 0; i < len; i += 8) {
- c2l(in, tin0);
- d[0] = dd[0] = tin0;
- c2l(in, tin1);
- d[1] = dd[1] = tin1;
- c->h[0] = (c->h[0] & 0x9f) | 0x40;
- c->hh[0] = (c->hh[0] & 0x9f) | 0x20;
-
- DES_set_odd_parity(&c->h);
- DES_set_key_unchecked(&c->h, &k);
- DES_encrypt1(d, &k, 1);
-
- DES_set_odd_parity(&c->hh);
- DES_set_key_unchecked(&c->hh, &k);
- DES_encrypt1(dd, &k, 1);
-
- ttin0 = tin0 ^ dd[0];
- ttin1 = tin1 ^ dd[1];
- tin0 ^= d[0];
- tin1 ^= d[1];
-
- p = c->h;
- l2c(tin0, p);
- l2c(ttin1, p);
- p = c->hh;
- l2c(ttin0, p);
- l2c(tin1, p);
- }
-}
-
-int MDC2_Final(unsigned char *md, MDC2_CTX *c)
-{
- unsigned int i;
- int j;
-
- i = c->num;
- j = c->pad_type;
- if ((i > 0) || (j == 2)) {
- if (j == 2)
- c->data[i++] = 0x80;
- memset(&(c->data[i]), 0, MDC2_BLOCK - i);
- mdc2_body(c, c->data, MDC2_BLOCK);
- }
- memcpy(md, (char *)c->h, MDC2_BLOCK);
- memcpy(&(md[MDC2_BLOCK]), (char *)c->hh, MDC2_BLOCK);
- return 1;
-}
-
-#undef TEST
-
-#ifdef TEST
-main()
-{
- unsigned char md[MDC2_DIGEST_LENGTH];
- int i;
- MDC2_CTX c;
- static char *text = "Now is the time for all ";
-
- MDC2_Init(&c);
- MDC2_Update(&c, text, strlen(text));
- MDC2_Final(&(md[0]), &c);
-
- for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
- printf("%02X", md[i]);
- printf("\n");
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c (from rev 11605, vendor-crypto/openssl/dist/crypto/mdc2/mdc2dgst.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/mdc2/mdc2dgst.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,196 @@
+/* crypto/mdc2/mdc2dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/des.h>
+#include <openssl/mdc2.h>
+
+#undef c2l
+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<<24L)
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
+fips_md_init(MDC2)
+{
+ c->num = 0;
+ c->pad_type = 1;
+ memset(&(c->h[0]), 0x52, MDC2_BLOCK);
+ memset(&(c->hh[0]), 0x25, MDC2_BLOCK);
+ return 1;
+}
+
+int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
+{
+ size_t i, j;
+
+ i = c->num;
+ if (i != 0) {
+ if (len < MDC2_BLOCK - i) {
+ /* partial block */
+ memcpy(&(c->data[i]), in, len);
+ c->num += (int)len;
+ return 1;
+ } else {
+ /* filled one */
+ j = MDC2_BLOCK - i;
+ memcpy(&(c->data[i]), in, j);
+ len -= j;
+ in += j;
+ c->num = 0;
+ mdc2_body(c, &(c->data[0]), MDC2_BLOCK);
+ }
+ }
+ i = len & ~((size_t)MDC2_BLOCK - 1);
+ if (i > 0)
+ mdc2_body(c, in, i);
+ j = len - i;
+ if (j > 0) {
+ memcpy(&(c->data[0]), &(in[i]), j);
+ c->num = (int)j;
+ }
+ return 1;
+}
+
+static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
+{
+ register DES_LONG tin0, tin1;
+ register DES_LONG ttin0, ttin1;
+ DES_LONG d[2], dd[2];
+ DES_key_schedule k;
+ unsigned char *p;
+ size_t i;
+
+ for (i = 0; i < len; i += 8) {
+ c2l(in, tin0);
+ d[0] = dd[0] = tin0;
+ c2l(in, tin1);
+ d[1] = dd[1] = tin1;
+ c->h[0] = (c->h[0] & 0x9f) | 0x40;
+ c->hh[0] = (c->hh[0] & 0x9f) | 0x20;
+
+ DES_set_odd_parity(&c->h);
+ DES_set_key_unchecked(&c->h, &k);
+ DES_encrypt1(d, &k, 1);
+
+ DES_set_odd_parity(&c->hh);
+ DES_set_key_unchecked(&c->hh, &k);
+ DES_encrypt1(dd, &k, 1);
+
+ ttin0 = tin0 ^ dd[0];
+ ttin1 = tin1 ^ dd[1];
+ tin0 ^= d[0];
+ tin1 ^= d[1];
+
+ p = c->h;
+ l2c(tin0, p);
+ l2c(ttin1, p);
+ p = c->hh;
+ l2c(ttin0, p);
+ l2c(tin1, p);
+ }
+}
+
+int MDC2_Final(unsigned char *md, MDC2_CTX *c)
+{
+ unsigned int i;
+ int j;
+
+ i = c->num;
+ j = c->pad_type;
+ if ((i > 0) || (j == 2)) {
+ if (j == 2)
+ c->data[i++] = 0x80;
+ memset(&(c->data[i]), 0, MDC2_BLOCK - i);
+ mdc2_body(c, c->data, MDC2_BLOCK);
+ }
+ memcpy(md, (char *)c->h, MDC2_BLOCK);
+ memcpy(&(md[MDC2_BLOCK]), (char *)c->hh, MDC2_BLOCK);
+ return 1;
+}
+
+#undef TEST
+
+#ifdef TEST
+main()
+{
+ unsigned char md[MDC2_DIGEST_LENGTH];
+ int i;
+ MDC2_CTX c;
+ static char *text = "Now is the time for all ";
+
+ MDC2_Init(&c);
+ MDC2_Update(&c, text, strlen(text));
+ MDC2_Final(&(md[0]), &c);
+
+ for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+ printf("%02X", md[i]);
+ printf("\n");
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/mem_clr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,81 +0,0 @@
-/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/crypto.h>
-
-unsigned char cleanse_ctr = 0;
-
-void OPENSSL_cleanse(void *ptr, size_t len)
-{
- unsigned char *p = ptr;
- size_t loop = len, ctr = cleanse_ctr;
-
- if (ptr == NULL)
- return;
-
- while (loop--) {
- *(p++) = (unsigned char)ctr;
- ctr += (17 + ((size_t)p & 0xF));
- }
- p = memchr(ptr, (unsigned char)ctr, len);
- if (p)
- ctr += (63 + (size_t)p);
- cleanse_ctr = (unsigned char)ctr;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c (from rev 11605, vendor-crypto/openssl/dist/crypto/mem_clr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/mem_clr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,81 @@
+/* crypto/mem_clr.c */
+/*
+ * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/crypto.h>
+
+unsigned char cleanse_ctr = 0;
+
+void OPENSSL_cleanse(void *ptr, size_t len)
+{
+ unsigned char *p = ptr;
+ size_t loop = len, ctr = cleanse_ctr;
+
+ if (ptr == NULL)
+ return;
+
+ while (loop--) {
+ *(p++) = (unsigned char)ctr;
+ ctr += (17 + ((size_t)p & 0xF));
+ }
+ p = memchr(ptr, (unsigned char)ctr, len);
+ if (p)
+ ctr += (63 + (size_t)p);
+ cleanse_ctr = (unsigned char)ctr;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/modes/ctr128.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,270 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/*
- * NOTE: the IV/counter CTR mode is big-endian. The code itself is
- * endian-neutral.
- */
-
-/* increment counter (128-bit int) by 1 */
-static void ctr128_inc(unsigned char *counter)
-{
- u32 n = 16;
- u8 c;
-
- do {
- --n;
- c = counter[n];
- ++c;
- counter[n] = c;
- if (c)
- return;
- } while (n);
-}
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-static void ctr128_inc_aligned(unsigned char *counter)
-{
- size_t *data, c, n;
- const union {
- long one;
- char little;
- } is_endian = {
- 1
- };
-
- if (is_endian.little) {
- ctr128_inc(counter);
- return;
- }
-
- data = (size_t *)counter;
- n = 16 / sizeof(size_t);
- do {
- --n;
- c = data[n];
- ++c;
- data[n] = c;
- if (c)
- return;
- } while (n);
-}
-#endif
-
-/*
- * The input encrypted as though 128bit counter mode is being used. The
- * extra state information to record how much of the 128bit block we have
- * used is contained in *num, and the encrypted counter is kept in
- * ecount_buf. Both *num and ecount_buf must be initialised with zeros
- * before the first call to CRYPTO_ctr128_encrypt(). This algorithm assumes
- * that the counter is in the x lower bits of the IV (ivec), and that the
- * application has full control over overflow and the rest of the IV. This
- * implementation takes NO responsability for checking that the counter
- * doesn't overflow into the rest of the IV when incremented.
- */
-void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16],
- unsigned char ecount_buf[16], unsigned int *num,
- block128_f block)
-{
- unsigned int n;
- size_t l = 0;
-
- assert(in && out && key && ecount_buf && num);
- assert(*num < 16);
-
- n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
- if (16 % sizeof(size_t) == 0) { /* always true actually */
- do {
- while (n && len) {
- *(out++) = *(in++) ^ ecount_buf[n];
- --len;
- n = (n + 1) % 16;
- }
-
-# if defined(STRICT_ALIGNMENT)
- if (((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) !=
- 0)
- break;
-# endif
- while (len >= 16) {
- (*block) (ivec, ecount_buf, key);
- ctr128_inc_aligned(ivec);
- for (; n < 16; n += sizeof(size_t))
- *(size_t *)(out + n) =
- *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
- len -= 16;
- out += 16;
- in += 16;
- n = 0;
- }
- if (len) {
- (*block) (ivec, ecount_buf, key);
- ctr128_inc_aligned(ivec);
- while (len--) {
- out[n] = in[n] ^ ecount_buf[n];
- ++n;
- }
- }
- *num = n;
- return;
- } while (0);
- }
- /* the rest would be commonly eliminated by x86* compiler */
-#endif
- while (l < len) {
- if (n == 0) {
- (*block) (ivec, ecount_buf, key);
- ctr128_inc(ivec);
- }
- out[l] = in[l] ^ ecount_buf[n];
- ++l;
- n = (n + 1) % 16;
- }
-
- *num = n;
-}
-
-/* increment upper 96 bits of 128-bit counter by 1 */
-static void ctr96_inc(unsigned char *counter)
-{
- u32 n = 12;
- u8 c;
-
- do {
- --n;
- c = counter[n];
- ++c;
- counter[n] = c;
- if (c)
- return;
- } while (n);
-}
-
-void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16],
- unsigned char ecount_buf[16],
- unsigned int *num, ctr128_f func)
-{
- unsigned int n, ctr32;
-
- assert(in && out && key && ecount_buf && num);
- assert(*num < 16);
-
- n = *num;
-
- while (n && len) {
- *(out++) = *(in++) ^ ecount_buf[n];
- --len;
- n = (n + 1) % 16;
- }
-
- ctr32 = GETU32(ivec + 12);
- while (len >= 16) {
- size_t blocks = len / 16;
- /*
- * 1<<28 is just a not-so-small yet not-so-large number...
- * Below condition is practically never met, but it has to
- * be checked for code correctness.
- */
- if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28))
- blocks = (1U << 28);
- /*
- * As (*func) operates on 32-bit counter, caller
- * has to handle overflow. 'if' below detects the
- * overflow, which is then handled by limiting the
- * amount of blocks to the exact overflow point...
- */
- ctr32 += (u32)blocks;
- if (ctr32 < blocks) {
- blocks -= ctr32;
- ctr32 = 0;
- }
- (*func) (in, out, blocks, key, ivec);
- /* (*ctr) does not update ivec, caller does: */
- PUTU32(ivec + 12, ctr32);
- /* ... overflow was detected, propogate carry. */
- if (ctr32 == 0)
- ctr96_inc(ivec);
- blocks *= 16;
- len -= blocks;
- out += blocks;
- in += blocks;
- }
- if (len) {
- memset(ecount_buf, 0, 16);
- (*func) (ecount_buf, ecount_buf, 1, key, ivec);
- ++ctr32;
- PUTU32(ivec + 12, ctr32);
- if (ctr32 == 0)
- ctr96_inc(ivec);
- while (len--) {
- out[n] = in[n] ^ ecount_buf[n];
- ++n;
- }
- }
-
- *num = n;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c (from rev 11605, vendor-crypto/openssl/dist/crypto/modes/ctr128.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/modes/ctr128.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,263 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * NOTE: the IV/counter CTR mode is big-endian. The code itself is
+ * endian-neutral.
+ */
+
+/* increment counter (128-bit int) by 1 */
+static void ctr128_inc(unsigned char *counter)
+{
+ u32 n = 16, c = 1;
+
+ do {
+ --n;
+ c += counter[n];
+ counter[n] = (u8)c;
+ c >>= 8;
+ } while (n);
+}
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+static void ctr128_inc_aligned(unsigned char *counter)
+{
+ size_t *data, c, d, n;
+ const union {
+ long one;
+ char little;
+ } is_endian = {
+ 1
+ };
+
+ if (is_endian.little || ((size_t)counter % sizeof(size_t)) != 0) {
+ ctr128_inc(counter);
+ return;
+ }
+
+ data = (size_t *)counter;
+ c = 1;
+ n = 16 / sizeof(size_t);
+ do {
+ --n;
+ d = data[n] += c;
+ /* did addition carry? */
+ c = ((d - c) ^ d) >> (sizeof(size_t) * 8 - 1);
+ } while (n);
+}
+#endif
+
+/*
+ * The input encrypted as though 128bit counter mode is being used. The
+ * extra state information to record how much of the 128bit block we have
+ * used is contained in *num, and the encrypted counter is kept in
+ * ecount_buf. Both *num and ecount_buf must be initialised with zeros
+ * before the first call to CRYPTO_ctr128_encrypt(). This algorithm assumes
+ * that the counter is in the x lower bits of the IV (ivec), and that the
+ * application has full control over overflow and the rest of the IV. This
+ * implementation takes NO responsability for checking that the counter
+ * doesn't overflow into the rest of the IV when incremented.
+ */
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16],
+ unsigned char ecount_buf[16], unsigned int *num,
+ block128_f block)
+{
+ unsigned int n;
+ size_t l = 0;
+
+ assert(in && out && key && ecount_buf && num);
+ assert(*num < 16);
+
+ n = *num;
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+ if (16 % sizeof(size_t) == 0) { /* always true actually */
+ do {
+ while (n && len) {
+ *(out++) = *(in++) ^ ecount_buf[n];
+ --len;
+ n = (n + 1) % 16;
+ }
+
+# if defined(STRICT_ALIGNMENT)
+ if (((size_t)in | (size_t)out | (size_t)ecount_buf)
+ % sizeof(size_t) != 0)
+ break;
+# endif
+ while (len >= 16) {
+ (*block) (ivec, ecount_buf, key);
+ ctr128_inc_aligned(ivec);
+ for (n = 0; n < 16; n += sizeof(size_t))
+ *(size_t *)(out + n) =
+ *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
+ len -= 16;
+ out += 16;
+ in += 16;
+ n = 0;
+ }
+ if (len) {
+ (*block) (ivec, ecount_buf, key);
+ ctr128_inc_aligned(ivec);
+ while (len--) {
+ out[n] = in[n] ^ ecount_buf[n];
+ ++n;
+ }
+ }
+ *num = n;
+ return;
+ } while (0);
+ }
+ /* the rest would be commonly eliminated by x86* compiler */
+#endif
+ while (l < len) {
+ if (n == 0) {
+ (*block) (ivec, ecount_buf, key);
+ ctr128_inc(ivec);
+ }
+ out[l] = in[l] ^ ecount_buf[n];
+ ++l;
+ n = (n + 1) % 16;
+ }
+
+ *num = n;
+}
+
+/* increment upper 96 bits of 128-bit counter by 1 */
+static void ctr96_inc(unsigned char *counter)
+{
+ u32 n = 12, c = 1;
+
+ do {
+ --n;
+ c += counter[n];
+ counter[n] = (u8)c;
+ c >>= 8;
+ } while (n);
+}
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16],
+ unsigned char ecount_buf[16],
+ unsigned int *num, ctr128_f func)
+{
+ unsigned int n, ctr32;
+
+ assert(in && out && key && ecount_buf && num);
+ assert(*num < 16);
+
+ n = *num;
+
+ while (n && len) {
+ *(out++) = *(in++) ^ ecount_buf[n];
+ --len;
+ n = (n + 1) % 16;
+ }
+
+ ctr32 = GETU32(ivec + 12);
+ while (len >= 16) {
+ size_t blocks = len / 16;
+ /*
+ * 1<<28 is just a not-so-small yet not-so-large number...
+ * Below condition is practically never met, but it has to
+ * be checked for code correctness.
+ */
+ if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28))
+ blocks = (1U << 28);
+ /*
+ * As (*func) operates on 32-bit counter, caller
+ * has to handle overflow. 'if' below detects the
+ * overflow, which is then handled by limiting the
+ * amount of blocks to the exact overflow point...
+ */
+ ctr32 += (u32)blocks;
+ if (ctr32 < blocks) {
+ blocks -= ctr32;
+ ctr32 = 0;
+ }
+ (*func) (in, out, blocks, key, ivec);
+ /* (*ctr) does not update ivec, caller does: */
+ PUTU32(ivec + 12, ctr32);
+ /* ... overflow was detected, propogate carry. */
+ if (ctr32 == 0)
+ ctr96_inc(ivec);
+ blocks *= 16;
+ len -= blocks;
+ out += blocks;
+ in += blocks;
+ }
+ if (len) {
+ memset(ecount_buf, 0, 16);
+ (*func) (ecount_buf, ecount_buf, 1, key, ivec);
+ ++ctr32;
+ PUTU32(ivec + 12, ctr32);
+ if (ctr32 == 0)
+ ctr96_inc(ivec);
+ while (len--) {
+ out[n] = in[n] ^ ecount_buf[n];
+ ++n;
+ }
+ }
+
+ *num = n;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_dir.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_dir.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_dir.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,86 +0,0 @@
-/* crypto/o_dir.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <errno.h>
-#include <e_os.h>
-
-/*
- * The routines really come from the Levitte Programming, so to make life
- * simple, let's just use the raw files and hack the symbols to fit our
- * namespace.
- */
-#define LP_DIR_CTX OPENSSL_DIR_CTX
-#define LP_dir_context_st OPENSSL_dir_context_st
-#define LP_find_file OPENSSL_DIR_read
-#define LP_find_file_end OPENSSL_DIR_end
-
-#include "o_dir.h"
-
-#define LPDIR_H
-#if defined OPENSSL_SYS_UNIX || defined DJGPP
-# include "LPdir_unix.c"
-#elif defined OPENSSL_SYS_VMS
-# include "LPdir_vms.c"
-#elif defined OPENSSL_SYS_WIN32
-# include "LPdir_win32.c"
-#elif defined OPENSSL_SYS_WINCE
-# include "LPdir_wince.c"
-#else
-# include "LPdir_nyi.c"
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_dir.c (from rev 11605, vendor-crypto/openssl/dist/crypto/o_dir.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_dir.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_dir.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,86 @@
+/* crypto/o_dir.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <errno.h>
+#include <e_os.h>
+
+/*
+ * The routines really come from the Levitte Programming, so to make life
+ * simple, let's just use the raw files and hack the symbols to fit our
+ * namespace.
+ */
+#define LP_DIR_CTX OPENSSL_DIR_CTX
+#define LP_dir_context_st OPENSSL_dir_context_st
+#define LP_find_file OPENSSL_DIR_read
+#define LP_find_file_end OPENSSL_DIR_end
+
+#include "o_dir.h"
+
+#define LPDIR_H
+#if defined OPENSSL_SYS_UNIX || defined DJGPP
+# include "LPdir_unix.c"
+#elif defined OPENSSL_SYS_VMS
+# include "LPdir_vms.c"
+#elif defined OPENSSL_SYS_WIN32
+# include "LPdir_win32.c"
+#elif defined OPENSSL_SYS_WINCE
+# include "LPdir_wince.c"
+#else
+# include "LPdir_nyi.c"
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_dir.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_dir.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_dir.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,55 +0,0 @@
-/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Copied from Richard Levitte's (richard at levitte.org) LP library. All
- * symbol names have been changed, with permission from the author.
- */
-
-/* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */
-/*
- * Copyright (c) 2004, Richard Levitte <richard at levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef O_DIR_H
-# define O_DIR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct OPENSSL_dir_context_st OPENSSL_DIR_CTX;
-
- /*
- * returns NULL on error or end-of-directory. If it is end-of-directory,
- * errno will be zero
- */
-const char *OPENSSL_DIR_read(OPENSSL_DIR_CTX **ctx, const char *directory);
- /* returns 1 on success, 0 on error */
-int OPENSSL_DIR_end(OPENSSL_DIR_CTX **ctx);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LPDIR_H */
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_dir.h (from rev 11605, vendor-crypto/openssl/dist/crypto/o_dir.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_dir.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_dir.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,55 @@
+/* crypto/o_dir.h */
+/*
+ * Copied from Richard Levitte's (richard at levitte.org) LP library. All
+ * symbol names have been changed, with permission from the author.
+ */
+
+/* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard at levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef O_DIR_H
+# define O_DIR_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct OPENSSL_dir_context_st OPENSSL_DIR_CTX;
+
+ /*
+ * returns NULL on error or end-of-directory. If it is end-of-directory,
+ * errno will be zero
+ */
+const char *OPENSSL_DIR_read(OPENSSL_DIR_CTX **ctx, const char *directory);
+ /* returns 1 on success, 0 on error */
+int OPENSSL_DIR_end(OPENSSL_DIR_CTX **ctx);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LPDIR_H */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_dir_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,68 +0,0 @@
-/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Copied from Richard Levitte's (richard at levitte.org) LP library. All
- * symbol names have been changed, with permission from the author.
- */
-
-/* $LP: LPlib/test/test_dir.c,v 1.1 2004/06/16 22:59:47 _cvs_levitte Exp $ */
-/*
- * Copyright (c) 2004, Richard Levitte <richard at levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <stddef.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <errno.h>
-#include "e_os2.h"
-#include "o_dir.h"
-
-#if defined OPENSSL_SYS_UNIX || defined OPENSSL_SYS_WIN32 || defined OPENSSL_SYS_WINCE
-# define CURRDIR "."
-#elif defined OPENSSL_SYS_VMS
-# define CURRDIR "SYS$DISK:[]"
-#else
-# error "No supported platform defined!"
-#endif
-
-int main()
-{
- OPENSSL_DIR_CTX *ctx = NULL;
- const char *result;
-
- while ((result = OPENSSL_DIR_read(&ctx, CURRDIR)) != NULL) {
- printf("%s\n", result);
- }
-
- if (errno) {
- perror("test_dir");
- exit(1);
- }
-
- if (!OPENSSL_DIR_end(&ctx)) {
- perror("test_dir");
- exit(2);
- }
- exit(0);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c (from rev 11605, vendor-crypto/openssl/dist/crypto/o_dir_test.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_dir_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,68 @@
+/* crypto/o_dir.h */
+/*
+ * Copied from Richard Levitte's (richard at levitte.org) LP library. All
+ * symbol names have been changed, with permission from the author.
+ */
+
+/* $LP: LPlib/test/test_dir.c,v 1.1 2004/06/16 22:59:47 _cvs_levitte Exp $ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard at levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include "e_os2.h"
+#include "o_dir.h"
+
+#if defined OPENSSL_SYS_UNIX || defined OPENSSL_SYS_WIN32 || defined OPENSSL_SYS_WINCE
+# define CURRDIR "."
+#elif defined OPENSSL_SYS_VMS
+# define CURRDIR "SYS$DISK:[]"
+#else
+# error "No supported platform defined!"
+#endif
+
+int main()
+{
+ OPENSSL_DIR_CTX *ctx = NULL;
+ const char *result;
+
+ while ((result = OPENSSL_DIR_read(&ctx, CURRDIR)) != NULL) {
+ printf("%s\n", result);
+ }
+
+ if (errno) {
+ perror("test_dir");
+ exit(1);
+ }
+
+ if (!OPENSSL_DIR_end(&ctx)) {
+ perror("test_dir");
+ exit(2);
+ }
+ exit(0);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_str.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_str.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_str.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,116 +0,0 @@
-/* crypto/o_str.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <ctype.h>
-#include <e_os.h>
-#include "o_str.h"
-
-#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
- !defined(OPENSSL_SYSNAME_WIN32) && \
- !defined(NETWARE_CLIB)
-# include <strings.h>
-#endif
-
-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
-{
-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
- while (*str1 && *str2 && n) {
- int res = toupper(*str1) - toupper(*str2);
- if (res)
- return res < 0 ? -1 : 1;
- str1++;
- str2++;
- n--;
- }
- if (n == 0)
- return 0;
- if (*str1)
- return 1;
- if (*str2)
- return -1;
- return 0;
-#else
- /*
- * Recursion hazard warning! Whenever strncasecmp is #defined as
- * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be defined as
- * well.
- */
- return strncasecmp(str1, str2, n);
-#endif
-}
-
-int OPENSSL_strcasecmp(const char *str1, const char *str2)
-{
-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
- return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
-#else
- return strcasecmp(str1, str2);
-#endif
-}
-
-int OPENSSL_memcmp(const void *v1, const void *v2, size_t n)
-{
- const unsigned char *c1 = v1, *c2 = v2;
- int ret = 0;
-
- while (n && (ret = *c1 - *c2) == 0)
- n--, c1++, c2++;
-
- return ret;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_str.c (from rev 11605, vendor-crypto/openssl/dist/crypto/o_str.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_str.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_str.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,116 @@
+/* crypto/o_str.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <ctype.h>
+#include <e_os.h>
+#include "o_str.h"
+
+#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
+ !defined(OPENSSL_SYSNAME_WIN32) && \
+ !defined(NETWARE_CLIB)
+# include <strings.h>
+#endif
+
+int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
+{
+#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+ while (*str1 && *str2 && n) {
+ int res = toupper(*str1) - toupper(*str2);
+ if (res)
+ return res < 0 ? -1 : 1;
+ str1++;
+ str2++;
+ n--;
+ }
+ if (n == 0)
+ return 0;
+ if (*str1)
+ return 1;
+ if (*str2)
+ return -1;
+ return 0;
+#else
+ /*
+ * Recursion hazard warning! Whenever strncasecmp is #defined as
+ * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be defined as
+ * well.
+ */
+ return strncasecmp(str1, str2, n);
+#endif
+}
+
+int OPENSSL_strcasecmp(const char *str1, const char *str2)
+{
+#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+ return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
+#else
+ return strcasecmp(str1, str2);
+#endif
+}
+
+int OPENSSL_memcmp(const void *v1, const void *v2, size_t n)
+{
+ const unsigned char *c1 = v1, *c2 = v2;
+ int ret = 0;
+
+ while (n && (ret = *c1 - *c2) == 0)
+ n--, c1++, c2++;
+
+ return ret;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_str.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_str.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_str.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,69 +0,0 @@
-/* crypto/o_str.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_STR_H
-# define HEADER_O_STR_H
-
-# include <stddef.h> /* to get size_t */
-
-int OPENSSL_strcasecmp(const char *str1, const char *str2);
-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
-int OPENSSL_memcmp(const void *p1, const void *p2, size_t n);
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_str.h (from rev 11605, vendor-crypto/openssl/dist/crypto/o_str.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_str.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_str.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,69 @@
+/* crypto/o_str.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_O_STR_H
+# define HEADER_O_STR_H
+
+# include <stddef.h> /* to get size_t */
+
+int OPENSSL_strcasecmp(const char *str1, const char *str2);
+int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
+int OPENSSL_memcmp(const void *p1, const void *p2, size_t n);
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_time.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_time.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_time.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,380 +0,0 @@
-/* crypto/o_time.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2008.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <openssl/e_os2.h>
-#include <string.h>
-#include "o_time.h"
-
-#ifdef OPENSSL_SYS_VMS
-# if __CRTL_VER >= 70000000 && \
- (defined _POSIX_C_SOURCE || !defined _ANSI_C_SOURCE)
-# define VMS_GMTIME_OK
-# endif
-# ifndef VMS_GMTIME_OK
-# include <libdtdef.h>
-# include <lib$routines.h>
-# include <lnmdef.h>
-# include <starlet.h>
-# include <descrip.h>
-# include <stdlib.h>
-# endif /* ndef VMS_GMTIME_OK */
-#endif
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
-{
- struct tm *ts = NULL;
-
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
- /*
- * should return &data, but doesn't on some systems, so we don't even
- * look at the return value
- */
- gmtime_r(timer, result);
- ts = result;
-#elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
- ts = gmtime(timer);
- if (ts == NULL)
- return NULL;
-
- memcpy(result, ts, sizeof(struct tm));
- ts = result;
-#endif
-#if defined( OPENSSL_SYS_VMS) && !defined( VMS_GMTIME_OK)
- if (ts == NULL) {
- static $DESCRIPTOR(tabnam, "LNM$DCL_LOGICAL");
- static $DESCRIPTOR(lognam, "SYS$TIMEZONE_DIFFERENTIAL");
- char logvalue[256];
- unsigned int reslen = 0;
- struct {
- short buflen;
- short code;
- void *bufaddr;
- unsigned int *reslen;
- } itemlist[] = {
- {
- 0, LNM$_STRING, 0, 0
- },
- {
- 0, 0, 0, 0
- },
- };
- int status;
- time_t t;
-
- /* Get the value for SYS$TIMEZONE_DIFFERENTIAL */
- itemlist[0].buflen = sizeof(logvalue);
- itemlist[0].bufaddr = logvalue;
- itemlist[0].reslen = &reslen;
- status = sys$trnlnm(0, &tabnam, &lognam, 0, itemlist);
- if (!(status & 1))
- return NULL;
- logvalue[reslen] = '\0';
-
- t = *timer;
-
-/* The following is extracted from the DEC C header time.h */
- /*
- ** Beginning in OpenVMS Version 7.0 mktime, time, ctime, strftime
- ** have two implementations. One implementation is provided
- ** for compatibility and deals with time in terms of local time,
- ** the other __utc_* deals with time in terms of UTC.
- */
- /*
- * We use the same conditions as in said time.h to check if we should
- * assume that t contains local time (and should therefore be
- * adjusted) or UTC (and should therefore be left untouched).
- */
-# if __CRTL_VER < 70000000 || defined _VMS_V6_SOURCE
- /* Get the numerical value of the equivalence string */
- status = atoi(logvalue);
-
- /* and use it to move time to GMT */
- t -= status;
-# endif
-
- /* then convert the result to the time structure */
-
- /*
- * Since there was no gmtime_r() to do this stuff for us, we have to
- * do it the hard way.
- */
- {
- /*-
- * The VMS epoch is the astronomical Smithsonian date,
- if I remember correctly, which is November 17, 1858.
- Furthermore, time is measure in thenths of microseconds
- and stored in quadwords (64 bit integers). unix_epoch
- below is January 1st 1970 expressed as a VMS time. The
- following code was used to get this number:
-
- #include <stdio.h>
- #include <stdlib.h>
- #include <lib$routines.h>
- #include <starlet.h>
-
- main()
- {
- unsigned long systime[2];
- unsigned short epoch_values[7] =
- { 1970, 1, 1, 0, 0, 0, 0 };
-
- lib$cvt_vectim(epoch_values, systime);
-
- printf("%u %u", systime[0], systime[1]);
- }
- */
- unsigned long unix_epoch[2] = { 1273708544, 8164711 };
- unsigned long deltatime[2];
- unsigned long systime[2];
- struct vms_vectime {
- short year, month, day, hour, minute, second, centi_second;
- } time_values;
- long operation;
-
- /*
- * Turn the number of seconds since January 1st 1970 to an
- * internal delta time. Note that lib$cvt_to_internal_time() will
- * assume that t is signed, and will therefore break on 32-bit
- * systems some time in 2038.
- */
- operation = LIB$K_DELTA_SECONDS;
- status = lib$cvt_to_internal_time(&operation, &t, deltatime);
-
- /*
- * Add the delta time with the Unix epoch and we have the current
- * UTC time in internal format
- */
- status = lib$add_times(unix_epoch, deltatime, systime);
-
- /* Turn the internal time into a time vector */
- status = sys$numtim(&time_values, systime);
-
- /* Fill in the struct tm with the result */
- result->tm_sec = time_values.second;
- result->tm_min = time_values.minute;
- result->tm_hour = time_values.hour;
- result->tm_mday = time_values.day;
- result->tm_mon = time_values.month - 1;
- result->tm_year = time_values.year - 1900;
-
- operation = LIB$K_DAY_OF_WEEK;
- status = lib$cvt_from_internal_time(&operation,
- &result->tm_wday, systime);
- result->tm_wday %= 7;
-
- operation = LIB$K_DAY_OF_YEAR;
- status = lib$cvt_from_internal_time(&operation,
- &result->tm_yday, systime);
- result->tm_yday--;
-
- result->tm_isdst = 0; /* There's no way to know... */
-
- ts = result;
- }
- }
-#endif
- return ts;
-}
-
-/*
- * Take a tm structure and add an offset to it. This avoids any OS issues
- * with restricted date types and overflows which cause the year 2038
- * problem.
- */
-
-#define SECS_PER_DAY (24 * 60 * 60)
-
-static long date_to_julian(int y, int m, int d);
-static void julian_to_date(long jd, int *y, int *m, int *d);
-
-int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
-{
- int offset_hms, offset_day;
- long time_jd;
- int time_year, time_month, time_day;
- /* split offset into days and day seconds */
- offset_day = offset_sec / SECS_PER_DAY;
- /* Avoid sign issues with % operator */
- offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
- offset_day += off_day;
- /* Add current time seconds to offset */
- offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
- /* Adjust day seconds if overflow */
- if (offset_hms >= SECS_PER_DAY) {
- offset_day++;
- offset_hms -= SECS_PER_DAY;
- } else if (offset_hms < 0) {
- offset_day--;
- offset_hms += SECS_PER_DAY;
- }
-
- /*
- * Convert date of time structure into a Julian day number.
- */
-
- time_year = tm->tm_year + 1900;
- time_month = tm->tm_mon + 1;
- time_day = tm->tm_mday;
-
- time_jd = date_to_julian(time_year, time_month, time_day);
-
- /* Work out Julian day of new date */
- time_jd += offset_day;
-
- if (time_jd < 0)
- return 0;
-
- /* Convert Julian day back to date */
-
- julian_to_date(time_jd, &time_year, &time_month, &time_day);
-
- if (time_year < 1900 || time_year > 9999)
- return 0;
-
- /* Update tm structure */
-
- tm->tm_year = time_year - 1900;
- tm->tm_mon = time_month - 1;
- tm->tm_mday = time_day;
-
- tm->tm_hour = offset_hms / 3600;
- tm->tm_min = (offset_hms / 60) % 60;
- tm->tm_sec = offset_hms % 60;
-
- return 1;
-
-}
-
-/*
- * Convert date to and from julian day Uses Fliegel & Van Flandern algorithm
- */
-static long date_to_julian(int y, int m, int d)
-{
- return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
- (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
- (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075;
-}
-
-static void julian_to_date(long jd, int *y, int *m, int *d)
-{
- long L = jd + 68569;
- long n = (4 * L) / 146097;
- long i, j;
-
- L = L - (146097 * n + 3) / 4;
- i = (4000 * (L + 1)) / 1461001;
- L = L - (1461 * i) / 4 + 31;
- j = (80 * L) / 2447;
- *d = L - (2447 * j) / 80;
- L = j / 11;
- *m = j + 2 - (12 * L);
- *y = 100 * (n - 49) + i + L;
-}
-
-#ifdef OPENSSL_TIME_TEST
-
-# include <stdio.h>
-
-/*
- * Time checking test code. Check times are identical for a wide range of
- * offsets. This should be run on a machine with 64 bit time_t or it will
- * trigger the very errors the routines fix.
- */
-
-int main(int argc, char **argv)
-{
- long offset;
- for (offset = 0; offset < 1000000; offset++) {
- check_time(offset);
- check_time(-offset);
- check_time(offset * 1000);
- check_time(-offset * 1000);
- }
-}
-
-int check_time(long offset)
-{
- struct tm tm1, tm2;
- time_t t1, t2;
- time(&t1);
- t2 = t1 + offset;
- OPENSSL_gmtime(&t2, &tm2);
- OPENSSL_gmtime(&t1, &tm1);
- OPENSSL_gmtime_adj(&tm1, 0, offset);
- if ((tm1.tm_year == tm2.tm_year) &&
- (tm1.tm_mon == tm2.tm_mon) &&
- (tm1.tm_mday == tm2.tm_mday) &&
- (tm1.tm_hour == tm2.tm_hour) &&
- (tm1.tm_min == tm2.tm_min) && (tm1.tm_sec == tm2.tm_sec))
- return 1;
- fprintf(stderr, "TIME ERROR!!\n");
- fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n",
- tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900,
- tm2.tm_hour, tm2.tm_min, tm2.tm_sec);
- fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n",
- tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900,
- tm1.tm_hour, tm1.tm_min, tm1.tm_sec);
- return 0;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_time.c (from rev 11605, vendor-crypto/openssl/dist/crypto/o_time.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_time.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_time.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,380 @@
+/* crypto/o_time.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2008.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/e_os2.h>
+#include <string.h>
+#include "o_time.h"
+
+#ifdef OPENSSL_SYS_VMS
+# if __CRTL_VER >= 70000000 && \
+ (defined _POSIX_C_SOURCE || !defined _ANSI_C_SOURCE)
+# define VMS_GMTIME_OK
+# endif
+# ifndef VMS_GMTIME_OK
+# include <libdtdef.h>
+# include <lib$routines.h>
+# include <lnmdef.h>
+# include <starlet.h>
+# include <descrip.h>
+# include <stdlib.h>
+# endif /* ndef VMS_GMTIME_OK */
+#endif
+
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
+{
+ struct tm *ts = NULL;
+
+#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
+ /*
+ * should return &data, but doesn't on some systems, so we don't even
+ * look at the return value
+ */
+ gmtime_r(timer, result);
+ ts = result;
+#elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
+ ts = gmtime(timer);
+ if (ts == NULL)
+ return NULL;
+
+ memcpy(result, ts, sizeof(struct tm));
+ ts = result;
+#endif
+#if defined( OPENSSL_SYS_VMS) && !defined( VMS_GMTIME_OK)
+ if (ts == NULL) {
+ static $DESCRIPTOR(tabnam, "LNM$DCL_LOGICAL");
+ static $DESCRIPTOR(lognam, "SYS$TIMEZONE_DIFFERENTIAL");
+ char logvalue[256];
+ unsigned int reslen = 0;
+ struct {
+ short buflen;
+ short code;
+ void *bufaddr;
+ unsigned int *reslen;
+ } itemlist[] = {
+ {
+ 0, LNM$_STRING, 0, 0
+ },
+ {
+ 0, 0, 0, 0
+ },
+ };
+ int status;
+ time_t t;
+
+ /* Get the value for SYS$TIMEZONE_DIFFERENTIAL */
+ itemlist[0].buflen = sizeof(logvalue);
+ itemlist[0].bufaddr = logvalue;
+ itemlist[0].reslen = &reslen;
+ status = sys$trnlnm(0, &tabnam, &lognam, 0, itemlist);
+ if (!(status & 1))
+ return NULL;
+ logvalue[reslen] = '\0';
+
+ t = *timer;
+
+/* The following is extracted from the DEC C header time.h */
+ /*
+ ** Beginning in OpenVMS Version 7.0 mktime, time, ctime, strftime
+ ** have two implementations. One implementation is provided
+ ** for compatibility and deals with time in terms of local time,
+ ** the other __utc_* deals with time in terms of UTC.
+ */
+ /*
+ * We use the same conditions as in said time.h to check if we should
+ * assume that t contains local time (and should therefore be
+ * adjusted) or UTC (and should therefore be left untouched).
+ */
+# if __CRTL_VER < 70000000 || defined _VMS_V6_SOURCE
+ /* Get the numerical value of the equivalence string */
+ status = atoi(logvalue);
+
+ /* and use it to move time to GMT */
+ t -= status;
+# endif
+
+ /* then convert the result to the time structure */
+
+ /*
+ * Since there was no gmtime_r() to do this stuff for us, we have to
+ * do it the hard way.
+ */
+ {
+ /*-
+ * The VMS epoch is the astronomical Smithsonian date,
+ if I remember correctly, which is November 17, 1858.
+ Furthermore, time is measure in thenths of microseconds
+ and stored in quadwords (64 bit integers). unix_epoch
+ below is January 1st 1970 expressed as a VMS time. The
+ following code was used to get this number:
+
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <lib$routines.h>
+ #include <starlet.h>
+
+ main()
+ {
+ unsigned long systime[2];
+ unsigned short epoch_values[7] =
+ { 1970, 1, 1, 0, 0, 0, 0 };
+
+ lib$cvt_vectim(epoch_values, systime);
+
+ printf("%u %u", systime[0], systime[1]);
+ }
+ */
+ unsigned long unix_epoch[2] = { 1273708544, 8164711 };
+ unsigned long deltatime[2];
+ unsigned long systime[2];
+ struct vms_vectime {
+ short year, month, day, hour, minute, second, centi_second;
+ } time_values;
+ long operation;
+
+ /*
+ * Turn the number of seconds since January 1st 1970 to an
+ * internal delta time. Note that lib$cvt_to_internal_time() will
+ * assume that t is signed, and will therefore break on 32-bit
+ * systems some time in 2038.
+ */
+ operation = LIB$K_DELTA_SECONDS;
+ status = lib$cvt_to_internal_time(&operation, &t, deltatime);
+
+ /*
+ * Add the delta time with the Unix epoch and we have the current
+ * UTC time in internal format
+ */
+ status = lib$add_times(unix_epoch, deltatime, systime);
+
+ /* Turn the internal time into a time vector */
+ status = sys$numtim(&time_values, systime);
+
+ /* Fill in the struct tm with the result */
+ result->tm_sec = time_values.second;
+ result->tm_min = time_values.minute;
+ result->tm_hour = time_values.hour;
+ result->tm_mday = time_values.day;
+ result->tm_mon = time_values.month - 1;
+ result->tm_year = time_values.year - 1900;
+
+ operation = LIB$K_DAY_OF_WEEK;
+ status = lib$cvt_from_internal_time(&operation,
+ &result->tm_wday, systime);
+ result->tm_wday %= 7;
+
+ operation = LIB$K_DAY_OF_YEAR;
+ status = lib$cvt_from_internal_time(&operation,
+ &result->tm_yday, systime);
+ result->tm_yday--;
+
+ result->tm_isdst = 0; /* There's no way to know... */
+
+ ts = result;
+ }
+ }
+#endif
+ return ts;
+}
+
+/*
+ * Take a tm structure and add an offset to it. This avoids any OS issues
+ * with restricted date types and overflows which cause the year 2038
+ * problem.
+ */
+
+#define SECS_PER_DAY (24 * 60 * 60)
+
+static long date_to_julian(int y, int m, int d);
+static void julian_to_date(long jd, int *y, int *m, int *d);
+
+int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
+{
+ int offset_hms, offset_day;
+ long time_jd;
+ int time_year, time_month, time_day;
+ /* split offset into days and day seconds */
+ offset_day = offset_sec / SECS_PER_DAY;
+ /* Avoid sign issues with % operator */
+ offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
+ offset_day += off_day;
+ /* Add current time seconds to offset */
+ offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
+ /* Adjust day seconds if overflow */
+ if (offset_hms >= SECS_PER_DAY) {
+ offset_day++;
+ offset_hms -= SECS_PER_DAY;
+ } else if (offset_hms < 0) {
+ offset_day--;
+ offset_hms += SECS_PER_DAY;
+ }
+
+ /*
+ * Convert date of time structure into a Julian day number.
+ */
+
+ time_year = tm->tm_year + 1900;
+ time_month = tm->tm_mon + 1;
+ time_day = tm->tm_mday;
+
+ time_jd = date_to_julian(time_year, time_month, time_day);
+
+ /* Work out Julian day of new date */
+ time_jd += offset_day;
+
+ if (time_jd < 0)
+ return 0;
+
+ /* Convert Julian day back to date */
+
+ julian_to_date(time_jd, &time_year, &time_month, &time_day);
+
+ if (time_year < 1900 || time_year > 9999)
+ return 0;
+
+ /* Update tm structure */
+
+ tm->tm_year = time_year - 1900;
+ tm->tm_mon = time_month - 1;
+ tm->tm_mday = time_day;
+
+ tm->tm_hour = offset_hms / 3600;
+ tm->tm_min = (offset_hms / 60) % 60;
+ tm->tm_sec = offset_hms % 60;
+
+ return 1;
+
+}
+
+/*
+ * Convert date to and from julian day Uses Fliegel & Van Flandern algorithm
+ */
+static long date_to_julian(int y, int m, int d)
+{
+ return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
+ (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
+ (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075;
+}
+
+static void julian_to_date(long jd, int *y, int *m, int *d)
+{
+ long L = jd + 68569;
+ long n = (4 * L) / 146097;
+ long i, j;
+
+ L = L - (146097 * n + 3) / 4;
+ i = (4000 * (L + 1)) / 1461001;
+ L = L - (1461 * i) / 4 + 31;
+ j = (80 * L) / 2447;
+ *d = L - (2447 * j) / 80;
+ L = j / 11;
+ *m = j + 2 - (12 * L);
+ *y = 100 * (n - 49) + i + L;
+}
+
+#ifdef OPENSSL_TIME_TEST
+
+# include <stdio.h>
+
+/*
+ * Time checking test code. Check times are identical for a wide range of
+ * offsets. This should be run on a machine with 64 bit time_t or it will
+ * trigger the very errors the routines fix.
+ */
+
+int main(int argc, char **argv)
+{
+ long offset;
+ for (offset = 0; offset < 1000000; offset++) {
+ check_time(offset);
+ check_time(-offset);
+ check_time(offset * 1000);
+ check_time(-offset * 1000);
+ }
+}
+
+int check_time(long offset)
+{
+ struct tm tm1, tm2;
+ time_t t1, t2;
+ time(&t1);
+ t2 = t1 + offset;
+ OPENSSL_gmtime(&t2, &tm2);
+ OPENSSL_gmtime(&t1, &tm1);
+ OPENSSL_gmtime_adj(&tm1, 0, offset);
+ if ((tm1.tm_year == tm2.tm_year) &&
+ (tm1.tm_mon == tm2.tm_mon) &&
+ (tm1.tm_mday == tm2.tm_mday) &&
+ (tm1.tm_hour == tm2.tm_hour) &&
+ (tm1.tm_min == tm2.tm_min) && (tm1.tm_sec == tm2.tm_sec))
+ return 1;
+ fprintf(stderr, "TIME ERROR!!\n");
+ fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n",
+ tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900,
+ tm2.tm_hour, tm2.tm_min, tm2.tm_sec);
+ fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n",
+ tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900,
+ tm1.tm_hour, tm1.tm_min, tm1.tm_sec);
+ return 0;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/o_time.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/o_time.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_time.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,68 +0,0 @@
-/* crypto/o_time.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_TIME_H
-# define HEADER_O_TIME_H
-
-# include <time.h>
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
-int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/o_time.h (from rev 11605, vendor-crypto/openssl/dist/crypto/o_time.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/o_time.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/o_time.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,68 @@
+/* crypto/o_time.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_O_TIME_H
+# define HEADER_O_TIME_H
+
+# include <time.h>
+
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ocsp/ocsp_ext.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,566 +0,0 @@
-/* ocsp_ext.c */
-/*
- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
- * patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/ocsp.h>
-#include <openssl/rand.h>
-#include <openssl/x509v3.h>
-
-/* Standard wrapper functions for extensions */
-
-/* OCSP request extensions */
-
-int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
-{
- return (X509v3_get_ext_count(x->tbsRequest->requestExtensions));
-}
-
-int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
-{
- return (X509v3_get_ext_by_NID
- (x->tbsRequest->requestExtensions, nid, lastpos));
-}
-
-int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
- int lastpos)
-{
- return (X509v3_get_ext_by_OBJ
- (x->tbsRequest->requestExtensions, obj, lastpos));
-}
-
-int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
-{
- return (X509v3_get_ext_by_critical
- (x->tbsRequest->requestExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
-{
- return (X509v3_get_ext(x->tbsRequest->requestExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
-{
- return (X509v3_delete_ext(x->tbsRequest->requestExtensions, loc));
-}
-
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
-{
- return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
-}
-
-int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
- unsigned long flags)
-{
- return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value,
- crit, flags);
-}
-
-int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
-{
- return (X509v3_add_ext(&(x->tbsRequest->requestExtensions), ex, loc) !=
- NULL);
-}
-
-/* Single extensions */
-
-int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
-{
- return (X509v3_get_ext_count(x->singleRequestExtensions));
-}
-
-int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
-{
- return (X509v3_get_ext_by_NID(x->singleRequestExtensions, nid, lastpos));
-}
-
-int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
-{
- return (X509v3_get_ext_by_OBJ(x->singleRequestExtensions, obj, lastpos));
-}
-
-int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
-{
- return (X509v3_get_ext_by_critical
- (x->singleRequestExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
-{
- return (X509v3_get_ext(x->singleRequestExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
-{
- return (X509v3_delete_ext(x->singleRequestExtensions, loc));
-}
-
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
-{
- return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
-}
-
-int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
- unsigned long flags)
-{
- return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit,
- flags);
-}
-
-int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
-{
- return (X509v3_add_ext(&(x->singleRequestExtensions), ex, loc) != NULL);
-}
-
-/* OCSP Basic response */
-
-int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
-{
- return (X509v3_get_ext_count(x->tbsResponseData->responseExtensions));
-}
-
-int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
-{
- return (X509v3_get_ext_by_NID
- (x->tbsResponseData->responseExtensions, nid, lastpos));
-}
-
-int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
- int lastpos)
-{
- return (X509v3_get_ext_by_OBJ
- (x->tbsResponseData->responseExtensions, obj, lastpos));
-}
-
-int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
- int lastpos)
-{
- return (X509v3_get_ext_by_critical
- (x->tbsResponseData->responseExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
-{
- return (X509v3_get_ext(x->tbsResponseData->responseExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
-{
- return (X509v3_delete_ext(x->tbsResponseData->responseExtensions, loc));
-}
-
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
- int *idx)
-{
- return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, crit,
- idx);
-}
-
-int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
- int crit, unsigned long flags)
-{
- return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid,
- value, crit, flags);
-}
-
-int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
-{
- return (X509v3_add_ext(&(x->tbsResponseData->responseExtensions), ex, loc)
- != NULL);
-}
-
-/* OCSP single response extensions */
-
-int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
-{
- return (X509v3_get_ext_count(x->singleExtensions));
-}
-
-int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
-{
- return (X509v3_get_ext_by_NID(x->singleExtensions, nid, lastpos));
-}
-
-int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
- int lastpos)
-{
- return (X509v3_get_ext_by_OBJ(x->singleExtensions, obj, lastpos));
-}
-
-int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
- int lastpos)
-{
- return (X509v3_get_ext_by_critical(x->singleExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
-{
- return (X509v3_get_ext(x->singleExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
-{
- return (X509v3_delete_ext(x->singleExtensions, loc));
-}
-
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
- int *idx)
-{
- return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
-}
-
-int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
- int crit, unsigned long flags)
-{
- return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
-}
-
-int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
-{
- return (X509v3_add_ext(&(x->singleExtensions), ex, loc) != NULL);
-}
-
-/* also CRL Entry Extensions */
-#if 0
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
- void *data, STACK_OF(ASN1_OBJECT) *sk)
-{
- int i;
- unsigned char *p, *b = NULL;
-
- if (data) {
- if ((i = i2d(data, NULL)) <= 0)
- goto err;
- if (!(b = p = OPENSSL_malloc((unsigned int)i)))
- goto err;
- if (i2d(data, &p) <= 0)
- goto err;
- } else if (sk) {
- if ((i = i2d_ASN1_SET_OF_ASN1_OBJECT(sk, NULL,
- (I2D_OF(ASN1_OBJECT)) i2d,
- V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL,
- IS_SEQUENCE)) <= 0)
- goto err;
- if (!(b = p = OPENSSL_malloc((unsigned int)i)))
- goto err;
- if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk, &p, (I2D_OF(ASN1_OBJECT)) i2d,
- V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE) <= 0)
- goto err;
- } else {
- OCSPerr(OCSP_F_ASN1_STRING_ENCODE, OCSP_R_BAD_DATA);
- goto err;
- }
- if (!s && !(s = ASN1_STRING_new()))
- goto err;
- if (!(ASN1_STRING_set(s, b, i)))
- goto err;
- OPENSSL_free(b);
- return s;
- err:
- if (b)
- OPENSSL_free(b);
- return NULL;
-}
-#endif
-
-/* Nonce handling functions */
-
-/*
- * Add a nonce to an extension stack. A nonce can be specificed or if NULL a
- * random nonce will be generated. Note: OpenSSL 0.9.7d and later create an
- * OCTET STRING containing the nonce, previous versions used the raw nonce.
- */
-
-static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
- unsigned char *val, int len)
-{
- unsigned char *tmpval;
- ASN1_OCTET_STRING os;
- int ret = 0;
- if (len <= 0)
- len = OCSP_DEFAULT_NONCE_LENGTH;
- /*
- * Create the OCTET STRING manually by writing out the header and
- * appending the content octets. This avoids an extra memory allocation
- * operation in some cases. Applications should *NOT* do this because it
- * relies on library internals.
- */
- os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
- os.data = OPENSSL_malloc(os.length);
- if (os.data == NULL)
- goto err;
- tmpval = os.data;
- ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
- if (val)
- memcpy(tmpval, val, len);
- else if (RAND_pseudo_bytes(tmpval, len) < 0)
- goto err;
- if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
- &os, 0, X509V3_ADD_REPLACE))
- goto err;
- ret = 1;
- err:
- if (os.data)
- OPENSSL_free(os.data);
- return ret;
-}
-
-/* Add nonce to an OCSP request */
-
-int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
-{
- return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len);
-}
-
-/* Same as above but for a response */
-
-int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
-{
- return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val,
- len);
-}
-
-/*-
- * Check nonce validity in a request and response.
- * Return value reflects result:
- * 1: nonces present and equal.
- * 2: nonces both absent.
- * 3: nonce present in response only.
- * 0: nonces both present and not equal.
- * -1: nonce in request only.
- *
- * For most responders clients can check return > 0.
- * If responder doesn't handle nonces return != 0 may be
- * necessary. return == 0 is always an error.
- */
-
-int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
-{
- /*
- * Since we are only interested in the presence or absence of
- * the nonce and comparing its value there is no need to use
- * the X509V3 routines: this way we can avoid them allocating an
- * ASN1_OCTET_STRING structure for the value which would be
- * freed immediately anyway.
- */
-
- int req_idx, resp_idx;
- X509_EXTENSION *req_ext, *resp_ext;
- req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
- resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, NID_id_pkix_OCSP_Nonce, -1);
- /* Check both absent */
- if ((req_idx < 0) && (resp_idx < 0))
- return 2;
- /* Check in request only */
- if ((req_idx >= 0) && (resp_idx < 0))
- return -1;
- /* Check in response but not request */
- if ((req_idx < 0) && (resp_idx >= 0))
- return 3;
- /*
- * Otherwise nonce in request and response so retrieve the extensions
- */
- req_ext = OCSP_REQUEST_get_ext(req, req_idx);
- resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
- if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
- return 0;
- return 1;
-}
-
-/*
- * Copy the nonce value (if any) from an OCSP request to a response.
- */
-
-int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
-{
- X509_EXTENSION *req_ext;
- int req_idx;
- /* Check for nonce in request */
- req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
- /* If no nonce that's OK */
- if (req_idx < 0)
- return 2;
- req_ext = OCSP_REQUEST_get_ext(req, req_idx);
- return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
-}
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
-{
- X509_EXTENSION *x = NULL;
- OCSP_CRLID *cid = NULL;
-
- if (!(cid = OCSP_CRLID_new()))
- goto err;
- if (url) {
- if (!(cid->crlUrl = ASN1_IA5STRING_new()))
- goto err;
- if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
- goto err;
- }
- if (n) {
- if (!(cid->crlNum = ASN1_INTEGER_new()))
- goto err;
- if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
- goto err;
- }
- if (tim) {
- if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
- goto err;
- if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
- goto err;
- }
- x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
- err:
- if (cid)
- OCSP_CRLID_free(cid);
- return x;
-}
-
-/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
-X509_EXTENSION *OCSP_accept_responses_new(char **oids)
-{
- int nid;
- STACK_OF(ASN1_OBJECT) *sk = NULL;
- ASN1_OBJECT *o = NULL;
- X509_EXTENSION *x = NULL;
-
- if (!(sk = sk_ASN1_OBJECT_new_null()))
- goto err;
- while (oids && *oids) {
- if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
- sk_ASN1_OBJECT_push(sk, o);
- oids++;
- }
- x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
- err:
- if (sk)
- sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
- return x;
-}
-
-/* ArchiveCutoff ::= GeneralizedTime */
-X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
-{
- X509_EXTENSION *x = NULL;
- ASN1_GENERALIZEDTIME *gt = NULL;
-
- if (!(gt = ASN1_GENERALIZEDTIME_new()))
- goto err;
- if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
- goto err;
- x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
- err:
- if (gt)
- ASN1_GENERALIZEDTIME_free(gt);
- return x;
-}
-
-/*
- * per ACCESS_DESCRIPTION parameter are oids, of which there are currently
- * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value. This method
- * forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
- */
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
-{
- X509_EXTENSION *x = NULL;
- ASN1_IA5STRING *ia5 = NULL;
- OCSP_SERVICELOC *sloc = NULL;
- ACCESS_DESCRIPTION *ad = NULL;
-
- if (!(sloc = OCSP_SERVICELOC_new()))
- goto err;
- if (!(sloc->issuer = X509_NAME_dup(issuer)))
- goto err;
- if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
- goto err;
- while (urls && *urls) {
- if (!(ad = ACCESS_DESCRIPTION_new()))
- goto err;
- if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
- goto err;
- if (!(ad->location = GENERAL_NAME_new()))
- goto err;
- if (!(ia5 = ASN1_IA5STRING_new()))
- goto err;
- if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
- goto err;
- ad->location->type = GEN_URI;
- ad->location->d.ia5 = ia5;
- if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
- goto err;
- urls++;
- }
- x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
- err:
- if (sloc)
- OCSP_SERVICELOC_free(sloc);
- return x;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ocsp/ocsp_ext.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ocsp/ocsp_ext.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,566 @@
+/* ocsp_ext.c */
+/*
+ * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+ * patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <cryptlib.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/ocsp.h>
+#include <openssl/rand.h>
+#include <openssl/x509v3.h>
+
+/* Standard wrapper functions for extensions */
+
+/* OCSP request extensions */
+
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
+{
+ return (X509v3_get_ext_count(x->tbsRequest->requestExtensions));
+}
+
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
+{
+ return (X509v3_get_ext_by_NID
+ (x->tbsRequest->requestExtensions, nid, lastpos));
+}
+
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
+ int lastpos)
+{
+ return (X509v3_get_ext_by_OBJ
+ (x->tbsRequest->requestExtensions, obj, lastpos));
+}
+
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
+{
+ return (X509v3_get_ext_by_critical
+ (x->tbsRequest->requestExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
+{
+ return (X509v3_get_ext(x->tbsRequest->requestExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
+{
+ return (X509v3_delete_ext(x->tbsRequest->requestExtensions, loc));
+}
+
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
+{
+ return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
+}
+
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+ unsigned long flags)
+{
+ return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value,
+ crit, flags);
+}
+
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
+{
+ return (X509v3_add_ext(&(x->tbsRequest->requestExtensions), ex, loc) !=
+ NULL);
+}
+
+/* Single extensions */
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
+{
+ return (X509v3_get_ext_count(x->singleRequestExtensions));
+}
+
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
+{
+ return (X509v3_get_ext_by_NID(x->singleRequestExtensions, nid, lastpos));
+}
+
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
+{
+ return (X509v3_get_ext_by_OBJ(x->singleRequestExtensions, obj, lastpos));
+}
+
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
+{
+ return (X509v3_get_ext_by_critical
+ (x->singleRequestExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
+{
+ return (X509v3_get_ext(x->singleRequestExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
+{
+ return (X509v3_delete_ext(x->singleRequestExtensions, loc));
+}
+
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
+{
+ return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
+}
+
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+ unsigned long flags)
+{
+ return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit,
+ flags);
+}
+
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
+{
+ return (X509v3_add_ext(&(x->singleRequestExtensions), ex, loc) != NULL);
+}
+
+/* OCSP Basic response */
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
+{
+ return (X509v3_get_ext_count(x->tbsResponseData->responseExtensions));
+}
+
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
+{
+ return (X509v3_get_ext_by_NID
+ (x->tbsResponseData->responseExtensions, nid, lastpos));
+}
+
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
+ int lastpos)
+{
+ return (X509v3_get_ext_by_OBJ
+ (x->tbsResponseData->responseExtensions, obj, lastpos));
+}
+
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
+ int lastpos)
+{
+ return (X509v3_get_ext_by_critical
+ (x->tbsResponseData->responseExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
+{
+ return (X509v3_get_ext(x->tbsResponseData->responseExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
+{
+ return (X509v3_delete_ext(x->tbsResponseData->responseExtensions, loc));
+}
+
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
+ int *idx)
+{
+ return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, crit,
+ idx);
+}
+
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
+ int crit, unsigned long flags)
+{
+ return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid,
+ value, crit, flags);
+}
+
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
+{
+ return (X509v3_add_ext(&(x->tbsResponseData->responseExtensions), ex, loc)
+ != NULL);
+}
+
+/* OCSP single response extensions */
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
+{
+ return (X509v3_get_ext_count(x->singleExtensions));
+}
+
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
+{
+ return (X509v3_get_ext_by_NID(x->singleExtensions, nid, lastpos));
+}
+
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
+ int lastpos)
+{
+ return (X509v3_get_ext_by_OBJ(x->singleExtensions, obj, lastpos));
+}
+
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
+ int lastpos)
+{
+ return (X509v3_get_ext_by_critical(x->singleExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
+{
+ return (X509v3_get_ext(x->singleExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
+{
+ return (X509v3_delete_ext(x->singleExtensions, loc));
+}
+
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
+ int *idx)
+{
+ return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
+}
+
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
+ int crit, unsigned long flags)
+{
+ return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
+}
+
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
+{
+ return (X509v3_add_ext(&(x->singleExtensions), ex, loc) != NULL);
+}
+
+/* also CRL Entry Extensions */
+#if 0
+ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
+ void *data, STACK_OF(ASN1_OBJECT) *sk)
+{
+ int i;
+ unsigned char *p, *b = NULL;
+
+ if (data) {
+ if ((i = i2d(data, NULL)) <= 0)
+ goto err;
+ if (!(b = p = OPENSSL_malloc((unsigned int)i)))
+ goto err;
+ if (i2d(data, &p) <= 0)
+ goto err;
+ } else if (sk) {
+ if ((i = i2d_ASN1_SET_OF_ASN1_OBJECT(sk, NULL,
+ (I2D_OF(ASN1_OBJECT)) i2d,
+ V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL,
+ IS_SEQUENCE)) <= 0)
+ goto err;
+ if (!(b = p = OPENSSL_malloc((unsigned int)i)))
+ goto err;
+ if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk, &p, (I2D_OF(ASN1_OBJECT)) i2d,
+ V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL, IS_SEQUENCE) <= 0)
+ goto err;
+ } else {
+ OCSPerr(OCSP_F_ASN1_STRING_ENCODE, OCSP_R_BAD_DATA);
+ goto err;
+ }
+ if (!s && !(s = ASN1_STRING_new()))
+ goto err;
+ if (!(ASN1_STRING_set(s, b, i)))
+ goto err;
+ OPENSSL_free(b);
+ return s;
+ err:
+ if (b)
+ OPENSSL_free(b);
+ return NULL;
+}
+#endif
+
+/* Nonce handling functions */
+
+/*
+ * Add a nonce to an extension stack. A nonce can be specificed or if NULL a
+ * random nonce will be generated. Note: OpenSSL 0.9.7d and later create an
+ * OCTET STRING containing the nonce, previous versions used the raw nonce.
+ */
+
+static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
+ unsigned char *val, int len)
+{
+ unsigned char *tmpval;
+ ASN1_OCTET_STRING os;
+ int ret = 0;
+ if (len <= 0)
+ len = OCSP_DEFAULT_NONCE_LENGTH;
+ /*
+ * Create the OCTET STRING manually by writing out the header and
+ * appending the content octets. This avoids an extra memory allocation
+ * operation in some cases. Applications should *NOT* do this because it
+ * relies on library internals.
+ */
+ os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
+ os.data = OPENSSL_malloc(os.length);
+ if (os.data == NULL)
+ goto err;
+ tmpval = os.data;
+ ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
+ if (val)
+ memcpy(tmpval, val, len);
+ else if (RAND_bytes(tmpval, len) <= 0)
+ goto err;
+ if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
+ &os, 0, X509V3_ADD_REPLACE))
+ goto err;
+ ret = 1;
+ err:
+ if (os.data)
+ OPENSSL_free(os.data);
+ return ret;
+}
+
+/* Add nonce to an OCSP request */
+
+int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
+{
+ return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len);
+}
+
+/* Same as above but for a response */
+
+int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
+{
+ return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val,
+ len);
+}
+
+/*-
+ * Check nonce validity in a request and response.
+ * Return value reflects result:
+ * 1: nonces present and equal.
+ * 2: nonces both absent.
+ * 3: nonce present in response only.
+ * 0: nonces both present and not equal.
+ * -1: nonce in request only.
+ *
+ * For most responders clients can check return > 0.
+ * If responder doesn't handle nonces return != 0 may be
+ * necessary. return == 0 is always an error.
+ */
+
+int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
+{
+ /*
+ * Since we are only interested in the presence or absence of
+ * the nonce and comparing its value there is no need to use
+ * the X509V3 routines: this way we can avoid them allocating an
+ * ASN1_OCTET_STRING structure for the value which would be
+ * freed immediately anyway.
+ */
+
+ int req_idx, resp_idx;
+ X509_EXTENSION *req_ext, *resp_ext;
+ req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
+ resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, NID_id_pkix_OCSP_Nonce, -1);
+ /* Check both absent */
+ if ((req_idx < 0) && (resp_idx < 0))
+ return 2;
+ /* Check in request only */
+ if ((req_idx >= 0) && (resp_idx < 0))
+ return -1;
+ /* Check in response but not request */
+ if ((req_idx < 0) && (resp_idx >= 0))
+ return 3;
+ /*
+ * Otherwise nonce in request and response so retrieve the extensions
+ */
+ req_ext = OCSP_REQUEST_get_ext(req, req_idx);
+ resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
+ if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
+ return 0;
+ return 1;
+}
+
+/*
+ * Copy the nonce value (if any) from an OCSP request to a response.
+ */
+
+int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
+{
+ X509_EXTENSION *req_ext;
+ int req_idx;
+ /* Check for nonce in request */
+ req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
+ /* If no nonce that's OK */
+ if (req_idx < 0)
+ return 2;
+ req_ext = OCSP_REQUEST_get_ext(req, req_idx);
+ return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
+}
+
+X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
+{
+ X509_EXTENSION *x = NULL;
+ OCSP_CRLID *cid = NULL;
+
+ if (!(cid = OCSP_CRLID_new()))
+ goto err;
+ if (url) {
+ if (!(cid->crlUrl = ASN1_IA5STRING_new()))
+ goto err;
+ if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
+ goto err;
+ }
+ if (n) {
+ if (!(cid->crlNum = ASN1_INTEGER_new()))
+ goto err;
+ if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
+ goto err;
+ }
+ if (tim) {
+ if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
+ goto err;
+ if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
+ goto err;
+ }
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
+ err:
+ if (cid)
+ OCSP_CRLID_free(cid);
+ return x;
+}
+
+/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
+X509_EXTENSION *OCSP_accept_responses_new(char **oids)
+{
+ int nid;
+ STACK_OF(ASN1_OBJECT) *sk = NULL;
+ ASN1_OBJECT *o = NULL;
+ X509_EXTENSION *x = NULL;
+
+ if (!(sk = sk_ASN1_OBJECT_new_null()))
+ goto err;
+ while (oids && *oids) {
+ if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
+ sk_ASN1_OBJECT_push(sk, o);
+ oids++;
+ }
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
+ err:
+ if (sk)
+ sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
+ return x;
+}
+
+/* ArchiveCutoff ::= GeneralizedTime */
+X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
+{
+ X509_EXTENSION *x = NULL;
+ ASN1_GENERALIZEDTIME *gt = NULL;
+
+ if (!(gt = ASN1_GENERALIZEDTIME_new()))
+ goto err;
+ if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
+ goto err;
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
+ err:
+ if (gt)
+ ASN1_GENERALIZEDTIME_free(gt);
+ return x;
+}
+
+/*
+ * per ACCESS_DESCRIPTION parameter are oids, of which there are currently
+ * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value. This method
+ * forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
+ */
+X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
+{
+ X509_EXTENSION *x = NULL;
+ ASN1_IA5STRING *ia5 = NULL;
+ OCSP_SERVICELOC *sloc = NULL;
+ ACCESS_DESCRIPTION *ad = NULL;
+
+ if (!(sloc = OCSP_SERVICELOC_new()))
+ goto err;
+ if (!(sloc->issuer = X509_NAME_dup(issuer)))
+ goto err;
+ if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
+ goto err;
+ while (urls && *urls) {
+ if (!(ad = ACCESS_DESCRIPTION_new()))
+ goto err;
+ if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
+ goto err;
+ if (!(ad->location = GENERAL_NAME_new()))
+ goto err;
+ if (!(ia5 = ASN1_IA5STRING_new()))
+ goto err;
+ if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
+ goto err;
+ ad->location->type = GEN_URI;
+ ad->location->d.ia5 = ia5;
+ if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
+ goto err;
+ urls++;
+ }
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
+ err:
+ if (sloc)
+ OCSP_SERVICELOC_free(sloc);
+ return x;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/opensslconf.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,241 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-# define OPENSSL_NO_EC_NISTP_64_GCC_128
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_MD2
-# define OPENSSL_NO_MD2
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SCTP
-# define OPENSSL_NO_SCTP
-#endif
-#ifndef OPENSSL_NO_STORE
-# define OPENSSL_NO_STORE
-#endif
-#ifndef OPENSSL_NO_UNIT_TEST
-# define OPENSSL_NO_UNIT_TEST
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-# define OPENSSL_NO_DYNAMIC_ENGINE
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
- asks for it. This is a transient feature that is provided for those
- who haven't had the time to do the appropriate changes in their
- applications. */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
-# define NO_EC_NISTP_64_GCC_128
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-# define NO_GMP
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-# define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-# define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
-# define NO_MD2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-# define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-# define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
-# define NO_SCTP
-# endif
-# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
-# define NO_STORE
-# endif
-# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
-# define NO_UNIT_TEST
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "/usr/local/ssl/lib/engines"
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#undef RC4_CHUNK
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#undef BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units. It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#undef DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001 at cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#elif defined( __ultrix ) /* Older MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined( __osf1__ ) /* Alpha */
-# define DES_PTR
-# define DES_RISC2
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* Unknown */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-# define DES_UNROLL
-#elif defined( __sgi ) /* Newer MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
-#ifdef __cplusplus
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h (from rev 11605, vendor-crypto/openssl/dist/crypto/opensslconf.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/opensslconf.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,253 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
+#endif
+#ifndef OPENSSL_NO_GMP
+# define OPENSSL_NO_GMP
+#endif
+#ifndef OPENSSL_NO_JPAKE
+# define OPENSSL_NO_JPAKE
+#endif
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
+#endif
+#ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+#endif
+#ifndef OPENSSL_NO_RFC3779
+# define OPENSSL_NO_RFC3779
+#endif
+#ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
+#endif
+#ifndef OPENSSL_NO_SSL2
+# define OPENSSL_NO_SSL2
+#endif
+#ifndef OPENSSL_NO_STORE
+# define OPENSSL_NO_STORE
+#endif
+#ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+# define OPENSSL_NO_WEAK_SSL_CIPHERS
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# define OPENSSL_NO_DYNAMIC_ENGINE
+#endif
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+ asks for it. This is a transient feature that is provided for those
+ who haven't had the time to do the appropriate changes in their
+ applications. */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
+# define NO_EC_NISTP_64_GCC_128
+# endif
+# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
+# define NO_GMP
+# endif
+# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
+# define NO_JPAKE
+# endif
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+# define NO_KRB5
+# endif
+# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
+# define NO_MD2
+# endif
+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
+# define NO_RC5
+# endif
+# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
+# define NO_RFC3779
+# endif
+# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
+# define NO_SCTP
+# endif
+# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
+# define NO_SSL2
+# endif
+# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
+# define NO_STORE
+# endif
+# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
+# define NO_UNIT_TEST
+# endif
+# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS)
+# define NO_WEAK_SSL_CIPHERS
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define ENGINESDIR "/usr/local/ssl/lib/engines"
+#define OPENSSLDIR "/usr/local/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001 at cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
+# define DES_PTR
+# define DES_RISC1
+# define DES_UNROLL
+#elif defined( __ultrix ) /* Older MIPS */
+# define DES_PTR
+# define DES_RISC2
+# define DES_UNROLL
+#elif defined( __osf1__ ) /* Alpha */
+# define DES_PTR
+# define DES_RISC2
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* Unknown */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+# define DES_UNROLL
+#elif defined( __sgi ) /* Newer MIPS */
+# define DES_PTR
+# define DES_RISC2
+# define DES_UNROLL
+#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
+# define DES_PTR
+# define DES_RISC1
+# define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
+#ifdef __cplusplus
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/opensslv.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/opensslv.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/opensslv.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,97 +0,0 @@
-#ifndef HEADER_OPENSSLV_H
-# define HEADER_OPENSSLV_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*-
- * Numeric release version identifier:
- * MNNFFPPS: major minor fix patch status
- * The status nibble has one of the values 0 for development, 1 to e for betas
- * 1 to 14, and f for release. The patch level is exactly that.
- * For example:
- * 0.9.3-dev 0x00903000
- * 0.9.3-beta1 0x00903001
- * 0.9.3-beta2-dev 0x00903002
- * 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
- * 0.9.3 0x0090300f
- * 0.9.3a 0x0090301f
- * 0.9.4 0x0090400f
- * 1.2.3z 0x102031af
- *
- * For continuity reasons (because 0.9.5 is already out, and is coded
- * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
- * part is slightly different, by setting the highest bit. This means
- * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
- * with 0x0090600S...
- *
- * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
- * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
- * major minor fix final patch/beta)
- */
-# define OPENSSL_VERSION_NUMBER 0x1000111fL
-# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1q-fips 3 Dec 2015"
-# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1q 3 Dec 2015"
-# endif
-# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
-
-/*-
- * The macros below are to be used for shared library (.so, .dll, ...)
- * versioning. That kind of versioning works a bit differently between
- * operating systems. The most usual scheme is to set a major and a minor
- * number, and have the runtime loader check that the major number is equal
- * to what it was at application link time, while the minor number has to
- * be greater or equal to what it was at application link time. With this
- * scheme, the version number is usually part of the file name, like this:
- *
- * libcrypto.so.0.9
- *
- * Some unixen also make a softlink with the major verson number only:
- *
- * libcrypto.so.0
- *
- * On Tru64 and IRIX 6.x it works a little bit differently. There, the
- * shared library version is stored in the file, and is actually a series
- * of versions, separated by colons. The rightmost version present in the
- * library when linking an application is stored in the application to be
- * matched at run time. When the application is run, a check is done to
- * see if the library version stored in the application matches any of the
- * versions in the version string of the library itself.
- * This version string can be constructed in any way, depending on what
- * kind of matching is desired. However, to implement the same scheme as
- * the one used in the other unixen, all compatible versions, from lowest
- * to highest, should be part of the string. Consecutive builds would
- * give the following versions strings:
- *
- * 3.0
- * 3.0:3.1
- * 3.0:3.1:3.2
- * 4.0
- * 4.0:4.1
- *
- * Notice how version 4 is completely incompatible with version, and
- * therefore give the breach you can see.
- *
- * There may be other schemes as well that I haven't yet discovered.
- *
- * So, here's the way it works here: first of all, the library version
- * number doesn't need at all to match the overall OpenSSL version.
- * However, it's nice and more understandable if it actually does.
- * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
- * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
- * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
- * we need to keep a history of version numbers, which is done in the
- * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
- * should only keep the versions that are binary compatible with the current.
- */
-# define SHLIB_VERSION_HISTORY ""
-# define SHLIB_VERSION_NUMBER "1.0.0"
-
-
-#ifdef __cplusplus
-}
-#endif
-#endif /* HEADER_OPENSSLV_H */
Copied: vendor-crypto/openssl/1.0.1u/crypto/opensslv.h (from rev 11605, vendor-crypto/openssl/dist/crypto/opensslv.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/opensslv.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/opensslv.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,97 @@
+#ifndef HEADER_OPENSSLV_H
+# define HEADER_OPENSSLV_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*-
+ * Numeric release version identifier:
+ * MNNFFPPS: major minor fix patch status
+ * The status nibble has one of the values 0 for development, 1 to e for betas
+ * 1 to 14, and f for release. The patch level is exactly that.
+ * For example:
+ * 0.9.3-dev 0x00903000
+ * 0.9.3-beta1 0x00903001
+ * 0.9.3-beta2-dev 0x00903002
+ * 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
+ * 0.9.3 0x0090300f
+ * 0.9.3a 0x0090301f
+ * 0.9.4 0x0090400f
+ * 1.2.3z 0x102031af
+ *
+ * For continuity reasons (because 0.9.5 is already out, and is coded
+ * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
+ * part is slightly different, by setting the highest bit. This means
+ * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
+ * with 0x0090600S...
+ *
+ * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
+ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
+ * major minor fix final patch/beta)
+ */
+# define OPENSSL_VERSION_NUMBER 0x1000115fL
+# ifdef OPENSSL_FIPS
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1u-fips 22 Sep 2016"
+# else
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1u 22 Sep 2016"
+# endif
+# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
+
+/*-
+ * The macros below are to be used for shared library (.so, .dll, ...)
+ * versioning. That kind of versioning works a bit differently between
+ * operating systems. The most usual scheme is to set a major and a minor
+ * number, and have the runtime loader check that the major number is equal
+ * to what it was at application link time, while the minor number has to
+ * be greater or equal to what it was at application link time. With this
+ * scheme, the version number is usually part of the file name, like this:
+ *
+ * libcrypto.so.0.9
+ *
+ * Some unixen also make a softlink with the major verson number only:
+ *
+ * libcrypto.so.0
+ *
+ * On Tru64 and IRIX 6.x it works a little bit differently. There, the
+ * shared library version is stored in the file, and is actually a series
+ * of versions, separated by colons. The rightmost version present in the
+ * library when linking an application is stored in the application to be
+ * matched at run time. When the application is run, a check is done to
+ * see if the library version stored in the application matches any of the
+ * versions in the version string of the library itself.
+ * This version string can be constructed in any way, depending on what
+ * kind of matching is desired. However, to implement the same scheme as
+ * the one used in the other unixen, all compatible versions, from lowest
+ * to highest, should be part of the string. Consecutive builds would
+ * give the following versions strings:
+ *
+ * 3.0
+ * 3.0:3.1
+ * 3.0:3.1:3.2
+ * 4.0
+ * 4.0:4.1
+ *
+ * Notice how version 4 is completely incompatible with version, and
+ * therefore give the breach you can see.
+ *
+ * There may be other schemes as well that I haven't yet discovered.
+ *
+ * So, here's the way it works here: first of all, the library version
+ * number doesn't need at all to match the overall OpenSSL version.
+ * However, it's nice and more understandable if it actually does.
+ * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
+ * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
+ * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
+ * we need to keep a history of version numbers, which is done in the
+ * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
+ * should only keep the versions that are binary compatible with the current.
+ */
+# define SHLIB_VERSION_HISTORY ""
+# define SHLIB_VERSION_NUMBER "1.0.0"
+
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* HEADER_OPENSSLV_H */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/pem/pem.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,611 +0,0 @@
-/* crypto/pem/pem.h */
-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PEM_H
-# define HEADER_PEM_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_BIO
-# include <openssl/bio.h>
-# endif
-# ifndef OPENSSL_NO_STACK
-# include <openssl/stack.h>
-# endif
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem2.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define PEM_BUFSIZE 1024
-
-# define PEM_OBJ_UNDEF 0
-# define PEM_OBJ_X509 1
-# define PEM_OBJ_X509_REQ 2
-# define PEM_OBJ_CRL 3
-# define PEM_OBJ_SSL_SESSION 4
-# define PEM_OBJ_PRIV_KEY 10
-# define PEM_OBJ_PRIV_RSA 11
-# define PEM_OBJ_PRIV_DSA 12
-# define PEM_OBJ_PRIV_DH 13
-# define PEM_OBJ_PUB_RSA 14
-# define PEM_OBJ_PUB_DSA 15
-# define PEM_OBJ_PUB_DH 16
-# define PEM_OBJ_DHPARAMS 17
-# define PEM_OBJ_DSAPARAMS 18
-# define PEM_OBJ_PRIV_RSA_PUBLIC 19
-# define PEM_OBJ_PRIV_ECDSA 20
-# define PEM_OBJ_PUB_ECDSA 21
-# define PEM_OBJ_ECPARAMETERS 22
-
-# define PEM_ERROR 30
-# define PEM_DEK_DES_CBC 40
-# define PEM_DEK_IDEA_CBC 45
-# define PEM_DEK_DES_EDE 50
-# define PEM_DEK_DES_ECB 60
-# define PEM_DEK_RSA 70
-# define PEM_DEK_RSA_MD2 80
-# define PEM_DEK_RSA_MD5 90
-
-# define PEM_MD_MD2 NID_md2
-# define PEM_MD_MD5 NID_md5
-# define PEM_MD_SHA NID_sha
-# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
-# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
-# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
-
-# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
-# define PEM_STRING_X509 "CERTIFICATE"
-# define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
-# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
-# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
-# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
-# define PEM_STRING_X509_CRL "X509 CRL"
-# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
-# define PEM_STRING_PUBLIC "PUBLIC KEY"
-# define PEM_STRING_RSA "RSA PRIVATE KEY"
-# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
-# define PEM_STRING_DSA "DSA PRIVATE KEY"
-# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
-# define PEM_STRING_PKCS7 "PKCS7"
-# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
-# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
-# define PEM_STRING_PKCS8INF "PRIVATE KEY"
-# define PEM_STRING_DHPARAMS "DH PARAMETERS"
-# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
-# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
-# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
-# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
-# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
-# define PEM_STRING_PARAMETERS "PARAMETERS"
-# define PEM_STRING_CMS "CMS"
-
- /*
- * Note that this structure is initialised by PEM_SealInit and cleaned up
- * by PEM_SealFinal (at least for now)
- */
-typedef struct PEM_Encode_Seal_st {
- EVP_ENCODE_CTX encode;
- EVP_MD_CTX md;
- EVP_CIPHER_CTX cipher;
-} PEM_ENCODE_SEAL_CTX;
-
-/* enc_type is one off */
-# define PEM_TYPE_ENCRYPTED 10
-# define PEM_TYPE_MIC_ONLY 20
-# define PEM_TYPE_MIC_CLEAR 30
-# define PEM_TYPE_CLEAR 40
-
-typedef struct pem_recip_st {
- char *name;
- X509_NAME *dn;
- int cipher;
- int key_enc;
- /* char iv[8]; unused and wrong size */
-} PEM_USER;
-
-typedef struct pem_ctx_st {
- int type; /* what type of object */
- struct {
- int version;
- int mode;
- } proc_type;
-
- char *domain;
-
- struct {
- int cipher;
- /*-
- unused, and wrong size
- unsigned char iv[8]; */
- } DEK_info;
-
- PEM_USER *originator;
-
- int num_recipient;
- PEM_USER **recipient;
-
-/*-
- XXX(ben): don#t think this is used!
- STACK *x509_chain; / * certificate chain */
- EVP_MD *md; /* signature type */
-
- int md_enc; /* is the md encrypted or not? */
- int md_len; /* length of md_data */
- char *md_data; /* message digest, could be pkey encrypted */
-
- EVP_CIPHER *dec; /* date encryption cipher */
- int key_len; /* key length */
- unsigned char *key; /* key */
- /*-
- unused, and wrong size
- unsigned char iv[8]; */
-
- int data_enc; /* is the data encrypted */
- int data_len;
- unsigned char *data;
-} PEM_CTX;
-
-/*
- * These macros make the PEM_read/PEM_write functions easier to maintain and
- * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
- * IMPLEMENT_PEM_rw_cb(...)
- */
-
-# ifdef OPENSSL_NO_FP_API
-
-# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
-# else
-
-# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
-type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
-}
-
-# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, const type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, \
- void *u) \
- { \
- return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
- }
-
-# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, \
- void *u) \
- { \
- return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
- }
-
-# endif
-
-# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
-}
-
-# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, const type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
- { \
- return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
- }
-
-# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
- { \
- return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
- }
-
-# define IMPLEMENT_PEM_write(name, type, str, asn1) \
- IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_write_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_read_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb(name, type, str, asn1)
-
-/* These are the same except they are for the declarations */
-
-# if defined(OPENSSL_NO_FP_API)
-
-# define DECLARE_PEM_read_fp(name, type) /**/
-# define DECLARE_PEM_write_fp(name, type) /**/
-# define DECLARE_PEM_write_cb_fp(name, type) /**/
-# else
-
-# define DECLARE_PEM_read_fp(name, type) \
- type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
-
-# define DECLARE_PEM_write_fp(name, type) \
- int PEM_write_##name(FILE *fp, type *x);
-
-# define DECLARE_PEM_write_fp_const(name, type) \
- int PEM_write_##name(FILE *fp, const type *x);
-
-# define DECLARE_PEM_write_cb_fp(name, type) \
- int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-# endif
-
-# ifndef OPENSSL_NO_BIO
-# define DECLARE_PEM_read_bio(name, type) \
- type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
-
-# define DECLARE_PEM_write_bio(name, type) \
- int PEM_write_bio_##name(BIO *bp, type *x);
-
-# define DECLARE_PEM_write_bio_const(name, type) \
- int PEM_write_bio_##name(BIO *bp, const type *x);
-
-# define DECLARE_PEM_write_cb_bio(name, type) \
- int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-# else
-
-# define DECLARE_PEM_read_bio(name, type) /**/
-# define DECLARE_PEM_write_bio(name, type) /**/
-# define DECLARE_PEM_write_bio_const(name, type) /**/
-# define DECLARE_PEM_write_cb_bio(name, type) /**/
-# endif
-# define DECLARE_PEM_write(name, type) \
- DECLARE_PEM_write_bio(name, type) \
- DECLARE_PEM_write_fp(name, type)
-# define DECLARE_PEM_write_const(name, type) \
- DECLARE_PEM_write_bio_const(name, type) \
- DECLARE_PEM_write_fp_const(name, type)
-# define DECLARE_PEM_write_cb(name, type) \
- DECLARE_PEM_write_cb_bio(name, type) \
- DECLARE_PEM_write_cb_fp(name, type)
-# define DECLARE_PEM_read(name, type) \
- DECLARE_PEM_read_bio(name, type) \
- DECLARE_PEM_read_fp(name, type)
-# define DECLARE_PEM_rw(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write(name, type)
-# define DECLARE_PEM_rw_const(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_const(name, type)
-# define DECLARE_PEM_rw_cb(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_cb(name, type)
-# if 1
-/* "userdata": new with OpenSSL 0.9.4 */
-typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
-# else
-/* OpenSSL 0.9.3, 0.9.3a */
-typedef int pem_password_cb (char *buf, int size, int rwflag);
-# endif
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
- pem_password_cb *callback, void *u);
-
-# ifndef OPENSSL_NO_BIO
-int PEM_read_bio(BIO *bp, char **name, char **header,
- unsigned char **data, long *len);
-int PEM_write_bio(BIO *bp, const char *name, char *hdr, unsigned char *data,
- long len);
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
- const char *name, BIO *bp, pem_password_cb *cb,
- void *u);
-void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
- pem_password_cb *cb, void *u);
-int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
- const EVP_CIPHER *enc, unsigned char *kstr, int klen,
- pem_password_cb *cb, void *u);
-
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u);
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
- unsigned char *kstr, int klen,
- pem_password_cb *cd, void *u);
-# endif
-
-int PEM_read(FILE *fp, char **name, char **header,
- unsigned char **data, long *len);
-int PEM_write(FILE *fp, char *name, char *hdr, unsigned char *data, long len);
-void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
- pem_password_cb *cb, void *u);
-int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
- void *x, const EVP_CIPHER *enc, unsigned char *kstr,
- int klen, pem_password_cb *callback, void *u);
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u);
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
- EVP_MD *md_type, unsigned char **ek, int *ekl,
- unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl);
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
- unsigned char *out, int *outl, EVP_PKEY *priv);
-
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
- unsigned int *siglen, EVP_PKEY *pkey);
-
-int PEM_def_callback(char *buf, int num, int w, void *key);
-void PEM_proc_type(char *buf, int type);
-void PEM_dek_info(char *buf, const char *type, int len, char *str);
-
-# include <openssl/symhacks.h>
-
-DECLARE_PEM_rw(X509, X509)
-DECLARE_PEM_rw(X509_AUX, X509)
-DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
-DECLARE_PEM_rw(X509_REQ, X509_REQ)
-DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
-DECLARE_PEM_rw(X509_CRL, X509_CRL)
-DECLARE_PEM_rw(PKCS7, PKCS7)
-DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-DECLARE_PEM_rw(PKCS8, X509_SIG)
-DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-# ifndef OPENSSL_NO_RSA
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-DECLARE_PEM_rw_const(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-# endif
-# ifndef OPENSSL_NO_DSA
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-DECLARE_PEM_rw_const(DSAparams, DSA)
-# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
-DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
-DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
-# endif
-# ifndef OPENSSL_NO_DH
-DECLARE_PEM_rw_const(DHparams, DH)
-# endif
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
- char *, int, pem_password_cb *, void *);
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
- void *u);
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
- void *u);
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen, pem_password_cb *cd,
- void *u);
-
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
-int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
-
-EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
-EVP_PKEY *b2i_PublicKey_bio(BIO *in);
-int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
-int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
-# ifndef OPENSSL_NO_RC4
-EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
-int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
- pem_password_cb *cb, void *u);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PEM_strings(void);
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-# define PEM_F_B2I_DSS 127
-# define PEM_F_B2I_PVK_BIO 128
-# define PEM_F_B2I_RSA 129
-# define PEM_F_CHECK_BITLEN_DSA 130
-# define PEM_F_CHECK_BITLEN_RSA 131
-# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
-# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
-# define PEM_F_DO_B2I 132
-# define PEM_F_DO_B2I_BIO 133
-# define PEM_F_DO_BLOB_HEADER 134
-# define PEM_F_DO_PK8PKEY 126
-# define PEM_F_DO_PK8PKEY_FP 125
-# define PEM_F_DO_PVK_BODY 135
-# define PEM_F_DO_PVK_HEADER 136
-# define PEM_F_I2B_PVK 137
-# define PEM_F_I2B_PVK_BIO 138
-# define PEM_F_LOAD_IV 101
-# define PEM_F_PEM_ASN1_READ 102
-# define PEM_F_PEM_ASN1_READ_BIO 103
-# define PEM_F_PEM_ASN1_WRITE 104
-# define PEM_F_PEM_ASN1_WRITE_BIO 105
-# define PEM_F_PEM_DEF_CALLBACK 100
-# define PEM_F_PEM_DO_HEADER 106
-# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
-# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
-# define PEM_F_PEM_PK8PKEY 119
-# define PEM_F_PEM_READ 108
-# define PEM_F_PEM_READ_BIO 109
-# define PEM_F_PEM_READ_BIO_PARAMETERS 140
-# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
-# define PEM_F_PEM_READ_PRIVATEKEY 124
-# define PEM_F_PEM_SEALFINAL 110
-# define PEM_F_PEM_SEALINIT 111
-# define PEM_F_PEM_SIGNFINAL 112
-# define PEM_F_PEM_WRITE 113
-# define PEM_F_PEM_WRITE_BIO 114
-# define PEM_F_PEM_WRITE_PRIVATEKEY 139
-# define PEM_F_PEM_X509_INFO_READ 115
-# define PEM_F_PEM_X509_INFO_READ_BIO 116
-# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
-
-/* Reason codes. */
-# define PEM_R_BAD_BASE64_DECODE 100
-# define PEM_R_BAD_DECRYPT 101
-# define PEM_R_BAD_END_LINE 102
-# define PEM_R_BAD_IV_CHARS 103
-# define PEM_R_BAD_MAGIC_NUMBER 116
-# define PEM_R_BAD_PASSWORD_READ 104
-# define PEM_R_BAD_VERSION_NUMBER 117
-# define PEM_R_BIO_WRITE_FAILURE 118
-# define PEM_R_CIPHER_IS_NULL 127
-# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
-# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
-# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
-# define PEM_R_INCONSISTENT_HEADER 121
-# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
-# define PEM_R_KEYBLOB_TOO_SHORT 123
-# define PEM_R_NOT_DEK_INFO 105
-# define PEM_R_NOT_ENCRYPTED 106
-# define PEM_R_NOT_PROC_TYPE 107
-# define PEM_R_NO_START_LINE 108
-# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
-# define PEM_R_PUBLIC_KEY_NO_RSA 110
-# define PEM_R_PVK_DATA_TOO_SHORT 124
-# define PEM_R_PVK_TOO_SHORT 125
-# define PEM_R_READ_KEY 111
-# define PEM_R_SHORT_HEADER 112
-# define PEM_R_UNSUPPORTED_CIPHER 113
-# define PEM_R_UNSUPPORTED_ENCRYPTION 114
-# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h (from rev 11605, vendor-crypto/openssl/dist/crypto/pem/pem.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pem.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,612 @@
+/* crypto/pem/pem.h */
+/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PEM_H
+# define HEADER_PEM_H
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_BIO
+# include <openssl/bio.h>
+# endif
+# ifndef OPENSSL_NO_STACK
+# include <openssl/stack.h>
+# endif
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem2.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PEM_BUFSIZE 1024
+
+# define PEM_OBJ_UNDEF 0
+# define PEM_OBJ_X509 1
+# define PEM_OBJ_X509_REQ 2
+# define PEM_OBJ_CRL 3
+# define PEM_OBJ_SSL_SESSION 4
+# define PEM_OBJ_PRIV_KEY 10
+# define PEM_OBJ_PRIV_RSA 11
+# define PEM_OBJ_PRIV_DSA 12
+# define PEM_OBJ_PRIV_DH 13
+# define PEM_OBJ_PUB_RSA 14
+# define PEM_OBJ_PUB_DSA 15
+# define PEM_OBJ_PUB_DH 16
+# define PEM_OBJ_DHPARAMS 17
+# define PEM_OBJ_DSAPARAMS 18
+# define PEM_OBJ_PRIV_RSA_PUBLIC 19
+# define PEM_OBJ_PRIV_ECDSA 20
+# define PEM_OBJ_PUB_ECDSA 21
+# define PEM_OBJ_ECPARAMETERS 22
+
+# define PEM_ERROR 30
+# define PEM_DEK_DES_CBC 40
+# define PEM_DEK_IDEA_CBC 45
+# define PEM_DEK_DES_EDE 50
+# define PEM_DEK_DES_ECB 60
+# define PEM_DEK_RSA 70
+# define PEM_DEK_RSA_MD2 80
+# define PEM_DEK_RSA_MD5 90
+
+# define PEM_MD_MD2 NID_md2
+# define PEM_MD_MD5 NID_md5
+# define PEM_MD_SHA NID_sha
+# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
+# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
+# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
+
+# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
+# define PEM_STRING_X509 "CERTIFICATE"
+# define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
+# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
+# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
+# define PEM_STRING_X509_CRL "X509 CRL"
+# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
+# define PEM_STRING_PUBLIC "PUBLIC KEY"
+# define PEM_STRING_RSA "RSA PRIVATE KEY"
+# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
+# define PEM_STRING_DSA "DSA PRIVATE KEY"
+# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
+# define PEM_STRING_PKCS7 "PKCS7"
+# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
+# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
+# define PEM_STRING_PKCS8INF "PRIVATE KEY"
+# define PEM_STRING_DHPARAMS "DH PARAMETERS"
+# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
+# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
+# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
+# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
+# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
+# define PEM_STRING_PARAMETERS "PARAMETERS"
+# define PEM_STRING_CMS "CMS"
+
+ /*
+ * Note that this structure is initialised by PEM_SealInit and cleaned up
+ * by PEM_SealFinal (at least for now)
+ */
+typedef struct PEM_Encode_Seal_st {
+ EVP_ENCODE_CTX encode;
+ EVP_MD_CTX md;
+ EVP_CIPHER_CTX cipher;
+} PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+# define PEM_TYPE_ENCRYPTED 10
+# define PEM_TYPE_MIC_ONLY 20
+# define PEM_TYPE_MIC_CLEAR 30
+# define PEM_TYPE_CLEAR 40
+
+typedef struct pem_recip_st {
+ char *name;
+ X509_NAME *dn;
+ int cipher;
+ int key_enc;
+ /* char iv[8]; unused and wrong size */
+} PEM_USER;
+
+typedef struct pem_ctx_st {
+ int type; /* what type of object */
+ struct {
+ int version;
+ int mode;
+ } proc_type;
+
+ char *domain;
+
+ struct {
+ int cipher;
+ /*-
+ unused, and wrong size
+ unsigned char iv[8]; */
+ } DEK_info;
+
+ PEM_USER *originator;
+
+ int num_recipient;
+ PEM_USER **recipient;
+
+/*-
+ XXX(ben): don#t think this is used!
+ STACK *x509_chain; / * certificate chain */
+ EVP_MD *md; /* signature type */
+
+ int md_enc; /* is the md encrypted or not? */
+ int md_len; /* length of md_data */
+ char *md_data; /* message digest, could be pkey encrypted */
+
+ EVP_CIPHER *dec; /* date encryption cipher */
+ int key_len; /* key length */
+ unsigned char *key; /* key */
+ /*-
+ unused, and wrong size
+ unsigned char iv[8]; */
+
+ int data_enc; /* is the data encrypted */
+ int data_len;
+ unsigned char *data;
+} PEM_CTX;
+
+/*
+ * These macros make the PEM_read/PEM_write functions easier to maintain and
+ * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
+ * IMPLEMENT_PEM_rw_cb(...)
+ */
+
+# ifdef OPENSSL_NO_FP_API
+
+# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
+# else
+
+# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
+type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
+{ \
+return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
+}
+
+# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, const type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, \
+ void *u) \
+ { \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+ }
+
+# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, \
+ void *u) \
+ { \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+ }
+
+# endif
+
+# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
+{ \
+return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
+}
+
+# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, const type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+ { \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
+ }
+
+# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+ { \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
+ }
+
+# define IMPLEMENT_PEM_write(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb(name, type, str, asn1)
+
+/* These are the same except they are for the declarations */
+
+# if defined(OPENSSL_NO_FP_API)
+
+# define DECLARE_PEM_read_fp(name, type) /**/
+# define DECLARE_PEM_write_fp(name, type) /**/
+# define DECLARE_PEM_write_cb_fp(name, type) /**/
+# else
+
+# define DECLARE_PEM_read_fp(name, type) \
+ type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write_fp(name, type) \
+ int PEM_write_##name(FILE *fp, type *x);
+
+# define DECLARE_PEM_write_fp_const(name, type) \
+ int PEM_write_##name(FILE *fp, const type *x);
+
+# define DECLARE_PEM_write_cb_fp(name, type) \
+ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
+
+# endif
+
+# ifndef OPENSSL_NO_BIO
+# define DECLARE_PEM_read_bio(name, type) \
+ type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write_bio(name, type) \
+ int PEM_write_bio_##name(BIO *bp, type *x);
+
+# define DECLARE_PEM_write_bio_const(name, type) \
+ int PEM_write_bio_##name(BIO *bp, const type *x);
+
+# define DECLARE_PEM_write_cb_bio(name, type) \
+ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
+
+# else
+
+# define DECLARE_PEM_read_bio(name, type) /**/
+# define DECLARE_PEM_write_bio(name, type) /**/
+# define DECLARE_PEM_write_bio_const(name, type) /**/
+# define DECLARE_PEM_write_cb_bio(name, type) /**/
+# endif
+# define DECLARE_PEM_write(name, type) \
+ DECLARE_PEM_write_bio(name, type) \
+ DECLARE_PEM_write_fp(name, type)
+# define DECLARE_PEM_write_const(name, type) \
+ DECLARE_PEM_write_bio_const(name, type) \
+ DECLARE_PEM_write_fp_const(name, type)
+# define DECLARE_PEM_write_cb(name, type) \
+ DECLARE_PEM_write_cb_bio(name, type) \
+ DECLARE_PEM_write_cb_fp(name, type)
+# define DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_read_bio(name, type) \
+ DECLARE_PEM_read_fp(name, type)
+# define DECLARE_PEM_rw(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write(name, type)
+# define DECLARE_PEM_rw_const(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write_const(name, type)
+# define DECLARE_PEM_rw_cb(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write_cb(name, type)
+# if 1
+/* "userdata": new with OpenSSL 0.9.4 */
+typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
+# else
+/* OpenSSL 0.9.3, 0.9.3a */
+typedef int pem_password_cb (char *buf, int size, int rwflag);
+# endif
+
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
+ pem_password_cb *callback, void *u);
+
+# ifndef OPENSSL_NO_BIO
+int PEM_read_bio(BIO *bp, char **name, char **header,
+ unsigned char **data, long *len);
+int PEM_write_bio(BIO *bp, const char *name, char *hdr, unsigned char *data,
+ long len);
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+ const char *name, BIO *bp, pem_password_cb *cb,
+ void *u);
+void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
+ pem_password_cb *cb, void *u);
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
+ const EVP_CIPHER *enc, unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u);
+int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cd, void *u);
+# endif
+
+int PEM_read(FILE *fp, char **name, char **header,
+ unsigned char **data, long *len);
+int PEM_write(FILE *fp, char *name, char *hdr, unsigned char *data, long len);
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+ pem_password_cb *cb, void *u);
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ int klen, pem_password_cb *callback, void *u);
+STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u);
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+ EVP_MD *md_type, unsigned char **ek, int *ekl,
+ unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+ unsigned char *in, int inl);
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
+ unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey);
+
+int PEM_def_callback(char *buf, int num, int w, void *key);
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, const char *type, int len, char *str);
+
+# include <openssl/symhacks.h>
+
+DECLARE_PEM_rw(X509, X509)
+DECLARE_PEM_rw(X509_AUX, X509)
+DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
+DECLARE_PEM_rw(X509_REQ, X509_REQ)
+DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
+DECLARE_PEM_rw(X509_CRL, X509_CRL)
+DECLARE_PEM_rw(PKCS7, PKCS7)
+DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
+DECLARE_PEM_rw(PKCS8, X509_SIG)
+DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
+# ifndef OPENSSL_NO_RSA
+DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
+DECLARE_PEM_rw_const(RSAPublicKey, RSA)
+DECLARE_PEM_rw(RSA_PUBKEY, RSA)
+# endif
+# ifndef OPENSSL_NO_DSA
+DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
+DECLARE_PEM_rw(DSA_PUBKEY, DSA)
+DECLARE_PEM_rw_const(DSAparams, DSA)
+# endif
+# ifndef OPENSSL_NO_EC
+DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
+# endif
+# ifndef OPENSSL_NO_DH
+DECLARE_PEM_rw_const(DHparams, DH)
+# endif
+DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
+DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+
+int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
+ char *, int, pem_password_cb *, void *);
+int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen, pem_password_cb *cd,
+ void *u);
+
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PEM_strings(void);
+
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+# define PEM_F_B2I_DSS 127
+# define PEM_F_B2I_PVK_BIO 128
+# define PEM_F_B2I_RSA 129
+# define PEM_F_CHECK_BITLEN_DSA 130
+# define PEM_F_CHECK_BITLEN_RSA 131
+# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
+# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
+# define PEM_F_DO_B2I 132
+# define PEM_F_DO_B2I_BIO 133
+# define PEM_F_DO_BLOB_HEADER 134
+# define PEM_F_DO_PK8PKEY 126
+# define PEM_F_DO_PK8PKEY_FP 125
+# define PEM_F_DO_PVK_BODY 135
+# define PEM_F_DO_PVK_HEADER 136
+# define PEM_F_I2B_PVK 137
+# define PEM_F_I2B_PVK_BIO 138
+# define PEM_F_LOAD_IV 101
+# define PEM_F_PEM_ASN1_READ 102
+# define PEM_F_PEM_ASN1_READ_BIO 103
+# define PEM_F_PEM_ASN1_WRITE 104
+# define PEM_F_PEM_ASN1_WRITE_BIO 105
+# define PEM_F_PEM_DEF_CALLBACK 100
+# define PEM_F_PEM_DO_HEADER 106
+# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
+# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+# define PEM_F_PEM_PK8PKEY 119
+# define PEM_F_PEM_READ 108
+# define PEM_F_PEM_READ_BIO 109
+# define PEM_F_PEM_READ_BIO_PARAMETERS 140
+# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
+# define PEM_F_PEM_READ_PRIVATEKEY 124
+# define PEM_F_PEM_SEALFINAL 110
+# define PEM_F_PEM_SEALINIT 111
+# define PEM_F_PEM_SIGNFINAL 112
+# define PEM_F_PEM_WRITE 113
+# define PEM_F_PEM_WRITE_BIO 114
+# define PEM_F_PEM_WRITE_PRIVATEKEY 139
+# define PEM_F_PEM_X509_INFO_READ 115
+# define PEM_F_PEM_X509_INFO_READ_BIO 116
+# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
+
+/* Reason codes. */
+# define PEM_R_BAD_BASE64_DECODE 100
+# define PEM_R_BAD_DECRYPT 101
+# define PEM_R_BAD_END_LINE 102
+# define PEM_R_BAD_IV_CHARS 103
+# define PEM_R_BAD_MAGIC_NUMBER 116
+# define PEM_R_BAD_PASSWORD_READ 104
+# define PEM_R_BAD_VERSION_NUMBER 117
+# define PEM_R_BIO_WRITE_FAILURE 118
+# define PEM_R_CIPHER_IS_NULL 127
+# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
+# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
+# define PEM_R_HEADER_TOO_LONG 128
+# define PEM_R_INCONSISTENT_HEADER 121
+# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
+# define PEM_R_KEYBLOB_TOO_SHORT 123
+# define PEM_R_NOT_DEK_INFO 105
+# define PEM_R_NOT_ENCRYPTED 106
+# define PEM_R_NOT_PROC_TYPE 107
+# define PEM_R_NO_START_LINE 108
+# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+# define PEM_R_PUBLIC_KEY_NO_RSA 110
+# define PEM_R_PVK_DATA_TOO_SHORT 124
+# define PEM_R_PVK_TOO_SHORT 125
+# define PEM_R_READ_KEY 111
+# define PEM_R_SHORT_HEADER 112
+# define PEM_R_UNSUPPORTED_CIPHER 113
+# define PEM_R_UNSUPPORTED_ENCRYPTION 114
+# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pem/pem_err.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,166 +0,0 @@
-/* crypto/pem/pem_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
-
-static ERR_STRING_DATA PEM_str_functs[] = {
- {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"},
- {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
- {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"},
- {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"},
- {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"},
- {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
- {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
- {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"},
- {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"},
- {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"},
- {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
- {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
- {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"},
- {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"},
- {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"},
- {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
- {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
- {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
- {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
- {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
- {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
- {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
- {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
- {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),
- "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
- {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
- {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
- {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
- {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
- {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
- {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
- {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
- {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
- {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
- {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
- {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
- {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
- {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"},
- {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
- {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
- {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA PEM_str_reasons[] = {
- {ERR_REASON(PEM_R_BAD_BASE64_DECODE), "bad base64 decode"},
- {ERR_REASON(PEM_R_BAD_DECRYPT), "bad decrypt"},
- {ERR_REASON(PEM_R_BAD_END_LINE), "bad end line"},
- {ERR_REASON(PEM_R_BAD_IV_CHARS), "bad iv chars"},
- {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
- {ERR_REASON(PEM_R_BAD_PASSWORD_READ), "bad password read"},
- {ERR_REASON(PEM_R_BAD_VERSION_NUMBER), "bad version number"},
- {ERR_REASON(PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
- {ERR_REASON(PEM_R_CIPHER_IS_NULL), "cipher is null"},
- {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
- "error converting private key"},
- {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
- "expecting private key blob"},
- {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
- "expecting public key blob"},
- {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
- {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
- "keyblob header parse error"},
- {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
- {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
- {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
- {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
- {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
- {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
- "problems getting password"},
- {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
- {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
- {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
- {ERR_REASON(PEM_R_READ_KEY), "read key"},
- {ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
- {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
- {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
- {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
- "unsupported key components"},
- {0, NULL}
-};
-
-#endif
-
-void ERR_load_PEM_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
- if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) {
- ERR_load_strings(0, PEM_str_functs);
- ERR_load_strings(0, PEM_str_reasons);
- }
-#endif
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pem/pem_err.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pem_err.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,167 @@
+/* crypto/pem/pem_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
+
+static ERR_STRING_DATA PEM_str_functs[] = {
+ {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"},
+ {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
+ {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"},
+ {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"},
+ {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"},
+ {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
+ {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
+ {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"},
+ {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"},
+ {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"},
+ {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
+ {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
+ {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"},
+ {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"},
+ {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"},
+ {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
+ {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
+ {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
+ {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
+ {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
+ {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
+ {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
+ {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
+ {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),
+ "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
+ {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
+ {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
+ {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
+ {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
+ {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
+ {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
+ {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
+ {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
+ {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
+ {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
+ {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
+ {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
+ {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"},
+ {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
+ {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
+ {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
+ {0, NULL}
+};
+
+static ERR_STRING_DATA PEM_str_reasons[] = {
+ {ERR_REASON(PEM_R_BAD_BASE64_DECODE), "bad base64 decode"},
+ {ERR_REASON(PEM_R_BAD_DECRYPT), "bad decrypt"},
+ {ERR_REASON(PEM_R_BAD_END_LINE), "bad end line"},
+ {ERR_REASON(PEM_R_BAD_IV_CHARS), "bad iv chars"},
+ {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
+ {ERR_REASON(PEM_R_BAD_PASSWORD_READ), "bad password read"},
+ {ERR_REASON(PEM_R_BAD_VERSION_NUMBER), "bad version number"},
+ {ERR_REASON(PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
+ {ERR_REASON(PEM_R_CIPHER_IS_NULL), "cipher is null"},
+ {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
+ "error converting private key"},
+ {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
+ "expecting private key blob"},
+ {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
+ "expecting public key blob"},
+ {ERR_REASON(PEM_R_HEADER_TOO_LONG), "header too long"},
+ {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
+ {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
+ "keyblob header parse error"},
+ {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
+ {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
+ {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
+ {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
+ {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
+ {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
+ "problems getting password"},
+ {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
+ {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
+ {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
+ {ERR_REASON(PEM_R_READ_KEY), "read key"},
+ {ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
+ "unsupported key components"},
+ {0, NULL}
+};
+
+#endif
+
+void ERR_load_PEM_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+ if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) {
+ ERR_load_strings(0, PEM_str_functs);
+ ERR_load_strings(0, PEM_str_reasons);
+ }
+#endif
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pem/pem_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,860 +0,0 @@
-/* crypto/pem/pem_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include "asn1_locl.h"
-#ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-const char PEM_version[] = "PEM" OPENSSL_VERSION_PTEXT;
-
-#define MIN_LENGTH 4
-
-static int load_iv(char **fromp, unsigned char *to, int num);
-static int check_pem(const char *nm, const char *name);
-int pem_check_suffix(const char *pem_str, const char *suffix);
-
-int PEM_def_callback(char *buf, int num, int w, void *key)
-{
-#ifdef OPENSSL_NO_FP_API
- /*
- * We should not ever call the default callback routine from windows.
- */
- PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (-1);
-#else
- int i, j;
- const char *prompt;
- if (key) {
- i = strlen(key);
- i = (i > num) ? num : i;
- memcpy(buf, key, i);
- return (i);
- }
-
- prompt = EVP_get_pw_prompt();
- if (prompt == NULL)
- prompt = "Enter PEM pass phrase:";
-
- for (;;) {
- i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
- if (i != 0) {
- PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
- memset(buf, 0, (unsigned int)num);
- return (-1);
- }
- j = strlen(buf);
- if (j < MIN_LENGTH) {
- fprintf(stderr,
- "phrase is too short, needs to be at least %d chars\n",
- MIN_LENGTH);
- } else
- break;
- }
- return (j);
-#endif
-}
-
-void PEM_proc_type(char *buf, int type)
-{
- const char *str;
-
- if (type == PEM_TYPE_ENCRYPTED)
- str = "ENCRYPTED";
- else if (type == PEM_TYPE_MIC_CLEAR)
- str = "MIC-CLEAR";
- else if (type == PEM_TYPE_MIC_ONLY)
- str = "MIC-ONLY";
- else
- str = "BAD-TYPE";
-
- BUF_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE);
- BUF_strlcat(buf, str, PEM_BUFSIZE);
- BUF_strlcat(buf, "\n", PEM_BUFSIZE);
-}
-
-void PEM_dek_info(char *buf, const char *type, int len, char *str)
-{
- static const unsigned char map[17] = "0123456789ABCDEF";
- long i;
- int j;
-
- BUF_strlcat(buf, "DEK-Info: ", PEM_BUFSIZE);
- BUF_strlcat(buf, type, PEM_BUFSIZE);
- BUF_strlcat(buf, ",", PEM_BUFSIZE);
- j = strlen(buf);
- if (j + (len * 2) + 1 > PEM_BUFSIZE)
- return;
- for (i = 0; i < len; i++) {
- buf[j + i * 2] = map[(str[i] >> 4) & 0x0f];
- buf[j + i * 2 + 1] = map[(str[i]) & 0x0f];
- }
- buf[j + i * 2] = '\n';
- buf[j + i * 2 + 1] = '\0';
-}
-
-#ifndef OPENSSL_NO_FP_API
-void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
- pem_password_cb *cb, void *u)
-{
- BIO *b;
- void *ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u);
- BIO_free(b);
- return (ret);
-}
-#endif
-
-static int check_pem(const char *nm, const char *name)
-{
- /* Normal matching nm and name */
- if (!strcmp(nm, name))
- return 1;
-
- /* Make PEM_STRING_EVP_PKEY match any private key */
-
- if (!strcmp(name, PEM_STRING_EVP_PKEY)) {
- int slen;
- const EVP_PKEY_ASN1_METHOD *ameth;
- if (!strcmp(nm, PEM_STRING_PKCS8))
- return 1;
- if (!strcmp(nm, PEM_STRING_PKCS8INF))
- return 1;
- slen = pem_check_suffix(nm, "PRIVATE KEY");
- if (slen > 0) {
- /*
- * NB: ENGINE implementations wont contain a deprecated old
- * private key decode function so don't look for them.
- */
- ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
- if (ameth && ameth->old_priv_decode)
- return 1;
- }
- return 0;
- }
-
- if (!strcmp(name, PEM_STRING_PARAMETERS)) {
- int slen;
- const EVP_PKEY_ASN1_METHOD *ameth;
- slen = pem_check_suffix(nm, "PARAMETERS");
- if (slen > 0) {
- ENGINE *e;
- ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
- if (ameth) {
- int r;
- if (ameth->param_decode)
- r = 1;
- else
- r = 0;
-#ifndef OPENSSL_NO_ENGINE
- if (e)
- ENGINE_finish(e);
-#endif
- return r;
- }
- }
- return 0;
- }
-
- /* Permit older strings */
-
- if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509))
- return 1;
-
- if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) &&
- !strcmp(name, PEM_STRING_X509_REQ))
- return 1;
-
- /* Allow normal certs to be read as trusted certs */
- if (!strcmp(nm, PEM_STRING_X509) &&
- !strcmp(name, PEM_STRING_X509_TRUSTED))
- return 1;
-
- if (!strcmp(nm, PEM_STRING_X509_OLD) &&
- !strcmp(name, PEM_STRING_X509_TRUSTED))
- return 1;
-
- /* Some CAs use PKCS#7 with CERTIFICATE headers */
- if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_PKCS7))
- return 1;
-
- if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
- !strcmp(name, PEM_STRING_PKCS7))
- return 1;
-
-#ifndef OPENSSL_NO_CMS
- if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_CMS))
- return 1;
- /* Allow CMS to be read from PKCS#7 headers */
- if (!strcmp(nm, PEM_STRING_PKCS7) && !strcmp(name, PEM_STRING_CMS))
- return 1;
-#endif
-
- return 0;
-}
-
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
- const char *name, BIO *bp, pem_password_cb *cb,
- void *u)
-{
- EVP_CIPHER_INFO cipher;
- char *nm = NULL, *header = NULL;
- unsigned char *data = NULL;
- long len;
- int ret = 0;
-
- for (;;) {
- if (!PEM_read_bio(bp, &nm, &header, &data, &len)) {
- if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE)
- ERR_add_error_data(2, "Expecting: ", name);
- return 0;
- }
- if (check_pem(nm, name))
- break;
- OPENSSL_free(nm);
- OPENSSL_free(header);
- OPENSSL_free(data);
- }
- if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
- goto err;
- if (!PEM_do_header(&cipher, data, &len, cb, u))
- goto err;
-
- *pdata = data;
- *plen = len;
-
- if (pnm)
- *pnm = nm;
-
- ret = 1;
-
- err:
- if (!ret || !pnm)
- OPENSSL_free(nm);
- OPENSSL_free(header);
- if (!ret)
- OPENSSL_free(data);
- return ret;
-}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
- void *x, const EVP_CIPHER *enc, unsigned char *kstr,
- int klen, pem_password_cb *callback, void *u)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = PEM_ASN1_write_bio(i2d, name, b, x, enc, kstr, klen, callback, u);
- BIO_free(b);
- return (ret);
-}
-#endif
-
-int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
- void *x, const EVP_CIPHER *enc, unsigned char *kstr,
- int klen, pem_password_cb *callback, void *u)
-{
- EVP_CIPHER_CTX ctx;
- int dsize = 0, i, j, ret = 0;
- unsigned char *p, *data = NULL;
- const char *objstr = NULL;
- char buf[PEM_BUFSIZE];
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
-
- if (enc != NULL) {
- objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
- if (objstr == NULL) {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
- goto err;
- }
- }
-
- if ((dsize = i2d(x, NULL)) < 0) {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB);
- dsize = 0;
- goto err;
- }
- /* dzise + 8 bytes are needed */
- /* actually it needs the cipher block size extra... */
- data = (unsigned char *)OPENSSL_malloc((unsigned int)dsize + 20);
- if (data == NULL) {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p = data;
- i = i2d(x, &p);
-
- if (enc != NULL) {
- if (kstr == NULL) {
- if (callback == NULL)
- klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
- else
- klen = (*callback) (buf, PEM_BUFSIZE, 1, u);
- if (klen <= 0) {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_READ_KEY);
- goto err;
- }
-#ifdef CHARSET_EBCDIC
- /* Convert the pass phrase from EBCDIC */
- ebcdic2ascii(buf, buf, klen);
-#endif
- kstr = (unsigned char *)buf;
- }
- RAND_add(data, i, 0); /* put in the RSA key. */
- OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
- if (RAND_pseudo_bytes(iv, enc->iv_len) < 0) /* Generate a salt */
- goto err;
- /*
- * The 'iv' is used as the iv and as a salt. It is NOT taken from
- * the BytesToKey function
- */
- if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL))
- goto err;
-
- if (kstr == (unsigned char *)buf)
- OPENSSL_cleanse(buf, PEM_BUFSIZE);
-
- OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
- sizeof buf);
-
- buf[0] = '\0';
- PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
- PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
- /* k=strlen(buf); */
-
- EVP_CIPHER_CTX_init(&ctx);
- ret = 1;
- if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv)
- || !EVP_EncryptUpdate(&ctx, data, &j, data, i)
- || !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i))
- ret = 0;
- EVP_CIPHER_CTX_cleanup(&ctx);
- if (ret == 0)
- goto err;
- i += j;
- } else {
- ret = 1;
- buf[0] = '\0';
- }
- i = PEM_write_bio(bp, name, buf, data, i);
- if (i <= 0)
- ret = 0;
- err:
- OPENSSL_cleanse(key, sizeof(key));
- OPENSSL_cleanse(iv, sizeof(iv));
- OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
- OPENSSL_cleanse(buf, PEM_BUFSIZE);
- if (data != NULL) {
- OPENSSL_cleanse(data, (unsigned int)dsize);
- OPENSSL_free(data);
- }
- return (ret);
-}
-
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
- pem_password_cb *callback, void *u)
-{
- int i = 0, j, o, klen;
- long len;
- EVP_CIPHER_CTX ctx;
- unsigned char key[EVP_MAX_KEY_LENGTH];
- char buf[PEM_BUFSIZE];
-
- len = *plen;
-
- if (cipher->cipher == NULL)
- return (1);
- if (callback == NULL)
- klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
- else
- klen = callback(buf, PEM_BUFSIZE, 0, u);
- if (klen <= 0) {
- PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
- return (0);
- }
-#ifdef CHARSET_EBCDIC
- /* Convert the pass phrase from EBCDIC */
- ebcdic2ascii(buf, buf, klen);
-#endif
-
- if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
- (unsigned char *)buf, klen, 1, key, NULL))
- return 0;
-
- j = (int)len;
- EVP_CIPHER_CTX_init(&ctx);
- o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
- if (o)
- o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
- if (o)
- o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
- EVP_CIPHER_CTX_cleanup(&ctx);
- OPENSSL_cleanse((char *)buf, sizeof(buf));
- OPENSSL_cleanse((char *)key, sizeof(key));
- j += i;
- if (!o) {
- PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
- return (0);
- }
- *plen = j;
- return (1);
-}
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
-{
- const EVP_CIPHER *enc = NULL;
- char *p, c;
- char **header_pp = &header;
-
- cipher->cipher = NULL;
- if ((header == NULL) || (*header == '\0') || (*header == '\n'))
- return (1);
- if (strncmp(header, "Proc-Type: ", 11) != 0) {
- PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE);
- return (0);
- }
- header += 11;
- if (*header != '4')
- return (0);
- header++;
- if (*header != ',')
- return (0);
- header++;
- if (strncmp(header, "ENCRYPTED", 9) != 0) {
- PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
- return (0);
- }
- for (; (*header != '\n') && (*header != '\0'); header++) ;
- if (*header == '\0') {
- PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
- return (0);
- }
- header++;
- if (strncmp(header, "DEK-Info: ", 10) != 0) {
- PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO);
- return (0);
- }
- header += 10;
-
- p = header;
- for (;;) {
- c = *header;
-#ifndef CHARSET_EBCDIC
- if (!(((c >= 'A') && (c <= 'Z')) || (c == '-') ||
- ((c >= '0') && (c <= '9'))))
- break;
-#else
- if (!(isupper(c) || (c == '-') || isdigit(c)))
- break;
-#endif
- header++;
- }
- *header = '\0';
- cipher->cipher = enc = EVP_get_cipherbyname(p);
- *header = c;
- header++;
-
- if (enc == NULL) {
- PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
- return (0);
- }
- if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
- return (0);
-
- return (1);
-}
-
-static int load_iv(char **fromp, unsigned char *to, int num)
-{
- int v, i;
- char *from;
-
- from = *fromp;
- for (i = 0; i < num; i++)
- to[i] = 0;
- num *= 2;
- for (i = 0; i < num; i++) {
- if ((*from >= '0') && (*from <= '9'))
- v = *from - '0';
- else if ((*from >= 'A') && (*from <= 'F'))
- v = *from - 'A' + 10;
- else if ((*from >= 'a') && (*from <= 'f'))
- v = *from - 'a' + 10;
- else {
- PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS);
- return (0);
- }
- from++;
- to[i / 2] |= v << (long)((!(i & 1)) * 4);
- }
-
- *fromp = from;
- return (1);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
- long len)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = PEM_write_bio(b, name, header, data, len);
- BIO_free(b);
- return (ret);
-}
-#endif
-
-int PEM_write_bio(BIO *bp, const char *name, char *header,
- unsigned char *data, long len)
-{
- int nlen, n, i, j, outl;
- unsigned char *buf = NULL;
- EVP_ENCODE_CTX ctx;
- int reason = ERR_R_BUF_LIB;
-
- EVP_EncodeInit(&ctx);
- nlen = strlen(name);
-
- if ((BIO_write(bp, "-----BEGIN ", 11) != 11) ||
- (BIO_write(bp, name, nlen) != nlen) ||
- (BIO_write(bp, "-----\n", 6) != 6))
- goto err;
-
- i = strlen(header);
- if (i > 0) {
- if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1))
- goto err;
- }
-
- buf = OPENSSL_malloc(PEM_BUFSIZE * 8);
- if (buf == NULL) {
- reason = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- i = j = 0;
- while (len > 0) {
- n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len);
- EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n);
- if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl))
- goto err;
- i += outl;
- len -= n;
- j += n;
- }
- EVP_EncodeFinal(&ctx, buf, &outl);
- if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
- goto err;
- OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
- OPENSSL_free(buf);
- buf = NULL;
- if ((BIO_write(bp, "-----END ", 9) != 9) ||
- (BIO_write(bp, name, nlen) != nlen) ||
- (BIO_write(bp, "-----\n", 6) != 6))
- goto err;
- return (i + outl);
- err:
- if (buf) {
- OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
- OPENSSL_free(buf);
- }
- PEMerr(PEM_F_PEM_WRITE_BIO, reason);
- return (0);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
- long *len)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = PEM_read_bio(b, name, header, data, len);
- BIO_free(b);
- return (ret);
-}
-#endif
-
-int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
- long *len)
-{
- EVP_ENCODE_CTX ctx;
- int end = 0, i, k, bl = 0, hl = 0, nohead = 0;
- char buf[256];
- BUF_MEM *nameB;
- BUF_MEM *headerB;
- BUF_MEM *dataB, *tmpB;
-
- nameB = BUF_MEM_new();
- headerB = BUF_MEM_new();
- dataB = BUF_MEM_new();
- if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) {
- BUF_MEM_free(nameB);
- BUF_MEM_free(headerB);
- BUF_MEM_free(dataB);
- PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
- return (0);
- }
-
- buf[254] = '\0';
- for (;;) {
- i = BIO_gets(bp, buf, 254);
-
- if (i <= 0) {
- PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE);
- goto err;
- }
-
- while ((i >= 0) && (buf[i] <= ' '))
- i--;
- buf[++i] = '\n';
- buf[++i] = '\0';
-
- if (strncmp(buf, "-----BEGIN ", 11) == 0) {
- i = strlen(&(buf[11]));
-
- if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
- continue;
- if (!BUF_MEM_grow(nameB, i + 9)) {
- PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(nameB->data, &(buf[11]), i - 6);
- nameB->data[i - 6] = '\0';
- break;
- }
- }
- hl = 0;
- if (!BUF_MEM_grow(headerB, 256)) {
- PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- headerB->data[0] = '\0';
- for (;;) {
- i = BIO_gets(bp, buf, 254);
- if (i <= 0)
- break;
-
- while ((i >= 0) && (buf[i] <= ' '))
- i--;
- buf[++i] = '\n';
- buf[++i] = '\0';
-
- if (buf[0] == '\n')
- break;
- if (!BUF_MEM_grow(headerB, hl + i + 9)) {
- PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (strncmp(buf, "-----END ", 9) == 0) {
- nohead = 1;
- break;
- }
- memcpy(&(headerB->data[hl]), buf, i);
- headerB->data[hl + i] = '\0';
- hl += i;
- }
-
- bl = 0;
- if (!BUF_MEM_grow(dataB, 1024)) {
- PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- dataB->data[0] = '\0';
- if (!nohead) {
- for (;;) {
- i = BIO_gets(bp, buf, 254);
- if (i <= 0)
- break;
-
- while ((i >= 0) && (buf[i] <= ' '))
- i--;
- buf[++i] = '\n';
- buf[++i] = '\0';
-
- if (i != 65)
- end = 1;
- if (strncmp(buf, "-----END ", 9) == 0)
- break;
- if (i > 65)
- break;
- if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
- PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(&(dataB->data[bl]), buf, i);
- dataB->data[bl + i] = '\0';
- bl += i;
- if (end) {
- buf[0] = '\0';
- i = BIO_gets(bp, buf, 254);
- if (i <= 0)
- break;
-
- while ((i >= 0) && (buf[i] <= ' '))
- i--;
- buf[++i] = '\n';
- buf[++i] = '\0';
-
- break;
- }
- }
- } else {
- tmpB = headerB;
- headerB = dataB;
- dataB = tmpB;
- bl = hl;
- }
- i = strlen(nameB->data);
- if ((strncmp(buf, "-----END ", 9) != 0) ||
- (strncmp(nameB->data, &(buf[9]), i) != 0) ||
- (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
- PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE);
- goto err;
- }
-
- EVP_DecodeInit(&ctx);
- i = EVP_DecodeUpdate(&ctx,
- (unsigned char *)dataB->data, &bl,
- (unsigned char *)dataB->data, bl);
- if (i < 0) {
- PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
- goto err;
- }
- i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
- if (i < 0) {
- PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
- goto err;
- }
- bl += k;
-
- if (bl == 0)
- goto err;
- *name = nameB->data;
- *header = headerB->data;
- *data = (unsigned char *)dataB->data;
- *len = bl;
- OPENSSL_free(nameB);
- OPENSSL_free(headerB);
- OPENSSL_free(dataB);
- return (1);
- err:
- BUF_MEM_free(nameB);
- BUF_MEM_free(headerB);
- BUF_MEM_free(dataB);
- return (0);
-}
-
-/*
- * Check pem string and return prefix length. If for example the pem_str ==
- * "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" the return value is 3 for the
- * string "RSA".
- */
-
-int pem_check_suffix(const char *pem_str, const char *suffix)
-{
- int pem_len = strlen(pem_str);
- int suffix_len = strlen(suffix);
- const char *p;
- if (suffix_len + 1 >= pem_len)
- return 0;
- p = pem_str + pem_len - suffix_len;
- if (strcmp(p, suffix))
- return 0;
- p--;
- if (*p != ' ')
- return 0;
- return p - pem_str;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pem/pem_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pem_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,860 @@
+/* crypto/pem/pem_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs12.h>
+#include "asn1_locl.h"
+#ifndef OPENSSL_NO_DES
+# include <openssl/des.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+const char PEM_version[] = "PEM" OPENSSL_VERSION_PTEXT;
+
+#define MIN_LENGTH 4
+
+static int load_iv(char **fromp, unsigned char *to, int num);
+static int check_pem(const char *nm, const char *name);
+int pem_check_suffix(const char *pem_str, const char *suffix);
+
+int PEM_def_callback(char *buf, int num, int w, void *key)
+{
+#ifdef OPENSSL_NO_FP_API
+ /*
+ * We should not ever call the default callback routine from windows.
+ */
+ PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (-1);
+#else
+ int i, j;
+ const char *prompt;
+ if (key) {
+ i = strlen(key);
+ i = (i > num) ? num : i;
+ memcpy(buf, key, i);
+ return (i);
+ }
+
+ prompt = EVP_get_pw_prompt();
+ if (prompt == NULL)
+ prompt = "Enter PEM pass phrase:";
+
+ for (;;) {
+ i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
+ if (i != 0) {
+ PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
+ memset(buf, 0, (unsigned int)num);
+ return (-1);
+ }
+ j = strlen(buf);
+ if (j < MIN_LENGTH) {
+ fprintf(stderr,
+ "phrase is too short, needs to be at least %d chars\n",
+ MIN_LENGTH);
+ } else
+ break;
+ }
+ return (j);
+#endif
+}
+
+void PEM_proc_type(char *buf, int type)
+{
+ const char *str;
+
+ if (type == PEM_TYPE_ENCRYPTED)
+ str = "ENCRYPTED";
+ else if (type == PEM_TYPE_MIC_CLEAR)
+ str = "MIC-CLEAR";
+ else if (type == PEM_TYPE_MIC_ONLY)
+ str = "MIC-ONLY";
+ else
+ str = "BAD-TYPE";
+
+ BUF_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE);
+ BUF_strlcat(buf, str, PEM_BUFSIZE);
+ BUF_strlcat(buf, "\n", PEM_BUFSIZE);
+}
+
+void PEM_dek_info(char *buf, const char *type, int len, char *str)
+{
+ static const unsigned char map[17] = "0123456789ABCDEF";
+ long i;
+ int j;
+
+ BUF_strlcat(buf, "DEK-Info: ", PEM_BUFSIZE);
+ BUF_strlcat(buf, type, PEM_BUFSIZE);
+ BUF_strlcat(buf, ",", PEM_BUFSIZE);
+ j = strlen(buf);
+ if (j + (len * 2) + 1 > PEM_BUFSIZE)
+ return;
+ for (i = 0; i < len; i++) {
+ buf[j + i * 2] = map[(str[i] >> 4) & 0x0f];
+ buf[j + i * 2 + 1] = map[(str[i]) & 0x0f];
+ }
+ buf[j + i * 2] = '\n';
+ buf[j + i * 2 + 1] = '\0';
+}
+
+#ifndef OPENSSL_NO_FP_API
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+ pem_password_cb *cb, void *u)
+{
+ BIO *b;
+ void *ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+static int check_pem(const char *nm, const char *name)
+{
+ /* Normal matching nm and name */
+ if (!strcmp(nm, name))
+ return 1;
+
+ /* Make PEM_STRING_EVP_PKEY match any private key */
+
+ if (!strcmp(name, PEM_STRING_EVP_PKEY)) {
+ int slen;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (!strcmp(nm, PEM_STRING_PKCS8))
+ return 1;
+ if (!strcmp(nm, PEM_STRING_PKCS8INF))
+ return 1;
+ slen = pem_check_suffix(nm, "PRIVATE KEY");
+ if (slen > 0) {
+ /*
+ * NB: ENGINE implementations wont contain a deprecated old
+ * private key decode function so don't look for them.
+ */
+ ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+ if (ameth && ameth->old_priv_decode)
+ return 1;
+ }
+ return 0;
+ }
+
+ if (!strcmp(name, PEM_STRING_PARAMETERS)) {
+ int slen;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ slen = pem_check_suffix(nm, "PARAMETERS");
+ if (slen > 0) {
+ ENGINE *e;
+ ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
+ if (ameth) {
+ int r;
+ if (ameth->param_decode)
+ r = 1;
+ else
+ r = 0;
+#ifndef OPENSSL_NO_ENGINE
+ if (e)
+ ENGINE_finish(e);
+#endif
+ return r;
+ }
+ }
+ return 0;
+ }
+
+ /* Permit older strings */
+
+ if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509))
+ return 1;
+
+ if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) &&
+ !strcmp(name, PEM_STRING_X509_REQ))
+ return 1;
+
+ /* Allow normal certs to be read as trusted certs */
+ if (!strcmp(nm, PEM_STRING_X509) &&
+ !strcmp(name, PEM_STRING_X509_TRUSTED))
+ return 1;
+
+ if (!strcmp(nm, PEM_STRING_X509_OLD) &&
+ !strcmp(name, PEM_STRING_X509_TRUSTED))
+ return 1;
+
+ /* Some CAs use PKCS#7 with CERTIFICATE headers */
+ if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_PKCS7))
+ return 1;
+
+ if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
+ !strcmp(name, PEM_STRING_PKCS7))
+ return 1;
+
+#ifndef OPENSSL_NO_CMS
+ if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_CMS))
+ return 1;
+ /* Allow CMS to be read from PKCS#7 headers */
+ if (!strcmp(nm, PEM_STRING_PKCS7) && !strcmp(name, PEM_STRING_CMS))
+ return 1;
+#endif
+
+ return 0;
+}
+
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+ const char *name, BIO *bp, pem_password_cb *cb,
+ void *u)
+{
+ EVP_CIPHER_INFO cipher;
+ char *nm = NULL, *header = NULL;
+ unsigned char *data = NULL;
+ long len;
+ int ret = 0;
+
+ for (;;) {
+ if (!PEM_read_bio(bp, &nm, &header, &data, &len)) {
+ if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE)
+ ERR_add_error_data(2, "Expecting: ", name);
+ return 0;
+ }
+ if (check_pem(nm, name))
+ break;
+ OPENSSL_free(nm);
+ OPENSSL_free(header);
+ OPENSSL_free(data);
+ }
+ if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
+ goto err;
+ if (!PEM_do_header(&cipher, data, &len, cb, u))
+ goto err;
+
+ *pdata = data;
+ *plen = len;
+
+ if (pnm)
+ *pnm = nm;
+
+ ret = 1;
+
+ err:
+ if (!ret || !pnm)
+ OPENSSL_free(nm);
+ OPENSSL_free(header);
+ if (!ret)
+ OPENSSL_free(data);
+ return ret;
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ int klen, pem_password_cb *callback, void *u)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = PEM_ASN1_write_bio(i2d, name, b, x, enc, kstr, klen, callback, u);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ int klen, pem_password_cb *callback, void *u)
+{
+ EVP_CIPHER_CTX ctx;
+ int dsize = 0, i, j, ret = 0;
+ unsigned char *p, *data = NULL;
+ const char *objstr = NULL;
+ char buf[PEM_BUFSIZE];
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+
+ if (enc != NULL) {
+ objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
+ if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+ }
+
+ if ((dsize = i2d(x, NULL)) < 0) {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB);
+ dsize = 0;
+ goto err;
+ }
+ /* dzise + 8 bytes are needed */
+ /* actually it needs the cipher block size extra... */
+ data = (unsigned char *)OPENSSL_malloc((unsigned int)dsize + 20);
+ if (data == NULL) {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p = data;
+ i = i2d(x, &p);
+
+ if (enc != NULL) {
+ if (kstr == NULL) {
+ if (callback == NULL)
+ klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
+ else
+ klen = (*callback) (buf, PEM_BUFSIZE, 1, u);
+ if (klen <= 0) {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_READ_KEY);
+ goto err;
+ }
+#ifdef CHARSET_EBCDIC
+ /* Convert the pass phrase from EBCDIC */
+ ebcdic2ascii(buf, buf, klen);
+#endif
+ kstr = (unsigned char *)buf;
+ }
+ RAND_add(data, i, 0); /* put in the RSA key. */
+ OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
+ if (RAND_bytes(iv, enc->iv_len) <= 0) /* Generate a salt */
+ goto err;
+ /*
+ * The 'iv' is used as the iv and as a salt. It is NOT taken from
+ * the BytesToKey function
+ */
+ if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL))
+ goto err;
+
+ if (kstr == (unsigned char *)buf)
+ OPENSSL_cleanse(buf, PEM_BUFSIZE);
+
+ OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
+ sizeof buf);
+
+ buf[0] = '\0';
+ PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
+ PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+ /* k=strlen(buf); */
+
+ EVP_CIPHER_CTX_init(&ctx);
+ ret = 1;
+ if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv)
+ || !EVP_EncryptUpdate(&ctx, data, &j, data, i)
+ || !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i))
+ ret = 0;
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ret == 0)
+ goto err;
+ i += j;
+ } else {
+ ret = 1;
+ buf[0] = '\0';
+ }
+ i = PEM_write_bio(bp, name, buf, data, i);
+ if (i <= 0)
+ ret = 0;
+ err:
+ OPENSSL_cleanse(key, sizeof(key));
+ OPENSSL_cleanse(iv, sizeof(iv));
+ OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
+ OPENSSL_cleanse(buf, PEM_BUFSIZE);
+ if (data != NULL) {
+ OPENSSL_cleanse(data, (unsigned int)dsize);
+ OPENSSL_free(data);
+ }
+ return (ret);
+}
+
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
+ pem_password_cb *callback, void *u)
+{
+ int i = 0, j, o, klen;
+ long len;
+ EVP_CIPHER_CTX ctx;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ char buf[PEM_BUFSIZE];
+
+ len = *plen;
+
+ if (cipher->cipher == NULL)
+ return (1);
+ if (callback == NULL)
+ klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
+ else
+ klen = callback(buf, PEM_BUFSIZE, 0, u);
+ if (klen <= 0) {
+ PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
+ return (0);
+ }
+#ifdef CHARSET_EBCDIC
+ /* Convert the pass phrase from EBCDIC */
+ ebcdic2ascii(buf, buf, klen);
+#endif
+
+ if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
+ (unsigned char *)buf, klen, 1, key, NULL))
+ return 0;
+
+ j = (int)len;
+ EVP_CIPHER_CTX_init(&ctx);
+ o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
+ if (o)
+ o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
+ if (o)
+ o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ OPENSSL_cleanse((char *)buf, sizeof(buf));
+ OPENSSL_cleanse((char *)key, sizeof(key));
+ j += i;
+ if (!o) {
+ PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
+ return (0);
+ }
+ *plen = j;
+ return (1);
+}
+
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
+{
+ const EVP_CIPHER *enc = NULL;
+ char *p, c;
+ char **header_pp = &header;
+
+ cipher->cipher = NULL;
+ if ((header == NULL) || (*header == '\0') || (*header == '\n'))
+ return (1);
+ if (strncmp(header, "Proc-Type: ", 11) != 0) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE);
+ return (0);
+ }
+ header += 11;
+ if (*header != '4')
+ return (0);
+ header++;
+ if (*header != ',')
+ return (0);
+ header++;
+ if (strncmp(header, "ENCRYPTED", 9) != 0) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
+ return (0);
+ }
+ for (; (*header != '\n') && (*header != '\0'); header++) ;
+ if (*header == '\0') {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
+ return (0);
+ }
+ header++;
+ if (strncmp(header, "DEK-Info: ", 10) != 0) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO);
+ return (0);
+ }
+ header += 10;
+
+ p = header;
+ for (;;) {
+ c = *header;
+#ifndef CHARSET_EBCDIC
+ if (!(((c >= 'A') && (c <= 'Z')) || (c == '-') ||
+ ((c >= '0') && (c <= '9'))))
+ break;
+#else
+ if (!(isupper(c) || (c == '-') || isdigit(c)))
+ break;
+#endif
+ header++;
+ }
+ *header = '\0';
+ cipher->cipher = enc = EVP_get_cipherbyname(p);
+ *header = c;
+ header++;
+
+ if (enc == NULL) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
+ return (0);
+ }
+ if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
+ return (0);
+
+ return (1);
+}
+
+static int load_iv(char **fromp, unsigned char *to, int num)
+{
+ int v, i;
+ char *from;
+
+ from = *fromp;
+ for (i = 0; i < num; i++)
+ to[i] = 0;
+ num *= 2;
+ for (i = 0; i < num; i++) {
+ if ((*from >= '0') && (*from <= '9'))
+ v = *from - '0';
+ else if ((*from >= 'A') && (*from <= 'F'))
+ v = *from - 'A' + 10;
+ else if ((*from >= 'a') && (*from <= 'f'))
+ v = *from - 'a' + 10;
+ else {
+ PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS);
+ return (0);
+ }
+ from++;
+ to[i / 2] |= v << (long)((!(i & 1)) * 4);
+ }
+
+ *fromp = from;
+ return (1);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
+ long len)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = PEM_write_bio(b, name, header, data, len);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int PEM_write_bio(BIO *bp, const char *name, char *header,
+ unsigned char *data, long len)
+{
+ int nlen, n, i, j, outl;
+ unsigned char *buf = NULL;
+ EVP_ENCODE_CTX ctx;
+ int reason = ERR_R_BUF_LIB;
+
+ EVP_EncodeInit(&ctx);
+ nlen = strlen(name);
+
+ if ((BIO_write(bp, "-----BEGIN ", 11) != 11) ||
+ (BIO_write(bp, name, nlen) != nlen) ||
+ (BIO_write(bp, "-----\n", 6) != 6))
+ goto err;
+
+ i = strlen(header);
+ if (i > 0) {
+ if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1))
+ goto err;
+ }
+
+ buf = OPENSSL_malloc(PEM_BUFSIZE * 8);
+ if (buf == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ i = j = 0;
+ while (len > 0) {
+ n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len);
+ EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n);
+ if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl))
+ goto err;
+ i += outl;
+ len -= n;
+ j += n;
+ }
+ EVP_EncodeFinal(&ctx, buf, &outl);
+ if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
+ goto err;
+ OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
+ OPENSSL_free(buf);
+ buf = NULL;
+ if ((BIO_write(bp, "-----END ", 9) != 9) ||
+ (BIO_write(bp, name, nlen) != nlen) ||
+ (BIO_write(bp, "-----\n", 6) != 6))
+ goto err;
+ return (i + outl);
+ err:
+ if (buf) {
+ OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
+ OPENSSL_free(buf);
+ }
+ PEMerr(PEM_F_PEM_WRITE_BIO, reason);
+ return (0);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
+ long *len)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = PEM_read_bio(b, name, header, data, len);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
+ long *len)
+{
+ EVP_ENCODE_CTX ctx;
+ int end = 0, i, k, bl = 0, hl = 0, nohead = 0;
+ char buf[256];
+ BUF_MEM *nameB;
+ BUF_MEM *headerB;
+ BUF_MEM *dataB, *tmpB;
+
+ nameB = BUF_MEM_new();
+ headerB = BUF_MEM_new();
+ dataB = BUF_MEM_new();
+ if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) {
+ BUF_MEM_free(nameB);
+ BUF_MEM_free(headerB);
+ BUF_MEM_free(dataB);
+ PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+
+ buf[254] = '\0';
+ for (;;) {
+ i = BIO_gets(bp, buf, 254);
+
+ if (i <= 0) {
+ PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE);
+ goto err;
+ }
+
+ while ((i >= 0) && (buf[i] <= ' '))
+ i--;
+ buf[++i] = '\n';
+ buf[++i] = '\0';
+
+ if (strncmp(buf, "-----BEGIN ", 11) == 0) {
+ i = strlen(&(buf[11]));
+
+ if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
+ continue;
+ if (!BUF_MEM_grow(nameB, i + 9)) {
+ PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ memcpy(nameB->data, &(buf[11]), i - 6);
+ nameB->data[i - 6] = '\0';
+ break;
+ }
+ }
+ hl = 0;
+ if (!BUF_MEM_grow(headerB, 256)) {
+ PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ headerB->data[0] = '\0';
+ for (;;) {
+ i = BIO_gets(bp, buf, 254);
+ if (i <= 0)
+ break;
+
+ while ((i >= 0) && (buf[i] <= ' '))
+ i--;
+ buf[++i] = '\n';
+ buf[++i] = '\0';
+
+ if (buf[0] == '\n')
+ break;
+ if (!BUF_MEM_grow(headerB, hl + i + 9)) {
+ PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (strncmp(buf, "-----END ", 9) == 0) {
+ nohead = 1;
+ break;
+ }
+ memcpy(&(headerB->data[hl]), buf, i);
+ headerB->data[hl + i] = '\0';
+ hl += i;
+ }
+
+ bl = 0;
+ if (!BUF_MEM_grow(dataB, 1024)) {
+ PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ dataB->data[0] = '\0';
+ if (!nohead) {
+ for (;;) {
+ i = BIO_gets(bp, buf, 254);
+ if (i <= 0)
+ break;
+
+ while ((i >= 0) && (buf[i] <= ' '))
+ i--;
+ buf[++i] = '\n';
+ buf[++i] = '\0';
+
+ if (i != 65)
+ end = 1;
+ if (strncmp(buf, "-----END ", 9) == 0)
+ break;
+ if (i > 65)
+ break;
+ if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
+ PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ memcpy(&(dataB->data[bl]), buf, i);
+ dataB->data[bl + i] = '\0';
+ bl += i;
+ if (end) {
+ buf[0] = '\0';
+ i = BIO_gets(bp, buf, 254);
+ if (i <= 0)
+ break;
+
+ while ((i >= 0) && (buf[i] <= ' '))
+ i--;
+ buf[++i] = '\n';
+ buf[++i] = '\0';
+
+ break;
+ }
+ }
+ } else {
+ tmpB = headerB;
+ headerB = dataB;
+ dataB = tmpB;
+ bl = hl;
+ }
+ i = strlen(nameB->data);
+ if ((strncmp(buf, "-----END ", 9) != 0) ||
+ (strncmp(nameB->data, &(buf[9]), i) != 0) ||
+ (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
+ PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE);
+ goto err;
+ }
+
+ EVP_DecodeInit(&ctx);
+ i = EVP_DecodeUpdate(&ctx,
+ (unsigned char *)dataB->data, &bl,
+ (unsigned char *)dataB->data, bl);
+ if (i < 0) {
+ PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
+ goto err;
+ }
+ i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
+ if (i < 0) {
+ PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
+ goto err;
+ }
+ bl += k;
+
+ if (bl == 0)
+ goto err;
+ *name = nameB->data;
+ *header = headerB->data;
+ *data = (unsigned char *)dataB->data;
+ *len = bl;
+ OPENSSL_free(nameB);
+ OPENSSL_free(headerB);
+ OPENSSL_free(dataB);
+ return (1);
+ err:
+ BUF_MEM_free(nameB);
+ BUF_MEM_free(headerB);
+ BUF_MEM_free(dataB);
+ return (0);
+}
+
+/*
+ * Check pem string and return prefix length. If for example the pem_str ==
+ * "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" the return value is 3 for the
+ * string "RSA".
+ */
+
+int pem_check_suffix(const char *pem_str, const char *suffix)
+{
+ int pem_len = strlen(pem_str);
+ int suffix_len = strlen(suffix);
+ const char *p;
+ if (suffix_len + 1 >= pem_len)
+ return 0;
+ p = pem_str + pem_len - suffix_len;
+ if (strcmp(p, suffix))
+ return 0;
+ p--;
+ if (*p != ' ')
+ return 0;
+ return p - pem_str;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pem/pvkfmt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,881 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- * Support for PVK format keys and related structures (such a PUBLICKEYBLOB
- * and PRIVATEKEYBLOB).
- */
-
-#include "cryptlib.h"
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
-# include <openssl/dsa.h>
-# include <openssl/rsa.h>
-
-/*
- * Utility function: read a DWORD (4 byte unsigned integer) in little endian
- * format
- */
-
-static unsigned int read_ledword(const unsigned char **in)
-{
- const unsigned char *p = *in;
- unsigned int ret;
- ret = *p++;
- ret |= (*p++ << 8);
- ret |= (*p++ << 16);
- ret |= (*p++ << 24);
- *in = p;
- return ret;
-}
-
-/*
- * Read a BIGNUM in little endian format. The docs say that this should take
- * up bitlen/8 bytes.
- */
-
-static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
-{
- const unsigned char *p;
- unsigned char *tmpbuf, *q;
- unsigned int i;
- p = *in + nbyte - 1;
- tmpbuf = OPENSSL_malloc(nbyte);
- if (!tmpbuf)
- return 0;
- q = tmpbuf;
- for (i = 0; i < nbyte; i++)
- *q++ = *p--;
- *r = BN_bin2bn(tmpbuf, nbyte, NULL);
- OPENSSL_free(tmpbuf);
- if (*r) {
- *in += nbyte;
- return 1;
- } else
- return 0;
-}
-
-/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
-
-# define MS_PUBLICKEYBLOB 0x6
-# define MS_PRIVATEKEYBLOB 0x7
-# define MS_RSA1MAGIC 0x31415352L
-# define MS_RSA2MAGIC 0x32415352L
-# define MS_DSS1MAGIC 0x31535344L
-# define MS_DSS2MAGIC 0x32535344L
-
-# define MS_KEYALG_RSA_KEYX 0xa400
-# define MS_KEYALG_DSS_SIGN 0x2200
-
-# define MS_KEYTYPE_KEYX 0x1
-# define MS_KEYTYPE_SIGN 0x2
-
-/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
-# define MS_PVKMAGIC 0xb0b5f11eL
-/* Salt length for PVK files */
-# define PVK_SALTLEN 0x10
-
-static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
- unsigned int bitlen, int ispub);
-static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
- unsigned int bitlen, int ispub);
-
-static int do_blob_header(const unsigned char **in, unsigned int length,
- unsigned int *pmagic, unsigned int *pbitlen,
- int *pisdss, int *pispub)
-{
- const unsigned char *p = *in;
- if (length < 16)
- return 0;
- /* bType */
- if (*p == MS_PUBLICKEYBLOB) {
- if (*pispub == 0) {
- PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
- return 0;
- }
- *pispub = 1;
- } else if (*p == MS_PRIVATEKEYBLOB) {
- if (*pispub == 1) {
- PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
- return 0;
- }
- *pispub = 0;
- } else
- return 0;
- p++;
- /* Version */
- if (*p++ != 0x2) {
- PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
- return 0;
- }
- /* Ignore reserved, aiKeyAlg */
- p += 6;
- *pmagic = read_ledword(&p);
- *pbitlen = read_ledword(&p);
- *pisdss = 0;
- switch (*pmagic) {
-
- case MS_DSS1MAGIC:
- *pisdss = 1;
- case MS_RSA1MAGIC:
- if (*pispub == 0) {
- PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
- return 0;
- }
- break;
-
- case MS_DSS2MAGIC:
- *pisdss = 1;
- case MS_RSA2MAGIC:
- if (*pispub == 1) {
- PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
- return 0;
- }
- break;
-
- default:
- PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
- return -1;
- }
- *in = p;
- return 1;
-}
-
-static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
-{
- unsigned int nbyte, hnbyte;
- nbyte = (bitlen + 7) >> 3;
- hnbyte = (bitlen + 15) >> 4;
- if (isdss) {
-
- /*
- * Expected length: 20 for q + 3 components bitlen each + 24 for seed
- * structure.
- */
- if (ispub)
- return 44 + 3 * nbyte;
- /*
- * Expected length: 20 for q, priv, 2 bitlen components + 24 for seed
- * structure.
- */
- else
- return 64 + 2 * nbyte;
- } else {
- /* Expected length: 4 for 'e' + 'n' */
- if (ispub)
- return 4 + nbyte;
- else
- /*
- * Expected length: 4 for 'e' and 7 other components. 2
- * components are bitlen size, 5 are bitlen/2
- */
- return 4 + 2 * nbyte + 5 * hnbyte;
- }
-
-}
-
-static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
- int ispub)
-{
- const unsigned char *p = *in;
- unsigned int bitlen, magic;
- int isdss;
- if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
- PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
- return NULL;
- }
- length -= 16;
- if (length < blob_length(bitlen, isdss, ispub)) {
- PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
- return NULL;
- }
- if (isdss)
- return b2i_dss(&p, length, bitlen, ispub);
- else
- return b2i_rsa(&p, length, bitlen, ispub);
-}
-
-static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
-{
- const unsigned char *p;
- unsigned char hdr_buf[16], *buf = NULL;
- unsigned int bitlen, magic, length;
- int isdss;
- EVP_PKEY *ret = NULL;
- if (BIO_read(in, hdr_buf, 16) != 16) {
- PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
- return NULL;
- }
- p = hdr_buf;
- if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
- return NULL;
-
- length = blob_length(bitlen, isdss, ispub);
- buf = OPENSSL_malloc(length);
- if (!buf) {
- PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p = buf;
- if (BIO_read(in, buf, length) != (int)length) {
- PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
- goto err;
- }
-
- if (isdss)
- ret = b2i_dss(&p, length, bitlen, ispub);
- else
- ret = b2i_rsa(&p, length, bitlen, ispub);
-
- err:
- if (buf)
- OPENSSL_free(buf);
- return ret;
-}
-
-static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
- unsigned int bitlen, int ispub)
-{
- const unsigned char *p = *in;
- EVP_PKEY *ret = NULL;
- DSA *dsa = NULL;
- BN_CTX *ctx = NULL;
- unsigned int nbyte;
- nbyte = (bitlen + 7) >> 3;
-
- dsa = DSA_new();
- ret = EVP_PKEY_new();
- if (!dsa || !ret)
- goto memerr;
- if (!read_lebn(&p, nbyte, &dsa->p))
- goto memerr;
- if (!read_lebn(&p, 20, &dsa->q))
- goto memerr;
- if (!read_lebn(&p, nbyte, &dsa->g))
- goto memerr;
- if (ispub) {
- if (!read_lebn(&p, nbyte, &dsa->pub_key))
- goto memerr;
- } else {
- if (!read_lebn(&p, 20, &dsa->priv_key))
- goto memerr;
- /* Calculate public key */
- if (!(dsa->pub_key = BN_new()))
- goto memerr;
- if (!(ctx = BN_CTX_new()))
- goto memerr;
-
- if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
-
- goto memerr;
- BN_CTX_free(ctx);
- }
-
- EVP_PKEY_set1_DSA(ret, dsa);
- DSA_free(dsa);
- *in = p;
- return ret;
-
- memerr:
- PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
- if (dsa)
- DSA_free(dsa);
- if (ret)
- EVP_PKEY_free(ret);
- if (ctx)
- BN_CTX_free(ctx);
- return NULL;
-}
-
-static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
- unsigned int bitlen, int ispub)
-{
- const unsigned char *p = *in;
- EVP_PKEY *ret = NULL;
- RSA *rsa = NULL;
- unsigned int nbyte, hnbyte;
- nbyte = (bitlen + 7) >> 3;
- hnbyte = (bitlen + 15) >> 4;
- rsa = RSA_new();
- ret = EVP_PKEY_new();
- if (!rsa || !ret)
- goto memerr;
- rsa->e = BN_new();
- if (!rsa->e)
- goto memerr;
- if (!BN_set_word(rsa->e, read_ledword(&p)))
- goto memerr;
- if (!read_lebn(&p, nbyte, &rsa->n))
- goto memerr;
- if (!ispub) {
- if (!read_lebn(&p, hnbyte, &rsa->p))
- goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->q))
- goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->dmp1))
- goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->dmq1))
- goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->iqmp))
- goto memerr;
- if (!read_lebn(&p, nbyte, &rsa->d))
- goto memerr;
- }
-
- EVP_PKEY_set1_RSA(ret, rsa);
- RSA_free(rsa);
- *in = p;
- return ret;
- memerr:
- PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
- if (rsa)
- RSA_free(rsa);
- if (ret)
- EVP_PKEY_free(ret);
- return NULL;
-}
-
-EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
-{
- return do_b2i(in, length, 0);
-}
-
-EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
-{
- return do_b2i(in, length, 1);
-}
-
-EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
-{
- return do_b2i_bio(in, 0);
-}
-
-EVP_PKEY *b2i_PublicKey_bio(BIO *in)
-{
- return do_b2i_bio(in, 1);
-}
-
-static void write_ledword(unsigned char **out, unsigned int dw)
-{
- unsigned char *p = *out;
- *p++ = dw & 0xff;
- *p++ = (dw >> 8) & 0xff;
- *p++ = (dw >> 16) & 0xff;
- *p++ = (dw >> 24) & 0xff;
- *out = p;
-}
-
-static void write_lebn(unsigned char **out, const BIGNUM *bn, int len)
-{
- int nb, i;
- unsigned char *p = *out, *q, c;
- nb = BN_num_bytes(bn);
- BN_bn2bin(bn, p);
- q = p + nb - 1;
- /* In place byte order reversal */
- for (i = 0; i < nb / 2; i++) {
- c = *p;
- *p++ = *q;
- *q-- = c;
- }
- *out += nb;
- /* Pad with zeroes if we have to */
- if (len > 0) {
- len -= nb;
- if (len > 0) {
- memset(*out, 0, len);
- *out += len;
- }
- }
-}
-
-static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
-static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
-
-static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
-static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
-
-static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
-{
- unsigned char *p;
- unsigned int bitlen, magic = 0, keyalg;
- int outlen, noinc = 0;
- if (pk->type == EVP_PKEY_DSA) {
- bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
- keyalg = MS_KEYALG_DSS_SIGN;
- } else if (pk->type == EVP_PKEY_RSA) {
- bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
- keyalg = MS_KEYALG_RSA_KEYX;
- } else
- return -1;
- if (bitlen == 0)
- return -1;
- outlen = 16 + blob_length(bitlen,
- keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
- if (out == NULL)
- return outlen;
- if (*out)
- p = *out;
- else {
- p = OPENSSL_malloc(outlen);
- if (!p)
- return -1;
- *out = p;
- noinc = 1;
- }
- if (ispub)
- *p++ = MS_PUBLICKEYBLOB;
- else
- *p++ = MS_PRIVATEKEYBLOB;
- *p++ = 0x2;
- *p++ = 0;
- *p++ = 0;
- write_ledword(&p, keyalg);
- write_ledword(&p, magic);
- write_ledword(&p, bitlen);
- if (keyalg == MS_KEYALG_DSS_SIGN)
- write_dsa(&p, pk->pkey.dsa, ispub);
- else
- write_rsa(&p, pk->pkey.rsa, ispub);
- if (!noinc)
- *out += outlen;
- return outlen;
-}
-
-static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
-{
- unsigned char *tmp = NULL;
- int outlen, wrlen;
- outlen = do_i2b(&tmp, pk, ispub);
- if (outlen < 0)
- return -1;
- wrlen = BIO_write(out, tmp, outlen);
- OPENSSL_free(tmp);
- if (wrlen == outlen)
- return outlen;
- return -1;
-}
-
-static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
-{
- int bitlen;
- bitlen = BN_num_bits(dsa->p);
- if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160)
- || (BN_num_bits(dsa->g) > bitlen))
- goto badkey;
- if (ispub) {
- if (BN_num_bits(dsa->pub_key) > bitlen)
- goto badkey;
- *pmagic = MS_DSS1MAGIC;
- } else {
- if (BN_num_bits(dsa->priv_key) > 160)
- goto badkey;
- *pmagic = MS_DSS2MAGIC;
- }
-
- return bitlen;
- badkey:
- PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
- return 0;
-}
-
-static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
-{
- int nbyte, hnbyte, bitlen;
- if (BN_num_bits(rsa->e) > 32)
- goto badkey;
- bitlen = BN_num_bits(rsa->n);
- nbyte = BN_num_bytes(rsa->n);
- hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
- if (ispub) {
- *pmagic = MS_RSA1MAGIC;
- return bitlen;
- } else {
- *pmagic = MS_RSA2MAGIC;
- /*
- * For private key each component must fit within nbyte or hnbyte.
- */
- if (BN_num_bytes(rsa->d) > nbyte)
- goto badkey;
- if ((BN_num_bytes(rsa->iqmp) > hnbyte)
- || (BN_num_bytes(rsa->p) > hnbyte)
- || (BN_num_bytes(rsa->q) > hnbyte)
- || (BN_num_bytes(rsa->dmp1) > hnbyte)
- || (BN_num_bytes(rsa->dmq1) > hnbyte))
- goto badkey;
- }
- return bitlen;
- badkey:
- PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
- return 0;
-}
-
-static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
-{
- int nbyte, hnbyte;
- nbyte = BN_num_bytes(rsa->n);
- hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
- write_lebn(out, rsa->e, 4);
- write_lebn(out, rsa->n, -1);
- if (ispub)
- return;
- write_lebn(out, rsa->p, hnbyte);
- write_lebn(out, rsa->q, hnbyte);
- write_lebn(out, rsa->dmp1, hnbyte);
- write_lebn(out, rsa->dmq1, hnbyte);
- write_lebn(out, rsa->iqmp, hnbyte);
- write_lebn(out, rsa->d, nbyte);
-}
-
-static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
-{
- int nbyte;
- nbyte = BN_num_bytes(dsa->p);
- write_lebn(out, dsa->p, nbyte);
- write_lebn(out, dsa->q, 20);
- write_lebn(out, dsa->g, nbyte);
- if (ispub)
- write_lebn(out, dsa->pub_key, nbyte);
- else
- write_lebn(out, dsa->priv_key, 20);
- /* Set "invalid" for seed structure values */
- memset(*out, 0xff, 24);
- *out += 24;
- return;
-}
-
-int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
-{
- return do_i2b_bio(out, pk, 0);
-}
-
-int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
-{
- return do_i2b_bio(out, pk, 1);
-}
-
-# ifndef OPENSSL_NO_RC4
-
-static int do_PVK_header(const unsigned char **in, unsigned int length,
- int skip_magic,
- unsigned int *psaltlen, unsigned int *pkeylen)
-{
- const unsigned char *p = *in;
- unsigned int pvk_magic, is_encrypted;
- if (skip_magic) {
- if (length < 20) {
- PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
- return 0;
- }
- } else {
- if (length < 24) {
- PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
- return 0;
- }
- pvk_magic = read_ledword(&p);
- if (pvk_magic != MS_PVKMAGIC) {
- PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
- return 0;
- }
- }
- /* Skip reserved */
- p += 4;
- /*
- * keytype =
- */ read_ledword(&p);
- is_encrypted = read_ledword(&p);
- *psaltlen = read_ledword(&p);
- *pkeylen = read_ledword(&p);
-
- if (is_encrypted && !*psaltlen) {
- PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
- return 0;
- }
-
- *in = p;
- return 1;
-}
-
-static int derive_pvk_key(unsigned char *key,
- const unsigned char *salt, unsigned int saltlen,
- const unsigned char *pass, int passlen)
-{
- EVP_MD_CTX mctx;
- int rv = 1;
- EVP_MD_CTX_init(&mctx);
- if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
- || !EVP_DigestUpdate(&mctx, salt, saltlen)
- || !EVP_DigestUpdate(&mctx, pass, passlen)
- || !EVP_DigestFinal_ex(&mctx, key, NULL))
- rv = 0;
-
- EVP_MD_CTX_cleanup(&mctx);
- return rv;
-}
-
-static EVP_PKEY *do_PVK_body(const unsigned char **in,
- unsigned int saltlen, unsigned int keylen,
- pem_password_cb *cb, void *u)
-{
- EVP_PKEY *ret = NULL;
- const unsigned char *p = *in;
- unsigned int magic;
- unsigned char *enctmp = NULL, *q;
- EVP_CIPHER_CTX cctx;
- EVP_CIPHER_CTX_init(&cctx);
- if (saltlen) {
- char psbuf[PEM_BUFSIZE];
- unsigned char keybuf[20];
- int enctmplen, inlen;
- if (cb)
- inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
- else
- inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
- if (inlen <= 0) {
- PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
- goto err;
- }
- enctmp = OPENSSL_malloc(keylen + 8);
- if (!enctmp) {
- PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!derive_pvk_key(keybuf, p, saltlen,
- (unsigned char *)psbuf, inlen))
- goto err;
- p += saltlen;
- /* Copy BLOBHEADER across, decrypt rest */
- memcpy(enctmp, p, 8);
- p += 8;
- if (keylen < 8) {
- PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
- goto err;
- }
- inlen = keylen - 8;
- q = enctmp + 8;
- if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
- goto err;
- if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
- goto err;
- if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
- goto err;
- magic = read_ledword((const unsigned char **)&q);
- if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
- q = enctmp + 8;
- memset(keybuf + 5, 0, 11);
- if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
- goto err;
- OPENSSL_cleanse(keybuf, 20);
- if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
- goto err;
- if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
- goto err;
- magic = read_ledword((const unsigned char **)&q);
- if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
- PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
- goto err;
- }
- } else
- OPENSSL_cleanse(keybuf, 20);
- p = enctmp;
- }
-
- ret = b2i_PrivateKey(&p, keylen);
- err:
- EVP_CIPHER_CTX_cleanup(&cctx);
- if (enctmp && saltlen)
- OPENSSL_free(enctmp);
- return ret;
-}
-
-EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
-{
- unsigned char pvk_hdr[24], *buf = NULL;
- const unsigned char *p;
- int buflen;
- EVP_PKEY *ret = NULL;
- unsigned int saltlen, keylen;
- if (BIO_read(in, pvk_hdr, 24) != 24) {
- PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
- return NULL;
- }
- p = pvk_hdr;
-
- if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
- return 0;
- buflen = (int)keylen + saltlen;
- buf = OPENSSL_malloc(buflen);
- if (!buf) {
- PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- p = buf;
- if (BIO_read(in, buf, buflen) != buflen) {
- PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
- goto err;
- }
- ret = do_PVK_body(&p, saltlen, keylen, cb, u);
-
- err:
- if (buf) {
- OPENSSL_cleanse(buf, buflen);
- OPENSSL_free(buf);
- }
- return ret;
-}
-
-static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
- pem_password_cb *cb, void *u)
-{
- int outlen = 24, pklen;
- unsigned char *p, *salt = NULL;
- EVP_CIPHER_CTX cctx;
- EVP_CIPHER_CTX_init(&cctx);
- if (enclevel)
- outlen += PVK_SALTLEN;
- pklen = do_i2b(NULL, pk, 0);
- if (pklen < 0)
- return -1;
- outlen += pklen;
- if (!out)
- return outlen;
- if (*out)
- p = *out;
- else {
- p = OPENSSL_malloc(outlen);
- if (!p) {
- PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- *out = p;
- }
-
- write_ledword(&p, MS_PVKMAGIC);
- write_ledword(&p, 0);
- if (pk->type == EVP_PKEY_DSA)
- write_ledword(&p, MS_KEYTYPE_SIGN);
- else
- write_ledword(&p, MS_KEYTYPE_KEYX);
- write_ledword(&p, enclevel ? 1 : 0);
- write_ledword(&p, enclevel ? PVK_SALTLEN : 0);
- write_ledword(&p, pklen);
- if (enclevel) {
- if (RAND_bytes(p, PVK_SALTLEN) <= 0)
- goto error;
- salt = p;
- p += PVK_SALTLEN;
- }
- do_i2b(&p, pk, 0);
- if (enclevel == 0)
- return outlen;
- else {
- char psbuf[PEM_BUFSIZE];
- unsigned char keybuf[20];
- int enctmplen, inlen;
- if (cb)
- inlen = cb(psbuf, PEM_BUFSIZE, 1, u);
- else
- inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
- if (inlen <= 0) {
- PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);
- goto error;
- }
- if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
- (unsigned char *)psbuf, inlen))
- goto error;
- if (enclevel == 1)
- memset(keybuf + 5, 0, 11);
- p = salt + PVK_SALTLEN + 8;
- if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
- goto error;
- OPENSSL_cleanse(keybuf, 20);
- if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
- goto error;
- if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
- goto error;
- }
- EVP_CIPHER_CTX_cleanup(&cctx);
- return outlen;
-
- error:
- EVP_CIPHER_CTX_cleanup(&cctx);
- return -1;
-}
-
-int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
- pem_password_cb *cb, void *u)
-{
- unsigned char *tmp = NULL;
- int outlen, wrlen;
- outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
- if (outlen < 0)
- return -1;
- wrlen = BIO_write(out, tmp, outlen);
- OPENSSL_free(tmp);
- if (wrlen == outlen) {
- PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
- return outlen;
- }
- return -1;
-}
-
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pem/pvkfmt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pem/pvkfmt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,895 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * Support for PVK format keys and related structures (such a PUBLICKEYBLOB
+ * and PRIVATEKEYBLOB).
+ */
+
+#include "cryptlib.h"
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+# include <openssl/dsa.h>
+# include <openssl/rsa.h>
+
+/*
+ * Utility function: read a DWORD (4 byte unsigned integer) in little endian
+ * format
+ */
+
+static unsigned int read_ledword(const unsigned char **in)
+{
+ const unsigned char *p = *in;
+ unsigned int ret;
+ ret = *p++;
+ ret |= (*p++ << 8);
+ ret |= (*p++ << 16);
+ ret |= (*p++ << 24);
+ *in = p;
+ return ret;
+}
+
+/*
+ * Read a BIGNUM in little endian format. The docs say that this should take
+ * up bitlen/8 bytes.
+ */
+
+static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
+{
+ const unsigned char *p;
+ unsigned char *tmpbuf, *q;
+ unsigned int i;
+ p = *in + nbyte - 1;
+ tmpbuf = OPENSSL_malloc(nbyte);
+ if (!tmpbuf)
+ return 0;
+ q = tmpbuf;
+ for (i = 0; i < nbyte; i++)
+ *q++ = *p--;
+ *r = BN_bin2bn(tmpbuf, nbyte, NULL);
+ OPENSSL_free(tmpbuf);
+ if (*r) {
+ *in += nbyte;
+ return 1;
+ } else
+ return 0;
+}
+
+/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
+
+# define MS_PUBLICKEYBLOB 0x6
+# define MS_PRIVATEKEYBLOB 0x7
+# define MS_RSA1MAGIC 0x31415352L
+# define MS_RSA2MAGIC 0x32415352L
+# define MS_DSS1MAGIC 0x31535344L
+# define MS_DSS2MAGIC 0x32535344L
+
+# define MS_KEYALG_RSA_KEYX 0xa400
+# define MS_KEYALG_DSS_SIGN 0x2200
+
+# define MS_KEYTYPE_KEYX 0x1
+# define MS_KEYTYPE_SIGN 0x2
+
+/* Maximum length of a blob after header */
+# define BLOB_MAX_LENGTH 102400
+
+/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
+# define MS_PVKMAGIC 0xb0b5f11eL
+/* Salt length for PVK files */
+# define PVK_SALTLEN 0x10
+/* Maximum length in PVK header */
+# define PVK_MAX_KEYLEN 102400
+/* Maximum salt length */
+# define PVK_MAX_SALTLEN 10240
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub);
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub);
+
+static int do_blob_header(const unsigned char **in, unsigned int length,
+ unsigned int *pmagic, unsigned int *pbitlen,
+ int *pisdss, int *pispub)
+{
+ const unsigned char *p = *in;
+ if (length < 16)
+ return 0;
+ /* bType */
+ if (*p == MS_PUBLICKEYBLOB) {
+ if (*pispub == 0) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+ return 0;
+ }
+ *pispub = 1;
+ } else if (*p == MS_PRIVATEKEYBLOB) {
+ if (*pispub == 1) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+ return 0;
+ }
+ *pispub = 0;
+ } else
+ return 0;
+ p++;
+ /* Version */
+ if (*p++ != 0x2) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
+ return 0;
+ }
+ /* Ignore reserved, aiKeyAlg */
+ p += 6;
+ *pmagic = read_ledword(&p);
+ *pbitlen = read_ledword(&p);
+ *pisdss = 0;
+ switch (*pmagic) {
+
+ case MS_DSS1MAGIC:
+ *pisdss = 1;
+ case MS_RSA1MAGIC:
+ if (*pispub == 0) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+ return 0;
+ }
+ break;
+
+ case MS_DSS2MAGIC:
+ *pisdss = 1;
+ case MS_RSA2MAGIC:
+ if (*pispub == 1) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+ return 0;
+ }
+ break;
+
+ default:
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+ return -1;
+ }
+ *in = p;
+ return 1;
+}
+
+static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
+{
+ unsigned int nbyte, hnbyte;
+ nbyte = (bitlen + 7) >> 3;
+ hnbyte = (bitlen + 15) >> 4;
+ if (isdss) {
+
+ /*
+ * Expected length: 20 for q + 3 components bitlen each + 24 for seed
+ * structure.
+ */
+ if (ispub)
+ return 44 + 3 * nbyte;
+ /*
+ * Expected length: 20 for q, priv, 2 bitlen components + 24 for seed
+ * structure.
+ */
+ else
+ return 64 + 2 * nbyte;
+ } else {
+ /* Expected length: 4 for 'e' + 'n' */
+ if (ispub)
+ return 4 + nbyte;
+ else
+ /*
+ * Expected length: 4 for 'e' and 7 other components. 2
+ * components are bitlen size, 5 are bitlen/2
+ */
+ return 4 + 2 * nbyte + 5 * hnbyte;
+ }
+
+}
+
+static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
+ int ispub)
+{
+ const unsigned char *p = *in;
+ unsigned int bitlen, magic;
+ int isdss;
+ if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
+ PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
+ return NULL;
+ }
+ length -= 16;
+ if (length < blob_length(bitlen, isdss, ispub)) {
+ PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
+ return NULL;
+ }
+ if (isdss)
+ return b2i_dss(&p, length, bitlen, ispub);
+ else
+ return b2i_rsa(&p, length, bitlen, ispub);
+}
+
+static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
+{
+ const unsigned char *p;
+ unsigned char hdr_buf[16], *buf = NULL;
+ unsigned int bitlen, magic, length;
+ int isdss;
+ EVP_PKEY *ret = NULL;
+ if (BIO_read(in, hdr_buf, 16) != 16) {
+ PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+ return NULL;
+ }
+ p = hdr_buf;
+ if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
+ return NULL;
+
+ length = blob_length(bitlen, isdss, ispub);
+ if (length > BLOB_MAX_LENGTH) {
+ PEMerr(PEM_F_DO_B2I_BIO, PEM_R_HEADER_TOO_LONG);
+ return NULL;
+ }
+ buf = OPENSSL_malloc(length);
+ if (!buf) {
+ PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p = buf;
+ if (BIO_read(in, buf, length) != (int)length) {
+ PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+ goto err;
+ }
+
+ if (isdss)
+ ret = b2i_dss(&p, length, bitlen, ispub);
+ else
+ ret = b2i_rsa(&p, length, bitlen, ispub);
+
+ err:
+ if (buf)
+ OPENSSL_free(buf);
+ return ret;
+}
+
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub)
+{
+ const unsigned char *p = *in;
+ EVP_PKEY *ret = NULL;
+ DSA *dsa = NULL;
+ BN_CTX *ctx = NULL;
+ unsigned int nbyte;
+ nbyte = (bitlen + 7) >> 3;
+
+ dsa = DSA_new();
+ ret = EVP_PKEY_new();
+ if (!dsa || !ret)
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &dsa->p))
+ goto memerr;
+ if (!read_lebn(&p, 20, &dsa->q))
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &dsa->g))
+ goto memerr;
+ if (ispub) {
+ if (!read_lebn(&p, nbyte, &dsa->pub_key))
+ goto memerr;
+ } else {
+ if (!read_lebn(&p, 20, &dsa->priv_key))
+ goto memerr;
+ /* Calculate public key */
+ if (!(dsa->pub_key = BN_new()))
+ goto memerr;
+ if (!(ctx = BN_CTX_new()))
+ goto memerr;
+
+ if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
+
+ goto memerr;
+ BN_CTX_free(ctx);
+ }
+
+ EVP_PKEY_set1_DSA(ret, dsa);
+ DSA_free(dsa);
+ *in = p;
+ return ret;
+
+ memerr:
+ PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
+ if (dsa)
+ DSA_free(dsa);
+ if (ret)
+ EVP_PKEY_free(ret);
+ if (ctx)
+ BN_CTX_free(ctx);
+ return NULL;
+}
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub)
+{
+ const unsigned char *p = *in;
+ EVP_PKEY *ret = NULL;
+ RSA *rsa = NULL;
+ unsigned int nbyte, hnbyte;
+ nbyte = (bitlen + 7) >> 3;
+ hnbyte = (bitlen + 15) >> 4;
+ rsa = RSA_new();
+ ret = EVP_PKEY_new();
+ if (!rsa || !ret)
+ goto memerr;
+ rsa->e = BN_new();
+ if (!rsa->e)
+ goto memerr;
+ if (!BN_set_word(rsa->e, read_ledword(&p)))
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &rsa->n))
+ goto memerr;
+ if (!ispub) {
+ if (!read_lebn(&p, hnbyte, &rsa->p))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->q))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->dmp1))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->dmq1))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->iqmp))
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &rsa->d))
+ goto memerr;
+ }
+
+ EVP_PKEY_set1_RSA(ret, rsa);
+ RSA_free(rsa);
+ *in = p;
+ return ret;
+ memerr:
+ PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
+ if (rsa)
+ RSA_free(rsa);
+ if (ret)
+ EVP_PKEY_free(ret);
+ return NULL;
+}
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
+{
+ return do_b2i(in, length, 0);
+}
+
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
+{
+ return do_b2i(in, length, 1);
+}
+
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
+{
+ return do_b2i_bio(in, 0);
+}
+
+EVP_PKEY *b2i_PublicKey_bio(BIO *in)
+{
+ return do_b2i_bio(in, 1);
+}
+
+static void write_ledword(unsigned char **out, unsigned int dw)
+{
+ unsigned char *p = *out;
+ *p++ = dw & 0xff;
+ *p++ = (dw >> 8) & 0xff;
+ *p++ = (dw >> 16) & 0xff;
+ *p++ = (dw >> 24) & 0xff;
+ *out = p;
+}
+
+static void write_lebn(unsigned char **out, const BIGNUM *bn, int len)
+{
+ int nb, i;
+ unsigned char *p = *out, *q, c;
+ nb = BN_num_bytes(bn);
+ BN_bn2bin(bn, p);
+ q = p + nb - 1;
+ /* In place byte order reversal */
+ for (i = 0; i < nb / 2; i++) {
+ c = *p;
+ *p++ = *q;
+ *q-- = c;
+ }
+ *out += nb;
+ /* Pad with zeroes if we have to */
+ if (len > 0) {
+ len -= nb;
+ if (len > 0) {
+ memset(*out, 0, len);
+ *out += len;
+ }
+ }
+}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
+
+static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
+{
+ unsigned char *p;
+ unsigned int bitlen, magic = 0, keyalg;
+ int outlen, noinc = 0;
+ if (pk->type == EVP_PKEY_DSA) {
+ bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
+ keyalg = MS_KEYALG_DSS_SIGN;
+ } else if (pk->type == EVP_PKEY_RSA) {
+ bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
+ keyalg = MS_KEYALG_RSA_KEYX;
+ } else
+ return -1;
+ if (bitlen == 0)
+ return -1;
+ outlen = 16 + blob_length(bitlen,
+ keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
+ if (out == NULL)
+ return outlen;
+ if (*out)
+ p = *out;
+ else {
+ p = OPENSSL_malloc(outlen);
+ if (!p)
+ return -1;
+ *out = p;
+ noinc = 1;
+ }
+ if (ispub)
+ *p++ = MS_PUBLICKEYBLOB;
+ else
+ *p++ = MS_PRIVATEKEYBLOB;
+ *p++ = 0x2;
+ *p++ = 0;
+ *p++ = 0;
+ write_ledword(&p, keyalg);
+ write_ledword(&p, magic);
+ write_ledword(&p, bitlen);
+ if (keyalg == MS_KEYALG_DSS_SIGN)
+ write_dsa(&p, pk->pkey.dsa, ispub);
+ else
+ write_rsa(&p, pk->pkey.rsa, ispub);
+ if (!noinc)
+ *out += outlen;
+ return outlen;
+}
+
+static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
+{
+ unsigned char *tmp = NULL;
+ int outlen, wrlen;
+ outlen = do_i2b(&tmp, pk, ispub);
+ if (outlen < 0)
+ return -1;
+ wrlen = BIO_write(out, tmp, outlen);
+ OPENSSL_free(tmp);
+ if (wrlen == outlen)
+ return outlen;
+ return -1;
+}
+
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
+{
+ int bitlen;
+ bitlen = BN_num_bits(dsa->p);
+ if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160)
+ || (BN_num_bits(dsa->g) > bitlen))
+ goto badkey;
+ if (ispub) {
+ if (BN_num_bits(dsa->pub_key) > bitlen)
+ goto badkey;
+ *pmagic = MS_DSS1MAGIC;
+ } else {
+ if (BN_num_bits(dsa->priv_key) > 160)
+ goto badkey;
+ *pmagic = MS_DSS2MAGIC;
+ }
+
+ return bitlen;
+ badkey:
+ PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+ return 0;
+}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
+{
+ int nbyte, hnbyte, bitlen;
+ if (BN_num_bits(rsa->e) > 32)
+ goto badkey;
+ bitlen = BN_num_bits(rsa->n);
+ nbyte = BN_num_bytes(rsa->n);
+ hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+ if (ispub) {
+ *pmagic = MS_RSA1MAGIC;
+ return bitlen;
+ } else {
+ *pmagic = MS_RSA2MAGIC;
+ /*
+ * For private key each component must fit within nbyte or hnbyte.
+ */
+ if (BN_num_bytes(rsa->d) > nbyte)
+ goto badkey;
+ if ((BN_num_bytes(rsa->iqmp) > hnbyte)
+ || (BN_num_bytes(rsa->p) > hnbyte)
+ || (BN_num_bytes(rsa->q) > hnbyte)
+ || (BN_num_bytes(rsa->dmp1) > hnbyte)
+ || (BN_num_bytes(rsa->dmq1) > hnbyte))
+ goto badkey;
+ }
+ return bitlen;
+ badkey:
+ PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+ return 0;
+}
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
+{
+ int nbyte, hnbyte;
+ nbyte = BN_num_bytes(rsa->n);
+ hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+ write_lebn(out, rsa->e, 4);
+ write_lebn(out, rsa->n, -1);
+ if (ispub)
+ return;
+ write_lebn(out, rsa->p, hnbyte);
+ write_lebn(out, rsa->q, hnbyte);
+ write_lebn(out, rsa->dmp1, hnbyte);
+ write_lebn(out, rsa->dmq1, hnbyte);
+ write_lebn(out, rsa->iqmp, hnbyte);
+ write_lebn(out, rsa->d, nbyte);
+}
+
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
+{
+ int nbyte;
+ nbyte = BN_num_bytes(dsa->p);
+ write_lebn(out, dsa->p, nbyte);
+ write_lebn(out, dsa->q, 20);
+ write_lebn(out, dsa->g, nbyte);
+ if (ispub)
+ write_lebn(out, dsa->pub_key, nbyte);
+ else
+ write_lebn(out, dsa->priv_key, 20);
+ /* Set "invalid" for seed structure values */
+ memset(*out, 0xff, 24);
+ *out += 24;
+ return;
+}
+
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
+{
+ return do_i2b_bio(out, pk, 0);
+}
+
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
+{
+ return do_i2b_bio(out, pk, 1);
+}
+
+# ifndef OPENSSL_NO_RC4
+
+static int do_PVK_header(const unsigned char **in, unsigned int length,
+ int skip_magic,
+ unsigned int *psaltlen, unsigned int *pkeylen)
+{
+ const unsigned char *p = *in;
+ unsigned int pvk_magic, is_encrypted;
+ if (skip_magic) {
+ if (length < 20) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+ return 0;
+ }
+ } else {
+ if (length < 24) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+ return 0;
+ }
+ pvk_magic = read_ledword(&p);
+ if (pvk_magic != MS_PVKMAGIC) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+ return 0;
+ }
+ }
+ /* Skip reserved */
+ p += 4;
+ /*
+ * keytype =
+ */ read_ledword(&p);
+ is_encrypted = read_ledword(&p);
+ *psaltlen = read_ledword(&p);
+ *pkeylen = read_ledword(&p);
+
+ if (*pkeylen > PVK_MAX_KEYLEN || *psaltlen > PVK_MAX_SALTLEN)
+ return 0;
+
+ if (is_encrypted && !*psaltlen) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
+ return 0;
+ }
+
+ *in = p;
+ return 1;
+}
+
+static int derive_pvk_key(unsigned char *key,
+ const unsigned char *salt, unsigned int saltlen,
+ const unsigned char *pass, int passlen)
+{
+ EVP_MD_CTX mctx;
+ int rv = 1;
+ EVP_MD_CTX_init(&mctx);
+ if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
+ || !EVP_DigestUpdate(&mctx, salt, saltlen)
+ || !EVP_DigestUpdate(&mctx, pass, passlen)
+ || !EVP_DigestFinal_ex(&mctx, key, NULL))
+ rv = 0;
+
+ EVP_MD_CTX_cleanup(&mctx);
+ return rv;
+}
+
+static EVP_PKEY *do_PVK_body(const unsigned char **in,
+ unsigned int saltlen, unsigned int keylen,
+ pem_password_cb *cb, void *u)
+{
+ EVP_PKEY *ret = NULL;
+ const unsigned char *p = *in;
+ unsigned int magic;
+ unsigned char *enctmp = NULL, *q;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
+ if (saltlen) {
+ char psbuf[PEM_BUFSIZE];
+ unsigned char keybuf[20];
+ int enctmplen, inlen;
+ if (cb)
+ inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
+ else
+ inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
+ if (inlen <= 0) {
+ PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
+ goto err;
+ }
+ enctmp = OPENSSL_malloc(keylen + 8);
+ if (!enctmp) {
+ PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!derive_pvk_key(keybuf, p, saltlen,
+ (unsigned char *)psbuf, inlen))
+ goto err;
+ p += saltlen;
+ /* Copy BLOBHEADER across, decrypt rest */
+ memcpy(enctmp, p, 8);
+ p += 8;
+ if (keylen < 8) {
+ PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+ goto err;
+ }
+ inlen = keylen - 8;
+ q = enctmp + 8;
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+ goto err;
+ magic = read_ledword((const unsigned char **)&q);
+ if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
+ q = enctmp + 8;
+ memset(keybuf + 5, 0, 11);
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto err;
+ OPENSSL_cleanse(keybuf, 20);
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+ goto err;
+ magic = read_ledword((const unsigned char **)&q);
+ if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
+ PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
+ goto err;
+ }
+ } else
+ OPENSSL_cleanse(keybuf, 20);
+ p = enctmp;
+ }
+
+ ret = b2i_PrivateKey(&p, keylen);
+ err:
+ EVP_CIPHER_CTX_cleanup(&cctx);
+ if (enctmp && saltlen)
+ OPENSSL_free(enctmp);
+ return ret;
+}
+
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
+{
+ unsigned char pvk_hdr[24], *buf = NULL;
+ const unsigned char *p;
+ int buflen;
+ EVP_PKEY *ret = NULL;
+ unsigned int saltlen, keylen;
+ if (BIO_read(in, pvk_hdr, 24) != 24) {
+ PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+ return NULL;
+ }
+ p = pvk_hdr;
+
+ if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
+ return 0;
+ buflen = (int)keylen + saltlen;
+ buf = OPENSSL_malloc(buflen);
+ if (!buf) {
+ PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ p = buf;
+ if (BIO_read(in, buf, buflen) != buflen) {
+ PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+ goto err;
+ }
+ ret = do_PVK_body(&p, saltlen, keylen, cb, u);
+
+ err:
+ if (buf) {
+ OPENSSL_cleanse(buf, buflen);
+ OPENSSL_free(buf);
+ }
+ return ret;
+}
+
+static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u)
+{
+ int outlen = 24, pklen;
+ unsigned char *p, *salt = NULL;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
+ if (enclevel)
+ outlen += PVK_SALTLEN;
+ pklen = do_i2b(NULL, pk, 0);
+ if (pklen < 0)
+ return -1;
+ outlen += pklen;
+ if (!out)
+ return outlen;
+ if (*out)
+ p = *out;
+ else {
+ p = OPENSSL_malloc(outlen);
+ if (!p) {
+ PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ *out = p;
+ }
+
+ write_ledword(&p, MS_PVKMAGIC);
+ write_ledword(&p, 0);
+ if (pk->type == EVP_PKEY_DSA)
+ write_ledword(&p, MS_KEYTYPE_SIGN);
+ else
+ write_ledword(&p, MS_KEYTYPE_KEYX);
+ write_ledword(&p, enclevel ? 1 : 0);
+ write_ledword(&p, enclevel ? PVK_SALTLEN : 0);
+ write_ledword(&p, pklen);
+ if (enclevel) {
+ if (RAND_bytes(p, PVK_SALTLEN) <= 0)
+ goto error;
+ salt = p;
+ p += PVK_SALTLEN;
+ }
+ do_i2b(&p, pk, 0);
+ if (enclevel == 0)
+ return outlen;
+ else {
+ char psbuf[PEM_BUFSIZE];
+ unsigned char keybuf[20];
+ int enctmplen, inlen;
+ if (cb)
+ inlen = cb(psbuf, PEM_BUFSIZE, 1, u);
+ else
+ inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
+ if (inlen <= 0) {
+ PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);
+ goto error;
+ }
+ if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
+ (unsigned char *)psbuf, inlen))
+ goto error;
+ if (enclevel == 1)
+ memset(keybuf + 5, 0, 11);
+ p = salt + PVK_SALTLEN + 8;
+ if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto error;
+ OPENSSL_cleanse(keybuf, 20);
+ if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
+ goto error;
+ if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
+ goto error;
+ }
+ EVP_CIPHER_CTX_cleanup(&cctx);
+ return outlen;
+
+ error:
+ EVP_CIPHER_CTX_cleanup(&cctx);
+ return -1;
+}
+
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u)
+{
+ unsigned char *tmp = NULL;
+ int outlen, wrlen;
+ outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
+ if (outlen < 0)
+ return -1;
+ wrlen = BIO_write(out, tmp, outlen);
+ OPENSSL_free(tmp);
+ if (wrlen == outlen) {
+ PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
+ return outlen;
+ }
+ return -1;
+}
+
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl
===================================================================
--- vendor-crypto/openssl/dist/crypto/perlasm/x86_64-xlate.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1080 +0,0 @@
-#!/usr/bin/env perl
-
-# Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
-#
-# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T
-# format is way easier to parse. Because it's simpler to "gear" from
-# Unix ABI to Windows one [see cross-reference "card" at the end of
-# file]. Because Linux targets were available first...
-#
-# In addition the script also "distills" code suitable for GNU
-# assembler, so that it can be compiled with more rigid assemblers,
-# such as Solaris /usr/ccs/bin/as.
-#
-# This translator is not designed to convert *arbitrary* assembler
-# code from AT&T format to MASM one. It's designed to convert just
-# enough to provide for dual-ABI OpenSSL modules development...
-# There *are* limitations and you might have to modify your assembler
-# code or this script to achieve the desired result...
-#
-# Currently recognized limitations:
-#
-# - can't use multiple ops per line;
-#
-# Dual-ABI styling rules.
-#
-# 1. Adhere to Unix register and stack layout [see cross-reference
-# ABI "card" at the end for explanation].
-# 2. Forget about "red zone," stick to more traditional blended
-# stack frame allocation. If volatile storage is actually required
-# that is. If not, just leave the stack as is.
-# 3. Functions tagged with ".type name, at function" get crafted with
-# unified Win64 prologue and epilogue automatically. If you want
-# to take care of ABI differences yourself, tag functions as
-# ".type name, at abi-omnipotent" instead.
-# 4. To optimize the Win64 prologue you can specify number of input
-# arguments as ".type name, at function,N." Keep in mind that if N is
-# larger than 6, then you *have to* write "abi-omnipotent" code,
-# because >6 cases can't be addressed with unified prologue.
-# 5. Name local labels as .L*, do *not* use dynamic labels such as 1:
-# (sorry about latter).
-# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is
-# required to identify the spots, where to inject Win64 epilogue!
-# But on the pros, it's then prefixed with rep automatically:-)
-# 7. Stick to explicit ip-relative addressing. If you have to use
-# GOTPCREL addressing, stick to mov symbol at GOTPCREL(%rip),%r??.
-# Both are recognized and translated to proper Win64 addressing
-# modes. To support legacy code a synthetic directive, .picmeup,
-# is implemented. It puts address of the *next* instruction into
-# target register, e.g.:
-#
-# .picmeup %rax
-# lea .Label-.(%rax),%rax
-#
-# 8. In order to provide for structured exception handling unified
-# Win64 prologue copies %rsp value to %rax. For further details
-# see SEH paragraph at the end.
-# 9. .init segment is allowed to contain calls to functions only.
-# a. If function accepts more than 4 arguments *and* >4th argument
-# is declared as non 64-bit value, do clear its upper part.
-
-my $flavour = shift;
-my $output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-open STDOUT,">$output" || die "can't open $output: $!"
- if (defined($output));
-
-my $gas=1; $gas=0 if ($output =~ /\.asm$/);
-my $elf=1; $elf=0 if (!$gas);
-my $win64=0;
-my $prefix="";
-my $decor=".L";
-
-my $masmref=8 + 50727*2**-32; # 8.00.50727 shipped with VS2005
-my $masm=0;
-my $PTR=" PTR";
-
-my $nasmref=2.03;
-my $nasm=0;
-
-if ($flavour eq "mingw64") { $gas=1; $elf=0; $win64=1;
- $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`;
- chomp($prefix);
- }
-elsif ($flavour eq "macosx") { $gas=1; $elf=0; $prefix="_"; $decor="L\$"; }
-elsif ($flavour eq "masm") { $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; }
-elsif ($flavour eq "nasm") { $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; }
-elsif (!$gas)
-{ if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i)
- { $nasm = $1 + $2*0.01; $PTR=""; }
- elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
- { $masm = $1 + $2*2**-16 + $4*2**-32; }
- die "no assembler found on %PATH" if (!($nasm || $masm));
- $win64=1;
- $elf=0;
- $decor="\$L\$";
-}
-
-my $current_segment;
-my $current_function;
-my %globals;
-
-{ package opcode; # pick up opcodes
- sub re {
- my $self = shift; # single instance in enough...
- local *line = shift;
- undef $ret;
-
- if ($line =~ /^([a-z][a-z0-9]*)/i) {
- $self->{op} = $1;
- $ret = $self;
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
-
- undef $self->{sz};
- if ($self->{op} =~ /^(movz)x?([bw]).*/) { # movz is pain...
- $self->{op} = $1;
- $self->{sz} = $2;
- } elsif ($self->{op} =~ /call|jmp/) {
- $self->{sz} = "";
- } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
- $self->{sz} = "";
- } elsif ($self->{op} =~ /^v/) { # VEX
- $self->{sz} = "";
- } elsif ($self->{op} =~ /movq/ && $line =~ /%xmm/) {
- $self->{sz} = "";
- } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
- $self->{op} = $1;
- $self->{sz} = $2;
- }
- }
- $ret;
- }
- sub size {
- my $self = shift;
- my $sz = shift;
- $self->{sz} = $sz if (defined($sz) && !defined($self->{sz}));
- $self->{sz};
- }
- sub out {
- my $self = shift;
- if ($gas) {
- if ($self->{op} eq "movz") { # movz is pain...
- sprintf "%s%s%s",$self->{op},$self->{sz},shift;
- } elsif ($self->{op} =~ /^set/) {
- "$self->{op}";
- } elsif ($self->{op} eq "ret") {
- my $epilogue = "";
- if ($win64 && $current_function->{abi} eq "svr4") {
- $epilogue = "movq 8(%rsp),%rdi\n\t" .
- "movq 16(%rsp),%rsi\n\t";
- }
- $epilogue . ".byte 0xf3,0xc3";
- } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") {
- ".p2align\t3\n\t.quad";
- } else {
- "$self->{op}$self->{sz}";
- }
- } else {
- $self->{op} =~ s/^movz/movzx/;
- if ($self->{op} eq "ret") {
- $self->{op} = "";
- if ($win64 && $current_function->{abi} eq "svr4") {
- $self->{op} = "mov rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t".
- "mov rsi,QWORD${PTR}[16+rsp]\n\t";
- }
- $self->{op} .= "DB\t0F3h,0C3h\t\t;repret";
- } elsif ($self->{op} =~ /^(pop|push)f/) {
- $self->{op} .= $self->{sz};
- } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
- $self->{op} = "\tDQ";
- }
- $self->{op};
- }
- }
- sub mnemonic {
- my $self=shift;
- my $op=shift;
- $self->{op}=$op if (defined($op));
- $self->{op};
- }
-}
-{ package const; # pick up constants, which start with $
- sub re {
- my $self = shift; # single instance in enough...
- local *line = shift;
- undef $ret;
-
- if ($line =~ /^\$([^,]+)/) {
- $self->{value} = $1;
- $ret = $self;
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
- }
- $ret;
- }
- sub out {
- my $self = shift;
-
- if ($gas) {
- # Solaris /usr/ccs/bin/as can't handle multiplications
- # in $self->{value}
- $self->{value} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
- $self->{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
- sprintf "\$%s",$self->{value};
- } else {
- $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
- $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
- sprintf "%s",$self->{value};
- }
- }
-}
-{ package ea; # pick up effective addresses: expr(%reg,%reg,scale)
- sub re {
- my $self = shift; # single instance in enough...
- local *line = shift;
- undef $ret;
-
- # optional * ---vvv--- appears in indirect jmp/call
- if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) {
- $self->{asterisk} = $1;
- $self->{label} = $2;
- ($self->{base},$self->{index},$self->{scale})=split(/,/,$3);
- $self->{scale} = 1 if (!defined($self->{scale}));
- $ret = $self;
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
-
- if ($win64 && $self->{label} =~ s/\@GOTPCREL//) {
- die if (opcode->mnemonic() ne "mov");
- opcode->mnemonic("lea");
- }
- $self->{base} =~ s/^%//;
- $self->{index} =~ s/^%// if (defined($self->{index}));
- }
- $ret;
- }
- sub size {}
- sub out {
- my $self = shift;
- my $sz = shift;
-
- $self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
- $self->{label} =~ s/\.L/$decor/g;
-
- # Silently convert all EAs to 64-bit. This is required for
- # elder GNU assembler and results in more compact code,
- # *but* most importantly AES module depends on this feature!
- $self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
- $self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
-
- # Solaris /usr/ccs/bin/as can't handle multiplications
- # in $self->{label}, new gas requires sign extension...
- use integer;
- $self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
- $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
- $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
-
- if ($gas) {
- $self->{label} =~ s/^___imp_/__imp__/ if ($flavour eq "mingw64");
-
- if (defined($self->{index})) {
- sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk},
- $self->{label},
- $self->{base}?"%$self->{base}":"",
- $self->{index},$self->{scale};
- } else {
- sprintf "%s%s(%%%s)", $self->{asterisk},$self->{label},$self->{base};
- }
- } else {
- %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR",
- q=>"QWORD$PTR",o=>"OWORD$PTR",x=>"XMMWORD$PTR" );
-
- $self->{label} =~ s/\./\$/g;
- $self->{label} =~ s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/ig;
- $self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
- $sz="q" if ($self->{asterisk} || opcode->mnemonic() eq "movq");
- $sz="l" if (opcode->mnemonic() eq "movd");
-
- if (defined($self->{index})) {
- sprintf "%s[%s%s*%d%s]",$szmap{$sz},
- $self->{label}?"$self->{label}+":"",
- $self->{index},$self->{scale},
- $self->{base}?"+$self->{base}":"";
- } elsif ($self->{base} eq "rip") {
- sprintf "%s[%s]",$szmap{$sz},$self->{label};
- } else {
- sprintf "%s[%s%s]",$szmap{$sz},
- $self->{label}?"$self->{label}+":"",
- $self->{base};
- }
- }
- }
-}
-{ package register; # pick up registers, which start with %.
- sub re {
- my $class = shift; # muliple instances...
- my $self = {};
- local *line = shift;
- undef $ret;
-
- # optional * ---vvv--- appears in indirect jmp/call
- if ($line =~ /^(\*?)%(\w+)/) {
- bless $self,$class;
- $self->{asterisk} = $1;
- $self->{value} = $2;
- $ret = $self;
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
- }
- $ret;
- }
- sub size {
- my $self = shift;
- undef $ret;
-
- if ($self->{value} =~ /^r[\d]+b$/i) { $ret="b"; }
- elsif ($self->{value} =~ /^r[\d]+w$/i) { $ret="w"; }
- elsif ($self->{value} =~ /^r[\d]+d$/i) { $ret="l"; }
- elsif ($self->{value} =~ /^r[\w]+$/i) { $ret="q"; }
- elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; }
- elsif ($self->{value} =~ /^[\w]{2}l$/i) { $ret="b"; }
- elsif ($self->{value} =~ /^[\w]{2}$/i) { $ret="w"; }
- elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; }
-
- $ret;
- }
- sub out {
- my $self = shift;
- if ($gas) { sprintf "%s%%%s",$self->{asterisk},$self->{value}; }
- else { $self->{value}; }
- }
-}
-{ package label; # pick up labels, which end with :
- sub re {
- my $self = shift; # single instance is enough...
- local *line = shift;
- undef $ret;
-
- if ($line =~ /(^[\.\w]+)\:/) {
- $self->{value} = $1;
- $ret = $self;
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
-
- $self->{value} =~ s/^\.L/$decor/;
- }
- $ret;
- }
- sub out {
- my $self = shift;
-
- if ($gas) {
- my $func = ($globals{$self->{value}} or $self->{value}) . ":";
- if ($win64 &&
- $current_function->{name} eq $self->{value} &&
- $current_function->{abi} eq "svr4") {
- $func .= "\n";
- $func .= " movq %rdi,8(%rsp)\n";
- $func .= " movq %rsi,16(%rsp)\n";
- $func .= " movq %rsp,%rax\n";
- $func .= "${decor}SEH_begin_$current_function->{name}:\n";
- my $narg = $current_function->{narg};
- $narg=6 if (!defined($narg));
- $func .= " movq %rcx,%rdi\n" if ($narg>0);
- $func .= " movq %rdx,%rsi\n" if ($narg>1);
- $func .= " movq %r8,%rdx\n" if ($narg>2);
- $func .= " movq %r9,%rcx\n" if ($narg>3);
- $func .= " movq 40(%rsp),%r8\n" if ($narg>4);
- $func .= " movq 48(%rsp),%r9\n" if ($narg>5);
- }
- $func;
- } elsif ($self->{value} ne "$current_function->{name}") {
- $self->{value} .= ":" if ($masm && $ret!~m/^\$/);
- $self->{value} . ":";
- } elsif ($win64 && $current_function->{abi} eq "svr4") {
- my $func = "$current_function->{name}" .
- ($nasm ? ":" : "\tPROC $current_function->{scope}") .
- "\n";
- $func .= " mov QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n";
- $func .= " mov QWORD${PTR}[16+rsp],rsi\n";
- $func .= " mov rax,rsp\n";
- $func .= "${decor}SEH_begin_$current_function->{name}:";
- $func .= ":" if ($masm);
- $func .= "\n";
- my $narg = $current_function->{narg};
- $narg=6 if (!defined($narg));
- $func .= " mov rdi,rcx\n" if ($narg>0);
- $func .= " mov rsi,rdx\n" if ($narg>1);
- $func .= " mov rdx,r8\n" if ($narg>2);
- $func .= " mov rcx,r9\n" if ($narg>3);
- $func .= " mov r8,QWORD${PTR}[40+rsp]\n" if ($narg>4);
- $func .= " mov r9,QWORD${PTR}[48+rsp]\n" if ($narg>5);
- $func .= "\n";
- } else {
- "$current_function->{name}".
- ($nasm ? ":" : "\tPROC $current_function->{scope}");
- }
- }
-}
-{ package expr; # pick up expressioins
- sub re {
- my $self = shift; # single instance is enough...
- local *line = shift;
- undef $ret;
-
- if ($line =~ /(^[^,]+)/) {
- $self->{value} = $1;
- $ret = $self;
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
-
- $self->{value} =~ s/\@PLT// if (!$elf);
- $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
- $self->{value} =~ s/\.L/$decor/g;
- }
- $ret;
- }
- sub out {
- my $self = shift;
- if ($nasm && opcode->mnemonic()=~m/^j/) {
- "NEAR ".$self->{value};
- } else {
- $self->{value};
- }
- }
-}
-{ package directive; # pick up directives, which start with .
- sub re {
- my $self = shift; # single instance is enough...
- local *line = shift;
- undef $ret;
- my $dir;
- my %opcode = # lea 2f-1f(%rip),%dst; 1: nop; 2:
- ( "%rax"=>0x01058d48, "%rcx"=>0x010d8d48,
- "%rdx"=>0x01158d48, "%rbx"=>0x011d8d48,
- "%rsp"=>0x01258d48, "%rbp"=>0x012d8d48,
- "%rsi"=>0x01358d48, "%rdi"=>0x013d8d48,
- "%r8" =>0x01058d4c, "%r9" =>0x010d8d4c,
- "%r10"=>0x01158d4c, "%r11"=>0x011d8d4c,
- "%r12"=>0x01258d4c, "%r13"=>0x012d8d4c,
- "%r14"=>0x01358d4c, "%r15"=>0x013d8d4c );
-
- if ($line =~ /^\s*(\.\w+)/) {
- $dir = $1;
- $ret = $self;
- undef $self->{value};
- $line = substr($line, at +[0]); $line =~ s/^\s+//;
-
- SWITCH: for ($dir) {
- /\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) {
- $dir="\t.long";
- $line=sprintf "0x%x,0x90000000",$opcode{$1};
- }
- last;
- };
- /\.global|\.globl|\.extern/
- && do { $globals{$line} = $prefix . $line;
- $line = $globals{$line} if ($prefix);
- last;
- };
- /\.type/ && do { ($sym,$type,$narg) = split(',',$line);
- if ($type eq "\@function") {
- undef $current_function;
- $current_function->{name} = $sym;
- $current_function->{abi} = "svr4";
- $current_function->{narg} = $narg;
- $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
- } elsif ($type eq "\@abi-omnipotent") {
- undef $current_function;
- $current_function->{name} = $sym;
- $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
- }
- $line =~ s/\@abi\-omnipotent/\@function/;
- $line =~ s/\@function.*/\@function/;
- last;
- };
- /\.asciz/ && do { if ($line =~ /^"(.*)"$/) {
- $dir = ".byte";
- $line = join(",",unpack("C*",$1),0);
- }
- last;
- };
- /\.rva|\.long|\.quad/
- && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
- $line =~ s/\.L/$decor/g;
- last;
- };
- }
-
- if ($gas) {
- $self->{value} = $dir . "\t" . $line;
-
- if ($dir =~ /\.extern/) {
- $self->{value} = ""; # swallow extern
- } elsif (!$elf && $dir =~ /\.type/) {
- $self->{value} = "";
- $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" .
- (defined($globals{$1})?".scl 2;":".scl 3;") .
- "\t.type 32;\t.endef"
- if ($win64 && $line =~ /([^,]+),\@function/);
- } elsif (!$elf && $dir =~ /\.size/) {
- $self->{value} = "";
- if (defined($current_function)) {
- $self->{value} .= "${decor}SEH_end_$current_function->{name}:"
- if ($win64 && $current_function->{abi} eq "svr4");
- undef $current_function;
- }
- } elsif (!$elf && $dir =~ /\.align/) {
- $self->{value} = ".p2align\t" . (log($line)/log(2));
- } elsif ($dir eq ".section") {
- $current_segment=$line;
- if (!$elf && $current_segment eq ".init") {
- if ($flavour eq "macosx") { $self->{value} = ".mod_init_func"; }
- elsif ($flavour eq "mingw64") { $self->{value} = ".section\t.ctors"; }
- }
- } elsif ($dir =~ /\.(text|data)/) {
- $current_segment=".$1";
- } elsif ($dir =~ /\.hidden/) {
- if ($flavour eq "macosx") { $self->{value} = ".private_extern\t$prefix$line"; }
- elsif ($flavour eq "mingw64") { $self->{value} = ""; }
- } elsif ($dir =~ /\.comm/) {
- $self->{value} = "$dir\t$prefix$line";
- $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx");
- }
- $line = "";
- return $self;
- }
-
- # non-gas case or nasm/masm
- SWITCH: for ($dir) {
- /\.text/ && do { my $v=undef;
- if ($nasm) {
- $v="section .text code align=64\n";
- } else {
- $v="$current_segment\tENDS\n" if ($current_segment);
- $current_segment = ".text\$";
- $v.="$current_segment\tSEGMENT ";
- $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE";
- $v.=" 'CODE'";
- }
- $self->{value} = $v;
- last;
- };
- /\.data/ && do { my $v=undef;
- if ($nasm) {
- $v="section .data data align=8\n";
- } else {
- $v="$current_segment\tENDS\n" if ($current_segment);
- $current_segment = "_DATA";
- $v.="$current_segment\tSEGMENT";
- }
- $self->{value} = $v;
- last;
- };
- /\.section/ && do { my $v=undef;
- $line =~ s/([^,]*).*/$1/;
- $line = ".CRT\$XCU" if ($line eq ".init");
- if ($nasm) {
- $v="section $line";
- if ($line=~/\.([px])data/) {
- $v.=" rdata align=";
- $v.=$1 eq "p"? 4 : 8;
- } elsif ($line=~/\.CRT\$/i) {
- $v.=" rdata align=8";
- }
- } else {
- $v="$current_segment\tENDS\n" if ($current_segment);
- $v.="$line\tSEGMENT";
- if ($line=~/\.([px])data/) {
- $v.=" READONLY";
- $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
- } elsif ($line=~/\.CRT\$/i) {
- $v.=" READONLY ";
- $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD";
- }
- }
- $current_segment = $line;
- $self->{value} = $v;
- last;
- };
- /\.extern/ && do { $self->{value} = "EXTERN\t".$line;
- $self->{value} .= ":NEAR" if ($masm);
- last;
- };
- /\.globl|.global/
- && do { $self->{value} = $masm?"PUBLIC":"global";
- $self->{value} .= "\t".$line;
- last;
- };
- /\.size/ && do { if (defined($current_function)) {
- undef $self->{value};
- if ($current_function->{abi} eq "svr4") {
- $self->{value}="${decor}SEH_end_$current_function->{name}:";
- $self->{value}.=":\n" if($masm);
- }
- $self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name});
- undef $current_function;
- }
- last;
- };
- /\.align/ && do { $self->{value} = "ALIGN\t".$line; last; };
- /\.(value|long|rva|quad)/
- && do { my $sz = substr($1,0,1);
- my @arr = split(/,\s*/,$line);
- my $last = pop(@arr);
- my $conv = sub { my $var=shift;
- $var=~s/^(0b[0-1]+)/oct($1)/eig;
- $var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm);
- if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva"))
- { $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; }
- $var;
- };
-
- $sz =~ tr/bvlrq/BWDDQ/;
- $self->{value} = "\tD$sz\t";
- for (@arr) { $self->{value} .= &$conv($_).","; }
- $self->{value} .= &$conv($last);
- last;
- };
- /\.byte/ && do { my @str=split(/,\s*/,$line);
- map(s/(0b[0-1]+)/oct($1)/eig, at str);
- map(s/0x([0-9a-f]+)/0$1h/ig, at str) if ($masm);
- while ($#str>15) {
- $self->{value}.="DB\t"
- .join(",", at str[0..15])."\n";
- foreach (0..15) { shift @str; }
- }
- $self->{value}.="DB\t"
- .join(",", at str) if (@str);
- last;
- };
- /\.comm/ && do { my @str=split(/,\s*/,$line);
- my $v=undef;
- if ($nasm) {
- $v.="common $prefix at str[0] @str[1]";
- } else {
- $v="$current_segment\tENDS\n" if ($current_segment);
- $current_segment = "_DATA";
- $v.="$current_segment\tSEGMENT\n";
- $v.="COMM @str[0]:DWORD:". at str[1]/4;
- }
- $self->{value} = $v;
- last;
- };
- }
- $line = "";
- }
-
- $ret;
- }
- sub out {
- my $self = shift;
- $self->{value};
- }
-}
-
-sub rex {
- local *opcode=shift;
- my ($dst,$src,$rex)=@_;
-
- $rex|=0x04 if($dst>=8);
- $rex|=0x01 if($src>=8);
- push @opcode,($rex|0x40) if ($rex);
-}
-
-# older gas and ml64 don't handle SSE>2 instructions
-my %regrm = ( "%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
- "%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7 );
-
-my $movq = sub { # elderly gas can't handle inter-register movq
- my $arg = shift;
- my @opcode=(0x66);
- if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
- my ($src,$dst)=($1,$2);
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,$src,$dst,0x8);
- push @opcode,0x0f,0x7e;
- push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
- @opcode;
- } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
- my ($src,$dst)=($2,$1);
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,$src,$dst,0x8);
- push @opcode,0x0f,0x6e;
- push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
- @opcode;
- } else {
- ();
- }
-};
-
-my $pextrd = sub {
- if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
- my @opcode=(0x66);
- $imm=$1;
- $src=$2;
- $dst=$3;
- if ($dst =~ /%r([0-9]+)d/) { $dst = $1; }
- elsif ($dst =~ /%e/) { $dst = $regrm{$dst}; }
- rex(\@opcode,$src,$dst);
- push @opcode,0x0f,0x3a,0x16;
- push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
- push @opcode,$imm;
- @opcode;
- } else {
- ();
- }
-};
-
-my $pinsrd = sub {
- if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- $imm=$1;
- $src=$2;
- $dst=$3;
- if ($src =~ /%r([0-9]+)/) { $src = $1; }
- elsif ($src =~ /%e/) { $src = $regrm{$src}; }
- rex(\@opcode,$dst,$src);
- push @opcode,0x0f,0x3a,0x22;
- push @opcode,0xc0|(($dst&7)<<3)|($src&7); # ModR/M
- push @opcode,$imm;
- @opcode;
- } else {
- ();
- }
-};
-
-my $pshufb = sub {
- if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- rex(\@opcode,$2,$1);
- push @opcode,0x0f,0x38,0x00;
- push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
- @opcode;
- } else {
- ();
- }
-};
-
-my $palignr = sub {
- if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- rex(\@opcode,$3,$2);
- push @opcode,0x0f,0x3a,0x0f;
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- push @opcode,$1;
- @opcode;
- } else {
- ();
- }
-};
-
-my $pclmulqdq = sub {
- if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- rex(\@opcode,$3,$2);
- push @opcode,0x0f,0x3a,0x44;
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- my $c=$1;
- push @opcode,$c=~/^0/?oct($c):$c;
- @opcode;
- } else {
- ();
- }
-};
-
-my $rdrand = sub {
- if (shift =~ /%[er](\w+)/) {
- my @opcode=();
- my $dst=$1;
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,0,$1,8);
- push @opcode,0x0f,0xc7,0xf0|($dst&7);
- @opcode;
- } else {
- ();
- }
-};
-
-if ($nasm) {
- print <<___;
-default rel
-%define XMMWORD
-___
-} elsif ($masm) {
- print <<___;
-OPTION DOTNAME
-___
-}
-while($line=<>) {
-
- chomp($line);
-
- $line =~ s|[#!].*$||; # get rid of asm-style comments...
- $line =~ s|/\*.*\*/||; # ... and C-style comments...
- $line =~ s|^\s+||; # ... and skip white spaces in beginning
-
- undef $label;
- undef $opcode;
- undef @args;
-
- if ($label=label->re(\$line)) { print $label->out(); }
-
- if (directive->re(\$line)) {
- printf "%s",directive->out();
- } elsif ($opcode=opcode->re(\$line)) {
- my $asm = eval("\$".$opcode->mnemonic());
- undef @bytes;
-
- if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) {
- print $gas?".byte\t":"DB\t",join(',', at bytes),"\n";
- next;
- }
-
- ARGUMENT: while (1) {
- my $arg;
-
- if ($arg=register->re(\$line)) { opcode->size($arg->size()); }
- elsif ($arg=const->re(\$line)) { }
- elsif ($arg=ea->re(\$line)) { }
- elsif ($arg=expr->re(\$line)) { }
- else { last ARGUMENT; }
-
- push @args,$arg;
-
- last ARGUMENT if ($line !~ /^,/);
-
- $line =~ s/^,\s*//;
- } # ARGUMENT:
-
- if ($#args>=0) {
- my $insn;
- my $sz=opcode->size();
-
- if ($gas) {
- $insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
- @args = map($_->out($sz), at args);
- printf "\t%s\t%s",$insn,join(",", at args);
- } else {
- $insn = $opcode->out();
- foreach (@args) {
- my $arg = $_->out();
- # $insn.=$sz compensates for movq, pinsrw, ...
- if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; }
- if ($arg =~ /^mm[0-9]+$/) { $insn.=$sz; $sz="q" if(!$sz); last; }
- }
- @args = reverse(@args);
- undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
- printf "\t%s\t%s",$insn,join(",",map($_->out($sz), at args));
- }
- } else {
- printf "\t%s",$opcode->out();
- }
- }
-
- print $line,"\n";
-}
-
-print "\n$current_segment\tENDS\n" if ($current_segment && $masm);
-print "END\n" if ($masm);
-
-close STDOUT;
-
-
#################################################
-# Cross-reference x86_64 ABI "card"
-#
-# Unix Win64
-# %rax * *
-# %rbx - -
-# %rcx #4 #1
-# %rdx #3 #2
-# %rsi #2 -
-# %rdi #1 -
-# %rbp - -
-# %rsp - -
-# %r8 #5 #3
-# %r9 #6 #4
-# %r10 * *
-# %r11 * *
-# %r12 - -
-# %r13 - -
-# %r14 - -
-# %r15 - -
-#
-# (*) volatile register
-# (-) preserved by callee
-# (#) Nth argument, volatile
-#
-# In Unix terms top of stack is argument transfer area for arguments
-# which could not be accomodated in registers. Or in other words 7th
-# [integer] argument resides at 8(%rsp) upon function entry point.
-# 128 bytes above %rsp constitute a "red zone" which is not touched
-# by signal handlers and can be used as temporal storage without
-# allocating a frame.
-#
-# In Win64 terms N*8 bytes on top of stack is argument transfer area,
-# which belongs to/can be overwritten by callee. N is the number of
-# arguments passed to callee, *but* not less than 4! This means that
-# upon function entry point 5th argument resides at 40(%rsp), as well
-# as that 32 bytes from 8(%rsp) can always be used as temporal
-# storage [without allocating a frame]. One can actually argue that
-# one can assume a "red zone" above stack pointer under Win64 as well.
-# Point is that at apparently no occasion Windows kernel would alter
-# the area above user stack pointer in true asynchronous manner...
-#
-# All the above means that if assembler programmer adheres to Unix
-# register and stack layout, but disregards the "red zone" existense,
-# it's possible to use following prologue and epilogue to "gear" from
-# Unix to Win64 ABI in leaf functions with not more than 6 arguments.
-#
-# omnipotent_function:
-# ifdef WIN64
-# movq %rdi,8(%rsp)
-# movq %rsi,16(%rsp)
-# movq %rcx,%rdi ; if 1st argument is actually present
-# movq %rdx,%rsi ; if 2nd argument is actually ...
-# movq %r8,%rdx ; if 3rd argument is ...
-# movq %r9,%rcx ; if 4th argument ...
-# movq 40(%rsp),%r8 ; if 5th ...
-# movq 48(%rsp),%r9 ; if 6th ...
-# endif
-# ...
-# ifdef WIN64
-# movq 8(%rsp),%rdi
-# movq 16(%rsp),%rsi
-# endif
-# ret
-#
-
#################################################
-# Win64 SEH, Structured Exception Handling.
-#
-# Unlike on Unix systems(*) lack of Win64 stack unwinding information
-# has undesired side-effect at run-time: if an exception is raised in
-# assembler subroutine such as those in question (basically we're
-# referring to segmentation violations caused by malformed input
-# parameters), the application is briskly terminated without invoking
-# any exception handlers, most notably without generating memory dump
-# or any user notification whatsoever. This poses a problem. It's
-# possible to address it by registering custom language-specific
-# handler that would restore processor context to the state at
-# subroutine entry point and return "exception is not handled, keep
-# unwinding" code. Writing such handler can be a challenge... But it's
-# doable, though requires certain coding convention. Consider following
-# snippet:
-#
-# .type function, at function
-# function:
-# movq %rsp,%rax # copy rsp to volatile register
-# pushq %r15 # save non-volatile registers
-# pushq %rbx
-# pushq %rbp
-# movq %rsp,%r11
-# subq %rdi,%r11 # prepare [variable] stack frame
-# andq $-64,%r11
-# movq %rax,0(%r11) # check for exceptions
-# movq %r11,%rsp # allocate [variable] stack frame
-# movq %rax,0(%rsp) # save original rsp value
-# magic_point:
-# ...
-# movq 0(%rsp),%rcx # pull original rsp value
-# movq -24(%rcx),%rbp # restore non-volatile registers
-# movq -16(%rcx),%rbx
-# movq -8(%rcx),%r15
-# movq %rcx,%rsp # restore original rsp
-# ret
-# .size function,.-function
-#
-# The key is that up to magic_point copy of original rsp value remains
-# in chosen volatile register and no non-volatile register, except for
-# rsp, is modified. While past magic_point rsp remains constant till
-# the very end of the function. In this case custom language-specific
-# exception handler would look like this:
-#
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-# CONTEXT *context,DISPATCHER_CONTEXT *disp)
-# { ULONG64 *rsp = (ULONG64 *)context->Rax;
-# if (context->Rip >= magic_point)
-# { rsp = ((ULONG64 **)context->Rsp)[0];
-# context->Rbp = rsp[-3];
-# context->Rbx = rsp[-2];
-# context->R15 = rsp[-1];
-# }
-# context->Rsp = (ULONG64)rsp;
-# context->Rdi = rsp[1];
-# context->Rsi = rsp[2];
-#
-# memcpy (disp->ContextRecord,context,sizeof(CONTEXT));
-# RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase,
-# dips->ControlPc,disp->FunctionEntry,disp->ContextRecord,
-# &disp->HandlerData,&disp->EstablisherFrame,NULL);
-# return ExceptionContinueSearch;
-# }
-#
-# It's appropriate to implement this handler in assembler, directly in
-# function's module. In order to do that one has to know members'
-# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant
-# values. Here they are:
-#
-# CONTEXT.Rax 120
-# CONTEXT.Rcx 128
-# CONTEXT.Rdx 136
-# CONTEXT.Rbx 144
-# CONTEXT.Rsp 152
-# CONTEXT.Rbp 160
-# CONTEXT.Rsi 168
-# CONTEXT.Rdi 176
-# CONTEXT.R8 184
-# CONTEXT.R9 192
-# CONTEXT.R10 200
-# CONTEXT.R11 208
-# CONTEXT.R12 216
-# CONTEXT.R13 224
-# CONTEXT.R14 232
-# CONTEXT.R15 240
-# CONTEXT.Rip 248
-# CONTEXT.Xmm6 512
-# sizeof(CONTEXT) 1232
-# DISPATCHER_CONTEXT.ControlPc 0
-# DISPATCHER_CONTEXT.ImageBase 8
-# DISPATCHER_CONTEXT.FunctionEntry 16
-# DISPATCHER_CONTEXT.EstablisherFrame 24
-# DISPATCHER_CONTEXT.TargetIp 32
-# DISPATCHER_CONTEXT.ContextRecord 40
-# DISPATCHER_CONTEXT.LanguageHandler 48
-# DISPATCHER_CONTEXT.HandlerData 56
-# UNW_FLAG_NHANDLER 0
-# ExceptionContinueSearch 1
-#
-# In order to tie the handler to the function one has to compose
-# couple of structures: one for .xdata segment and one for .pdata.
-#
-# UNWIND_INFO structure for .xdata segment would be
-#
-# function_unwind_info:
-# .byte 9,0,0,0
-# .rva handler
-#
-# This structure designates exception handler for a function with
-# zero-length prologue, no stack frame or frame register.
-#
-# To facilitate composing of .pdata structures, auto-generated "gear"
-# prologue copies rsp value to rax and denotes next instruction with
-# .LSEH_begin_{function_name} label. This essentially defines the SEH
-# styling rule mentioned in the beginning. Position of this label is
-# chosen in such manner that possible exceptions raised in the "gear"
-# prologue would be accounted to caller and unwound from latter's frame.
-# End of function is marked with respective .LSEH_end_{function_name}
-# label. To summarize, .pdata segment would contain
-#
-# .rva .LSEH_begin_function
-# .rva .LSEH_end_function
-# .rva function_unwind_info
-#
-# Reference to functon_unwind_info from .xdata segment is the anchor.
-# In case you wonder why references are 32-bit .rvas and not 64-bit
-# .quads. References put into these two segments are required to be
-# *relative* to the base address of the current binary module, a.k.a.
-# image base. No Win64 module, be it .exe or .dll, can be larger than
-# 2GB and thus such relative references can be and are accommodated in
-# 32 bits.
-#
-# Having reviewed the example function code, one can argue that "movq
-# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix
-# rax would contain an undefined value. If this "offends" you, use
-# another register and refrain from modifying rax till magic_point is
-# reached, i.e. as if it was a non-volatile register. If more registers
-# are required prior [variable] frame setup is completed, note that
-# nobody says that you can have only one "magic point." You can
-# "liberate" non-volatile registers by denoting last stack off-load
-# instruction and reflecting it in finer grade unwind logic in handler.
-# After all, isn't it why it's called *language-specific* handler...
-#
-# Attentive reader can notice that exceptions would be mishandled in
-# auto-generated "gear" epilogue. Well, exception effectively can't
-# occur there, because if memory area used by it was subject to
-# segmentation violation, then it would be raised upon call to the
-# function (and as already mentioned be accounted to caller, which is
-# not a problem). If you're still not comfortable, then define tail
-# "magic point" just prior ret instruction and have handler treat it...
-#
-# (*) Note that we're talking about run-time, not debug-time. Lack of
-# unwind information makes debugging hard on both Windows and
-# Unix. "Unlike" referes to the fact that on Unix signal handler
-# will always be invoked, core dumped and appropriate exit code
-# returned to parent (for user notification).
Copied: vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl (from rev 11605, vendor-crypto/openssl/dist/crypto/perlasm/x86_64-xlate.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/perlasm/x86_64-xlate.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1080 @@
+#!/usr/bin/env perl
+
+# Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
+#
+# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T
+# format is way easier to parse. Because it's simpler to "gear" from
+# Unix ABI to Windows one [see cross-reference "card" at the end of
+# file]. Because Linux targets were available first...
+#
+# In addition the script also "distills" code suitable for GNU
+# assembler, so that it can be compiled with more rigid assemblers,
+# such as Solaris /usr/ccs/bin/as.
+#
+# This translator is not designed to convert *arbitrary* assembler
+# code from AT&T format to MASM one. It's designed to convert just
+# enough to provide for dual-ABI OpenSSL modules development...
+# There *are* limitations and you might have to modify your assembler
+# code or this script to achieve the desired result...
+#
+# Currently recognized limitations:
+#
+# - can't use multiple ops per line;
+#
+# Dual-ABI styling rules.
+#
+# 1. Adhere to Unix register and stack layout [see cross-reference
+# ABI "card" at the end for explanation].
+# 2. Forget about "red zone," stick to more traditional blended
+# stack frame allocation. If volatile storage is actually required
+# that is. If not, just leave the stack as is.
+# 3. Functions tagged with ".type name, at function" get crafted with
+# unified Win64 prologue and epilogue automatically. If you want
+# to take care of ABI differences yourself, tag functions as
+# ".type name, at abi-omnipotent" instead.
+# 4. To optimize the Win64 prologue you can specify number of input
+# arguments as ".type name, at function,N." Keep in mind that if N is
+# larger than 6, then you *have to* write "abi-omnipotent" code,
+# because >6 cases can't be addressed with unified prologue.
+# 5. Name local labels as .L*, do *not* use dynamic labels such as 1:
+# (sorry about latter).
+# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is
+# required to identify the spots, where to inject Win64 epilogue!
+# But on the pros, it's then prefixed with rep automatically:-)
+# 7. Stick to explicit ip-relative addressing. If you have to use
+# GOTPCREL addressing, stick to mov symbol at GOTPCREL(%rip),%r??.
+# Both are recognized and translated to proper Win64 addressing
+# modes. To support legacy code a synthetic directive, .picmeup,
+# is implemented. It puts address of the *next* instruction into
+# target register, e.g.:
+#
+# .picmeup %rax
+# lea .Label-.(%rax),%rax
+#
+# 8. In order to provide for structured exception handling unified
+# Win64 prologue copies %rsp value to %rax. For further details
+# see SEH paragraph at the end.
+# 9. .init segment is allowed to contain calls to functions only.
+# a. If function accepts more than 4 arguments *and* >4th argument
+# is declared as non 64-bit value, do clear its upper part.
+
+my $flavour = shift;
+my $output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+open STDOUT,">$output" || die "can't open $output: $!"
+ if (defined($output));
+
+my $gas=1; $gas=0 if ($output =~ /\.asm$/);
+my $elf=1; $elf=0 if (!$gas);
+my $win64=0;
+my $prefix="";
+my $decor=".L";
+
+my $masmref=8 + 50727*2**-32; # 8.00.50727 shipped with VS2005
+my $masm=0;
+my $PTR=" PTR";
+
+my $nasmref=2.03;
+my $nasm=0;
+
+if ($flavour eq "mingw64") { $gas=1; $elf=0; $win64=1;
+ $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`;
+ chomp($prefix);
+ }
+elsif ($flavour eq "macosx") { $gas=1; $elf=0; $prefix="_"; $decor="L\$"; }
+elsif ($flavour eq "masm") { $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; }
+elsif ($flavour eq "nasm") { $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; }
+elsif (!$gas)
+{ if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i)
+ { $nasm = $1 + $2*0.01; $PTR=""; }
+ elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
+ { $masm = $1 + $2*2**-16 + $4*2**-32; }
+ die "no assembler found on %PATH" if (!($nasm || $masm));
+ $win64=1;
+ $elf=0;
+ $decor="\$L\$";
+}
+
+my $current_segment;
+my $current_function;
+my %globals;
+
+{ package opcode; # pick up opcodes
+ sub re {
+ my $self = shift; # single instance in enough...
+ local *line = shift;
+ undef $ret;
+
+ if ($line =~ /^([a-z][a-z0-9]*)/i) {
+ $self->{op} = $1;
+ $ret = $self;
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+
+ undef $self->{sz};
+ if ($self->{op} =~ /^(movz)x?([bw]).*/) { # movz is pain...
+ $self->{op} = $1;
+ $self->{sz} = $2;
+ } elsif ($self->{op} =~ /call|jmp/) {
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /^v/) { # VEX
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /mov[dq]/ && $line =~ /%xmm/) {
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
+ $self->{op} = $1;
+ $self->{sz} = $2;
+ }
+ }
+ $ret;
+ }
+ sub size {
+ my $self = shift;
+ my $sz = shift;
+ $self->{sz} = $sz if (defined($sz) && !defined($self->{sz}));
+ $self->{sz};
+ }
+ sub out {
+ my $self = shift;
+ if ($gas) {
+ if ($self->{op} eq "movz") { # movz is pain...
+ sprintf "%s%s%s",$self->{op},$self->{sz},shift;
+ } elsif ($self->{op} =~ /^set/) {
+ "$self->{op}";
+ } elsif ($self->{op} eq "ret") {
+ my $epilogue = "";
+ if ($win64 && $current_function->{abi} eq "svr4") {
+ $epilogue = "movq 8(%rsp),%rdi\n\t" .
+ "movq 16(%rsp),%rsi\n\t";
+ }
+ $epilogue . ".byte 0xf3,0xc3";
+ } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") {
+ ".p2align\t3\n\t.quad";
+ } else {
+ "$self->{op}$self->{sz}";
+ }
+ } else {
+ $self->{op} =~ s/^movz/movzx/;
+ if ($self->{op} eq "ret") {
+ $self->{op} = "";
+ if ($win64 && $current_function->{abi} eq "svr4") {
+ $self->{op} = "mov rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t".
+ "mov rsi,QWORD${PTR}[16+rsp]\n\t";
+ }
+ $self->{op} .= "DB\t0F3h,0C3h\t\t;repret";
+ } elsif ($self->{op} =~ /^(pop|push)f/) {
+ $self->{op} .= $self->{sz};
+ } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
+ $self->{op} = "\tDQ";
+ }
+ $self->{op};
+ }
+ }
+ sub mnemonic {
+ my $self=shift;
+ my $op=shift;
+ $self->{op}=$op if (defined($op));
+ $self->{op};
+ }
+}
+{ package const; # pick up constants, which start with $
+ sub re {
+ my $self = shift; # single instance in enough...
+ local *line = shift;
+ undef $ret;
+
+ if ($line =~ /^\$([^,]+)/) {
+ $self->{value} = $1;
+ $ret = $self;
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+ }
+ $ret;
+ }
+ sub out {
+ my $self = shift;
+
+ if ($gas) {
+ # Solaris /usr/ccs/bin/as can't handle multiplications
+ # in $self->{value}
+ $self->{value} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
+ $self->{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+ sprintf "\$%s",$self->{value};
+ } else {
+ $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
+ $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
+ sprintf "%s",$self->{value};
+ }
+ }
+}
+{ package ea; # pick up effective addresses: expr(%reg,%reg,scale)
+ sub re {
+ my $self = shift; # single instance in enough...
+ local *line = shift;
+ undef $ret;
+
+ # optional * ---vvv--- appears in indirect jmp/call
+ if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) {
+ $self->{asterisk} = $1;
+ $self->{label} = $2;
+ ($self->{base},$self->{index},$self->{scale})=split(/,/,$3);
+ $self->{scale} = 1 if (!defined($self->{scale}));
+ $ret = $self;
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+
+ if ($win64 && $self->{label} =~ s/\@GOTPCREL//) {
+ die if (opcode->mnemonic() ne "mov");
+ opcode->mnemonic("lea");
+ }
+ $self->{base} =~ s/^%//;
+ $self->{index} =~ s/^%// if (defined($self->{index}));
+ }
+ $ret;
+ }
+ sub size {}
+ sub out {
+ my $self = shift;
+ my $sz = shift;
+
+ $self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+ $self->{label} =~ s/\.L/$decor/g;
+
+ # Silently convert all EAs to 64-bit. This is required for
+ # elder GNU assembler and results in more compact code,
+ # *but* most importantly AES module depends on this feature!
+ $self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+ $self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+
+ # Solaris /usr/ccs/bin/as can't handle multiplications
+ # in $self->{label}, new gas requires sign extension...
+ use integer;
+ $self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
+ $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+ $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
+
+ if ($gas) {
+ $self->{label} =~ s/^___imp_/__imp__/ if ($flavour eq "mingw64");
+
+ if (defined($self->{index})) {
+ sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk},
+ $self->{label},
+ $self->{base}?"%$self->{base}":"",
+ $self->{index},$self->{scale};
+ } else {
+ sprintf "%s%s(%%%s)", $self->{asterisk},$self->{label},$self->{base};
+ }
+ } else {
+ %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR",
+ q=>"QWORD$PTR",o=>"OWORD$PTR",x=>"XMMWORD$PTR" );
+
+ $self->{label} =~ s/\./\$/g;
+ $self->{label} =~ s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/ig;
+ $self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
+ $sz="q" if ($self->{asterisk} || opcode->mnemonic() eq "movq");
+ $sz="l" if (opcode->mnemonic() eq "movd");
+
+ if (defined($self->{index})) {
+ sprintf "%s[%s%s*%d%s]",$szmap{$sz},
+ $self->{label}?"$self->{label}+":"",
+ $self->{index},$self->{scale},
+ $self->{base}?"+$self->{base}":"";
+ } elsif ($self->{base} eq "rip") {
+ sprintf "%s[%s]",$szmap{$sz},$self->{label};
+ } else {
+ sprintf "%s[%s%s]",$szmap{$sz},
+ $self->{label}?"$self->{label}+":"",
+ $self->{base};
+ }
+ }
+ }
+}
+{ package register; # pick up registers, which start with %.
+ sub re {
+ my $class = shift; # muliple instances...
+ my $self = {};
+ local *line = shift;
+ undef $ret;
+
+ # optional * ---vvv--- appears in indirect jmp/call
+ if ($line =~ /^(\*?)%(\w+)/) {
+ bless $self,$class;
+ $self->{asterisk} = $1;
+ $self->{value} = $2;
+ $ret = $self;
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+ }
+ $ret;
+ }
+ sub size {
+ my $self = shift;
+ undef $ret;
+
+ if ($self->{value} =~ /^r[\d]+b$/i) { $ret="b"; }
+ elsif ($self->{value} =~ /^r[\d]+w$/i) { $ret="w"; }
+ elsif ($self->{value} =~ /^r[\d]+d$/i) { $ret="l"; }
+ elsif ($self->{value} =~ /^r[\w]+$/i) { $ret="q"; }
+ elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; }
+ elsif ($self->{value} =~ /^[\w]{2}l$/i) { $ret="b"; }
+ elsif ($self->{value} =~ /^[\w]{2}$/i) { $ret="w"; }
+ elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; }
+
+ $ret;
+ }
+ sub out {
+ my $self = shift;
+ if ($gas) { sprintf "%s%%%s",$self->{asterisk},$self->{value}; }
+ else { $self->{value}; }
+ }
+}
+{ package label; # pick up labels, which end with :
+ sub re {
+ my $self = shift; # single instance is enough...
+ local *line = shift;
+ undef $ret;
+
+ if ($line =~ /(^[\.\w]+)\:/) {
+ $self->{value} = $1;
+ $ret = $self;
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+
+ $self->{value} =~ s/^\.L/$decor/;
+ }
+ $ret;
+ }
+ sub out {
+ my $self = shift;
+
+ if ($gas) {
+ my $func = ($globals{$self->{value}} or $self->{value}) . ":";
+ if ($win64 &&
+ $current_function->{name} eq $self->{value} &&
+ $current_function->{abi} eq "svr4") {
+ $func .= "\n";
+ $func .= " movq %rdi,8(%rsp)\n";
+ $func .= " movq %rsi,16(%rsp)\n";
+ $func .= " movq %rsp,%rax\n";
+ $func .= "${decor}SEH_begin_$current_function->{name}:\n";
+ my $narg = $current_function->{narg};
+ $narg=6 if (!defined($narg));
+ $func .= " movq %rcx,%rdi\n" if ($narg>0);
+ $func .= " movq %rdx,%rsi\n" if ($narg>1);
+ $func .= " movq %r8,%rdx\n" if ($narg>2);
+ $func .= " movq %r9,%rcx\n" if ($narg>3);
+ $func .= " movq 40(%rsp),%r8\n" if ($narg>4);
+ $func .= " movq 48(%rsp),%r9\n" if ($narg>5);
+ }
+ $func;
+ } elsif ($self->{value} ne "$current_function->{name}") {
+ $self->{value} .= ":" if ($masm && $ret!~m/^\$/);
+ $self->{value} . ":";
+ } elsif ($win64 && $current_function->{abi} eq "svr4") {
+ my $func = "$current_function->{name}" .
+ ($nasm ? ":" : "\tPROC $current_function->{scope}") .
+ "\n";
+ $func .= " mov QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n";
+ $func .= " mov QWORD${PTR}[16+rsp],rsi\n";
+ $func .= " mov rax,rsp\n";
+ $func .= "${decor}SEH_begin_$current_function->{name}:";
+ $func .= ":" if ($masm);
+ $func .= "\n";
+ my $narg = $current_function->{narg};
+ $narg=6 if (!defined($narg));
+ $func .= " mov rdi,rcx\n" if ($narg>0);
+ $func .= " mov rsi,rdx\n" if ($narg>1);
+ $func .= " mov rdx,r8\n" if ($narg>2);
+ $func .= " mov rcx,r9\n" if ($narg>3);
+ $func .= " mov r8,QWORD${PTR}[40+rsp]\n" if ($narg>4);
+ $func .= " mov r9,QWORD${PTR}[48+rsp]\n" if ($narg>5);
+ $func .= "\n";
+ } else {
+ "$current_function->{name}".
+ ($nasm ? ":" : "\tPROC $current_function->{scope}");
+ }
+ }
+}
+{ package expr; # pick up expressioins
+ sub re {
+ my $self = shift; # single instance is enough...
+ local *line = shift;
+ undef $ret;
+
+ if ($line =~ /(^[^,]+)/) {
+ $self->{value} = $1;
+ $ret = $self;
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+
+ $self->{value} =~ s/\@PLT// if (!$elf);
+ $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+ $self->{value} =~ s/\.L/$decor/g;
+ }
+ $ret;
+ }
+ sub out {
+ my $self = shift;
+ if ($nasm && opcode->mnemonic()=~m/^j/) {
+ "NEAR ".$self->{value};
+ } else {
+ $self->{value};
+ }
+ }
+}
+{ package directive; # pick up directives, which start with .
+ sub re {
+ my $self = shift; # single instance is enough...
+ local *line = shift;
+ undef $ret;
+ my $dir;
+ my %opcode = # lea 2f-1f(%rip),%dst; 1: nop; 2:
+ ( "%rax"=>0x01058d48, "%rcx"=>0x010d8d48,
+ "%rdx"=>0x01158d48, "%rbx"=>0x011d8d48,
+ "%rsp"=>0x01258d48, "%rbp"=>0x012d8d48,
+ "%rsi"=>0x01358d48, "%rdi"=>0x013d8d48,
+ "%r8" =>0x01058d4c, "%r9" =>0x010d8d4c,
+ "%r10"=>0x01158d4c, "%r11"=>0x011d8d4c,
+ "%r12"=>0x01258d4c, "%r13"=>0x012d8d4c,
+ "%r14"=>0x01358d4c, "%r15"=>0x013d8d4c );
+
+ if ($line =~ /^\s*(\.\w+)/) {
+ $dir = $1;
+ $ret = $self;
+ undef $self->{value};
+ $line = substr($line, at +[0]); $line =~ s/^\s+//;
+
+ SWITCH: for ($dir) {
+ /\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) {
+ $dir="\t.long";
+ $line=sprintf "0x%x,0x90000000",$opcode{$1};
+ }
+ last;
+ };
+ /\.global|\.globl|\.extern/
+ && do { $globals{$line} = $prefix . $line;
+ $line = $globals{$line} if ($prefix);
+ last;
+ };
+ /\.type/ && do { ($sym,$type,$narg) = split(',',$line);
+ if ($type eq "\@function") {
+ undef $current_function;
+ $current_function->{name} = $sym;
+ $current_function->{abi} = "svr4";
+ $current_function->{narg} = $narg;
+ $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
+ } elsif ($type eq "\@abi-omnipotent") {
+ undef $current_function;
+ $current_function->{name} = $sym;
+ $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
+ }
+ $line =~ s/\@abi\-omnipotent/\@function/;
+ $line =~ s/\@function.*/\@function/;
+ last;
+ };
+ /\.asciz/ && do { if ($line =~ /^"(.*)"$/) {
+ $dir = ".byte";
+ $line = join(",",unpack("C*",$1),0);
+ }
+ last;
+ };
+ /\.rva|\.long|\.quad/
+ && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+ $line =~ s/\.L/$decor/g;
+ last;
+ };
+ }
+
+ if ($gas) {
+ $self->{value} = $dir . "\t" . $line;
+
+ if ($dir =~ /\.extern/) {
+ $self->{value} = ""; # swallow extern
+ } elsif (!$elf && $dir =~ /\.type/) {
+ $self->{value} = "";
+ $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" .
+ (defined($globals{$1})?".scl 2;":".scl 3;") .
+ "\t.type 32;\t.endef"
+ if ($win64 && $line =~ /([^,]+),\@function/);
+ } elsif (!$elf && $dir =~ /\.size/) {
+ $self->{value} = "";
+ if (defined($current_function)) {
+ $self->{value} .= "${decor}SEH_end_$current_function->{name}:"
+ if ($win64 && $current_function->{abi} eq "svr4");
+ undef $current_function;
+ }
+ } elsif (!$elf && $dir =~ /\.align/) {
+ $self->{value} = ".p2align\t" . (log($line)/log(2));
+ } elsif ($dir eq ".section") {
+ $current_segment=$line;
+ if (!$elf && $current_segment eq ".init") {
+ if ($flavour eq "macosx") { $self->{value} = ".mod_init_func"; }
+ elsif ($flavour eq "mingw64") { $self->{value} = ".section\t.ctors"; }
+ }
+ } elsif ($dir =~ /\.(text|data)/) {
+ $current_segment=".$1";
+ } elsif ($dir =~ /\.hidden/) {
+ if ($flavour eq "macosx") { $self->{value} = ".private_extern\t$prefix$line"; }
+ elsif ($flavour eq "mingw64") { $self->{value} = ""; }
+ } elsif ($dir =~ /\.comm/) {
+ $self->{value} = "$dir\t$prefix$line";
+ $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx");
+ }
+ $line = "";
+ return $self;
+ }
+
+ # non-gas case or nasm/masm
+ SWITCH: for ($dir) {
+ /\.text/ && do { my $v=undef;
+ if ($nasm) {
+ $v="section .text code align=64\n";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = ".text\$";
+ $v.="$current_segment\tSEGMENT ";
+ $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE";
+ $v.=" 'CODE'";
+ }
+ $self->{value} = $v;
+ last;
+ };
+ /\.data/ && do { my $v=undef;
+ if ($nasm) {
+ $v="section .data data align=8\n";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = "_DATA";
+ $v.="$current_segment\tSEGMENT";
+ }
+ $self->{value} = $v;
+ last;
+ };
+ /\.section/ && do { my $v=undef;
+ $line =~ s/([^,]*).*/$1/;
+ $line = ".CRT\$XCU" if ($line eq ".init");
+ if ($nasm) {
+ $v="section $line";
+ if ($line=~/\.([px])data/) {
+ $v.=" rdata align=";
+ $v.=$1 eq "p"? 4 : 8;
+ } elsif ($line=~/\.CRT\$/i) {
+ $v.=" rdata align=8";
+ }
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $v.="$line\tSEGMENT";
+ if ($line=~/\.([px])data/) {
+ $v.=" READONLY";
+ $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
+ } elsif ($line=~/\.CRT\$/i) {
+ $v.=" READONLY ";
+ $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD";
+ }
+ }
+ $current_segment = $line;
+ $self->{value} = $v;
+ last;
+ };
+ /\.extern/ && do { $self->{value} = "EXTERN\t".$line;
+ $self->{value} .= ":NEAR" if ($masm);
+ last;
+ };
+ /\.globl|.global/
+ && do { $self->{value} = $masm?"PUBLIC":"global";
+ $self->{value} .= "\t".$line;
+ last;
+ };
+ /\.size/ && do { if (defined($current_function)) {
+ undef $self->{value};
+ if ($current_function->{abi} eq "svr4") {
+ $self->{value}="${decor}SEH_end_$current_function->{name}:";
+ $self->{value}.=":\n" if($masm);
+ }
+ $self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name});
+ undef $current_function;
+ }
+ last;
+ };
+ /\.align/ && do { $self->{value} = "ALIGN\t".$line; last; };
+ /\.(value|long|rva|quad)/
+ && do { my $sz = substr($1,0,1);
+ my @arr = split(/,\s*/,$line);
+ my $last = pop(@arr);
+ my $conv = sub { my $var=shift;
+ $var=~s/^(0b[0-1]+)/oct($1)/eig;
+ $var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm);
+ if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva"))
+ { $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; }
+ $var;
+ };
+
+ $sz =~ tr/bvlrq/BWDDQ/;
+ $self->{value} = "\tD$sz\t";
+ for (@arr) { $self->{value} .= &$conv($_).","; }
+ $self->{value} .= &$conv($last);
+ last;
+ };
+ /\.byte/ && do { my @str=split(/,\s*/,$line);
+ map(s/(0b[0-1]+)/oct($1)/eig, at str);
+ map(s/0x([0-9a-f]+)/0$1h/ig, at str) if ($masm);
+ while ($#str>15) {
+ $self->{value}.="DB\t"
+ .join(",", at str[0..15])."\n";
+ foreach (0..15) { shift @str; }
+ }
+ $self->{value}.="DB\t"
+ .join(",", at str) if (@str);
+ last;
+ };
+ /\.comm/ && do { my @str=split(/,\s*/,$line);
+ my $v=undef;
+ if ($nasm) {
+ $v.="common $prefix at str[0] @str[1]";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = "_DATA";
+ $v.="$current_segment\tSEGMENT\n";
+ $v.="COMM @str[0]:DWORD:". at str[1]/4;
+ }
+ $self->{value} = $v;
+ last;
+ };
+ }
+ $line = "";
+ }
+
+ $ret;
+ }
+ sub out {
+ my $self = shift;
+ $self->{value};
+ }
+}
+
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src,$rex)=@_;
+
+ $rex|=0x04 if($dst>=8);
+ $rex|=0x01 if($src>=8);
+ push @opcode,($rex|0x40) if ($rex);
+}
+
+# older gas and ml64 don't handle SSE>2 instructions
+my %regrm = ( "%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
+ "%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7 );
+
+my $movq = sub { # elderly gas can't handle inter-register movq
+ my $arg = shift;
+ my @opcode=(0x66);
+ if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
+ my ($src,$dst)=($1,$2);
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,$src,$dst,0x8);
+ push @opcode,0x0f,0x7e;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ @opcode;
+ } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
+ my ($src,$dst)=($2,$1);
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,$src,$dst,0x8);
+ push @opcode,0x0f,0x6e;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pextrd = sub {
+ if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
+ my @opcode=(0x66);
+ $imm=$1;
+ $src=$2;
+ $dst=$3;
+ if ($dst =~ /%r([0-9]+)d/) { $dst = $1; }
+ elsif ($dst =~ /%e/) { $dst = $regrm{$dst}; }
+ rex(\@opcode,$src,$dst);
+ push @opcode,0x0f,0x3a,0x16;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ push @opcode,$imm;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pinsrd = sub {
+ if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ $imm=$1;
+ $src=$2;
+ $dst=$3;
+ if ($src =~ /%r([0-9]+)/) { $src = $1; }
+ elsif ($src =~ /%e/) { $src = $regrm{$src}; }
+ rex(\@opcode,$dst,$src);
+ push @opcode,0x0f,0x3a,0x22;
+ push @opcode,0xc0|(($dst&7)<<3)|($src&7); # ModR/M
+ push @opcode,$imm;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pshufb = sub {
+ if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$2,$1);
+ push @opcode,0x0f,0x38,0x00;
+ push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $palignr = sub {
+ if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x3a,0x0f;
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ push @opcode,$1;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pclmulqdq = sub {
+ if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x3a,0x44;
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ my $c=$1;
+ push @opcode,$c=~/^0/?oct($c):$c;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $rdrand = sub {
+ if (shift =~ /%[er](\w+)/) {
+ my @opcode=();
+ my $dst=$1;
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,0,$1,8);
+ push @opcode,0x0f,0xc7,0xf0|($dst&7);
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+if ($nasm) {
+ print <<___;
+default rel
+%define XMMWORD
+___
+} elsif ($masm) {
+ print <<___;
+OPTION DOTNAME
+___
+}
+while($line=<>) {
+
+ chomp($line);
+
+ $line =~ s|[#!].*$||; # get rid of asm-style comments...
+ $line =~ s|/\*.*\*/||; # ... and C-style comments...
+ $line =~ s|^\s+||; # ... and skip white spaces in beginning
+
+ undef $label;
+ undef $opcode;
+ undef @args;
+
+ if ($label=label->re(\$line)) { print $label->out(); }
+
+ if (directive->re(\$line)) {
+ printf "%s",directive->out();
+ } elsif ($opcode=opcode->re(\$line)) {
+ my $asm = eval("\$".$opcode->mnemonic());
+ undef @bytes;
+
+ if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) {
+ print $gas?".byte\t":"DB\t",join(',', at bytes),"\n";
+ next;
+ }
+
+ ARGUMENT: while (1) {
+ my $arg;
+
+ if ($arg=register->re(\$line)) { opcode->size($arg->size()); }
+ elsif ($arg=const->re(\$line)) { }
+ elsif ($arg=ea->re(\$line)) { }
+ elsif ($arg=expr->re(\$line)) { }
+ else { last ARGUMENT; }
+
+ push @args,$arg;
+
+ last ARGUMENT if ($line !~ /^,/);
+
+ $line =~ s/^,\s*//;
+ } # ARGUMENT:
+
+ if ($#args>=0) {
+ my $insn;
+ my $sz=opcode->size();
+
+ if ($gas) {
+ $insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
+ @args = map($_->out($sz), at args);
+ printf "\t%s\t%s",$insn,join(",", at args);
+ } else {
+ $insn = $opcode->out();
+ foreach (@args) {
+ my $arg = $_->out();
+ # $insn.=$sz compensates for movq, pinsrw, ...
+ if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; }
+ if ($arg =~ /^mm[0-9]+$/) { $insn.=$sz; $sz="q" if(!$sz); last; }
+ }
+ @args = reverse(@args);
+ undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
+ printf "\t%s\t%s",$insn,join(",",map($_->out($sz), at args));
+ }
+ } else {
+ printf "\t%s",$opcode->out();
+ }
+ }
+
+ print $line,"\n";
+}
+
+print "\n$current_segment\tENDS\n" if ($current_segment && $masm);
+print "END\n" if ($masm);
+
+close STDOUT;
+
+
#################################################
+# Cross-reference x86_64 ABI "card"
+#
+# Unix Win64
+# %rax * *
+# %rbx - -
+# %rcx #4 #1
+# %rdx #3 #2
+# %rsi #2 -
+# %rdi #1 -
+# %rbp - -
+# %rsp - -
+# %r8 #5 #3
+# %r9 #6 #4
+# %r10 * *
+# %r11 * *
+# %r12 - -
+# %r13 - -
+# %r14 - -
+# %r15 - -
+#
+# (*) volatile register
+# (-) preserved by callee
+# (#) Nth argument, volatile
+#
+# In Unix terms top of stack is argument transfer area for arguments
+# which could not be accomodated in registers. Or in other words 7th
+# [integer] argument resides at 8(%rsp) upon function entry point.
+# 128 bytes above %rsp constitute a "red zone" which is not touched
+# by signal handlers and can be used as temporal storage without
+# allocating a frame.
+#
+# In Win64 terms N*8 bytes on top of stack is argument transfer area,
+# which belongs to/can be overwritten by callee. N is the number of
+# arguments passed to callee, *but* not less than 4! This means that
+# upon function entry point 5th argument resides at 40(%rsp), as well
+# as that 32 bytes from 8(%rsp) can always be used as temporal
+# storage [without allocating a frame]. One can actually argue that
+# one can assume a "red zone" above stack pointer under Win64 as well.
+# Point is that at apparently no occasion Windows kernel would alter
+# the area above user stack pointer in true asynchronous manner...
+#
+# All the above means that if assembler programmer adheres to Unix
+# register and stack layout, but disregards the "red zone" existense,
+# it's possible to use following prologue and epilogue to "gear" from
+# Unix to Win64 ABI in leaf functions with not more than 6 arguments.
+#
+# omnipotent_function:
+# ifdef WIN64
+# movq %rdi,8(%rsp)
+# movq %rsi,16(%rsp)
+# movq %rcx,%rdi ; if 1st argument is actually present
+# movq %rdx,%rsi ; if 2nd argument is actually ...
+# movq %r8,%rdx ; if 3rd argument is ...
+# movq %r9,%rcx ; if 4th argument ...
+# movq 40(%rsp),%r8 ; if 5th ...
+# movq 48(%rsp),%r9 ; if 6th ...
+# endif
+# ...
+# ifdef WIN64
+# movq 8(%rsp),%rdi
+# movq 16(%rsp),%rsi
+# endif
+# ret
+#
+
#################################################
+# Win64 SEH, Structured Exception Handling.
+#
+# Unlike on Unix systems(*) lack of Win64 stack unwinding information
+# has undesired side-effect at run-time: if an exception is raised in
+# assembler subroutine such as those in question (basically we're
+# referring to segmentation violations caused by malformed input
+# parameters), the application is briskly terminated without invoking
+# any exception handlers, most notably without generating memory dump
+# or any user notification whatsoever. This poses a problem. It's
+# possible to address it by registering custom language-specific
+# handler that would restore processor context to the state at
+# subroutine entry point and return "exception is not handled, keep
+# unwinding" code. Writing such handler can be a challenge... But it's
+# doable, though requires certain coding convention. Consider following
+# snippet:
+#
+# .type function, at function
+# function:
+# movq %rsp,%rax # copy rsp to volatile register
+# pushq %r15 # save non-volatile registers
+# pushq %rbx
+# pushq %rbp
+# movq %rsp,%r11
+# subq %rdi,%r11 # prepare [variable] stack frame
+# andq $-64,%r11
+# movq %rax,0(%r11) # check for exceptions
+# movq %r11,%rsp # allocate [variable] stack frame
+# movq %rax,0(%rsp) # save original rsp value
+# magic_point:
+# ...
+# movq 0(%rsp),%rcx # pull original rsp value
+# movq -24(%rcx),%rbp # restore non-volatile registers
+# movq -16(%rcx),%rbx
+# movq -8(%rcx),%r15
+# movq %rcx,%rsp # restore original rsp
+# ret
+# .size function,.-function
+#
+# The key is that up to magic_point copy of original rsp value remains
+# in chosen volatile register and no non-volatile register, except for
+# rsp, is modified. While past magic_point rsp remains constant till
+# the very end of the function. In this case custom language-specific
+# exception handler would look like this:
+#
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+# { ULONG64 *rsp = (ULONG64 *)context->Rax;
+# if (context->Rip >= magic_point)
+# { rsp = ((ULONG64 **)context->Rsp)[0];
+# context->Rbp = rsp[-3];
+# context->Rbx = rsp[-2];
+# context->R15 = rsp[-1];
+# }
+# context->Rsp = (ULONG64)rsp;
+# context->Rdi = rsp[1];
+# context->Rsi = rsp[2];
+#
+# memcpy (disp->ContextRecord,context,sizeof(CONTEXT));
+# RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase,
+# dips->ControlPc,disp->FunctionEntry,disp->ContextRecord,
+# &disp->HandlerData,&disp->EstablisherFrame,NULL);
+# return ExceptionContinueSearch;
+# }
+#
+# It's appropriate to implement this handler in assembler, directly in
+# function's module. In order to do that one has to know members'
+# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant
+# values. Here they are:
+#
+# CONTEXT.Rax 120
+# CONTEXT.Rcx 128
+# CONTEXT.Rdx 136
+# CONTEXT.Rbx 144
+# CONTEXT.Rsp 152
+# CONTEXT.Rbp 160
+# CONTEXT.Rsi 168
+# CONTEXT.Rdi 176
+# CONTEXT.R8 184
+# CONTEXT.R9 192
+# CONTEXT.R10 200
+# CONTEXT.R11 208
+# CONTEXT.R12 216
+# CONTEXT.R13 224
+# CONTEXT.R14 232
+# CONTEXT.R15 240
+# CONTEXT.Rip 248
+# CONTEXT.Xmm6 512
+# sizeof(CONTEXT) 1232
+# DISPATCHER_CONTEXT.ControlPc 0
+# DISPATCHER_CONTEXT.ImageBase 8
+# DISPATCHER_CONTEXT.FunctionEntry 16
+# DISPATCHER_CONTEXT.EstablisherFrame 24
+# DISPATCHER_CONTEXT.TargetIp 32
+# DISPATCHER_CONTEXT.ContextRecord 40
+# DISPATCHER_CONTEXT.LanguageHandler 48
+# DISPATCHER_CONTEXT.HandlerData 56
+# UNW_FLAG_NHANDLER 0
+# ExceptionContinueSearch 1
+#
+# In order to tie the handler to the function one has to compose
+# couple of structures: one for .xdata segment and one for .pdata.
+#
+# UNWIND_INFO structure for .xdata segment would be
+#
+# function_unwind_info:
+# .byte 9,0,0,0
+# .rva handler
+#
+# This structure designates exception handler for a function with
+# zero-length prologue, no stack frame or frame register.
+#
+# To facilitate composing of .pdata structures, auto-generated "gear"
+# prologue copies rsp value to rax and denotes next instruction with
+# .LSEH_begin_{function_name} label. This essentially defines the SEH
+# styling rule mentioned in the beginning. Position of this label is
+# chosen in such manner that possible exceptions raised in the "gear"
+# prologue would be accounted to caller and unwound from latter's frame.
+# End of function is marked with respective .LSEH_end_{function_name}
+# label. To summarize, .pdata segment would contain
+#
+# .rva .LSEH_begin_function
+# .rva .LSEH_end_function
+# .rva function_unwind_info
+#
+# Reference to functon_unwind_info from .xdata segment is the anchor.
+# In case you wonder why references are 32-bit .rvas and not 64-bit
+# .quads. References put into these two segments are required to be
+# *relative* to the base address of the current binary module, a.k.a.
+# image base. No Win64 module, be it .exe or .dll, can be larger than
+# 2GB and thus such relative references can be and are accommodated in
+# 32 bits.
+#
+# Having reviewed the example function code, one can argue that "movq
+# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix
+# rax would contain an undefined value. If this "offends" you, use
+# another register and refrain from modifying rax till magic_point is
+# reached, i.e. as if it was a non-volatile register. If more registers
+# are required prior [variable] frame setup is completed, note that
+# nobody says that you can have only one "magic point." You can
+# "liberate" non-volatile registers by denoting last stack off-load
+# instruction and reflecting it in finer grade unwind logic in handler.
+# After all, isn't it why it's called *language-specific* handler...
+#
+# Attentive reader can notice that exceptions would be mishandled in
+# auto-generated "gear" epilogue. Well, exception effectively can't
+# occur there, because if memory area used by it was subject to
+# segmentation violation, then it would be raised upon call to the
+# function (and as already mentioned be accounted to caller, which is
+# not a problem). If you're still not comfortable, then define tail
+# "magic point" just prior ret instruction and have handler treat it...
+#
+# (*) Note that we're talking about run-time, not debug-time. Lack of
+# unwind information makes debugging hard on both Windows and
+# Unix. "Unlike" referes to the fact that on Unix signal handler
+# will always be invoked, core dumped and appropriate exit code
+# returned to parent (for user notification).
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pkcs12/p12_mutl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,195 +0,0 @@
-/* p12_mutl.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_HMAC
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/crypto.h>
-# include <openssl/hmac.h>
-# include <openssl/rand.h>
-# include <openssl/pkcs12.h>
-
-/* Generate a MAC */
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *mac, unsigned int *maclen)
-{
- const EVP_MD *md_type;
- HMAC_CTX hmac;
- unsigned char key[EVP_MAX_MD_SIZE], *salt;
- int saltlen, iter;
- int md_size;
-
- if (!PKCS7_type_is_data(p12->authsafes)) {
- PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA);
- return 0;
- }
-
- salt = p12->mac->salt->data;
- saltlen = p12->mac->salt->length;
- if (!p12->mac->iter)
- iter = 1;
- else
- iter = ASN1_INTEGER_get(p12->mac->iter);
- if (!(md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm))) {
- PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
- return 0;
- }
- md_size = EVP_MD_size(md_type);
- if (md_size < 0)
- return 0;
- if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
- md_size, key, md_type)) {
- PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
- return 0;
- }
- HMAC_CTX_init(&hmac);
- if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
- || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
- p12->authsafes->d.data->length)
- || !HMAC_Final(&hmac, mac, maclen)) {
- HMAC_CTX_cleanup(&hmac);
- return 0;
- }
- HMAC_CTX_cleanup(&hmac);
- return 1;
-}
-
-/* Verify the mac */
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
-{
- unsigned char mac[EVP_MAX_MD_SIZE];
- unsigned int maclen;
- if (p12->mac == NULL) {
- PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
- return 0;
- }
- if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
- PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_GENERATION_ERROR);
- return 0;
- }
- if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
- || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
- return 0;
- return 1;
-}
-
-/* Set a mac */
-
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- const EVP_MD *md_type)
-{
- unsigned char mac[EVP_MAX_MD_SIZE];
- unsigned int maclen;
-
- if (!md_type)
- md_type = EVP_sha1();
- if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) {
- PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
- return 0;
- }
- if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
- PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR);
- return 0;
- }
- if (!(M_ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
- PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_STRING_SET_ERROR);
- return 0;
- }
- return 1;
-}
-
-/* Set up a mac structure */
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
- const EVP_MD *md_type)
-{
- if (!(p12->mac = PKCS12_MAC_DATA_new()))
- return PKCS12_ERROR;
- if (iter > 1) {
- if (!(p12->mac->iter = M_ASN1_INTEGER_new())) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- if (!saltlen)
- saltlen = PKCS12_SALT_LEN;
- if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- p12->mac->salt->length = saltlen;
- if (!salt) {
- if (RAND_pseudo_bytes(p12->mac->salt->data, saltlen) < 0)
- return 0;
- } else
- memcpy(p12->mac->salt->data, salt, saltlen);
- p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
- if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
-
- return 1;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pkcs12/p12_mutl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_mutl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,195 @@
+/* p12_mutl.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef OPENSSL_NO_HMAC
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/crypto.h>
+# include <openssl/hmac.h>
+# include <openssl/rand.h>
+# include <openssl/pkcs12.h>
+
+/* Generate a MAC */
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *mac, unsigned int *maclen)
+{
+ const EVP_MD *md_type;
+ HMAC_CTX hmac;
+ unsigned char key[EVP_MAX_MD_SIZE], *salt;
+ int saltlen, iter;
+ int md_size;
+
+ if (!PKCS7_type_is_data(p12->authsafes)) {
+ PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA);
+ return 0;
+ }
+
+ salt = p12->mac->salt->data;
+ saltlen = p12->mac->salt->length;
+ if (!p12->mac->iter)
+ iter = 1;
+ else
+ iter = ASN1_INTEGER_get(p12->mac->iter);
+ if (!(md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm))) {
+ PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
+ return 0;
+ }
+ md_size = EVP_MD_size(md_type);
+ if (md_size < 0)
+ return 0;
+ if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
+ md_size, key, md_type)) {
+ PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
+ return 0;
+ }
+ HMAC_CTX_init(&hmac);
+ if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
+ || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
+ p12->authsafes->d.data->length)
+ || !HMAC_Final(&hmac, mac, maclen)) {
+ HMAC_CTX_cleanup(&hmac);
+ return 0;
+ }
+ HMAC_CTX_cleanup(&hmac);
+ return 1;
+}
+
+/* Verify the mac */
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
+{
+ unsigned char mac[EVP_MAX_MD_SIZE];
+ unsigned int maclen;
+ if (p12->mac == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
+ return 0;
+ }
+ if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
+ PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_GENERATION_ERROR);
+ return 0;
+ }
+ if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
+ || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
+ return 0;
+ return 1;
+}
+
+/* Set a mac */
+
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *md_type)
+{
+ unsigned char mac[EVP_MAX_MD_SIZE];
+ unsigned int maclen;
+
+ if (!md_type)
+ md_type = EVP_sha1();
+ if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) {
+ PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
+ return 0;
+ }
+ if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
+ PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR);
+ return 0;
+ }
+ if (!(M_ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
+ PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_STRING_SET_ERROR);
+ return 0;
+ }
+ return 1;
+}
+
+/* Set up a mac structure */
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
+ const EVP_MD *md_type)
+{
+ if (!(p12->mac = PKCS12_MAC_DATA_new()))
+ return PKCS12_ERROR;
+ if (iter > 1) {
+ if (!(p12->mac->iter = M_ASN1_INTEGER_new())) {
+ PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
+ PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+ if (!saltlen)
+ saltlen = PKCS12_SALT_LEN;
+ if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ p12->mac->salt->length = saltlen;
+ if (!salt) {
+ if (RAND_bytes(p12->mac->salt->data, saltlen) <= 0)
+ return 0;
+ } else
+ memcpy(p12->mac->salt->data, salt, saltlen);
+ p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
+ if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
+ PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
+
+ return 1;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pkcs12/p12_npas.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,235 +0,0 @@
-/* p12_npas.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 password change routine */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
- char *newpass);
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
-
-/*
- * Change the password on a PKCS#12 structure.
- */
-
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
-{
- /* Check for NULL PKCS12 structure */
-
- if (!p12) {
- PKCS12err(PKCS12_F_PKCS12_NEWPASS,
- PKCS12_R_INVALID_NULL_PKCS12_POINTER);
- return 0;
- }
-
- /* Check the mac */
-
- if (!PKCS12_verify_mac(p12, oldpass, -1)) {
- PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
- return 0;
- }
-
- if (!newpass_p12(p12, oldpass, newpass)) {
- PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
- return 0;
- }
-
- return 1;
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
-{
- STACK_OF(PKCS7) *asafes, *newsafes;
- STACK_OF(PKCS12_SAFEBAG) *bags;
- int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
- PKCS7 *p7, *p7new;
- ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
- unsigned char mac[EVP_MAX_MD_SIZE];
- unsigned int maclen;
-
- if (!(asafes = PKCS12_unpack_authsafes(p12)))
- return 0;
- if (!(newsafes = sk_PKCS7_new_null()))
- return 0;
- for (i = 0; i < sk_PKCS7_num(asafes); i++) {
- p7 = sk_PKCS7_value(asafes, i);
- bagnid = OBJ_obj2nid(p7->type);
- if (bagnid == NID_pkcs7_data) {
- bags = PKCS12_unpack_p7data(p7);
- } else if (bagnid == NID_pkcs7_encrypted) {
- bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
- if (!alg_get(p7->d.encrypted->enc_data->algorithm,
- &pbe_nid, &pbe_iter, &pbe_saltlen)) {
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- bags = NULL;
- }
- } else
- continue;
- if (!bags) {
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- if (!newpass_bags(bags, oldpass, newpass)) {
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- /* Repack bag in same form with new password */
- if (bagnid == NID_pkcs7_data)
- p7new = PKCS12_pack_p7data(bags);
- else
- p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
- pbe_saltlen, pbe_iter, bags);
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- if (!p7new) {
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- sk_PKCS7_push(newsafes, p7new);
- }
- sk_PKCS7_pop_free(asafes, PKCS7_free);
-
- /* Repack safe: save old safe in case of error */
-
- p12_data_tmp = p12->authsafes->d.data;
- if (!(p12->authsafes->d.data = ASN1_OCTET_STRING_new()))
- goto saferr;
- if (!PKCS12_pack_authsafes(p12, newsafes))
- goto saferr;
-
- if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
- goto saferr;
- if (!(macnew = ASN1_OCTET_STRING_new()))
- goto saferr;
- if (!ASN1_OCTET_STRING_set(macnew, mac, maclen))
- goto saferr;
- ASN1_OCTET_STRING_free(p12->mac->dinfo->digest);
- p12->mac->dinfo->digest = macnew;
- ASN1_OCTET_STRING_free(p12_data_tmp);
-
- return 1;
-
- saferr:
- /* Restore old safe */
- ASN1_OCTET_STRING_free(p12->authsafes->d.data);
- ASN1_OCTET_STRING_free(macnew);
- p12->authsafes->d.data = p12_data_tmp;
- return 0;
-
-}
-
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
- char *newpass)
-{
- int i;
- for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
- if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), oldpass, newpass))
- return 0;
- }
- return 1;
-}
-
-/* Change password of safebag: only needs handle shrouded keybags */
-
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
-{
- PKCS8_PRIV_KEY_INFO *p8;
- X509_SIG *p8new;
- int p8_nid, p8_saltlen, p8_iter;
-
- if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
- return 1;
-
- if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)))
- return 0;
- if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen))
- return 0;
- if (!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
- p8_iter, p8)))
- return 0;
- X509_SIG_free(bag->value.shkeybag);
- bag->value.shkeybag = p8new;
- return 1;
-}
-
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
-{
- PBEPARAM *pbe;
- const unsigned char *p;
-
- p = alg->parameter->value.sequence->data;
- pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
- if (!pbe)
- return 0;
- *pnid = OBJ_obj2nid(alg->algorithm);
- *piter = ASN1_INTEGER_get(pbe->iter);
- *psaltlen = pbe->salt->length;
- PBEPARAM_free(pbe);
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pkcs12/p12_npas.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_npas.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,230 @@
+/* p12_npas.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/pkcs12.h>
+
+/* PKCS#12 password change routine */
+
+static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass);
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
+ const char *newpass);
+static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
+ const char *newpass);
+static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
+
+/*
+ * Change the password on a PKCS#12 structure.
+ */
+
+int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass)
+{
+ /* Check for NULL PKCS12 structure */
+
+ if (!p12) {
+ PKCS12err(PKCS12_F_PKCS12_NEWPASS,
+ PKCS12_R_INVALID_NULL_PKCS12_POINTER);
+ return 0;
+ }
+
+ /* Check the mac */
+
+ if (!PKCS12_verify_mac(p12, oldpass, -1)) {
+ PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
+ return 0;
+ }
+
+ if (!newpass_p12(p12, oldpass, newpass)) {
+ PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
+ return 0;
+ }
+
+ return 1;
+}
+
+/* Parse the outer PKCS#12 structure */
+
+static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
+{
+ STACK_OF(PKCS7) *asafes = NULL, *newsafes = NULL;
+ STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
+ int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
+ PKCS7 *p7, *p7new;
+ ASN1_OCTET_STRING *p12_data_tmp = NULL;
+ unsigned char mac[EVP_MAX_MD_SIZE];
+ unsigned int maclen;
+ int rv = 0;
+
+ if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
+ goto err;
+ if ((newsafes = sk_PKCS7_new_null()) == NULL)
+ goto err;
+ for (i = 0; i < sk_PKCS7_num(asafes); i++) {
+ p7 = sk_PKCS7_value(asafes, i);
+ bagnid = OBJ_obj2nid(p7->type);
+ if (bagnid == NID_pkcs7_data) {
+ bags = PKCS12_unpack_p7data(p7);
+ } else if (bagnid == NID_pkcs7_encrypted) {
+ bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
+ if (!alg_get(p7->d.encrypted->enc_data->algorithm,
+ &pbe_nid, &pbe_iter, &pbe_saltlen))
+ goto err;
+ } else {
+ continue;
+ }
+ if (bags == NULL)
+ goto err;
+ if (!newpass_bags(bags, oldpass, newpass))
+ goto err;
+ /* Repack bag in same form with new password */
+ if (bagnid == NID_pkcs7_data)
+ p7new = PKCS12_pack_p7data(bags);
+ else
+ p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
+ pbe_saltlen, pbe_iter, bags);
+ if (!p7new || !sk_PKCS7_push(newsafes, p7new))
+ goto err;
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+ bags = NULL;
+ }
+
+ /* Repack safe: save old safe in case of error */
+
+ p12_data_tmp = p12->authsafes->d.data;
+ if ((p12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL)
+ goto err;
+ if (!PKCS12_pack_authsafes(p12, newsafes))
+ goto err;
+ if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
+ goto err;
+ if (!ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))
+ goto err;
+
+ rv = 1;
+
+err:
+ /* Restore old safe if necessary */
+ if (rv == 1) {
+ ASN1_OCTET_STRING_free(p12_data_tmp);
+ } else if (p12_data_tmp != NULL) {
+ ASN1_OCTET_STRING_free(p12->authsafes->d.data);
+ p12->authsafes->d.data = p12_data_tmp;
+ }
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+ sk_PKCS7_pop_free(asafes, PKCS7_free);
+ sk_PKCS7_pop_free(newsafes, PKCS7_free);
+ return rv;
+}
+
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
+ const char *newpass)
+{
+ int i;
+ for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+ if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), oldpass, newpass))
+ return 0;
+ }
+ return 1;
+}
+
+/* Change password of safebag: only needs handle shrouded keybags */
+
+static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
+ const char *newpass)
+{
+ PKCS8_PRIV_KEY_INFO *p8;
+ X509_SIG *p8new;
+ int p8_nid, p8_saltlen, p8_iter;
+
+ if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
+ return 1;
+
+ if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)))
+ return 0;
+ if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen))
+ return 0;
+ p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
+ p8_iter, p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ if (p8new == NULL)
+ return 0;
+ X509_SIG_free(bag->value.shkeybag);
+ bag->value.shkeybag = p8new;
+ return 1;
+}
+
+static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
+{
+ PBEPARAM *pbe;
+ const unsigned char *p;
+
+ p = alg->parameter->value.sequence->data;
+ pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+ if (!pbe)
+ return 0;
+ *pnid = OBJ_obj2nid(alg->algorithm);
+ *piter = ASN1_INTEGER_get(pbe->iter);
+ *psaltlen = pbe->salt->length;
+ PBEPARAM_free(pbe);
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pkcs12/p12_utl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,161 +0,0 @@
-/* p12_utl.c */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Cheap and nasty Unicode stuff */
-
-unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
- unsigned char **uni, int *unilen)
-{
- int ulen, i;
- unsigned char *unitmp;
- if (asclen == -1)
- asclen = strlen(asc);
- ulen = asclen * 2 + 2;
- if (!(unitmp = OPENSSL_malloc(ulen)))
- return NULL;
- for (i = 0; i < ulen - 2; i += 2) {
- unitmp[i] = 0;
- unitmp[i + 1] = asc[i >> 1];
- }
- /* Make result double null terminated */
- unitmp[ulen - 2] = 0;
- unitmp[ulen - 1] = 0;
- if (unilen)
- *unilen = ulen;
- if (uni)
- *uni = unitmp;
- return unitmp;
-}
-
-char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
-{
- int asclen, i;
- char *asctmp;
- asclen = unilen / 2;
- /* If no terminating zero allow for one */
- if (!unilen || uni[unilen - 1])
- asclen++;
- uni++;
- if (!(asctmp = OPENSSL_malloc(asclen)))
- return NULL;
- for (i = 0; i < unilen; i += 2)
- asctmp[i >> 1] = uni[i];
- asctmp[asclen - 1] = 0;
- return asctmp;
-}
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
-{
- return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
-{
- return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-#endif
-
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
-{
- return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-#ifndef OPENSSL_NO_FP_API
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
-{
- return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-#endif
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509)
-{
- return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),
- NID_x509Certificate, NID_certBag);
-}
-
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl)
-{
- return PKCS12_item_pack_safebag(crl, ASN1_ITEM_rptr(X509_CRL),
- NID_x509Crl, NID_crlBag);
-}
-
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag)
-{
- if (M_PKCS12_bag_type(bag) != NID_certBag)
- return NULL;
- if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
- return NULL;
- return ASN1_item_unpack(bag->value.bag->value.octet,
- ASN1_ITEM_rptr(X509));
-}
-
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag)
-{
- if (M_PKCS12_bag_type(bag) != NID_crlBag)
- return NULL;
- if (M_PKCS12_cert_bag_type(bag) != NID_x509Crl)
- return NULL;
- return ASN1_item_unpack(bag->value.bag->value.octet,
- ASN1_ITEM_rptr(X509_CRL));
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pkcs12/p12_utl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/p12_utl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,165 @@
+/* p12_utl.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Cheap and nasty Unicode stuff */
+
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+ unsigned char **uni, int *unilen)
+{
+ int ulen, i;
+ unsigned char *unitmp;
+ if (asclen == -1)
+ asclen = strlen(asc);
+ ulen = asclen * 2 + 2;
+ if (!(unitmp = OPENSSL_malloc(ulen)))
+ return NULL;
+ for (i = 0; i < ulen - 2; i += 2) {
+ unitmp[i] = 0;
+ unitmp[i + 1] = asc[i >> 1];
+ }
+ /* Make result double null terminated */
+ unitmp[ulen - 2] = 0;
+ unitmp[ulen - 1] = 0;
+ if (unilen)
+ *unilen = ulen;
+ if (uni)
+ *uni = unitmp;
+ return unitmp;
+}
+
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
+{
+ int asclen, i;
+ char *asctmp;
+
+ /* string must contain an even number of bytes */
+ if (unilen & 1)
+ return NULL;
+ asclen = unilen / 2;
+ /* If no terminating zero allow for one */
+ if (!unilen || uni[unilen - 1])
+ asclen++;
+ uni++;
+ if (!(asctmp = OPENSSL_malloc(asclen)))
+ return NULL;
+ for (i = 0; i < unilen; i += 2)
+ asctmp[i >> 1] = uni[i];
+ asctmp[asclen - 1] = 0;
+ return asctmp;
+}
+
+int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
+{
+ return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
+{
+ return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
+}
+#endif
+
+PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
+{
+ return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
+}
+
+#ifndef OPENSSL_NO_FP_API
+PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
+{
+ return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
+}
+#endif
+
+PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509)
+{
+ return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),
+ NID_x509Certificate, NID_certBag);
+}
+
+PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl)
+{
+ return PKCS12_item_pack_safebag(crl, ASN1_ITEM_rptr(X509_CRL),
+ NID_x509Crl, NID_crlBag);
+}
+
+X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag)
+{
+ if (M_PKCS12_bag_type(bag) != NID_certBag)
+ return NULL;
+ if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
+ return NULL;
+ return ASN1_item_unpack(bag->value.bag->value.octet,
+ ASN1_ITEM_rptr(X509));
+}
+
+X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag)
+{
+ if (M_PKCS12_bag_type(bag) != NID_crlBag)
+ return NULL;
+ if (M_PKCS12_cert_bag_type(bag) != NID_x509Crl)
+ return NULL;
+ return ASN1_item_unpack(bag->value.bag->value.octet,
+ ASN1_ITEM_rptr(X509_CRL));
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/pkcs12/pkcs12.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,342 +0,0 @@
-/* pkcs12.h */
-/*
- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PKCS12_H
-# define HEADER_PKCS12_H
-
-# include <openssl/bio.h>
-# include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define PKCS12_KEY_ID 1
-# define PKCS12_IV_ID 2
-# define PKCS12_MAC_ID 3
-
-/* Default iteration count */
-# ifndef PKCS12_DEFAULT_ITER
-# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
-# endif
-
-# define PKCS12_MAC_KEY_LENGTH 20
-
-# define PKCS12_SALT_LEN 8
-
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*
- * #define PBE_UNICODE
- */
-
-# ifdef PBE_UNICODE
-# define PKCS12_key_gen PKCS12_key_gen_uni
-# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-# else
-# define PKCS12_key_gen PKCS12_key_gen_asc
-# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
-# endif
-
-/* MS key usage constants */
-
-# define KEY_EX 0x10
-# define KEY_SIG 0x80
-
-typedef struct {
- X509_SIG *dinfo;
- ASN1_OCTET_STRING *salt;
- ASN1_INTEGER *iter; /* defaults to 1 */
-} PKCS12_MAC_DATA;
-
-typedef struct {
- ASN1_INTEGER *version;
- PKCS12_MAC_DATA *mac;
- PKCS7 *authsafes;
-} PKCS12;
-
-typedef struct {
- ASN1_OBJECT *type;
- union {
- struct pkcs12_bag_st *bag; /* secret, crl and certbag */
- struct pkcs8_priv_key_info_st *keybag; /* keybag */
- X509_SIG *shkeybag; /* shrouded key bag */
- STACK_OF(PKCS12_SAFEBAG) *safes;
- ASN1_TYPE *other;
- } value;
- STACK_OF(X509_ATTRIBUTE) *attrib;
-} PKCS12_SAFEBAG;
-
-DECLARE_STACK_OF(PKCS12_SAFEBAG)
-DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
-DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct pkcs12_bag_st {
- ASN1_OBJECT *type;
- union {
- ASN1_OCTET_STRING *x509cert;
- ASN1_OCTET_STRING *x509crl;
- ASN1_OCTET_STRING *octet;
- ASN1_IA5STRING *sdsicert;
- ASN1_TYPE *other; /* Secret or other bag */
- } value;
-} PKCS12_BAGS;
-
-# define PKCS12_ERROR 0
-# define PKCS12_OK 1
-
-/* Compatibility macros */
-
-# define M_PKCS12_x5092certbag PKCS12_x5092certbag
-# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
-
-# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
-# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
-
-# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
-# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
-# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
-# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
-
-# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
-# define M_PKCS8_decrypt PKCS8_decrypt
-
-# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
-# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
-# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
-
-# define PKCS12_get_attr(bag, attr_nid) \
- PKCS12_get_attr_gen(bag->attrib, attr_nid)
-
-# define PKCS8_get_attr(p8, attr_nid) \
- PKCS12_get_attr_gen(p8->attributes, attr_nid)
-
-# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
- int nid1, int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
- int passlen);
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
- const char *pass, int passlen);
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
- const char *pass, int passlen, unsigned char *salt,
- int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
- int passlen, unsigned char *salt,
- int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- STACK_OF(PKCS12_SAFEBAG) *bags);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
- int passlen);
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
- int namelen);
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
- int namelen);
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
- int namelen);
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
- const unsigned char *name, int namelen);
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
- int passlen, unsigned char *in, int inlen,
- unsigned char **data, int *datalen,
- int en_de);
-void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
- const char *pass, int passlen,
- ASN1_OCTET_STRING *oct, int zbuf);
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
- const ASN1_ITEM *it,
- const char *pass, int passlen,
- void *obj, int zbuf);
-PKCS12 *PKCS12_init(int mode);
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n,
- unsigned char *out, const EVP_MD *md_type);
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n,
- unsigned char *out, const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, const EVP_CIPHER *cipher,
- const EVP_MD *md_type, int en_de);
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *mac, unsigned int *maclen);
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- const EVP_MD *md_type);
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
- int saltlen, const EVP_MD *md_type);
-unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
- unsigned char **uni, int *unilen);
-char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
-
-DECLARE_ASN1_FUNCTIONS(PKCS12)
-DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
-
-void PKCS12_PBE_add(void);
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca);
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
- int mac_iter, int keytype);
-
-PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
-PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
- EVP_PKEY *key, int key_usage, int iter,
- int key_nid, char *pass);
-int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
- int safe_nid, int iter, char *pass);
-PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS12_strings(void);
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-# define PKCS12_F_PARSE_BAG 129
-# define PKCS12_F_PARSE_BAGS 103
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
-# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
-# define PKCS12_F_PKCS12_CREATE 105
-# define PKCS12_F_PKCS12_GEN_MAC 107
-# define PKCS12_F_PKCS12_INIT 109
-# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
-# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
-# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
-# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
-# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
-# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
-# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
-# define PKCS12_F_PKCS12_NEWPASS 128
-# define PKCS12_F_PKCS12_PACK_P7DATA 114
-# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
-# define PKCS12_F_PKCS12_PARSE 118
-# define PKCS12_F_PKCS12_PBE_CRYPT 119
-# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
-# define PKCS12_F_PKCS12_SETUP_MAC 122
-# define PKCS12_F_PKCS12_SET_MAC 123
-# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
-# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
-# define PKCS12_F_PKCS12_VERIFY_MAC 126
-# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
-# define PKCS12_F_PKCS8_ENCRYPT 125
-
-/* Reason codes. */
-# define PKCS12_R_CANT_PACK_STRUCTURE 100
-# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
-# define PKCS12_R_DECODE_ERROR 101
-# define PKCS12_R_ENCODE_ERROR 102
-# define PKCS12_R_ENCRYPT_ERROR 103
-# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
-# define PKCS12_R_INVALID_NULL_ARGUMENT 104
-# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
-# define PKCS12_R_IV_GEN_ERROR 106
-# define PKCS12_R_KEY_GEN_ERROR 107
-# define PKCS12_R_MAC_ABSENT 108
-# define PKCS12_R_MAC_GENERATION_ERROR 109
-# define PKCS12_R_MAC_SETUP_ERROR 110
-# define PKCS12_R_MAC_STRING_SET_ERROR 111
-# define PKCS12_R_MAC_VERIFY_ERROR 112
-# define PKCS12_R_MAC_VERIFY_FAILURE 113
-# define PKCS12_R_PARSE_ERROR 114
-# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
-# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
-# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
-# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
-# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h (from rev 11605, vendor-crypto/openssl/dist/crypto/pkcs12/pkcs12.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs12/pkcs12.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,342 @@
+/* pkcs12.h */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_PKCS12_H
+# define HEADER_PKCS12_H
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PKCS12_KEY_ID 1
+# define PKCS12_IV_ID 2
+# define PKCS12_MAC_ID 3
+
+/* Default iteration count */
+# ifndef PKCS12_DEFAULT_ITER
+# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
+# endif
+
+# define PKCS12_MAC_KEY_LENGTH 20
+
+# define PKCS12_SALT_LEN 8
+
+/* Uncomment out next line for unicode password and names, otherwise ASCII */
+
+/*
+ * #define PBE_UNICODE
+ */
+
+# ifdef PBE_UNICODE
+# define PKCS12_key_gen PKCS12_key_gen_uni
+# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
+# else
+# define PKCS12_key_gen PKCS12_key_gen_asc
+# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
+# endif
+
+/* MS key usage constants */
+
+# define KEY_EX 0x10
+# define KEY_SIG 0x80
+
+typedef struct {
+ X509_SIG *dinfo;
+ ASN1_OCTET_STRING *salt;
+ ASN1_INTEGER *iter; /* defaults to 1 */
+} PKCS12_MAC_DATA;
+
+typedef struct {
+ ASN1_INTEGER *version;
+ PKCS12_MAC_DATA *mac;
+ PKCS7 *authsafes;
+} PKCS12;
+
+typedef struct {
+ ASN1_OBJECT *type;
+ union {
+ struct pkcs12_bag_st *bag; /* secret, crl and certbag */
+ struct pkcs8_priv_key_info_st *keybag; /* keybag */
+ X509_SIG *shkeybag; /* shrouded key bag */
+ STACK_OF(PKCS12_SAFEBAG) *safes;
+ ASN1_TYPE *other;
+ } value;
+ STACK_OF(X509_ATTRIBUTE) *attrib;
+} PKCS12_SAFEBAG;
+
+DECLARE_STACK_OF(PKCS12_SAFEBAG)
+DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
+DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
+
+typedef struct pkcs12_bag_st {
+ ASN1_OBJECT *type;
+ union {
+ ASN1_OCTET_STRING *x509cert;
+ ASN1_OCTET_STRING *x509crl;
+ ASN1_OCTET_STRING *octet;
+ ASN1_IA5STRING *sdsicert;
+ ASN1_TYPE *other; /* Secret or other bag */
+ } value;
+} PKCS12_BAGS;
+
+# define PKCS12_ERROR 0
+# define PKCS12_OK 1
+
+/* Compatibility macros */
+
+# define M_PKCS12_x5092certbag PKCS12_x5092certbag
+# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
+
+# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
+# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
+
+# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
+# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
+# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
+# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
+
+# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
+# define M_PKCS8_decrypt PKCS8_decrypt
+
+# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
+# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
+# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
+
+# define PKCS12_get_attr(bag, attr_nid) \
+ PKCS12_get_attr_gen(bag->attrib, attr_nid)
+
+# define PKCS8_get_attr(p8, attr_nid) \
+ PKCS12_get_attr_gen(p8->attributes, attr_nid)
+
+# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
+
+PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
+PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
+X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
+X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
+
+PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
+ int nid1, int nid2);
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
+ int passlen);
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
+ const char *pass, int passlen);
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+ const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
+ int passlen, unsigned char *salt,
+ int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8);
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ STACK_OF(PKCS12_SAFEBAG) *bags);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
+ int passlen);
+
+int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
+ int namelen);
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
+ const unsigned char *name, int namelen);
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
+ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
+char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
+unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
+ int passlen, unsigned char *in, int inlen,
+ unsigned char **data, int *datalen,
+ int en_de);
+void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ ASN1_OCTET_STRING *oct, int zbuf);
+ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
+ const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ void *obj, int zbuf);
+PKCS12 *PKCS12_init(int mode);
+int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md_type, int en_de);
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *mac, unsigned int *maclen);
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *md_type);
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
+ int saltlen, const EVP_MD *md_type);
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+ unsigned char **uni, int *unilen);
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
+
+DECLARE_ASN1_FUNCTIONS(PKCS12)
+DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+void PKCS12_PBE_add(void);
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+ STACK_OF(X509) **ca);
+PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
+ STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
+ int mac_iter, int keytype);
+
+PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
+PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
+ EVP_PKEY *key, int key_usage, int iter,
+ int key_nid, char *pass);
+int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+ int safe_nid, int iter, char *pass);
+PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
+
+int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
+int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
+PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
+PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
+int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PKCS12_strings(void);
+
+/* Error codes for the PKCS12 functions. */
+
+/* Function codes. */
+# define PKCS12_F_PARSE_BAG 129
+# define PKCS12_F_PARSE_BAGS 103
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
+# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
+# define PKCS12_F_PKCS12_CREATE 105
+# define PKCS12_F_PKCS12_GEN_MAC 107
+# define PKCS12_F_PKCS12_INIT 109
+# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
+# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
+# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
+# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
+# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
+# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
+# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
+# define PKCS12_F_PKCS12_NEWPASS 128
+# define PKCS12_F_PKCS12_PACK_P7DATA 114
+# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
+# define PKCS12_F_PKCS12_PARSE 118
+# define PKCS12_F_PKCS12_PBE_CRYPT 119
+# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
+# define PKCS12_F_PKCS12_SETUP_MAC 122
+# define PKCS12_F_PKCS12_SET_MAC 123
+# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
+# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
+# define PKCS12_F_PKCS12_VERIFY_MAC 126
+# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
+# define PKCS12_F_PKCS8_ENCRYPT 125
+
+/* Reason codes. */
+# define PKCS12_R_CANT_PACK_STRUCTURE 100
+# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
+# define PKCS12_R_DECODE_ERROR 101
+# define PKCS12_R_ENCODE_ERROR 102
+# define PKCS12_R_ENCRYPT_ERROR 103
+# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
+# define PKCS12_R_INVALID_NULL_ARGUMENT 104
+# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
+# define PKCS12_R_IV_GEN_ERROR 106
+# define PKCS12_R_KEY_GEN_ERROR 107
+# define PKCS12_R_MAC_ABSENT 108
+# define PKCS12_R_MAC_GENERATION_ERROR 109
+# define PKCS12_R_MAC_SETUP_ERROR 110
+# define PKCS12_R_MAC_STRING_SET_ERROR 111
+# define PKCS12_R_MAC_VERIFY_ERROR 112
+# define PKCS12_R_MAC_VERIFY_FAILURE 113
+# define PKCS12_R_PARSE_ERROR 114
+# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
+# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
+# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
+# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
+# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/pkcs7/pk7_doit.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1295 +0,0 @@
-/* crypto/pkcs7/pk7_doit.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
- void *value);
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
-
-static int PKCS7_type_is_other(PKCS7 *p7)
-{
- int isOther = 1;
-
- int nid = OBJ_obj2nid(p7->type);
-
- switch (nid) {
- case NID_pkcs7_data:
- case NID_pkcs7_signed:
- case NID_pkcs7_enveloped:
- case NID_pkcs7_signedAndEnveloped:
- case NID_pkcs7_digest:
- case NID_pkcs7_encrypted:
- isOther = 0;
- break;
- default:
- isOther = 1;
- }
-
- return isOther;
-
-}
-
-static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
-{
- if (PKCS7_type_is_data(p7))
- return p7->d.data;
- if (PKCS7_type_is_other(p7) && p7->d.other
- && (p7->d.other->type == V_ASN1_OCTET_STRING))
- return p7->d.other->value.octet_string;
- return NULL;
-}
-
-static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
-{
- BIO *btmp;
- const EVP_MD *md;
- if ((btmp = BIO_new(BIO_f_md())) == NULL) {
- PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
- goto err;
- }
-
- md = EVP_get_digestbyobj(alg->algorithm);
- if (md == NULL) {
- PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);
- goto err;
- }
-
- BIO_set_md(btmp, md);
- if (*pbio == NULL)
- *pbio = btmp;
- else if (!BIO_push(*pbio, btmp)) {
- PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
- goto err;
- }
- btmp = NULL;
-
- return 1;
-
- err:
- if (btmp)
- BIO_free(btmp);
- return 0;
-
-}
-
-static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
- unsigned char *key, int keylen)
-{
- EVP_PKEY_CTX *pctx = NULL;
- EVP_PKEY *pkey = NULL;
- unsigned char *ek = NULL;
- int ret = 0;
- size_t eklen;
-
- pkey = X509_get_pubkey(ri->cert);
-
- if (!pkey)
- return 0;
-
- pctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!pctx)
- return 0;
-
- if (EVP_PKEY_encrypt_init(pctx) <= 0)
- goto err;
-
- if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
- EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
- PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
- goto err;
- }
-
- if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
- goto err;
-
- ek = OPENSSL_malloc(eklen);
-
- if (ek == NULL) {
- PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
- goto err;
-
- ASN1_STRING_set0(ri->enc_key, ek, eklen);
- ek = NULL;
-
- ret = 1;
-
- err:
- if (pkey)
- EVP_PKEY_free(pkey);
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
- if (ek)
- OPENSSL_free(ek);
- return ret;
-
-}
-
-static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
- PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
-{
- EVP_PKEY_CTX *pctx = NULL;
- unsigned char *ek = NULL;
- size_t eklen;
-
- int ret = -1;
-
- pctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!pctx)
- return -1;
-
- if (EVP_PKEY_decrypt_init(pctx) <= 0)
- goto err;
-
- if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
- EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
- goto err;
- }
-
- if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
- ri->enc_key->data, ri->enc_key->length) <= 0)
- goto err;
-
- ek = OPENSSL_malloc(eklen);
-
- if (ek == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (EVP_PKEY_decrypt(pctx, ek, &eklen,
- ri->enc_key->data, ri->enc_key->length) <= 0) {
- ret = 0;
- PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
- goto err;
- }
-
- ret = 1;
-
- if (*pek) {
- OPENSSL_cleanse(*pek, *peklen);
- OPENSSL_free(*pek);
- }
-
- *pek = ek;
- *peklen = eklen;
-
- err:
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
- if (!ret && ek)
- OPENSSL_free(ek);
-
- return ret;
-}
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
-{
- int i;
- BIO *out = NULL, *btmp = NULL;
- X509_ALGOR *xa = NULL;
- const EVP_CIPHER *evp_cipher = NULL;
- STACK_OF(X509_ALGOR) *md_sk = NULL;
- STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
- X509_ALGOR *xalg = NULL;
- PKCS7_RECIP_INFO *ri = NULL;
- ASN1_OCTET_STRING *os = NULL;
-
- if (p7 == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
- return NULL;
- }
- /*
- * The content field in the PKCS7 ContentInfo is optional, but that really
- * only applies to inner content (precisely, detached signatures).
- *
- * When reading content, missing outer content is therefore treated as an
- * error.
- *
- * When creating content, PKCS7_content_new() must be called before
- * calling this method, so a NULL p7->d is always an error.
- */
- if (p7->d.ptr == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);
- return NULL;
- }
-
- i = OBJ_obj2nid(p7->type);
- p7->state = PKCS7_S_HEADER;
-
- switch (i) {
- case NID_pkcs7_signed:
- md_sk = p7->d.sign->md_algs;
- os = PKCS7_get_octet_string(p7->d.sign->contents);
- break;
- case NID_pkcs7_signedAndEnveloped:
- rsk = p7->d.signed_and_enveloped->recipientinfo;
- md_sk = p7->d.signed_and_enveloped->md_algs;
- xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
- evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
- if (evp_cipher == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
- goto err;
- }
- break;
- case NID_pkcs7_enveloped:
- rsk = p7->d.enveloped->recipientinfo;
- xalg = p7->d.enveloped->enc_data->algorithm;
- evp_cipher = p7->d.enveloped->enc_data->cipher;
- if (evp_cipher == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
- goto err;
- }
- break;
- case NID_pkcs7_digest:
- xa = p7->d.digest->md;
- os = PKCS7_get_octet_string(p7->d.digest->contents);
- break;
- case NID_pkcs7_data:
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
-
- for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
- if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
- goto err;
-
- if (xa && !PKCS7_bio_add_digest(&out, xa))
- goto err;
-
- if (evp_cipher != NULL) {
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- int keylen, ivlen;
- EVP_CIPHER_CTX *ctx;
-
- if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_BIO_LIB);
- goto err;
- }
- BIO_get_cipher_ctx(btmp, &ctx);
- keylen = EVP_CIPHER_key_length(evp_cipher);
- ivlen = EVP_CIPHER_iv_length(evp_cipher);
- xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
- if (ivlen > 0)
- if (RAND_pseudo_bytes(iv, ivlen) <= 0)
- goto err;
- if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
- goto err;
- if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
- goto err;
- if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
- goto err;
-
- if (ivlen > 0) {
- if (xalg->parameter == NULL) {
- xalg->parameter = ASN1_TYPE_new();
- if (xalg->parameter == NULL)
- goto err;
- }
- if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
- goto err;
- }
-
- /* Lets do the pub key stuff :-) */
- for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
- ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
- if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
- goto err;
- }
- OPENSSL_cleanse(key, keylen);
-
- if (out == NULL)
- out = btmp;
- else
- BIO_push(out, btmp);
- btmp = NULL;
- }
-
- if (bio == NULL) {
- if (PKCS7_is_detached(p7))
- bio = BIO_new(BIO_s_null());
- else if (os && os->length > 0)
- bio = BIO_new_mem_buf(os->data, os->length);
- if (bio == NULL) {
- bio = BIO_new(BIO_s_mem());
- if (bio == NULL)
- goto err;
- BIO_set_mem_eof_return(bio, 0);
- }
- }
- if (out)
- BIO_push(out, bio);
- else
- out = bio;
- bio = NULL;
- if (0) {
- err:
- if (out != NULL)
- BIO_free_all(out);
- if (btmp != NULL)
- BIO_free_all(btmp);
- out = NULL;
- }
- return (out);
-}
-
-static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
-{
- int ret;
- ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
- pcert->cert_info->issuer);
- if (ret)
- return ret;
- return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
- ri->issuer_and_serial->serial);
-}
-
-/* int */
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
-{
- int i, j;
- BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
- X509_ALGOR *xa;
- ASN1_OCTET_STRING *data_body = NULL;
- const EVP_MD *evp_md;
- const EVP_CIPHER *evp_cipher = NULL;
- EVP_CIPHER_CTX *evp_ctx = NULL;
- X509_ALGOR *enc_alg = NULL;
- STACK_OF(X509_ALGOR) *md_sk = NULL;
- STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
- PKCS7_RECIP_INFO *ri = NULL;
- unsigned char *ek = NULL, *tkey = NULL;
- int eklen = 0, tkeylen = 0;
-
- if (p7 == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
- return NULL;
- }
-
- if (p7->d.ptr == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
- return NULL;
- }
-
- i = OBJ_obj2nid(p7->type);
- p7->state = PKCS7_S_HEADER;
-
- switch (i) {
- case NID_pkcs7_signed:
- /*
- * p7->d.sign->contents is a PKCS7 structure consisting of a contentType
- * field and optional content.
- * data_body is NULL if that structure has no (=detached) content
- * or if the contentType is wrong (i.e., not "data").
- */
- data_body = PKCS7_get_octet_string(p7->d.sign->contents);
- if (!PKCS7_is_detached(p7) && data_body == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_INVALID_SIGNED_DATA_TYPE);
- goto err;
- }
- md_sk = p7->d.sign->md_algs;
- break;
- case NID_pkcs7_signedAndEnveloped:
- rsk = p7->d.signed_and_enveloped->recipientinfo;
- md_sk = p7->d.signed_and_enveloped->md_algs;
- /* data_body is NULL if the optional EncryptedContent is missing. */
- data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
- enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
- evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
- if (evp_cipher == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
- goto err;
- }
- break;
- case NID_pkcs7_enveloped:
- rsk = p7->d.enveloped->recipientinfo;
- enc_alg = p7->d.enveloped->enc_data->algorithm;
- /* data_body is NULL if the optional EncryptedContent is missing. */
- data_body = p7->d.enveloped->enc_data->enc_data;
- evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
- if (evp_cipher == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
- goto err;
- }
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
-
- /* Detached content must be supplied via in_bio instead. */
- if (data_body == NULL && in_bio == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
- goto err;
- }
-
- /* We will be checking the signature */
- if (md_sk != NULL) {
- for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
- xa = sk_X509_ALGOR_value(md_sk, i);
- if ((btmp = BIO_new(BIO_f_md())) == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
- goto err;
- }
-
- j = OBJ_obj2nid(xa->algorithm);
- evp_md = EVP_get_digestbynid(j);
- if (evp_md == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_UNKNOWN_DIGEST_TYPE);
- goto err;
- }
-
- BIO_set_md(btmp, evp_md);
- if (out == NULL)
- out = btmp;
- else
- BIO_push(out, btmp);
- btmp = NULL;
- }
- }
-
- if (evp_cipher != NULL) {
-#if 0
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char *p;
- int keylen, ivlen;
- int max;
- X509_OBJECT ret;
-#endif
-
- if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
- goto err;
- }
-
- /*
- * It was encrypted, we need to decrypt the secret key with the
- * private key
- */
-
- /*
- * Find the recipientInfo which matches the passed certificate (if
- * any)
- */
-
- if (pcert) {
- for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
- ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
- if (!pkcs7_cmp_ri(ri, pcert))
- break;
- ri = NULL;
- }
- if (ri == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
- goto err;
- }
- }
-
- /* If we haven't got a certificate try each ri in turn */
- if (pcert == NULL) {
- /*
- * Always attempt to decrypt all rinfo even after sucess as a
- * defence against MMA timing attacks.
- */
- for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
- ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-
- if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
- goto err;
- ERR_clear_error();
- }
- } else {
- /* Only exit on fatal errors, not decrypt failure */
- if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
- goto err;
- ERR_clear_error();
- }
-
- evp_ctx = NULL;
- BIO_get_cipher_ctx(etmp, &evp_ctx);
- if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)
- goto err;
- if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
- goto err;
- /* Generate random key as MMA defence */
- tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
- tkey = OPENSSL_malloc(tkeylen);
- if (!tkey)
- goto err;
- if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
- goto err;
- if (ek == NULL) {
- ek = tkey;
- eklen = tkeylen;
- tkey = NULL;
- }
-
- if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
- /*
- * Some S/MIME clients don't use the same key and effective key
- * length. The key length is determined by the size of the
- * decrypted RSA key.
- */
- if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
- /* Use random key as MMA defence */
- OPENSSL_cleanse(ek, eklen);
- OPENSSL_free(ek);
- ek = tkey;
- eklen = tkeylen;
- tkey = NULL;
- }
- }
- /* Clear errors so we don't leak information useful in MMA */
- ERR_clear_error();
- if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
- goto err;
-
- if (ek) {
- OPENSSL_cleanse(ek, eklen);
- OPENSSL_free(ek);
- ek = NULL;
- }
- if (tkey) {
- OPENSSL_cleanse(tkey, tkeylen);
- OPENSSL_free(tkey);
- tkey = NULL;
- }
-
- if (out == NULL)
- out = etmp;
- else
- BIO_push(out, etmp);
- etmp = NULL;
- }
-#if 1
- if (in_bio != NULL) {
- bio = in_bio;
- } else {
-# if 0
- bio = BIO_new(BIO_s_mem());
- /*
- * We need to set this so that when we have read all the data, the
- * encrypt BIO, if present, will read EOF and encode the last few
- * bytes
- */
- BIO_set_mem_eof_return(bio, 0);
-
- if (data_body->length > 0)
- BIO_write(bio, (char *)data_body->data, data_body->length);
-# else
- if (data_body->length > 0)
- bio = BIO_new_mem_buf(data_body->data, data_body->length);
- else {
- bio = BIO_new(BIO_s_mem());
- if (bio == NULL)
- goto err;
- BIO_set_mem_eof_return(bio, 0);
- }
- if (bio == NULL)
- goto err;
-# endif
- }
- BIO_push(out, bio);
- bio = NULL;
-#endif
- if (0) {
- err:
- if (ek) {
- OPENSSL_cleanse(ek, eklen);
- OPENSSL_free(ek);
- }
- if (tkey) {
- OPENSSL_cleanse(tkey, tkeylen);
- OPENSSL_free(tkey);
- }
- if (out != NULL)
- BIO_free_all(out);
- if (btmp != NULL)
- BIO_free_all(btmp);
- if (etmp != NULL)
- BIO_free_all(etmp);
- if (bio != NULL)
- BIO_free_all(bio);
- out = NULL;
- }
- return (out);
-}
-
-static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
-{
- for (;;) {
- bio = BIO_find_type(bio, BIO_TYPE_MD);
- if (bio == NULL) {
- PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,
- PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
- return NULL;
- }
- BIO_get_md_ctx(bio, pmd);
- if (*pmd == NULL) {
- PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
- if (EVP_MD_CTX_type(*pmd) == nid)
- return bio;
- bio = BIO_next(bio);
- }
- return NULL;
-}
-
-static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
-{
- unsigned char md_data[EVP_MAX_MD_SIZE];
- unsigned int md_len;
-
- /* Add signing time if not already present */
- if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
- if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
- PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
-
- /* Add digest */
- if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
- PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
- return 0;
- }
- if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
- PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- /* Now sign the attributes */
- if (!PKCS7_SIGNER_INFO_sign(si))
- return 0;
-
- return 1;
-}
-
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
-{
- int ret = 0;
- int i, j;
- BIO *btmp;
- PKCS7_SIGNER_INFO *si;
- EVP_MD_CTX *mdc, ctx_tmp;
- STACK_OF(X509_ATTRIBUTE) *sk;
- STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
- ASN1_OCTET_STRING *os = NULL;
-
- if (p7 == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);
- return 0;
- }
-
- if (p7->d.ptr == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
- return 0;
- }
-
- EVP_MD_CTX_init(&ctx_tmp);
- i = OBJ_obj2nid(p7->type);
- p7->state = PKCS7_S_HEADER;
-
- switch (i) {
- case NID_pkcs7_data:
- os = p7->d.data;
- break;
- case NID_pkcs7_signedAndEnveloped:
- /* XXXXXXXXXXXXXXXX */
- si_sk = p7->d.signed_and_enveloped->signer_info;
- os = p7->d.signed_and_enveloped->enc_data->enc_data;
- if (!os) {
- os = M_ASN1_OCTET_STRING_new();
- if (!os) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p7->d.signed_and_enveloped->enc_data->enc_data = os;
- }
- break;
- case NID_pkcs7_enveloped:
- /* XXXXXXXXXXXXXXXX */
- os = p7->d.enveloped->enc_data->enc_data;
- if (!os) {
- os = M_ASN1_OCTET_STRING_new();
- if (!os) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p7->d.enveloped->enc_data->enc_data = os;
- }
- break;
- case NID_pkcs7_signed:
- si_sk = p7->d.sign->signer_info;
- os = PKCS7_get_octet_string(p7->d.sign->contents);
- /* If detached data then the content is excluded */
- if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
- M_ASN1_OCTET_STRING_free(os);
- os = NULL;
- p7->d.sign->contents->d.data = NULL;
- }
- break;
-
- case NID_pkcs7_digest:
- os = PKCS7_get_octet_string(p7->d.digest->contents);
- /* If detached data then the content is excluded */
- if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
- M_ASN1_OCTET_STRING_free(os);
- os = NULL;
- p7->d.digest->contents->d.data = NULL;
- }
- break;
-
- default:
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
-
- if (si_sk != NULL) {
- for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
- si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
- if (si->pkey == NULL)
- continue;
-
- j = OBJ_obj2nid(si->digest_alg->algorithm);
-
- btmp = bio;
-
- btmp = PKCS7_find_digest(&mdc, btmp, j);
-
- if (btmp == NULL)
- goto err;
-
- /*
- * We now have the EVP_MD_CTX, lets do the signing.
- */
- if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
- goto err;
-
- sk = si->auth_attr;
-
- /*
- * If there are attributes, we add the digest attribute and only
- * sign the attributes
- */
- if (sk_X509_ATTRIBUTE_num(sk) > 0) {
- if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
- goto err;
- } else {
- unsigned char *abuf = NULL;
- unsigned int abuflen;
- abuflen = EVP_PKEY_size(si->pkey);
- abuf = OPENSSL_malloc(abuflen);
- if (!abuf)
- goto err;
-
- if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
- goto err;
- }
- ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
- }
- }
- } else if (i == NID_pkcs7_digest) {
- unsigned char md_data[EVP_MAX_MD_SIZE];
- unsigned int md_len;
- if (!PKCS7_find_digest(&mdc, bio,
- OBJ_obj2nid(p7->d.digest->md->algorithm)))
- goto err;
- if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
- goto err;
- M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
- }
-
- if (!PKCS7_is_detached(p7)) {
- /*
- * NOTE(emilia): I think we only reach os == NULL here because detached
- * digested data support is broken.
- */
- if (os == NULL)
- goto err;
- if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
- char *cont;
- long contlen;
- btmp = BIO_find_type(bio, BIO_TYPE_MEM);
- if (btmp == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
- goto err;
- }
- contlen = BIO_get_mem_data(btmp, &cont);
- /*
- * Mark the BIO read only then we can use its copy of the data
- * instead of making an extra copy.
- */
- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
- BIO_set_mem_eof_return(btmp, 0);
- ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
- }
- }
- ret = 1;
- err:
- EVP_MD_CTX_cleanup(&ctx_tmp);
- return (ret);
-}
-
-int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
-{
- EVP_MD_CTX mctx;
- EVP_PKEY_CTX *pctx;
- unsigned char *abuf = NULL;
- int alen;
- size_t siglen;
- const EVP_MD *md = NULL;
-
- md = EVP_get_digestbyobj(si->digest_alg->algorithm);
- if (md == NULL)
- return 0;
-
- EVP_MD_CTX_init(&mctx);
- if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
- goto err;
-
- if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
- EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
- PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
- goto err;
- }
-
- alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
- ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
- if (!abuf)
- goto err;
- if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
- goto err;
- OPENSSL_free(abuf);
- abuf = NULL;
- if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
- goto err;
- abuf = OPENSSL_malloc(siglen);
- if (!abuf)
- goto err;
- if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
- goto err;
-
- if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
- EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
- PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
- goto err;
- }
-
- EVP_MD_CTX_cleanup(&mctx);
-
- ASN1_STRING_set0(si->enc_digest, abuf, siglen);
-
- return 1;
-
- err:
- if (abuf)
- OPENSSL_free(abuf);
- EVP_MD_CTX_cleanup(&mctx);
- return 0;
-
-}
-
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
- PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
- PKCS7_ISSUER_AND_SERIAL *ias;
- int ret = 0, i;
- STACK_OF(X509) *cert;
- X509 *x509;
-
- if (p7 == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER);
- return 0;
- }
-
- if (p7->d.ptr == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);
- return 0;
- }
-
- if (PKCS7_type_is_signed(p7)) {
- cert = p7->d.sign->cert;
- } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
- cert = p7->d.signed_and_enveloped->cert;
- } else {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
- goto err;
- }
- /* XXXXXXXXXXXXXXXXXXXXXXX */
- ias = si->issuer_and_serial;
-
- x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);
-
- /* were we able to find the cert in passed to us */
- if (x509 == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,
- PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
- goto err;
- }
-
- /* Lets verify */
- if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
- goto err;
- }
- X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
- i = X509_verify_cert(ctx);
- if (i <= 0) {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
- X509_STORE_CTX_cleanup(ctx);
- goto err;
- }
- X509_STORE_CTX_cleanup(ctx);
-
- return PKCS7_signatureVerify(bio, p7, si, x509);
- err:
- return ret;
-}
-
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
- X509 *x509)
-{
- ASN1_OCTET_STRING *os;
- EVP_MD_CTX mdc_tmp, *mdc;
- int ret = 0, i;
- int md_type;
- STACK_OF(X509_ATTRIBUTE) *sk;
- BIO *btmp;
- EVP_PKEY *pkey;
-
- EVP_MD_CTX_init(&mdc_tmp);
-
- if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
- goto err;
- }
-
- md_type = OBJ_obj2nid(si->digest_alg->algorithm);
-
- btmp = bio;
- for (;;) {
- if ((btmp == NULL) ||
- ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
- goto err;
- }
- BIO_get_md_ctx(btmp, &mdc);
- if (mdc == NULL) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- if (EVP_MD_CTX_type(mdc) == md_type)
- break;
- /*
- * Workaround for some broken clients that put the signature OID
- * instead of the digest OID in digest_alg->algorithm
- */
- if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
- break;
- btmp = BIO_next(btmp);
- }
-
- /*
- * mdc is the digest ctx that we want, unless there are attributes, in
- * which case the digest is the signed attributes
- */
- if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
- goto err;
-
- sk = si->auth_attr;
- if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
- unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
- unsigned int md_len;
- int alen;
- ASN1_OCTET_STRING *message_digest;
-
- if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
- goto err;
- message_digest = PKCS7_digest_from_attributes(sk);
- if (!message_digest) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
- goto err;
- }
- if ((message_digest->length != (int)md_len) ||
- (memcmp(message_digest->data, md_dat, md_len))) {
-#if 0
- {
- int ii;
- for (ii = 0; ii < message_digest->length; ii++)
- printf("%02X", message_digest->data[ii]);
- printf(" sent\n");
- for (ii = 0; ii < md_len; ii++)
- printf("%02X", md_dat[ii]);
- printf(" calc\n");
- }
-#endif
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
- ret = -1;
- goto err;
- }
-
- if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
- goto err;
-
- alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
- ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
- if (alen <= 0) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);
- ret = -1;
- goto err;
- }
- if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
- goto err;
-
- OPENSSL_free(abuf);
- }
-
- os = si->enc_digest;
- pkey = X509_get_pubkey(x509);
- if (!pkey) {
- ret = -1;
- goto err;
- }
-
- i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
- EVP_PKEY_free(pkey);
- if (i <= 0) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
- ret = -1;
- goto err;
- } else
- ret = 1;
- err:
- EVP_MD_CTX_cleanup(&mdc_tmp);
- return (ret);
-}
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
-{
- STACK_OF(PKCS7_RECIP_INFO) *rsk;
- PKCS7_RECIP_INFO *ri;
- int i;
-
- i = OBJ_obj2nid(p7->type);
- if (i != NID_pkcs7_signedAndEnveloped)
- return NULL;
- if (p7->d.signed_and_enveloped == NULL)
- return NULL;
- rsk = p7->d.signed_and_enveloped->recipientinfo;
- if (rsk == NULL)
- return NULL;
- if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
- return (NULL);
- ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
- return (ri->issuer_and_serial);
-}
-
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
-{
- return (get_attribute(si->auth_attr, nid));
-}
-
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
-{
- return (get_attribute(si->unauth_attr, nid));
-}
-
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
-{
- int i;
- X509_ATTRIBUTE *xa;
- ASN1_OBJECT *o;
-
- o = OBJ_nid2obj(nid);
- if (!o || !sk)
- return (NULL);
- for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
- xa = sk_X509_ATTRIBUTE_value(sk, i);
- if (OBJ_cmp(xa->object, o) == 0) {
- if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
- return (sk_ASN1_TYPE_value(xa->value.set, 0));
- else
- return (NULL);
- }
- }
- return (NULL);
-}
-
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
-{
- ASN1_TYPE *astype;
- if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
- return NULL;
- return astype->value.octet_string;
-}
-
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
- STACK_OF(X509_ATTRIBUTE) *sk)
-{
- int i;
-
- if (p7si->auth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
- p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
- if (p7si->auth_attr == NULL)
- return 0;
- for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
- if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
- X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
- (sk, i))))
- == NULL)
- return (0);
- }
- return (1);
-}
-
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
- STACK_OF(X509_ATTRIBUTE) *sk)
-{
- int i;
-
- if (p7si->unauth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
- p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
- if (p7si->unauth_attr == NULL)
- return 0;
- for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
- if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
- X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
- (sk, i))))
- == NULL)
- return (0);
- }
- return (1);
-}
-
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
- void *value)
-{
- return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
-}
-
-int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
- void *value)
-{
- return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
-}
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
- void *value)
-{
- X509_ATTRIBUTE *attr = NULL;
-
- if (*sk == NULL) {
- *sk = sk_X509_ATTRIBUTE_new_null();
- if (*sk == NULL)
- return 0;
- new_attrib:
- if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
- return 0;
- if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
- X509_ATTRIBUTE_free(attr);
- return 0;
- }
- } else {
- int i;
-
- for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
- attr = sk_X509_ATTRIBUTE_value(*sk, i);
- if (OBJ_obj2nid(attr->object) == nid) {
- X509_ATTRIBUTE_free(attr);
- attr = X509_ATTRIBUTE_create(nid, atrtype, value);
- if (attr == NULL)
- return 0;
- if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
- X509_ATTRIBUTE_free(attr);
- return 0;
- }
- goto end;
- }
- }
- goto new_attrib;
- }
- end:
- return (1);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c (from rev 11605, vendor-crypto/openssl/dist/crypto/pkcs7/pk7_doit.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/pkcs7/pk7_doit.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1295 @@
+/* crypto/pkcs7/pk7_doit.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+
+static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
+ void *value);
+static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
+
+static int PKCS7_type_is_other(PKCS7 *p7)
+{
+ int isOther = 1;
+
+ int nid = OBJ_obj2nid(p7->type);
+
+ switch (nid) {
+ case NID_pkcs7_data:
+ case NID_pkcs7_signed:
+ case NID_pkcs7_enveloped:
+ case NID_pkcs7_signedAndEnveloped:
+ case NID_pkcs7_digest:
+ case NID_pkcs7_encrypted:
+ isOther = 0;
+ break;
+ default:
+ isOther = 1;
+ }
+
+ return isOther;
+
+}
+
+static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
+{
+ if (PKCS7_type_is_data(p7))
+ return p7->d.data;
+ if (PKCS7_type_is_other(p7) && p7->d.other
+ && (p7->d.other->type == V_ASN1_OCTET_STRING))
+ return p7->d.other->value.octet_string;
+ return NULL;
+}
+
+static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
+{
+ BIO *btmp;
+ const EVP_MD *md;
+ if ((btmp = BIO_new(BIO_f_md())) == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
+ goto err;
+ }
+
+ md = EVP_get_digestbyobj(alg->algorithm);
+ if (md == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);
+ goto err;
+ }
+
+ BIO_set_md(btmp, md);
+ if (*pbio == NULL)
+ *pbio = btmp;
+ else if (!BIO_push(*pbio, btmp)) {
+ PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
+ goto err;
+ }
+ btmp = NULL;
+
+ return 1;
+
+ err:
+ if (btmp)
+ BIO_free(btmp);
+ return 0;
+
+}
+
+static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
+ unsigned char *key, int keylen)
+{
+ EVP_PKEY_CTX *pctx = NULL;
+ EVP_PKEY *pkey = NULL;
+ unsigned char *ek = NULL;
+ int ret = 0;
+ size_t eklen;
+
+ pkey = X509_get_pubkey(ri->cert);
+
+ if (!pkey)
+ return 0;
+
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!pctx)
+ return 0;
+
+ if (EVP_PKEY_encrypt_init(pctx) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+ EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
+ goto err;
+
+ ek = OPENSSL_malloc(eklen);
+
+ if (ek == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
+ goto err;
+
+ ASN1_STRING_set0(ri->enc_key, ek, eklen);
+ ek = NULL;
+
+ ret = 1;
+
+ err:
+ if (pkey)
+ EVP_PKEY_free(pkey);
+ if (pctx)
+ EVP_PKEY_CTX_free(pctx);
+ if (ek)
+ OPENSSL_free(ek);
+ return ret;
+
+}
+
+static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
+ PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
+{
+ EVP_PKEY_CTX *pctx = NULL;
+ unsigned char *ek = NULL;
+ size_t eklen;
+
+ int ret = -1;
+
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!pctx)
+ return -1;
+
+ if (EVP_PKEY_decrypt_init(pctx) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
+ EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
+ ri->enc_key->data, ri->enc_key->length) <= 0)
+ goto err;
+
+ ek = OPENSSL_malloc(eklen);
+
+ if (ek == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_PKEY_decrypt(pctx, ek, &eklen,
+ ri->enc_key->data, ri->enc_key->length) <= 0) {
+ ret = 0;
+ PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ ret = 1;
+
+ if (*pek) {
+ OPENSSL_cleanse(*pek, *peklen);
+ OPENSSL_free(*pek);
+ }
+
+ *pek = ek;
+ *peklen = eklen;
+
+ err:
+ if (pctx)
+ EVP_PKEY_CTX_free(pctx);
+ if (!ret && ek)
+ OPENSSL_free(ek);
+
+ return ret;
+}
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
+{
+ int i;
+ BIO *out = NULL, *btmp = NULL;
+ X509_ALGOR *xa = NULL;
+ const EVP_CIPHER *evp_cipher = NULL;
+ STACK_OF(X509_ALGOR) *md_sk = NULL;
+ STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
+ X509_ALGOR *xalg = NULL;
+ PKCS7_RECIP_INFO *ri = NULL;
+ ASN1_OCTET_STRING *os = NULL;
+
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
+ return NULL;
+ }
+ /*
+ * The content field in the PKCS7 ContentInfo is optional, but that really
+ * only applies to inner content (precisely, detached signatures).
+ *
+ * When reading content, missing outer content is therefore treated as an
+ * error.
+ *
+ * When creating content, PKCS7_content_new() must be called before
+ * calling this method, so a NULL p7->d is always an error.
+ */
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);
+ return NULL;
+ }
+
+ i = OBJ_obj2nid(p7->type);
+ p7->state = PKCS7_S_HEADER;
+
+ switch (i) {
+ case NID_pkcs7_signed:
+ md_sk = p7->d.sign->md_algs;
+ os = PKCS7_get_octet_string(p7->d.sign->contents);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ rsk = p7->d.signed_and_enveloped->recipientinfo;
+ md_sk = p7->d.signed_and_enveloped->md_algs;
+ xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
+ evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
+ if (evp_cipher == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
+ goto err;
+ }
+ break;
+ case NID_pkcs7_enveloped:
+ rsk = p7->d.enveloped->recipientinfo;
+ xalg = p7->d.enveloped->enc_data->algorithm;
+ evp_cipher = p7->d.enveloped->enc_data->cipher;
+ if (evp_cipher == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
+ goto err;
+ }
+ break;
+ case NID_pkcs7_digest:
+ xa = p7->d.digest->md;
+ os = PKCS7_get_octet_string(p7->d.digest->contents);
+ break;
+ case NID_pkcs7_data:
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+
+ for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
+ if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
+ goto err;
+
+ if (xa && !PKCS7_bio_add_digest(&out, xa))
+ goto err;
+
+ if (evp_cipher != NULL) {
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ int keylen, ivlen;
+ EVP_CIPHER_CTX *ctx;
+
+ if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_BIO_LIB);
+ goto err;
+ }
+ BIO_get_cipher_ctx(btmp, &ctx);
+ keylen = EVP_CIPHER_key_length(evp_cipher);
+ ivlen = EVP_CIPHER_iv_length(evp_cipher);
+ xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
+ if (ivlen > 0)
+ if (RAND_bytes(iv, ivlen) <= 0)
+ goto err;
+ if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
+ goto err;
+ if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
+ goto err;
+ if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
+ goto err;
+
+ if (ivlen > 0) {
+ if (xalg->parameter == NULL) {
+ xalg->parameter = ASN1_TYPE_new();
+ if (xalg->parameter == NULL)
+ goto err;
+ }
+ if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
+ goto err;
+ }
+
+ /* Lets do the pub key stuff :-) */
+ for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+ ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
+ if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
+ goto err;
+ }
+ OPENSSL_cleanse(key, keylen);
+
+ if (out == NULL)
+ out = btmp;
+ else
+ BIO_push(out, btmp);
+ btmp = NULL;
+ }
+
+ if (bio == NULL) {
+ if (PKCS7_is_detached(p7))
+ bio = BIO_new(BIO_s_null());
+ else if (os && os->length > 0)
+ bio = BIO_new_mem_buf(os->data, os->length);
+ if (bio == NULL) {
+ bio = BIO_new(BIO_s_mem());
+ if (bio == NULL)
+ goto err;
+ BIO_set_mem_eof_return(bio, 0);
+ }
+ }
+ if (out)
+ BIO_push(out, bio);
+ else
+ out = bio;
+ bio = NULL;
+ if (0) {
+ err:
+ if (out != NULL)
+ BIO_free_all(out);
+ if (btmp != NULL)
+ BIO_free_all(btmp);
+ out = NULL;
+ }
+ return (out);
+}
+
+static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
+{
+ int ret;
+ ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
+ pcert->cert_info->issuer);
+ if (ret)
+ return ret;
+ return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
+ ri->issuer_and_serial->serial);
+}
+
+/* int */
+BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
+{
+ int i, j;
+ BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
+ X509_ALGOR *xa;
+ ASN1_OCTET_STRING *data_body = NULL;
+ const EVP_MD *evp_md;
+ const EVP_CIPHER *evp_cipher = NULL;
+ EVP_CIPHER_CTX *evp_ctx = NULL;
+ X509_ALGOR *enc_alg = NULL;
+ STACK_OF(X509_ALGOR) *md_sk = NULL;
+ STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
+ PKCS7_RECIP_INFO *ri = NULL;
+ unsigned char *ek = NULL, *tkey = NULL;
+ int eklen = 0, tkeylen = 0;
+
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
+ return NULL;
+ }
+
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
+ return NULL;
+ }
+
+ i = OBJ_obj2nid(p7->type);
+ p7->state = PKCS7_S_HEADER;
+
+ switch (i) {
+ case NID_pkcs7_signed:
+ /*
+ * p7->d.sign->contents is a PKCS7 structure consisting of a contentType
+ * field and optional content.
+ * data_body is NULL if that structure has no (=detached) content
+ * or if the contentType is wrong (i.e., not "data").
+ */
+ data_body = PKCS7_get_octet_string(p7->d.sign->contents);
+ if (!PKCS7_is_detached(p7) && data_body == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+ PKCS7_R_INVALID_SIGNED_DATA_TYPE);
+ goto err;
+ }
+ md_sk = p7->d.sign->md_algs;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ rsk = p7->d.signed_and_enveloped->recipientinfo;
+ md_sk = p7->d.signed_and_enveloped->md_algs;
+ /* data_body is NULL if the optional EncryptedContent is missing. */
+ data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
+ enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
+ evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
+ if (evp_cipher == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+ PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
+ goto err;
+ }
+ break;
+ case NID_pkcs7_enveloped:
+ rsk = p7->d.enveloped->recipientinfo;
+ enc_alg = p7->d.enveloped->enc_data->algorithm;
+ /* data_body is NULL if the optional EncryptedContent is missing. */
+ data_body = p7->d.enveloped->enc_data->enc_data;
+ evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
+ if (evp_cipher == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+ PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
+ goto err;
+ }
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+
+ /* Detached content must be supplied via in_bio instead. */
+ if (data_body == NULL && in_bio == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
+ goto err;
+ }
+
+ /* We will be checking the signature */
+ if (md_sk != NULL) {
+ for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
+ xa = sk_X509_ALGOR_value(md_sk, i);
+ if ((btmp = BIO_new(BIO_f_md())) == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
+ goto err;
+ }
+
+ j = OBJ_obj2nid(xa->algorithm);
+ evp_md = EVP_get_digestbynid(j);
+ if (evp_md == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+ PKCS7_R_UNKNOWN_DIGEST_TYPE);
+ goto err;
+ }
+
+ BIO_set_md(btmp, evp_md);
+ if (out == NULL)
+ out = btmp;
+ else
+ BIO_push(out, btmp);
+ btmp = NULL;
+ }
+ }
+
+ if (evp_cipher != NULL) {
+#if 0
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char *p;
+ int keylen, ivlen;
+ int max;
+ X509_OBJECT ret;
+#endif
+
+ if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
+ goto err;
+ }
+
+ /*
+ * It was encrypted, we need to decrypt the secret key with the
+ * private key
+ */
+
+ /*
+ * Find the recipientInfo which matches the passed certificate (if
+ * any)
+ */
+
+ if (pcert) {
+ for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+ ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
+ if (!pkcs7_cmp_ri(ri, pcert))
+ break;
+ ri = NULL;
+ }
+ if (ri == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+ PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
+ goto err;
+ }
+ }
+
+ /* If we haven't got a certificate try each ri in turn */
+ if (pcert == NULL) {
+ /*
+ * Always attempt to decrypt all rinfo even after sucess as a
+ * defence against MMA timing attacks.
+ */
+ for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+ ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
+
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+ goto err;
+ ERR_clear_error();
+ }
+ } else {
+ /* Only exit on fatal errors, not decrypt failure */
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+ goto err;
+ ERR_clear_error();
+ }
+
+ evp_ctx = NULL;
+ BIO_get_cipher_ctx(etmp, &evp_ctx);
+ if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)
+ goto err;
+ if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
+ goto err;
+ /* Generate random key as MMA defence */
+ tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
+ tkey = OPENSSL_malloc(tkeylen);
+ if (!tkey)
+ goto err;
+ if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
+ goto err;
+ if (ek == NULL) {
+ ek = tkey;
+ eklen = tkeylen;
+ tkey = NULL;
+ }
+
+ if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
+ /*
+ * Some S/MIME clients don't use the same key and effective key
+ * length. The key length is determined by the size of the
+ * decrypted RSA key.
+ */
+ if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
+ /* Use random key as MMA defence */
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ ek = tkey;
+ eklen = tkeylen;
+ tkey = NULL;
+ }
+ }
+ /* Clear errors so we don't leak information useful in MMA */
+ ERR_clear_error();
+ if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
+ goto err;
+
+ if (ek) {
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ ek = NULL;
+ }
+ if (tkey) {
+ OPENSSL_cleanse(tkey, tkeylen);
+ OPENSSL_free(tkey);
+ tkey = NULL;
+ }
+
+ if (out == NULL)
+ out = etmp;
+ else
+ BIO_push(out, etmp);
+ etmp = NULL;
+ }
+#if 1
+ if (in_bio != NULL) {
+ bio = in_bio;
+ } else {
+# if 0
+ bio = BIO_new(BIO_s_mem());
+ /*
+ * We need to set this so that when we have read all the data, the
+ * encrypt BIO, if present, will read EOF and encode the last few
+ * bytes
+ */
+ BIO_set_mem_eof_return(bio, 0);
+
+ if (data_body->length > 0)
+ BIO_write(bio, (char *)data_body->data, data_body->length);
+# else
+ if (data_body->length > 0)
+ bio = BIO_new_mem_buf(data_body->data, data_body->length);
+ else {
+ bio = BIO_new(BIO_s_mem());
+ if (bio == NULL)
+ goto err;
+ BIO_set_mem_eof_return(bio, 0);
+ }
+ if (bio == NULL)
+ goto err;
+# endif
+ }
+ BIO_push(out, bio);
+ bio = NULL;
+#endif
+ if (0) {
+ err:
+ if (ek) {
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ }
+ if (tkey) {
+ OPENSSL_cleanse(tkey, tkeylen);
+ OPENSSL_free(tkey);
+ }
+ if (out != NULL)
+ BIO_free_all(out);
+ if (btmp != NULL)
+ BIO_free_all(btmp);
+ if (etmp != NULL)
+ BIO_free_all(etmp);
+ if (bio != NULL)
+ BIO_free_all(bio);
+ out = NULL;
+ }
+ return (out);
+}
+
+static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
+{
+ for (;;) {
+ bio = BIO_find_type(bio, BIO_TYPE_MD);
+ if (bio == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,
+ PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ return NULL;
+ }
+ BIO_get_md_ctx(bio, pmd);
+ if (*pmd == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ if (EVP_MD_CTX_type(*pmd) == nid)
+ return bio;
+ bio = BIO_next(bio);
+ }
+ return NULL;
+}
+
+static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
+{
+ unsigned char md_data[EVP_MAX_MD_SIZE];
+ unsigned int md_len;
+
+ /* Add signing time if not already present */
+ if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
+ if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+
+ /* Add digest */
+ if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
+ return 0;
+ }
+ if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ /* Now sign the attributes */
+ if (!PKCS7_SIGNER_INFO_sign(si))
+ return 0;
+
+ return 1;
+}
+
+int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
+{
+ int ret = 0;
+ int i, j;
+ BIO *btmp;
+ PKCS7_SIGNER_INFO *si;
+ EVP_MD_CTX *mdc, ctx_tmp;
+ STACK_OF(X509_ATTRIBUTE) *sk;
+ STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
+ ASN1_OCTET_STRING *os = NULL;
+
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);
+ return 0;
+ }
+
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
+ return 0;
+ }
+
+ EVP_MD_CTX_init(&ctx_tmp);
+ i = OBJ_obj2nid(p7->type);
+ p7->state = PKCS7_S_HEADER;
+
+ switch (i) {
+ case NID_pkcs7_data:
+ os = p7->d.data;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ /* XXXXXXXXXXXXXXXX */
+ si_sk = p7->d.signed_and_enveloped->signer_info;
+ os = p7->d.signed_and_enveloped->enc_data->enc_data;
+ if (!os) {
+ os = M_ASN1_OCTET_STRING_new();
+ if (!os) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p7->d.signed_and_enveloped->enc_data->enc_data = os;
+ }
+ break;
+ case NID_pkcs7_enveloped:
+ /* XXXXXXXXXXXXXXXX */
+ os = p7->d.enveloped->enc_data->enc_data;
+ if (!os) {
+ os = M_ASN1_OCTET_STRING_new();
+ if (!os) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p7->d.enveloped->enc_data->enc_data = os;
+ }
+ break;
+ case NID_pkcs7_signed:
+ si_sk = p7->d.sign->signer_info;
+ os = PKCS7_get_octet_string(p7->d.sign->contents);
+ /* If detached data then the content is excluded */
+ if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
+ M_ASN1_OCTET_STRING_free(os);
+ os = NULL;
+ p7->d.sign->contents->d.data = NULL;
+ }
+ break;
+
+ case NID_pkcs7_digest:
+ os = PKCS7_get_octet_string(p7->d.digest->contents);
+ /* If detached data then the content is excluded */
+ if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
+ M_ASN1_OCTET_STRING_free(os);
+ os = NULL;
+ p7->d.digest->contents->d.data = NULL;
+ }
+ break;
+
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+
+ if (si_sk != NULL) {
+ for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
+ si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
+ if (si->pkey == NULL)
+ continue;
+
+ j = OBJ_obj2nid(si->digest_alg->algorithm);
+
+ btmp = bio;
+
+ btmp = PKCS7_find_digest(&mdc, btmp, j);
+
+ if (btmp == NULL)
+ goto err;
+
+ /*
+ * We now have the EVP_MD_CTX, lets do the signing.
+ */
+ if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
+ goto err;
+
+ sk = si->auth_attr;
+
+ /*
+ * If there are attributes, we add the digest attribute and only
+ * sign the attributes
+ */
+ if (sk_X509_ATTRIBUTE_num(sk) > 0) {
+ if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
+ goto err;
+ } else {
+ unsigned char *abuf = NULL;
+ unsigned int abuflen;
+ abuflen = EVP_PKEY_size(si->pkey);
+ abuf = OPENSSL_malloc(abuflen);
+ if (!abuf)
+ goto err;
+
+ if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
+ goto err;
+ }
+ ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
+ }
+ }
+ } else if (i == NID_pkcs7_digest) {
+ unsigned char md_data[EVP_MAX_MD_SIZE];
+ unsigned int md_len;
+ if (!PKCS7_find_digest(&mdc, bio,
+ OBJ_obj2nid(p7->d.digest->md->algorithm)))
+ goto err;
+ if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
+ goto err;
+ M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
+ }
+
+ if (!PKCS7_is_detached(p7)) {
+ /*
+ * NOTE(emilia): I think we only reach os == NULL here because detached
+ * digested data support is broken.
+ */
+ if (os == NULL)
+ goto err;
+ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
+ char *cont;
+ long contlen;
+ btmp = BIO_find_type(bio, BIO_TYPE_MEM);
+ if (btmp == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+ goto err;
+ }
+ contlen = BIO_get_mem_data(btmp, &cont);
+ /*
+ * Mark the BIO read only then we can use its copy of the data
+ * instead of making an extra copy.
+ */
+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
+ BIO_set_mem_eof_return(btmp, 0);
+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
+ }
+ }
+ ret = 1;
+ err:
+ EVP_MD_CTX_cleanup(&ctx_tmp);
+ return (ret);
+}
+
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
+{
+ EVP_MD_CTX mctx;
+ EVP_PKEY_CTX *pctx;
+ unsigned char *abuf = NULL;
+ int alen;
+ size_t siglen;
+ const EVP_MD *md = NULL;
+
+ md = EVP_get_digestbyobj(si->digest_alg->algorithm);
+ if (md == NULL)
+ return 0;
+
+ EVP_MD_CTX_init(&mctx);
+ if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+ EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
+ ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
+ if (!abuf)
+ goto err;
+ if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
+ goto err;
+ OPENSSL_free(abuf);
+ abuf = NULL;
+ if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+ goto err;
+ abuf = OPENSSL_malloc(siglen);
+ if (!abuf)
+ goto err;
+ if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+ EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ EVP_MD_CTX_cleanup(&mctx);
+
+ ASN1_STRING_set0(si->enc_digest, abuf, siglen);
+
+ return 1;
+
+ err:
+ if (abuf)
+ OPENSSL_free(abuf);
+ EVP_MD_CTX_cleanup(&mctx);
+ return 0;
+
+}
+
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
+ PKCS7 *p7, PKCS7_SIGNER_INFO *si)
+{
+ PKCS7_ISSUER_AND_SERIAL *ias;
+ int ret = 0, i;
+ STACK_OF(X509) *cert;
+ X509 *x509;
+
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER);
+ return 0;
+ }
+
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);
+ return 0;
+ }
+
+ if (PKCS7_type_is_signed(p7)) {
+ cert = p7->d.sign->cert;
+ } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
+ cert = p7->d.signed_and_enveloped->cert;
+ } else {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
+ goto err;
+ }
+ /* XXXXXXXXXXXXXXXXXXXXXXX */
+ ias = si->issuer_and_serial;
+
+ x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);
+
+ /* were we able to find the cert in passed to us */
+ if (x509 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,
+ PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
+ goto err;
+ }
+
+ /* Lets verify */
+ if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
+ goto err;
+ }
+ X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
+ i = X509_verify_cert(ctx);
+ if (i <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
+ X509_STORE_CTX_cleanup(ctx);
+ goto err;
+ }
+ X509_STORE_CTX_cleanup(ctx);
+
+ return PKCS7_signatureVerify(bio, p7, si, x509);
+ err:
+ return ret;
+}
+
+int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
+ X509 *x509)
+{
+ ASN1_OCTET_STRING *os;
+ EVP_MD_CTX mdc_tmp, *mdc;
+ int ret = 0, i;
+ int md_type;
+ STACK_OF(X509_ATTRIBUTE) *sk;
+ BIO *btmp;
+ EVP_PKEY *pkey;
+
+ EVP_MD_CTX_init(&mdc_tmp);
+
+ if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
+ goto err;
+ }
+
+ md_type = OBJ_obj2nid(si->digest_alg->algorithm);
+
+ btmp = bio;
+ for (;;) {
+ if ((btmp == NULL) ||
+ ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
+ PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ goto err;
+ }
+ BIO_get_md_ctx(btmp, &mdc);
+ if (mdc == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (EVP_MD_CTX_type(mdc) == md_type)
+ break;
+ /*
+ * Workaround for some broken clients that put the signature OID
+ * instead of the digest OID in digest_alg->algorithm
+ */
+ if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
+ break;
+ btmp = BIO_next(btmp);
+ }
+
+ /*
+ * mdc is the digest ctx that we want, unless there are attributes, in
+ * which case the digest is the signed attributes
+ */
+ if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
+ goto err;
+
+ sk = si->auth_attr;
+ if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
+ unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
+ unsigned int md_len;
+ int alen;
+ ASN1_OCTET_STRING *message_digest;
+
+ if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
+ goto err;
+ message_digest = PKCS7_digest_from_attributes(sk);
+ if (!message_digest) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
+ PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ goto err;
+ }
+ if ((message_digest->length != (int)md_len) ||
+ (memcmp(message_digest->data, md_dat, md_len))) {
+#if 0
+ {
+ int ii;
+ for (ii = 0; ii < message_digest->length; ii++)
+ printf("%02X", message_digest->data[ii]);
+ printf(" sent\n");
+ for (ii = 0; ii < md_len; ii++)
+ printf("%02X", md_dat[ii]);
+ printf(" calc\n");
+ }
+#endif
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
+ ret = -1;
+ goto err;
+ }
+
+ if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
+ goto err;
+
+ alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
+ ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
+ if (alen <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);
+ ret = -1;
+ goto err;
+ }
+ if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+ goto err;
+
+ OPENSSL_free(abuf);
+ }
+
+ os = si->enc_digest;
+ pkey = X509_get_pubkey(x509);
+ if (!pkey) {
+ ret = -1;
+ goto err;
+ }
+
+ i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
+ EVP_PKEY_free(pkey);
+ if (i <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
+ ret = -1;
+ goto err;
+ } else
+ ret = 1;
+ err:
+ EVP_MD_CTX_cleanup(&mdc_tmp);
+ return (ret);
+}
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
+{
+ STACK_OF(PKCS7_RECIP_INFO) *rsk;
+ PKCS7_RECIP_INFO *ri;
+ int i;
+
+ i = OBJ_obj2nid(p7->type);
+ if (i != NID_pkcs7_signedAndEnveloped)
+ return NULL;
+ if (p7->d.signed_and_enveloped == NULL)
+ return NULL;
+ rsk = p7->d.signed_and_enveloped->recipientinfo;
+ if (rsk == NULL)
+ return NULL;
+ if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
+ return (NULL);
+ ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
+ return (ri->issuer_and_serial);
+}
+
+ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
+{
+ return (get_attribute(si->auth_attr, nid));
+}
+
+ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
+{
+ return (get_attribute(si->unauth_attr, nid));
+}
+
+static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
+{
+ int i;
+ X509_ATTRIBUTE *xa;
+ ASN1_OBJECT *o;
+
+ o = OBJ_nid2obj(nid);
+ if (!o || !sk)
+ return (NULL);
+ for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+ xa = sk_X509_ATTRIBUTE_value(sk, i);
+ if (OBJ_cmp(xa->object, o) == 0) {
+ if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
+ return (sk_ASN1_TYPE_value(xa->value.set, 0));
+ else
+ return (NULL);
+ }
+ }
+ return (NULL);
+}
+
+ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
+{
+ ASN1_TYPE *astype;
+ if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
+ return NULL;
+ return astype->value.octet_string;
+}
+
+int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
+ STACK_OF(X509_ATTRIBUTE) *sk)
+{
+ int i;
+
+ if (p7si->auth_attr != NULL)
+ sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
+ p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
+ if (p7si->auth_attr == NULL)
+ return 0;
+ for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+ if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
+ X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
+ (sk, i))))
+ == NULL)
+ return (0);
+ }
+ return (1);
+}
+
+int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
+ STACK_OF(X509_ATTRIBUTE) *sk)
+{
+ int i;
+
+ if (p7si->unauth_attr != NULL)
+ sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
+ p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
+ if (p7si->unauth_attr == NULL)
+ return 0;
+ for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+ if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
+ X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
+ (sk, i))))
+ == NULL)
+ return (0);
+ }
+ return (1);
+}
+
+int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+ void *value)
+{
+ return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
+}
+
+int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+ void *value)
+{
+ return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
+}
+
+static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
+ void *value)
+{
+ X509_ATTRIBUTE *attr = NULL;
+
+ if (*sk == NULL) {
+ *sk = sk_X509_ATTRIBUTE_new_null();
+ if (*sk == NULL)
+ return 0;
+ new_attrib:
+ if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
+ return 0;
+ if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
+ X509_ATTRIBUTE_free(attr);
+ return 0;
+ }
+ } else {
+ int i;
+
+ for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
+ attr = sk_X509_ATTRIBUTE_value(*sk, i);
+ if (OBJ_obj2nid(attr->object) == nid) {
+ X509_ATTRIBUTE_free(attr);
+ attr = X509_ATTRIBUTE_create(nid, atrtype, value);
+ if (attr == NULL)
+ return 0;
+ if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
+ X509_ATTRIBUTE_free(attr);
+ return 0;
+ }
+ goto end;
+ }
+ }
+ goto new_attrib;
+ }
+ end:
+ return (1);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/rand/rand_unix.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,447 +0,0 @@
-/* crypto/rand/rand_unix.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-#include <stdio.h>
-
-#define USE_SOCKETS
-#include "e_os.h"
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
-
-# include <sys/types.h>
-# include <sys/time.h>
-# include <sys/times.h>
-# include <sys/stat.h>
-# include <fcntl.h>
-# include <unistd.h>
-# include <time.h>
-# if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually
- * everywhere */
-# include <poll.h>
-# endif
-# include <limits.h>
-# ifndef FD_SETSIZE
-# define FD_SETSIZE (8*sizeof(fd_set))
-# endif
-
-# if defined(OPENSSL_SYS_VOS)
-
-/*
- * The following algorithm repeatedly samples the real-time clock (RTC) to
- * generate a sequence of unpredictable data. The algorithm relies upon the
- * uneven execution speed of the code (due to factors such as cache misses,
- * interrupts, bus activity, and scheduling) and upon the rather large
- * relative difference between the speed of the clock and the rate at which
- * it can be read.
- *
- * If this code is ported to an environment where execution speed is more
- * constant or where the RTC ticks at a much slower rate, or the clock can be
- * read with fewer instructions, it is likely that the results would be far
- * more predictable.
- *
- * As a precaution, we generate 4 times the minimum required amount of seed
- * data.
- */
-
-int RAND_poll(void)
-{
- short int code;
- gid_t curr_gid;
- pid_t curr_pid;
- uid_t curr_uid;
- int i, k;
- struct timespec ts;
- unsigned char v;
-
-# ifdef OPENSSL_SYS_VOS_HPPA
- long duration;
- extern void s$sleep(long *_duration, short int *_code);
-# else
-# ifdef OPENSSL_SYS_VOS_IA32
- long long duration;
- extern void s$sleep2(long long *_duration, short int *_code);
-# else
-# error "Unsupported Platform."
-# endif /* OPENSSL_SYS_VOS_IA32 */
-# endif /* OPENSSL_SYS_VOS_HPPA */
-
- /*
- * Seed with the gid, pid, and uid, to ensure *some* variation between
- * different processes.
- */
-
- curr_gid = getgid();
- RAND_add(&curr_gid, sizeof curr_gid, 1);
- curr_gid = 0;
-
- curr_pid = getpid();
- RAND_add(&curr_pid, sizeof curr_pid, 1);
- curr_pid = 0;
-
- curr_uid = getuid();
- RAND_add(&curr_uid, sizeof curr_uid, 1);
- curr_uid = 0;
-
- for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
- /*
- * burn some cpu; hope for interrupts, cache collisions, bus
- * interference, etc.
- */
- for (k = 0; k < 99; k++)
- ts.tv_nsec = random();
-
-# ifdef OPENSSL_SYS_VOS_HPPA
- /* sleep for 1/1024 of a second (976 us). */
- duration = 1;
- s$sleep(&duration, &code);
-# else
-# ifdef OPENSSL_SYS_VOS_IA32
- /* sleep for 1/65536 of a second (15 us). */
- duration = 1;
- s$sleep2(&duration, &code);
-# endif /* OPENSSL_SYS_VOS_IA32 */
-# endif /* OPENSSL_SYS_VOS_HPPA */
-
- /* get wall clock time. */
- clock_gettime(CLOCK_REALTIME, &ts);
-
- /* take 8 bits */
- v = (unsigned char)(ts.tv_nsec % 256);
- RAND_add(&v, sizeof v, 1);
- v = 0;
- }
- return 1;
-}
-# elif defined __OpenBSD__
-int RAND_poll(void)
-{
- u_int32_t rnd = 0, i;
- unsigned char buf[ENTROPY_NEEDED];
-
- for (i = 0; i < sizeof(buf); i++) {
- if (i % 4 == 0)
- rnd = arc4random();
- buf[i] = rnd;
- rnd >>= 8;
- }
- RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
- memset(buf, 0, sizeof(buf));
-
- return 1;
-}
-# else /* !defined(__OpenBSD__) */
-int RAND_poll(void)
-{
- unsigned long l;
- pid_t curr_pid = getpid();
-# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
- unsigned char tmpbuf[ENTROPY_NEEDED];
- int n = 0;
-# endif
-# ifdef DEVRANDOM
- static const char *randomfiles[] = { DEVRANDOM };
- struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])];
- int fd;
- unsigned int i;
-# endif
-# ifdef DEVRANDOM_EGD
- static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
- const char **egdsocket = NULL;
-# endif
-
-# ifdef DEVRANDOM
- memset(randomstats, 0, sizeof(randomstats));
- /*
- * Use a random entropy pool device. Linux, FreeBSD and OpenBSD have
- * this. Use /dev/urandom if you can as /dev/random may block if it runs
- * out of random entries.
- */
-
- for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
- (n < ENTROPY_NEEDED); i++) {
- if ((fd = open(randomfiles[i], O_RDONLY
-# ifdef O_NONBLOCK
- | O_NONBLOCK
-# endif
-# ifdef O_BINARY
- | O_BINARY
-# endif
-# ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do
- * not make it our controlling tty */
- | O_NOCTTY
-# endif
- )) >= 0) {
- int usec = 10 * 1000; /* spend 10ms on each file */
- int r;
- unsigned int j;
- struct stat *st = &randomstats[i];
-
- /*
- * Avoid using same input... Used to be O_NOFOLLOW above, but
- * it's not universally appropriate...
- */
- if (fstat(fd, st) != 0) {
- close(fd);
- continue;
- }
- for (j = 0; j < i; j++) {
- if (randomstats[j].st_ino == st->st_ino &&
- randomstats[j].st_dev == st->st_dev)
- break;
- }
- if (j < i) {
- close(fd);
- continue;
- }
-
- do {
- int try_read = 0;
-
-# if defined(OPENSSL_SYS_BEOS_R5)
- /*
- * select() is broken in BeOS R5, so we simply try to read
- * something and snooze if we couldn't
- */
- try_read = 1;
-
-# elif defined(OPENSSL_SYS_LINUX)
- /* use poll() */
- struct pollfd pset;
-
- pset.fd = fd;
- pset.events = POLLIN;
- pset.revents = 0;
-
- if (poll(&pset, 1, usec / 1000) < 0)
- usec = 0;
- else
- try_read = (pset.revents & POLLIN) != 0;
-
-# else
- /* use select() */
- fd_set fset;
- struct timeval t;
-
- t.tv_sec = 0;
- t.tv_usec = usec;
-
- if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE) {
- /*
- * can't use select, so just try to read once anyway
- */
- try_read = 1;
- } else {
- FD_ZERO(&fset);
- FD_SET(fd, &fset);
-
- if (select(fd + 1, &fset, NULL, NULL, &t) >= 0) {
- usec = t.tv_usec;
- if (FD_ISSET(fd, &fset))
- try_read = 1;
- } else
- usec = 0;
- }
-# endif
-
- if (try_read) {
- r = read(fd, (unsigned char *)tmpbuf + n,
- ENTROPY_NEEDED - n);
- if (r > 0)
- n += r;
-# if defined(OPENSSL_SYS_BEOS_R5)
- if (r == 0)
- snooze(t.tv_usec);
-# endif
- } else
- r = -1;
-
- /*
- * Some Unixen will update t in select(), some won't. For
- * those who won't, or if we didn't use select() in the first
- * place, give up here, otherwise, we will do this once again
- * for the remaining time.
- */
- if (usec == 10 * 1000)
- usec = 0;
- }
- while ((r > 0 ||
- (errno == EINTR || errno == EAGAIN)) && usec != 0
- && n < ENTROPY_NEEDED);
-
- close(fd);
- }
- }
-# endif /* defined(DEVRANDOM) */
-
-# ifdef DEVRANDOM_EGD
- /*
- * Use an EGD socket to read entropy from an EGD or PRNGD entropy
- * collecting daemon.
- */
-
- for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED;
- egdsocket++) {
- int r;
-
- r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf + n,
- ENTROPY_NEEDED - n);
- if (r > 0)
- n += r;
- }
-# endif /* defined(DEVRANDOM_EGD) */
-
-# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
- if (n > 0) {
- RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
- OPENSSL_cleanse(tmpbuf, n);
- }
-# endif
-
- /* put in some default random data, we need more than just this */
- l = curr_pid;
- RAND_add(&l, sizeof(l), 0.0);
- l = getuid();
- RAND_add(&l, sizeof(l), 0.0);
-
- l = time(NULL);
- RAND_add(&l, sizeof(l), 0.0);
-
-# if defined(OPENSSL_SYS_BEOS)
- {
- system_info sysInfo;
- get_system_info(&sysInfo);
- RAND_add(&sysInfo, sizeof(sysInfo), 0);
- }
-# endif
-
-# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
- return 1;
-# else
- return 0;
-# endif
-}
-
-# endif /* defined(__OpenBSD__) */
-#endif /* !(defined(OPENSSL_SYS_WINDOWS) ||
- * defined(OPENSSL_SYS_WIN32) ||
- * defined(OPENSSL_SYS_VMS) ||
- * defined(OPENSSL_SYS_OS2) ||
- * defined(OPENSSL_SYS_VXWORKS) ||
- * defined(OPENSSL_SYS_NETWARE)) */
-
-#if defined(OPENSSL_SYS_VXWORKS)
-int RAND_poll(void)
-{
- return 0;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c (from rev 11605, vendor-crypto/openssl/dist/crypto/rand/rand_unix.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/rand/rand_unix.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,447 @@
+/* crypto/rand/rand_unix.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+
+#define USE_SOCKETS
+#include "e_os.h"
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
+
+# include <sys/types.h>
+# include <sys/time.h>
+# include <sys/times.h>
+# include <sys/stat.h>
+# include <fcntl.h>
+# include <unistd.h>
+# include <time.h>
+# if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually
+ * everywhere */
+# include <poll.h>
+# endif
+# include <limits.h>
+# ifndef FD_SETSIZE
+# define FD_SETSIZE (8*sizeof(fd_set))
+# endif
+
+# if defined(OPENSSL_SYS_VOS)
+
+/*
+ * The following algorithm repeatedly samples the real-time clock (RTC) to
+ * generate a sequence of unpredictable data. The algorithm relies upon the
+ * uneven execution speed of the code (due to factors such as cache misses,
+ * interrupts, bus activity, and scheduling) and upon the rather large
+ * relative difference between the speed of the clock and the rate at which
+ * it can be read.
+ *
+ * If this code is ported to an environment where execution speed is more
+ * constant or where the RTC ticks at a much slower rate, or the clock can be
+ * read with fewer instructions, it is likely that the results would be far
+ * more predictable.
+ *
+ * As a precaution, we generate 4 times the minimum required amount of seed
+ * data.
+ */
+
+int RAND_poll(void)
+{
+ short int code;
+ gid_t curr_gid;
+ pid_t curr_pid;
+ uid_t curr_uid;
+ int i, k;
+ struct timespec ts;
+ unsigned char v;
+
+# ifdef OPENSSL_SYS_VOS_HPPA
+ long duration;
+ extern void s$sleep(long *_duration, short int *_code);
+# else
+# ifdef OPENSSL_SYS_VOS_IA32
+ long long duration;
+ extern void s$sleep2(long long *_duration, short int *_code);
+# else
+# error "Unsupported Platform."
+# endif /* OPENSSL_SYS_VOS_IA32 */
+# endif /* OPENSSL_SYS_VOS_HPPA */
+
+ /*
+ * Seed with the gid, pid, and uid, to ensure *some* variation between
+ * different processes.
+ */
+
+ curr_gid = getgid();
+ RAND_add(&curr_gid, sizeof curr_gid, 1);
+ curr_gid = 0;
+
+ curr_pid = getpid();
+ RAND_add(&curr_pid, sizeof curr_pid, 1);
+ curr_pid = 0;
+
+ curr_uid = getuid();
+ RAND_add(&curr_uid, sizeof curr_uid, 1);
+ curr_uid = 0;
+
+ for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
+ /*
+ * burn some cpu; hope for interrupts, cache collisions, bus
+ * interference, etc.
+ */
+ for (k = 0; k < 99; k++)
+ ts.tv_nsec = random();
+
+# ifdef OPENSSL_SYS_VOS_HPPA
+ /* sleep for 1/1024 of a second (976 us). */
+ duration = 1;
+ s$sleep(&duration, &code);
+# else
+# ifdef OPENSSL_SYS_VOS_IA32
+ /* sleep for 1/65536 of a second (15 us). */
+ duration = 1;
+ s$sleep2(&duration, &code);
+# endif /* OPENSSL_SYS_VOS_IA32 */
+# endif /* OPENSSL_SYS_VOS_HPPA */
+
+ /* get wall clock time. */
+ clock_gettime(CLOCK_REALTIME, &ts);
+
+ /* take 8 bits */
+ v = (unsigned char)(ts.tv_nsec % 256);
+ RAND_add(&v, sizeof v, 1);
+ v = 0;
+ }
+ return 1;
+}
+# elif defined __OpenBSD__
+int RAND_poll(void)
+{
+ u_int32_t rnd = 0, i;
+ unsigned char buf[ENTROPY_NEEDED];
+
+ for (i = 0; i < sizeof(buf); i++) {
+ if (i % 4 == 0)
+ rnd = arc4random();
+ buf[i] = rnd;
+ rnd >>= 8;
+ }
+ RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+ OPENSSL_cleanse(buf, sizeof(buf));
+
+ return 1;
+}
+# else /* !defined(__OpenBSD__) */
+int RAND_poll(void)
+{
+ unsigned long l;
+ pid_t curr_pid = getpid();
+# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+ unsigned char tmpbuf[ENTROPY_NEEDED];
+ int n = 0;
+# endif
+# ifdef DEVRANDOM
+ static const char *randomfiles[] = { DEVRANDOM };
+ struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])];
+ int fd;
+ unsigned int i;
+# endif
+# ifdef DEVRANDOM_EGD
+ static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
+ const char **egdsocket = NULL;
+# endif
+
+# ifdef DEVRANDOM
+ memset(randomstats, 0, sizeof(randomstats));
+ /*
+ * Use a random entropy pool device. Linux, FreeBSD and OpenBSD have
+ * this. Use /dev/urandom if you can as /dev/random may block if it runs
+ * out of random entries.
+ */
+
+ for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
+ (n < ENTROPY_NEEDED); i++) {
+ if ((fd = open(randomfiles[i], O_RDONLY
+# ifdef O_NONBLOCK
+ | O_NONBLOCK
+# endif
+# ifdef O_BINARY
+ | O_BINARY
+# endif
+# ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do
+ * not make it our controlling tty */
+ | O_NOCTTY
+# endif
+ )) >= 0) {
+ int usec = 10 * 1000; /* spend 10ms on each file */
+ int r;
+ unsigned int j;
+ struct stat *st = &randomstats[i];
+
+ /*
+ * Avoid using same input... Used to be O_NOFOLLOW above, but
+ * it's not universally appropriate...
+ */
+ if (fstat(fd, st) != 0) {
+ close(fd);
+ continue;
+ }
+ for (j = 0; j < i; j++) {
+ if (randomstats[j].st_ino == st->st_ino &&
+ randomstats[j].st_dev == st->st_dev)
+ break;
+ }
+ if (j < i) {
+ close(fd);
+ continue;
+ }
+
+ do {
+ int try_read = 0;
+
+# if defined(OPENSSL_SYS_BEOS_R5)
+ /*
+ * select() is broken in BeOS R5, so we simply try to read
+ * something and snooze if we couldn't
+ */
+ try_read = 1;
+
+# elif defined(OPENSSL_SYS_LINUX)
+ /* use poll() */
+ struct pollfd pset;
+
+ pset.fd = fd;
+ pset.events = POLLIN;
+ pset.revents = 0;
+
+ if (poll(&pset, 1, usec / 1000) < 0)
+ usec = 0;
+ else
+ try_read = (pset.revents & POLLIN) != 0;
+
+# else
+ /* use select() */
+ fd_set fset;
+ struct timeval t;
+
+ t.tv_sec = 0;
+ t.tv_usec = usec;
+
+ if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE) {
+ /*
+ * can't use select, so just try to read once anyway
+ */
+ try_read = 1;
+ } else {
+ FD_ZERO(&fset);
+ FD_SET(fd, &fset);
+
+ if (select(fd + 1, &fset, NULL, NULL, &t) >= 0) {
+ usec = t.tv_usec;
+ if (FD_ISSET(fd, &fset))
+ try_read = 1;
+ } else
+ usec = 0;
+ }
+# endif
+
+ if (try_read) {
+ r = read(fd, (unsigned char *)tmpbuf + n,
+ ENTROPY_NEEDED - n);
+ if (r > 0)
+ n += r;
+# if defined(OPENSSL_SYS_BEOS_R5)
+ if (r == 0)
+ snooze(t.tv_usec);
+# endif
+ } else
+ r = -1;
+
+ /*
+ * Some Unixen will update t in select(), some won't. For
+ * those who won't, or if we didn't use select() in the first
+ * place, give up here, otherwise, we will do this once again
+ * for the remaining time.
+ */
+ if (usec == 10 * 1000)
+ usec = 0;
+ }
+ while ((r > 0 ||
+ (errno == EINTR || errno == EAGAIN)) && usec != 0
+ && n < ENTROPY_NEEDED);
+
+ close(fd);
+ }
+ }
+# endif /* defined(DEVRANDOM) */
+
+# ifdef DEVRANDOM_EGD
+ /*
+ * Use an EGD socket to read entropy from an EGD or PRNGD entropy
+ * collecting daemon.
+ */
+
+ for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED;
+ egdsocket++) {
+ int r;
+
+ r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf + n,
+ ENTROPY_NEEDED - n);
+ if (r > 0)
+ n += r;
+ }
+# endif /* defined(DEVRANDOM_EGD) */
+
+# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+ if (n > 0) {
+ RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
+ OPENSSL_cleanse(tmpbuf, n);
+ }
+# endif
+
+ /* put in some default random data, we need more than just this */
+ l = curr_pid;
+ RAND_add(&l, sizeof(l), 0.0);
+ l = getuid();
+ RAND_add(&l, sizeof(l), 0.0);
+
+ l = time(NULL);
+ RAND_add(&l, sizeof(l), 0.0);
+
+# if defined(OPENSSL_SYS_BEOS)
+ {
+ system_info sysInfo;
+ get_system_info(&sysInfo);
+ RAND_add(&sysInfo, sizeof(sysInfo), 0);
+ }
+# endif
+
+# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+ return 1;
+# else
+ return 0;
+# endif
+}
+
+# endif /* defined(__OpenBSD__) */
+#endif /* !(defined(OPENSSL_SYS_WINDOWS) ||
+ * defined(OPENSSL_SYS_WIN32) ||
+ * defined(OPENSSL_SYS_VMS) ||
+ * defined(OPENSSL_SYS_OS2) ||
+ * defined(OPENSSL_SYS_VXWORKS) ||
+ * defined(OPENSSL_SYS_NETWARE)) */
+
+#if defined(OPENSSL_SYS_VXWORKS)
+int RAND_poll(void)
+{
+ return 0;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/rand/rand_vms.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,159 +0,0 @@
-/* crypto/rand/rand_vms.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if defined(OPENSSL_SYS_VMS)
-
-# include <descrip.h>
-# include <jpidef.h>
-# include <ssdef.h>
-# include <starlet.h>
-# ifdef __DECC
-# pragma message disable DOLLARID
-# endif
-
-/*
- * Use 32-bit pointers almost everywhere. Define the type to which to cast a
- * pointer passed to an external function.
- */
-# if __INITIAL_POINTER_SIZE == 64
-# define PTR_T __void_ptr64
-# pragma pointer_size save
-# pragma pointer_size 32
-# else /* __INITIAL_POINTER_SIZE == 64 */
-# define PTR_T void *
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-static struct items_data_st {
- short length, code; /* length is amount of bytes */
-} items_data[] = {
- {
- 4, JPI$_BUFIO
- },
- {
- 4, JPI$_CPUTIM
- },
- {
- 4, JPI$_DIRIO
- },
- {
- 8, JPI$_LOGINTIM
- },
- {
- 4, JPI$_PAGEFLTS
- },
- {
- 4, JPI$_PID
- },
- {
- 4, JPI$_WSSIZE
- },
- {
- 0, 0
- }
-};
-
-int RAND_poll(void)
-{
- long pid, iosb[2];
- int status = 0;
- struct {
- short length, code;
- long *buffer;
- int *retlen;
- } item[32], *pitem;
- unsigned char data_buffer[256];
- short total_length = 0;
- struct items_data_st *pitems_data;
-
- pitems_data = items_data;
- pitem = item;
-
- /* Setup */
- while (pitems_data->length && (total_length + pitems_data->length <= 256)) {
- pitem->length = pitems_data->length;
- pitem->code = pitems_data->code;
- pitem->buffer = (long *)&data_buffer[total_length];
- pitem->retlen = 0;
- total_length += pitems_data->length;
- pitems_data++;
- pitem ++;
- }
- pitem->length = pitem->code = 0;
-
- /*
- * Scan through all the processes in the system and add entropy with
- * results from the processes that were possible to look at.
- * However, view the information as only half trustable.
- */
- pid = -1; /* search context */
- while ((status = sys$getjpiw(0, &pid, 0, item, iosb, 0, 0))
- != SS$_NOMOREPROC) {
- if (status == SS$_NORMAL) {
- RAND_add((PTR_T) data_buffer, total_length, total_length / 2);
- }
- }
- sys$gettim(iosb);
- RAND_add((PTR_T) iosb, sizeof(iosb), sizeof(iosb) / 2);
- return 1;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c (from rev 11605, vendor-crypto/openssl/dist/crypto/rand/rand_vms.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/rand/rand_vms.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,159 @@
+/* crypto/rand/rand_vms.c */
+/*
+ * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if defined(OPENSSL_SYS_VMS)
+
+# include <descrip.h>
+# include <jpidef.h>
+# include <ssdef.h>
+# include <starlet.h>
+# ifdef __DECC
+# pragma message disable DOLLARID
+# endif
+
+/*
+ * Use 32-bit pointers almost everywhere. Define the type to which to cast a
+ * pointer passed to an external function.
+ */
+# if __INITIAL_POINTER_SIZE == 64
+# define PTR_T __void_ptr64
+# pragma pointer_size save
+# pragma pointer_size 32
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define PTR_T void *
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+static struct items_data_st {
+ short length, code; /* length is amount of bytes */
+} items_data[] = {
+ {
+ 4, JPI$_BUFIO
+ },
+ {
+ 4, JPI$_CPUTIM
+ },
+ {
+ 4, JPI$_DIRIO
+ },
+ {
+ 8, JPI$_LOGINTIM
+ },
+ {
+ 4, JPI$_PAGEFLTS
+ },
+ {
+ 4, JPI$_PID
+ },
+ {
+ 4, JPI$_WSSIZE
+ },
+ {
+ 0, 0
+ }
+};
+
+int RAND_poll(void)
+{
+ long pid, iosb[2];
+ int status = 0;
+ struct {
+ short length, code;
+ long *buffer;
+ int *retlen;
+ } item[32], *pitem;
+ unsigned char data_buffer[256];
+ short total_length = 0;
+ struct items_data_st *pitems_data;
+
+ pitems_data = items_data;
+ pitem = item;
+
+ /* Setup */
+ while (pitems_data->length && (total_length + pitems_data->length <= 256)) {
+ pitem->length = pitems_data->length;
+ pitem->code = pitems_data->code;
+ pitem->buffer = (long *)&data_buffer[total_length];
+ pitem->retlen = 0;
+ total_length += pitems_data->length;
+ pitems_data++;
+ pitem ++;
+ }
+ pitem->length = pitem->code = 0;
+
+ /*
+ * Scan through all the processes in the system and add entropy with
+ * results from the processes that were possible to look at.
+ * However, view the information as only half trustable.
+ */
+ pid = -1; /* search context */
+ while ((status = sys$getjpiw(0, &pid, 0, item, iosb, 0, 0))
+ != SS$_NOMOREPROC) {
+ if (status == SS$_NORMAL) {
+ RAND_add((PTR_T) data_buffer, total_length, total_length / 2);
+ }
+ }
+ sys$gettim(iosb);
+ RAND_add((PTR_T) iosb, sizeof(iosb), sizeof(iosb) / 2);
+ return 1;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/rc4/rc4_utl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,62 +0,0 @@
-/* crypto/rc4/rc4_utl.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/rc4.h>
-
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-{
-#ifdef OPENSSL_FIPS
- fips_cipher_abort(RC4);
-#endif
- private_RC4_set_key(key, len, data);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/rc4/rc4_utl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/rc4/rc4_utl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,62 @@
+/* crypto/rc4/rc4_utl.c */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/rc4.h>
+
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(RC4);
+#endif
+ private_RC4_set_key(key, len, data);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/rsa/rsa_chk.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,214 +0,0 @@
-/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-int RSA_check_key(const RSA *key)
-{
- BIGNUM *i, *j, *k, *l, *m;
- BN_CTX *ctx;
- int r;
- int ret = 1;
-
- if (!key->p || !key->q || !key->n || !key->e || !key->d) {
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
- return 0;
- }
-
- i = BN_new();
- j = BN_new();
- k = BN_new();
- l = BN_new();
- m = BN_new();
- ctx = BN_CTX_new();
- if (i == NULL || j == NULL || k == NULL || l == NULL ||
- m == NULL || ctx == NULL) {
- ret = -1;
- RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* p prime? */
- r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL);
- if (r != 1) {
- ret = r;
- if (r != 0)
- goto err;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
- }
-
- /* q prime? */
- r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL);
- if (r != 1) {
- ret = r;
- if (r != 0)
- goto err;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
- }
-
- /* n = p*q? */
- r = BN_mul(i, key->p, key->q, ctx);
- if (!r) {
- ret = -1;
- goto err;
- }
-
- if (BN_cmp(i, key->n) != 0) {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
- }
-
- /* d*e = 1 mod lcm(p-1,q-1)? */
-
- r = BN_sub(i, key->p, BN_value_one());
- if (!r) {
- ret = -1;
- goto err;
- }
- r = BN_sub(j, key->q, BN_value_one());
- if (!r) {
- ret = -1;
- goto err;
- }
-
- /* now compute k = lcm(i,j) */
- r = BN_mul(l, i, j, ctx);
- if (!r) {
- ret = -1;
- goto err;
- }
- r = BN_gcd(m, i, j, ctx);
- if (!r) {
- ret = -1;
- goto err;
- }
- r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
- if (!r) {
- ret = -1;
- goto err;
- }
-
- r = BN_mod_mul(i, key->d, key->e, k, ctx);
- if (!r) {
- ret = -1;
- goto err;
- }
-
- if (!BN_is_one(i)) {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
- }
-
- if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
- /* dmp1 = d mod (p-1)? */
- r = BN_sub(i, key->p, BN_value_one());
- if (!r) {
- ret = -1;
- goto err;
- }
-
- r = BN_mod(j, key->d, i, ctx);
- if (!r) {
- ret = -1;
- goto err;
- }
-
- if (BN_cmp(j, key->dmp1) != 0) {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
- }
-
- /* dmq1 = d mod (q-1)? */
- r = BN_sub(i, key->q, BN_value_one());
- if (!r) {
- ret = -1;
- goto err;
- }
-
- r = BN_mod(j, key->d, i, ctx);
- if (!r) {
- ret = -1;
- goto err;
- }
-
- if (BN_cmp(j, key->dmq1) != 0) {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
- }
-
- /* iqmp = q^-1 mod p? */
- if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
- ret = -1;
- goto err;
- }
-
- if (BN_cmp(i, key->iqmp) != 0) {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
- }
- }
-
- err:
- if (i != NULL)
- BN_free(i);
- if (j != NULL)
- BN_free(j);
- if (k != NULL)
- BN_free(k);
- if (l != NULL)
- BN_free(l);
- if (m != NULL)
- BN_free(m);
- if (ctx != NULL)
- BN_CTX_free(ctx);
- return (ret);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c (from rev 11605, vendor-crypto/openssl/dist/crypto/rsa/rsa_chk.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/rsa/rsa_chk.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,214 @@
+/* crypto/rsa/rsa_chk.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+
+int RSA_check_key(const RSA *key)
+{
+ BIGNUM *i, *j, *k, *l, *m;
+ BN_CTX *ctx;
+ int r;
+ int ret = 1;
+
+ if (!key->p || !key->q || !key->n || !key->e || !key->d) {
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
+ return 0;
+ }
+
+ i = BN_new();
+ j = BN_new();
+ k = BN_new();
+ l = BN_new();
+ m = BN_new();
+ ctx = BN_CTX_new();
+ if (i == NULL || j == NULL || k == NULL || l == NULL ||
+ m == NULL || ctx == NULL) {
+ ret = -1;
+ RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* p prime? */
+ r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL);
+ if (r != 1) {
+ ret = r;
+ if (r != 0)
+ goto err;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
+ }
+
+ /* q prime? */
+ r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL);
+ if (r != 1) {
+ ret = r;
+ if (r != 0)
+ goto err;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
+ }
+
+ /* n = p*q? */
+ r = BN_mul(i, key->p, key->q, ctx);
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ if (BN_cmp(i, key->n) != 0) {
+ ret = 0;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
+ }
+
+ /* d*e = 1 mod lcm(p-1,q-1)? */
+
+ r = BN_sub(i, key->p, BN_value_one());
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+ r = BN_sub(j, key->q, BN_value_one());
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ /* now compute k = lcm(i,j) */
+ r = BN_mul(l, i, j, ctx);
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+ r = BN_gcd(m, i, j, ctx);
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+ r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ r = BN_mod_mul(i, key->d, key->e, k, ctx);
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ if (!BN_is_one(i)) {
+ ret = 0;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
+ }
+
+ if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
+ /* dmp1 = d mod (p-1)? */
+ r = BN_sub(i, key->p, BN_value_one());
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ r = BN_mod(j, key->d, i, ctx);
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ if (BN_cmp(j, key->dmp1) != 0) {
+ ret = 0;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
+ }
+
+ /* dmq1 = d mod (q-1)? */
+ r = BN_sub(i, key->q, BN_value_one());
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ r = BN_mod(j, key->d, i, ctx);
+ if (!r) {
+ ret = -1;
+ goto err;
+ }
+
+ if (BN_cmp(j, key->dmq1) != 0) {
+ ret = 0;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
+ }
+
+ /* iqmp = q^-1 mod p? */
+ if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
+ ret = -1;
+ goto err;
+ }
+
+ if (BN_cmp(i, key->iqmp) != 0) {
+ ret = 0;
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
+ }
+ }
+
+ err:
+ if (i != NULL)
+ BN_free(i);
+ if (j != NULL)
+ BN_free(j);
+ if (k != NULL)
+ BN_free(k);
+ if (l != NULL)
+ BN_free(l);
+ if (m != NULL)
+ BN_free(m);
+ if (ctx != NULL)
+ BN_CTX_free(ctx);
+ return (ret);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/seed/seed_cbc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,65 +0,0 @@
-/* crypto/seed/seed_cbc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/seed.h>
-#include <openssl/modes.h>
-
-void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE], int enc)
-{
- if (enc)
- CRYPTO_cbc128_encrypt(in, out, len, ks, ivec,
- (block128_f) SEED_encrypt);
- else
- CRYPTO_cbc128_decrypt(in, out, len, ks, ivec,
- (block128_f) SEED_decrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c (from rev 11605, vendor-crypto/openssl/dist/crypto/seed/seed_cbc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cbc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,65 @@
+/* crypto/seed/seed_cbc.c */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int enc)
+{
+ if (enc)
+ CRYPTO_cbc128_encrypt(in, out, len, ks, ivec,
+ (block128_f) SEED_encrypt);
+ else
+ CRYPTO_cbc128_decrypt(in, out, len, ks, ivec,
+ (block128_f) SEED_decrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/seed/seed_cfb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,118 +0,0 @@
-/* crypto/seed/seed_cfb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/seed.h>
-#include <openssl/modes.h>
-
-void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE], int *num,
- int enc)
-{
- CRYPTO_cfb128_encrypt(in, out, len, ks, ivec, num, enc,
- (block128_f) SEED_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/seed/seed_cfb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_cfb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,118 @@
+/* crypto/seed/seed_cfb.c */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int *num,
+ int enc)
+{
+ CRYPTO_cfb128_encrypt(in, out, len, ks, ivec, num, enc,
+ (block128_f) SEED_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/seed/seed_ecb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,61 +0,0 @@
-/* crypto/seed/seed_ecb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/seed.h>
-
-void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const SEED_KEY_SCHEDULE *ks, int enc)
-{
- if (enc)
- SEED_encrypt(in, out, ks);
- else
- SEED_decrypt(in, out, ks);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/seed/seed_ecb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ecb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,61 @@
+/* crypto/seed/seed_ecb.c */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const SEED_KEY_SCHEDULE *ks, int enc)
+{
+ if (enc)
+ SEED_encrypt(in, out, ks);
+ else
+ SEED_decrypt(in, out, ks);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/seed/seed_ofb.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,117 +0,0 @@
-/* crypto/seed/seed_ofb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/seed.h>
-#include <openssl/modes.h>
-
-void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE], int *num)
-{
- CRYPTO_ofb128_encrypt(in, out, len, ks, ivec, num,
- (block128_f) SEED_encrypt);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c (from rev 11605, vendor-crypto/openssl/dist/crypto/seed/seed_ofb.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/seed/seed_ofb.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,117 @@
+/* crypto/seed/seed_ofb.c */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int *num)
+{
+ CRYPTO_ofb128_encrypt(in, out, len, ks, ivec, num,
+ (block128_f) SEED_encrypt);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/sha/sha1test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,174 +0,0 @@
-/* crypto/sha/sha1test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_SHA
-int main(int argc, char *argv[])
-{
- printf("No SHA support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/sha.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-# undef SHA_0 /* FIPS 180 */
-# define SHA_1 /* FIPS 180-1 */
-
-static char *test[] = {
- "abc",
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
- NULL,
-};
-
-# ifdef SHA_0
-static char *ret[] = {
- "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
- "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-};
-
-static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603";
-# endif
-# ifdef SHA_1
-static char *ret[] = {
- "a9993e364706816aba3e25717850c26c9cd0d89d",
- "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
-};
-
-static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-# endif
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- static unsigned char buf[1000];
- char *p, *r;
- EVP_MD_CTX c;
- unsigned char md[SHA_DIGEST_LENGTH];
-
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(test[0], test[0], strlen(test[0]));
- ebcdic2ascii(test[1], test[1], strlen(test[1]));
-# endif
-
- EVP_MD_CTX_init(&c);
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
- EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);
- p = pt(md);
- if (strcmp(p, (char *)*R) != 0) {
- printf("error calculating SHA1 on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
-
- memset(buf, 'a', 1000);
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(buf, buf, 1000);
-# endif /* CHARSET_EBCDIC */
- EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
- for (i = 0; i < 1000; i++)
- EVP_DigestUpdate(&c, buf, 1000);
- EVP_DigestFinal_ex(&c, md, NULL);
- p = pt(md);
-
- r = bigret;
- if (strcmp(p, r) != 0) {
- printf("error calculating SHA1 on 'a' * 1000\n");
- printf("got %s instead of %s\n", p, r);
- err++;
- } else
- printf("test 3 ok\n");
-
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EXIT(err);
- EVP_MD_CTX_cleanup(&c);
- return (0);
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < SHA_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c (from rev 11605, vendor-crypto/openssl/dist/crypto/sha/sha1test.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/sha/sha1test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,174 @@
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_SHA
+int main(int argc, char *argv[])
+{
+ printf("No SHA support\n");
+ return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/sha.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+# undef SHA_0 /* FIPS 180 */
+# define SHA_1 /* FIPS 180-1 */
+
+static char *test[] = {
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+};
+
+# ifdef SHA_0
+static char *ret[] = {
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+};
+
+static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603";
+# endif
+# ifdef SHA_1
+static char *ret[] = {
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+};
+
+static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+# endif
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ char **P, **R;
+ static unsigned char buf[1000];
+ char *p, *r;
+ EVP_MD_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii(test[0], test[0], strlen(test[0]));
+ ebcdic2ascii(test[1], test[1], strlen(test[1]));
+# endif
+
+ EVP_MD_CTX_init(&c);
+ P = test;
+ R = ret;
+ i = 1;
+ while (*P != NULL) {
+ EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+ printf("error calculating SHA1 on '%s'\n", *P);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf, 'a', 1000);
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii(buf, buf, 1000);
+# endif /* CHARSET_EBCDIC */
+ EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
+ for (i = 0; i < 1000; i++)
+ EVP_DigestUpdate(&c, buf, 1000);
+ EVP_DigestFinal_ex(&c, md, NULL);
+ p = pt(md);
+
+ r = bigret;
+ if (strcmp(p, r) != 0) {
+ printf("error calculating SHA1 on 'a' * 1000\n");
+ printf("got %s instead of %s\n", p, r);
+ err++;
+ } else
+ printf("test 3 ok\n");
+
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ EVP_MD_CTX_cleanup(&c);
+ EXIT(err);
+ return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+ int i;
+ static char buf[80];
+
+ for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/srp/srp.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,169 +0,0 @@
-/* crypto/srp/srp.h */
-/*
- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-#ifndef __SRP_H__
-# define __SRP_H__
-
-# ifndef OPENSSL_NO_SRP
-
-# include <stdio.h>
-# include <string.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/safestack.h>
-# include <openssl/bn.h>
-# include <openssl/crypto.h>
-
-typedef struct SRP_gN_cache_st {
- char *b64_bn;
- BIGNUM *bn;
-} SRP_gN_cache;
-
-
-DECLARE_STACK_OF(SRP_gN_cache)
-
-typedef struct SRP_user_pwd_st {
- char *id;
- BIGNUM *s;
- BIGNUM *v;
- const BIGNUM *g;
- const BIGNUM *N;
- char *info;
-} SRP_user_pwd;
-
-DECLARE_STACK_OF(SRP_user_pwd)
-
-typedef struct SRP_VBASE_st {
- STACK_OF(SRP_user_pwd) *users_pwd;
- STACK_OF(SRP_gN_cache) *gN_cache;
-/* to simulate a user */
- char *seed_key;
- BIGNUM *default_g;
- BIGNUM *default_N;
-} SRP_VBASE;
-
-/*
- * Structure interne pour retenir les couples N et g
- */
-typedef struct SRP_gN_st {
- char *id;
- BIGNUM *g;
- BIGNUM *N;
-} SRP_gN;
-
-DECLARE_STACK_OF(SRP_gN)
-
-SRP_VBASE *SRP_VBASE_new(char *seed_key);
-int SRP_VBASE_free(SRP_VBASE *vb);
-int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
-SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
-char *SRP_create_verifier(const char *user, const char *pass, char **salt,
- char **verifier, const char *N, const char *g);
-int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
- BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
-
-# define SRP_NO_ERROR 0
-# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
-# define SRP_ERR_VBASE_BN_LIB 2
-# define SRP_ERR_OPEN_FILE 3
-# define SRP_ERR_MEMORY 4
-
-# define DB_srptype 0
-# define DB_srpverifier 1
-# define DB_srpsalt 2
-# define DB_srpid 3
-# define DB_srpgN 4
-# define DB_srpinfo 5
-# undef DB_NUMBER
-# define DB_NUMBER 6
-
-# define DB_SRP_INDEX 'I'
-# define DB_SRP_VALID 'V'
-# define DB_SRP_REVOKED 'R'
-# define DB_SRP_MODIF 'v'
-
-/* see srp.c */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
-SRP_gN *SRP_get_default_gN(const char *id);
-
-/* server side .... */
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N);
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
-
-/* client side .... */
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u);
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
-
-# define SRP_MINIMAL_N 1024
-
-#ifdef __cplusplus
-}
-#endif
-
-# endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h (from rev 11605, vendor-crypto/openssl/dist/crypto/srp/srp.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/srp/srp.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,179 @@
+/* crypto/srp/srp.h */
+/*
+ * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#ifndef __SRP_H__
+# define __SRP_H__
+
+# ifndef OPENSSL_NO_SRP
+
+# include <stdio.h>
+# include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/safestack.h>
+# include <openssl/bn.h>
+# include <openssl/crypto.h>
+
+typedef struct SRP_gN_cache_st {
+ char *b64_bn;
+ BIGNUM *bn;
+} SRP_gN_cache;
+
+
+DECLARE_STACK_OF(SRP_gN_cache)
+
+typedef struct SRP_user_pwd_st {
+ /* Owned by us. */
+ char *id;
+ BIGNUM *s;
+ BIGNUM *v;
+ /* Not owned by us. */
+ const BIGNUM *g;
+ const BIGNUM *N;
+ /* Owned by us. */
+ char *info;
+} SRP_user_pwd;
+
+DECLARE_STACK_OF(SRP_user_pwd)
+
+void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
+
+typedef struct SRP_VBASE_st {
+ STACK_OF(SRP_user_pwd) *users_pwd;
+ STACK_OF(SRP_gN_cache) *gN_cache;
+/* to simulate a user */
+ char *seed_key;
+ BIGNUM *default_g;
+ BIGNUM *default_N;
+} SRP_VBASE;
+
+/*
+ * Structure interne pour retenir les couples N et g
+ */
+typedef struct SRP_gN_st {
+ char *id;
+ BIGNUM *g;
+ BIGNUM *N;
+} SRP_gN;
+
+DECLARE_STACK_OF(SRP_gN)
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key);
+int SRP_VBASE_free(SRP_VBASE *vb);
+int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
+
+/* This method ignores the configured seed and fails for an unknown user. */
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
+/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
+SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
+
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g);
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
+
+# define SRP_NO_ERROR 0
+# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
+# define SRP_ERR_VBASE_BN_LIB 2
+# define SRP_ERR_OPEN_FILE 3
+# define SRP_ERR_MEMORY 4
+
+# define DB_srptype 0
+# define DB_srpverifier 1
+# define DB_srpsalt 2
+# define DB_srpid 3
+# define DB_srpgN 4
+# define DB_srpinfo 5
+# undef DB_NUMBER
+# define DB_NUMBER 6
+
+# define DB_SRP_INDEX 'I'
+# define DB_SRP_VALID 'V'
+# define DB_SRP_REVOKED 'R'
+# define DB_SRP_MODIF 'v'
+
+/* see srp.c */
+char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
+SRP_gN *SRP_get_default_gN(const char *id);
+
+/* server side .... */
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+ BIGNUM *N);
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
+
+/* client side .... */
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+ BIGNUM *a, BIGNUM *u);
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
+
+# define SRP_MINIMAL_N 1024
+
+#ifdef __cplusplus
+}
+#endif
+
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/srp/srp_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,357 +0,0 @@
-/* crypto/srp/srp_lib.c */
-/*
- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_SRP
-# include "cryptlib.h"
-# include "srp_lcl.h"
-# include <openssl/srp.h>
-# include <openssl/evp.h>
-
-# if (BN_BYTES == 8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
-# elif defined(__arch64__)
-# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
-# else
-# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
-# endif
-# elif (BN_BYTES == 4)
-# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
-# else
-# error "unsupported BN_BYTES"
-# endif
-
-# include "srp_grps.h"
-
-static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
-{
- /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
-
- unsigned char digest[SHA_DIGEST_LENGTH];
- unsigned char *tmp;
- EVP_MD_CTX ctxt;
- int longg;
- int longN = BN_num_bytes(N);
-
- if (BN_ucmp(g, N) >= 0)
- return NULL;
-
- if ((tmp = OPENSSL_malloc(longN)) == NULL)
- return NULL;
- BN_bn2bin(N, tmp);
-
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, tmp, longN);
-
- memset(tmp, 0, longN);
- longg = BN_bn2bin(g, tmp);
- /* use the zeros behind to pad on left */
- EVP_DigestUpdate(&ctxt, tmp + longg, longN - longg);
- EVP_DigestUpdate(&ctxt, tmp, longg);
- OPENSSL_free(tmp);
-
- EVP_DigestFinal_ex(&ctxt, digest, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
- return BN_bin2bn(digest, sizeof(digest), NULL);
-}
-
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
-{
- /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
-
- BIGNUM *u;
- unsigned char cu[SHA_DIGEST_LENGTH];
- unsigned char *cAB;
- EVP_MD_CTX ctxt;
- int longN;
- if ((A == NULL) || (B == NULL) || (N == NULL))
- return NULL;
-
- if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)
- return NULL;
-
- longN = BN_num_bytes(N);
-
- if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
- return NULL;
-
- memset(cAB, 0, longN);
-
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
- EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
- OPENSSL_free(cAB);
- EVP_DigestFinal_ex(&ctxt, cu, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
-
- if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
- return NULL;
- if (!BN_is_zero(u))
- return u;
- BN_free(u);
- return NULL;
-}
-
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N)
-{
- BIGNUM *tmp = NULL, *S = NULL;
- BN_CTX *bn_ctx;
-
- if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
- return NULL;
-
- if ((bn_ctx = BN_CTX_new()) == NULL ||
- (tmp = BN_new()) == NULL || (S = BN_new()) == NULL)
- goto err;
-
- /* S = (A*v**u) ** b */
-
- if (!BN_mod_exp(tmp, v, u, N, bn_ctx))
- goto err;
- if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
- goto err;
- if (!BN_mod_exp(S, tmp, b, N, bn_ctx))
- goto err;
- err:
- BN_CTX_free(bn_ctx);
- BN_clear_free(tmp);
- return S;
-}
-
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
-{
- BIGNUM *kv = NULL, *gb = NULL;
- BIGNUM *B = NULL, *k = NULL;
- BN_CTX *bn_ctx;
-
- if (b == NULL || N == NULL || g == NULL || v == NULL ||
- (bn_ctx = BN_CTX_new()) == NULL)
- return NULL;
-
- if ((kv = BN_new()) == NULL ||
- (gb = BN_new()) == NULL || (B = BN_new()) == NULL)
- goto err;
-
- /* B = g**b + k*v */
-
- if (!BN_mod_exp(gb, g, b, N, bn_ctx) ||
- !(k = srp_Calc_k(N, g)) ||
- !BN_mod_mul(kv, v, k, N, bn_ctx) ||
- !BN_mod_add(B, gb, kv, N, bn_ctx)) {
- BN_free(B);
- B = NULL;
- }
- err:
- BN_CTX_free(bn_ctx);
- BN_clear_free(kv);
- BN_clear_free(gb);
- BN_free(k);
- return B;
-}
-
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
-{
- unsigned char dig[SHA_DIGEST_LENGTH];
- EVP_MD_CTX ctxt;
- unsigned char *cs;
-
- if ((s == NULL) || (user == NULL) || (pass == NULL))
- return NULL;
-
- if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
- return NULL;
-
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, user, strlen(user));
- EVP_DigestUpdate(&ctxt, ":", 1);
- EVP_DigestUpdate(&ctxt, pass, strlen(pass));
- EVP_DigestFinal_ex(&ctxt, dig, NULL);
-
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- BN_bn2bin(s, cs);
- EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
- OPENSSL_free(cs);
- EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
- EVP_DigestFinal_ex(&ctxt, dig, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
-
- return BN_bin2bn(dig, sizeof(dig), NULL);
-}
-
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
-{
- BN_CTX *bn_ctx;
- BIGNUM *A = NULL;
-
- if (a == NULL || N == NULL || g == NULL ||
- (bn_ctx = BN_CTX_new()) == NULL)
- return NULL;
-
- if ((A = BN_new()) != NULL && !BN_mod_exp(A, g, a, N, bn_ctx)) {
- BN_free(A);
- A = NULL;
- }
- BN_CTX_free(bn_ctx);
- return A;
-}
-
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u)
-{
- BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
- BN_CTX *bn_ctx;
-
- if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
- || a == NULL || (bn_ctx = BN_CTX_new()) == NULL)
- return NULL;
-
- if ((tmp = BN_new()) == NULL ||
- (tmp2 = BN_new()) == NULL ||
- (tmp3 = BN_new()) == NULL || (K = BN_new()) == NULL)
- goto err;
-
- if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
- goto err;
- if (!(k = srp_Calc_k(N, g)))
- goto err;
- if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
- goto err;
- if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
- goto err;
-
- if (!BN_mod_mul(tmp3, u, x, N, bn_ctx))
- goto err;
- if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
- goto err;
- if (!BN_mod_exp(K, tmp, tmp2, N, bn_ctx))
- goto err;
-
- err:
- BN_CTX_free(bn_ctx);
- BN_clear_free(tmp);
- BN_clear_free(tmp2);
- BN_clear_free(tmp3);
- BN_free(k);
- return K;
-}
-
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
-{
- BIGNUM *r;
- BN_CTX *bn_ctx;
- int ret = 0;
-
- if (B == NULL || N == NULL || (bn_ctx = BN_CTX_new()) == NULL)
- return 0;
-
- if ((r = BN_new()) == NULL)
- goto err;
- /* Checks if B % N == 0 */
- if (!BN_nnmod(r, B, N, bn_ctx))
- goto err;
- ret = !BN_is_zero(r);
- err:
- BN_CTX_free(bn_ctx);
- BN_free(r);
- return ret;
-}
-
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
-{
- /* Checks if A % N == 0 */
- return SRP_Verify_B_mod_N(A, N);
-}
-
-/*
- * Check if G and N are kwown parameters. The values have been generated
- * from the ietf-tls-srp draft version 8
- */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
-{
- size_t i;
- if ((g == NULL) || (N == NULL))
- return 0;
-
- srp_bn_print(g);
- srp_bn_print(N);
-
- for (i = 0; i < KNOWN_GN_NUMBER; i++) {
- if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0)
- return knowngN[i].id;
- }
- return NULL;
-}
-
-SRP_gN *SRP_get_default_gN(const char *id)
-{
- size_t i;
-
- if (id == NULL)
- return knowngN;
- for (i = 0; i < KNOWN_GN_NUMBER; i++) {
- if (strcmp(knowngN[i].id, id) == 0)
- return knowngN + i;
- }
- return NULL;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/srp/srp_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/srp/srp_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,363 @@
+/* crypto/srp/srp_lib.c */
+/*
+ * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#ifndef OPENSSL_NO_SRP
+# include "cryptlib.h"
+# include "srp_lcl.h"
+# include <openssl/srp.h>
+# include <openssl/evp.h>
+
+# if (BN_BYTES == 8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
+# elif defined(__arch64__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
+# else
+# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
+# endif
+# elif (BN_BYTES == 4)
+# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+# else
+# error "unsupported BN_BYTES"
+# endif
+
+# include "srp_grps.h"
+
+static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
+{
+ /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
+
+ unsigned char digest[SHA_DIGEST_LENGTH];
+ unsigned char *tmp;
+ EVP_MD_CTX ctxt;
+ int longg;
+ int longN = BN_num_bytes(N);
+
+ if (BN_ucmp(g, N) >= 0)
+ return NULL;
+
+ if ((tmp = OPENSSL_malloc(longN)) == NULL)
+ return NULL;
+ BN_bn2bin(N, tmp);
+
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, tmp, longN);
+
+ memset(tmp, 0, longN);
+ longg = BN_bn2bin(g, tmp);
+ /* use the zeros behind to pad on left */
+ EVP_DigestUpdate(&ctxt, tmp + longg, longN - longg);
+ EVP_DigestUpdate(&ctxt, tmp, longg);
+ OPENSSL_free(tmp);
+
+ EVP_DigestFinal_ex(&ctxt, digest, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+ return BN_bin2bn(digest, sizeof(digest), NULL);
+}
+
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
+{
+ /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
+
+ BIGNUM *u;
+ unsigned char cu[SHA_DIGEST_LENGTH];
+ unsigned char *cAB;
+ EVP_MD_CTX ctxt;
+ int longN;
+ if ((A == NULL) || (B == NULL) || (N == NULL))
+ return NULL;
+
+ if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)
+ return NULL;
+
+ longN = BN_num_bytes(N);
+
+ if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
+ return NULL;
+
+ memset(cAB, 0, longN);
+
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
+ EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
+ OPENSSL_free(cAB);
+ EVP_DigestFinal_ex(&ctxt, cu, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+
+ if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
+ return NULL;
+ if (!BN_is_zero(u))
+ return u;
+ BN_free(u);
+ return NULL;
+}
+
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+ BIGNUM *N)
+{
+ BIGNUM *tmp = NULL, *S = NULL;
+ BN_CTX *bn_ctx;
+
+ if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
+ return NULL;
+
+ if ((bn_ctx = BN_CTX_new()) == NULL || (tmp = BN_new()) == NULL)
+ goto err;
+
+ /* S = (A*v**u) ** b */
+
+ if (!BN_mod_exp(tmp, v, u, N, bn_ctx))
+ goto err;
+ if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
+ goto err;
+
+ S = BN_new();
+ if (S != NULL && !BN_mod_exp(S, tmp, b, N, bn_ctx)) {
+ BN_free(S);
+ S = NULL;
+ }
+ err:
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(tmp);
+ return S;
+}
+
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
+{
+ BIGNUM *kv = NULL, *gb = NULL;
+ BIGNUM *B = NULL, *k = NULL;
+ BN_CTX *bn_ctx;
+
+ if (b == NULL || N == NULL || g == NULL || v == NULL ||
+ (bn_ctx = BN_CTX_new()) == NULL)
+ return NULL;
+
+ if ((kv = BN_new()) == NULL ||
+ (gb = BN_new()) == NULL || (B = BN_new()) == NULL)
+ goto err;
+
+ /* B = g**b + k*v */
+
+ if (!BN_mod_exp(gb, g, b, N, bn_ctx) ||
+ !(k = srp_Calc_k(N, g)) ||
+ !BN_mod_mul(kv, v, k, N, bn_ctx) ||
+ !BN_mod_add(B, gb, kv, N, bn_ctx)) {
+ BN_free(B);
+ B = NULL;
+ }
+ err:
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(kv);
+ BN_clear_free(gb);
+ BN_free(k);
+ return B;
+}
+
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
+{
+ unsigned char dig[SHA_DIGEST_LENGTH];
+ EVP_MD_CTX ctxt;
+ unsigned char *cs;
+
+ if ((s == NULL) || (user == NULL) || (pass == NULL))
+ return NULL;
+
+ if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
+ return NULL;
+
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, user, strlen(user));
+ EVP_DigestUpdate(&ctxt, ":", 1);
+ EVP_DigestUpdate(&ctxt, pass, strlen(pass));
+ EVP_DigestFinal_ex(&ctxt, dig, NULL);
+
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ BN_bn2bin(s, cs);
+ EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
+ OPENSSL_free(cs);
+ EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
+ EVP_DigestFinal_ex(&ctxt, dig, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+
+ return BN_bin2bn(dig, sizeof(dig), NULL);
+}
+
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
+{
+ BN_CTX *bn_ctx;
+ BIGNUM *A = NULL;
+
+ if (a == NULL || N == NULL || g == NULL ||
+ (bn_ctx = BN_CTX_new()) == NULL)
+ return NULL;
+
+ if ((A = BN_new()) != NULL && !BN_mod_exp(A, g, a, N, bn_ctx)) {
+ BN_free(A);
+ A = NULL;
+ }
+ BN_CTX_free(bn_ctx);
+ return A;
+}
+
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+ BIGNUM *a, BIGNUM *u)
+{
+ BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
+ BN_CTX *bn_ctx;
+
+ if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
+ || a == NULL || (bn_ctx = BN_CTX_new()) == NULL)
+ return NULL;
+
+ if ((tmp = BN_new()) == NULL ||
+ (tmp2 = BN_new()) == NULL ||
+ (tmp3 = BN_new()) == NULL)
+ goto err;
+
+ if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
+ goto err;
+ if (!(k = srp_Calc_k(N, g)))
+ goto err;
+ if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
+ goto err;
+ if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
+ goto err;
+
+ if (!BN_mod_mul(tmp3, u, x, N, bn_ctx))
+ goto err;
+ if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
+ goto err;
+ K = BN_new();
+ if (K != NULL && !BN_mod_exp(K, tmp, tmp2, N, bn_ctx)) {
+ BN_free(K);
+ K = NULL;
+ }
+
+ err:
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(tmp);
+ BN_clear_free(tmp2);
+ BN_clear_free(tmp3);
+ BN_free(k);
+ return K;
+}
+
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
+{
+ BIGNUM *r;
+ BN_CTX *bn_ctx;
+ int ret = 0;
+
+ if (B == NULL || N == NULL || (bn_ctx = BN_CTX_new()) == NULL)
+ return 0;
+
+ if ((r = BN_new()) == NULL)
+ goto err;
+ /* Checks if B % N == 0 */
+ if (!BN_nnmod(r, B, N, bn_ctx))
+ goto err;
+ ret = !BN_is_zero(r);
+ err:
+ BN_CTX_free(bn_ctx);
+ BN_free(r);
+ return ret;
+}
+
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
+{
+ /* Checks if A % N == 0 */
+ return SRP_Verify_B_mod_N(A, N);
+}
+
+/*
+ * Check if G and N are kwown parameters. The values have been generated
+ * from the ietf-tls-srp draft version 8
+ */
+char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
+{
+ size_t i;
+ if ((g == NULL) || (N == NULL))
+ return 0;
+
+ srp_bn_print(g);
+ srp_bn_print(N);
+
+ for (i = 0; i < KNOWN_GN_NUMBER; i++) {
+ if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0)
+ return knowngN[i].id;
+ }
+ return NULL;
+}
+
+SRP_gN *SRP_get_default_gN(const char *id)
+{
+ size_t i;
+
+ if (id == NULL)
+ return knowngN;
+ for (i = 0; i < KNOWN_GN_NUMBER; i++) {
+ if (strcmp(knowngN[i].id, id) == 0)
+ return knowngN + i;
+ }
+ return NULL;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/srp/srp_vfy.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,658 +0,0 @@
-/* crypto/srp/srp_vfy.c */
-/*
- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_SRP
-# include "cryptlib.h"
-# include "srp_lcl.h"
-# include <openssl/srp.h>
-# include <openssl/evp.h>
-# include <openssl/buffer.h>
-# include <openssl/rand.h>
-# include <openssl/txt_db.h>
-
-# define SRP_RANDOM_SALT_LEN 20
-# define MAX_LEN 2500
-
-static char b64table[] =
- "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
-
-/*
- * the following two conversion routines have been inspired by code from
- * Stanford
- */
-
-/*
- * Convert a base64 string into raw byte array representation.
- */
-static int t_fromb64(unsigned char *a, const char *src)
-{
- char *loc;
- int i, j;
- int size;
-
- while (*src && (*src == ' ' || *src == '\t' || *src == '\n'))
- ++src;
- size = strlen(src);
- i = 0;
- while (i < size) {
- loc = strchr(b64table, src[i]);
- if (loc == (char *)0)
- break;
- else
- a[i] = loc - b64table;
- ++i;
- }
- /* if nothing valid to process we have a zero length response */
- if (i == 0)
- return 0;
- size = i;
- i = size - 1;
- j = size;
- while (1) {
- a[j] = a[i];
- if (--i < 0)
- break;
- a[j] |= (a[i] & 3) << 6;
- --j;
- a[j] = (unsigned char)((a[i] & 0x3c) >> 2);
- if (--i < 0)
- break;
- a[j] |= (a[i] & 0xf) << 4;
- --j;
- a[j] = (unsigned char)((a[i] & 0x30) >> 4);
- if (--i < 0)
- break;
- a[j] |= (a[i] << 2);
-
- a[--j] = 0;
- if (--i < 0)
- break;
- }
- while (a[j] == 0 && j <= size)
- ++j;
- i = 0;
- while (j <= size)
- a[i++] = a[j++];
- return i;
-}
-
-/*
- * Convert a raw byte string into a null-terminated base64 ASCII string.
- */
-static char *t_tob64(char *dst, const unsigned char *src, int size)
-{
- int c, pos = size % 3;
- unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
- char *olddst = dst;
-
- switch (pos) {
- case 1:
- b2 = src[0];
- break;
- case 2:
- b1 = src[0];
- b2 = src[1];
- break;
- }
-
- while (1) {
- c = (b0 & 0xfc) >> 2;
- if (notleading || c != 0) {
- *dst++ = b64table[c];
- notleading = 1;
- }
- c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
- if (notleading || c != 0) {
- *dst++ = b64table[c];
- notleading = 1;
- }
- c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
- if (notleading || c != 0) {
- *dst++ = b64table[c];
- notleading = 1;
- }
- c = b2 & 0x3f;
- if (notleading || c != 0) {
- *dst++ = b64table[c];
- notleading = 1;
- }
- if (pos >= size)
- break;
- else {
- b0 = src[pos++];
- b1 = src[pos++];
- b2 = src[pos++];
- }
- }
-
- *dst++ = '\0';
- return olddst;
-}
-
-static void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
-{
- if (user_pwd == NULL)
- return;
- BN_free(user_pwd->s);
- BN_clear_free(user_pwd->v);
- OPENSSL_free(user_pwd->id);
- OPENSSL_free(user_pwd->info);
- OPENSSL_free(user_pwd);
-}
-
-static SRP_user_pwd *SRP_user_pwd_new()
-{
- SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
- if (ret == NULL)
- return NULL;
- ret->N = NULL;
- ret->g = NULL;
- ret->s = NULL;
- ret->v = NULL;
- ret->id = NULL;
- ret->info = NULL;
- return ret;
-}
-
-static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
- const BIGNUM *N)
-{
- vinfo->N = N;
- vinfo->g = g;
-}
-
-static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
- const char *info)
-{
- if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
- return 0;
- return (info == NULL || NULL != (vinfo->info = BUF_strdup(info)));
-}
-
-static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
- const char *v)
-{
- unsigned char tmp[MAX_LEN];
- int len;
-
- if (strlen(s) > MAX_LEN || strlen(v) > MAX_LEN)
- return 0;
- len = t_fromb64(tmp, v);
- if (NULL == (vinfo->v = BN_bin2bn(tmp, len, NULL)))
- return 0;
- len = t_fromb64(tmp, s);
- return ((vinfo->s = BN_bin2bn(tmp, len, NULL)) != NULL);
-}
-
-static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v)
-{
- vinfo->v = v;
- vinfo->s = s;
- return (vinfo->s != NULL && vinfo->v != NULL);
-}
-
-SRP_VBASE *SRP_VBASE_new(char *seed_key)
-{
- SRP_VBASE *vb = (SRP_VBASE *)OPENSSL_malloc(sizeof(SRP_VBASE));
-
- if (vb == NULL)
- return NULL;
- if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
- !(vb->gN_cache = sk_SRP_gN_cache_new_null())) {
- OPENSSL_free(vb);
- return NULL;
- }
- vb->default_g = NULL;
- vb->default_N = NULL;
- vb->seed_key = NULL;
- if ((seed_key != NULL) && (vb->seed_key = BUF_strdup(seed_key)) == NULL) {
- sk_SRP_user_pwd_free(vb->users_pwd);
- sk_SRP_gN_cache_free(vb->gN_cache);
- OPENSSL_free(vb);
- return NULL;
- }
- return vb;
-}
-
-int SRP_VBASE_free(SRP_VBASE *vb)
-{
- sk_SRP_user_pwd_pop_free(vb->users_pwd, SRP_user_pwd_free);
- sk_SRP_gN_cache_free(vb->gN_cache);
- OPENSSL_free(vb->seed_key);
- OPENSSL_free(vb);
- return 0;
-}
-
-static SRP_gN_cache *SRP_gN_new_init(const char *ch)
-{
- unsigned char tmp[MAX_LEN];
- int len;
-
- SRP_gN_cache *newgN =
- (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
- if (newgN == NULL)
- return NULL;
-
- if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
- goto err;
-
- len = t_fromb64(tmp, ch);
- if ((newgN->bn = BN_bin2bn(tmp, len, NULL)))
- return newgN;
-
- OPENSSL_free(newgN->b64_bn);
- err:
- OPENSSL_free(newgN);
- return NULL;
-}
-
-static void SRP_gN_free(SRP_gN_cache *gN_cache)
-{
- if (gN_cache == NULL)
- return;
- OPENSSL_free(gN_cache->b64_bn);
- BN_free(gN_cache->bn);
- OPENSSL_free(gN_cache);
-}
-
-static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab)
-{
- int i;
-
- SRP_gN *gN;
- if (gN_tab != NULL)
- for (i = 0; i < sk_SRP_gN_num(gN_tab); i++) {
- gN = sk_SRP_gN_value(gN_tab, i);
- if (gN && (id == NULL || strcmp(gN->id, id) == 0))
- return gN;
- }
-
- return SRP_get_default_gN(id);
-}
-
-static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
-{
- int i;
- if (gN_cache == NULL)
- return NULL;
-
- /* search if we have already one... */
- for (i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++) {
- SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
- if (strcmp(cache->b64_bn, ch) == 0)
- return cache->bn;
- }
- { /* it is the first time that we find it */
- SRP_gN_cache *newgN = SRP_gN_new_init(ch);
- if (newgN) {
- if (sk_SRP_gN_cache_insert(gN_cache, newgN, 0) > 0)
- return newgN->bn;
- SRP_gN_free(newgN);
- }
- }
- return NULL;
-}
-
-/*
- * this function parses verifier file. Format is:
- * string(index):base64(N):base64(g):0
- * string(username):base64(v):base64(salt):int(index)
- */
-
-int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
-{
- int error_code;
- STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
- char *last_index = NULL;
- int i;
- char **pp;
-
- SRP_gN *gN = NULL;
- SRP_user_pwd *user_pwd = NULL;
-
- TXT_DB *tmpdb = NULL;
- BIO *in = BIO_new(BIO_s_file());
-
- error_code = SRP_ERR_OPEN_FILE;
-
- if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
- goto err;
-
- error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
-
- if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
- goto err;
-
- error_code = SRP_ERR_MEMORY;
-
- if (vb->seed_key) {
- last_index = SRP_get_default_gN(NULL)->id;
- }
- for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++) {
- pp = sk_OPENSSL_PSTRING_value(tmpdb->data, i);
- if (pp[DB_srptype][0] == DB_SRP_INDEX) {
- /*
- * we add this couple in the internal Stack
- */
-
- if ((gN = (SRP_gN *) OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
- goto err;
-
- if (!(gN->id = BUF_strdup(pp[DB_srpid]))
- || !(gN->N =
- SRP_gN_place_bn(vb->gN_cache, pp[DB_srpverifier]))
- || !(gN->g = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpsalt]))
- || sk_SRP_gN_insert(SRP_gN_tab, gN, 0) == 0)
- goto err;
-
- gN = NULL;
-
- if (vb->seed_key != NULL) {
- last_index = pp[DB_srpid];
- }
- } else if (pp[DB_srptype][0] == DB_SRP_VALID) {
- /* it is a user .... */
- SRP_gN *lgN;
- if ((lgN = SRP_get_gN_by_id(pp[DB_srpgN], SRP_gN_tab)) != NULL) {
- error_code = SRP_ERR_MEMORY;
- if ((user_pwd = SRP_user_pwd_new()) == NULL)
- goto err;
-
- SRP_user_pwd_set_gN(user_pwd, lgN->g, lgN->N);
- if (!SRP_user_pwd_set_ids
- (user_pwd, pp[DB_srpid], pp[DB_srpinfo]))
- goto err;
-
- error_code = SRP_ERR_VBASE_BN_LIB;
- if (!SRP_user_pwd_set_sv
- (user_pwd, pp[DB_srpsalt], pp[DB_srpverifier]))
- goto err;
-
- if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0)
- goto err;
- user_pwd = NULL; /* abandon responsability */
- }
- }
- }
-
- if (last_index != NULL) {
- /* this means that we want to simulate a default user */
-
- if (((gN = SRP_get_gN_by_id(last_index, SRP_gN_tab)) == NULL)) {
- error_code = SRP_ERR_VBASE_BN_LIB;
- goto err;
- }
- vb->default_g = gN->g;
- vb->default_N = gN->N;
- gN = NULL;
- }
- error_code = SRP_NO_ERROR;
-
- err:
- /*
- * there may be still some leaks to fix, if this fails, the application
- * terminates most likely
- */
-
- if (gN != NULL) {
- OPENSSL_free(gN->id);
- OPENSSL_free(gN);
- }
-
- SRP_user_pwd_free(user_pwd);
-
- if (tmpdb)
- TXT_DB_free(tmpdb);
- if (in)
- BIO_free_all(in);
-
- sk_SRP_gN_free(SRP_gN_tab);
-
- return error_code;
-
-}
-
-SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
-{
- int i;
- SRP_user_pwd *user;
- unsigned char digv[SHA_DIGEST_LENGTH];
- unsigned char digs[SHA_DIGEST_LENGTH];
- EVP_MD_CTX ctxt;
-
- if (vb == NULL)
- return NULL;
- for (i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++) {
- user = sk_SRP_user_pwd_value(vb->users_pwd, i);
- if (strcmp(user->id, username) == 0)
- return user;
- }
- if ((vb->seed_key == NULL) ||
- (vb->default_g == NULL) || (vb->default_N == NULL))
- return NULL;
-
-/* if the user is unknown we set parameters as well if we have a seed_key */
-
- if ((user = SRP_user_pwd_new()) == NULL)
- return NULL;
-
- SRP_user_pwd_set_gN(user, vb->default_g, vb->default_N);
-
- if (!SRP_user_pwd_set_ids(user, username, NULL))
- goto err;
-
- if (RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH) < 0)
- goto err;
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
- EVP_DigestUpdate(&ctxt, username, strlen(username));
- EVP_DigestFinal_ex(&ctxt, digs, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
- if (SRP_user_pwd_set_sv_BN
- (user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
- BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
- return user;
-
- err:SRP_user_pwd_free(user);
- return NULL;
-}
-
-/*
- * create a verifier (*salt,*verifier,g and N are in base64)
- */
-char *SRP_create_verifier(const char *user, const char *pass, char **salt,
- char **verifier, const char *N, const char *g)
-{
- int len;
- char *result = NULL, *vf = NULL;
- BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
- unsigned char tmp[MAX_LEN];
- unsigned char tmp2[MAX_LEN];
- char *defgNid = NULL;
- int vfsize = 0;
-
- if ((user == NULL) ||
- (pass == NULL) || (salt == NULL) || (verifier == NULL))
- goto err;
-
- if (N) {
- if (!(len = t_fromb64(tmp, N)))
- goto err;
- N_bn = BN_bin2bn(tmp, len, NULL);
- if (!(len = t_fromb64(tmp, g)))
- goto err;
- g_bn = BN_bin2bn(tmp, len, NULL);
- defgNid = "*";
- } else {
- SRP_gN *gN = SRP_get_gN_by_id(g, NULL);
- if (gN == NULL)
- goto err;
- N_bn = gN->N;
- g_bn = gN->g;
- defgNid = gN->id;
- }
-
- if (*salt == NULL) {
- if (RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN) < 0)
- goto err;
-
- s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
- } else {
- if (!(len = t_fromb64(tmp2, *salt)))
- goto err;
- s = BN_bin2bn(tmp2, len, NULL);
- }
-
- if (!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn))
- goto err;
-
- BN_bn2bin(v, tmp);
- vfsize = BN_num_bytes(v) * 2;
- if (((vf = OPENSSL_malloc(vfsize)) == NULL))
- goto err;
- t_tob64(vf, tmp, BN_num_bytes(v));
-
- if (*salt == NULL) {
- char *tmp_salt;
-
- if ((tmp_salt = OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) {
- goto err;
- }
- t_tob64(tmp_salt, tmp2, SRP_RANDOM_SALT_LEN);
- *salt = tmp_salt;
- }
-
- *verifier = vf;
- vf = NULL;
- result = defgNid;
-
- err:
- if (N) {
- BN_free(N_bn);
- BN_free(g_bn);
- }
- OPENSSL_cleanse(vf, vfsize);
- OPENSSL_free(vf);
- BN_clear_free(s);
- BN_clear_free(v);
- return result;
-}
-
-/*
- * create a verifier (*salt,*verifier,g and N are BIGNUMs). If *salt != NULL
- * then the provided salt will be used. On successful exit *verifier will point
- * to a newly allocated BIGNUM containing the verifier and (if a salt was not
- * provided) *salt will be populated with a newly allocated BIGNUM containing a
- * random salt.
- * The caller is responsible for freeing the allocated *salt and *verifier
- * BIGNUMS.
- */
-int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
- BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
-{
- int result = 0;
- BIGNUM *x = NULL;
- BN_CTX *bn_ctx = BN_CTX_new();
- unsigned char tmp2[MAX_LEN];
- BIGNUM *salttmp = NULL;
-
- if ((user == NULL) ||
- (pass == NULL) ||
- (salt == NULL) ||
- (verifier == NULL) || (N == NULL) || (g == NULL) || (bn_ctx == NULL))
- goto err;
-
- srp_bn_print(N);
- srp_bn_print(g);
-
- if (*salt == NULL) {
- if (RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN) < 0)
- goto err;
-
- salttmp = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
- } else {
- salttmp = *salt;
- }
-
- x = SRP_Calc_x(salttmp, user, pass);
-
- *verifier = BN_new();
- if (*verifier == NULL)
- goto err;
-
- if (!BN_mod_exp(*verifier, g, x, N, bn_ctx)) {
- BN_clear_free(*verifier);
- goto err;
- }
-
- srp_bn_print(*verifier);
-
- result = 1;
- *salt = salttmp;
-
- err:
- if (*salt != salttmp)
- BN_clear_free(salttmp);
- BN_clear_free(x);
- BN_CTX_free(bn_ctx);
- return result;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c (from rev 11605, vendor-crypto/openssl/dist/crypto/srp/srp_vfy.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/srp/srp_vfy.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,705 @@
+/* crypto/srp/srp_vfy.c */
+/*
+ * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#ifndef OPENSSL_NO_SRP
+# include "cryptlib.h"
+# include "srp_lcl.h"
+# include <openssl/srp.h>
+# include <openssl/evp.h>
+# include <openssl/buffer.h>
+# include <openssl/rand.h>
+# include <openssl/txt_db.h>
+
+# define SRP_RANDOM_SALT_LEN 20
+# define MAX_LEN 2500
+
+static char b64table[] =
+ "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
+
+/*
+ * the following two conversion routines have been inspired by code from
+ * Stanford
+ */
+
+/*
+ * Convert a base64 string into raw byte array representation.
+ */
+static int t_fromb64(unsigned char *a, const char *src)
+{
+ char *loc;
+ int i, j;
+ int size;
+
+ while (*src && (*src == ' ' || *src == '\t' || *src == '\n'))
+ ++src;
+ size = strlen(src);
+ i = 0;
+ while (i < size) {
+ loc = strchr(b64table, src[i]);
+ if (loc == (char *)0)
+ break;
+ else
+ a[i] = loc - b64table;
+ ++i;
+ }
+ /* if nothing valid to process we have a zero length response */
+ if (i == 0)
+ return 0;
+ size = i;
+ i = size - 1;
+ j = size;
+ while (1) {
+ a[j] = a[i];
+ if (--i < 0)
+ break;
+ a[j] |= (a[i] & 3) << 6;
+ --j;
+ a[j] = (unsigned char)((a[i] & 0x3c) >> 2);
+ if (--i < 0)
+ break;
+ a[j] |= (a[i] & 0xf) << 4;
+ --j;
+ a[j] = (unsigned char)((a[i] & 0x30) >> 4);
+ if (--i < 0)
+ break;
+ a[j] |= (a[i] << 2);
+
+ a[--j] = 0;
+ if (--i < 0)
+ break;
+ }
+ while (a[j] == 0 && j <= size)
+ ++j;
+ i = 0;
+ while (j <= size)
+ a[i++] = a[j++];
+ return i;
+}
+
+/*
+ * Convert a raw byte string into a null-terminated base64 ASCII string.
+ */
+static char *t_tob64(char *dst, const unsigned char *src, int size)
+{
+ int c, pos = size % 3;
+ unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
+ char *olddst = dst;
+
+ switch (pos) {
+ case 1:
+ b2 = src[0];
+ break;
+ case 2:
+ b1 = src[0];
+ b2 = src[1];
+ break;
+ }
+
+ while (1) {
+ c = (b0 & 0xfc) >> 2;
+ if (notleading || c != 0) {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
+ if (notleading || c != 0) {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
+ if (notleading || c != 0) {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ c = b2 & 0x3f;
+ if (notleading || c != 0) {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ if (pos >= size)
+ break;
+ else {
+ b0 = src[pos++];
+ b1 = src[pos++];
+ b2 = src[pos++];
+ }
+ }
+
+ *dst++ = '\0';
+ return olddst;
+}
+
+void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
+{
+ if (user_pwd == NULL)
+ return;
+ BN_free(user_pwd->s);
+ BN_clear_free(user_pwd->v);
+ OPENSSL_free(user_pwd->id);
+ OPENSSL_free(user_pwd->info);
+ OPENSSL_free(user_pwd);
+}
+
+static SRP_user_pwd *SRP_user_pwd_new()
+{
+ SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
+ if (ret == NULL)
+ return NULL;
+ ret->N = NULL;
+ ret->g = NULL;
+ ret->s = NULL;
+ ret->v = NULL;
+ ret->id = NULL;
+ ret->info = NULL;
+ return ret;
+}
+
+static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
+ const BIGNUM *N)
+{
+ vinfo->N = N;
+ vinfo->g = g;
+}
+
+static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
+ const char *info)
+{
+ if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
+ return 0;
+ return (info == NULL || NULL != (vinfo->info = BUF_strdup(info)));
+}
+
+static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
+ const char *v)
+{
+ unsigned char tmp[MAX_LEN];
+ int len;
+
+ if (strlen(s) > MAX_LEN || strlen(v) > MAX_LEN)
+ return 0;
+ len = t_fromb64(tmp, v);
+ if (NULL == (vinfo->v = BN_bin2bn(tmp, len, NULL)))
+ return 0;
+ len = t_fromb64(tmp, s);
+ return ((vinfo->s = BN_bin2bn(tmp, len, NULL)) != NULL);
+}
+
+static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v)
+{
+ vinfo->v = v;
+ vinfo->s = s;
+ return (vinfo->s != NULL && vinfo->v != NULL);
+}
+
+static SRP_user_pwd *srp_user_pwd_dup(SRP_user_pwd *src)
+{
+ SRP_user_pwd *ret;
+
+ if (src == NULL)
+ return NULL;
+ if ((ret = SRP_user_pwd_new()) == NULL)
+ return NULL;
+
+ SRP_user_pwd_set_gN(ret, src->g, src->N);
+ if (!SRP_user_pwd_set_ids(ret, src->id, src->info)
+ || !SRP_user_pwd_set_sv_BN(ret, BN_dup(src->s), BN_dup(src->v))) {
+ SRP_user_pwd_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key)
+{
+ SRP_VBASE *vb = (SRP_VBASE *)OPENSSL_malloc(sizeof(SRP_VBASE));
+
+ if (vb == NULL)
+ return NULL;
+ if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
+ !(vb->gN_cache = sk_SRP_gN_cache_new_null())) {
+ OPENSSL_free(vb);
+ return NULL;
+ }
+ vb->default_g = NULL;
+ vb->default_N = NULL;
+ vb->seed_key = NULL;
+ if ((seed_key != NULL) && (vb->seed_key = BUF_strdup(seed_key)) == NULL) {
+ sk_SRP_user_pwd_free(vb->users_pwd);
+ sk_SRP_gN_cache_free(vb->gN_cache);
+ OPENSSL_free(vb);
+ return NULL;
+ }
+ return vb;
+}
+
+int SRP_VBASE_free(SRP_VBASE *vb)
+{
+ sk_SRP_user_pwd_pop_free(vb->users_pwd, SRP_user_pwd_free);
+ sk_SRP_gN_cache_free(vb->gN_cache);
+ OPENSSL_free(vb->seed_key);
+ OPENSSL_free(vb);
+ return 0;
+}
+
+static SRP_gN_cache *SRP_gN_new_init(const char *ch)
+{
+ unsigned char tmp[MAX_LEN];
+ int len;
+
+ SRP_gN_cache *newgN =
+ (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
+ if (newgN == NULL)
+ return NULL;
+
+ if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
+ goto err;
+
+ len = t_fromb64(tmp, ch);
+ if ((newgN->bn = BN_bin2bn(tmp, len, NULL)))
+ return newgN;
+
+ OPENSSL_free(newgN->b64_bn);
+ err:
+ OPENSSL_free(newgN);
+ return NULL;
+}
+
+static void SRP_gN_free(SRP_gN_cache *gN_cache)
+{
+ if (gN_cache == NULL)
+ return;
+ OPENSSL_free(gN_cache->b64_bn);
+ BN_free(gN_cache->bn);
+ OPENSSL_free(gN_cache);
+}
+
+static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab)
+{
+ int i;
+
+ SRP_gN *gN;
+ if (gN_tab != NULL)
+ for (i = 0; i < sk_SRP_gN_num(gN_tab); i++) {
+ gN = sk_SRP_gN_value(gN_tab, i);
+ if (gN && (id == NULL || strcmp(gN->id, id) == 0))
+ return gN;
+ }
+
+ return SRP_get_default_gN(id);
+}
+
+static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
+{
+ int i;
+ if (gN_cache == NULL)
+ return NULL;
+
+ /* search if we have already one... */
+ for (i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++) {
+ SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
+ if (strcmp(cache->b64_bn, ch) == 0)
+ return cache->bn;
+ }
+ { /* it is the first time that we find it */
+ SRP_gN_cache *newgN = SRP_gN_new_init(ch);
+ if (newgN) {
+ if (sk_SRP_gN_cache_insert(gN_cache, newgN, 0) > 0)
+ return newgN->bn;
+ SRP_gN_free(newgN);
+ }
+ }
+ return NULL;
+}
+
+/*
+ * this function parses verifier file. Format is:
+ * string(index):base64(N):base64(g):0
+ * string(username):base64(v):base64(salt):int(index)
+ */
+
+int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
+{
+ int error_code;
+ STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
+ char *last_index = NULL;
+ int i;
+ char **pp;
+
+ SRP_gN *gN = NULL;
+ SRP_user_pwd *user_pwd = NULL;
+
+ TXT_DB *tmpdb = NULL;
+ BIO *in = BIO_new(BIO_s_file());
+
+ error_code = SRP_ERR_OPEN_FILE;
+
+ if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
+ goto err;
+
+ error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
+
+ if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
+ goto err;
+
+ error_code = SRP_ERR_MEMORY;
+
+ if (vb->seed_key) {
+ last_index = SRP_get_default_gN(NULL)->id;
+ }
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(tmpdb->data, i);
+ if (pp[DB_srptype][0] == DB_SRP_INDEX) {
+ /*
+ * we add this couple in the internal Stack
+ */
+
+ if ((gN = (SRP_gN *) OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
+ goto err;
+
+ if (!(gN->id = BUF_strdup(pp[DB_srpid]))
+ || !(gN->N =
+ SRP_gN_place_bn(vb->gN_cache, pp[DB_srpverifier]))
+ || !(gN->g = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpsalt]))
+ || sk_SRP_gN_insert(SRP_gN_tab, gN, 0) == 0)
+ goto err;
+
+ gN = NULL;
+
+ if (vb->seed_key != NULL) {
+ last_index = pp[DB_srpid];
+ }
+ } else if (pp[DB_srptype][0] == DB_SRP_VALID) {
+ /* it is a user .... */
+ SRP_gN *lgN;
+ if ((lgN = SRP_get_gN_by_id(pp[DB_srpgN], SRP_gN_tab)) != NULL) {
+ error_code = SRP_ERR_MEMORY;
+ if ((user_pwd = SRP_user_pwd_new()) == NULL)
+ goto err;
+
+ SRP_user_pwd_set_gN(user_pwd, lgN->g, lgN->N);
+ if (!SRP_user_pwd_set_ids
+ (user_pwd, pp[DB_srpid], pp[DB_srpinfo]))
+ goto err;
+
+ error_code = SRP_ERR_VBASE_BN_LIB;
+ if (!SRP_user_pwd_set_sv
+ (user_pwd, pp[DB_srpsalt], pp[DB_srpverifier]))
+ goto err;
+
+ if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0)
+ goto err;
+ user_pwd = NULL; /* abandon responsability */
+ }
+ }
+ }
+
+ if (last_index != NULL) {
+ /* this means that we want to simulate a default user */
+
+ if (((gN = SRP_get_gN_by_id(last_index, SRP_gN_tab)) == NULL)) {
+ error_code = SRP_ERR_VBASE_BN_LIB;
+ goto err;
+ }
+ vb->default_g = gN->g;
+ vb->default_N = gN->N;
+ gN = NULL;
+ }
+ error_code = SRP_NO_ERROR;
+
+ err:
+ /*
+ * there may be still some leaks to fix, if this fails, the application
+ * terminates most likely
+ */
+
+ if (gN != NULL) {
+ OPENSSL_free(gN->id);
+ OPENSSL_free(gN);
+ }
+
+ SRP_user_pwd_free(user_pwd);
+
+ if (tmpdb)
+ TXT_DB_free(tmpdb);
+ if (in)
+ BIO_free_all(in);
+
+ sk_SRP_gN_free(SRP_gN_tab);
+
+ return error_code;
+
+}
+
+static SRP_user_pwd *find_user(SRP_VBASE *vb, char *username)
+{
+ int i;
+ SRP_user_pwd *user;
+
+ if (vb == NULL)
+ return NULL;
+
+ for (i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++) {
+ user = sk_SRP_user_pwd_value(vb->users_pwd, i);
+ if (strcmp(user->id, username) == 0)
+ return user;
+ }
+
+ return NULL;
+}
+
+/*
+ * This method ignores the configured seed and fails for an unknown user.
+ * Ownership of the returned pointer is not released to the caller.
+ * In other words, caller must not free the result.
+ */
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
+{
+ return find_user(vb, username);
+}
+
+/*
+ * Ownership of the returned pointer is released to the caller.
+ * In other words, caller must free the result once done.
+ */
+SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username)
+{
+ SRP_user_pwd *user;
+ unsigned char digv[SHA_DIGEST_LENGTH];
+ unsigned char digs[SHA_DIGEST_LENGTH];
+ EVP_MD_CTX ctxt;
+
+ if (vb == NULL)
+ return NULL;
+
+ if ((user = find_user(vb, username)) != NULL)
+ return srp_user_pwd_dup(user);
+
+ if ((vb->seed_key == NULL) ||
+ (vb->default_g == NULL) || (vb->default_N == NULL))
+ return NULL;
+
+/* if the user is unknown we set parameters as well if we have a seed_key */
+
+ if ((user = SRP_user_pwd_new()) == NULL)
+ return NULL;
+
+ SRP_user_pwd_set_gN(user, vb->default_g, vb->default_N);
+
+ if (!SRP_user_pwd_set_ids(user, username, NULL))
+ goto err;
+
+ if (RAND_bytes(digv, SHA_DIGEST_LENGTH) <= 0)
+ goto err;
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
+ EVP_DigestUpdate(&ctxt, username, strlen(username));
+ EVP_DigestFinal_ex(&ctxt, digs, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+ if (SRP_user_pwd_set_sv_BN
+ (user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
+ BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
+ return user;
+
+ err:SRP_user_pwd_free(user);
+ return NULL;
+}
+
+/*
+ * create a verifier (*salt,*verifier,g and N are in base64)
+ */
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g)
+{
+ int len;
+ char *result = NULL, *vf = NULL;
+ BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
+ unsigned char tmp[MAX_LEN];
+ unsigned char tmp2[MAX_LEN];
+ char *defgNid = NULL;
+ int vfsize = 0;
+
+ if ((user == NULL) ||
+ (pass == NULL) || (salt == NULL) || (verifier == NULL))
+ goto err;
+
+ if (N) {
+ if (!(len = t_fromb64(tmp, N)))
+ goto err;
+ N_bn = BN_bin2bn(tmp, len, NULL);
+ if (!(len = t_fromb64(tmp, g)))
+ goto err;
+ g_bn = BN_bin2bn(tmp, len, NULL);
+ defgNid = "*";
+ } else {
+ SRP_gN *gN = SRP_get_gN_by_id(g, NULL);
+ if (gN == NULL)
+ goto err;
+ N_bn = gN->N;
+ g_bn = gN->g;
+ defgNid = gN->id;
+ }
+
+ if (*salt == NULL) {
+ if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
+ goto err;
+
+ s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
+ } else {
+ if (!(len = t_fromb64(tmp2, *salt)))
+ goto err;
+ s = BN_bin2bn(tmp2, len, NULL);
+ }
+
+ if (!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn))
+ goto err;
+
+ BN_bn2bin(v, tmp);
+ vfsize = BN_num_bytes(v) * 2;
+ if (((vf = OPENSSL_malloc(vfsize)) == NULL))
+ goto err;
+ t_tob64(vf, tmp, BN_num_bytes(v));
+
+ if (*salt == NULL) {
+ char *tmp_salt;
+
+ if ((tmp_salt = OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) {
+ goto err;
+ }
+ t_tob64(tmp_salt, tmp2, SRP_RANDOM_SALT_LEN);
+ *salt = tmp_salt;
+ }
+
+ *verifier = vf;
+ vf = NULL;
+ result = defgNid;
+
+ err:
+ if (N) {
+ BN_free(N_bn);
+ BN_free(g_bn);
+ }
+ OPENSSL_cleanse(vf, vfsize);
+ OPENSSL_free(vf);
+ BN_clear_free(s);
+ BN_clear_free(v);
+ return result;
+}
+
+/*
+ * create a verifier (*salt,*verifier,g and N are BIGNUMs). If *salt != NULL
+ * then the provided salt will be used. On successful exit *verifier will point
+ * to a newly allocated BIGNUM containing the verifier and (if a salt was not
+ * provided) *salt will be populated with a newly allocated BIGNUM containing a
+ * random salt.
+ * The caller is responsible for freeing the allocated *salt and *verifier
+ * BIGNUMS.
+ */
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
+{
+ int result = 0;
+ BIGNUM *x = NULL;
+ BN_CTX *bn_ctx = BN_CTX_new();
+ unsigned char tmp2[MAX_LEN];
+ BIGNUM *salttmp = NULL;
+
+ if ((user == NULL) ||
+ (pass == NULL) ||
+ (salt == NULL) ||
+ (verifier == NULL) || (N == NULL) || (g == NULL) || (bn_ctx == NULL))
+ goto err;
+
+ srp_bn_print(N);
+ srp_bn_print(g);
+
+ if (*salt == NULL) {
+ if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
+ goto err;
+
+ salttmp = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
+ } else {
+ salttmp = *salt;
+ }
+
+ x = SRP_Calc_x(salttmp, user, pass);
+
+ *verifier = BN_new();
+ if (*verifier == NULL)
+ goto err;
+
+ if (!BN_mod_exp(*verifier, g, x, N, bn_ctx)) {
+ BN_clear_free(*verifier);
+ goto err;
+ }
+
+ srp_bn_print(*verifier);
+
+ result = 1;
+ *salt = salttmp;
+
+ err:
+ if (*salt != salttmp)
+ BN_clear_free(salttmp);
+ BN_clear_free(x);
+ BN_CTX_free(bn_ctx);
+ return result;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/store/store.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/store/store.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/store.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,658 +0,0 @@
-/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_STORE_H
-# define HEADER_STORE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_STORE
-# error STORE is disabled.
-# endif
-
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/x509.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct store_st STORE; */
-/* typedef struct store_method_st STORE_METHOD; */
-
-/*
- * All the following functions return 0, a negative number or NULL on error.
- * When everything is fine, they return a positive value or a non-NULL
- * pointer, all depending on their purpose.
- */
-
-/* Creators and destructor. */
-STORE *STORE_new_method(const STORE_METHOD *method);
-STORE *STORE_new_engine(ENGINE *engine);
-void STORE_free(STORE *ui);
-
-/*
- * Give a user interface parametrised control commands. This can be used to
- * send down an integer, a data pointer or a function pointer, as well as be
- * used to get information from a STORE.
- */
-int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
-
-/*
- * A control to set the directory with keys and certificates. Used by the
- * built-in directory level method.
- */
-# define STORE_CTRL_SET_DIRECTORY 0x0001
-/*
- * A control to set a file to load. Used by the built-in file level method.
- */
-# define STORE_CTRL_SET_FILE 0x0002
-/*
- * A control to set a configuration file to load. Can be used by any method
- * that wishes to load a configuration file.
- */
-# define STORE_CTRL_SET_CONF_FILE 0x0003
-/*
- * A control to set a the section of the loaded configuration file. Can be
- * used by any method that wishes to load a configuration file.
- */
-# define STORE_CTRL_SET_CONF_SECTION 0x0004
-
-/* Some methods may use extra data */
-# define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
-# define STORE_get_app_data(s) STORE_get_ex_data(s,0)
-int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int STORE_set_ex_data(STORE *r, int idx, void *arg);
-void *STORE_get_ex_data(STORE *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-const STORE_METHOD *STORE_get_method(STORE *store);
-const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
-
-/* The standard OpenSSL methods. */
-/*
- * This is the in-memory method. It does everything except revoking and
- * updating, and is of course volatile. It's used by other methods that have
- * an in-memory cache.
- */
-const STORE_METHOD *STORE_Memory(void);
-# if 0 /* Not yet implemented */
-/*
- * This is the directory store. It does everything except revoking and
- * updating, and uses STORE_Memory() to cache things in memory.
- */
-const STORE_METHOD *STORE_Directory(void);
-/*
- * This is the file store. It does everything except revoking and updating,
- * and uses STORE_Memory() to cache things in memory. Certificates are added
- * to it with the store operation, and it will only get cached certificates.
- */
-const STORE_METHOD *STORE_File(void);
-# endif
-
-/*
- * Store functions take a type code for the type of data they should store or
- * fetch
- */
-typedef enum STORE_object_types {
- STORE_OBJECT_TYPE_X509_CERTIFICATE = 0x01, /* X509 * */
- STORE_OBJECT_TYPE_X509_CRL = 0x02, /* X509_CRL * */
- STORE_OBJECT_TYPE_PRIVATE_KEY = 0x03, /* EVP_PKEY * */
- STORE_OBJECT_TYPE_PUBLIC_KEY = 0x04, /* EVP_PKEY * */
- STORE_OBJECT_TYPE_NUMBER = 0x05, /* BIGNUM * */
- STORE_OBJECT_TYPE_ARBITRARY = 0x06, /* BUF_MEM * */
- STORE_OBJECT_TYPE_NUM = 0x06 /* The amount of known object types */
-} STORE_OBJECT_TYPES;
-/* List of text strings corresponding to the object types. */
-extern const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1];
-
-/*
- * Some store functions take a parameter list. Those parameters come with
- * one of the following codes. The comments following the codes below
- * indicate what type the value should be a pointer to.
- */
-typedef enum STORE_params {
- STORE_PARAM_EVP_TYPE = 0x01, /* int */
- STORE_PARAM_BITS = 0x02, /* size_t */
- STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
- STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
- STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
- STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
- STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
-} STORE_PARAM_TYPES;
-/*
- * Parameter value sizes. -1 means unknown, anything else is the required
- * size.
- */
-extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1];
-
-/*
- * Store functions take attribute lists. Those attributes come with codes.
- * The comments following the codes below indicate what type the value should
- * be a pointer to.
- */
-typedef enum STORE_attribs {
- STORE_ATTR_END = 0x00,
- STORE_ATTR_FRIENDLYNAME = 0x01, /* C string */
- STORE_ATTR_KEYID = 0x02, /* 160 bit string (SHA1) */
- STORE_ATTR_ISSUERKEYID = 0x03, /* 160 bit string (SHA1) */
- STORE_ATTR_SUBJECTKEYID = 0x04, /* 160 bit string (SHA1) */
- STORE_ATTR_ISSUERSERIALHASH = 0x05, /* 160 bit string (SHA1) */
- STORE_ATTR_ISSUER = 0x06, /* X509_NAME * */
- STORE_ATTR_SERIAL = 0x07, /* BIGNUM * */
- STORE_ATTR_SUBJECT = 0x08, /* X509_NAME * */
- STORE_ATTR_CERTHASH = 0x09, /* 160 bit string (SHA1) */
- STORE_ATTR_EMAIL = 0x0a, /* C string */
- STORE_ATTR_FILENAME = 0x0b, /* C string */
- STORE_ATTR_TYPE_NUM = 0x0b, /* The amount of known attribute types */
- STORE_ATTR_OR = 0xff /* This is a special separator, which
- * expresses the OR operation. */
-} STORE_ATTR_TYPES;
-/*
- * Attribute value sizes. -1 means unknown, anything else is the required
- * size.
- */
-extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1];
-
-typedef enum STORE_certificate_status {
- STORE_X509_VALID = 0x00,
- STORE_X509_EXPIRED = 0x01,
- STORE_X509_SUSPENDED = 0x02,
- STORE_X509_REVOKED = 0x03
-} STORE_CERTIFICATE_STATUS;
-
-/*
- * Engine store functions will return a structure that contains all the
- * necessary information, including revokation status for certificates. This
- * is really not needed for application authors, as the ENGINE framework
- * functions will extract the OpenSSL-specific information when at all
- * possible. However, for engine authors, it's crucial to know this
- * structure.
- */
-typedef struct STORE_OBJECT_st {
- STORE_OBJECT_TYPES type;
- union {
- struct {
- STORE_CERTIFICATE_STATUS status;
- X509 *certificate;
- } x509;
- X509_CRL *crl;
- EVP_PKEY *key;
- BIGNUM *number;
- BUF_MEM *arbitrary;
- } data;
-} STORE_OBJECT;
-DECLARE_STACK_OF(STORE_OBJECT)
-STORE_OBJECT *STORE_OBJECT_new(void);
-void STORE_OBJECT_free(STORE_OBJECT *data);
-
-/*
- * The following functions handle the storage. They return 0, a negative
- * number or NULL on error, anything else on success.
- */
-X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-X509 *STORE_list_certificate_next(STORE *e, void *handle);
-int STORE_list_certificate_end(STORE *e, void *handle);
-int STORE_list_certificate_endp(STORE *e, void *handle);
-EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_private_key(STORE *e, EVP_PKEY *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
-int STORE_list_private_key_end(STORE *e, void *handle);
-int STORE_list_private_key_endp(STORE *e, void *handle);
-EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_public_key(STORE *e, EVP_PKEY *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
-int STORE_list_public_key_end(STORE *e, void *handle);
-int STORE_list_public_key_endp(STORE *e, void *handle);
-X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
-int STORE_list_crl_end(STORE *e, void *handle);
-int STORE_list_crl_endp(STORE *e, void *handle);
-int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-
-/* Create and manipulate methods */
-STORE_METHOD *STORE_create_method(char *name);
-void STORE_destroy_method(STORE_METHOD *store_method);
-
-/* These callback types are use for store handlers */
-typedef int (*STORE_INITIALISE_FUNC_PTR) (STORE *);
-typedef void (*STORE_CLEANUP_FUNC_PTR) (STORE *);
-typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *,
- STORE_OBJECT_TYPES
- type,
- OPENSSL_ITEM
- attributes[],
- OPENSSL_ITEM
- parameters[]);
-typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *,
- STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
-typedef int (*STORE_END_OBJECT_FUNC_PTR) (STORE *, void *handle);
-typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_STORE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
- STORE_OBJECT *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_GENERIC_FUNC_PTR) (STORE *, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_CTRL_FUNC_PTR) (STORE *, int cmd, long l, void *p,
- void (*f) (void));
-
-int STORE_method_set_initialise_function(STORE_METHOD *sm,
- STORE_INITIALISE_FUNC_PTR init_f);
-int STORE_method_set_cleanup_function(STORE_METHOD *sm,
- STORE_CLEANUP_FUNC_PTR clean_f);
-int STORE_method_set_generate_function(STORE_METHOD *sm,
- STORE_GENERATE_OBJECT_FUNC_PTR
- generate_f);
-int STORE_method_set_get_function(STORE_METHOD *sm,
- STORE_GET_OBJECT_FUNC_PTR get_f);
-int STORE_method_set_store_function(STORE_METHOD *sm,
- STORE_STORE_OBJECT_FUNC_PTR store_f);
-int STORE_method_set_modify_function(STORE_METHOD *sm,
- STORE_MODIFY_OBJECT_FUNC_PTR store_f);
-int STORE_method_set_revoke_function(STORE_METHOD *sm,
- STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
-int STORE_method_set_delete_function(STORE_METHOD *sm,
- STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
-int STORE_method_set_list_start_function(STORE_METHOD *sm,
- STORE_START_OBJECT_FUNC_PTR
- list_start_f);
-int STORE_method_set_list_next_function(STORE_METHOD *sm,
- STORE_NEXT_OBJECT_FUNC_PTR
- list_next_f);
-int STORE_method_set_list_end_function(STORE_METHOD *sm,
- STORE_END_OBJECT_FUNC_PTR list_end_f);
-int STORE_method_set_update_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_lock_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_ctrl_function(STORE_METHOD *sm,
- STORE_CTRL_FUNC_PTR ctrl_f);
-
-STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
- *sm);
-STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
-STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
- *sm);
-STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
-STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
-STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
- *sm);
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
- *sm);
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
- *sm);
-STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
- *sm);
-STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
- *sm);
-STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD
- *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
- *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
- *sm);
-STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
-
-/* Method helper structures and functions. */
-
-/*
- * This structure is the result of parsing through the information in a list
- * of OPENSSL_ITEMs. It stores all the necessary information in a structured
- * way.
- */
-typedef struct STORE_attr_info_st STORE_ATTR_INFO;
-
-/*
- * Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
- * Note that we do this in the list form, since the list of OPENSSL_ITEMs can
- * come in blocks separated with STORE_ATTR_OR. Note that the value returned
- * by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free().
- */
-void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
-STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
-int STORE_parse_attrs_end(void *handle);
-int STORE_parse_attrs_endp(void *handle);
-
-/* Creator and destructor */
-STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
-int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
-
-/* Manipulators */
-char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- char *cstr, size_t cstr_size);
-int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- unsigned char *sha1str, size_t sha1str_size);
-int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- X509_NAME *dn);
-int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- BIGNUM *number);
-int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- char *cstr, size_t cstr_size);
-int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code,
- unsigned char *sha1str,
- size_t sha1str_size);
-int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- X509_NAME *dn);
-int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code, BIGNUM *number);
-
-/*
- * Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
- * each contained attribute.
- */
-int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
- const STORE_ATTR_INFO *const *b);
-/*
- * Check if the set of attributes in a is within the range of attributes set
- * in b.
- */
-int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-/* Check if the set of attributes in a are also set in b. */
-int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
-int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_STORE_strings(void);
-
-/* Error codes for the STORE functions. */
-
-/* Function codes. */
-# define STORE_F_MEM_DELETE 134
-# define STORE_F_MEM_GENERATE 135
-# define STORE_F_MEM_LIST_END 168
-# define STORE_F_MEM_LIST_NEXT 136
-# define STORE_F_MEM_LIST_START 137
-# define STORE_F_MEM_MODIFY 169
-# define STORE_F_MEM_STORE 138
-# define STORE_F_STORE_ATTR_INFO_GET0_CSTR 139
-# define STORE_F_STORE_ATTR_INFO_GET0_DN 140
-# define STORE_F_STORE_ATTR_INFO_GET0_NUMBER 141
-# define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR 142
-# define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR 143
-# define STORE_F_STORE_ATTR_INFO_MODIFY_DN 144
-# define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER 145
-# define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR 146
-# define STORE_F_STORE_ATTR_INFO_SET_CSTR 147
-# define STORE_F_STORE_ATTR_INFO_SET_DN 148
-# define STORE_F_STORE_ATTR_INFO_SET_NUMBER 149
-# define STORE_F_STORE_ATTR_INFO_SET_SHA1STR 150
-# define STORE_F_STORE_CERTIFICATE 170
-# define STORE_F_STORE_CTRL 161
-# define STORE_F_STORE_DELETE_ARBITRARY 158
-# define STORE_F_STORE_DELETE_CERTIFICATE 102
-# define STORE_F_STORE_DELETE_CRL 103
-# define STORE_F_STORE_DELETE_NUMBER 104
-# define STORE_F_STORE_DELETE_PRIVATE_KEY 105
-# define STORE_F_STORE_DELETE_PUBLIC_KEY 106
-# define STORE_F_STORE_GENERATE_CRL 107
-# define STORE_F_STORE_GENERATE_KEY 108
-# define STORE_F_STORE_GET_ARBITRARY 159
-# define STORE_F_STORE_GET_CERTIFICATE 109
-# define STORE_F_STORE_GET_CRL 110
-# define STORE_F_STORE_GET_NUMBER 111
-# define STORE_F_STORE_GET_PRIVATE_KEY 112
-# define STORE_F_STORE_GET_PUBLIC_KEY 113
-# define STORE_F_STORE_LIST_CERTIFICATE_END 114
-# define STORE_F_STORE_LIST_CERTIFICATE_ENDP 153
-# define STORE_F_STORE_LIST_CERTIFICATE_NEXT 115
-# define STORE_F_STORE_LIST_CERTIFICATE_START 116
-# define STORE_F_STORE_LIST_CRL_END 117
-# define STORE_F_STORE_LIST_CRL_ENDP 154
-# define STORE_F_STORE_LIST_CRL_NEXT 118
-# define STORE_F_STORE_LIST_CRL_START 119
-# define STORE_F_STORE_LIST_PRIVATE_KEY_END 120
-# define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP 155
-# define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT 121
-# define STORE_F_STORE_LIST_PRIVATE_KEY_START 122
-# define STORE_F_STORE_LIST_PUBLIC_KEY_END 123
-# define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP 156
-# define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT 124
-# define STORE_F_STORE_LIST_PUBLIC_KEY_START 125
-# define STORE_F_STORE_MODIFY_ARBITRARY 162
-# define STORE_F_STORE_MODIFY_CERTIFICATE 163
-# define STORE_F_STORE_MODIFY_CRL 164
-# define STORE_F_STORE_MODIFY_NUMBER 165
-# define STORE_F_STORE_MODIFY_PRIVATE_KEY 166
-# define STORE_F_STORE_MODIFY_PUBLIC_KEY 167
-# define STORE_F_STORE_NEW_ENGINE 133
-# define STORE_F_STORE_NEW_METHOD 132
-# define STORE_F_STORE_PARSE_ATTRS_END 151
-# define STORE_F_STORE_PARSE_ATTRS_ENDP 172
-# define STORE_F_STORE_PARSE_ATTRS_NEXT 152
-# define STORE_F_STORE_PARSE_ATTRS_START 171
-# define STORE_F_STORE_REVOKE_CERTIFICATE 129
-# define STORE_F_STORE_REVOKE_PRIVATE_KEY 130
-# define STORE_F_STORE_REVOKE_PUBLIC_KEY 131
-# define STORE_F_STORE_STORE_ARBITRARY 157
-# define STORE_F_STORE_STORE_CERTIFICATE 100
-# define STORE_F_STORE_STORE_CRL 101
-# define STORE_F_STORE_STORE_NUMBER 126
-# define STORE_F_STORE_STORE_PRIVATE_KEY 127
-# define STORE_F_STORE_STORE_PUBLIC_KEY 128
-
-/* Reason codes. */
-# define STORE_R_ALREADY_HAS_A_VALUE 127
-# define STORE_R_FAILED_DELETING_ARBITRARY 132
-# define STORE_R_FAILED_DELETING_CERTIFICATE 100
-# define STORE_R_FAILED_DELETING_KEY 101
-# define STORE_R_FAILED_DELETING_NUMBER 102
-# define STORE_R_FAILED_GENERATING_CRL 103
-# define STORE_R_FAILED_GENERATING_KEY 104
-# define STORE_R_FAILED_GETTING_ARBITRARY 133
-# define STORE_R_FAILED_GETTING_CERTIFICATE 105
-# define STORE_R_FAILED_GETTING_KEY 106
-# define STORE_R_FAILED_GETTING_NUMBER 107
-# define STORE_R_FAILED_LISTING_CERTIFICATES 108
-# define STORE_R_FAILED_LISTING_KEYS 109
-# define STORE_R_FAILED_MODIFYING_ARBITRARY 138
-# define STORE_R_FAILED_MODIFYING_CERTIFICATE 139
-# define STORE_R_FAILED_MODIFYING_CRL 140
-# define STORE_R_FAILED_MODIFYING_NUMBER 141
-# define STORE_R_FAILED_MODIFYING_PRIVATE_KEY 142
-# define STORE_R_FAILED_MODIFYING_PUBLIC_KEY 143
-# define STORE_R_FAILED_REVOKING_CERTIFICATE 110
-# define STORE_R_FAILED_REVOKING_KEY 111
-# define STORE_R_FAILED_STORING_ARBITRARY 134
-# define STORE_R_FAILED_STORING_CERTIFICATE 112
-# define STORE_R_FAILED_STORING_KEY 113
-# define STORE_R_FAILED_STORING_NUMBER 114
-# define STORE_R_NOT_IMPLEMENTED 128
-# define STORE_R_NO_CONTROL_FUNCTION 144
-# define STORE_R_NO_DELETE_ARBITRARY_FUNCTION 135
-# define STORE_R_NO_DELETE_NUMBER_FUNCTION 115
-# define STORE_R_NO_DELETE_OBJECT_FUNCTION 116
-# define STORE_R_NO_GENERATE_CRL_FUNCTION 117
-# define STORE_R_NO_GENERATE_OBJECT_FUNCTION 118
-# define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION 136
-# define STORE_R_NO_GET_OBJECT_FUNCTION 119
-# define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION 120
-# define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION 131
-# define STORE_R_NO_LIST_OBJECT_END_FUNCTION 121
-# define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION 122
-# define STORE_R_NO_LIST_OBJECT_START_FUNCTION 123
-# define STORE_R_NO_MODIFY_OBJECT_FUNCTION 145
-# define STORE_R_NO_REVOKE_OBJECT_FUNCTION 124
-# define STORE_R_NO_STORE 129
-# define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION 137
-# define STORE_R_NO_STORE_OBJECT_FUNCTION 125
-# define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION 126
-# define STORE_R_NO_VALUE 130
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/store/store.h (from rev 11605, vendor-crypto/openssl/dist/crypto/store/store.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/store/store.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/store.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,658 @@
+/* crypto/store/store.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_STORE_H
+# define HEADER_STORE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_STORE
+# error STORE is disabled.
+# endif
+
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/x509.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct store_st STORE; */
+/* typedef struct store_method_st STORE_METHOD; */
+
+/*
+ * All the following functions return 0, a negative number or NULL on error.
+ * When everything is fine, they return a positive value or a non-NULL
+ * pointer, all depending on their purpose.
+ */
+
+/* Creators and destructor. */
+STORE *STORE_new_method(const STORE_METHOD *method);
+STORE *STORE_new_engine(ENGINE *engine);
+void STORE_free(STORE *ui);
+
+/*
+ * Give a user interface parametrised control commands. This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a STORE.
+ */
+int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
+
+/*
+ * A control to set the directory with keys and certificates. Used by the
+ * built-in directory level method.
+ */
+# define STORE_CTRL_SET_DIRECTORY 0x0001
+/*
+ * A control to set a file to load. Used by the built-in file level method.
+ */
+# define STORE_CTRL_SET_FILE 0x0002
+/*
+ * A control to set a configuration file to load. Can be used by any method
+ * that wishes to load a configuration file.
+ */
+# define STORE_CTRL_SET_CONF_FILE 0x0003
+/*
+ * A control to set a the section of the loaded configuration file. Can be
+ * used by any method that wishes to load a configuration file.
+ */
+# define STORE_CTRL_SET_CONF_SECTION 0x0004
+
+/* Some methods may use extra data */
+# define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
+# define STORE_get_app_data(s) STORE_get_ex_data(s,0)
+int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int STORE_set_ex_data(STORE *r, int idx, void *arg);
+void *STORE_get_ex_data(STORE *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+const STORE_METHOD *STORE_get_method(STORE *store);
+const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
+
+/* The standard OpenSSL methods. */
+/*
+ * This is the in-memory method. It does everything except revoking and
+ * updating, and is of course volatile. It's used by other methods that have
+ * an in-memory cache.
+ */
+const STORE_METHOD *STORE_Memory(void);
+# if 0 /* Not yet implemented */
+/*
+ * This is the directory store. It does everything except revoking and
+ * updating, and uses STORE_Memory() to cache things in memory.
+ */
+const STORE_METHOD *STORE_Directory(void);
+/*
+ * This is the file store. It does everything except revoking and updating,
+ * and uses STORE_Memory() to cache things in memory. Certificates are added
+ * to it with the store operation, and it will only get cached certificates.
+ */
+const STORE_METHOD *STORE_File(void);
+# endif
+
+/*
+ * Store functions take a type code for the type of data they should store or
+ * fetch
+ */
+typedef enum STORE_object_types {
+ STORE_OBJECT_TYPE_X509_CERTIFICATE = 0x01, /* X509 * */
+ STORE_OBJECT_TYPE_X509_CRL = 0x02, /* X509_CRL * */
+ STORE_OBJECT_TYPE_PRIVATE_KEY = 0x03, /* EVP_PKEY * */
+ STORE_OBJECT_TYPE_PUBLIC_KEY = 0x04, /* EVP_PKEY * */
+ STORE_OBJECT_TYPE_NUMBER = 0x05, /* BIGNUM * */
+ STORE_OBJECT_TYPE_ARBITRARY = 0x06, /* BUF_MEM * */
+ STORE_OBJECT_TYPE_NUM = 0x06 /* The amount of known object types */
+} STORE_OBJECT_TYPES;
+/* List of text strings corresponding to the object types. */
+extern const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1];
+
+/*
+ * Some store functions take a parameter list. Those parameters come with
+ * one of the following codes. The comments following the codes below
+ * indicate what type the value should be a pointer to.
+ */
+typedef enum STORE_params {
+ STORE_PARAM_EVP_TYPE = 0x01, /* int */
+ STORE_PARAM_BITS = 0x02, /* size_t */
+ STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
+ STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
+ STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
+ STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
+ STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
+} STORE_PARAM_TYPES;
+/*
+ * Parameter value sizes. -1 means unknown, anything else is the required
+ * size.
+ */
+extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1];
+
+/*
+ * Store functions take attribute lists. Those attributes come with codes.
+ * The comments following the codes below indicate what type the value should
+ * be a pointer to.
+ */
+typedef enum STORE_attribs {
+ STORE_ATTR_END = 0x00,
+ STORE_ATTR_FRIENDLYNAME = 0x01, /* C string */
+ STORE_ATTR_KEYID = 0x02, /* 160 bit string (SHA1) */
+ STORE_ATTR_ISSUERKEYID = 0x03, /* 160 bit string (SHA1) */
+ STORE_ATTR_SUBJECTKEYID = 0x04, /* 160 bit string (SHA1) */
+ STORE_ATTR_ISSUERSERIALHASH = 0x05, /* 160 bit string (SHA1) */
+ STORE_ATTR_ISSUER = 0x06, /* X509_NAME * */
+ STORE_ATTR_SERIAL = 0x07, /* BIGNUM * */
+ STORE_ATTR_SUBJECT = 0x08, /* X509_NAME * */
+ STORE_ATTR_CERTHASH = 0x09, /* 160 bit string (SHA1) */
+ STORE_ATTR_EMAIL = 0x0a, /* C string */
+ STORE_ATTR_FILENAME = 0x0b, /* C string */
+ STORE_ATTR_TYPE_NUM = 0x0b, /* The amount of known attribute types */
+ STORE_ATTR_OR = 0xff /* This is a special separator, which
+ * expresses the OR operation. */
+} STORE_ATTR_TYPES;
+/*
+ * Attribute value sizes. -1 means unknown, anything else is the required
+ * size.
+ */
+extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1];
+
+typedef enum STORE_certificate_status {
+ STORE_X509_VALID = 0x00,
+ STORE_X509_EXPIRED = 0x01,
+ STORE_X509_SUSPENDED = 0x02,
+ STORE_X509_REVOKED = 0x03
+} STORE_CERTIFICATE_STATUS;
+
+/*
+ * Engine store functions will return a structure that contains all the
+ * necessary information, including revokation status for certificates. This
+ * is really not needed for application authors, as the ENGINE framework
+ * functions will extract the OpenSSL-specific information when at all
+ * possible. However, for engine authors, it's crucial to know this
+ * structure.
+ */
+typedef struct STORE_OBJECT_st {
+ STORE_OBJECT_TYPES type;
+ union {
+ struct {
+ STORE_CERTIFICATE_STATUS status;
+ X509 *certificate;
+ } x509;
+ X509_CRL *crl;
+ EVP_PKEY *key;
+ BIGNUM *number;
+ BUF_MEM *arbitrary;
+ } data;
+} STORE_OBJECT;
+DECLARE_STACK_OF(STORE_OBJECT)
+STORE_OBJECT *STORE_OBJECT_new(void);
+void STORE_OBJECT_free(STORE_OBJECT *data);
+
+/*
+ * The following functions handle the storage. They return 0, a negative
+ * number or NULL on error, anything else on success.
+ */
+X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+X509 *STORE_list_certificate_next(STORE *e, void *handle);
+int STORE_list_certificate_end(STORE *e, void *handle);
+int STORE_list_certificate_endp(STORE *e, void *handle);
+EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_private_key(STORE *e, EVP_PKEY *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
+int STORE_list_private_key_end(STORE *e, void *handle);
+int STORE_list_private_key_endp(STORE *e, void *handle);
+EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_public_key(STORE *e, EVP_PKEY *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
+int STORE_list_public_key_end(STORE *e, void *handle);
+int STORE_list_public_key_endp(STORE *e, void *handle);
+X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
+int STORE_list_crl_end(STORE *e, void *handle);
+int STORE_list_crl_endp(STORE *e, void *handle);
+int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+
+/* Create and manipulate methods */
+STORE_METHOD *STORE_create_method(char *name);
+void STORE_destroy_method(STORE_METHOD *store_method);
+
+/* These callback types are use for store handlers */
+typedef int (*STORE_INITIALISE_FUNC_PTR) (STORE *);
+typedef void (*STORE_CLEANUP_FUNC_PTR) (STORE *);
+typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *,
+ STORE_OBJECT_TYPES
+ type,
+ OPENSSL_ITEM
+ attributes[],
+ OPENSSL_ITEM
+ parameters[]);
+typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *,
+ STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
+typedef int (*STORE_END_OBJECT_FUNC_PTR) (STORE *, void *handle);
+typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_STORE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+ STORE_OBJECT *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_GENERIC_FUNC_PTR) (STORE *, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_CTRL_FUNC_PTR) (STORE *, int cmd, long l, void *p,
+ void (*f) (void));
+
+int STORE_method_set_initialise_function(STORE_METHOD *sm,
+ STORE_INITIALISE_FUNC_PTR init_f);
+int STORE_method_set_cleanup_function(STORE_METHOD *sm,
+ STORE_CLEANUP_FUNC_PTR clean_f);
+int STORE_method_set_generate_function(STORE_METHOD *sm,
+ STORE_GENERATE_OBJECT_FUNC_PTR
+ generate_f);
+int STORE_method_set_get_function(STORE_METHOD *sm,
+ STORE_GET_OBJECT_FUNC_PTR get_f);
+int STORE_method_set_store_function(STORE_METHOD *sm,
+ STORE_STORE_OBJECT_FUNC_PTR store_f);
+int STORE_method_set_modify_function(STORE_METHOD *sm,
+ STORE_MODIFY_OBJECT_FUNC_PTR store_f);
+int STORE_method_set_revoke_function(STORE_METHOD *sm,
+ STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
+int STORE_method_set_delete_function(STORE_METHOD *sm,
+ STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
+int STORE_method_set_list_start_function(STORE_METHOD *sm,
+ STORE_START_OBJECT_FUNC_PTR
+ list_start_f);
+int STORE_method_set_list_next_function(STORE_METHOD *sm,
+ STORE_NEXT_OBJECT_FUNC_PTR
+ list_next_f);
+int STORE_method_set_list_end_function(STORE_METHOD *sm,
+ STORE_END_OBJECT_FUNC_PTR list_end_f);
+int STORE_method_set_update_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_lock_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_ctrl_function(STORE_METHOD *sm,
+ STORE_CTRL_FUNC_PTR ctrl_f);
+
+STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
+ *sm);
+STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
+STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
+ *sm);
+STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
+STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
+STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
+ *sm);
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
+ *sm);
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
+ *sm);
+STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
+ *sm);
+STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
+ *sm);
+STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD
+ *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
+ *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
+ *sm);
+STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
+
+/* Method helper structures and functions. */
+
+/*
+ * This structure is the result of parsing through the information in a list
+ * of OPENSSL_ITEMs. It stores all the necessary information in a structured
+ * way.
+ */
+typedef struct STORE_attr_info_st STORE_ATTR_INFO;
+
+/*
+ * Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
+ * Note that we do this in the list form, since the list of OPENSSL_ITEMs can
+ * come in blocks separated with STORE_ATTR_OR. Note that the value returned
+ * by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free().
+ */
+void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
+STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
+int STORE_parse_attrs_end(void *handle);
+int STORE_parse_attrs_endp(void *handle);
+
+/* Creator and destructor */
+STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
+int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
+
+/* Manipulators */
+char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ char *cstr, size_t cstr_size);
+int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ unsigned char *sha1str, size_t sha1str_size);
+int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ X509_NAME *dn);
+int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ BIGNUM *number);
+int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ char *cstr, size_t cstr_size);
+int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code,
+ unsigned char *sha1str,
+ size_t sha1str_size);
+int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ X509_NAME *dn);
+int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code, BIGNUM *number);
+
+/*
+ * Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
+ * each contained attribute.
+ */
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+ const STORE_ATTR_INFO *const *b);
+/*
+ * Check if the set of attributes in a is within the range of attributes set
+ * in b.
+ */
+int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+/* Check if the set of attributes in a are also set in b. */
+int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
+int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_STORE_strings(void);
+
+/* Error codes for the STORE functions. */
+
+/* Function codes. */
+# define STORE_F_MEM_DELETE 134
+# define STORE_F_MEM_GENERATE 135
+# define STORE_F_MEM_LIST_END 168
+# define STORE_F_MEM_LIST_NEXT 136
+# define STORE_F_MEM_LIST_START 137
+# define STORE_F_MEM_MODIFY 169
+# define STORE_F_MEM_STORE 138
+# define STORE_F_STORE_ATTR_INFO_GET0_CSTR 139
+# define STORE_F_STORE_ATTR_INFO_GET0_DN 140
+# define STORE_F_STORE_ATTR_INFO_GET0_NUMBER 141
+# define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR 142
+# define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR 143
+# define STORE_F_STORE_ATTR_INFO_MODIFY_DN 144
+# define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER 145
+# define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR 146
+# define STORE_F_STORE_ATTR_INFO_SET_CSTR 147
+# define STORE_F_STORE_ATTR_INFO_SET_DN 148
+# define STORE_F_STORE_ATTR_INFO_SET_NUMBER 149
+# define STORE_F_STORE_ATTR_INFO_SET_SHA1STR 150
+# define STORE_F_STORE_CERTIFICATE 170
+# define STORE_F_STORE_CTRL 161
+# define STORE_F_STORE_DELETE_ARBITRARY 158
+# define STORE_F_STORE_DELETE_CERTIFICATE 102
+# define STORE_F_STORE_DELETE_CRL 103
+# define STORE_F_STORE_DELETE_NUMBER 104
+# define STORE_F_STORE_DELETE_PRIVATE_KEY 105
+# define STORE_F_STORE_DELETE_PUBLIC_KEY 106
+# define STORE_F_STORE_GENERATE_CRL 107
+# define STORE_F_STORE_GENERATE_KEY 108
+# define STORE_F_STORE_GET_ARBITRARY 159
+# define STORE_F_STORE_GET_CERTIFICATE 109
+# define STORE_F_STORE_GET_CRL 110
+# define STORE_F_STORE_GET_NUMBER 111
+# define STORE_F_STORE_GET_PRIVATE_KEY 112
+# define STORE_F_STORE_GET_PUBLIC_KEY 113
+# define STORE_F_STORE_LIST_CERTIFICATE_END 114
+# define STORE_F_STORE_LIST_CERTIFICATE_ENDP 153
+# define STORE_F_STORE_LIST_CERTIFICATE_NEXT 115
+# define STORE_F_STORE_LIST_CERTIFICATE_START 116
+# define STORE_F_STORE_LIST_CRL_END 117
+# define STORE_F_STORE_LIST_CRL_ENDP 154
+# define STORE_F_STORE_LIST_CRL_NEXT 118
+# define STORE_F_STORE_LIST_CRL_START 119
+# define STORE_F_STORE_LIST_PRIVATE_KEY_END 120
+# define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP 155
+# define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT 121
+# define STORE_F_STORE_LIST_PRIVATE_KEY_START 122
+# define STORE_F_STORE_LIST_PUBLIC_KEY_END 123
+# define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP 156
+# define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT 124
+# define STORE_F_STORE_LIST_PUBLIC_KEY_START 125
+# define STORE_F_STORE_MODIFY_ARBITRARY 162
+# define STORE_F_STORE_MODIFY_CERTIFICATE 163
+# define STORE_F_STORE_MODIFY_CRL 164
+# define STORE_F_STORE_MODIFY_NUMBER 165
+# define STORE_F_STORE_MODIFY_PRIVATE_KEY 166
+# define STORE_F_STORE_MODIFY_PUBLIC_KEY 167
+# define STORE_F_STORE_NEW_ENGINE 133
+# define STORE_F_STORE_NEW_METHOD 132
+# define STORE_F_STORE_PARSE_ATTRS_END 151
+# define STORE_F_STORE_PARSE_ATTRS_ENDP 172
+# define STORE_F_STORE_PARSE_ATTRS_NEXT 152
+# define STORE_F_STORE_PARSE_ATTRS_START 171
+# define STORE_F_STORE_REVOKE_CERTIFICATE 129
+# define STORE_F_STORE_REVOKE_PRIVATE_KEY 130
+# define STORE_F_STORE_REVOKE_PUBLIC_KEY 131
+# define STORE_F_STORE_STORE_ARBITRARY 157
+# define STORE_F_STORE_STORE_CERTIFICATE 100
+# define STORE_F_STORE_STORE_CRL 101
+# define STORE_F_STORE_STORE_NUMBER 126
+# define STORE_F_STORE_STORE_PRIVATE_KEY 127
+# define STORE_F_STORE_STORE_PUBLIC_KEY 128
+
+/* Reason codes. */
+# define STORE_R_ALREADY_HAS_A_VALUE 127
+# define STORE_R_FAILED_DELETING_ARBITRARY 132
+# define STORE_R_FAILED_DELETING_CERTIFICATE 100
+# define STORE_R_FAILED_DELETING_KEY 101
+# define STORE_R_FAILED_DELETING_NUMBER 102
+# define STORE_R_FAILED_GENERATING_CRL 103
+# define STORE_R_FAILED_GENERATING_KEY 104
+# define STORE_R_FAILED_GETTING_ARBITRARY 133
+# define STORE_R_FAILED_GETTING_CERTIFICATE 105
+# define STORE_R_FAILED_GETTING_KEY 106
+# define STORE_R_FAILED_GETTING_NUMBER 107
+# define STORE_R_FAILED_LISTING_CERTIFICATES 108
+# define STORE_R_FAILED_LISTING_KEYS 109
+# define STORE_R_FAILED_MODIFYING_ARBITRARY 138
+# define STORE_R_FAILED_MODIFYING_CERTIFICATE 139
+# define STORE_R_FAILED_MODIFYING_CRL 140
+# define STORE_R_FAILED_MODIFYING_NUMBER 141
+# define STORE_R_FAILED_MODIFYING_PRIVATE_KEY 142
+# define STORE_R_FAILED_MODIFYING_PUBLIC_KEY 143
+# define STORE_R_FAILED_REVOKING_CERTIFICATE 110
+# define STORE_R_FAILED_REVOKING_KEY 111
+# define STORE_R_FAILED_STORING_ARBITRARY 134
+# define STORE_R_FAILED_STORING_CERTIFICATE 112
+# define STORE_R_FAILED_STORING_KEY 113
+# define STORE_R_FAILED_STORING_NUMBER 114
+# define STORE_R_NOT_IMPLEMENTED 128
+# define STORE_R_NO_CONTROL_FUNCTION 144
+# define STORE_R_NO_DELETE_ARBITRARY_FUNCTION 135
+# define STORE_R_NO_DELETE_NUMBER_FUNCTION 115
+# define STORE_R_NO_DELETE_OBJECT_FUNCTION 116
+# define STORE_R_NO_GENERATE_CRL_FUNCTION 117
+# define STORE_R_NO_GENERATE_OBJECT_FUNCTION 118
+# define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION 136
+# define STORE_R_NO_GET_OBJECT_FUNCTION 119
+# define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION 120
+# define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION 131
+# define STORE_R_NO_LIST_OBJECT_END_FUNCTION 121
+# define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION 122
+# define STORE_R_NO_LIST_OBJECT_START_FUNCTION 123
+# define STORE_R_NO_MODIFY_OBJECT_FUNCTION 145
+# define STORE_R_NO_REVOKE_OBJECT_FUNCTION 124
+# define STORE_R_NO_STORE 129
+# define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION 137
+# define STORE_R_NO_STORE_OBJECT_FUNCTION 125
+# define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION 126
+# define STORE_R_NO_VALUE 130
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/store/str_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1772 +0,0 @@
-/* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/sha.h>
-#include <openssl/x509.h>
-#include "str_locl.h"
-
-const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
- 0,
- "X.509 Certificate",
- "X.509 CRL",
- "Private Key",
- "Public Key",
- "Number",
- "Arbitrary Data"
-};
-
-const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
- 0,
- sizeof(int), /* EVP_TYPE */
- sizeof(size_t), /* BITS */
- -1, /* KEY_PARAMETERS */
- 0 /* KEY_NO_PARAMETERS */
-};
-
-const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
- 0,
- -1, /* FRIENDLYNAME: C string */
- SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
- SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
- SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
- SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
- sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
- sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
- sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
- SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
- -1, /* EMAIL: C string */
- -1, /* FILENAME: C string */
-};
-
-STORE *STORE_new_method(const STORE_METHOD *method)
-{
- STORE *ret;
-
- if (method == NULL) {
- STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
-
- ret = (STORE *)OPENSSL_malloc(sizeof(STORE));
- if (ret == NULL) {
- STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- ret->meth = method;
-
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
- if (ret->meth->init && !ret->meth->init(ret)) {
- STORE_free(ret);
- ret = NULL;
- }
- return ret;
-}
-
-STORE *STORE_new_engine(ENGINE *engine)
-{
- STORE *ret = NULL;
- ENGINE *e = engine;
- const STORE_METHOD *meth = 0;
-
-#ifdef OPENSSL_NO_ENGINE
- e = NULL;
-#else
- if (engine) {
- if (!ENGINE_init(engine)) {
- STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
- return NULL;
- }
- e = engine;
- } else {
- STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if (e) {
- meth = ENGINE_get_STORE(e);
- if (!meth) {
- STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
- ENGINE_finish(e);
- return NULL;
- }
- }
-#endif
-
- ret = STORE_new_method(meth);
- if (ret == NULL) {
- STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
- return NULL;
- }
-
- ret->engine = e;
-
- return (ret);
-}
-
-void STORE_free(STORE *store)
-{
- if (store == NULL)
- return;
- if (store->meth->clean)
- store->meth->clean(store);
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
- OPENSSL_free(store);
-}
-
-int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
-{
- if (store == NULL) {
- STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (store->meth->ctrl)
- return store->meth->ctrl(store, cmd, i, p, f);
- STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
- return 0;
-}
-
-int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int STORE_set_ex_data(STORE *r, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *STORE_get_ex_data(STORE *r, int idx)
-{
- return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-const STORE_METHOD *STORE_get_method(STORE *store)
-{
- return store->meth;
-}
-
-const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
-{
- store->meth = meth;
- return store->meth;
-}
-
-/* API helpers */
-
-#define check_store(s,fncode,fnname,fnerrcode) \
- do \
- { \
- if ((s) == NULL || (s)->meth == NULL) \
- { \
- STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
- return 0; \
- } \
- if ((s)->meth->fnname == NULL) \
- { \
- STOREerr((fncode), (fnerrcode)); \
- return 0; \
- } \
- } \
- while(0)
-
-/* API functions */
-
-X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- X509 *x;
-
- check_store(s, STORE_F_STORE_GET_CERTIFICATE,
- get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
- object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
- attributes, parameters);
- if (!object || !object->data.x509.certificate) {
- STOREerr(STORE_F_STORE_GET_CERTIFICATE,
- STORE_R_FAILED_GETTING_CERTIFICATE);
- return 0;
- }
- CRYPTO_add(&object->data.x509.certificate->references, 1,
- CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
- REF_PRINT("X509", data);
-#endif
- x = object->data.x509.certificate;
- STORE_OBJECT_free(object);
- return x;
-}
-
-int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- int i;
-
- check_store(s, STORE_F_STORE_CERTIFICATE,
- store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
- object = STORE_OBJECT_new();
- if (!object) {
- STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
- REF_PRINT("X509", data);
-#endif
- object->data.x509.certificate = data;
-
- i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
- object, attributes, parameters);
-
- STORE_OBJECT_free(object);
-
- if (!i) {
- STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
- STORE_R_FAILED_STORING_CERTIFICATE);
- return 0;
- }
- return 1;
-}
-
-int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
- modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
- if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
- search_attributes, add_attributes,
- modify_attributes, delete_attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
- STORE_R_FAILED_MODIFYING_CERTIFICATE);
- return 0;
- }
- return 1;
-}
-
-int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
- revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
-
- if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
- attributes, parameters)) {
- STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
- STORE_R_FAILED_REVOKING_CERTIFICATE);
- return 0;
- }
- return 1;
-}
-
-int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
- delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
- if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
- attributes, parameters)) {
- STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
- STORE_R_FAILED_DELETING_CERTIFICATE);
- return 0;
- }
- return 1;
-}
-
-void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- void *handle;
-
- check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
- list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
- handle = s->meth->list_object_start(s,
- STORE_OBJECT_TYPE_X509_CERTIFICATE,
- attributes, parameters);
- if (!handle) {
- STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
- STORE_R_FAILED_LISTING_CERTIFICATES);
- return 0;
- }
- return handle;
-}
-
-X509 *STORE_list_certificate_next(STORE *s, void *handle)
-{
- STORE_OBJECT *object;
- X509 *x;
-
- check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
- list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
- object = s->meth->list_object_next(s, handle);
- if (!object || !object->data.x509.certificate) {
- STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
- STORE_R_FAILED_LISTING_CERTIFICATES);
- return 0;
- }
- CRYPTO_add(&object->data.x509.certificate->references, 1,
- CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
- REF_PRINT("X509", data);
-#endif
- x = object->data.x509.certificate;
- STORE_OBJECT_free(object);
- return x;
-}
-
-int STORE_list_certificate_end(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
- list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
- if (!s->meth->list_object_end(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
- STORE_R_FAILED_LISTING_CERTIFICATES);
- return 0;
- }
- return 1;
-}
-
-int STORE_list_certificate_endp(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
- list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
- if (!s->meth->list_object_endp(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
- STORE_R_FAILED_LISTING_CERTIFICATES);
- return 0;
- }
- return 1;
-}
-
-EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- EVP_PKEY *pkey;
-
- check_store(s, STORE_F_STORE_GENERATE_KEY,
- generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
-
- object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
- attributes, parameters);
- if (!object || !object->data.key) {
- STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
- return 0;
- }
- CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- pkey = object->data.key;
- STORE_OBJECT_free(object);
- return pkey;
-}
-
-EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- EVP_PKEY *pkey;
-
- check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
- get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
- object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
- attributes, parameters);
- if (!object || !object->data.key || !object->data.key) {
- STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
- return 0;
- }
- CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- pkey = object->data.key;
- STORE_OBJECT_free(object);
- return pkey;
-}
-
-int STORE_store_private_key(STORE *s, EVP_PKEY *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- int i;
-
- check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
- store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
- object = STORE_OBJECT_new();
- if (!object) {
- STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- object->data.key = EVP_PKEY_new();
- if (!object->data.key) {
- STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- object->data.key = data;
-
- i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
- attributes, parameters);
-
- STORE_OBJECT_free(object);
-
- if (!i) {
- STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
- return 0;
- }
- return i;
-}
-
-int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
- modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
- if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
- search_attributes, add_attributes,
- modify_attributes, delete_attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
- STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
- return 0;
- }
- return 1;
-}
-
-int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- int i;
-
- check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
- revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
-
- i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
- attributes, parameters);
-
- if (!i) {
- STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
- STORE_R_FAILED_REVOKING_KEY);
- return 0;
- }
- return i;
-}
-
-int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
- delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
- if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
- attributes, parameters)) {
- STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
- STORE_R_FAILED_DELETING_KEY);
- return 0;
- }
- return 1;
-}
-
-void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- void *handle;
-
- check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
- list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
- handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
- attributes, parameters);
- if (!handle) {
- STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return handle;
-}
-
-EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
-{
- STORE_OBJECT *object;
- EVP_PKEY *pkey;
-
- check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
- list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
- object = s->meth->list_object_next(s, handle);
- if (!object || !object->data.key || !object->data.key) {
- STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- pkey = object->data.key;
- STORE_OBJECT_free(object);
- return pkey;
-}
-
-int STORE_list_private_key_end(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
- list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
- if (!s->meth->list_object_end(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return 1;
-}
-
-int STORE_list_private_key_endp(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
- list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
- if (!s->meth->list_object_endp(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return 1;
-}
-
-EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- EVP_PKEY *pkey;
-
- check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
- get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
- object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
- attributes, parameters);
- if (!object || !object->data.key || !object->data.key) {
- STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
- return 0;
- }
- CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- pkey = object->data.key;
- STORE_OBJECT_free(object);
- return pkey;
-}
-
-int STORE_store_public_key(STORE *s, EVP_PKEY *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- int i;
-
- check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
- store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
- object = STORE_OBJECT_new();
- if (!object) {
- STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- object->data.key = EVP_PKEY_new();
- if (!object->data.key) {
- STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- object->data.key = data;
-
- i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
- attributes, parameters);
-
- STORE_OBJECT_free(object);
-
- if (!i) {
- STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
- return 0;
- }
- return i;
-}
-
-int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
- modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
- if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
- search_attributes, add_attributes,
- modify_attributes, delete_attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
- STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
- return 0;
- }
- return 1;
-}
-
-int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- int i;
-
- check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
- revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
-
- i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
- attributes, parameters);
-
- if (!i) {
- STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
- STORE_R_FAILED_REVOKING_KEY);
- return 0;
- }
- return i;
-}
-
-int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
- delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
- if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
- attributes, parameters)) {
- STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
- STORE_R_FAILED_DELETING_KEY);
- return 0;
- }
- return 1;
-}
-
-void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- void *handle;
-
- check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
- list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
- handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
- attributes, parameters);
- if (!handle) {
- STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return handle;
-}
-
-EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
-{
- STORE_OBJECT *object;
- EVP_PKEY *pkey;
-
- check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
- list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
- object = s->meth->list_object_next(s, handle);
- if (!object || !object->data.key || !object->data.key) {
- STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY", data);
-#endif
- pkey = object->data.key;
- STORE_OBJECT_free(object);
- return pkey;
-}
-
-int STORE_list_public_key_end(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
- list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
- if (!s->meth->list_object_end(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return 1;
-}
-
-int STORE_list_public_key_endp(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
- list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
- if (!s->meth->list_object_endp(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
- STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return 1;
-}
-
-X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- X509_CRL *crl;
-
- check_store(s, STORE_F_STORE_GENERATE_CRL,
- generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
-
- object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
- attributes, parameters);
- if (!object || !object->data.crl) {
- STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
- return 0;
- }
- CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL", data);
-#endif
- crl = object->data.crl;
- STORE_OBJECT_free(object);
- return crl;
-}
-
-X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- X509_CRL *crl;
-
- check_store(s, STORE_F_STORE_GET_CRL,
- get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
- object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
- attributes, parameters);
- if (!object || !object->data.crl) {
- STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
- return 0;
- }
- CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL", data);
-#endif
- crl = object->data.crl;
- STORE_OBJECT_free(object);
- return crl;
-}
-
-int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- int i;
-
- check_store(s, STORE_F_STORE_STORE_CRL,
- store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
- object = STORE_OBJECT_new();
- if (!object) {
- STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL", data);
-#endif
- object->data.crl = data;
-
- i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
- attributes, parameters);
-
- STORE_OBJECT_free(object);
-
- if (!i) {
- STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
- return 0;
- }
- return i;
-}
-
-int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_MODIFY_CRL,
- modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
- if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
- search_attributes, add_attributes,
- modify_attributes, delete_attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
- return 0;
- }
- return 1;
-}
-
-int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_DELETE_CRL,
- delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
- if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
- attributes, parameters)) {
- STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
- return 0;
- }
- return 1;
-}
-
-void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- void *handle;
-
- check_store(s, STORE_F_STORE_LIST_CRL_START,
- list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
- handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
- attributes, parameters);
- if (!handle) {
- STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return handle;
-}
-
-X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
-{
- STORE_OBJECT *object;
- X509_CRL *crl;
-
- check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
- list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
- object = s->meth->list_object_next(s, handle);
- if (!object || !object->data.crl) {
- STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL", data);
-#endif
- crl = object->data.crl;
- STORE_OBJECT_free(object);
- return crl;
-}
-
-int STORE_list_crl_end(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_CRL_END,
- list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
- if (!s->meth->list_object_end(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return 1;
-}
-
-int STORE_list_crl_endp(STORE *s, void *handle)
-{
- check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
- list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
- if (!s->meth->list_object_endp(s, handle)) {
- STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
- return 0;
- }
- return 1;
-}
-
-int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- int i;
-
- check_store(s, STORE_F_STORE_STORE_NUMBER,
- store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
-
- object = STORE_OBJECT_new();
- if (!object) {
- STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- object->data.number = data;
-
- i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
- attributes, parameters);
-
- STORE_OBJECT_free(object);
-
- if (!i) {
- STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
- return 0;
- }
- return 1;
-}
-
-int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_MODIFY_NUMBER,
- modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
- if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
- search_attributes, add_attributes,
- modify_attributes, delete_attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_MODIFY_NUMBER,
- STORE_R_FAILED_MODIFYING_NUMBER);
- return 0;
- }
- return 1;
-}
-
-BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- BIGNUM *n;
-
- check_store(s, STORE_F_STORE_GET_NUMBER,
- get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
-
- object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
- parameters);
- if (!object || !object->data.number) {
- STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
- return 0;
- }
- n = object->data.number;
- object->data.number = NULL;
- STORE_OBJECT_free(object);
- return n;
-}
-
-int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_DELETE_NUMBER,
- delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
-
- if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
- return 0;
- }
- return 1;
-}
-
-int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- int i;
-
- check_store(s, STORE_F_STORE_STORE_ARBITRARY,
- store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
-
- object = STORE_OBJECT_new();
- if (!object) {
- STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- object->data.arbitrary = data;
-
- i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
- attributes, parameters);
-
- STORE_OBJECT_free(object);
-
- if (!i) {
- STOREerr(STORE_F_STORE_STORE_ARBITRARY,
- STORE_R_FAILED_STORING_ARBITRARY);
- return 0;
- }
- return 1;
-}
-
-int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
- modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
- if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
- search_attributes, add_attributes,
- modify_attributes, delete_attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
- STORE_R_FAILED_MODIFYING_ARBITRARY);
- return 0;
- }
- return 1;
-}
-
-BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STORE_OBJECT *object;
- BUF_MEM *b;
-
- check_store(s, STORE_F_STORE_GET_ARBITRARY,
- get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
-
- object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
- attributes, parameters);
- if (!object || !object->data.arbitrary) {
- STOREerr(STORE_F_STORE_GET_ARBITRARY,
- STORE_R_FAILED_GETTING_ARBITRARY);
- return 0;
- }
- b = object->data.arbitrary;
- object->data.arbitrary = NULL;
- STORE_OBJECT_free(object);
- return b;
-}
-
-int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
- delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
-
- if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
- parameters)) {
- STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
- STORE_R_FAILED_DELETING_ARBITRARY);
- return 0;
- }
- return 1;
-}
-
-STORE_OBJECT *STORE_OBJECT_new(void)
-{
- STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
- if (object)
- memset(object, 0, sizeof(STORE_OBJECT));
- return object;
-}
-
-void STORE_OBJECT_free(STORE_OBJECT *data)
-{
- if (!data)
- return;
- switch (data->type) {
- case STORE_OBJECT_TYPE_X509_CERTIFICATE:
- X509_free(data->data.x509.certificate);
- break;
- case STORE_OBJECT_TYPE_X509_CRL:
- X509_CRL_free(data->data.crl);
- break;
- case STORE_OBJECT_TYPE_PRIVATE_KEY:
- case STORE_OBJECT_TYPE_PUBLIC_KEY:
- EVP_PKEY_free(data->data.key);
- break;
- case STORE_OBJECT_TYPE_NUMBER:
- BN_free(data->data.number);
- break;
- case STORE_OBJECT_TYPE_ARBITRARY:
- BUF_MEM_free(data->data.arbitrary);
- break;
- }
- OPENSSL_free(data);
-}
-
-IMPLEMENT_STACK_OF(STORE_OBJECT*)
-
-struct STORE_attr_info_st {
- unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
- union {
- char *cstring;
- unsigned char *sha1string;
- X509_NAME *dn;
- BIGNUM *number;
- void *any;
- } values[STORE_ATTR_TYPE_NUM + 1];
- size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
-};
-
-#define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
- && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
-#define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
-#define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
-
-STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
-{
- return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
-}
-
-static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code)
-{
- if (ATTR_IS_SET(attrs, code)) {
- switch (code) {
- case STORE_ATTR_FRIENDLYNAME:
- case STORE_ATTR_EMAIL:
- case STORE_ATTR_FILENAME:
- STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
- break;
- case STORE_ATTR_KEYID:
- case STORE_ATTR_ISSUERKEYID:
- case STORE_ATTR_SUBJECTKEYID:
- case STORE_ATTR_ISSUERSERIALHASH:
- case STORE_ATTR_CERTHASH:
- STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
- break;
- case STORE_ATTR_ISSUER:
- case STORE_ATTR_SUBJECT:
- STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
- break;
- case STORE_ATTR_SERIAL:
- STORE_ATTR_INFO_modify_number(attrs, code, NULL);
- break;
- default:
- break;
- }
- }
-}
-
-int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
-{
- if (attrs) {
- STORE_ATTR_TYPES i;
- for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
- STORE_ATTR_INFO_attr_free(attrs, i);
- OPENSSL_free(attrs);
- }
- return 1;
-}
-
-char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
- ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if (ATTR_IS_SET(attrs, code))
- return attrs->values[code].cstring;
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
- return NULL;
-}
-
-unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
- ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if (ATTR_IS_SET(attrs, code))
- return attrs->values[code].sha1string;
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
- return NULL;
-}
-
-X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
- ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if (ATTR_IS_SET(attrs, code))
- return attrs->values[code].dn;
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
- return NULL;
-}
-
-BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
- ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if (ATTR_IS_SET(attrs, code))
- return attrs->values[code].number;
- STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
- return NULL;
-}
-
-int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- char *cstr, size_t cstr_size)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (!ATTR_IS_SET(attrs, code)) {
- if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
- return 1;
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
- return 0;
-}
-
-int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- unsigned char *sha1str, size_t sha1str_size)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (!ATTR_IS_SET(attrs, code)) {
- if ((attrs->values[code].sha1string =
- (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
- return 1;
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
- STORE_R_ALREADY_HAS_A_VALUE);
- return 0;
-}
-
-int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- X509_NAME *dn)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (!ATTR_IS_SET(attrs, code)) {
- if ((attrs->values[code].dn = X509_NAME_dup(dn)))
- return 1;
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
- return 0;
-}
-
-int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- BIGNUM *number)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (!ATTR_IS_SET(attrs, code)) {
- if ((attrs->values[code].number = BN_dup(number)))
- return 1;
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
- return 0;
-}
-
-int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- char *cstr, size_t cstr_size)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (ATTR_IS_SET(attrs, code)) {
- OPENSSL_free(attrs->values[code].cstring);
- attrs->values[code].cstring = NULL;
- CLEAR_ATTRBIT(attrs, code);
- }
- return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
-}
-
-int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code,
- unsigned char *sha1str,
- size_t sha1str_size)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (ATTR_IS_SET(attrs, code)) {
- OPENSSL_free(attrs->values[code].sha1string);
- attrs->values[code].sha1string = NULL;
- CLEAR_ATTRBIT(attrs, code);
- }
- return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
-}
-
-int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- X509_NAME *dn)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (ATTR_IS_SET(attrs, code)) {
- OPENSSL_free(attrs->values[code].dn);
- attrs->values[code].dn = NULL;
- CLEAR_ATTRBIT(attrs, code);
- }
- return STORE_ATTR_INFO_set_dn(attrs, code, dn);
-}
-
-int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code, BIGNUM *number)
-{
- if (!attrs) {
- STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (ATTR_IS_SET(attrs, code)) {
- OPENSSL_free(attrs->values[code].number);
- attrs->values[code].number = NULL;
- CLEAR_ATTRBIT(attrs, code);
- }
- return STORE_ATTR_INFO_set_number(attrs, code, number);
-}
-
-struct attr_list_ctx_st {
- OPENSSL_ITEM *attributes;
-};
-void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
-{
- if (attributes) {
- struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
- OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
- if (context)
- context->attributes = attributes;
- else
- STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
- return context;
- }
- STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
-}
-
-STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
-{
- struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
-
- if (context && context->attributes) {
- STORE_ATTR_INFO *attrs = NULL;
-
- while (context->attributes
- && context->attributes->code != STORE_ATTR_OR
- && context->attributes->code != STORE_ATTR_END) {
- switch (context->attributes->code) {
- case STORE_ATTR_FRIENDLYNAME:
- case STORE_ATTR_EMAIL:
- case STORE_ATTR_FILENAME:
- if (!attrs)
- attrs = STORE_ATTR_INFO_new();
- if (attrs == NULL) {
- STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- STORE_ATTR_INFO_set_cstr(attrs,
- context->attributes->code,
- context->attributes->value,
- context->attributes->value_size);
- break;
- case STORE_ATTR_KEYID:
- case STORE_ATTR_ISSUERKEYID:
- case STORE_ATTR_SUBJECTKEYID:
- case STORE_ATTR_ISSUERSERIALHASH:
- case STORE_ATTR_CERTHASH:
- if (!attrs)
- attrs = STORE_ATTR_INFO_new();
- if (attrs == NULL) {
- STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- STORE_ATTR_INFO_set_sha1str(attrs,
- context->attributes->code,
- context->attributes->value,
- context->attributes->value_size);
- break;
- case STORE_ATTR_ISSUER:
- case STORE_ATTR_SUBJECT:
- if (!attrs)
- attrs = STORE_ATTR_INFO_new();
- if (attrs == NULL) {
- STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- STORE_ATTR_INFO_modify_dn(attrs,
- context->attributes->code,
- context->attributes->value);
- break;
- case STORE_ATTR_SERIAL:
- if (!attrs)
- attrs = STORE_ATTR_INFO_new();
- if (attrs == NULL) {
- STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- STORE_ATTR_INFO_modify_number(attrs,
- context->attributes->code,
- context->attributes->value);
- break;
- }
- context->attributes++;
- }
- if (context->attributes->code == STORE_ATTR_OR)
- context->attributes++;
- return attrs;
- err:
- while (context->attributes
- && context->attributes->code != STORE_ATTR_OR
- && context->attributes->code != STORE_ATTR_END)
- context->attributes++;
- if (context->attributes->code == STORE_ATTR_OR)
- context->attributes++;
- return NULL;
- }
- STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
-}
-
-int STORE_parse_attrs_end(void *handle)
-{
- struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
-
- if (context && context->attributes) {
-#if 0
- OPENSSL_ITEM *attributes = context->attributes;
-#endif
- OPENSSL_free(context);
- return 1;
- }
- STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
-}
-
-int STORE_parse_attrs_endp(void *handle)
-{
- struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
-
- if (context && context->attributes) {
- return context->attributes->code == STORE_ATTR_END;
- }
- STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
-}
-
-static int attr_info_compare_compute_range(const unsigned char *abits,
- const unsigned char *bbits,
- unsigned int *alowp,
- unsigned int *ahighp,
- unsigned int *blowp,
- unsigned int *bhighp)
-{
- unsigned int alow = (unsigned int)-1, ahigh = 0;
- unsigned int blow = (unsigned int)-1, bhigh = 0;
- int i, res = 0;
-
- for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
- if (res == 0) {
- if (*abits < *bbits)
- res = -1;
- if (*abits > *bbits)
- res = 1;
- }
- if (*abits) {
- if (alow == (unsigned int)-1) {
- alow = i * 8;
- if (!(*abits & 0x01))
- alow++;
- if (!(*abits & 0x02))
- alow++;
- if (!(*abits & 0x04))
- alow++;
- if (!(*abits & 0x08))
- alow++;
- if (!(*abits & 0x10))
- alow++;
- if (!(*abits & 0x20))
- alow++;
- if (!(*abits & 0x40))
- alow++;
- }
- ahigh = i * 8 + 7;
- if (!(*abits & 0x80))
- ahigh++;
- if (!(*abits & 0x40))
- ahigh++;
- if (!(*abits & 0x20))
- ahigh++;
- if (!(*abits & 0x10))
- ahigh++;
- if (!(*abits & 0x08))
- ahigh++;
- if (!(*abits & 0x04))
- ahigh++;
- if (!(*abits & 0x02))
- ahigh++;
- }
- if (*bbits) {
- if (blow == (unsigned int)-1) {
- blow = i * 8;
- if (!(*bbits & 0x01))
- blow++;
- if (!(*bbits & 0x02))
- blow++;
- if (!(*bbits & 0x04))
- blow++;
- if (!(*bbits & 0x08))
- blow++;
- if (!(*bbits & 0x10))
- blow++;
- if (!(*bbits & 0x20))
- blow++;
- if (!(*bbits & 0x40))
- blow++;
- }
- bhigh = i * 8 + 7;
- if (!(*bbits & 0x80))
- bhigh++;
- if (!(*bbits & 0x40))
- bhigh++;
- if (!(*bbits & 0x20))
- bhigh++;
- if (!(*bbits & 0x10))
- bhigh++;
- if (!(*bbits & 0x08))
- bhigh++;
- if (!(*bbits & 0x04))
- bhigh++;
- if (!(*bbits & 0x02))
- bhigh++;
- }
- }
- if (ahigh + alow < bhigh + blow)
- res = -1;
- if (ahigh + alow > bhigh + blow)
- res = 1;
- if (alowp)
- *alowp = alow;
- if (ahighp)
- *ahighp = ahigh;
- if (blowp)
- *blowp = blow;
- if (bhighp)
- *bhighp = bhigh;
- return res;
-}
-
-int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
- const STORE_ATTR_INFO *const *b)
-{
- if (a == b)
- return 0;
- if (!a)
- return -1;
- if (!b)
- return 1;
- return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
-}
-
-int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
-{
- unsigned int alow, ahigh, blow, bhigh;
-
- if (a == b)
- return 1;
- if (!a)
- return 0;
- if (!b)
- return 0;
- attr_info_compare_compute_range(a->set, b->set,
- &alow, &ahigh, &blow, &bhigh);
- if (alow >= blow && ahigh <= bhigh)
- return 1;
- return 0;
-}
-
-int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
-{
- unsigned char *abits, *bbits;
- int i;
-
- if (a == b)
- return 1;
- if (!a)
- return 0;
- if (!b)
- return 0;
- abits = a->set;
- bbits = b->set;
- for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
- if (*abits && (*bbits & *abits) != *abits)
- return 0;
- }
- return 1;
-}
-
-int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
-{
- STORE_ATTR_TYPES i;
-
- if (a == b)
- return 1;
- if (!STORE_ATTR_INFO_in(a, b))
- return 0;
- for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
- if (ATTR_IS_SET(a, i)) {
- switch (i) {
- case STORE_ATTR_FRIENDLYNAME:
- case STORE_ATTR_EMAIL:
- case STORE_ATTR_FILENAME:
- if (strcmp(a->values[i].cstring, b->values[i].cstring))
- return 0;
- break;
- case STORE_ATTR_KEYID:
- case STORE_ATTR_ISSUERKEYID:
- case STORE_ATTR_SUBJECTKEYID:
- case STORE_ATTR_ISSUERSERIALHASH:
- case STORE_ATTR_CERTHASH:
- if (memcmp(a->values[i].sha1string,
- b->values[i].sha1string, a->value_sizes[i]))
- return 0;
- break;
- case STORE_ATTR_ISSUER:
- case STORE_ATTR_SUBJECT:
- if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
- return 0;
- break;
- case STORE_ATTR_SERIAL:
- if (BN_cmp(a->values[i].number, b->values[i].number))
- return 0;
- break;
- default:
- break;
- }
- }
-
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/store/str_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1772 @@
+/* crypto/store/str_lib.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/sha.h>
+#include <openssl/x509.h>
+#include "str_locl.h"
+
+const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
+ 0,
+ "X.509 Certificate",
+ "X.509 CRL",
+ "Private Key",
+ "Public Key",
+ "Number",
+ "Arbitrary Data"
+};
+
+const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
+ 0,
+ sizeof(int), /* EVP_TYPE */
+ sizeof(size_t), /* BITS */
+ -1, /* KEY_PARAMETERS */
+ 0 /* KEY_NO_PARAMETERS */
+};
+
+const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
+ 0,
+ -1, /* FRIENDLYNAME: C string */
+ SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
+ SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
+ SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
+ SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
+ sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
+ sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
+ sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
+ SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
+ -1, /* EMAIL: C string */
+ -1, /* FILENAME: C string */
+};
+
+STORE *STORE_new_method(const STORE_METHOD *method)
+{
+ STORE *ret;
+
+ if (method == NULL) {
+ STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+
+ ret = (STORE *)OPENSSL_malloc(sizeof(STORE));
+ if (ret == NULL) {
+ STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ ret->meth = method;
+
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
+ if (ret->meth->init && !ret->meth->init(ret)) {
+ STORE_free(ret);
+ ret = NULL;
+ }
+ return ret;
+}
+
+STORE *STORE_new_engine(ENGINE *engine)
+{
+ STORE *ret = NULL;
+ ENGINE *e = engine;
+ const STORE_METHOD *meth = 0;
+
+#ifdef OPENSSL_NO_ENGINE
+ e = NULL;
+#else
+ if (engine) {
+ if (!ENGINE_init(engine)) {
+ STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
+ return NULL;
+ }
+ e = engine;
+ } else {
+ STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ if (e) {
+ meth = ENGINE_get_STORE(e);
+ if (!meth) {
+ STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
+ ENGINE_finish(e);
+ return NULL;
+ }
+ }
+#endif
+
+ ret = STORE_new_method(meth);
+ if (ret == NULL) {
+ STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
+ return NULL;
+ }
+
+ ret->engine = e;
+
+ return (ret);
+}
+
+void STORE_free(STORE *store)
+{
+ if (store == NULL)
+ return;
+ if (store->meth->clean)
+ store->meth->clean(store);
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
+ OPENSSL_free(store);
+}
+
+int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
+{
+ if (store == NULL) {
+ STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (store->meth->ctrl)
+ return store->meth->ctrl(store, cmd, i, p, f);
+ STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
+ return 0;
+}
+
+int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int STORE_set_ex_data(STORE *r, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *STORE_get_ex_data(STORE *r, int idx)
+{
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+const STORE_METHOD *STORE_get_method(STORE *store)
+{
+ return store->meth;
+}
+
+const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
+{
+ store->meth = meth;
+ return store->meth;
+}
+
+/* API helpers */
+
+#define check_store(s,fncode,fnname,fnerrcode) \
+ do \
+ { \
+ if ((s) == NULL || (s)->meth == NULL) \
+ { \
+ STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
+ return 0; \
+ } \
+ if ((s)->meth->fnname == NULL) \
+ { \
+ STOREerr((fncode), (fnerrcode)); \
+ return 0; \
+ } \
+ } \
+ while(0)
+
+/* API functions */
+
+X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ X509 *x;
+
+ check_store(s, STORE_F_STORE_GET_CERTIFICATE,
+ get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+ object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+ attributes, parameters);
+ if (!object || !object->data.x509.certificate) {
+ STOREerr(STORE_F_STORE_GET_CERTIFICATE,
+ STORE_R_FAILED_GETTING_CERTIFICATE);
+ return 0;
+ }
+ CRYPTO_add(&object->data.x509.certificate->references, 1,
+ CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+ REF_PRINT("X509", data);
+#endif
+ x = object->data.x509.certificate;
+ STORE_OBJECT_free(object);
+ return x;
+}
+
+int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ int i;
+
+ check_store(s, STORE_F_STORE_CERTIFICATE,
+ store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+ object = STORE_OBJECT_new();
+ if (!object) {
+ STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+ REF_PRINT("X509", data);
+#endif
+ object->data.x509.certificate = data;
+
+ i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+ object, attributes, parameters);
+
+ STORE_OBJECT_free(object);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
+ STORE_R_FAILED_STORING_CERTIFICATE);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
+ modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+ if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+ search_attributes, add_attributes,
+ modify_attributes, delete_attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
+ STORE_R_FAILED_MODIFYING_CERTIFICATE);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
+ revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
+
+ if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+ attributes, parameters)) {
+ STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
+ STORE_R_FAILED_REVOKING_CERTIFICATE);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
+ delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+ if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+ attributes, parameters)) {
+ STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
+ STORE_R_FAILED_DELETING_CERTIFICATE);
+ return 0;
+ }
+ return 1;
+}
+
+void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ void *handle;
+
+ check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
+ list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+ handle = s->meth->list_object_start(s,
+ STORE_OBJECT_TYPE_X509_CERTIFICATE,
+ attributes, parameters);
+ if (!handle) {
+ STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
+ STORE_R_FAILED_LISTING_CERTIFICATES);
+ return 0;
+ }
+ return handle;
+}
+
+X509 *STORE_list_certificate_next(STORE *s, void *handle)
+{
+ STORE_OBJECT *object;
+ X509 *x;
+
+ check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
+ list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+ object = s->meth->list_object_next(s, handle);
+ if (!object || !object->data.x509.certificate) {
+ STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
+ STORE_R_FAILED_LISTING_CERTIFICATES);
+ return 0;
+ }
+ CRYPTO_add(&object->data.x509.certificate->references, 1,
+ CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+ REF_PRINT("X509", data);
+#endif
+ x = object->data.x509.certificate;
+ STORE_OBJECT_free(object);
+ return x;
+}
+
+int STORE_list_certificate_end(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
+ list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+ if (!s->meth->list_object_end(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
+ STORE_R_FAILED_LISTING_CERTIFICATES);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_list_certificate_endp(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
+ list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+ if (!s->meth->list_object_endp(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
+ STORE_R_FAILED_LISTING_CERTIFICATES);
+ return 0;
+ }
+ return 1;
+}
+
+EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ EVP_PKEY *pkey;
+
+ check_store(s, STORE_F_STORE_GENERATE_KEY,
+ generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
+
+ object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+ attributes, parameters);
+ if (!object || !object->data.key) {
+ STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
+ return 0;
+ }
+ CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ pkey = object->data.key;
+ STORE_OBJECT_free(object);
+ return pkey;
+}
+
+EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ EVP_PKEY *pkey;
+
+ check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
+ get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+ object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+ attributes, parameters);
+ if (!object || !object->data.key || !object->data.key) {
+ STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
+ return 0;
+ }
+ CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ pkey = object->data.key;
+ STORE_OBJECT_free(object);
+ return pkey;
+}
+
+int STORE_store_private_key(STORE *s, EVP_PKEY *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ int i;
+
+ check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
+ store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+ object = STORE_OBJECT_new();
+ if (!object) {
+ STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ object->data.key = EVP_PKEY_new();
+ if (!object->data.key) {
+ STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ object->data.key = data;
+
+ i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
+ attributes, parameters);
+
+ STORE_OBJECT_free(object);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
+ return 0;
+ }
+ return i;
+}
+
+int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
+ modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+ if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+ search_attributes, add_attributes,
+ modify_attributes, delete_attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
+ STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ int i;
+
+ check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
+ revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
+
+ i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+ attributes, parameters);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
+ STORE_R_FAILED_REVOKING_KEY);
+ return 0;
+ }
+ return i;
+}
+
+int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
+ delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+ if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+ attributes, parameters)) {
+ STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
+ STORE_R_FAILED_DELETING_KEY);
+ return 0;
+ }
+ return 1;
+}
+
+void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ void *handle;
+
+ check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
+ list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+ handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+ attributes, parameters);
+ if (!handle) {
+ STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return handle;
+}
+
+EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
+{
+ STORE_OBJECT *object;
+ EVP_PKEY *pkey;
+
+ check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
+ list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+ object = s->meth->list_object_next(s, handle);
+ if (!object || !object->data.key || !object->data.key) {
+ STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ pkey = object->data.key;
+ STORE_OBJECT_free(object);
+ return pkey;
+}
+
+int STORE_list_private_key_end(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
+ list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+ if (!s->meth->list_object_end(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_list_private_key_endp(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
+ list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+ if (!s->meth->list_object_endp(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return 1;
+}
+
+EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ EVP_PKEY *pkey;
+
+ check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
+ get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+ object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+ attributes, parameters);
+ if (!object || !object->data.key || !object->data.key) {
+ STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
+ return 0;
+ }
+ CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ pkey = object->data.key;
+ STORE_OBJECT_free(object);
+ return pkey;
+}
+
+int STORE_store_public_key(STORE *s, EVP_PKEY *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ int i;
+
+ check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
+ store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+ object = STORE_OBJECT_new();
+ if (!object) {
+ STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ object->data.key = EVP_PKEY_new();
+ if (!object->data.key) {
+ STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ object->data.key = data;
+
+ i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
+ attributes, parameters);
+
+ STORE_OBJECT_free(object);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
+ return 0;
+ }
+ return i;
+}
+
+int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
+ modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+ if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+ search_attributes, add_attributes,
+ modify_attributes, delete_attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
+ STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ int i;
+
+ check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
+ revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
+
+ i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+ attributes, parameters);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
+ STORE_R_FAILED_REVOKING_KEY);
+ return 0;
+ }
+ return i;
+}
+
+int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
+ delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+ if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+ attributes, parameters)) {
+ STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
+ STORE_R_FAILED_DELETING_KEY);
+ return 0;
+ }
+ return 1;
+}
+
+void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ void *handle;
+
+ check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
+ list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+ handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+ attributes, parameters);
+ if (!handle) {
+ STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return handle;
+}
+
+EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
+{
+ STORE_OBJECT *object;
+ EVP_PKEY *pkey;
+
+ check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
+ list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+ object = s->meth->list_object_next(s, handle);
+ if (!object || !object->data.key || !object->data.key) {
+ STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY", data);
+#endif
+ pkey = object->data.key;
+ STORE_OBJECT_free(object);
+ return pkey;
+}
+
+int STORE_list_public_key_end(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
+ list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+ if (!s->meth->list_object_end(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_list_public_key_endp(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
+ list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+ if (!s->meth->list_object_endp(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
+ STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return 1;
+}
+
+X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ X509_CRL *crl;
+
+ check_store(s, STORE_F_STORE_GENERATE_CRL,
+ generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
+
+ object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
+ attributes, parameters);
+ if (!object || !object->data.crl) {
+ STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
+ return 0;
+ }
+ CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+ REF_PRINT("X509_CRL", data);
+#endif
+ crl = object->data.crl;
+ STORE_OBJECT_free(object);
+ return crl;
+}
+
+X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ X509_CRL *crl;
+
+ check_store(s, STORE_F_STORE_GET_CRL,
+ get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+ object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
+ attributes, parameters);
+ if (!object || !object->data.crl) {
+ STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
+ return 0;
+ }
+ CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+ REF_PRINT("X509_CRL", data);
+#endif
+ crl = object->data.crl;
+ STORE_OBJECT_free(object);
+ return crl;
+}
+
+int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ int i;
+
+ check_store(s, STORE_F_STORE_STORE_CRL,
+ store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+ object = STORE_OBJECT_new();
+ if (!object) {
+ STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+ REF_PRINT("X509_CRL", data);
+#endif
+ object->data.crl = data;
+
+ i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
+ attributes, parameters);
+
+ STORE_OBJECT_free(object);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
+ return 0;
+ }
+ return i;
+}
+
+int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_MODIFY_CRL,
+ modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+ if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
+ search_attributes, add_attributes,
+ modify_attributes, delete_attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_DELETE_CRL,
+ delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+ if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
+ attributes, parameters)) {
+ STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
+ return 0;
+ }
+ return 1;
+}
+
+void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ void *handle;
+
+ check_store(s, STORE_F_STORE_LIST_CRL_START,
+ list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+ handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
+ attributes, parameters);
+ if (!handle) {
+ STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return handle;
+}
+
+X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
+{
+ STORE_OBJECT *object;
+ X509_CRL *crl;
+
+ check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
+ list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+ object = s->meth->list_object_next(s, handle);
+ if (!object || !object->data.crl) {
+ STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+ REF_PRINT("X509_CRL", data);
+#endif
+ crl = object->data.crl;
+ STORE_OBJECT_free(object);
+ return crl;
+}
+
+int STORE_list_crl_end(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_CRL_END,
+ list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+ if (!s->meth->list_object_end(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_list_crl_endp(STORE *s, void *handle)
+{
+ check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
+ list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+ if (!s->meth->list_object_endp(s, handle)) {
+ STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ int i;
+
+ check_store(s, STORE_F_STORE_STORE_NUMBER,
+ store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
+
+ object = STORE_OBJECT_new();
+ if (!object) {
+ STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ object->data.number = data;
+
+ i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
+ attributes, parameters);
+
+ STORE_OBJECT_free(object);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_MODIFY_NUMBER,
+ modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+ if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
+ search_attributes, add_attributes,
+ modify_attributes, delete_attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_MODIFY_NUMBER,
+ STORE_R_FAILED_MODIFYING_NUMBER);
+ return 0;
+ }
+ return 1;
+}
+
+BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ BIGNUM *n;
+
+ check_store(s, STORE_F_STORE_GET_NUMBER,
+ get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
+
+ object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
+ parameters);
+ if (!object || !object->data.number) {
+ STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
+ return 0;
+ }
+ n = object->data.number;
+ object->data.number = NULL;
+ STORE_OBJECT_free(object);
+ return n;
+}
+
+int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_DELETE_NUMBER,
+ delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
+
+ if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ int i;
+
+ check_store(s, STORE_F_STORE_STORE_ARBITRARY,
+ store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
+
+ object = STORE_OBJECT_new();
+ if (!object) {
+ STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ object->data.arbitrary = data;
+
+ i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
+ attributes, parameters);
+
+ STORE_OBJECT_free(object);
+
+ if (!i) {
+ STOREerr(STORE_F_STORE_STORE_ARBITRARY,
+ STORE_R_FAILED_STORING_ARBITRARY);
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
+ modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+ if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
+ search_attributes, add_attributes,
+ modify_attributes, delete_attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
+ STORE_R_FAILED_MODIFYING_ARBITRARY);
+ return 0;
+ }
+ return 1;
+}
+
+BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STORE_OBJECT *object;
+ BUF_MEM *b;
+
+ check_store(s, STORE_F_STORE_GET_ARBITRARY,
+ get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
+
+ object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
+ attributes, parameters);
+ if (!object || !object->data.arbitrary) {
+ STOREerr(STORE_F_STORE_GET_ARBITRARY,
+ STORE_R_FAILED_GETTING_ARBITRARY);
+ return 0;
+ }
+ b = object->data.arbitrary;
+ object->data.arbitrary = NULL;
+ STORE_OBJECT_free(object);
+ return b;
+}
+
+int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
+ delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
+
+ if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
+ parameters)) {
+ STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
+ STORE_R_FAILED_DELETING_ARBITRARY);
+ return 0;
+ }
+ return 1;
+}
+
+STORE_OBJECT *STORE_OBJECT_new(void)
+{
+ STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
+ if (object)
+ memset(object, 0, sizeof(STORE_OBJECT));
+ return object;
+}
+
+void STORE_OBJECT_free(STORE_OBJECT *data)
+{
+ if (!data)
+ return;
+ switch (data->type) {
+ case STORE_OBJECT_TYPE_X509_CERTIFICATE:
+ X509_free(data->data.x509.certificate);
+ break;
+ case STORE_OBJECT_TYPE_X509_CRL:
+ X509_CRL_free(data->data.crl);
+ break;
+ case STORE_OBJECT_TYPE_PRIVATE_KEY:
+ case STORE_OBJECT_TYPE_PUBLIC_KEY:
+ EVP_PKEY_free(data->data.key);
+ break;
+ case STORE_OBJECT_TYPE_NUMBER:
+ BN_free(data->data.number);
+ break;
+ case STORE_OBJECT_TYPE_ARBITRARY:
+ BUF_MEM_free(data->data.arbitrary);
+ break;
+ }
+ OPENSSL_free(data);
+}
+
+IMPLEMENT_STACK_OF(STORE_OBJECT*)
+
+struct STORE_attr_info_st {
+ unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
+ union {
+ char *cstring;
+ unsigned char *sha1string;
+ X509_NAME *dn;
+ BIGNUM *number;
+ void *any;
+ } values[STORE_ATTR_TYPE_NUM + 1];
+ size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
+};
+
+#define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
+ && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
+#define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
+#define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
+
+STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
+{
+ return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
+}
+
+static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code)
+{
+ if (ATTR_IS_SET(attrs, code)) {
+ switch (code) {
+ case STORE_ATTR_FRIENDLYNAME:
+ case STORE_ATTR_EMAIL:
+ case STORE_ATTR_FILENAME:
+ STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
+ break;
+ case STORE_ATTR_KEYID:
+ case STORE_ATTR_ISSUERKEYID:
+ case STORE_ATTR_SUBJECTKEYID:
+ case STORE_ATTR_ISSUERSERIALHASH:
+ case STORE_ATTR_CERTHASH:
+ STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
+ break;
+ case STORE_ATTR_ISSUER:
+ case STORE_ATTR_SUBJECT:
+ STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
+ break;
+ case STORE_ATTR_SERIAL:
+ STORE_ATTR_INFO_modify_number(attrs, code, NULL);
+ break;
+ default:
+ break;
+ }
+ }
+}
+
+int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
+{
+ if (attrs) {
+ STORE_ATTR_TYPES i;
+ for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
+ STORE_ATTR_INFO_attr_free(attrs, i);
+ OPENSSL_free(attrs);
+ }
+ return 1;
+}
+
+char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ if (ATTR_IS_SET(attrs, code))
+ return attrs->values[code].cstring;
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
+ return NULL;
+}
+
+unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ if (ATTR_IS_SET(attrs, code))
+ return attrs->values[code].sha1string;
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
+ return NULL;
+}
+
+X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ if (ATTR_IS_SET(attrs, code))
+ return attrs->values[code].dn;
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
+ return NULL;
+}
+
+BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ if (ATTR_IS_SET(attrs, code))
+ return attrs->values[code].number;
+ STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
+ return NULL;
+}
+
+int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ char *cstr, size_t cstr_size)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (!ATTR_IS_SET(attrs, code)) {
+ if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
+ return 1;
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
+ return 0;
+}
+
+int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ unsigned char *sha1str, size_t sha1str_size)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (!ATTR_IS_SET(attrs, code)) {
+ if ((attrs->values[code].sha1string =
+ (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
+ return 1;
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
+ STORE_R_ALREADY_HAS_A_VALUE);
+ return 0;
+}
+
+int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ X509_NAME *dn)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (!ATTR_IS_SET(attrs, code)) {
+ if ((attrs->values[code].dn = X509_NAME_dup(dn)))
+ return 1;
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
+ return 0;
+}
+
+int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ BIGNUM *number)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (!ATTR_IS_SET(attrs, code)) {
+ if ((attrs->values[code].number = BN_dup(number)))
+ return 1;
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
+ return 0;
+}
+
+int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ char *cstr, size_t cstr_size)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (ATTR_IS_SET(attrs, code)) {
+ OPENSSL_free(attrs->values[code].cstring);
+ attrs->values[code].cstring = NULL;
+ CLEAR_ATTRBIT(attrs, code);
+ }
+ return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
+}
+
+int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code,
+ unsigned char *sha1str,
+ size_t sha1str_size)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (ATTR_IS_SET(attrs, code)) {
+ OPENSSL_free(attrs->values[code].sha1string);
+ attrs->values[code].sha1string = NULL;
+ CLEAR_ATTRBIT(attrs, code);
+ }
+ return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
+}
+
+int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ X509_NAME *dn)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (ATTR_IS_SET(attrs, code)) {
+ OPENSSL_free(attrs->values[code].dn);
+ attrs->values[code].dn = NULL;
+ CLEAR_ATTRBIT(attrs, code);
+ }
+ return STORE_ATTR_INFO_set_dn(attrs, code, dn);
+}
+
+int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code, BIGNUM *number)
+{
+ if (!attrs) {
+ STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (ATTR_IS_SET(attrs, code)) {
+ OPENSSL_free(attrs->values[code].number);
+ attrs->values[code].number = NULL;
+ CLEAR_ATTRBIT(attrs, code);
+ }
+ return STORE_ATTR_INFO_set_number(attrs, code, number);
+}
+
+struct attr_list_ctx_st {
+ OPENSSL_ITEM *attributes;
+};
+void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
+{
+ if (attributes) {
+ struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
+ OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
+ if (context)
+ context->attributes = attributes;
+ else
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
+ return context;
+ }
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+}
+
+STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
+{
+ struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
+
+ if (context && context->attributes) {
+ STORE_ATTR_INFO *attrs = NULL;
+
+ while (context->attributes
+ && context->attributes->code != STORE_ATTR_OR
+ && context->attributes->code != STORE_ATTR_END) {
+ switch (context->attributes->code) {
+ case STORE_ATTR_FRIENDLYNAME:
+ case STORE_ATTR_EMAIL:
+ case STORE_ATTR_FILENAME:
+ if (!attrs)
+ attrs = STORE_ATTR_INFO_new();
+ if (attrs == NULL) {
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ STORE_ATTR_INFO_set_cstr(attrs,
+ context->attributes->code,
+ context->attributes->value,
+ context->attributes->value_size);
+ break;
+ case STORE_ATTR_KEYID:
+ case STORE_ATTR_ISSUERKEYID:
+ case STORE_ATTR_SUBJECTKEYID:
+ case STORE_ATTR_ISSUERSERIALHASH:
+ case STORE_ATTR_CERTHASH:
+ if (!attrs)
+ attrs = STORE_ATTR_INFO_new();
+ if (attrs == NULL) {
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ STORE_ATTR_INFO_set_sha1str(attrs,
+ context->attributes->code,
+ context->attributes->value,
+ context->attributes->value_size);
+ break;
+ case STORE_ATTR_ISSUER:
+ case STORE_ATTR_SUBJECT:
+ if (!attrs)
+ attrs = STORE_ATTR_INFO_new();
+ if (attrs == NULL) {
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ STORE_ATTR_INFO_modify_dn(attrs,
+ context->attributes->code,
+ context->attributes->value);
+ break;
+ case STORE_ATTR_SERIAL:
+ if (!attrs)
+ attrs = STORE_ATTR_INFO_new();
+ if (attrs == NULL) {
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ STORE_ATTR_INFO_modify_number(attrs,
+ context->attributes->code,
+ context->attributes->value);
+ break;
+ }
+ context->attributes++;
+ }
+ if (context->attributes->code == STORE_ATTR_OR)
+ context->attributes++;
+ return attrs;
+ err:
+ while (context->attributes
+ && context->attributes->code != STORE_ATTR_OR
+ && context->attributes->code != STORE_ATTR_END)
+ context->attributes++;
+ if (context->attributes->code == STORE_ATTR_OR)
+ context->attributes++;
+ return NULL;
+ }
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+}
+
+int STORE_parse_attrs_end(void *handle)
+{
+ struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
+
+ if (context && context->attributes) {
+#if 0
+ OPENSSL_ITEM *attributes = context->attributes;
+#endif
+ OPENSSL_free(context);
+ return 1;
+ }
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+}
+
+int STORE_parse_attrs_endp(void *handle)
+{
+ struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
+
+ if (context && context->attributes) {
+ return context->attributes->code == STORE_ATTR_END;
+ }
+ STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+}
+
+static int attr_info_compare_compute_range(const unsigned char *abits,
+ const unsigned char *bbits,
+ unsigned int *alowp,
+ unsigned int *ahighp,
+ unsigned int *blowp,
+ unsigned int *bhighp)
+{
+ unsigned int alow = (unsigned int)-1, ahigh = 0;
+ unsigned int blow = (unsigned int)-1, bhigh = 0;
+ int i, res = 0;
+
+ for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
+ if (res == 0) {
+ if (*abits < *bbits)
+ res = -1;
+ if (*abits > *bbits)
+ res = 1;
+ }
+ if (*abits) {
+ if (alow == (unsigned int)-1) {
+ alow = i * 8;
+ if (!(*abits & 0x01))
+ alow++;
+ if (!(*abits & 0x02))
+ alow++;
+ if (!(*abits & 0x04))
+ alow++;
+ if (!(*abits & 0x08))
+ alow++;
+ if (!(*abits & 0x10))
+ alow++;
+ if (!(*abits & 0x20))
+ alow++;
+ if (!(*abits & 0x40))
+ alow++;
+ }
+ ahigh = i * 8 + 7;
+ if (!(*abits & 0x80))
+ ahigh++;
+ if (!(*abits & 0x40))
+ ahigh++;
+ if (!(*abits & 0x20))
+ ahigh++;
+ if (!(*abits & 0x10))
+ ahigh++;
+ if (!(*abits & 0x08))
+ ahigh++;
+ if (!(*abits & 0x04))
+ ahigh++;
+ if (!(*abits & 0x02))
+ ahigh++;
+ }
+ if (*bbits) {
+ if (blow == (unsigned int)-1) {
+ blow = i * 8;
+ if (!(*bbits & 0x01))
+ blow++;
+ if (!(*bbits & 0x02))
+ blow++;
+ if (!(*bbits & 0x04))
+ blow++;
+ if (!(*bbits & 0x08))
+ blow++;
+ if (!(*bbits & 0x10))
+ blow++;
+ if (!(*bbits & 0x20))
+ blow++;
+ if (!(*bbits & 0x40))
+ blow++;
+ }
+ bhigh = i * 8 + 7;
+ if (!(*bbits & 0x80))
+ bhigh++;
+ if (!(*bbits & 0x40))
+ bhigh++;
+ if (!(*bbits & 0x20))
+ bhigh++;
+ if (!(*bbits & 0x10))
+ bhigh++;
+ if (!(*bbits & 0x08))
+ bhigh++;
+ if (!(*bbits & 0x04))
+ bhigh++;
+ if (!(*bbits & 0x02))
+ bhigh++;
+ }
+ }
+ if (ahigh + alow < bhigh + blow)
+ res = -1;
+ if (ahigh + alow > bhigh + blow)
+ res = 1;
+ if (alowp)
+ *alowp = alow;
+ if (ahighp)
+ *ahighp = ahigh;
+ if (blowp)
+ *blowp = blow;
+ if (bhighp)
+ *bhighp = bhigh;
+ return res;
+}
+
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+ const STORE_ATTR_INFO *const *b)
+{
+ if (a == b)
+ return 0;
+ if (!a)
+ return -1;
+ if (!b)
+ return 1;
+ return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
+}
+
+int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+{
+ unsigned int alow, ahigh, blow, bhigh;
+
+ if (a == b)
+ return 1;
+ if (!a)
+ return 0;
+ if (!b)
+ return 0;
+ attr_info_compare_compute_range(a->set, b->set,
+ &alow, &ahigh, &blow, &bhigh);
+ if (alow >= blow && ahigh <= bhigh)
+ return 1;
+ return 0;
+}
+
+int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+{
+ unsigned char *abits, *bbits;
+ int i;
+
+ if (a == b)
+ return 1;
+ if (!a)
+ return 0;
+ if (!b)
+ return 0;
+ abits = a->set;
+ bbits = b->set;
+ for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
+ if (*abits && (*bbits & *abits) != *abits)
+ return 0;
+ }
+ return 1;
+}
+
+int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+{
+ STORE_ATTR_TYPES i;
+
+ if (a == b)
+ return 1;
+ if (!STORE_ATTR_INFO_in(a, b))
+ return 0;
+ for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
+ if (ATTR_IS_SET(a, i)) {
+ switch (i) {
+ case STORE_ATTR_FRIENDLYNAME:
+ case STORE_ATTR_EMAIL:
+ case STORE_ATTR_FILENAME:
+ if (strcmp(a->values[i].cstring, b->values[i].cstring))
+ return 0;
+ break;
+ case STORE_ATTR_KEYID:
+ case STORE_ATTR_ISSUERKEYID:
+ case STORE_ATTR_SUBJECTKEYID:
+ case STORE_ATTR_ISSUERSERIALHASH:
+ case STORE_ATTR_CERTHASH:
+ if (memcmp(a->values[i].sha1string,
+ b->values[i].sha1string, a->value_sizes[i]))
+ return 0;
+ break;
+ case STORE_ATTR_ISSUER:
+ case STORE_ATTR_SUBJECT:
+ if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
+ return 0;
+ break;
+ case STORE_ATTR_SERIAL:
+ if (BN_cmp(a->values[i].number, b->values[i].number))
+ return 0;
+ break;
+ default:
+ break;
+ }
+ }
+
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/store/str_locl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,125 +0,0 @@
-/* crypto/store/str_locl.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_STORE_LOCL_H
-# define HEADER_STORE_LOCL_H
-
-# include <openssl/crypto.h>
-# include <openssl/store.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-struct store_method_st {
- char *name;
- /*
- * All the functions return a positive integer or non-NULL for success
- * and 0, a negative integer or NULL for failure
- */
- /* Initialise the STORE with private data */
- STORE_INITIALISE_FUNC_PTR init;
- /* Initialise the STORE with private data */
- STORE_CLEANUP_FUNC_PTR clean;
- /* Generate an object of a given type */
- STORE_GENERATE_OBJECT_FUNC_PTR generate_object;
- /*
- * Get an object of a given type. This function isn't really very useful
- * since the listing functions (below) can be used for the same purpose
- * and are much more general.
- */
- STORE_GET_OBJECT_FUNC_PTR get_object;
- /* Store an object of a given type. */
- STORE_STORE_OBJECT_FUNC_PTR store_object;
- /* Modify the attributes bound to an object of a given type. */
- STORE_MODIFY_OBJECT_FUNC_PTR modify_object;
- /* Revoke an object of a given type. */
- STORE_HANDLE_OBJECT_FUNC_PTR revoke_object;
- /* Delete an object of a given type. */
- STORE_HANDLE_OBJECT_FUNC_PTR delete_object;
- /*
- * List a bunch of objects of a given type and with the associated
- * attributes.
- */
- STORE_START_OBJECT_FUNC_PTR list_object_start;
- STORE_NEXT_OBJECT_FUNC_PTR list_object_next;
- STORE_END_OBJECT_FUNC_PTR list_object_end;
- STORE_END_OBJECT_FUNC_PTR list_object_endp;
- /* Store-level function to make any necessary update operations. */
- STORE_GENERIC_FUNC_PTR update_store;
- /* Store-level function to get exclusive access to the store. */
- STORE_GENERIC_FUNC_PTR lock_store;
- /* Store-level function to release exclusive access to the store. */
- STORE_GENERIC_FUNC_PTR unlock_store;
- /* Generic control function */
- STORE_CTRL_FUNC_PTR ctrl;
-};
-
-struct store_st {
- const STORE_METHOD *meth;
- /* functional reference if 'meth' is ENGINE-provided */
- ENGINE *engine;
- CRYPTO_EX_DATA ex_data;
- int references;
-};
-#ifdef __cplusplus
-}
-#endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h (from rev 11605, vendor-crypto/openssl/dist/crypto/store/str_locl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,125 @@
+/* crypto/store/str_locl.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_STORE_LOCL_H
+# define HEADER_STORE_LOCL_H
+
+# include <openssl/crypto.h>
+# include <openssl/store.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct store_method_st {
+ char *name;
+ /*
+ * All the functions return a positive integer or non-NULL for success
+ * and 0, a negative integer or NULL for failure
+ */
+ /* Initialise the STORE with private data */
+ STORE_INITIALISE_FUNC_PTR init;
+ /* Initialise the STORE with private data */
+ STORE_CLEANUP_FUNC_PTR clean;
+ /* Generate an object of a given type */
+ STORE_GENERATE_OBJECT_FUNC_PTR generate_object;
+ /*
+ * Get an object of a given type. This function isn't really very useful
+ * since the listing functions (below) can be used for the same purpose
+ * and are much more general.
+ */
+ STORE_GET_OBJECT_FUNC_PTR get_object;
+ /* Store an object of a given type. */
+ STORE_STORE_OBJECT_FUNC_PTR store_object;
+ /* Modify the attributes bound to an object of a given type. */
+ STORE_MODIFY_OBJECT_FUNC_PTR modify_object;
+ /* Revoke an object of a given type. */
+ STORE_HANDLE_OBJECT_FUNC_PTR revoke_object;
+ /* Delete an object of a given type. */
+ STORE_HANDLE_OBJECT_FUNC_PTR delete_object;
+ /*
+ * List a bunch of objects of a given type and with the associated
+ * attributes.
+ */
+ STORE_START_OBJECT_FUNC_PTR list_object_start;
+ STORE_NEXT_OBJECT_FUNC_PTR list_object_next;
+ STORE_END_OBJECT_FUNC_PTR list_object_end;
+ STORE_END_OBJECT_FUNC_PTR list_object_endp;
+ /* Store-level function to make any necessary update operations. */
+ STORE_GENERIC_FUNC_PTR update_store;
+ /* Store-level function to get exclusive access to the store. */
+ STORE_GENERIC_FUNC_PTR lock_store;
+ /* Store-level function to release exclusive access to the store. */
+ STORE_GENERIC_FUNC_PTR unlock_store;
+ /* Generic control function */
+ STORE_CTRL_FUNC_PTR ctrl;
+};
+
+struct store_st {
+ const STORE_METHOD *meth;
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+ CRYPTO_EX_DATA ex_data;
+ int references;
+};
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/store/str_mem.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,383 +0,0 @@
-/* crypto/store/str_mem.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/err.h>
-#include "str_locl.h"
-
-/*
- * The memory store is currently highly experimental. It's meant to become a
- * base store used by other stores for internal caching (for full caching
- * support, aging needs to be added).
- *
- * The database use is meant to support as much attribute association as
- * possible, while providing for as small search ranges as possible. This is
- * currently provided for by sorting the entries by numbers that are composed
- * of bits set at the positions indicated by attribute type codes. This
- * provides for ranges determined by the highest attribute type code value.
- * A better idea might be to sort by values computed from the range of
- * attributes associated with the object (basically, the difference between
- * the highest and lowest attribute type code) and it's distance from a base
- * (basically, the lowest associated attribute type code).
- */
-
-typedef struct mem_object_data_st {
- STORE_OBJECT *object;
- STORE_ATTR_INFO *attr_info;
- int references;
-} MEM_OBJECT_DATA;
-
-DECLARE_STACK_OF(MEM_OBJECT_DATA)
-struct mem_data_st {
- /*
- * sorted with
- * STORE_ATTR_INFO_compare().
- */
- STACK_OF(MEM_OBJECT_DATA) *data;
- /*
- * Currently unused, but can
- * be used to add attributes
- * from parts of the data.
- */
- unsigned int compute_components:1;
-};
-
-DECLARE_STACK_OF(STORE_ATTR_INFO)
-struct mem_ctx_st {
- /* The type we're searching for */
- int type;
- /*
- * Sets of
- * attributes to search for. Each
- * element is a STORE_ATTR_INFO.
- */
- STACK_OF(STORE_ATTR_INFO) *search_attributes;
- /*
- * which of the search attributes we
- * found a match for, -1 when we still
- * haven't found any
- */
- int search_index;
- /* -1 as long as we're searching for the first */
- int index;
-};
-
-static int mem_init(STORE *s);
-static void mem_clean(STORE *s);
-static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-static int mem_store(STORE *s, STORE_OBJECT_TYPES type, STORE_OBJECT *data,
- OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
-static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
-static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-static STORE_OBJECT *mem_list_next(STORE *s, void *handle);
-static int mem_list_end(STORE *s, void *handle);
-static int mem_list_endp(STORE *s, void *handle);
-static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void));
-
-static STORE_METHOD store_memory = {
- "OpenSSL memory store interface",
- mem_init,
- mem_clean,
- mem_generate,
- mem_get,
- mem_store,
- mem_modify,
- NULL, /* revoke */
- mem_delete,
- mem_list_start,
- mem_list_next,
- mem_list_end,
- mem_list_endp,
- NULL, /* update */
- mem_lock,
- mem_unlock,
- mem_ctrl
-};
-
-const STORE_METHOD *STORE_Memory(void)
-{
- return &store_memory;
-}
-
-static int mem_init(STORE *s)
-{
- return 1;
-}
-
-static void mem_clean(STORE *s)
-{
- return;
-}
-
-static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STOREerr(STORE_F_MEM_GENERATE, STORE_R_NOT_IMPLEMENTED);
- return 0;
-}
-
-static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- void *context = mem_list_start(s, type, attributes, parameters);
-
- if (context) {
- STORE_OBJECT *object = mem_list_next(s, context);
-
- if (mem_list_end(s, context))
- return object;
- }
- return NULL;
-}
-
-static int mem_store(STORE *s, STORE_OBJECT_TYPES type,
- STORE_OBJECT *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- STOREerr(STORE_F_MEM_STORE, STORE_R_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[])
-{
- STOREerr(STORE_F_MEM_MODIFY, STORE_R_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
-{
- STOREerr(STORE_F_MEM_DELETE, STORE_R_NOT_IMPLEMENTED);
- return 0;
-}
-
-/*
- * The list functions may be the hardest to understand. Basically,
- * mem_list_start compiles a stack of attribute info elements, and puts that
- * stack into the context to be returned. mem_list_next will then find the
- * first matching element in the store, and then walk all the way to the end
- * of the store (since any combination of attribute bits above the starting
- * point may match the searched for bit pattern...).
- */
-static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- struct mem_ctx_st *context =
- (struct mem_ctx_st *)OPENSSL_malloc(sizeof(struct mem_ctx_st));
- void *attribute_context = NULL;
- STORE_ATTR_INFO *attrs = NULL;
-
- if (!context) {
- STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- memset(context, 0, sizeof(struct mem_ctx_st));
-
- attribute_context = STORE_parse_attrs_start(attributes);
- if (!attribute_context) {
- STOREerr(STORE_F_MEM_LIST_START, ERR_R_STORE_LIB);
- goto err;
- }
-
- while ((attrs = STORE_parse_attrs_next(attribute_context))) {
- if (context->search_attributes == NULL) {
- context->search_attributes =
- sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare);
- if (!context->search_attributes) {
- STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- sk_STORE_ATTR_INFO_push(context->search_attributes, attrs);
- }
- if (!STORE_parse_attrs_endp(attribute_context))
- goto err;
- STORE_parse_attrs_end(attribute_context);
- context->search_index = -1;
- context->index = -1;
- return context;
- err:
- if (attribute_context)
- STORE_parse_attrs_end(attribute_context);
- mem_list_end(s, context);
- return NULL;
-}
-
-static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
-{
- int i;
- struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
- struct mem_object_data_st key = { 0, 0, 1 };
- struct mem_data_st *store = (struct mem_data_st *)STORE_get_ex_data(s, 1);
- int srch;
- int cres = 0;
-
- if (!context) {
- STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if (!store) {
- STOREerr(STORE_F_MEM_LIST_NEXT, STORE_R_NO_STORE);
- return NULL;
- }
-
- if (context->search_index == -1) {
- for (i = 0;
- i < sk_STORE_ATTR_INFO_num(context->search_attributes); i++) {
- key.attr_info
- = sk_STORE_ATTR_INFO_value(context->search_attributes, i);
- srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key);
-
- if (srch >= 0) {
- context->search_index = srch;
- break;
- }
- }
- }
- if (context->search_index < 0)
- return NULL;
-
- key.attr_info =
- sk_STORE_ATTR_INFO_value(context->search_attributes,
- context->search_index);
- for (srch = context->search_index;
- srch < sk_MEM_OBJECT_DATA_num(store->data)
- && STORE_ATTR_INFO_in_range(key.attr_info,
- sk_MEM_OBJECT_DATA_value(store->data,
- srch)->attr_info)
- && !(cres =
- STORE_ATTR_INFO_in_ex(key.attr_info,
- sk_MEM_OBJECT_DATA_value(store->data,
- srch)->attr_info));
- srch++) ;
-
- context->search_index = srch;
- if (cres)
- return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object;
- return NULL;
-}
-
-static int mem_list_end(STORE *s, void *handle)
-{
- struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
-
- if (!context) {
- STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (context && context->search_attributes)
- sk_STORE_ATTR_INFO_free(context->search_attributes);
- if (context)
- OPENSSL_free(context);
- return 1;
-}
-
-static int mem_list_endp(STORE *s, void *handle)
-{
- struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
-
- if (!context
- || context->search_index
- == sk_STORE_ATTR_INFO_num(context->search_attributes))
- return 1;
- return 0;
-}
-
-static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- return 1;
-}
-
-static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[])
-{
- return 1;
-}
-
-static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void))
-{
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c (from rev 11605, vendor-crypto/openssl/dist/crypto/store/str_mem.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_mem.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,383 @@
+/* crypto/store/str_mem.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/err.h>
+#include "str_locl.h"
+
+/*
+ * The memory store is currently highly experimental. It's meant to become a
+ * base store used by other stores for internal caching (for full caching
+ * support, aging needs to be added).
+ *
+ * The database use is meant to support as much attribute association as
+ * possible, while providing for as small search ranges as possible. This is
+ * currently provided for by sorting the entries by numbers that are composed
+ * of bits set at the positions indicated by attribute type codes. This
+ * provides for ranges determined by the highest attribute type code value.
+ * A better idea might be to sort by values computed from the range of
+ * attributes associated with the object (basically, the difference between
+ * the highest and lowest attribute type code) and it's distance from a base
+ * (basically, the lowest associated attribute type code).
+ */
+
+typedef struct mem_object_data_st {
+ STORE_OBJECT *object;
+ STORE_ATTR_INFO *attr_info;
+ int references;
+} MEM_OBJECT_DATA;
+
+DECLARE_STACK_OF(MEM_OBJECT_DATA)
+struct mem_data_st {
+ /*
+ * sorted with
+ * STORE_ATTR_INFO_compare().
+ */
+ STACK_OF(MEM_OBJECT_DATA) *data;
+ /*
+ * Currently unused, but can
+ * be used to add attributes
+ * from parts of the data.
+ */
+ unsigned int compute_components:1;
+};
+
+DECLARE_STACK_OF(STORE_ATTR_INFO)
+struct mem_ctx_st {
+ /* The type we're searching for */
+ int type;
+ /*
+ * Sets of
+ * attributes to search for. Each
+ * element is a STORE_ATTR_INFO.
+ */
+ STACK_OF(STORE_ATTR_INFO) *search_attributes;
+ /*
+ * which of the search attributes we
+ * found a match for, -1 when we still
+ * haven't found any
+ */
+ int search_index;
+ /* -1 as long as we're searching for the first */
+ int index;
+};
+
+static int mem_init(STORE *s);
+static void mem_clean(STORE *s);
+static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+static int mem_store(STORE *s, STORE_OBJECT_TYPES type, STORE_OBJECT *data,
+ OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
+static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
+static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+static STORE_OBJECT *mem_list_next(STORE *s, void *handle);
+static int mem_list_end(STORE *s, void *handle);
+static int mem_list_endp(STORE *s, void *handle);
+static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void));
+
+static STORE_METHOD store_memory = {
+ "OpenSSL memory store interface",
+ mem_init,
+ mem_clean,
+ mem_generate,
+ mem_get,
+ mem_store,
+ mem_modify,
+ NULL, /* revoke */
+ mem_delete,
+ mem_list_start,
+ mem_list_next,
+ mem_list_end,
+ mem_list_endp,
+ NULL, /* update */
+ mem_lock,
+ mem_unlock,
+ mem_ctrl
+};
+
+const STORE_METHOD *STORE_Memory(void)
+{
+ return &store_memory;
+}
+
+static int mem_init(STORE *s)
+{
+ return 1;
+}
+
+static void mem_clean(STORE *s)
+{
+ return;
+}
+
+static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STOREerr(STORE_F_MEM_GENERATE, STORE_R_NOT_IMPLEMENTED);
+ return 0;
+}
+
+static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ void *context = mem_list_start(s, type, attributes, parameters);
+
+ if (context) {
+ STORE_OBJECT *object = mem_list_next(s, context);
+
+ if (mem_list_end(s, context))
+ return object;
+ }
+ return NULL;
+}
+
+static int mem_store(STORE *s, STORE_OBJECT_TYPES type,
+ STORE_OBJECT *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STOREerr(STORE_F_MEM_STORE, STORE_R_NOT_IMPLEMENTED);
+ return 0;
+}
+
+static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ STOREerr(STORE_F_MEM_MODIFY, STORE_R_NOT_IMPLEMENTED);
+ return 0;
+}
+
+static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
+{
+ STOREerr(STORE_F_MEM_DELETE, STORE_R_NOT_IMPLEMENTED);
+ return 0;
+}
+
+/*
+ * The list functions may be the hardest to understand. Basically,
+ * mem_list_start compiles a stack of attribute info elements, and puts that
+ * stack into the context to be returned. mem_list_next will then find the
+ * first matching element in the store, and then walk all the way to the end
+ * of the store (since any combination of attribute bits above the starting
+ * point may match the searched for bit pattern...).
+ */
+static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ struct mem_ctx_st *context =
+ (struct mem_ctx_st *)OPENSSL_malloc(sizeof(struct mem_ctx_st));
+ void *attribute_context = NULL;
+ STORE_ATTR_INFO *attrs = NULL;
+
+ if (!context) {
+ STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ memset(context, 0, sizeof(struct mem_ctx_st));
+
+ attribute_context = STORE_parse_attrs_start(attributes);
+ if (!attribute_context) {
+ STOREerr(STORE_F_MEM_LIST_START, ERR_R_STORE_LIB);
+ goto err;
+ }
+
+ while ((attrs = STORE_parse_attrs_next(attribute_context))) {
+ if (context->search_attributes == NULL) {
+ context->search_attributes =
+ sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare);
+ if (!context->search_attributes) {
+ STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ sk_STORE_ATTR_INFO_push(context->search_attributes, attrs);
+ }
+ if (!STORE_parse_attrs_endp(attribute_context))
+ goto err;
+ STORE_parse_attrs_end(attribute_context);
+ context->search_index = -1;
+ context->index = -1;
+ return context;
+ err:
+ if (attribute_context)
+ STORE_parse_attrs_end(attribute_context);
+ mem_list_end(s, context);
+ return NULL;
+}
+
+static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
+{
+ int i;
+ struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
+ struct mem_object_data_st key = { 0, 0, 1 };
+ struct mem_data_st *store = (struct mem_data_st *)STORE_get_ex_data(s, 1);
+ int srch;
+ int cres = 0;
+
+ if (!context) {
+ STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ if (!store) {
+ STOREerr(STORE_F_MEM_LIST_NEXT, STORE_R_NO_STORE);
+ return NULL;
+ }
+
+ if (context->search_index == -1) {
+ for (i = 0;
+ i < sk_STORE_ATTR_INFO_num(context->search_attributes); i++) {
+ key.attr_info
+ = sk_STORE_ATTR_INFO_value(context->search_attributes, i);
+ srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key);
+
+ if (srch >= 0) {
+ context->search_index = srch;
+ break;
+ }
+ }
+ }
+ if (context->search_index < 0)
+ return NULL;
+
+ key.attr_info =
+ sk_STORE_ATTR_INFO_value(context->search_attributes,
+ context->search_index);
+ for (srch = context->search_index;
+ srch < sk_MEM_OBJECT_DATA_num(store->data)
+ && STORE_ATTR_INFO_in_range(key.attr_info,
+ sk_MEM_OBJECT_DATA_value(store->data,
+ srch)->attr_info)
+ && !(cres =
+ STORE_ATTR_INFO_in_ex(key.attr_info,
+ sk_MEM_OBJECT_DATA_value(store->data,
+ srch)->attr_info));
+ srch++) ;
+
+ context->search_index = srch;
+ if (cres)
+ return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object;
+ return NULL;
+}
+
+static int mem_list_end(STORE *s, void *handle)
+{
+ struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
+
+ if (!context) {
+ STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (context && context->search_attributes)
+ sk_STORE_ATTR_INFO_free(context->search_attributes);
+ if (context)
+ OPENSSL_free(context);
+ return 1;
+}
+
+static int mem_list_endp(STORE *s, void *handle)
+{
+ struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
+
+ if (!context
+ || context->search_index
+ == sk_STORE_ATTR_INFO_num(context->search_attributes))
+ return 1;
+ return 0;
+}
+
+static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ return 1;
+}
+
+static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[])
+{
+ return 1;
+}
+
+static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void))
+{
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/store/str_meth.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,280 +0,0 @@
-/* crypto/store/str_meth.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/buffer.h>
-#include "str_locl.h"
-
-STORE_METHOD *STORE_create_method(char *name)
-{
- STORE_METHOD *store_method =
- (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD));
-
- if (store_method) {
- memset(store_method, 0, sizeof(*store_method));
- store_method->name = BUF_strdup(name);
- }
- return store_method;
-}
-
-/*
- * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
- * (that is, it hasn't been allocated using STORE_create_method(), you
- * deserve anything Murphy can throw at you and more! You have been warned.
- */
-void STORE_destroy_method(STORE_METHOD *store_method)
-{
- if (!store_method)
- return;
- OPENSSL_free(store_method->name);
- store_method->name = NULL;
- OPENSSL_free(store_method);
-}
-
-int STORE_method_set_initialise_function(STORE_METHOD *sm,
- STORE_INITIALISE_FUNC_PTR init_f)
-{
- sm->init = init_f;
- return 1;
-}
-
-int STORE_method_set_cleanup_function(STORE_METHOD *sm,
- STORE_CLEANUP_FUNC_PTR clean_f)
-{
- sm->clean = clean_f;
- return 1;
-}
-
-int STORE_method_set_generate_function(STORE_METHOD *sm,
- STORE_GENERATE_OBJECT_FUNC_PTR
- generate_f)
-{
- sm->generate_object = generate_f;
- return 1;
-}
-
-int STORE_method_set_get_function(STORE_METHOD *sm,
- STORE_GET_OBJECT_FUNC_PTR get_f)
-{
- sm->get_object = get_f;
- return 1;
-}
-
-int STORE_method_set_store_function(STORE_METHOD *sm,
- STORE_STORE_OBJECT_FUNC_PTR store_f)
-{
- sm->store_object = store_f;
- return 1;
-}
-
-int STORE_method_set_modify_function(STORE_METHOD *sm,
- STORE_MODIFY_OBJECT_FUNC_PTR modify_f)
-{
- sm->modify_object = modify_f;
- return 1;
-}
-
-int STORE_method_set_revoke_function(STORE_METHOD *sm,
- STORE_HANDLE_OBJECT_FUNC_PTR revoke_f)
-{
- sm->revoke_object = revoke_f;
- return 1;
-}
-
-int STORE_method_set_delete_function(STORE_METHOD *sm,
- STORE_HANDLE_OBJECT_FUNC_PTR delete_f)
-{
- sm->delete_object = delete_f;
- return 1;
-}
-
-int STORE_method_set_list_start_function(STORE_METHOD *sm,
- STORE_START_OBJECT_FUNC_PTR
- list_start_f)
-{
- sm->list_object_start = list_start_f;
- return 1;
-}
-
-int STORE_method_set_list_next_function(STORE_METHOD *sm,
- STORE_NEXT_OBJECT_FUNC_PTR
- list_next_f)
-{
- sm->list_object_next = list_next_f;
- return 1;
-}
-
-int STORE_method_set_list_end_function(STORE_METHOD *sm,
- STORE_END_OBJECT_FUNC_PTR list_end_f)
-{
- sm->list_object_end = list_end_f;
- return 1;
-}
-
-int STORE_method_set_update_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR update_f)
-{
- sm->update_store = update_f;
- return 1;
-}
-
-int STORE_method_set_lock_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR lock_f)
-{
- sm->lock_store = lock_f;
- return 1;
-}
-
-int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR unlock_f)
-{
- sm->unlock_store = unlock_f;
- return 1;
-}
-
-int STORE_method_set_ctrl_function(STORE_METHOD *sm,
- STORE_CTRL_FUNC_PTR ctrl_f)
-{
- sm->ctrl = ctrl_f;
- return 1;
-}
-
-STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
- *sm)
-{
- return sm->init;
-}
-
-STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm)
-{
- return sm->clean;
-}
-
-STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
- *sm)
-{
- return sm->generate_object;
-}
-
-STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm)
-{
- return sm->get_object;
-}
-
-STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm)
-{
- return sm->store_object;
-}
-
-STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
- *sm)
-{
- return sm->modify_object;
-}
-
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
- *sm)
-{
- return sm->revoke_object;
-}
-
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
- *sm)
-{
- return sm->delete_object;
-}
-
-STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
- *sm)
-{
- return sm->list_object_start;
-}
-
-STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
- *sm)
-{
- return sm->list_object_next;
-}
-
-STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm)
-{
- return sm->list_object_end;
-}
-
-STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
- *sm)
-{
- return sm->update_store;
-}
-
-STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm)
-{
- return sm->lock_store;
-}
-
-STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
- *sm)
-{
- return sm->unlock_store;
-}
-
-STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm)
-{
- return sm->ctrl;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c (from rev 11605, vendor-crypto/openssl/dist/crypto/store/str_meth.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/store/str_meth.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,280 @@
+/* crypto/store/str_meth.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/buffer.h>
+#include "str_locl.h"
+
+STORE_METHOD *STORE_create_method(char *name)
+{
+ STORE_METHOD *store_method =
+ (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD));
+
+ if (store_method) {
+ memset(store_method, 0, sizeof(*store_method));
+ store_method->name = BUF_strdup(name);
+ }
+ return store_method;
+}
+
+/*
+ * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
+ * (that is, it hasn't been allocated using STORE_create_method(), you
+ * deserve anything Murphy can throw at you and more! You have been warned.
+ */
+void STORE_destroy_method(STORE_METHOD *store_method)
+{
+ if (!store_method)
+ return;
+ OPENSSL_free(store_method->name);
+ store_method->name = NULL;
+ OPENSSL_free(store_method);
+}
+
+int STORE_method_set_initialise_function(STORE_METHOD *sm,
+ STORE_INITIALISE_FUNC_PTR init_f)
+{
+ sm->init = init_f;
+ return 1;
+}
+
+int STORE_method_set_cleanup_function(STORE_METHOD *sm,
+ STORE_CLEANUP_FUNC_PTR clean_f)
+{
+ sm->clean = clean_f;
+ return 1;
+}
+
+int STORE_method_set_generate_function(STORE_METHOD *sm,
+ STORE_GENERATE_OBJECT_FUNC_PTR
+ generate_f)
+{
+ sm->generate_object = generate_f;
+ return 1;
+}
+
+int STORE_method_set_get_function(STORE_METHOD *sm,
+ STORE_GET_OBJECT_FUNC_PTR get_f)
+{
+ sm->get_object = get_f;
+ return 1;
+}
+
+int STORE_method_set_store_function(STORE_METHOD *sm,
+ STORE_STORE_OBJECT_FUNC_PTR store_f)
+{
+ sm->store_object = store_f;
+ return 1;
+}
+
+int STORE_method_set_modify_function(STORE_METHOD *sm,
+ STORE_MODIFY_OBJECT_FUNC_PTR modify_f)
+{
+ sm->modify_object = modify_f;
+ return 1;
+}
+
+int STORE_method_set_revoke_function(STORE_METHOD *sm,
+ STORE_HANDLE_OBJECT_FUNC_PTR revoke_f)
+{
+ sm->revoke_object = revoke_f;
+ return 1;
+}
+
+int STORE_method_set_delete_function(STORE_METHOD *sm,
+ STORE_HANDLE_OBJECT_FUNC_PTR delete_f)
+{
+ sm->delete_object = delete_f;
+ return 1;
+}
+
+int STORE_method_set_list_start_function(STORE_METHOD *sm,
+ STORE_START_OBJECT_FUNC_PTR
+ list_start_f)
+{
+ sm->list_object_start = list_start_f;
+ return 1;
+}
+
+int STORE_method_set_list_next_function(STORE_METHOD *sm,
+ STORE_NEXT_OBJECT_FUNC_PTR
+ list_next_f)
+{
+ sm->list_object_next = list_next_f;
+ return 1;
+}
+
+int STORE_method_set_list_end_function(STORE_METHOD *sm,
+ STORE_END_OBJECT_FUNC_PTR list_end_f)
+{
+ sm->list_object_end = list_end_f;
+ return 1;
+}
+
+int STORE_method_set_update_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR update_f)
+{
+ sm->update_store = update_f;
+ return 1;
+}
+
+int STORE_method_set_lock_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR lock_f)
+{
+ sm->lock_store = lock_f;
+ return 1;
+}
+
+int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR unlock_f)
+{
+ sm->unlock_store = unlock_f;
+ return 1;
+}
+
+int STORE_method_set_ctrl_function(STORE_METHOD *sm,
+ STORE_CTRL_FUNC_PTR ctrl_f)
+{
+ sm->ctrl = ctrl_f;
+ return 1;
+}
+
+STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
+ *sm)
+{
+ return sm->init;
+}
+
+STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm)
+{
+ return sm->clean;
+}
+
+STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
+ *sm)
+{
+ return sm->generate_object;
+}
+
+STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm)
+{
+ return sm->get_object;
+}
+
+STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm)
+{
+ return sm->store_object;
+}
+
+STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
+ *sm)
+{
+ return sm->modify_object;
+}
+
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
+ *sm)
+{
+ return sm->revoke_object;
+}
+
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
+ *sm)
+{
+ return sm->delete_object;
+}
+
+STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
+ *sm)
+{
+ return sm->list_object_start;
+}
+
+STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
+ *sm)
+{
+ return sm->list_object_next;
+}
+
+STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm)
+{
+ return sm->list_object_end;
+}
+
+STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
+ *sm)
+{
+ return sm->update_store;
+}
+
+STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm)
+{
+ return sm->lock_store;
+}
+
+STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
+ *sm)
+{
+ return sm->unlock_store;
+}
+
+STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm)
+{
+ return sm->ctrl;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ts/ts_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,143 +0,0 @@
-/* crypto/ts/ts_lib.c */
-/*
- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-#include <openssl/x509v3.h>
-#include "ts.h"
-
-/* Local function declarations. */
-
-/* Function definitions. */
-
-int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
-{
- BIGNUM num_bn;
- int result = 0;
- char *hex;
-
- BN_init(&num_bn);
- ASN1_INTEGER_to_BN(num, &num_bn);
- if ((hex = BN_bn2hex(&num_bn))) {
- result = BIO_write(bio, "0x", 2) > 0;
- result = result && BIO_write(bio, hex, strlen(hex)) > 0;
- OPENSSL_free(hex);
- }
- BN_free(&num_bn);
-
- return result;
-}
-
-int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj)
-{
- char obj_txt[128];
-
- int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
- BIO_write(bio, obj_txt, len);
- BIO_write(bio, "\n", 1);
-
- return 1;
-}
-
-int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions)
-{
- int i, critical, n;
- X509_EXTENSION *ex;
- ASN1_OBJECT *obj;
-
- BIO_printf(bio, "Extensions:\n");
- n = X509v3_get_ext_count(extensions);
- for (i = 0; i < n; i++) {
- ex = X509v3_get_ext(extensions, i);
- obj = X509_EXTENSION_get_object(ex);
- i2a_ASN1_OBJECT(bio, obj);
- critical = X509_EXTENSION_get_critical(ex);
- BIO_printf(bio, ": %s\n", critical ? "critical" : "");
- if (!X509V3_EXT_print(bio, ex, 0, 4)) {
- BIO_printf(bio, "%4s", "");
- M_ASN1_OCTET_STRING_print(bio, ex->value);
- }
- BIO_write(bio, "\n", 1);
- }
-
- return 1;
-}
-
-int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg)
-{
- int i = OBJ_obj2nid(alg->algorithm);
- return BIO_printf(bio, "Hash Algorithm: %s\n",
- (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-}
-
-int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
-{
- const ASN1_OCTET_STRING *msg;
-
- TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a));
-
- BIO_printf(bio, "Message data:\n");
- msg = TS_MSG_IMPRINT_get_msg(a);
- BIO_dump_indent(bio, (const char *)M_ASN1_STRING_data(msg),
- M_ASN1_STRING_length(msg), 4);
-
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ts/ts_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ts/ts_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,142 @@
+/* crypto/ts/ts_lib.c */
+/*
+ * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include "ts.h"
+
+/* Local function declarations. */
+
+/* Function definitions. */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
+{
+ BIGNUM num_bn;
+ int result = 0;
+ char *hex;
+
+ BN_init(&num_bn);
+ ASN1_INTEGER_to_BN(num, &num_bn);
+ if ((hex = BN_bn2hex(&num_bn))) {
+ result = BIO_write(bio, "0x", 2) > 0;
+ result = result && BIO_write(bio, hex, strlen(hex)) > 0;
+ OPENSSL_free(hex);
+ }
+ BN_free(&num_bn);
+
+ return result;
+}
+
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj)
+{
+ char obj_txt[128];
+
+ OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
+ BIO_printf(bio, "%s\n", obj_txt);
+
+ return 1;
+}
+
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions)
+{
+ int i, critical, n;
+ X509_EXTENSION *ex;
+ ASN1_OBJECT *obj;
+
+ BIO_printf(bio, "Extensions:\n");
+ n = X509v3_get_ext_count(extensions);
+ for (i = 0; i < n; i++) {
+ ex = X509v3_get_ext(extensions, i);
+ obj = X509_EXTENSION_get_object(ex);
+ i2a_ASN1_OBJECT(bio, obj);
+ critical = X509_EXTENSION_get_critical(ex);
+ BIO_printf(bio, ": %s\n", critical ? "critical" : "");
+ if (!X509V3_EXT_print(bio, ex, 0, 4)) {
+ BIO_printf(bio, "%4s", "");
+ M_ASN1_OCTET_STRING_print(bio, ex->value);
+ }
+ BIO_write(bio, "\n", 1);
+ }
+
+ return 1;
+}
+
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg)
+{
+ int i = OBJ_obj2nid(alg->algorithm);
+ return BIO_printf(bio, "Hash Algorithm: %s\n",
+ (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
+}
+
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
+{
+ const ASN1_OCTET_STRING *msg;
+
+ TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a));
+
+ BIO_printf(bio, "Message data:\n");
+ msg = TS_MSG_IMPRINT_get_msg(a);
+ BIO_dump_indent(bio, (const char *)M_ASN1_STRING_data(msg),
+ M_ASN1_STRING_length(msg), 4);
+
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ts/ts_rsp_verify.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,736 +0,0 @@
-/* crypto/ts/ts_resp_verify.c */
-/*
- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/pkcs7.h>
-
-/* Private function declarations. */
-
-static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
- X509 *signer, STACK_OF(X509) **chain);
-static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
- STACK_OF(X509) *chain);
-static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si);
-static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
-static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo);
-static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
- PKCS7 *token, TS_TST_INFO *tst_info);
-static int TS_check_status_info(TS_RESP *response);
-static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
-static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
-static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
- X509_ALGOR **md_alg,
- unsigned char **imprint, unsigned *imprint_len);
-static int TS_check_imprints(X509_ALGOR *algor_a,
- unsigned char *imprint_a, unsigned len_a,
- TS_TST_INFO *tst_info);
-static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
-static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
-static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names,
- GENERAL_NAME *name);
-
-/*
- * Local mapping between response codes and descriptions.
- * Don't forget to change TS_STATUS_BUF_SIZE when modifying
- * the elements of this array.
- */
-static const char *TS_status_text[] = { "granted",
- "grantedWithMods",
- "rejection",
- "waiting",
- "revocationWarning",
- "revocationNotification"
-};
-
-#define TS_STATUS_TEXT_SIZE (sizeof(TS_status_text)/sizeof(*TS_status_text))
-
-/*
- * This must be greater or equal to the sum of the strings in TS_status_text
- * plus the number of its elements.
- */
-#define TS_STATUS_BUF_SIZE 256
-
-static struct {
- int code;
- const char *text;
-} TS_failure_info[] = {
- {
- TS_INFO_BAD_ALG, "badAlg"
- },
- {
- TS_INFO_BAD_REQUEST, "badRequest"
- },
- {
- TS_INFO_BAD_DATA_FORMAT, "badDataFormat"
- },
- {
- TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable"
- },
- {
- TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy"
- },
- {
- TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension"
- },
- {
- TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable"
- },
- {
- TS_INFO_SYSTEM_FAILURE, "systemFailure"
- }
-};
-
-#define TS_FAILURE_INFO_SIZE (sizeof(TS_failure_info) / \
- sizeof(*TS_failure_info))
-
-/* Functions for verifying a signed TS_TST_INFO structure. */
-
-/*-
- * This function carries out the following tasks:
- * - Checks if there is one and only one signer.
- * - Search for the signing certificate in 'certs' and in the response.
- * - Check the extended key usage and key usage fields of the signer
- * certificate (done by the path validation).
- * - Build and validate the certificate path.
- * - Check if the certificate path meets the requirements of the
- * SigningCertificate ESS signed attribute.
- * - Verify the signature value.
- * - Returns the signer certificate in 'signer', if 'signer' is not NULL.
- */
-int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
- X509_STORE *store, X509 **signer_out)
-{
- STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
- PKCS7_SIGNER_INFO *si;
- STACK_OF(X509) *signers = NULL;
- X509 *signer;
- STACK_OF(X509) *chain = NULL;
- char buf[4096];
- int i, j = 0, ret = 0;
- BIO *p7bio = NULL;
-
- /* Some sanity checks first. */
- if (!token) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
- goto err;
- }
-
- /* Check for the correct content type */
- if (!PKCS7_type_is_signed(token)) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
- goto err;
- }
-
- /* Check if there is one and only one signer. */
- sinfos = PKCS7_get_signer_info(token);
- if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_THERE_MUST_BE_ONE_SIGNER);
- goto err;
- }
- si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
-
- /* Check for no content: no data to verify signature. */
- if (PKCS7_get_detached(token)) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
- goto err;
- }
-
- /*
- * Get hold of the signer certificate, search only internal certificates
- * if it was requested.
- */
- signers = PKCS7_get0_signers(token, certs, 0);
- if (!signers || sk_X509_num(signers) != 1)
- goto err;
- signer = sk_X509_value(signers, 0);
-
- /* Now verify the certificate. */
- if (!TS_verify_cert(store, certs, signer, &chain))
- goto err;
-
- /*
- * Check if the signer certificate is consistent with the ESS extension.
- */
- if (!TS_check_signing_certs(si, chain))
- goto err;
-
- /* Creating the message digest. */
- p7bio = PKCS7_dataInit(token, NULL);
-
- /* We now have to 'read' from p7bio to calculate digests etc. */
- while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0) ;
-
- /* Verifying the signature. */
- j = PKCS7_signatureVerify(p7bio, token, si, signer);
- if (j <= 0) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
- goto err;
- }
-
- /* Return the signer certificate if needed. */
- if (signer_out) {
- *signer_out = signer;
- CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
- }
-
- ret = 1;
-
- err:
- BIO_free_all(p7bio);
- sk_X509_pop_free(chain, X509_free);
- sk_X509_free(signers);
-
- return ret;
-}
-
-/*
- * The certificate chain is returned in chain. Caller is responsible for
- * freeing the vector.
- */
-static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
- X509 *signer, STACK_OF(X509) **chain)
-{
- X509_STORE_CTX cert_ctx;
- int i;
- int ret = 1;
-
- /* chain is an out argument. */
- *chain = NULL;
- X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
- X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
- i = X509_verify_cert(&cert_ctx);
- if (i <= 0) {
- int j = X509_STORE_CTX_get_error(&cert_ctx);
- TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
- ERR_add_error_data(2, "Verify error:",
- X509_verify_cert_error_string(j));
- ret = 0;
- } else {
- /* Get a copy of the certificate chain. */
- *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
- }
-
- X509_STORE_CTX_cleanup(&cert_ctx);
-
- return ret;
-}
-
-static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
- STACK_OF(X509) *chain)
-{
- ESS_SIGNING_CERT *ss = ESS_get_signing_cert(si);
- STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
- X509 *cert;
- int i = 0;
- int ret = 0;
-
- if (!ss)
- goto err;
- cert_ids = ss->cert_ids;
- /* The signer certificate must be the first in cert_ids. */
- cert = sk_X509_value(chain, 0);
- if (TS_find_cert(cert_ids, cert) != 0)
- goto err;
-
- /*
- * Check the other certificates of the chain if there are more than one
- * certificate ids in cert_ids.
- */
- if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
- /* All the certificates of the chain must be in cert_ids. */
- for (i = 1; i < sk_X509_num(chain); ++i) {
- cert = sk_X509_value(chain, i);
- if (TS_find_cert(cert_ids, cert) < 0)
- goto err;
- }
- }
- ret = 1;
- err:
- if (!ret)
- TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
- TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
- ESS_SIGNING_CERT_free(ss);
- return ret;
-}
-
-static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
-{
- ASN1_TYPE *attr;
- const unsigned char *p;
- attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificate);
- if (!attr)
- return NULL;
- p = attr->value.sequence->data;
- return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
-}
-
-/* Returns < 0 if certificate is not found, certificate index otherwise. */
-static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
-{
- int i;
-
- if (!cert_ids || !cert)
- return -1;
-
- /* Recompute SHA1 hash of certificate if necessary (side effect). */
- X509_check_purpose(cert, -1, 0);
-
- /* Look for cert in the cert_ids vector. */
- for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
- ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
-
- /* Check the SHA-1 hash first. */
- if (cid->hash->length == sizeof(cert->sha1_hash)
- && !memcmp(cid->hash->data, cert->sha1_hash,
- sizeof(cert->sha1_hash))) {
- /* Check the issuer/serial as well if specified. */
- ESS_ISSUER_SERIAL *is = cid->issuer_serial;
- if (!is || !TS_issuer_serial_cmp(is, cert->cert_info))
- return i;
- }
- }
-
- return -1;
-}
-
-static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
-{
- GENERAL_NAME *issuer;
-
- if (!is || !cinfo || sk_GENERAL_NAME_num(is->issuer) != 1)
- return -1;
-
- /* Check the issuer first. It must be a directory name. */
- issuer = sk_GENERAL_NAME_value(is->issuer, 0);
- if (issuer->type != GEN_DIRNAME
- || X509_NAME_cmp(issuer->d.dirn, cinfo->issuer))
- return -1;
-
- /* Check the serial number, too. */
- if (ASN1_INTEGER_cmp(is->serial, cinfo->serialNumber))
- return -1;
-
- return 0;
-}
-
-/*-
- * Verifies whether 'response' contains a valid response with regards
- * to the settings of the context:
- * - Gives an error message if the TS_TST_INFO is not present.
- * - Calls _TS_RESP_verify_token to verify the token content.
- */
-int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
-{
- PKCS7 *token = TS_RESP_get_token(response);
- TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
- int ret = 0;
-
- /* Check if we have a successful TS_TST_INFO object in place. */
- if (!TS_check_status_info(response))
- goto err;
-
- /* Check the contents of the time stamp token. */
- if (!int_TS_RESP_verify_token(ctx, token, tst_info))
- goto err;
-
- ret = 1;
- err:
- return ret;
-}
-
-/*
- * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
- * calls the internal int_TS_RESP_verify_token function for verifying it.
- */
-int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
-{
- TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
- int ret = 0;
- if (tst_info) {
- ret = int_TS_RESP_verify_token(ctx, token, tst_info);
- TS_TST_INFO_free(tst_info);
- }
- return ret;
-}
-
-/*-
- * Verifies whether the 'token' contains a valid time stamp token
- * with regards to the settings of the context. Only those checks are
- * carried out that are specified in the context:
- * - Verifies the signature of the TS_TST_INFO.
- * - Checks the version number of the response.
- * - Check if the requested and returned policies math.
- * - Check if the message imprints are the same.
- * - Check if the nonces are the same.
- * - Check if the TSA name matches the signer.
- * - Check if the TSA name is the expected TSA.
- */
-static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
- PKCS7 *token, TS_TST_INFO *tst_info)
-{
- X509 *signer = NULL;
- GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info);
- X509_ALGOR *md_alg = NULL;
- unsigned char *imprint = NULL;
- unsigned imprint_len = 0;
- int ret = 0;
-
- /* Verify the signature. */
- if ((ctx->flags & TS_VFY_SIGNATURE)
- && !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer))
- goto err;
-
- /* Check version number of response. */
- if ((ctx->flags & TS_VFY_VERSION)
- && TS_TST_INFO_get_version(tst_info) != 1) {
- TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
- goto err;
- }
-
- /* Check policies. */
- if ((ctx->flags & TS_VFY_POLICY)
- && !TS_check_policy(ctx->policy, tst_info))
- goto err;
-
- /* Check message imprints. */
- if ((ctx->flags & TS_VFY_IMPRINT)
- && !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
- tst_info))
- goto err;
-
- /* Compute and check message imprints. */
- if ((ctx->flags & TS_VFY_DATA)
- && (!TS_compute_imprint(ctx->data, tst_info,
- &md_alg, &imprint, &imprint_len)
- || !TS_check_imprints(md_alg, imprint, imprint_len, tst_info)))
- goto err;
-
- /* Check nonces. */
- if ((ctx->flags & TS_VFY_NONCE)
- && !TS_check_nonces(ctx->nonce, tst_info))
- goto err;
-
- /* Check whether TSA name and signer certificate match. */
- if ((ctx->flags & TS_VFY_SIGNER)
- && tsa_name && !TS_check_signer_name(tsa_name, signer)) {
- TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
- goto err;
- }
-
- /* Check whether the TSA is the expected one. */
- if ((ctx->flags & TS_VFY_TSA_NAME)
- && !TS_check_signer_name(ctx->tsa_name, signer)) {
- TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
- goto err;
- }
-
- ret = 1;
- err:
- X509_free(signer);
- X509_ALGOR_free(md_alg);
- OPENSSL_free(imprint);
- return ret;
-}
-
-static int TS_check_status_info(TS_RESP *response)
-{
- TS_STATUS_INFO *info = TS_RESP_get_status_info(response);
- long status = ASN1_INTEGER_get(info->status);
- const char *status_text = NULL;
- char *embedded_status_text = NULL;
- char failure_text[TS_STATUS_BUF_SIZE] = "";
-
- /* Check if everything went fine. */
- if (status == 0 || status == 1)
- return 1;
-
- /* There was an error, get the description in status_text. */
- if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
- status_text = TS_status_text[status];
- else
- status_text = "unknown code";
-
- /* Set the embedded_status_text to the returned description. */
- if (sk_ASN1_UTF8STRING_num(info->text) > 0
- && !(embedded_status_text = TS_get_status_text(info->text)))
- return 0;
-
- /* Filling in failure_text with the failure information. */
- if (info->failure_info) {
- int i;
- int first = 1;
- for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i) {
- if (ASN1_BIT_STRING_get_bit(info->failure_info,
- TS_failure_info[i].code)) {
- if (!first)
- strcat(failure_text, ",");
- else
- first = 0;
- strcat(failure_text, TS_failure_info[i].text);
- }
- }
- }
- if (failure_text[0] == '\0')
- strcpy(failure_text, "unspecified");
-
- /* Making up the error string. */
- TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
- ERR_add_error_data(6,
- "status code: ", status_text,
- ", status text: ", embedded_status_text ?
- embedded_status_text : "unspecified",
- ", failure codes: ", failure_text);
- OPENSSL_free(embedded_status_text);
-
- return 0;
-}
-
-static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
-{
- int i;
- unsigned int length = 0;
- char *result = NULL;
- char *p;
-
- /* Determine length first. */
- for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
- ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
- length += ASN1_STRING_length(current);
- length += 1; /* separator character */
- }
- /* Allocate memory (closing '\0' included). */
- if (!(result = OPENSSL_malloc(length))) {
- TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- /* Concatenate the descriptions. */
- for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i) {
- ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
- length = ASN1_STRING_length(current);
- if (i > 0)
- *p++ = '/';
- strncpy(p, (const char *)ASN1_STRING_data(current), length);
- p += length;
- }
- /* We do have space for this, too. */
- *p = '\0';
-
- return result;
-}
-
-static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
-{
- ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info);
-
- if (OBJ_cmp(req_oid, resp_oid) != 0) {
- TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
- return 0;
- }
-
- return 1;
-}
-
-static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
- X509_ALGOR **md_alg,
- unsigned char **imprint, unsigned *imprint_len)
-{
- TS_MSG_IMPRINT *msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info);
- X509_ALGOR *md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint);
- const EVP_MD *md;
- EVP_MD_CTX md_ctx;
- unsigned char buffer[4096];
- int length;
-
- *md_alg = NULL;
- *imprint = NULL;
-
- /* Return the MD algorithm of the response. */
- if (!(*md_alg = X509_ALGOR_dup(md_alg_resp)))
- goto err;
-
- /* Getting the MD object. */
- if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm))) {
- TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
- goto err;
- }
-
- /* Compute message digest. */
- length = EVP_MD_size(md);
- if (length < 0)
- goto err;
- *imprint_len = length;
- if (!(*imprint = OPENSSL_malloc(*imprint_len))) {
- TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!EVP_DigestInit(&md_ctx, md))
- goto err;
- while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
- if (!EVP_DigestUpdate(&md_ctx, buffer, length))
- goto err;
- }
- if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
- goto err;
-
- return 1;
- err:
- X509_ALGOR_free(*md_alg);
- OPENSSL_free(*imprint);
- *imprint_len = 0;
- *imprint = NULL;
- return 0;
-}
-
-static int TS_check_imprints(X509_ALGOR *algor_a,
- unsigned char *imprint_a, unsigned len_a,
- TS_TST_INFO *tst_info)
-{
- TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info);
- X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b);
- int ret = 0;
-
- /* algor_a is optional. */
- if (algor_a) {
- /* Compare algorithm OIDs. */
- if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm))
- goto err;
-
- /* The parameter must be NULL in both. */
- if ((algor_a->parameter
- && ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL)
- || (algor_b->parameter
- && ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
- goto err;
- }
-
- /* Compare octet strings. */
- ret = len_a == (unsigned)ASN1_STRING_length(b->hashed_msg) &&
- memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
- err:
- if (!ret)
- TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
- return ret;
-}
-
-static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
-{
- const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info);
-
- /* Error if nonce is missing. */
- if (!b) {
- TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
- return 0;
- }
-
- /* No error if a nonce is returned without being requested. */
- if (ASN1_INTEGER_cmp(a, b) != 0) {
- TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
- return 0;
- }
-
- return 1;
-}
-
-/*
- * Check if the specified TSA name matches either the subject or one of the
- * subject alternative names of the TSA certificate.
- */
-static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
-{
- STACK_OF(GENERAL_NAME) *gen_names = NULL;
- int idx = -1;
- int found = 0;
-
- /* Check the subject name first. */
- if (tsa_name->type == GEN_DIRNAME
- && X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
- return 1;
-
- /* Check all the alternative names. */
- gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
- while (gen_names != NULL
- && !(found = TS_find_name(gen_names, tsa_name) >= 0)) {
- /*
- * Get the next subject alternative name, although there should be no
- * more than one.
- */
- GENERAL_NAMES_free(gen_names);
- gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
- NULL, &idx);
- }
- if (gen_names)
- GENERAL_NAMES_free(gen_names);
-
- return found;
-}
-
-/* Returns 1 if name is in gen_names, 0 otherwise. */
-static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
-{
- int i, found;
- for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names); ++i) {
- GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
- found = GENERAL_NAME_cmp(current, name) == 0;
- }
- return found ? i - 1 : -1;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ts/ts_rsp_verify.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ts/ts_rsp_verify.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,737 @@
+/* crypto/ts/ts_resp_verify.c */
+/*
+ * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Private function declarations. */
+
+static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
+ X509 *signer, STACK_OF(X509) **chain);
+static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
+ STACK_OF(X509) *chain);
+static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si);
+static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
+static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo);
+static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
+ PKCS7 *token, TS_TST_INFO *tst_info);
+static int TS_check_status_info(TS_RESP *response);
+static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
+static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
+static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
+ X509_ALGOR **md_alg,
+ unsigned char **imprint, unsigned *imprint_len);
+static int TS_check_imprints(X509_ALGOR *algor_a,
+ unsigned char *imprint_a, unsigned len_a,
+ TS_TST_INFO *tst_info);
+static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
+static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
+static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names,
+ GENERAL_NAME *name);
+
+/*
+ * Local mapping between response codes and descriptions.
+ * Don't forget to change TS_STATUS_BUF_SIZE when modifying
+ * the elements of this array.
+ */
+static const char *TS_status_text[] = { "granted",
+ "grantedWithMods",
+ "rejection",
+ "waiting",
+ "revocationWarning",
+ "revocationNotification"
+};
+
+#define TS_STATUS_TEXT_SIZE (sizeof(TS_status_text)/sizeof(*TS_status_text))
+
+/*
+ * This must be greater or equal to the sum of the strings in TS_status_text
+ * plus the number of its elements.
+ */
+#define TS_STATUS_BUF_SIZE 256
+
+static struct {
+ int code;
+ const char *text;
+} TS_failure_info[] = {
+ {
+ TS_INFO_BAD_ALG, "badAlg"
+ },
+ {
+ TS_INFO_BAD_REQUEST, "badRequest"
+ },
+ {
+ TS_INFO_BAD_DATA_FORMAT, "badDataFormat"
+ },
+ {
+ TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable"
+ },
+ {
+ TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy"
+ },
+ {
+ TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension"
+ },
+ {
+ TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable"
+ },
+ {
+ TS_INFO_SYSTEM_FAILURE, "systemFailure"
+ }
+};
+
+#define TS_FAILURE_INFO_SIZE (sizeof(TS_failure_info) / \
+ sizeof(*TS_failure_info))
+
+/* Functions for verifying a signed TS_TST_INFO structure. */
+
+/*-
+ * This function carries out the following tasks:
+ * - Checks if there is one and only one signer.
+ * - Search for the signing certificate in 'certs' and in the response.
+ * - Check the extended key usage and key usage fields of the signer
+ * certificate (done by the path validation).
+ * - Build and validate the certificate path.
+ * - Check if the certificate path meets the requirements of the
+ * SigningCertificate ESS signed attribute.
+ * - Verify the signature value.
+ * - Returns the signer certificate in 'signer', if 'signer' is not NULL.
+ */
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+ X509_STORE *store, X509 **signer_out)
+{
+ STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
+ PKCS7_SIGNER_INFO *si;
+ STACK_OF(X509) *signers = NULL;
+ X509 *signer;
+ STACK_OF(X509) *chain = NULL;
+ char buf[4096];
+ int i, j = 0, ret = 0;
+ BIO *p7bio = NULL;
+
+ /* Some sanity checks first. */
+ if (!token) {
+ TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
+ goto err;
+ }
+
+ /* Check for the correct content type */
+ if (!PKCS7_type_is_signed(token)) {
+ TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
+ goto err;
+ }
+
+ /* Check if there is one and only one signer. */
+ sinfos = PKCS7_get_signer_info(token);
+ if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
+ TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_THERE_MUST_BE_ONE_SIGNER);
+ goto err;
+ }
+ si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
+
+ /* Check for no content: no data to verify signature. */
+ if (PKCS7_get_detached(token)) {
+ TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
+ goto err;
+ }
+
+ /*
+ * Get hold of the signer certificate, search only internal certificates
+ * if it was requested.
+ */
+ signers = PKCS7_get0_signers(token, certs, 0);
+ if (!signers || sk_X509_num(signers) != 1)
+ goto err;
+ signer = sk_X509_value(signers, 0);
+
+ /* Now verify the certificate. */
+ if (!TS_verify_cert(store, certs, signer, &chain))
+ goto err;
+
+ /*
+ * Check if the signer certificate is consistent with the ESS extension.
+ */
+ if (!TS_check_signing_certs(si, chain))
+ goto err;
+
+ /* Creating the message digest. */
+ p7bio = PKCS7_dataInit(token, NULL);
+
+ /* We now have to 'read' from p7bio to calculate digests etc. */
+ while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0) ;
+
+ /* Verifying the signature. */
+ j = PKCS7_signatureVerify(p7bio, token, si, signer);
+ if (j <= 0) {
+ TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
+ goto err;
+ }
+
+ /* Return the signer certificate if needed. */
+ if (signer_out) {
+ *signer_out = signer;
+ CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+ }
+
+ ret = 1;
+
+ err:
+ BIO_free_all(p7bio);
+ sk_X509_pop_free(chain, X509_free);
+ sk_X509_free(signers);
+
+ return ret;
+}
+
+/*
+ * The certificate chain is returned in chain. Caller is responsible for
+ * freeing the vector.
+ */
+static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
+ X509 *signer, STACK_OF(X509) **chain)
+{
+ X509_STORE_CTX cert_ctx;
+ int i;
+ int ret = 1;
+
+ /* chain is an out argument. */
+ *chain = NULL;
+ if (!X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted))
+ return 0;
+ X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
+ i = X509_verify_cert(&cert_ctx);
+ if (i <= 0) {
+ int j = X509_STORE_CTX_get_error(&cert_ctx);
+ TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
+ ERR_add_error_data(2, "Verify error:",
+ X509_verify_cert_error_string(j));
+ ret = 0;
+ } else {
+ /* Get a copy of the certificate chain. */
+ *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
+ }
+
+ X509_STORE_CTX_cleanup(&cert_ctx);
+
+ return ret;
+}
+
+static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
+ STACK_OF(X509) *chain)
+{
+ ESS_SIGNING_CERT *ss = ESS_get_signing_cert(si);
+ STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
+ X509 *cert;
+ int i = 0;
+ int ret = 0;
+
+ if (!ss)
+ goto err;
+ cert_ids = ss->cert_ids;
+ /* The signer certificate must be the first in cert_ids. */
+ cert = sk_X509_value(chain, 0);
+ if (TS_find_cert(cert_ids, cert) != 0)
+ goto err;
+
+ /*
+ * Check the other certificates of the chain if there are more than one
+ * certificate ids in cert_ids.
+ */
+ if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
+ /* All the certificates of the chain must be in cert_ids. */
+ for (i = 1; i < sk_X509_num(chain); ++i) {
+ cert = sk_X509_value(chain, i);
+ if (TS_find_cert(cert_ids, cert) < 0)
+ goto err;
+ }
+ }
+ ret = 1;
+ err:
+ if (!ret)
+ TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
+ TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
+ ESS_SIGNING_CERT_free(ss);
+ return ret;
+}
+
+static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
+{
+ ASN1_TYPE *attr;
+ const unsigned char *p;
+ attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificate);
+ if (!attr)
+ return NULL;
+ p = attr->value.sequence->data;
+ return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
+}
+
+/* Returns < 0 if certificate is not found, certificate index otherwise. */
+static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
+{
+ int i;
+
+ if (!cert_ids || !cert)
+ return -1;
+
+ /* Recompute SHA1 hash of certificate if necessary (side effect). */
+ X509_check_purpose(cert, -1, 0);
+
+ /* Look for cert in the cert_ids vector. */
+ for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
+ ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
+
+ /* Check the SHA-1 hash first. */
+ if (cid->hash->length == sizeof(cert->sha1_hash)
+ && !memcmp(cid->hash->data, cert->sha1_hash,
+ sizeof(cert->sha1_hash))) {
+ /* Check the issuer/serial as well if specified. */
+ ESS_ISSUER_SERIAL *is = cid->issuer_serial;
+ if (!is || !TS_issuer_serial_cmp(is, cert->cert_info))
+ return i;
+ }
+ }
+
+ return -1;
+}
+
+static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
+{
+ GENERAL_NAME *issuer;
+
+ if (!is || !cinfo || sk_GENERAL_NAME_num(is->issuer) != 1)
+ return -1;
+
+ /* Check the issuer first. It must be a directory name. */
+ issuer = sk_GENERAL_NAME_value(is->issuer, 0);
+ if (issuer->type != GEN_DIRNAME
+ || X509_NAME_cmp(issuer->d.dirn, cinfo->issuer))
+ return -1;
+
+ /* Check the serial number, too. */
+ if (ASN1_INTEGER_cmp(is->serial, cinfo->serialNumber))
+ return -1;
+
+ return 0;
+}
+
+/*-
+ * Verifies whether 'response' contains a valid response with regards
+ * to the settings of the context:
+ * - Gives an error message if the TS_TST_INFO is not present.
+ * - Calls _TS_RESP_verify_token to verify the token content.
+ */
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
+{
+ PKCS7 *token = TS_RESP_get_token(response);
+ TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
+ int ret = 0;
+
+ /* Check if we have a successful TS_TST_INFO object in place. */
+ if (!TS_check_status_info(response))
+ goto err;
+
+ /* Check the contents of the time stamp token. */
+ if (!int_TS_RESP_verify_token(ctx, token, tst_info))
+ goto err;
+
+ ret = 1;
+ err:
+ return ret;
+}
+
+/*
+ * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
+ * calls the internal int_TS_RESP_verify_token function for verifying it.
+ */
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
+{
+ TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
+ int ret = 0;
+ if (tst_info) {
+ ret = int_TS_RESP_verify_token(ctx, token, tst_info);
+ TS_TST_INFO_free(tst_info);
+ }
+ return ret;
+}
+
+/*-
+ * Verifies whether the 'token' contains a valid time stamp token
+ * with regards to the settings of the context. Only those checks are
+ * carried out that are specified in the context:
+ * - Verifies the signature of the TS_TST_INFO.
+ * - Checks the version number of the response.
+ * - Check if the requested and returned policies math.
+ * - Check if the message imprints are the same.
+ * - Check if the nonces are the same.
+ * - Check if the TSA name matches the signer.
+ * - Check if the TSA name is the expected TSA.
+ */
+static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
+ PKCS7 *token, TS_TST_INFO *tst_info)
+{
+ X509 *signer = NULL;
+ GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info);
+ X509_ALGOR *md_alg = NULL;
+ unsigned char *imprint = NULL;
+ unsigned imprint_len = 0;
+ int ret = 0;
+
+ /* Verify the signature. */
+ if ((ctx->flags & TS_VFY_SIGNATURE)
+ && !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer))
+ goto err;
+
+ /* Check version number of response. */
+ if ((ctx->flags & TS_VFY_VERSION)
+ && TS_TST_INFO_get_version(tst_info) != 1) {
+ TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
+ goto err;
+ }
+
+ /* Check policies. */
+ if ((ctx->flags & TS_VFY_POLICY)
+ && !TS_check_policy(ctx->policy, tst_info))
+ goto err;
+
+ /* Check message imprints. */
+ if ((ctx->flags & TS_VFY_IMPRINT)
+ && !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
+ tst_info))
+ goto err;
+
+ /* Compute and check message imprints. */
+ if ((ctx->flags & TS_VFY_DATA)
+ && (!TS_compute_imprint(ctx->data, tst_info,
+ &md_alg, &imprint, &imprint_len)
+ || !TS_check_imprints(md_alg, imprint, imprint_len, tst_info)))
+ goto err;
+
+ /* Check nonces. */
+ if ((ctx->flags & TS_VFY_NONCE)
+ && !TS_check_nonces(ctx->nonce, tst_info))
+ goto err;
+
+ /* Check whether TSA name and signer certificate match. */
+ if ((ctx->flags & TS_VFY_SIGNER)
+ && tsa_name && !TS_check_signer_name(tsa_name, signer)) {
+ TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
+ goto err;
+ }
+
+ /* Check whether the TSA is the expected one. */
+ if ((ctx->flags & TS_VFY_TSA_NAME)
+ && !TS_check_signer_name(ctx->tsa_name, signer)) {
+ TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
+ goto err;
+ }
+
+ ret = 1;
+ err:
+ X509_free(signer);
+ X509_ALGOR_free(md_alg);
+ OPENSSL_free(imprint);
+ return ret;
+}
+
+static int TS_check_status_info(TS_RESP *response)
+{
+ TS_STATUS_INFO *info = TS_RESP_get_status_info(response);
+ long status = ASN1_INTEGER_get(info->status);
+ const char *status_text = NULL;
+ char *embedded_status_text = NULL;
+ char failure_text[TS_STATUS_BUF_SIZE] = "";
+
+ /* Check if everything went fine. */
+ if (status == 0 || status == 1)
+ return 1;
+
+ /* There was an error, get the description in status_text. */
+ if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
+ status_text = TS_status_text[status];
+ else
+ status_text = "unknown code";
+
+ /* Set the embedded_status_text to the returned description. */
+ if (sk_ASN1_UTF8STRING_num(info->text) > 0
+ && !(embedded_status_text = TS_get_status_text(info->text)))
+ return 0;
+
+ /* Filling in failure_text with the failure information. */
+ if (info->failure_info) {
+ int i;
+ int first = 1;
+ for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i) {
+ if (ASN1_BIT_STRING_get_bit(info->failure_info,
+ TS_failure_info[i].code)) {
+ if (!first)
+ strcat(failure_text, ",");
+ else
+ first = 0;
+ strcat(failure_text, TS_failure_info[i].text);
+ }
+ }
+ }
+ if (failure_text[0] == '\0')
+ strcpy(failure_text, "unspecified");
+
+ /* Making up the error string. */
+ TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
+ ERR_add_error_data(6,
+ "status code: ", status_text,
+ ", status text: ", embedded_status_text ?
+ embedded_status_text : "unspecified",
+ ", failure codes: ", failure_text);
+ OPENSSL_free(embedded_status_text);
+
+ return 0;
+}
+
+static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
+{
+ int i;
+ unsigned int length = 0;
+ char *result = NULL;
+ char *p;
+
+ /* Determine length first. */
+ for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
+ ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
+ length += ASN1_STRING_length(current);
+ length += 1; /* separator character */
+ }
+ /* Allocate memory (closing '\0' included). */
+ if (!(result = OPENSSL_malloc(length))) {
+ TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ /* Concatenate the descriptions. */
+ for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i) {
+ ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
+ length = ASN1_STRING_length(current);
+ if (i > 0)
+ *p++ = '/';
+ strncpy(p, (const char *)ASN1_STRING_data(current), length);
+ p += length;
+ }
+ /* We do have space for this, too. */
+ *p = '\0';
+
+ return result;
+}
+
+static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
+{
+ ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info);
+
+ if (OBJ_cmp(req_oid, resp_oid) != 0) {
+ TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
+ return 0;
+ }
+
+ return 1;
+}
+
+static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
+ X509_ALGOR **md_alg,
+ unsigned char **imprint, unsigned *imprint_len)
+{
+ TS_MSG_IMPRINT *msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info);
+ X509_ALGOR *md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint);
+ const EVP_MD *md;
+ EVP_MD_CTX md_ctx;
+ unsigned char buffer[4096];
+ int length;
+
+ *md_alg = NULL;
+ *imprint = NULL;
+
+ /* Return the MD algorithm of the response. */
+ if (!(*md_alg = X509_ALGOR_dup(md_alg_resp)))
+ goto err;
+
+ /* Getting the MD object. */
+ if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm))) {
+ TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
+ goto err;
+ }
+
+ /* Compute message digest. */
+ length = EVP_MD_size(md);
+ if (length < 0)
+ goto err;
+ *imprint_len = length;
+ if (!(*imprint = OPENSSL_malloc(*imprint_len))) {
+ TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!EVP_DigestInit(&md_ctx, md))
+ goto err;
+ while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
+ if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+ goto err;
+ }
+ if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+ goto err;
+
+ return 1;
+ err:
+ X509_ALGOR_free(*md_alg);
+ OPENSSL_free(*imprint);
+ *imprint_len = 0;
+ *imprint = NULL;
+ return 0;
+}
+
+static int TS_check_imprints(X509_ALGOR *algor_a,
+ unsigned char *imprint_a, unsigned len_a,
+ TS_TST_INFO *tst_info)
+{
+ TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info);
+ X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b);
+ int ret = 0;
+
+ /* algor_a is optional. */
+ if (algor_a) {
+ /* Compare algorithm OIDs. */
+ if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm))
+ goto err;
+
+ /* The parameter must be NULL in both. */
+ if ((algor_a->parameter
+ && ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL)
+ || (algor_b->parameter
+ && ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
+ goto err;
+ }
+
+ /* Compare octet strings. */
+ ret = len_a == (unsigned)ASN1_STRING_length(b->hashed_msg) &&
+ memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
+ err:
+ if (!ret)
+ TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
+ return ret;
+}
+
+static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
+{
+ const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info);
+
+ /* Error if nonce is missing. */
+ if (!b) {
+ TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
+ return 0;
+ }
+
+ /* No error if a nonce is returned without being requested. */
+ if (ASN1_INTEGER_cmp(a, b) != 0) {
+ TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
+ return 0;
+ }
+
+ return 1;
+}
+
+/*
+ * Check if the specified TSA name matches either the subject or one of the
+ * subject alternative names of the TSA certificate.
+ */
+static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
+{
+ STACK_OF(GENERAL_NAME) *gen_names = NULL;
+ int idx = -1;
+ int found = 0;
+
+ /* Check the subject name first. */
+ if (tsa_name->type == GEN_DIRNAME
+ && X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
+ return 1;
+
+ /* Check all the alternative names. */
+ gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
+ while (gen_names != NULL
+ && !(found = TS_find_name(gen_names, tsa_name) >= 0)) {
+ /*
+ * Get the next subject alternative name, although there should be no
+ * more than one.
+ */
+ GENERAL_NAMES_free(gen_names);
+ gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
+ NULL, &idx);
+ }
+ if (gen_names)
+ GENERAL_NAMES_free(gen_names);
+
+ return found;
+}
+
+/* Returns 1 if name is in gen_names, 0 otherwise. */
+static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
+{
+ int i, found;
+ for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names); ++i) {
+ GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
+ found = GENERAL_NAME_cmp(current, name) == 0;
+ }
+ return found ? i - 1 : -1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,415 +0,0 @@
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_H
-# define HEADER_UI_H
-
-# ifndef OPENSSL_NO_DEPRECATED
-# include <openssl/crypto.h>
-# endif
-# include <openssl/safestack.h>
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct ui_st UI; */
-/* typedef struct ui_method_st UI_METHOD; */
-
-/*
- * All the following functions return -1 or NULL on error and in some cases
- * (UI_process()) -2 if interrupted or in some other way cancelled. When
- * everything is fine, they return 0, a positive value or a non-NULL pointer,
- * all depending on their purpose.
- */
-
-/* Creators and destructor. */
-UI *UI_new(void);
-UI *UI_new_method(const UI_METHOD *method);
-void UI_free(UI *ui);
-
-/*-
- The following functions are used to add strings to be printed and prompt
- strings to prompt for data. The names are UI_{add,dup}_<function>_string
- and UI_{add,dup}_input_boolean.
-
- UI_{add,dup}_<function>_string have the following meanings:
- add add a text or prompt string. The pointers given to these
- functions are used verbatim, no copying is done.
- dup make a copy of the text or prompt string, then add the copy
- to the collection of strings in the user interface.
- <function>
- The function is a name for the functionality that the given
- string shall be used for. It can be one of:
- input use the string as data prompt.
- verify use the string as verification prompt. This
- is used to verify a previous input.
- info use the string for informational output.
- error use the string for error output.
- Honestly, there's currently no difference between info and error for the
- moment.
-
- UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
- and are typically used when one wants to prompt for a yes/no response.
-
- All of the functions in this group take a UI and a prompt string.
- The string input and verify addition functions also take a flag argument,
- a buffer for the result to end up with, a minimum input size and a maximum
- input size (the result buffer MUST be large enough to be able to contain
- the maximum number of characters). Additionally, the verify addition
- functions takes another buffer to compare the result against.
- The boolean input functions take an action description string (which should
- be safe to ignore if the expected user action is obvious, for example with
- a dialog box with an OK button and a Cancel button), a string of acceptable
- characters to mean OK and to mean Cancel. The two last strings are checked
- to make sure they don't have common characters. Additionally, the same
- flag argument as for the string input is taken, as well as a result buffer.
- The result buffer is required to be at least one byte long. Depending on
- the answer, the first character from the OK or the Cancel character strings
- will be stored in the first byte of the result buffer. No NUL will be
- added, so the result is *not* a string.
-
- On success, the all return an index of the added information. That index
- is usefull when retrieving results with UI_get0_result(). */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize);
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize);
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf);
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf);
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
- const char *ok_chars, const char *cancel_chars,
- int flags, char *result_buf);
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
- const char *ok_chars, const char *cancel_chars,
- int flags, char *result_buf);
-int UI_add_info_string(UI *ui, const char *text);
-int UI_dup_info_string(UI *ui, const char *text);
-int UI_add_error_string(UI *ui, const char *text);
-int UI_dup_error_string(UI *ui, const char *text);
-
-/* These are the possible flags. They can be or'ed together. */
-/* Use to have echoing of input */
-# define UI_INPUT_FLAG_ECHO 0x01
-/*
- * Use a default password. Where that password is found is completely up to
- * the application, it might for example be in the user data set with
- * UI_add_user_data(). It is not recommended to have more than one input in
- * each UI being marked with this flag, or the application might get
- * confused.
- */
-# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
-
-/*-
- * The user of these routines may want to define flags of their own. The core
- * UI won't look at those, but will pass them on to the method routines. They
- * must use higher bits so they don't get confused with the UI bits above.
- * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
- * example of use is this:
- *
- * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
- *
-*/
-# define UI_INPUT_FLAG_USER_BASE 16
-
-/*-
- * The following function helps construct a prompt. object_desc is a
- * textual short description of the object, for example "pass phrase",
- * and object_name is the name of the object (might be a card name or
- * a file name.
- * The returned string shall always be allocated on the heap with
- * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
- *
- * If the ui_method doesn't contain a pointer to a user-defined prompt
- * constructor, a default string is built, looking like this:
- *
- * "Enter {object_desc} for {object_name}:"
- *
- * So, if object_desc has the value "pass phrase" and object_name has
- * the value "foo.key", the resulting string is:
- *
- * "Enter pass phrase for foo.key:"
-*/
-char *UI_construct_prompt(UI *ui_method,
- const char *object_desc, const char *object_name);
-
-/*
- * The following function is used to store a pointer to user-specific data.
- * Any previous such pointer will be returned and replaced.
- *
- * For callback purposes, this function makes a lot more sense than using
- * ex_data, since the latter requires that different parts of OpenSSL or
- * applications share the same ex_data index.
- *
- * Note that the UI_OpenSSL() method completely ignores the user data. Other
- * methods may not, however.
- */
-void *UI_add_user_data(UI *ui, void *user_data);
-/* We need a user data retrieving function as well. */
-void *UI_get0_user_data(UI *ui);
-
-/* Return the result associated with a prompt given with the index i. */
-const char *UI_get0_result(UI *ui, int i);
-
-/* When all strings have been added, process the whole thing. */
-int UI_process(UI *ui);
-
-/*
- * Give a user interface parametrised control commands. This can be used to
- * send down an integer, a data pointer or a function pointer, as well as be
- * used to get information from a UI.
- */
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
-
-/* The commands */
-/*
- * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
- * OpenSSL error stack before printing any info or added error messages and
- * before any prompting.
- */
-# define UI_CTRL_PRINT_ERRORS 1
-/*
- * Check if a UI_process() is possible to do again with the same instance of
- * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
- * if not.
- */
-# define UI_CTRL_IS_REDOABLE 2
-
-/* Some methods may use extra data */
-# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
-# define UI_get_app_data(s) UI_get_ex_data(s,0)
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int UI_set_ex_data(UI *r, int idx, void *arg);
-void *UI_get_ex_data(UI *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-void UI_set_default_method(const UI_METHOD *meth);
-const UI_METHOD *UI_get_default_method(void);
-const UI_METHOD *UI_get_method(UI *ui);
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void);
-
-/* ---------- For method writers ---------- */
-/*-
- A method contains a number of functions that implement the low level
- of the User Interface. The functions are:
-
- an opener This function starts a session, maybe by opening
- a channel to a tty, or by opening a window.
- a writer This function is called to write a given string,
- maybe to the tty, maybe as a field label in a
- window.
- a flusher This function is called to flush everything that
- has been output so far. It can be used to actually
- display a dialog box after it has been built.
- a reader This function is called to read a given prompt,
- maybe from the tty, maybe from a field in a
- window. Note that it's called wth all string
- structures, not only the prompt ones, so it must
- check such things itself.
- a closer This function closes the session, maybe by closing
- the channel to the tty, or closing the window.
-
- All these functions are expected to return:
-
- 0 on error.
- 1 on success.
- -1 on out-of-band events, for example if some prompting has
- been canceled (by pressing Ctrl-C, for example). This is
- only checked when returned by the flusher or the reader.
-
- The way this is used, the opener is first called, then the writer for all
- strings, then the flusher, then the reader for all strings and finally the
- closer. Note that if you want to prompt from a terminal or other command
- line interface, the best is to have the reader also write the prompts
- instead of having the writer do it. If you want to prompt from a dialog
- box, the writer can be used to build up the contents of the box, and the
- flusher to actually display the box and run the event loop until all data
- has been given, after which the reader only grabs the given data and puts
- them back into the UI strings.
-
- All method functions take a UI as argument. Additionally, the writer and
- the reader take a UI_STRING.
-*/
-
-/*
- * The UI_STRING type is the data structure that contains all the needed info
- * about a string or a prompt, including test data for a verification prompt.
- */
-typedef struct ui_string_st UI_STRING;
-DECLARE_STACK_OF(UI_STRING)
-
-/*
- * The different types of strings that are currently supported. This is only
- * needed by method authors.
- */
-enum UI_string_types {
- UIT_NONE = 0,
- UIT_PROMPT, /* Prompt for a string */
- UIT_VERIFY, /* Prompt for a string and verify */
- UIT_BOOLEAN, /* Prompt for a yes/no response */
- UIT_INFO, /* Send info to the user */
- UIT_ERROR /* Send an error message to the user */
-};
-
-/* Create and manipulate methods */
-UI_METHOD *UI_create_method(char *name);
-void UI_destroy_method(UI_METHOD *ui_method);
-int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
-int UI_method_set_writer(UI_METHOD *method,
- int (*writer) (UI *ui, UI_STRING *uis));
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
-int UI_method_set_reader(UI_METHOD *method,
- int (*reader) (UI *ui, UI_STRING *uis));
-int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
-int UI_method_set_prompt_constructor(UI_METHOD *method,
- char *(*prompt_constructor) (UI *ui,
- const char
- *object_desc,
- const char
- *object_name));
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
-char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
- const char *,
- const char *);
-
-/*
- * The following functions are helpers for method writers to access relevant
- * data from a UI_STRING.
- */
-
-/* Return type of the UI_STRING */
-enum UI_string_types UI_get_string_type(UI_STRING *uis);
-/* Return input flags of the UI_STRING */
-int UI_get_input_flags(UI_STRING *uis);
-/* Return the actual string to output (the prompt, info or error) */
-const char *UI_get0_output_string(UI_STRING *uis);
-/*
- * Return the optional action string to output (the boolean promtp
- * instruction)
- */
-const char *UI_get0_action_string(UI_STRING *uis);
-/* Return the result of a prompt */
-const char *UI_get0_result_string(UI_STRING *uis);
-/*
- * Return the string to test the result against. Only useful with verifies.
- */
-const char *UI_get0_test_string(UI_STRING *uis);
-/* Return the required minimum size of the result */
-int UI_get_result_minsize(UI_STRING *uis);
-/* Return the required maximum size of the result */
-int UI_get_result_maxsize(UI_STRING *uis);
-/* Set the result of a UI_STRING. */
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
-
-/* A couple of popular utility functions */
-int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
- int verify);
-int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
- int verify);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_UI_strings(void);
-
-/* Error codes for the UI functions. */
-
-/* Function codes. */
-# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
-# define UI_F_GENERAL_ALLOCATE_PROMPT 109
-# define UI_F_GENERAL_ALLOCATE_STRING 100
-# define UI_F_UI_CTRL 111
-# define UI_F_UI_DUP_ERROR_STRING 101
-# define UI_F_UI_DUP_INFO_STRING 102
-# define UI_F_UI_DUP_INPUT_BOOLEAN 110
-# define UI_F_UI_DUP_INPUT_STRING 103
-# define UI_F_UI_DUP_VERIFY_STRING 106
-# define UI_F_UI_GET0_RESULT 107
-# define UI_F_UI_NEW_METHOD 104
-# define UI_F_UI_SET_RESULT 105
-
-/* Reason codes. */
-# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
-# define UI_R_INDEX_TOO_LARGE 102
-# define UI_R_INDEX_TOO_SMALL 103
-# define UI_R_NO_RESULT_BUFFER 105
-# define UI_R_RESULT_TOO_LARGE 100
-# define UI_R_RESULT_TOO_SMALL 101
-# define UI_R_UNKNOWN_CONTROL_COMMAND 106
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,415 @@
+/* crypto/ui/ui.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_H
+# define HEADER_UI_H
+
+# ifndef OPENSSL_NO_DEPRECATED
+# include <openssl/crypto.h>
+# endif
+# include <openssl/safestack.h>
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Declared already in ossl_typ.h */
+/* typedef struct ui_st UI; */
+/* typedef struct ui_method_st UI_METHOD; */
+
+/*
+ * All the following functions return -1 or NULL on error and in some cases
+ * (UI_process()) -2 if interrupted or in some other way cancelled. When
+ * everything is fine, they return 0, a positive value or a non-NULL pointer,
+ * all depending on their purpose.
+ */
+
+/* Creators and destructor. */
+UI *UI_new(void);
+UI *UI_new_method(const UI_METHOD *method);
+void UI_free(UI *ui);
+
+/*-
+ The following functions are used to add strings to be printed and prompt
+ strings to prompt for data. The names are UI_{add,dup}_<function>_string
+ and UI_{add,dup}_input_boolean.
+
+ UI_{add,dup}_<function>_string have the following meanings:
+ add add a text or prompt string. The pointers given to these
+ functions are used verbatim, no copying is done.
+ dup make a copy of the text or prompt string, then add the copy
+ to the collection of strings in the user interface.
+ <function>
+ The function is a name for the functionality that the given
+ string shall be used for. It can be one of:
+ input use the string as data prompt.
+ verify use the string as verification prompt. This
+ is used to verify a previous input.
+ info use the string for informational output.
+ error use the string for error output.
+ Honestly, there's currently no difference between info and error for the
+ moment.
+
+ UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+ and are typically used when one wants to prompt for a yes/no response.
+
+ All of the functions in this group take a UI and a prompt string.
+ The string input and verify addition functions also take a flag argument,
+ a buffer for the result to end up with, a minimum input size and a maximum
+ input size (the result buffer MUST be large enough to be able to contain
+ the maximum number of characters). Additionally, the verify addition
+ functions takes another buffer to compare the result against.
+ The boolean input functions take an action description string (which should
+ be safe to ignore if the expected user action is obvious, for example with
+ a dialog box with an OK button and a Cancel button), a string of acceptable
+ characters to mean OK and to mean Cancel. The two last strings are checked
+ to make sure they don't have common characters. Additionally, the same
+ flag argument as for the string input is taken, as well as a result buffer.
+ The result buffer is required to be at least one byte long. Depending on
+ the answer, the first character from the OK or the Cancel character strings
+ will be stored in the first byte of the result buffer. No NUL will be
+ added, so the result is *not* a string.
+
+ On success, the all return an index of the added information. That index
+ is usefull when retrieving results with UI_get0_result(). */
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize);
+int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize);
+int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf);
+int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf);
+int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf);
+int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf);
+int UI_add_info_string(UI *ui, const char *text);
+int UI_dup_info_string(UI *ui, const char *text);
+int UI_add_error_string(UI *ui, const char *text);
+int UI_dup_error_string(UI *ui, const char *text);
+
+/* These are the possible flags. They can be or'ed together. */
+/* Use to have echoing of input */
+# define UI_INPUT_FLAG_ECHO 0x01
+/*
+ * Use a default password. Where that password is found is completely up to
+ * the application, it might for example be in the user data set with
+ * UI_add_user_data(). It is not recommended to have more than one input in
+ * each UI being marked with this flag, or the application might get
+ * confused.
+ */
+# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
+
+/*-
+ * The user of these routines may want to define flags of their own. The core
+ * UI won't look at those, but will pass them on to the method routines. They
+ * must use higher bits so they don't get confused with the UI bits above.
+ * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
+ * example of use is this:
+ *
+ * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
+ *
+*/
+# define UI_INPUT_FLAG_USER_BASE 16
+
+/*-
+ * The following function helps construct a prompt. object_desc is a
+ * textual short description of the object, for example "pass phrase",
+ * and object_name is the name of the object (might be a card name or
+ * a file name.
+ * The returned string shall always be allocated on the heap with
+ * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+ *
+ * If the ui_method doesn't contain a pointer to a user-defined prompt
+ * constructor, a default string is built, looking like this:
+ *
+ * "Enter {object_desc} for {object_name}:"
+ *
+ * So, if object_desc has the value "pass phrase" and object_name has
+ * the value "foo.key", the resulting string is:
+ *
+ * "Enter pass phrase for foo.key:"
+*/
+char *UI_construct_prompt(UI *ui_method,
+ const char *object_desc, const char *object_name);
+
+/*
+ * The following function is used to store a pointer to user-specific data.
+ * Any previous such pointer will be returned and replaced.
+ *
+ * For callback purposes, this function makes a lot more sense than using
+ * ex_data, since the latter requires that different parts of OpenSSL or
+ * applications share the same ex_data index.
+ *
+ * Note that the UI_OpenSSL() method completely ignores the user data. Other
+ * methods may not, however.
+ */
+void *UI_add_user_data(UI *ui, void *user_data);
+/* We need a user data retrieving function as well. */
+void *UI_get0_user_data(UI *ui);
+
+/* Return the result associated with a prompt given with the index i. */
+const char *UI_get0_result(UI *ui, int i);
+
+/* When all strings have been added, process the whole thing. */
+int UI_process(UI *ui);
+
+/*
+ * Give a user interface parametrised control commands. This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a UI.
+ */
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
+
+/* The commands */
+/*
+ * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+ * OpenSSL error stack before printing any info or added error messages and
+ * before any prompting.
+ */
+# define UI_CTRL_PRINT_ERRORS 1
+/*
+ * Check if a UI_process() is possible to do again with the same instance of
+ * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
+ * if not.
+ */
+# define UI_CTRL_IS_REDOABLE 2
+
+/* Some methods may use extra data */
+# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
+# define UI_get_app_data(s) UI_get_ex_data(s,0)
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int UI_set_ex_data(UI *r, int idx, void *arg);
+void *UI_get_ex_data(UI *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+void UI_set_default_method(const UI_METHOD *meth);
+const UI_METHOD *UI_get_default_method(void);
+const UI_METHOD *UI_get_method(UI *ui);
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void);
+
+/* ---------- For method writers ---------- */
+/*-
+ A method contains a number of functions that implement the low level
+ of the User Interface. The functions are:
+
+ an opener This function starts a session, maybe by opening
+ a channel to a tty, or by opening a window.
+ a writer This function is called to write a given string,
+ maybe to the tty, maybe as a field label in a
+ window.
+ a flusher This function is called to flush everything that
+ has been output so far. It can be used to actually
+ display a dialog box after it has been built.
+ a reader This function is called to read a given prompt,
+ maybe from the tty, maybe from a field in a
+ window. Note that it's called wth all string
+ structures, not only the prompt ones, so it must
+ check such things itself.
+ a closer This function closes the session, maybe by closing
+ the channel to the tty, or closing the window.
+
+ All these functions are expected to return:
+
+ 0 on error.
+ 1 on success.
+ -1 on out-of-band events, for example if some prompting has
+ been canceled (by pressing Ctrl-C, for example). This is
+ only checked when returned by the flusher or the reader.
+
+ The way this is used, the opener is first called, then the writer for all
+ strings, then the flusher, then the reader for all strings and finally the
+ closer. Note that if you want to prompt from a terminal or other command
+ line interface, the best is to have the reader also write the prompts
+ instead of having the writer do it. If you want to prompt from a dialog
+ box, the writer can be used to build up the contents of the box, and the
+ flusher to actually display the box and run the event loop until all data
+ has been given, after which the reader only grabs the given data and puts
+ them back into the UI strings.
+
+ All method functions take a UI as argument. Additionally, the writer and
+ the reader take a UI_STRING.
+*/
+
+/*
+ * The UI_STRING type is the data structure that contains all the needed info
+ * about a string or a prompt, including test data for a verification prompt.
+ */
+typedef struct ui_string_st UI_STRING;
+DECLARE_STACK_OF(UI_STRING)
+
+/*
+ * The different types of strings that are currently supported. This is only
+ * needed by method authors.
+ */
+enum UI_string_types {
+ UIT_NONE = 0,
+ UIT_PROMPT, /* Prompt for a string */
+ UIT_VERIFY, /* Prompt for a string and verify */
+ UIT_BOOLEAN, /* Prompt for a yes/no response */
+ UIT_INFO, /* Send info to the user */
+ UIT_ERROR /* Send an error message to the user */
+};
+
+/* Create and manipulate methods */
+UI_METHOD *UI_create_method(char *name);
+void UI_destroy_method(UI_METHOD *ui_method);
+int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+int UI_method_set_writer(UI_METHOD *method,
+ int (*writer) (UI *ui, UI_STRING *uis));
+int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+int UI_method_set_reader(UI_METHOD *method,
+ int (*reader) (UI *ui, UI_STRING *uis));
+int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+ char *(*prompt_constructor) (UI *ui,
+ const char
+ *object_desc,
+ const char
+ *object_name));
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+ const char *,
+ const char *);
+
+/*
+ * The following functions are helpers for method writers to access relevant
+ * data from a UI_STRING.
+ */
+
+/* Return type of the UI_STRING */
+enum UI_string_types UI_get_string_type(UI_STRING *uis);
+/* Return input flags of the UI_STRING */
+int UI_get_input_flags(UI_STRING *uis);
+/* Return the actual string to output (the prompt, info or error) */
+const char *UI_get0_output_string(UI_STRING *uis);
+/*
+ * Return the optional action string to output (the boolean promtp
+ * instruction)
+ */
+const char *UI_get0_action_string(UI_STRING *uis);
+/* Return the result of a prompt */
+const char *UI_get0_result_string(UI_STRING *uis);
+/*
+ * Return the string to test the result against. Only useful with verifies.
+ */
+const char *UI_get0_test_string(UI_STRING *uis);
+/* Return the required minimum size of the result */
+int UI_get_result_minsize(UI_STRING *uis);
+/* Return the required maximum size of the result */
+int UI_get_result_maxsize(UI_STRING *uis);
+/* Set the result of a UI_STRING. */
+int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+
+/* A couple of popular utility functions */
+int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+ int verify);
+int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+ int verify);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_UI_strings(void);
+
+/* Error codes for the UI functions. */
+
+/* Function codes. */
+# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
+# define UI_F_GENERAL_ALLOCATE_PROMPT 109
+# define UI_F_GENERAL_ALLOCATE_STRING 100
+# define UI_F_UI_CTRL 111
+# define UI_F_UI_DUP_ERROR_STRING 101
+# define UI_F_UI_DUP_INFO_STRING 102
+# define UI_F_UI_DUP_INPUT_BOOLEAN 110
+# define UI_F_UI_DUP_INPUT_STRING 103
+# define UI_F_UI_DUP_VERIFY_STRING 106
+# define UI_F_UI_GET0_RESULT 107
+# define UI_F_UI_NEW_METHOD 104
+# define UI_F_UI_SET_RESULT 105
+
+/* Reason codes. */
+# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
+# define UI_R_INDEX_TOO_LARGE 102
+# define UI_R_INDEX_TOO_SMALL 103
+# define UI_R_NO_RESULT_BUFFER 105
+# define UI_R_RESULT_TOO_LARGE 100
+# define UI_R_RESULT_TOO_SMALL 101
+# define UI_R_UNKNOWN_CONTROL_COMMAND 106
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui_compat.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,69 +0,0 @@
-/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/ui_compat.h>
-
-int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
- int verify)
-{
- return UI_UTIL_read_pw_string(buf, length, prompt, verify);
-}
-
-int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
- int verify)
-{
- return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui_compat.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,69 @@
+/* crypto/ui/ui_compat.c */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/ui_compat.h>
+
+int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
+ int verify)
+{
+ return UI_UTIL_read_pw_string(buf, length, prompt, verify);
+}
+
+int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
+ int verify)
+{
+ return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui_compat.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,88 +0,0 @@
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_COMPAT_H
-# define HEADER_UI_COMPAT_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/ui.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * The following functions were previously part of the DES section, and are
- * provided here for backward compatibility reasons.
- */
-
-# define des_read_pw_string(b,l,p,v) \
- _ossl_old_des_read_pw_string((b),(l),(p),(v))
-# define des_read_pw(b,bf,s,p,v) \
- _ossl_old_des_read_pw((b),(bf),(s),(p),(v))
-
-int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
- int verify);
-int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
- int verify);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui_compat.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_compat.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,88 @@
+/* crypto/ui/ui.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_COMPAT_H
+# define HEADER_UI_COMPAT_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/ui.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * The following functions were previously part of the DES section, and are
+ * provided here for backward compatibility reasons.
+ */
+
+# define des_read_pw_string(b,l,p,v) \
+ _ossl_old_des_read_pw_string((b),(l),(p),(v))
+# define des_read_pw(b,bf,s,p,v) \
+ _ossl_old_des_read_pw((b),(bf),(s),(p),(v))
+
+int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
+ int verify);
+int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
+ int verify);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,870 +0,0 @@
-/* crypto/ui/ui_lib.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/ui.h>
-#include <openssl/err.h>
-#include "ui_locl.h"
-
-IMPLEMENT_STACK_OF(UI_STRING_ST)
-
-static const UI_METHOD *default_UI_meth = NULL;
-
-UI *UI_new(void)
-{
- return (UI_new_method(NULL));
-}
-
-UI *UI_new_method(const UI_METHOD *method)
-{
- UI *ret;
-
- ret = (UI *)OPENSSL_malloc(sizeof(UI));
- if (ret == NULL) {
- UIerr(UI_F_UI_NEW_METHOD, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (method == NULL)
- ret->meth = UI_get_default_method();
- else
- ret->meth = method;
-
- ret->strings = NULL;
- ret->user_data = NULL;
- ret->flags = 0;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
- return ret;
-}
-
-static void free_string(UI_STRING *uis)
-{
- if (uis->flags & OUT_STRING_FREEABLE) {
- OPENSSL_free((char *)uis->out_string);
- switch (uis->type) {
- case UIT_BOOLEAN:
- OPENSSL_free((char *)uis->_.boolean_data.action_desc);
- OPENSSL_free((char *)uis->_.boolean_data.ok_chars);
- OPENSSL_free((char *)uis->_.boolean_data.cancel_chars);
- break;
- default:
- break;
- }
- }
- OPENSSL_free(uis);
-}
-
-void UI_free(UI *ui)
-{
- if (ui == NULL)
- return;
- sk_UI_STRING_pop_free(ui->strings, free_string);
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data);
- OPENSSL_free(ui);
-}
-
-static int allocate_string_stack(UI *ui)
-{
- if (ui->strings == NULL) {
- ui->strings = sk_UI_STRING_new_null();
- if (ui->strings == NULL) {
- return -1;
- }
- }
- return 0;
-}
-
-static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
- int prompt_freeable,
- enum UI_string_types type,
- int input_flags, char *result_buf)
-{
- UI_STRING *ret = NULL;
-
- if (prompt == NULL) {
- UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, ERR_R_PASSED_NULL_PARAMETER);
- } else if ((type == UIT_PROMPT || type == UIT_VERIFY
- || type == UIT_BOOLEAN) && result_buf == NULL) {
- UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, UI_R_NO_RESULT_BUFFER);
- } else if ((ret = (UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING)))) {
- ret->out_string = prompt;
- ret->flags = prompt_freeable ? OUT_STRING_FREEABLE : 0;
- ret->input_flags = input_flags;
- ret->type = type;
- ret->result_buf = result_buf;
- }
- return ret;
-}
-
-static int general_allocate_string(UI *ui, const char *prompt,
- int prompt_freeable,
- enum UI_string_types type, int input_flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf)
-{
- int ret = -1;
- UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
- type, input_flags, result_buf);
-
- if (s) {
- if (allocate_string_stack(ui) >= 0) {
- s->_.string_data.result_minsize = minsize;
- s->_.string_data.result_maxsize = maxsize;
- s->_.string_data.test_buf = test_buf;
- ret = sk_UI_STRING_push(ui->strings, s);
- /* sk_push() returns 0 on error. Let's addapt that */
- if (ret <= 0)
- ret--;
- } else
- free_string(s);
- }
- return ret;
-}
-
-static int general_allocate_boolean(UI *ui,
- const char *prompt,
- const char *action_desc,
- const char *ok_chars,
- const char *cancel_chars,
- int prompt_freeable,
- enum UI_string_types type,
- int input_flags, char *result_buf)
-{
- int ret = -1;
- UI_STRING *s;
- const char *p;
-
- if (ok_chars == NULL) {
- UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
- } else if (cancel_chars == NULL) {
- UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
- } else {
- for (p = ok_chars; *p; p++) {
- if (strchr(cancel_chars, *p)) {
- UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
- UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
- }
- }
-
- s = general_allocate_prompt(ui, prompt, prompt_freeable,
- type, input_flags, result_buf);
-
- if (s) {
- if (allocate_string_stack(ui) >= 0) {
- s->_.boolean_data.action_desc = action_desc;
- s->_.boolean_data.ok_chars = ok_chars;
- s->_.boolean_data.cancel_chars = cancel_chars;
- ret = sk_UI_STRING_push(ui->strings, s);
- /*
- * sk_push() returns 0 on error. Let's addapt that
- */
- if (ret <= 0)
- ret--;
- } else
- free_string(s);
- }
- }
- return ret;
-}
-
-/*
- * Returns the index to the place in the stack or -1 for error. Uses a
- * direct reference to the prompt.
- */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize)
-{
- return general_allocate_string(ui, prompt, 0,
- UIT_PROMPT, flags, result_buf, minsize,
- maxsize, NULL);
-}
-
-/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize)
-{
- char *prompt_copy = NULL;
-
- if (prompt) {
- prompt_copy = BUF_strdup(prompt);
- if (prompt_copy == NULL) {
- UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
-
- return general_allocate_string(ui, prompt_copy, 1,
- UIT_PROMPT, flags, result_buf, minsize,
- maxsize, NULL);
-}
-
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf)
-{
- return general_allocate_string(ui, prompt, 0,
- UIT_VERIFY, flags, result_buf, minsize,
- maxsize, test_buf);
-}
-
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf)
-{
- char *prompt_copy = NULL;
-
- if (prompt) {
- prompt_copy = BUF_strdup(prompt);
- if (prompt_copy == NULL) {
- UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- }
-
- return general_allocate_string(ui, prompt_copy, 1,
- UIT_VERIFY, flags, result_buf, minsize,
- maxsize, test_buf);
-}
-
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
- const char *ok_chars, const char *cancel_chars,
- int flags, char *result_buf)
-{
- return general_allocate_boolean(ui, prompt, action_desc,
- ok_chars, cancel_chars, 0, UIT_BOOLEAN,
- flags, result_buf);
-}
-
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
- const char *ok_chars, const char *cancel_chars,
- int flags, char *result_buf)
-{
- char *prompt_copy = NULL;
- char *action_desc_copy = NULL;
- char *ok_chars_copy = NULL;
- char *cancel_chars_copy = NULL;
-
- if (prompt) {
- prompt_copy = BUF_strdup(prompt);
- if (prompt_copy == NULL) {
- UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
-
- if (action_desc) {
- action_desc_copy = BUF_strdup(action_desc);
- if (action_desc_copy == NULL) {
- UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
-
- if (ok_chars) {
- ok_chars_copy = BUF_strdup(ok_chars);
- if (ok_chars_copy == NULL) {
- UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
-
- if (cancel_chars) {
- cancel_chars_copy = BUF_strdup(cancel_chars);
- if (cancel_chars_copy == NULL) {
- UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
-
- return general_allocate_boolean(ui, prompt_copy, action_desc_copy,
- ok_chars_copy, cancel_chars_copy, 1,
- UIT_BOOLEAN, flags, result_buf);
- err:
- if (prompt_copy)
- OPENSSL_free(prompt_copy);
- if (action_desc_copy)
- OPENSSL_free(action_desc_copy);
- if (ok_chars_copy)
- OPENSSL_free(ok_chars_copy);
- if (cancel_chars_copy)
- OPENSSL_free(cancel_chars_copy);
- return -1;
-}
-
-int UI_add_info_string(UI *ui, const char *text)
-{
- return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0,
- NULL);
-}
-
-int UI_dup_info_string(UI *ui, const char *text)
-{
- char *text_copy = NULL;
-
- if (text) {
- text_copy = BUF_strdup(text);
- if (text_copy == NULL) {
- UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- }
-
- return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
- 0, 0, NULL);
-}
-
-int UI_add_error_string(UI *ui, const char *text)
-{
- return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0,
- NULL);
-}
-
-int UI_dup_error_string(UI *ui, const char *text)
-{
- char *text_copy = NULL;
-
- if (text) {
- text_copy = BUF_strdup(text);
- if (text_copy == NULL) {
- UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- }
- return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL,
- 0, 0, NULL);
-}
-
-char *UI_construct_prompt(UI *ui, const char *object_desc,
- const char *object_name)
-{
- char *prompt = NULL;
-
- if (ui->meth->ui_construct_prompt)
- prompt = ui->meth->ui_construct_prompt(ui, object_desc, object_name);
- else {
- char prompt1[] = "Enter ";
- char prompt2[] = " for ";
- char prompt3[] = ":";
- int len = 0;
-
- if (object_desc == NULL)
- return NULL;
- len = sizeof(prompt1) - 1 + strlen(object_desc);
- if (object_name)
- len += sizeof(prompt2) - 1 + strlen(object_name);
- len += sizeof(prompt3) - 1;
-
- prompt = (char *)OPENSSL_malloc(len + 1);
- BUF_strlcpy(prompt, prompt1, len + 1);
- BUF_strlcat(prompt, object_desc, len + 1);
- if (object_name) {
- BUF_strlcat(prompt, prompt2, len + 1);
- BUF_strlcat(prompt, object_name, len + 1);
- }
- BUF_strlcat(prompt, prompt3, len + 1);
- }
- return prompt;
-}
-
-void *UI_add_user_data(UI *ui, void *user_data)
-{
- void *old_data = ui->user_data;
- ui->user_data = user_data;
- return old_data;
-}
-
-void *UI_get0_user_data(UI *ui)
-{
- return ui->user_data;
-}
-
-const char *UI_get0_result(UI *ui, int i)
-{
- if (i < 0) {
- UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_SMALL);
- return NULL;
- }
- if (i >= sk_UI_STRING_num(ui->strings)) {
- UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_LARGE);
- return NULL;
- }
- return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
-}
-
-static int print_error(const char *str, size_t len, UI *ui)
-{
- UI_STRING uis;
-
- memset(&uis, 0, sizeof(uis));
- uis.type = UIT_ERROR;
- uis.out_string = str;
-
- if (ui->meth->ui_write_string && !ui->meth->ui_write_string(ui, &uis))
- return -1;
- return 0;
-}
-
-int UI_process(UI *ui)
-{
- int i, ok = 0;
-
- if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
- return -1;
-
- if (ui->flags & UI_FLAG_PRINT_ERRORS)
- ERR_print_errors_cb((int (*)(const char *, size_t, void *))
- print_error, (void *)ui);
-
- for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
- if (ui->meth->ui_write_string
- && !ui->meth->ui_write_string(ui,
- sk_UI_STRING_value(ui->strings, i)))
- {
- ok = -1;
- goto err;
- }
- }
-
- if (ui->meth->ui_flush)
- switch (ui->meth->ui_flush(ui)) {
- case -1: /* Interrupt/Cancel/something... */
- ok = -2;
- goto err;
- case 0: /* Errors */
- ok = -1;
- goto err;
- default: /* Success */
- ok = 0;
- break;
- }
-
- for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
- if (ui->meth->ui_read_string) {
- switch (ui->meth->ui_read_string(ui,
- sk_UI_STRING_value(ui->strings,
- i))) {
- case -1: /* Interrupt/Cancel/something... */
- ok = -2;
- goto err;
- case 0: /* Errors */
- ok = -1;
- goto err;
- default: /* Success */
- ok = 0;
- break;
- }
- }
- }
- err:
- if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
- return -1;
- return ok;
-}
-
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void))
-{
- if (ui == NULL) {
- UIerr(UI_F_UI_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return -1;
- }
- switch (cmd) {
- case UI_CTRL_PRINT_ERRORS:
- {
- int save_flag = ! !(ui->flags & UI_FLAG_PRINT_ERRORS);
- if (i)
- ui->flags |= UI_FLAG_PRINT_ERRORS;
- else
- ui->flags &= ~UI_FLAG_PRINT_ERRORS;
- return save_flag;
- }
- case UI_CTRL_IS_REDOABLE:
- return ! !(ui->flags & UI_FLAG_REDOABLE);
- default:
- break;
- }
- UIerr(UI_F_UI_CTRL, UI_R_UNKNOWN_CONTROL_COMMAND);
- return -1;
-}
-
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int UI_set_ex_data(UI *r, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *UI_get_ex_data(UI *r, int idx)
-{
- return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-void UI_set_default_method(const UI_METHOD *meth)
-{
- default_UI_meth = meth;
-}
-
-const UI_METHOD *UI_get_default_method(void)
-{
- if (default_UI_meth == NULL) {
- default_UI_meth = UI_OpenSSL();
- }
- return default_UI_meth;
-}
-
-const UI_METHOD *UI_get_method(UI *ui)
-{
- return ui->meth;
-}
-
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth)
-{
- ui->meth = meth;
- return ui->meth;
-}
-
-UI_METHOD *UI_create_method(char *name)
-{
- UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
-
- if (ui_method) {
- memset(ui_method, 0, sizeof(*ui_method));
- ui_method->name = BUF_strdup(name);
- }
- return ui_method;
-}
-
-/*
- * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
- * (that is, it hasn't been allocated using UI_create_method(), you deserve
- * anything Murphy can throw at you and more! You have been warned.
- */
-void UI_destroy_method(UI_METHOD *ui_method)
-{
- OPENSSL_free(ui_method->name);
- ui_method->name = NULL;
- OPENSSL_free(ui_method);
-}
-
-int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui))
-{
- if (method) {
- method->ui_open_session = opener;
- return 0;
- } else
- return -1;
-}
-
-int UI_method_set_writer(UI_METHOD *method,
- int (*writer) (UI *ui, UI_STRING *uis))
-{
- if (method) {
- method->ui_write_string = writer;
- return 0;
- } else
- return -1;
-}
-
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui))
-{
- if (method) {
- method->ui_flush = flusher;
- return 0;
- } else
- return -1;
-}
-
-int UI_method_set_reader(UI_METHOD *method,
- int (*reader) (UI *ui, UI_STRING *uis))
-{
- if (method) {
- method->ui_read_string = reader;
- return 0;
- } else
- return -1;
-}
-
-int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui))
-{
- if (method) {
- method->ui_close_session = closer;
- return 0;
- } else
- return -1;
-}
-
-int UI_method_set_prompt_constructor(UI_METHOD *method,
- char *(*prompt_constructor) (UI *ui,
- const char
- *object_desc,
- const char
- *object_name))
-{
- if (method) {
- method->ui_construct_prompt = prompt_constructor;
- return 0;
- } else
- return -1;
-}
-
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *) {
- if (method)
- return method->ui_open_session;
- else
- return NULL;
-}
-
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *) {
- if (method)
- return method->ui_write_string;
- else
- return NULL;
-}
-
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *) {
- if (method)
- return method->ui_flush;
- else
- return NULL;
-}
-
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *) {
- if (method)
- return method->ui_read_string;
- else
- return NULL;
-}
-
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *) {
- if (method)
- return method->ui_close_session;
- else
- return NULL;
-}
-
-char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
- const char *,
- const char *) {
- if (method)
- return method->ui_construct_prompt;
- else
- return NULL;
-}
-
-enum UI_string_types UI_get_string_type(UI_STRING *uis)
-{
- if (!uis)
- return UIT_NONE;
- return uis->type;
-}
-
-int UI_get_input_flags(UI_STRING *uis)
-{
- if (!uis)
- return 0;
- return uis->input_flags;
-}
-
-const char *UI_get0_output_string(UI_STRING *uis)
-{
- if (!uis)
- return NULL;
- return uis->out_string;
-}
-
-const char *UI_get0_action_string(UI_STRING *uis)
-{
- if (!uis)
- return NULL;
- switch (uis->type) {
- case UIT_PROMPT:
- case UIT_BOOLEAN:
- return uis->_.boolean_data.action_desc;
- default:
- return NULL;
- }
-}
-
-const char *UI_get0_result_string(UI_STRING *uis)
-{
- if (!uis)
- return NULL;
- switch (uis->type) {
- case UIT_PROMPT:
- case UIT_VERIFY:
- return uis->result_buf;
- default:
- return NULL;
- }
-}
-
-const char *UI_get0_test_string(UI_STRING *uis)
-{
- if (!uis)
- return NULL;
- switch (uis->type) {
- case UIT_VERIFY:
- return uis->_.string_data.test_buf;
- default:
- return NULL;
- }
-}
-
-int UI_get_result_minsize(UI_STRING *uis)
-{
- if (!uis)
- return -1;
- switch (uis->type) {
- case UIT_PROMPT:
- case UIT_VERIFY:
- return uis->_.string_data.result_minsize;
- default:
- return -1;
- }
-}
-
-int UI_get_result_maxsize(UI_STRING *uis)
-{
- if (!uis)
- return -1;
- switch (uis->type) {
- case UIT_PROMPT:
- case UIT_VERIFY:
- return uis->_.string_data.result_maxsize;
- default:
- return -1;
- }
-}
-
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
-{
- int l = strlen(result);
-
- ui->flags &= ~UI_FLAG_REDOABLE;
-
- if (!uis)
- return -1;
- switch (uis->type) {
- case UIT_PROMPT:
- case UIT_VERIFY:
- {
- char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1];
- char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1];
-
- BIO_snprintf(number1, sizeof(number1), "%d",
- uis->_.string_data.result_minsize);
- BIO_snprintf(number2, sizeof(number2), "%d",
- uis->_.string_data.result_maxsize);
-
- if (l < uis->_.string_data.result_minsize) {
- ui->flags |= UI_FLAG_REDOABLE;
- UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_SMALL);
- ERR_add_error_data(5, "You must type in ",
- number1, " to ", number2, " characters");
- return -1;
- }
- if (l > uis->_.string_data.result_maxsize) {
- ui->flags |= UI_FLAG_REDOABLE;
- UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_LARGE);
- ERR_add_error_data(5, "You must type in ",
- number1, " to ", number2, " characters");
- return -1;
- }
- }
-
- if (!uis->result_buf) {
- UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
- return -1;
- }
-
- BUF_strlcpy(uis->result_buf, result,
- uis->_.string_data.result_maxsize + 1);
- break;
- case UIT_BOOLEAN:
- {
- const char *p;
-
- if (!uis->result_buf) {
- UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
- return -1;
- }
-
- uis->result_buf[0] = '\0';
- for (p = result; *p; p++) {
- if (strchr(uis->_.boolean_data.ok_chars, *p)) {
- uis->result_buf[0] = uis->_.boolean_data.ok_chars[0];
- break;
- }
- if (strchr(uis->_.boolean_data.cancel_chars, *p)) {
- uis->result_buf[0] = uis->_.boolean_data.cancel_chars[0];
- break;
- }
- }
- }
- default:
- break;
- }
- return 0;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,870 @@
+/* crypto/ui/ui_lib.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/ui.h>
+#include <openssl/err.h>
+#include "ui_locl.h"
+
+IMPLEMENT_STACK_OF(UI_STRING_ST)
+
+static const UI_METHOD *default_UI_meth = NULL;
+
+UI *UI_new(void)
+{
+ return (UI_new_method(NULL));
+}
+
+UI *UI_new_method(const UI_METHOD *method)
+{
+ UI *ret;
+
+ ret = (UI *)OPENSSL_malloc(sizeof(UI));
+ if (ret == NULL) {
+ UIerr(UI_F_UI_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ if (method == NULL)
+ ret->meth = UI_get_default_method();
+ else
+ ret->meth = method;
+
+ ret->strings = NULL;
+ ret->user_data = NULL;
+ ret->flags = 0;
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
+ return ret;
+}
+
+static void free_string(UI_STRING *uis)
+{
+ if (uis->flags & OUT_STRING_FREEABLE) {
+ OPENSSL_free((char *)uis->out_string);
+ switch (uis->type) {
+ case UIT_BOOLEAN:
+ OPENSSL_free((char *)uis->_.boolean_data.action_desc);
+ OPENSSL_free((char *)uis->_.boolean_data.ok_chars);
+ OPENSSL_free((char *)uis->_.boolean_data.cancel_chars);
+ break;
+ default:
+ break;
+ }
+ }
+ OPENSSL_free(uis);
+}
+
+void UI_free(UI *ui)
+{
+ if (ui == NULL)
+ return;
+ sk_UI_STRING_pop_free(ui->strings, free_string);
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data);
+ OPENSSL_free(ui);
+}
+
+static int allocate_string_stack(UI *ui)
+{
+ if (ui->strings == NULL) {
+ ui->strings = sk_UI_STRING_new_null();
+ if (ui->strings == NULL) {
+ return -1;
+ }
+ }
+ return 0;
+}
+
+static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
+ int prompt_freeable,
+ enum UI_string_types type,
+ int input_flags, char *result_buf)
+{
+ UI_STRING *ret = NULL;
+
+ if (prompt == NULL) {
+ UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, ERR_R_PASSED_NULL_PARAMETER);
+ } else if ((type == UIT_PROMPT || type == UIT_VERIFY
+ || type == UIT_BOOLEAN) && result_buf == NULL) {
+ UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, UI_R_NO_RESULT_BUFFER);
+ } else if ((ret = (UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING)))) {
+ ret->out_string = prompt;
+ ret->flags = prompt_freeable ? OUT_STRING_FREEABLE : 0;
+ ret->input_flags = input_flags;
+ ret->type = type;
+ ret->result_buf = result_buf;
+ }
+ return ret;
+}
+
+static int general_allocate_string(UI *ui, const char *prompt,
+ int prompt_freeable,
+ enum UI_string_types type, int input_flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf)
+{
+ int ret = -1;
+ UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
+ type, input_flags, result_buf);
+
+ if (s) {
+ if (allocate_string_stack(ui) >= 0) {
+ s->_.string_data.result_minsize = minsize;
+ s->_.string_data.result_maxsize = maxsize;
+ s->_.string_data.test_buf = test_buf;
+ ret = sk_UI_STRING_push(ui->strings, s);
+ /* sk_push() returns 0 on error. Let's addapt that */
+ if (ret <= 0)
+ ret--;
+ } else
+ free_string(s);
+ }
+ return ret;
+}
+
+static int general_allocate_boolean(UI *ui,
+ const char *prompt,
+ const char *action_desc,
+ const char *ok_chars,
+ const char *cancel_chars,
+ int prompt_freeable,
+ enum UI_string_types type,
+ int input_flags, char *result_buf)
+{
+ int ret = -1;
+ UI_STRING *s;
+ const char *p;
+
+ if (ok_chars == NULL) {
+ UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
+ } else if (cancel_chars == NULL) {
+ UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
+ } else {
+ for (p = ok_chars; *p; p++) {
+ if (strchr(cancel_chars, *p)) {
+ UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
+ UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
+ }
+ }
+
+ s = general_allocate_prompt(ui, prompt, prompt_freeable,
+ type, input_flags, result_buf);
+
+ if (s) {
+ if (allocate_string_stack(ui) >= 0) {
+ s->_.boolean_data.action_desc = action_desc;
+ s->_.boolean_data.ok_chars = ok_chars;
+ s->_.boolean_data.cancel_chars = cancel_chars;
+ ret = sk_UI_STRING_push(ui->strings, s);
+ /*
+ * sk_push() returns 0 on error. Let's addapt that
+ */
+ if (ret <= 0)
+ ret--;
+ } else
+ free_string(s);
+ }
+ }
+ return ret;
+}
+
+/*
+ * Returns the index to the place in the stack or -1 for error. Uses a
+ * direct reference to the prompt.
+ */
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize)
+{
+ return general_allocate_string(ui, prompt, 0,
+ UIT_PROMPT, flags, result_buf, minsize,
+ maxsize, NULL);
+}
+
+/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
+int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize)
+{
+ char *prompt_copy = NULL;
+
+ if (prompt) {
+ prompt_copy = BUF_strdup(prompt);
+ if (prompt_copy == NULL) {
+ UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+
+ return general_allocate_string(ui, prompt_copy, 1,
+ UIT_PROMPT, flags, result_buf, minsize,
+ maxsize, NULL);
+}
+
+int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf)
+{
+ return general_allocate_string(ui, prompt, 0,
+ UIT_VERIFY, flags, result_buf, minsize,
+ maxsize, test_buf);
+}
+
+int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf)
+{
+ char *prompt_copy = NULL;
+
+ if (prompt) {
+ prompt_copy = BUF_strdup(prompt);
+ if (prompt_copy == NULL) {
+ UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ }
+
+ return general_allocate_string(ui, prompt_copy, 1,
+ UIT_VERIFY, flags, result_buf, minsize,
+ maxsize, test_buf);
+}
+
+int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf)
+{
+ return general_allocate_boolean(ui, prompt, action_desc,
+ ok_chars, cancel_chars, 0, UIT_BOOLEAN,
+ flags, result_buf);
+}
+
+int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf)
+{
+ char *prompt_copy = NULL;
+ char *action_desc_copy = NULL;
+ char *ok_chars_copy = NULL;
+ char *cancel_chars_copy = NULL;
+
+ if (prompt) {
+ prompt_copy = BUF_strdup(prompt);
+ if (prompt_copy == NULL) {
+ UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+
+ if (action_desc) {
+ action_desc_copy = BUF_strdup(action_desc);
+ if (action_desc_copy == NULL) {
+ UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+
+ if (ok_chars) {
+ ok_chars_copy = BUF_strdup(ok_chars);
+ if (ok_chars_copy == NULL) {
+ UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+
+ if (cancel_chars) {
+ cancel_chars_copy = BUF_strdup(cancel_chars);
+ if (cancel_chars_copy == NULL) {
+ UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+
+ return general_allocate_boolean(ui, prompt_copy, action_desc_copy,
+ ok_chars_copy, cancel_chars_copy, 1,
+ UIT_BOOLEAN, flags, result_buf);
+ err:
+ if (prompt_copy)
+ OPENSSL_free(prompt_copy);
+ if (action_desc_copy)
+ OPENSSL_free(action_desc_copy);
+ if (ok_chars_copy)
+ OPENSSL_free(ok_chars_copy);
+ if (cancel_chars_copy)
+ OPENSSL_free(cancel_chars_copy);
+ return -1;
+}
+
+int UI_add_info_string(UI *ui, const char *text)
+{
+ return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0,
+ NULL);
+}
+
+int UI_dup_info_string(UI *ui, const char *text)
+{
+ char *text_copy = NULL;
+
+ if (text) {
+ text_copy = BUF_strdup(text);
+ if (text_copy == NULL) {
+ UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ }
+
+ return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
+ 0, 0, NULL);
+}
+
+int UI_add_error_string(UI *ui, const char *text)
+{
+ return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0,
+ NULL);
+}
+
+int UI_dup_error_string(UI *ui, const char *text)
+{
+ char *text_copy = NULL;
+
+ if (text) {
+ text_copy = BUF_strdup(text);
+ if (text_copy == NULL) {
+ UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ }
+ return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL,
+ 0, 0, NULL);
+}
+
+char *UI_construct_prompt(UI *ui, const char *object_desc,
+ const char *object_name)
+{
+ char *prompt = NULL;
+
+ if (ui->meth->ui_construct_prompt)
+ prompt = ui->meth->ui_construct_prompt(ui, object_desc, object_name);
+ else {
+ char prompt1[] = "Enter ";
+ char prompt2[] = " for ";
+ char prompt3[] = ":";
+ int len = 0;
+
+ if (object_desc == NULL)
+ return NULL;
+ len = sizeof(prompt1) - 1 + strlen(object_desc);
+ if (object_name)
+ len += sizeof(prompt2) - 1 + strlen(object_name);
+ len += sizeof(prompt3) - 1;
+
+ prompt = (char *)OPENSSL_malloc(len + 1);
+ BUF_strlcpy(prompt, prompt1, len + 1);
+ BUF_strlcat(prompt, object_desc, len + 1);
+ if (object_name) {
+ BUF_strlcat(prompt, prompt2, len + 1);
+ BUF_strlcat(prompt, object_name, len + 1);
+ }
+ BUF_strlcat(prompt, prompt3, len + 1);
+ }
+ return prompt;
+}
+
+void *UI_add_user_data(UI *ui, void *user_data)
+{
+ void *old_data = ui->user_data;
+ ui->user_data = user_data;
+ return old_data;
+}
+
+void *UI_get0_user_data(UI *ui)
+{
+ return ui->user_data;
+}
+
+const char *UI_get0_result(UI *ui, int i)
+{
+ if (i < 0) {
+ UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_SMALL);
+ return NULL;
+ }
+ if (i >= sk_UI_STRING_num(ui->strings)) {
+ UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_LARGE);
+ return NULL;
+ }
+ return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
+}
+
+static int print_error(const char *str, size_t len, UI *ui)
+{
+ UI_STRING uis;
+
+ memset(&uis, 0, sizeof(uis));
+ uis.type = UIT_ERROR;
+ uis.out_string = str;
+
+ if (ui->meth->ui_write_string && !ui->meth->ui_write_string(ui, &uis))
+ return -1;
+ return 0;
+}
+
+int UI_process(UI *ui)
+{
+ int i, ok = 0;
+
+ if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
+ return -1;
+
+ if (ui->flags & UI_FLAG_PRINT_ERRORS)
+ ERR_print_errors_cb((int (*)(const char *, size_t, void *))
+ print_error, (void *)ui);
+
+ for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
+ if (ui->meth->ui_write_string
+ && !ui->meth->ui_write_string(ui,
+ sk_UI_STRING_value(ui->strings, i)))
+ {
+ ok = -1;
+ goto err;
+ }
+ }
+
+ if (ui->meth->ui_flush)
+ switch (ui->meth->ui_flush(ui)) {
+ case -1: /* Interrupt/Cancel/something... */
+ ok = -2;
+ goto err;
+ case 0: /* Errors */
+ ok = -1;
+ goto err;
+ default: /* Success */
+ ok = 0;
+ break;
+ }
+
+ for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
+ if (ui->meth->ui_read_string) {
+ switch (ui->meth->ui_read_string(ui,
+ sk_UI_STRING_value(ui->strings,
+ i))) {
+ case -1: /* Interrupt/Cancel/something... */
+ ok = -2;
+ goto err;
+ case 0: /* Errors */
+ ok = -1;
+ goto err;
+ default: /* Success */
+ ok = 0;
+ break;
+ }
+ }
+ }
+ err:
+ if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
+ return -1;
+ return ok;
+}
+
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void))
+{
+ if (ui == NULL) {
+ UIerr(UI_F_UI_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return -1;
+ }
+ switch (cmd) {
+ case UI_CTRL_PRINT_ERRORS:
+ {
+ int save_flag = ! !(ui->flags & UI_FLAG_PRINT_ERRORS);
+ if (i)
+ ui->flags |= UI_FLAG_PRINT_ERRORS;
+ else
+ ui->flags &= ~UI_FLAG_PRINT_ERRORS;
+ return save_flag;
+ }
+ case UI_CTRL_IS_REDOABLE:
+ return ! !(ui->flags & UI_FLAG_REDOABLE);
+ default:
+ break;
+ }
+ UIerr(UI_F_UI_CTRL, UI_R_UNKNOWN_CONTROL_COMMAND);
+ return -1;
+}
+
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int UI_set_ex_data(UI *r, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *UI_get_ex_data(UI *r, int idx)
+{
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+void UI_set_default_method(const UI_METHOD *meth)
+{
+ default_UI_meth = meth;
+}
+
+const UI_METHOD *UI_get_default_method(void)
+{
+ if (default_UI_meth == NULL) {
+ default_UI_meth = UI_OpenSSL();
+ }
+ return default_UI_meth;
+}
+
+const UI_METHOD *UI_get_method(UI *ui)
+{
+ return ui->meth;
+}
+
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth)
+{
+ ui->meth = meth;
+ return ui->meth;
+}
+
+UI_METHOD *UI_create_method(char *name)
+{
+ UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
+
+ if (ui_method) {
+ memset(ui_method, 0, sizeof(*ui_method));
+ ui_method->name = BUF_strdup(name);
+ }
+ return ui_method;
+}
+
+/*
+ * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
+ * (that is, it hasn't been allocated using UI_create_method(), you deserve
+ * anything Murphy can throw at you and more! You have been warned.
+ */
+void UI_destroy_method(UI_METHOD *ui_method)
+{
+ OPENSSL_free(ui_method->name);
+ ui_method->name = NULL;
+ OPENSSL_free(ui_method);
+}
+
+int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui))
+{
+ if (method) {
+ method->ui_open_session = opener;
+ return 0;
+ } else
+ return -1;
+}
+
+int UI_method_set_writer(UI_METHOD *method,
+ int (*writer) (UI *ui, UI_STRING *uis))
+{
+ if (method) {
+ method->ui_write_string = writer;
+ return 0;
+ } else
+ return -1;
+}
+
+int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui))
+{
+ if (method) {
+ method->ui_flush = flusher;
+ return 0;
+ } else
+ return -1;
+}
+
+int UI_method_set_reader(UI_METHOD *method,
+ int (*reader) (UI *ui, UI_STRING *uis))
+{
+ if (method) {
+ method->ui_read_string = reader;
+ return 0;
+ } else
+ return -1;
+}
+
+int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui))
+{
+ if (method) {
+ method->ui_close_session = closer;
+ return 0;
+ } else
+ return -1;
+}
+
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+ char *(*prompt_constructor) (UI *ui,
+ const char
+ *object_desc,
+ const char
+ *object_name))
+{
+ if (method) {
+ method->ui_construct_prompt = prompt_constructor;
+ return 0;
+ } else
+ return -1;
+}
+
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *) {
+ if (method)
+ return method->ui_open_session;
+ else
+ return NULL;
+}
+
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *) {
+ if (method)
+ return method->ui_write_string;
+ else
+ return NULL;
+}
+
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *) {
+ if (method)
+ return method->ui_flush;
+ else
+ return NULL;
+}
+
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *) {
+ if (method)
+ return method->ui_read_string;
+ else
+ return NULL;
+}
+
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *) {
+ if (method)
+ return method->ui_close_session;
+ else
+ return NULL;
+}
+
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+ const char *,
+ const char *) {
+ if (method)
+ return method->ui_construct_prompt;
+ else
+ return NULL;
+}
+
+enum UI_string_types UI_get_string_type(UI_STRING *uis)
+{
+ if (!uis)
+ return UIT_NONE;
+ return uis->type;
+}
+
+int UI_get_input_flags(UI_STRING *uis)
+{
+ if (!uis)
+ return 0;
+ return uis->input_flags;
+}
+
+const char *UI_get0_output_string(UI_STRING *uis)
+{
+ if (!uis)
+ return NULL;
+ return uis->out_string;
+}
+
+const char *UI_get0_action_string(UI_STRING *uis)
+{
+ if (!uis)
+ return NULL;
+ switch (uis->type) {
+ case UIT_PROMPT:
+ case UIT_BOOLEAN:
+ return uis->_.boolean_data.action_desc;
+ default:
+ return NULL;
+ }
+}
+
+const char *UI_get0_result_string(UI_STRING *uis)
+{
+ if (!uis)
+ return NULL;
+ switch (uis->type) {
+ case UIT_PROMPT:
+ case UIT_VERIFY:
+ return uis->result_buf;
+ default:
+ return NULL;
+ }
+}
+
+const char *UI_get0_test_string(UI_STRING *uis)
+{
+ if (!uis)
+ return NULL;
+ switch (uis->type) {
+ case UIT_VERIFY:
+ return uis->_.string_data.test_buf;
+ default:
+ return NULL;
+ }
+}
+
+int UI_get_result_minsize(UI_STRING *uis)
+{
+ if (!uis)
+ return -1;
+ switch (uis->type) {
+ case UIT_PROMPT:
+ case UIT_VERIFY:
+ return uis->_.string_data.result_minsize;
+ default:
+ return -1;
+ }
+}
+
+int UI_get_result_maxsize(UI_STRING *uis)
+{
+ if (!uis)
+ return -1;
+ switch (uis->type) {
+ case UIT_PROMPT:
+ case UIT_VERIFY:
+ return uis->_.string_data.result_maxsize;
+ default:
+ return -1;
+ }
+}
+
+int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
+{
+ int l = strlen(result);
+
+ ui->flags &= ~UI_FLAG_REDOABLE;
+
+ if (!uis)
+ return -1;
+ switch (uis->type) {
+ case UIT_PROMPT:
+ case UIT_VERIFY:
+ {
+ char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1];
+ char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1];
+
+ BIO_snprintf(number1, sizeof(number1), "%d",
+ uis->_.string_data.result_minsize);
+ BIO_snprintf(number2, sizeof(number2), "%d",
+ uis->_.string_data.result_maxsize);
+
+ if (l < uis->_.string_data.result_minsize) {
+ ui->flags |= UI_FLAG_REDOABLE;
+ UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_SMALL);
+ ERR_add_error_data(5, "You must type in ",
+ number1, " to ", number2, " characters");
+ return -1;
+ }
+ if (l > uis->_.string_data.result_maxsize) {
+ ui->flags |= UI_FLAG_REDOABLE;
+ UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_LARGE);
+ ERR_add_error_data(5, "You must type in ",
+ number1, " to ", number2, " characters");
+ return -1;
+ }
+ }
+
+ if (!uis->result_buf) {
+ UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
+ return -1;
+ }
+
+ BUF_strlcpy(uis->result_buf, result,
+ uis->_.string_data.result_maxsize + 1);
+ break;
+ case UIT_BOOLEAN:
+ {
+ const char *p;
+
+ if (!uis->result_buf) {
+ UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
+ return -1;
+ }
+
+ uis->result_buf[0] = '\0';
+ for (p = result; *p; p++) {
+ if (strchr(uis->_.boolean_data.ok_chars, *p)) {
+ uis->result_buf[0] = uis->_.boolean_data.ok_chars[0];
+ break;
+ }
+ if (strchr(uis->_.boolean_data.cancel_chars, *p)) {
+ uis->result_buf[0] = uis->_.boolean_data.cancel_chars[0];
+ break;
+ }
+ }
+ }
+ default:
+ break;
+ }
+ return 0;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui_locl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,145 +0,0 @@
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_LOCL_H
-# define HEADER_UI_LOCL_H
-
-# include <openssl/ui.h>
-# include <openssl/crypto.h>
-
-# ifdef _
-# undef _
-# endif
-
-struct ui_method_st {
- char *name;
- /*
- * All the functions return 1 or non-NULL for success and 0 or NULL for
- * failure
- */
- /*
- * Open whatever channel for this, be it the console, an X window or
- * whatever. This function should use the ex_data structure to save
- * intermediate data.
- */
- int (*ui_open_session) (UI *ui);
- int (*ui_write_string) (UI *ui, UI_STRING *uis);
- /*
- * Flush the output. If a GUI dialog box is used, this function can be
- * used to actually display it.
- */
- int (*ui_flush) (UI *ui);
- int (*ui_read_string) (UI *ui, UI_STRING *uis);
- int (*ui_close_session) (UI *ui);
- /*
- * Construct a prompt in a user-defined manner. object_desc is a textual
- * short description of the object, for example "pass phrase", and
- * object_name is the name of the object (might be a card name or a file
- * name. The returned string shall always be allocated on the heap with
- * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
- */
- char *(*ui_construct_prompt) (UI *ui, const char *object_desc,
- const char *object_name);
-};
-
-struct ui_string_st {
- enum UI_string_types type; /* Input */
- const char *out_string; /* Input */
- int input_flags; /* Flags from the user */
- /*
- * The following parameters are completely irrelevant for UIT_INFO, and
- * can therefore be set to 0 or NULL
- */
- char *result_buf; /* Input and Output: If not NULL,
- * user-defined with size in result_maxsize.
- * Otherwise, it may be allocated by the UI
- * routine, meaning result_minsize is going
- * to be overwritten. */
- union {
- struct {
- int result_minsize; /* Input: minimum required size of the
- * result. */
- int result_maxsize; /* Input: maximum permitted size of the
- * result */
- const char *test_buf; /* Input: test string to verify against */
- } string_data;
- struct {
- const char *action_desc; /* Input */
- const char *ok_chars; /* Input */
- const char *cancel_chars; /* Input */
- } boolean_data;
- } _;
-
-# define OUT_STRING_FREEABLE 0x01
- int flags; /* flags for internal use */
-};
-
-struct ui_st {
- const UI_METHOD *meth;
- STACK_OF(UI_STRING) *strings; /* We might want to prompt for more than
- * one thing at a time, and with different
- * echoing status. */
- void *user_data;
- CRYPTO_EX_DATA ex_data;
-# define UI_FLAG_REDOABLE 0x0001
-# define UI_FLAG_PRINT_ERRORS 0x0100
- int flags;
-};
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui_locl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,145 @@
+/* crypto/ui/ui.h */
+/*
+ * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_LOCL_H
+# define HEADER_UI_LOCL_H
+
+# include <openssl/ui.h>
+# include <openssl/crypto.h>
+
+# ifdef _
+# undef _
+# endif
+
+struct ui_method_st {
+ char *name;
+ /*
+ * All the functions return 1 or non-NULL for success and 0 or NULL for
+ * failure
+ */
+ /*
+ * Open whatever channel for this, be it the console, an X window or
+ * whatever. This function should use the ex_data structure to save
+ * intermediate data.
+ */
+ int (*ui_open_session) (UI *ui);
+ int (*ui_write_string) (UI *ui, UI_STRING *uis);
+ /*
+ * Flush the output. If a GUI dialog box is used, this function can be
+ * used to actually display it.
+ */
+ int (*ui_flush) (UI *ui);
+ int (*ui_read_string) (UI *ui, UI_STRING *uis);
+ int (*ui_close_session) (UI *ui);
+ /*
+ * Construct a prompt in a user-defined manner. object_desc is a textual
+ * short description of the object, for example "pass phrase", and
+ * object_name is the name of the object (might be a card name or a file
+ * name. The returned string shall always be allocated on the heap with
+ * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+ */
+ char *(*ui_construct_prompt) (UI *ui, const char *object_desc,
+ const char *object_name);
+};
+
+struct ui_string_st {
+ enum UI_string_types type; /* Input */
+ const char *out_string; /* Input */
+ int input_flags; /* Flags from the user */
+ /*
+ * The following parameters are completely irrelevant for UIT_INFO, and
+ * can therefore be set to 0 or NULL
+ */
+ char *result_buf; /* Input and Output: If not NULL,
+ * user-defined with size in result_maxsize.
+ * Otherwise, it may be allocated by the UI
+ * routine, meaning result_minsize is going
+ * to be overwritten. */
+ union {
+ struct {
+ int result_minsize; /* Input: minimum required size of the
+ * result. */
+ int result_maxsize; /* Input: maximum permitted size of the
+ * result */
+ const char *test_buf; /* Input: test string to verify against */
+ } string_data;
+ struct {
+ const char *action_desc; /* Input */
+ const char *ok_chars; /* Input */
+ const char *cancel_chars; /* Input */
+ } boolean_data;
+ } _;
+
+# define OUT_STRING_FREEABLE 0x01
+ int flags; /* flags for internal use */
+};
+
+struct ui_st {
+ const UI_METHOD *meth;
+ STACK_OF(UI_STRING) *strings; /* We might want to prompt for more than
+ * one thing at a time, and with different
+ * echoing status. */
+ void *user_data;
+ CRYPTO_EX_DATA ex_data;
+# define UI_FLAG_REDOABLE 0x0001
+# define UI_FLAG_PRINT_ERRORS 0x0100
+ int flags;
+};
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui_openssl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,717 +0,0 @@
-/* crypto/ui/ui_openssl.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org) and others for the
- * OpenSSL project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*-
- * The lowest level part of this file was previously in crypto/des/read_pwd.c,
- * Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/e_os2.h>
-
-/*
- * need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
- * [maybe others?], because it masks interfaces not discussed in standard,
- * sigaction and fileno included. -pedantic would be more appropriate for the
- * intended purposes, but we can't prevent users from adding -ansi.
- */
-#if defined(OPENSSL_SYSNAME_VXWORKS)
-# include <sys/types.h>
-#endif
-
-#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
-# ifndef _POSIX_C_SOURCE
-# define _POSIX_C_SOURCE 2
-# endif
-#endif
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
-# ifdef OPENSSL_UNISTD
-# include OPENSSL_UNISTD
-# else
-# include <unistd.h>
-# endif
-/*
- * If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
- * system and have sigaction and termios.
- */
-# if defined(_POSIX_VERSION)
-
-# define SIGACTION
-# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-# define TERMIOS
-# endif
-
-# endif
-#endif
-
-#ifdef WIN16TTY
-# undef OPENSSL_SYS_WIN16
-# undef WIN16
-# undef _WINDOWS
-# include <graph.h>
-#endif
-
-/* 06-Apr-92 Luke Brennan Support for VMS */
-#include "ui_locl.h"
-#include "cryptlib.h"
-
-#ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */
-# include <starlet.h>
-# ifdef __DECC
-# pragma message disable DOLLARID
-# endif
-#endif
-
-#ifdef WIN_CONSOLE_BUG
-# include <windows.h>
-# ifndef OPENSSL_SYS_WINCE
-# include <wincon.h>
-# endif
-#endif
-
-/*
- * There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
- * MSDOS and SGTTY.
- *
- * If someone defines one of the macros TERMIO, TERMIOS or SGTTY, it will
- * remain respected. Otherwise, we default to TERMIOS except for a few
- * systems that require something different.
- *
- * Note: we do not use SGTTY unless it's defined by the configuration. We
- * may eventually opt to remove it's use entirely.
- */
-
-#if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-
-# if defined(_LIBC)
-# undef TERMIOS
-# define TERMIO
-# undef SGTTY
-/*
- * We know that VMS, MSDOS, VXWORKS, NETWARE use entirely other mechanisms.
- * MAC_OS_GUSI_SOURCE should probably go away, but that needs to be confirmed.
- */
-# elif !defined(OPENSSL_SYS_VMS) \
- && !defined(OPENSSL_SYS_MSDOS) \
- && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) \
- && !defined(MAC_OS_GUSI_SOURCE) \
- && !defined(OPENSSL_SYS_VXWORKS) \
- && !defined(OPENSSL_SYS_NETWARE)
-# define TERMIOS
-# undef TERMIO
-# undef SGTTY
-# endif
-
-#endif
-
-#ifdef TERMIOS
-# include <termios.h>
-# define TTY_STRUCT struct termios
-# define TTY_FLAGS c_lflag
-# define TTY_get(tty,data) tcgetattr(tty,data)
-# define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
-#endif
-
-#ifdef TERMIO
-# include <termio.h>
-# define TTY_STRUCT struct termio
-# define TTY_FLAGS c_lflag
-# define TTY_get(tty,data) ioctl(tty,TCGETA,data)
-# define TTY_set(tty,data) ioctl(tty,TCSETA,data)
-#endif
-
-#ifdef SGTTY
-# include <sgtty.h>
-# define TTY_STRUCT struct sgttyb
-# define TTY_FLAGS sg_flags
-# define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
-# define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
-#endif
-
-#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS)
-# include <sys/ioctl.h>
-#endif
-
-#ifdef OPENSSL_SYS_MSDOS
-# include <conio.h>
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-# include <ssdef.h>
-# include <iodef.h>
-# include <ttdef.h>
-# include <descrip.h>
-struct IOSB {
- short iosb$w_value;
- short iosb$w_count;
- long iosb$l_info;
-};
-#endif
-
-#ifdef OPENSSL_SYS_SUNOS
-typedef int sig_atomic_t;
-#endif
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) || defined(OPENSSL_SYS_NETWARE)
-/*
- * This one needs work. As a matter of fact the code is unoperational
- * and this is only a trick to get it compiled.
- * <appro at fy.chalmers.se>
- */
-# define TTY_STRUCT int
-#endif
-
-#ifndef NX509_SIG
-# define NX509_SIG 32
-#endif
-
-/* Define globals. They are protected by a lock */
-#ifdef SIGACTION
-static struct sigaction savsig[NX509_SIG];
-#else
-static void (*savsig[NX509_SIG]) (int);
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-static struct IOSB iosb;
-static $DESCRIPTOR(terminal, "TT");
-static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this
- * will always suffice for the actual
- * structures? */
-static long status;
-static unsigned short channel = 0;
-#else
-# if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-static TTY_STRUCT tty_orig, tty_new;
-# endif
-#endif
-static FILE *tty_in, *tty_out;
-static int is_a_tty;
-
-/* Declare static functions */
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static int read_till_nl(FILE *);
-static void recsig(int);
-static void pushsig(void);
-static void popsig(void);
-#endif
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
-static int noecho_fgets(char *buf, int size, FILE *tty);
-#endif
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
-
-static int read_string(UI *ui, UI_STRING *uis);
-static int write_string(UI *ui, UI_STRING *uis);
-
-static int open_console(UI *ui);
-static int echo_console(UI *ui);
-static int noecho_console(UI *ui);
-static int close_console(UI *ui);
-
-static UI_METHOD ui_openssl = {
- "OpenSSL default user interface",
- open_console,
- write_string,
- NULL, /* No flusher is needed for command lines */
- read_string,
- close_console,
- NULL
-};
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void)
-{
- return &ui_openssl;
-}
-
-/*
- * The following function makes sure that info and error strings are printed
- * before any prompt.
- */
-static int write_string(UI *ui, UI_STRING *uis)
-{
- switch (UI_get_string_type(uis)) {
- case UIT_ERROR:
- case UIT_INFO:
- fputs(UI_get0_output_string(uis), tty_out);
- fflush(tty_out);
- break;
- default:
- break;
- }
- return 1;
-}
-
-static int read_string(UI *ui, UI_STRING *uis)
-{
- int ok = 0;
-
- switch (UI_get_string_type(uis)) {
- case UIT_BOOLEAN:
- fputs(UI_get0_output_string(uis), tty_out);
- fputs(UI_get0_action_string(uis), tty_out);
- fflush(tty_out);
- return read_string_inner(ui, uis,
- UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
- 0);
- case UIT_PROMPT:
- fputs(UI_get0_output_string(uis), tty_out);
- fflush(tty_out);
- return read_string_inner(ui, uis,
- UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
- 1);
- case UIT_VERIFY:
- fprintf(tty_out, "Verifying - %s", UI_get0_output_string(uis));
- fflush(tty_out);
- if ((ok = read_string_inner(ui, uis,
- UI_get_input_flags(uis) &
- UI_INPUT_FLAG_ECHO, 1)) <= 0)
- return ok;
- if (strcmp(UI_get0_result_string(uis), UI_get0_test_string(uis)) != 0) {
- fprintf(tty_out, "Verify failure\n");
- fflush(tty_out);
- return 0;
- }
- break;
- default:
- break;
- }
- return 1;
-}
-
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-/* Internal functions to read a string without echoing */
-static int read_till_nl(FILE *in)
-{
-# define SIZE 4
- char buf[SIZE + 1];
-
- do {
- if (!fgets(buf, SIZE, in))
- return 0;
- } while (strchr(buf, '\n') == NULL);
- return 1;
-}
-
-static volatile sig_atomic_t intr_signal;
-#endif
-
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
-{
- static int ps;
- int ok;
- char result[BUFSIZ];
- int maxsize = BUFSIZ - 1;
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
- char *p;
-
- intr_signal = 0;
- ok = 0;
- ps = 0;
-
- pushsig();
- ps = 1;
-
- if (!echo && !noecho_console(ui))
- goto error;
- ps = 2;
-
- result[0] = '\0';
-# ifdef OPENSSL_SYS_MSDOS
- if (!echo) {
- noecho_fgets(result, maxsize, tty_in);
- p = result; /* FIXME: noecho_fgets doesn't return errors */
- } else
- p = fgets(result, maxsize, tty_in);
-# else
- p = fgets(result, maxsize, tty_in);
-# endif
- if (!p)
- goto error;
- if (feof(tty_in))
- goto error;
- if (ferror(tty_in))
- goto error;
- if ((p = (char *)strchr(result, '\n')) != NULL) {
- if (strip_nl)
- *p = '\0';
- } else if (!read_till_nl(tty_in))
- goto error;
- if (UI_set_result(ui, uis, result) >= 0)
- ok = 1;
-
- error:
- if (intr_signal == SIGINT)
- ok = -1;
- if (!echo)
- fprintf(tty_out, "\n");
- if (ps >= 2 && !echo && !echo_console(ui))
- ok = 0;
-
- if (ps >= 1)
- popsig();
-#else
- ok = 1;
-#endif
-
- OPENSSL_cleanse(result, BUFSIZ);
- return ok;
-}
-
-/* Internal functions to open, handle and close a channel to the console. */
-static int open_console(UI *ui)
-{
- CRYPTO_w_lock(CRYPTO_LOCK_UI);
- is_a_tty = 1;
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
- tty_in = stdin;
- tty_out = stderr;
-#else
-# ifdef OPENSSL_SYS_MSDOS
-# define DEV_TTY "con"
-# else
-# define DEV_TTY "/dev/tty"
-# endif
- if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
- tty_in = stdin;
- if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
- tty_out = stderr;
-#endif
-
-#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
- if (TTY_get(fileno(tty_in), &tty_orig) == -1) {
-# ifdef ENOTTY
- if (errno == ENOTTY)
- is_a_tty = 0;
- else
-# endif
-# ifdef EINVAL
- /*
- * Ariel Glenn ariel at columbia.edu reports that solaris can return
- * EINVAL instead. This should be ok
- */
- if (errno == EINVAL)
- is_a_tty = 0;
- else
-# endif
- return 0;
- }
-#endif
-#ifdef OPENSSL_SYS_VMS
- status = sys$assign(&terminal, &channel, 0, 0);
- if (status != SS$_NORMAL)
- return 0;
- status =
- sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
- 0, 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
-#endif
- return 1;
-}
-
-static int noecho_console(UI *ui)
-{
-#ifdef TTY_FLAGS
- memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
- tty_new.TTY_FLAGS &= ~ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
- if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
- return 0;
-#endif
-#ifdef OPENSSL_SYS_VMS
- tty_new[0] = tty_orig[0];
- tty_new[1] = tty_orig[1] | TT$M_NOECHO;
- tty_new[2] = tty_orig[2];
- status =
- sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
- 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
-#endif
- return 1;
-}
-
-static int echo_console(UI *ui)
-{
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
- memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
- tty_new.TTY_FLAGS |= ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
- if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
- return 0;
-#endif
-#ifdef OPENSSL_SYS_VMS
- tty_new[0] = tty_orig[0];
- tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
- tty_new[2] = tty_orig[2];
- status =
- sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
- 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
-#endif
- return 1;
-}
-
-static int close_console(UI *ui)
-{
- if (tty_in != stdin)
- fclose(tty_in);
- if (tty_out != stderr)
- fclose(tty_out);
-#ifdef OPENSSL_SYS_VMS
- status = sys$dassgn(channel);
-#endif
- CRYPTO_w_unlock(CRYPTO_LOCK_UI);
-
- return 1;
-}
-
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-/* Internal functions to handle signals and act on them */
-static void pushsig(void)
-{
-# ifndef OPENSSL_SYS_WIN32
- int i;
-# endif
-# ifdef SIGACTION
- struct sigaction sa;
-
- memset(&sa, 0, sizeof sa);
- sa.sa_handler = recsig;
-# endif
-
-# ifdef OPENSSL_SYS_WIN32
- savsig[SIGABRT] = signal(SIGABRT, recsig);
- savsig[SIGFPE] = signal(SIGFPE, recsig);
- savsig[SIGILL] = signal(SIGILL, recsig);
- savsig[SIGINT] = signal(SIGINT, recsig);
- savsig[SIGSEGV] = signal(SIGSEGV, recsig);
- savsig[SIGTERM] = signal(SIGTERM, recsig);
-# else
- for (i = 1; i < NX509_SIG; i++) {
-# ifdef SIGUSR1
- if (i == SIGUSR1)
- continue;
-# endif
-# ifdef SIGUSR2
- if (i == SIGUSR2)
- continue;
-# endif
-# ifdef SIGKILL
- if (i == SIGKILL) /* We can't make any action on that. */
- continue;
-# endif
-# ifdef SIGACTION
- sigaction(i, &sa, &savsig[i]);
-# else
- savsig[i] = signal(i, recsig);
-# endif
- }
-# endif
-
-# ifdef SIGWINCH
- signal(SIGWINCH, SIG_DFL);
-# endif
-}
-
-static void popsig(void)
-{
-# ifdef OPENSSL_SYS_WIN32
- signal(SIGABRT, savsig[SIGABRT]);
- signal(SIGFPE, savsig[SIGFPE]);
- signal(SIGILL, savsig[SIGILL]);
- signal(SIGINT, savsig[SIGINT]);
- signal(SIGSEGV, savsig[SIGSEGV]);
- signal(SIGTERM, savsig[SIGTERM]);
-# else
- int i;
- for (i = 1; i < NX509_SIG; i++) {
-# ifdef SIGUSR1
- if (i == SIGUSR1)
- continue;
-# endif
-# ifdef SIGUSR2
- if (i == SIGUSR2)
- continue;
-# endif
-# ifdef SIGACTION
- sigaction(i, &savsig[i], NULL);
-# else
- signal(i, savsig[i]);
-# endif
- }
-# endif
-}
-
-static void recsig(int i)
-{
- intr_signal = i;
-}
-#endif
-
-/* Internal functions specific for Windows */
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static int noecho_fgets(char *buf, int size, FILE *tty)
-{
- int i;
- char *p;
-
- p = buf;
- for (;;) {
- if (size == 0) {
- *p = '\0';
- break;
- }
- size--;
-# ifdef WIN16TTY
- i = _inchar();
-# elif defined(_WIN32)
- i = _getch();
-# else
- i = getch();
-# endif
- if (i == '\r')
- i = '\n';
- *(p++) = i;
- if (i == '\n') {
- *p = '\0';
- break;
- }
- }
-# ifdef WIN_CONSOLE_BUG
- /*
- * Win95 has several evil console bugs: one of these is that the last
- * character read using getch() is passed to the next read: this is
- * usually a CR so this can be trouble. No STDIO fix seems to work but
- * flushing the console appears to do the trick.
- */
- {
- HANDLE inh;
- inh = GetStdHandle(STD_INPUT_HANDLE);
- FlushConsoleInputBuffer(inh);
- }
-# endif
- return (strlen(buf));
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui_openssl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_openssl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,717 @@
+/* crypto/ui/ui_openssl.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org) and others for the
+ * OpenSSL project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*-
+ * The lowest level part of this file was previously in crypto/des/read_pwd.c,
+ * Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+
+/*
+ * need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
+ * [maybe others?], because it masks interfaces not discussed in standard,
+ * sigaction and fileno included. -pedantic would be more appropriate for the
+ * intended purposes, but we can't prevent users from adding -ansi.
+ */
+#if defined(OPENSSL_SYSNAME_VXWORKS)
+# include <sys/types.h>
+#endif
+
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+# ifndef _POSIX_C_SOURCE
+# define _POSIX_C_SOURCE 2
+# endif
+#endif
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
+# ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+# else
+# include <unistd.h>
+# endif
+/*
+ * If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
+ * system and have sigaction and termios.
+ */
+# if defined(_POSIX_VERSION)
+
+# define SIGACTION
+# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+# define TERMIOS
+# endif
+
+# endif
+#endif
+
+#ifdef WIN16TTY
+# undef OPENSSL_SYS_WIN16
+# undef WIN16
+# undef _WINDOWS
+# include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan Support for VMS */
+#include "ui_locl.h"
+#include "cryptlib.h"
+
+#ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */
+# include <starlet.h>
+# ifdef __DECC
+# pragma message disable DOLLARID
+# endif
+#endif
+
+#ifdef WIN_CONSOLE_BUG
+# include <windows.h>
+# ifndef OPENSSL_SYS_WINCE
+# include <wincon.h>
+# endif
+#endif
+
+/*
+ * There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
+ * MSDOS and SGTTY.
+ *
+ * If someone defines one of the macros TERMIO, TERMIOS or SGTTY, it will
+ * remain respected. Otherwise, we default to TERMIOS except for a few
+ * systems that require something different.
+ *
+ * Note: we do not use SGTTY unless it's defined by the configuration. We
+ * may eventually opt to remove it's use entirely.
+ */
+
+#if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+
+# if defined(_LIBC)
+# undef TERMIOS
+# define TERMIO
+# undef SGTTY
+/*
+ * We know that VMS, MSDOS, VXWORKS, NETWARE use entirely other mechanisms.
+ * MAC_OS_GUSI_SOURCE should probably go away, but that needs to be confirmed.
+ */
+# elif !defined(OPENSSL_SYS_VMS) \
+ && !defined(OPENSSL_SYS_MSDOS) \
+ && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) \
+ && !defined(MAC_OS_GUSI_SOURCE) \
+ && !defined(OPENSSL_SYS_VXWORKS) \
+ && !defined(OPENSSL_SYS_NETWARE)
+# define TERMIOS
+# undef TERMIO
+# undef SGTTY
+# endif
+
+#endif
+
+#ifdef TERMIOS
+# include <termios.h>
+# define TTY_STRUCT struct termios
+# define TTY_FLAGS c_lflag
+# define TTY_get(tty,data) tcgetattr(tty,data)
+# define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+# include <termio.h>
+# define TTY_STRUCT struct termio
+# define TTY_FLAGS c_lflag
+# define TTY_get(tty,data) ioctl(tty,TCGETA,data)
+# define TTY_set(tty,data) ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+# include <sgtty.h>
+# define TTY_STRUCT struct sgttyb
+# define TTY_FLAGS sg_flags
+# define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
+# define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS)
+# include <sys/ioctl.h>
+#endif
+
+#ifdef OPENSSL_SYS_MSDOS
+# include <conio.h>
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+# include <ssdef.h>
+# include <iodef.h>
+# include <ttdef.h>
+# include <descrip.h>
+struct IOSB {
+ short iosb$w_value;
+ short iosb$w_count;
+ long iosb$l_info;
+};
+#endif
+
+#ifdef OPENSSL_SYS_SUNOS
+typedef int sig_atomic_t;
+#endif
+
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) || defined(OPENSSL_SYS_NETWARE)
+/*
+ * This one needs work. As a matter of fact the code is unoperational
+ * and this is only a trick to get it compiled.
+ * <appro at fy.chalmers.se>
+ */
+# define TTY_STRUCT int
+#endif
+
+#ifndef NX509_SIG
+# define NX509_SIG 32
+#endif
+
+/* Define globals. They are protected by a lock */
+#ifdef SIGACTION
+static struct sigaction savsig[NX509_SIG];
+#else
+static void (*savsig[NX509_SIG]) (int);
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+static struct IOSB iosb;
+static $DESCRIPTOR(terminal, "TT");
+static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this
+ * will always suffice for the actual
+ * structures? */
+static long status;
+static unsigned short channel = 0;
+#else
+# if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+static TTY_STRUCT tty_orig, tty_new;
+# endif
+#endif
+static FILE *tty_in, *tty_out;
+static int is_a_tty;
+
+/* Declare static functions */
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+static int read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#endif
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
+
+static int read_string(UI *ui, UI_STRING *uis);
+static int write_string(UI *ui, UI_STRING *uis);
+
+static int open_console(UI *ui);
+static int echo_console(UI *ui);
+static int noecho_console(UI *ui);
+static int close_console(UI *ui);
+
+static UI_METHOD ui_openssl = {
+ "OpenSSL default user interface",
+ open_console,
+ write_string,
+ NULL, /* No flusher is needed for command lines */
+ read_string,
+ close_console,
+ NULL
+};
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void)
+{
+ return &ui_openssl;
+}
+
+/*
+ * The following function makes sure that info and error strings are printed
+ * before any prompt.
+ */
+static int write_string(UI *ui, UI_STRING *uis)
+{
+ switch (UI_get_string_type(uis)) {
+ case UIT_ERROR:
+ case UIT_INFO:
+ fputs(UI_get0_output_string(uis), tty_out);
+ fflush(tty_out);
+ break;
+ default:
+ break;
+ }
+ return 1;
+}
+
+static int read_string(UI *ui, UI_STRING *uis)
+{
+ int ok = 0;
+
+ switch (UI_get_string_type(uis)) {
+ case UIT_BOOLEAN:
+ fputs(UI_get0_output_string(uis), tty_out);
+ fputs(UI_get0_action_string(uis), tty_out);
+ fflush(tty_out);
+ return read_string_inner(ui, uis,
+ UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
+ 0);
+ case UIT_PROMPT:
+ fputs(UI_get0_output_string(uis), tty_out);
+ fflush(tty_out);
+ return read_string_inner(ui, uis,
+ UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
+ 1);
+ case UIT_VERIFY:
+ fprintf(tty_out, "Verifying - %s", UI_get0_output_string(uis));
+ fflush(tty_out);
+ if ((ok = read_string_inner(ui, uis,
+ UI_get_input_flags(uis) &
+ UI_INPUT_FLAG_ECHO, 1)) <= 0)
+ return ok;
+ if (strcmp(UI_get0_result_string(uis), UI_get0_test_string(uis)) != 0) {
+ fprintf(tty_out, "Verify failure\n");
+ fflush(tty_out);
+ return 0;
+ }
+ break;
+ default:
+ break;
+ }
+ return 1;
+}
+
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+/* Internal functions to read a string without echoing */
+static int read_till_nl(FILE *in)
+{
+# define SIZE 4
+ char buf[SIZE + 1];
+
+ do {
+ if (!fgets(buf, SIZE, in))
+ return 0;
+ } while (strchr(buf, '\n') == NULL);
+ return 1;
+}
+
+static volatile sig_atomic_t intr_signal;
+#endif
+
+static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
+{
+ static int ps;
+ int ok;
+ char result[BUFSIZ];
+ int maxsize = BUFSIZ - 1;
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+ char *p;
+
+ intr_signal = 0;
+ ok = 0;
+ ps = 0;
+
+ pushsig();
+ ps = 1;
+
+ if (!echo && !noecho_console(ui))
+ goto error;
+ ps = 2;
+
+ result[0] = '\0';
+# ifdef OPENSSL_SYS_MSDOS
+ if (!echo) {
+ noecho_fgets(result, maxsize, tty_in);
+ p = result; /* FIXME: noecho_fgets doesn't return errors */
+ } else
+ p = fgets(result, maxsize, tty_in);
+# else
+ p = fgets(result, maxsize, tty_in);
+# endif
+ if (!p)
+ goto error;
+ if (feof(tty_in))
+ goto error;
+ if (ferror(tty_in))
+ goto error;
+ if ((p = (char *)strchr(result, '\n')) != NULL) {
+ if (strip_nl)
+ *p = '\0';
+ } else if (!read_till_nl(tty_in))
+ goto error;
+ if (UI_set_result(ui, uis, result) >= 0)
+ ok = 1;
+
+ error:
+ if (intr_signal == SIGINT)
+ ok = -1;
+ if (!echo)
+ fprintf(tty_out, "\n");
+ if (ps >= 2 && !echo && !echo_console(ui))
+ ok = 0;
+
+ if (ps >= 1)
+ popsig();
+#else
+ ok = 1;
+#endif
+
+ OPENSSL_cleanse(result, BUFSIZ);
+ return ok;
+}
+
+/* Internal functions to open, handle and close a channel to the console. */
+static int open_console(UI *ui)
+{
+ CRYPTO_w_lock(CRYPTO_LOCK_UI);
+ is_a_tty = 1;
+
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
+ tty_in = stdin;
+ tty_out = stderr;
+#else
+# ifdef OPENSSL_SYS_MSDOS
+# define DEV_TTY "con"
+# else
+# define DEV_TTY "/dev/tty"
+# endif
+ if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
+ tty_in = stdin;
+ if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
+ tty_out = stderr;
+#endif
+
+#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
+ if (TTY_get(fileno(tty_in), &tty_orig) == -1) {
+# ifdef ENOTTY
+ if (errno == ENOTTY)
+ is_a_tty = 0;
+ else
+# endif
+# ifdef EINVAL
+ /*
+ * Ariel Glenn ariel at columbia.edu reports that solaris can return
+ * EINVAL instead. This should be ok
+ */
+ if (errno == EINVAL)
+ is_a_tty = 0;
+ else
+# endif
+ return 0;
+ }
+#endif
+#ifdef OPENSSL_SYS_VMS
+ status = sys$assign(&terminal, &channel, 0, 0);
+ if (status != SS$_NORMAL)
+ return 0;
+ status =
+ sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
+ 0, 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return 0;
+#endif
+ return 1;
+}
+
+static int noecho_console(UI *ui)
+{
+#ifdef TTY_FLAGS
+ memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
+ tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+ if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
+ return 0;
+#endif
+#ifdef OPENSSL_SYS_VMS
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status =
+ sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
+ 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return 0;
+#endif
+ return 1;
+}
+
+static int echo_console(UI *ui)
+{
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+ memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
+ tty_new.TTY_FLAGS |= ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+ if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
+ return 0;
+#endif
+#ifdef OPENSSL_SYS_VMS
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status =
+ sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
+ 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return 0;
+#endif
+ return 1;
+}
+
+static int close_console(UI *ui)
+{
+ if (tty_in != stdin)
+ fclose(tty_in);
+ if (tty_out != stderr)
+ fclose(tty_out);
+#ifdef OPENSSL_SYS_VMS
+ status = sys$dassgn(channel);
+#endif
+ CRYPTO_w_unlock(CRYPTO_LOCK_UI);
+
+ return 1;
+}
+
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+/* Internal functions to handle signals and act on them */
+static void pushsig(void)
+{
+# ifndef OPENSSL_SYS_WIN32
+ int i;
+# endif
+# ifdef SIGACTION
+ struct sigaction sa;
+
+ memset(&sa, 0, sizeof sa);
+ sa.sa_handler = recsig;
+# endif
+
+# ifdef OPENSSL_SYS_WIN32
+ savsig[SIGABRT] = signal(SIGABRT, recsig);
+ savsig[SIGFPE] = signal(SIGFPE, recsig);
+ savsig[SIGILL] = signal(SIGILL, recsig);
+ savsig[SIGINT] = signal(SIGINT, recsig);
+ savsig[SIGSEGV] = signal(SIGSEGV, recsig);
+ savsig[SIGTERM] = signal(SIGTERM, recsig);
+# else
+ for (i = 1; i < NX509_SIG; i++) {
+# ifdef SIGUSR1
+ if (i == SIGUSR1)
+ continue;
+# endif
+# ifdef SIGUSR2
+ if (i == SIGUSR2)
+ continue;
+# endif
+# ifdef SIGKILL
+ if (i == SIGKILL) /* We can't make any action on that. */
+ continue;
+# endif
+# ifdef SIGACTION
+ sigaction(i, &sa, &savsig[i]);
+# else
+ savsig[i] = signal(i, recsig);
+# endif
+ }
+# endif
+
+# ifdef SIGWINCH
+ signal(SIGWINCH, SIG_DFL);
+# endif
+}
+
+static void popsig(void)
+{
+# ifdef OPENSSL_SYS_WIN32
+ signal(SIGABRT, savsig[SIGABRT]);
+ signal(SIGFPE, savsig[SIGFPE]);
+ signal(SIGILL, savsig[SIGILL]);
+ signal(SIGINT, savsig[SIGINT]);
+ signal(SIGSEGV, savsig[SIGSEGV]);
+ signal(SIGTERM, savsig[SIGTERM]);
+# else
+ int i;
+ for (i = 1; i < NX509_SIG; i++) {
+# ifdef SIGUSR1
+ if (i == SIGUSR1)
+ continue;
+# endif
+# ifdef SIGUSR2
+ if (i == SIGUSR2)
+ continue;
+# endif
+# ifdef SIGACTION
+ sigaction(i, &savsig[i], NULL);
+# else
+ signal(i, savsig[i]);
+# endif
+ }
+# endif
+}
+
+static void recsig(int i)
+{
+ intr_signal = i;
+}
+#endif
+
+/* Internal functions specific for Windows */
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+static int noecho_fgets(char *buf, int size, FILE *tty)
+{
+ int i;
+ char *p;
+
+ p = buf;
+ for (;;) {
+ if (size == 0) {
+ *p = '\0';
+ break;
+ }
+ size--;
+# ifdef WIN16TTY
+ i = _inchar();
+# elif defined(_WIN32)
+ i = _getch();
+# else
+ i = getch();
+# endif
+ if (i == '\r')
+ i = '\n';
+ *(p++) = i;
+ if (i == '\n') {
+ *p = '\0';
+ break;
+ }
+ }
+# ifdef WIN_CONSOLE_BUG
+ /*
+ * Win95 has several evil console bugs: one of these is that the last
+ * character read using getch() is passed to the next read: this is
+ * usually a CR so this can be trouble. No STDIO fix seems to work but
+ * flushing the console appears to do the trick.
+ */
+ {
+ HANDLE inh;
+ inh = GetStdHandle(STD_INPUT_HANDLE);
+ FlushConsoleInputBuffer(inh);
+ }
+# endif
+ return (strlen(buf));
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/ui/ui_util.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,93 +0,0 @@
-/* crypto/ui/ui_util.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include "ui_locl.h"
-
-int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
- int verify)
-{
- char buff[BUFSIZ];
- int ret;
-
- ret =
- UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
- prompt, verify);
- OPENSSL_cleanse(buff, BUFSIZ);
- return (ret);
-}
-
-int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
- int verify)
-{
- int ok = 0;
- UI *ui;
-
- if (size < 1)
- return -1;
-
- ui = UI_new();
- if (ui) {
- ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
- if (ok >= 0 && verify)
- ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
- if (ok >= 0)
- ok = UI_process(ui);
- UI_free(ui);
- }
- if (ok > 0)
- ok = 0;
- return (ok);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c (from rev 11605, vendor-crypto/openssl/dist/crypto/ui/ui_util.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/ui/ui_util.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,93 @@
+/* crypto/ui/ui_util.c */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include "ui_locl.h"
+
+int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+ int verify)
+{
+ char buff[BUFSIZ];
+ int ret;
+
+ ret =
+ UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
+ prompt, verify);
+ OPENSSL_cleanse(buff, BUFSIZ);
+ return (ret);
+}
+
+int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+ int verify)
+{
+ int ok = 0;
+ UI *ui;
+
+ if (size < 1)
+ return -1;
+
+ ui = UI_new();
+ if (ui) {
+ ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
+ if (ok >= 0 && verify)
+ ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
+ if (ok >= 0)
+ ok = UI_process(ui);
+ UI_free(ui);
+ }
+ if (ok > 0)
+ ok = 0;
+ return (ok);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/whrlpool/wp_dgst.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,257 +0,0 @@
-/**
- * The Whirlpool hashing function.
- *
- * <P>
- * <b>References</b>
- *
- * <P>
- * The Whirlpool algorithm was developed by
- * <a href="mailto:pbarreto at scopus.com.br">Paulo S. L. M. Barreto</a> and
- * <a href="mailto:vincent.rijmen at cryptomathic.com">Vincent Rijmen</a>.
- *
- * See
- * P.S.L.M. Barreto, V. Rijmen,
- * ``The Whirlpool hashing function,''
- * NESSIE submission, 2000 (tweaked version, 2001),
- * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
- *
- * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
- * Vincent Rijmen. Lookup "reference implementations" on
- * <http://planeta.terra.com.br/informatica/paulobarreto/>
- *
- * =============================================================================
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-/*
- * OpenSSL-specific implementation notes.
- *
- * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
- * number of *bytes* as input length argument. Bit-oriented routine
- * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
- * does not have one-stroke counterpart.
- *
- * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
- * to serve WHIRLPOOL_Update. This is done for performance.
- *
- * Unlike authors' reference implementation, block processing
- * routine whirlpool_block is designed to operate on multi-block
- * input. This is done for perfomance.
- */
-
-#include "wp_locl.h"
-#include <openssl/crypto.h>
-#include <string.h>
-
-fips_md_init(WHIRLPOOL)
-{
- memset(c, 0, sizeof(*c));
- return (1);
-}
-
-int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *_inp, size_t bytes)
-{
- /*
- * Well, largest suitable chunk size actually is
- * (1<<(sizeof(size_t)*8-3))-64, but below number is large enough for not
- * to care about excessive calls to WHIRLPOOL_BitUpdate...
- */
- size_t chunk = ((size_t)1) << (sizeof(size_t) * 8 - 4);
- const unsigned char *inp = _inp;
-
- while (bytes >= chunk) {
- WHIRLPOOL_BitUpdate(c, inp, chunk * 8);
- bytes -= chunk;
- inp += chunk;
- }
- if (bytes)
- WHIRLPOOL_BitUpdate(c, inp, bytes * 8);
-
- return (1);
-}
-
-void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits)
-{
- size_t n;
- unsigned int bitoff = c->bitoff,
- bitrem = bitoff % 8, inpgap = (8 - (unsigned int)bits % 8) & 7;
- const unsigned char *inp = _inp;
-
- /*
- * This 256-bit increment procedure relies on the size_t being natural
- * size of CPU register, so that we don't have to mask the value in order
- * to detect overflows.
- */
- c->bitlen[0] += bits;
- if (c->bitlen[0] < bits) { /* overflow */
- n = 1;
- do {
- c->bitlen[n]++;
- } while (c->bitlen[n] == 0
- && ++n < (WHIRLPOOL_COUNTER / sizeof(size_t)));
- }
-#ifndef OPENSSL_SMALL_FOOTPRINT
- reconsider:
- if (inpgap == 0 && bitrem == 0) { /* byte-oriented loop */
- while (bits) {
- if (bitoff == 0 && (n = bits / WHIRLPOOL_BBLOCK)) {
- whirlpool_block(c, inp, n);
- inp += n * WHIRLPOOL_BBLOCK / 8;
- bits %= WHIRLPOOL_BBLOCK;
- } else {
- unsigned int byteoff = bitoff / 8;
-
- bitrem = WHIRLPOOL_BBLOCK - bitoff; /* re-use bitrem */
- if (bits >= bitrem) {
- bits -= bitrem;
- bitrem /= 8;
- memcpy(c->data + byteoff, inp, bitrem);
- inp += bitrem;
- whirlpool_block(c, c->data, 1);
- bitoff = 0;
- } else {
- memcpy(c->data + byteoff, inp, bits / 8);
- bitoff += (unsigned int)bits;
- bits = 0;
- }
- c->bitoff = bitoff;
- }
- }
- } else /* bit-oriented loop */
-#endif
- {
- /*-
- inp
- |
- +-------+-------+-------
- |||||||||||||||||||||
- +-------+-------+-------
- +-------+-------+-------+-------+-------
- |||||||||||||| c->data
- +-------+-------+-------+-------+-------
- |
- c->bitoff/8
- */
- while (bits) {
- unsigned int byteoff = bitoff / 8;
- unsigned char b;
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
- if (bitrem == inpgap) {
- c->data[byteoff++] |= inp[0] & (0xff >> inpgap);
- inpgap = 8 - inpgap;
- bitoff += inpgap;
- bitrem = 0; /* bitoff%8 */
- bits -= inpgap;
- inpgap = 0; /* bits%8 */
- inp++;
- if (bitoff == WHIRLPOOL_BBLOCK) {
- whirlpool_block(c, c->data, 1);
- bitoff = 0;
- }
- c->bitoff = bitoff;
- goto reconsider;
- } else
-#endif
- if (bits >= 8) {
- b = ((inp[0] << inpgap) | (inp[1] >> (8 - inpgap)));
- b &= 0xff;
- if (bitrem)
- c->data[byteoff++] |= b >> bitrem;
- else
- c->data[byteoff++] = b;
- bitoff += 8;
- bits -= 8;
- inp++;
- if (bitoff >= WHIRLPOOL_BBLOCK) {
- whirlpool_block(c, c->data, 1);
- byteoff = 0;
- bitoff %= WHIRLPOOL_BBLOCK;
- }
- if (bitrem)
- c->data[byteoff] = b << (8 - bitrem);
- } else { /* remaining less than 8 bits */
-
- b = (inp[0] << inpgap) & 0xff;
- if (bitrem)
- c->data[byteoff++] |= b >> bitrem;
- else
- c->data[byteoff++] = b;
- bitoff += (unsigned int)bits;
- if (bitoff == WHIRLPOOL_BBLOCK) {
- whirlpool_block(c, c->data, 1);
- byteoff = 0;
- bitoff %= WHIRLPOOL_BBLOCK;
- }
- if (bitrem)
- c->data[byteoff] = b << (8 - bitrem);
- bits = 0;
- }
- c->bitoff = bitoff;
- }
- }
-}
-
-int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c)
-{
- unsigned int bitoff = c->bitoff, byteoff = bitoff / 8;
- size_t i, j, v;
- unsigned char *p;
-
- bitoff %= 8;
- if (bitoff)
- c->data[byteoff] |= 0x80 >> bitoff;
- else
- c->data[byteoff] = 0x80;
- byteoff++;
-
- /* pad with zeros */
- if (byteoff > (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER)) {
- if (byteoff < WHIRLPOOL_BBLOCK / 8)
- memset(&c->data[byteoff], 0, WHIRLPOOL_BBLOCK / 8 - byteoff);
- whirlpool_block(c, c->data, 1);
- byteoff = 0;
- }
- if (byteoff < (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER))
- memset(&c->data[byteoff], 0,
- (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER) - byteoff);
- /* smash 256-bit c->bitlen in big-endian order */
- p = &c->data[WHIRLPOOL_BBLOCK / 8 - 1]; /* last byte in c->data */
- for (i = 0; i < WHIRLPOOL_COUNTER / sizeof(size_t); i++)
- for (v = c->bitlen[i], j = 0; j < sizeof(size_t); j++, v >>= 8)
- *p-- = (unsigned char)(v & 0xff);
-
- whirlpool_block(c, c->data, 1);
-
- if (md) {
- memcpy(md, c->H.c, WHIRLPOOL_DIGEST_LENGTH);
- memset(c, 0, sizeof(*c));
- return (1);
- }
- return (0);
-}
-
-unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md)
-{
- WHIRLPOOL_CTX ctx;
- static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
-
- if (md == NULL)
- md = m;
- WHIRLPOOL_Init(&ctx);
- WHIRLPOOL_Update(&ctx, inp, bytes);
- WHIRLPOOL_Final(md, &ctx);
- return (md);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c (from rev 11605, vendor-crypto/openssl/dist/crypto/whrlpool/wp_dgst.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/whrlpool/wp_dgst.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,258 @@
+/**
+ * The Whirlpool hashing function.
+ *
+ * <P>
+ * <b>References</b>
+ *
+ * <P>
+ * The Whirlpool algorithm was developed by
+ * <a href="mailto:pbarreto at scopus.com.br">Paulo S. L. M. Barreto</a> and
+ * <a href="mailto:vincent.rijmen at cryptomathic.com">Vincent Rijmen</a>.
+ *
+ * See
+ * P.S.L.M. Barreto, V. Rijmen,
+ * ``The Whirlpool hashing function,''
+ * NESSIE submission, 2000 (tweaked version, 2001),
+ * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
+ *
+ * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
+ * Vincent Rijmen. Lookup "reference implementations" on
+ * <http://planeta.terra.com.br/informatica/paulobarreto/>
+ *
+ * =============================================================================
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+ * OpenSSL-specific implementation notes.
+ *
+ * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
+ * number of *bytes* as input length argument. Bit-oriented routine
+ * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
+ * does not have one-stroke counterpart.
+ *
+ * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
+ * to serve WHIRLPOOL_Update. This is done for performance.
+ *
+ * Unlike authors' reference implementation, block processing
+ * routine whirlpool_block is designed to operate on multi-block
+ * input. This is done for perfomance.
+ */
+
+#include <openssl/crypto.h>
+#include "wp_locl.h"
+#include <openssl/crypto.h>
+#include <string.h>
+
+fips_md_init(WHIRLPOOL)
+{
+ memset(c, 0, sizeof(*c));
+ return (1);
+}
+
+int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *_inp, size_t bytes)
+{
+ /*
+ * Well, largest suitable chunk size actually is
+ * (1<<(sizeof(size_t)*8-3))-64, but below number is large enough for not
+ * to care about excessive calls to WHIRLPOOL_BitUpdate...
+ */
+ size_t chunk = ((size_t)1) << (sizeof(size_t) * 8 - 4);
+ const unsigned char *inp = _inp;
+
+ while (bytes >= chunk) {
+ WHIRLPOOL_BitUpdate(c, inp, chunk * 8);
+ bytes -= chunk;
+ inp += chunk;
+ }
+ if (bytes)
+ WHIRLPOOL_BitUpdate(c, inp, bytes * 8);
+
+ return (1);
+}
+
+void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits)
+{
+ size_t n;
+ unsigned int bitoff = c->bitoff,
+ bitrem = bitoff % 8, inpgap = (8 - (unsigned int)bits % 8) & 7;
+ const unsigned char *inp = _inp;
+
+ /*
+ * This 256-bit increment procedure relies on the size_t being natural
+ * size of CPU register, so that we don't have to mask the value in order
+ * to detect overflows.
+ */
+ c->bitlen[0] += bits;
+ if (c->bitlen[0] < bits) { /* overflow */
+ n = 1;
+ do {
+ c->bitlen[n]++;
+ } while (c->bitlen[n] == 0
+ && ++n < (WHIRLPOOL_COUNTER / sizeof(size_t)));
+ }
+#ifndef OPENSSL_SMALL_FOOTPRINT
+ reconsider:
+ if (inpgap == 0 && bitrem == 0) { /* byte-oriented loop */
+ while (bits) {
+ if (bitoff == 0 && (n = bits / WHIRLPOOL_BBLOCK)) {
+ whirlpool_block(c, inp, n);
+ inp += n * WHIRLPOOL_BBLOCK / 8;
+ bits %= WHIRLPOOL_BBLOCK;
+ } else {
+ unsigned int byteoff = bitoff / 8;
+
+ bitrem = WHIRLPOOL_BBLOCK - bitoff; /* re-use bitrem */
+ if (bits >= bitrem) {
+ bits -= bitrem;
+ bitrem /= 8;
+ memcpy(c->data + byteoff, inp, bitrem);
+ inp += bitrem;
+ whirlpool_block(c, c->data, 1);
+ bitoff = 0;
+ } else {
+ memcpy(c->data + byteoff, inp, bits / 8);
+ bitoff += (unsigned int)bits;
+ bits = 0;
+ }
+ c->bitoff = bitoff;
+ }
+ }
+ } else /* bit-oriented loop */
+#endif
+ {
+ /*-
+ inp
+ |
+ +-------+-------+-------
+ |||||||||||||||||||||
+ +-------+-------+-------
+ +-------+-------+-------+-------+-------
+ |||||||||||||| c->data
+ +-------+-------+-------+-------+-------
+ |
+ c->bitoff/8
+ */
+ while (bits) {
+ unsigned int byteoff = bitoff / 8;
+ unsigned char b;
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+ if (bitrem == inpgap) {
+ c->data[byteoff++] |= inp[0] & (0xff >> inpgap);
+ inpgap = 8 - inpgap;
+ bitoff += inpgap;
+ bitrem = 0; /* bitoff%8 */
+ bits -= inpgap;
+ inpgap = 0; /* bits%8 */
+ inp++;
+ if (bitoff == WHIRLPOOL_BBLOCK) {
+ whirlpool_block(c, c->data, 1);
+ bitoff = 0;
+ }
+ c->bitoff = bitoff;
+ goto reconsider;
+ } else
+#endif
+ if (bits >= 8) {
+ b = ((inp[0] << inpgap) | (inp[1] >> (8 - inpgap)));
+ b &= 0xff;
+ if (bitrem)
+ c->data[byteoff++] |= b >> bitrem;
+ else
+ c->data[byteoff++] = b;
+ bitoff += 8;
+ bits -= 8;
+ inp++;
+ if (bitoff >= WHIRLPOOL_BBLOCK) {
+ whirlpool_block(c, c->data, 1);
+ byteoff = 0;
+ bitoff %= WHIRLPOOL_BBLOCK;
+ }
+ if (bitrem)
+ c->data[byteoff] = b << (8 - bitrem);
+ } else { /* remaining less than 8 bits */
+
+ b = (inp[0] << inpgap) & 0xff;
+ if (bitrem)
+ c->data[byteoff++] |= b >> bitrem;
+ else
+ c->data[byteoff++] = b;
+ bitoff += (unsigned int)bits;
+ if (bitoff == WHIRLPOOL_BBLOCK) {
+ whirlpool_block(c, c->data, 1);
+ byteoff = 0;
+ bitoff %= WHIRLPOOL_BBLOCK;
+ }
+ if (bitrem)
+ c->data[byteoff] = b << (8 - bitrem);
+ bits = 0;
+ }
+ c->bitoff = bitoff;
+ }
+ }
+}
+
+int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c)
+{
+ unsigned int bitoff = c->bitoff, byteoff = bitoff / 8;
+ size_t i, j, v;
+ unsigned char *p;
+
+ bitoff %= 8;
+ if (bitoff)
+ c->data[byteoff] |= 0x80 >> bitoff;
+ else
+ c->data[byteoff] = 0x80;
+ byteoff++;
+
+ /* pad with zeros */
+ if (byteoff > (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER)) {
+ if (byteoff < WHIRLPOOL_BBLOCK / 8)
+ memset(&c->data[byteoff], 0, WHIRLPOOL_BBLOCK / 8 - byteoff);
+ whirlpool_block(c, c->data, 1);
+ byteoff = 0;
+ }
+ if (byteoff < (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER))
+ memset(&c->data[byteoff], 0,
+ (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER) - byteoff);
+ /* smash 256-bit c->bitlen in big-endian order */
+ p = &c->data[WHIRLPOOL_BBLOCK / 8 - 1]; /* last byte in c->data */
+ for (i = 0; i < WHIRLPOOL_COUNTER / sizeof(size_t); i++)
+ for (v = c->bitlen[i], j = 0; j < sizeof(size_t); j++, v >>= 8)
+ *p-- = (unsigned char)(v & 0xff);
+
+ whirlpool_block(c, c->data, 1);
+
+ if (md) {
+ memcpy(md, c->H.c, WHIRLPOOL_DIGEST_LENGTH);
+ OPENSSL_cleanse(c, sizeof(*c));
+ return (1);
+ }
+ return (0);
+}
+
+unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md)
+{
+ WHIRLPOOL_CTX ctx;
+ static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
+
+ if (md == NULL)
+ md = m;
+ WHIRLPOOL_Init(&ctx);
+ WHIRLPOOL_Update(&ctx, inp, bytes);
+ WHIRLPOOL_Final(md, &ctx);
+ return (md);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509/x509.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1301 +0,0 @@
-/* crypto/x509/x509.h */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_X509_H
-# define HEADER_X509_H
-
-# include <openssl/e_os2.h>
-# include <openssl/symhacks.h>
-# ifndef OPENSSL_NO_BUFFER
-# include <openssl/buffer.h>
-# endif
-# ifndef OPENSSL_NO_EVP
-# include <openssl/evp.h>
-# endif
-# ifndef OPENSSL_NO_BIO
-# include <openssl/bio.h>
-# endif
-# include <openssl/stack.h>
-# include <openssl/asn1.h>
-# include <openssl/safestack.h>
-
-# ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-# endif
-
-# ifndef OPENSSL_NO_ECDSA
-# include <openssl/ecdsa.h>
-# endif
-
-# ifndef OPENSSL_NO_ECDH
-# include <openssl/ecdh.h>
-# endif
-
-# ifndef OPENSSL_NO_DEPRECATED
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
-# ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-# endif
-# endif
-
-# ifndef OPENSSL_NO_SHA
-# include <openssl/sha.h>
-# endif
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 these are defined in wincrypt.h */
-# undef X509_NAME
-# undef X509_CERT_PAIR
-# undef X509_EXTENSIONS
-# endif
-
-# define X509_FILETYPE_PEM 1
-# define X509_FILETYPE_ASN1 2
-# define X509_FILETYPE_DEFAULT 3
-
-# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
-# define X509v3_KU_NON_REPUDIATION 0x0040
-# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
-# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
-# define X509v3_KU_KEY_AGREEMENT 0x0008
-# define X509v3_KU_KEY_CERT_SIGN 0x0004
-# define X509v3_KU_CRL_SIGN 0x0002
-# define X509v3_KU_ENCIPHER_ONLY 0x0001
-# define X509v3_KU_DECIPHER_ONLY 0x8000
-# define X509v3_KU_UNDEF 0xffff
-
-typedef struct X509_objects_st {
- int nid;
- int (*a2i) (void);
- int (*i2a) (void);
-} X509_OBJECTS;
-
-struct X509_algor_st {
- ASN1_OBJECT *algorithm;
- ASN1_TYPE *parameter;
-} /* X509_ALGOR */ ;
-
-DECLARE_ASN1_SET_OF(X509_ALGOR)
-
-typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-
-typedef struct X509_val_st {
- ASN1_TIME *notBefore;
- ASN1_TIME *notAfter;
-} X509_VAL;
-
-struct X509_pubkey_st {
- X509_ALGOR *algor;
- ASN1_BIT_STRING *public_key;
- EVP_PKEY *pkey;
-};
-
-typedef struct X509_sig_st {
- X509_ALGOR *algor;
- ASN1_OCTET_STRING *digest;
-} X509_SIG;
-
-typedef struct X509_name_entry_st {
- ASN1_OBJECT *object;
- ASN1_STRING *value;
- int set;
- int size; /* temp variable */
-} X509_NAME_ENTRY;
-
-DECLARE_STACK_OF(X509_NAME_ENTRY)
-DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
-
-/* we always keep X509_NAMEs in 2 forms. */
-struct X509_name_st {
- STACK_OF(X509_NAME_ENTRY) *entries;
- int modified; /* true if 'bytes' needs to be built */
-# ifndef OPENSSL_NO_BUFFER
- BUF_MEM *bytes;
-# else
- char *bytes;
-# endif
-/* unsigned long hash; Keep the hash around for lookups */
- unsigned char *canon_enc;
- int canon_enclen;
-} /* X509_NAME */ ;
-
-DECLARE_STACK_OF(X509_NAME)
-
-# define X509_EX_V_NETSCAPE_HACK 0x8000
-# define X509_EX_V_INIT 0x0001
-typedef struct X509_extension_st {
- ASN1_OBJECT *object;
- ASN1_BOOLEAN critical;
- ASN1_OCTET_STRING *value;
-} X509_EXTENSION;
-
-typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-
-DECLARE_STACK_OF(X509_EXTENSION)
-DECLARE_ASN1_SET_OF(X509_EXTENSION)
-
-/* a sequence of these are used */
-typedef struct x509_attributes_st {
- ASN1_OBJECT *object;
- int single; /* 0 for a set, 1 for a single item (which is
- * wrong) */
- union {
- char *ptr;
- /*
- * 0
- */ STACK_OF(ASN1_TYPE) *set;
- /*
- * 1
- */ ASN1_TYPE *single;
- } value;
-} X509_ATTRIBUTE;
-
-DECLARE_STACK_OF(X509_ATTRIBUTE)
-DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
-
-typedef struct X509_req_info_st {
- ASN1_ENCODING enc;
- ASN1_INTEGER *version;
- X509_NAME *subject;
- X509_PUBKEY *pubkey;
- /* d=2 hl=2 l= 0 cons: cont: 00 */
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} X509_REQ_INFO;
-
-typedef struct X509_req_st {
- X509_REQ_INFO *req_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
-} X509_REQ;
-
-typedef struct x509_cinf_st {
- ASN1_INTEGER *version; /* [ 0 ] default of v1 */
- ASN1_INTEGER *serialNumber;
- X509_ALGOR *signature;
- X509_NAME *issuer;
- X509_VAL *validity;
- X509_NAME *subject;
- X509_PUBKEY *key;
- ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
- ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
- STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
- ASN1_ENCODING enc;
-} X509_CINF;
-
-/*
- * This stuff is certificate "auxiliary info" it contains details which are
- * useful in certificate stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-
-typedef struct x509_cert_aux_st {
- STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
- STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
- ASN1_UTF8STRING *alias; /* "friendly name" */
- ASN1_OCTET_STRING *keyid; /* key id of private key */
- STACK_OF(X509_ALGOR) *other; /* other unspecified info */
-} X509_CERT_AUX;
-
-struct x509_st {
- X509_CINF *cert_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int valid;
- int references;
- char *name;
- CRYPTO_EX_DATA ex_data;
- /* These contain copies of various extension values */
- long ex_pathlen;
- long ex_pcpathlen;
- unsigned long ex_flags;
- unsigned long ex_kusage;
- unsigned long ex_xkusage;
- unsigned long ex_nscert;
- ASN1_OCTET_STRING *skid;
- AUTHORITY_KEYID *akid;
- X509_POLICY_CACHE *policy_cache;
- STACK_OF(DIST_POINT) *crldp;
- STACK_OF(GENERAL_NAME) *altname;
- NAME_CONSTRAINTS *nc;
-# ifndef OPENSSL_NO_RFC3779
- STACK_OF(IPAddressFamily) *rfc3779_addr;
- struct ASIdentifiers_st *rfc3779_asid;
-# endif
-# ifndef OPENSSL_NO_SHA
- unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-# endif
- X509_CERT_AUX *aux;
-} /* X509 */ ;
-
-DECLARE_STACK_OF(X509)
-DECLARE_ASN1_SET_OF(X509)
-
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
- int trust;
- int flags;
- int (*check_trust) (struct x509_trust_st *, X509 *, int);
- char *name;
- int arg1;
- void *arg2;
-} X509_TRUST;
-
-DECLARE_STACK_OF(X509_TRUST)
-
-typedef struct x509_cert_pair_st {
- X509 *forward;
- X509 *reverse;
-} X509_CERT_PAIR;
-
-/* standard trust ids */
-
-# define X509_TRUST_DEFAULT -1/* Only valid in purpose settings */
-
-# define X509_TRUST_COMPAT 1
-# define X509_TRUST_SSL_CLIENT 2
-# define X509_TRUST_SSL_SERVER 3
-# define X509_TRUST_EMAIL 4
-# define X509_TRUST_OBJECT_SIGN 5
-# define X509_TRUST_OCSP_SIGN 6
-# define X509_TRUST_OCSP_REQUEST 7
-# define X509_TRUST_TSA 8
-
-/* Keep these up to date! */
-# define X509_TRUST_MIN 1
-# define X509_TRUST_MAX 8
-
-/* trust_flags values */
-# define X509_TRUST_DYNAMIC 1
-# define X509_TRUST_DYNAMIC_NAME 2
-
-/* check_trust return codes */
-
-# define X509_TRUST_TRUSTED 1
-# define X509_TRUST_REJECTED 2
-# define X509_TRUST_UNTRUSTED 3
-
-/* Flags for X509_print_ex() */
-
-# define X509_FLAG_COMPAT 0
-# define X509_FLAG_NO_HEADER 1L
-# define X509_FLAG_NO_VERSION (1L << 1)
-# define X509_FLAG_NO_SERIAL (1L << 2)
-# define X509_FLAG_NO_SIGNAME (1L << 3)
-# define X509_FLAG_NO_ISSUER (1L << 4)
-# define X509_FLAG_NO_VALIDITY (1L << 5)
-# define X509_FLAG_NO_SUBJECT (1L << 6)
-# define X509_FLAG_NO_PUBKEY (1L << 7)
-# define X509_FLAG_NO_EXTENSIONS (1L << 8)
-# define X509_FLAG_NO_SIGDUMP (1L << 9)
-# define X509_FLAG_NO_AUX (1L << 10)
-# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
-
-/* Flags specific to X509_NAME_print_ex() */
-
-/* The field separator information */
-
-# define XN_FLAG_SEP_MASK (0xf << 16)
-
-# define XN_FLAG_COMPAT 0/* Traditional SSLeay: use old
- * X509_NAME_print */
-# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */
-# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */
-# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */
-# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */
-
-# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */
-
-/* How the field name is shown */
-
-# define XN_FLAG_FN_MASK (0x3 << 21)
-
-# define XN_FLAG_FN_SN 0/* Object short name */
-# define XN_FLAG_FN_LN (1 << 21)/* Object long name */
-# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */
-# define XN_FLAG_FN_NONE (3 << 21)/* No field names */
-
-# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */
-
-/*
- * This determines if we dump fields we don't recognise: RFC2253 requires
- * this.
- */
-
-# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20
- * characters */
-
-/* Complete set of RFC2253 flags */
-
-# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
- XN_FLAG_SEP_COMMA_PLUS | \
- XN_FLAG_DN_REV | \
- XN_FLAG_FN_SN | \
- XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-/* readable oneline form */
-
-# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
- ASN1_STRFLGS_ESC_QUOTE | \
- XN_FLAG_SEP_CPLUS_SPC | \
- XN_FLAG_SPC_EQ | \
- XN_FLAG_FN_SN)
-
-/* readable multiline form */
-
-# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB | \
- XN_FLAG_SEP_MULTILINE | \
- XN_FLAG_SPC_EQ | \
- XN_FLAG_FN_LN | \
- XN_FLAG_FN_ALIGN)
-
-struct x509_revoked_st {
- ASN1_INTEGER *serialNumber;
- ASN1_TIME *revocationDate;
- STACK_OF(X509_EXTENSION) /* optional */ *extensions;
- /* Set up if indirect CRL */
- STACK_OF(GENERAL_NAME) *issuer;
- /* Revocation reason */
- int reason;
- int sequence; /* load sequence */
-};
-
-DECLARE_STACK_OF(X509_REVOKED)
-DECLARE_ASN1_SET_OF(X509_REVOKED)
-
-typedef struct X509_crl_info_st {
- ASN1_INTEGER *version;
- X509_ALGOR *sig_alg;
- X509_NAME *issuer;
- ASN1_TIME *lastUpdate;
- ASN1_TIME *nextUpdate;
- STACK_OF(X509_REVOKED) *revoked;
- STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
- ASN1_ENCODING enc;
-} X509_CRL_INFO;
-
-struct X509_crl_st {
- /* actual signature */
- X509_CRL_INFO *crl;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
- int flags;
- /* Copies of various extensions */
- AUTHORITY_KEYID *akid;
- ISSUING_DIST_POINT *idp;
- /* Convenient breakdown of IDP */
- int idp_flags;
- int idp_reasons;
- /* CRL and base CRL numbers for delta processing */
- ASN1_INTEGER *crl_number;
- ASN1_INTEGER *base_crl_number;
-# ifndef OPENSSL_NO_SHA
- unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-# endif
- STACK_OF(GENERAL_NAMES) *issuers;
- const X509_CRL_METHOD *meth;
- void *meth_data;
-} /* X509_CRL */ ;
-
-DECLARE_STACK_OF(X509_CRL)
-DECLARE_ASN1_SET_OF(X509_CRL)
-
-typedef struct private_key_st {
- int version;
- /* The PKCS#8 data types */
- X509_ALGOR *enc_algor;
- ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
- /* When decrypted, the following will not be NULL */
- EVP_PKEY *dec_pkey;
- /* used to encrypt and decrypt */
- int key_length;
- char *key_data;
- int key_free; /* true if we should auto free key_data */
- /* expanded version of 'enc_algor' */
- EVP_CIPHER_INFO cipher;
- int references;
-} X509_PKEY;
-
-# ifndef OPENSSL_NO_EVP
-typedef struct X509_info_st {
- X509 *x509;
- X509_CRL *crl;
- X509_PKEY *x_pkey;
- EVP_CIPHER_INFO enc_cipher;
- int enc_len;
- char *enc_data;
- int references;
-} X509_INFO;
-
-DECLARE_STACK_OF(X509_INFO)
-# endif
-
-/*
- * The next 2 structures and their 8 routines were sent to me by Pat Richard
- * <patr at x509.com> and are used to manipulate Netscapes spki structures -
- * useful if you are writing a CA web page
- */
-typedef struct Netscape_spkac_st {
- X509_PUBKEY *pubkey;
- ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
-} NETSCAPE_SPKAC;
-
-typedef struct Netscape_spki_st {
- NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
- X509_ALGOR *sig_algor;
- ASN1_BIT_STRING *signature;
-} NETSCAPE_SPKI;
-
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence {
- ASN1_OBJECT *type;
- STACK_OF(X509) *certs;
-} NETSCAPE_CERT_SEQUENCE;
-
-/*- Unused (and iv length is wrong)
-typedef struct CBCParameter_st
- {
- unsigned char iv[8];
- } CBC_PARAM;
-*/
-
-/* Password based encryption structure */
-
-typedef struct PBEPARAM_st {
- ASN1_OCTET_STRING *salt;
- ASN1_INTEGER *iter;
-} PBEPARAM;
-
-/* Password based encryption V2 structures */
-
-typedef struct PBE2PARAM_st {
- X509_ALGOR *keyfunc;
- X509_ALGOR *encryption;
-} PBE2PARAM;
-
-typedef struct PBKDF2PARAM_st {
-/* Usually OCTET STRING but could be anything */
- ASN1_TYPE *salt;
- ASN1_INTEGER *iter;
- ASN1_INTEGER *keylength;
- X509_ALGOR *prf;
-} PBKDF2PARAM;
-
-/* PKCS#8 private key info structure */
-
-struct pkcs8_priv_key_info_st {
- /* Flag for various broken formats */
- int broken;
-# define PKCS8_OK 0
-# define PKCS8_NO_OCTET 1
-# define PKCS8_EMBEDDED_PARAM 2
-# define PKCS8_NS_DB 3
-# define PKCS8_NEG_PRIVKEY 4
- ASN1_INTEGER *version;
- X509_ALGOR *pkeyalg;
- /* Should be OCTET STRING but some are broken */
- ASN1_TYPE *pkey;
- STACK_OF(X509_ATTRIBUTE) *attributes;
-};
-
-#ifdef __cplusplus
-}
-#endif
-
-# include <openssl/x509_vfy.h>
-# include <openssl/pkcs7.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define X509_EXT_PACK_UNKNOWN 1
-# define X509_EXT_PACK_STRING 2
-
-# define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
-/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
-# define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
-# define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
-# define X509_extract_key(x) X509_get_pubkey(x)/*****/
-# define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
-# define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
-# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
-# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
-# define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
-
-# define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
-# define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
-# define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
-# define X509_CRL_get_issuer(x) ((x)->crl->issuer)
-# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
-
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
-X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
- int (*crl_free) (X509_CRL *crl),
- int (*crl_lookup) (X509_CRL *crl,
- X509_REVOKED **ret,
- ASN1_INTEGER *ser,
- X509_NAME *issuer),
- int (*crl_verify) (X509_CRL *crl,
- EVP_PKEY *pk));
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
-
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
-void *X509_CRL_get_meth_data(X509_CRL *crl);
-
-/*
- * This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
- */
-# define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
-
-const char *X509_verify_cert_error_string(long n);
-
-# ifndef OPENSSL_NO_EVP
-int X509_verify(X509 *a, EVP_PKEY *r);
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
-char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
-
-int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
-int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
-
-int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_digest(const X509 *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-# endif
-
-# ifndef OPENSSL_NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-int i2d_X509_fp(FILE *fp, X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
-int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
-int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-# endif
-X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
-int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
- PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-# endif
-
-# ifndef OPENSSL_NO_BIO
-X509 *d2i_X509_bio(BIO *bp, X509 **x509);
-int i2d_X509_bio(BIO *bp, X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
-int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
-int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-# endif
-X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
-int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
- PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-# endif
-
-X509 *X509_dup(X509 *x509);
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-X509_CRL *X509_CRL_dup(X509_CRL *crl);
-X509_REQ *X509_REQ_dup(X509_REQ *req);
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
- void *pval);
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
- X509_ALGOR *algor);
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
-int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
-
-X509_NAME *X509_NAME_dup(X509_NAME *xn);
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-
-int X509_cmp_time(const ASN1_TIME *s, time_t *t);
-int X509_cmp_current_time(const ASN1_TIME *s);
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
-ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
- int offset_day, long offset_sec, time_t *t);
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
-
-const char *X509_get_default_cert_area(void);
-const char *X509_get_default_cert_dir(void);
-const char *X509_get_default_cert_file(void);
-const char *X509_get_default_cert_dir_env(void);
-const char *X509_get_default_cert_file_env(void);
-const char *X509_get_default_private_dir(void);
-
-X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
-DECLARE_ASN1_FUNCTIONS(X509_VAL)
-
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
-# ifndef OPENSSL_NO_RSA
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
-RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
-# endif
-# ifndef OPENSSL_NO_DSA
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
-DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
-# endif
-# ifndef OPENSSL_NO_EC
-int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
-EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
-# endif
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
-
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509_CINF)
-
-DECLARE_ASN1_FUNCTIONS(X509)
-DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_set_ex_data(X509 *r, int idx, void *arg);
-void *X509_get_ex_data(X509 *r, int idx);
-int i2d_X509_AUX(X509 *a, unsigned char **pp);
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
-unsigned char *X509_alias_get0(X509 *x, int *len);
-unsigned char *X509_keyid_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
- int);
-int X509_TRUST_set(int *t, int trust);
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-int X509_CRL_get0_by_serial(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial);
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
-
-X509_PKEY *X509_PKEY_new(void);
-void X509_PKEY_free(X509_PKEY *a);
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp);
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp,
- long length);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
-
-# ifndef OPENSSL_NO_EVP
-X509_INFO *X509_INFO_new(void);
-void X509_INFO_free(X509_INFO *a);
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
-
-int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
-
-int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
- unsigned char *md, unsigned int *len);
-
-int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- char *data, EVP_PKEY *pkey, const EVP_MD *type);
-
-int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
- unsigned char *md, unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
- EVP_PKEY *pkey, const EVP_MD *type);
-int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- void *asn, EVP_MD_CTX *ctx);
-# endif
-
-int X509_set_version(X509 *x, long version);
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
-ASN1_INTEGER *X509_get_serialNumber(X509 *x);
-int X509_set_issuer_name(X509 *x, X509_NAME *name);
-X509_NAME *X509_get_issuer_name(X509 *a);
-int X509_set_subject_name(X509 *x, X509_NAME *name);
-X509_NAME *X509_get_subject_name(X509 *a);
-int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
-int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
-EVP_PKEY *X509_get_pubkey(X509 *x);
-ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
-int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
-
-int X509_REQ_set_version(X509_REQ *x, long version);
-int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
-EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
-int X509_REQ_extension_nid(int nid);
-int *X509_REQ_get_extension_nids(void);
-void X509_REQ_set_extension_nids(int *nids);
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
- int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
-int X509_REQ_get_attr_count(const X509_REQ *req);
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
- int nid, int type,
- const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- const char *attrname, int type,
- const unsigned char *bytes, int len);
-
-int X509_CRL_set_version(X509_CRL *x, long version);
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_sort(X509_CRL *crl);
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
-int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
-
-int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
-
-int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_and_serial_hash(X509 *a);
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_name_hash(X509 *a);
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_subject_name_hash(X509 *x);
-
-# ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_name_hash_old(X509 *a);
-unsigned long X509_subject_name_hash_old(X509 *x);
-# endif
-
-int X509_cmp(const X509 *a, const X509 *b);
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long X509_NAME_hash(X509_NAME *x);
-unsigned long X509_NAME_hash_old(X509_NAME *x);
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
-# ifndef OPENSSL_NO_FP_API
-int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-int X509_print_fp(FILE *bp, X509 *x);
-int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
-int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
- unsigned long flags);
-# endif
-
-# ifndef OPENSSL_NO_BIO
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
- unsigned long flags);
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-int X509_print(BIO *bp, X509 *x);
-int X509_ocspid_print(BIO *bp, X509 *x);
-int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
-int X509_CRL_print(BIO *bp, X509_CRL *x);
-int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
- unsigned long cflag);
-int X509_REQ_print(BIO *bp, X509_REQ *req);
-# endif
-
-int X509_NAME_entry_count(X509_NAME *name);
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- char *buf, int len);
-
-/*
- * NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
- * lastpos, search after that position on.
- */
-int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
- int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len, int loc,
- int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
- unsigned char *bytes, int len, int loc,
- int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
- const char *field, int type,
- const unsigned char *bytes,
- int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
- int type, unsigned char *bytes,
- int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
- const unsigned char *bytes, int len, int loc,
- int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
- ASN1_OBJECT *obj, int type,
- const unsigned char *bytes,
- int len);
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
- const unsigned char *bytes, int len);
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
- int nid, int lastpos);
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
- ASN1_OBJECT *obj, int lastpos);
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
- int crit, int lastpos);
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
- X509_EXTENSION *ex, int loc);
-
-int X509_get_ext_count(X509 *x);
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
-int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos);
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
-X509_EXTENSION *X509_get_ext(X509 *x, int loc);
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
- unsigned long flags);
-
-int X509_CRL_get_ext_count(X509_CRL *x);
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos);
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
- unsigned long flags);
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
- int lastpos);
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
-void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
- unsigned long flags);
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
- int nid, int crit,
- ASN1_OCTET_STRING *data);
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
- ASN1_OBJECT *obj, int crit,
- ASN1_OCTET_STRING *data);
-int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
-ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
- int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
- ASN1_OBJECT *obj, int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
- **x, const ASN1_OBJECT *obj,
- int type,
- const unsigned char *bytes,
- int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
- **x, int nid, int type,
- const unsigned char *bytes,
- int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
- **x, const char *attrname,
- int type,
- const unsigned char *bytes,
- int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
- int lastpos, int type);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, const void *data,
- int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- const ASN1_OBJECT *obj,
- int atrtype, const void *data,
- int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- const char *atrname, int type,
- const unsigned char *bytes,
- int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
- const void *data, int len);
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
- void *data);
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
-
-int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
-int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
-int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
-X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
-int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
-int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
- const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
- int nid, int type,
- const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
- const char *attrname, int type,
- const unsigned char *bytes, int len);
-
-int X509_verify_cert(X509_STORE_CTX *ctx);
-
-/* lookup a cert from a X509 STACK */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
- ASN1_INTEGER *serial);
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(PBEPARAM)
-DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
-DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
- const unsigned char *salt, int saltlen);
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
- const unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen,
- unsigned char *aiv, int prf_nid);
-
-X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
- int prf_nid, int keylen);
-
-/* PKCS#8 utilities */
-
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
-
-int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
- int version, int ptype, void *pval,
- unsigned char *penc, int penclen);
-int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
-
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
- int ptype, void *pval,
- unsigned char *penc, int penclen);
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa, X509_PUBKEY *pub);
-
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST *X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
- char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_get0_name(X509_TRUST *xp);
-int X509_TRUST_get_trust(X509_TRUST *xp);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509_strings(void);
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-# define X509_F_ADD_CERT_DIR 100
-# define X509_F_BY_FILE_CTRL 101
-# define X509_F_CHECK_POLICY 145
-# define X509_F_DIR_CTRL 102
-# define X509_F_GET_CERT_BY_SUBJECT 103
-# define X509_F_NETSCAPE_SPKI_B64_DECODE 129
-# define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
-# define X509_F_X509AT_ADD1_ATTR 135
-# define X509_F_X509V3_ADD_EXT 104
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
-# define X509_F_X509_ATTRIBUTE_GET0_DATA 139
-# define X509_F_X509_ATTRIBUTE_SET1_DATA 138
-# define X509_F_X509_CHECK_PRIVATE_KEY 128
-# define X509_F_X509_CRL_PRINT_FP 147
-# define X509_F_X509_EXTENSION_CREATE_BY_NID 108
-# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
-# define X509_F_X509_GET_PUBKEY_PARAMETERS 110
-# define X509_F_X509_LOAD_CERT_CRL_FILE 132
-# define X509_F_X509_LOAD_CERT_FILE 111
-# define X509_F_X509_LOAD_CRL_FILE 112
-# define X509_F_X509_NAME_ADD_ENTRY 113
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
-# define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
-# define X509_F_X509_NAME_ONELINE 116
-# define X509_F_X509_NAME_PRINT 117
-# define X509_F_X509_PRINT_EX_FP 118
-# define X509_F_X509_PUBKEY_GET 119
-# define X509_F_X509_PUBKEY_SET 120
-# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144
-# define X509_F_X509_REQ_PRINT_EX 121
-# define X509_F_X509_REQ_PRINT_FP 122
-# define X509_F_X509_REQ_TO_X509 123
-# define X509_F_X509_STORE_ADD_CERT 124
-# define X509_F_X509_STORE_ADD_CRL 125
-# define X509_F_X509_STORE_CTX_GET1_ISSUER 146
-# define X509_F_X509_STORE_CTX_INIT 143
-# define X509_F_X509_STORE_CTX_NEW 142
-# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
-# define X509_F_X509_TO_X509_REQ 126
-# define X509_F_X509_TRUST_ADD 133
-# define X509_F_X509_TRUST_SET 141
-# define X509_F_X509_VERIFY_CERT 127
-
-/* Reason codes. */
-# define X509_R_BAD_X509_FILETYPE 100
-# define X509_R_BASE64_DECODE_ERROR 118
-# define X509_R_CANT_CHECK_DH_KEY 114
-# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
-# define X509_R_ERR_ASN1_LIB 102
-# define X509_R_INVALID_DIRECTORY 113
-# define X509_R_INVALID_FIELD_NAME 119
-# define X509_R_INVALID_TRUST 123
-# define X509_R_KEY_TYPE_MISMATCH 115
-# define X509_R_KEY_VALUES_MISMATCH 116
-# define X509_R_LOADING_CERT_DIR 103
-# define X509_R_LOADING_DEFAULTS 104
-# define X509_R_METHOD_NOT_SUPPORTED 124
-# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
-# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
-# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
-# define X509_R_SHOULD_RETRY 106
-# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
-# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
-# define X509_R_UNKNOWN_KEY_TYPE 117
-# define X509_R_UNKNOWN_NID 109
-# define X509_R_UNKNOWN_PURPOSE_ID 121
-# define X509_R_UNKNOWN_TRUST_ID 120
-# define X509_R_UNSUPPORTED_ALGORITHM 111
-# define X509_R_WRONG_LOOKUP_TYPE 112
-# define X509_R_WRONG_TYPE 122
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h (from rev 11605, vendor-crypto/openssl/dist/crypto/x509/x509.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1304 @@
+/* crypto/x509/x509.h */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_X509_H
+# define HEADER_X509_H
+
+# include <openssl/e_os2.h>
+# include <openssl/symhacks.h>
+# ifndef OPENSSL_NO_BUFFER
+# include <openssl/buffer.h>
+# endif
+# ifndef OPENSSL_NO_EVP
+# include <openssl/evp.h>
+# endif
+# ifndef OPENSSL_NO_BIO
+# include <openssl/bio.h>
+# endif
+# include <openssl/stack.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+
+# ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+# include <openssl/ecdsa.h>
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+# include <openssl/ecdh.h>
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
+# ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+# endif
+# ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+# endif
+# endif
+
+# ifndef OPENSSL_NO_SHA
+# include <openssl/sha.h>
+# endif
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 these are defined in wincrypt.h */
+# undef X509_NAME
+# undef X509_CERT_PAIR
+# undef X509_EXTENSIONS
+# endif
+
+# define X509_FILETYPE_PEM 1
+# define X509_FILETYPE_ASN1 2
+# define X509_FILETYPE_DEFAULT 3
+
+# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+# define X509v3_KU_NON_REPUDIATION 0x0040
+# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+# define X509v3_KU_KEY_AGREEMENT 0x0008
+# define X509v3_KU_KEY_CERT_SIGN 0x0004
+# define X509v3_KU_CRL_SIGN 0x0002
+# define X509v3_KU_ENCIPHER_ONLY 0x0001
+# define X509v3_KU_DECIPHER_ONLY 0x8000
+# define X509v3_KU_UNDEF 0xffff
+
+typedef struct X509_objects_st {
+ int nid;
+ int (*a2i) (void);
+ int (*i2a) (void);
+} X509_OBJECTS;
+
+struct X509_algor_st {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+} /* X509_ALGOR */ ;
+
+DECLARE_ASN1_SET_OF(X509_ALGOR)
+
+typedef STACK_OF(X509_ALGOR) X509_ALGORS;
+
+typedef struct X509_val_st {
+ ASN1_TIME *notBefore;
+ ASN1_TIME *notAfter;
+} X509_VAL;
+
+struct X509_pubkey_st {
+ X509_ALGOR *algor;
+ ASN1_BIT_STRING *public_key;
+ EVP_PKEY *pkey;
+};
+
+typedef struct X509_sig_st {
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *digest;
+} X509_SIG;
+
+typedef struct X509_name_entry_st {
+ ASN1_OBJECT *object;
+ ASN1_STRING *value;
+ int set;
+ int size; /* temp variable */
+} X509_NAME_ENTRY;
+
+DECLARE_STACK_OF(X509_NAME_ENTRY)
+DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
+
+/* we always keep X509_NAMEs in 2 forms. */
+struct X509_name_st {
+ STACK_OF(X509_NAME_ENTRY) *entries;
+ int modified; /* true if 'bytes' needs to be built */
+# ifndef OPENSSL_NO_BUFFER
+ BUF_MEM *bytes;
+# else
+ char *bytes;
+# endif
+/* unsigned long hash; Keep the hash around for lookups */
+ unsigned char *canon_enc;
+ int canon_enclen;
+} /* X509_NAME */ ;
+
+DECLARE_STACK_OF(X509_NAME)
+
+# define X509_EX_V_NETSCAPE_HACK 0x8000
+# define X509_EX_V_INIT 0x0001
+typedef struct X509_extension_st {
+ ASN1_OBJECT *object;
+ ASN1_BOOLEAN critical;
+ ASN1_OCTET_STRING *value;
+} X509_EXTENSION;
+
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+
+DECLARE_STACK_OF(X509_EXTENSION)
+DECLARE_ASN1_SET_OF(X509_EXTENSION)
+
+/* a sequence of these are used */
+typedef struct x509_attributes_st {
+ ASN1_OBJECT *object;
+ int single; /* 0 for a set, 1 for a single item (which is
+ * wrong) */
+ union {
+ char *ptr;
+ /*
+ * 0
+ */ STACK_OF(ASN1_TYPE) *set;
+ /*
+ * 1
+ */ ASN1_TYPE *single;
+ } value;
+} X509_ATTRIBUTE;
+
+DECLARE_STACK_OF(X509_ATTRIBUTE)
+DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
+
+typedef struct X509_req_info_st {
+ ASN1_ENCODING enc;
+ ASN1_INTEGER *version;
+ X509_NAME *subject;
+ X509_PUBKEY *pubkey;
+ /* d=2 hl=2 l= 0 cons: cont: 00 */
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} X509_REQ_INFO;
+
+typedef struct X509_req_st {
+ X509_REQ_INFO *req_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+} X509_REQ;
+
+typedef struct x509_cinf_st {
+ ASN1_INTEGER *version; /* [ 0 ] default of v1 */
+ ASN1_INTEGER *serialNumber;
+ X509_ALGOR *signature;
+ X509_NAME *issuer;
+ X509_VAL *validity;
+ X509_NAME *subject;
+ X509_PUBKEY *key;
+ ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
+ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
+ STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
+ ASN1_ENCODING enc;
+} X509_CINF;
+
+/*
+ * This stuff is certificate "auxiliary info" it contains details which are
+ * useful in certificate stores and databases. When used this is tagged onto
+ * the end of the certificate itself
+ */
+
+typedef struct x509_cert_aux_st {
+ STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
+ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
+ ASN1_UTF8STRING *alias; /* "friendly name" */
+ ASN1_OCTET_STRING *keyid; /* key id of private key */
+ STACK_OF(X509_ALGOR) *other; /* other unspecified info */
+} X509_CERT_AUX;
+
+struct x509_st {
+ X509_CINF *cert_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int valid;
+ int references;
+ char *name;
+ CRYPTO_EX_DATA ex_data;
+ /* These contain copies of various extension values */
+ long ex_pathlen;
+ long ex_pcpathlen;
+ unsigned long ex_flags;
+ unsigned long ex_kusage;
+ unsigned long ex_xkusage;
+ unsigned long ex_nscert;
+ ASN1_OCTET_STRING *skid;
+ AUTHORITY_KEYID *akid;
+ X509_POLICY_CACHE *policy_cache;
+ STACK_OF(DIST_POINT) *crldp;
+ STACK_OF(GENERAL_NAME) *altname;
+ NAME_CONSTRAINTS *nc;
+# ifndef OPENSSL_NO_RFC3779
+ STACK_OF(IPAddressFamily) *rfc3779_addr;
+ struct ASIdentifiers_st *rfc3779_asid;
+# endif
+# ifndef OPENSSL_NO_SHA
+ unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+# endif
+ X509_CERT_AUX *aux;
+} /* X509 */ ;
+
+DECLARE_STACK_OF(X509)
+DECLARE_ASN1_SET_OF(X509)
+
+/* This is used for a table of trust checking functions */
+
+typedef struct x509_trust_st {
+ int trust;
+ int flags;
+ int (*check_trust) (struct x509_trust_st *, X509 *, int);
+ char *name;
+ int arg1;
+ void *arg2;
+} X509_TRUST;
+
+DECLARE_STACK_OF(X509_TRUST)
+
+typedef struct x509_cert_pair_st {
+ X509 *forward;
+ X509 *reverse;
+} X509_CERT_PAIR;
+
+/* standard trust ids */
+
+# define X509_TRUST_DEFAULT -1/* Only valid in purpose settings */
+
+# define X509_TRUST_COMPAT 1
+# define X509_TRUST_SSL_CLIENT 2
+# define X509_TRUST_SSL_SERVER 3
+# define X509_TRUST_EMAIL 4
+# define X509_TRUST_OBJECT_SIGN 5
+# define X509_TRUST_OCSP_SIGN 6
+# define X509_TRUST_OCSP_REQUEST 7
+# define X509_TRUST_TSA 8
+
+/* Keep these up to date! */
+# define X509_TRUST_MIN 1
+# define X509_TRUST_MAX 8
+
+/* trust_flags values */
+# define X509_TRUST_DYNAMIC 1
+# define X509_TRUST_DYNAMIC_NAME 2
+
+/* check_trust return codes */
+
+# define X509_TRUST_TRUSTED 1
+# define X509_TRUST_REJECTED 2
+# define X509_TRUST_UNTRUSTED 3
+
+/* Flags for X509_print_ex() */
+
+# define X509_FLAG_COMPAT 0
+# define X509_FLAG_NO_HEADER 1L
+# define X509_FLAG_NO_VERSION (1L << 1)
+# define X509_FLAG_NO_SERIAL (1L << 2)
+# define X509_FLAG_NO_SIGNAME (1L << 3)
+# define X509_FLAG_NO_ISSUER (1L << 4)
+# define X509_FLAG_NO_VALIDITY (1L << 5)
+# define X509_FLAG_NO_SUBJECT (1L << 6)
+# define X509_FLAG_NO_PUBKEY (1L << 7)
+# define X509_FLAG_NO_EXTENSIONS (1L << 8)
+# define X509_FLAG_NO_SIGDUMP (1L << 9)
+# define X509_FLAG_NO_AUX (1L << 10)
+# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
+
+/* Flags specific to X509_NAME_print_ex() */
+
+/* The field separator information */
+
+# define XN_FLAG_SEP_MASK (0xf << 16)
+
+# define XN_FLAG_COMPAT 0/* Traditional SSLeay: use old
+ * X509_NAME_print */
+# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */
+# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */
+# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */
+# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */
+
+# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */
+
+/* How the field name is shown */
+
+# define XN_FLAG_FN_MASK (0x3 << 21)
+
+# define XN_FLAG_FN_SN 0/* Object short name */
+# define XN_FLAG_FN_LN (1 << 21)/* Object long name */
+# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */
+# define XN_FLAG_FN_NONE (3 << 21)/* No field names */
+
+# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */
+
+/*
+ * This determines if we dump fields we don't recognise: RFC2253 requires
+ * this.
+ */
+
+# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
+
+# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20
+ * characters */
+
+/* Complete set of RFC2253 flags */
+
+# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
+ XN_FLAG_SEP_COMMA_PLUS | \
+ XN_FLAG_DN_REV | \
+ XN_FLAG_FN_SN | \
+ XN_FLAG_DUMP_UNKNOWN_FIELDS)
+
+/* readable oneline form */
+
+# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
+ ASN1_STRFLGS_ESC_QUOTE | \
+ XN_FLAG_SEP_CPLUS_SPC | \
+ XN_FLAG_SPC_EQ | \
+ XN_FLAG_FN_SN)
+
+/* readable multiline form */
+
+# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB | \
+ XN_FLAG_SEP_MULTILINE | \
+ XN_FLAG_SPC_EQ | \
+ XN_FLAG_FN_LN | \
+ XN_FLAG_FN_ALIGN)
+
+struct x509_revoked_st {
+ ASN1_INTEGER *serialNumber;
+ ASN1_TIME *revocationDate;
+ STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+ /* Set up if indirect CRL */
+ STACK_OF(GENERAL_NAME) *issuer;
+ /* Revocation reason */
+ int reason;
+ int sequence; /* load sequence */
+};
+
+DECLARE_STACK_OF(X509_REVOKED)
+DECLARE_ASN1_SET_OF(X509_REVOKED)
+
+typedef struct X509_crl_info_st {
+ ASN1_INTEGER *version;
+ X509_ALGOR *sig_alg;
+ X509_NAME *issuer;
+ ASN1_TIME *lastUpdate;
+ ASN1_TIME *nextUpdate;
+ STACK_OF(X509_REVOKED) *revoked;
+ STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
+ ASN1_ENCODING enc;
+} X509_CRL_INFO;
+
+struct X509_crl_st {
+ /* actual signature */
+ X509_CRL_INFO *crl;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ int flags;
+ /* Copies of various extensions */
+ AUTHORITY_KEYID *akid;
+ ISSUING_DIST_POINT *idp;
+ /* Convenient breakdown of IDP */
+ int idp_flags;
+ int idp_reasons;
+ /* CRL and base CRL numbers for delta processing */
+ ASN1_INTEGER *crl_number;
+ ASN1_INTEGER *base_crl_number;
+# ifndef OPENSSL_NO_SHA
+ unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+# endif
+ STACK_OF(GENERAL_NAMES) *issuers;
+ const X509_CRL_METHOD *meth;
+ void *meth_data;
+} /* X509_CRL */ ;
+
+DECLARE_STACK_OF(X509_CRL)
+DECLARE_ASN1_SET_OF(X509_CRL)
+
+typedef struct private_key_st {
+ int version;
+ /* The PKCS#8 data types */
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
+ /* When decrypted, the following will not be NULL */
+ EVP_PKEY *dec_pkey;
+ /* used to encrypt and decrypt */
+ int key_length;
+ char *key_data;
+ int key_free; /* true if we should auto free key_data */
+ /* expanded version of 'enc_algor' */
+ EVP_CIPHER_INFO cipher;
+ int references;
+} X509_PKEY;
+
+# ifndef OPENSSL_NO_EVP
+typedef struct X509_info_st {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+ int references;
+} X509_INFO;
+
+DECLARE_STACK_OF(X509_INFO)
+# endif
+
+/*
+ * The next 2 structures and their 8 routines were sent to me by Pat Richard
+ * <patr at x509.com> and are used to manipulate Netscapes spki structures -
+ * useful if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
+} NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st {
+ NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
+ X509_ALGOR *sig_algor;
+ ASN1_BIT_STRING *signature;
+} NETSCAPE_SPKI;
+
+/* Netscape certificate sequence structure */
+typedef struct Netscape_certificate_sequence {
+ ASN1_OBJECT *type;
+ STACK_OF(X509) *certs;
+} NETSCAPE_CERT_SEQUENCE;
+
+/*- Unused (and iv length is wrong)
+typedef struct CBCParameter_st
+ {
+ unsigned char iv[8];
+ } CBC_PARAM;
+*/
+
+/* Password based encryption structure */
+
+typedef struct PBEPARAM_st {
+ ASN1_OCTET_STRING *salt;
+ ASN1_INTEGER *iter;
+} PBEPARAM;
+
+/* Password based encryption V2 structures */
+
+typedef struct PBE2PARAM_st {
+ X509_ALGOR *keyfunc;
+ X509_ALGOR *encryption;
+} PBE2PARAM;
+
+typedef struct PBKDF2PARAM_st {
+/* Usually OCTET STRING but could be anything */
+ ASN1_TYPE *salt;
+ ASN1_INTEGER *iter;
+ ASN1_INTEGER *keylength;
+ X509_ALGOR *prf;
+} PBKDF2PARAM;
+
+/* PKCS#8 private key info structure */
+
+struct pkcs8_priv_key_info_st {
+ /* Flag for various broken formats */
+ int broken;
+# define PKCS8_OK 0
+# define PKCS8_NO_OCTET 1
+# define PKCS8_EMBEDDED_PARAM 2
+# define PKCS8_NS_DB 3
+# define PKCS8_NEG_PRIVKEY 4
+ ASN1_INTEGER *version;
+ X509_ALGOR *pkeyalg;
+ /* Should be OCTET STRING but some are broken */
+ ASN1_TYPE *pkey;
+ STACK_OF(X509_ATTRIBUTE) *attributes;
+};
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/x509_vfy.h>
+# include <openssl/pkcs7.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define X509_EXT_PACK_UNKNOWN 1
+# define X509_EXT_PACK_STRING 2
+
+# define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
+/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
+# define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
+# define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
+# define X509_extract_key(x) X509_get_pubkey(x)/*****/
+# define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
+# define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
+# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
+# define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
+
+# define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
+# define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
+# define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
+# define X509_CRL_get_issuer(x) ((x)->crl->issuer)
+# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+ int (*crl_free) (X509_CRL *crl),
+ int (*crl_lookup) (X509_CRL *crl,
+ X509_REVOKED **ret,
+ ASN1_INTEGER *ser,
+ X509_NAME *issuer),
+ int (*crl_verify) (X509_CRL *crl,
+ EVP_PKEY *pk));
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
+void *X509_CRL_get_meth_data(X509_CRL *crl);
+
+/*
+ * This one is only used so that a binary form can output, as in
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
+ */
+# define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
+
+const char *X509_verify_cert_error_string(long n);
+
+# ifndef OPENSSL_NO_EVP
+int X509_verify(X509 *a, EVP_PKEY *r);
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
+char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
+EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
+int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
+int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
+
+int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+# endif
+
+# ifndef OPENSSL_NO_FP_API
+X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+int i2d_X509_fp(FILE *fp, X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+# ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+# endif
+# ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+# endif
+# ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+# endif
+X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+ PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+# endif
+
+# ifndef OPENSSL_NO_BIO
+X509 *d2i_X509_bio(BIO *bp, X509 **x509);
+int i2d_X509_bio(BIO *bp, X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
+int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
+int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
+# ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
+RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
+# endif
+# ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+# endif
+# ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
+# endif
+X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
+int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+ PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
+int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+# endif
+
+X509 *X509_dup(X509 *x509);
+X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
+X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
+X509_CRL *X509_CRL_dup(X509_CRL *crl);
+X509_REQ *X509_REQ_dup(X509_REQ *req);
+X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
+ void *pval);
+void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+ X509_ALGOR *algor);
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
+
+X509_NAME *X509_NAME_dup(X509_NAME *xn);
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
+
+int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+int X509_cmp_current_time(const ASN1_TIME *s);
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+ int offset_day, long offset_sec, time_t *t);
+ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
+
+const char *X509_get_default_cert_area(void);
+const char *X509_get_default_cert_dir(void);
+const char *X509_get_default_cert_file(void);
+const char *X509_get_default_cert_dir_env(void);
+const char *X509_get_default_cert_file_env(void);
+const char *X509_get_default_private_dir(void);
+
+X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
+
+DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+DECLARE_ASN1_FUNCTIONS(X509_VAL)
+
+DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
+
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
+int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+# ifndef OPENSSL_NO_RSA
+int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
+RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
+# endif
+# ifndef OPENSSL_NO_DSA
+int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
+DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
+# endif
+# ifndef OPENSSL_NO_EC
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
+# endif
+
+DECLARE_ASN1_FUNCTIONS(X509_SIG)
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_REQ)
+
+DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
+
+DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME)
+
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(X509_CINF)
+
+DECLARE_ASN1_FUNCTIONS(X509)
+DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+
+DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)
+
+int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int X509_set_ex_data(X509 *r, int idx, void *arg);
+void *X509_get_ex_data(X509 *r, int idx);
+int i2d_X509_AUX(X509 *a, unsigned char **pp);
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
+
+int X509_alias_set1(X509 *x, unsigned char *name, int len);
+int X509_keyid_set1(X509 *x, unsigned char *id, int len);
+unsigned char *X509_alias_get0(X509 *x, int *len);
+unsigned char *X509_keyid_get0(X509 *x, int *len);
+int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
+ int);
+int X509_TRUST_set(int *t, int trust);
+int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
+void X509_trust_clear(X509 *x);
+void X509_reject_clear(X509 *x);
+
+DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_CRL)
+
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+ X509_REVOKED **ret, ASN1_INTEGER *serial);
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+X509_PKEY *X509_PKEY_new(void);
+void X509_PKEY_free(X509_PKEY *a);
+int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp);
+X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp,
+ long length);
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+# ifndef OPENSSL_NO_EVP
+X509_INFO *X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
+
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
+
+int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+ unsigned char *md, unsigned int *len);
+
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ char *data, EVP_PKEY *pkey, const EVP_MD *type);
+
+int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
+ unsigned char *md, unsigned int *len);
+
+int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
+
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
+ EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ void *asn, EVP_MD_CTX *ctx);
+# endif
+
+int X509_set_version(X509 *x, long version);
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+int X509_set_issuer_name(X509 *x, X509_NAME *name);
+X509_NAME *X509_get_issuer_name(X509 *a);
+int X509_set_subject_name(X509 *x, X509_NAME *name);
+X509_NAME *X509_get_subject_name(X509 *a);
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_get_pubkey(X509 *x);
+ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
+int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
+
+int X509_REQ_set_version(X509_REQ *x, long version);
+int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+int X509_REQ_extension_nid(int nid);
+int *X509_REQ_get_extension_nids(void);
+void X509_REQ_set_extension_nids(int *nids);
+STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+ int nid);
+int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+int X509_REQ_get_attr_count(const X509_REQ *req);
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
+ int nid, int type,
+ const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
+
+int X509_CRL_set_version(X509_CRL *x, long version);
+int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_sort(X509_CRL *crl);
+
+int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
+int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
+
+int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
+
+int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+int X509_subject_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+# ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *a);
+unsigned long X509_subject_name_hash_old(X509 *x);
+# endif
+
+int X509_cmp(const X509 *a, const X509 *b);
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+unsigned long X509_NAME_hash(X509_NAME *x);
+unsigned long X509_NAME_hash_old(X509_NAME *x);
+
+int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+# ifndef OPENSSL_NO_FP_API
+int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_print_fp(FILE *bp, X509 *x);
+int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
+ unsigned long flags);
+# endif
+
+# ifndef OPENSSL_NO_BIO
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
+ unsigned long flags);
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_print(BIO *bp, X509 *x);
+int X509_ocspid_print(BIO *bp, X509 *x);
+int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
+int X509_CRL_print(BIO *bp, X509_CRL *x);
+int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_REQ_print(BIO *bp, X509_REQ *req);
+# endif
+
+int X509_NAME_entry_count(X509_NAME *name);
+int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+ char *buf, int len);
+
+/*
+ * NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
+ * lastpos, search after that position on.
+ */
+int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+ int lastpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
+ int loc, int set);
+int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
+ unsigned char *bytes, int len, int loc,
+ int set);
+int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+ unsigned char *bytes, int len, int loc,
+ int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
+ const char *field, int type,
+ const unsigned char *bytes,
+ int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+ int type, unsigned char *bytes,
+ int len);
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+ const unsigned char *bytes, int len, int loc,
+ int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+ ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes,
+ int len);
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+ const unsigned char *bytes, int len);
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+
+int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+ int nid, int lastpos);
+int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+ ASN1_OBJECT *obj, int lastpos);
+int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+ int crit, int lastpos);
+X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+ X509_EXTENSION *ex, int loc);
+
+int X509_get_ext_count(X509 *x);
+int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
+int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos);
+int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
+X509_EXTENSION *X509_get_ext(X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
+int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+int X509_CRL_get_ext_count(X509_CRL *x);
+int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
+int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos);
+int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
+int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+int X509_REVOKED_get_ext_count(X509_REVOKED *x);
+int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
+int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
+ int lastpos);
+int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
+int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+ int nid, int crit,
+ ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+ ASN1_OBJECT *obj, int crit,
+ ASN1_OCTET_STRING *data);
+int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
+
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+ int lastpos);
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+ ASN1_OBJECT *obj, int lastpos);
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+ X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+ **x, const ASN1_OBJECT *obj,
+ int type,
+ const unsigned char *bytes,
+ int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+ **x, int nid, int type,
+ const unsigned char *bytes,
+ int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+ **x, const char *attrname,
+ int type,
+ const unsigned char *bytes,
+ int len);
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
+ int lastpos, int type);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
+ int atrtype, const void *data,
+ int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
+ const ASN1_OBJECT *obj,
+ int atrtype, const void *data,
+ int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+ const char *atrname, int type,
+ const unsigned char *bytes,
+ int len);
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
+ const void *data, int len);
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
+ void *data);
+int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
+
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+ int nid, int type,
+ const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
+ ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen);
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+ const unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid);
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen);
+
+/* PKCS#8 utilities */
+
+DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
+PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+ int version, int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+ int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, X509_PUBKEY *pub);
+
+int X509_check_trust(X509 *x, int id, int flags);
+int X509_TRUST_get_count(void);
+X509_TRUST *X509_TRUST_get0(int idx);
+int X509_TRUST_get_by_id(int id);
+int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
+ char *name, int arg1, void *arg2);
+void X509_TRUST_cleanup(void);
+int X509_TRUST_get_flags(X509_TRUST *xp);
+char *X509_TRUST_get0_name(X509_TRUST *xp);
+int X509_TRUST_get_trust(X509_TRUST *xp);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+
+void ERR_load_X509_strings(void);
+
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+# define X509_F_ADD_CERT_DIR 100
+# define X509_F_BY_FILE_CTRL 101
+# define X509_F_CHECK_NAME_CONSTRAINTS 106
+# define X509_F_CHECK_POLICY 145
+# define X509_F_DIR_CTRL 102
+# define X509_F_GET_CERT_BY_SUBJECT 103
+# define X509_F_NETSCAPE_SPKI_B64_DECODE 129
+# define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
+# define X509_F_X509AT_ADD1_ATTR 135
+# define X509_F_X509V3_ADD_EXT 104
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
+# define X509_F_X509_ATTRIBUTE_GET0_DATA 139
+# define X509_F_X509_ATTRIBUTE_SET1_DATA 138
+# define X509_F_X509_CHECK_PRIVATE_KEY 128
+# define X509_F_X509_CRL_PRINT_FP 147
+# define X509_F_X509_EXTENSION_CREATE_BY_NID 108
+# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
+# define X509_F_X509_GET_PUBKEY_PARAMETERS 110
+# define X509_F_X509_LOAD_CERT_CRL_FILE 132
+# define X509_F_X509_LOAD_CERT_FILE 111
+# define X509_F_X509_LOAD_CRL_FILE 112
+# define X509_F_X509_NAME_ADD_ENTRY 113
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
+# define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
+# define X509_F_X509_NAME_ONELINE 116
+# define X509_F_X509_NAME_PRINT 117
+# define X509_F_X509_PRINT_EX_FP 118
+# define X509_F_X509_PUBKEY_GET 119
+# define X509_F_X509_PUBKEY_SET 120
+# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144
+# define X509_F_X509_REQ_PRINT_EX 121
+# define X509_F_X509_REQ_PRINT_FP 122
+# define X509_F_X509_REQ_TO_X509 123
+# define X509_F_X509_STORE_ADD_CERT 124
+# define X509_F_X509_STORE_ADD_CRL 125
+# define X509_F_X509_STORE_CTX_GET1_ISSUER 146
+# define X509_F_X509_STORE_CTX_INIT 143
+# define X509_F_X509_STORE_CTX_NEW 142
+# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
+# define X509_F_X509_TO_X509_REQ 126
+# define X509_F_X509_TRUST_ADD 133
+# define X509_F_X509_TRUST_SET 141
+# define X509_F_X509_VERIFY_CERT 127
+
+/* Reason codes. */
+# define X509_R_BAD_X509_FILETYPE 100
+# define X509_R_BASE64_DECODE_ERROR 118
+# define X509_R_CANT_CHECK_DH_KEY 114
+# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+# define X509_R_ERR_ASN1_LIB 102
+# define X509_R_INVALID_DIRECTORY 113
+# define X509_R_INVALID_FIELD_NAME 119
+# define X509_R_INVALID_TRUST 123
+# define X509_R_KEY_TYPE_MISMATCH 115
+# define X509_R_KEY_VALUES_MISMATCH 116
+# define X509_R_LOADING_CERT_DIR 103
+# define X509_R_LOADING_DEFAULTS 104
+# define X509_R_METHOD_NOT_SUPPORTED 124
+# define X509_R_NAME_TOO_LONG 134
+# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
+# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
+# define X509_R_SHOULD_RETRY 106
+# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+# define X509_R_UNKNOWN_KEY_TYPE 117
+# define X509_R_UNKNOWN_NID 109
+# define X509_R_UNKNOWN_PURPOSE_ID 121
+# define X509_R_UNKNOWN_TRUST_ID 120
+# define X509_R_UNSUPPORTED_ALGORITHM 111
+# define X509_R_WRONG_LOOKUP_TYPE 112
+# define X509_R_WRONG_TYPE 122
+
+# ifdef __cplusplus
+}
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509/x509_err.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,178 +0,0 @@
-/* crypto/x509/x509_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
-
-static ERR_STRING_DATA X509_str_functs[] = {
- {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
- {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
- {ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"},
- {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
- {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
- {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
- {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
- {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
- {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
- {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),
- "X509_ATTRIBUTE_create_by_NID"},
- {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),
- "X509_ATTRIBUTE_create_by_OBJ"},
- {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),
- "X509_ATTRIBUTE_create_by_txt"},
- {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
- {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
- {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
- {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
- {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),
- "X509_EXTENSION_create_by_NID"},
- {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),
- "X509_EXTENSION_create_by_OBJ"},
- {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),
- "X509_get_pubkey_parameters"},
- {ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
- {ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
- {ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
- {ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
- {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),
- "X509_NAME_ENTRY_create_by_NID"},
- {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),
- "X509_NAME_ENTRY_create_by_txt"},
- {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),
- "X509_NAME_ENTRY_set_object"},
- {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
- {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
- {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
- {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
- {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
- {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),
- "X509_REQ_check_private_key"},
- {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
- {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
- {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
- {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
- {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
- {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),
- "X509_STORE_CTX_get1_issuer"},
- {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
- {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
- {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
- "X509_STORE_CTX_purpose_inherit"},
- {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
- {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
- {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
- {ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA X509_str_reasons[] = {
- {ERR_REASON(X509_R_BAD_X509_FILETYPE), "bad x509 filetype"},
- {ERR_REASON(X509_R_BASE64_DECODE_ERROR), "base64 decode error"},
- {ERR_REASON(X509_R_CANT_CHECK_DH_KEY), "cant check dh key"},
- {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),
- "cert already in hash table"},
- {ERR_REASON(X509_R_ERR_ASN1_LIB), "err asn1 lib"},
- {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
- {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
- {ERR_REASON(X509_R_INVALID_TRUST), "invalid trust"},
- {ERR_REASON(X509_R_KEY_TYPE_MISMATCH), "key type mismatch"},
- {ERR_REASON(X509_R_KEY_VALUES_MISMATCH), "key values mismatch"},
- {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
- {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
- {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
- {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
- "no cert set for us to verify"},
- {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
- {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
- {ERR_REASON(X509_R_SHOULD_RETRY), "should retry"},
- {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
- "unable to find parameters in chain"},
- {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),
- "unable to get certs public key"},
- {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE), "unknown key type"},
- {ERR_REASON(X509_R_UNKNOWN_NID), "unknown nid"},
- {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID), "unknown purpose id"},
- {ERR_REASON(X509_R_UNKNOWN_TRUST_ID), "unknown trust id"},
- {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
- {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE), "wrong lookup type"},
- {ERR_REASON(X509_R_WRONG_TYPE), "wrong type"},
- {0, NULL}
-};
-
-#endif
-
-void ERR_load_X509_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
- if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
- ERR_load_strings(0, X509_str_functs);
- ERR_load_strings(0, X509_str_reasons);
- }
-#endif
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509/x509_err.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_err.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,180 @@
+/* crypto/x509/x509_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
+
+static ERR_STRING_DATA X509_str_functs[] = {
+ {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
+ {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
+ {ERR_FUNC(X509_F_CHECK_NAME_CONSTRAINTS), "CHECK_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"},
+ {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
+ {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
+ {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
+ {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
+ {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
+ {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
+ {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),
+ "X509_ATTRIBUTE_create_by_NID"},
+ {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),
+ "X509_ATTRIBUTE_create_by_OBJ"},
+ {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),
+ "X509_ATTRIBUTE_create_by_txt"},
+ {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
+ {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
+ {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
+ {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
+ {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),
+ "X509_EXTENSION_create_by_NID"},
+ {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),
+ "X509_EXTENSION_create_by_OBJ"},
+ {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),
+ "X509_get_pubkey_parameters"},
+ {ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
+ {ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
+ {ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
+ {ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
+ {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),
+ "X509_NAME_ENTRY_create_by_NID"},
+ {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),
+ "X509_NAME_ENTRY_create_by_txt"},
+ {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),
+ "X509_NAME_ENTRY_set_object"},
+ {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
+ {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
+ {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
+ {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
+ {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
+ {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),
+ "X509_REQ_check_private_key"},
+ {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
+ {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
+ {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
+ {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
+ {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
+ {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),
+ "X509_STORE_CTX_get1_issuer"},
+ {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
+ {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
+ {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
+ "X509_STORE_CTX_purpose_inherit"},
+ {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
+ {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
+ {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
+ {ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
+ {0, NULL}
+};
+
+static ERR_STRING_DATA X509_str_reasons[] = {
+ {ERR_REASON(X509_R_BAD_X509_FILETYPE), "bad x509 filetype"},
+ {ERR_REASON(X509_R_BASE64_DECODE_ERROR), "base64 decode error"},
+ {ERR_REASON(X509_R_CANT_CHECK_DH_KEY), "cant check dh key"},
+ {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),
+ "cert already in hash table"},
+ {ERR_REASON(X509_R_ERR_ASN1_LIB), "err asn1 lib"},
+ {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
+ {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
+ {ERR_REASON(X509_R_INVALID_TRUST), "invalid trust"},
+ {ERR_REASON(X509_R_KEY_TYPE_MISMATCH), "key type mismatch"},
+ {ERR_REASON(X509_R_KEY_VALUES_MISMATCH), "key values mismatch"},
+ {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
+ {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
+ {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
+ {ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"},
+ {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
+ "no cert set for us to verify"},
+ {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
+ {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
+ {ERR_REASON(X509_R_SHOULD_RETRY), "should retry"},
+ {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
+ "unable to find parameters in chain"},
+ {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),
+ "unable to get certs public key"},
+ {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE), "unknown key type"},
+ {ERR_REASON(X509_R_UNKNOWN_NID), "unknown nid"},
+ {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID), "unknown purpose id"},
+ {ERR_REASON(X509_R_UNKNOWN_TRUST_ID), "unknown trust id"},
+ {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
+ {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE), "wrong lookup type"},
+ {ERR_REASON(X509_R_WRONG_TYPE), "wrong type"},
+ {0, NULL}
+};
+
+#endif
+
+void ERR_load_X509_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+ if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
+ ERR_load_strings(0, X509_str_functs);
+ ERR_load_strings(0, X509_str_reasons);
+ }
+#endif
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509/x509_obj.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,212 +0,0 @@
-/* crypto/x509/x509_obj.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/buffer.h>
-
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
-{
- X509_NAME_ENTRY *ne;
- int i;
- int n, lold, l, l1, l2, num, j, type;
- const char *s;
- char *p;
- unsigned char *q;
- BUF_MEM *b = NULL;
- static const char hex[17] = "0123456789ABCDEF";
- int gs_doit[4];
- char tmp_buf[80];
-#ifdef CHARSET_EBCDIC
- char ebcdic_buf[1024];
-#endif
-
- if (buf == NULL) {
- if ((b = BUF_MEM_new()) == NULL)
- goto err;
- if (!BUF_MEM_grow(b, 200))
- goto err;
- b->data[0] = '\0';
- len = 200;
- }
- if (a == NULL) {
- if (b) {
- buf = b->data;
- OPENSSL_free(b);
- }
- strncpy(buf, "NO X509_NAME", len);
- buf[len - 1] = '\0';
- return buf;
- }
-
- len--; /* space for '\0' */
- l = 0;
- for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
- ne = sk_X509_NAME_ENTRY_value(a->entries, i);
- n = OBJ_obj2nid(ne->object);
- if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
- i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
- s = tmp_buf;
- }
- l1 = strlen(s);
-
- type = ne->value->type;
- num = ne->value->length;
- q = ne->value->data;
-#ifdef CHARSET_EBCDIC
- if (type == V_ASN1_GENERALSTRING ||
- type == V_ASN1_VISIBLESTRING ||
- type == V_ASN1_PRINTABLESTRING ||
- type == V_ASN1_TELETEXSTRING ||
- type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) {
- ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf)
- ? sizeof ebcdic_buf : num);
- q = ebcdic_buf;
- }
-#endif
-
- if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
- gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
- for (j = 0; j < num; j++)
- if (q[j] != 0)
- gs_doit[j & 3] = 1;
-
- if (gs_doit[0] | gs_doit[1] | gs_doit[2])
- gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
- else {
- gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
- gs_doit[3] = 1;
- }
- } else
- gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
-
- for (l2 = j = 0; j < num; j++) {
- if (!gs_doit[j & 3])
- continue;
- l2++;
-#ifndef CHARSET_EBCDIC
- if ((q[j] < ' ') || (q[j] > '~'))
- l2 += 3;
-#else
- if ((os_toascii[q[j]] < os_toascii[' ']) ||
- (os_toascii[q[j]] > os_toascii['~']))
- l2 += 3;
-#endif
- }
-
- lold = l;
- l += 1 + l1 + 1 + l2;
- if (b != NULL) {
- if (!BUF_MEM_grow(b, l + 1))
- goto err;
- p = &(b->data[lold]);
- } else if (l > len) {
- break;
- } else
- p = &(buf[lold]);
- *(p++) = '/';
- memcpy(p, s, (unsigned int)l1);
- p += l1;
- *(p++) = '=';
-
-#ifndef CHARSET_EBCDIC /* q was assigned above already. */
- q = ne->value->data;
-#endif
-
- for (j = 0; j < num; j++) {
- if (!gs_doit[j & 3])
- continue;
-#ifndef CHARSET_EBCDIC
- n = q[j];
- if ((n < ' ') || (n > '~')) {
- *(p++) = '\\';
- *(p++) = 'x';
- *(p++) = hex[(n >> 4) & 0x0f];
- *(p++) = hex[n & 0x0f];
- } else
- *(p++) = n;
-#else
- n = os_toascii[q[j]];
- if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
- *(p++) = '\\';
- *(p++) = 'x';
- *(p++) = hex[(n >> 4) & 0x0f];
- *(p++) = hex[n & 0x0f];
- } else
- *(p++) = q[j];
-#endif
- }
- *p = '\0';
- }
- if (b != NULL) {
- p = b->data;
- OPENSSL_free(b);
- } else
- p = buf;
- if (i == 0)
- *p = '\0';
- return (p);
- err:
- X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
- if (b != NULL)
- BUF_MEM_free(b);
- return (NULL);
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509/x509_obj.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_obj.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,230 @@
+/* crypto/x509/x509_obj.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/buffer.h>
+
+/*
+ * Limit to ensure we don't overflow: much greater than
+ * anything enountered in practice.
+ */
+
+#define NAME_ONELINE_MAX (1024 * 1024)
+
+char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+{
+ X509_NAME_ENTRY *ne;
+ int i;
+ int n, lold, l, l1, l2, num, j, type;
+ const char *s;
+ char *p;
+ unsigned char *q;
+ BUF_MEM *b = NULL;
+ static const char hex[17] = "0123456789ABCDEF";
+ int gs_doit[4];
+ char tmp_buf[80];
+#ifdef CHARSET_EBCDIC
+ char ebcdic_buf[1024];
+#endif
+
+ if (buf == NULL) {
+ if ((b = BUF_MEM_new()) == NULL)
+ goto err;
+ if (!BUF_MEM_grow(b, 200))
+ goto err;
+ b->data[0] = '\0';
+ len = 200;
+ } else if (len == 0) {
+ return NULL;
+ }
+ if (a == NULL) {
+ if (b) {
+ buf = b->data;
+ OPENSSL_free(b);
+ }
+ strncpy(buf, "NO X509_NAME", len);
+ buf[len - 1] = '\0';
+ return buf;
+ }
+
+ len--; /* space for '\0' */
+ l = 0;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ ne = sk_X509_NAME_ENTRY_value(a->entries, i);
+ n = OBJ_obj2nid(ne->object);
+ if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
+ i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
+ s = tmp_buf;
+ }
+ l1 = strlen(s);
+
+ type = ne->value->type;
+ num = ne->value->length;
+ if (num > NAME_ONELINE_MAX) {
+ X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
+ goto end;
+ }
+ q = ne->value->data;
+#ifdef CHARSET_EBCDIC
+ if (type == V_ASN1_GENERALSTRING ||
+ type == V_ASN1_VISIBLESTRING ||
+ type == V_ASN1_PRINTABLESTRING ||
+ type == V_ASN1_TELETEXSTRING ||
+ type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) {
+ if (num > (int)sizeof(ebcdic_buf))
+ num = sizeof(ebcdic_buf);
+ ascii2ebcdic(ebcdic_buf, q, num);
+ q = ebcdic_buf;
+ }
+#endif
+
+ if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
+ gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
+ for (j = 0; j < num; j++)
+ if (q[j] != 0)
+ gs_doit[j & 3] = 1;
+
+ if (gs_doit[0] | gs_doit[1] | gs_doit[2])
+ gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
+ else {
+ gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
+ gs_doit[3] = 1;
+ }
+ } else
+ gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
+
+ for (l2 = j = 0; j < num; j++) {
+ if (!gs_doit[j & 3])
+ continue;
+ l2++;
+#ifndef CHARSET_EBCDIC
+ if ((q[j] < ' ') || (q[j] > '~'))
+ l2 += 3;
+#else
+ if ((os_toascii[q[j]] < os_toascii[' ']) ||
+ (os_toascii[q[j]] > os_toascii['~']))
+ l2 += 3;
+#endif
+ }
+
+ lold = l;
+ l += 1 + l1 + 1 + l2;
+ if (l > NAME_ONELINE_MAX) {
+ X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
+ goto end;
+ }
+ if (b != NULL) {
+ if (!BUF_MEM_grow(b, l + 1))
+ goto err;
+ p = &(b->data[lold]);
+ } else if (l > len) {
+ break;
+ } else
+ p = &(buf[lold]);
+ *(p++) = '/';
+ memcpy(p, s, (unsigned int)l1);
+ p += l1;
+ *(p++) = '=';
+
+#ifndef CHARSET_EBCDIC /* q was assigned above already. */
+ q = ne->value->data;
+#endif
+
+ for (j = 0; j < num; j++) {
+ if (!gs_doit[j & 3])
+ continue;
+#ifndef CHARSET_EBCDIC
+ n = q[j];
+ if ((n < ' ') || (n > '~')) {
+ *(p++) = '\\';
+ *(p++) = 'x';
+ *(p++) = hex[(n >> 4) & 0x0f];
+ *(p++) = hex[n & 0x0f];
+ } else
+ *(p++) = n;
+#else
+ n = os_toascii[q[j]];
+ if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
+ *(p++) = '\\';
+ *(p++) = 'x';
+ *(p++) = hex[(n >> 4) & 0x0f];
+ *(p++) = hex[n & 0x0f];
+ } else
+ *(p++) = q[j];
+#endif
+ }
+ *p = '\0';
+ }
+ if (b != NULL) {
+ p = b->data;
+ OPENSSL_free(b);
+ } else
+ p = buf;
+ if (i == 0)
+ *p = '\0';
+ return (p);
+ err:
+ X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
+ end:
+ BUF_MEM_free(b);
+ return (NULL);
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509/x509_txt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,191 +0,0 @@
-/* crypto/x509/x509_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-const char *X509_verify_cert_error_string(long n)
-{
- static char buf[100];
-
- switch ((int)n) {
- case X509_V_OK:
- return ("ok");
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- return ("unable to get issuer certificate");
- case X509_V_ERR_UNABLE_TO_GET_CRL:
- return ("unable to get certificate CRL");
- case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
- return ("unable to decrypt certificate's signature");
- case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
- return ("unable to decrypt CRL's signature");
- case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
- return ("unable to decode issuer public key");
- case X509_V_ERR_CERT_SIGNATURE_FAILURE:
- return ("certificate signature failure");
- case X509_V_ERR_CRL_SIGNATURE_FAILURE:
- return ("CRL signature failure");
- case X509_V_ERR_CERT_NOT_YET_VALID:
- return ("certificate is not yet valid");
- case X509_V_ERR_CRL_NOT_YET_VALID:
- return ("CRL is not yet valid");
- case X509_V_ERR_CERT_HAS_EXPIRED:
- return ("certificate has expired");
- case X509_V_ERR_CRL_HAS_EXPIRED:
- return ("CRL has expired");
- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
- return ("format error in certificate's notBefore field");
- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
- return ("format error in certificate's notAfter field");
- case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
- return ("format error in CRL's lastUpdate field");
- case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
- return ("format error in CRL's nextUpdate field");
- case X509_V_ERR_OUT_OF_MEM:
- return ("out of memory");
- case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
- return ("self signed certificate");
- case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
- return ("self signed certificate in certificate chain");
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
- return ("unable to get local issuer certificate");
- case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
- return ("unable to verify the first certificate");
- case X509_V_ERR_CERT_CHAIN_TOO_LONG:
- return ("certificate chain too long");
- case X509_V_ERR_CERT_REVOKED:
- return ("certificate revoked");
- case X509_V_ERR_INVALID_CA:
- return ("invalid CA certificate");
- case X509_V_ERR_INVALID_NON_CA:
- return ("invalid non-CA certificate (has CA markings)");
- case X509_V_ERR_PATH_LENGTH_EXCEEDED:
- return ("path length constraint exceeded");
- case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
- return ("proxy path length constraint exceeded");
- case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
- return
- ("proxy certificates not allowed, please set the appropriate flag");
- case X509_V_ERR_INVALID_PURPOSE:
- return ("unsupported certificate purpose");
- case X509_V_ERR_CERT_UNTRUSTED:
- return ("certificate not trusted");
- case X509_V_ERR_CERT_REJECTED:
- return ("certificate rejected");
- case X509_V_ERR_APPLICATION_VERIFICATION:
- return ("application verification failure");
- case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
- return ("subject issuer mismatch");
- case X509_V_ERR_AKID_SKID_MISMATCH:
- return ("authority and subject key identifier mismatch");
- case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
- return ("authority and issuer serial number mismatch");
- case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
- return ("key usage does not include certificate signing");
- case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
- return ("unable to get CRL issuer certificate");
- case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
- return ("unhandled critical extension");
- case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
- return ("key usage does not include CRL signing");
- case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
- return ("key usage does not include digital signature");
- case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
- return ("unhandled critical CRL extension");
- case X509_V_ERR_INVALID_EXTENSION:
- return ("invalid or inconsistent certificate extension");
- case X509_V_ERR_INVALID_POLICY_EXTENSION:
- return ("invalid or inconsistent certificate policy extension");
- case X509_V_ERR_NO_EXPLICIT_POLICY:
- return ("no explicit policy");
- case X509_V_ERR_DIFFERENT_CRL_SCOPE:
- return ("Different CRL scope");
- case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
- return ("Unsupported extension feature");
- case X509_V_ERR_UNNESTED_RESOURCE:
- return ("RFC 3779 resource not subset of parent's resources");
-
- case X509_V_ERR_PERMITTED_VIOLATION:
- return ("permitted subtree violation");
- case X509_V_ERR_EXCLUDED_VIOLATION:
- return ("excluded subtree violation");
- case X509_V_ERR_SUBTREE_MINMAX:
- return ("name constraints minimum and maximum not supported");
- case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
- return ("unsupported name constraint type");
- case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
- return ("unsupported or invalid name constraint syntax");
- case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
- return ("unsupported or invalid name syntax");
- case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
- return ("CRL path validation error");
-
- default:
- BIO_snprintf(buf, sizeof buf, "error number %ld", n);
- return (buf);
- }
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509/x509_txt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_txt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,197 @@
+/* crypto/x509/x509_txt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+
+const char *X509_verify_cert_error_string(long n)
+{
+ static char buf[100];
+
+ switch ((int)n) {
+ case X509_V_OK:
+ return ("ok");
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ return ("unable to get issuer certificate");
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ return ("unable to get certificate CRL");
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+ return ("unable to decrypt certificate's signature");
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+ return ("unable to decrypt CRL's signature");
+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+ return ("unable to decode issuer public key");
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ return ("certificate signature failure");
+ case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+ return ("CRL signature failure");
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ return ("certificate is not yet valid");
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ return ("CRL is not yet valid");
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ return ("certificate has expired");
+ case X509_V_ERR_CRL_HAS_EXPIRED:
+ return ("CRL has expired");
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ return ("format error in certificate's notBefore field");
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ return ("format error in certificate's notAfter field");
+ case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+ return ("format error in CRL's lastUpdate field");
+ case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+ return ("format error in CRL's nextUpdate field");
+ case X509_V_ERR_OUT_OF_MEM:
+ return ("out of memory");
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ return ("self signed certificate");
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+ return ("self signed certificate in certificate chain");
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+ return ("unable to get local issuer certificate");
+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ return ("unable to verify the first certificate");
+ case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+ return ("certificate chain too long");
+ case X509_V_ERR_CERT_REVOKED:
+ return ("certificate revoked");
+ case X509_V_ERR_INVALID_CA:
+ return ("invalid CA certificate");
+ case X509_V_ERR_INVALID_NON_CA:
+ return ("invalid non-CA certificate (has CA markings)");
+ case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+ return ("path length constraint exceeded");
+ case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
+ return ("proxy path length constraint exceeded");
+ case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
+ return
+ ("proxy certificates not allowed, please set the appropriate flag");
+ case X509_V_ERR_INVALID_PURPOSE:
+ return ("unsupported certificate purpose");
+ case X509_V_ERR_CERT_UNTRUSTED:
+ return ("certificate not trusted");
+ case X509_V_ERR_CERT_REJECTED:
+ return ("certificate rejected");
+ case X509_V_ERR_APPLICATION_VERIFICATION:
+ return ("application verification failure");
+ case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
+ return ("subject issuer mismatch");
+ case X509_V_ERR_AKID_SKID_MISMATCH:
+ return ("authority and subject key identifier mismatch");
+ case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
+ return ("authority and issuer serial number mismatch");
+ case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
+ return ("key usage does not include certificate signing");
+ case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
+ return ("unable to get CRL issuer certificate");
+ case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+ return ("unhandled critical extension");
+ case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
+ return ("key usage does not include CRL signing");
+ case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
+ return ("key usage does not include digital signature");
+ case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
+ return ("unhandled critical CRL extension");
+ case X509_V_ERR_INVALID_EXTENSION:
+ return ("invalid or inconsistent certificate extension");
+ case X509_V_ERR_INVALID_POLICY_EXTENSION:
+ return ("invalid or inconsistent certificate policy extension");
+ case X509_V_ERR_NO_EXPLICIT_POLICY:
+ return ("no explicit policy");
+ case X509_V_ERR_DIFFERENT_CRL_SCOPE:
+ return ("Different CRL scope");
+ case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
+ return ("Unsupported extension feature");
+ case X509_V_ERR_UNNESTED_RESOURCE:
+ return ("RFC 3779 resource not subset of parent's resources");
+
+ case X509_V_ERR_PERMITTED_VIOLATION:
+ return ("permitted subtree violation");
+ case X509_V_ERR_EXCLUDED_VIOLATION:
+ return ("excluded subtree violation");
+ case X509_V_ERR_SUBTREE_MINMAX:
+ return ("name constraints minimum and maximum not supported");
+ case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
+ return ("unsupported name constraint type");
+ case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
+ return ("unsupported or invalid name constraint syntax");
+ case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
+ return ("unsupported or invalid name syntax");
+ case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
+ return ("CRL path validation error");
+ case X509_V_ERR_INVALID_CALL:
+ return ("Invalid certificate verification context");
+ case X509_V_ERR_STORE_LOOKUP:
+ return ("Issuer certificate lookup error");
+ case X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION:
+ return ("proxy subject name violation");
+
+ default:
+ BIO_snprintf(buf, sizeof buf, "error number %ld", n);
+ return (buf);
+ }
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2221 +0,0 @@
-/* crypto/x509/x509_vfy.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-
-/* CRL score values */
-
-/* No unhandled critical extensions */
-
-#define CRL_SCORE_NOCRITICAL 0x100
-
-/* certificate is within CRL scope */
-
-#define CRL_SCORE_SCOPE 0x080
-
-/* CRL times valid */
-
-#define CRL_SCORE_TIME 0x040
-
-/* Issuer name matches certificate */
-
-#define CRL_SCORE_ISSUER_NAME 0x020
-
-/* If this score or above CRL is probably valid */
-
-#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
-
-/* CRL issuer is certificate issuer */
-
-#define CRL_SCORE_ISSUER_CERT 0x018
-
-/* CRL issuer is on certificate path */
-
-#define CRL_SCORE_SAME_PATH 0x008
-
-/* CRL issuer matches CRL AKID */
-
-#define CRL_SCORE_AKID 0x004
-
-/* Have a delta CRL with valid times */
-
-#define CRL_SCORE_TIME_DELTA 0x002
-
-static int null_callback(int ok, X509_STORE_CTX *e);
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_extensions(X509_STORE_CTX *ctx);
-static int check_name_constraints(X509_STORE_CTX *ctx);
-static int check_trust(X509_STORE_CTX *ctx);
-static int check_revocation(X509_STORE_CTX *ctx);
-static int check_cert(X509_STORE_CTX *ctx);
-static int check_policy(X509_STORE_CTX *ctx);
-
-static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
- unsigned int *preasons, X509_CRL *crl, X509 *x);
-static int get_crl_delta(X509_STORE_CTX *ctx,
- X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
-static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl,
- int *pcrl_score, X509_CRL *base,
- STACK_OF(X509_CRL) *crls);
-static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
- int *pcrl_score);
-static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
- unsigned int *preasons);
-static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
-static int check_crl_chain(X509_STORE_CTX *ctx,
- STACK_OF(X509) *cert_path,
- STACK_OF(X509) *crl_path);
-
-static int internal_verify(X509_STORE_CTX *ctx);
-const char X509_version[] = "X.509" OPENSSL_VERSION_PTEXT;
-
-static int null_callback(int ok, X509_STORE_CTX *e)
-{
- return ok;
-}
-
-#if 0
-static int x509_subject_cmp(X509 **a, X509 **b)
-{
- return X509_subject_name_cmp(*a, *b);
-}
-#endif
-
-int X509_verify_cert(X509_STORE_CTX *ctx)
-{
- X509 *x, *xtmp, *xtmp2, *chain_ss = NULL;
- int bad_chain = 0;
- X509_VERIFY_PARAM *param = ctx->param;
- int depth, i, ok = 0;
- int num, j, retry;
- int (*cb) (int xok, X509_STORE_CTX *xctx);
- STACK_OF(X509) *sktmp = NULL;
- if (ctx->cert == NULL) {
- X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
- return -1;
- }
- if (ctx->chain != NULL) {
- /*
- * This X509_STORE_CTX has already been used to verify a cert. We
- * cannot do another one.
- */
- X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return -1;
- }
-
- cb = ctx->verify_cb;
-
- /*
- * first we make sure the chain we are going to build is present and that
- * the first entry is in place
- */
- if (((ctx->chain = sk_X509_new_null()) == NULL) ||
- (!sk_X509_push(ctx->chain, ctx->cert))) {
- X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
- goto end;
- }
- CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
- ctx->last_untrusted = 1;
-
- /* We use a temporary STACK so we can chop and hack at it */
- if (ctx->untrusted != NULL
- && (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
- X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
- goto end;
- }
-
- num = sk_X509_num(ctx->chain);
- x = sk_X509_value(ctx->chain, num - 1);
- depth = param->depth;
-
- for (;;) {
- /* If we have enough, we break */
- if (depth < num)
- break; /* FIXME: If this happens, we should take
- * note of it and, if appropriate, use the
- * X509_V_ERR_CERT_CHAIN_TOO_LONG error code
- * later. */
-
- /* If we are self signed, we break */
- if (ctx->check_issued(ctx, x, x))
- break;
-
- /* If we were passed a cert chain, use it first */
- if (ctx->untrusted != NULL) {
- xtmp = find_issuer(ctx, sktmp, x);
- if (xtmp != NULL) {
- if (!sk_X509_push(ctx->chain, xtmp)) {
- X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
- goto end;
- }
- CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
- (void)sk_X509_delete_ptr(sktmp, xtmp);
- ctx->last_untrusted++;
- x = xtmp;
- num++;
- /*
- * reparse the full chain for the next one
- */
- continue;
- }
- }
- break;
- }
-
- /* Remember how many untrusted certs we have */
- j = num;
- /*
- * at this point, chain should contain a list of untrusted certificates.
- * We now need to add at least one trusted one, if possible, otherwise we
- * complain.
- */
-
- do {
- /*
- * Examine last certificate in chain and see if it is self signed.
- */
- i = sk_X509_num(ctx->chain);
- x = sk_X509_value(ctx->chain, i - 1);
- if (ctx->check_issued(ctx, x, x)) {
- /* we have a self signed certificate */
- if (sk_X509_num(ctx->chain) == 1) {
- /*
- * We have a single self signed certificate: see if we can
- * find it in the store. We must have an exact match to avoid
- * possible impersonation.
- */
- ok = ctx->get_issuer(&xtmp, ctx, x);
- if ((ok <= 0) || X509_cmp(x, xtmp)) {
- ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
- ctx->current_cert = x;
- ctx->error_depth = i - 1;
- if (ok == 1)
- X509_free(xtmp);
- bad_chain = 1;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- } else {
- /*
- * We have a match: replace certificate with store
- * version so we get any trust settings.
- */
- X509_free(x);
- x = xtmp;
- (void)sk_X509_set(ctx->chain, i - 1, x);
- ctx->last_untrusted = 0;
- }
- } else {
- /*
- * extract and save self signed certificate for later use
- */
- chain_ss = sk_X509_pop(ctx->chain);
- ctx->last_untrusted--;
- num--;
- j--;
- x = sk_X509_value(ctx->chain, num - 1);
- }
- }
- /* We now lookup certs from the certificate store */
- for (;;) {
- /* If we have enough, we break */
- if (depth < num)
- break;
- /* If we are self signed, we break */
- if (ctx->check_issued(ctx, x, x))
- break;
- ok = ctx->get_issuer(&xtmp, ctx, x);
- if (ok < 0)
- return ok;
- if (ok == 0)
- break;
- x = xtmp;
- if (!sk_X509_push(ctx->chain, x)) {
- X509_free(xtmp);
- X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- num++;
- }
-
- /*
- * If we haven't got a least one certificate from our store then check
- * if there is an alternative chain that could be used. We only do this
- * if the user hasn't switched off alternate chain checking
- */
- retry = 0;
- if (num == ctx->last_untrusted &&
- !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
- while (j-- > 1) {
- xtmp2 = sk_X509_value(ctx->chain, j - 1);
- ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
- if (ok < 0)
- goto end;
- /* Check if we found an alternate chain */
- if (ok > 0) {
- /*
- * Free up the found cert we'll add it again later
- */
- X509_free(xtmp);
-
- /*
- * Dump all the certs above this point - we've found an
- * alternate chain
- */
- while (num > j) {
- xtmp = sk_X509_pop(ctx->chain);
- X509_free(xtmp);
- num--;
- }
- ctx->last_untrusted = sk_X509_num(ctx->chain);
- retry = 1;
- break;
- }
- }
- }
- } while (retry);
-
- /* Is last certificate looked up self signed? */
- if (!ctx->check_issued(ctx, x, x)) {
- if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) {
- if (ctx->last_untrusted >= num)
- ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
- else
- ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
- ctx->current_cert = x;
- } else {
-
- sk_X509_push(ctx->chain, chain_ss);
- num++;
- ctx->last_untrusted = num;
- ctx->current_cert = chain_ss;
- ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
- chain_ss = NULL;
- }
-
- ctx->error_depth = num - 1;
- bad_chain = 1;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
-
- /* We have the chain complete: now we need to check its purpose */
- ok = check_chain_extensions(ctx);
-
- if (!ok)
- goto end;
-
- /* Check name constraints */
-
- ok = check_name_constraints(ctx);
-
- if (!ok)
- goto end;
-
- /* The chain extensions are OK: check trust */
-
- if (param->trust > 0)
- ok = check_trust(ctx);
-
- if (!ok)
- goto end;
-
- /* We may as well copy down any DSA parameters that are required */
- X509_get_pubkey_parameters(NULL, ctx->chain);
-
- /*
- * Check revocation status: we do this after copying parameters because
- * they may be needed for CRL signature verification.
- */
-
- ok = ctx->check_revocation(ctx);
- if (!ok)
- goto end;
-
- /* At this point, we have a chain and need to verify it */
- if (ctx->verify != NULL)
- ok = ctx->verify(ctx);
- else
- ok = internal_verify(ctx);
- if (!ok)
- goto end;
-
-#ifndef OPENSSL_NO_RFC3779
- /* RFC 3779 path validation, now that CRL check has been done */
- ok = v3_asid_validate_path(ctx);
- if (!ok)
- goto end;
- ok = v3_addr_validate_path(ctx);
- if (!ok)
- goto end;
-#endif
-
- /* If we get this far evaluate policies */
- if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
- ok = ctx->check_policy(ctx);
- if (!ok)
- goto end;
- if (0) {
- end:
- X509_get_pubkey_parameters(NULL, ctx->chain);
- }
- if (sktmp != NULL)
- sk_X509_free(sktmp);
- if (chain_ss != NULL)
- X509_free(chain_ss);
- return ok;
-}
-
-/*
- * Given a STACK_OF(X509) find the issuer of cert (if any)
- */
-
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
-{
- int i;
- X509 *issuer;
- for (i = 0; i < sk_X509_num(sk); i++) {
- issuer = sk_X509_value(sk, i);
- if (ctx->check_issued(ctx, x, issuer))
- return issuer;
- }
- return NULL;
-}
-
-/* Given a possible certificate and issuer check them */
-
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
-{
- int ret;
- ret = X509_check_issued(issuer, x);
- if (ret == X509_V_OK)
- return 1;
- /* If we haven't asked for issuer errors don't set ctx */
- if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
- return 0;
-
- ctx->error = ret;
- ctx->current_cert = x;
- ctx->current_issuer = issuer;
- return ctx->verify_cb(0, ctx);
- return 0;
-}
-
-/* Alternative lookup method: look from a STACK stored in other_ctx */
-
-static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
- *issuer = find_issuer(ctx, ctx->other_ctx, x);
- if (*issuer) {
- CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
- return 1;
- } else
- return 0;
-}
-
-/*
- * Check a certificate chains extensions for consistency with the supplied
- * purpose
- */
-
-static int check_chain_extensions(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
- return 1;
-#else
- int i, ok = 0, must_be_ca, plen = 0;
- X509 *x;
- int (*cb) (int xok, X509_STORE_CTX *xctx);
- int proxy_path_length = 0;
- int purpose;
- int allow_proxy_certs;
- cb = ctx->verify_cb;
-
- /*-
- * must_be_ca can have 1 of 3 values:
- * -1: we accept both CA and non-CA certificates, to allow direct
- * use of self-signed certificates (which are marked as CA).
- * 0: we only accept non-CA certificates. This is currently not
- * used, but the possibility is present for future extensions.
- * 1: we only accept CA certificates. This is currently used for
- * all certificates in the chain except the leaf certificate.
- */
- must_be_ca = -1;
-
- /* CRL path validation */
- if (ctx->parent) {
- allow_proxy_certs = 0;
- purpose = X509_PURPOSE_CRL_SIGN;
- } else {
- allow_proxy_certs =
- ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
- /*
- * A hack to keep people who don't want to modify their software
- * happy
- */
- if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
- allow_proxy_certs = 1;
- purpose = ctx->param->purpose;
- }
-
- /* Check all untrusted certificates */
- for (i = 0; i < ctx->last_untrusted; i++) {
- int ret;
- x = sk_X509_value(ctx->chain, i);
- if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
- && (x->ex_flags & EXFLAG_CRITICAL)) {
- ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
- if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) {
- ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
- ret = X509_check_ca(x);
- switch (must_be_ca) {
- case -1:
- if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
- && (ret != 1) && (ret != 0)) {
- ret = 0;
- ctx->error = X509_V_ERR_INVALID_CA;
- } else
- ret = 1;
- break;
- case 0:
- if (ret != 0) {
- ret = 0;
- ctx->error = X509_V_ERR_INVALID_NON_CA;
- } else
- ret = 1;
- break;
- default:
- if ((ret == 0)
- || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
- && (ret != 1))) {
- ret = 0;
- ctx->error = X509_V_ERR_INVALID_CA;
- } else
- ret = 1;
- break;
- }
- if (ret == 0) {
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
- if (ctx->param->purpose > 0) {
- ret = X509_check_purpose(x, purpose, must_be_ca > 0);
- if ((ret == 0)
- || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
- && (ret != 1))) {
- ctx->error = X509_V_ERR_INVALID_PURPOSE;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
- }
- /* Check pathlen if not self issued */
- if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
- && (x->ex_pathlen != -1)
- && (plen > (x->ex_pathlen + proxy_path_length + 1))) {
- ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
- /* Increment path length if not self issued */
- if (!(x->ex_flags & EXFLAG_SI))
- plen++;
- /*
- * If this certificate is a proxy certificate, the next certificate
- * must be another proxy certificate or a EE certificate. If not,
- * the next certificate must be a CA certificate.
- */
- if (x->ex_flags & EXFLAG_PROXY) {
- if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) {
- ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
- }
- proxy_path_length++;
- must_be_ca = 0;
- } else
- must_be_ca = 1;
- }
- ok = 1;
- end:
- return ok;
-#endif
-}
-
-static int check_name_constraints(X509_STORE_CTX *ctx)
-{
- X509 *x;
- int i, j, rv;
- /* Check name constraints for all certificates */
- for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
- x = sk_X509_value(ctx->chain, i);
- /* Ignore self issued certs unless last in chain */
- if (i && (x->ex_flags & EXFLAG_SI))
- continue;
- /*
- * Check against constraints for all certificates higher in chain
- * including trust anchor. Trust anchor not strictly speaking needed
- * but if it includes constraints it is to be assumed it expects them
- * to be obeyed.
- */
- for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
- NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
- if (nc) {
- rv = NAME_CONSTRAINTS_check(x, nc);
- if (rv != X509_V_OK) {
- ctx->error = rv;
- ctx->error_depth = i;
- ctx->current_cert = x;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
- }
- }
- }
- return 1;
-}
-
-static int check_trust(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
- return 1;
-#else
- int i, ok;
- X509 *x;
- int (*cb) (int xok, X509_STORE_CTX *xctx);
- cb = ctx->verify_cb;
-/* For now just check the last certificate in the chain */
- i = sk_X509_num(ctx->chain) - 1;
- x = sk_X509_value(ctx->chain, i);
- ok = X509_check_trust(x, ctx->param->trust, 0);
- if (ok == X509_TRUST_TRUSTED)
- return 1;
- ctx->error_depth = i;
- ctx->current_cert = x;
- if (ok == X509_TRUST_REJECTED)
- ctx->error = X509_V_ERR_CERT_REJECTED;
- else
- ctx->error = X509_V_ERR_CERT_UNTRUSTED;
- ok = cb(0, ctx);
- return ok;
-#endif
-}
-
-static int check_revocation(X509_STORE_CTX *ctx)
-{
- int i, last, ok;
- if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
- return 1;
- if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
- last = sk_X509_num(ctx->chain) - 1;
- else {
- /* If checking CRL paths this isn't the EE certificate */
- if (ctx->parent)
- return 1;
- last = 0;
- }
- for (i = 0; i <= last; i++) {
- ctx->error_depth = i;
- ok = check_cert(ctx);
- if (!ok)
- return ok;
- }
- return 1;
-}
-
-static int check_cert(X509_STORE_CTX *ctx)
-{
- X509_CRL *crl = NULL, *dcrl = NULL;
- X509 *x;
- int ok, cnum;
- unsigned int last_reasons;
- cnum = ctx->error_depth;
- x = sk_X509_value(ctx->chain, cnum);
- ctx->current_cert = x;
- ctx->current_issuer = NULL;
- ctx->current_crl_score = 0;
- ctx->current_reasons = 0;
- while (ctx->current_reasons != CRLDP_ALL_REASONS) {
- last_reasons = ctx->current_reasons;
- /* Try to retrieve relevant CRL */
- if (ctx->get_crl)
- ok = ctx->get_crl(ctx, &crl, x);
- else
- ok = get_crl_delta(ctx, &crl, &dcrl, x);
- /*
- * If error looking up CRL, nothing we can do except notify callback
- */
- if (!ok) {
- ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
- ok = ctx->verify_cb(0, ctx);
- goto err;
- }
- ctx->current_crl = crl;
- ok = ctx->check_crl(ctx, crl);
- if (!ok)
- goto err;
-
- if (dcrl) {
- ok = ctx->check_crl(ctx, dcrl);
- if (!ok)
- goto err;
- ok = ctx->cert_crl(ctx, dcrl, x);
- if (!ok)
- goto err;
- } else
- ok = 1;
-
- /* Don't look in full CRL if delta reason is removefromCRL */
- if (ok != 2) {
- ok = ctx->cert_crl(ctx, crl, x);
- if (!ok)
- goto err;
- }
-
- X509_CRL_free(crl);
- X509_CRL_free(dcrl);
- crl = NULL;
- dcrl = NULL;
- /*
- * If reasons not updated we wont get anywhere by another iteration,
- * so exit loop.
- */
- if (last_reasons == ctx->current_reasons) {
- ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
- ok = ctx->verify_cb(0, ctx);
- goto err;
- }
- }
- err:
- X509_CRL_free(crl);
- X509_CRL_free(dcrl);
-
- ctx->current_crl = NULL;
- return ok;
-
-}
-
-/* Check CRL times against values in X509_STORE_CTX */
-
-static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
-{
- time_t *ptime;
- int i;
- if (notify)
- ctx->current_crl = crl;
- if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
- ptime = &ctx->param->check_time;
- else
- ptime = NULL;
-
- i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
- if (i == 0) {
- if (!notify)
- return 0;
- ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
-
- if (i > 0) {
- if (!notify)
- return 0;
- ctx->error = X509_V_ERR_CRL_NOT_YET_VALID;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
-
- if (X509_CRL_get_nextUpdate(crl)) {
- i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
-
- if (i == 0) {
- if (!notify)
- return 0;
- ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
- /* Ignore expiry of base CRL is delta is valid */
- if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) {
- if (!notify)
- return 0;
- ctx->error = X509_V_ERR_CRL_HAS_EXPIRED;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
- }
-
- if (notify)
- ctx->current_crl = NULL;
-
- return 1;
-}
-
-static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
- X509 **pissuer, int *pscore, unsigned int *preasons,
- STACK_OF(X509_CRL) *crls)
-{
- int i, crl_score, best_score = *pscore;
- unsigned int reasons, best_reasons = 0;
- X509 *x = ctx->current_cert;
- X509_CRL *crl, *best_crl = NULL;
- X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
-
- for (i = 0; i < sk_X509_CRL_num(crls); i++) {
- crl = sk_X509_CRL_value(crls, i);
- reasons = *preasons;
- crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
-
- if (crl_score > best_score) {
- best_crl = crl;
- best_crl_issuer = crl_issuer;
- best_score = crl_score;
- best_reasons = reasons;
- }
- }
-
- if (best_crl) {
- if (*pcrl)
- X509_CRL_free(*pcrl);
- *pcrl = best_crl;
- *pissuer = best_crl_issuer;
- *pscore = best_score;
- *preasons = best_reasons;
- CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
- if (*pdcrl) {
- X509_CRL_free(*pdcrl);
- *pdcrl = NULL;
- }
- get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
- }
-
- if (best_score >= CRL_SCORE_VALID)
- return 1;
-
- return 0;
-}
-
-/*
- * Compare two CRL extensions for delta checking purposes. They should be
- * both present or both absent. If both present all fields must be identical.
- */
-
-static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
-{
- ASN1_OCTET_STRING *exta, *extb;
- int i;
- i = X509_CRL_get_ext_by_NID(a, nid, -1);
- if (i >= 0) {
- /* Can't have multiple occurrences */
- if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
- return 0;
- exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
- } else
- exta = NULL;
-
- i = X509_CRL_get_ext_by_NID(b, nid, -1);
-
- if (i >= 0) {
-
- if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
- return 0;
- extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
- } else
- extb = NULL;
-
- if (!exta && !extb)
- return 1;
-
- if (!exta || !extb)
- return 0;
-
- if (ASN1_OCTET_STRING_cmp(exta, extb))
- return 0;
-
- return 1;
-}
-
-/* See if a base and delta are compatible */
-
-static int check_delta_base(X509_CRL *delta, X509_CRL *base)
-{
- /* Delta CRL must be a delta */
- if (!delta->base_crl_number)
- return 0;
- /* Base must have a CRL number */
- if (!base->crl_number)
- return 0;
- /* Issuer names must match */
- if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(delta)))
- return 0;
- /* AKID and IDP must match */
- if (!crl_extension_match(delta, base, NID_authority_key_identifier))
- return 0;
- if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
- return 0;
- /* Delta CRL base number must not exceed Full CRL number. */
- if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
- return 0;
- /* Delta CRL number must exceed full CRL number */
- if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
- return 1;
- return 0;
-}
-
-/*
- * For a given base CRL find a delta... maybe extend to delta scoring or
- * retrieve a chain of deltas...
- */
-
-static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
- X509_CRL *base, STACK_OF(X509_CRL) *crls)
-{
- X509_CRL *delta;
- int i;
- if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
- return;
- if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
- return;
- for (i = 0; i < sk_X509_CRL_num(crls); i++) {
- delta = sk_X509_CRL_value(crls, i);
- if (check_delta_base(delta, base)) {
- if (check_crl_time(ctx, delta, 0))
- *pscore |= CRL_SCORE_TIME_DELTA;
- CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
- *dcrl = delta;
- return;
- }
- }
- *dcrl = NULL;
-}
-
-/*
- * For a given CRL return how suitable it is for the supplied certificate
- * 'x'. The return value is a mask of several criteria. If the issuer is not
- * the certificate issuer this is returned in *pissuer. The reasons mask is
- * also used to determine if the CRL is suitable: if no new reasons the CRL
- * is rejected, otherwise reasons is updated.
- */
-
-static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
- unsigned int *preasons, X509_CRL *crl, X509 *x)
-{
-
- int crl_score = 0;
- unsigned int tmp_reasons = *preasons, crl_reasons;
-
- /* First see if we can reject CRL straight away */
-
- /* Invalid IDP cannot be processed */
- if (crl->idp_flags & IDP_INVALID)
- return 0;
- /* Reason codes or indirect CRLs need extended CRL support */
- if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) {
- if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
- return 0;
- } else if (crl->idp_flags & IDP_REASONS) {
- /* If no new reasons reject */
- if (!(crl->idp_reasons & ~tmp_reasons))
- return 0;
- }
- /* Don't process deltas at this stage */
- else if (crl->base_crl_number)
- return 0;
- /* If issuer name doesn't match certificate need indirect CRL */
- if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) {
- if (!(crl->idp_flags & IDP_INDIRECT))
- return 0;
- } else
- crl_score |= CRL_SCORE_ISSUER_NAME;
-
- if (!(crl->flags & EXFLAG_CRITICAL))
- crl_score |= CRL_SCORE_NOCRITICAL;
-
- /* Check expiry */
- if (check_crl_time(ctx, crl, 0))
- crl_score |= CRL_SCORE_TIME;
-
- /* Check authority key ID and locate certificate issuer */
- crl_akid_check(ctx, crl, pissuer, &crl_score);
-
- /* If we can't locate certificate issuer at this point forget it */
-
- if (!(crl_score & CRL_SCORE_AKID))
- return 0;
-
- /* Check cert for matching CRL distribution points */
-
- if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) {
- /* If no new reasons reject */
- if (!(crl_reasons & ~tmp_reasons))
- return 0;
- tmp_reasons |= crl_reasons;
- crl_score |= CRL_SCORE_SCOPE;
- }
-
- *preasons = tmp_reasons;
-
- return crl_score;
-
-}
-
-static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
- X509 **pissuer, int *pcrl_score)
-{
- X509 *crl_issuer = NULL;
- X509_NAME *cnm = X509_CRL_get_issuer(crl);
- int cidx = ctx->error_depth;
- int i;
-
- if (cidx != sk_X509_num(ctx->chain) - 1)
- cidx++;
-
- crl_issuer = sk_X509_value(ctx->chain, cidx);
-
- if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
- if (*pcrl_score & CRL_SCORE_ISSUER_NAME) {
- *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_ISSUER_CERT;
- *pissuer = crl_issuer;
- return;
- }
- }
-
- for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) {
- crl_issuer = sk_X509_value(ctx->chain, cidx);
- if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
- continue;
- if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
- *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_SAME_PATH;
- *pissuer = crl_issuer;
- return;
- }
- }
-
- /* Anything else needs extended CRL support */
-
- if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
- return;
-
- /*
- * Otherwise the CRL issuer is not on the path. Look for it in the set of
- * untrusted certificates.
- */
- for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
- crl_issuer = sk_X509_value(ctx->untrusted, i);
- if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
- continue;
- if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
- *pissuer = crl_issuer;
- *pcrl_score |= CRL_SCORE_AKID;
- return;
- }
- }
-}
-
-/*
- * Check the path of a CRL issuer certificate. This creates a new
- * X509_STORE_CTX and populates it with most of the parameters from the
- * parent. This could be optimised somewhat since a lot of path checking will
- * be duplicated by the parent, but this will rarely be used in practice.
- */
-
-static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
-{
- X509_STORE_CTX crl_ctx;
- int ret;
- /* Don't allow recursive CRL path validation */
- if (ctx->parent)
- return 0;
- if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
- return -1;
-
- crl_ctx.crls = ctx->crls;
- /* Copy verify params across */
- X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
-
- crl_ctx.parent = ctx;
- crl_ctx.verify_cb = ctx->verify_cb;
-
- /* Verify CRL issuer */
- ret = X509_verify_cert(&crl_ctx);
-
- if (ret <= 0)
- goto err;
-
- /* Check chain is acceptable */
-
- ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
- err:
- X509_STORE_CTX_cleanup(&crl_ctx);
- return ret;
-}
-
-/*
- * RFC3280 says nothing about the relationship between CRL path and
- * certificate path, which could lead to situations where a certificate could
- * be revoked or validated by a CA not authorised to do so. RFC5280 is more
- * strict and states that the two paths must end in the same trust anchor,
- * though some discussions remain... until this is resolved we use the
- * RFC5280 version
- */
-
-static int check_crl_chain(X509_STORE_CTX *ctx,
- STACK_OF(X509) *cert_path,
- STACK_OF(X509) *crl_path)
-{
- X509 *cert_ta, *crl_ta;
- cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
- crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
- if (!X509_cmp(cert_ta, crl_ta))
- return 1;
- return 0;
-}
-
-/*-
- * Check for match between two dist point names: three separate cases.
- * 1. Both are relative names and compare X509_NAME types.
- * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
- * 3. Both are full names and compare two GENERAL_NAMES.
- * 4. One is NULL: automatic match.
- */
-
-static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
-{
- X509_NAME *nm = NULL;
- GENERAL_NAMES *gens = NULL;
- GENERAL_NAME *gena, *genb;
- int i, j;
- if (!a || !b)
- return 1;
- if (a->type == 1) {
- if (!a->dpname)
- return 0;
- /* Case 1: two X509_NAME */
- if (b->type == 1) {
- if (!b->dpname)
- return 0;
- if (!X509_NAME_cmp(a->dpname, b->dpname))
- return 1;
- else
- return 0;
- }
- /* Case 2: set name and GENERAL_NAMES appropriately */
- nm = a->dpname;
- gens = b->name.fullname;
- } else if (b->type == 1) {
- if (!b->dpname)
- return 0;
- /* Case 2: set name and GENERAL_NAMES appropriately */
- gens = a->name.fullname;
- nm = b->dpname;
- }
-
- /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
- if (nm) {
- for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
- gena = sk_GENERAL_NAME_value(gens, i);
- if (gena->type != GEN_DIRNAME)
- continue;
- if (!X509_NAME_cmp(nm, gena->d.directoryName))
- return 1;
- }
- return 0;
- }
-
- /* Else case 3: two GENERAL_NAMES */
-
- for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) {
- gena = sk_GENERAL_NAME_value(a->name.fullname, i);
- for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) {
- genb = sk_GENERAL_NAME_value(b->name.fullname, j);
- if (!GENERAL_NAME_cmp(gena, genb))
- return 1;
- }
- }
-
- return 0;
-
-}
-
-static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
-{
- int i;
- X509_NAME *nm = X509_CRL_get_issuer(crl);
- /* If no CRLissuer return is successful iff don't need a match */
- if (!dp->CRLissuer)
- return ! !(crl_score & CRL_SCORE_ISSUER_NAME);
- for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
- GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
- if (gen->type != GEN_DIRNAME)
- continue;
- if (!X509_NAME_cmp(gen->d.directoryName, nm))
- return 1;
- }
- return 0;
-}
-
-/* Check CRLDP and IDP */
-
-static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
- unsigned int *preasons)
-{
- int i;
- if (crl->idp_flags & IDP_ONLYATTR)
- return 0;
- if (x->ex_flags & EXFLAG_CA) {
- if (crl->idp_flags & IDP_ONLYUSER)
- return 0;
- } else {
- if (crl->idp_flags & IDP_ONLYCA)
- return 0;
- }
- *preasons = crl->idp_reasons;
- for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
- DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
- if (crldp_check_crlissuer(dp, crl, crl_score)) {
- if (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint)) {
- *preasons &= dp->dp_reasons;
- return 1;
- }
- }
- }
- if ((!crl->idp || !crl->idp->distpoint)
- && (crl_score & CRL_SCORE_ISSUER_NAME))
- return 1;
- return 0;
-}
-
-/*
- * Retrieve CRL corresponding to current certificate. If deltas enabled try
- * to find a delta CRL too
- */
-
-static int get_crl_delta(X509_STORE_CTX *ctx,
- X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
-{
- int ok;
- X509 *issuer = NULL;
- int crl_score = 0;
- unsigned int reasons;
- X509_CRL *crl = NULL, *dcrl = NULL;
- STACK_OF(X509_CRL) *skcrl;
- X509_NAME *nm = X509_get_issuer_name(x);
- reasons = ctx->current_reasons;
- ok = get_crl_sk(ctx, &crl, &dcrl,
- &issuer, &crl_score, &reasons, ctx->crls);
-
- if (ok)
- goto done;
-
- /* Lookup CRLs from store */
-
- skcrl = ctx->lookup_crls(ctx, nm);
-
- /* If no CRLs found and a near match from get_crl_sk use that */
- if (!skcrl && crl)
- goto done;
-
- get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
-
- sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
-
- done:
-
- /* If we got any kind of CRL use it and return success */
- if (crl) {
- ctx->current_issuer = issuer;
- ctx->current_crl_score = crl_score;
- ctx->current_reasons = reasons;
- *pcrl = crl;
- *pdcrl = dcrl;
- return 1;
- }
-
- return 0;
-}
-
-/* Check CRL validity */
-static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
-{
- X509 *issuer = NULL;
- EVP_PKEY *ikey = NULL;
- int ok = 0, chnum, cnum;
- cnum = ctx->error_depth;
- chnum = sk_X509_num(ctx->chain) - 1;
- /* if we have an alternative CRL issuer cert use that */
- if (ctx->current_issuer)
- issuer = ctx->current_issuer;
-
- /*
- * Else find CRL issuer: if not last certificate then issuer is next
- * certificate in chain.
- */
- else if (cnum < chnum)
- issuer = sk_X509_value(ctx->chain, cnum + 1);
- else {
- issuer = sk_X509_value(ctx->chain, chnum);
- /* If not self signed, can't check signature */
- if (!ctx->check_issued(ctx, issuer, issuer)) {
- ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- }
- }
-
- if (issuer) {
- /*
- * Skip most tests for deltas because they have already been done
- */
- if (!crl->base_crl_number) {
- /* Check for cRLSign bit if keyUsage present */
- if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
- !(issuer->ex_kusage & KU_CRL_SIGN)) {
- ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- }
-
- if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) {
- ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- }
-
- if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) {
- if (check_crl_path(ctx, ctx->current_issuer) <= 0) {
- ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- }
- }
-
- if (crl->idp_flags & IDP_INVALID) {
- ctx->error = X509_V_ERR_INVALID_EXTENSION;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- }
-
- }
-
- if (!(ctx->current_crl_score & CRL_SCORE_TIME)) {
- ok = check_crl_time(ctx, crl, 1);
- if (!ok)
- goto err;
- }
-
- /* Attempt to get issuer certificate public key */
- ikey = X509_get_pubkey(issuer);
-
- if (!ikey) {
- ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- } else {
- /* Verify CRL signature */
- if (X509_CRL_verify(crl, ikey) <= 0) {
- ctx->error = X509_V_ERR_CRL_SIGNATURE_FAILURE;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- goto err;
- }
- }
- }
-
- ok = 1;
-
- err:
- EVP_PKEY_free(ikey);
- return ok;
-}
-
-/* Check certificate against CRL */
-static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
-{
- int ok;
- X509_REVOKED *rev;
- /*
- * The rules changed for this... previously if a CRL contained unhandled
- * critical extensions it could still be used to indicate a certificate
- * was revoked. This has since been changed since critical extension can
- * change the meaning of CRL entries.
- */
- if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
- && (crl->flags & EXFLAG_CRITICAL)) {
- ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- return 0;
- }
- /*
- * Look for serial number of certificate in CRL If found make sure reason
- * is not removeFromCRL.
- */
- if (X509_CRL_get0_by_cert(crl, &rev, x)) {
- if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
- return 2;
- ctx->error = X509_V_ERR_CERT_REVOKED;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- return 0;
- }
-
- return 1;
-}
-
-static int check_policy(X509_STORE_CTX *ctx)
-{
- int ret;
- if (ctx->parent)
- return 1;
- ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
- ctx->param->policies, ctx->param->flags);
- if (ret == 0) {
- X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- /* Invalid or inconsistent extensions */
- if (ret == -1) {
- /*
- * Locate certificates with bad extensions and notify callback.
- */
- X509 *x;
- int i;
- for (i = 1; i < sk_X509_num(ctx->chain); i++) {
- x = sk_X509_value(ctx->chain, i);
- if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
- continue;
- ctx->current_cert = x;
- ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
- return 1;
- }
- if (ret == -2) {
- ctx->current_cert = NULL;
- ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
- return ctx->verify_cb(0, ctx);
- }
-
- if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) {
- ctx->current_cert = NULL;
- ctx->error = X509_V_OK;
- if (!ctx->verify_cb(2, ctx))
- return 0;
- }
-
- return 1;
-}
-
-static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
-{
- time_t *ptime;
- int i;
-
- if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
- ptime = &ctx->param->check_time;
- else
- ptime = NULL;
-
- i = X509_cmp_time(X509_get_notBefore(x), ptime);
- if (i == 0) {
- ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
- ctx->current_cert = x;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
-
- if (i > 0) {
- ctx->error = X509_V_ERR_CERT_NOT_YET_VALID;
- ctx->current_cert = x;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
-
- i = X509_cmp_time(X509_get_notAfter(x), ptime);
- if (i == 0) {
- ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
- ctx->current_cert = x;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
-
- if (i < 0) {
- ctx->error = X509_V_ERR_CERT_HAS_EXPIRED;
- ctx->current_cert = x;
- if (!ctx->verify_cb(0, ctx))
- return 0;
- }
-
- return 1;
-}
-
-static int internal_verify(X509_STORE_CTX *ctx)
-{
- int ok = 0, n;
- X509 *xs, *xi;
- EVP_PKEY *pkey = NULL;
- int (*cb) (int xok, X509_STORE_CTX *xctx);
-
- cb = ctx->verify_cb;
-
- n = sk_X509_num(ctx->chain);
- ctx->error_depth = n - 1;
- n--;
- xi = sk_X509_value(ctx->chain, n);
-
- if (ctx->check_issued(ctx, xi, xi))
- xs = xi;
- else {
- if (n <= 0) {
- ctx->error = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
- ctx->current_cert = xi;
- ok = cb(0, ctx);
- goto end;
- } else {
- n--;
- ctx->error_depth = n;
- xs = sk_X509_value(ctx->chain, n);
- }
- }
-
-/* ctx->error=0; not needed */
- while (n >= 0) {
- ctx->error_depth = n;
-
- /*
- * Skip signature check for self signed certificates unless
- * explicitly asked for. It doesn't add any security and just wastes
- * time.
- */
- if (!xs->valid
- && (xs != xi
- || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
- if ((pkey = X509_get_pubkey(xi)) == NULL) {
- ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
- ctx->current_cert = xi;
- ok = (*cb) (0, ctx);
- if (!ok)
- goto end;
- } else if (X509_verify(xs, pkey) <= 0) {
- ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
- ctx->current_cert = xs;
- ok = (*cb) (0, ctx);
- if (!ok) {
- EVP_PKEY_free(pkey);
- goto end;
- }
- }
- EVP_PKEY_free(pkey);
- pkey = NULL;
- }
-
- xs->valid = 1;
-
- ok = check_cert_time(ctx, xs);
- if (!ok)
- goto end;
-
- /* The last error (if any) is still in the error value */
- ctx->current_issuer = xi;
- ctx->current_cert = xs;
- ok = (*cb) (1, ctx);
- if (!ok)
- goto end;
-
- n--;
- if (n >= 0) {
- xi = xs;
- xs = sk_X509_value(ctx->chain, n);
- }
- }
- ok = 1;
- end:
- return ok;
-}
-
-int X509_cmp_current_time(const ASN1_TIME *ctm)
-{
- return X509_cmp_time(ctm, NULL);
-}
-
-int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
-{
- char *str;
- ASN1_TIME atm;
- long offset;
- char buff1[24], buff2[24], *p;
- int i, j, remaining;
-
- p = buff1;
- remaining = ctm->length;
- str = (char *)ctm->data;
- /*
- * Note that the following (historical) code allows much more slack in the
- * time format than RFC5280. In RFC5280, the representation is fixed:
- * UTCTime: YYMMDDHHMMSSZ
- * GeneralizedTime: YYYYMMDDHHMMSSZ
- */
- if (ctm->type == V_ASN1_UTCTIME) {
- /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
- int min_length = sizeof("YYMMDDHHMMZ") - 1;
- int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
- if (remaining < min_length || remaining > max_length)
- return 0;
- memcpy(p, str, 10);
- p += 10;
- str += 10;
- remaining -= 10;
- } else {
- /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */
- int min_length = sizeof("YYYYMMDDHHMMZ") - 1;
- int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
- if (remaining < min_length || remaining > max_length)
- return 0;
- memcpy(p, str, 12);
- p += 12;
- str += 12;
- remaining -= 12;
- }
-
- if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
- *(p++) = '0';
- *(p++) = '0';
- } else {
- /* SS (seconds) */
- if (remaining < 2)
- return 0;
- *(p++) = *(str++);
- *(p++) = *(str++);
- remaining -= 2;
- /*
- * Skip any (up to three) fractional seconds...
- * TODO(emilia): in RFC5280, fractional seconds are forbidden.
- * Can we just kill them altogether?
- */
- if (remaining && *str == '.') {
- str++;
- remaining--;
- for (i = 0; i < 3 && remaining; i++, str++, remaining--) {
- if (*str < '0' || *str > '9')
- break;
- }
- }
-
- }
- *(p++) = 'Z';
- *(p++) = '\0';
-
- /* We now need either a terminating 'Z' or an offset. */
- if (!remaining)
- return 0;
- if (*str == 'Z') {
- if (remaining != 1)
- return 0;
- offset = 0;
- } else {
- /* (+-)HHMM */
- if ((*str != '+') && (*str != '-'))
- return 0;
- /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */
- if (remaining != 5)
- return 0;
- if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' ||
- str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9')
- return 0;
- offset = ((str[1] - '0') * 10 + (str[2] - '0')) * 60;
- offset += (str[3] - '0') * 10 + (str[4] - '0');
- if (*str == '-')
- offset = -offset;
- }
- atm.type = ctm->type;
- atm.flags = 0;
- atm.length = sizeof(buff2);
- atm.data = (unsigned char *)buff2;
-
- if (X509_time_adj(&atm, offset * 60, cmp_time) == NULL)
- return 0;
-
- if (ctm->type == V_ASN1_UTCTIME) {
- i = (buff1[0] - '0') * 10 + (buff1[1] - '0');
- if (i < 50)
- i += 100; /* cf. RFC 2459 */
- j = (buff2[0] - '0') * 10 + (buff2[1] - '0');
- if (j < 50)
- j += 100;
-
- if (i < j)
- return -1;
- if (i > j)
- return 1;
- }
- i = strcmp(buff1, buff2);
- if (i == 0) /* wait a second then return younger :-) */
- return -1;
- else
- return i;
-}
-
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
-{
- return X509_time_adj(s, adj, NULL);
-}
-
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
-{
- return X509_time_adj_ex(s, 0, offset_sec, in_tm);
-}
-
-ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
- int offset_day, long offset_sec, time_t *in_tm)
-{
- time_t t;
-
- if (in_tm)
- t = *in_tm;
- else
- time(&t);
-
- if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) {
- if (s->type == V_ASN1_UTCTIME)
- return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
- if (s->type == V_ASN1_GENERALIZEDTIME)
- return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
- }
- return ASN1_TIME_adj(s, t, offset_day, offset_sec);
-}
-
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
-{
- EVP_PKEY *ktmp = NULL, *ktmp2;
- int i, j;
-
- if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey))
- return 1;
-
- for (i = 0; i < sk_X509_num(chain); i++) {
- ktmp = X509_get_pubkey(sk_X509_value(chain, i));
- if (ktmp == NULL) {
- X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
- X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
- return 0;
- }
- if (!EVP_PKEY_missing_parameters(ktmp))
- break;
- else {
- EVP_PKEY_free(ktmp);
- ktmp = NULL;
- }
- }
- if (ktmp == NULL) {
- X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
- X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
- return 0;
- }
-
- /* first, populate the other certs */
- for (j = i - 1; j >= 0; j--) {
- ktmp2 = X509_get_pubkey(sk_X509_value(chain, j));
- EVP_PKEY_copy_parameters(ktmp2, ktmp);
- EVP_PKEY_free(ktmp2);
- }
-
- if (pkey != NULL)
- EVP_PKEY_copy_parameters(pkey, ktmp);
- EVP_PKEY_free(ktmp);
- return 1;
-}
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func)
-{
- /*
- * This function is (usually) called only once, by
- * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c).
- */
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
-{
- return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
-}
-
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
-{
- return CRYPTO_get_ex_data(&ctx->ex_data, idx);
-}
-
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
-{
- return ctx->error;
-}
-
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
-{
- ctx->error = err;
-}
-
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
-{
- return ctx->error_depth;
-}
-
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
-{
- return ctx->current_cert;
-}
-
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
-{
- return ctx->chain;
-}
-
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
-{
- int i;
- X509 *x;
- STACK_OF(X509) *chain;
- if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain)))
- return NULL;
- for (i = 0; i < sk_X509_num(chain); i++) {
- x = sk_X509_value(chain, i);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
- }
- return chain;
-}
-
-X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
-{
- return ctx->current_issuer;
-}
-
-X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
-{
- return ctx->current_crl;
-}
-
-X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
-{
- return ctx->parent;
-}
-
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
-{
- ctx->cert = x;
-}
-
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
- ctx->untrusted = sk;
-}
-
-void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
-{
- ctx->crls = sk;
-}
-
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
-{
- return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
-}
-
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
-{
- return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
-}
-
-/*
- * This function is used to set the X509_STORE_CTX purpose and trust values.
- * This is intended to be used when another structure has its own trust and
- * purpose values which (if set) will be inherited by the ctx. If they aren't
- * set then we will usually have a default purpose in mind which should then
- * be used to set the trust value. An example of this is SSL use: an SSL
- * structure will have its own purpose and trust settings which the
- * application can set: if they aren't set then we use the default of SSL
- * client/server.
- */
-
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
- int purpose, int trust)
-{
- int idx;
- /* If purpose not set use default */
- if (!purpose)
- purpose = def_purpose;
- /* If we have a purpose then check it is valid */
- if (purpose) {
- X509_PURPOSE *ptmp;
- idx = X509_PURPOSE_get_by_id(purpose);
- if (idx == -1) {
- X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
- X509_R_UNKNOWN_PURPOSE_ID);
- return 0;
- }
- ptmp = X509_PURPOSE_get0(idx);
- if (ptmp->trust == X509_TRUST_DEFAULT) {
- idx = X509_PURPOSE_get_by_id(def_purpose);
- if (idx == -1) {
- X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
- X509_R_UNKNOWN_PURPOSE_ID);
- return 0;
- }
- ptmp = X509_PURPOSE_get0(idx);
- }
- /* If trust not set then get from purpose default */
- if (!trust)
- trust = ptmp->trust;
- }
- if (trust) {
- idx = X509_TRUST_get_by_id(trust);
- if (idx == -1) {
- X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
- X509_R_UNKNOWN_TRUST_ID);
- return 0;
- }
- }
-
- if (purpose && !ctx->param->purpose)
- ctx->param->purpose = purpose;
- if (trust && !ctx->param->trust)
- ctx->param->trust = trust;
- return 1;
-}
-
-X509_STORE_CTX *X509_STORE_CTX_new(void)
-{
- X509_STORE_CTX *ctx;
- ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
- if (!ctx) {
- X509err(X509_F_X509_STORE_CTX_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- memset(ctx, 0, sizeof(X509_STORE_CTX));
- return ctx;
-}
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
-{
- if (!ctx)
- return;
- X509_STORE_CTX_cleanup(ctx);
- OPENSSL_free(ctx);
-}
-
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
- STACK_OF(X509) *chain)
-{
- int ret = 1;
- ctx->ctx = store;
- ctx->current_method = 0;
- ctx->cert = x509;
- ctx->untrusted = chain;
- ctx->crls = NULL;
- ctx->last_untrusted = 0;
- ctx->other_ctx = NULL;
- ctx->valid = 0;
- ctx->chain = NULL;
- ctx->error = 0;
- ctx->explicit_policy = 0;
- ctx->error_depth = 0;
- ctx->current_cert = NULL;
- ctx->current_issuer = NULL;
- ctx->current_crl = NULL;
- ctx->current_crl_score = 0;
- ctx->current_reasons = 0;
- ctx->tree = NULL;
- ctx->parent = NULL;
-
- ctx->param = X509_VERIFY_PARAM_new();
-
- if (!ctx->param) {
- X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- /*
- * Inherit callbacks and flags from X509_STORE if not set use defaults.
- */
-
- if (store)
- ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
- else
- ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT | X509_VP_FLAG_ONCE;
-
- if (store) {
- ctx->verify_cb = store->verify_cb;
- ctx->cleanup = store->cleanup;
- } else
- ctx->cleanup = 0;
-
- if (ret)
- ret = X509_VERIFY_PARAM_inherit(ctx->param,
- X509_VERIFY_PARAM_lookup("default"));
-
- if (ret == 0) {
- X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- if (store && store->check_issued)
- ctx->check_issued = store->check_issued;
- else
- ctx->check_issued = check_issued;
-
- if (store && store->get_issuer)
- ctx->get_issuer = store->get_issuer;
- else
- ctx->get_issuer = X509_STORE_CTX_get1_issuer;
-
- if (store && store->verify_cb)
- ctx->verify_cb = store->verify_cb;
- else
- ctx->verify_cb = null_callback;
-
- if (store && store->verify)
- ctx->verify = store->verify;
- else
- ctx->verify = internal_verify;
-
- if (store && store->check_revocation)
- ctx->check_revocation = store->check_revocation;
- else
- ctx->check_revocation = check_revocation;
-
- if (store && store->get_crl)
- ctx->get_crl = store->get_crl;
- else
- ctx->get_crl = NULL;
-
- if (store && store->check_crl)
- ctx->check_crl = store->check_crl;
- else
- ctx->check_crl = check_crl;
-
- if (store && store->cert_crl)
- ctx->cert_crl = store->cert_crl;
- else
- ctx->cert_crl = cert_crl;
-
- if (store && store->lookup_certs)
- ctx->lookup_certs = store->lookup_certs;
- else
- ctx->lookup_certs = X509_STORE_get1_certs;
-
- if (store && store->lookup_crls)
- ctx->lookup_crls = store->lookup_crls;
- else
- ctx->lookup_crls = X509_STORE_get1_crls;
-
- ctx->check_policy = check_policy;
-
- /*
- * This memset() can't make any sense anyway, so it's removed. As
- * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
- * corresponding "new" here and remove this bogus initialisation.
- */
- /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
- if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
- &(ctx->ex_data))) {
- OPENSSL_free(ctx);
- X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- return 1;
-}
-
-/*
- * Set alternative lookup method: just a STACK of trusted certificates. This
- * avoids X509_STORE nastiness where it isn't needed.
- */
-
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
- ctx->other_ctx = sk;
- ctx->get_issuer = get_issuer_sk;
-}
-
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
-{
- if (ctx->cleanup)
- ctx->cleanup(ctx);
- if (ctx->param != NULL) {
- if (ctx->parent == NULL)
- X509_VERIFY_PARAM_free(ctx->param);
- ctx->param = NULL;
- }
- if (ctx->tree != NULL) {
- X509_policy_tree_free(ctx->tree);
- ctx->tree = NULL;
- }
- if (ctx->chain != NULL) {
- sk_X509_pop_free(ctx->chain, X509_free);
- ctx->chain = NULL;
- }
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
- memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
-}
-
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
-{
- X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-}
-
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
-{
- X509_VERIFY_PARAM_set_flags(ctx->param, flags);
-}
-
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
- time_t t)
-{
- X509_VERIFY_PARAM_set_time(ctx->param, t);
-}
-
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
- int (*verify_cb) (int, X509_STORE_CTX *))
-{
- ctx->verify_cb = verify_cb;
-}
-
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
-{
- return ctx->tree;
-}
-
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
-{
- return ctx->explicit_policy;
-}
-
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
-{
- const X509_VERIFY_PARAM *param;
- param = X509_VERIFY_PARAM_lookup(name);
- if (!param)
- return 0;
- return X509_VERIFY_PARAM_inherit(ctx->param, param);
-}
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
-{
- return ctx->param;
-}
-
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
-{
- if (ctx->param)
- X509_VERIFY_PARAM_free(ctx->param);
- ctx->param = param;
-}
-
-IMPLEMENT_STACK_OF(X509)
-
-IMPLEMENT_ASN1_SET_OF(X509)
-
-IMPLEMENT_STACK_OF(X509_NAME)
-
-IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
-
-IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2350 @@
+/* crypto/x509/x509_vfy.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/objects.h>
+
+/* CRL score values */
+
+/* No unhandled critical extensions */
+
+#define CRL_SCORE_NOCRITICAL 0x100
+
+/* certificate is within CRL scope */
+
+#define CRL_SCORE_SCOPE 0x080
+
+/* CRL times valid */
+
+#define CRL_SCORE_TIME 0x040
+
+/* Issuer name matches certificate */
+
+#define CRL_SCORE_ISSUER_NAME 0x020
+
+/* If this score or above CRL is probably valid */
+
+#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
+
+/* CRL issuer is certificate issuer */
+
+#define CRL_SCORE_ISSUER_CERT 0x018
+
+/* CRL issuer is on certificate path */
+
+#define CRL_SCORE_SAME_PATH 0x008
+
+/* CRL issuer matches CRL AKID */
+
+#define CRL_SCORE_AKID 0x004
+
+/* Have a delta CRL with valid times */
+
+#define CRL_SCORE_TIME_DELTA 0x002
+
+static int null_callback(int ok, X509_STORE_CTX *e);
+static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
+static int check_chain_extensions(X509_STORE_CTX *ctx);
+static int check_name_constraints(X509_STORE_CTX *ctx);
+static int check_trust(X509_STORE_CTX *ctx);
+static int check_revocation(X509_STORE_CTX *ctx);
+static int check_cert(X509_STORE_CTX *ctx);
+static int check_policy(X509_STORE_CTX *ctx);
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+ unsigned int *preasons, X509_CRL *crl, X509 *x);
+static int get_crl_delta(X509_STORE_CTX *ctx,
+ X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl,
+ int *pcrl_score, X509_CRL *base,
+ STACK_OF(X509_CRL) *crls);
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
+ int *pcrl_score);
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+ unsigned int *preasons);
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
+static int check_crl_chain(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *cert_path,
+ STACK_OF(X509) *crl_path);
+
+static int internal_verify(X509_STORE_CTX *ctx);
+const char X509_version[] = "X.509" OPENSSL_VERSION_PTEXT;
+
+static int null_callback(int ok, X509_STORE_CTX *e)
+{
+ return ok;
+}
+
+#if 0
+static int x509_subject_cmp(X509 **a, X509 **b)
+{
+ return X509_subject_name_cmp(*a, *b);
+}
+#endif
+
+int X509_verify_cert(X509_STORE_CTX *ctx)
+{
+ X509 *x, *xtmp, *xtmp2, *chain_ss = NULL;
+ int bad_chain = 0;
+ X509_VERIFY_PARAM *param = ctx->param;
+ int depth, i, ok = 0;
+ int num, j, retry;
+ int (*cb) (int xok, X509_STORE_CTX *xctx);
+ STACK_OF(X509) *sktmp = NULL;
+ if (ctx->cert == NULL) {
+ X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
+ ctx->error = X509_V_ERR_INVALID_CALL;
+ return -1;
+ }
+ if (ctx->chain != NULL) {
+ /*
+ * This X509_STORE_CTX has already been used to verify a cert. We
+ * cannot do another one.
+ */
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ ctx->error = X509_V_ERR_INVALID_CALL;
+ return -1;
+ }
+
+ cb = ctx->verify_cb;
+
+ /*
+ * first we make sure the chain we are going to build is present and that
+ * the first entry is in place
+ */
+ if (((ctx->chain = sk_X509_new_null()) == NULL) ||
+ (!sk_X509_push(ctx->chain, ctx->cert))) {
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ok = -1;
+ goto end;
+ }
+ CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
+ ctx->last_untrusted = 1;
+
+ /* We use a temporary STACK so we can chop and hack at it */
+ if (ctx->untrusted != NULL
+ && (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ok = -1;
+ goto end;
+ }
+
+ num = sk_X509_num(ctx->chain);
+ x = sk_X509_value(ctx->chain, num - 1);
+ depth = param->depth;
+
+ for (;;) {
+ /* If we have enough, we break */
+ if (depth < num)
+ break; /* FIXME: If this happens, we should take
+ * note of it and, if appropriate, use the
+ * X509_V_ERR_CERT_CHAIN_TOO_LONG error code
+ * later. */
+
+ /* If we are self signed, we break */
+ if (ctx->check_issued(ctx, x, x))
+ break;
+
+ /* If we were passed a cert chain, use it first */
+ if (ctx->untrusted != NULL) {
+ xtmp = find_issuer(ctx, sktmp, x);
+ if (xtmp != NULL) {
+ if (!sk_X509_push(ctx->chain, xtmp)) {
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ok = -1;
+ goto end;
+ }
+ CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
+ (void)sk_X509_delete_ptr(sktmp, xtmp);
+ ctx->last_untrusted++;
+ x = xtmp;
+ num++;
+ /*
+ * reparse the full chain for the next one
+ */
+ continue;
+ }
+ }
+ break;
+ }
+
+ /* Remember how many untrusted certs we have */
+ j = num;
+ /*
+ * at this point, chain should contain a list of untrusted certificates.
+ * We now need to add at least one trusted one, if possible, otherwise we
+ * complain.
+ */
+
+ do {
+ /*
+ * Examine last certificate in chain and see if it is self signed.
+ */
+ i = sk_X509_num(ctx->chain);
+ x = sk_X509_value(ctx->chain, i - 1);
+ if (ctx->check_issued(ctx, x, x)) {
+ /* we have a self signed certificate */
+ if (sk_X509_num(ctx->chain) == 1) {
+ /*
+ * We have a single self signed certificate: see if we can
+ * find it in the store. We must have an exact match to avoid
+ * possible impersonation.
+ */
+ ok = ctx->get_issuer(&xtmp, ctx, x);
+ if ((ok <= 0) || X509_cmp(x, xtmp)) {
+ ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
+ ctx->current_cert = x;
+ ctx->error_depth = i - 1;
+ if (ok == 1)
+ X509_free(xtmp);
+ bad_chain = 1;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ } else {
+ /*
+ * We have a match: replace certificate with store
+ * version so we get any trust settings.
+ */
+ X509_free(x);
+ x = xtmp;
+ (void)sk_X509_set(ctx->chain, i - 1, x);
+ ctx->last_untrusted = 0;
+ }
+ } else {
+ /*
+ * extract and save self signed certificate for later use
+ */
+ chain_ss = sk_X509_pop(ctx->chain);
+ ctx->last_untrusted--;
+ num--;
+ j--;
+ x = sk_X509_value(ctx->chain, num - 1);
+ }
+ }
+ /* We now lookup certs from the certificate store */
+ for (;;) {
+ /* If we have enough, we break */
+ if (depth < num)
+ break;
+ /* If we are self signed, we break */
+ if (ctx->check_issued(ctx, x, x))
+ break;
+ ok = ctx->get_issuer(&xtmp, ctx, x);
+ if (ok < 0) {
+ ctx->error = X509_V_ERR_STORE_LOOKUP;
+ goto end;
+ }
+ if (ok == 0)
+ break;
+ x = xtmp;
+ if (!sk_X509_push(ctx->chain, x)) {
+ X509_free(xtmp);
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ok = -1;
+ goto end;
+ }
+ num++;
+ }
+
+ /*
+ * If we haven't got a least one certificate from our store then check
+ * if there is an alternative chain that could be used. We only do this
+ * if the user hasn't switched off alternate chain checking
+ */
+ retry = 0;
+ if (num == ctx->last_untrusted &&
+ !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
+ while (j-- > 1) {
+ xtmp2 = sk_X509_value(ctx->chain, j - 1);
+ ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
+ if (ok < 0) {
+ ctx->error = X509_V_ERR_STORE_LOOKUP;
+ goto end;
+ }
+ /* Check if we found an alternate chain */
+ if (ok > 0) {
+ /*
+ * Free up the found cert we'll add it again later
+ */
+ X509_free(xtmp);
+
+ /*
+ * Dump all the certs above this point - we've found an
+ * alternate chain
+ */
+ while (num > j) {
+ xtmp = sk_X509_pop(ctx->chain);
+ X509_free(xtmp);
+ num--;
+ }
+ ctx->last_untrusted = sk_X509_num(ctx->chain);
+ retry = 1;
+ break;
+ }
+ }
+ }
+ } while (retry);
+
+ /* Is last certificate looked up self signed? */
+ if (!ctx->check_issued(ctx, x, x)) {
+ if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) {
+ if (ctx->last_untrusted >= num)
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
+ else
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
+ ctx->current_cert = x;
+ } else {
+
+ sk_X509_push(ctx->chain, chain_ss);
+ num++;
+ ctx->last_untrusted = num;
+ ctx->current_cert = chain_ss;
+ ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
+ chain_ss = NULL;
+ }
+
+ ctx->error_depth = num - 1;
+ bad_chain = 1;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+
+ /* We have the chain complete: now we need to check its purpose */
+ ok = check_chain_extensions(ctx);
+
+ if (!ok)
+ goto end;
+
+ /* Check name constraints */
+
+ ok = check_name_constraints(ctx);
+
+ if (!ok)
+ goto end;
+
+ /* The chain extensions are OK: check trust */
+
+ if (param->trust > 0)
+ ok = check_trust(ctx);
+
+ if (!ok)
+ goto end;
+
+ /* We may as well copy down any DSA parameters that are required */
+ X509_get_pubkey_parameters(NULL, ctx->chain);
+
+ /*
+ * Check revocation status: we do this after copying parameters because
+ * they may be needed for CRL signature verification.
+ */
+
+ ok = ctx->check_revocation(ctx);
+ if (!ok)
+ goto end;
+
+ /* At this point, we have a chain and need to verify it */
+ if (ctx->verify != NULL)
+ ok = ctx->verify(ctx);
+ else
+ ok = internal_verify(ctx);
+ if (!ok)
+ goto end;
+
+#ifndef OPENSSL_NO_RFC3779
+ /* RFC 3779 path validation, now that CRL check has been done */
+ ok = v3_asid_validate_path(ctx);
+ if (!ok)
+ goto end;
+ ok = v3_addr_validate_path(ctx);
+ if (!ok)
+ goto end;
+#endif
+
+ /* If we get this far evaluate policies */
+ if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
+ ok = ctx->check_policy(ctx);
+ if (!ok)
+ goto end;
+ if (0) {
+ end:
+ X509_get_pubkey_parameters(NULL, ctx->chain);
+ }
+ if (sktmp != NULL)
+ sk_X509_free(sktmp);
+ if (chain_ss != NULL)
+ X509_free(chain_ss);
+
+ /* Safety net, error returns must set ctx->error */
+ if (ok <= 0 && ctx->error == X509_V_OK)
+ ctx->error = X509_V_ERR_UNSPECIFIED;
+ return ok;
+}
+
+/*
+ * Given a STACK_OF(X509) find the issuer of cert (if any)
+ */
+
+static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
+{
+ int i;
+ X509 *issuer;
+ for (i = 0; i < sk_X509_num(sk); i++) {
+ issuer = sk_X509_value(sk, i);
+ if (ctx->check_issued(ctx, x, issuer))
+ return issuer;
+ }
+ return NULL;
+}
+
+/* Given a possible certificate and issuer check them */
+
+static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
+{
+ int ret;
+ ret = X509_check_issued(issuer, x);
+ if (ret == X509_V_OK)
+ return 1;
+ /* If we haven't asked for issuer errors don't set ctx */
+ if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
+ return 0;
+
+ ctx->error = ret;
+ ctx->current_cert = x;
+ ctx->current_issuer = issuer;
+ return ctx->verify_cb(0, ctx);
+ return 0;
+}
+
+/* Alternative lookup method: look from a STACK stored in other_ctx */
+
+static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
+{
+ *issuer = find_issuer(ctx, ctx->other_ctx, x);
+ if (*issuer) {
+ CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
+ return 1;
+ } else
+ return 0;
+}
+
+/*
+ * Check a certificate chains extensions for consistency with the supplied
+ * purpose
+ */
+
+static int check_chain_extensions(X509_STORE_CTX *ctx)
+{
+#ifdef OPENSSL_NO_CHAIN_VERIFY
+ return 1;
+#else
+ int i, ok = 0, must_be_ca, plen = 0;
+ X509 *x;
+ int (*cb) (int xok, X509_STORE_CTX *xctx);
+ int proxy_path_length = 0;
+ int purpose;
+ int allow_proxy_certs;
+ cb = ctx->verify_cb;
+
+ /*-
+ * must_be_ca can have 1 of 3 values:
+ * -1: we accept both CA and non-CA certificates, to allow direct
+ * use of self-signed certificates (which are marked as CA).
+ * 0: we only accept non-CA certificates. This is currently not
+ * used, but the possibility is present for future extensions.
+ * 1: we only accept CA certificates. This is currently used for
+ * all certificates in the chain except the leaf certificate.
+ */
+ must_be_ca = -1;
+
+ /* CRL path validation */
+ if (ctx->parent) {
+ allow_proxy_certs = 0;
+ purpose = X509_PURPOSE_CRL_SIGN;
+ } else {
+ allow_proxy_certs =
+ ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
+ /*
+ * A hack to keep people who don't want to modify their software
+ * happy
+ */
+ if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
+ allow_proxy_certs = 1;
+ purpose = ctx->param->purpose;
+ }
+
+ /* Check all untrusted certificates */
+ for (i = 0; i < ctx->last_untrusted; i++) {
+ int ret;
+ x = sk_X509_value(ctx->chain, i);
+ if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+ && (x->ex_flags & EXFLAG_CRITICAL)) {
+ ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+ if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) {
+ ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+ ret = X509_check_ca(x);
+ switch (must_be_ca) {
+ case -1:
+ if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
+ && (ret != 1) && (ret != 0)) {
+ ret = 0;
+ ctx->error = X509_V_ERR_INVALID_CA;
+ } else
+ ret = 1;
+ break;
+ case 0:
+ if (ret != 0) {
+ ret = 0;
+ ctx->error = X509_V_ERR_INVALID_NON_CA;
+ } else
+ ret = 1;
+ break;
+ default:
+ if ((ret == 0)
+ || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
+ && (ret != 1))) {
+ ret = 0;
+ ctx->error = X509_V_ERR_INVALID_CA;
+ } else
+ ret = 1;
+ break;
+ }
+ if (ret == 0) {
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+ if (ctx->param->purpose > 0) {
+ ret = X509_check_purpose(x, purpose, must_be_ca > 0);
+ if ((ret == 0)
+ || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
+ && (ret != 1))) {
+ ctx->error = X509_V_ERR_INVALID_PURPOSE;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+ }
+ /* Check pathlen if not self issued */
+ if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
+ && (x->ex_pathlen != -1)
+ && (plen > (x->ex_pathlen + proxy_path_length + 1))) {
+ ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+ /* Increment path length if not self issued */
+ if (!(x->ex_flags & EXFLAG_SI))
+ plen++;
+ /*
+ * If this certificate is a proxy certificate, the next certificate
+ * must be another proxy certificate or a EE certificate. If not,
+ * the next certificate must be a CA certificate.
+ */
+ if (x->ex_flags & EXFLAG_PROXY) {
+ /*
+ * RFC3820, 4.1.3 (b)(1) stipulates that if pCPathLengthConstraint
+ * is less than max_path_length, the former should be copied to
+ * the latter, and 4.1.4 (a) stipulates that max_path_length
+ * should be verified to be larger than zero and decrement it.
+ *
+ * Because we're checking the certs in the reverse order, we start
+ * with verifying that proxy_path_length isn't larger than pcPLC,
+ * and copy the latter to the former if it is, and finally,
+ * increment proxy_path_length.
+ */
+ if (x->ex_pcpathlen != -1) {
+ if (proxy_path_length > x->ex_pcpathlen) {
+ ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ }
+ proxy_path_length = x->ex_pcpathlen;
+ }
+ proxy_path_length++;
+ must_be_ca = 0;
+ } else
+ must_be_ca = 1;
+ }
+ ok = 1;
+ end:
+ return ok;
+#endif
+}
+
+static int check_name_constraints(X509_STORE_CTX *ctx)
+{
+ X509 *x;
+ int i, j, rv;
+ /* Check name constraints for all certificates */
+ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
+ x = sk_X509_value(ctx->chain, i);
+ /* Ignore self issued certs unless last in chain */
+ if (i && (x->ex_flags & EXFLAG_SI))
+ continue;
+
+ /*
+ * Proxy certificates policy has an extra constraint, where the
+ * certificate subject MUST be the issuer with a single CN entry
+ * added.
+ * (RFC 3820: 3.4, 4.1.3 (a)(4))
+ */
+ if (x->ex_flags & EXFLAG_PROXY) {
+ X509_NAME *tmpsubject = X509_get_subject_name(x);
+ X509_NAME *tmpissuer = X509_get_issuer_name(x);
+ X509_NAME_ENTRY *tmpentry = NULL;
+ int last_object_nid = 0;
+ int err = X509_V_OK;
+ int last_object_loc = X509_NAME_entry_count(tmpsubject) - 1;
+
+ /* Check that there are at least two RDNs */
+ if (last_object_loc < 1) {
+ err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
+ goto proxy_name_done;
+ }
+
+ /*
+ * Check that there is exactly one more RDN in subject as
+ * there is in issuer.
+ */
+ if (X509_NAME_entry_count(tmpsubject)
+ != X509_NAME_entry_count(tmpissuer) + 1) {
+ err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
+ goto proxy_name_done;
+ }
+
+ /*
+ * Check that the last subject component isn't part of a
+ * multivalued RDN
+ */
+ if (X509_NAME_get_entry(tmpsubject, last_object_loc)->set
+ == X509_NAME_get_entry(tmpsubject, last_object_loc - 1)->set) {
+ err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
+ goto proxy_name_done;
+ }
+
+ /*
+ * Check that the last subject RDN is a commonName, and that
+ * all the previous RDNs match the issuer exactly
+ */
+ tmpsubject = X509_NAME_dup(tmpsubject);
+ if (tmpsubject == NULL) {
+ X509err(X509_F_CHECK_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return 0;
+ }
+
+ tmpentry =
+ X509_NAME_delete_entry(tmpsubject, last_object_loc);
+ last_object_nid =
+ OBJ_obj2nid(X509_NAME_ENTRY_get_object(tmpentry));
+
+ if (last_object_nid != NID_commonName
+ || X509_NAME_cmp(tmpsubject, tmpissuer) != 0) {
+ err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
+ }
+
+ X509_NAME_ENTRY_free(tmpentry);
+ X509_NAME_free(tmpsubject);
+
+ proxy_name_done:
+ if (err != X509_V_OK) {
+ ctx->error = err;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+ }
+
+ /*
+ * Check against constraints for all certificates higher in chain
+ * including trust anchor. Trust anchor not strictly speaking needed
+ * but if it includes constraints it is to be assumed it expects them
+ * to be obeyed.
+ */
+ for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
+ NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
+ if (nc) {
+ rv = NAME_CONSTRAINTS_check(x, nc);
+ switch (rv) {
+ case X509_V_OK:
+ continue;
+ case X509_V_ERR_OUT_OF_MEM:
+ ctx->error = rv;
+ return 0;
+ default:
+ ctx->error = rv;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ break;
+ }
+ }
+ }
+ }
+ return 1;
+}
+
+static int check_trust(X509_STORE_CTX *ctx)
+{
+#ifdef OPENSSL_NO_CHAIN_VERIFY
+ return 1;
+#else
+ int i, ok;
+ X509 *x;
+ int (*cb) (int xok, X509_STORE_CTX *xctx);
+ cb = ctx->verify_cb;
+/* For now just check the last certificate in the chain */
+ i = sk_X509_num(ctx->chain) - 1;
+ x = sk_X509_value(ctx->chain, i);
+ ok = X509_check_trust(x, ctx->param->trust, 0);
+ if (ok == X509_TRUST_TRUSTED)
+ return 1;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ if (ok == X509_TRUST_REJECTED)
+ ctx->error = X509_V_ERR_CERT_REJECTED;
+ else
+ ctx->error = X509_V_ERR_CERT_UNTRUSTED;
+ ok = cb(0, ctx);
+ return ok;
+#endif
+}
+
+static int check_revocation(X509_STORE_CTX *ctx)
+{
+ int i, last, ok;
+ if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
+ return 1;
+ if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
+ last = sk_X509_num(ctx->chain) - 1;
+ else {
+ /* If checking CRL paths this isn't the EE certificate */
+ if (ctx->parent)
+ return 1;
+ last = 0;
+ }
+ for (i = 0; i <= last; i++) {
+ ctx->error_depth = i;
+ ok = check_cert(ctx);
+ if (!ok)
+ return ok;
+ }
+ return 1;
+}
+
+static int check_cert(X509_STORE_CTX *ctx)
+{
+ X509_CRL *crl = NULL, *dcrl = NULL;
+ X509 *x;
+ int ok, cnum;
+ unsigned int last_reasons;
+ cnum = ctx->error_depth;
+ x = sk_X509_value(ctx->chain, cnum);
+ ctx->current_cert = x;
+ ctx->current_issuer = NULL;
+ ctx->current_crl_score = 0;
+ ctx->current_reasons = 0;
+ while (ctx->current_reasons != CRLDP_ALL_REASONS) {
+ last_reasons = ctx->current_reasons;
+ /* Try to retrieve relevant CRL */
+ if (ctx->get_crl)
+ ok = ctx->get_crl(ctx, &crl, x);
+ else
+ ok = get_crl_delta(ctx, &crl, &dcrl, x);
+ /*
+ * If error looking up CRL, nothing we can do except notify callback
+ */
+ if (!ok) {
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+ ok = ctx->verify_cb(0, ctx);
+ goto err;
+ }
+ ctx->current_crl = crl;
+ ok = ctx->check_crl(ctx, crl);
+ if (!ok)
+ goto err;
+
+ if (dcrl) {
+ ok = ctx->check_crl(ctx, dcrl);
+ if (!ok)
+ goto err;
+ ok = ctx->cert_crl(ctx, dcrl, x);
+ if (!ok)
+ goto err;
+ } else
+ ok = 1;
+
+ /* Don't look in full CRL if delta reason is removefromCRL */
+ if (ok != 2) {
+ ok = ctx->cert_crl(ctx, crl, x);
+ if (!ok)
+ goto err;
+ }
+
+ X509_CRL_free(crl);
+ X509_CRL_free(dcrl);
+ crl = NULL;
+ dcrl = NULL;
+ /*
+ * If reasons not updated we wont get anywhere by another iteration,
+ * so exit loop.
+ */
+ if (last_reasons == ctx->current_reasons) {
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+ ok = ctx->verify_cb(0, ctx);
+ goto err;
+ }
+ }
+ err:
+ X509_CRL_free(crl);
+ X509_CRL_free(dcrl);
+
+ ctx->current_crl = NULL;
+ return ok;
+
+}
+
+/* Check CRL times against values in X509_STORE_CTX */
+
+static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
+{
+ time_t *ptime;
+ int i;
+ if (notify)
+ ctx->current_crl = crl;
+ if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
+ ptime = &ctx->param->check_time;
+ else
+ ptime = NULL;
+
+ i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
+ if (i == 0) {
+ if (!notify)
+ return 0;
+ ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+
+ if (i > 0) {
+ if (!notify)
+ return 0;
+ ctx->error = X509_V_ERR_CRL_NOT_YET_VALID;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+
+ if (X509_CRL_get_nextUpdate(crl)) {
+ i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
+
+ if (i == 0) {
+ if (!notify)
+ return 0;
+ ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+ /* Ignore expiry of base CRL is delta is valid */
+ if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) {
+ if (!notify)
+ return 0;
+ ctx->error = X509_V_ERR_CRL_HAS_EXPIRED;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+ }
+
+ if (notify)
+ ctx->current_crl = NULL;
+
+ return 1;
+}
+
+static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
+ X509 **pissuer, int *pscore, unsigned int *preasons,
+ STACK_OF(X509_CRL) *crls)
+{
+ int i, crl_score, best_score = *pscore;
+ unsigned int reasons, best_reasons = 0;
+ X509 *x = ctx->current_cert;
+ X509_CRL *crl, *best_crl = NULL;
+ X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
+
+ for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+ crl = sk_X509_CRL_value(crls, i);
+ reasons = *preasons;
+ crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
+
+ if (crl_score > best_score) {
+ best_crl = crl;
+ best_crl_issuer = crl_issuer;
+ best_score = crl_score;
+ best_reasons = reasons;
+ }
+ }
+
+ if (best_crl) {
+ if (*pcrl)
+ X509_CRL_free(*pcrl);
+ *pcrl = best_crl;
+ *pissuer = best_crl_issuer;
+ *pscore = best_score;
+ *preasons = best_reasons;
+ CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ if (*pdcrl) {
+ X509_CRL_free(*pdcrl);
+ *pdcrl = NULL;
+ }
+ get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
+ }
+
+ if (best_score >= CRL_SCORE_VALID)
+ return 1;
+
+ return 0;
+}
+
+/*
+ * Compare two CRL extensions for delta checking purposes. They should be
+ * both present or both absent. If both present all fields must be identical.
+ */
+
+static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
+{
+ ASN1_OCTET_STRING *exta, *extb;
+ int i;
+ i = X509_CRL_get_ext_by_NID(a, nid, -1);
+ if (i >= 0) {
+ /* Can't have multiple occurrences */
+ if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
+ return 0;
+ exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
+ } else
+ exta = NULL;
+
+ i = X509_CRL_get_ext_by_NID(b, nid, -1);
+
+ if (i >= 0) {
+
+ if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
+ return 0;
+ extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
+ } else
+ extb = NULL;
+
+ if (!exta && !extb)
+ return 1;
+
+ if (!exta || !extb)
+ return 0;
+
+ if (ASN1_OCTET_STRING_cmp(exta, extb))
+ return 0;
+
+ return 1;
+}
+
+/* See if a base and delta are compatible */
+
+static int check_delta_base(X509_CRL *delta, X509_CRL *base)
+{
+ /* Delta CRL must be a delta */
+ if (!delta->base_crl_number)
+ return 0;
+ /* Base must have a CRL number */
+ if (!base->crl_number)
+ return 0;
+ /* Issuer names must match */
+ if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(delta)))
+ return 0;
+ /* AKID and IDP must match */
+ if (!crl_extension_match(delta, base, NID_authority_key_identifier))
+ return 0;
+ if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
+ return 0;
+ /* Delta CRL base number must not exceed Full CRL number. */
+ if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
+ return 0;
+ /* Delta CRL number must exceed full CRL number */
+ if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
+ return 1;
+ return 0;
+}
+
+/*
+ * For a given base CRL find a delta... maybe extend to delta scoring or
+ * retrieve a chain of deltas...
+ */
+
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
+ X509_CRL *base, STACK_OF(X509_CRL) *crls)
+{
+ X509_CRL *delta;
+ int i;
+ if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
+ return;
+ if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
+ return;
+ for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+ delta = sk_X509_CRL_value(crls, i);
+ if (check_delta_base(delta, base)) {
+ if (check_crl_time(ctx, delta, 0))
+ *pscore |= CRL_SCORE_TIME_DELTA;
+ CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
+ *dcrl = delta;
+ return;
+ }
+ }
+ *dcrl = NULL;
+}
+
+/*
+ * For a given CRL return how suitable it is for the supplied certificate
+ * 'x'. The return value is a mask of several criteria. If the issuer is not
+ * the certificate issuer this is returned in *pissuer. The reasons mask is
+ * also used to determine if the CRL is suitable: if no new reasons the CRL
+ * is rejected, otherwise reasons is updated.
+ */
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+ unsigned int *preasons, X509_CRL *crl, X509 *x)
+{
+
+ int crl_score = 0;
+ unsigned int tmp_reasons = *preasons, crl_reasons;
+
+ /* First see if we can reject CRL straight away */
+
+ /* Invalid IDP cannot be processed */
+ if (crl->idp_flags & IDP_INVALID)
+ return 0;
+ /* Reason codes or indirect CRLs need extended CRL support */
+ if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) {
+ if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
+ return 0;
+ } else if (crl->idp_flags & IDP_REASONS) {
+ /* If no new reasons reject */
+ if (!(crl->idp_reasons & ~tmp_reasons))
+ return 0;
+ }
+ /* Don't process deltas at this stage */
+ else if (crl->base_crl_number)
+ return 0;
+ /* If issuer name doesn't match certificate need indirect CRL */
+ if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) {
+ if (!(crl->idp_flags & IDP_INDIRECT))
+ return 0;
+ } else
+ crl_score |= CRL_SCORE_ISSUER_NAME;
+
+ if (!(crl->flags & EXFLAG_CRITICAL))
+ crl_score |= CRL_SCORE_NOCRITICAL;
+
+ /* Check expiry */
+ if (check_crl_time(ctx, crl, 0))
+ crl_score |= CRL_SCORE_TIME;
+
+ /* Check authority key ID and locate certificate issuer */
+ crl_akid_check(ctx, crl, pissuer, &crl_score);
+
+ /* If we can't locate certificate issuer at this point forget it */
+
+ if (!(crl_score & CRL_SCORE_AKID))
+ return 0;
+
+ /* Check cert for matching CRL distribution points */
+
+ if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) {
+ /* If no new reasons reject */
+ if (!(crl_reasons & ~tmp_reasons))
+ return 0;
+ tmp_reasons |= crl_reasons;
+ crl_score |= CRL_SCORE_SCOPE;
+ }
+
+ *preasons = tmp_reasons;
+
+ return crl_score;
+
+}
+
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
+ X509 **pissuer, int *pcrl_score)
+{
+ X509 *crl_issuer = NULL;
+ X509_NAME *cnm = X509_CRL_get_issuer(crl);
+ int cidx = ctx->error_depth;
+ int i;
+
+ if (cidx != sk_X509_num(ctx->chain) - 1)
+ cidx++;
+
+ crl_issuer = sk_X509_value(ctx->chain, cidx);
+
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ if (*pcrl_score & CRL_SCORE_ISSUER_NAME) {
+ *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_ISSUER_CERT;
+ *pissuer = crl_issuer;
+ return;
+ }
+ }
+
+ for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) {
+ crl_issuer = sk_X509_value(ctx->chain, cidx);
+ if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+ continue;
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_SAME_PATH;
+ *pissuer = crl_issuer;
+ return;
+ }
+ }
+
+ /* Anything else needs extended CRL support */
+
+ if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
+ return;
+
+ /*
+ * Otherwise the CRL issuer is not on the path. Look for it in the set of
+ * untrusted certificates.
+ */
+ for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
+ crl_issuer = sk_X509_value(ctx->untrusted, i);
+ if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+ continue;
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ *pissuer = crl_issuer;
+ *pcrl_score |= CRL_SCORE_AKID;
+ return;
+ }
+ }
+}
+
+/*
+ * Check the path of a CRL issuer certificate. This creates a new
+ * X509_STORE_CTX and populates it with most of the parameters from the
+ * parent. This could be optimised somewhat since a lot of path checking will
+ * be duplicated by the parent, but this will rarely be used in practice.
+ */
+
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
+{
+ X509_STORE_CTX crl_ctx;
+ int ret;
+ /* Don't allow recursive CRL path validation */
+ if (ctx->parent)
+ return 0;
+ if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
+ return -1;
+
+ crl_ctx.crls = ctx->crls;
+ /* Copy verify params across */
+ X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
+
+ crl_ctx.parent = ctx;
+ crl_ctx.verify_cb = ctx->verify_cb;
+
+ /* Verify CRL issuer */
+ ret = X509_verify_cert(&crl_ctx);
+
+ if (ret <= 0)
+ goto err;
+
+ /* Check chain is acceptable */
+
+ ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
+ err:
+ X509_STORE_CTX_cleanup(&crl_ctx);
+ return ret;
+}
+
+/*
+ * RFC3280 says nothing about the relationship between CRL path and
+ * certificate path, which could lead to situations where a certificate could
+ * be revoked or validated by a CA not authorised to do so. RFC5280 is more
+ * strict and states that the two paths must end in the same trust anchor,
+ * though some discussions remain... until this is resolved we use the
+ * RFC5280 version
+ */
+
+static int check_crl_chain(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *cert_path,
+ STACK_OF(X509) *crl_path)
+{
+ X509 *cert_ta, *crl_ta;
+ cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
+ crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
+ if (!X509_cmp(cert_ta, crl_ta))
+ return 1;
+ return 0;
+}
+
+/*-
+ * Check for match between two dist point names: three separate cases.
+ * 1. Both are relative names and compare X509_NAME types.
+ * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
+ * 3. Both are full names and compare two GENERAL_NAMES.
+ * 4. One is NULL: automatic match.
+ */
+
+static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
+{
+ X509_NAME *nm = NULL;
+ GENERAL_NAMES *gens = NULL;
+ GENERAL_NAME *gena, *genb;
+ int i, j;
+ if (!a || !b)
+ return 1;
+ if (a->type == 1) {
+ if (!a->dpname)
+ return 0;
+ /* Case 1: two X509_NAME */
+ if (b->type == 1) {
+ if (!b->dpname)
+ return 0;
+ if (!X509_NAME_cmp(a->dpname, b->dpname))
+ return 1;
+ else
+ return 0;
+ }
+ /* Case 2: set name and GENERAL_NAMES appropriately */
+ nm = a->dpname;
+ gens = b->name.fullname;
+ } else if (b->type == 1) {
+ if (!b->dpname)
+ return 0;
+ /* Case 2: set name and GENERAL_NAMES appropriately */
+ gens = a->name.fullname;
+ nm = b->dpname;
+ }
+
+ /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
+ if (nm) {
+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+ gena = sk_GENERAL_NAME_value(gens, i);
+ if (gena->type != GEN_DIRNAME)
+ continue;
+ if (!X509_NAME_cmp(nm, gena->d.directoryName))
+ return 1;
+ }
+ return 0;
+ }
+
+ /* Else case 3: two GENERAL_NAMES */
+
+ for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) {
+ gena = sk_GENERAL_NAME_value(a->name.fullname, i);
+ for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) {
+ genb = sk_GENERAL_NAME_value(b->name.fullname, j);
+ if (!GENERAL_NAME_cmp(gena, genb))
+ return 1;
+ }
+ }
+
+ return 0;
+
+}
+
+static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
+{
+ int i;
+ X509_NAME *nm = X509_CRL_get_issuer(crl);
+ /* If no CRLissuer return is successful iff don't need a match */
+ if (!dp->CRLissuer)
+ return ! !(crl_score & CRL_SCORE_ISSUER_NAME);
+ for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
+ GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+ if (gen->type != GEN_DIRNAME)
+ continue;
+ if (!X509_NAME_cmp(gen->d.directoryName, nm))
+ return 1;
+ }
+ return 0;
+}
+
+/* Check CRLDP and IDP */
+
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+ unsigned int *preasons)
+{
+ int i;
+ if (crl->idp_flags & IDP_ONLYATTR)
+ return 0;
+ if (x->ex_flags & EXFLAG_CA) {
+ if (crl->idp_flags & IDP_ONLYUSER)
+ return 0;
+ } else {
+ if (crl->idp_flags & IDP_ONLYCA)
+ return 0;
+ }
+ *preasons = crl->idp_reasons;
+ for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
+ DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
+ if (crldp_check_crlissuer(dp, crl, crl_score)) {
+ if (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint)) {
+ *preasons &= dp->dp_reasons;
+ return 1;
+ }
+ }
+ }
+ if ((!crl->idp || !crl->idp->distpoint)
+ && (crl_score & CRL_SCORE_ISSUER_NAME))
+ return 1;
+ return 0;
+}
+
+/*
+ * Retrieve CRL corresponding to current certificate. If deltas enabled try
+ * to find a delta CRL too
+ */
+
+static int get_crl_delta(X509_STORE_CTX *ctx,
+ X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
+{
+ int ok;
+ X509 *issuer = NULL;
+ int crl_score = 0;
+ unsigned int reasons;
+ X509_CRL *crl = NULL, *dcrl = NULL;
+ STACK_OF(X509_CRL) *skcrl;
+ X509_NAME *nm = X509_get_issuer_name(x);
+ reasons = ctx->current_reasons;
+ ok = get_crl_sk(ctx, &crl, &dcrl,
+ &issuer, &crl_score, &reasons, ctx->crls);
+
+ if (ok)
+ goto done;
+
+ /* Lookup CRLs from store */
+
+ skcrl = ctx->lookup_crls(ctx, nm);
+
+ /* If no CRLs found and a near match from get_crl_sk use that */
+ if (!skcrl && crl)
+ goto done;
+
+ get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
+
+ sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
+
+ done:
+
+ /* If we got any kind of CRL use it and return success */
+ if (crl) {
+ ctx->current_issuer = issuer;
+ ctx->current_crl_score = crl_score;
+ ctx->current_reasons = reasons;
+ *pcrl = crl;
+ *pdcrl = dcrl;
+ return 1;
+ }
+
+ return 0;
+}
+
+/* Check CRL validity */
+static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
+{
+ X509 *issuer = NULL;
+ EVP_PKEY *ikey = NULL;
+ int ok = 0, chnum, cnum;
+ cnum = ctx->error_depth;
+ chnum = sk_X509_num(ctx->chain) - 1;
+ /* if we have an alternative CRL issuer cert use that */
+ if (ctx->current_issuer)
+ issuer = ctx->current_issuer;
+
+ /*
+ * Else find CRL issuer: if not last certificate then issuer is next
+ * certificate in chain.
+ */
+ else if (cnum < chnum)
+ issuer = sk_X509_value(ctx->chain, cnum + 1);
+ else {
+ issuer = sk_X509_value(ctx->chain, chnum);
+ /* If not self signed, can't check signature */
+ if (!ctx->check_issued(ctx, issuer, issuer)) {
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+ }
+
+ if (issuer) {
+ /*
+ * Skip most tests for deltas because they have already been done
+ */
+ if (!crl->base_crl_number) {
+ /* Check for cRLSign bit if keyUsage present */
+ if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
+ !(issuer->ex_kusage & KU_CRL_SIGN)) {
+ ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+
+ if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) {
+ ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+
+ if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) {
+ if (check_crl_path(ctx, ctx->current_issuer) <= 0) {
+ ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+ }
+
+ if (crl->idp_flags & IDP_INVALID) {
+ ctx->error = X509_V_ERR_INVALID_EXTENSION;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+
+ }
+
+ if (!(ctx->current_crl_score & CRL_SCORE_TIME)) {
+ ok = check_crl_time(ctx, crl, 1);
+ if (!ok)
+ goto err;
+ }
+
+ /* Attempt to get issuer certificate public key */
+ ikey = X509_get_pubkey(issuer);
+
+ if (!ikey) {
+ ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ } else {
+ /* Verify CRL signature */
+ if (X509_CRL_verify(crl, ikey) <= 0) {
+ ctx->error = X509_V_ERR_CRL_SIGNATURE_FAILURE;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+ }
+ }
+
+ ok = 1;
+
+ err:
+ EVP_PKEY_free(ikey);
+ return ok;
+}
+
+/* Check certificate against CRL */
+static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
+{
+ int ok;
+ X509_REVOKED *rev;
+ /*
+ * The rules changed for this... previously if a CRL contained unhandled
+ * critical extensions it could still be used to indicate a certificate
+ * was revoked. This has since been changed since critical extension can
+ * change the meaning of CRL entries.
+ */
+ if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+ && (crl->flags & EXFLAG_CRITICAL)) {
+ ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ return 0;
+ }
+ /*
+ * Look for serial number of certificate in CRL If found make sure reason
+ * is not removeFromCRL.
+ */
+ if (X509_CRL_get0_by_cert(crl, &rev, x)) {
+ if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+ return 2;
+ ctx->error = X509_V_ERR_CERT_REVOKED;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ return 0;
+ }
+
+ return 1;
+}
+
+static int check_policy(X509_STORE_CTX *ctx)
+{
+ int ret;
+ if (ctx->parent)
+ return 1;
+ ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
+ ctx->param->policies, ctx->param->flags);
+ if (ret == 0) {
+ X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return 0;
+ }
+ /* Invalid or inconsistent extensions */
+ if (ret == -1) {
+ /*
+ * Locate certificates with bad extensions and notify callback.
+ */
+ X509 *x;
+ int i;
+ for (i = 1; i < sk_X509_num(ctx->chain); i++) {
+ x = sk_X509_value(ctx->chain, i);
+ if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
+ continue;
+ ctx->current_cert = x;
+ ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+ return 1;
+ }
+ if (ret == -2) {
+ ctx->current_cert = NULL;
+ ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
+ return ctx->verify_cb(0, ctx);
+ }
+
+ if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) {
+ ctx->current_cert = NULL;
+ /*
+ * Verification errors need to be "sticky", a callback may have allowed
+ * an SSL handshake to continue despite an error, and we must then
+ * remain in an error state. Therefore, we MUST NOT clear earlier
+ * verification errors by setting the error to X509_V_OK.
+ */
+ if (!ctx->verify_cb(2, ctx))
+ return 0;
+ }
+
+ return 1;
+}
+
+static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
+{
+ time_t *ptime;
+ int i;
+
+ if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
+ ptime = &ctx->param->check_time;
+ else
+ ptime = NULL;
+
+ i = X509_cmp_time(X509_get_notBefore(x), ptime);
+ if (i == 0) {
+ ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+
+ if (i > 0) {
+ ctx->error = X509_V_ERR_CERT_NOT_YET_VALID;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+
+ i = X509_cmp_time(X509_get_notAfter(x), ptime);
+ if (i == 0) {
+ ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+
+ if (i < 0) {
+ ctx->error = X509_V_ERR_CERT_HAS_EXPIRED;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+
+ return 1;
+}
+
+static int internal_verify(X509_STORE_CTX *ctx)
+{
+ int ok = 0, n;
+ X509 *xs, *xi;
+ EVP_PKEY *pkey = NULL;
+ int (*cb) (int xok, X509_STORE_CTX *xctx);
+
+ cb = ctx->verify_cb;
+
+ n = sk_X509_num(ctx->chain);
+ ctx->error_depth = n - 1;
+ n--;
+ xi = sk_X509_value(ctx->chain, n);
+
+ if (ctx->check_issued(ctx, xi, xi))
+ xs = xi;
+ else {
+ if (n <= 0) {
+ ctx->error = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
+ ctx->current_cert = xi;
+ ok = cb(0, ctx);
+ goto end;
+ } else {
+ n--;
+ ctx->error_depth = n;
+ xs = sk_X509_value(ctx->chain, n);
+ }
+ }
+
+/* ctx->error=0; not needed */
+ while (n >= 0) {
+ ctx->error_depth = n;
+
+ /*
+ * Skip signature check for self signed certificates unless
+ * explicitly asked for. It doesn't add any security and just wastes
+ * time.
+ */
+ if (!xs->valid
+ && (xs != xi
+ || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
+ if ((pkey = X509_get_pubkey(xi)) == NULL) {
+ ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+ ctx->current_cert = xi;
+ ok = (*cb) (0, ctx);
+ if (!ok)
+ goto end;
+ } else if (X509_verify(xs, pkey) <= 0) {
+ ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
+ ctx->current_cert = xs;
+ ok = (*cb) (0, ctx);
+ if (!ok) {
+ EVP_PKEY_free(pkey);
+ goto end;
+ }
+ }
+ EVP_PKEY_free(pkey);
+ pkey = NULL;
+ }
+
+ xs->valid = 1;
+
+ ok = check_cert_time(ctx, xs);
+ if (!ok)
+ goto end;
+
+ /* The last error (if any) is still in the error value */
+ ctx->current_issuer = xi;
+ ctx->current_cert = xs;
+ ok = (*cb) (1, ctx);
+ if (!ok)
+ goto end;
+
+ n--;
+ if (n >= 0) {
+ xi = xs;
+ xs = sk_X509_value(ctx->chain, n);
+ }
+ }
+ ok = 1;
+ end:
+ return ok;
+}
+
+int X509_cmp_current_time(const ASN1_TIME *ctm)
+{
+ return X509_cmp_time(ctm, NULL);
+}
+
+int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
+{
+ char *str;
+ ASN1_TIME atm;
+ long offset;
+ char buff1[24], buff2[24], *p;
+ int i, j, remaining;
+
+ p = buff1;
+ remaining = ctm->length;
+ str = (char *)ctm->data;
+ /*
+ * Note that the following (historical) code allows much more slack in the
+ * time format than RFC5280. In RFC5280, the representation is fixed:
+ * UTCTime: YYMMDDHHMMSSZ
+ * GeneralizedTime: YYYYMMDDHHMMSSZ
+ */
+ if (ctm->type == V_ASN1_UTCTIME) {
+ /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
+ int min_length = sizeof("YYMMDDHHMMZ") - 1;
+ int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
+ if (remaining < min_length || remaining > max_length)
+ return 0;
+ memcpy(p, str, 10);
+ p += 10;
+ str += 10;
+ remaining -= 10;
+ } else {
+ /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */
+ int min_length = sizeof("YYYYMMDDHHMMZ") - 1;
+ int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
+ if (remaining < min_length || remaining > max_length)
+ return 0;
+ memcpy(p, str, 12);
+ p += 12;
+ str += 12;
+ remaining -= 12;
+ }
+
+ if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
+ *(p++) = '0';
+ *(p++) = '0';
+ } else {
+ /* SS (seconds) */
+ if (remaining < 2)
+ return 0;
+ *(p++) = *(str++);
+ *(p++) = *(str++);
+ remaining -= 2;
+ /*
+ * Skip any (up to three) fractional seconds...
+ * TODO(emilia): in RFC5280, fractional seconds are forbidden.
+ * Can we just kill them altogether?
+ */
+ if (remaining && *str == '.') {
+ str++;
+ remaining--;
+ for (i = 0; i < 3 && remaining; i++, str++, remaining--) {
+ if (*str < '0' || *str > '9')
+ break;
+ }
+ }
+
+ }
+ *(p++) = 'Z';
+ *(p++) = '\0';
+
+ /* We now need either a terminating 'Z' or an offset. */
+ if (!remaining)
+ return 0;
+ if (*str == 'Z') {
+ if (remaining != 1)
+ return 0;
+ offset = 0;
+ } else {
+ /* (+-)HHMM */
+ if ((*str != '+') && (*str != '-'))
+ return 0;
+ /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */
+ if (remaining != 5)
+ return 0;
+ if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' ||
+ str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9')
+ return 0;
+ offset = ((str[1] - '0') * 10 + (str[2] - '0')) * 60;
+ offset += (str[3] - '0') * 10 + (str[4] - '0');
+ if (*str == '-')
+ offset = -offset;
+ }
+ atm.type = ctm->type;
+ atm.flags = 0;
+ atm.length = sizeof(buff2);
+ atm.data = (unsigned char *)buff2;
+
+ if (X509_time_adj(&atm, offset * 60, cmp_time) == NULL)
+ return 0;
+
+ if (ctm->type == V_ASN1_UTCTIME) {
+ i = (buff1[0] - '0') * 10 + (buff1[1] - '0');
+ if (i < 50)
+ i += 100; /* cf. RFC 2459 */
+ j = (buff2[0] - '0') * 10 + (buff2[1] - '0');
+ if (j < 50)
+ j += 100;
+
+ if (i < j)
+ return -1;
+ if (i > j)
+ return 1;
+ }
+ i = strcmp(buff1, buff2);
+ if (i == 0) /* wait a second then return younger :-) */
+ return -1;
+ else
+ return i;
+}
+
+ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
+{
+ return X509_time_adj(s, adj, NULL);
+}
+
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
+{
+ return X509_time_adj_ex(s, 0, offset_sec, in_tm);
+}
+
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+ int offset_day, long offset_sec, time_t *in_tm)
+{
+ time_t t;
+
+ if (in_tm)
+ t = *in_tm;
+ else
+ time(&t);
+
+ if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) {
+ if (s->type == V_ASN1_UTCTIME)
+ return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
+ if (s->type == V_ASN1_GENERALIZEDTIME)
+ return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
+ }
+ return ASN1_TIME_adj(s, t, offset_day, offset_sec);
+}
+
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
+{
+ EVP_PKEY *ktmp = NULL, *ktmp2;
+ int i, j;
+
+ if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey))
+ return 1;
+
+ for (i = 0; i < sk_X509_num(chain); i++) {
+ ktmp = X509_get_pubkey(sk_X509_value(chain, i));
+ if (ktmp == NULL) {
+ X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
+ X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
+ return 0;
+ }
+ if (!EVP_PKEY_missing_parameters(ktmp))
+ break;
+ else {
+ EVP_PKEY_free(ktmp);
+ ktmp = NULL;
+ }
+ }
+ if (ktmp == NULL) {
+ X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
+ X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
+ return 0;
+ }
+
+ /* first, populate the other certs */
+ for (j = i - 1; j >= 0; j--) {
+ ktmp2 = X509_get_pubkey(sk_X509_value(chain, j));
+ EVP_PKEY_copy_parameters(ktmp2, ktmp);
+ EVP_PKEY_free(ktmp2);
+ }
+
+ if (pkey != NULL)
+ EVP_PKEY_copy_parameters(pkey, ktmp);
+ EVP_PKEY_free(ktmp);
+ return 1;
+}
+
+int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func)
+{
+ /*
+ * This function is (usually) called only once, by
+ * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c).
+ */
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
+{
+ return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
+}
+
+void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
+{
+ return CRYPTO_get_ex_data(&ctx->ex_data, idx);
+}
+
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
+{
+ return ctx->error;
+}
+
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
+{
+ ctx->error = err;
+}
+
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
+{
+ return ctx->error_depth;
+}
+
+X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
+{
+ return ctx->current_cert;
+}
+
+STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
+{
+ return ctx->chain;
+}
+
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
+{
+ int i;
+ X509 *x;
+ STACK_OF(X509) *chain;
+ if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain)))
+ return NULL;
+ for (i = 0; i < sk_X509_num(chain); i++) {
+ x = sk_X509_value(chain, i);
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ }
+ return chain;
+}
+
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
+{
+ return ctx->current_issuer;
+}
+
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
+{
+ return ctx->current_crl;
+}
+
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
+{
+ return ctx->parent;
+}
+
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
+{
+ ctx->cert = x;
+}
+
+void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+ ctx->untrusted = sk;
+}
+
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
+{
+ ctx->crls = sk;
+}
+
+int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
+{
+ return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
+}
+
+int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
+{
+ return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
+}
+
+/*
+ * This function is used to set the X509_STORE_CTX purpose and trust values.
+ * This is intended to be used when another structure has its own trust and
+ * purpose values which (if set) will be inherited by the ctx. If they aren't
+ * set then we will usually have a default purpose in mind which should then
+ * be used to set the trust value. An example of this is SSL use: an SSL
+ * structure will have its own purpose and trust settings which the
+ * application can set: if they aren't set then we use the default of SSL
+ * client/server.
+ */
+
+int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+ int purpose, int trust)
+{
+ int idx;
+ /* If purpose not set use default */
+ if (!purpose)
+ purpose = def_purpose;
+ /* If we have a purpose then check it is valid */
+ if (purpose) {
+ X509_PURPOSE *ptmp;
+ idx = X509_PURPOSE_get_by_id(purpose);
+ if (idx == -1) {
+ X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+ X509_R_UNKNOWN_PURPOSE_ID);
+ return 0;
+ }
+ ptmp = X509_PURPOSE_get0(idx);
+ if (ptmp->trust == X509_TRUST_DEFAULT) {
+ idx = X509_PURPOSE_get_by_id(def_purpose);
+ if (idx == -1) {
+ X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+ X509_R_UNKNOWN_PURPOSE_ID);
+ return 0;
+ }
+ ptmp = X509_PURPOSE_get0(idx);
+ }
+ /* If trust not set then get from purpose default */
+ if (!trust)
+ trust = ptmp->trust;
+ }
+ if (trust) {
+ idx = X509_TRUST_get_by_id(trust);
+ if (idx == -1) {
+ X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+ X509_R_UNKNOWN_TRUST_ID);
+ return 0;
+ }
+ }
+
+ if (purpose && !ctx->param->purpose)
+ ctx->param->purpose = purpose;
+ if (trust && !ctx->param->trust)
+ ctx->param->trust = trust;
+ return 1;
+}
+
+X509_STORE_CTX *X509_STORE_CTX_new(void)
+{
+ X509_STORE_CTX *ctx;
+ ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
+ if (!ctx) {
+ X509err(X509_F_X509_STORE_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ memset(ctx, 0, sizeof(X509_STORE_CTX));
+ return ctx;
+}
+
+void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
+{
+ if (!ctx)
+ return;
+ X509_STORE_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+}
+
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
+ STACK_OF(X509) *chain)
+{
+ int ret = 1;
+ ctx->ctx = store;
+ ctx->current_method = 0;
+ ctx->cert = x509;
+ ctx->untrusted = chain;
+ ctx->crls = NULL;
+ ctx->last_untrusted = 0;
+ ctx->other_ctx = NULL;
+ ctx->valid = 0;
+ ctx->chain = NULL;
+ ctx->error = 0;
+ ctx->explicit_policy = 0;
+ ctx->error_depth = 0;
+ ctx->current_cert = NULL;
+ ctx->current_issuer = NULL;
+ ctx->current_crl = NULL;
+ ctx->current_crl_score = 0;
+ ctx->current_reasons = 0;
+ ctx->tree = NULL;
+ ctx->parent = NULL;
+ /* Zero ex_data to make sure we're cleanup-safe */
+ memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));
+
+ ctx->param = X509_VERIFY_PARAM_new();
+ if (!ctx->param) {
+ X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ /*
+ * Inherit callbacks and flags from X509_STORE if not set use defaults.
+ */
+ if (store)
+ ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
+ else
+ ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT | X509_VP_FLAG_ONCE;
+
+ if (store) {
+ ctx->verify_cb = store->verify_cb;
+ /* Seems to always be 0 in OpenSSL, else must be idempotent */
+ ctx->cleanup = store->cleanup;
+ } else
+ ctx->cleanup = 0;
+
+ if (ret)
+ ret = X509_VERIFY_PARAM_inherit(ctx->param,
+ X509_VERIFY_PARAM_lookup("default"));
+
+ if (ret == 0) {
+ X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (store && store->check_issued)
+ ctx->check_issued = store->check_issued;
+ else
+ ctx->check_issued = check_issued;
+
+ if (store && store->get_issuer)
+ ctx->get_issuer = store->get_issuer;
+ else
+ ctx->get_issuer = X509_STORE_CTX_get1_issuer;
+
+ if (store && store->verify_cb)
+ ctx->verify_cb = store->verify_cb;
+ else
+ ctx->verify_cb = null_callback;
+
+ if (store && store->verify)
+ ctx->verify = store->verify;
+ else
+ ctx->verify = internal_verify;
+
+ if (store && store->check_revocation)
+ ctx->check_revocation = store->check_revocation;
+ else
+ ctx->check_revocation = check_revocation;
+
+ if (store && store->get_crl)
+ ctx->get_crl = store->get_crl;
+ else
+ ctx->get_crl = NULL;
+
+ if (store && store->check_crl)
+ ctx->check_crl = store->check_crl;
+ else
+ ctx->check_crl = check_crl;
+
+ if (store && store->cert_crl)
+ ctx->cert_crl = store->cert_crl;
+ else
+ ctx->cert_crl = cert_crl;
+
+ if (store && store->lookup_certs)
+ ctx->lookup_certs = store->lookup_certs;
+ else
+ ctx->lookup_certs = X509_STORE_get1_certs;
+
+ if (store && store->lookup_crls)
+ ctx->lookup_crls = store->lookup_crls;
+ else
+ ctx->lookup_crls = X509_STORE_get1_crls;
+
+ ctx->check_policy = check_policy;
+
+ if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
+ &ctx->ex_data))
+ return 1;
+ X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
+
+ err:
+ /*
+ * On error clean up allocated storage, if the store context was not
+ * allocated with X509_STORE_CTX_new() this is our last chance to do so.
+ */
+ X509_STORE_CTX_cleanup(ctx);
+ return 0;
+}
+
+/*
+ * Set alternative lookup method: just a STACK of trusted certificates. This
+ * avoids X509_STORE nastiness where it isn't needed.
+ */
+
+void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+ ctx->other_ctx = sk;
+ ctx->get_issuer = get_issuer_sk;
+}
+
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
+{
+ /*
+ * We need to be idempotent because, unfortunately, free() also calls
+ * cleanup(), so the natural call sequence new(), init(), cleanup(), free()
+ * calls cleanup() for the same object twice! Thus we must zero the
+ * pointers below after they're freed!
+ */
+ /* Seems to always be 0 in OpenSSL, do this at most once. */
+ if (ctx->cleanup != NULL) {
+ ctx->cleanup(ctx);
+ ctx->cleanup = NULL;
+ }
+ if (ctx->param != NULL) {
+ if (ctx->parent == NULL)
+ X509_VERIFY_PARAM_free(ctx->param);
+ ctx->param = NULL;
+ }
+ if (ctx->tree != NULL) {
+ X509_policy_tree_free(ctx->tree);
+ ctx->tree = NULL;
+ }
+ if (ctx->chain != NULL) {
+ sk_X509_pop_free(ctx->chain, X509_free);
+ ctx->chain = NULL;
+ }
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
+ memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
+}
+
+void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
+{
+ X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+}
+
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
+{
+ X509_VERIFY_PARAM_set_flags(ctx->param, flags);
+}
+
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
+ time_t t)
+{
+ X509_VERIFY_PARAM_set_time(ctx->param, t);
+}
+
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *))
+{
+ ctx->verify_cb = verify_cb;
+}
+
+X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
+{
+ return ctx->tree;
+}
+
+int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
+{
+ return ctx->explicit_policy;
+}
+
+int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
+{
+ const X509_VERIFY_PARAM *param;
+ param = X509_VERIFY_PARAM_lookup(name);
+ if (!param)
+ return 0;
+ return X509_VERIFY_PARAM_inherit(ctx->param, param);
+}
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
+{
+ return ctx->param;
+}
+
+void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
+{
+ if (ctx->param)
+ X509_VERIFY_PARAM_free(ctx->param);
+ ctx->param = param;
+}
+
+IMPLEMENT_STACK_OF(X509)
+
+IMPLEMENT_ASN1_SET_OF(X509)
+
+IMPLEMENT_STACK_OF(X509_NAME)
+
+IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
+
+IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509/x509_vfy.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,595 +0,0 @@
-/* crypto/x509/x509_vfy.h */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-# include <openssl/x509.h>
-/*
- * openssl/x509.h ends up #include-ing this file at about the only
- * appropriate moment.
- */
-#endif
-
-#ifndef HEADER_X509_VFY_H
-# define HEADER_X509_VFY_H
-
-# include <openssl/opensslconf.h>
-# ifndef OPENSSL_NO_LHASH
-# include <openssl/lhash.h>
-# endif
-# include <openssl/bio.h>
-# include <openssl/crypto.h>
-# include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# if 0
-/* Outer object */
-typedef struct x509_hash_dir_st {
- int num_dirs;
- char **dirs;
- int *dirs_type;
- int num_dirs_alloced;
-} X509_HASH_DIR_CTX;
-# endif
-
-typedef struct x509_file_st {
- int num_paths; /* number of paths to files or directories */
- int num_alloced;
- char **paths; /* the list of paths or directories */
- int *path_type;
-} X509_CERT_FILE_CTX;
-
-/*******************************/
-/*-
-SSL_CTX -> X509_STORE
- -> X509_LOOKUP
- ->X509_LOOKUP_METHOD
- -> X509_LOOKUP
- ->X509_LOOKUP_METHOD
-
-SSL -> X509_STORE_CTX
- ->X509_STORE
-
-The X509_STORE holds the tables etc for verification stuff.
-A X509_STORE_CTX is used while validating a single certificate.
-The X509_STORE has X509_LOOKUPs for looking up certs.
-The X509_STORE then calls a function to actually verify the
-certificate chain.
-*/
-
-# define X509_LU_RETRY -1
-# define X509_LU_FAIL 0
-# define X509_LU_X509 1
-# define X509_LU_CRL 2
-# define X509_LU_PKEY 3
-
-typedef struct x509_object_st {
- /* one of the above types */
- int type;
- union {
- char *ptr;
- X509 *x509;
- X509_CRL *crl;
- EVP_PKEY *pkey;
- } data;
-} X509_OBJECT;
-
-typedef struct x509_lookup_st X509_LOOKUP;
-
-DECLARE_STACK_OF(X509_LOOKUP)
-DECLARE_STACK_OF(X509_OBJECT)
-
-/* This is a static that defines the function interface */
-typedef struct x509_lookup_method_st {
- const char *name;
- int (*new_item) (X509_LOOKUP *ctx);
- void (*free) (X509_LOOKUP *ctx);
- int (*init) (X509_LOOKUP *ctx);
- int (*shutdown) (X509_LOOKUP *ctx);
- int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
- char **ret);
- int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret);
- int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial, X509_OBJECT *ret);
- int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len,
- X509_OBJECT *ret);
- int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
- X509_OBJECT *ret);
-} X509_LOOKUP_METHOD;
-
-/*
- * This structure hold all parameters associated with a verify operation by
- * including an X509_VERIFY_PARAM structure in related structures the
- * parameters used can be customized
- */
-
-typedef struct X509_VERIFY_PARAM_st {
- char *name;
- time_t check_time; /* Time to use */
- unsigned long inh_flags; /* Inheritance flags */
- unsigned long flags; /* Various verify flags */
- int purpose; /* purpose to check untrusted certificates */
- int trust; /* trust setting to check */
- int depth; /* Verify depth */
- STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
-} X509_VERIFY_PARAM;
-
-DECLARE_STACK_OF(X509_VERIFY_PARAM)
-
-/*
- * This is used to hold everything. It is used for all certificate
- * validation. Once we have a certificate chain, the 'verify' function is
- * then called to actually check the cert chain.
- */
-struct x509_store_st {
- /* The following is a cache of trusted certs */
- int cache; /* if true, stash any hits */
- STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
- /* These are external lookup methods */
- STACK_OF(X509_LOOKUP) *get_cert_methods;
- X509_VERIFY_PARAM *param;
- /* Callbacks for various operations */
- /* called to verify a certificate */
- int (*verify) (X509_STORE_CTX *ctx);
- /* error callback */
- int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
- /* get issuers cert from ctx */
- int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
- /* check issued */
- int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
- /* Check revocation status of chain */
- int (*check_revocation) (X509_STORE_CTX *ctx);
- /* retrieve CRL */
- int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
- /* Check CRL validity */
- int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
- /* Check certificate against CRL */
- int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
- STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
- STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
- int (*cleanup) (X509_STORE_CTX *ctx);
- CRYPTO_EX_DATA ex_data;
- int references;
-} /* X509_STORE */ ;
-
-int X509_STORE_set_depth(X509_STORE *store, int depth);
-
-# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st {
- int init; /* have we been started */
- int skip; /* don't use us. */
- X509_LOOKUP_METHOD *method; /* the functions */
- char *method_data; /* method data */
- X509_STORE *store_ctx; /* who owns us */
-} /* X509_LOOKUP */ ;
-
-/*
- * This is a used when verifying cert chains. Since the gathering of the
- * cert chain can take some time (and have to be 'retried', this needs to be
- * kept and passed around.
- */
-struct x509_store_ctx_st { /* X509_STORE_CTX */
- X509_STORE *ctx;
- /* used when looking up certs */
- int current_method;
- /* The following are set by the caller */
- /* The cert to check */
- X509 *cert;
- /* chain of X509s - untrusted - passed in */
- STACK_OF(X509) *untrusted;
- /* set of CRLs passed in */
- STACK_OF(X509_CRL) *crls;
- X509_VERIFY_PARAM *param;
- /* Other info for use with get_issuer() */
- void *other_ctx;
- /* Callbacks for various operations */
- /* called to verify a certificate */
- int (*verify) (X509_STORE_CTX *ctx);
- /* error callback */
- int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
- /* get issuers cert from ctx */
- int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
- /* check issued */
- int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
- /* Check revocation status of chain */
- int (*check_revocation) (X509_STORE_CTX *ctx);
- /* retrieve CRL */
- int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
- /* Check CRL validity */
- int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
- /* Check certificate against CRL */
- int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
- int (*check_policy) (X509_STORE_CTX *ctx);
- STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
- STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
- int (*cleanup) (X509_STORE_CTX *ctx);
- /* The following is built up */
- /* if 0, rebuild chain */
- int valid;
- /* index of last untrusted cert */
- int last_untrusted;
- /* chain of X509s - built up and trusted */
- STACK_OF(X509) *chain;
- /* Valid policy tree */
- X509_POLICY_TREE *tree;
- /* Require explicit policy value */
- int explicit_policy;
- /* When something goes wrong, this is why */
- int error_depth;
- int error;
- X509 *current_cert;
- /* cert currently being tested as valid issuer */
- X509 *current_issuer;
- /* current CRL */
- X509_CRL *current_crl;
- /* score of current CRL */
- int current_crl_score;
- /* Reason mask */
- unsigned int current_reasons;
- /* For CRL path validation: parent context */
- X509_STORE_CTX *parent;
- CRYPTO_EX_DATA ex_data;
-} /* X509_STORE_CTX */ ;
-
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
-
-# define X509_STORE_CTX_set_app_data(ctx,data) \
- X509_STORE_CTX_set_ex_data(ctx,0,data)
-# define X509_STORE_CTX_get_app_data(ctx) \
- X509_STORE_CTX_get_ex_data(ctx,0)
-
-# define X509_L_FILE_LOAD 1
-# define X509_L_ADD_DIR 2
-
-# define X509_LOOKUP_load_file(x,name,type) \
- X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
-
-# define X509_LOOKUP_add_dir(x,name,type) \
- X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
-
-# define X509_V_OK 0
-/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
-
-# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
-# define X509_V_ERR_UNABLE_TO_GET_CRL 3
-# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
-# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
-# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
-# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
-# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
-# define X509_V_ERR_CERT_NOT_YET_VALID 9
-# define X509_V_ERR_CERT_HAS_EXPIRED 10
-# define X509_V_ERR_CRL_NOT_YET_VALID 11
-# define X509_V_ERR_CRL_HAS_EXPIRED 12
-# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
-# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
-# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
-# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
-# define X509_V_ERR_OUT_OF_MEM 17
-# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
-# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
-# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
-# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
-# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
-# define X509_V_ERR_CERT_REVOKED 23
-# define X509_V_ERR_INVALID_CA 24
-# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
-# define X509_V_ERR_INVALID_PURPOSE 26
-# define X509_V_ERR_CERT_UNTRUSTED 27
-# define X509_V_ERR_CERT_REJECTED 28
-/* These are 'informational' when looking for issuer cert */
-# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
-# define X509_V_ERR_AKID_SKID_MISMATCH 30
-# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
-# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
-
-# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
-# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
-# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
-# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
-# define X509_V_ERR_INVALID_NON_CA 37
-# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
-# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
-# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
-
-# define X509_V_ERR_INVALID_EXTENSION 41
-# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
-# define X509_V_ERR_NO_EXPLICIT_POLICY 43
-# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
-# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
-
-# define X509_V_ERR_UNNESTED_RESOURCE 46
-
-# define X509_V_ERR_PERMITTED_VIOLATION 47
-# define X509_V_ERR_EXCLUDED_VIOLATION 48
-# define X509_V_ERR_SUBTREE_MINMAX 49
-# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
-# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
-# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
-# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
-
-/* The application is not happy */
-# define X509_V_ERR_APPLICATION_VERIFICATION 50
-
-/* Certificate verify flags */
-
-/* Send issuer+subject checks to verify_cb */
-# define X509_V_FLAG_CB_ISSUER_CHECK 0x1
-/* Use check time instead of current time */
-# define X509_V_FLAG_USE_CHECK_TIME 0x2
-/* Lookup CRLs */
-# define X509_V_FLAG_CRL_CHECK 0x4
-/* Lookup CRLs for whole chain */
-# define X509_V_FLAG_CRL_CHECK_ALL 0x8
-/* Ignore unhandled critical extensions */
-# define X509_V_FLAG_IGNORE_CRITICAL 0x10
-/* Disable workarounds for broken certificates */
-# define X509_V_FLAG_X509_STRICT 0x20
-/* Enable proxy certificate validation */
-# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
-/* Enable policy checking */
-# define X509_V_FLAG_POLICY_CHECK 0x80
-/* Policy variable require-explicit-policy */
-# define X509_V_FLAG_EXPLICIT_POLICY 0x100
-/* Policy variable inhibit-any-policy */
-# define X509_V_FLAG_INHIBIT_ANY 0x200
-/* Policy variable inhibit-policy-mapping */
-# define X509_V_FLAG_INHIBIT_MAP 0x400
-/* Notify callback that policy is OK */
-# define X509_V_FLAG_NOTIFY_POLICY 0x800
-/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
-# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
-/* Delta CRL support */
-# define X509_V_FLAG_USE_DELTAS 0x2000
-/* Check selfsigned CA signature */
-# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
-/*
- * If the initial chain is not trusted, do not attempt to build an alternative
- * chain. Alternate chain checking was introduced in 1.0.1n/1.0.2b. Setting
- * this flag will force the behaviour to match that of previous versions.
- */
-# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
-
-# define X509_VP_FLAG_DEFAULT 0x1
-# define X509_VP_FLAG_OVERWRITE 0x2
-# define X509_VP_FLAG_RESET_FLAGS 0x4
-# define X509_VP_FLAG_LOCKED 0x8
-# define X509_VP_FLAG_ONCE 0x10
-
-/* Internal use: mask of policy related options */
-# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
- | X509_V_FLAG_EXPLICIT_POLICY \
- | X509_V_FLAG_INHIBIT_ANY \
- | X509_V_FLAG_INHIBIT_MAP)
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
- X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
- int type, X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
- X509_OBJECT *x);
-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
-X509_STORE *X509_STORE_new(void);
-void X509_STORE_free(X509_STORE *v);
-
-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
-int X509_STORE_set_trust(X509_STORE *ctx, int trust);
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
-
-void X509_STORE_set_verify_cb(X509_STORE *ctx,
- int (*verify_cb) (int, X509_STORE_CTX *));
-
-X509_STORE_CTX *X509_STORE_CTX_new(void);
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
- X509 *x509, STACK_OF(X509) *chain);
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
- X509_OBJECT *ret);
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret);
-
-# ifndef OPENSSL_NO_STDIO
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-# endif
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
-void X509_LOOKUP_free(X509_LOOKUP *ctx);
-int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len,
- X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
- X509_OBJECT *ret);
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
-
-# ifndef OPENSSL_NO_STDIO
-int X509_STORE_load_locations(X509_STORE *ctx,
- const char *file, const char *dir);
-int X509_STORE_set_default_paths(X509_STORE *ctx);
-# endif
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
-X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
-X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
-void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
- int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
- time_t t);
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
- int (*verify_cb) (int, X509_STORE_CTX *));
-
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
-
-/* X509_VERIFY_PARAM functions */
-
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
- const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
- const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
- unsigned long flags);
-int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
- unsigned long flags);
-unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
- ASN1_OBJECT *policy);
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
- STACK_OF(ASN1_OBJECT) *policies);
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
-
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
-void X509_VERIFY_PARAM_table_cleanup(void);
-
-int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
- STACK_OF(X509) *certs,
- STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
-
-void X509_policy_tree_free(X509_POLICY_TREE *tree);
-
-int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
-X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
- int i);
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
- X509_POLICY_TREE
- *tree);
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
- X509_POLICY_TREE
- *tree);
-
-int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
-
-X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
- int i);
-
-const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
-
-STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
- X509_POLICY_NODE
- *node);
-const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
- *node);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h (from rev 11605, vendor-crypto/openssl/dist/crypto/x509/x509_vfy.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509/x509_vfy.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,615 @@
+/* crypto/x509/x509_vfy.h */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_H
+# include <openssl/x509.h>
+/*
+ * openssl/x509.h ends up #include-ing this file at about the only
+ * appropriate moment.
+ */
+#endif
+
+#ifndef HEADER_X509_VFY_H
+# define HEADER_X509_VFY_H
+
+# include <openssl/opensslconf.h>
+# ifndef OPENSSL_NO_LHASH
+# include <openssl/lhash.h>
+# endif
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/symhacks.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# if 0
+/* Outer object */
+typedef struct x509_hash_dir_st {
+ int num_dirs;
+ char **dirs;
+ int *dirs_type;
+ int num_dirs_alloced;
+} X509_HASH_DIR_CTX;
+# endif
+
+typedef struct x509_file_st {
+ int num_paths; /* number of paths to files or directories */
+ int num_alloced;
+ char **paths; /* the list of paths or directories */
+ int *path_type;
+} X509_CERT_FILE_CTX;
+
+/*******************************/
+/*-
+SSL_CTX -> X509_STORE
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+
+SSL -> X509_STORE_CTX
+ ->X509_STORE
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+# define X509_LU_RETRY -1
+# define X509_LU_FAIL 0
+# define X509_LU_X509 1
+# define X509_LU_CRL 2
+# define X509_LU_PKEY 3
+
+typedef struct x509_object_st {
+ /* one of the above types */
+ int type;
+ union {
+ char *ptr;
+ X509 *x509;
+ X509_CRL *crl;
+ EVP_PKEY *pkey;
+ } data;
+} X509_OBJECT;
+
+typedef struct x509_lookup_st X509_LOOKUP;
+
+DECLARE_STACK_OF(X509_LOOKUP)
+DECLARE_STACK_OF(X509_OBJECT)
+
+/* This is a static that defines the function interface */
+typedef struct x509_lookup_method_st {
+ const char *name;
+ int (*new_item) (X509_LOOKUP *ctx);
+ void (*free) (X509_LOOKUP *ctx);
+ int (*init) (X509_LOOKUP *ctx);
+ int (*shutdown) (X509_LOOKUP *ctx);
+ int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret);
+ int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+ int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial, X509_OBJECT *ret);
+ int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
+ unsigned char *bytes, int len,
+ X509_OBJECT *ret);
+ int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
+ X509_OBJECT *ret);
+} X509_LOOKUP_METHOD;
+
+/*
+ * This structure hold all parameters associated with a verify operation by
+ * including an X509_VERIFY_PARAM structure in related structures the
+ * parameters used can be customized
+ */
+
+typedef struct X509_VERIFY_PARAM_st {
+ char *name;
+ time_t check_time; /* Time to use */
+ unsigned long inh_flags; /* Inheritance flags */
+ unsigned long flags; /* Various verify flags */
+ int purpose; /* purpose to check untrusted certificates */
+ int trust; /* trust setting to check */
+ int depth; /* Verify depth */
+ STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
+} X509_VERIFY_PARAM;
+
+DECLARE_STACK_OF(X509_VERIFY_PARAM)
+
+/*
+ * This is used to hold everything. It is used for all certificate
+ * validation. Once we have a certificate chain, the 'verify' function is
+ * then called to actually check the cert chain.
+ */
+struct x509_store_st {
+ /* The following is a cache of trusted certs */
+ int cache; /* if true, stash any hits */
+ STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
+ /* These are external lookup methods */
+ STACK_OF(X509_LOOKUP) *get_cert_methods;
+ X509_VERIFY_PARAM *param;
+ /* Callbacks for various operations */
+ /* called to verify a certificate */
+ int (*verify) (X509_STORE_CTX *ctx);
+ /* error callback */
+ int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
+ /* get issuers cert from ctx */
+ int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+ /* check issued */
+ int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+ /* Check revocation status of chain */
+ int (*check_revocation) (X509_STORE_CTX *ctx);
+ /* retrieve CRL */
+ int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+ /* Check CRL validity */
+ int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
+ /* Check certificate against CRL */
+ int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+ STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ int (*cleanup) (X509_STORE_CTX *ctx);
+ CRYPTO_EX_DATA ex_data;
+ int references;
+} /* X509_STORE */ ;
+
+int X509_STORE_set_depth(X509_STORE *store, int depth);
+
+# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
+
+/* This is the functions plus an instance of the local variables. */
+struct x509_lookup_st {
+ int init; /* have we been started */
+ int skip; /* don't use us. */
+ X509_LOOKUP_METHOD *method; /* the functions */
+ char *method_data; /* method data */
+ X509_STORE *store_ctx; /* who owns us */
+} /* X509_LOOKUP */ ;
+
+/*
+ * This is a used when verifying cert chains. Since the gathering of the
+ * cert chain can take some time (and have to be 'retried', this needs to be
+ * kept and passed around.
+ */
+struct x509_store_ctx_st { /* X509_STORE_CTX */
+ X509_STORE *ctx;
+ /* used when looking up certs */
+ int current_method;
+ /* The following are set by the caller */
+ /* The cert to check */
+ X509 *cert;
+ /* chain of X509s - untrusted - passed in */
+ STACK_OF(X509) *untrusted;
+ /* set of CRLs passed in */
+ STACK_OF(X509_CRL) *crls;
+ X509_VERIFY_PARAM *param;
+ /* Other info for use with get_issuer() */
+ void *other_ctx;
+ /* Callbacks for various operations */
+ /* called to verify a certificate */
+ int (*verify) (X509_STORE_CTX *ctx);
+ /* error callback */
+ int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
+ /* get issuers cert from ctx */
+ int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+ /* check issued */
+ int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+ /* Check revocation status of chain */
+ int (*check_revocation) (X509_STORE_CTX *ctx);
+ /* retrieve CRL */
+ int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+ /* Check CRL validity */
+ int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
+ /* Check certificate against CRL */
+ int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+ int (*check_policy) (X509_STORE_CTX *ctx);
+ STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ int (*cleanup) (X509_STORE_CTX *ctx);
+ /* The following is built up */
+ /* if 0, rebuild chain */
+ int valid;
+ /* index of last untrusted cert */
+ int last_untrusted;
+ /* chain of X509s - built up and trusted */
+ STACK_OF(X509) *chain;
+ /* Valid policy tree */
+ X509_POLICY_TREE *tree;
+ /* Require explicit policy value */
+ int explicit_policy;
+ /* When something goes wrong, this is why */
+ int error_depth;
+ int error;
+ X509 *current_cert;
+ /* cert currently being tested as valid issuer */
+ X509 *current_issuer;
+ /* current CRL */
+ X509_CRL *current_crl;
+ /* score of current CRL */
+ int current_crl_score;
+ /* Reason mask */
+ unsigned int current_reasons;
+ /* For CRL path validation: parent context */
+ X509_STORE_CTX *parent;
+ CRYPTO_EX_DATA ex_data;
+} /* X509_STORE_CTX */ ;
+
+void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+
+# define X509_STORE_CTX_set_app_data(ctx,data) \
+ X509_STORE_CTX_set_ex_data(ctx,0,data)
+# define X509_STORE_CTX_get_app_data(ctx) \
+ X509_STORE_CTX_get_ex_data(ctx,0)
+
+# define X509_L_FILE_LOAD 1
+# define X509_L_ADD_DIR 2
+
+# define X509_LOOKUP_load_file(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+# define X509_LOOKUP_add_dir(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+# define X509_V_OK 0
+# define X509_V_ERR_UNSPECIFIED 1
+
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
+# define X509_V_ERR_UNABLE_TO_GET_CRL 3
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
+# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
+# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
+# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
+# define X509_V_ERR_CERT_NOT_YET_VALID 9
+# define X509_V_ERR_CERT_HAS_EXPIRED 10
+# define X509_V_ERR_CRL_NOT_YET_VALID 11
+# define X509_V_ERR_CRL_HAS_EXPIRED 12
+# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
+# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
+# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
+# define X509_V_ERR_OUT_OF_MEM 17
+# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
+# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+# define X509_V_ERR_CERT_REVOKED 23
+# define X509_V_ERR_INVALID_CA 24
+# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
+# define X509_V_ERR_INVALID_PURPOSE 26
+# define X509_V_ERR_CERT_UNTRUSTED 27
+# define X509_V_ERR_CERT_REJECTED 28
+/* These are 'informational' when looking for issuer cert */
+# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
+# define X509_V_ERR_AKID_SKID_MISMATCH 30
+# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
+# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
+
+# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
+# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
+# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
+# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
+# define X509_V_ERR_INVALID_NON_CA 37
+# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
+# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
+# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
+
+# define X509_V_ERR_INVALID_EXTENSION 41
+# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
+# define X509_V_ERR_NO_EXPLICIT_POLICY 43
+# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
+# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
+
+# define X509_V_ERR_UNNESTED_RESOURCE 46
+
+# define X509_V_ERR_PERMITTED_VIOLATION 47
+# define X509_V_ERR_EXCLUDED_VIOLATION 48
+# define X509_V_ERR_SUBTREE_MINMAX 49
+# define X509_V_ERR_APPLICATION_VERIFICATION 50
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
+# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
+# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
+
+# if 0 /* Reserved for compatibility 1.0.2 */
+/* Suite B mode algorithm violation */
+# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
+# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
+# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
+# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
+# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
+# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
+
+/* Host, email and IP check errors */
+# define X509_V_ERR_HOSTNAME_MISMATCH 62
+# define X509_V_ERR_EMAIL_MISMATCH 63
+# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
+# endif
+
+/* Caller error */
+# define X509_V_ERR_INVALID_CALL 65
+/* Issuer lookup error */
+# define X509_V_ERR_STORE_LOOKUP 66
+
+# define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 67
+
+/* Certificate verify flags */
+
+/* Send issuer+subject checks to verify_cb */
+# define X509_V_FLAG_CB_ISSUER_CHECK 0x1
+/* Use check time instead of current time */
+# define X509_V_FLAG_USE_CHECK_TIME 0x2
+/* Lookup CRLs */
+# define X509_V_FLAG_CRL_CHECK 0x4
+/* Lookup CRLs for whole chain */
+# define X509_V_FLAG_CRL_CHECK_ALL 0x8
+/* Ignore unhandled critical extensions */
+# define X509_V_FLAG_IGNORE_CRITICAL 0x10
+/* Disable workarounds for broken certificates */
+# define X509_V_FLAG_X509_STRICT 0x20
+/* Enable proxy certificate validation */
+# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
+/* Enable policy checking */
+# define X509_V_FLAG_POLICY_CHECK 0x80
+/* Policy variable require-explicit-policy */
+# define X509_V_FLAG_EXPLICIT_POLICY 0x100
+/* Policy variable inhibit-any-policy */
+# define X509_V_FLAG_INHIBIT_ANY 0x200
+/* Policy variable inhibit-policy-mapping */
+# define X509_V_FLAG_INHIBIT_MAP 0x400
+/* Notify callback that policy is OK */
+# define X509_V_FLAG_NOTIFY_POLICY 0x800
+/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
+# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
+/* Delta CRL support */
+# define X509_V_FLAG_USE_DELTAS 0x2000
+/* Check selfsigned CA signature */
+# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
+/*
+ * If the initial chain is not trusted, do not attempt to build an alternative
+ * chain. Alternate chain checking was introduced in 1.0.1n/1.0.2b. Setting
+ * this flag will force the behaviour to match that of previous versions.
+ */
+# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
+
+# define X509_VP_FLAG_DEFAULT 0x1
+# define X509_VP_FLAG_OVERWRITE 0x2
+# define X509_VP_FLAG_RESET_FLAGS 0x4
+# define X509_VP_FLAG_LOCKED 0x8
+# define X509_VP_FLAG_ONCE 0x10
+
+/* Internal use: mask of policy related options */
+# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
+ | X509_V_FLAG_EXPLICIT_POLICY \
+ | X509_V_FLAG_INHIBIT_ANY \
+ | X509_V_FLAG_INHIBIT_MAP)
+
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+ X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+ int type, X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+ X509_OBJECT *x);
+void X509_OBJECT_up_ref_count(X509_OBJECT *a);
+void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_STORE *X509_STORE_new(void);
+void X509_STORE_free(X509_STORE *v);
+
+STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *));
+
+X509_STORE_CTX *X509_STORE_CTX_new(void);
+
+int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+
+void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK_OF(X509) *chain);
+void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+ long argl, char **ret);
+
+# ifndef OPENSSL_NO_STDIO
+int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+# endif
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+ unsigned char *bytes, int len,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
+ X509_OBJECT *ret);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+# ifndef OPENSSL_NO_STDIO
+int X509_STORE_load_locations(X509_STORE *ctx,
+ const char *file, const char *dir);
+int X509_STORE_set_default_paths(X509_STORE *ctx);
+# endif
+
+int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
+void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
+void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
+int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
+int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+ int purpose, int trust);
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
+ time_t t);
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *));
+
+X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+/* X509_VERIFY_PARAM functions */
+
+X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
+void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
+ const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
+ const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
+int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+ ASN1_OBJECT *policy);
+int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+ STACK_OF(ASN1_OBJECT) *policies);
+int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
+void X509_VERIFY_PARAM_table_cleanup(void);
+
+int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+ STACK_OF(X509) *certs,
+ STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
+
+void X509_policy_tree_free(X509_POLICY_TREE *tree);
+
+int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
+X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
+ int i);
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+ X509_POLICY_TREE
+ *tree);
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+ X509_POLICY_TREE
+ *tree);
+
+int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
+
+X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
+ int i);
+
+const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
+
+STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+ X509_POLICY_NODE
+ *node);
+const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
+ *node);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509v3/v3_addr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1344 +0,0 @@
-/*
- * Contributed to the OpenSSL Project by the American Registry for
- * Internet Numbers ("ARIN").
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- */
-
-/*
- * Implementation of RFC 3779 section 2.2.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/buffer.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_RFC3779
-
-/*
- * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
- */
-
-ASN1_SEQUENCE(IPAddressRange) = {
- ASN1_SIMPLE(IPAddressRange, min, ASN1_BIT_STRING),
- ASN1_SIMPLE(IPAddressRange, max, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(IPAddressRange)
-
-ASN1_CHOICE(IPAddressOrRange) = {
- ASN1_SIMPLE(IPAddressOrRange, u.addressPrefix, ASN1_BIT_STRING),
- ASN1_SIMPLE(IPAddressOrRange, u.addressRange, IPAddressRange)
-} ASN1_CHOICE_END(IPAddressOrRange)
-
-ASN1_CHOICE(IPAddressChoice) = {
- ASN1_SIMPLE(IPAddressChoice, u.inherit, ASN1_NULL),
- ASN1_SEQUENCE_OF(IPAddressChoice, u.addressesOrRanges, IPAddressOrRange)
-} ASN1_CHOICE_END(IPAddressChoice)
-
-ASN1_SEQUENCE(IPAddressFamily) = {
- ASN1_SIMPLE(IPAddressFamily, addressFamily, ASN1_OCTET_STRING),
- ASN1_SIMPLE(IPAddressFamily, ipAddressChoice, IPAddressChoice)
-} ASN1_SEQUENCE_END(IPAddressFamily)
-
-ASN1_ITEM_TEMPLATE(IPAddrBlocks) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
- IPAddrBlocks, IPAddressFamily)
-ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
-
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressOrRange)
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressChoice)
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressFamily)
-
-/*
- * How much buffer space do we need for a raw address?
- */
-# define ADDR_RAW_BUF_LEN 16
-
-/*
- * What's the address length associated with this AFI?
- */
-static int length_from_afi(const unsigned afi)
-{
- switch (afi) {
- case IANA_AFI_IPV4:
- return 4;
- case IANA_AFI_IPV6:
- return 16;
- default:
- return 0;
- }
-}
-
-/*
- * Extract the AFI from an IPAddressFamily.
- */
-unsigned int v3_addr_get_afi(const IPAddressFamily *f)
-{
- return ((f != NULL &&
- f->addressFamily != NULL && f->addressFamily->data != NULL)
- ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
- : 0);
-}
-
-/*
- * Expand the bitstring form of an address into a raw byte array.
- * At the moment this is coded for simplicity, not speed.
- */
-static int addr_expand(unsigned char *addr,
- const ASN1_BIT_STRING *bs,
- const int length, const unsigned char fill)
-{
- if (bs->length < 0 || bs->length > length)
- return 0;
- if (bs->length > 0) {
- memcpy(addr, bs->data, bs->length);
- if ((bs->flags & 7) != 0) {
- unsigned char mask = 0xFF >> (8 - (bs->flags & 7));
- if (fill == 0)
- addr[bs->length - 1] &= ~mask;
- else
- addr[bs->length - 1] |= mask;
- }
- }
- memset(addr + bs->length, fill, length - bs->length);
- return 1;
-}
-
-/*
- * Extract the prefix length from a bitstring.
- */
-# define addr_prefixlen(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7)))
-
-/*
- * i2r handler for one address bitstring.
- */
-static int i2r_address(BIO *out,
- const unsigned afi,
- const unsigned char fill, const ASN1_BIT_STRING *bs)
-{
- unsigned char addr[ADDR_RAW_BUF_LEN];
- int i, n;
-
- if (bs->length < 0)
- return 0;
- switch (afi) {
- case IANA_AFI_IPV4:
- if (!addr_expand(addr, bs, 4, fill))
- return 0;
- BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
- break;
- case IANA_AFI_IPV6:
- if (!addr_expand(addr, bs, 16, fill))
- return 0;
- for (n = 16; n > 1 && addr[n - 1] == 0x00 && addr[n - 2] == 0x00;
- n -= 2) ;
- for (i = 0; i < n; i += 2)
- BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i + 1],
- (i < 14 ? ":" : ""));
- if (i < 16)
- BIO_puts(out, ":");
- if (i == 0)
- BIO_puts(out, ":");
- break;
- default:
- for (i = 0; i < bs->length; i++)
- BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
- BIO_printf(out, "[%d]", (int)(bs->flags & 7));
- break;
- }
- return 1;
-}
-
-/*
- * i2r handler for a sequence of addresses and ranges.
- */
-static int i2r_IPAddressOrRanges(BIO *out,
- const int indent,
- const IPAddressOrRanges *aors,
- const unsigned afi)
-{
- int i;
- for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
- const IPAddressOrRange *aor = sk_IPAddressOrRange_value(aors, i);
- BIO_printf(out, "%*s", indent, "");
- switch (aor->type) {
- case IPAddressOrRange_addressPrefix:
- if (!i2r_address(out, afi, 0x00, aor->u.addressPrefix))
- return 0;
- BIO_printf(out, "/%d\n", addr_prefixlen(aor->u.addressPrefix));
- continue;
- case IPAddressOrRange_addressRange:
- if (!i2r_address(out, afi, 0x00, aor->u.addressRange->min))
- return 0;
- BIO_puts(out, "-");
- if (!i2r_address(out, afi, 0xFF, aor->u.addressRange->max))
- return 0;
- BIO_puts(out, "\n");
- continue;
- }
- }
- return 1;
-}
-
-/*
- * i2r handler for an IPAddrBlocks extension.
- */
-static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method,
- void *ext, BIO *out, int indent)
-{
- const IPAddrBlocks *addr = ext;
- int i;
- for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
- IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
- const unsigned int afi = v3_addr_get_afi(f);
- switch (afi) {
- case IANA_AFI_IPV4:
- BIO_printf(out, "%*sIPv4", indent, "");
- break;
- case IANA_AFI_IPV6:
- BIO_printf(out, "%*sIPv6", indent, "");
- break;
- default:
- BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi);
- break;
- }
- if (f->addressFamily->length > 2) {
- switch (f->addressFamily->data[2]) {
- case 1:
- BIO_puts(out, " (Unicast)");
- break;
- case 2:
- BIO_puts(out, " (Multicast)");
- break;
- case 3:
- BIO_puts(out, " (Unicast/Multicast)");
- break;
- case 4:
- BIO_puts(out, " (MPLS)");
- break;
- case 64:
- BIO_puts(out, " (Tunnel)");
- break;
- case 65:
- BIO_puts(out, " (VPLS)");
- break;
- case 66:
- BIO_puts(out, " (BGP MDT)");
- break;
- case 128:
- BIO_puts(out, " (MPLS-labeled VPN)");
- break;
- default:
- BIO_printf(out, " (Unknown SAFI %u)",
- (unsigned)f->addressFamily->data[2]);
- break;
- }
- }
- switch (f->ipAddressChoice->type) {
- case IPAddressChoice_inherit:
- BIO_puts(out, ": inherit\n");
- break;
- case IPAddressChoice_addressesOrRanges:
- BIO_puts(out, ":\n");
- if (!i2r_IPAddressOrRanges(out,
- indent + 2,
- f->ipAddressChoice->
- u.addressesOrRanges, afi))
- return 0;
- break;
- }
- }
- return 1;
-}
-
-/*
- * Sort comparison function for a sequence of IPAddressOrRange
- * elements.
- *
- * There's no sane answer we can give if addr_expand() fails, and an
- * assertion failure on externally supplied data is seriously uncool,
- * so we just arbitrarily declare that if given invalid inputs this
- * function returns -1. If this messes up your preferred sort order
- * for garbage input, tough noogies.
- */
-static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
- const IPAddressOrRange *b, const int length)
-{
- unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
- int prefixlen_a = 0, prefixlen_b = 0;
- int r;
-
- switch (a->type) {
- case IPAddressOrRange_addressPrefix:
- if (!addr_expand(addr_a, a->u.addressPrefix, length, 0x00))
- return -1;
- prefixlen_a = addr_prefixlen(a->u.addressPrefix);
- break;
- case IPAddressOrRange_addressRange:
- if (!addr_expand(addr_a, a->u.addressRange->min, length, 0x00))
- return -1;
- prefixlen_a = length * 8;
- break;
- }
-
- switch (b->type) {
- case IPAddressOrRange_addressPrefix:
- if (!addr_expand(addr_b, b->u.addressPrefix, length, 0x00))
- return -1;
- prefixlen_b = addr_prefixlen(b->u.addressPrefix);
- break;
- case IPAddressOrRange_addressRange:
- if (!addr_expand(addr_b, b->u.addressRange->min, length, 0x00))
- return -1;
- prefixlen_b = length * 8;
- break;
- }
-
- if ((r = memcmp(addr_a, addr_b, length)) != 0)
- return r;
- else
- return prefixlen_a - prefixlen_b;
-}
-
-/*
- * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
- * comparision routines are only allowed two arguments.
- */
-static int v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
- const IPAddressOrRange *const *b)
-{
- return IPAddressOrRange_cmp(*a, *b, 4);
-}
-
-/*
- * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
- * comparision routines are only allowed two arguments.
- */
-static int v6IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
- const IPAddressOrRange *const *b)
-{
- return IPAddressOrRange_cmp(*a, *b, 16);
-}
-
-/*
- * Calculate whether a range collapses to a prefix.
- * See last paragraph of RFC 3779 2.2.3.7.
- */
-static int range_should_be_prefix(const unsigned char *min,
- const unsigned char *max, const int length)
-{
- unsigned char mask;
- int i, j;
-
- OPENSSL_assert(memcmp(min, max, length) <= 0);
- for (i = 0; i < length && min[i] == max[i]; i++) ;
- for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--) ;
- if (i < j)
- return -1;
- if (i > j)
- return i * 8;
- mask = min[i] ^ max[i];
- switch (mask) {
- case 0x01:
- j = 7;
- break;
- case 0x03:
- j = 6;
- break;
- case 0x07:
- j = 5;
- break;
- case 0x0F:
- j = 4;
- break;
- case 0x1F:
- j = 3;
- break;
- case 0x3F:
- j = 2;
- break;
- case 0x7F:
- j = 1;
- break;
- default:
- return -1;
- }
- if ((min[i] & mask) != 0 || (max[i] & mask) != mask)
- return -1;
- else
- return i * 8 + j;
-}
-
-/*
- * Construct a prefix.
- */
-static int make_addressPrefix(IPAddressOrRange **result,
- unsigned char *addr, const int prefixlen)
-{
- int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
- IPAddressOrRange *aor = IPAddressOrRange_new();
-
- if (aor == NULL)
- return 0;
- aor->type = IPAddressOrRange_addressPrefix;
- if (aor->u.addressPrefix == NULL &&
- (aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL)
- goto err;
- if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen))
- goto err;
- aor->u.addressPrefix->flags &= ~7;
- aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT;
- if (bitlen > 0) {
- aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen);
- aor->u.addressPrefix->flags |= 8 - bitlen;
- }
-
- *result = aor;
- return 1;
-
- err:
- IPAddressOrRange_free(aor);
- return 0;
-}
-
-/*
- * Construct a range. If it can be expressed as a prefix,
- * return a prefix instead. Doing this here simplifies
- * the rest of the code considerably.
- */
-static int make_addressRange(IPAddressOrRange **result,
- unsigned char *min,
- unsigned char *max, const int length)
-{
- IPAddressOrRange *aor;
- int i, prefixlen;
-
- if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
- return make_addressPrefix(result, min, prefixlen);
-
- if ((aor = IPAddressOrRange_new()) == NULL)
- return 0;
- aor->type = IPAddressOrRange_addressRange;
- OPENSSL_assert(aor->u.addressRange == NULL);
- if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
- goto err;
- if (aor->u.addressRange->min == NULL &&
- (aor->u.addressRange->min = ASN1_BIT_STRING_new()) == NULL)
- goto err;
- if (aor->u.addressRange->max == NULL &&
- (aor->u.addressRange->max = ASN1_BIT_STRING_new()) == NULL)
- goto err;
-
- for (i = length; i > 0 && min[i - 1] == 0x00; --i) ;
- if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i))
- goto err;
- aor->u.addressRange->min->flags &= ~7;
- aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT;
- if (i > 0) {
- unsigned char b = min[i - 1];
- int j = 1;
- while ((b & (0xFFU >> j)) != 0)
- ++j;
- aor->u.addressRange->min->flags |= 8 - j;
- }
-
- for (i = length; i > 0 && max[i - 1] == 0xFF; --i) ;
- if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i))
- goto err;
- aor->u.addressRange->max->flags &= ~7;
- aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT;
- if (i > 0) {
- unsigned char b = max[i - 1];
- int j = 1;
- while ((b & (0xFFU >> j)) != (0xFFU >> j))
- ++j;
- aor->u.addressRange->max->flags |= 8 - j;
- }
-
- *result = aor;
- return 1;
-
- err:
- IPAddressOrRange_free(aor);
- return 0;
-}
-
-/*
- * Construct a new address family or find an existing one.
- */
-static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
- const unsigned afi,
- const unsigned *safi)
-{
- IPAddressFamily *f;
- unsigned char key[3];
- unsigned keylen;
- int i;
-
- key[0] = (afi >> 8) & 0xFF;
- key[1] = afi & 0xFF;
- if (safi != NULL) {
- key[2] = *safi & 0xFF;
- keylen = 3;
- } else {
- keylen = 2;
- }
-
- for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
- f = sk_IPAddressFamily_value(addr, i);
- OPENSSL_assert(f->addressFamily->data != NULL);
- if (f->addressFamily->length == keylen &&
- !memcmp(f->addressFamily->data, key, keylen))
- return f;
- }
-
- if ((f = IPAddressFamily_new()) == NULL)
- goto err;
- if (f->ipAddressChoice == NULL &&
- (f->ipAddressChoice = IPAddressChoice_new()) == NULL)
- goto err;
- if (f->addressFamily == NULL &&
- (f->addressFamily = ASN1_OCTET_STRING_new()) == NULL)
- goto err;
- if (!ASN1_OCTET_STRING_set(f->addressFamily, key, keylen))
- goto err;
- if (!sk_IPAddressFamily_push(addr, f))
- goto err;
-
- return f;
-
- err:
- IPAddressFamily_free(f);
- return NULL;
-}
-
-/*
- * Add an inheritance element.
- */
-int v3_addr_add_inherit(IPAddrBlocks *addr,
- const unsigned afi, const unsigned *safi)
-{
- IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
- if (f == NULL ||
- f->ipAddressChoice == NULL ||
- (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
- f->ipAddressChoice->u.addressesOrRanges != NULL))
- return 0;
- if (f->ipAddressChoice->type == IPAddressChoice_inherit &&
- f->ipAddressChoice->u.inherit != NULL)
- return 1;
- if (f->ipAddressChoice->u.inherit == NULL &&
- (f->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL)
- return 0;
- f->ipAddressChoice->type = IPAddressChoice_inherit;
- return 1;
-}
-
-/*
- * Construct an IPAddressOrRange sequence, or return an existing one.
- */
-static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr,
- const unsigned afi,
- const unsigned *safi)
-{
- IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
- IPAddressOrRanges *aors = NULL;
-
- if (f == NULL ||
- f->ipAddressChoice == NULL ||
- (f->ipAddressChoice->type == IPAddressChoice_inherit &&
- f->ipAddressChoice->u.inherit != NULL))
- return NULL;
- if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges)
- aors = f->ipAddressChoice->u.addressesOrRanges;
- if (aors != NULL)
- return aors;
- if ((aors = sk_IPAddressOrRange_new_null()) == NULL)
- return NULL;
- switch (afi) {
- case IANA_AFI_IPV4:
- (void)sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp);
- break;
- case IANA_AFI_IPV6:
- (void)sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp);
- break;
- }
- f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges;
- f->ipAddressChoice->u.addressesOrRanges = aors;
- return aors;
-}
-
-/*
- * Add a prefix.
- */
-int v3_addr_add_prefix(IPAddrBlocks *addr,
- const unsigned afi,
- const unsigned *safi,
- unsigned char *a, const int prefixlen)
-{
- IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
- IPAddressOrRange *aor;
- if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
- return 0;
- if (sk_IPAddressOrRange_push(aors, aor))
- return 1;
- IPAddressOrRange_free(aor);
- return 0;
-}
-
-/*
- * Add a range.
- */
-int v3_addr_add_range(IPAddrBlocks *addr,
- const unsigned afi,
- const unsigned *safi,
- unsigned char *min, unsigned char *max)
-{
- IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
- IPAddressOrRange *aor;
- int length = length_from_afi(afi);
- if (aors == NULL)
- return 0;
- if (!make_addressRange(&aor, min, max, length))
- return 0;
- if (sk_IPAddressOrRange_push(aors, aor))
- return 1;
- IPAddressOrRange_free(aor);
- return 0;
-}
-
-/*
- * Extract min and max values from an IPAddressOrRange.
- */
-static int extract_min_max(IPAddressOrRange *aor,
- unsigned char *min, unsigned char *max, int length)
-{
- if (aor == NULL || min == NULL || max == NULL)
- return 0;
- switch (aor->type) {
- case IPAddressOrRange_addressPrefix:
- return (addr_expand(min, aor->u.addressPrefix, length, 0x00) &&
- addr_expand(max, aor->u.addressPrefix, length, 0xFF));
- case IPAddressOrRange_addressRange:
- return (addr_expand(min, aor->u.addressRange->min, length, 0x00) &&
- addr_expand(max, aor->u.addressRange->max, length, 0xFF));
- }
- return 0;
-}
-
-/*
- * Public wrapper for extract_min_max().
- */
-int v3_addr_get_range(IPAddressOrRange *aor,
- const unsigned afi,
- unsigned char *min,
- unsigned char *max, const int length)
-{
- int afi_length = length_from_afi(afi);
- if (aor == NULL || min == NULL || max == NULL ||
- afi_length == 0 || length < afi_length ||
- (aor->type != IPAddressOrRange_addressPrefix &&
- aor->type != IPAddressOrRange_addressRange) ||
- !extract_min_max(aor, min, max, afi_length))
- return 0;
-
- return afi_length;
-}
-
-/*
- * Sort comparision function for a sequence of IPAddressFamily.
- *
- * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
- * the ordering: I can read it as meaning that IPv6 without a SAFI
- * comes before IPv4 with a SAFI, which seems pretty weird. The
- * examples in appendix B suggest that the author intended the
- * null-SAFI rule to apply only within a single AFI, which is what I
- * would have expected and is what the following code implements.
- */
-static int IPAddressFamily_cmp(const IPAddressFamily *const *a_,
- const IPAddressFamily *const *b_)
-{
- const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
- const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
- int len = ((a->length <= b->length) ? a->length : b->length);
- int cmp = memcmp(a->data, b->data, len);
- return cmp ? cmp : a->length - b->length;
-}
-
-/*
- * Check whether an IPAddrBLocks is in canonical form.
- */
-int v3_addr_is_canonical(IPAddrBlocks *addr)
-{
- unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
- unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
- IPAddressOrRanges *aors;
- int i, j, k;
-
- /*
- * Empty extension is cannonical.
- */
- if (addr == NULL)
- return 1;
-
- /*
- * Check whether the top-level list is in order.
- */
- for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) {
- const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i);
- const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1);
- if (IPAddressFamily_cmp(&a, &b) >= 0)
- return 0;
- }
-
- /*
- * Top level's ok, now check each address family.
- */
- for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
- IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
- int length = length_from_afi(v3_addr_get_afi(f));
-
- /*
- * Inheritance is canonical. Anything other than inheritance or
- * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something.
- */
- if (f == NULL || f->ipAddressChoice == NULL)
- return 0;
- switch (f->ipAddressChoice->type) {
- case IPAddressChoice_inherit:
- continue;
- case IPAddressChoice_addressesOrRanges:
- break;
- default:
- return 0;
- }
-
- /*
- * It's an IPAddressOrRanges sequence, check it.
- */
- aors = f->ipAddressChoice->u.addressesOrRanges;
- if (sk_IPAddressOrRange_num(aors) == 0)
- return 0;
- for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) {
- IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
- IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
-
- if (!extract_min_max(a, a_min, a_max, length) ||
- !extract_min_max(b, b_min, b_max, length))
- return 0;
-
- /*
- * Punt misordered list, overlapping start, or inverted range.
- */
- if (memcmp(a_min, b_min, length) >= 0 ||
- memcmp(a_min, a_max, length) > 0 ||
- memcmp(b_min, b_max, length) > 0)
- return 0;
-
- /*
- * Punt if adjacent or overlapping. Check for adjacency by
- * subtracting one from b_min first.
- */
- for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--) ;
- if (memcmp(a_max, b_min, length) >= 0)
- return 0;
-
- /*
- * Check for range that should be expressed as a prefix.
- */
- if (a->type == IPAddressOrRange_addressRange &&
- range_should_be_prefix(a_min, a_max, length) >= 0)
- return 0;
- }
-
- /*
- * Check range to see if it's inverted or should be a
- * prefix.
- */
- j = sk_IPAddressOrRange_num(aors) - 1;
- {
- IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
- if (a != NULL && a->type == IPAddressOrRange_addressRange) {
- if (!extract_min_max(a, a_min, a_max, length))
- return 0;
- if (memcmp(a_min, a_max, length) > 0 ||
- range_should_be_prefix(a_min, a_max, length) >= 0)
- return 0;
- }
- }
- }
-
- /*
- * If we made it through all that, we're happy.
- */
- return 1;
-}
-
-/*
- * Whack an IPAddressOrRanges into canonical form.
- */
-static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
- const unsigned afi)
-{
- int i, j, length = length_from_afi(afi);
-
- /*
- * Sort the IPAddressOrRanges sequence.
- */
- sk_IPAddressOrRange_sort(aors);
-
- /*
- * Clean up representation issues, punt on duplicates or overlaps.
- */
- for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) {
- IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i);
- IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1);
- unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
- unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
-
- if (!extract_min_max(a, a_min, a_max, length) ||
- !extract_min_max(b, b_min, b_max, length))
- return 0;
-
- /*
- * Punt inverted ranges.
- */
- if (memcmp(a_min, a_max, length) > 0 ||
- memcmp(b_min, b_max, length) > 0)
- return 0;
-
- /*
- * Punt overlaps.
- */
- if (memcmp(a_max, b_min, length) >= 0)
- return 0;
-
- /*
- * Merge if a and b are adjacent. We check for
- * adjacency by subtracting one from b_min first.
- */
- for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--) ;
- if (memcmp(a_max, b_min, length) == 0) {
- IPAddressOrRange *merged;
- if (!make_addressRange(&merged, a_min, b_max, length))
- return 0;
- (void)sk_IPAddressOrRange_set(aors, i, merged);
- (void)sk_IPAddressOrRange_delete(aors, i + 1);
- IPAddressOrRange_free(a);
- IPAddressOrRange_free(b);
- --i;
- continue;
- }
- }
-
- /*
- * Check for inverted final range.
- */
- j = sk_IPAddressOrRange_num(aors) - 1;
- {
- IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
- if (a != NULL && a->type == IPAddressOrRange_addressRange) {
- unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
- extract_min_max(a, a_min, a_max, length);
- if (memcmp(a_min, a_max, length) > 0)
- return 0;
- }
- }
-
- return 1;
-}
-
-/*
- * Whack an IPAddrBlocks extension into canonical form.
- */
-int v3_addr_canonize(IPAddrBlocks *addr)
-{
- int i;
- for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
- IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
- if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
- !IPAddressOrRanges_canonize(f->ipAddressChoice->
- u.addressesOrRanges,
- v3_addr_get_afi(f)))
- return 0;
- }
- (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp);
- sk_IPAddressFamily_sort(addr);
- OPENSSL_assert(v3_addr_is_canonical(addr));
- return 1;
-}
-
-/*
- * v2i handler for the IPAddrBlocks extension.
- */
-static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx,
- STACK_OF(CONF_VALUE) *values)
-{
- static const char v4addr_chars[] = "0123456789.";
- static const char v6addr_chars[] = "0123456789.:abcdefABCDEF";
- IPAddrBlocks *addr = NULL;
- char *s = NULL, *t;
- int i;
-
- if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
- CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
- unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
- unsigned afi, *safi = NULL, safi_;
- const char *addr_chars;
- int prefixlen, i1, i2, delim, length;
-
- if (!name_cmp(val->name, "IPv4")) {
- afi = IANA_AFI_IPV4;
- } else if (!name_cmp(val->name, "IPv6")) {
- afi = IANA_AFI_IPV6;
- } else if (!name_cmp(val->name, "IPv4-SAFI")) {
- afi = IANA_AFI_IPV4;
- safi = &safi_;
- } else if (!name_cmp(val->name, "IPv6-SAFI")) {
- afi = IANA_AFI_IPV6;
- safi = &safi_;
- } else {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_EXTENSION_NAME_ERROR);
- X509V3_conf_err(val);
- goto err;
- }
-
- switch (afi) {
- case IANA_AFI_IPV4:
- addr_chars = v4addr_chars;
- break;
- case IANA_AFI_IPV6:
- addr_chars = v6addr_chars;
- break;
- }
-
- length = length_from_afi(afi);
-
- /*
- * Handle SAFI, if any, and BUF_strdup() so we can null-terminate
- * the other input values.
- */
- if (safi != NULL) {
- *safi = strtoul(val->value, &t, 0);
- t += strspn(t, " \t");
- if (*safi > 0xFF || *t++ != ':') {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
- X509V3_conf_err(val);
- goto err;
- }
- t += strspn(t, " \t");
- s = BUF_strdup(t);
- } else {
- s = BUF_strdup(val->value);
- }
- if (s == NULL) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /*
- * Check for inheritance. Not worth additional complexity to
- * optimize this (seldom-used) case.
- */
- if (!strcmp(s, "inherit")) {
- if (!v3_addr_add_inherit(addr, afi, safi)) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_INVALID_INHERITANCE);
- X509V3_conf_err(val);
- goto err;
- }
- OPENSSL_free(s);
- s = NULL;
- continue;
- }
-
- i1 = strspn(s, addr_chars);
- i2 = i1 + strspn(s + i1, " \t");
- delim = s[i2++];
- s[i1] = '\0';
-
- if (a2i_ipadd(min, s) != length) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
- X509V3_conf_err(val);
- goto err;
- }
-
- switch (delim) {
- case '/':
- prefixlen = (int)strtoul(s + i2, &t, 10);
- if (t == s + i2 || *t != '\0') {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_EXTENSION_VALUE_ERROR);
- X509V3_conf_err(val);
- goto err;
- }
- if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- break;
- case '-':
- i1 = i2 + strspn(s + i2, " \t");
- i2 = i1 + strspn(s + i1, addr_chars);
- if (i1 == i2 || s[i2] != '\0') {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_EXTENSION_VALUE_ERROR);
- X509V3_conf_err(val);
- goto err;
- }
- if (a2i_ipadd(max, s + i1) != length) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_INVALID_IPADDRESS);
- X509V3_conf_err(val);
- goto err;
- }
- if (memcmp(min, max, length_from_afi(afi)) > 0) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_EXTENSION_VALUE_ERROR);
- X509V3_conf_err(val);
- goto err;
- }
- if (!v3_addr_add_range(addr, afi, safi, min, max)) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- break;
- case '\0':
- if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- break;
- default:
- X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
- X509V3_R_EXTENSION_VALUE_ERROR);
- X509V3_conf_err(val);
- goto err;
- }
-
- OPENSSL_free(s);
- s = NULL;
- }
-
- /*
- * Canonize the result, then we're done.
- */
- if (!v3_addr_canonize(addr))
- goto err;
- return addr;
-
- err:
- OPENSSL_free(s);
- sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free);
- return NULL;
-}
-
-/*
- * OpenSSL dispatch
- */
-const X509V3_EXT_METHOD v3_addr = {
- NID_sbgp_ipAddrBlock, /* nid */
- 0, /* flags */
- ASN1_ITEM_ref(IPAddrBlocks), /* template */
- 0, 0, 0, 0, /* old functions, ignored */
- 0, /* i2s */
- 0, /* s2i */
- 0, /* i2v */
- v2i_IPAddrBlocks, /* v2i */
- i2r_IPAddrBlocks, /* i2r */
- 0, /* r2i */
- NULL /* extension-specific data */
-};
-
-/*
- * Figure out whether extension sues inheritance.
- */
-int v3_addr_inherits(IPAddrBlocks *addr)
-{
- int i;
- if (addr == NULL)
- return 0;
- for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
- IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
- if (f->ipAddressChoice->type == IPAddressChoice_inherit)
- return 1;
- }
- return 0;
-}
-
-/*
- * Figure out whether parent contains child.
- */
-static int addr_contains(IPAddressOrRanges *parent,
- IPAddressOrRanges *child, int length)
-{
- unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
- unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
- int p, c;
-
- if (child == NULL || parent == child)
- return 1;
- if (parent == NULL)
- return 0;
-
- p = 0;
- for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
- if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
- c_min, c_max, length))
- return -1;
- for (;; p++) {
- if (p >= sk_IPAddressOrRange_num(parent))
- return 0;
- if (!extract_min_max(sk_IPAddressOrRange_value(parent, p),
- p_min, p_max, length))
- return 0;
- if (memcmp(p_max, c_max, length) < 0)
- continue;
- if (memcmp(p_min, c_min, length) > 0)
- return 0;
- break;
- }
- }
-
- return 1;
-}
-
-/*
- * Test whether a is a subset of b.
- */
-int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
-{
- int i;
- if (a == NULL || a == b)
- return 1;
- if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b))
- return 0;
- (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp);
- for (i = 0; i < sk_IPAddressFamily_num(a); i++) {
- IPAddressFamily *fa = sk_IPAddressFamily_value(a, i);
- int j = sk_IPAddressFamily_find(b, fa);
- IPAddressFamily *fb;
- fb = sk_IPAddressFamily_value(b, j);
- if (fb == NULL)
- return 0;
- if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges,
- fa->ipAddressChoice->u.addressesOrRanges,
- length_from_afi(v3_addr_get_afi(fb))))
- return 0;
- }
- return 1;
-}
-
-/*
- * Validation error handling via callback.
- */
-# define validation_err(_err_) \
- do { \
- if (ctx != NULL) { \
- ctx->error = _err_; \
- ctx->error_depth = i; \
- ctx->current_cert = x; \
- ret = ctx->verify_cb(0, ctx); \
- } else { \
- ret = 0; \
- } \
- if (!ret) \
- goto done; \
- } while (0)
-
-/*
- * Core code for RFC 3779 2.3 path validation.
- */
-static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx,
- STACK_OF(X509) *chain,
- IPAddrBlocks *ext)
-{
- IPAddrBlocks *child = NULL;
- int i, j, ret = 1;
- X509 *x;
-
- OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
- OPENSSL_assert(ctx != NULL || ext != NULL);
- OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
-
- /*
- * Figure out where to start. If we don't have an extension to
- * check, we're done. Otherwise, check canonical form and
- * set up for walking up the chain.
- */
- if (ext != NULL) {
- i = -1;
- x = NULL;
- } else {
- i = 0;
- x = sk_X509_value(chain, i);
- OPENSSL_assert(x != NULL);
- if ((ext = x->rfc3779_addr) == NULL)
- goto done;
- }
- if (!v3_addr_is_canonical(ext))
- validation_err(X509_V_ERR_INVALID_EXTENSION);
- (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
- if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
- X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL,
- ERR_R_MALLOC_FAILURE);
- ret = 0;
- goto done;
- }
-
- /*
- * Now walk up the chain. No cert may list resources that its
- * parent doesn't list.
- */
- for (i++; i < sk_X509_num(chain); i++) {
- x = sk_X509_value(chain, i);
- OPENSSL_assert(x != NULL);
- if (!v3_addr_is_canonical(x->rfc3779_addr))
- validation_err(X509_V_ERR_INVALID_EXTENSION);
- if (x->rfc3779_addr == NULL) {
- for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
- IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
- if (fc->ipAddressChoice->type != IPAddressChoice_inherit) {
- validation_err(X509_V_ERR_UNNESTED_RESOURCE);
- break;
- }
- }
- continue;
- }
- (void)sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr,
- IPAddressFamily_cmp);
- for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
- IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
- int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc);
- IPAddressFamily *fp =
- sk_IPAddressFamily_value(x->rfc3779_addr, k);
- if (fp == NULL) {
- if (fc->ipAddressChoice->type ==
- IPAddressChoice_addressesOrRanges) {
- validation_err(X509_V_ERR_UNNESTED_RESOURCE);
- break;
- }
- continue;
- }
- if (fp->ipAddressChoice->type ==
- IPAddressChoice_addressesOrRanges) {
- if (fc->ipAddressChoice->type == IPAddressChoice_inherit
- || addr_contains(fp->ipAddressChoice->u.addressesOrRanges,
- fc->ipAddressChoice->u.addressesOrRanges,
- length_from_afi(v3_addr_get_afi(fc))))
- sk_IPAddressFamily_set(child, j, fp);
- else
- validation_err(X509_V_ERR_UNNESTED_RESOURCE);
- }
- }
- }
-
- /*
- * Trust anchor can't inherit.
- */
- OPENSSL_assert(x != NULL);
- if (x->rfc3779_addr != NULL) {
- for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
- IPAddressFamily *fp =
- sk_IPAddressFamily_value(x->rfc3779_addr, j);
- if (fp->ipAddressChoice->type == IPAddressChoice_inherit
- && sk_IPAddressFamily_find(child, fp) >= 0)
- validation_err(X509_V_ERR_UNNESTED_RESOURCE);
- }
- }
-
- done:
- sk_IPAddressFamily_free(child);
- return ret;
-}
-
-# undef validation_err
-
-/*
- * RFC 3779 2.3 path validation -- called from X509_verify_cert().
- */
-int v3_addr_validate_path(X509_STORE_CTX *ctx)
-{
- return v3_addr_validate_path_internal(ctx, ctx->chain, NULL);
-}
-
-/*
- * RFC 3779 2.3 path validation of an extension.
- * Test whether chain covers extension.
- */
-int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
- IPAddrBlocks *ext, int allow_inheritance)
-{
- if (ext == NULL)
- return 1;
- if (chain == NULL || sk_X509_num(chain) == 0)
- return 0;
- if (!allow_inheritance && v3_addr_inherits(ext))
- return 0;
- return v3_addr_validate_path_internal(NULL, chain, ext);
-}
-
-#endif /* OPENSSL_NO_RFC3779 */
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509v3/v3_addr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_addr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1350 @@
+/*
+ * Contributed to the OpenSSL Project by the American Registry for
+ * Internet Numbers ("ARIN").
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ */
+
+/*
+ * Implementation of RFC 3779 section 2.2.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/buffer.h>
+#include <openssl/x509v3.h>
+
+#ifndef OPENSSL_NO_RFC3779
+
+/*
+ * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
+ */
+
+ASN1_SEQUENCE(IPAddressRange) = {
+ ASN1_SIMPLE(IPAddressRange, min, ASN1_BIT_STRING),
+ ASN1_SIMPLE(IPAddressRange, max, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(IPAddressRange)
+
+ASN1_CHOICE(IPAddressOrRange) = {
+ ASN1_SIMPLE(IPAddressOrRange, u.addressPrefix, ASN1_BIT_STRING),
+ ASN1_SIMPLE(IPAddressOrRange, u.addressRange, IPAddressRange)
+} ASN1_CHOICE_END(IPAddressOrRange)
+
+ASN1_CHOICE(IPAddressChoice) = {
+ ASN1_SIMPLE(IPAddressChoice, u.inherit, ASN1_NULL),
+ ASN1_SEQUENCE_OF(IPAddressChoice, u.addressesOrRanges, IPAddressOrRange)
+} ASN1_CHOICE_END(IPAddressChoice)
+
+ASN1_SEQUENCE(IPAddressFamily) = {
+ ASN1_SIMPLE(IPAddressFamily, addressFamily, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(IPAddressFamily, ipAddressChoice, IPAddressChoice)
+} ASN1_SEQUENCE_END(IPAddressFamily)
+
+ASN1_ITEM_TEMPLATE(IPAddrBlocks) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+ IPAddrBlocks, IPAddressFamily)
+ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
+
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressOrRange)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressChoice)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * How much buffer space do we need for a raw address?
+ */
+# define ADDR_RAW_BUF_LEN 16
+
+/*
+ * What's the address length associated with this AFI?
+ */
+static int length_from_afi(const unsigned afi)
+{
+ switch (afi) {
+ case IANA_AFI_IPV4:
+ return 4;
+ case IANA_AFI_IPV6:
+ return 16;
+ default:
+ return 0;
+ }
+}
+
+/*
+ * Extract the AFI from an IPAddressFamily.
+ */
+unsigned int v3_addr_get_afi(const IPAddressFamily *f)
+{
+ return ((f != NULL &&
+ f->addressFamily != NULL && f->addressFamily->data != NULL)
+ ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
+ : 0);
+}
+
+/*
+ * Expand the bitstring form of an address into a raw byte array.
+ * At the moment this is coded for simplicity, not speed.
+ */
+static int addr_expand(unsigned char *addr,
+ const ASN1_BIT_STRING *bs,
+ const int length, const unsigned char fill)
+{
+ if (bs->length < 0 || bs->length > length)
+ return 0;
+ if (bs->length > 0) {
+ memcpy(addr, bs->data, bs->length);
+ if ((bs->flags & 7) != 0) {
+ unsigned char mask = 0xFF >> (8 - (bs->flags & 7));
+ if (fill == 0)
+ addr[bs->length - 1] &= ~mask;
+ else
+ addr[bs->length - 1] |= mask;
+ }
+ }
+ memset(addr + bs->length, fill, length - bs->length);
+ return 1;
+}
+
+/*
+ * Extract the prefix length from a bitstring.
+ */
+# define addr_prefixlen(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7)))
+
+/*
+ * i2r handler for one address bitstring.
+ */
+static int i2r_address(BIO *out,
+ const unsigned afi,
+ const unsigned char fill, const ASN1_BIT_STRING *bs)
+{
+ unsigned char addr[ADDR_RAW_BUF_LEN];
+ int i, n;
+
+ if (bs->length < 0)
+ return 0;
+ switch (afi) {
+ case IANA_AFI_IPV4:
+ if (!addr_expand(addr, bs, 4, fill))
+ return 0;
+ BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
+ break;
+ case IANA_AFI_IPV6:
+ if (!addr_expand(addr, bs, 16, fill))
+ return 0;
+ for (n = 16; n > 1 && addr[n - 1] == 0x00 && addr[n - 2] == 0x00;
+ n -= 2) ;
+ for (i = 0; i < n; i += 2)
+ BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i + 1],
+ (i < 14 ? ":" : ""));
+ if (i < 16)
+ BIO_puts(out, ":");
+ if (i == 0)
+ BIO_puts(out, ":");
+ break;
+ default:
+ for (i = 0; i < bs->length; i++)
+ BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
+ BIO_printf(out, "[%d]", (int)(bs->flags & 7));
+ break;
+ }
+ return 1;
+}
+
+/*
+ * i2r handler for a sequence of addresses and ranges.
+ */
+static int i2r_IPAddressOrRanges(BIO *out,
+ const int indent,
+ const IPAddressOrRanges *aors,
+ const unsigned afi)
+{
+ int i;
+ for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
+ const IPAddressOrRange *aor = sk_IPAddressOrRange_value(aors, i);
+ BIO_printf(out, "%*s", indent, "");
+ switch (aor->type) {
+ case IPAddressOrRange_addressPrefix:
+ if (!i2r_address(out, afi, 0x00, aor->u.addressPrefix))
+ return 0;
+ BIO_printf(out, "/%d\n", addr_prefixlen(aor->u.addressPrefix));
+ continue;
+ case IPAddressOrRange_addressRange:
+ if (!i2r_address(out, afi, 0x00, aor->u.addressRange->min))
+ return 0;
+ BIO_puts(out, "-");
+ if (!i2r_address(out, afi, 0xFF, aor->u.addressRange->max))
+ return 0;
+ BIO_puts(out, "\n");
+ continue;
+ }
+ }
+ return 1;
+}
+
+/*
+ * i2r handler for an IPAddrBlocks extension.
+ */
+static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method,
+ void *ext, BIO *out, int indent)
+{
+ const IPAddrBlocks *addr = ext;
+ int i;
+ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+ IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+ const unsigned int afi = v3_addr_get_afi(f);
+ switch (afi) {
+ case IANA_AFI_IPV4:
+ BIO_printf(out, "%*sIPv4", indent, "");
+ break;
+ case IANA_AFI_IPV6:
+ BIO_printf(out, "%*sIPv6", indent, "");
+ break;
+ default:
+ BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi);
+ break;
+ }
+ if (f->addressFamily->length > 2) {
+ switch (f->addressFamily->data[2]) {
+ case 1:
+ BIO_puts(out, " (Unicast)");
+ break;
+ case 2:
+ BIO_puts(out, " (Multicast)");
+ break;
+ case 3:
+ BIO_puts(out, " (Unicast/Multicast)");
+ break;
+ case 4:
+ BIO_puts(out, " (MPLS)");
+ break;
+ case 64:
+ BIO_puts(out, " (Tunnel)");
+ break;
+ case 65:
+ BIO_puts(out, " (VPLS)");
+ break;
+ case 66:
+ BIO_puts(out, " (BGP MDT)");
+ break;
+ case 128:
+ BIO_puts(out, " (MPLS-labeled VPN)");
+ break;
+ default:
+ BIO_printf(out, " (Unknown SAFI %u)",
+ (unsigned)f->addressFamily->data[2]);
+ break;
+ }
+ }
+ switch (f->ipAddressChoice->type) {
+ case IPAddressChoice_inherit:
+ BIO_puts(out, ": inherit\n");
+ break;
+ case IPAddressChoice_addressesOrRanges:
+ BIO_puts(out, ":\n");
+ if (!i2r_IPAddressOrRanges(out,
+ indent + 2,
+ f->ipAddressChoice->
+ u.addressesOrRanges, afi))
+ return 0;
+ break;
+ }
+ }
+ return 1;
+}
+
+/*
+ * Sort comparison function for a sequence of IPAddressOrRange
+ * elements.
+ *
+ * There's no sane answer we can give if addr_expand() fails, and an
+ * assertion failure on externally supplied data is seriously uncool,
+ * so we just arbitrarily declare that if given invalid inputs this
+ * function returns -1. If this messes up your preferred sort order
+ * for garbage input, tough noogies.
+ */
+static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
+ const IPAddressOrRange *b, const int length)
+{
+ unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
+ int prefixlen_a = 0, prefixlen_b = 0;
+ int r;
+
+ switch (a->type) {
+ case IPAddressOrRange_addressPrefix:
+ if (!addr_expand(addr_a, a->u.addressPrefix, length, 0x00))
+ return -1;
+ prefixlen_a = addr_prefixlen(a->u.addressPrefix);
+ break;
+ case IPAddressOrRange_addressRange:
+ if (!addr_expand(addr_a, a->u.addressRange->min, length, 0x00))
+ return -1;
+ prefixlen_a = length * 8;
+ break;
+ }
+
+ switch (b->type) {
+ case IPAddressOrRange_addressPrefix:
+ if (!addr_expand(addr_b, b->u.addressPrefix, length, 0x00))
+ return -1;
+ prefixlen_b = addr_prefixlen(b->u.addressPrefix);
+ break;
+ case IPAddressOrRange_addressRange:
+ if (!addr_expand(addr_b, b->u.addressRange->min, length, 0x00))
+ return -1;
+ prefixlen_b = length * 8;
+ break;
+ }
+
+ if ((r = memcmp(addr_a, addr_b, length)) != 0)
+ return r;
+ else
+ return prefixlen_a - prefixlen_b;
+}
+
+/*
+ * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
+ * comparision routines are only allowed two arguments.
+ */
+static int v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
+ const IPAddressOrRange *const *b)
+{
+ return IPAddressOrRange_cmp(*a, *b, 4);
+}
+
+/*
+ * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
+ * comparision routines are only allowed two arguments.
+ */
+static int v6IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
+ const IPAddressOrRange *const *b)
+{
+ return IPAddressOrRange_cmp(*a, *b, 16);
+}
+
+/*
+ * Calculate whether a range collapses to a prefix.
+ * See last paragraph of RFC 3779 2.2.3.7.
+ */
+static int range_should_be_prefix(const unsigned char *min,
+ const unsigned char *max, const int length)
+{
+ unsigned char mask;
+ int i, j;
+
+ OPENSSL_assert(memcmp(min, max, length) <= 0);
+ for (i = 0; i < length && min[i] == max[i]; i++) ;
+ for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--) ;
+ if (i < j)
+ return -1;
+ if (i > j)
+ return i * 8;
+ mask = min[i] ^ max[i];
+ switch (mask) {
+ case 0x01:
+ j = 7;
+ break;
+ case 0x03:
+ j = 6;
+ break;
+ case 0x07:
+ j = 5;
+ break;
+ case 0x0F:
+ j = 4;
+ break;
+ case 0x1F:
+ j = 3;
+ break;
+ case 0x3F:
+ j = 2;
+ break;
+ case 0x7F:
+ j = 1;
+ break;
+ default:
+ return -1;
+ }
+ if ((min[i] & mask) != 0 || (max[i] & mask) != mask)
+ return -1;
+ else
+ return i * 8 + j;
+}
+
+/*
+ * Construct a prefix.
+ */
+static int make_addressPrefix(IPAddressOrRange **result,
+ unsigned char *addr, const int prefixlen)
+{
+ int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
+ IPAddressOrRange *aor = IPAddressOrRange_new();
+
+ if (aor == NULL)
+ return 0;
+ aor->type = IPAddressOrRange_addressPrefix;
+ if (aor->u.addressPrefix == NULL &&
+ (aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL)
+ goto err;
+ if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen))
+ goto err;
+ aor->u.addressPrefix->flags &= ~7;
+ aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+ if (bitlen > 0) {
+ aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen);
+ aor->u.addressPrefix->flags |= 8 - bitlen;
+ }
+
+ *result = aor;
+ return 1;
+
+ err:
+ IPAddressOrRange_free(aor);
+ return 0;
+}
+
+/*
+ * Construct a range. If it can be expressed as a prefix,
+ * return a prefix instead. Doing this here simplifies
+ * the rest of the code considerably.
+ */
+static int make_addressRange(IPAddressOrRange **result,
+ unsigned char *min,
+ unsigned char *max, const int length)
+{
+ IPAddressOrRange *aor;
+ int i, prefixlen;
+
+ if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
+ return make_addressPrefix(result, min, prefixlen);
+
+ if ((aor = IPAddressOrRange_new()) == NULL)
+ return 0;
+ aor->type = IPAddressOrRange_addressRange;
+ OPENSSL_assert(aor->u.addressRange == NULL);
+ if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
+ goto err;
+ if (aor->u.addressRange->min == NULL &&
+ (aor->u.addressRange->min = ASN1_BIT_STRING_new()) == NULL)
+ goto err;
+ if (aor->u.addressRange->max == NULL &&
+ (aor->u.addressRange->max = ASN1_BIT_STRING_new()) == NULL)
+ goto err;
+
+ for (i = length; i > 0 && min[i - 1] == 0x00; --i) ;
+ if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i))
+ goto err;
+ aor->u.addressRange->min->flags &= ~7;
+ aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+ if (i > 0) {
+ unsigned char b = min[i - 1];
+ int j = 1;
+ while ((b & (0xFFU >> j)) != 0)
+ ++j;
+ aor->u.addressRange->min->flags |= 8 - j;
+ }
+
+ for (i = length; i > 0 && max[i - 1] == 0xFF; --i) ;
+ if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i))
+ goto err;
+ aor->u.addressRange->max->flags &= ~7;
+ aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+ if (i > 0) {
+ unsigned char b = max[i - 1];
+ int j = 1;
+ while ((b & (0xFFU >> j)) != (0xFFU >> j))
+ ++j;
+ aor->u.addressRange->max->flags |= 8 - j;
+ }
+
+ *result = aor;
+ return 1;
+
+ err:
+ IPAddressOrRange_free(aor);
+ return 0;
+}
+
+/*
+ * Construct a new address family or find an existing one.
+ */
+static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
+ const unsigned afi,
+ const unsigned *safi)
+{
+ IPAddressFamily *f;
+ unsigned char key[3];
+ unsigned keylen;
+ int i;
+
+ key[0] = (afi >> 8) & 0xFF;
+ key[1] = afi & 0xFF;
+ if (safi != NULL) {
+ key[2] = *safi & 0xFF;
+ keylen = 3;
+ } else {
+ keylen = 2;
+ }
+
+ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+ f = sk_IPAddressFamily_value(addr, i);
+ OPENSSL_assert(f->addressFamily->data != NULL);
+ if (f->addressFamily->length == keylen &&
+ !memcmp(f->addressFamily->data, key, keylen))
+ return f;
+ }
+
+ if ((f = IPAddressFamily_new()) == NULL)
+ goto err;
+ if (f->ipAddressChoice == NULL &&
+ (f->ipAddressChoice = IPAddressChoice_new()) == NULL)
+ goto err;
+ if (f->addressFamily == NULL &&
+ (f->addressFamily = ASN1_OCTET_STRING_new()) == NULL)
+ goto err;
+ if (!ASN1_OCTET_STRING_set(f->addressFamily, key, keylen))
+ goto err;
+ if (!sk_IPAddressFamily_push(addr, f))
+ goto err;
+
+ return f;
+
+ err:
+ IPAddressFamily_free(f);
+ return NULL;
+}
+
+/*
+ * Add an inheritance element.
+ */
+int v3_addr_add_inherit(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi)
+{
+ IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
+ if (f == NULL ||
+ f->ipAddressChoice == NULL ||
+ (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
+ f->ipAddressChoice->u.addressesOrRanges != NULL))
+ return 0;
+ if (f->ipAddressChoice->type == IPAddressChoice_inherit &&
+ f->ipAddressChoice->u.inherit != NULL)
+ return 1;
+ if (f->ipAddressChoice->u.inherit == NULL &&
+ (f->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL)
+ return 0;
+ f->ipAddressChoice->type = IPAddressChoice_inherit;
+ return 1;
+}
+
+/*
+ * Construct an IPAddressOrRange sequence, or return an existing one.
+ */
+static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr,
+ const unsigned afi,
+ const unsigned *safi)
+{
+ IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
+ IPAddressOrRanges *aors = NULL;
+
+ if (f == NULL ||
+ f->ipAddressChoice == NULL ||
+ (f->ipAddressChoice->type == IPAddressChoice_inherit &&
+ f->ipAddressChoice->u.inherit != NULL))
+ return NULL;
+ if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges)
+ aors = f->ipAddressChoice->u.addressesOrRanges;
+ if (aors != NULL)
+ return aors;
+ if ((aors = sk_IPAddressOrRange_new_null()) == NULL)
+ return NULL;
+ switch (afi) {
+ case IANA_AFI_IPV4:
+ (void)sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp);
+ break;
+ case IANA_AFI_IPV6:
+ (void)sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp);
+ break;
+ }
+ f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges;
+ f->ipAddressChoice->u.addressesOrRanges = aors;
+ return aors;
+}
+
+/*
+ * Add a prefix.
+ */
+int v3_addr_add_prefix(IPAddrBlocks *addr,
+ const unsigned afi,
+ const unsigned *safi,
+ unsigned char *a, const int prefixlen)
+{
+ IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
+ IPAddressOrRange *aor;
+ if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
+ return 0;
+ if (sk_IPAddressOrRange_push(aors, aor))
+ return 1;
+ IPAddressOrRange_free(aor);
+ return 0;
+}
+
+/*
+ * Add a range.
+ */
+int v3_addr_add_range(IPAddrBlocks *addr,
+ const unsigned afi,
+ const unsigned *safi,
+ unsigned char *min, unsigned char *max)
+{
+ IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
+ IPAddressOrRange *aor;
+ int length = length_from_afi(afi);
+ if (aors == NULL)
+ return 0;
+ if (!make_addressRange(&aor, min, max, length))
+ return 0;
+ if (sk_IPAddressOrRange_push(aors, aor))
+ return 1;
+ IPAddressOrRange_free(aor);
+ return 0;
+}
+
+/*
+ * Extract min and max values from an IPAddressOrRange.
+ */
+static int extract_min_max(IPAddressOrRange *aor,
+ unsigned char *min, unsigned char *max, int length)
+{
+ if (aor == NULL || min == NULL || max == NULL)
+ return 0;
+ switch (aor->type) {
+ case IPAddressOrRange_addressPrefix:
+ return (addr_expand(min, aor->u.addressPrefix, length, 0x00) &&
+ addr_expand(max, aor->u.addressPrefix, length, 0xFF));
+ case IPAddressOrRange_addressRange:
+ return (addr_expand(min, aor->u.addressRange->min, length, 0x00) &&
+ addr_expand(max, aor->u.addressRange->max, length, 0xFF));
+ }
+ return 0;
+}
+
+/*
+ * Public wrapper for extract_min_max().
+ */
+int v3_addr_get_range(IPAddressOrRange *aor,
+ const unsigned afi,
+ unsigned char *min,
+ unsigned char *max, const int length)
+{
+ int afi_length = length_from_afi(afi);
+ if (aor == NULL || min == NULL || max == NULL ||
+ afi_length == 0 || length < afi_length ||
+ (aor->type != IPAddressOrRange_addressPrefix &&
+ aor->type != IPAddressOrRange_addressRange) ||
+ !extract_min_max(aor, min, max, afi_length))
+ return 0;
+
+ return afi_length;
+}
+
+/*
+ * Sort comparision function for a sequence of IPAddressFamily.
+ *
+ * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
+ * the ordering: I can read it as meaning that IPv6 without a SAFI
+ * comes before IPv4 with a SAFI, which seems pretty weird. The
+ * examples in appendix B suggest that the author intended the
+ * null-SAFI rule to apply only within a single AFI, which is what I
+ * would have expected and is what the following code implements.
+ */
+static int IPAddressFamily_cmp(const IPAddressFamily *const *a_,
+ const IPAddressFamily *const *b_)
+{
+ const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
+ const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
+ int len = ((a->length <= b->length) ? a->length : b->length);
+ int cmp = memcmp(a->data, b->data, len);
+ return cmp ? cmp : a->length - b->length;
+}
+
+/*
+ * Check whether an IPAddrBLocks is in canonical form.
+ */
+int v3_addr_is_canonical(IPAddrBlocks *addr)
+{
+ unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+ unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+ IPAddressOrRanges *aors;
+ int i, j, k;
+
+ /*
+ * Empty extension is cannonical.
+ */
+ if (addr == NULL)
+ return 1;
+
+ /*
+ * Check whether the top-level list is in order.
+ */
+ for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) {
+ const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i);
+ const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1);
+ if (IPAddressFamily_cmp(&a, &b) >= 0)
+ return 0;
+ }
+
+ /*
+ * Top level's ok, now check each address family.
+ */
+ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+ IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+ int length = length_from_afi(v3_addr_get_afi(f));
+
+ /*
+ * Inheritance is canonical. Anything other than inheritance or
+ * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something.
+ */
+ if (f == NULL || f->ipAddressChoice == NULL)
+ return 0;
+ switch (f->ipAddressChoice->type) {
+ case IPAddressChoice_inherit:
+ continue;
+ case IPAddressChoice_addressesOrRanges:
+ break;
+ default:
+ return 0;
+ }
+
+ /*
+ * It's an IPAddressOrRanges sequence, check it.
+ */
+ aors = f->ipAddressChoice->u.addressesOrRanges;
+ if (sk_IPAddressOrRange_num(aors) == 0)
+ return 0;
+ for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) {
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+ IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
+
+ if (!extract_min_max(a, a_min, a_max, length) ||
+ !extract_min_max(b, b_min, b_max, length))
+ return 0;
+
+ /*
+ * Punt misordered list, overlapping start, or inverted range.
+ */
+ if (memcmp(a_min, b_min, length) >= 0 ||
+ memcmp(a_min, a_max, length) > 0 ||
+ memcmp(b_min, b_max, length) > 0)
+ return 0;
+
+ /*
+ * Punt if adjacent or overlapping. Check for adjacency by
+ * subtracting one from b_min first.
+ */
+ for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--) ;
+ if (memcmp(a_max, b_min, length) >= 0)
+ return 0;
+
+ /*
+ * Check for range that should be expressed as a prefix.
+ */
+ if (a->type == IPAddressOrRange_addressRange &&
+ range_should_be_prefix(a_min, a_max, length) >= 0)
+ return 0;
+ }
+
+ /*
+ * Check range to see if it's inverted or should be a
+ * prefix.
+ */
+ j = sk_IPAddressOrRange_num(aors) - 1;
+ {
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+ if (a != NULL && a->type == IPAddressOrRange_addressRange) {
+ if (!extract_min_max(a, a_min, a_max, length))
+ return 0;
+ if (memcmp(a_min, a_max, length) > 0 ||
+ range_should_be_prefix(a_min, a_max, length) >= 0)
+ return 0;
+ }
+ }
+ }
+
+ /*
+ * If we made it through all that, we're happy.
+ */
+ return 1;
+}
+
+/*
+ * Whack an IPAddressOrRanges into canonical form.
+ */
+static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
+ const unsigned afi)
+{
+ int i, j, length = length_from_afi(afi);
+
+ /*
+ * Sort the IPAddressOrRanges sequence.
+ */
+ sk_IPAddressOrRange_sort(aors);
+
+ /*
+ * Clean up representation issues, punt on duplicates or overlaps.
+ */
+ for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) {
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i);
+ IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1);
+ unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+ unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+
+ if (!extract_min_max(a, a_min, a_max, length) ||
+ !extract_min_max(b, b_min, b_max, length))
+ return 0;
+
+ /*
+ * Punt inverted ranges.
+ */
+ if (memcmp(a_min, a_max, length) > 0 ||
+ memcmp(b_min, b_max, length) > 0)
+ return 0;
+
+ /*
+ * Punt overlaps.
+ */
+ if (memcmp(a_max, b_min, length) >= 0)
+ return 0;
+
+ /*
+ * Merge if a and b are adjacent. We check for
+ * adjacency by subtracting one from b_min first.
+ */
+ for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--) ;
+ if (memcmp(a_max, b_min, length) == 0) {
+ IPAddressOrRange *merged;
+ if (!make_addressRange(&merged, a_min, b_max, length))
+ return 0;
+ (void)sk_IPAddressOrRange_set(aors, i, merged);
+ (void)sk_IPAddressOrRange_delete(aors, i + 1);
+ IPAddressOrRange_free(a);
+ IPAddressOrRange_free(b);
+ --i;
+ continue;
+ }
+ }
+
+ /*
+ * Check for inverted final range.
+ */
+ j = sk_IPAddressOrRange_num(aors) - 1;
+ {
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+ if (a != NULL && a->type == IPAddressOrRange_addressRange) {
+ unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+ extract_min_max(a, a_min, a_max, length);
+ if (memcmp(a_min, a_max, length) > 0)
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+/*
+ * Whack an IPAddrBlocks extension into canonical form.
+ */
+int v3_addr_canonize(IPAddrBlocks *addr)
+{
+ int i;
+ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+ IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+ if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
+ !IPAddressOrRanges_canonize(f->ipAddressChoice->
+ u.addressesOrRanges,
+ v3_addr_get_afi(f)))
+ return 0;
+ }
+ (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp);
+ sk_IPAddressFamily_sort(addr);
+ OPENSSL_assert(v3_addr_is_canonical(addr));
+ return 1;
+}
+
+/*
+ * v2i handler for the IPAddrBlocks extension.
+ */
+static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx,
+ STACK_OF(CONF_VALUE) *values)
+{
+ static const char v4addr_chars[] = "0123456789.";
+ static const char v6addr_chars[] = "0123456789.:abcdefABCDEF";
+ IPAddrBlocks *addr = NULL;
+ char *s = NULL, *t;
+ int i;
+
+ if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+ CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
+ unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
+ unsigned afi, *safi = NULL, safi_;
+ const char *addr_chars;
+ int prefixlen, i1, i2, delim, length;
+
+ if (!name_cmp(val->name, "IPv4")) {
+ afi = IANA_AFI_IPV4;
+ } else if (!name_cmp(val->name, "IPv6")) {
+ afi = IANA_AFI_IPV6;
+ } else if (!name_cmp(val->name, "IPv4-SAFI")) {
+ afi = IANA_AFI_IPV4;
+ safi = &safi_;
+ } else if (!name_cmp(val->name, "IPv6-SAFI")) {
+ afi = IANA_AFI_IPV6;
+ safi = &safi_;
+ } else {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_EXTENSION_NAME_ERROR);
+ X509V3_conf_err(val);
+ goto err;
+ }
+
+ switch (afi) {
+ case IANA_AFI_IPV4:
+ addr_chars = v4addr_chars;
+ break;
+ case IANA_AFI_IPV6:
+ addr_chars = v6addr_chars;
+ break;
+ }
+
+ length = length_from_afi(afi);
+
+ /*
+ * Handle SAFI, if any, and BUF_strdup() so we can null-terminate
+ * the other input values.
+ */
+ if (safi != NULL) {
+ *safi = strtoul(val->value, &t, 0);
+ t += strspn(t, " \t");
+ if (*safi > 0xFF || *t++ != ':') {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ t += strspn(t, " \t");
+ s = BUF_strdup(t);
+ } else {
+ s = BUF_strdup(val->value);
+ }
+ if (s == NULL) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /*
+ * Check for inheritance. Not worth additional complexity to
+ * optimize this (seldom-used) case.
+ */
+ if (!strcmp(s, "inherit")) {
+ if (!v3_addr_add_inherit(addr, afi, safi)) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_INVALID_INHERITANCE);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ OPENSSL_free(s);
+ s = NULL;
+ continue;
+ }
+
+ i1 = strspn(s, addr_chars);
+ i2 = i1 + strspn(s + i1, " \t");
+ delim = s[i2++];
+ s[i1] = '\0';
+
+ if (a2i_ipadd(min, s) != length) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
+ X509V3_conf_err(val);
+ goto err;
+ }
+
+ switch (delim) {
+ case '/':
+ prefixlen = (int)strtoul(s + i2, &t, 10);
+ if (t == s + i2 || *t != '\0') {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_EXTENSION_VALUE_ERROR);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ break;
+ case '-':
+ i1 = i2 + strspn(s + i2, " \t");
+ i2 = i1 + strspn(s + i1, addr_chars);
+ if (i1 == i2 || s[i2] != '\0') {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_EXTENSION_VALUE_ERROR);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ if (a2i_ipadd(max, s + i1) != length) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_INVALID_IPADDRESS);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ if (memcmp(min, max, length_from_afi(afi)) > 0) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_EXTENSION_VALUE_ERROR);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ if (!v3_addr_add_range(addr, afi, safi, min, max)) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ break;
+ case '\0':
+ if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ break;
+ default:
+ X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+ X509V3_R_EXTENSION_VALUE_ERROR);
+ X509V3_conf_err(val);
+ goto err;
+ }
+
+ OPENSSL_free(s);
+ s = NULL;
+ }
+
+ /*
+ * Canonize the result, then we're done.
+ */
+ if (!v3_addr_canonize(addr))
+ goto err;
+ return addr;
+
+ err:
+ OPENSSL_free(s);
+ sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free);
+ return NULL;
+}
+
+/*
+ * OpenSSL dispatch
+ */
+const X509V3_EXT_METHOD v3_addr = {
+ NID_sbgp_ipAddrBlock, /* nid */
+ 0, /* flags */
+ ASN1_ITEM_ref(IPAddrBlocks), /* template */
+ 0, 0, 0, 0, /* old functions, ignored */
+ 0, /* i2s */
+ 0, /* s2i */
+ 0, /* i2v */
+ v2i_IPAddrBlocks, /* v2i */
+ i2r_IPAddrBlocks, /* i2r */
+ 0, /* r2i */
+ NULL /* extension-specific data */
+};
+
+/*
+ * Figure out whether extension sues inheritance.
+ */
+int v3_addr_inherits(IPAddrBlocks *addr)
+{
+ int i;
+ if (addr == NULL)
+ return 0;
+ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+ IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+ if (f->ipAddressChoice->type == IPAddressChoice_inherit)
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * Figure out whether parent contains child.
+ */
+static int addr_contains(IPAddressOrRanges *parent,
+ IPAddressOrRanges *child, int length)
+{
+ unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
+ unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
+ int p, c;
+
+ if (child == NULL || parent == child)
+ return 1;
+ if (parent == NULL)
+ return 0;
+
+ p = 0;
+ for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
+ if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
+ c_min, c_max, length))
+ return -1;
+ for (;; p++) {
+ if (p >= sk_IPAddressOrRange_num(parent))
+ return 0;
+ if (!extract_min_max(sk_IPAddressOrRange_value(parent, p),
+ p_min, p_max, length))
+ return 0;
+ if (memcmp(p_max, c_max, length) < 0)
+ continue;
+ if (memcmp(p_min, c_min, length) > 0)
+ return 0;
+ break;
+ }
+ }
+
+ return 1;
+}
+
+/*
+ * Test whether a is a subset of b.
+ */
+int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
+{
+ int i;
+ if (a == NULL || a == b)
+ return 1;
+ if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b))
+ return 0;
+ (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp);
+ for (i = 0; i < sk_IPAddressFamily_num(a); i++) {
+ IPAddressFamily *fa = sk_IPAddressFamily_value(a, i);
+ int j = sk_IPAddressFamily_find(b, fa);
+ IPAddressFamily *fb;
+ fb = sk_IPAddressFamily_value(b, j);
+ if (fb == NULL)
+ return 0;
+ if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges,
+ fa->ipAddressChoice->u.addressesOrRanges,
+ length_from_afi(v3_addr_get_afi(fb))))
+ return 0;
+ }
+ return 1;
+}
+
+/*
+ * Validation error handling via callback.
+ */
+# define validation_err(_err_) \
+ do { \
+ if (ctx != NULL) { \
+ ctx->error = _err_; \
+ ctx->error_depth = i; \
+ ctx->current_cert = x; \
+ ret = ctx->verify_cb(0, ctx); \
+ } else { \
+ ret = 0; \
+ } \
+ if (!ret) \
+ goto done; \
+ } while (0)
+
+/*
+ * Core code for RFC 3779 2.3 path validation.
+ *
+ * Returns 1 for success, 0 on error.
+ *
+ * When returning 0, ctx->error MUST be set to an appropriate value other than
+ * X509_V_OK.
+ */
+static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *chain,
+ IPAddrBlocks *ext)
+{
+ IPAddrBlocks *child = NULL;
+ int i, j, ret = 1;
+ X509 *x;
+
+ OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
+ OPENSSL_assert(ctx != NULL || ext != NULL);
+ OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
+
+ /*
+ * Figure out where to start. If we don't have an extension to
+ * check, we're done. Otherwise, check canonical form and
+ * set up for walking up the chain.
+ */
+ if (ext != NULL) {
+ i = -1;
+ x = NULL;
+ } else {
+ i = 0;
+ x = sk_X509_value(chain, i);
+ OPENSSL_assert(x != NULL);
+ if ((ext = x->rfc3779_addr) == NULL)
+ goto done;
+ }
+ if (!v3_addr_is_canonical(ext))
+ validation_err(X509_V_ERR_INVALID_EXTENSION);
+ (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
+ if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
+ X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL,
+ ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ret = 0;
+ goto done;
+ }
+
+ /*
+ * Now walk up the chain. No cert may list resources that its
+ * parent doesn't list.
+ */
+ for (i++; i < sk_X509_num(chain); i++) {
+ x = sk_X509_value(chain, i);
+ OPENSSL_assert(x != NULL);
+ if (!v3_addr_is_canonical(x->rfc3779_addr))
+ validation_err(X509_V_ERR_INVALID_EXTENSION);
+ if (x->rfc3779_addr == NULL) {
+ for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
+ IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
+ if (fc->ipAddressChoice->type != IPAddressChoice_inherit) {
+ validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+ break;
+ }
+ }
+ continue;
+ }
+ (void)sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr,
+ IPAddressFamily_cmp);
+ for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
+ IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
+ int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc);
+ IPAddressFamily *fp =
+ sk_IPAddressFamily_value(x->rfc3779_addr, k);
+ if (fp == NULL) {
+ if (fc->ipAddressChoice->type ==
+ IPAddressChoice_addressesOrRanges) {
+ validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+ break;
+ }
+ continue;
+ }
+ if (fp->ipAddressChoice->type ==
+ IPAddressChoice_addressesOrRanges) {
+ if (fc->ipAddressChoice->type == IPAddressChoice_inherit
+ || addr_contains(fp->ipAddressChoice->u.addressesOrRanges,
+ fc->ipAddressChoice->u.addressesOrRanges,
+ length_from_afi(v3_addr_get_afi(fc))))
+ sk_IPAddressFamily_set(child, j, fp);
+ else
+ validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+ }
+ }
+ }
+
+ /*
+ * Trust anchor can't inherit.
+ */
+ OPENSSL_assert(x != NULL);
+ if (x->rfc3779_addr != NULL) {
+ for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
+ IPAddressFamily *fp =
+ sk_IPAddressFamily_value(x->rfc3779_addr, j);
+ if (fp->ipAddressChoice->type == IPAddressChoice_inherit
+ && sk_IPAddressFamily_find(child, fp) >= 0)
+ validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+ }
+ }
+
+ done:
+ sk_IPAddressFamily_free(child);
+ return ret;
+}
+
+# undef validation_err
+
+/*
+ * RFC 3779 2.3 path validation -- called from X509_verify_cert().
+ */
+int v3_addr_validate_path(X509_STORE_CTX *ctx)
+{
+ return v3_addr_validate_path_internal(ctx, ctx->chain, NULL);
+}
+
+/*
+ * RFC 3779 2.3 path validation of an extension.
+ * Test whether chain covers extension.
+ */
+int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+ IPAddrBlocks *ext, int allow_inheritance)
+{
+ if (ext == NULL)
+ return 1;
+ if (chain == NULL || sk_X509_num(chain) == 0)
+ return 0;
+ if (!allow_inheritance && v3_addr_inherits(ext))
+ return 0;
+ return v3_addr_validate_path_internal(NULL, chain, ext);
+}
+
+#endif /* OPENSSL_NO_RFC3779 */
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509v3/v3_pci.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,317 +0,0 @@
-/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Contributed to the OpenSSL Project 2004 by Richard Levitte
- * (richard at levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
- BIO *out, int indent);
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str);
-
-const X509V3_EXT_METHOD v3_pci =
- { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
- 0, 0, 0, 0,
- 0, 0,
- NULL, NULL,
- (X509V3_EXT_I2R)i2r_pci,
- (X509V3_EXT_R2I)r2i_pci,
- NULL,
-};
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
- BIO *out, int indent)
-{
- BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
- if (pci->pcPathLengthConstraint)
- i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
- else
- BIO_printf(out, "infinite");
- BIO_puts(out, "\n");
- BIO_printf(out, "%*sPolicy Language: ", indent, "");
- i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
- BIO_puts(out, "\n");
- if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
- BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
- pci->proxyPolicy->policy->data);
- return 1;
-}
-
-static int process_pci_value(CONF_VALUE *val,
- ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
- ASN1_OCTET_STRING **policy)
-{
- int free_policy = 0;
-
- if (strcmp(val->name, "language") == 0) {
- if (*language) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
- X509V3_conf_err(val);
- return 0;
- }
- if (!(*language = OBJ_txt2obj(val->value, 0))) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_INVALID_OBJECT_IDENTIFIER);
- X509V3_conf_err(val);
- return 0;
- }
- } else if (strcmp(val->name, "pathlen") == 0) {
- if (*pathlen) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
- X509V3_conf_err(val);
- return 0;
- }
- if (!X509V3_get_value_int(val, pathlen)) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_POLICY_PATH_LENGTH);
- X509V3_conf_err(val);
- return 0;
- }
- } else if (strcmp(val->name, "policy") == 0) {
- unsigned char *tmp_data = NULL;
- long val_len;
- if (!*policy) {
- *policy = ASN1_OCTET_STRING_new();
- if (!*policy) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- return 0;
- }
- free_policy = 1;
- }
- if (strncmp(val->value, "hex:", 4) == 0) {
- unsigned char *tmp_data2 =
- string_to_hex(val->value + 4, &val_len);
-
- if (!tmp_data2) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_ILLEGAL_HEX_DIGIT);
- X509V3_conf_err(val);
- goto err;
- }
-
- tmp_data = OPENSSL_realloc((*policy)->data,
- (*policy)->length + val_len + 1);
- if (tmp_data) {
- (*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
- tmp_data2, val_len);
- (*policy)->length += val_len;
- (*policy)->data[(*policy)->length] = '\0';
- } else {
- OPENSSL_free(tmp_data2);
- /*
- * realloc failure implies the original data space is b0rked
- * too!
- */
- (*policy)->data = NULL;
- (*policy)->length = 0;
- X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- goto err;
- }
- OPENSSL_free(tmp_data2);
- } else if (strncmp(val->value, "file:", 5) == 0) {
- unsigned char buf[2048];
- int n;
- BIO *b = BIO_new_file(val->value + 5, "r");
- if (!b) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
- X509V3_conf_err(val);
- goto err;
- }
- while ((n = BIO_read(b, buf, sizeof(buf))) > 0
- || (n == 0 && BIO_should_retry(b))) {
- if (!n)
- continue;
-
- tmp_data = OPENSSL_realloc((*policy)->data,
- (*policy)->length + n + 1);
-
- if (!tmp_data)
- break;
-
- (*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length], buf, n);
- (*policy)->length += n;
- (*policy)->data[(*policy)->length] = '\0';
- }
- BIO_free_all(b);
-
- if (n < 0) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
- X509V3_conf_err(val);
- goto err;
- }
- } else if (strncmp(val->value, "text:", 5) == 0) {
- val_len = strlen(val->value + 5);
- tmp_data = OPENSSL_realloc((*policy)->data,
- (*policy)->length + val_len + 1);
- if (tmp_data) {
- (*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
- val->value + 5, val_len);
- (*policy)->length += val_len;
- (*policy)->data[(*policy)->length] = '\0';
- } else {
- /*
- * realloc failure implies the original data space is b0rked
- * too!
- */
- (*policy)->data = NULL;
- (*policy)->length = 0;
- X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- goto err;
- }
- } else {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
- X509V3_conf_err(val);
- goto err;
- }
- if (!tmp_data) {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- goto err;
- }
- }
- return 1;
- err:
- if (free_policy) {
- ASN1_OCTET_STRING_free(*policy);
- *policy = NULL;
- }
- return 0;
-}
-
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *value)
-{
- PROXY_CERT_INFO_EXTENSION *pci = NULL;
- STACK_OF(CONF_VALUE) *vals;
- ASN1_OBJECT *language = NULL;
- ASN1_INTEGER *pathlen = NULL;
- ASN1_OCTET_STRING *policy = NULL;
- int i, j;
-
- vals = X509V3_parse_list(value);
- for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
- CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
- if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
- X509V3err(X509V3_F_R2I_PCI,
- X509V3_R_INVALID_PROXY_POLICY_SETTING);
- X509V3_conf_err(cnf);
- goto err;
- }
- if (*cnf->name == '@') {
- STACK_OF(CONF_VALUE) *sect;
- int success_p = 1;
-
- sect = X509V3_get_section(ctx, cnf->name + 1);
- if (!sect) {
- X509V3err(X509V3_F_R2I_PCI, X509V3_R_INVALID_SECTION);
- X509V3_conf_err(cnf);
- goto err;
- }
- for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++) {
- success_p =
- process_pci_value(sk_CONF_VALUE_value(sect, j),
- &language, &pathlen, &policy);
- }
- X509V3_section_free(ctx, sect);
- if (!success_p)
- goto err;
- } else {
- if (!process_pci_value(cnf, &language, &pathlen, &policy)) {
- X509V3_conf_err(cnf);
- goto err;
- }
- }
- }
-
- /* Language is mandatory */
- if (!language) {
- X509V3err(X509V3_F_R2I_PCI,
- X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
- goto err;
- }
- i = OBJ_obj2nid(language);
- if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
- X509V3err(X509V3_F_R2I_PCI,
- X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
- goto err;
- }
-
- pci = PROXY_CERT_INFO_EXTENSION_new();
- if (!pci) {
- X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- pci->proxyPolicy->policyLanguage = language;
- language = NULL;
- pci->proxyPolicy->policy = policy;
- policy = NULL;
- pci->pcPathLengthConstraint = pathlen;
- pathlen = NULL;
- goto end;
- err:
- if (language) {
- ASN1_OBJECT_free(language);
- language = NULL;
- }
- if (pathlen) {
- ASN1_INTEGER_free(pathlen);
- pathlen = NULL;
- }
- if (policy) {
- ASN1_OCTET_STRING_free(policy);
- policy = NULL;
- }
- if (pci) {
- PROXY_CERT_INFO_EXTENSION_free(pci);
- pci = NULL;
- }
- end:
- sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
- return pci;
-}
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509v3/v3_pci.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pci.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,317 @@
+/* v3_pci.c */
+/*
+ * Contributed to the OpenSSL Project 2004 by Richard Levitte
+ * (richard at levitte.org)
+ */
+/* Copyright (c) 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
+ BIO *out, int indent);
+static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *str);
+
+const X509V3_EXT_METHOD v3_pci =
+ { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
+ 0, 0, 0, 0,
+ 0, 0,
+ NULL, NULL,
+ (X509V3_EXT_I2R)i2r_pci,
+ (X509V3_EXT_R2I)r2i_pci,
+ NULL,
+};
+
+static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
+ BIO *out, int indent)
+{
+ BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
+ if (pci->pcPathLengthConstraint)
+ i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
+ else
+ BIO_printf(out, "infinite");
+ BIO_puts(out, "\n");
+ BIO_printf(out, "%*sPolicy Language: ", indent, "");
+ i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
+ BIO_puts(out, "\n");
+ if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
+ BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
+ pci->proxyPolicy->policy->data);
+ return 1;
+}
+
+static int process_pci_value(CONF_VALUE *val,
+ ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
+ ASN1_OCTET_STRING **policy)
+{
+ int free_policy = 0;
+
+ if (strcmp(val->name, "language") == 0) {
+ if (*language) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+ X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
+ X509V3_conf_err(val);
+ return 0;
+ }
+ if (!(*language = OBJ_txt2obj(val->value, 0))) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+ X509V3_R_INVALID_OBJECT_IDENTIFIER);
+ X509V3_conf_err(val);
+ return 0;
+ }
+ } else if (strcmp(val->name, "pathlen") == 0) {
+ if (*pathlen) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+ X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
+ X509V3_conf_err(val);
+ return 0;
+ }
+ if (!X509V3_get_value_int(val, pathlen)) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+ X509V3_R_POLICY_PATH_LENGTH);
+ X509V3_conf_err(val);
+ return 0;
+ }
+ } else if (strcmp(val->name, "policy") == 0) {
+ unsigned char *tmp_data = NULL;
+ long val_len;
+ if (!*policy) {
+ *policy = ASN1_OCTET_STRING_new();
+ if (!*policy) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+ X509V3_conf_err(val);
+ return 0;
+ }
+ free_policy = 1;
+ }
+ if (strncmp(val->value, "hex:", 4) == 0) {
+ unsigned char *tmp_data2 =
+ string_to_hex(val->value + 4, &val_len);
+
+ if (!tmp_data2) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+ X509V3_R_ILLEGAL_HEX_DIGIT);
+ X509V3_conf_err(val);
+ goto err;
+ }
+
+ tmp_data = OPENSSL_realloc((*policy)->data,
+ (*policy)->length + val_len + 1);
+ if (tmp_data) {
+ (*policy)->data = tmp_data;
+ memcpy(&(*policy)->data[(*policy)->length],
+ tmp_data2, val_len);
+ (*policy)->length += val_len;
+ (*policy)->data[(*policy)->length] = '\0';
+ } else {
+ OPENSSL_free(tmp_data2);
+ /*
+ * realloc failure implies the original data space is b0rked
+ * too!
+ */
+ (*policy)->data = NULL;
+ (*policy)->length = 0;
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ OPENSSL_free(tmp_data2);
+ } else if (strncmp(val->value, "file:", 5) == 0) {
+ unsigned char buf[2048];
+ int n;
+ BIO *b = BIO_new_file(val->value + 5, "r");
+ if (!b) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ while ((n = BIO_read(b, buf, sizeof(buf))) > 0
+ || (n == 0 && BIO_should_retry(b))) {
+ if (!n)
+ continue;
+
+ tmp_data = OPENSSL_realloc((*policy)->data,
+ (*policy)->length + n + 1);
+
+ if (!tmp_data)
+ break;
+
+ (*policy)->data = tmp_data;
+ memcpy(&(*policy)->data[(*policy)->length], buf, n);
+ (*policy)->length += n;
+ (*policy)->data[(*policy)->length] = '\0';
+ }
+ BIO_free_all(b);
+
+ if (n < 0) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ } else if (strncmp(val->value, "text:", 5) == 0) {
+ val_len = strlen(val->value + 5);
+ tmp_data = OPENSSL_realloc((*policy)->data,
+ (*policy)->length + val_len + 1);
+ if (tmp_data) {
+ (*policy)->data = tmp_data;
+ memcpy(&(*policy)->data[(*policy)->length],
+ val->value + 5, val_len);
+ (*policy)->length += val_len;
+ (*policy)->data[(*policy)->length] = '\0';
+ } else {
+ /*
+ * realloc failure implies the original data space is b0rked
+ * too!
+ */
+ (*policy)->data = NULL;
+ (*policy)->length = 0;
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ } else {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+ X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ if (!tmp_data) {
+ X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+ X509V3_conf_err(val);
+ goto err;
+ }
+ }
+ return 1;
+ err:
+ if (free_policy) {
+ ASN1_OCTET_STRING_free(*policy);
+ *policy = NULL;
+ }
+ return 0;
+}
+
+static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *value)
+{
+ PROXY_CERT_INFO_EXTENSION *pci = NULL;
+ STACK_OF(CONF_VALUE) *vals;
+ ASN1_OBJECT *language = NULL;
+ ASN1_INTEGER *pathlen = NULL;
+ ASN1_OCTET_STRING *policy = NULL;
+ int i, j;
+
+ vals = X509V3_parse_list(value);
+ for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+ CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
+ if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
+ X509V3err(X509V3_F_R2I_PCI,
+ X509V3_R_INVALID_PROXY_POLICY_SETTING);
+ X509V3_conf_err(cnf);
+ goto err;
+ }
+ if (*cnf->name == '@') {
+ STACK_OF(CONF_VALUE) *sect;
+ int success_p = 1;
+
+ sect = X509V3_get_section(ctx, cnf->name + 1);
+ if (!sect) {
+ X509V3err(X509V3_F_R2I_PCI, X509V3_R_INVALID_SECTION);
+ X509V3_conf_err(cnf);
+ goto err;
+ }
+ for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++) {
+ success_p =
+ process_pci_value(sk_CONF_VALUE_value(sect, j),
+ &language, &pathlen, &policy);
+ }
+ X509V3_section_free(ctx, sect);
+ if (!success_p)
+ goto err;
+ } else {
+ if (!process_pci_value(cnf, &language, &pathlen, &policy)) {
+ X509V3_conf_err(cnf);
+ goto err;
+ }
+ }
+ }
+
+ /* Language is mandatory */
+ if (!language) {
+ X509V3err(X509V3_F_R2I_PCI,
+ X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
+ goto err;
+ }
+ i = OBJ_obj2nid(language);
+ if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
+ X509V3err(X509V3_F_R2I_PCI,
+ X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
+ goto err;
+ }
+
+ pci = PROXY_CERT_INFO_EXTENSION_new();
+ if (!pci) {
+ X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ pci->proxyPolicy->policyLanguage = language;
+ language = NULL;
+ pci->proxyPolicy->policy = policy;
+ policy = NULL;
+ pci->pcPathLengthConstraint = pathlen;
+ pathlen = NULL;
+ goto end;
+ err:
+ if (language) {
+ ASN1_OBJECT_free(language);
+ language = NULL;
+ }
+ if (pathlen) {
+ ASN1_INTEGER_free(pathlen);
+ pathlen = NULL;
+ }
+ if (policy) {
+ ASN1_OCTET_STRING_free(policy);
+ policy = NULL;
+ }
+ if (pci) {
+ PROXY_CERT_INFO_EXTENSION_free(pci);
+ pci = NULL;
+ }
+ end:
+ sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
+ return pci;
+}
Deleted: vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c
===================================================================
--- vendor-crypto/openssl/dist/crypto/x509v3/v3_pcia.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,56 +0,0 @@
-/* v3_pcia.c -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Contributed to the OpenSSL Project 2004 by Richard Levitte
- * (richard at levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(PROXY_POLICY) =
- {
- ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT),
- ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(PROXY_POLICY)
-
-IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY)
-
-ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) =
- {
- ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER),
- ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY)
-} ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION)
-
-IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
Copied: vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c (from rev 11605, vendor-crypto/openssl/dist/crypto/x509v3/v3_pcia.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/crypto/x509v3/v3_pcia.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,56 @@
+/* v3_pcia.c */
+/*
+ * Contributed to the OpenSSL Project 2004 by Richard Levitte
+ * (richard at levitte.org)
+ */
+/* Copyright (c) 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+ASN1_SEQUENCE(PROXY_POLICY) =
+ {
+ ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT),
+ ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(PROXY_POLICY)
+
+IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY)
+
+ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) =
+ {
+ ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER),
+ ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY)
+} ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION)
+
+IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
Deleted: vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c
===================================================================
--- vendor-crypto/openssl/dist/demos/easy_tls/easy-tls.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1311 +0,0 @@
-/* -*- Mode: C; c-file-style: "bsd" -*- */
-/*-
- * easy-tls.c -- generic TLS proxy.
- * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $
- */
-/*-
- (c) Copyright 1999 Bodo Moeller. All rights reserved.
-
- This is free software; you can redistributed and/or modify it
- unter the terms of either
- - the GNU General Public License as published by the
- Free Software Foundation, version 1, or (at your option)
- any later version,
- or
- - the following license:
-*/
-/*-
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that each of the following
- * conditions is met:
- *
- * 1. Redistributions qualify as "freeware" or "Open Source Software" under
- * one of the following terms:
- *
- * (a) Redistributions are made at no charge beyond the reasonable cost of
- * materials and delivery.
- *
- * (b) Redistributions are accompanied by a copy of the Source Code
- * or by an irrevocable offer to provide a copy of the Source Code
- * for up to three years at the cost of materials and delivery.
- * Such redistributions must allow further use, modification, and
- * redistribution of the Source Code under substantially the same
- * terms as this license.
- *
- * 2. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 3. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 4. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by Bodo Moeller."
- * (If available, substitute umlauted o for oe.)
- *
- * 5. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by Bodo Moeller."
- *
- * THIS SOFTWARE IS PROVIDED BY BODO MOELLER ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BODO MOELLER OR
- * HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-/*-
- * Attribution for OpenSSL library:
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- * This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)
- */
-
-static char const rcsid[] =
- "$Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $";
-
-#include <assert.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/select.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/utsname.h>
-#include <unistd.h>
-
-#include <openssl/crypto.h>
-#include <openssl/dh.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/opensslv.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#ifndef NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/ssl.h>
-#include <openssl/x509.h>
-#include <openssl/x509_vfy.h>
-
-#if OPENSSL_VERSION_NUMBER < 0x00904000L /* 0.9.4-dev */
-# error "This program needs OpenSSL 0.9.4 or later."
-#endif
-
-#include "easy-tls.h" /* include after <openssl/ssl.h> if both are
- * needed */
-
-#if TLS_INFO_SIZE > PIPE_BUF
-# if PIPE_BUF < 512
-# error "PIPE_BUF < 512" /* non-POSIX */
-# endif
-# error "TLS_INFO_SIZE > PIPE_BUF"
-#endif
-
-/*****************************************************************************/
-
-#ifdef TLS_APP
-# include TLS_APP
-#endif
-
-/*-
- * Applications can define:
- * TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg)
- * TLS_CUMULATE_ERRORS
- * TLS_ERROR_BUFSIZ
- * TLS_APP_ERRFLUSH -- void ...(int child_p, char *, size_t, void *apparg)
- */
-
-#ifndef TLS_APP_PROCESS_INIT
-# define TLS_APP_PROCESS_INIT(fd, client_p, apparg) ((void) 0)
-#endif
-
-#ifndef TLS_ERROR_BUFSIZ
-# define TLS_ERROR_BUFSIZ (10*160)
-#endif
-#if TLS_ERROR_BUFSIZ < 2 /* {'\n',0} */
-# error "TLS_ERROR_BUFSIZE is too small."
-#endif
-
-#ifndef TLS_APP_ERRFLUSH
-# define TLS_APP_ERRFLUSH tls_app_errflush
-static void
-tls_app_errflush(int child_p, char *errbuf, size_t num, void *apparg)
-{
- fputs(errbuf, stderr);
-}
-#endif
-
-/*****************************************************************************/
-
-#ifdef DEBUG_TLS
-# define DEBUG_MSG(x) fprintf(stderr," %s\n",x)
-# define DEBUG_MSG2(x,y) fprintf(stderr, " %s: %d\n",x,y)
-static int tls_loop_count = 0;
-static int tls_select_count = 0;
-#else
-# define DEBUG_MSG(x) (void)0
-# define DEBUG_MSG2(x,y) (void)0
-#endif
-
-static void tls_rand_seed_uniquely(void);
-static void tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx,
- int client_p);
-static int tls_socket_nonblocking(int fd);
-
-static int tls_child_p = 0;
-static void *tls_child_apparg;
-
-struct tls_start_proxy_args tls_start_proxy_defaultargs(void)
-{
- struct tls_start_proxy_args ret;
-
- ret.fd = -1;
- ret.client_p = -1;
- ret.ctx = NULL;
- ret.pid = NULL;
- ret.infofd = NULL;
-
- return ret;
-}
-
-/*-
- * Slice in TLS proxy process at fd.
- * Return value:
- * 0 ok (*pid is set to child's PID if pid != NULL),
- * < 0 look at errno
- * > 0 other error
- * (return value encodes place of error)
- *
- */
-int tls_start_proxy(struct tls_start_proxy_args a, void *apparg)
-{
- int fds[2] = { -1, -1 };
- int infofds[2] = { -1, -1 };
- int r, getfd, getfl;
- int ret;
-
- DEBUG_MSG2("tls_start_proxy fd", a.fd);
- DEBUG_MSG2("tls_start_proxy client_p", a.client_p);
-
- if (a.fd == -1 || a.client_p == -1 || a.ctx == NULL)
- return 1;
-
- if (a.pid != NULL) {
- *a.pid = 0;
- }
- if (a.infofd != NULL) {
- *a.infofd = -1;
- }
-
- r = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
- if (r == -1)
- return -1;
- if (a.fd >= FD_SETSIZE || fds[0] >= FD_SETSIZE) {
- ret = 2;
- goto err;
- }
- if (a.infofd != NULL) {
- r = pipe(infofds);
- if (r == -1) {
- ret = -3;
- goto err;
- }
- }
-
- r = fork();
- if (r == -1) {
- ret = -4;
- goto err;
- }
- if (r == 0) {
- DEBUG_MSG("fork");
- tls_child_p = 1;
- tls_child_apparg = apparg;
- close(fds[1]);
- if (infofds[0] != -1)
- close(infofds[0]);
- TLS_APP_PROCESS_INIT(a.fd, a.client_p, apparg);
- DEBUG_MSG("TLS_APP_PROCESS_INIT");
- tls_proxy(fds[0], a.fd, infofds[1], a.ctx, a.client_p);
- exit(0);
- }
- if (a.pid != NULL)
- *a.pid = r;
- if (infofds[1] != -1) {
- close(infofds[1]);
- infofds[1] = -1;
- }
- /* install fds[1] in place of fd: */
- close(fds[0]);
- fds[0] = -1;
- getfd = fcntl(a.fd, F_GETFD);
- getfl = fcntl(a.fd, F_GETFL);
- r = dup2(fds[1], a.fd);
- close(fds[1]);
- fds[1] = -1;
- if (r == -1) {
- ret = -5;
- goto err;
- }
- if (getfd != 1)
- fcntl(a.fd, F_SETFD, getfd);
- if (getfl & O_NONBLOCK)
- (void)tls_socket_nonblocking(a.fd);
- if (a.infofd != NULL)
- *a.infofd = infofds[0];
- return 0;
-
- err:
- if (fds[0] != -1)
- close(fds[0]);
- if (fds[1] != -1)
- close(fds[1]);
- if (infofds[0] != -1)
- close(infofds[0]);
- if (infofds[1] != -1)
- close(infofds[1]);
- return ret;
-}
-
-/*****************************************************************************/
-
-static char errbuf[TLS_ERROR_BUFSIZ];
-static size_t errbuf_i = 0;
-
-static void tls_errflush(void *apparg)
-{
- if (errbuf_i == 0)
- return;
-
- assert(errbuf_i < sizeof errbuf);
- assert(errbuf[errbuf_i] == 0);
- if (errbuf_i == sizeof errbuf - 1) {
- /* make sure we have a newline, even if string has been truncated */
- errbuf[errbuf_i - 1] = '\n';
- }
-
- /*
- * TLS_APP_ERRFLUSH may modify the string as needed, e.g. substitute
- * other characters for \n for convenience
- */
- TLS_APP_ERRFLUSH(tls_child_p, errbuf, errbuf_i, apparg);
-
- errbuf_i = 0;
-}
-
-static void tls_errprintf(int flush, void *apparg, const char *fmt, ...)
-{
- va_list args;
- int r;
-
- if (errbuf_i < sizeof errbuf - 1) {
- size_t n;
-
- va_start(args, fmt);
- n = (sizeof errbuf) - errbuf_i;
- r = vsnprintf(errbuf + errbuf_i, n, fmt, args);
- if (r >= n)
- r = n - 1;
- if (r >= 0) {
- errbuf_i += r;
- } else {
- errbuf_i = sizeof errbuf - 1;
- errbuf[errbuf_i] = '\0';
- }
- assert(errbuf_i < sizeof errbuf);
- assert(errbuf[errbuf_i] == 0);
- }
-#ifndef TLS_CUMULATE_ERRORS
- tls_errflush(apparg);
-#else
- if (flush)
- tls_errflush(apparg);
-#endif
-}
-
-/*
- * app_prefix.. are for additional information provided by caller. If OpenSSL
- * error queue is empty, print default_text ("???" if NULL).
- */
-static char *tls_openssl_errors(const char *app_prefix_1,
- const char *app_prefix_2,
- const char *default_text, void *apparg)
-{
- static char reasons[255];
- size_t reasons_i;
- unsigned long err;
- const char *file;
- int line;
- const char *data;
- int flags;
- char *errstring;
- int printed_something = 0;
-
- reasons_i = 0;
-
- assert(app_prefix_1 != NULL);
- assert(app_prefix_2 != NULL);
-
- if (default_text == NULL)
- default_text = "?" "?" "?";
-
- while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
- if (reasons_i < sizeof reasons) {
- size_t n;
- int r;
-
- n = (sizeof reasons) - reasons_i;
- r = snprintf(reasons + reasons_i, n, "%s%s",
- (reasons_i > 0 ? ", " : ""),
- ERR_reason_error_string(err));
- if (r >= n)
- r = n - 1;
- if (r >= 0) {
- reasons_i += r;
- } else {
- reasons_i = sizeof reasons;
- }
- assert(reasons_i <= sizeof reasons);
- }
-
- errstring = ERR_error_string(err, NULL);
- assert(errstring != NULL);
- tls_errprintf(0, apparg, "OpenSSL error%s%s: %s:%s:%d:%s\n",
- app_prefix_1, app_prefix_2, errstring, file, line,
- (flags & ERR_TXT_STRING) ? data : "");
- printed_something = 1;
- }
-
- if (!printed_something) {
- assert(reasons_i == 0);
- snprintf(reasons, sizeof reasons, "%s", default_text);
- tls_errprintf(0, apparg, "OpenSSL error%s%s: %s\n", app_prefix_1,
- app_prefix_2, default_text);
- }
-#ifdef TLS_CUMULATE_ERRORS
- tls_errflush(apparg);
-#endif
- assert(errbuf_i == 0);
-
- return reasons;
-}
-
-/*****************************************************************************/
-
-static int tls_init_done = 0;
-
-static int tls_init(void *apparg)
-{
- if (tls_init_done)
- return 0;
-
- SSL_load_error_strings();
- if (!SSL_library_init() /* aka SSLeay_add_ssl_algorithms() */ ) {
- tls_errprintf(1, apparg, "SSL_library_init failed.\n");
- return -1;
- }
- tls_init_done = 1;
- tls_rand_seed();
- return 0;
-}
-
-/*****************************************************************************/
-
-static void tls_rand_seed_uniquely(void)
-{
- struct {
- pid_t pid;
- time_t time;
- void *stack;
- } data;
-
- data.pid = getpid();
- data.time = time(NULL);
- data.stack = (void *)&data;
-
- RAND_seed((const void *)&data, sizeof data);
-}
-
-void tls_rand_seed(void)
-{
- struct {
- struct utsname uname;
- int uname_1;
- int uname_2;
- uid_t uid;
- uid_t euid;
- gid_t gid;
- gid_t egid;
- } data;
-
- data.uname_1 = uname(&data.uname);
- data.uname_2 = errno; /* Let's hope that uname fails randomly :-) */
-
- data.uid = getuid();
- data.euid = geteuid();
- data.gid = getgid();
- data.egid = getegid();
-
- RAND_seed((const void *)&data, sizeof data);
- tls_rand_seed_uniquely();
-}
-
-static int tls_rand_seeded_p = 0;
-
-#define my_MIN_SEED_BYTES 256 /* struct stat can be larger than 128 */
-int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg)
-{
- /*
- * Seed OpenSSL's random number generator from file. Try to read n bytes
- * if n > 0, whole file if n == 0.
- */
-
- int r;
-
- if (tls_init(apparg) == -1)
- return -1;
- tls_rand_seed();
-
- r = RAND_load_file(filename,
- (n > 0 && n < LONG_MAX) ? (long)n : LONG_MAX);
- /*
- * r is the number of bytes filled into the random number generator,
- * which are taken from "stat(filename, ...)" in addition to the file
- * contents.
- */
- assert(1 < my_MIN_SEED_BYTES);
- /*
- * We need to detect at least those cases when the file does not exist at
- * all. With current versions of OpenSSL, this should do it:
- */
- if (n == 0)
- n = my_MIN_SEED_BYTES;
- if (r < n) {
- tls_errprintf(1, apparg,
- "rand_seed_from_file: could not read %d bytes from %s.\n",
- n, filename);
- return -1;
- } else {
- tls_rand_seeded_p = 1;
- return 0;
- }
-}
-
-void tls_rand_seed_from_memory(const void *buf, size_t n)
-{
- size_t i = 0;
-
- while (i < n) {
- size_t rest = n - i;
- int chunk = rest < INT_MAX ? (int)rest : INT_MAX;
- RAND_seed((const char *)buf + i, chunk);
- i += chunk;
- }
- tls_rand_seeded_p = 1;
-}
-
-/*****************************************************************************/
-
-struct tls_x509_name_string {
- char str[100];
-};
-
-static void
-tls_get_x509_subject_name_oneline(X509 *cert,
- struct tls_x509_name_string *namestring)
-{
- X509_NAME *name;
-
- if (cert == NULL) {
- namestring->str[0] = '\0';
- return;
- }
-
- name = X509_get_subject_name(cert); /* does not increment any reference
- * counter */
-
- assert(sizeof namestring->str >= 4); /* "?" or "...", plus 0 */
-
- if (name == NULL) {
- namestring->str[0] = '?';
- namestring->str[1] = 0;
- } else {
- size_t len;
-
- X509_NAME_oneline(name, namestring->str, sizeof namestring->str);
- len = strlen(namestring->str);
- assert(namestring->str[len] == 0);
- assert(len < sizeof namestring->str);
-
- if (len + 1 == sizeof namestring->str) {
- /*
- * (Probably something was cut off.) Does not really work --
- * X509_NAME_oneline truncates after name components, we cannot
- * tell from the result whether anything is missing.
- */
-
- assert(namestring->str[len] == 0);
- namestring->str[--len] = '.';
- namestring->str[--len] = '.';
- namestring->str[--len] = '.';
- }
- }
-}
-
-/*****************************************************************************/
-
-/* to hinder OpenSSL from asking for passphrases */
-static int no_passphrase_callback(char *buf, int num, int w, void *arg)
-{
- return -1;
-}
-
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
-static int verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg)
-#else
-static int verify_dont_fail_cb(X509_STORE_CTX *c)
-#endif
-{
- int i;
-
- i = X509_verify_cert(c); /* sets c->error */
-#if OPENSSL_VERSION_NUMBER >= 0x00905000L /* don't allow unverified
- * certificates -- they could
- * survive session reuse, but
- * OpenSSL < 0.9.5-dev does not
- * preserve their verify_result */
- if (i == 0)
- return 1;
- else
-#endif
- return i;
-}
-
-static DH *tls_dhe1024 = NULL; /* generating these takes a while, so do it
- * just once */
-
-void tls_set_dhe1024(int i, void *apparg)
-{
- DSA *dsaparams;
- DH *dhparams;
- const char *seed[] = { ";-) :-( :-) :-( ",
- ";-) :-( :-) :-( ",
- "Random String no. 12",
- ";-) :-( :-) :-( ",
- "hackers have even mo", /* from jargon file */
- };
- unsigned char seedbuf[20];
-
- tls_init(apparg);
- if (i >= 0) {
- i %= sizeof seed / sizeof seed[0];
- assert(strlen(seed[i]) == 20);
- memcpy(seedbuf, seed[i], 20);
- dsaparams =
- DSA_generate_parameters(1024, seedbuf, 20, NULL, NULL, 0, NULL);
- } else {
- /* random parameters (may take a while) */
- dsaparams =
- DSA_generate_parameters(1024, NULL, 0, NULL, NULL, 0, NULL);
- }
-
- if (dsaparams == NULL) {
- tls_openssl_errors("", "", NULL, apparg);
- return;
- }
- dhparams = DSA_dup_DH(dsaparams);
- DSA_free(dsaparams);
- if (dhparams == NULL) {
- tls_openssl_errors("", "", NULL, apparg);
- return;
- }
- if (tls_dhe1024 != NULL)
- DH_free(tls_dhe1024);
- tls_dhe1024 = dhparams;
-}
-
-struct tls_create_ctx_args tls_create_ctx_defaultargs(void)
-{
- struct tls_create_ctx_args ret;
-
- ret.client_p = 0;
- ret.certificate_file = NULL;
- ret.key_file = NULL;
- ret.ca_file = NULL;
- ret.verify_depth = -1;
- ret.fail_unless_verified = 0;
- ret.export_p = 0;
-
- return ret;
-}
-
-SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
-{
- int r;
- static long context_num = 0;
- SSL_CTX *ret;
- const char *err_pref_1 = "", *err_pref_2 = "";
-
- if (tls_init(apparg) == -1)
- return NULL;
-
- ret =
- SSL_CTX_new((a.client_p ? SSLv23_client_method :
- SSLv23_server_method) ());
-
- if (ret == NULL)
- goto err;
-
- SSL_CTX_set_default_passwd_cb(ret, no_passphrase_callback);
- SSL_CTX_set_mode(ret, SSL_MODE_ENABLE_PARTIAL_WRITE);
-
- if ((a.certificate_file != NULL) || (a.key_file != NULL)) {
- if (a.key_file == NULL) {
- tls_errprintf(1, apparg, "Need a key file.\n");
- goto err_return;
- }
- if (a.certificate_file == NULL) {
- tls_errprintf(1, apparg, "Need a certificate chain file.\n");
- goto err_return;
- }
-
- if (!SSL_CTX_use_PrivateKey_file(ret, a.key_file, SSL_FILETYPE_PEM))
- goto err;
- if (!tls_rand_seeded_p) {
- /*
- * particularly paranoid people may not like this -- so provide
- * your own random seeding before calling this
- */
- if (tls_rand_seed_from_file(a.key_file, 0, apparg) == -1)
- goto err_return;
- }
- if (!SSL_CTX_use_certificate_chain_file(ret, a.certificate_file))
- goto err;
- if (!SSL_CTX_check_private_key(ret)) {
- tls_errprintf(1, apparg,
- "Private key \"%s\" does not match certificate \"%s\".\n",
- a.key_file, a.certificate_file);
- goto err_peek;
- }
- }
-
- if ((a.ca_file != NULL) || (a.verify_depth > 0)) {
- context_num++;
- r = SSL_CTX_set_session_id_context(ret, (const void *)&context_num,
- (unsigned int)sizeof context_num);
- if (!r)
- goto err;
-
- SSL_CTX_set_verify(ret,
- SSL_VERIFY_PEER | (a.fail_unless_verified ?
- SSL_VERIFY_FAIL_IF_NO_PEER_CERT
- : 0), 0);
- if (!a.fail_unless_verified)
- SSL_CTX_set_cert_verify_callback(ret, verify_dont_fail_cb, NULL);
-
- if (a.verify_depth > 0)
- SSL_CTX_set_verify_depth(ret, a.verify_depth);
-
- if (a.ca_file != NULL) {
- /* does not report failure if file does not exist ... */
- /* NULL argument means no CA-directory */
- r = SSL_CTX_load_verify_locations(ret, a.ca_file, NULL);
- if (!r) {
- err_pref_1 = " while processing certificate file ";
- err_pref_2 = a.ca_file;
- goto err;
- }
-
- if (!a.client_p) {
- /*
- * SSL_load_client_CA_file is a misnomer, it just creates a
- * list of CNs.
- */
- SSL_CTX_set_client_CA_list(ret,
- SSL_load_client_CA_file
- (a.ca_file));
- /*
- * SSL_CTX_set_client_CA_list does not have a return value;
- * it does not really need one, but make sure (we really test
- * if SSL_load_client_CA_file worked)
- */
- if (SSL_CTX_get_client_CA_list(ret) == NULL) {
- tls_errprintf(1, apparg,
- "Could not set client CA list from \"%s\".\n",
- a.ca_file);
- goto err_peek;
- }
- }
- }
- }
-
- if (!a.client_p) {
- if (tls_dhe1024 == NULL) {
- int i;
-
- if (RAND_bytes((unsigned char *)&i, sizeof i) <= 0)
- goto err_return;
- /*
- * make sure that i is non-negative -- pick one of the provided
- * seeds
- */
- if (i < 0)
- i = -i;
- if (i < 0)
- i = 0;
- tls_set_dhe1024(i, apparg);
- if (tls_dhe1024 == NULL)
- goto err_return;
- }
-
- if (!SSL_CTX_set_tmp_dh(ret, tls_dhe1024))
- goto err;
-
- /* avoid small subgroup attacks: */
- SSL_CTX_set_options(ret, SSL_OP_SINGLE_DH_USE);
- }
-#ifndef NO_RSA
- if (!a.client_p && a.export_p) {
- RSA *tmpkey;
-
- tmpkey = RSA_generate_key(512, RSA_F4, 0, NULL);
- if (tmpkey == NULL)
- goto err;
- if (!SSL_CTX_set_tmp_rsa(ret, tmpkey)) {
- RSA_free(tmpkey);
- goto err;
- }
- RSA_free(tmpkey); /* SSL_CTX_set_tmp_rsa uses a duplicate. */
- }
-#endif
-
- return ret;
-
- err_peek:
- if (!ERR_peek_error())
- goto err_return;
- err:
- tls_openssl_errors(err_pref_1, err_pref_2, NULL, apparg);
- err_return:
- if (ret != NULL)
- SSL_CTX_free(ret);
- return NULL;
-}
-
-/*****************************************************************************/
-
-static int tls_socket_nonblocking(int fd)
-{
- int v, r;
-
- v = fcntl(fd, F_GETFL, 0);
- if (v == -1) {
- if (errno == EINVAL)
- return 0; /* already shut down -- ignore */
- return -1;
- }
- r = fcntl(fd, F_SETFL, v | O_NONBLOCK);
- if (r == -1) {
- if (errno == EINVAL)
- return 0; /* already shut down -- ignore */
- return -1;
- }
- return 0;
-}
-
-static int max(int a, int b)
-{
- return a > b ? a : b;
-}
-
-/* timeout, -1 means no timeout */
-static void
-tls_sockets_select(int read_select_1, int read_select_2, int write_select_1,
- int write_select_2, int seconds)
-{
- int maxfd, n;
- fd_set reads, writes;
- struct timeval timeout;
- struct timeval *timeout_p;
-
- assert(read_select_1 >= -1 && read_select_2 >= -1 && write_select_1 >= -1
- && write_select_2 >= -1);
- assert(read_select_1 < FD_SETSIZE && read_select_2 < FD_SETSIZE - 1
- && write_select_1 < FD_SETSIZE - 1
- && write_select_2 < FD_SETSIZE - 1);
-
- maxfd =
- max(max(read_select_1, read_select_2),
- max(write_select_1, write_select_2));
- assert(maxfd >= 0);
-
- FD_ZERO(&reads);
- FD_ZERO(&writes);
-
- for (n = 0; n < 4; ++n) {
- int i = n % 2;
- int w = n >= 2;
- /* loop over all (i, w) in {0,1}x{0,1} */
- int fd;
-
- if (i == 0 && w == 0)
- fd = read_select_1;
- else if (i == 1 && w == 0)
- fd = read_select_2;
- else if (i == 0 && w == 1)
- fd = write_select_1;
- else {
- assert(i == 1 && w == 1);
- fd = write_select_2;
- }
-
- if (fd >= 0) {
- if (w == 0)
- FD_SET(fd, &reads);
- else /* w == 1 */
- FD_SET(fd, &writes);
- }
- }
-
- if (seconds >= 0) {
- timeout.tv_sec = seconds;
- timeout.tv_usec = 0;
- timeout_p = &timeout;
- } else
- timeout_p = NULL;
-
- DEBUG_MSG2("select no.", ++tls_select_count);
- select(maxfd + 1, &reads, &writes, (fd_set *) NULL, timeout_p);
- DEBUG_MSG("cont.");
-}
-
-/*****************************************************************************/
-
-#define TUNNELBUFSIZE (16*1024)
-struct tunnelbuf {
- char buf[TUNNELBUFSIZE];
- size_t len;
- size_t offset;
-};
-
-static int tls_connect_attempt(SSL *, int *write_select, int *read_select,
- int *closed, int *progress,
- const char **err_pref);
-
-static int tls_accept_attempt(SSL *, int *write_select, int *read_select,
- int *closed, int *progress,
- const char **err_pref);
-
-static int tls_write_attempt(SSL *, struct tunnelbuf *, int *write_select,
- int *read_select, int *closed, int *progress,
- const char **err_pref);
-
-static int tls_read_attempt(SSL *, struct tunnelbuf *, int *write_select,
- int *read_select, int *closed, int *progress,
- const char **err_pref);
-
-static int write_attempt(int fd, struct tunnelbuf *, int *select, int *closed,
- int *progress);
-
-static int read_attempt(int fd, struct tunnelbuf *, int *select, int *closed,
- int *progress);
-
-static void write_info(SSL *ssl, int *info_fd)
-{
- if (*info_fd != -1) {
- long v;
- int v_ok;
- struct tls_x509_name_string peer;
- char infobuf[TLS_INFO_SIZE];
- int r;
-
- DEBUG_MSG("write_info");
- v = SSL_get_verify_result(ssl);
- v_ok = (v == X509_V_OK) ? 'A' : 'E'; /* Auth./Error */
- {
- X509 *peercert;
-
- peercert = SSL_get_peer_certificate(ssl);
- tls_get_x509_subject_name_oneline(peercert, &peer);
- if (peercert != NULL)
- X509_free(peercert);
- }
- if (peer.str[0] == '\0')
- v_ok = '0'; /* no cert at all */
- else if (strchr(peer.str, '\n')) {
- /* should not happen, but make sure */
- *strchr(peer.str, '\n') = '\0';
- }
- r = snprintf(infobuf, sizeof infobuf, "%c:%s\n%s\n", v_ok,
- X509_verify_cert_error_string(v), peer.str);
- DEBUG_MSG2("snprintf", r);
- if (r == -1 || r >= sizeof infobuf)
- r = sizeof infobuf - 1;
- write(*info_fd, infobuf, r);
- close(*info_fd);
- *info_fd = -1;
- }
-}
-
-/* tls_proxy expects that all fds are closed after return */
-static void
-tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
-{
- struct tunnelbuf clear_to_tls, tls_to_clear;
- SSL *ssl;
- BIO *rbio, *wbio;
- int closed, in_handshake;
- const char *err_pref_1 = "", *err_pref_2 = "";
- const char *err_def = NULL;
-
- assert(clear_fd != -1);
- assert(tls_fd != -1);
- assert(clear_fd < FD_SETSIZE);
- assert(tls_fd < FD_SETSIZE);
- /* info_fd may be -1 */
- assert(ctx != NULL);
-
- tls_rand_seed_uniquely();
-
- tls_socket_nonblocking(clear_fd);
- DEBUG_MSG2("clear_fd", clear_fd);
- tls_socket_nonblocking(tls_fd);
- DEBUG_MSG2("tls_fd", tls_fd);
-
- ssl = SSL_new(ctx);
- if (ssl == NULL)
- goto err;
- DEBUG_MSG("SSL_new");
- if (!SSL_set_fd(ssl, tls_fd))
- goto err;
- rbio = SSL_get_rbio(ssl);
- wbio = SSL_get_wbio(ssl); /* should be the same, but who cares */
- assert(rbio != NULL);
- assert(wbio != NULL);
- if (client_p)
- SSL_set_connect_state(ssl);
- else
- SSL_set_accept_state(ssl);
-
- closed = 0;
- in_handshake = 1;
- tls_to_clear.len = 0;
- tls_to_clear.offset = 0;
- clear_to_tls.len = 0;
- clear_to_tls.offset = 0;
-
- err_def = "I/O error";
-
- /*
- * loop finishes as soon as we detect that one side closed; when all
- * (program and OS) buffers have enough space, the data from the last
- * succesful read in each direction is transferred before close
- */
- do {
- int clear_read_select = 0, clear_write_select = 0,
- tls_read_select = 0, tls_write_select = 0, progress = 0;
- int r;
- unsigned long num_read = BIO_number_read(rbio),
- num_written = BIO_number_written(wbio);
-
- DEBUG_MSG2("loop iteration", ++tls_loop_count);
-
- if (in_handshake) {
- DEBUG_MSG("in_handshake");
- if (client_p)
- r = tls_connect_attempt(ssl, &tls_write_select,
- &tls_read_select, &closed, &progress,
- &err_pref_1);
- else
- r = tls_accept_attempt(ssl, &tls_write_select,
- &tls_read_select, &closed, &progress,
- &err_pref_1);
- if (r != 0) {
- write_info(ssl, &info_fd);
- goto err;
- }
- if (closed)
- goto err_return;
- if (!SSL_in_init(ssl)) {
- in_handshake = 0;
- write_info(ssl, &info_fd);
- }
- }
-
- if (clear_to_tls.len != 0 && !in_handshake) {
- assert(!closed);
-
- r = tls_write_attempt(ssl, &clear_to_tls, &tls_write_select,
- &tls_read_select, &closed, &progress,
- &err_pref_1);
- if (r != 0)
- goto err;
- if (closed) {
- assert(progress);
- tls_to_clear.offset = 0;
- tls_to_clear.len = 0;
- }
- }
-
- if (tls_to_clear.len != 0) {
- assert(!closed);
-
- r = write_attempt(clear_fd, &tls_to_clear, &clear_write_select,
- &closed, &progress);
- if (r != 0)
- goto err_return;
- if (closed) {
- assert(progress);
- clear_to_tls.offset = 0;
- clear_to_tls.len = 0;
- }
- }
-
- if (!closed) {
- if (clear_to_tls.offset + clear_to_tls.len <
- sizeof clear_to_tls.buf) {
- r = read_attempt(clear_fd, &clear_to_tls, &clear_read_select,
- &closed, &progress);
- if (r != 0)
- goto err_return;
- if (closed) {
- r = SSL_shutdown(ssl);
- DEBUG_MSG2("SSL_shutdown", r);
- }
- }
- }
-
- if (!closed && !in_handshake) {
- if (tls_to_clear.offset + tls_to_clear.len <
- sizeof tls_to_clear.buf) {
- r = tls_read_attempt(ssl, &tls_to_clear, &tls_write_select,
- &tls_read_select, &closed, &progress,
- &err_pref_1);
- if (r != 0)
- goto err;
- if (closed) {
- r = SSL_shutdown(ssl);
- DEBUG_MSG2("SSL_shutdown", r);
- }
- }
- }
-
- if (!progress) {
- DEBUG_MSG("!progress?");
- if (num_read != BIO_number_read(rbio)
- || num_written != BIO_number_written(wbio))
- progress = 1;
-
- if (!progress) {
- DEBUG_MSG("!progress");
- assert(clear_read_select || tls_read_select
- || clear_write_select || tls_write_select);
- tls_sockets_select(clear_read_select ? clear_fd : -1,
- tls_read_select ? tls_fd : -1,
- clear_write_select ? clear_fd : -1,
- tls_write_select ? tls_fd : -1, -1);
- }
- }
- } while (!closed);
- return;
-
- err:
- tls_openssl_errors(err_pref_1, err_pref_2, err_def, tls_child_apparg);
- err_return:
- return;
-}
-
-static int
-tls_get_error(SSL *ssl, int r, int *write_select, int *read_select,
- int *closed, int *progress)
-{
- int err = SSL_get_error(ssl, r);
-
- if (err == SSL_ERROR_NONE) {
- assert(r > 0);
- *progress = 1;
- return 0;
- }
-
- assert(r <= 0);
-
- switch (err) {
- case SSL_ERROR_ZERO_RETURN:
- assert(r == 0);
- *closed = 1;
- *progress = 1;
- return 0;
-
- case SSL_ERROR_WANT_WRITE:
- *write_select = 1;
- return 0;
-
- case SSL_ERROR_WANT_READ:
- *read_select = 1;
- return 0;
- }
-
- return -1;
-}
-
-static int
-tls_connect_attempt(SSL *ssl, int *write_select, int *read_select,
- int *closed, int *progress, const char **err_pref)
-{
- int n, r;
-
- DEBUG_MSG("tls_connect_attempt");
- n = SSL_connect(ssl);
- DEBUG_MSG2("SSL_connect", n);
- r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
- if (r == -1)
- *err_pref = " during SSL_connect";
- return r;
-}
-
-static int
-tls_accept_attempt(SSL *ssl, int *write_select, int *read_select, int *closed,
- int *progress, const char **err_pref)
-{
- int n, r;
-
- DEBUG_MSG("tls_accept_attempt");
- n = SSL_accept(ssl);
- DEBUG_MSG2("SSL_accept", n);
- r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
- if (r == -1)
- *err_pref = " during SSL_accept";
- return r;
-}
-
-static int
-tls_write_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
- int *read_select, int *closed, int *progress,
- const char **err_pref)
-{
- int n, r;
-
- DEBUG_MSG("tls_write_attempt");
- n = SSL_write(ssl, buf->buf + buf->offset, buf->len);
- DEBUG_MSG2("SSL_write", n);
- r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
- if (n > 0) {
- buf->len -= n;
- assert(buf->len >= 0);
- if (buf->len == 0)
- buf->offset = 0;
- else
- buf->offset += n;
- }
- if (r == -1)
- *err_pref = " during SSL_write";
- return r;
-}
-
-static int
-tls_read_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
- int *read_select, int *closed, int *progress,
- const char **err_pref)
-{
- int n, r;
- size_t total;
-
- DEBUG_MSG("tls_read_attempt");
- total = buf->offset + buf->len;
- assert(total < sizeof buf->buf);
- n = SSL_read(ssl, buf->buf + total, (sizeof buf->buf) - total);
- DEBUG_MSG2("SSL_read", n);
- r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
- if (n > 0) {
- buf->len += n;
- assert(buf->offset + buf->len <= sizeof buf->buf);
- }
- if (r == -1)
- *err_pref = " during SSL_read";
- return r;
-}
-
-static int get_error(int r, int *select, int *closed, int *progress)
-{
- if (r >= 0) {
- *progress = 1;
- if (r == 0)
- *closed = 1;
- return 0;
- } else {
- assert(r == -1);
- if (errno == EAGAIN || errno == EWOULDBLOCK) {
- *select = 1;
- return 0;
- } else if (errno == EPIPE) {
- *progress = 1;
- *closed = 1;
- return 0;
- } else
- return -1;
- }
-}
-
-static int write_attempt(int fd, struct tunnelbuf *buf, int *select,
- int *closed, int *progress)
-{
- int n, r;
-
- DEBUG_MSG("write_attempt");
- n = write(fd, buf->buf + buf->offset, buf->len);
- DEBUG_MSG2("write", n);
- r = get_error(n, select, closed, progress);
- if (n > 0) {
- buf->len -= n;
- assert(buf->len >= 0);
- if (buf->len == 0)
- buf->offset = 0;
- else
- buf->offset += n;
- }
- if (r == -1)
- tls_errprintf(1, tls_child_apparg, "write error: %s\n",
- strerror(errno));
- return r;
-}
-
-static int
-read_attempt(int fd, struct tunnelbuf *buf, int *select, int *closed,
- int *progress)
-{
- int n, r;
- size_t total;
-
- DEBUG_MSG("read_attempt");
- total = buf->offset + buf->len;
- assert(total < sizeof buf->buf);
- n = read(fd, buf->buf + total, (sizeof buf->buf) - total);
- DEBUG_MSG2("read", n);
- r = get_error(n, select, closed, progress);
- if (n > 0) {
- buf->len += n;
- assert(buf->offset + buf->len <= sizeof buf->buf);
- }
- if (r == -1)
- tls_errprintf(1, tls_child_apparg, "read error: %s\n",
- strerror(errno));
- return r;
-}
Copied: vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c (from rev 11605, vendor-crypto/openssl/dist/demos/easy_tls/easy-tls.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1311 @@
+/* */
+/*-
+ * easy-tls.c -- generic TLS proxy.
+ * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $
+ */
+/*-
+ (c) Copyright 1999 Bodo Moeller. All rights reserved.
+
+ This is free software; you can redistributed and/or modify it
+ unter the terms of either
+ - the GNU General Public License as published by the
+ Free Software Foundation, version 1, or (at your option)
+ any later version,
+ or
+ - the following license:
+*/
+/*-
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that each of the following
+ * conditions is met:
+ *
+ * 1. Redistributions qualify as "freeware" or "Open Source Software" under
+ * one of the following terms:
+ *
+ * (a) Redistributions are made at no charge beyond the reasonable cost of
+ * materials and delivery.
+ *
+ * (b) Redistributions are accompanied by a copy of the Source Code
+ * or by an irrevocable offer to provide a copy of the Source Code
+ * for up to three years at the cost of materials and delivery.
+ * Such redistributions must allow further use, modification, and
+ * redistribution of the Source Code under substantially the same
+ * terms as this license.
+ *
+ * 2. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 3. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 4. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by Bodo Moeller."
+ * (If available, substitute umlauted o for oe.)
+ *
+ * 5. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by Bodo Moeller."
+ *
+ * THIS SOFTWARE IS PROVIDED BY BODO MOELLER ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BODO MOELLER OR
+ * HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*-
+ * Attribution for OpenSSL library:
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ * This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)
+ */
+
+static char const rcsid[] =
+ "$Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $";
+
+#include <assert.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/utsname.h>
+#include <unistd.h>
+
+#include <openssl/crypto.h>
+#include <openssl/dh.h>
+#include <openssl/dsa.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/opensslv.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#ifndef NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/ssl.h>
+#include <openssl/x509.h>
+#include <openssl/x509_vfy.h>
+
+#if OPENSSL_VERSION_NUMBER < 0x00904000L /* 0.9.4-dev */
+# error "This program needs OpenSSL 0.9.4 or later."
+#endif
+
+#include "easy-tls.h" /* include after <openssl/ssl.h> if both are
+ * needed */
+
+#if TLS_INFO_SIZE > PIPE_BUF
+# if PIPE_BUF < 512
+# error "PIPE_BUF < 512" /* non-POSIX */
+# endif
+# error "TLS_INFO_SIZE > PIPE_BUF"
+#endif
+
+/*****************************************************************************/
+
+#ifdef TLS_APP
+# include TLS_APP
+#endif
+
+/*-
+ * Applications can define:
+ * TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg)
+ * TLS_CUMULATE_ERRORS
+ * TLS_ERROR_BUFSIZ
+ * TLS_APP_ERRFLUSH -- void ...(int child_p, char *, size_t, void *apparg)
+ */
+
+#ifndef TLS_APP_PROCESS_INIT
+# define TLS_APP_PROCESS_INIT(fd, client_p, apparg) ((void) 0)
+#endif
+
+#ifndef TLS_ERROR_BUFSIZ
+# define TLS_ERROR_BUFSIZ (10*160)
+#endif
+#if TLS_ERROR_BUFSIZ < 2 /* {'\n',0} */
+# error "TLS_ERROR_BUFSIZE is too small."
+#endif
+
+#ifndef TLS_APP_ERRFLUSH
+# define TLS_APP_ERRFLUSH tls_app_errflush
+static void
+tls_app_errflush(int child_p, char *errbuf, size_t num, void *apparg)
+{
+ fputs(errbuf, stderr);
+}
+#endif
+
+/*****************************************************************************/
+
+#ifdef DEBUG_TLS
+# define DEBUG_MSG(x) fprintf(stderr," %s\n",x)
+# define DEBUG_MSG2(x,y) fprintf(stderr, " %s: %d\n",x,y)
+static int tls_loop_count = 0;
+static int tls_select_count = 0;
+#else
+# define DEBUG_MSG(x) (void)0
+# define DEBUG_MSG2(x,y) (void)0
+#endif
+
+static void tls_rand_seed_uniquely(void);
+static void tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx,
+ int client_p);
+static int tls_socket_nonblocking(int fd);
+
+static int tls_child_p = 0;
+static void *tls_child_apparg;
+
+struct tls_start_proxy_args tls_start_proxy_defaultargs(void)
+{
+ struct tls_start_proxy_args ret;
+
+ ret.fd = -1;
+ ret.client_p = -1;
+ ret.ctx = NULL;
+ ret.pid = NULL;
+ ret.infofd = NULL;
+
+ return ret;
+}
+
+/*-
+ * Slice in TLS proxy process at fd.
+ * Return value:
+ * 0 ok (*pid is set to child's PID if pid != NULL),
+ * < 0 look at errno
+ * > 0 other error
+ * (return value encodes place of error)
+ *
+ */
+int tls_start_proxy(struct tls_start_proxy_args a, void *apparg)
+{
+ int fds[2] = { -1, -1 };
+ int infofds[2] = { -1, -1 };
+ int r, getfd, getfl;
+ int ret;
+
+ DEBUG_MSG2("tls_start_proxy fd", a.fd);
+ DEBUG_MSG2("tls_start_proxy client_p", a.client_p);
+
+ if (a.fd == -1 || a.client_p == -1 || a.ctx == NULL)
+ return 1;
+
+ if (a.pid != NULL) {
+ *a.pid = 0;
+ }
+ if (a.infofd != NULL) {
+ *a.infofd = -1;
+ }
+
+ r = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
+ if (r == -1)
+ return -1;
+ if (a.fd >= FD_SETSIZE || fds[0] >= FD_SETSIZE) {
+ ret = 2;
+ goto err;
+ }
+ if (a.infofd != NULL) {
+ r = pipe(infofds);
+ if (r == -1) {
+ ret = -3;
+ goto err;
+ }
+ }
+
+ r = fork();
+ if (r == -1) {
+ ret = -4;
+ goto err;
+ }
+ if (r == 0) {
+ DEBUG_MSG("fork");
+ tls_child_p = 1;
+ tls_child_apparg = apparg;
+ close(fds[1]);
+ if (infofds[0] != -1)
+ close(infofds[0]);
+ TLS_APP_PROCESS_INIT(a.fd, a.client_p, apparg);
+ DEBUG_MSG("TLS_APP_PROCESS_INIT");
+ tls_proxy(fds[0], a.fd, infofds[1], a.ctx, a.client_p);
+ exit(0);
+ }
+ if (a.pid != NULL)
+ *a.pid = r;
+ if (infofds[1] != -1) {
+ close(infofds[1]);
+ infofds[1] = -1;
+ }
+ /* install fds[1] in place of fd: */
+ close(fds[0]);
+ fds[0] = -1;
+ getfd = fcntl(a.fd, F_GETFD);
+ getfl = fcntl(a.fd, F_GETFL);
+ r = dup2(fds[1], a.fd);
+ close(fds[1]);
+ fds[1] = -1;
+ if (r == -1) {
+ ret = -5;
+ goto err;
+ }
+ if (getfd != 1)
+ fcntl(a.fd, F_SETFD, getfd);
+ if (getfl & O_NONBLOCK)
+ (void)tls_socket_nonblocking(a.fd);
+ if (a.infofd != NULL)
+ *a.infofd = infofds[0];
+ return 0;
+
+ err:
+ if (fds[0] != -1)
+ close(fds[0]);
+ if (fds[1] != -1)
+ close(fds[1]);
+ if (infofds[0] != -1)
+ close(infofds[0]);
+ if (infofds[1] != -1)
+ close(infofds[1]);
+ return ret;
+}
+
+/*****************************************************************************/
+
+static char errbuf[TLS_ERROR_BUFSIZ];
+static size_t errbuf_i = 0;
+
+static void tls_errflush(void *apparg)
+{
+ if (errbuf_i == 0)
+ return;
+
+ assert(errbuf_i < sizeof errbuf);
+ assert(errbuf[errbuf_i] == 0);
+ if (errbuf_i == sizeof errbuf - 1) {
+ /* make sure we have a newline, even if string has been truncated */
+ errbuf[errbuf_i - 1] = '\n';
+ }
+
+ /*
+ * TLS_APP_ERRFLUSH may modify the string as needed, e.g. substitute
+ * other characters for \n for convenience
+ */
+ TLS_APP_ERRFLUSH(tls_child_p, errbuf, errbuf_i, apparg);
+
+ errbuf_i = 0;
+}
+
+static void tls_errprintf(int flush, void *apparg, const char *fmt, ...)
+{
+ va_list args;
+ int r;
+
+ if (errbuf_i < sizeof errbuf - 1) {
+ size_t n;
+
+ va_start(args, fmt);
+ n = (sizeof errbuf) - errbuf_i;
+ r = vsnprintf(errbuf + errbuf_i, n, fmt, args);
+ if (r >= n)
+ r = n - 1;
+ if (r >= 0) {
+ errbuf_i += r;
+ } else {
+ errbuf_i = sizeof errbuf - 1;
+ errbuf[errbuf_i] = '\0';
+ }
+ assert(errbuf_i < sizeof errbuf);
+ assert(errbuf[errbuf_i] == 0);
+ }
+#ifndef TLS_CUMULATE_ERRORS
+ tls_errflush(apparg);
+#else
+ if (flush)
+ tls_errflush(apparg);
+#endif
+}
+
+/*
+ * app_prefix.. are for additional information provided by caller. If OpenSSL
+ * error queue is empty, print default_text ("???" if NULL).
+ */
+static char *tls_openssl_errors(const char *app_prefix_1,
+ const char *app_prefix_2,
+ const char *default_text, void *apparg)
+{
+ static char reasons[255];
+ size_t reasons_i;
+ unsigned long err;
+ const char *file;
+ int line;
+ const char *data;
+ int flags;
+ char *errstring;
+ int printed_something = 0;
+
+ reasons_i = 0;
+
+ assert(app_prefix_1 != NULL);
+ assert(app_prefix_2 != NULL);
+
+ if (default_text == NULL)
+ default_text = "?" "?" "?";
+
+ while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
+ if (reasons_i < sizeof reasons) {
+ size_t n;
+ int r;
+
+ n = (sizeof reasons) - reasons_i;
+ r = snprintf(reasons + reasons_i, n, "%s%s",
+ (reasons_i > 0 ? ", " : ""),
+ ERR_reason_error_string(err));
+ if (r >= n)
+ r = n - 1;
+ if (r >= 0) {
+ reasons_i += r;
+ } else {
+ reasons_i = sizeof reasons;
+ }
+ assert(reasons_i <= sizeof reasons);
+ }
+
+ errstring = ERR_error_string(err, NULL);
+ assert(errstring != NULL);
+ tls_errprintf(0, apparg, "OpenSSL error%s%s: %s:%s:%d:%s\n",
+ app_prefix_1, app_prefix_2, errstring, file, line,
+ (flags & ERR_TXT_STRING) ? data : "");
+ printed_something = 1;
+ }
+
+ if (!printed_something) {
+ assert(reasons_i == 0);
+ snprintf(reasons, sizeof reasons, "%s", default_text);
+ tls_errprintf(0, apparg, "OpenSSL error%s%s: %s\n", app_prefix_1,
+ app_prefix_2, default_text);
+ }
+#ifdef TLS_CUMULATE_ERRORS
+ tls_errflush(apparg);
+#endif
+ assert(errbuf_i == 0);
+
+ return reasons;
+}
+
+/*****************************************************************************/
+
+static int tls_init_done = 0;
+
+static int tls_init(void *apparg)
+{
+ if (tls_init_done)
+ return 0;
+
+ SSL_load_error_strings();
+ if (!SSL_library_init() /* aka SSLeay_add_ssl_algorithms() */ ) {
+ tls_errprintf(1, apparg, "SSL_library_init failed.\n");
+ return -1;
+ }
+ tls_init_done = 1;
+ tls_rand_seed();
+ return 0;
+}
+
+/*****************************************************************************/
+
+static void tls_rand_seed_uniquely(void)
+{
+ struct {
+ pid_t pid;
+ time_t time;
+ void *stack;
+ } data;
+
+ data.pid = getpid();
+ data.time = time(NULL);
+ data.stack = (void *)&data;
+
+ RAND_seed((const void *)&data, sizeof data);
+}
+
+void tls_rand_seed(void)
+{
+ struct {
+ struct utsname uname;
+ int uname_1;
+ int uname_2;
+ uid_t uid;
+ uid_t euid;
+ gid_t gid;
+ gid_t egid;
+ } data;
+
+ data.uname_1 = uname(&data.uname);
+ data.uname_2 = errno; /* Let's hope that uname fails randomly :-) */
+
+ data.uid = getuid();
+ data.euid = geteuid();
+ data.gid = getgid();
+ data.egid = getegid();
+
+ RAND_seed((const void *)&data, sizeof data);
+ tls_rand_seed_uniquely();
+}
+
+static int tls_rand_seeded_p = 0;
+
+#define my_MIN_SEED_BYTES 256 /* struct stat can be larger than 128 */
+int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg)
+{
+ /*
+ * Seed OpenSSL's random number generator from file. Try to read n bytes
+ * if n > 0, whole file if n == 0.
+ */
+
+ int r;
+
+ if (tls_init(apparg) == -1)
+ return -1;
+ tls_rand_seed();
+
+ r = RAND_load_file(filename,
+ (n > 0 && n < LONG_MAX) ? (long)n : LONG_MAX);
+ /*
+ * r is the number of bytes filled into the random number generator,
+ * which are taken from "stat(filename, ...)" in addition to the file
+ * contents.
+ */
+ assert(1 < my_MIN_SEED_BYTES);
+ /*
+ * We need to detect at least those cases when the file does not exist at
+ * all. With current versions of OpenSSL, this should do it:
+ */
+ if (n == 0)
+ n = my_MIN_SEED_BYTES;
+ if (r < n) {
+ tls_errprintf(1, apparg,
+ "rand_seed_from_file: could not read %d bytes from %s.\n",
+ n, filename);
+ return -1;
+ } else {
+ tls_rand_seeded_p = 1;
+ return 0;
+ }
+}
+
+void tls_rand_seed_from_memory(const void *buf, size_t n)
+{
+ size_t i = 0;
+
+ while (i < n) {
+ size_t rest = n - i;
+ int chunk = rest < INT_MAX ? (int)rest : INT_MAX;
+ RAND_seed((const char *)buf + i, chunk);
+ i += chunk;
+ }
+ tls_rand_seeded_p = 1;
+}
+
+/*****************************************************************************/
+
+struct tls_x509_name_string {
+ char str[100];
+};
+
+static void
+tls_get_x509_subject_name_oneline(X509 *cert,
+ struct tls_x509_name_string *namestring)
+{
+ X509_NAME *name;
+
+ if (cert == NULL) {
+ namestring->str[0] = '\0';
+ return;
+ }
+
+ name = X509_get_subject_name(cert); /* does not increment any reference
+ * counter */
+
+ assert(sizeof namestring->str >= 4); /* "?" or "...", plus 0 */
+
+ if (name == NULL) {
+ namestring->str[0] = '?';
+ namestring->str[1] = 0;
+ } else {
+ size_t len;
+
+ X509_NAME_oneline(name, namestring->str, sizeof namestring->str);
+ len = strlen(namestring->str);
+ assert(namestring->str[len] == 0);
+ assert(len < sizeof namestring->str);
+
+ if (len + 1 == sizeof namestring->str) {
+ /*
+ * (Probably something was cut off.) Does not really work --
+ * X509_NAME_oneline truncates after name components, we cannot
+ * tell from the result whether anything is missing.
+ */
+
+ assert(namestring->str[len] == 0);
+ namestring->str[--len] = '.';
+ namestring->str[--len] = '.';
+ namestring->str[--len] = '.';
+ }
+ }
+}
+
+/*****************************************************************************/
+
+/* to hinder OpenSSL from asking for passphrases */
+static int no_passphrase_callback(char *buf, int num, int w, void *arg)
+{
+ return -1;
+}
+
+#if OPENSSL_VERSION_NUMBER >= 0x00907000L
+static int verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg)
+#else
+static int verify_dont_fail_cb(X509_STORE_CTX *c)
+#endif
+{
+ int i;
+
+ i = X509_verify_cert(c); /* sets c->error */
+#if OPENSSL_VERSION_NUMBER >= 0x00905000L /* don't allow unverified
+ * certificates -- they could
+ * survive session reuse, but
+ * OpenSSL < 0.9.5-dev does not
+ * preserve their verify_result */
+ if (i == 0)
+ return 1;
+ else
+#endif
+ return i;
+}
+
+static DH *tls_dhe1024 = NULL; /* generating these takes a while, so do it
+ * just once */
+
+void tls_set_dhe1024(int i, void *apparg)
+{
+ DSA *dsaparams;
+ DH *dhparams;
+ const char *seed[] = { ";-) :-( :-) :-( ",
+ ";-) :-( :-) :-( ",
+ "Random String no. 12",
+ ";-) :-( :-) :-( ",
+ "hackers have even mo", /* from jargon file */
+ };
+ unsigned char seedbuf[20];
+
+ tls_init(apparg);
+ if (i >= 0) {
+ i %= sizeof seed / sizeof seed[0];
+ assert(strlen(seed[i]) == 20);
+ memcpy(seedbuf, seed[i], 20);
+ dsaparams =
+ DSA_generate_parameters(1024, seedbuf, 20, NULL, NULL, 0, NULL);
+ } else {
+ /* random parameters (may take a while) */
+ dsaparams =
+ DSA_generate_parameters(1024, NULL, 0, NULL, NULL, 0, NULL);
+ }
+
+ if (dsaparams == NULL) {
+ tls_openssl_errors("", "", NULL, apparg);
+ return;
+ }
+ dhparams = DSA_dup_DH(dsaparams);
+ DSA_free(dsaparams);
+ if (dhparams == NULL) {
+ tls_openssl_errors("", "", NULL, apparg);
+ return;
+ }
+ if (tls_dhe1024 != NULL)
+ DH_free(tls_dhe1024);
+ tls_dhe1024 = dhparams;
+}
+
+struct tls_create_ctx_args tls_create_ctx_defaultargs(void)
+{
+ struct tls_create_ctx_args ret;
+
+ ret.client_p = 0;
+ ret.certificate_file = NULL;
+ ret.key_file = NULL;
+ ret.ca_file = NULL;
+ ret.verify_depth = -1;
+ ret.fail_unless_verified = 0;
+ ret.export_p = 0;
+
+ return ret;
+}
+
+SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
+{
+ int r;
+ static long context_num = 0;
+ SSL_CTX *ret;
+ const char *err_pref_1 = "", *err_pref_2 = "";
+
+ if (tls_init(apparg) == -1)
+ return NULL;
+
+ ret =
+ SSL_CTX_new((a.client_p ? SSLv23_client_method :
+ SSLv23_server_method) ());
+
+ if (ret == NULL)
+ goto err;
+
+ SSL_CTX_set_default_passwd_cb(ret, no_passphrase_callback);
+ SSL_CTX_set_mode(ret, SSL_MODE_ENABLE_PARTIAL_WRITE);
+
+ if ((a.certificate_file != NULL) || (a.key_file != NULL)) {
+ if (a.key_file == NULL) {
+ tls_errprintf(1, apparg, "Need a key file.\n");
+ goto err_return;
+ }
+ if (a.certificate_file == NULL) {
+ tls_errprintf(1, apparg, "Need a certificate chain file.\n");
+ goto err_return;
+ }
+
+ if (!SSL_CTX_use_PrivateKey_file(ret, a.key_file, SSL_FILETYPE_PEM))
+ goto err;
+ if (!tls_rand_seeded_p) {
+ /*
+ * particularly paranoid people may not like this -- so provide
+ * your own random seeding before calling this
+ */
+ if (tls_rand_seed_from_file(a.key_file, 0, apparg) == -1)
+ goto err_return;
+ }
+ if (!SSL_CTX_use_certificate_chain_file(ret, a.certificate_file))
+ goto err;
+ if (!SSL_CTX_check_private_key(ret)) {
+ tls_errprintf(1, apparg,
+ "Private key \"%s\" does not match certificate \"%s\".\n",
+ a.key_file, a.certificate_file);
+ goto err_peek;
+ }
+ }
+
+ if ((a.ca_file != NULL) || (a.verify_depth > 0)) {
+ context_num++;
+ r = SSL_CTX_set_session_id_context(ret, (const void *)&context_num,
+ (unsigned int)sizeof context_num);
+ if (!r)
+ goto err;
+
+ SSL_CTX_set_verify(ret,
+ SSL_VERIFY_PEER | (a.fail_unless_verified ?
+ SSL_VERIFY_FAIL_IF_NO_PEER_CERT
+ : 0), 0);
+ if (!a.fail_unless_verified)
+ SSL_CTX_set_cert_verify_callback(ret, verify_dont_fail_cb, NULL);
+
+ if (a.verify_depth > 0)
+ SSL_CTX_set_verify_depth(ret, a.verify_depth);
+
+ if (a.ca_file != NULL) {
+ /* does not report failure if file does not exist ... */
+ /* NULL argument means no CA-directory */
+ r = SSL_CTX_load_verify_locations(ret, a.ca_file, NULL);
+ if (!r) {
+ err_pref_1 = " while processing certificate file ";
+ err_pref_2 = a.ca_file;
+ goto err;
+ }
+
+ if (!a.client_p) {
+ /*
+ * SSL_load_client_CA_file is a misnomer, it just creates a
+ * list of CNs.
+ */
+ SSL_CTX_set_client_CA_list(ret,
+ SSL_load_client_CA_file
+ (a.ca_file));
+ /*
+ * SSL_CTX_set_client_CA_list does not have a return value;
+ * it does not really need one, but make sure (we really test
+ * if SSL_load_client_CA_file worked)
+ */
+ if (SSL_CTX_get_client_CA_list(ret) == NULL) {
+ tls_errprintf(1, apparg,
+ "Could not set client CA list from \"%s\".\n",
+ a.ca_file);
+ goto err_peek;
+ }
+ }
+ }
+ }
+
+ if (!a.client_p) {
+ if (tls_dhe1024 == NULL) {
+ int i;
+
+ if (RAND_bytes((unsigned char *)&i, sizeof i) <= 0)
+ goto err_return;
+ /*
+ * make sure that i is non-negative -- pick one of the provided
+ * seeds
+ */
+ if (i < 0)
+ i = -i;
+ if (i < 0)
+ i = 0;
+ tls_set_dhe1024(i, apparg);
+ if (tls_dhe1024 == NULL)
+ goto err_return;
+ }
+
+ if (!SSL_CTX_set_tmp_dh(ret, tls_dhe1024))
+ goto err;
+
+ /* avoid small subgroup attacks: */
+ SSL_CTX_set_options(ret, SSL_OP_SINGLE_DH_USE);
+ }
+#ifndef NO_RSA
+ if (!a.client_p && a.export_p) {
+ RSA *tmpkey;
+
+ tmpkey = RSA_generate_key(512, RSA_F4, 0, NULL);
+ if (tmpkey == NULL)
+ goto err;
+ if (!SSL_CTX_set_tmp_rsa(ret, tmpkey)) {
+ RSA_free(tmpkey);
+ goto err;
+ }
+ RSA_free(tmpkey); /* SSL_CTX_set_tmp_rsa uses a duplicate. */
+ }
+#endif
+
+ return ret;
+
+ err_peek:
+ if (!ERR_peek_error())
+ goto err_return;
+ err:
+ tls_openssl_errors(err_pref_1, err_pref_2, NULL, apparg);
+ err_return:
+ if (ret != NULL)
+ SSL_CTX_free(ret);
+ return NULL;
+}
+
+/*****************************************************************************/
+
+static int tls_socket_nonblocking(int fd)
+{
+ int v, r;
+
+ v = fcntl(fd, F_GETFL, 0);
+ if (v == -1) {
+ if (errno == EINVAL)
+ return 0; /* already shut down -- ignore */
+ return -1;
+ }
+ r = fcntl(fd, F_SETFL, v | O_NONBLOCK);
+ if (r == -1) {
+ if (errno == EINVAL)
+ return 0; /* already shut down -- ignore */
+ return -1;
+ }
+ return 0;
+}
+
+static int max(int a, int b)
+{
+ return a > b ? a : b;
+}
+
+/* timeout, -1 means no timeout */
+static void
+tls_sockets_select(int read_select_1, int read_select_2, int write_select_1,
+ int write_select_2, int seconds)
+{
+ int maxfd, n;
+ fd_set reads, writes;
+ struct timeval timeout;
+ struct timeval *timeout_p;
+
+ assert(read_select_1 >= -1 && read_select_2 >= -1 && write_select_1 >= -1
+ && write_select_2 >= -1);
+ assert(read_select_1 < FD_SETSIZE && read_select_2 < FD_SETSIZE - 1
+ && write_select_1 < FD_SETSIZE - 1
+ && write_select_2 < FD_SETSIZE - 1);
+
+ maxfd =
+ max(max(read_select_1, read_select_2),
+ max(write_select_1, write_select_2));
+ assert(maxfd >= 0);
+
+ FD_ZERO(&reads);
+ FD_ZERO(&writes);
+
+ for (n = 0; n < 4; ++n) {
+ int i = n % 2;
+ int w = n >= 2;
+ /* loop over all (i, w) in {0,1}x{0,1} */
+ int fd;
+
+ if (i == 0 && w == 0)
+ fd = read_select_1;
+ else if (i == 1 && w == 0)
+ fd = read_select_2;
+ else if (i == 0 && w == 1)
+ fd = write_select_1;
+ else {
+ assert(i == 1 && w == 1);
+ fd = write_select_2;
+ }
+
+ if (fd >= 0) {
+ if (w == 0)
+ FD_SET(fd, &reads);
+ else /* w == 1 */
+ FD_SET(fd, &writes);
+ }
+ }
+
+ if (seconds >= 0) {
+ timeout.tv_sec = seconds;
+ timeout.tv_usec = 0;
+ timeout_p = &timeout;
+ } else
+ timeout_p = NULL;
+
+ DEBUG_MSG2("select no.", ++tls_select_count);
+ select(maxfd + 1, &reads, &writes, (fd_set *) NULL, timeout_p);
+ DEBUG_MSG("cont.");
+}
+
+/*****************************************************************************/
+
+#define TUNNELBUFSIZE (16*1024)
+struct tunnelbuf {
+ char buf[TUNNELBUFSIZE];
+ size_t len;
+ size_t offset;
+};
+
+static int tls_connect_attempt(SSL *, int *write_select, int *read_select,
+ int *closed, int *progress,
+ const char **err_pref);
+
+static int tls_accept_attempt(SSL *, int *write_select, int *read_select,
+ int *closed, int *progress,
+ const char **err_pref);
+
+static int tls_write_attempt(SSL *, struct tunnelbuf *, int *write_select,
+ int *read_select, int *closed, int *progress,
+ const char **err_pref);
+
+static int tls_read_attempt(SSL *, struct tunnelbuf *, int *write_select,
+ int *read_select, int *closed, int *progress,
+ const char **err_pref);
+
+static int write_attempt(int fd, struct tunnelbuf *, int *select, int *closed,
+ int *progress);
+
+static int read_attempt(int fd, struct tunnelbuf *, int *select, int *closed,
+ int *progress);
+
+static void write_info(SSL *ssl, int *info_fd)
+{
+ if (*info_fd != -1) {
+ long v;
+ int v_ok;
+ struct tls_x509_name_string peer;
+ char infobuf[TLS_INFO_SIZE];
+ int r;
+
+ DEBUG_MSG("write_info");
+ v = SSL_get_verify_result(ssl);
+ v_ok = (v == X509_V_OK) ? 'A' : 'E'; /* Auth./Error */
+ {
+ X509 *peercert;
+
+ peercert = SSL_get_peer_certificate(ssl);
+ tls_get_x509_subject_name_oneline(peercert, &peer);
+ if (peercert != NULL)
+ X509_free(peercert);
+ }
+ if (peer.str[0] == '\0')
+ v_ok = '0'; /* no cert at all */
+ else if (strchr(peer.str, '\n')) {
+ /* should not happen, but make sure */
+ *strchr(peer.str, '\n') = '\0';
+ }
+ r = snprintf(infobuf, sizeof infobuf, "%c:%s\n%s\n", v_ok,
+ X509_verify_cert_error_string(v), peer.str);
+ DEBUG_MSG2("snprintf", r);
+ if (r == -1 || r >= sizeof infobuf)
+ r = sizeof infobuf - 1;
+ write(*info_fd, infobuf, r);
+ close(*info_fd);
+ *info_fd = -1;
+ }
+}
+
+/* tls_proxy expects that all fds are closed after return */
+static void
+tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
+{
+ struct tunnelbuf clear_to_tls, tls_to_clear;
+ SSL *ssl;
+ BIO *rbio, *wbio;
+ int closed, in_handshake;
+ const char *err_pref_1 = "", *err_pref_2 = "";
+ const char *err_def = NULL;
+
+ assert(clear_fd != -1);
+ assert(tls_fd != -1);
+ assert(clear_fd < FD_SETSIZE);
+ assert(tls_fd < FD_SETSIZE);
+ /* info_fd may be -1 */
+ assert(ctx != NULL);
+
+ tls_rand_seed_uniquely();
+
+ tls_socket_nonblocking(clear_fd);
+ DEBUG_MSG2("clear_fd", clear_fd);
+ tls_socket_nonblocking(tls_fd);
+ DEBUG_MSG2("tls_fd", tls_fd);
+
+ ssl = SSL_new(ctx);
+ if (ssl == NULL)
+ goto err;
+ DEBUG_MSG("SSL_new");
+ if (!SSL_set_fd(ssl, tls_fd))
+ goto err;
+ rbio = SSL_get_rbio(ssl);
+ wbio = SSL_get_wbio(ssl); /* should be the same, but who cares */
+ assert(rbio != NULL);
+ assert(wbio != NULL);
+ if (client_p)
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+
+ closed = 0;
+ in_handshake = 1;
+ tls_to_clear.len = 0;
+ tls_to_clear.offset = 0;
+ clear_to_tls.len = 0;
+ clear_to_tls.offset = 0;
+
+ err_def = "I/O error";
+
+ /*
+ * loop finishes as soon as we detect that one side closed; when all
+ * (program and OS) buffers have enough space, the data from the last
+ * succesful read in each direction is transferred before close
+ */
+ do {
+ int clear_read_select = 0, clear_write_select = 0,
+ tls_read_select = 0, tls_write_select = 0, progress = 0;
+ int r;
+ unsigned long num_read = BIO_number_read(rbio),
+ num_written = BIO_number_written(wbio);
+
+ DEBUG_MSG2("loop iteration", ++tls_loop_count);
+
+ if (in_handshake) {
+ DEBUG_MSG("in_handshake");
+ if (client_p)
+ r = tls_connect_attempt(ssl, &tls_write_select,
+ &tls_read_select, &closed, &progress,
+ &err_pref_1);
+ else
+ r = tls_accept_attempt(ssl, &tls_write_select,
+ &tls_read_select, &closed, &progress,
+ &err_pref_1);
+ if (r != 0) {
+ write_info(ssl, &info_fd);
+ goto err;
+ }
+ if (closed)
+ goto err_return;
+ if (!SSL_in_init(ssl)) {
+ in_handshake = 0;
+ write_info(ssl, &info_fd);
+ }
+ }
+
+ if (clear_to_tls.len != 0 && !in_handshake) {
+ assert(!closed);
+
+ r = tls_write_attempt(ssl, &clear_to_tls, &tls_write_select,
+ &tls_read_select, &closed, &progress,
+ &err_pref_1);
+ if (r != 0)
+ goto err;
+ if (closed) {
+ assert(progress);
+ tls_to_clear.offset = 0;
+ tls_to_clear.len = 0;
+ }
+ }
+
+ if (tls_to_clear.len != 0) {
+ assert(!closed);
+
+ r = write_attempt(clear_fd, &tls_to_clear, &clear_write_select,
+ &closed, &progress);
+ if (r != 0)
+ goto err_return;
+ if (closed) {
+ assert(progress);
+ clear_to_tls.offset = 0;
+ clear_to_tls.len = 0;
+ }
+ }
+
+ if (!closed) {
+ if (clear_to_tls.offset + clear_to_tls.len <
+ sizeof clear_to_tls.buf) {
+ r = read_attempt(clear_fd, &clear_to_tls, &clear_read_select,
+ &closed, &progress);
+ if (r != 0)
+ goto err_return;
+ if (closed) {
+ r = SSL_shutdown(ssl);
+ DEBUG_MSG2("SSL_shutdown", r);
+ }
+ }
+ }
+
+ if (!closed && !in_handshake) {
+ if (tls_to_clear.offset + tls_to_clear.len <
+ sizeof tls_to_clear.buf) {
+ r = tls_read_attempt(ssl, &tls_to_clear, &tls_write_select,
+ &tls_read_select, &closed, &progress,
+ &err_pref_1);
+ if (r != 0)
+ goto err;
+ if (closed) {
+ r = SSL_shutdown(ssl);
+ DEBUG_MSG2("SSL_shutdown", r);
+ }
+ }
+ }
+
+ if (!progress) {
+ DEBUG_MSG("!progress?");
+ if (num_read != BIO_number_read(rbio)
+ || num_written != BIO_number_written(wbio))
+ progress = 1;
+
+ if (!progress) {
+ DEBUG_MSG("!progress");
+ assert(clear_read_select || tls_read_select
+ || clear_write_select || tls_write_select);
+ tls_sockets_select(clear_read_select ? clear_fd : -1,
+ tls_read_select ? tls_fd : -1,
+ clear_write_select ? clear_fd : -1,
+ tls_write_select ? tls_fd : -1, -1);
+ }
+ }
+ } while (!closed);
+ return;
+
+ err:
+ tls_openssl_errors(err_pref_1, err_pref_2, err_def, tls_child_apparg);
+ err_return:
+ return;
+}
+
+static int
+tls_get_error(SSL *ssl, int r, int *write_select, int *read_select,
+ int *closed, int *progress)
+{
+ int err = SSL_get_error(ssl, r);
+
+ if (err == SSL_ERROR_NONE) {
+ assert(r > 0);
+ *progress = 1;
+ return 0;
+ }
+
+ assert(r <= 0);
+
+ switch (err) {
+ case SSL_ERROR_ZERO_RETURN:
+ assert(r == 0);
+ *closed = 1;
+ *progress = 1;
+ return 0;
+
+ case SSL_ERROR_WANT_WRITE:
+ *write_select = 1;
+ return 0;
+
+ case SSL_ERROR_WANT_READ:
+ *read_select = 1;
+ return 0;
+ }
+
+ return -1;
+}
+
+static int
+tls_connect_attempt(SSL *ssl, int *write_select, int *read_select,
+ int *closed, int *progress, const char **err_pref)
+{
+ int n, r;
+
+ DEBUG_MSG("tls_connect_attempt");
+ n = SSL_connect(ssl);
+ DEBUG_MSG2("SSL_connect", n);
+ r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+ if (r == -1)
+ *err_pref = " during SSL_connect";
+ return r;
+}
+
+static int
+tls_accept_attempt(SSL *ssl, int *write_select, int *read_select, int *closed,
+ int *progress, const char **err_pref)
+{
+ int n, r;
+
+ DEBUG_MSG("tls_accept_attempt");
+ n = SSL_accept(ssl);
+ DEBUG_MSG2("SSL_accept", n);
+ r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+ if (r == -1)
+ *err_pref = " during SSL_accept";
+ return r;
+}
+
+static int
+tls_write_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
+ int *read_select, int *closed, int *progress,
+ const char **err_pref)
+{
+ int n, r;
+
+ DEBUG_MSG("tls_write_attempt");
+ n = SSL_write(ssl, buf->buf + buf->offset, buf->len);
+ DEBUG_MSG2("SSL_write", n);
+ r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+ if (n > 0) {
+ buf->len -= n;
+ assert(buf->len >= 0);
+ if (buf->len == 0)
+ buf->offset = 0;
+ else
+ buf->offset += n;
+ }
+ if (r == -1)
+ *err_pref = " during SSL_write";
+ return r;
+}
+
+static int
+tls_read_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
+ int *read_select, int *closed, int *progress,
+ const char **err_pref)
+{
+ int n, r;
+ size_t total;
+
+ DEBUG_MSG("tls_read_attempt");
+ total = buf->offset + buf->len;
+ assert(total < sizeof buf->buf);
+ n = SSL_read(ssl, buf->buf + total, (sizeof buf->buf) - total);
+ DEBUG_MSG2("SSL_read", n);
+ r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+ if (n > 0) {
+ buf->len += n;
+ assert(buf->offset + buf->len <= sizeof buf->buf);
+ }
+ if (r == -1)
+ *err_pref = " during SSL_read";
+ return r;
+}
+
+static int get_error(int r, int *select, int *closed, int *progress)
+{
+ if (r >= 0) {
+ *progress = 1;
+ if (r == 0)
+ *closed = 1;
+ return 0;
+ } else {
+ assert(r == -1);
+ if (errno == EAGAIN || errno == EWOULDBLOCK) {
+ *select = 1;
+ return 0;
+ } else if (errno == EPIPE) {
+ *progress = 1;
+ *closed = 1;
+ return 0;
+ } else
+ return -1;
+ }
+}
+
+static int write_attempt(int fd, struct tunnelbuf *buf, int *select,
+ int *closed, int *progress)
+{
+ int n, r;
+
+ DEBUG_MSG("write_attempt");
+ n = write(fd, buf->buf + buf->offset, buf->len);
+ DEBUG_MSG2("write", n);
+ r = get_error(n, select, closed, progress);
+ if (n > 0) {
+ buf->len -= n;
+ assert(buf->len >= 0);
+ if (buf->len == 0)
+ buf->offset = 0;
+ else
+ buf->offset += n;
+ }
+ if (r == -1)
+ tls_errprintf(1, tls_child_apparg, "write error: %s\n",
+ strerror(errno));
+ return r;
+}
+
+static int
+read_attempt(int fd, struct tunnelbuf *buf, int *select, int *closed,
+ int *progress)
+{
+ int n, r;
+ size_t total;
+
+ DEBUG_MSG("read_attempt");
+ total = buf->offset + buf->len;
+ assert(total < sizeof buf->buf);
+ n = read(fd, buf->buf + total, (sizeof buf->buf) - total);
+ DEBUG_MSG2("read", n);
+ r = get_error(n, select, closed, progress);
+ if (n > 0) {
+ buf->len += n;
+ assert(buf->offset + buf->len <= sizeof buf->buf);
+ }
+ if (r == -1)
+ tls_errprintf(1, tls_child_apparg, "read error: %s\n",
+ strerror(errno));
+ return r;
+}
Deleted: vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h
===================================================================
--- vendor-crypto/openssl/dist/demos/easy_tls/easy-tls.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,60 +0,0 @@
-/* -*- Mode: C; c-file-style: "bsd" -*- */
-/*-
- * easy-tls.h -- generic TLS proxy.
- * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $
- */
-/*
- * (c) Copyright 1999 Bodo Moeller. All rights reserved.
- */
-
-#ifndef HEADER_TLS_H
-# define HEADER_TLS_H
-
-# ifndef HEADER_SSL_H
-typedef struct ssl_ctx_st SSL_CTX;
-# endif
-
-# define TLS_INFO_SIZE 512 /* max. # of bytes written to infofd */
-
-void tls_set_dhe1024(int i, void *apparg);
-/*
- * Generate DHE parameters: i >= 0 deterministic (i selects seed), i < 0
- * random (may take a while). tls_create_ctx calls this with random
- * non-negative i if the application has never called it.
- */
-
-void tls_rand_seed(void);
-int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg);
-void tls_rand_seed_from_memory(const void *buf, size_t n);
-
-struct tls_create_ctx_args {
- int client_p;
- const char *certificate_file;
- const char *key_file;
- const char *ca_file;
- int verify_depth;
- int fail_unless_verified;
- int export_p;
-};
-struct tls_create_ctx_args tls_create_ctx_defaultargs(void);
-/*
- * struct tls_create_ctx_args is similar to a conventional argument list, but
- * it can provide default values and allows for future extension.
- */
-SSL_CTX *tls_create_ctx(struct tls_create_ctx_args, void *apparg);
-
-struct tls_start_proxy_args {
- int fd;
- int client_p;
- SSL_CTX *ctx;
- pid_t *pid;
- int *infofd;
-};
-struct tls_start_proxy_args tls_start_proxy_defaultargs(void);
-/*
- * tls_start_proxy return value *MUST* be checked! 0 means ok, otherwise
- * we've probably run out of some resources.
- */
-int tls_start_proxy(struct tls_start_proxy_args, void *apparg);
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h (from rev 11605, vendor-crypto/openssl/dist/demos/easy_tls/easy-tls.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/demos/easy_tls/easy-tls.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,60 @@
+/* */
+/*-
+ * easy-tls.h -- generic TLS proxy.
+ * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $
+ */
+/*
+ * (c) Copyright 1999 Bodo Moeller. All rights reserved.
+ */
+
+#ifndef HEADER_TLS_H
+# define HEADER_TLS_H
+
+# ifndef HEADER_SSL_H
+typedef struct ssl_ctx_st SSL_CTX;
+# endif
+
+# define TLS_INFO_SIZE 512 /* max. # of bytes written to infofd */
+
+void tls_set_dhe1024(int i, void *apparg);
+/*
+ * Generate DHE parameters: i >= 0 deterministic (i selects seed), i < 0
+ * random (may take a while). tls_create_ctx calls this with random
+ * non-negative i if the application has never called it.
+ */
+
+void tls_rand_seed(void);
+int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg);
+void tls_rand_seed_from_memory(const void *buf, size_t n);
+
+struct tls_create_ctx_args {
+ int client_p;
+ const char *certificate_file;
+ const char *key_file;
+ const char *ca_file;
+ int verify_depth;
+ int fail_unless_verified;
+ int export_p;
+};
+struct tls_create_ctx_args tls_create_ctx_defaultargs(void);
+/*
+ * struct tls_create_ctx_args is similar to a conventional argument list, but
+ * it can provide default values and allows for future extension.
+ */
+SSL_CTX *tls_create_ctx(struct tls_create_ctx_args, void *apparg);
+
+struct tls_start_proxy_args {
+ int fd;
+ int client_p;
+ SSL_CTX *ctx;
+ pid_t *pid;
+ int *infofd;
+};
+struct tls_start_proxy_args tls_start_proxy_defaultargs(void);
+/*
+ * tls_start_proxy return value *MUST* be checked! 0 means ok, otherwise
+ * we've probably run out of some resources.
+ */
+int tls_start_proxy(struct tls_start_proxy_args, void *apparg);
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c
===================================================================
--- vendor-crypto/openssl/dist/demos/tunala/tunala.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1183 +0,0 @@
-#if defined(NO_BUFFER) || defined(NO_IP) || defined(NO_OPENSSL)
-# error "Badness, NO_BUFFER, NO_IP or NO_OPENSSL is defined, turn them *off*"
-#endif
-
-/* Include our bits'n'pieces */
-#include "tunala.h"
-
-/********************************************/
-/* Our local types that specify our "world" */
-/********************************************/
-
-/*
- * These represent running "tunnels". Eg. if you wanted to do SSL in a
- * "message-passing" scanario, the "int" file-descriptors might be replaced
- * by thread or process IDs, and the "select" code might be replaced by
- * message handling code. Whatever.
- */
-typedef struct _tunala_item_t {
- /*
- * The underlying SSL state machine. This is a data-only processing unit
- * and we communicate with it by talking to its four "buffers".
- */
- state_machine_t sm;
- /*
- * The file-descriptors for the "dirty" (encrypted) side of the SSL
- * setup. In actuality, this is typically a socket and both values are
- * identical.
- */
- int dirty_read, dirty_send;
- /*
- * The file-descriptors for the "clean" (unencrypted) side of the SSL
- * setup. These could be stdin/stdout, a socket (both values the same),
- * or whatever you like.
- */
- int clean_read, clean_send;
-} tunala_item_t;
-
-/*
- * This structure is used as the data for running the main loop. Namely, in a
- * network format such as this, it is stuff for select() - but as pointed out,
- * when moving the real-world to somewhere else, this might be replaced by
- * something entirely different. It's basically the stuff that controls when
- * it's time to do some "work".
- */
-typedef struct _select_sets_t {
- int max; /* As required as the first argument to
- * select() */
- fd_set reads, sends, excepts; /* As passed to select() */
-} select_sets_t;
-typedef struct _tunala_selector_t {
- select_sets_t last_selected; /* Results of the last select() */
- select_sets_t next_select; /* What we'll next select on */
-} tunala_selector_t;
-
-/*
- * This structure is *everything*. We do it to avoid the use of globals so
- * that, for example, it would be easier to shift things around between
- * async-IO, thread-based, or multi-fork()ed (or combinations thereof).
- */
-typedef struct _tunala_world_t {
- /* The file-descriptor we "listen" on for new connections */
- int listen_fd;
- /* The array of tunnels */
- tunala_item_t *tunnels;
- /* the number of tunnels in use and allocated, respectively */
- unsigned int tunnels_used, tunnels_size;
- /* Our outside "loop" context stuff */
- tunala_selector_t selector;
- /*
- * Our SSL_CTX, which is configured as the SSL client or server and has
- * the various cert-settings and callbacks configured.
- */
- SSL_CTX *ssl_ctx;
- /*
- * Simple flag with complex logic :-) Indicates whether we're an SSL
- * server or an SSL client.
- */
- int server_mode;
-} tunala_world_t;
-
-/*****************************/
-/* Internal static functions */
-/*****************************/
-
-static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
- const char *CAfile, const char *cert,
- const char *key, const char *dcert,
- const char *dkey, const char *cipher_list,
- const char *dh_file,
- const char *dh_special, int tmp_rsa,
- int ctx_options, int out_state,
- int out_verify, int verify_mode,
- unsigned int verify_depth);
-static void selector_init(tunala_selector_t * selector);
-static void selector_add_listener(tunala_selector_t * selector, int fd);
-static void selector_add_tunala(tunala_selector_t * selector,
- tunala_item_t * t);
-static int selector_select(tunala_selector_t * selector);
-/*
- * This returns -1 for error, 0 for no new connections, or 1 for success, in
- * which case *newfd is populated.
- */
-static int selector_get_listener(tunala_selector_t * selector, int fd,
- int *newfd);
-static int tunala_world_new_item(tunala_world_t * world, int fd,
- const char *ip, unsigned short port,
- int flipped);
-static void tunala_world_del_item(tunala_world_t * world, unsigned int idx);
-static int tunala_item_io(tunala_selector_t * selector, tunala_item_t * item);
-
-/*********************************************/
-/* MAIN FUNCTION (and its utility functions) */
-/*********************************************/
-
-static const char *def_proxyhost = "127.0.0.1:443";
-static const char *def_listenhost = "127.0.0.1:8080";
-static int def_max_tunnels = 50;
-static const char *def_cacert = NULL;
-static const char *def_cert = NULL;
-static const char *def_key = NULL;
-static const char *def_dcert = NULL;
-static const char *def_dkey = NULL;
-static const char *def_engine_id = NULL;
-static int def_server_mode = 0;
-static int def_flipped = 0;
-static const char *def_cipher_list = NULL;
-static const char *def_dh_file = NULL;
-static const char *def_dh_special = NULL;
-static int def_tmp_rsa = 1;
-static int def_ctx_options = 0;
-static int def_verify_mode = 0;
-static unsigned int def_verify_depth = 10;
-static int def_out_state = 0;
-static unsigned int def_out_verify = 0;
-static int def_out_totals = 0;
-static int def_out_conns = 0;
-
-static const char *helpstring =
- "\n'Tunala' (A tunneler with a New Zealand accent)\n"
- "Usage: tunala [options], where options are from;\n"
- " -listen [host:]<port> (default = 127.0.0.1:8080)\n"
- " -proxy <host>:<port> (default = 127.0.0.1:443)\n"
- " -maxtunnels <num> (default = 50)\n"
- " -cacert <path|NULL> (default = NULL)\n"
- " -cert <path|NULL> (default = NULL)\n"
- " -key <path|NULL> (default = whatever '-cert' is)\n"
- " -dcert <path|NULL> (usually for DSA, default = NULL)\n"
- " -dkey <path|NULL> (usually for DSA, default = whatever '-dcert' is)\n"
- " -engine <id|NULL> (default = NULL)\n"
- " -server <0|1> (default = 0, ie. an SSL client)\n"
- " -flipped <0|1> (makes SSL servers be network clients, and vice versa)\n"
- " -cipher <list> (specifies cipher list to use)\n"
- " -dh_file <path> (a PEM file containing DH parameters to use)\n"
- " -dh_special <NULL|generate|standard> (see below: def=NULL)\n"
- " -no_tmp_rsa (don't generate temporary RSA keys)\n"
- " -no_ssl2 (disable SSLv2)\n"
- " -no_ssl3 (disable SSLv3)\n"
- " -no_tls1 (disable TLSv1)\n"
- " -v_peer (verify the peer certificate)\n"
- " -v_strict (do not continue if peer doesn't authenticate)\n"
- " -v_once (no verification in renegotiates)\n"
- " -v_depth <num> (limit certificate chain depth, default = 10)\n"
- " -out_conns (prints client connections and disconnections)\n"
- " -out_state (prints SSL handshake states)\n"
- " -out_verify <0|1|2|3> (prints certificate verification states: def=1)\n"
- " -out_totals (prints out byte-totals when a tunnel closes)\n"
- " -<h|help|?> (displays this help screen)\n"
- "Notes:\n"
- "(1) It is recommended to specify a cert+key when operating as an SSL server.\n"
- " If you only specify '-cert', the same file must contain a matching\n"
- " private key.\n"
- "(2) Either dh_file or dh_special can be used to specify where DH parameters\n"
- " will be obtained from (or '-dh_special NULL' for the default choice) but\n"
- " you cannot specify both. For dh_special, 'generate' will create new DH\n"
- " parameters on startup, and 'standard' will use embedded parameters\n"
- " instead.\n"
- "(3) Normally an ssl client connects to an ssl server - so that an 'ssl client\n"
- " tunala' listens for 'clean' client connections and proxies ssl, and an\n"
- " 'ssl server tunala' listens for ssl connections and proxies 'clean'. With\n"
- " '-flipped 1', this behaviour is reversed so that an 'ssl server tunala'\n"
- " listens for clean client connections and proxies ssl (but participating\n"
- " as an ssl *server* in the SSL/TLS protocol), and an 'ssl client tunala'\n"
- " listens for ssl connections (participating as an ssl *client* in the\n"
- " SSL/TLS protocol) and proxies 'clean' to the end destination. This can\n"
- " be useful for allowing network access to 'servers' where only the server\n"
- " needs to authenticate the client (ie. the other way is not required).\n"
- " Even with client and server authentication, this 'technique' mitigates\n"
- " some DoS (denial-of-service) potential as it will be the network client\n"
- " having to perform the first private key operation rather than the other\n"
- " way round.\n"
- "(4) The 'technique' used by setting '-flipped 1' is probably compatible with\n"
- " absolutely nothing except another complimentary instance of 'tunala'\n"
- " running with '-flipped 1'. :-)\n";
-
-/*
- * Default DH parameters for use with "-dh_special standard" ... stolen
- * striaght from s_server.
- */
-static unsigned char dh512_p[] = {
- 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
- 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
- 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
- 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
- 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
- 0x47, 0x74, 0xE8, 0x33,
-};
-
-static unsigned char dh512_g[] = {
- 0x02,
-};
-
-/*
- * And the function that parses the above "standard" parameters, again,
- * straight out of s_server.
- */
-static DH *get_dh512(void)
-{
- DH *dh = NULL;
-
- if ((dh = DH_new()) == NULL)
- return (NULL);
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
- return (NULL);
- return (dh);
-}
-
-/* Various help/error messages used by main() */
-static int usage(const char *errstr, int isunknownarg)
-{
- if (isunknownarg)
- fprintf(stderr, "Error: unknown argument '%s'\n", errstr);
- else
- fprintf(stderr, "Error: %s\n", errstr);
- fprintf(stderr, "%s\n", helpstring);
- return 1;
-}
-
-static int err_str0(const char *str0)
-{
- fprintf(stderr, "%s\n", str0);
- return 1;
-}
-
-static int err_str1(const char *fmt, const char *str1)
-{
- fprintf(stderr, fmt, str1);
- fprintf(stderr, "\n");
- return 1;
-}
-
-static int parse_max_tunnels(const char *s, unsigned int *maxtunnels)
-{
- unsigned long l;
- if (!int_strtoul(s, &l) || (l < 1) || (l > 1024)) {
- fprintf(stderr, "Error, '%s' is an invalid value for "
- "maxtunnels\n", s);
- return 0;
- }
- *maxtunnels = (unsigned int)l;
- return 1;
-}
-
-static int parse_server_mode(const char *s, int *servermode)
-{
- unsigned long l;
- if (!int_strtoul(s, &l) || (l > 1)) {
- fprintf(stderr, "Error, '%s' is an invalid value for the "
- "server mode\n", s);
- return 0;
- }
- *servermode = (int)l;
- return 1;
-}
-
-static int parse_dh_special(const char *s, const char **dh_special)
-{
- if ((strcmp(s, "NULL") == 0) || (strcmp(s, "generate") == 0) ||
- (strcmp(s, "standard") == 0)) {
- *dh_special = s;
- return 1;
- }
- fprintf(stderr, "Error, '%s' is an invalid value for 'dh_special'\n", s);
- return 0;
-}
-
-static int parse_verify_level(const char *s, unsigned int *verify_level)
-{
- unsigned long l;
- if (!int_strtoul(s, &l) || (l > 3)) {
- fprintf(stderr, "Error, '%s' is an invalid value for "
- "out_verify\n", s);
- return 0;
- }
- *verify_level = (unsigned int)l;
- return 1;
-}
-
-static int parse_verify_depth(const char *s, unsigned int *verify_depth)
-{
- unsigned long l;
- if (!int_strtoul(s, &l) || (l < 1) || (l > 50)) {
- fprintf(stderr, "Error, '%s' is an invalid value for "
- "verify_depth\n", s);
- return 0;
- }
- *verify_depth = (unsigned int)l;
- return 1;
-}
-
-/* Some fprintf format strings used when tunnels close */
-static const char *io_stats_dirty =
- " SSL traffic; %8lu bytes in, %8lu bytes out\n";
-static const char *io_stats_clean =
- " clear traffic; %8lu bytes in, %8lu bytes out\n";
-
-int main(int argc, char *argv[])
-{
- unsigned int loop;
- int newfd;
- tunala_world_t world;
- tunala_item_t *t_item;
- const char *proxy_ip;
- unsigned short proxy_port;
- /* Overridables */
- const char *proxyhost = def_proxyhost;
- const char *listenhost = def_listenhost;
- unsigned int max_tunnels = def_max_tunnels;
- const char *cacert = def_cacert;
- const char *cert = def_cert;
- const char *key = def_key;
- const char *dcert = def_dcert;
- const char *dkey = def_dkey;
- const char *engine_id = def_engine_id;
- int server_mode = def_server_mode;
- int flipped = def_flipped;
- const char *cipher_list = def_cipher_list;
- const char *dh_file = def_dh_file;
- const char *dh_special = def_dh_special;
- int tmp_rsa = def_tmp_rsa;
- int ctx_options = def_ctx_options;
- int verify_mode = def_verify_mode;
- unsigned int verify_depth = def_verify_depth;
- int out_state = def_out_state;
- unsigned int out_verify = def_out_verify;
- int out_totals = def_out_totals;
- int out_conns = def_out_conns;
-
-/* Parse command-line arguments */
- next_arg:
- argc--;
- argv++;
- if (argc > 0) {
- if (strcmp(*argv, "-listen") == 0) {
- if (argc < 2)
- return usage("-listen requires an argument", 0);
- argc--;
- argv++;
- listenhost = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-proxy") == 0) {
- if (argc < 2)
- return usage("-proxy requires an argument", 0);
- argc--;
- argv++;
- proxyhost = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-maxtunnels") == 0) {
- if (argc < 2)
- return usage("-maxtunnels requires an argument", 0);
- argc--;
- argv++;
- if (!parse_max_tunnels(*argv, &max_tunnels))
- return 1;
- goto next_arg;
- } else if (strcmp(*argv, "-cacert") == 0) {
- if (argc < 2)
- return usage("-cacert requires an argument", 0);
- argc--;
- argv++;
- if (strcmp(*argv, "NULL") == 0)
- cacert = NULL;
- else
- cacert = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-cert") == 0) {
- if (argc < 2)
- return usage("-cert requires an argument", 0);
- argc--;
- argv++;
- if (strcmp(*argv, "NULL") == 0)
- cert = NULL;
- else
- cert = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-key") == 0) {
- if (argc < 2)
- return usage("-key requires an argument", 0);
- argc--;
- argv++;
- if (strcmp(*argv, "NULL") == 0)
- key = NULL;
- else
- key = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-dcert") == 0) {
- if (argc < 2)
- return usage("-dcert requires an argument", 0);
- argc--;
- argv++;
- if (strcmp(*argv, "NULL") == 0)
- dcert = NULL;
- else
- dcert = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-dkey") == 0) {
- if (argc < 2)
- return usage("-dkey requires an argument", 0);
- argc--;
- argv++;
- if (strcmp(*argv, "NULL") == 0)
- dkey = NULL;
- else
- dkey = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-engine") == 0) {
- if (argc < 2)
- return usage("-engine requires an argument", 0);
- argc--;
- argv++;
- engine_id = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-server") == 0) {
- if (argc < 2)
- return usage("-server requires an argument", 0);
- argc--;
- argv++;
- if (!parse_server_mode(*argv, &server_mode))
- return 1;
- goto next_arg;
- } else if (strcmp(*argv, "-flipped") == 0) {
- if (argc < 2)
- return usage("-flipped requires an argument", 0);
- argc--;
- argv++;
- if (!parse_server_mode(*argv, &flipped))
- return 1;
- goto next_arg;
- } else if (strcmp(*argv, "-cipher") == 0) {
- if (argc < 2)
- return usage("-cipher requires an argument", 0);
- argc--;
- argv++;
- cipher_list = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-dh_file") == 0) {
- if (argc < 2)
- return usage("-dh_file requires an argument", 0);
- if (dh_special)
- return usage("cannot mix -dh_file with " "-dh_special", 0);
- argc--;
- argv++;
- dh_file = *argv;
- goto next_arg;
- } else if (strcmp(*argv, "-dh_special") == 0) {
- if (argc < 2)
- return usage("-dh_special requires an argument", 0);
- if (dh_file)
- return usage("cannot mix -dh_file with " "-dh_special", 0);
- argc--;
- argv++;
- if (!parse_dh_special(*argv, &dh_special))
- return 1;
- goto next_arg;
- } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
- tmp_rsa = 0;
- goto next_arg;
- } else if (strcmp(*argv, "-no_ssl2") == 0) {
- ctx_options |= SSL_OP_NO_SSLv2;
- goto next_arg;
- } else if (strcmp(*argv, "-no_ssl3") == 0) {
- ctx_options |= SSL_OP_NO_SSLv3;
- goto next_arg;
- } else if (strcmp(*argv, "-no_tls1") == 0) {
- ctx_options |= SSL_OP_NO_TLSv1;
- goto next_arg;
- } else if (strcmp(*argv, "-v_peer") == 0) {
- verify_mode |= SSL_VERIFY_PEER;
- goto next_arg;
- } else if (strcmp(*argv, "-v_strict") == 0) {
- verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
- goto next_arg;
- } else if (strcmp(*argv, "-v_once") == 0) {
- verify_mode |= SSL_VERIFY_CLIENT_ONCE;
- goto next_arg;
- } else if (strcmp(*argv, "-v_depth") == 0) {
- if (argc < 2)
- return usage("-v_depth requires an argument", 0);
- argc--;
- argv++;
- if (!parse_verify_depth(*argv, &verify_depth))
- return 1;
- goto next_arg;
- } else if (strcmp(*argv, "-out_state") == 0) {
- out_state = 1;
- goto next_arg;
- } else if (strcmp(*argv, "-out_verify") == 0) {
- if (argc < 2)
- return usage("-out_verify requires an argument", 0);
- argc--;
- argv++;
- if (!parse_verify_level(*argv, &out_verify))
- return 1;
- goto next_arg;
- } else if (strcmp(*argv, "-out_totals") == 0) {
- out_totals = 1;
- goto next_arg;
- } else if (strcmp(*argv, "-out_conns") == 0) {
- out_conns = 1;
- goto next_arg;
- } else if ((strcmp(*argv, "-h") == 0) ||
- (strcmp(*argv, "-help") == 0) ||
- (strcmp(*argv, "-?") == 0)) {
- fprintf(stderr, "%s\n", helpstring);
- return 0;
- } else
- return usage(*argv, 1);
- }
- /* Run any sanity checks we want here */
- if (!cert && !dcert && server_mode)
- fprintf(stderr, "WARNING: you are running an SSL server without "
- "a certificate - this may not work!\n");
-
- /* Initialise network stuff */
- if (!ip_initialise())
- return err_str0("ip_initialise failed");
- /* Create the SSL_CTX */
- if ((world.ssl_ctx = initialise_ssl_ctx(server_mode, engine_id,
- cacert, cert, key, dcert, dkey,
- cipher_list, dh_file, dh_special,
- tmp_rsa, ctx_options, out_state,
- out_verify, verify_mode,
- verify_depth)) == NULL)
- return err_str1("initialise_ssl_ctx(engine_id=%s) failed",
- (engine_id == NULL) ? "NULL" : engine_id);
- if (engine_id)
- fprintf(stderr, "Info, engine '%s' initialised\n", engine_id);
- /* Create the listener */
- if ((world.listen_fd = ip_create_listener(listenhost)) == -1)
- return err_str1("ip_create_listener(%s) failed", listenhost);
- fprintf(stderr, "Info, listening on '%s'\n", listenhost);
- if (!ip_parse_address(proxyhost, &proxy_ip, &proxy_port, 0))
- return err_str1("ip_parse_address(%s) failed", proxyhost);
- fprintf(stderr, "Info, proxying to '%s' (%d.%d.%d.%d:%d)\n", proxyhost,
- (int)proxy_ip[0], (int)proxy_ip[1],
- (int)proxy_ip[2], (int)proxy_ip[3], (int)proxy_port);
- fprintf(stderr, "Info, set maxtunnels to %d\n", (int)max_tunnels);
- fprintf(stderr, "Info, set to operate as an SSL %s\n",
- (server_mode ? "server" : "client"));
- /* Initialise the rest of the stuff */
- world.tunnels_used = world.tunnels_size = 0;
- world.tunnels = NULL;
- world.server_mode = server_mode;
- selector_init(&world.selector);
-
-/* We're ready to loop */
- main_loop:
- /* Should we listen for *new* tunnels? */
- if (world.tunnels_used < max_tunnels)
- selector_add_listener(&world.selector, world.listen_fd);
- /* We should add in our existing tunnels */
- for (loop = 0; loop < world.tunnels_used; loop++)
- selector_add_tunala(&world.selector, world.tunnels + loop);
- /* Now do the select */
- switch (selector_select(&world.selector)) {
- case -1:
- if (errno != EINTR) {
- fprintf(stderr, "selector_select returned a " "badness error.\n");
- goto shouldnt_happen;
- }
- fprintf(stderr, "Warn, selector interrupted by a signal\n");
- goto main_loop;
- case 0:
- fprintf(stderr, "Warn, selector_select returned 0 - signal?" "?\n");
- goto main_loop;
- default:
- break;
- }
- /* Accept new connection if we should and can */
- if ((world.tunnels_used < max_tunnels)
- && (selector_get_listener(&world.selector, world.listen_fd, &newfd) ==
- 1)) {
- /* We have a new connection */
- if (!tunala_world_new_item(&world, newfd, proxy_ip,
- proxy_port, flipped))
- fprintf(stderr, "tunala_world_new_item failed\n");
- else if (out_conns)
- fprintf(stderr, "Info, new tunnel opened, now up to "
- "%d\n", world.tunnels_used);
- }
- /*
- * Give each tunnel its moment, note the while loop is because it makes
- * the logic easier than with "for" to deal with an array that may shift
- * because of deletes.
- */
- loop = 0;
- t_item = world.tunnels;
- while (loop < world.tunnels_used) {
- if (!tunala_item_io(&world.selector, t_item)) {
- /*
- * We're closing whether for reasons of an error or a natural
- * close. Don't increment loop or t_item because the next item is
- * moving to us!
- */
- if (!out_totals)
- goto skip_totals;
- fprintf(stderr, "Tunnel closing, traffic stats follow\n");
- /* Display the encrypted (over the network) stats */
- fprintf(stderr, io_stats_dirty,
- buffer_total_in(state_machine_get_buffer
- (&t_item->sm, SM_DIRTY_IN)),
- buffer_total_out(state_machine_get_buffer
- (&t_item->sm, SM_DIRTY_OUT)));
- /*
- * Display the local (tunnelled) stats. NB: Data we *receive* is
- * data sent *out* of the state_machine on its 'clean' side.
- * Hence the apparent back-to-front OUT/IN mixup here :-)
- */
- fprintf(stderr, io_stats_clean,
- buffer_total_out(state_machine_get_buffer
- (&t_item->sm, SM_CLEAN_OUT)),
- buffer_total_in(state_machine_get_buffer
- (&t_item->sm, SM_CLEAN_IN)));
- skip_totals:
- tunala_world_del_item(&world, loop);
- if (out_conns)
- fprintf(stderr, "Info, tunnel closed, down to %d\n",
- world.tunnels_used);
- } else {
- /* Move to the next item */
- loop++;
- t_item++;
- }
- }
- goto main_loop;
- /* Should never get here */
- shouldnt_happen:
- abort();
- return 1;
-}
-
-/****************/
-/* OpenSSL bits */
-/****************/
-
-static int ctx_set_cert(SSL_CTX *ctx, const char *cert, const char *key)
-{
- FILE *fp = NULL;
- X509 *x509 = NULL;
- EVP_PKEY *pkey = NULL;
- int toret = 0; /* Assume an error */
-
- /* cert */
- if (cert) {
- if ((fp = fopen(cert, "r")) == NULL) {
- fprintf(stderr, "Error opening cert file '%s'\n", cert);
- goto err;
- }
- if (!PEM_read_X509(fp, &x509, NULL, NULL)) {
- fprintf(stderr, "Error reading PEM cert from '%s'\n", cert);
- goto err;
- }
- if (!SSL_CTX_use_certificate(ctx, x509)) {
- fprintf(stderr, "Error, cert in '%s' can not be used\n", cert);
- goto err;
- }
- /* Clear the FILE* for reuse in the "key" code */
- fclose(fp);
- fp = NULL;
- fprintf(stderr, "Info, operating with cert in '%s'\n", cert);
- /*
- * If a cert was given without matching key, we assume the same file
- * contains the required key.
- */
- if (!key)
- key = cert;
- } else {
- if (key)
- fprintf(stderr, "Error, can't specify a key without a "
- "corresponding certificate\n");
- else
- fprintf(stderr, "Error, ctx_set_cert called with " "NULLs!\n");
- goto err;
- }
- /* key */
- if (key) {
- if ((fp = fopen(key, "r")) == NULL) {
- fprintf(stderr, "Error opening key file '%s'\n", key);
- goto err;
- }
- if (!PEM_read_PrivateKey(fp, &pkey, NULL, NULL)) {
- fprintf(stderr, "Error reading PEM key from '%s'\n", key);
- goto err;
- }
- if (!SSL_CTX_use_PrivateKey(ctx, pkey)) {
- fprintf(stderr, "Error, key in '%s' can not be used\n", key);
- goto err;
- }
- fprintf(stderr, "Info, operating with key in '%s'\n", key);
- } else
- fprintf(stderr, "Info, operating without a cert or key\n");
- /* Success */
- toret = 1;
- err:
- if (x509)
- X509_free(x509);
- if (pkey)
- EVP_PKEY_free(pkey);
- if (fp)
- fclose(fp);
- return toret;
-}
-
-static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file,
- const char *dh_special)
-{
- DH *dh = NULL;
- FILE *fp = NULL;
-
- if (dh_special) {
- if (strcmp(dh_special, "NULL") == 0)
- return 1;
- if (strcmp(dh_special, "standard") == 0) {
- if ((dh = get_dh512()) == NULL) {
- fprintf(stderr, "Error, can't parse 'standard'"
- " DH parameters\n");
- return 0;
- }
- fprintf(stderr, "Info, using 'standard' DH parameters\n");
- goto do_it;
- }
- if (strcmp(dh_special, "generate") != 0)
- /*
- * This shouldn't happen - screening values is handled in main().
- */
- abort();
- fprintf(stderr, "Info, generating DH parameters ... ");
- fflush(stderr);
- if (!(dh = DH_new()) || !DH_generate_parameters_ex(dh, 512,
- DH_GENERATOR_5,
- NULL)) {
- fprintf(stderr, "error!\n");
- if (dh)
- DH_free(dh);
- return 0;
- }
- fprintf(stderr, "complete\n");
- goto do_it;
- }
- /* So, we're loading dh_file */
- if ((fp = fopen(dh_file, "r")) == NULL) {
- fprintf(stderr, "Error, couldn't open '%s' for DH parameters\n",
- dh_file);
- return 0;
- }
- dh = PEM_read_DHparams(fp, NULL, NULL, NULL);
- fclose(fp);
- if (dh == NULL) {
- fprintf(stderr, "Error, could not parse DH parameters from '%s'\n",
- dh_file);
- return 0;
- }
- fprintf(stderr, "Info, using DH parameters from file '%s'\n", dh_file);
- do_it:
- SSL_CTX_set_tmp_dh(ctx, dh);
- DH_free(dh);
- return 1;
-}
-
-static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
- const char *CAfile, const char *cert,
- const char *key, const char *dcert,
- const char *dkey, const char *cipher_list,
- const char *dh_file,
- const char *dh_special, int tmp_rsa,
- int ctx_options, int out_state,
- int out_verify, int verify_mode,
- unsigned int verify_depth)
-{
- SSL_CTX *ctx = NULL, *ret = NULL;
- const SSL_METHOD *meth;
- ENGINE *e = NULL;
-
- OpenSSL_add_ssl_algorithms();
- SSL_load_error_strings();
-
- meth = (server_mode ? SSLv23_server_method() : SSLv23_client_method());
- if (meth == NULL)
- goto err;
- if (engine_id) {
- ENGINE_load_builtin_engines();
- if ((e = ENGINE_by_id(engine_id)) == NULL) {
- fprintf(stderr, "Error obtaining '%s' engine, openssl "
- "errors follow\n", engine_id);
- goto err;
- }
- if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
- fprintf(stderr, "Error assigning '%s' engine, openssl "
- "errors follow\n", engine_id);
- goto err;
- }
- ENGINE_free(e);
- }
- if ((ctx = SSL_CTX_new(meth)) == NULL)
- goto err;
- /* cacert */
- if (CAfile) {
- if (!X509_STORE_load_locations(SSL_CTX_get_cert_store(ctx),
- CAfile, NULL)) {
- fprintf(stderr, "Error loading CA cert(s) in '%s'\n", CAfile);
- goto err;
- }
- fprintf(stderr, "Info, operating with CA cert(s) in '%s'\n", CAfile);
- } else
- fprintf(stderr, "Info, operating without a CA cert(-list)\n");
- if (!SSL_CTX_set_default_verify_paths(ctx)) {
- fprintf(stderr, "Error setting default verify paths\n");
- goto err;
- }
-
- /* cert and key */
- if ((cert || key) && !ctx_set_cert(ctx, cert, key))
- goto err;
- /* dcert and dkey */
- if ((dcert || dkey) && !ctx_set_cert(ctx, dcert, dkey))
- goto err;
- /* temporary RSA key generation */
- if (tmp_rsa)
- SSL_CTX_set_tmp_rsa_callback(ctx, cb_generate_tmp_rsa);
-
- /* cipher_list */
- if (cipher_list) {
- if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
- fprintf(stderr, "Error setting cipher list '%s'\n", cipher_list);
- goto err;
- }
- fprintf(stderr, "Info, set cipher list '%s'\n", cipher_list);
- } else
- fprintf(stderr, "Info, operating with default cipher list\n");
-
- /* dh_file & dh_special */
- if ((dh_file || dh_special) && !ctx_set_dh(ctx, dh_file, dh_special))
- goto err;
-
- /* ctx_options */
- SSL_CTX_set_options(ctx, ctx_options);
-
- /* out_state (output of SSL handshake states to screen). */
- if (out_state)
- cb_ssl_info_set_output(stderr);
-
- /* out_verify */
- if (out_verify > 0) {
- cb_ssl_verify_set_output(stderr);
- cb_ssl_verify_set_level(out_verify);
- }
-
- /* verify_depth */
- cb_ssl_verify_set_depth(verify_depth);
-
- /* Success! (includes setting verify_mode) */
- SSL_CTX_set_info_callback(ctx, cb_ssl_info);
- SSL_CTX_set_verify(ctx, verify_mode, cb_ssl_verify);
- ret = ctx;
- err:
- if (!ret) {
- ERR_print_errors_fp(stderr);
- if (ctx)
- SSL_CTX_free(ctx);
- }
- return ret;
-}
-
-/*****************/
-/* Selector bits */
-/*****************/
-
-static void selector_sets_init(select_sets_t * s)
-{
- s->max = 0;
- FD_ZERO(&s->reads);
- FD_ZERO(&s->sends);
- FD_ZERO(&s->excepts);
-}
-
-static void selector_init(tunala_selector_t * selector)
-{
- selector_sets_init(&selector->last_selected);
- selector_sets_init(&selector->next_select);
-}
-
-#define SEL_EXCEPTS 0x00
-#define SEL_READS 0x01
-#define SEL_SENDS 0x02
-static void selector_add_raw_fd(tunala_selector_t * s, int fd, int flags)
-{
- FD_SET(fd, &s->next_select.excepts);
- if (flags & SEL_READS)
- FD_SET(fd, &s->next_select.reads);
- if (flags & SEL_SENDS)
- FD_SET(fd, &s->next_select.sends);
- /* Adjust "max" */
- if (s->next_select.max < (fd + 1))
- s->next_select.max = fd + 1;
-}
-
-static void selector_add_listener(tunala_selector_t * selector, int fd)
-{
- selector_add_raw_fd(selector, fd, SEL_READS);
-}
-
-static void selector_add_tunala(tunala_selector_t * s, tunala_item_t * t)
-{
- /* Set clean read if sm.clean_in is not full */
- if (t->clean_read != -1) {
- selector_add_raw_fd(s, t->clean_read,
- (buffer_full(state_machine_get_buffer(&t->sm,
- SM_CLEAN_IN))
- ? SEL_EXCEPTS : SEL_READS));
- }
- /* Set clean send if sm.clean_out is not empty */
- if (t->clean_send != -1) {
- selector_add_raw_fd(s, t->clean_send,
- (buffer_empty(state_machine_get_buffer(&t->sm,
- SM_CLEAN_OUT))
- ? SEL_EXCEPTS : SEL_SENDS));
- }
- /* Set dirty read if sm.dirty_in is not full */
- if (t->dirty_read != -1) {
- selector_add_raw_fd(s, t->dirty_read,
- (buffer_full(state_machine_get_buffer(&t->sm,
- SM_DIRTY_IN))
- ? SEL_EXCEPTS : SEL_READS));
- }
- /* Set dirty send if sm.dirty_out is not empty */
- if (t->dirty_send != -1) {
- selector_add_raw_fd(s, t->dirty_send,
- (buffer_empty(state_machine_get_buffer(&t->sm,
- SM_DIRTY_OUT))
- ? SEL_EXCEPTS : SEL_SENDS));
- }
-}
-
-static int selector_select(tunala_selector_t * selector)
-{
- memcpy(&selector->last_selected, &selector->next_select,
- sizeof(select_sets_t));
- selector_sets_init(&selector->next_select);
- return select(selector->last_selected.max,
- &selector->last_selected.reads,
- &selector->last_selected.sends,
- &selector->last_selected.excepts, NULL);
-}
-
-/*
- * This returns -1 for error, 0 for no new connections, or 1 for success, in
- * which case *newfd is populated.
- */
-static int selector_get_listener(tunala_selector_t * selector, int fd,
- int *newfd)
-{
- if (FD_ISSET(fd, &selector->last_selected.excepts))
- return -1;
- if (!FD_ISSET(fd, &selector->last_selected.reads))
- return 0;
- if ((*newfd = ip_accept_connection(fd)) == -1)
- return -1;
- return 1;
-}
-
-/************************/
-/* "Tunala" world stuff */
-/************************/
-
-static int tunala_world_make_room(tunala_world_t * world)
-{
- unsigned int newsize;
- tunala_item_t *newarray;
-
- if (world->tunnels_used < world->tunnels_size)
- return 1;
- newsize = (world->tunnels_size == 0 ? 16 :
- ((world->tunnels_size * 3) / 2));
- if ((newarray = malloc(newsize * sizeof(tunala_item_t))) == NULL)
- return 0;
- memset(newarray, 0, newsize * sizeof(tunala_item_t));
- if (world->tunnels_used > 0)
- memcpy(newarray, world->tunnels,
- world->tunnels_used * sizeof(tunala_item_t));
- if (world->tunnels_size > 0)
- free(world->tunnels);
- /* migrate */
- world->tunnels = newarray;
- world->tunnels_size = newsize;
- return 1;
-}
-
-static int tunala_world_new_item(tunala_world_t * world, int fd,
- const char *ip, unsigned short port,
- int flipped)
-{
- tunala_item_t *item;
- int newfd;
- SSL *new_ssl = NULL;
-
- if (!tunala_world_make_room(world))
- return 0;
- if ((new_ssl = SSL_new(world->ssl_ctx)) == NULL) {
- fprintf(stderr, "Error creating new SSL\n");
- ERR_print_errors_fp(stderr);
- return 0;
- }
- item = world->tunnels + (world->tunnels_used++);
- state_machine_init(&item->sm);
- item->clean_read = item->clean_send =
- item->dirty_read = item->dirty_send = -1;
- if ((newfd = ip_create_connection_split(ip, port)) == -1)
- goto err;
- /*
- * Which way round? If we're a server, "fd" is the dirty side and the
- * connection we open is the clean one. For a client, it's the other way
- * around. Unless, of course, we're "flipped" in which case everything
- * gets reversed. :-)
- */
- if ((world->server_mode && !flipped) || (!world->server_mode && flipped)) {
- item->dirty_read = item->dirty_send = fd;
- item->clean_read = item->clean_send = newfd;
- } else {
- item->clean_read = item->clean_send = fd;
- item->dirty_read = item->dirty_send = newfd;
- }
- /*
- * We use the SSL's "app_data" to indicate a call-back induced "kill"
- */
- SSL_set_app_data(new_ssl, NULL);
- if (!state_machine_set_SSL(&item->sm, new_ssl, world->server_mode))
- goto err;
- return 1;
- err:
- tunala_world_del_item(world, world->tunnels_used - 1);
- return 0;
-
-}
-
-static void tunala_world_del_item(tunala_world_t * world, unsigned int idx)
-{
- tunala_item_t *item = world->tunnels + idx;
- if (item->clean_read != -1)
- close(item->clean_read);
- if (item->clean_send != item->clean_read)
- close(item->clean_send);
- item->clean_read = item->clean_send = -1;
- if (item->dirty_read != -1)
- close(item->dirty_read);
- if (item->dirty_send != item->dirty_read)
- close(item->dirty_send);
- item->dirty_read = item->dirty_send = -1;
- state_machine_close(&item->sm);
- /* OK, now we fix the item array */
- if (idx + 1 < world->tunnels_used)
- /* We need to scroll entries to the left */
- memmove(world->tunnels + idx,
- world->tunnels + (idx + 1),
- (world->tunnels_used - (idx + 1)) * sizeof(tunala_item_t));
- world->tunnels_used--;
-}
-
-static int tunala_item_io(tunala_selector_t * selector, tunala_item_t * item)
-{
- int c_r, c_s, d_r, d_s; /* Four boolean flags */
-
- /* Take ourselves out of the gene-pool if there was an except */
- if ((item->clean_read != -1) && FD_ISSET(item->clean_read,
- &selector->
- last_selected.excepts))
- return 0;
- if ((item->clean_send != -1) && FD_ISSET(item->clean_send,
- &selector->
- last_selected.excepts))
- return 0;
- if ((item->dirty_read != -1) && FD_ISSET(item->dirty_read,
- &selector->
- last_selected.excepts))
- return 0;
- if ((item->dirty_send != -1) && FD_ISSET(item->dirty_send,
- &selector->
- last_selected.excepts))
- return 0;
- /* Grab our 4 IO flags */
- c_r = c_s = d_r = d_s = 0;
- if (item->clean_read != -1)
- c_r = FD_ISSET(item->clean_read, &selector->last_selected.reads);
- if (item->clean_send != -1)
- c_s = FD_ISSET(item->clean_send, &selector->last_selected.sends);
- if (item->dirty_read != -1)
- d_r = FD_ISSET(item->dirty_read, &selector->last_selected.reads);
- if (item->dirty_send != -1)
- d_s = FD_ISSET(item->dirty_send, &selector->last_selected.sends);
- /* If no IO has happened for us, skip needless data looping */
- if (!c_r && !c_s && !d_r && !d_s)
- return 1;
- if (c_r)
- c_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
- SM_CLEAN_IN),
- item->clean_read) <= 0);
- if (c_s)
- c_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
- SM_CLEAN_OUT),
- item->clean_send) <= 0);
- if (d_r)
- d_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
- SM_DIRTY_IN),
- item->dirty_read) <= 0);
- if (d_s)
- d_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
- SM_DIRTY_OUT),
- item->dirty_send) <= 0);
- /* If any of the flags is non-zero, that means they need closing */
- if (c_r) {
- close(item->clean_read);
- if (item->clean_send == item->clean_read)
- item->clean_send = -1;
- item->clean_read = -1;
- }
- if (c_s && (item->clean_send != -1)) {
- close(item->clean_send);
- if (item->clean_send == item->clean_read)
- item->clean_read = -1;
- item->clean_send = -1;
- }
- if (d_r) {
- close(item->dirty_read);
- if (item->dirty_send == item->dirty_read)
- item->dirty_send = -1;
- item->dirty_read = -1;
- }
- if (d_s && (item->dirty_send != -1)) {
- close(item->dirty_send);
- if (item->dirty_send == item->dirty_read)
- item->dirty_read = -1;
- item->dirty_send = -1;
- }
- /*
- * This function name is attributed to the term donated by David Schwartz
- * on openssl-dev, message-ID:
- * <NCBBLIEPOCbmasEKBEAKEEDGLIAA.davids at webmaster.com>. :-)
- */
- if (!state_machine_churn(&item->sm))
- /*
- * If the SSL closes, it will also zero-out the _in buffers and will
- * in future process just outgoing data. As and when the outgoing
- * data has gone, it will return zero here to tell us to bail out.
- */
- return 0;
- /* Otherwise, we return zero if both sides are dead. */
- if (((item->clean_read == -1) || (item->clean_send == -1)) &&
- ((item->dirty_read == -1) || (item->dirty_send == -1)))
- return 0;
- /*
- * If only one side closed, notify the SSL of this so it can take
- * appropriate action.
- */
- if ((item->clean_read == -1) || (item->clean_send == -1)) {
- if (!state_machine_close_clean(&item->sm))
- return 0;
- }
- if ((item->dirty_read == -1) || (item->dirty_send == -1)) {
- if (!state_machine_close_dirty(&item->sm))
- return 0;
- }
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c (from rev 11605, vendor-crypto/openssl/dist/demos/tunala/tunala.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/demos/tunala/tunala.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1183 @@
+#if defined(NO_BUFFER) || defined(NO_IP) || defined(NO_OPENSSL)
+# error "Badness, NO_BUFFER, NO_IP or NO_OPENSSL is defined, turn them *off*"
+#endif
+
+/* Include our bits'n'pieces */
+#include "tunala.h"
+
+/********************************************/
+/* Our local types that specify our "world" */
+/********************************************/
+
+/*
+ * These represent running "tunnels". Eg. if you wanted to do SSL in a
+ * "message-passing" scanario, the "int" file-descriptors might be replaced
+ * by thread or process IDs, and the "select" code might be replaced by
+ * message handling code. Whatever.
+ */
+typedef struct _tunala_item_t {
+ /*
+ * The underlying SSL state machine. This is a data-only processing unit
+ * and we communicate with it by talking to its four "buffers".
+ */
+ state_machine_t sm;
+ /*
+ * The file-descriptors for the "dirty" (encrypted) side of the SSL
+ * setup. In actuality, this is typically a socket and both values are
+ * identical.
+ */
+ int dirty_read, dirty_send;
+ /*
+ * The file-descriptors for the "clean" (unencrypted) side of the SSL
+ * setup. These could be stdin/stdout, a socket (both values the same),
+ * or whatever you like.
+ */
+ int clean_read, clean_send;
+} tunala_item_t;
+
+/*
+ * This structure is used as the data for running the main loop. Namely, in a
+ * network format such as this, it is stuff for select() - but as pointed out,
+ * when moving the real-world to somewhere else, this might be replaced by
+ * something entirely different. It's basically the stuff that controls when
+ * it's time to do some "work".
+ */
+typedef struct _select_sets_t {
+ int max; /* As required as the first argument to
+ * select() */
+ fd_set reads, sends, excepts; /* As passed to select() */
+} select_sets_t;
+typedef struct _tunala_selector_t {
+ select_sets_t last_selected; /* Results of the last select() */
+ select_sets_t next_select; /* What we'll next select on */
+} tunala_selector_t;
+
+/*
+ * This structure is *everything*. We do it to avoid the use of globals so
+ * that, for example, it would be easier to shift things around between
+ * async-IO, thread-based, or multi-fork()ed (or combinations thereof).
+ */
+typedef struct _tunala_world_t {
+ /* The file-descriptor we "listen" on for new connections */
+ int listen_fd;
+ /* The array of tunnels */
+ tunala_item_t *tunnels;
+ /* the number of tunnels in use and allocated, respectively */
+ unsigned int tunnels_used, tunnels_size;
+ /* Our outside "loop" context stuff */
+ tunala_selector_t selector;
+ /*
+ * Our SSL_CTX, which is configured as the SSL client or server and has
+ * the various cert-settings and callbacks configured.
+ */
+ SSL_CTX *ssl_ctx;
+ /*
+ * Simple flag with complex logic :-) Indicates whether we're an SSL
+ * server or an SSL client.
+ */
+ int server_mode;
+} tunala_world_t;
+
+/*****************************/
+/* Internal static functions */
+/*****************************/
+
+static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
+ const char *CAfile, const char *cert,
+ const char *key, const char *dcert,
+ const char *dkey, const char *cipher_list,
+ const char *dh_file,
+ const char *dh_special, int tmp_rsa,
+ int ctx_options, int out_state,
+ int out_verify, int verify_mode,
+ unsigned int verify_depth);
+static void selector_init(tunala_selector_t * selector);
+static void selector_add_listener(tunala_selector_t * selector, int fd);
+static void selector_add_tunala(tunala_selector_t * selector,
+ tunala_item_t * t);
+static int selector_select(tunala_selector_t * selector);
+/*
+ * This returns -1 for error, 0 for no new connections, or 1 for success, in
+ * which case *newfd is populated.
+ */
+static int selector_get_listener(tunala_selector_t * selector, int fd,
+ int *newfd);
+static int tunala_world_new_item(tunala_world_t * world, int fd,
+ const char *ip, unsigned short port,
+ int flipped);
+static void tunala_world_del_item(tunala_world_t * world, unsigned int idx);
+static int tunala_item_io(tunala_selector_t * selector, tunala_item_t * item);
+
+/*********************************************/
+/* MAIN FUNCTION (and its utility functions) */
+/*********************************************/
+
+static const char *def_proxyhost = "127.0.0.1:443";
+static const char *def_listenhost = "127.0.0.1:8080";
+static int def_max_tunnels = 50;
+static const char *def_cacert = NULL;
+static const char *def_cert = NULL;
+static const char *def_key = NULL;
+static const char *def_dcert = NULL;
+static const char *def_dkey = NULL;
+static const char *def_engine_id = NULL;
+static int def_server_mode = 0;
+static int def_flipped = 0;
+static const char *def_cipher_list = NULL;
+static const char *def_dh_file = NULL;
+static const char *def_dh_special = NULL;
+static int def_tmp_rsa = 1;
+static int def_ctx_options = 0;
+static int def_verify_mode = 0;
+static unsigned int def_verify_depth = 10;
+static int def_out_state = 0;
+static unsigned int def_out_verify = 0;
+static int def_out_totals = 0;
+static int def_out_conns = 0;
+
+static const char *helpstring =
+ "\n'Tunala' (A tunneler with a New Zealand accent)\n"
+ "Usage: tunala [options], where options are from;\n"
+ " -listen [host:]<port> (default = 127.0.0.1:8080)\n"
+ " -proxy <host>:<port> (default = 127.0.0.1:443)\n"
+ " -maxtunnels <num> (default = 50)\n"
+ " -cacert <path|NULL> (default = NULL)\n"
+ " -cert <path|NULL> (default = NULL)\n"
+ " -key <path|NULL> (default = whatever '-cert' is)\n"
+ " -dcert <path|NULL> (usually for DSA, default = NULL)\n"
+ " -dkey <path|NULL> (usually for DSA, default = whatever '-dcert' is)\n"
+ " -engine <id|NULL> (default = NULL)\n"
+ " -server <0|1> (default = 0, ie. an SSL client)\n"
+ " -flipped <0|1> (makes SSL servers be network clients, and vice versa)\n"
+ " -cipher <list> (specifies cipher list to use)\n"
+ " -dh_file <path> (a PEM file containing DH parameters to use)\n"
+ " -dh_special <NULL|generate|standard> (see below: def=NULL)\n"
+ " -no_tmp_rsa (don't generate temporary RSA keys)\n"
+ " -no_ssl2 (disable SSLv2)\n"
+ " -no_ssl3 (disable SSLv3)\n"
+ " -no_tls1 (disable TLSv1)\n"
+ " -v_peer (verify the peer certificate)\n"
+ " -v_strict (do not continue if peer doesn't authenticate)\n"
+ " -v_once (no verification in renegotiates)\n"
+ " -v_depth <num> (limit certificate chain depth, default = 10)\n"
+ " -out_conns (prints client connections and disconnections)\n"
+ " -out_state (prints SSL handshake states)\n"
+ " -out_verify <0|1|2|3> (prints certificate verification states: def=1)\n"
+ " -out_totals (prints out byte-totals when a tunnel closes)\n"
+ " -<h|help|?> (displays this help screen)\n"
+ "Notes:\n"
+ "(1) It is recommended to specify a cert+key when operating as an SSL server.\n"
+ " If you only specify '-cert', the same file must contain a matching\n"
+ " private key.\n"
+ "(2) Either dh_file or dh_special can be used to specify where DH parameters\n"
+ " will be obtained from (or '-dh_special NULL' for the default choice) but\n"
+ " you cannot specify both. For dh_special, 'generate' will create new DH\n"
+ " parameters on startup, and 'standard' will use embedded parameters\n"
+ " instead.\n"
+ "(3) Normally an ssl client connects to an ssl server - so that an 'ssl client\n"
+ " tunala' listens for 'clean' client connections and proxies ssl, and an\n"
+ " 'ssl server tunala' listens for ssl connections and proxies 'clean'. With\n"
+ " '-flipped 1', this behaviour is reversed so that an 'ssl server tunala'\n"
+ " listens for clean client connections and proxies ssl (but participating\n"
+ " as an ssl *server* in the SSL/TLS protocol), and an 'ssl client tunala'\n"
+ " listens for ssl connections (participating as an ssl *client* in the\n"
+ " SSL/TLS protocol) and proxies 'clean' to the end destination. This can\n"
+ " be useful for allowing network access to 'servers' where only the server\n"
+ " needs to authenticate the client (ie. the other way is not required).\n"
+ " Even with client and server authentication, this 'technique' mitigates\n"
+ " some DoS (denial-of-service) potential as it will be the network client\n"
+ " having to perform the first private key operation rather than the other\n"
+ " way round.\n"
+ "(4) The 'technique' used by setting '-flipped 1' is probably compatible with\n"
+ " absolutely nothing except another complimentary instance of 'tunala'\n"
+ " running with '-flipped 1'. :-)\n";
+
+/*
+ * Default DH parameters for use with "-dh_special standard" ... stolen
+ * striaght from s_server.
+ */
+static unsigned char dh512_p[] = {
+ 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
+ 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
+ 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
+ 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
+ 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
+ 0x47, 0x74, 0xE8, 0x33,
+};
+
+static unsigned char dh512_g[] = {
+ 0x02,
+};
+
+/*
+ * And the function that parses the above "standard" parameters, again,
+ * straight out of s_server.
+ */
+static DH *get_dh512(void)
+{
+ DH *dh = NULL;
+
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+ dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+ if ((dh->p == NULL) || (dh->g == NULL))
+ return (NULL);
+ return (dh);
+}
+
+/* Various help/error messages used by main() */
+static int usage(const char *errstr, int isunknownarg)
+{
+ if (isunknownarg)
+ fprintf(stderr, "Error: unknown argument '%s'\n", errstr);
+ else
+ fprintf(stderr, "Error: %s\n", errstr);
+ fprintf(stderr, "%s\n", helpstring);
+ return 1;
+}
+
+static int err_str0(const char *str0)
+{
+ fprintf(stderr, "%s\n", str0);
+ return 1;
+}
+
+static int err_str1(const char *fmt, const char *str1)
+{
+ fprintf(stderr, fmt, str1);
+ fprintf(stderr, "\n");
+ return 1;
+}
+
+static int parse_max_tunnels(const char *s, unsigned int *maxtunnels)
+{
+ unsigned long l;
+ if (!int_strtoul(s, &l) || (l < 1) || (l > 1024)) {
+ fprintf(stderr, "Error, '%s' is an invalid value for "
+ "maxtunnels\n", s);
+ return 0;
+ }
+ *maxtunnels = (unsigned int)l;
+ return 1;
+}
+
+static int parse_server_mode(const char *s, int *servermode)
+{
+ unsigned long l;
+ if (!int_strtoul(s, &l) || (l > 1)) {
+ fprintf(stderr, "Error, '%s' is an invalid value for the "
+ "server mode\n", s);
+ return 0;
+ }
+ *servermode = (int)l;
+ return 1;
+}
+
+static int parse_dh_special(const char *s, const char **dh_special)
+{
+ if ((strcmp(s, "NULL") == 0) || (strcmp(s, "generate") == 0) ||
+ (strcmp(s, "standard") == 0)) {
+ *dh_special = s;
+ return 1;
+ }
+ fprintf(stderr, "Error, '%s' is an invalid value for 'dh_special'\n", s);
+ return 0;
+}
+
+static int parse_verify_level(const char *s, unsigned int *verify_level)
+{
+ unsigned long l;
+ if (!int_strtoul(s, &l) || (l > 3)) {
+ fprintf(stderr, "Error, '%s' is an invalid value for "
+ "out_verify\n", s);
+ return 0;
+ }
+ *verify_level = (unsigned int)l;
+ return 1;
+}
+
+static int parse_verify_depth(const char *s, unsigned int *verify_depth)
+{
+ unsigned long l;
+ if (!int_strtoul(s, &l) || (l < 1) || (l > 50)) {
+ fprintf(stderr, "Error, '%s' is an invalid value for "
+ "verify_depth\n", s);
+ return 0;
+ }
+ *verify_depth = (unsigned int)l;
+ return 1;
+}
+
+/* Some fprintf format strings used when tunnels close */
+static const char *io_stats_dirty =
+ " SSL traffic; %8lu bytes in, %8lu bytes out\n";
+static const char *io_stats_clean =
+ " clear traffic; %8lu bytes in, %8lu bytes out\n";
+
+int main(int argc, char *argv[])
+{
+ unsigned int loop;
+ int newfd;
+ tunala_world_t world;
+ tunala_item_t *t_item;
+ const char *proxy_ip;
+ unsigned short proxy_port;
+ /* Overridables */
+ const char *proxyhost = def_proxyhost;
+ const char *listenhost = def_listenhost;
+ unsigned int max_tunnels = def_max_tunnels;
+ const char *cacert = def_cacert;
+ const char *cert = def_cert;
+ const char *key = def_key;
+ const char *dcert = def_dcert;
+ const char *dkey = def_dkey;
+ const char *engine_id = def_engine_id;
+ int server_mode = def_server_mode;
+ int flipped = def_flipped;
+ const char *cipher_list = def_cipher_list;
+ const char *dh_file = def_dh_file;
+ const char *dh_special = def_dh_special;
+ int tmp_rsa = def_tmp_rsa;
+ int ctx_options = def_ctx_options;
+ int verify_mode = def_verify_mode;
+ unsigned int verify_depth = def_verify_depth;
+ int out_state = def_out_state;
+ unsigned int out_verify = def_out_verify;
+ int out_totals = def_out_totals;
+ int out_conns = def_out_conns;
+
+/* Parse command-line arguments */
+ next_arg:
+ argc--;
+ argv++;
+ if (argc > 0) {
+ if (strcmp(*argv, "-listen") == 0) {
+ if (argc < 2)
+ return usage("-listen requires an argument", 0);
+ argc--;
+ argv++;
+ listenhost = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-proxy") == 0) {
+ if (argc < 2)
+ return usage("-proxy requires an argument", 0);
+ argc--;
+ argv++;
+ proxyhost = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-maxtunnels") == 0) {
+ if (argc < 2)
+ return usage("-maxtunnels requires an argument", 0);
+ argc--;
+ argv++;
+ if (!parse_max_tunnels(*argv, &max_tunnels))
+ return 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-cacert") == 0) {
+ if (argc < 2)
+ return usage("-cacert requires an argument", 0);
+ argc--;
+ argv++;
+ if (strcmp(*argv, "NULL") == 0)
+ cacert = NULL;
+ else
+ cacert = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-cert") == 0) {
+ if (argc < 2)
+ return usage("-cert requires an argument", 0);
+ argc--;
+ argv++;
+ if (strcmp(*argv, "NULL") == 0)
+ cert = NULL;
+ else
+ cert = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-key") == 0) {
+ if (argc < 2)
+ return usage("-key requires an argument", 0);
+ argc--;
+ argv++;
+ if (strcmp(*argv, "NULL") == 0)
+ key = NULL;
+ else
+ key = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-dcert") == 0) {
+ if (argc < 2)
+ return usage("-dcert requires an argument", 0);
+ argc--;
+ argv++;
+ if (strcmp(*argv, "NULL") == 0)
+ dcert = NULL;
+ else
+ dcert = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-dkey") == 0) {
+ if (argc < 2)
+ return usage("-dkey requires an argument", 0);
+ argc--;
+ argv++;
+ if (strcmp(*argv, "NULL") == 0)
+ dkey = NULL;
+ else
+ dkey = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-engine") == 0) {
+ if (argc < 2)
+ return usage("-engine requires an argument", 0);
+ argc--;
+ argv++;
+ engine_id = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-server") == 0) {
+ if (argc < 2)
+ return usage("-server requires an argument", 0);
+ argc--;
+ argv++;
+ if (!parse_server_mode(*argv, &server_mode))
+ return 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-flipped") == 0) {
+ if (argc < 2)
+ return usage("-flipped requires an argument", 0);
+ argc--;
+ argv++;
+ if (!parse_server_mode(*argv, &flipped))
+ return 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-cipher") == 0) {
+ if (argc < 2)
+ return usage("-cipher requires an argument", 0);
+ argc--;
+ argv++;
+ cipher_list = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-dh_file") == 0) {
+ if (argc < 2)
+ return usage("-dh_file requires an argument", 0);
+ if (dh_special)
+ return usage("cannot mix -dh_file with " "-dh_special", 0);
+ argc--;
+ argv++;
+ dh_file = *argv;
+ goto next_arg;
+ } else if (strcmp(*argv, "-dh_special") == 0) {
+ if (argc < 2)
+ return usage("-dh_special requires an argument", 0);
+ if (dh_file)
+ return usage("cannot mix -dh_file with " "-dh_special", 0);
+ argc--;
+ argv++;
+ if (!parse_dh_special(*argv, &dh_special))
+ return 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
+ tmp_rsa = 0;
+ goto next_arg;
+ } else if (strcmp(*argv, "-no_ssl2") == 0) {
+ ctx_options |= SSL_OP_NO_SSLv2;
+ goto next_arg;
+ } else if (strcmp(*argv, "-no_ssl3") == 0) {
+ ctx_options |= SSL_OP_NO_SSLv3;
+ goto next_arg;
+ } else if (strcmp(*argv, "-no_tls1") == 0) {
+ ctx_options |= SSL_OP_NO_TLSv1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-v_peer") == 0) {
+ verify_mode |= SSL_VERIFY_PEER;
+ goto next_arg;
+ } else if (strcmp(*argv, "-v_strict") == 0) {
+ verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+ goto next_arg;
+ } else if (strcmp(*argv, "-v_once") == 0) {
+ verify_mode |= SSL_VERIFY_CLIENT_ONCE;
+ goto next_arg;
+ } else if (strcmp(*argv, "-v_depth") == 0) {
+ if (argc < 2)
+ return usage("-v_depth requires an argument", 0);
+ argc--;
+ argv++;
+ if (!parse_verify_depth(*argv, &verify_depth))
+ return 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-out_state") == 0) {
+ out_state = 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-out_verify") == 0) {
+ if (argc < 2)
+ return usage("-out_verify requires an argument", 0);
+ argc--;
+ argv++;
+ if (!parse_verify_level(*argv, &out_verify))
+ return 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-out_totals") == 0) {
+ out_totals = 1;
+ goto next_arg;
+ } else if (strcmp(*argv, "-out_conns") == 0) {
+ out_conns = 1;
+ goto next_arg;
+ } else if ((strcmp(*argv, "-h") == 0) ||
+ (strcmp(*argv, "-help") == 0) ||
+ (strcmp(*argv, "-?") == 0)) {
+ fprintf(stderr, "%s\n", helpstring);
+ return 0;
+ } else
+ return usage(*argv, 1);
+ }
+ /* Run any sanity checks we want here */
+ if (!cert && !dcert && server_mode)
+ fprintf(stderr, "WARNING: you are running an SSL server without "
+ "a certificate - this may not work!\n");
+
+ /* Initialise network stuff */
+ if (!ip_initialise())
+ return err_str0("ip_initialise failed");
+ /* Create the SSL_CTX */
+ if ((world.ssl_ctx = initialise_ssl_ctx(server_mode, engine_id,
+ cacert, cert, key, dcert, dkey,
+ cipher_list, dh_file, dh_special,
+ tmp_rsa, ctx_options, out_state,
+ out_verify, verify_mode,
+ verify_depth)) == NULL)
+ return err_str1("initialise_ssl_ctx(engine_id=%s) failed",
+ (engine_id == NULL) ? "NULL" : engine_id);
+ if (engine_id)
+ fprintf(stderr, "Info, engine '%s' initialised\n", engine_id);
+ /* Create the listener */
+ if ((world.listen_fd = ip_create_listener(listenhost)) == -1)
+ return err_str1("ip_create_listener(%s) failed", listenhost);
+ fprintf(stderr, "Info, listening on '%s'\n", listenhost);
+ if (!ip_parse_address(proxyhost, &proxy_ip, &proxy_port, 0))
+ return err_str1("ip_parse_address(%s) failed", proxyhost);
+ fprintf(stderr, "Info, proxying to '%s' (%d.%d.%d.%d:%d)\n", proxyhost,
+ (int)proxy_ip[0], (int)proxy_ip[1],
+ (int)proxy_ip[2], (int)proxy_ip[3], (int)proxy_port);
+ fprintf(stderr, "Info, set maxtunnels to %d\n", (int)max_tunnels);
+ fprintf(stderr, "Info, set to operate as an SSL %s\n",
+ (server_mode ? "server" : "client"));
+ /* Initialise the rest of the stuff */
+ world.tunnels_used = world.tunnels_size = 0;
+ world.tunnels = NULL;
+ world.server_mode = server_mode;
+ selector_init(&world.selector);
+
+/* We're ready to loop */
+ main_loop:
+ /* Should we listen for *new* tunnels? */
+ if (world.tunnels_used < max_tunnels)
+ selector_add_listener(&world.selector, world.listen_fd);
+ /* We should add in our existing tunnels */
+ for (loop = 0; loop < world.tunnels_used; loop++)
+ selector_add_tunala(&world.selector, world.tunnels + loop);
+ /* Now do the select */
+ switch (selector_select(&world.selector)) {
+ case -1:
+ if (errno != EINTR) {
+ fprintf(stderr, "selector_select returned a " "badness error.\n");
+ goto shouldnt_happen;
+ }
+ fprintf(stderr, "Warn, selector interrupted by a signal\n");
+ goto main_loop;
+ case 0:
+ fprintf(stderr, "Warn, selector_select returned 0 - signal?" "?\n");
+ goto main_loop;
+ default:
+ break;
+ }
+ /* Accept new connection if we should and can */
+ if ((world.tunnels_used < max_tunnels)
+ && (selector_get_listener(&world.selector, world.listen_fd, &newfd) ==
+ 1)) {
+ /* We have a new connection */
+ if (!tunala_world_new_item(&world, newfd, proxy_ip,
+ proxy_port, flipped))
+ fprintf(stderr, "tunala_world_new_item failed\n");
+ else if (out_conns)
+ fprintf(stderr, "Info, new tunnel opened, now up to "
+ "%d\n", world.tunnels_used);
+ }
+ /*
+ * Give each tunnel its moment, note the while loop is because it makes
+ * the logic easier than with "for" to deal with an array that may shift
+ * because of deletes.
+ */
+ loop = 0;
+ t_item = world.tunnels;
+ while (loop < world.tunnels_used) {
+ if (!tunala_item_io(&world.selector, t_item)) {
+ /*
+ * We're closing whether for reasons of an error or a natural
+ * close. Don't increment loop or t_item because the next item is
+ * moving to us!
+ */
+ if (!out_totals)
+ goto skip_totals;
+ fprintf(stderr, "Tunnel closing, traffic stats follow\n");
+ /* Display the encrypted (over the network) stats */
+ fprintf(stderr, io_stats_dirty,
+ buffer_total_in(state_machine_get_buffer
+ (&t_item->sm, SM_DIRTY_IN)),
+ buffer_total_out(state_machine_get_buffer
+ (&t_item->sm, SM_DIRTY_OUT)));
+ /*
+ * Display the local (tunnelled) stats. NB: Data we *receive* is
+ * data sent *out* of the state_machine on its 'clean' side.
+ * Hence the apparent back-to-front OUT/IN mixup here :-)
+ */
+ fprintf(stderr, io_stats_clean,
+ buffer_total_out(state_machine_get_buffer
+ (&t_item->sm, SM_CLEAN_OUT)),
+ buffer_total_in(state_machine_get_buffer
+ (&t_item->sm, SM_CLEAN_IN)));
+ skip_totals:
+ tunala_world_del_item(&world, loop);
+ if (out_conns)
+ fprintf(stderr, "Info, tunnel closed, down to %d\n",
+ world.tunnels_used);
+ } else {
+ /* Move to the next item */
+ loop++;
+ t_item++;
+ }
+ }
+ goto main_loop;
+ /* Should never get here */
+ shouldnt_happen:
+ abort();
+ return 1;
+}
+
+/****************/
+/* OpenSSL bits */
+/****************/
+
+static int ctx_set_cert(SSL_CTX *ctx, const char *cert, const char *key)
+{
+ FILE *fp = NULL;
+ X509 *x509 = NULL;
+ EVP_PKEY *pkey = NULL;
+ int toret = 0; /* Assume an error */
+
+ /* cert */
+ if (cert) {
+ if ((fp = fopen(cert, "r")) == NULL) {
+ fprintf(stderr, "Error opening cert file '%s'\n", cert);
+ goto err;
+ }
+ if (!PEM_read_X509(fp, &x509, NULL, NULL)) {
+ fprintf(stderr, "Error reading PEM cert from '%s'\n", cert);
+ goto err;
+ }
+ if (!SSL_CTX_use_certificate(ctx, x509)) {
+ fprintf(stderr, "Error, cert in '%s' can not be used\n", cert);
+ goto err;
+ }
+ /* Clear the FILE* for reuse in the "key" code */
+ fclose(fp);
+ fp = NULL;
+ fprintf(stderr, "Info, operating with cert in '%s'\n", cert);
+ /*
+ * If a cert was given without matching key, we assume the same file
+ * contains the required key.
+ */
+ if (!key)
+ key = cert;
+ } else {
+ if (key)
+ fprintf(stderr, "Error, can't specify a key without a "
+ "corresponding certificate\n");
+ else
+ fprintf(stderr, "Error, ctx_set_cert called with " "NULLs!\n");
+ goto err;
+ }
+ /* key */
+ if (key) {
+ if ((fp = fopen(key, "r")) == NULL) {
+ fprintf(stderr, "Error opening key file '%s'\n", key);
+ goto err;
+ }
+ if (!PEM_read_PrivateKey(fp, &pkey, NULL, NULL)) {
+ fprintf(stderr, "Error reading PEM key from '%s'\n", key);
+ goto err;
+ }
+ if (!SSL_CTX_use_PrivateKey(ctx, pkey)) {
+ fprintf(stderr, "Error, key in '%s' can not be used\n", key);
+ goto err;
+ }
+ fprintf(stderr, "Info, operating with key in '%s'\n", key);
+ } else
+ fprintf(stderr, "Info, operating without a cert or key\n");
+ /* Success */
+ toret = 1;
+ err:
+ if (x509)
+ X509_free(x509);
+ if (pkey)
+ EVP_PKEY_free(pkey);
+ if (fp)
+ fclose(fp);
+ return toret;
+}
+
+static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file,
+ const char *dh_special)
+{
+ DH *dh = NULL;
+ FILE *fp = NULL;
+
+ if (dh_special) {
+ if (strcmp(dh_special, "NULL") == 0)
+ return 1;
+ if (strcmp(dh_special, "standard") == 0) {
+ if ((dh = get_dh512()) == NULL) {
+ fprintf(stderr, "Error, can't parse 'standard'"
+ " DH parameters\n");
+ return 0;
+ }
+ fprintf(stderr, "Info, using 'standard' DH parameters\n");
+ goto do_it;
+ }
+ if (strcmp(dh_special, "generate") != 0)
+ /*
+ * This shouldn't happen - screening values is handled in main().
+ */
+ abort();
+ fprintf(stderr, "Info, generating DH parameters ... ");
+ fflush(stderr);
+ if (!(dh = DH_new()) || !DH_generate_parameters_ex(dh, 512,
+ DH_GENERATOR_5,
+ NULL)) {
+ fprintf(stderr, "error!\n");
+ if (dh)
+ DH_free(dh);
+ return 0;
+ }
+ fprintf(stderr, "complete\n");
+ goto do_it;
+ }
+ /* So, we're loading dh_file */
+ if ((fp = fopen(dh_file, "r")) == NULL) {
+ fprintf(stderr, "Error, couldn't open '%s' for DH parameters\n",
+ dh_file);
+ return 0;
+ }
+ dh = PEM_read_DHparams(fp, NULL, NULL, NULL);
+ fclose(fp);
+ if (dh == NULL) {
+ fprintf(stderr, "Error, could not parse DH parameters from '%s'\n",
+ dh_file);
+ return 0;
+ }
+ fprintf(stderr, "Info, using DH parameters from file '%s'\n", dh_file);
+ do_it:
+ SSL_CTX_set_tmp_dh(ctx, dh);
+ DH_free(dh);
+ return 1;
+}
+
+static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
+ const char *CAfile, const char *cert,
+ const char *key, const char *dcert,
+ const char *dkey, const char *cipher_list,
+ const char *dh_file,
+ const char *dh_special, int tmp_rsa,
+ int ctx_options, int out_state,
+ int out_verify, int verify_mode,
+ unsigned int verify_depth)
+{
+ SSL_CTX *ctx = NULL, *ret = NULL;
+ const SSL_METHOD *meth;
+ ENGINE *e = NULL;
+
+ OpenSSL_add_ssl_algorithms();
+ SSL_load_error_strings();
+
+ meth = (server_mode ? SSLv23_server_method() : SSLv23_client_method());
+ if (meth == NULL)
+ goto err;
+ if (engine_id) {
+ ENGINE_load_builtin_engines();
+ if ((e = ENGINE_by_id(engine_id)) == NULL) {
+ fprintf(stderr, "Error obtaining '%s' engine, openssl "
+ "errors follow\n", engine_id);
+ goto err;
+ }
+ if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
+ fprintf(stderr, "Error assigning '%s' engine, openssl "
+ "errors follow\n", engine_id);
+ goto err;
+ }
+ ENGINE_free(e);
+ }
+ if ((ctx = SSL_CTX_new(meth)) == NULL)
+ goto err;
+ /* cacert */
+ if (CAfile) {
+ if (!X509_STORE_load_locations(SSL_CTX_get_cert_store(ctx),
+ CAfile, NULL)) {
+ fprintf(stderr, "Error loading CA cert(s) in '%s'\n", CAfile);
+ goto err;
+ }
+ fprintf(stderr, "Info, operating with CA cert(s) in '%s'\n", CAfile);
+ } else
+ fprintf(stderr, "Info, operating without a CA cert(-list)\n");
+ if (!SSL_CTX_set_default_verify_paths(ctx)) {
+ fprintf(stderr, "Error setting default verify paths\n");
+ goto err;
+ }
+
+ /* cert and key */
+ if ((cert || key) && !ctx_set_cert(ctx, cert, key))
+ goto err;
+ /* dcert and dkey */
+ if ((dcert || dkey) && !ctx_set_cert(ctx, dcert, dkey))
+ goto err;
+ /* temporary RSA key generation */
+ if (tmp_rsa)
+ SSL_CTX_set_tmp_rsa_callback(ctx, cb_generate_tmp_rsa);
+
+ /* cipher_list */
+ if (cipher_list) {
+ if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
+ fprintf(stderr, "Error setting cipher list '%s'\n", cipher_list);
+ goto err;
+ }
+ fprintf(stderr, "Info, set cipher list '%s'\n", cipher_list);
+ } else
+ fprintf(stderr, "Info, operating with default cipher list\n");
+
+ /* dh_file & dh_special */
+ if ((dh_file || dh_special) && !ctx_set_dh(ctx, dh_file, dh_special))
+ goto err;
+
+ /* ctx_options */
+ SSL_CTX_set_options(ctx, ctx_options);
+
+ /* out_state (output of SSL handshake states to screen). */
+ if (out_state)
+ cb_ssl_info_set_output(stderr);
+
+ /* out_verify */
+ if (out_verify > 0) {
+ cb_ssl_verify_set_output(stderr);
+ cb_ssl_verify_set_level(out_verify);
+ }
+
+ /* verify_depth */
+ cb_ssl_verify_set_depth(verify_depth);
+
+ /* Success! (includes setting verify_mode) */
+ SSL_CTX_set_info_callback(ctx, cb_ssl_info);
+ SSL_CTX_set_verify(ctx, verify_mode, cb_ssl_verify);
+ ret = ctx;
+ err:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ if (ctx)
+ SSL_CTX_free(ctx);
+ }
+ return ret;
+}
+
+/*****************/
+/* Selector bits */
+/*****************/
+
+static void selector_sets_init(select_sets_t * s)
+{
+ s->max = 0;
+ FD_ZERO(&s->reads);
+ FD_ZERO(&s->sends);
+ FD_ZERO(&s->excepts);
+}
+
+static void selector_init(tunala_selector_t * selector)
+{
+ selector_sets_init(&selector->last_selected);
+ selector_sets_init(&selector->next_select);
+}
+
+#define SEL_EXCEPTS 0x00
+#define SEL_READS 0x01
+#define SEL_SENDS 0x02
+static void selector_add_raw_fd(tunala_selector_t * s, int fd, int flags)
+{
+ FD_SET(fd, &s->next_select.excepts);
+ if (flags & SEL_READS)
+ FD_SET(fd, &s->next_select.reads);
+ if (flags & SEL_SENDS)
+ FD_SET(fd, &s->next_select.sends);
+ /* Adjust "max" */
+ if (s->next_select.max < (fd + 1))
+ s->next_select.max = fd + 1;
+}
+
+static void selector_add_listener(tunala_selector_t * selector, int fd)
+{
+ selector_add_raw_fd(selector, fd, SEL_READS);
+}
+
+static void selector_add_tunala(tunala_selector_t * s, tunala_item_t * t)
+{
+ /* Set clean read if sm.clean_in is not full */
+ if (t->clean_read != -1) {
+ selector_add_raw_fd(s, t->clean_read,
+ (buffer_full(state_machine_get_buffer(&t->sm,
+ SM_CLEAN_IN))
+ ? SEL_EXCEPTS : SEL_READS));
+ }
+ /* Set clean send if sm.clean_out is not empty */
+ if (t->clean_send != -1) {
+ selector_add_raw_fd(s, t->clean_send,
+ (buffer_empty(state_machine_get_buffer(&t->sm,
+ SM_CLEAN_OUT))
+ ? SEL_EXCEPTS : SEL_SENDS));
+ }
+ /* Set dirty read if sm.dirty_in is not full */
+ if (t->dirty_read != -1) {
+ selector_add_raw_fd(s, t->dirty_read,
+ (buffer_full(state_machine_get_buffer(&t->sm,
+ SM_DIRTY_IN))
+ ? SEL_EXCEPTS : SEL_READS));
+ }
+ /* Set dirty send if sm.dirty_out is not empty */
+ if (t->dirty_send != -1) {
+ selector_add_raw_fd(s, t->dirty_send,
+ (buffer_empty(state_machine_get_buffer(&t->sm,
+ SM_DIRTY_OUT))
+ ? SEL_EXCEPTS : SEL_SENDS));
+ }
+}
+
+static int selector_select(tunala_selector_t * selector)
+{
+ memcpy(&selector->last_selected, &selector->next_select,
+ sizeof(select_sets_t));
+ selector_sets_init(&selector->next_select);
+ return select(selector->last_selected.max,
+ &selector->last_selected.reads,
+ &selector->last_selected.sends,
+ &selector->last_selected.excepts, NULL);
+}
+
+/*
+ * This returns -1 for error, 0 for no new connections, or 1 for success, in
+ * which case *newfd is populated.
+ */
+static int selector_get_listener(tunala_selector_t * selector, int fd,
+ int *newfd)
+{
+ if (FD_ISSET(fd, &selector->last_selected.excepts))
+ return -1;
+ if (!FD_ISSET(fd, &selector->last_selected.reads))
+ return 0;
+ if ((*newfd = ip_accept_connection(fd)) == -1)
+ return -1;
+ return 1;
+}
+
+/************************/
+/* "Tunala" world stuff */
+/************************/
+
+static int tunala_world_make_room(tunala_world_t * world)
+{
+ unsigned int newsize;
+ tunala_item_t *newarray;
+
+ if (world->tunnels_used < world->tunnels_size)
+ return 1;
+ newsize = (world->tunnels_size == 0 ? 16 :
+ ((world->tunnels_size * 3) / 2));
+ if ((newarray = malloc(newsize * sizeof(tunala_item_t))) == NULL)
+ return 0;
+ memset(newarray, 0, newsize * sizeof(tunala_item_t));
+ if (world->tunnels_used > 0)
+ memcpy(newarray, world->tunnels,
+ world->tunnels_used * sizeof(tunala_item_t));
+ if (world->tunnels_size > 0)
+ free(world->tunnels);
+ /* migrate */
+ world->tunnels = newarray;
+ world->tunnels_size = newsize;
+ return 1;
+}
+
+static int tunala_world_new_item(tunala_world_t * world, int fd,
+ const char *ip, unsigned short port,
+ int flipped)
+{
+ tunala_item_t *item;
+ int newfd;
+ SSL *new_ssl = NULL;
+
+ if (!tunala_world_make_room(world))
+ return 0;
+ if ((new_ssl = SSL_new(world->ssl_ctx)) == NULL) {
+ fprintf(stderr, "Error creating new SSL\n");
+ ERR_print_errors_fp(stderr);
+ return 0;
+ }
+ item = world->tunnels + (world->tunnels_used++);
+ state_machine_init(&item->sm);
+ item->clean_read = item->clean_send =
+ item->dirty_read = item->dirty_send = -1;
+ if ((newfd = ip_create_connection_split(ip, port)) == -1)
+ goto err;
+ /*
+ * Which way round? If we're a server, "fd" is the dirty side and the
+ * connection we open is the clean one. For a client, it's the other way
+ * around. Unless, of course, we're "flipped" in which case everything
+ * gets reversed. :-)
+ */
+ if ((world->server_mode && !flipped) || (!world->server_mode && flipped)) {
+ item->dirty_read = item->dirty_send = fd;
+ item->clean_read = item->clean_send = newfd;
+ } else {
+ item->clean_read = item->clean_send = fd;
+ item->dirty_read = item->dirty_send = newfd;
+ }
+ /*
+ * We use the SSL's "app_data" to indicate a call-back induced "kill"
+ */
+ SSL_set_app_data(new_ssl, NULL);
+ if (!state_machine_set_SSL(&item->sm, new_ssl, world->server_mode))
+ goto err;
+ return 1;
+ err:
+ tunala_world_del_item(world, world->tunnels_used - 1);
+ return 0;
+
+}
+
+static void tunala_world_del_item(tunala_world_t * world, unsigned int idx)
+{
+ tunala_item_t *item = world->tunnels + idx;
+ if (item->clean_read != -1)
+ close(item->clean_read);
+ if (item->clean_send != item->clean_read)
+ close(item->clean_send);
+ item->clean_read = item->clean_send = -1;
+ if (item->dirty_read != -1)
+ close(item->dirty_read);
+ if (item->dirty_send != item->dirty_read)
+ close(item->dirty_send);
+ item->dirty_read = item->dirty_send = -1;
+ state_machine_close(&item->sm);
+ /* OK, now we fix the item array */
+ if (idx + 1 < world->tunnels_used)
+ /* We need to scroll entries to the left */
+ memmove(world->tunnels + idx,
+ world->tunnels + (idx + 1),
+ (world->tunnels_used - (idx + 1)) * sizeof(tunala_item_t));
+ world->tunnels_used--;
+}
+
+static int tunala_item_io(tunala_selector_t * selector, tunala_item_t * item)
+{
+ int c_r, c_s, d_r, d_s; /* Four boolean flags */
+
+ /* Take ourselves out of the gene-pool if there was an except */
+ if ((item->clean_read != -1) && FD_ISSET(item->clean_read,
+ &selector->
+ last_selected.excepts))
+ return 0;
+ if ((item->clean_send != -1) && FD_ISSET(item->clean_send,
+ &selector->
+ last_selected.excepts))
+ return 0;
+ if ((item->dirty_read != -1) && FD_ISSET(item->dirty_read,
+ &selector->
+ last_selected.excepts))
+ return 0;
+ if ((item->dirty_send != -1) && FD_ISSET(item->dirty_send,
+ &selector->
+ last_selected.excepts))
+ return 0;
+ /* Grab our 4 IO flags */
+ c_r = c_s = d_r = d_s = 0;
+ if (item->clean_read != -1)
+ c_r = FD_ISSET(item->clean_read, &selector->last_selected.reads);
+ if (item->clean_send != -1)
+ c_s = FD_ISSET(item->clean_send, &selector->last_selected.sends);
+ if (item->dirty_read != -1)
+ d_r = FD_ISSET(item->dirty_read, &selector->last_selected.reads);
+ if (item->dirty_send != -1)
+ d_s = FD_ISSET(item->dirty_send, &selector->last_selected.sends);
+ /* If no IO has happened for us, skip needless data looping */
+ if (!c_r && !c_s && !d_r && !d_s)
+ return 1;
+ if (c_r)
+ c_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
+ SM_CLEAN_IN),
+ item->clean_read) <= 0);
+ if (c_s)
+ c_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
+ SM_CLEAN_OUT),
+ item->clean_send) <= 0);
+ if (d_r)
+ d_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
+ SM_DIRTY_IN),
+ item->dirty_read) <= 0);
+ if (d_s)
+ d_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
+ SM_DIRTY_OUT),
+ item->dirty_send) <= 0);
+ /* If any of the flags is non-zero, that means they need closing */
+ if (c_r) {
+ close(item->clean_read);
+ if (item->clean_send == item->clean_read)
+ item->clean_send = -1;
+ item->clean_read = -1;
+ }
+ if (c_s && (item->clean_send != -1)) {
+ close(item->clean_send);
+ if (item->clean_send == item->clean_read)
+ item->clean_read = -1;
+ item->clean_send = -1;
+ }
+ if (d_r) {
+ close(item->dirty_read);
+ if (item->dirty_send == item->dirty_read)
+ item->dirty_send = -1;
+ item->dirty_read = -1;
+ }
+ if (d_s && (item->dirty_send != -1)) {
+ close(item->dirty_send);
+ if (item->dirty_send == item->dirty_read)
+ item->dirty_read = -1;
+ item->dirty_send = -1;
+ }
+ /*
+ * This function name is attributed to the term donated by David Schwartz
+ * on openssl-dev, message-ID:
+ * <NCBBLIEPOCNJOAEKBEAKEEDGLIAA.davids at webmaster.com>. :-)
+ */
+ if (!state_machine_churn(&item->sm))
+ /*
+ * If the SSL closes, it will also zero-out the _in buffers and will
+ * in future process just outgoing data. As and when the outgoing
+ * data has gone, it will return zero here to tell us to bail out.
+ */
+ return 0;
+ /* Otherwise, we return zero if both sides are dead. */
+ if (((item->clean_read == -1) || (item->clean_send == -1)) &&
+ ((item->dirty_read == -1) || (item->dirty_send == -1)))
+ return 0;
+ /*
+ * If only one side closed, notify the SSL of this so it can take
+ * appropriate action.
+ */
+ if ((item->clean_read == -1) || (item->clean_send == -1)) {
+ if (!state_machine_close_clean(&item->sm))
+ return 0;
+ }
+ if ((item->dirty_read == -1) || (item->dirty_send == -1)) {
+ if (!state_machine_close_dirty(&item->sm))
+ return 0;
+ }
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/ciphers.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,629 +0,0 @@
-=pod
-
-=head1 NAME
-
-ciphers - SSL cipher display and cipher list tool.
-
-=head1 SYNOPSIS
-
-B<openssl> B<ciphers>
-[B<-v>]
-[B<-V>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<cipherlist>]
-
-=head1 DESCRIPTION
-
-The B<ciphers> command converts textual OpenSSL cipher lists into ordered
-SSL cipher preference lists. It can be used as a test tool to determine
-the appropriate cipherlist.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-v>
-
-Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
-authentication, encryption and mac algorithms used along with any key size
-restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.
-
-=item B<-V>
-
-Like B<-v>, but include cipher suite codes in output (hex format).
-
-=item B<-ssl3>
-
-only include SSL v3 ciphers.
-
-=item B<-ssl2>
-
-only include SSL v2 ciphers.
-
-=item B<-tls1>
-
-only include TLS v1 ciphers.
-
-=item B<-h>, B<-?>
-
-print a brief usage message.
-
-=item B<cipherlist>
-
-a cipher list to convert to a cipher preference list. If it is not included
-then the default cipher list will be used. The format is described below.
-
-=back
-
-=head1 CIPHER LIST FORMAT
-
-The cipher list consists of one or more I<cipher strings> separated by colons.
-Commas or spaces are also acceptable separators but colons are normally used.
-
-The actual cipher string can take several different forms.
-
-It can consist of a single cipher suite such as B<RC4-SHA>.
-
-It can represent a list of cipher suites containing a certain algorithm, or
-cipher suites of a certain type. For example B<SHA1> represents all ciphers
-suites using the digest algorithm SHA1 and B<SSLv3> represents all SSL v3
-algorithms.
-
-Lists of cipher suites can be combined in a single cipher string using the
-B<+> character. This is used as a logical B<and> operation. For example
-B<SHA1+DES> represents all cipher suites containing the SHA1 B<and> the DES
-algorithms.
-
-Each cipher string can be optionally preceded by the characters B<!>,
-B<-> or B<+>.
-
-If B<!> is used then the ciphers are permanently deleted from the list.
-The ciphers deleted can never reappear in the list even if they are
-explicitly stated.
-
-If B<-> is used then the ciphers are deleted from the list, but some or
-all of the ciphers can be added again by later options.
-
-If B<+> is used then the ciphers are moved to the end of the list. This
-option doesn't add any new ciphers it just moves matching existing ones.
-
-If none of these characters is present then the string is just interpreted
-as a list of ciphers to be appended to the current preference list. If the
-list includes any ciphers already present they will be ignored: that is they
-will not moved to the end of the list.
-
-Additionally the cipher string B<@STRENGTH> can be used at any point to sort
-the current cipher list in order of encryption algorithm key length.
-
-=head1 CIPHER STRINGS
-
-The following is a list of all permitted cipher strings and their meanings.
-
-=over 4
-
-=item B<DEFAULT>
-
-the default cipher list. This is determined at compile time and
-is normally B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2>. This must be the firstcipher string
-specified.
-
-=item B<COMPLEMENTOFDEFAULT>
-
-the ciphers included in B<ALL>, but not enabled by default. Currently
-this is B<ADH> and B<AECDH>. Note that this rule does not cover B<eNULL>,
-which is not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
-
-=item B<ALL>
-
-all cipher suites except the B<eNULL> ciphers which must be explicitly enabled;
-as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default
-
-=item B<COMPLEMENTOFALL>
-
-the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
-
-=item B<HIGH>
-
-"high" encryption cipher suites. This currently means those with key lengths larger
-than 128 bits, and some cipher suites with 128-bit keys.
-
-=item B<MEDIUM>
-
-"medium" encryption cipher suites, currently some of those using 128 bit encryption.
-
-=item B<LOW>
-
-"low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms
-but excluding export cipher suites.
-
-=item B<EXP>, B<EXPORT>
-
-export encryption algorithms. Including 40 and 56 bits algorithms.
-
-=item B<EXPORT40>
-
-40 bit export encryption algorithms
-
-=item B<EXPORT56>
-
-56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
-56 bit export ciphers is empty unless OpenSSL has been explicitly configured
-with support for experimental ciphers.
-
-=item B<eNULL>, B<NULL>
-
-the "NULL" ciphers that is those offering no encryption. Because these offer no
-encryption at all and are a security risk they are disabled unless explicitly
-included.
-
-=item B<aNULL>
-
-the cipher suites offering no authentication. This is currently the anonymous
-DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable
-to a "man in the middle" attack and so their use is normally discouraged.
-
-=item B<kRSA>, B<RSA>
-
-cipher suites using RSA key exchange.
-
-=item B<kDHr>, B<kDHd>, B<kDH>
-
-cipher suites using DH key agreement and DH certificates signed by CAs with RSA
-and DSS keys or either respectively. Not implemented.
-
-=item B<kEDH>
-
-cipher suites using ephemeral DH key agreement, including anonymous cipher
-suites.
-
-=item B<EDH>
-
-cipher suites using authenticated ephemeral DH key agreement.
-
-=item B<ADH>
-
-anonymous DH cipher suites, note that this does not include anonymous Elliptic
-Curve DH (ECDH) cipher suites.
-
-=item B<DH>
-
-cipher suites using DH, including anonymous DH, ephemeral DH and fixed DH.
-
-=item B<kECDHr>, B<kECDHe>, B<kECDH>
-
-cipher suites using fixed ECDH key agreement signed by CAs with RSA and ECDSA
-keys or either respectively.
-
-=item B<kEECDH>
-
-cipher suites using ephemeral ECDH key agreement, including anonymous
-cipher suites.
-
-=item B<EECDH>
-
-cipher suites using authenticated ephemeral ECDH key agreement.
-
-=item B<AECDH>
-
-anonymous Elliptic Curve Diffie Hellman cipher suites.
-
-=item B<ECDH>
-
-cipher suites using ECDH key exchange, including anonymous, ephemeral and
-fixed ECDH.
-
-=item B<aRSA>
-
-cipher suites using RSA authentication, i.e. the certificates carry RSA keys.
-
-=item B<aDSS>, B<DSS>
-
-cipher suites using DSS authentication, i.e. the certificates carry DSS keys.
-
-=item B<aDH>
-
-cipher suites effectively using DH authentication, i.e. the certificates carry
-DH keys. Not implemented.
-
-=item B<aECDH>
-
-cipher suites effectively using ECDH authentication, i.e. the certificates
-carry ECDH keys.
-
-=item B<aECDSA>, B<ECDSA>
-
-cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
-keys.
-
-=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
-
-ciphers suites using FORTEZZA key exchange, authentication, encryption or all
-FORTEZZA algorithms. Not implemented.
-
-=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
-
-TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
-there are no ciphersuites specific to TLS v1.1.
-
-=item B<AES128>, B<AES256>, B<AES>
-
-cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.
-
-=item B<AESGCM>
-
-AES in Galois Counter Mode (GCM): these ciphersuites are only supported
-in TLS v1.2.
-
-=item B<CAMELLIA128>, B<CAMELLIA256>, B<CAMELLIA>
-
-cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
-CAMELLIA.
-
-=item B<3DES>
-
-cipher suites using triple DES.
-
-=item B<DES>
-
-cipher suites using DES (not triple DES).
-
-=item B<RC4>
-
-cipher suites using RC4.
-
-=item B<RC2>
-
-cipher suites using RC2.
-
-=item B<IDEA>
-
-cipher suites using IDEA.
-
-=item B<SEED>
-
-cipher suites using SEED.
-
-=item B<MD5>
-
-cipher suites using MD5.
-
-=item B<SHA1>, B<SHA>
-
-cipher suites using SHA1.
-
-=item B<SHA256>, B<SHA384>
-
-ciphersuites using SHA256 or SHA384.
-
-=item B<aGOST>
-
-cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
-(needs an engine supporting GOST algorithms).
-
-=item B<aGOST01>
-
-cipher suites using GOST R 34.10-2001 authentication.
-
-=item B<aGOST94>
-
-cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
-standard has been expired so use GOST R 34.10-2001)
-
-=item B<kGOST>
-
-cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
-
-=item B<GOST94>
-
-cipher suites, using HMAC based on GOST R 34.11-94.
-
-=item B<GOST89MAC>
-
-cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
-
-=item B<PSK>
-
-cipher suites using pre-shared keys (PSK).
-
-=back
-
-=head1 CIPHER SUITE NAMES
-
-The following lists give the SSL or TLS cipher suites names from the
-relevant specification and their OpenSSL equivalents. It should be noted,
-that several cipher suite names do not include the authentication used,
-e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
-
-=head2 SSL v3.0 cipher suites.
-
- SSL_RSA_WITH_NULL_MD5 NULL-MD5
- SSL_RSA_WITH_NULL_SHA NULL-SHA
- SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
- SSL_RSA_WITH_RC4_128_MD5 RC4-MD5
- SSL_RSA_WITH_RC4_128_SHA RC4-SHA
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
- SSL_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
- SSL_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
- SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
- SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
-
- SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
- SSL_DH_DSS_WITH_DES_CBC_SHA Not implemented.
- SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
- SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
- SSL_DH_RSA_WITH_DES_CBC_SHA Not implemented.
- SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
- SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
- SSL_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
- SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
- SSL_DHE_RSA_WITH_DES_CBC_SHA EDH-RSA-DES-CBC-SHA
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA
-
- SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
- SSL_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
- SSL_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
-
- SSL_FORTEZZA_KEA_WITH_NULL_SHA Not implemented.
- SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented.
- SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented.
-
-=head2 TLS v1.0 cipher suites.
-
- TLS_RSA_WITH_NULL_MD5 NULL-MD5
- TLS_RSA_WITH_NULL_SHA NULL-SHA
- TLS_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
- TLS_RSA_WITH_RC4_128_MD5 RC4-MD5
- TLS_RSA_WITH_RC4_128_SHA RC4-SHA
- TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
- TLS_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
- TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
- TLS_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
-
- TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
- TLS_DH_DSS_WITH_DES_CBC_SHA Not implemented.
- TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
- TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_DES_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
- TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
- TLS_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
- TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
- TLS_DHE_RSA_WITH_DES_CBC_SHA EDH-RSA-DES-CBC-SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA
-
- TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
- TLS_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
- TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
- TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA
- TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
-
-=head2 AES ciphersuites from RFC3268, extending TLS v1.0
-
- TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
- TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
-
- TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented.
- TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented.
-
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE-RSA-AES128-SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE-RSA-AES256-SHA
-
- TLS_DH_anon_WITH_AES_128_CBC_SHA ADH-AES128-SHA
- TLS_DH_anon_WITH_AES_256_CBC_SHA ADH-AES256-SHA
-
-=head2 Camellia ciphersuites from RFC4132, extending TLS v1.0
-
- TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128-SHA
- TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256-SHA
-
- TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA Not implemented.
- TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA Not implemented.
-
- TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA DHE-DSS-CAMELLIA128-SHA
- TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA DHE-DSS-CAMELLIA256-SHA
- TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE-RSA-CAMELLIA128-SHA
- TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DHE-RSA-CAMELLIA256-SHA
-
- TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA
- TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA
-
-=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
-
- TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA
-
- TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented.
-
- TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA
- TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA
-
- TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA
-
-=head2 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
-
-Note: these ciphers require an engine which including GOST cryptographic
-algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution.
-
- TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
- TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
- TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
- TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
-
-=head2 Additional Export 1024 and other cipher suites
-
-Note: these ciphers can also be used in SSL v3.
-
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DES-CBC-SHA
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024-RC4-SHA
- TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
- TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA
- TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA
-
-=head2 Elliptic curve cipher suites.
-
- TLS_ECDH_RSA_WITH_NULL_SHA ECDH-RSA-NULL-SHA
- TLS_ECDH_RSA_WITH_RC4_128_SHA ECDH-RSA-RC4-SHA
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA ECDH-RSA-DES-CBC3-SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA ECDH-RSA-AES128-SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA ECDH-RSA-AES256-SHA
-
- TLS_ECDH_ECDSA_WITH_NULL_SHA ECDH-ECDSA-NULL-SHA
- TLS_ECDH_ECDSA_WITH_RC4_128_SHA ECDH-ECDSA-RC4-SHA
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA ECDH-ECDSA-DES-CBC3-SHA
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA ECDH-ECDSA-AES128-SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA ECDH-ECDSA-AES256-SHA
-
- TLS_ECDHE_RSA_WITH_NULL_SHA ECDHE-RSA-NULL-SHA
- TLS_ECDHE_RSA_WITH_RC4_128_SHA ECDHE-RSA-RC4-SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDHE-RSA-DES-CBC3-SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDHE-RSA-AES128-SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDHE-RSA-AES256-SHA
-
- TLS_ECDHE_ECDSA_WITH_NULL_SHA ECDHE-ECDSA-NULL-SHA
- TLS_ECDHE_ECDSA_WITH_RC4_128_SHA ECDHE-ECDSA-RC4-SHA
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA ECDHE-ECDSA-DES-CBC3-SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ECDHE-ECDSA-AES128-SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ECDHE-ECDSA-AES256-SHA
-
- TLS_ECDH_anon_WITH_NULL_SHA AECDH-NULL-SHA
- TLS_ECDH_anon_WITH_RC4_128_SHA AECDH-RC4-SHA
- TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA AECDH-DES-CBC3-SHA
- TLS_ECDH_anon_WITH_AES_128_CBC_SHA AECDH-AES128-SHA
- TLS_ECDH_anon_WITH_AES_256_CBC_SHA AECDH-AES256-SHA
-
-=head2 TLS v1.2 cipher suites
-
- TLS_RSA_WITH_NULL_SHA256 NULL-SHA256
-
- TLS_RSA_WITH_AES_128_CBC_SHA256 AES128-SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256 AES256-SHA256
- TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384
-
- TLS_DH_RSA_WITH_AES_128_CBC_SHA256 Not implemented.
- TLS_DH_RSA_WITH_AES_256_CBC_SHA256 Not implemented.
- TLS_DH_RSA_WITH_AES_128_GCM_SHA256 Not implemented.
- TLS_DH_RSA_WITH_AES_256_GCM_SHA384 Not implemented.
-
- TLS_DH_DSS_WITH_AES_128_CBC_SHA256 Not implemented.
- TLS_DH_DSS_WITH_AES_256_CBC_SHA256 Not implemented.
- TLS_DH_DSS_WITH_AES_128_GCM_SHA256 Not implemented.
- TLS_DH_DSS_WITH_AES_256_GCM_SHA384 Not implemented.
-
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DHE-RSA-AES128-SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DHE-RSA-AES256-SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 DHE-RSA-AES128-GCM-SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DHE-RSA-AES256-GCM-SHA384
-
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 DHE-DSS-AES128-SHA256
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 DHE-DSS-AES256-SHA256
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 DHE-DSS-AES128-GCM-SHA256
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 DHE-DSS-AES256-GCM-SHA384
-
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 ECDH-RSA-AES128-SHA256
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 ECDH-RSA-AES256-SHA384
- TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 ECDH-RSA-AES128-GCM-SHA256
- TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 ECDH-RSA-AES256-GCM-SHA384
-
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 ECDH-ECDSA-AES128-SHA256
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 ECDH-ECDSA-AES256-SHA384
- TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 ECDH-ECDSA-AES128-GCM-SHA256
- TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 ECDH-ECDSA-AES256-GCM-SHA384
-
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE-RSA-AES128-SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDHE-RSA-AES256-SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384
-
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE-ECDSA-AES128-SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 ECDHE-ECDSA-AES256-SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ECDHE-ECDSA-AES256-GCM-SHA384
-
- TLS_DH_anon_WITH_AES_128_CBC_SHA256 ADH-AES128-SHA256
- TLS_DH_anon_WITH_AES_256_CBC_SHA256 ADH-AES256-SHA256
- TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH-AES128-GCM-SHA256
- TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH-AES256-GCM-SHA384
-
-=head2 Pre shared keying (PSK) cipheruites
-
- TLS_PSK_WITH_RC4_128_SHA PSK-RC4-SHA
- TLS_PSK_WITH_3DES_EDE_CBC_SHA PSK-3DES-EDE-CBC-SHA
- TLS_PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
- TLS_PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
-
-=head2 Deprecated SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5
-
-=head1 NOTES
-
-The non-ephemeral DH modes are currently unimplemented in OpenSSL
-because there is no support for DH certificates.
-
-Some compiled versions of OpenSSL may not include all the ciphers
-listed here because some ciphers were excluded at compile time.
-
-=head1 EXAMPLES
-
-Verbose listing of all OpenSSL ciphers including NULL ciphers:
-
- openssl ciphers -v 'ALL:eNULL'
-
-Include all ciphers except NULL and anonymous DH then sort by
-strength:
-
- openssl ciphers -v 'ALL:!ADH:@STRENGTH'
-
-Include all ciphers except ones with no encryption (eNULL) or no
-authentication (aNULL):
-
- openssl ciphers -v 'ALL:!aNULL'
-
-Include only 3DES ciphers and then place RSA ciphers last:
-
- openssl ciphers -v '3DES:+RSA'
-
-Include all RC4 ciphers but leave out those without authentication:
-
- openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
-
-Include all chiphers with RSA authentication but leave out ciphers without
-encryption.
-
- openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
-
-=head1 SEE ALSO
-
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
-
-=head1 HISTORY
-
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
-for cipherlist strings were added in OpenSSL 0.9.7.
-The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/ciphers.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/ciphers.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,638 @@
+=pod
+
+=head1 NAME
+
+ciphers - SSL cipher display and cipher list tool.
+
+=head1 SYNOPSIS
+
+B<openssl> B<ciphers>
+[B<-v>]
+[B<-V>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-tls1>]
+[B<cipherlist>]
+
+=head1 DESCRIPTION
+
+The B<ciphers> command converts textual OpenSSL cipher lists into ordered
+SSL cipher preference lists. It can be used as a test tool to determine
+the appropriate cipherlist.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-v>
+
+Verbose option. List ciphers with a complete description of
+protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
+authentication, encryption and mac algorithms used along with any key size
+restrictions and whether the algorithm is classed as an "export" cipher.
+Note that without the B<-v> option, ciphers may seem to appear twice
+in a cipher list; this is when similar ciphers are available for
+SSL v2 and for SSL v3/TLS v1.
+
+=item B<-V>
+
+Like B<-v>, but include cipher suite codes in output (hex format).
+
+=item B<-ssl3>, B<-tls1>
+
+This lists ciphers compatible with any of SSLv3, TLSv1, TLSv1.1 or TLSv1.2.
+
+=item B<-ssl2>
+
+Only include SSLv2 ciphers.
+
+=item B<-h>, B<-?>
+
+Print a brief usage message.
+
+=item B<cipherlist>
+
+A cipher list to convert to a cipher preference list. If it is not included
+then the default cipher list will be used. The format is described below.
+
+=back
+
+=head1 CIPHER LIST FORMAT
+
+The cipher list consists of one or more I<cipher strings> separated by colons.
+Commas or spaces are also acceptable separators but colons are normally used.
+
+The actual cipher string can take several different forms.
+
+It can consist of a single cipher suite such as B<RC4-SHA>.
+
+It can represent a list of cipher suites containing a certain algorithm, or
+cipher suites of a certain type. For example B<SHA1> represents all ciphers
+suites using the digest algorithm SHA1 and B<SSLv3> represents all SSL v3
+algorithms.
+
+Lists of cipher suites can be combined in a single cipher string using the
+B<+> character. This is used as a logical B<and> operation. For example
+B<SHA1+DES> represents all cipher suites containing the SHA1 B<and> the DES
+algorithms.
+
+Each cipher string can be optionally preceded by the characters B<!>,
+B<-> or B<+>.
+
+If B<!> is used then the ciphers are permanently deleted from the list.
+The ciphers deleted can never reappear in the list even if they are
+explicitly stated.
+
+If B<-> is used then the ciphers are deleted from the list, but some or
+all of the ciphers can be added again by later options.
+
+If B<+> is used then the ciphers are moved to the end of the list. This
+option doesn't add any new ciphers it just moves matching existing ones.
+
+If none of these characters is present then the string is just interpreted
+as a list of ciphers to be appended to the current preference list. If the
+list includes any ciphers already present they will be ignored: that is they
+will not moved to the end of the list.
+
+Additionally the cipher string B<@STRENGTH> can be used at any point to sort
+the current cipher list in order of encryption algorithm key length.
+
+=head1 CIPHER STRINGS
+
+The following is a list of all permitted cipher strings and their meanings.
+
+=over 4
+
+=item B<DEFAULT>
+
+The default cipher list.
+This is determined at compile time and is normally
+B<ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2>.
+When used, this must be the first cipherstring specified.
+
+=item B<COMPLEMENTOFDEFAULT>
+
+the ciphers included in B<ALL>, but not enabled by default. Currently
+this is B<ADH> and B<AECDH>. Note that this rule does not cover B<eNULL>,
+which is not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
+
+=item B<ALL>
+
+all cipher suites except the B<eNULL> ciphers which must be explicitly enabled;
+as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default
+
+=item B<COMPLEMENTOFALL>
+
+the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
+
+=item B<HIGH>
+
+"high" encryption cipher suites. This currently means those with key lengths larger
+than 128 bits, and some cipher suites with 128-bit keys.
+
+=item B<MEDIUM>
+
+"medium" encryption cipher suites, currently some of those using 128 bit encryption.
+
+=item B<LOW>
+
+Low strength encryption cipher suites, currently those using 64 or 56 bit
+encryption algorithms but excluding export cipher suites.
+As of OpenSSL 1.0.1s, these are disabled in default builds.
+
+=item B<EXP>, B<EXPORT>
+
+Export strength encryption algorithms. Including 40 and 56 bits algorithms.
+As of OpenSSL 1.0.1s, these are disabled in default builds.
+
+=item B<EXPORT40>
+
+40-bit export encryption algorithms
+As of OpenSSL 1.0.1s, these are disabled in default builds.
+
+=item B<EXPORT56>
+
+56-bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
+56 bit export ciphers is empty unless OpenSSL has been explicitly configured
+with support for experimental ciphers.
+As of OpenSSL 1.0.1s, these are disabled in default builds.
+
+=item B<eNULL>, B<NULL>
+
+The "NULL" ciphers that is those offering no encryption. Because these offer no
+encryption at all and are a security risk they are not enabled via either the
+B<DEFAULT> or B<ALL> cipher strings.
+Be careful when building cipherlists out of lower-level primitives such as
+B<kRSA> or B<aECDSA> as these do overlap with the B<eNULL> ciphers.
+When in doubt, include B<!eNULL> in your cipherlist.
+
+=item B<aNULL>
+
+The cipher suites offering no authentication. This is currently the anonymous
+DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable
+to a "man in the middle" attack and so their use is normally discouraged.
+These are excluded from the B<DEFAULT> ciphers, but included in the B<ALL>
+ciphers.
+Be careful when building cipherlists out of lower-level primitives such as
+B<kDHE> or B<AES> as these do overlap with the B<aNULL> ciphers.
+When in doubt, include B<!aNULL> in your cipherlist.
+
+=item B<kRSA>, B<RSA>
+
+cipher suites using RSA key exchange.
+
+=item B<kDHr>, B<kDHd>, B<kDH>
+
+cipher suites using DH key agreement and DH certificates signed by CAs with RSA
+and DSS keys or either respectively. Not implemented.
+
+=item B<kEDH>
+
+cipher suites using ephemeral DH key agreement, including anonymous cipher
+suites.
+
+=item B<EDH>
+
+cipher suites using authenticated ephemeral DH key agreement.
+
+=item B<ADH>
+
+anonymous DH cipher suites, note that this does not include anonymous Elliptic
+Curve DH (ECDH) cipher suites.
+
+=item B<DH>
+
+cipher suites using DH, including anonymous DH, ephemeral DH and fixed DH.
+
+=item B<kECDHr>, B<kECDHe>, B<kECDH>
+
+cipher suites using fixed ECDH key agreement signed by CAs with RSA and ECDSA
+keys or either respectively.
+
+=item B<kEECDH>
+
+cipher suites using ephemeral ECDH key agreement, including anonymous
+cipher suites.
+
+=item B<EECDH>
+
+cipher suites using authenticated ephemeral ECDH key agreement.
+
+=item B<AECDH>
+
+anonymous Elliptic Curve Diffie Hellman cipher suites.
+
+=item B<ECDH>
+
+cipher suites using ECDH key exchange, including anonymous, ephemeral and
+fixed ECDH.
+
+=item B<aRSA>
+
+cipher suites using RSA authentication, i.e. the certificates carry RSA keys.
+
+=item B<aDSS>, B<DSS>
+
+cipher suites using DSS authentication, i.e. the certificates carry DSS keys.
+
+=item B<aDH>
+
+cipher suites effectively using DH authentication, i.e. the certificates carry
+DH keys. Not implemented.
+
+=item B<aECDH>
+
+cipher suites effectively using ECDH authentication, i.e. the certificates
+carry ECDH keys.
+
+=item B<aECDSA>, B<ECDSA>
+
+cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
+keys.
+
+=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
+
+ciphers suites using FORTEZZA key exchange, authentication, encryption or all
+FORTEZZA algorithms. Not implemented.
+
+=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
+
+TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
+there are no ciphersuites specific to TLS v1.1.
+
+=item B<AES128>, B<AES256>, B<AES>
+
+cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.
+
+=item B<AESGCM>
+
+AES in Galois Counter Mode (GCM): these ciphersuites are only supported
+in TLS v1.2.
+
+=item B<CAMELLIA128>, B<CAMELLIA256>, B<CAMELLIA>
+
+cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
+CAMELLIA.
+
+=item B<3DES>
+
+cipher suites using triple DES.
+
+=item B<DES>
+
+cipher suites using DES (not triple DES).
+
+=item B<RC4>
+
+cipher suites using RC4.
+
+=item B<RC2>
+
+cipher suites using RC2.
+
+=item B<IDEA>
+
+cipher suites using IDEA.
+
+=item B<SEED>
+
+cipher suites using SEED.
+
+=item B<MD5>
+
+cipher suites using MD5.
+
+=item B<SHA1>, B<SHA>
+
+cipher suites using SHA1.
+
+=item B<SHA256>, B<SHA384>
+
+ciphersuites using SHA256 or SHA384.
+
+=item B<aGOST>
+
+cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
+(needs an engine supporting GOST algorithms).
+
+=item B<aGOST01>
+
+cipher suites using GOST R 34.10-2001 authentication.
+
+=item B<aGOST94>
+
+cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
+standard has been expired so use GOST R 34.10-2001)
+
+=item B<kGOST>
+
+cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
+
+=item B<GOST94>
+
+cipher suites, using HMAC based on GOST R 34.11-94.
+
+=item B<GOST89MAC>
+
+cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
+
+=item B<PSK>
+
+cipher suites using pre-shared keys (PSK).
+
+=back
+
+=head1 CIPHER SUITE NAMES
+
+The following lists give the SSL or TLS cipher suites names from the
+relevant specification and their OpenSSL equivalents. It should be noted,
+that several cipher suite names do not include the authentication used,
+e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
+
+=head2 SSL v3.0 cipher suites.
+
+ SSL_RSA_WITH_NULL_MD5 NULL-MD5
+ SSL_RSA_WITH_NULL_SHA NULL-SHA
+ SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
+ SSL_RSA_WITH_RC4_128_MD5 RC4-MD5
+ SSL_RSA_WITH_RC4_128_SHA RC4-SHA
+ SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
+ SSL_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
+ SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
+
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
+ SSL_DH_DSS_WITH_DES_CBC_SHA Not implemented.
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
+ SSL_DH_RSA_WITH_DES_CBC_SHA Not implemented.
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
+ SSL_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
+ SSL_DHE_RSA_WITH_DES_CBC_SHA EDH-RSA-DES-CBC-SHA
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA
+
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
+ SSL_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
+ SSL_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
+
+ SSL_FORTEZZA_KEA_WITH_NULL_SHA Not implemented.
+ SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented.
+ SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented.
+
+=head2 TLS v1.0 cipher suites.
+
+ TLS_RSA_WITH_NULL_MD5 NULL-MD5
+ TLS_RSA_WITH_NULL_SHA NULL-SHA
+ TLS_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
+ TLS_RSA_WITH_RC4_128_MD5 RC4-MD5
+ TLS_RSA_WITH_RC4_128_SHA RC4-SHA
+ TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
+ TLS_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
+ TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
+ TLS_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
+
+ TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_DES_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
+ TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_DES_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
+ TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
+ TLS_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
+ TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
+ TLS_DHE_RSA_WITH_DES_CBC_SHA EDH-RSA-DES-CBC-SHA
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA
+
+ TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
+ TLS_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
+ TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
+ TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA
+ TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
+
+=head2 AES ciphersuites from RFC3268, extending TLS v1.0
+
+ TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
+ TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented.
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE-RSA-AES128-SHA
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE-RSA-AES256-SHA
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA ADH-AES128-SHA
+ TLS_DH_anon_WITH_AES_256_CBC_SHA ADH-AES256-SHA
+
+=head2 Camellia ciphersuites from RFC4132, extending TLS v1.0
+
+ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128-SHA
+ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256-SHA
+
+ TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA Not implemented.
+
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA DHE-DSS-CAMELLIA128-SHA
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA DHE-DSS-CAMELLIA256-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE-RSA-CAMELLIA128-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DHE-RSA-CAMELLIA256-SHA
+
+ TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA
+ TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA
+
+=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
+
+ TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented.
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA
+
+=head2 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
+
+Note: these ciphers require an engine which including GOST cryptographic
+algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution.
+
+ TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
+ TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
+ TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
+ TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
+
+=head2 Additional Export 1024 and other cipher suites
+
+Note: these ciphers can also be used in SSL v3.
+
+ TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DES-CBC-SHA
+ TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024-RC4-SHA
+ TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
+ TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA
+ TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA
+
+=head2 Elliptic curve cipher suites.
+
+ TLS_ECDH_RSA_WITH_NULL_SHA ECDH-RSA-NULL-SHA
+ TLS_ECDH_RSA_WITH_RC4_128_SHA ECDH-RSA-RC4-SHA
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA ECDH-RSA-DES-CBC3-SHA
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA ECDH-RSA-AES128-SHA
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA ECDH-RSA-AES256-SHA
+
+ TLS_ECDH_ECDSA_WITH_NULL_SHA ECDH-ECDSA-NULL-SHA
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA ECDH-ECDSA-RC4-SHA
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA ECDH-ECDSA-DES-CBC3-SHA
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA ECDH-ECDSA-AES128-SHA
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA ECDH-ECDSA-AES256-SHA
+
+ TLS_ECDHE_RSA_WITH_NULL_SHA ECDHE-RSA-NULL-SHA
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA ECDHE-RSA-RC4-SHA
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDHE-RSA-DES-CBC3-SHA
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDHE-RSA-AES128-SHA
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDHE-RSA-AES256-SHA
+
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA ECDHE-ECDSA-NULL-SHA
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA ECDHE-ECDSA-RC4-SHA
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA ECDHE-ECDSA-DES-CBC3-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ECDHE-ECDSA-AES128-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ECDHE-ECDSA-AES256-SHA
+
+ TLS_ECDH_anon_WITH_NULL_SHA AECDH-NULL-SHA
+ TLS_ECDH_anon_WITH_RC4_128_SHA AECDH-RC4-SHA
+ TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA AECDH-DES-CBC3-SHA
+ TLS_ECDH_anon_WITH_AES_128_CBC_SHA AECDH-AES128-SHA
+ TLS_ECDH_anon_WITH_AES_256_CBC_SHA AECDH-AES256-SHA
+
+=head2 TLS v1.2 cipher suites
+
+ TLS_RSA_WITH_NULL_SHA256 NULL-SHA256
+
+ TLS_RSA_WITH_AES_128_CBC_SHA256 AES128-SHA256
+ TLS_RSA_WITH_AES_256_CBC_SHA256 AES256-SHA256
+ TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256
+ TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384
+
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA256 Not implemented.
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA256 Not implemented.
+ TLS_DH_RSA_WITH_AES_128_GCM_SHA256 Not implemented.
+ TLS_DH_RSA_WITH_AES_256_GCM_SHA384 Not implemented.
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA256 Not implemented.
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA256 Not implemented.
+ TLS_DH_DSS_WITH_AES_128_GCM_SHA256 Not implemented.
+ TLS_DH_DSS_WITH_AES_256_GCM_SHA384 Not implemented.
+
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DHE-RSA-AES128-SHA256
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DHE-RSA-AES256-SHA256
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 DHE-RSA-AES128-GCM-SHA256
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DHE-RSA-AES256-GCM-SHA384
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 DHE-DSS-AES128-SHA256
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 DHE-DSS-AES256-SHA256
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 DHE-DSS-AES128-GCM-SHA256
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 DHE-DSS-AES256-GCM-SHA384
+
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 ECDH-RSA-AES128-SHA256
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 ECDH-RSA-AES256-SHA384
+ TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 ECDH-RSA-AES128-GCM-SHA256
+ TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 ECDH-RSA-AES256-GCM-SHA384
+
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 ECDH-ECDSA-AES128-SHA256
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 ECDH-ECDSA-AES256-SHA384
+ TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 ECDH-ECDSA-AES128-GCM-SHA256
+ TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 ECDH-ECDSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE-RSA-AES128-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDHE-RSA-AES256-SHA384
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE-ECDSA-AES128-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 ECDHE-ECDSA-AES256-SHA384
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ECDHE-ECDSA-AES256-GCM-SHA384
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA256 ADH-AES128-SHA256
+ TLS_DH_anon_WITH_AES_256_CBC_SHA256 ADH-AES256-SHA256
+ TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH-AES128-GCM-SHA256
+ TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH-AES256-GCM-SHA384
+
+=head2 Pre shared keying (PSK) cipheruites
+
+ TLS_PSK_WITH_RC4_128_SHA PSK-RC4-SHA
+ TLS_PSK_WITH_3DES_EDE_CBC_SHA PSK-3DES-EDE-CBC-SHA
+ TLS_PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
+ TLS_PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
+
+=head2 Deprecated SSL v2.0 cipher suites.
+
+ SSL_CK_RC4_128_WITH_MD5 RC4-MD5
+ SSL_CK_RC4_128_EXPORT40_WITH_MD5 Not implemented.
+ SSL_CK_RC2_128_CBC_WITH_MD5 RC2-CBC-MD5
+ SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 Not implemented.
+ SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5
+ SSL_CK_DES_64_CBC_WITH_MD5 Not implemented.
+ SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5
+
+=head1 NOTES
+
+The non-ephemeral DH modes are currently unimplemented in OpenSSL
+because there is no support for DH certificates.
+
+Some compiled versions of OpenSSL may not include all the ciphers
+listed here because some ciphers were excluded at compile time.
+
+=head1 EXAMPLES
+
+Verbose listing of all OpenSSL ciphers including NULL ciphers:
+
+ openssl ciphers -v 'ALL:eNULL'
+
+Include all ciphers except NULL and anonymous DH then sort by
+strength:
+
+ openssl ciphers -v 'ALL:!ADH:@STRENGTH'
+
+Include all ciphers except ones with no encryption (eNULL) or no
+authentication (aNULL):
+
+ openssl ciphers -v 'ALL:!aNULL'
+
+Include only 3DES ciphers and then place RSA ciphers last:
+
+ openssl ciphers -v '3DES:+RSA'
+
+Include all RC4 ciphers but leave out those without authentication:
+
+ openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
+
+Include all chiphers with RSA authentication but leave out ciphers without
+encryption.
+
+ openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
+
+=head1 SEE ALSO
+
+L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
+
+=head1 HISTORY
+
+The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
+for cipherlist strings were added in OpenSSL 0.9.7.
+The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/cms.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,620 +0,0 @@
-=pod
-
-=head1 NAME
-
-cms - CMS utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<cms>
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-sign>]
-[B<-verify>]
-[B<-cmsout>]
-[B<-resign>]
-[B<-data_create>]
-[B<-data_out>]
-[B<-digest_create>]
-[B<-digest_verify>]
-[B<-compress>]
-[B<-uncompress>]
-[B<-EncryptedData_encrypt>]
-[B<-sign_receipt>]
-[B<-verify_receipt receipt>]
-[B<-in filename>]
-[B<-inform SMIME|PEM|DER>]
-[B<-rctform SMIME|PEM|DER>]
-[B<-out filename>]
-[B<-outform SMIME|PEM|DER>]
-[B<-stream -indef -noindef>]
-[B<-noindef>]
-[B<-content filename>]
-[B<-text>]
-[B<-noout>]
-[B<-print>]
-[B<-CAfile file>]
-[B<-CApath dir>]
-[B<-no_alt_chains>]
-[B<-md digest>]
-[B<-[cipher]>]
-[B<-nointern>]
-[B<-no_signer_cert_verify>]
-[B<-nocerts>]
-[B<-noattr>]
-[B<-nosmimecap>]
-[B<-binary>]
-[B<-nodetach>]
-[B<-certfile file>]
-[B<-certsout file>]
-[B<-signer file>]
-[B<-recip file>]
-[B<-keyid>]
-[B<-receipt_request_all -receipt_request_first>]
-[B<-receipt_request_from emailaddress>]
-[B<-receipt_request_to emailaddress>]
-[B<-receipt_request_print>]
-[B<-secretkey key>]
-[B<-secretkeyid id>]
-[B<-econtent_type type>]
-[B<-inkey file>]
-[B<-passin arg>]
-[B<-rand file(s)>]
-[B<cert.pem...>]
-[B<-to addr>]
-[B<-from addr>]
-[B<-subject subj>]
-[cert.pem]...
-
-=head1 DESCRIPTION
-
-The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
-verify, compress and uncompress S/MIME messages.
-
-=head1 COMMAND OPTIONS
-
-There are fourteen operation options that set the type of operation to be
-performed. The meaning of the other options varies according to the operation
-type.
-
-=over 4
-
-=item B<-encrypt>
-
-encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format. The
-actual CMS type is <B>EnvelopedData<B>.
-
-=item B<-decrypt>
-
-decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
-
-=item B<-debug_decrypt>
-
-this option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
-with caution: see the notes section below.
-
-=item B<-sign>
-
-sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
-
-=item B<-verify>
-
-verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
-
-=item B<-cmsout>
-
-takes an input message and writes out a PEM encoded CMS structure.
-
-=item B<-resign>
-
-resign a message: take an existing message and one or more new signers.
-
-=item B<-data_create>
-
-Create a CMS B<Data> type.
-
-=item B<-data_out>
-
-B<Data> type and output the content.
-
-=item B<-digest_create>
-
-Create a CMS B<DigestedData> type.
-
-=item B<-digest_verify>
-
-Verify a CMS B<DigestedData> type and output the content.
-
-=item B<-compress>
-
-Create a CMS B<CompressedData> type. OpenSSL must be compiled with B<zlib>
-support for this option to work, otherwise it will output an error.
-
-=item B<-uncompress>
-
-Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
-compiled with B<zlib> support for this option to work, otherwise it will
-output an error.
-
-=item B<-EncryptedData_encrypt>
-
-Encrypt content using supplied symmetric key and algorithm using a CMS
-B<EncrytedData> type and output the content.
-
-=item B<-sign_receipt>
-
-Generate and output a signed receipt for the supplied message. The input
-message B<must> contain a signed receipt request. Functionality is otherwise
-similar to the B<-sign> operation.
-
-=item B<-verify_receipt receipt>
-
-Verify a signed receipt in filename B<receipt>. The input message B<must>
-contain the original receipt request. Functionality is otherwise similar
-to the B<-verify> operation.
-
-=item B<-in filename>
-
-the input message to be encrypted or signed or the message to be decrypted
-or verified.
-
-=item B<-inform SMIME|PEM|DER>
-
-this specifies the input format for the CMS structure. The default
-is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
-format change this to expect PEM and DER format CMS structures
-instead. This currently only affects the input format of the CMS
-structure, if no CMS structure is being input (for example with
-B<-encrypt> or B<-sign>) this option has no effect.
-
-=item B<-rctform SMIME|PEM|DER>
-
-specify the format for a signed receipt for use with the B<-receipt_verify>
-operation.
-
-=item B<-out filename>
-
-the message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
-
-=item B<-outform SMIME|PEM|DER>
-
-this specifies the output format for the CMS structure. The default
-is B<SMIME> which writes an S/MIME format message. B<PEM> and B<DER>
-format change this to write PEM and DER format CMS structures
-instead. This currently only affects the output format of the CMS
-structure, if no CMS structure is being output (for example with
-B<-verify> or B<-decrypt>) this option has no effect.
-
-=item B<-stream -indef -noindef>
-
-the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
-for encoding operations. This permits single pass processing of data without
-the need to hold the entire contents in memory, potentially supporting very
-large files. Streaming is automatically set for S/MIME signing with detached
-data if the output format is B<SMIME> it is currently off by default for all
-other operations.
-
-=item B<-noindef>
-
-disable streaming I/O where it would produce and indefinite length constructed
-encoding. This option currently has no effect. In future streaming will be
-enabled by default on all relevant operations and this option will disable it.
-
-=item B<-content filename>
-
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the CMS
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
-
-=item B<-text>
-
-this option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME
-type text/plain then an error occurs.
-
-=item B<-noout>
-
-for the B<-cmsout> operation do not output the parsed CMS structure. This
-is useful when combined with the B<-print> option or if the syntax of the CMS
-structure is being checked.
-
-=item B<-print>
-
-for the B<-cmsout> operation print out all fields of the CMS structure. This
-is mainly useful for testing purposes.
-
-=item B<-CAfile file>
-
-a file containing trusted CA certificates, only used with B<-verify>.
-
-=item B<-CApath dir>
-
-a directory containing trusted CA certificates, only used with
-B<-verify>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=item B<-md digest>
-
-digest algorithm to use when signing or resigning. If not present then the
-default digest algorithm for the signing key will be used (usually SHA1).
-
-=item B<-[cipher]>
-
-the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
-or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
-example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for a list of ciphers
-supported by your version of OpenSSL.
-
-If not specified triple DES is used. Only used with B<-encrypt> and
-B<-EncryptedData_create> commands.
-
-=item B<-nointern>
-
-when verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
-
-=item B<-no_signer_cert_verify>
-
-do not verify the signers certificate of a signed message.
-
-=item B<-nocerts>
-
-when signing a message the signer's certificate is normally included
-with this option it is excluded. This will reduce the size of the
-signed message but the verifier must have a copy of the signers certificate
-available locally (passed using the B<-certfile> option for example).
-
-=item B<-noattr>
-
-normally when a message is signed a set of attributes are included which
-include the signing time and supported symmetric algorithms. With this
-option they are not included.
-
-=item B<-nosmimecap>
-
-exclude the list of supported algorithms from signed attributes, other options
-such as signing time and content type are still included.
-
-=item B<-binary>
-
-normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-nodetach>
-
-when signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME. Without this option cleartext signing with
-the MIME type multipart/signed is used.
-
-=item B<-certfile file>
-
-allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates. The certificates should be in PEM format.
-
-=item B<-certsout file>
-
-any certificates contained in the message are written to B<file>.
-
-=item B<-signer file>
-
-a signing certificate when signing or resigning a message, this option can be
-used multiple times if more than one signer is required. If a message is being
-verified then the signers certificates will be written to this file if the
-verification was successful.
-
-=item B<-recip file>
-
-the recipients certificate when decrypting a message. This certificate
-must match one of the recipients of the message or an error occurs.
-
-=item B<-keyid>
-
-use subject key identifier to identify certificates instead of issuer name and
-serial number. The supplied certificate B<must> include a subject key
-identifier extension. Supported by B<-sign> and B<-encrypt> options.
-
-=item B<-receipt_request_all -receipt_request_first>
-
-for B<-sign> option include a signed receipt request. Indicate requests should
-be provided by all receipient or first tier recipients (those mailed directly
-and not from a mailing list). Ignored it B<-receipt_request_from> is included.
-
-=item B<-receipt_request_from emailaddress>
-
-for B<-sign> option include a signed receipt request. Add an explicit email
-address where receipts should be supplied.
-
-=item B<-receipt_request_to emailaddress>
-
-Add an explicit email address where signed receipts should be sent to. This
-option B<must> but supplied if a signed receipt it requested.
-
-=item B<-receipt_request_print>
-
-For the B<-verify> operation print out the contents of any signed receipt
-requests.
-
-=item B<-secretkey key>
-
-specify symmetric key to use. The key must be supplied in hex format and be
-consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
-B<-EncrryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
-with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
-content encryption key using an AES key in the B<KEKRecipientInfo> type.
-
-=item B<-secretkeyid id>
-
-the key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
-This option B<must> be present if the B<-secretkey> option is used with
-B<-encrypt>. With B<-decrypt> operations the B<id> is used to locate the
-relevant key if it is not supplied then an attempt is used to decrypt any
-B<KEKRecipientInfo> structures.
-
-=item B<-econtent_type type>
-
-set the encapsulated content type to B<type> if not supplied the B<Data> type
-is used. The B<type> argument can be any valid OID name in either text or
-numerical format.
-
-=item B<-inkey file>
-
-the private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file. When signing this option can be used
-multiple times to specify successive keys.
-
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<cert.pem...>
-
-one or more certificates of message recipients: used when encrypting
-a message.
-
-=item B<-to, -from, -subject>
-
-the relevant mail headers. These are included outside the signed
-portion of a message so they may be included manually. If signing
-then many S/MIME mail clients check the signers certificate's email
-address matches that specified in the From: address.
-
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
-
-Set various certificate chain valiadition option. See the
-L<B<verify>|verify(1)> manual page for details.
-
-=back
-
-=head1 NOTES
-
-The MIME message must be sent without any blank lines between the
-headers and the output. Some mail programs will automatically add
-a blank line. Piping the mail directly to sendmail is one way to
-achieve the correct format.
-
-The supplied message to be signed or encrypted must include the
-necessary MIME headers or many S/MIME clients wont display it
-properly (if at all). You can use the B<-text> option to automatically
-add plain text headers.
-
-A "signed and encrypted" message is one where a signed message is
-then encrypted. This can be produced by encrypting an already signed
-message: see the examples section.
-
-This version of the program only allows one signer per message but it
-will verify multiple signers on received messages. Some S/MIME clients
-choke if a message contains multiple signers. It is possible to sign
-messages "in parallel" by signing an already signed message.
-
-The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
-clients. Strictly speaking these process CMS enveloped data: CMS
-encrypted data is used for other purposes.
-
-The B<-resign> option uses an existing message digest when adding a new
-signer. This means that attributes must be present in at least one existing
-signer using the same message digest or this operation will fail.
-
-The B<-stream> and B<-indef> options enable experimental streaming I/O support.
-As a result the encoding is BER using indefinite length constructed encoding
-and no longer DER. Streaming is supported for the B<-encrypt> operation and the
-B<-sign> operation if the content is not detached.
-
-Streaming is always used for the B<-sign> operation with detached data but
-since the content is no longer part of the CMS structure the encoding
-remains DER.
-
-If the B<-decrypt> option is used without a recipient certificate then an
-attempt is made to locate the recipient by trying each potential recipient
-in turn using the supplied private key. To thwart the MMA attack
-(Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) all recipients are
-tried whether they succeed or not and if no recipients match the message
-is "decrypted" using a random key which will typically output garbage.
-The B<-debug_decrypt> option can be used to disable the MMA attack protection
-and return an error if no recipient can be found: this option should be used
-with caution. For a fuller description see L<CMS_decrypt(3)|CMS_decrypt(3)>).
-
-=head1 EXIT CODES
-
-=over 4
-
-=item Z<>0
-
-the operation was completely successfully.
-
-=item Z<>1
-
-an error occurred parsing the command options.
-
-=item Z<>2
-
-one of the input files could not be read.
-
-=item Z<>3
-
-an error occurred creating the CMS file or when reading the MIME
-message.
-
-=item Z<>4
-
-an error occurred decrypting or verifying the message.
-
-=item Z<>5
-
-the message was verified correctly but an error occurred writing out
-the signers certificates.
-
-=back
-
-=head1 COMPATIBILITY WITH PKCS#7 format.
-
-The B<smime> utility can only process the older B<PKCS#7> format. The B<cms>
-utility supports Cryptographic Message Syntax format. Use of some features
-will result in messages which cannot be processed by applications which only
-support the older format. These are detailed below.
-
-The use of the B<-keyid> option with B<-sign> or B<-encrypt>.
-
-The B<-outform PEM> option uses different headers.
-
-The B<-compress> option.
-
-The B<-secretkey> option when used with B<-encrypt>.
-
-Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
-be processed by the older B<smime> command.
-
-=head1 EXAMPLES
-
-Create a cleartext signed message:
-
- openssl cms -sign -in message.txt -text -out mail.msg \
- -signer mycert.pem
-
-Create an opaque signed message
-
- openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
- -signer mycert.pem
-
-Create a signed message, include some additional certificates and
-read the private key from another file:
-
- openssl cms -sign -in in.txt -text -out mail.msg \
- -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
-
-Create a signed message with two signers, use key identifier:
-
- openssl cms -sign -in message.txt -text -out mail.msg \
- -signer mycert.pem -signer othercert.pem -keyid
-
-Send a signed message under Unix directly to sendmail, including headers:
-
- openssl cms -sign -in in.txt -text -signer mycert.pem \
- -from steve at openssl.org -to someone at somewhere \
- -subject "Signed message" | sendmail someone at somewhere
-
-Verify a message and extract the signer's certificate if successful:
-
- openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt
-
-Send encrypted mail using triple DES:
-
- openssl cms -encrypt -in in.txt -from steve at openssl.org \
- -to someone at somewhere -subject "Encrypted message" \
- -des3 user.pem -out mail.msg
-
-Sign and encrypt mail:
-
- openssl cms -sign -in ml.txt -signer my.pem -text \
- | openssl cms -encrypt -out mail.msg \
- -from steve at openssl.org -to someone at somewhere \
- -subject "Signed and Encrypted message" -des3 user.pem
-
-Note: the encryption command does not include the B<-text> option because the
-message being encrypted already has MIME headers.
-
-Decrypt mail:
-
- openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
-
-The output from Netscape form signing is a PKCS#7 structure with the
-detached signature format. You can use this program to verify the
-signature by line wrapping the base64 encoded structure and surrounding
-it with:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-and using the command,
-
- openssl cms -verify -inform PEM -in signature.pem -content content.txt
-
-alternatively you can base64 decode the signature and use
-
- openssl cms -verify -inform DER -in signature.der -content content.txt
-
-Create an encrypted message using 128 bit Camellia:
-
- openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
-
-Add a signer to an existing message:
-
- openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
-
-=head1 BUGS
-
-The MIME parser isn't very clever: it seems to handle most messages that I've
-thrown at it but it may choke on others.
-
-The code currently will only write out the signer's certificate to a file: if
-the signer has a separate encryption certificate this must be manually
-extracted. There should be some heuristic that determines the correct
-encryption certificate.
-
-Ideally a database should be maintained of a certificates for each email
-address.
-
-The code doesn't currently take note of the permitted symmetric encryption
-algorithms as supplied in the SMIMECapabilities signed attribute. this means the
-user has to manually include the correct encryption algorithm. It should store
-the list of permitted ciphers in a database and only use those.
-
-No revocation checking is done on the signer's certificate.
-
-=head1 HISTORY
-
-The use of multiple B<-signer> options and the B<-resign> command were first
-added in OpenSSL 1.0.0
-
-
-The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/cms.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/cms.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,623 @@
+=pod
+
+=head1 NAME
+
+cms - CMS utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<cms>
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-sign>]
+[B<-verify>]
+[B<-cmsout>]
+[B<-resign>]
+[B<-data_create>]
+[B<-data_out>]
+[B<-digest_create>]
+[B<-digest_verify>]
+[B<-compress>]
+[B<-uncompress>]
+[B<-EncryptedData_encrypt>]
+[B<-sign_receipt>]
+[B<-verify_receipt receipt>]
+[B<-in filename>]
+[B<-inform SMIME|PEM|DER>]
+[B<-rctform SMIME|PEM|DER>]
+[B<-out filename>]
+[B<-outform SMIME|PEM|DER>]
+[B<-stream -indef -noindef>]
+[B<-noindef>]
+[B<-content filename>]
+[B<-text>]
+[B<-noout>]
+[B<-print>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-no_alt_chains>]
+[B<-md digest>]
+[B<-[cipher]>]
+[B<-nointern>]
+[B<-no_signer_cert_verify>]
+[B<-nocerts>]
+[B<-noattr>]
+[B<-nosmimecap>]
+[B<-binary>]
+[B<-nodetach>]
+[B<-certfile file>]
+[B<-certsout file>]
+[B<-signer file>]
+[B<-recip file>]
+[B<-keyid>]
+[B<-receipt_request_all -receipt_request_first>]
+[B<-receipt_request_from emailaddress>]
+[B<-receipt_request_to emailaddress>]
+[B<-receipt_request_print>]
+[B<-secretkey key>]
+[B<-secretkeyid id>]
+[B<-econtent_type type>]
+[B<-inkey file>]
+[B<-passin arg>]
+[B<-rand file(s)>]
+[B<cert.pem...>]
+[B<-to addr>]
+[B<-from addr>]
+[B<-subject subj>]
+[cert.pem]...
+
+=head1 DESCRIPTION
+
+The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
+verify, compress and uncompress S/MIME messages.
+
+=head1 COMMAND OPTIONS
+
+There are fourteen operation options that set the type of operation to be
+performed. The meaning of the other options varies according to the operation
+type.
+
+=over 4
+
+=item B<-encrypt>
+
+encrypt mail for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted mail in MIME format. The
+actual CMS type is <B>EnvelopedData<B>.
+
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
+
+=item B<-decrypt>
+
+decrypt mail using the supplied certificate and private key. Expects an
+encrypted mail message in MIME format for the input file. The decrypted mail
+is written to the output file.
+
+=item B<-debug_decrypt>
+
+this option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
+with caution: see the notes section below.
+
+=item B<-sign>
+
+sign mail using the supplied certificate and private key. Input file is
+the message to be signed. The signed message in MIME format is written
+to the output file.
+
+=item B<-verify>
+
+verify signed mail. Expects a signed mail message on input and outputs
+the signed data. Both clear text and opaque signing is supported.
+
+=item B<-cmsout>
+
+takes an input message and writes out a PEM encoded CMS structure.
+
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
+=item B<-data_create>
+
+Create a CMS B<Data> type.
+
+=item B<-data_out>
+
+B<Data> type and output the content.
+
+=item B<-digest_create>
+
+Create a CMS B<DigestedData> type.
+
+=item B<-digest_verify>
+
+Verify a CMS B<DigestedData> type and output the content.
+
+=item B<-compress>
+
+Create a CMS B<CompressedData> type. OpenSSL must be compiled with B<zlib>
+support for this option to work, otherwise it will output an error.
+
+=item B<-uncompress>
+
+Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
+compiled with B<zlib> support for this option to work, otherwise it will
+output an error.
+
+=item B<-EncryptedData_encrypt>
+
+Encrypt content using supplied symmetric key and algorithm using a CMS
+B<EncrytedData> type and output the content.
+
+=item B<-sign_receipt>
+
+Generate and output a signed receipt for the supplied message. The input
+message B<must> contain a signed receipt request. Functionality is otherwise
+similar to the B<-sign> operation.
+
+=item B<-verify_receipt receipt>
+
+Verify a signed receipt in filename B<receipt>. The input message B<must>
+contain the original receipt request. Functionality is otherwise similar
+to the B<-verify> operation.
+
+=item B<-in filename>
+
+the input message to be encrypted or signed or the message to be decrypted
+or verified.
+
+=item B<-inform SMIME|PEM|DER>
+
+this specifies the input format for the CMS structure. The default
+is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
+format change this to expect PEM and DER format CMS structures
+instead. This currently only affects the input format of the CMS
+structure, if no CMS structure is being input (for example with
+B<-encrypt> or B<-sign>) this option has no effect.
+
+=item B<-rctform SMIME|PEM|DER>
+
+specify the format for a signed receipt for use with the B<-receipt_verify>
+operation.
+
+=item B<-out filename>
+
+the message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
+
+=item B<-outform SMIME|PEM|DER>
+
+this specifies the output format for the CMS structure. The default
+is B<SMIME> which writes an S/MIME format message. B<PEM> and B<DER>
+format change this to write PEM and DER format CMS structures
+instead. This currently only affects the output format of the CMS
+structure, if no CMS structure is being output (for example with
+B<-verify> or B<-decrypt>) this option has no effect.
+
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-content filename>
+
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the CMS
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
+
+=item B<-text>
+
+this option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME
+type text/plain then an error occurs.
+
+=item B<-noout>
+
+for the B<-cmsout> operation do not output the parsed CMS structure. This
+is useful when combined with the B<-print> option or if the syntax of the CMS
+structure is being checked.
+
+=item B<-print>
+
+for the B<-cmsout> operation print out all fields of the CMS structure. This
+is mainly useful for testing purposes.
+
+=item B<-CAfile file>
+
+a file containing trusted CA certificates, only used with B<-verify>.
+
+=item B<-CApath dir>
+
+a directory containing trusted CA certificates, only used with
+B<-verify>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=item B<-md digest>
+
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
+or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for a list of ciphers
+supported by your version of OpenSSL.
+
+If not specified triple DES is used. Only used with B<-encrypt> and
+B<-EncryptedData_create> commands.
+
+=item B<-nointern>
+
+when verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
+
+=item B<-no_signer_cert_verify>
+
+do not verify the signers certificate of a signed message.
+
+=item B<-nocerts>
+
+when signing a message the signer's certificate is normally included
+with this option it is excluded. This will reduce the size of the
+signed message but the verifier must have a copy of the signers certificate
+available locally (passed using the B<-certfile> option for example).
+
+=item B<-noattr>
+
+normally when a message is signed a set of attributes are included which
+include the signing time and supported symmetric algorithms. With this
+option they are not included.
+
+=item B<-nosmimecap>
+
+exclude the list of supported algorithms from signed attributes, other options
+such as signing time and content type are still included.
+
+=item B<-binary>
+
+normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-nodetach>
+
+when signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME. Without this option cleartext signing with
+the MIME type multipart/signed is used.
+
+=item B<-certfile file>
+
+allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates. The certificates should be in PEM format.
+
+=item B<-certsout file>
+
+any certificates contained in the message are written to B<file>.
+
+=item B<-signer file>
+
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
+
+=item B<-recip file>
+
+the recipients certificate when decrypting a message. This certificate
+must match one of the recipients of the message or an error occurs.
+
+=item B<-keyid>
+
+use subject key identifier to identify certificates instead of issuer name and
+serial number. The supplied certificate B<must> include a subject key
+identifier extension. Supported by B<-sign> and B<-encrypt> options.
+
+=item B<-receipt_request_all -receipt_request_first>
+
+for B<-sign> option include a signed receipt request. Indicate requests should
+be provided by all receipient or first tier recipients (those mailed directly
+and not from a mailing list). Ignored it B<-receipt_request_from> is included.
+
+=item B<-receipt_request_from emailaddress>
+
+for B<-sign> option include a signed receipt request. Add an explicit email
+address where receipts should be supplied.
+
+=item B<-receipt_request_to emailaddress>
+
+Add an explicit email address where signed receipts should be sent to. This
+option B<must> but supplied if a signed receipt it requested.
+
+=item B<-receipt_request_print>
+
+For the B<-verify> operation print out the contents of any signed receipt
+requests.
+
+=item B<-secretkey key>
+
+specify symmetric key to use. The key must be supplied in hex format and be
+consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
+B<-EncrryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
+with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
+content encryption key using an AES key in the B<KEKRecipientInfo> type.
+
+=item B<-secretkeyid id>
+
+the key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
+This option B<must> be present if the B<-secretkey> option is used with
+B<-encrypt>. With B<-decrypt> operations the B<id> is used to locate the
+relevant key if it is not supplied then an attempt is used to decrypt any
+B<KEKRecipientInfo> structures.
+
+=item B<-econtent_type type>
+
+set the encapsulated content type to B<type> if not supplied the B<Data> type
+is used. The B<type> argument can be any valid OID name in either text or
+numerical format.
+
+=item B<-inkey file>
+
+the private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<cert.pem...>
+
+one or more certificates of message recipients: used when encrypting
+a message.
+
+=item B<-to, -from, -subject>
+
+the relevant mail headers. These are included outside the signed
+portion of a message so they may be included manually. If signing
+then many S/MIME mail clients check the signers certificate's email
+address matches that specified in the From: address.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
+=back
+
+=head1 NOTES
+
+The MIME message must be sent without any blank lines between the
+headers and the output. Some mail programs will automatically add
+a blank line. Piping the mail directly to sendmail is one way to
+achieve the correct format.
+
+The supplied message to be signed or encrypted must include the
+necessary MIME headers or many S/MIME clients wont display it
+properly (if at all). You can use the B<-text> option to automatically
+add plain text headers.
+
+A "signed and encrypted" message is one where a signed message is
+then encrypted. This can be produced by encrypting an already signed
+message: see the examples section.
+
+This version of the program only allows one signer per message but it
+will verify multiple signers on received messages. Some S/MIME clients
+choke if a message contains multiple signers. It is possible to sign
+messages "in parallel" by signing an already signed message.
+
+The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
+clients. Strictly speaking these process CMS enveloped data: CMS
+encrypted data is used for other purposes.
+
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the CMS structure the encoding
+remains DER.
+
+If the B<-decrypt> option is used without a recipient certificate then an
+attempt is made to locate the recipient by trying each potential recipient
+in turn using the supplied private key. To thwart the MMA attack
+(Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) all recipients are
+tried whether they succeed or not and if no recipients match the message
+is "decrypted" using a random key which will typically output garbage.
+The B<-debug_decrypt> option can be used to disable the MMA attack protection
+and return an error if no recipient can be found: this option should be used
+with caution. For a fuller description see L<CMS_decrypt(3)|CMS_decrypt(3)>).
+
+=head1 EXIT CODES
+
+=over 4
+
+=item Z<>0
+
+the operation was completely successfully.
+
+=item Z<>1
+
+an error occurred parsing the command options.
+
+=item Z<>2
+
+one of the input files could not be read.
+
+=item Z<>3
+
+an error occurred creating the CMS file or when reading the MIME
+message.
+
+=item Z<>4
+
+an error occurred decrypting or verifying the message.
+
+=item Z<>5
+
+the message was verified correctly but an error occurred writing out
+the signers certificates.
+
+=back
+
+=head1 COMPATIBILITY WITH PKCS#7 format.
+
+The B<smime> utility can only process the older B<PKCS#7> format. The B<cms>
+utility supports Cryptographic Message Syntax format. Use of some features
+will result in messages which cannot be processed by applications which only
+support the older format. These are detailed below.
+
+The use of the B<-keyid> option with B<-sign> or B<-encrypt>.
+
+The B<-outform PEM> option uses different headers.
+
+The B<-compress> option.
+
+The B<-secretkey> option when used with B<-encrypt>.
+
+Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
+be processed by the older B<smime> command.
+
+=head1 EXAMPLES
+
+Create a cleartext signed message:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem
+
+Create an opaque signed message
+
+ openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+ -signer mycert.pem
+
+Create a signed message, include some additional certificates and
+read the private key from another file:
+
+ openssl cms -sign -in in.txt -text -out mail.msg \
+ -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+Create a signed message with two signers, use key identifier:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem -signer othercert.pem -keyid
+
+Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl cms -sign -in in.txt -text -signer mycert.pem \
+ -from steve at openssl.org -to someone at somewhere \
+ -subject "Signed message" | sendmail someone at somewhere
+
+Verify a message and extract the signer's certificate if successful:
+
+ openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt
+
+Send encrypted mail using triple DES:
+
+ openssl cms -encrypt -in in.txt -from steve at openssl.org \
+ -to someone at somewhere -subject "Encrypted message" \
+ -des3 user.pem -out mail.msg
+
+Sign and encrypt mail:
+
+ openssl cms -sign -in ml.txt -signer my.pem -text \
+ | openssl cms -encrypt -out mail.msg \
+ -from steve at openssl.org -to someone at somewhere \
+ -subject "Signed and Encrypted message" -des3 user.pem
+
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
+
+Decrypt mail:
+
+ openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+
+The output from Netscape form signing is a PKCS#7 structure with the
+detached signature format. You can use this program to verify the
+signature by line wrapping the base64 encoded structure and surrounding
+it with:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+and using the command,
+
+ openssl cms -verify -inform PEM -in signature.pem -content content.txt
+
+alternatively you can base64 decode the signature and use
+
+ openssl cms -verify -inform DER -in signature.der -content content.txt
+
+Create an encrypted message using 128 bit Camellia:
+
+ openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
+=head1 BUGS
+
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
+
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
+
+Ideally a database should be maintained of a certificates for each email
+address.
+
+The code doesn't currently take note of the permitted symmetric encryption
+algorithms as supplied in the SMIMECapabilities signed attribute. this means the
+user has to manually include the correct encryption algorithm. It should store
+the list of permitted ciphers in a database and only use those.
+
+No revocation checking is done on the signer's certificate.
+
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/s_client.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,355 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_client - SSL/TLS client program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_client>
-[B<-connect host:port>]
-[B<-servername name>]
-[B<-verify depth>]
-[B<-verify_return_error>]
-[B<-cert filename>]
-[B<-certform DER|PEM>]
-[B<-key filename>]
-[B<-keyform DER|PEM>]
-[B<-pass arg>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-no_alt_chains>]
-[B<-reconnect>]
-[B<-pause>]
-[B<-showcerts>]
-[B<-debug>]
-[B<-msg>]
-[B<-nbio_test>]
-[B<-state>]
-[B<-nbio>]
-[B<-crlf>]
-[B<-ign_eof>]
-[B<-no_ign_eof>]
-[B<-quiet>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-bugs>]
-[B<-cipher cipherlist>]
-[B<-serverpref>]
-[B<-starttls protocol>]
-[B<-engine id>]
-[B<-tlsextdebug>]
-[B<-no_ticket>]
-[B<-sess_out filename>]
-[B<-sess_in filename>]
-[B<-rand file(s)>]
-[B<-status>]
-[B<-nextprotoneg protocols>]
-
-=head1 DESCRIPTION
-
-The B<s_client> command implements a generic SSL/TLS client which connects
-to a remote host using SSL/TLS. It is a I<very> useful diagnostic tool for
-SSL servers.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-connect host:port>
-
-This specifies the host and optional port to connect to. If not specified
-then an attempt is made to connect to the local host on port 4433.
-
-=item B<-servername name>
-
-Set the TLS SNI (Server Name Indication) extension in the ClientHello message.
-
-=item B<-cert certname>
-
-The certificate to use, if one is requested by the server. The default is
-not to use a certificate.
-
-=item B<-certform format>
-
-The certificate format to use: DER or PEM. PEM is the default.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used.
-
-=item B<-keyform format>
-
-The private format to use: DER or PEM. PEM is the default.
-
-=item B<-pass arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-server certificate chain and turns on server certificate verification.
-Currently the verify operation continues after errors so all the problems
-with a certificate chain can be seen. As a side effect the connection
-will never fail due to a server certificate verify failure.
-
-=item B<-verify_return_error>
-
-Return verification errors instead of continuing. This will typically
-abort the handshake with a fatal error.
-
-=item B<-CApath directory>
-
-The directory to use for server certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the client certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during server authentication
-and to use when attempting to build the client certificate chain.
-
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
-
-Set various certificate chain valiadition option. See the
-L<B<verify>|verify(1)> manual page for details.
-
-=item B<-reconnect>
-
-reconnects to the same server 5 times using the same session ID, this can
-be used as a test that session caching is working.
-
-=item B<-pause>
-
-pauses 1 second between each read and write call.
-
-=item B<-showcerts>
-
-display the whole server certificate chain: normally only the server
-certificate itself is displayed.
-
-=item B<-prexit>
-
-print session information when the program exits. This will always attempt
-to print out information even if the connection fails. Normally information
-will only be printed out once if the connection succeeds. This option is useful
-because the cipher in use may be renegotiated or the connection may fail
-because a client certificate is required or is requested only after an
-attempt is made to access a certain URL. Note: the output produced by this
-option is not always accurate because a connection might never have been
-established.
-
-=item B<-state>
-
-prints out the SSL session states.
-
-=item B<-debug>
-
-print extensive debugging information including a hex dump of all traffic.
-
-=item B<-msg>
-
-show all protocol messages with hex dump.
-
-=item B<-nbio_test>
-
-tests non-blocking I/O
-
-=item B<-nbio>
-
-turns on non-blocking I/O
-
-=item B<-crlf>
-
-this option translated a line feed from the terminal into CR+LF as required
-by some servers.
-
-=item B<-ign_eof>
-
-inhibit shutting down the connection when end of file is reached in the
-input.
-
-=item B<-quiet>
-
-inhibit printing of session and certificate information. This implicitly
-turns on B<-ign_eof> as well.
-
-=item B<-no_ign_eof>
-
-shut down the connection when end of file is reached in the input.
-Can be used to override the implicit B<-ign_eof> after B<-quiet>.
-
-=item B<-psk_identity identity>
-
-Use the PSK identity B<identity> when using a PSK cipher suite.
-
-=item B<-psk key>
-
-Use the PSK key B<key> when using a PSK cipher suite. The key is
-given as a hexadecimal number without leading 0x, for example -psk
-1a2b3c4d.
-
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-
-Unfortunately there are a lot of ancient and broken servers in use which
-cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-no_tls> option others will only
-support SSL v2 and may need the B<-ssl2> option.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client. See the B<ciphers>
-command for more information.
-
-=item B<-serverpref>
-
-use the server's cipher preferences; only used for SSLV2.
-
-=item B<-starttls protocol>
-
-send the protocol-specific message(s) to switch to TLS for communication.
-B<protocol> is a keyword for the intended protocol. Currently, the only
-supported keywords are "smtp", "pop3", "imap", and "ftp".
-
-=item B<-tlsextdebug>
-
-print out a hex dump of any TLS extensions received from the server.
-
-=item B<-no_ticket>
-
-disable RFC4507bis session ticket support.
-
-=item B<-sess_out filename>
-
-output SSL session to B<filename>
-
-=item B<-sess_in sess.pem>
-
-load SSL session from B<filename>. The client will attempt to resume a
-connection from this session.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<s_client>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-status>
-
-sends a certificate status request to the server (OCSP stapling). The server
-response (if any) is printed out.
-
-=item B<-nextprotoneg protocols>
-
-enable Next Protocol Negotiation TLS extension and provide a list of
-comma-separated protocol names that the client should advertise
-support for. The list should contain most wanted protocols first.
-Protocol names are printable ASCII strings, for example "http/1.1" or
-"spdy/3".
-Empty list of protocols is treated specially and will cause the client to
-advertise support for the TLS extension but disconnect just after
-reciving ServerHello with a list of server supported protocols.
-
-=back
-
-=head1 CONNECTED COMMANDS
-
-If a connection is established with an SSL server then any data received
-from the server is displayed and any key presses will be sent to the
-server. When used interactively (which means neither B<-quiet> nor B<-ign_eof>
-have been given), the session will be renegotiated if the line begins with an
-B<R>, and if the line begins with a B<Q> or if end of file is reached, the
-connection will be closed down.
-
-=head1 NOTES
-
-B<s_client> can be used to debug SSL servers. To connect to an SSL HTTP
-server the command:
-
- openssl s_client -connect servername:443
-
-would typically be used (https uses port 443). If the connection succeeds
-then an HTTP command can be given such as "GET /" to retrieve a web page.
-
-If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
-in case it is a buggy server. In particular you should play with these
-options B<before> submitting a bug report to an OpenSSL mailing list.
-
-A frequent problem when attempting to get client certificates working
-is that a web client complains it has no certificates or gives an empty
-list to choose from. This is normally because the server is not sending
-the clients certificate authority in its "acceptable CA list" when it
-requests a certificate. By using B<s_client> the CA list can be viewed
-and checked. However some servers only request client authentication
-after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> option and send an HTTP request
-for an appropriate page.
-
-If a certificate is specified on the command line using the B<-cert>
-option it will not be used unless the server specifically requests
-a client certificate. Therefor merely including a client certificate
-on the command line is no guarantee that the certificate works.
-
-If there are problems verifying a server certificate then the
-B<-showcerts> option can be used to show the whole chain.
-
-Since the SSLv23 client hello cannot include compression methods or extensions
-these will only be supported if its use is disabled, for example by using the
-B<-no_sslv2> option.
-
-The B<s_client> utility is a test tool and is designed to continue the
-handshake after any certificate verification errors. As a result it will
-accept any certificate chain (trusted or not) sent by the peer. None test
-applications should B<not> do this as it makes them vulnerable to a MITM
-attack. This behaviour can be changed by with the B<-verify_return_error>
-option: any verify errors are then returned aborting the handshake.
-
-=head1 BUGS
-
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_client is rather
-hard to read and not a model of how things should be done. A typical
-SSL client program would be much simpler.
-
-The B<-prexit> option is a bit of a hack. We should really report
-information whenever a session is renegotiated.
-
-=head1 SEE ALSO
-
-L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
-
-=head1 HISTORY
-
-The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/s_client.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/s_client.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,350 @@
+
+=pod
+
+=head1 NAME
+
+s_client - SSL/TLS client program
+
+=head1 SYNOPSIS
+
+B<openssl> B<s_client>
+[B<-connect host:port>]
+[B<-servername name>]
+[B<-verify depth>]
+[B<-verify_return_error>]
+[B<-cert filename>]
+[B<-certform DER|PEM>]
+[B<-key filename>]
+[B<-keyform DER|PEM>]
+[B<-pass arg>]
+[B<-CApath directory>]
+[B<-CAfile filename>]
+[B<-no_alt_chains>]
+[B<-reconnect>]
+[B<-pause>]
+[B<-showcerts>]
+[B<-debug>]
+[B<-msg>]
+[B<-nbio_test>]
+[B<-state>]
+[B<-nbio>]
+[B<-crlf>]
+[B<-ign_eof>]
+[B<-no_ign_eof>]
+[B<-quiet>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-tls1>]
+[B<-no_ssl2>]
+[B<-no_ssl3>]
+[B<-no_tls1>]
+[B<-bugs>]
+[B<-cipher cipherlist>]
+[B<-serverpref>]
+[B<-starttls protocol>]
+[B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
+[B<-sess_out filename>]
+[B<-sess_in filename>]
+[B<-rand file(s)>]
+[B<-status>]
+[B<-nextprotoneg protocols>]
+
+=head1 DESCRIPTION
+
+The B<s_client> command implements a generic SSL/TLS client which connects
+to a remote host using SSL/TLS. It is a I<very> useful diagnostic tool for
+SSL servers.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-connect host:port>
+
+This specifies the host and optional port to connect to. If not specified
+then an attempt is made to connect to the local host on port 4433.
+
+=item B<-servername name>
+
+Set the TLS SNI (Server Name Indication) extension in the ClientHello message.
+
+=item B<-cert certname>
+
+The certificate to use, if one is requested by the server. The default is
+not to use a certificate.
+
+=item B<-certform format>
+
+The certificate format to use: DER or PEM. PEM is the default.
+
+=item B<-key keyfile>
+
+The private key to use. If not specified then the certificate file will
+be used.
+
+=item B<-keyform format>
+
+The private format to use: DER or PEM. PEM is the default.
+
+=item B<-pass arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-verify depth>
+
+The verify depth to use. This specifies the maximum length of the
+server certificate chain and turns on server certificate verification.
+Currently the verify operation continues after errors so all the problems
+with a certificate chain can be seen. As a side effect the connection
+will never fail due to a server certificate verify failure.
+
+=item B<-verify_return_error>
+
+Return verification errors instead of continuing. This will typically
+abort the handshake with a fatal error.
+
+=item B<-CApath directory>
+
+The directory to use for server certificate verification. This directory
+must be in "hash format", see B<verify> for more information. These are
+also used when building the client certificate chain.
+
+=item B<-CAfile file>
+
+A file containing trusted certificates to use during server authentication
+and to use when attempting to build the client certificate chain.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
+=item B<-reconnect>
+
+reconnects to the same server 5 times using the same session ID, this can
+be used as a test that session caching is working.
+
+=item B<-pause>
+
+pauses 1 second between each read and write call.
+
+=item B<-showcerts>
+
+display the whole server certificate chain: normally only the server
+certificate itself is displayed.
+
+=item B<-prexit>
+
+print session information when the program exits. This will always attempt
+to print out information even if the connection fails. Normally information
+will only be printed out once if the connection succeeds. This option is useful
+because the cipher in use may be renegotiated or the connection may fail
+because a client certificate is required or is requested only after an
+attempt is made to access a certain URL. Note: the output produced by this
+option is not always accurate because a connection might never have been
+established.
+
+=item B<-state>
+
+prints out the SSL session states.
+
+=item B<-debug>
+
+print extensive debugging information including a hex dump of all traffic.
+
+=item B<-msg>
+
+show all protocol messages with hex dump.
+
+=item B<-nbio_test>
+
+tests non-blocking I/O
+
+=item B<-nbio>
+
+turns on non-blocking I/O
+
+=item B<-crlf>
+
+this option translated a line feed from the terminal into CR+LF as required
+by some servers.
+
+=item B<-ign_eof>
+
+inhibit shutting down the connection when end of file is reached in the
+input.
+
+=item B<-quiet>
+
+inhibit printing of session and certificate information. This implicitly
+turns on B<-ign_eof> as well.
+
+=item B<-no_ign_eof>
+
+shut down the connection when end of file is reached in the input.
+Can be used to override the implicit B<-ign_eof> after B<-quiet>.
+
+=item B<-psk_identity identity>
+
+Use the PSK identity B<identity> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+
+These options require or disable the use of the specified SSL or TLS protocols.
+By default the initial handshake uses a I<version-flexible> method which will
+negotiate the highest mutually supported protocol version.
+
+=item B<-bugs>
+
+there are several known bug in SSL and TLS implementations. Adding this
+option enables various workarounds.
+
+=item B<-cipher cipherlist>
+
+this allows the cipher list sent by the client to be modified. Although
+the server determines which cipher suite is used it should take the first
+supported cipher in the list sent by the client. See the B<ciphers>
+command for more information.
+
+=item B<-serverpref>
+
+use the server's cipher preferences; only used for SSLV2.
+
+=item B<-starttls protocol>
+
+send the protocol-specific message(s) to switch to TLS for communication.
+B<protocol> is a keyword for the intended protocol. Currently, the only
+supported keywords are "smtp", "pop3", "imap", and "ftp".
+
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support.
+
+=item B<-sess_out filename>
+
+output SSL session to B<filename>
+
+=item B<-sess_in sess.pem>
+
+load SSL session from B<filename>. The client will attempt to resume a
+connection from this session.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<s_client>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-status>
+
+sends a certificate status request to the server (OCSP stapling). The server
+response (if any) is printed out.
+
+=item B<-nextprotoneg protocols>
+
+enable Next Protocol Negotiation TLS extension and provide a list of
+comma-separated protocol names that the client should advertise
+support for. The list should contain most wanted protocols first.
+Protocol names are printable ASCII strings, for example "http/1.1" or
+"spdy/3".
+Empty list of protocols is treated specially and will cause the client to
+advertise support for the TLS extension but disconnect just after
+reciving ServerHello with a list of server supported protocols.
+
+=back
+
+=head1 CONNECTED COMMANDS
+
+If a connection is established with an SSL server then any data received
+from the server is displayed and any key presses will be sent to the
+server. When used interactively (which means neither B<-quiet> nor B<-ign_eof>
+have been given), the session will be renegotiated if the line begins with an
+B<R>, and if the line begins with a B<Q> or if end of file is reached, the
+connection will be closed down.
+
+=head1 NOTES
+
+B<s_client> can be used to debug SSL servers. To connect to an SSL HTTP
+server the command:
+
+ openssl s_client -connect servername:443
+
+would typically be used (https uses port 443). If the connection succeeds
+then an HTTP command can be given such as "GET /" to retrieve a web page.
+
+If the handshake fails then there are several possible causes, if it is
+nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
+B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
+in case it is a buggy server. In particular you should play with these
+options B<before> submitting a bug report to an OpenSSL mailing list.
+
+A frequent problem when attempting to get client certificates working
+is that a web client complains it has no certificates or gives an empty
+list to choose from. This is normally because the server is not sending
+the clients certificate authority in its "acceptable CA list" when it
+requests a certificate. By using B<s_client> the CA list can be viewed
+and checked. However some servers only request client authentication
+after a specific URL is requested. To obtain the list in this case it
+is necessary to use the B<-prexit> option and send an HTTP request
+for an appropriate page.
+
+If a certificate is specified on the command line using the B<-cert>
+option it will not be used unless the server specifically requests
+a client certificate. Therefor merely including a client certificate
+on the command line is no guarantee that the certificate works.
+
+If there are problems verifying a server certificate then the
+B<-showcerts> option can be used to show the whole chain.
+
+Since the SSLv23 client hello cannot include compression methods or extensions
+these will only be supported if its use is disabled, for example by using the
+B<-no_sslv2> option.
+
+The B<s_client> utility is a test tool and is designed to continue the
+handshake after any certificate verification errors. As a result it will
+accept any certificate chain (trusted or not) sent by the peer. None test
+applications should B<not> do this as it makes them vulnerable to a MITM
+attack. This behaviour can be changed by with the B<-verify_return_error>
+option: any verify errors are then returned aborting the handshake.
+
+=head1 BUGS
+
+Because this program has a lot of options and also because some of
+the techniques used are rather old, the C source of s_client is rather
+hard to read and not a model of how things should be done. A typical
+SSL client program would be much simpler.
+
+The B<-prexit> option is a bit of a hack. We should really report
+information whenever a session is renegotiated.
+
+=head1 SEE ALSO
+
+L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/s_server.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,410 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_server - SSL/TLS server program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_server>
-[B<-accept port>]
-[B<-context id>]
-[B<-verify depth>]
-[B<-Verify depth>]
-[B<-crl_check>]
-[B<-crl_check_all>]
-[B<-cert filename>]
-[B<-certform DER|PEM>]
-[B<-key keyfile>]
-[B<-keyform DER|PEM>]
-[B<-pass arg>]
-[B<-dcert filename>]
-[B<-dcertform DER|PEM>]
-[B<-dkey keyfile>]
-[B<-dkeyform DER|PEM>]
-[B<-dpass arg>]
-[B<-dhparam filename>]
-[B<-nbio>]
-[B<-nbio_test>]
-[B<-crlf>]
-[B<-debug>]
-[B<-msg>]
-[B<-state>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-no_alt_chains>]
-[B<-nocert>]
-[B<-cipher cipherlist>]
-[B<-serverpref>]
-[B<-quiet>]
-[B<-no_tmp_rsa>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-no_dhe>]
-[B<-no_ecdhe>]
-[B<-bugs>]
-[B<-hack>]
-[B<-www>]
-[B<-WWW>]
-[B<-HTTP>]
-[B<-engine id>]
-[B<-tlsextdebug>]
-[B<-no_ticket>]
-[B<-id_prefix arg>]
-[B<-rand file(s)>]
-[B<-status>]
-[B<-status_verbose>]
-[B<-status_timeout nsec>]
-[B<-status_url url>]
-[B<-nextprotoneg protocols>]
-
-=head1 DESCRIPTION
-
-The B<s_server> command implements a generic SSL/TLS server which listens
-for connections on a given port using SSL/TLS.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-accept port>
-
-the TCP port to listen on for connections. If not specified 4433 is used.
-
-=item B<-context id>
-
-sets the SSL context id. It can be given any string value. If this option
-is not present a default value will be used.
-
-=item B<-cert certname>
-
-The certificate to use, most servers cipher suites require the use of a
-certificate and some require a certificate with a certain public key type:
-for example the DSS cipher suites require a certificate containing a DSS
-(DSA) key. If not specified then the filename "server.pem" will be used.
-
-=item B<-certform format>
-
-The certificate format to use: DER or PEM. PEM is the default.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used.
-
-=item B<-keyform format>
-
-The private format to use: DER or PEM. PEM is the default.
-
-=item B<-pass arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-dcert filename>, B<-dkey keyname>
-
-specify an additional certificate and private key, these behave in the
-same manner as the B<-cert> and B<-key> options except there is no default
-if they are not specified (no additional certificate and key is used). As
-noted above some cipher suites require a certificate containing a key of
-a certain type. Some cipher suites need a certificate carrying an RSA key
-and some a DSS (DSA) key. By using RSA and DSS certificates and keys
-a server can support clients which only support RSA or DSS cipher suites
-by using an appropriate certificate.
-
-=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
-
-additional certificate and private key format and passphrase respectively.
-
-=item B<-nocert>
-
-if this option is set then no certificate is used. This restricts the
-cipher suites available to the anonymous ones (currently just anonymous
-DH).
-
-=item B<-dhparam filename>
-
-the DH parameter file to use. The ephemeral DH cipher suites generate keys
-using a set of DH parameters. If not specified then an attempt is made to
-load the parameters from the server certificate file. If this fails then
-a static set of parameters hard coded into the s_server program will be used.
-
-=item B<-no_dhe>
-
-if this option is set then no DH parameters will be loaded effectively
-disabling the ephemeral DH cipher suites.
-
-=item B<-no_ecdhe>
-
-if this option is set then no ECDH parameters will be loaded effectively
-disabling the ephemeral ECDH cipher suites.
-
-=item B<-no_tmp_rsa>
-
-certain export cipher suites sometimes use a temporary RSA key, this option
-disables temporary RSA key generation.
-
-=item B<-verify depth>, B<-Verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-client certificate chain and makes the server request a certificate from
-the client. With the B<-verify> option a certificate is requested but the
-client does not have to send one, with the B<-Verify> option the client
-must supply a certificate or an error occurs.
-
-If the ciphersuite cannot request a client certificate (for example an
-anonymous ciphersuite or PSK) this option has no effect.
-
-=item B<-crl_check>, B<-crl_check_all>
-
-Check the peer certificate has not been revoked by its CA.
-The CRL(s) are appended to the certificate file. With the B<-crl_check_all>
-option all CRLs of all CAs in the chain are checked.
-
-=item B<-CApath directory>
-
-The directory to use for client certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the server certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during client authentication
-and to use when attempting to build the server certificate chain. The list
-is also used in the list of acceptable client CAs passed to the client when
-a certificate is requested.
-
-=item B<-no_alt_chains>
-
-See the L<B<verify>|verify(1)> manual page for details.
-
-=item B<-state>
-
-prints out the SSL session states.
-
-=item B<-debug>
-
-print extensive debugging information including a hex dump of all traffic.
-
-=item B<-msg>
-
-show all protocol messages with hex dump.
-
-=item B<-nbio_test>
-
-tests non blocking I/O
-
-=item B<-nbio>
-
-turns on non blocking I/O
-
-=item B<-crlf>
-
-this option translated a line feed from the terminal into CR+LF.
-
-=item B<-quiet>
-
-inhibit printing of session and certificate information.
-
-=item B<-psk_hint hint>
-
-Use the PSK identity hint B<hint> when using a PSK cipher suite.
-
-=item B<-psk key>
-
-Use the PSK key B<key> when using a PSK cipher suite. The key is
-given as a hexadecimal number without leading 0x, for example -psk
-1a2b3c4d.
-
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-hack>
-
-this option enables a further workaround for some some early Netscape
-SSL code (?).
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list used by the server to be modified. When
-the client sends a list of supported ciphers the first client cipher
-also included in the server list is used. Because the client specifies
-the preference order, the order of the server cipherlist irrelevant. See
-the B<ciphers> command for more information.
-
-=item B<-serverpref>
-
-use the server's cipher preferences, rather than the client's preferences.
-
-=item B<-tlsextdebug>
-
-print out a hex dump of any TLS extensions received from the server.
-
-=item B<-no_ticket>
-
-disable RFC4507bis session ticket support.
-
-=item B<-www>
-
-sends a status message back to the client when it connects. This includes
-lots of information about the ciphers used and various session parameters.
-The output is in HTML format so this option will normally be used with a
-web browser.
-
-=item B<-WWW>
-
-emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file ./page.html will be loaded.
-
-=item B<-HTTP>
-
-emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file ./page.html will be loaded. The files loaded are
-assumed to contain a complete and correct HTTP response (lines that
-are part of the HTTP response line and headers must end with CRLF).
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<s_server>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-id_prefix arg>
-
-generate SSL/TLS session IDs prefixed by B<arg>. This is mostly useful
-for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple
-servers, when each of which might be generating a unique range of session
-IDs (eg. with a certain prefix).
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-status>
-
-enables certificate status request support (aka OCSP stapling).
-
-=item B<-status_verbose>
-
-enables certificate status request support (aka OCSP stapling) and gives
-a verbose printout of the OCSP response.
-
-=item B<-status_timeout nsec>
-
-sets the timeout for OCSP response to B<nsec> seconds.
-
-=item B<-status_url url>
-
-sets a fallback responder URL to use if no responder URL is present in the
-server certificate. Without this option an error is returned if the server
-certificate does not contain a responder address.
-
-=item B<-nextprotoneg protocols>
-
-enable Next Protocol Negotiation TLS extension and provide a
-comma-separated list of supported protocol names.
-The list should contain most wanted protocols first.
-Protocol names are printable ASCII strings, for example "http/1.1" or
-"spdy/3".
-
-=back
-
-=head1 CONNECTED COMMANDS
-
-If a connection request is established with an SSL client and neither the
-B<-www> nor the B<-WWW> option has been used then normally any data received
-from the client is displayed and any key presses will be sent to the client.
-
-Certain single letter commands are also recognized which perform special
-operations: these are listed below.
-
-=over 4
-
-=item B<q>
-
-end the current SSL connection but still accept new connections.
-
-=item B<Q>
-
-end the current SSL connection and exit.
-
-=item B<r>
-
-renegotiate the SSL session.
-
-=item B<R>
-
-renegotiate the SSL session and request a client certificate.
-
-=item B<P>
-
-send some plain text down the underlying TCP connection: this should
-cause the client to disconnect due to a protocol violation.
-
-=item B<S>
-
-print out some session cache status information.
-
-=back
-
-=head1 NOTES
-
-B<s_server> can be used to debug SSL clients. To accept connections from
-a web browser the command:
-
- openssl s_server -accept 443 -www
-
-can be used for example.
-
-Most web browsers (in particular Netscape and MSIE) only support RSA cipher
-suites, so they cannot connect to servers which don't use a certificate
-carrying an RSA key or a version of OpenSSL with RSA disabled.
-
-Although specifying an empty list of CAs when requesting a client certificate
-is strictly speaking a protocol violation, some SSL clients interpret this to
-mean any CA is acceptable. This is useful for debugging purposes.
-
-The session parameters can printed out using the B<sess_id> program.
-
-=head1 BUGS
-
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_server is rather
-hard to read and not a model of how things should be done. A typical
-SSL server program would be much simpler.
-
-The output of common ciphers is wrong: it just gives the list of ciphers that
-OpenSSL recognizes and the client supports.
-
-There should be a way for the B<s_server> program to print out details of any
-unknown cipher suites a client says it supports.
-
-=head1 SEE ALSO
-
-L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
-
-=head1 HISTORY
-
-The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/s_server.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/s_server.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,410 @@
+
+=pod
+
+=head1 NAME
+
+s_server - SSL/TLS server program
+
+=head1 SYNOPSIS
+
+B<openssl> B<s_server>
+[B<-accept port>]
+[B<-context id>]
+[B<-verify depth>]
+[B<-Verify depth>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-cert filename>]
+[B<-certform DER|PEM>]
+[B<-key keyfile>]
+[B<-keyform DER|PEM>]
+[B<-pass arg>]
+[B<-dcert filename>]
+[B<-dcertform DER|PEM>]
+[B<-dkey keyfile>]
+[B<-dkeyform DER|PEM>]
+[B<-dpass arg>]
+[B<-dhparam filename>]
+[B<-nbio>]
+[B<-nbio_test>]
+[B<-crlf>]
+[B<-debug>]
+[B<-msg>]
+[B<-state>]
+[B<-CApath directory>]
+[B<-CAfile filename>]
+[B<-no_alt_chains>]
+[B<-nocert>]
+[B<-cipher cipherlist>]
+[B<-serverpref>]
+[B<-quiet>]
+[B<-no_tmp_rsa>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-tls1>]
+[B<-no_ssl2>]
+[B<-no_ssl3>]
+[B<-no_tls1>]
+[B<-no_dhe>]
+[B<-no_ecdhe>]
+[B<-bugs>]
+[B<-hack>]
+[B<-www>]
+[B<-WWW>]
+[B<-HTTP>]
+[B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
+[B<-id_prefix arg>]
+[B<-rand file(s)>]
+[B<-status>]
+[B<-status_verbose>]
+[B<-status_timeout nsec>]
+[B<-status_url url>]
+[B<-nextprotoneg protocols>]
+
+=head1 DESCRIPTION
+
+The B<s_server> command implements a generic SSL/TLS server which listens
+for connections on a given port using SSL/TLS.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-accept port>
+
+the TCP port to listen on for connections. If not specified 4433 is used.
+
+=item B<-context id>
+
+sets the SSL context id. It can be given any string value. If this option
+is not present a default value will be used.
+
+=item B<-cert certname>
+
+The certificate to use, most servers cipher suites require the use of a
+certificate and some require a certificate with a certain public key type:
+for example the DSS cipher suites require a certificate containing a DSS
+(DSA) key. If not specified then the filename "server.pem" will be used.
+
+=item B<-certform format>
+
+The certificate format to use: DER or PEM. PEM is the default.
+
+=item B<-key keyfile>
+
+The private key to use. If not specified then the certificate file will
+be used.
+
+=item B<-keyform format>
+
+The private format to use: DER or PEM. PEM is the default.
+
+=item B<-pass arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-dcert filename>, B<-dkey keyname>
+
+specify an additional certificate and private key, these behave in the
+same manner as the B<-cert> and B<-key> options except there is no default
+if they are not specified (no additional certificate and key is used). As
+noted above some cipher suites require a certificate containing a key of
+a certain type. Some cipher suites need a certificate carrying an RSA key
+and some a DSS (DSA) key. By using RSA and DSS certificates and keys
+a server can support clients which only support RSA or DSS cipher suites
+by using an appropriate certificate.
+
+=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
+
+additional certificate and private key format and passphrase respectively.
+
+=item B<-nocert>
+
+if this option is set then no certificate is used. This restricts the
+cipher suites available to the anonymous ones (currently just anonymous
+DH).
+
+=item B<-dhparam filename>
+
+the DH parameter file to use. The ephemeral DH cipher suites generate keys
+using a set of DH parameters. If not specified then an attempt is made to
+load the parameters from the server certificate file. If this fails then
+a static set of parameters hard coded into the s_server program will be used.
+
+=item B<-no_dhe>
+
+if this option is set then no DH parameters will be loaded effectively
+disabling the ephemeral DH cipher suites.
+
+=item B<-no_ecdhe>
+
+if this option is set then no ECDH parameters will be loaded effectively
+disabling the ephemeral ECDH cipher suites.
+
+=item B<-no_tmp_rsa>
+
+certain export cipher suites sometimes use a temporary RSA key, this option
+disables temporary RSA key generation.
+
+=item B<-verify depth>, B<-Verify depth>
+
+The verify depth to use. This specifies the maximum length of the
+client certificate chain and makes the server request a certificate from
+the client. With the B<-verify> option a certificate is requested but the
+client does not have to send one, with the B<-Verify> option the client
+must supply a certificate or an error occurs.
+
+If the ciphersuite cannot request a client certificate (for example an
+anonymous ciphersuite or PSK) this option has no effect.
+
+=item B<-crl_check>, B<-crl_check_all>
+
+Check the peer certificate has not been revoked by its CA.
+The CRL(s) are appended to the certificate file. With the B<-crl_check_all>
+option all CRLs of all CAs in the chain are checked.
+
+=item B<-CApath directory>
+
+The directory to use for client certificate verification. This directory
+must be in "hash format", see B<verify> for more information. These are
+also used when building the server certificate chain.
+
+=item B<-CAfile file>
+
+A file containing trusted certificates to use during client authentication
+and to use when attempting to build the server certificate chain. The list
+is also used in the list of acceptable client CAs passed to the client when
+a certificate is requested.
+
+=item B<-no_alt_chains>
+
+See the L<B<verify>|verify(1)> manual page for details.
+
+=item B<-state>
+
+prints out the SSL session states.
+
+=item B<-debug>
+
+print extensive debugging information including a hex dump of all traffic.
+
+=item B<-msg>
+
+show all protocol messages with hex dump.
+
+=item B<-nbio_test>
+
+tests non blocking I/O
+
+=item B<-nbio>
+
+turns on non blocking I/O
+
+=item B<-crlf>
+
+this option translated a line feed from the terminal into CR+LF.
+
+=item B<-quiet>
+
+inhibit printing of session and certificate information.
+
+=item B<-psk_hint hint>
+
+Use the PSK identity hint B<hint> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+
+These options require or disable the use of the specified SSL or TLS protocols.
+By default the initial handshake uses a I<version-flexible> method which will
+negotiate the highest mutually supported protocol version.
+
+=item B<-bugs>
+
+there are several known bug in SSL and TLS implementations. Adding this
+option enables various workarounds.
+
+=item B<-hack>
+
+this option enables a further workaround for some some early Netscape
+SSL code (?).
+
+=item B<-cipher cipherlist>
+
+this allows the cipher list used by the server to be modified. When
+the client sends a list of supported ciphers the first client cipher
+also included in the server list is used. Because the client specifies
+the preference order, the order of the server cipherlist irrelevant. See
+the B<ciphers> command for more information.
+
+=item B<-serverpref>
+
+use the server's cipher preferences, rather than the client's preferences.
+
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support.
+
+=item B<-www>
+
+sends a status message back to the client when it connects. This includes
+lots of information about the ciphers used and various session parameters.
+The output is in HTML format so this option will normally be used with a
+web browser.
+
+=item B<-WWW>
+
+emulates a simple web server. Pages will be resolved relative to the
+current directory, for example if the URL https://myhost/page.html is
+requested the file ./page.html will be loaded.
+
+=item B<-HTTP>
+
+emulates a simple web server. Pages will be resolved relative to the
+current directory, for example if the URL https://myhost/page.html is
+requested the file ./page.html will be loaded. The files loaded are
+assumed to contain a complete and correct HTTP response (lines that
+are part of the HTTP response line and headers must end with CRLF).
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<s_server>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<-id_prefix arg>
+
+generate SSL/TLS session IDs prefixed by B<arg>. This is mostly useful
+for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple
+servers, when each of which might be generating a unique range of session
+IDs (eg. with a certain prefix).
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-status>
+
+enables certificate status request support (aka OCSP stapling).
+
+=item B<-status_verbose>
+
+enables certificate status request support (aka OCSP stapling) and gives
+a verbose printout of the OCSP response.
+
+=item B<-status_timeout nsec>
+
+sets the timeout for OCSP response to B<nsec> seconds.
+
+=item B<-status_url url>
+
+sets a fallback responder URL to use if no responder URL is present in the
+server certificate. Without this option an error is returned if the server
+certificate does not contain a responder address.
+
+=item B<-nextprotoneg protocols>
+
+enable Next Protocol Negotiation TLS extension and provide a
+comma-separated list of supported protocol names.
+The list should contain most wanted protocols first.
+Protocol names are printable ASCII strings, for example "http/1.1" or
+"spdy/3".
+
+=back
+
+=head1 CONNECTED COMMANDS
+
+If a connection request is established with an SSL client and neither the
+B<-www> nor the B<-WWW> option has been used then normally any data received
+from the client is displayed and any key presses will be sent to the client.
+
+Certain single letter commands are also recognized which perform special
+operations: these are listed below.
+
+=over 4
+
+=item B<q>
+
+end the current SSL connection but still accept new connections.
+
+=item B<Q>
+
+end the current SSL connection and exit.
+
+=item B<r>
+
+renegotiate the SSL session.
+
+=item B<R>
+
+renegotiate the SSL session and request a client certificate.
+
+=item B<P>
+
+send some plain text down the underlying TCP connection: this should
+cause the client to disconnect due to a protocol violation.
+
+=item B<S>
+
+print out some session cache status information.
+
+=back
+
+=head1 NOTES
+
+B<s_server> can be used to debug SSL clients. To accept connections from
+a web browser the command:
+
+ openssl s_server -accept 443 -www
+
+can be used for example.
+
+Most web browsers (in particular Netscape and MSIE) only support RSA cipher
+suites, so they cannot connect to servers which don't use a certificate
+carrying an RSA key or a version of OpenSSL with RSA disabled.
+
+Although specifying an empty list of CAs when requesting a client certificate
+is strictly speaking a protocol violation, some SSL clients interpret this to
+mean any CA is acceptable. This is useful for debugging purposes.
+
+The session parameters can printed out using the B<sess_id> program.
+
+=head1 BUGS
+
+Because this program has a lot of options and also because some of
+the techniques used are rather old, the C source of s_server is rather
+hard to read and not a model of how things should be done. A typical
+SSL server program would be much simpler.
+
+The output of common ciphers is wrong: it just gives the list of ciphers that
+OpenSSL recognizes and the client supports.
+
+There should be a way for the B<s_server> program to print out details of any
+unknown cipher suites a client says it supports.
+
+=head1 SEE ALSO
+
+L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
+
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/s_time.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,173 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_time - SSL/TLS performance timing program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_time>
-[B<-connect host:port>]
-[B<-www page>]
-[B<-cert filename>]
-[B<-key filename>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-reuse>]
-[B<-new>]
-[B<-verify depth>]
-[B<-nbio>]
-[B<-time seconds>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-bugs>]
-[B<-cipher cipherlist>]
-
-=head1 DESCRIPTION
-
-The B<s_client> command implements a generic SSL/TLS client which connects to a
-remote host using SSL/TLS. It can request a page from the server and includes
-the time to transfer the payload data in its timing measurements. It measures
-the number of connections within a given timeframe, the amount of data
-transferred (if any), and calculates the average time spent for one connection.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-connect host:port>
-
-This specifies the host and optional port to connect to.
-
-=item B<-www page>
-
-This specifies the page to GET from the server. A value of '/' gets the
-index.htm[l] page. If this parameter is not specified, then B<s_time> will only
-perform the handshake to establish SSL connections but not transfer any
-payload data.
-
-=item B<-cert certname>
-
-The certificate to use, if one is requested by the server. The default is
-not to use a certificate. The file is in PEM format.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used. The file is in PEM format.
-
-=item B<-verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-server certificate chain and turns on server certificate verification.
-Currently the verify operation continues after errors so all the problems
-with a certificate chain can be seen. As a side effect the connection
-will never fail due to a server certificate verify failure.
-
-=item B<-CApath directory>
-
-The directory to use for server certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the client certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during server authentication
-and to use when attempting to build the client certificate chain.
-
-=item B<-new>
-
-performs the timing test using a new session ID for each connection.
-If neither B<-new> nor B<-reuse> are specified, they are both on by default
-and executed in sequence.
-
-=item B<-reuse>
-
-performs the timing test using the same session ID; this can be used as a test
-that session caching is working. If neither B<-new> nor B<-reuse> are
-specified, they are both on by default and executed in sequence.
-
-=item B<-nbio>
-
-turns on non-blocking I/O.
-
-=item B<-ssl2>, B<-ssl3>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-The timing program is not as rich in options to turn protocols on and off as
-the L<s_client(1)|s_client(1)> program and may not connect to all servers.
-
-Unfortunately there are a lot of ancient and broken servers in use which
-cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-ssl3> option; others
-will only support SSL v2 and may need the B<-ssl2> option.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client.
-See the L<ciphers(1)|ciphers(1)> command for more information.
-
-=item B<-time length>
-
-specifies how long (in seconds) B<s_time> should establish connections and
-optionally transfer payload data from a server. Server and client performance
-and the link speed determine how many connections B<s_time> can establish.
-
-=back
-
-=head1 NOTES
-
-B<s_client> can be used to measure the performance of an SSL connection.
-To connect to an SSL HTTP server and get the default page the command
-
- openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
-
-would typically be used (https uses port 443). 'commoncipher' is a cipher to
-which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
-for details.
-
-If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3> options can be tried
-in case it is a buggy server. In particular you should play with these
-options B<before> submitting a bug report to an OpenSSL mailing list.
-
-A frequent problem when attempting to get client certificates working
-is that a web client complains it has no certificates or gives an empty
-list to choose from. This is normally because the server is not sending
-the clients certificate authority in its "acceptable CA list" when it
-requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
-viewed and checked. However some servers only request client authentication
-after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
-send an HTTP request for an appropriate page.
-
-If a certificate is specified on the command line using the B<-cert>
-option it will not be used unless the server specifically requests
-a client certificate. Therefor merely including a client certificate
-on the command line is no guarantee that the certificate works.
-
-=head1 BUGS
-
-Because this program does not have all the options of the
-L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
-able to measure the performance of all protocols with all servers.
-
-The B<-verify> option should really exit if the server verification
-fails.
-
-=head1 SEE ALSO
-
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/s_time.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/s_time.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,173 @@
+
+=pod
+
+=head1 NAME
+
+s_time - SSL/TLS performance timing program
+
+=head1 SYNOPSIS
+
+B<openssl> B<s_time>
+[B<-connect host:port>]
+[B<-www page>]
+[B<-cert filename>]
+[B<-key filename>]
+[B<-CApath directory>]
+[B<-CAfile filename>]
+[B<-reuse>]
+[B<-new>]
+[B<-verify depth>]
+[B<-nbio>]
+[B<-time seconds>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-bugs>]
+[B<-cipher cipherlist>]
+
+=head1 DESCRIPTION
+
+The B<s_time> command implements a generic SSL/TLS client which connects to a
+remote host using SSL/TLS. It can request a page from the server and includes
+the time to transfer the payload data in its timing measurements. It measures
+the number of connections within a given timeframe, the amount of data
+transferred (if any), and calculates the average time spent for one connection.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-connect host:port>
+
+This specifies the host and optional port to connect to.
+
+=item B<-www page>
+
+This specifies the page to GET from the server. A value of '/' gets the
+index.htm[l] page. If this parameter is not specified, then B<s_time> will only
+perform the handshake to establish SSL connections but not transfer any
+payload data.
+
+=item B<-cert certname>
+
+The certificate to use, if one is requested by the server. The default is
+not to use a certificate. The file is in PEM format.
+
+=item B<-key keyfile>
+
+The private key to use. If not specified then the certificate file will
+be used. The file is in PEM format.
+
+=item B<-verify depth>
+
+The verify depth to use. This specifies the maximum length of the
+server certificate chain and turns on server certificate verification.
+Currently the verify operation continues after errors so all the problems
+with a certificate chain can be seen. As a side effect the connection
+will never fail due to a server certificate verify failure.
+
+=item B<-CApath directory>
+
+The directory to use for server certificate verification. This directory
+must be in "hash format", see B<verify> for more information. These are
+also used when building the client certificate chain.
+
+=item B<-CAfile file>
+
+A file containing trusted certificates to use during server authentication
+and to use when attempting to build the client certificate chain.
+
+=item B<-new>
+
+performs the timing test using a new session ID for each connection.
+If neither B<-new> nor B<-reuse> are specified, they are both on by default
+and executed in sequence.
+
+=item B<-reuse>
+
+performs the timing test using the same session ID; this can be used as a test
+that session caching is working. If neither B<-new> nor B<-reuse> are
+specified, they are both on by default and executed in sequence.
+
+=item B<-nbio>
+
+turns on non-blocking I/O.
+
+=item B<-ssl2>, B<-ssl3>
+
+these options disable the use of certain SSL or TLS protocols. By default
+the initial handshake uses a method which should be compatible with all
+servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+The timing program is not as rich in options to turn protocols on and off as
+the L<s_client(1)|s_client(1)> program and may not connect to all servers.
+
+Unfortunately there are a lot of ancient and broken servers in use which
+cannot handle this technique and will fail to connect. Some servers only
+work if TLS is turned off with the B<-ssl3> option; others
+will only support SSL v2 and may need the B<-ssl2> option.
+
+=item B<-bugs>
+
+there are several known bug in SSL and TLS implementations. Adding this
+option enables various workarounds.
+
+=item B<-cipher cipherlist>
+
+this allows the cipher list sent by the client to be modified. Although
+the server determines which cipher suite is used it should take the first
+supported cipher in the list sent by the client.
+See the L<ciphers(1)|ciphers(1)> command for more information.
+
+=item B<-time length>
+
+specifies how long (in seconds) B<s_time> should establish connections and
+optionally transfer payload data from a server. Server and client performance
+and the link speed determine how many connections B<s_time> can establish.
+
+=back
+
+=head1 NOTES
+
+B<s_time> can be used to measure the performance of an SSL connection.
+To connect to an SSL HTTP server and get the default page the command
+
+ openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
+
+would typically be used (https uses port 443). 'commoncipher' is a cipher to
+which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
+for details.
+
+If the handshake fails then there are several possible causes, if it is
+nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
+B<-ssl3> options can be tried
+in case it is a buggy server. In particular you should play with these
+options B<before> submitting a bug report to an OpenSSL mailing list.
+
+A frequent problem when attempting to get client certificates working
+is that a web client complains it has no certificates or gives an empty
+list to choose from. This is normally because the server is not sending
+the clients certificate authority in its "acceptable CA list" when it
+requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
+viewed and checked. However some servers only request client authentication
+after a specific URL is requested. To obtain the list in this case it
+is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
+send an HTTP request for an appropriate page.
+
+If a certificate is specified on the command line using the B<-cert>
+option it will not be used unless the server specifically requests
+a client certificate. Therefor merely including a client certificate
+on the command line is no guarantee that the certificate works.
+
+=head1 BUGS
+
+Because this program does not have all the options of the
+L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
+able to measure the performance of all protocols with all servers.
+
+The B<-verify> option should really exit if the server verification
+fails.
+
+=head1 SEE ALSO
+
+L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/smime.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,447 +0,0 @@
-=pod
-
-=head1 NAME
-
-smime - S/MIME utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<smime>
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-sign>]
-[B<-resign>]
-[B<-verify>]
-[B<-pk7out>]
-[B<-[cipher]>]
-[B<-in file>]
-[B<-no_alt_chains>]
-[B<-certfile file>]
-[B<-signer file>]
-[B<-recip file>]
-[B<-inform SMIME|PEM|DER>]
-[B<-passin arg>]
-[B<-inkey file>]
-[B<-out file>]
-[B<-outform SMIME|PEM|DER>]
-[B<-content file>]
-[B<-to addr>]
-[B<-from ad>]
-[B<-subject s>]
-[B<-text>]
-[B<-indef>]
-[B<-noindef>]
-[B<-stream>]
-[B<-rand file(s)>]
-[B<-md digest>]
-[cert.pem]...
-
-=head1 DESCRIPTION
-
-The B<smime> command handles S/MIME mail. It can encrypt, decrypt, sign and
-verify S/MIME messages.
-
-=head1 COMMAND OPTIONS
-
-There are six operation options that set the type of operation to be performed.
-The meaning of the other options varies according to the operation type.
-
-=over 4
-
-=item B<-encrypt>
-
-encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format.
-
-=item B<-decrypt>
-
-decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
-
-=item B<-sign>
-
-sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
-
-=item B<-verify>
-
-verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
-
-=item B<-pk7out>
-
-takes an input message and writes out a PEM encoded PKCS#7 structure.
-
-=item B<-resign>
-
-resign a message: take an existing message and one or more new signers.
-
-=item B<-in filename>
-
-the input message to be encrypted or signed or the MIME message to
-be decrypted or verified.
-
-=item B<-inform SMIME|PEM|DER>
-
-this specifies the input format for the PKCS#7 structure. The default
-is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
-format change this to expect PEM and DER format PKCS#7 structures
-instead. This currently only affects the input format of the PKCS#7
-structure, if no PKCS#7 structure is being input (for example with
-B<-encrypt> or B<-sign>) this option has no effect.
-
-=item B<-out filename>
-
-the message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
-
-=item B<-outform SMIME|PEM|DER>
-
-this specifies the output format for the PKCS#7 structure. The default
-is B<SMIME> which write an S/MIME format message. B<PEM> and B<DER>
-format change this to write PEM and DER format PKCS#7 structures
-instead. This currently only affects the output format of the PKCS#7
-structure, if no PKCS#7 structure is being output (for example with
-B<-verify> or B<-decrypt>) this option has no effect.
-
-=item B<-stream -indef -noindef>
-
-the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
-for encoding operations. This permits single pass processing of data without
-the need to hold the entire contents in memory, potentially supporting very
-large files. Streaming is automatically set for S/MIME signing with detached
-data if the output format is B<SMIME> it is currently off by default for all
-other operations.
-
-=item B<-noindef>
-
-disable streaming I/O where it would produce and indefinite length constructed
-encoding. This option currently has no effect. In future streaming will be
-enabled by default on all relevant operations and this option will disable it.
-
-=item B<-content filename>
-
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the PKCS#7
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
-
-=item B<-text>
-
-this option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME
-type text/plain then an error occurs.
-
-=item B<-CAfile file>
-
-a file containing trusted CA certificates, only used with B<-verify>.
-
-=item B<-CApath dir>
-
-a directory containing trusted CA certificates, only used with
-B<-verify>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=item B<-md digest>
-
-digest algorithm to use when signing or resigning. If not present then the
-default digest algorithm for the signing key will be used (usually SHA1).
-
-=item B<-[cipher]>
-
-the encryption algorithm to use. For example DES (56 bits) - B<-des>,
-triple DES (168 bits) - B<-des3>,
-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
-example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for list of ciphers
-supported by your version of OpenSSL.
-
-If not specified triple DES is used. Only used with B<-encrypt>.
-
-=item B<-nointern>
-
-when verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
-
-=item B<-noverify>
-
-do not verify the signers certificate of a signed message.
-
-=item B<-nochain>
-
-do not do chain verification of signers certificates: that is don't
-use the certificates in the signed message as untrusted CAs.
-
-=item B<-nosigs>
-
-don't try to verify the signatures on the message.
-
-=item B<-nocerts>
-
-when signing a message the signer's certificate is normally included
-with this option it is excluded. This will reduce the size of the
-signed message but the verifier must have a copy of the signers certificate
-available locally (passed using the B<-certfile> option for example).
-
-=item B<-noattr>
-
-normally when a message is signed a set of attributes are included which
-include the signing time and supported symmetric algorithms. With this
-option they are not included.
-
-=item B<-binary>
-
-normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-nodetach>
-
-when signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME. Without this option cleartext signing with
-the MIME type multipart/signed is used.
-
-=item B<-certfile file>
-
-allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates. The certificates should be in PEM format.
-
-=item B<-signer file>
-
-a signing certificate when signing or resigning a message, this option can be
-used multiple times if more than one signer is required. If a message is being
-verified then the signers certificates will be written to this file if the
-verification was successful.
-
-=item B<-recip file>
-
-the recipients certificate when decrypting a message. This certificate
-must match one of the recipients of the message or an error occurs.
-
-=item B<-inkey file>
-
-the private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file. When signing this option can be used
-multiple times to specify successive keys.
-
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<cert.pem...>
-
-one or more certificates of message recipients: used when encrypting
-a message.
-
-=item B<-to, -from, -subject>
-
-the relevant mail headers. These are included outside the signed
-portion of a message so they may be included manually. If signing
-then many S/MIME mail clients check the signers certificate's email
-address matches that specified in the From: address.
-
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
-
-Set various options of certificate chain verification. See
-L<B<verify>|verify(1)> manual page for details.
-
-=back
-
-=head1 NOTES
-
-The MIME message must be sent without any blank lines between the
-headers and the output. Some mail programs will automatically add
-a blank line. Piping the mail directly to sendmail is one way to
-achieve the correct format.
-
-The supplied message to be signed or encrypted must include the
-necessary MIME headers or many S/MIME clients wont display it
-properly (if at all). You can use the B<-text> option to automatically
-add plain text headers.
-
-A "signed and encrypted" message is one where a signed message is
-then encrypted. This can be produced by encrypting an already signed
-message: see the examples section.
-
-This version of the program only allows one signer per message but it
-will verify multiple signers on received messages. Some S/MIME clients
-choke if a message contains multiple signers. It is possible to sign
-messages "in parallel" by signing an already signed message.
-
-The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
-clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
-encrypted data is used for other purposes.
-
-The B<-resign> option uses an existing message digest when adding a new
-signer. This means that attributes must be present in at least one existing
-signer using the same message digest or this operation will fail.
-
-The B<-stream> and B<-indef> options enable experimental streaming I/O support.
-As a result the encoding is BER using indefinite length constructed encoding
-and no longer DER. Streaming is supported for the B<-encrypt> operation and the
-B<-sign> operation if the content is not detached.
-
-Streaming is always used for the B<-sign> operation with detached data but
-since the content is no longer part of the PKCS#7 structure the encoding
-remains DER.
-
-=head1 EXIT CODES
-
-=over 4
-
-=item Z<>0
-
-the operation was completely successfully.
-
-=item Z<>1
-
-an error occurred parsing the command options.
-
-=item Z<>2
-
-one of the input files could not be read.
-
-=item Z<>3
-
-an error occurred creating the PKCS#7 file or when reading the MIME
-message.
-
-=item Z<>4
-
-an error occurred decrypting or verifying the message.
-
-=item Z<>5
-
-the message was verified correctly but an error occurred writing out
-the signers certificates.
-
-=back
-
-=head1 EXAMPLES
-
-Create a cleartext signed message:
-
- openssl smime -sign -in message.txt -text -out mail.msg \
- -signer mycert.pem
-
-Create an opaque signed message:
-
- openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
- -signer mycert.pem
-
-Create a signed message, include some additional certificates and
-read the private key from another file:
-
- openssl smime -sign -in in.txt -text -out mail.msg \
- -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
-
-Create a signed message with two signers:
-
- openssl smime -sign -in message.txt -text -out mail.msg \
- -signer mycert.pem -signer othercert.pem
-
-Send a signed message under Unix directly to sendmail, including headers:
-
- openssl smime -sign -in in.txt -text -signer mycert.pem \
- -from steve at openssl.org -to someone at somewhere \
- -subject "Signed message" | sendmail someone at somewhere
-
-Verify a message and extract the signer's certificate if successful:
-
- openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt
-
-Send encrypted mail using triple DES:
-
- openssl smime -encrypt -in in.txt -from steve at openssl.org \
- -to someone at somewhere -subject "Encrypted message" \
- -des3 user.pem -out mail.msg
-
-Sign and encrypt mail:
-
- openssl smime -sign -in ml.txt -signer my.pem -text \
- | openssl smime -encrypt -out mail.msg \
- -from steve at openssl.org -to someone at somewhere \
- -subject "Signed and Encrypted message" -des3 user.pem
-
-Note: the encryption command does not include the B<-text> option because the
-message being encrypted already has MIME headers.
-
-Decrypt mail:
-
- openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
-
-The output from Netscape form signing is a PKCS#7 structure with the
-detached signature format. You can use this program to verify the
-signature by line wrapping the base64 encoded structure and surrounding
-it with:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-and using the command:
-
- openssl smime -verify -inform PEM -in signature.pem -content content.txt
-
-Alternatively you can base64 decode the signature and use:
-
- openssl smime -verify -inform DER -in signature.der -content content.txt
-
-Create an encrypted message using 128 bit Camellia:
-
- openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
-
-Add a signer to an existing message:
-
- openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg
-
-=head1 BUGS
-
-The MIME parser isn't very clever: it seems to handle most messages that I've
-thrown at it but it may choke on others.
-
-The code currently will only write out the signer's certificate to a file: if
-the signer has a separate encryption certificate this must be manually
-extracted. There should be some heuristic that determines the correct
-encryption certificate.
-
-Ideally a database should be maintained of a certificates for each email
-address.
-
-The code doesn't currently take note of the permitted symmetric encryption
-algorithms as supplied in the SMIMECapabilities signed attribute. This means the
-user has to manually include the correct encryption algorithm. It should store
-the list of permitted ciphers in a database and only use those.
-
-No revocation checking is done on the signer's certificate.
-
-The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
-structures may cause parsing errors.
-
-=head1 HISTORY
-
-The use of multiple B<-signer> options and the B<-resign> command were first
-added in OpenSSL 1.0.0
-
-The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/smime.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/smime.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,450 @@
+=pod
+
+=head1 NAME
+
+smime - S/MIME utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<smime>
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-sign>]
+[B<-resign>]
+[B<-verify>]
+[B<-pk7out>]
+[B<-[cipher]>]
+[B<-in file>]
+[B<-no_alt_chains>]
+[B<-certfile file>]
+[B<-signer file>]
+[B<-recip file>]
+[B<-inform SMIME|PEM|DER>]
+[B<-passin arg>]
+[B<-inkey file>]
+[B<-out file>]
+[B<-outform SMIME|PEM|DER>]
+[B<-content file>]
+[B<-to addr>]
+[B<-from ad>]
+[B<-subject s>]
+[B<-text>]
+[B<-indef>]
+[B<-noindef>]
+[B<-stream>]
+[B<-rand file(s)>]
+[B<-md digest>]
+[cert.pem]...
+
+=head1 DESCRIPTION
+
+The B<smime> command handles S/MIME mail. It can encrypt, decrypt, sign and
+verify S/MIME messages.
+
+=head1 COMMAND OPTIONS
+
+There are six operation options that set the type of operation to be performed.
+The meaning of the other options varies according to the operation type.
+
+=over 4
+
+=item B<-encrypt>
+
+encrypt mail for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted mail in MIME format.
+
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
+
+=item B<-decrypt>
+
+decrypt mail using the supplied certificate and private key. Expects an
+encrypted mail message in MIME format for the input file. The decrypted mail
+is written to the output file.
+
+=item B<-sign>
+
+sign mail using the supplied certificate and private key. Input file is
+the message to be signed. The signed message in MIME format is written
+to the output file.
+
+=item B<-verify>
+
+verify signed mail. Expects a signed mail message on input and outputs
+the signed data. Both clear text and opaque signing is supported.
+
+=item B<-pk7out>
+
+takes an input message and writes out a PEM encoded PKCS#7 structure.
+
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
+=item B<-in filename>
+
+the input message to be encrypted or signed or the MIME message to
+be decrypted or verified.
+
+=item B<-inform SMIME|PEM|DER>
+
+this specifies the input format for the PKCS#7 structure. The default
+is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
+format change this to expect PEM and DER format PKCS#7 structures
+instead. This currently only affects the input format of the PKCS#7
+structure, if no PKCS#7 structure is being input (for example with
+B<-encrypt> or B<-sign>) this option has no effect.
+
+=item B<-out filename>
+
+the message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
+
+=item B<-outform SMIME|PEM|DER>
+
+this specifies the output format for the PKCS#7 structure. The default
+is B<SMIME> which write an S/MIME format message. B<PEM> and B<DER>
+format change this to write PEM and DER format PKCS#7 structures
+instead. This currently only affects the output format of the PKCS#7
+structure, if no PKCS#7 structure is being output (for example with
+B<-verify> or B<-decrypt>) this option has no effect.
+
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-content filename>
+
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the PKCS#7
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
+
+=item B<-text>
+
+this option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME
+type text/plain then an error occurs.
+
+=item B<-CAfile file>
+
+a file containing trusted CA certificates, only used with B<-verify>.
+
+=item B<-CApath dir>
+
+a directory containing trusted CA certificates, only used with
+B<-verify>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=item B<-md digest>
+
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example DES (56 bits) - B<-des>,
+triple DES (168 bits) - B<-des3>,
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for list of ciphers
+supported by your version of OpenSSL.
+
+If not specified triple DES is used. Only used with B<-encrypt>.
+
+=item B<-nointern>
+
+when verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
+
+=item B<-noverify>
+
+do not verify the signers certificate of a signed message.
+
+=item B<-nochain>
+
+do not do chain verification of signers certificates: that is don't
+use the certificates in the signed message as untrusted CAs.
+
+=item B<-nosigs>
+
+don't try to verify the signatures on the message.
+
+=item B<-nocerts>
+
+when signing a message the signer's certificate is normally included
+with this option it is excluded. This will reduce the size of the
+signed message but the verifier must have a copy of the signers certificate
+available locally (passed using the B<-certfile> option for example).
+
+=item B<-noattr>
+
+normally when a message is signed a set of attributes are included which
+include the signing time and supported symmetric algorithms. With this
+option they are not included.
+
+=item B<-binary>
+
+normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-nodetach>
+
+when signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME. Without this option cleartext signing with
+the MIME type multipart/signed is used.
+
+=item B<-certfile file>
+
+allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates. The certificates should be in PEM format.
+
+=item B<-signer file>
+
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
+
+=item B<-recip file>
+
+the recipients certificate when decrypting a message. This certificate
+must match one of the recipients of the message or an error occurs.
+
+=item B<-inkey file>
+
+the private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<cert.pem...>
+
+one or more certificates of message recipients: used when encrypting
+a message.
+
+=item B<-to, -from, -subject>
+
+the relevant mail headers. These are included outside the signed
+portion of a message so they may be included manually. If signing
+then many S/MIME mail clients check the signers certificate's email
+address matches that specified in the From: address.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
+
+Set various options of certificate chain verification. See
+L<B<verify>|verify(1)> manual page for details.
+
+=back
+
+=head1 NOTES
+
+The MIME message must be sent without any blank lines between the
+headers and the output. Some mail programs will automatically add
+a blank line. Piping the mail directly to sendmail is one way to
+achieve the correct format.
+
+The supplied message to be signed or encrypted must include the
+necessary MIME headers or many S/MIME clients wont display it
+properly (if at all). You can use the B<-text> option to automatically
+add plain text headers.
+
+A "signed and encrypted" message is one where a signed message is
+then encrypted. This can be produced by encrypting an already signed
+message: see the examples section.
+
+This version of the program only allows one signer per message but it
+will verify multiple signers on received messages. Some S/MIME clients
+choke if a message contains multiple signers. It is possible to sign
+messages "in parallel" by signing an already signed message.
+
+The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
+clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
+encrypted data is used for other purposes.
+
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the PKCS#7 structure the encoding
+remains DER.
+
+=head1 EXIT CODES
+
+=over 4
+
+=item Z<>0
+
+the operation was completely successfully.
+
+=item Z<>1
+
+an error occurred parsing the command options.
+
+=item Z<>2
+
+one of the input files could not be read.
+
+=item Z<>3
+
+an error occurred creating the PKCS#7 file or when reading the MIME
+message.
+
+=item Z<>4
+
+an error occurred decrypting or verifying the message.
+
+=item Z<>5
+
+the message was verified correctly but an error occurred writing out
+the signers certificates.
+
+=back
+
+=head1 EXAMPLES
+
+Create a cleartext signed message:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem
+
+Create an opaque signed message:
+
+ openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
+ -signer mycert.pem
+
+Create a signed message, include some additional certificates and
+read the private key from another file:
+
+ openssl smime -sign -in in.txt -text -out mail.msg \
+ -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+Create a signed message with two signers:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem -signer othercert.pem
+
+Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl smime -sign -in in.txt -text -signer mycert.pem \
+ -from steve at openssl.org -to someone at somewhere \
+ -subject "Signed message" | sendmail someone at somewhere
+
+Verify a message and extract the signer's certificate if successful:
+
+ openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt
+
+Send encrypted mail using triple DES:
+
+ openssl smime -encrypt -in in.txt -from steve at openssl.org \
+ -to someone at somewhere -subject "Encrypted message" \
+ -des3 user.pem -out mail.msg
+
+Sign and encrypt mail:
+
+ openssl smime -sign -in ml.txt -signer my.pem -text \
+ | openssl smime -encrypt -out mail.msg \
+ -from steve at openssl.org -to someone at somewhere \
+ -subject "Signed and Encrypted message" -des3 user.pem
+
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
+
+Decrypt mail:
+
+ openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+
+The output from Netscape form signing is a PKCS#7 structure with the
+detached signature format. You can use this program to verify the
+signature by line wrapping the base64 encoded structure and surrounding
+it with:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+and using the command:
+
+ openssl smime -verify -inform PEM -in signature.pem -content content.txt
+
+Alternatively you can base64 decode the signature and use:
+
+ openssl smime -verify -inform DER -in signature.der -content content.txt
+
+Create an encrypted message using 128 bit Camellia:
+
+ openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
+=head1 BUGS
+
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
+
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
+
+Ideally a database should be maintained of a certificates for each email
+address.
+
+The code doesn't currently take note of the permitted symmetric encryption
+algorithms as supplied in the SMIMECapabilities signed attribute. This means the
+user has to manually include the correct encryption algorithm. It should store
+the list of permitted ciphers in a database and only use those.
+
+No revocation checking is done on the signer's certificate.
+
+The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
+structures may cause parsing errors.
+
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/apps/verify.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,425 +0,0 @@
-=pod
-
-=head1 NAME
-
-verify - Utility to verify certificates.
-
-=head1 SYNOPSIS
-
-B<openssl> B<verify>
-[B<-CApath directory>]
-[B<-CAfile file>]
-[B<-purpose purpose>]
-[B<-policy arg>]
-[B<-ignore_critical>]
-[B<-crl_check>]
-[B<-crl_check_all>]
-[B<-policy_check>]
-[B<-explicit_policy>]
-[B<-inhibit_any>]
-[B<-inhibit_map>]
-[B<-x509_strict>]
-[B<-extended_crl>]
-[B<-use_deltas>]
-[B<-policy_print>]
-[B<-no_alt_chains>]
-[B<-untrusted file>]
-[B<-help>]
-[B<-issuer_checks>]
-[B<-attime timestamp>]
-[B<-verbose>]
-[B<->]
-[certificates]
-
-
-=head1 DESCRIPTION
-
-The B<verify> command verifies certificate chains.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-CApath directory>
-
-A directory of trusted certificates. The certificates should have names
-of the form: hash.0 or have symbolic links to them of this
-form ("hash" is the hashed certificate subject name: see the B<-hash> option
-of the B<x509> utility). Under Unix the B<c_rehash> script will automatically
-create symbolic links to a directory of certificates.
-
-=item B<-CAfile file>
-A file of trusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
-
-=item B<-untrusted file>
-
-A file of untrusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
-
-=item B<-purpose purpose>
-
-The intended use for the certificate. If this option is not specified,
-B<verify> will not consider certificate purpose during chain verification.
-Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
-B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
-information.
-
-=item B<-help>
-
-Print out a usage message.
-
-=item B<-verbose>
-
-Print extra information about the operations being performed.
-
-=item B<-issuer_checks>
-
-Print out diagnostics relating to searches for the issuer certificate of the
-current certificate. This shows why each candidate issuer certificate was
-rejected. The presence of rejection messages does not itself imply that
-anything is wrong; during the normal verification process, several
-rejections may take place.
-
-=item B<-attime timestamp>
-
-Perform validation checks using time specified by B<timestamp> and not
-current system time. B<timestamp> is the number of seconds since
-01.01.1970 (UNIX time).
-
-=item B<-policy arg>
-
-Enable policy processing and add B<arg> to the user-initial-policy-set (see
-RFC5280). The policy B<arg> can be an object name an OID in numeric form.
-This argument can appear more than once.
-
-=item B<-policy_check>
-
-Enables certificate policy processing.
-
-=item B<-explicit_policy>
-
-Set policy variable require-explicit-policy (see RFC5280).
-
-=item B<-inhibit_any>
-
-Set policy variable inhibit-any-policy (see RFC5280).
-
-=item B<-inhibit_map>
-
-Set policy variable inhibit-policy-mapping (see RFC5280).
-
-=item B<-no_alt_chains>
-
-When building a certificate chain, if the first certificate chain found is not
-trusted, then OpenSSL will continue to check to see if an alternative chain can
-be found that is trusted. With this option that behaviour is suppressed so that
-only the first chain found is ever used. Using this option will force the
-behaviour to match that of previous OpenSSL versions.
-
-=item B<-policy_print>
-
-Print out diagnostics related to policy processing.
-
-=item B<-crl_check>
-
-Checks end entity certificate validity by attempting to look up a valid CRL.
-If a valid CRL cannot be found an error occurs.
-
-=item B<-crl_check_all>
-
-Checks the validity of B<all> certificates in the chain by attempting
-to look up valid CRLs.
-
-=item B<-ignore_critical>
-
-Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by RFC5280).
-If this option is set critical extensions are ignored.
-
-=item B<-x509_strict>
-
-For strict X.509 compliance, disable non-compliant workarounds for broken
-certificates.
-
-=item B<-extended_crl>
-
-Enable extended CRL features such as indirect CRLs and alternate CRL
-signing keys.
-
-=item B<-use_deltas>
-
-Enable support for delta CRLs.
-
-=item B<-check_ss_sig>
-
-Verify the signature on the self-signed root CA. This is disabled by default
-because it doesn't add any security.
-
-=item B<->
-
-Indicates the last option. All arguments following this are assumed to be
-certificate files. This is useful if the first certificate filename begins
-with a B<->.
-
-=item B<certificates>
-
-One or more certificates to verify. If no certificates are given, B<verify>
-will attempt to read a certificate from standard input. Certificates must be
-in PEM format.
-
-=back
-
-=head1 VERIFY OPERATION
-
-The B<verify> program uses the same functions as the internal SSL and S/MIME
-verification, therefore this description applies to these verify operations
-too.
-
-There is one crucial difference between the verify operations performed
-by the B<verify> program: wherever possible an attempt is made to continue
-after an error whereas normally the verify operation would halt on the
-first error. This allows all the problems with a certificate chain to be
-determined.
-
-The verify operation consists of a number of separate steps.
-
-Firstly a certificate chain is built up starting from the supplied certificate
-and ending in the root CA. It is an error if the whole chain cannot be built
-up. The chain is built up by looking up the issuers certificate of the current
-certificate. If a certificate is found which is its own issuer it is assumed
-to be the root CA.
-
-The process of 'looking up the issuers certificate' itself involves a number
-of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
-subject name matched the issuer of the current certificate was assumed to be
-the issuers certificate. In OpenSSL 0.9.6 and later all certificates
-whose subject name matches the issuer name of the current certificate are
-subject to further tests. The relevant authority key identifier components
-of the current certificate (if present) must match the subject key identifier
-(if present) and issuer and serial number of the candidate issuer, in addition
-the keyUsage extension of the candidate issuer (if present) must permit
-certificate signing.
-
-The lookup first looks in the list of untrusted certificates and if no match
-is found the remaining lookups are from the trusted certificates. The root CA
-is always looked up in the trusted certificate list: if the certificate to
-verify is a root certificate then an exact match must be found in the trusted
-list.
-
-The second operation is to check every untrusted certificate's extensions for
-consistency with the supplied purpose. If the B<-purpose> option is not included
-then no checks are done. The supplied or "leaf" certificate must have extensions
-compatible with the supplied purpose and all other certificates must also be valid
-CA certificates. The precise extensions required are described in more detail in
-the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility.
-
-The third operation is to check the trust settings on the root CA. The root
-CA should be trusted for the supplied purpose. For compatibility with previous
-versions of SSLeay and OpenSSL a certificate with no trust settings is considered
-to be valid for all purposes.
-
-The final operation is to check the validity of the certificate chain. The validity
-period is checked against the current system time and the notBefore and notAfter
-dates in the certificate. The certificate signatures are also checked at this
-point.
-
-If all operations complete successfully then certificate is considered valid. If
-any operation fails then the certificate is not valid.
-
-=head1 DIAGNOSTICS
-
-When a verify operation fails the output messages can be somewhat cryptic. The
-general form of the error message is:
-
- server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
- error 24 at 1 depth lookup:invalid CA certificate
-
-The first line contains the name of the certificate being verified followed by
-the subject name of the certificate. The second line contains the error number
-and the depth. The depth is number of the certificate being verified when a
-problem was detected starting with zero for the certificate being verified itself
-then 1 for the CA that signed the certificate and so on. Finally a text version
-of the error number is presented.
-
-An exhaustive list of the error codes and messages is shown below, this also
-includes the name of the error code as defined in the header file x509_vfy.h
-Some of the error codes are defined but never returned: these are described
-as "unused".
-
-=over 4
-
-=item B<0 X509_V_OK: ok>
-
-the operation was successful.
-
-=item B<2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
-
-the issuer certificate of a looked up certificate could not be found. This
-normally means the list of trusted certificates is not complete.
-
-=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
-
-the CRL of a certificate could not be found.
-
-=item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
-
-the certificate signature could not be decrypted. This means that the actual signature value
-could not be determined rather than it not matching the expected value, this is only
-meaningful for RSA keys.
-
-=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
-
-the CRL signature could not be decrypted: this means that the actual signature value
-could not be determined rather than it not matching the expected value. Unused.
-
-=item B<6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
-
-the public key in the certificate SubjectPublicKeyInfo could not be read.
-
-=item B<7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
-
-the certificate is not yet valid: the notBefore date is after the current time.
-
-=item B<10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
-
-the certificate has expired: that is the notAfter date is before the current time.
-
-=item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
-
-the CRL is not yet valid.
-
-=item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
-
-the CRL has expired.
-
-=item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
-
-the certificate notBefore field contains an invalid time.
-
-=item B<14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
-
-the certificate notAfter field contains an invalid time.
-
-=item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
-
-the CRL lastUpdate field contains an invalid time.
-
-=item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
-
-the CRL nextUpdate field contains an invalid time.
-
-=item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>
-
-an error occurred trying to allocate memory. This should never happen.
-
-=item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
-
-the passed certificate is self signed and the same certificate cannot be found in the list of
-trusted certificates.
-
-=item B<19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
-
-the certificate chain could be built up using the untrusted certificates but the root could not
-be found locally.
-
-=item B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
-
-the issuer certificate could not be found: this occurs if the issuer
-certificate of an untrusted certificate cannot be found.
-
-=item B<21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
-
-no signatures could be verified because the chain contains only one certificate and it is not
-self signed.
-
-=item B<22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
-
-the certificate chain length is greater than the supplied maximum depth. Unused.
-
-=item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked>
-
-the certificate has been revoked.
-
-=item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate>
-
-a CA certificate is invalid. Either it is not a CA or its extensions are not consistent
-with the supplied purpose.
-
-=item B<25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
-
-the basicConstraints pathlength parameter has been exceeded.
-
-=item B<26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
-
-the supplied certificate cannot be used for the specified purpose.
-
-=item B<27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
-
-the root CA is not marked as trusted for the specified purpose.
-
-=item B<28 X509_V_ERR_CERT_REJECTED: certificate rejected>
-
-the root CA is marked to reject the specified purpose.
-
-=item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
-
-the current candidate issuer certificate was rejected because its subject name
-did not match the issuer name of the current certificate. Only displayed when
-the B<-issuer_checks> option is set.
-
-=item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
-
-the current candidate issuer certificate was rejected because its subject key
-identifier was present and did not match the authority key identifier current
-certificate. Only displayed when the B<-issuer_checks> option is set.
-
-=item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
-
-the current candidate issuer certificate was rejected because its issuer name
-and serial number was present and did not match the authority key identifier
-of the current certificate. Only displayed when the B<-issuer_checks> option is set.
-
-=item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
-
-the current candidate issuer certificate was rejected because its keyUsage extension
-does not permit certificate signing.
-
-=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
-
-an application specific error. Unused.
-
-=back
-
-=head1 BUGS
-
-Although the issuer checks are a considerable improvement over the old technique they still
-suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
-trusted certificates with matching subject name must either appear in a file (as specified by the
-B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
-the certificates in the file will be recognised.
-
-Previous versions of OpenSSL assume certificates with matching subject name are identical and
-mishandled them.
-
-Previous versions of this documentation swapped the meaning of the
-B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT> and
-B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> error codes.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>
-
-=head1 HISTORY
-
-The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod (from rev 11605, vendor-crypto/openssl/dist/doc/apps/verify.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/apps/verify.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,430 @@
+=pod
+
+=head1 NAME
+
+verify - Utility to verify certificates.
+
+=head1 SYNOPSIS
+
+B<openssl> B<verify>
+[B<-CApath directory>]
+[B<-CAfile file>]
+[B<-purpose purpose>]
+[B<-policy arg>]
+[B<-ignore_critical>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-policy_check>]
+[B<-explicit_policy>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-x509_strict>]
+[B<-extended_crl>]
+[B<-use_deltas>]
+[B<-policy_print>]
+[B<-no_alt_chains>]
+[B<-allow_proxy_certs>]
+[B<-untrusted file>]
+[B<-help>]
+[B<-issuer_checks>]
+[B<-attime timestamp>]
+[B<-verbose>]
+[B<->]
+[certificates]
+
+
+=head1 DESCRIPTION
+
+The B<verify> command verifies certificate chains.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-CApath directory>
+
+A directory of trusted certificates. The certificates should have names
+of the form: hash.0 or have symbolic links to them of this
+form ("hash" is the hashed certificate subject name: see the B<-hash> option
+of the B<x509> utility). Under Unix the B<c_rehash> script will automatically
+create symbolic links to a directory of certificates.
+
+=item B<-CAfile file>
+A file of trusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
+
+=item B<-untrusted file>
+
+A file of untrusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
+
+=item B<-purpose purpose>
+
+The intended use for the certificate. If this option is not specified,
+B<verify> will not consider certificate purpose during chain verification.
+Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
+B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
+information.
+
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-verbose>
+
+Print extra information about the operations being performed.
+
+=item B<-issuer_checks>
+
+Print out diagnostics relating to searches for the issuer certificate of the
+current certificate. This shows why each candidate issuer certificate was
+rejected. The presence of rejection messages does not itself imply that
+anything is wrong; during the normal verification process, several
+rejections may take place.
+
+=item B<-attime timestamp>
+
+Perform validation checks using time specified by B<timestamp> and not
+current system time. B<timestamp> is the number of seconds since
+01.01.1970 (UNIX time).
+
+=item B<-policy arg>
+
+Enable policy processing and add B<arg> to the user-initial-policy-set (see
+RFC5280). The policy B<arg> can be an object name an OID in numeric form.
+This argument can appear more than once.
+
+=item B<-policy_check>
+
+Enables certificate policy processing.
+
+=item B<-explicit_policy>
+
+Set policy variable require-explicit-policy (see RFC5280).
+
+=item B<-inhibit_any>
+
+Set policy variable inhibit-any-policy (see RFC5280).
+
+=item B<-inhibit_map>
+
+Set policy variable inhibit-policy-mapping (see RFC5280).
+
+=item B<-no_alt_chains>
+
+When building a certificate chain, if the first certificate chain found is not
+trusted, then OpenSSL will continue to check to see if an alternative chain can
+be found that is trusted. With this option that behaviour is suppressed so that
+only the first chain found is ever used. Using this option will force the
+behaviour to match that of previous OpenSSL versions.
+
+=item B<-allow_proxy_certs>
+
+Allow the verification of proxy certificates.
+
+=item B<-policy_print>
+
+Print out diagnostics related to policy processing.
+
+=item B<-crl_check>
+
+Checks end entity certificate validity by attempting to look up a valid CRL.
+If a valid CRL cannot be found an error occurs.
+
+=item B<-crl_check_all>
+
+Checks the validity of B<all> certificates in the chain by attempting
+to look up valid CRLs.
+
+=item B<-ignore_critical>
+
+Normally if an unhandled critical extension is present which is not
+supported by OpenSSL the certificate is rejected (as required by RFC5280).
+If this option is set critical extensions are ignored.
+
+=item B<-x509_strict>
+
+For strict X.509 compliance, disable non-compliant workarounds for broken
+certificates.
+
+=item B<-extended_crl>
+
+Enable extended CRL features such as indirect CRLs and alternate CRL
+signing keys.
+
+=item B<-use_deltas>
+
+Enable support for delta CRLs.
+
+=item B<-check_ss_sig>
+
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
+
+=item B<->
+
+Indicates the last option. All arguments following this are assumed to be
+certificate files. This is useful if the first certificate filename begins
+with a B<->.
+
+=item B<certificates>
+
+One or more certificates to verify. If no certificates are given, B<verify>
+will attempt to read a certificate from standard input. Certificates must be
+in PEM format.
+
+=back
+
+=head1 VERIFY OPERATION
+
+The B<verify> program uses the same functions as the internal SSL and S/MIME
+verification, therefore this description applies to these verify operations
+too.
+
+There is one crucial difference between the verify operations performed
+by the B<verify> program: wherever possible an attempt is made to continue
+after an error whereas normally the verify operation would halt on the
+first error. This allows all the problems with a certificate chain to be
+determined.
+
+The verify operation consists of a number of separate steps.
+
+Firstly a certificate chain is built up starting from the supplied certificate
+and ending in the root CA. It is an error if the whole chain cannot be built
+up. The chain is built up by looking up the issuers certificate of the current
+certificate. If a certificate is found which is its own issuer it is assumed
+to be the root CA.
+
+The process of 'looking up the issuers certificate' itself involves a number
+of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
+subject name matched the issuer of the current certificate was assumed to be
+the issuers certificate. In OpenSSL 0.9.6 and later all certificates
+whose subject name matches the issuer name of the current certificate are
+subject to further tests. The relevant authority key identifier components
+of the current certificate (if present) must match the subject key identifier
+(if present) and issuer and serial number of the candidate issuer, in addition
+the keyUsage extension of the candidate issuer (if present) must permit
+certificate signing.
+
+The lookup first looks in the list of untrusted certificates and if no match
+is found the remaining lookups are from the trusted certificates. The root CA
+is always looked up in the trusted certificate list: if the certificate to
+verify is a root certificate then an exact match must be found in the trusted
+list.
+
+The second operation is to check every untrusted certificate's extensions for
+consistency with the supplied purpose. If the B<-purpose> option is not included
+then no checks are done. The supplied or "leaf" certificate must have extensions
+compatible with the supplied purpose and all other certificates must also be valid
+CA certificates. The precise extensions required are described in more detail in
+the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility.
+
+The third operation is to check the trust settings on the root CA. The root
+CA should be trusted for the supplied purpose. For compatibility with previous
+versions of SSLeay and OpenSSL a certificate with no trust settings is considered
+to be valid for all purposes.
+
+The final operation is to check the validity of the certificate chain. The validity
+period is checked against the current system time and the notBefore and notAfter
+dates in the certificate. The certificate signatures are also checked at this
+point.
+
+If all operations complete successfully then certificate is considered valid. If
+any operation fails then the certificate is not valid.
+
+=head1 DIAGNOSTICS
+
+When a verify operation fails the output messages can be somewhat cryptic. The
+general form of the error message is:
+
+ server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+ error 24 at 1 depth lookup:invalid CA certificate
+
+The first line contains the name of the certificate being verified followed by
+the subject name of the certificate. The second line contains the error number
+and the depth. The depth is number of the certificate being verified when a
+problem was detected starting with zero for the certificate being verified itself
+then 1 for the CA that signed the certificate and so on. Finally a text version
+of the error number is presented.
+
+An exhaustive list of the error codes and messages is shown below, this also
+includes the name of the error code as defined in the header file x509_vfy.h
+Some of the error codes are defined but never returned: these are described
+as "unused".
+
+=over 4
+
+=item B<0 X509_V_OK: ok>
+
+the operation was successful.
+
+=item B<2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
+
+the issuer certificate of a looked up certificate could not be found. This
+normally means the list of trusted certificates is not complete.
+
+=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
+
+the CRL of a certificate could not be found.
+
+=item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
+
+the certificate signature could not be decrypted. This means that the actual signature value
+could not be determined rather than it not matching the expected value, this is only
+meaningful for RSA keys.
+
+=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
+
+the CRL signature could not be decrypted: this means that the actual signature value
+could not be determined rather than it not matching the expected value. Unused.
+
+=item B<6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
+
+the public key in the certificate SubjectPublicKeyInfo could not be read.
+
+=item B<7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
+
+the certificate is not yet valid: the notBefore date is after the current time.
+
+=item B<10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
+
+the certificate has expired: that is the notAfter date is before the current time.
+
+=item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
+
+the CRL is not yet valid.
+
+=item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
+
+the CRL has expired.
+
+=item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
+
+the certificate notBefore field contains an invalid time.
+
+=item B<14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
+
+the certificate notAfter field contains an invalid time.
+
+=item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
+
+the CRL lastUpdate field contains an invalid time.
+
+=item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
+
+the CRL nextUpdate field contains an invalid time.
+
+=item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>
+
+an error occurred trying to allocate memory. This should never happen.
+
+=item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
+
+the passed certificate is self signed and the same certificate cannot be found in the list of
+trusted certificates.
+
+=item B<19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
+
+the certificate chain could be built up using the untrusted certificates but the root could not
+be found locally.
+
+=item B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
+
+the issuer certificate could not be found: this occurs if the issuer
+certificate of an untrusted certificate cannot be found.
+
+=item B<21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
+
+no signatures could be verified because the chain contains only one certificate and it is not
+self signed.
+
+=item B<22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
+
+the certificate chain length is greater than the supplied maximum depth. Unused.
+
+=item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked>
+
+the certificate has been revoked.
+
+=item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate>
+
+a CA certificate is invalid. Either it is not a CA or its extensions are not consistent
+with the supplied purpose.
+
+=item B<25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
+
+the basicConstraints pathlength parameter has been exceeded.
+
+=item B<26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
+
+the supplied certificate cannot be used for the specified purpose.
+
+=item B<27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
+
+the root CA is not marked as trusted for the specified purpose.
+
+=item B<28 X509_V_ERR_CERT_REJECTED: certificate rejected>
+
+the root CA is marked to reject the specified purpose.
+
+=item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
+
+the current candidate issuer certificate was rejected because its subject name
+did not match the issuer name of the current certificate. Only displayed when
+the B<-issuer_checks> option is set.
+
+=item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
+
+the current candidate issuer certificate was rejected because its subject key
+identifier was present and did not match the authority key identifier current
+certificate. Only displayed when the B<-issuer_checks> option is set.
+
+=item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
+
+the current candidate issuer certificate was rejected because its issuer name
+and serial number was present and did not match the authority key identifier
+of the current certificate. Only displayed when the B<-issuer_checks> option is set.
+
+=item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
+
+the current candidate issuer certificate was rejected because its keyUsage extension
+does not permit certificate signing.
+
+=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
+
+an application specific error. Unused.
+
+=back
+
+=head1 BUGS
+
+Although the issuer checks are a considerable improvement over the old technique they still
+suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
+trusted certificates with matching subject name must either appear in a file (as specified by the
+B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
+the certificates in the file will be recognised.
+
+Previous versions of OpenSSL assume certificates with matching subject name are identical and
+mishandled them.
+
+Previous versions of this documentation swapped the meaning of the
+B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT> and
+B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> error codes.
+
+=head1 SEE ALSO
+
+L<x509(1)|x509(1)>
+
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/crypto/BIO_s_connect.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,192 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_connect, BIO_set_conn_hostname, BIO_set_conn_port,
-BIO_set_conn_ip, BIO_set_conn_int_port, BIO_get_conn_hostname,
-BIO_get_conn_port, BIO_get_conn_ip, BIO_get_conn_int_port,
-BIO_set_nbio, BIO_do_connect - connect BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD * BIO_s_connect(void);
-
- BIO *BIO_new_connect(char *name);
-
- long BIO_set_conn_hostname(BIO *b, char *name);
- long BIO_set_conn_port(BIO *b, char *port);
- long BIO_set_conn_ip(BIO *b, char *ip);
- long BIO_set_conn_int_port(BIO *b, char *port);
- char *BIO_get_conn_hostname(BIO *b);
- char *BIO_get_conn_port(BIO *b);
- char *BIO_get_conn_ip(BIO *b, dummy);
- long BIO_get_conn_int_port(BIO *b, int port);
-
- long BIO_set_nbio(BIO *b, long n);
-
- int BIO_do_connect(BIO *b);
-
-=head1 DESCRIPTION
-
-BIO_s_connect() returns the connect BIO method. This is a wrapper
-round the platform's TCP/IP socket connection routines.
-
-Using connect BIOs, TCP/IP connections can be made and data
-transferred using only BIO routines. In this way any platform
-specific operations are hidden by the BIO abstraction.
-
-Read and write operations on a connect BIO will perform I/O
-on the underlying connection. If no connection is established
-and the port and hostname (see below) is set up properly then
-a connection is established first.
-
-Connect BIOs support BIO_puts() but not BIO_gets().
-
-If the close flag is set on a connect BIO then any active
-connection is shutdown and the socket closed when the BIO
-is freed.
-
-Calling BIO_reset() on a connect BIO will close any active
-connection and reset the BIO into a state where it can connect
-to the same host again.
-
-BIO_get_fd() places the underlying socket in B<c> if it is not NULL,
-it also returns the socket . If B<c> is not NULL it should be of
-type (int *).
-
-BIO_set_conn_hostname() uses the string B<name> to set the hostname.
-The hostname can be an IP address. The hostname can also include the
-port in the form hostname:port . It is also acceptable to use the
-form "hostname/any/other/path" or "hostname:port/any/other/path".
-
-BIO_set_conn_port() sets the port to B<port>. B<port> can be the
-numerical form or a string such as "http". A string will be looked
-up first using getservbyname() on the host platform but if that
-fails a standard table of port names will be used. Currently the
-list is http, telnet, socks, https, ssl, ftp, gopher and wais.
-
-BIO_set_conn_ip() sets the IP address to B<ip> using binary form,
-that is four bytes specifying the IP address in big-endian form.
-
-BIO_set_conn_int_port() sets the port using B<port>. B<port> should
-be of type (int *).
-
-BIO_get_conn_hostname() returns the hostname of the connect BIO or
-NULL if the BIO is initialized but no hostname is set.
-This return value is an internal pointer which should not be modified.
-
-BIO_get_conn_port() returns the port as a string.
-
-BIO_get_conn_ip() returns the IP address in binary form.
-
-BIO_get_conn_int_port() returns the port as an int.
-
-BIO_set_nbio() sets the non blocking I/O flag to B<n>. If B<n> is
-zero then blocking I/O is set. If B<n> is 1 then non blocking I/O
-is set. Blocking I/O is the default. The call to BIO_set_nbio()
-should be made before the connection is established because
-non blocking I/O is set during the connect process.
-
-BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into
-a single call: that is it creates a new connect BIO with B<name>.
-
-BIO_do_connect() attempts to connect the supplied BIO. It returns 1
-if the connection was established successfully. A zero or negative
-value is returned if the connection could not be established, the
-call BIO_should_retry() should be used for non blocking connect BIOs
-to determine if the call should be retried.
-
-=head1 NOTES
-
-If blocking I/O is set then a non positive return value from any
-I/O call is caused by an error condition, although a zero return
-will normally mean that the connection was closed.
-
-If the port name is supplied as part of the host name then this will
-override any value set with BIO_set_conn_port(). This may be undesirable
-if the application does not wish to allow connection to arbitrary
-ports. This can be avoided by checking for the presence of the ':'
-character in the passed hostname and either indicating an error or
-truncating the string at that point.
-
-The values returned by BIO_get_conn_hostname(), BIO_get_conn_port(),
-BIO_get_conn_ip() and BIO_get_conn_int_port() are updated when a
-connection attempt is made. Before any connection attempt the values
-returned are those set by the application itself.
-
-Applications do not have to call BIO_do_connect() but may wish to do
-so to separate the connection process from other I/O processing.
-
-If non blocking I/O is set then retries will be requested as appropriate.
-
-It addition to BIO_should_read() and BIO_should_write() it is also
-possible for BIO_should_io_special() to be true during the initial
-connection process with the reason BIO_RR_CONNECT. If this is returned
-then this is an indication that a connection attempt would block,
-the application should then take appropriate action to wait until
-the underlying socket has connected and retry the call.
-
-BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip(),
-BIO_set_conn_int_port(), BIO_get_conn_hostname(), BIO_get_conn_port(),
-BIO_get_conn_ip(), BIO_get_conn_int_port(), BIO_set_nbio() and
-BIO_do_connect() are macros.
-
-=head1 RETURN VALUES
-
-BIO_s_connect() returns the connect BIO method.
-
-BIO_get_fd() returns the socket or -1 if the BIO has not
-been initialized.
-
-BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip() and
-BIO_set_conn_int_port() always return 1.
-
-BIO_get_conn_hostname() returns the connected hostname or NULL is
-none was set.
-
-BIO_get_conn_port() returns a string representing the connected
-port or NULL if not set.
-
-BIO_get_conn_ip() returns a pointer to the connected IP address in
-binary form or all zeros if not set.
-
-BIO_get_conn_int_port() returns the connected port or 0 if none was
-set.
-
-BIO_set_nbio() always returns 1.
-
-BIO_do_connect() returns 1 if the connection was successfully
-established and 0 or -1 if the connection failed.
-
-=head1 EXAMPLE
-
-This is example connects to a webserver on the local host and attempts
-to retrieve a page and copy the result to standard output.
-
-
- BIO *cbio, *out;
- int len;
- char tmpbuf[1024];
- ERR_load_crypto_strings();
- cbio = BIO_new_connect("localhost:http");
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
- if(BIO_do_connect(cbio) <= 0) {
- fprintf(stderr, "Error connecting to server\n");
- ERR_print_errors_fp(stderr);
- /* whatever ... */
- }
- BIO_puts(cbio, "GET / HTTP/1.0\n\n");
- for(;;) {
- len = BIO_read(cbio, tmpbuf, 1024);
- if(len <= 0) break;
- BIO_write(out, tmpbuf, len);
- }
- BIO_free(cbio);
- BIO_free(out);
-
-
-=head1 SEE ALSO
-
-TBA
Copied: vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod (from rev 11605, vendor-crypto/openssl/dist/doc/crypto/BIO_s_connect.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/BIO_s_connect.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,192 @@
+=pod
+
+=head1 NAME
+
+BIO_s_connect, BIO_set_conn_hostname, BIO_set_conn_port,
+BIO_set_conn_ip, BIO_set_conn_int_port, BIO_get_conn_hostname,
+BIO_get_conn_port, BIO_get_conn_ip, BIO_get_conn_int_port,
+BIO_set_nbio, BIO_do_connect - connect BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_ip(BIO *b, char *ip);
+ long BIO_set_conn_int_port(BIO *b, char *port);
+ char *BIO_get_conn_hostname(BIO *b);
+ char *BIO_get_conn_port(BIO *b);
+ char *BIO_get_conn_ip(BIO *b);
+ long BIO_get_conn_int_port(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);
+
+=head1 DESCRIPTION
+
+BIO_s_connect() returns the connect BIO method. This is a wrapper
+round the platform's TCP/IP socket connection routines.
+
+Using connect BIOs, TCP/IP connections can be made and data
+transferred using only BIO routines. In this way any platform
+specific operations are hidden by the BIO abstraction.
+
+Read and write operations on a connect BIO will perform I/O
+on the underlying connection. If no connection is established
+and the port and hostname (see below) is set up properly then
+a connection is established first.
+
+Connect BIOs support BIO_puts() but not BIO_gets().
+
+If the close flag is set on a connect BIO then any active
+connection is shutdown and the socket closed when the BIO
+is freed.
+
+Calling BIO_reset() on a connect BIO will close any active
+connection and reset the BIO into a state where it can connect
+to the same host again.
+
+BIO_get_fd() places the underlying socket in B<c> if it is not NULL,
+it also returns the socket . If B<c> is not NULL it should be of
+type (int *).
+
+BIO_set_conn_hostname() uses the string B<name> to set the hostname.
+The hostname can be an IP address. The hostname can also include the
+port in the form hostname:port . It is also acceptable to use the
+form "hostname/any/other/path" or "hostname:port/any/other/path".
+
+BIO_set_conn_port() sets the port to B<port>. B<port> can be the
+numerical form or a string such as "http". A string will be looked
+up first using getservbyname() on the host platform but if that
+fails a standard table of port names will be used. Currently the
+list is http, telnet, socks, https, ssl, ftp, gopher and wais.
+
+BIO_set_conn_ip() sets the IP address to B<ip> using binary form,
+that is four bytes specifying the IP address in big-endian form.
+
+BIO_set_conn_int_port() sets the port using B<port>. B<port> should
+be of type (int *).
+
+BIO_get_conn_hostname() returns the hostname of the connect BIO or
+NULL if the BIO is initialized but no hostname is set.
+This return value is an internal pointer which should not be modified.
+
+BIO_get_conn_port() returns the port as a string.
+
+BIO_get_conn_ip() returns the IP address in binary form.
+
+BIO_get_conn_int_port() returns the port as an int.
+
+BIO_set_nbio() sets the non blocking I/O flag to B<n>. If B<n> is
+zero then blocking I/O is set. If B<n> is 1 then non blocking I/O
+is set. Blocking I/O is the default. The call to BIO_set_nbio()
+should be made before the connection is established because
+non blocking I/O is set during the connect process.
+
+BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into
+a single call: that is it creates a new connect BIO with B<name>.
+
+BIO_do_connect() attempts to connect the supplied BIO. It returns 1
+if the connection was established successfully. A zero or negative
+value is returned if the connection could not be established, the
+call BIO_should_retry() should be used for non blocking connect BIOs
+to determine if the call should be retried.
+
+=head1 NOTES
+
+If blocking I/O is set then a non positive return value from any
+I/O call is caused by an error condition, although a zero return
+will normally mean that the connection was closed.
+
+If the port name is supplied as part of the host name then this will
+override any value set with BIO_set_conn_port(). This may be undesirable
+if the application does not wish to allow connection to arbitrary
+ports. This can be avoided by checking for the presence of the ':'
+character in the passed hostname and either indicating an error or
+truncating the string at that point.
+
+The values returned by BIO_get_conn_hostname(), BIO_get_conn_port(),
+BIO_get_conn_ip() and BIO_get_conn_int_port() are updated when a
+connection attempt is made. Before any connection attempt the values
+returned are those set by the application itself.
+
+Applications do not have to call BIO_do_connect() but may wish to do
+so to separate the connection process from other I/O processing.
+
+If non blocking I/O is set then retries will be requested as appropriate.
+
+It addition to BIO_should_read() and BIO_should_write() it is also
+possible for BIO_should_io_special() to be true during the initial
+connection process with the reason BIO_RR_CONNECT. If this is returned
+then this is an indication that a connection attempt would block,
+the application should then take appropriate action to wait until
+the underlying socket has connected and retry the call.
+
+BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip(),
+BIO_set_conn_int_port(), BIO_get_conn_hostname(), BIO_get_conn_port(),
+BIO_get_conn_ip(), BIO_get_conn_int_port(), BIO_set_nbio() and
+BIO_do_connect() are macros.
+
+=head1 RETURN VALUES
+
+BIO_s_connect() returns the connect BIO method.
+
+BIO_get_fd() returns the socket or -1 if the BIO has not
+been initialized.
+
+BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip() and
+BIO_set_conn_int_port() always return 1.
+
+BIO_get_conn_hostname() returns the connected hostname or NULL is
+none was set.
+
+BIO_get_conn_port() returns a string representing the connected
+port or NULL if not set.
+
+BIO_get_conn_ip() returns a pointer to the connected IP address in
+binary form or all zeros if not set.
+
+BIO_get_conn_int_port() returns the connected port or 0 if none was
+set.
+
+BIO_set_nbio() always returns 1.
+
+BIO_do_connect() returns 1 if the connection was successfully
+established and 0 or -1 if the connection failed.
+
+=head1 EXAMPLE
+
+This is example connects to a webserver on the local host and attempts
+to retrieve a page and copy the result to standard output.
+
+
+ BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+ ERR_load_crypto_strings();
+ cbio = BIO_new_connect("localhost:http");
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if(BIO_do_connect(cbio) <= 0) {
+ fprintf(stderr, "Error connecting to server\n");
+ ERR_print_errors_fp(stderr);
+ /* whatever ... */
+ }
+ BIO_puts(cbio, "GET / HTTP/1.0\n\n");
+ for(;;) {
+ len = BIO_read(cbio, tmpbuf, 1024);
+ if(len <= 0) break;
+ BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);
+
+
+=head1 SEE ALSO
+
+TBA
Copied: vendor-crypto/openssl/1.0.1u/doc/crypto/EVP_EncodeInit.pod (from rev 11605, vendor-crypto/openssl/dist/doc/crypto/EVP_EncodeInit.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/crypto/EVP_EncodeInit.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/EVP_EncodeInit.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,127 @@
+=pod
+
+=head1 NAME
+
+EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock,
+EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64
+encode/decode routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+ char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+=head1 DESCRIPTION
+
+The EVP encode routines provide a high level interface to base 64 encoding and
+decoding. Base 64 encoding converts binary data into a printable form that uses
+the characters A-Z, a-z, 0-9, "+" and "/" to represent the data. For every 3
+bytes of binary data provided 4 bytes of base 64 encoded data will be produced
+plus some occasional newlines (see below). If the input data length is not a
+multiple of 3 then the output data will be padded at the end using the "="
+character.
+
+Encoding of binary data is performed in blocks of 48 input bytes (or less for
+the final block). For each 48 byte input block encoded 64 bytes of base 64 data
+is output plus an additional newline character (i.e. 65 bytes in total). The
+final block (which may be less than 48 bytes) will output 4 bytes for every 3
+bytes of input. If the data length is not divisible by 3 then a full 4 bytes is
+still output for the final 1 or 2 bytes of input. Similarly a newline character
+will also be output.
+
+EVP_EncodeInit() initialises B<ctx> for the start of a new encoding operation.
+
+EVP_EncodeUpdate() encode B<inl> bytes of data found in the buffer pointed to by
+B<in>. The output is stored in the buffer B<out> and the number of bytes output
+is stored in B<*outl>. It is the caller's responsibility to ensure that the
+buffer at B<out> is sufficiently large to accommodate the output data. Only full
+blocks of data (48 bytes) will be immediately processed and output by this
+function. Any remainder is held in the B<ctx> object and will be processed by a
+subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the
+required size of the output buffer add together the value of B<inl> with the
+amount of unprocessed data held in B<ctx> and divide the result by 48 (ignore
+any remainder). This gives the number of blocks of data that will be processed.
+Ensure the output buffer contains 65 bytes of storage for each block, plus an
+additional byte for a NUL terminator. EVP_EncodeUpdate() may be called
+repeatedly to process large amounts of input data. In the event of an error
+EVP_EncodeUpdate() will set B<*outl> to 0.
+
+EVP_EncodeFinal() must be called at the end of an encoding operation. It will
+process any partial block of data remaining in the B<ctx> object. The output
+data will be stored in B<out> and the length of the data written will be stored
+in B<*outl>. It is the caller's responsibility to ensure that B<out> is
+sufficiently large to accommodate the output data which will never be more than
+65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).
+
+EVP_EncodeBlock() encodes a full block of input data in B<f> and of length
+B<dlen> and stores it in B<t>. For every 3 bytes of input provided 4 bytes of
+output data will be produced. If B<dlen> is not divisible by 3 then the block is
+encoded as a final block of data and the output is padded such that it is always
+divisible by 4. Additionally a NUL terminator character will be added. For
+example if 16 bytes of input data is provided then 24 bytes of encoded data is
+created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of
+the data generated I<without> the NUL terminator is returned from the function.
+
+EVP_DecodeInit() initialises B<ctx> for the start of a new decoding operation.
+
+EVP_DecodeUpdate() decodes B<inl> characters of data found in the buffer pointed
+to by B<in>. The output is stored in the buffer B<out> and the number of bytes
+output is stored in B<*outl>. It is the caller's responsibility to ensure that
+the buffer at B<out> is sufficiently large to accommodate the output data. This
+function will attempt to decode as much data as possible in 4 byte chunks. Any
+whitespace, newline or carriage return characters are ignored. Any partial chunk
+of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in
+the B<ctx> object and processed by a subsequent call to EVP_DecodeUpdate(). If
+any illegal base 64 characters are encountered or if the base 64 padding
+character "=" is encountered in the middle of the data then the function returns
+-1 to indicate an error. A return value of 0 or 1 indicates successful
+processing of the data. A return value of 0 additionally indicates that the last
+input data characters processed included the base 64 padding character "=" and
+therefore no more non-padding character data is expected to be processed. For
+every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and
+line feeds), 3 bytes of binary output data will be produced (or less at the end
+of the data where the padding character "=" has been used).
+
+EVP_DecodeFinal() must be called at the end of a decoding operation. If there
+is any unprocessed data still in B<ctx> then the input data must not have been
+a multiple of 4 and therefore an error has occurred. The function will return -1
+in this case. Otherwise the function returns 1 on success.
+
+EVP_DecodeBlock() will decode the block of B<n> characters of base 64 data
+contained in B<f> and store the result in B<t>. Any leading whitespace will be
+trimmed as will any trailing whitespace, newlines, carriage returns or EOF
+characters. After such trimming the length of the data in B<f> must be divisbile
+by 4. For every 4 input bytes exactly 3 output bytes will be produced. The
+output will be padded with 0 bits if necessary to ensure that the output is
+always 3 bytes for every 4 input bytes. This function will return the length of
+the data decoded or -1 on error.
+
+=head1 RETURN VALUES
+
+EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL
+terminator.
+
+EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned
+then no more non-padding base 64 characters are expected.
+
+EVP_DecodeFinal() returns -1 on error or 1 on success.
+
+EVP_DecodeBlock() returns the length of the data decoded or -1 on error.
+
+=head1 SEE ALSO
+
+L<evp(3)>
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/crypto/X509_verify_cert.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_verify_cert - discover and verify X509 certificte chain
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- int X509_verify_cert(X509_STORE_CTX *ctx);
-
-=head1 DESCRIPTION
-
-The X509_verify_cert() function attempts to discover and validate a
-certificate chain based on parameters in B<ctx>. A complete description of
-the process is contained in the L<verify(1)|verify(1)> manual page.
-
-=head1 RETURN VALUES
-
-If a complete chain can be built and validated this function returns 1,
-otherwise it return zero, in exceptional circumstances it can also
-return a negative code.
-
-If the function fails additional error information can be obtained by
-examining B<ctx> using, for example X509_STORE_CTX_get_error().
-
-=head1 NOTES
-
-Applications rarely call this function directly but it is used by
-OpenSSL internally for certificate validation, in both the S/MIME and
-SSL/TLS code.
-
-The negative return value from X509_verify_cert() can only occur if no
-certificate is set in B<ctx> (due to a programming error); if X509_verify_cert()
-twice without reinitialising B<ctx> in between; or if a retry
-operation is requested during internal lookups (which never happens with
-standard lookup methods). It is however recommended that application check
-for <= 0 return value on error.
-
-=head1 BUGS
-
-This function uses the header B<x509.h> as opposed to most chain verification
-functiosn which use B<x509_vfy.h>.
-
-=head1 SEE ALSO
-
-L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
-
-=head1 HISTORY
-
-X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod (from rev 11605, vendor-crypto/openssl/dist/doc/crypto/X509_verify_cert.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/X509_verify_cert.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+X509_verify_cert - discover and verify X509 certificte chain
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_verify_cert(X509_STORE_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The X509_verify_cert() function attempts to discover and validate a
+certificate chain based on parameters in B<ctx>. A complete description of
+the process is contained in the L<verify(1)|verify(1)> manual page.
+
+=head1 RETURN VALUES
+
+If a complete chain can be built and validated this function returns 1,
+otherwise it return zero, in exceptional circumstances it can also
+return a negative code.
+
+If the function fails additional error information can be obtained by
+examining B<ctx> using, for example X509_STORE_CTX_get_error().
+
+=head1 NOTES
+
+Applications rarely call this function directly but it is used by
+OpenSSL internally for certificate validation, in both the S/MIME and
+SSL/TLS code.
+
+A negative return value from X509_verify_cert() can occur if it is invoked
+incorrectly, such as with no certificate set in B<ctx>, or when it is called
+twice in succession without reinitialising B<ctx> for the second call.
+A negative return value can also happen due to internal resource problems or if
+a retry operation is requested during internal lookups (which never happens
+with standard lookup methods).
+Applications must check for <= 0 return value on error.
+
+=head1 BUGS
+
+This function uses the header B<x509.h> as opposed to most chain verification
+functiosn which use B<x509_vfy.h>.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+
+=head1 HISTORY
+
+X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
+
+=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/crypto/d2i_PrivateKey.pod (from rev 11605, vendor-crypto/openssl/dist/doc/crypto/d2i_PrivateKey.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/crypto/d2i_PrivateKey.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/d2i_PrivateKey.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+d2i_Private_key, d2i_AutoPrivateKey, i2d_PrivateKey - decode and encode
+functions for reading and saving EVP_PKEY structures.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+ long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+d2i_PrivateKey() decodes a private key using algorithm B<type>. It attempts to
+use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The
+B<type> parameter should be a public key algorithm constant such as
+B<EVP_PKEY_RSA>. An error occurs if the decoded key does not match B<type>.
+
+d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to
+automatically detect the private key format.
+
+i2d_PrivateKey() encodes B<key>. It uses a key specific format or, if none is
+defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.
+
+These functions are similar to the d2i_X509() functions, and you should refer to
+that page for a detailed description (see L<d2i_X509(3)>).
+
+=head1 NOTES
+
+All these functions use DER format and unencrypted keys. Applications wishing
+to encrypt or decrypt private keys should use other functions such as
+d2i_PKC8PrivateKey() instead.
+
+If the B<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey()
+(i.e. an existing structure is being reused) and the key format is PKCS#8
+then B<*a> will be freed and replaced on a successful call.
+
+=head1 RETURN VALUES
+
+d2i_PrivateKey() and d2i_AutoPrivateKey() return a valid B<EVP_KEY> structure
+or B<NULL> if an error occurs. The error code can be obtained by calling
+L<ERR_get_error(3)>.
+
+i2d_PrivateKey() returns the number of bytes successfully encoded or a
+negative value if an error occurs. The error code can be obtained by calling
+L<ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<crypto(3)>,
+L<d2i_PKCS8PrivateKey(3)>
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/crypto/evp.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-evp - high-level cryptographic functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
-=head1 DESCRIPTION
-
-The EVP library provides a high-level interface to cryptographic
-functions.
-
-B<EVP_Seal>I<...> and B<EVP_Open>I<...> provide public key encryption
-and decryption to implement digital "envelopes".
-
-The B<EVP_Sign>I<...> and B<EVP_Verify>I<...> functions implement
-digital signatures.
-
-Symmetric encryption is available with the B<EVP_Encrypt>I<...>
-functions. The B<EVP_Digest>I<...> functions provide message digests.
-
-The B<EVP_PKEY>I<...> functions provide a high level interface to
-asymmetric algorithms.
-
-Algorithms are loaded with OpenSSL_add_all_algorithms(3).
-
-All the symmetric algorithms (ciphers), digests and asymmetric algorithms
-(public key algorithms) can be replaced by ENGINE modules providing alternative
-implementations. If ENGINE implementations of ciphers or digests are registered
-as defaults, then the various EVP functions will automatically use those
-implementations automatically in preference to built in software
-implementations. For more information, consult the engine(3) man page.
-
-Although low level algorithm specific functions exist for many algorithms
-their use is discouraged. They cannot be used with an ENGINE and ENGINE
-versions of new algorithms cannot be accessed using the low level functions.
-Also makes code harder to adapt to new algorithms and some options are not
-cleanly supported at the low level and some operations are more efficient
-using the high level interface.
-
-=head1 SEE ALSO
-
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
-L<engine(3)|engine(3)>
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod (from rev 11605, vendor-crypto/openssl/dist/doc/crypto/evp.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/crypto/evp.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+evp - high-level cryptographic functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+=head1 DESCRIPTION
+
+The EVP library provides a high-level interface to cryptographic
+functions.
+
+B<EVP_Seal>I<...> and B<EVP_Open>I<...> provide public key encryption
+and decryption to implement digital "envelopes".
+
+The B<EVP_Sign>I<...> and B<EVP_Verify>I<...> functions implement
+digital signatures.
+
+Symmetric encryption is available with the B<EVP_Encrypt>I<...>
+functions. The B<EVP_Digest>I<...> functions provide message digests.
+
+The B<EVP_PKEY>I<...> functions provide a high level interface to
+asymmetric algorithms.
+
+The L<B<EVP_Encode>I<...>|EVP_EncodeInit(3)> and
+L<B<EVP_Decode>I<...>|EVP_EncodeInit(3)> functions implement base 64 encoding
+and decoding.
+
+Algorithms are loaded with OpenSSL_add_all_algorithms(3).
+
+All the symmetric algorithms (ciphers), digests and asymmetric algorithms
+(public key algorithms) can be replaced by ENGINE modules providing alternative
+implementations. If ENGINE implementations of ciphers or digests are registered
+as defaults, then the various EVP functions will automatically use those
+implementations automatically in preference to built in software
+implementations. For more information, consult the engine(3) man page.
+
+Although low level algorithm specific functions exist for many algorithms
+their use is discouraged. They cannot be used with an ENGINE and ENGINE
+versions of new algorithms cannot be accessed using the low level functions.
+Also makes code harder to adapt to new algorithms and some options are not
+cleanly supported at the low level and some operations are more efficient
+using the high level interface.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
+L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
+L<EVP_SealInit(3)|EVP_SealInit(3)>,
+L<EVP_SignInit(3)|EVP_SignInit(3)>,
+L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
+L<EVP_EncodeInit(3)>,
+L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
+L<engine(3)|engine(3)>
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_new.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,108 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
-
-=head1 DESCRIPTION
-
-SSL_CTX_new() creates a new B<SSL_CTX> object as framework to establish
-TLS/SSL enabled connections.
-
-=head1 NOTES
-
-The SSL_CTX object uses B<method> as connection method. The methods exist
-in a generic type (for client and server use), a server only type, and a
-client only type. B<method> can be of the following types:
-
-=over 4
-
-=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand
-the SSLv2 protocol. A client will send out SSLv2 client hello messages
-and will also indicate that it only understand SSLv2. A server will only
-understand SSLv2 client hello messages.
-
-=item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand the
-SSLv3 protocol. A client will send out SSLv3 client hello messages
-and will indicate that it only understands SSLv3. A server will only understand
-SSLv3 client hello messages. This especially means, that it will
-not understand SSLv2 client hello messages which are widely used for
-compatibility reasons, see SSLv23_*_method().
-
-=item TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand the
-TLSv1 protocol. A client will send out TLSv1 client hello messages
-and will indicate that it only understands TLSv1. A server will only understand
-TLSv1 client hello messages. This especially means, that it will
-not understand SSLv2 client hello messages which are widely used for
-compatibility reasons, see SSLv23_*_method(). It will also not understand
-SSLv3 client hello messages.
-
-=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
-
-A TLS/SSL connection established with these methods may understand the SSLv2,
-SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
-
-If the cipher list does not contain any SSLv2 ciphersuites (the default
-cipher list does not) or extensions are required (for example server name)
-a client will send out TLSv1 client hello messages including extensions and
-will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
-fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
-protocols. This is the best choice when compatibility is a concern.
-
-If any SSLv2 ciphersuites are included in the cipher list and no extensions
-are required then SSLv2 compatible client hellos will be used by clients and
-SSLv2 will be accepted by servers. This is B<not> recommended due to the
-insecurity of SSLv2 and the limited nature of the SSLv2 client hello
-prohibiting the use of extensions.
-
-=back
-
-The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
-SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
-options of the SSL_CTX_set_options() or SSL_set_options() functions.
-Using these options it is possible to choose e.g. SSLv23_server_method() and
-be able to negotiate with all possible clients, but to only allow newer
-protocols like TLSv1, TLSv1.1 or TLS v1.2.
-
-Applications which never want to support SSLv2 (even is the cipher string
-is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.
-
-SSL_CTX_new() initializes the list of ciphers, the session cache setting,
-the callbacks, the keys and certificates and the options to its default
-values.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-The creation of a new SSL_CTX object failed. Check the error stack to
-find out the reason.
-
-=item Pointer to an SSL_CTX object
-
-The return value points to an allocated SSL_CTX object.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<ssl(3)|ssl(3)>, L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod (from rev 11605, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_new.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_new.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,158 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_new,
+SSLv23_method, SSLv23_server_method, SSLv23_client_method,
+TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method,
+TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method,
+TLSv1_method, TLSv1_server_method, TLSv1_client_method,
+SSLv3_method, SSLv3_server_method, SSLv3_client_method,
+SSLv2_method, SSLv2_server_method, SSLv2_client_method,
+DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method -
+create a new SSL_CTX object as framework for TLS/SSL enabled functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+ #ifndef OPENSSL_NO_SSL2
+ const SSL_METHOD *SSLv2_method(void);
+ const SSL_METHOD *SSLv2_server_method(void);
+ const SSL_METHOD *SSLv2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+
+=head1 DESCRIPTION
+
+SSL_CTX_new() creates a new B<SSL_CTX> object as framework to establish
+TLS/SSL enabled connections.
+
+=head1 NOTES
+
+The SSL_CTX object uses B<method> as connection method. The methods exist
+in a generic type (for client and server use), a server only type, and a
+client only type. B<method> can be of the following types:
+
+=over 4
+
+=item SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()
+
+These are the general-purpose I<version-flexible> SSL/TLS methods.
+The actual protocol version used will be negotiated to the highest version
+mutually supported by the client and the server.
+The supported protocols are SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2.
+Most applications should use these method, and avoid the version specific
+methods described below.
+
+The list of protocols available can be further limited using the
+B<SSL_OP_NO_SSLv2>, B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>,
+B<SSL_OP_NO_TLSv1_1> and B<SSL_OP_NO_TLSv1_2> options of the
+L<SSL_CTX_set_options(3)> or L<SSL_set_options(3)> functions.
+Clients should avoid creating "holes" in the set of protocols they support,
+when disabling a protocol, make sure that you also disable either all previous
+or all subsequent protocol versions.
+In clients, when a protocol version is disabled without disabling I<all>
+previous protocol versions, the effect is to also disable all subsequent
+protocol versions.
+
+The SSLv2 and SSLv3 protocols are deprecated and should generally not be used.
+Applications should typically use L<SSL_CTX_set_options(3)> in combination with
+the B<SSL_OP_NO_SSLv3> flag to disable negotiation of SSLv3 via the above
+I<version-flexible> SSL/TLS methods.
+The B<SSL_OP_NO_SSLv2> option is set by default, and would need to be cleared
+via L<SSL_CTX_clear_options(3)> in order to enable negotiation of SSLv2.
+
+=item TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()
+
+A TLS/SSL connection established with these methods will only understand the
+TLSv1.2 protocol. A client will send out TLSv1.2 client hello messages and
+will also indicate that it only understand TLSv1.2. A server will only
+understand TLSv1.2 client hello messages.
+
+=item TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()
+
+A TLS/SSL connection established with these methods will only understand the
+TLSv1.1 protocol. A client will send out TLSv1.1 client hello messages and
+will also indicate that it only understand TLSv1.1. A server will only
+understand TLSv1.1 client hello messages.
+
+=item TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()
+
+A TLS/SSL connection established with these methods will only understand the
+TLSv1 protocol. A client will send out TLSv1 client hello messages and will
+indicate that it only understands TLSv1. A server will only understand TLSv1
+client hello messages.
+
+=item SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()
+
+A TLS/SSL connection established with these methods will only understand the
+SSLv3 protocol. A client will send out SSLv3 client hello messages and will
+indicate that it only understands SSLv3. A server will only understand SSLv3
+client hello messages. The SSLv3 protocol is deprecated and should not be
+used.
+
+=item SSLv2_method(), SSLv2_server_method(), SSLv2_client_method()
+
+A TLS/SSL connection established with these methods will only understand the
+SSLv2 protocol. A client will send out SSLv2 client hello messages and will
+also indicate that it only understand SSLv2. A server will only understand
+SSLv2 client hello messages. The SSLv2 protocol offers little to no security
+and should not be used.
+As of OpenSSL 1.0.1s, EXPORT ciphers and 56-bit DES are no longer available
+with SSLv2.
+
+=item DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()
+
+These are the version-specific methods for DTLSv1.
+
+=back
+
+SSL_CTX_new() initializes the list of ciphers, the session cache setting, the
+callbacks, the keys and certificates and the options to its default values.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+The creation of a new SSL_CTX object failed. Check the error stack to find out
+the reason.
+
+=item Pointer to an SSL_CTX object
+
+The return value points to an allocated SSL_CTX object.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_CTX_set_options(3)>, L<SSL_CTX_clear_options(3)>, L<SSL_set_options(3)>,
+L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
+L<ssl(3)|ssl(3)>, L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_options.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,345 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_set_options(SSL_CTX *ctx, long options);
- long SSL_set_options(SSL *ssl, long options);
-
- long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
- long SSL_clear_options(SSL *ssl, long options);
-
- long SSL_CTX_get_options(SSL_CTX *ctx);
- long SSL_get_options(SSL *ssl);
-
- long SSL_get_secure_renegotiation_support(SSL *ssl);
-
-=head1 DESCRIPTION
-
-Note: all these functions are implemented using macros.
-
-SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
-Options already set before are not cleared!
-
-SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
-Options already set before are not cleared!
-
-SSL_CTX_clear_options() clears the options set via bitmask in B<options>
-to B<ctx>.
-
-SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
-
-SSL_CTX_get_options() returns the options set for B<ctx>.
-
-SSL_get_options() returns the options set for B<ssl>.
-
-SSL_get_secure_renegotiation_support() indicates whether the peer supports
-secure renegotiation.
-
-=head1 NOTES
-
-The behaviour of the SSL library can be changed by setting several options.
-The options are coded as bitmasks and can be combined by a logical B<or>
-operation (|).
-
-SSL_CTX_set_options() and SSL_set_options() affect the (external)
-protocol behaviour of the SSL library. The (internal) behaviour of
-the API can be changed by using the similar
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
-
-During a handshake, the option settings of the SSL object are used. When
-a new SSL object is created from a context using SSL_new(), the current
-option setting is copied. Changes to B<ctx> do not affect already created
-SSL objects. SSL_clear() does not affect the settings.
-
-The following B<bug workaround> options are available:
-
-=over 4
-
-=item SSL_OP_MICROSOFT_SESS_ID_BUG
-
-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
-
-=item SSL_OP_NETSCAPE_CHALLENGE_BUG
-
-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys. Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when operating in SSLv2/v3 compatibility mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
-
-=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-
-As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
-
-=item SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
-
-...
-
-=item SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
-
-...
-
-=item SSL_OP_SAFARI_ECDHE_ECDSA_BUG
-
-Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
-OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
-
-=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-
-...
-
-=item SSL_OP_TLS_D5_BUG
-
-...
-
-=item SSL_OP_TLS_BLOCK_PADDING_BUG
-
-...
-
-=item SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-
-Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol
-vulnerability affecting CBC ciphers, which cannot be handled by some
-broken SSL implementations. This option has no effect for connections
-using other ciphers.
-
-=item SSL_OP_TLSEXT_PADDING
-
-Adds a padding extension to ensure the ClientHello size is never between
-256 and 511 bytes in length. This is needed as a workaround for some
-implementations.
-
-=item SSL_OP_ALL
-
-All of the above bug workarounds.
-
-=back
-
-It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround
-options if compatibility with somewhat broken implementations is
-desired.
-
-The following B<modifying> options are available:
-
-=over 4
-
-=item SSL_OP_TLS_ROLLBACK_BUG
-
-Disable version rollback attack detection.
-
-During the client key exchange, the client must send the same information
-about acceptable SSL/TLS protocol levels as during the first hello. Some
-clients violate this rule by adapting to the server's answer. (Example:
-the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server
-only understands up to SSLv3. In this case the client must still use the
-same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect
-to the server's answer and violate the version rollback protection.)
-
-=item SSL_OP_SINGLE_DH_USE
-
-Always create a new key when using temporary/ephemeral DH parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
-This option must be used to prevent small subgroup attacks, when
-the DH parameters were not generated using "strong" primes
-(e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>).
-If "strong" primes were used, it is not strictly necessary to generate
-a new DH key during each handshake but it is also recommended.
-B<SSL_OP_SINGLE_DH_USE> should therefore be enabled whenever
-temporary/ephemeral DH parameters are used.
-
-=item SSL_OP_EPHEMERAL_RSA
-
-This option is no longer implemented and is treated as no op.
-
-=item SSL_OP_CIPHER_SERVER_PREFERENCE
-
-When choosing a cipher, use the server's preferences instead of the client
-preferences. When not set, the SSL server will always follow the clients
-preferences. When set, the SSLv3/TLSv1 server will choose following its
-own preferences. Because of the different protocol, for SSLv2 the server
-will send its list of preferences to the client and the client chooses.
-
-=item SSL_OP_PKCS1_CHECK_1
-
-...
-
-=item SSL_OP_PKCS1_CHECK_2
-
-...
-
-=item SSL_OP_NETSCAPE_CA_DN_BUG
-
-If we accept a netscape connection, demand a client cert, have a
-non-self-signed CA which does not have its CA in netscape, and the
-browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta
-
-=item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-
-...
-
-=item SSL_OP_NO_SSLv2
-
-Do not use the SSLv2 protocol.
-
-=item SSL_OP_NO_SSLv3
-
-Do not use the SSLv3 protocol.
-
-=item SSL_OP_NO_TLSv1
-
-Do not use the TLSv1 protocol.
-
-=item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-
-When performing renegotiation as a server, always start a new session
-(i.e., session resumption requests are only accepted in the initial
-handshake). This option is not needed for clients.
-
-=item SSL_OP_NO_TICKET
-
-Normally clients and servers will, where possible, transparently make use
-of RFC4507bis tickets for stateless session resumption.
-
-If this option is set this functionality is disabled and tickets will
-not be used by clients or servers.
-
-=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
-
-Allow legacy insecure renegotiation between OpenSSL and unpatched clients or
-servers. See the B<SECURE RENEGOTIATION> section for more details.
-
-=item SSL_OP_LEGACY_SERVER_CONNECT
-
-Allow legacy insecure renegotiation between OpenSSL and unpatched servers
-B<only>: this option is currently set by default. See the
-B<SECURE RENEGOTIATION> section for more details.
-
-=back
-
-=head1 SECURE RENEGOTIATION
-
-OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
-described in RFC5746. This counters the prefix attack described in
-CVE-2009-3555 and elsewhere.
-
-The deprecated and highly broken SSLv2 protocol does not support
-renegotiation at all: its use is B<strongly> discouraged.
-
-This attack has far reaching consequences which application writers should be
-aware of. In the description below an implementation supporting secure
-renegotiation is referred to as I<patched>. A server not supporting secure
-renegotiation is referred to as I<unpatched>.
-
-The following sections describe the operations permitted by OpenSSL's secure
-renegotiation implementation.
-
-=head2 Patched client and server
-
-Connections and renegotiation are always permitted by OpenSSL implementations.
-
-=head2 Unpatched client and patched OpenSSL server
-
-The initial connection succeeds but client renegotiation is denied by the
-server with a B<no_renegotiation> warning alert if TLS v1.0 is used or a fatal
-B<handshake_failure> alert in SSL v3.0.
-
-If the patched OpenSSL server attempts to renegotiate a fatal
-B<handshake_failure> alert is sent. This is because the server code may be
-unaware of the unpatched nature of the client.
-
-If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then
-renegotiation B<always> succeeds.
-
-B<NB:> a bug in OpenSSL clients earlier than 0.9.8m (all of which are
-unpatched) will result in the connection hanging if it receives a
-B<no_renegotiation> alert. OpenSSL versions 0.9.8m and later will regard
-a B<no_renegotiation> alert as fatal and respond with a fatal
-B<handshake_failure> alert. This is because the OpenSSL API currently has
-no provision to indicate to an application that a renegotiation attempt
-was refused.
-
-=head2 Patched OpenSSL client and unpatched server.
-
-If the option B<SSL_OP_LEGACY_SERVER_CONNECT> or
-B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then initial connections
-and renegotiation between patched OpenSSL clients and unpatched servers
-succeeds. If neither option is set then initial connections to unpatched
-servers will fail.
-
-The option B<SSL_OP_LEGACY_SERVER_CONNECT> is currently set by default even
-though it has security implications: otherwise it would be impossible to
-connect to unpatched servers (i.e. all of them initially) and this is clearly
-not acceptable. Renegotiation is permitted because this does not add any
-additional security issues: during an attack clients do not see any
-renegotiations anyway.
-
-As more servers become patched the option B<SSL_OP_LEGACY_SERVER_CONNECT> will
-B<not> be set by default in a future version of OpenSSL.
-
-OpenSSL client applications wishing to ensure they can connect to unpatched
-servers should always B<set> B<SSL_OP_LEGACY_SERVER_CONNECT>
-
-OpenSSL client applications that want to ensure they can B<not> connect to
-unpatched servers (and thus avoid any security issues) should always B<clear>
-B<SSL_OP_LEGACY_SERVER_CONNECT> using SSL_CTX_clear_options() or
-SSL_clear_options().
-
-The difference between the B<SSL_OP_LEGACY_SERVER_CONNECT> and
-B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> options is that
-B<SSL_OP_LEGACY_SERVER_CONNECT> enables initial connections and secure
-renegotiation between OpenSSL clients and unpatched servers B<only>, while
-B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> allows initial connections
-and renegotiation between OpenSSL and unpatched clients or servers.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
-after adding B<options>.
-
-SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
-after clearing B<options>.
-
-SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
-
-SSL_get_secure_renegotiation_support() returns 1 is the peer supports
-secure renegotiation and 0 if it does not.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<dhparam(1)|dhparam(1)>
-
-=head1 HISTORY
-
-B<SSL_OP_CIPHER_SERVER_PREFERENCE> and
-B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in
-OpenSSL 0.9.7.
-
-B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically
-enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL>
-and must be explicitly set.
-
-B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.
-Versions up to OpenSSL 0.9.6c do not include the countermeasure that
-can be disabled with this option (in OpenSSL 0.9.6d, it was always
-enabled).
-
-SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
-0.9.8m.
-
-B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>, B<SSL_OP_LEGACY_SERVER_CONNECT>
-and the function SSL_get_secure_renegotiation_support() were first added in
-OpenSSL 0.9.8m.
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod (from rev 11605, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_options.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_options.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,355 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);
+
+=head1 DESCRIPTION
+
+Note: all these functions are implemented using macros.
+
+SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
+Options already set before are not cleared!
+
+SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
+Options already set before are not cleared!
+
+SSL_CTX_clear_options() clears the options set via bitmask in B<options>
+to B<ctx>.
+
+SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
+
+SSL_CTX_get_options() returns the options set for B<ctx>.
+
+SSL_get_options() returns the options set for B<ssl>.
+
+SSL_get_secure_renegotiation_support() indicates whether the peer supports
+secure renegotiation.
+
+=head1 NOTES
+
+The behaviour of the SSL library can be changed by setting several options.
+The options are coded as bitmasks and can be combined by a logical B<or>
+operation (|).
+
+SSL_CTX_set_options() and SSL_set_options() affect the (external)
+protocol behaviour of the SSL library. The (internal) behaviour of
+the API can be changed by using the similar
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
+
+During a handshake, the option settings of the SSL object are used. When
+a new SSL object is created from a context using SSL_new(), the current
+option setting is copied. Changes to B<ctx> do not affect already created
+SSL objects. SSL_clear() does not affect the settings.
+
+The following B<bug workaround> options are available:
+
+=over 4
+
+=item SSL_OP_MICROSOFT_SESS_ID_BUG
+
+www.microsoft.com - when talking SSLv2, if session-id reuse is
+performed, the session-id passed back in the server-finished message
+is different from the one decided upon.
+
+=item SSL_OP_NETSCAPE_CHALLENGE_BUG
+
+Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
+challenge but then appears to only use 16 bytes when generating the
+encryption keys. Using 16 bytes is ok but it should be ok to use 32.
+According to the SSLv3 spec, one should use 32 bytes for the challenge
+when operating in SSLv2/v3 compatibility mode, but as mentioned above,
+this breaks this server so 16 bytes is the way to go.
+
+=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+
+As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
+
+=item SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+
+...
+
+=item SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+
+...
+
+=item SSL_OP_SAFARI_ECDHE_ECDSA_BUG
+
+Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
+OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
+
+=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+
+...
+
+=item SSL_OP_TLS_D5_BUG
+
+...
+
+=item SSL_OP_TLS_BLOCK_PADDING_BUG
+
+...
+
+=item SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+
+Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol
+vulnerability affecting CBC ciphers, which cannot be handled by some
+broken SSL implementations. This option has no effect for connections
+using other ciphers.
+
+=item SSL_OP_TLSEXT_PADDING
+
+Adds a padding extension to ensure the ClientHello size is never between
+256 and 511 bytes in length. This is needed as a workaround for some
+implementations.
+
+=item SSL_OP_ALL
+
+All of the above bug workarounds.
+
+=back
+
+It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround
+options if compatibility with somewhat broken implementations is
+desired.
+
+The following B<modifying> options are available:
+
+=over 4
+
+=item SSL_OP_TLS_ROLLBACK_BUG
+
+Disable version rollback attack detection.
+
+During the client key exchange, the client must send the same information
+about acceptable SSL/TLS protocol levels as during the first hello. Some
+clients violate this rule by adapting to the server's answer. (Example:
+the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server
+only understands up to SSLv3. In this case the client must still use the
+same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect
+to the server's answer and violate the version rollback protection.)
+
+=item SSL_OP_SINGLE_DH_USE
+
+Always create a new key when using temporary/ephemeral DH parameters
+(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+This option must be used to prevent small subgroup attacks, when
+the DH parameters were not generated using "strong" primes
+(e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>).
+If "strong" primes were used, it is not strictly necessary to generate
+a new DH key during each handshake but it is also recommended.
+B<SSL_OP_SINGLE_DH_USE> should therefore be enabled whenever
+temporary/ephemeral DH parameters are used.
+
+=item SSL_OP_EPHEMERAL_RSA
+
+This option is no longer implemented and is treated as no op.
+
+=item SSL_OP_CIPHER_SERVER_PREFERENCE
+
+When choosing a cipher, use the server's preferences instead of the client
+preferences. When not set, the SSL server will always follow the clients
+preferences. When set, the SSLv3/TLSv1 server will choose following its
+own preferences. Because of the different protocol, for SSLv2 the server
+will send its list of preferences to the client and the client chooses.
+
+=item SSL_OP_PKCS1_CHECK_1
+
+...
+
+=item SSL_OP_PKCS1_CHECK_2
+
+...
+
+=item SSL_OP_NETSCAPE_CA_DN_BUG
+
+If we accept a netscape connection, demand a client cert, have a
+non-self-signed CA which does not have its CA in netscape, and the
+browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta
+
+=item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+
+...
+
+=item SSL_OP_NO_SSLv2
+
+Do not use the SSLv2 protocol.
+As of OpenSSL 1.0.1s the B<SSL_OP_NO_SSLv2> option is set by default.
+
+=item SSL_OP_NO_SSLv3
+
+Do not use the SSLv3 protocol.
+It is recommended that applications should set this option.
+
+=item SSL_OP_NO_TLSv1
+
+Do not use the TLSv1 protocol.
+
+=item SSL_OP_NO_TLSv1_1
+
+Do not use the TLSv1.1 protocol.
+
+=item SSL_OP_NO_TLSv1_2
+
+Do not use the TLSv1.2 protocol.
+
+=item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+
+When performing renegotiation as a server, always start a new session
+(i.e., session resumption requests are only accepted in the initial
+handshake). This option is not needed for clients.
+
+=item SSL_OP_NO_TICKET
+
+Normally clients and servers will, where possible, transparently make use
+of RFC4507bis tickets for stateless session resumption.
+
+If this option is set this functionality is disabled and tickets will
+not be used by clients or servers.
+
+=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+
+Allow legacy insecure renegotiation between OpenSSL and unpatched clients or
+servers. See the B<SECURE RENEGOTIATION> section for more details.
+
+=item SSL_OP_LEGACY_SERVER_CONNECT
+
+Allow legacy insecure renegotiation between OpenSSL and unpatched servers
+B<only>: this option is currently set by default. See the
+B<SECURE RENEGOTIATION> section for more details.
+
+=back
+
+=head1 SECURE RENEGOTIATION
+
+OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
+described in RFC5746. This counters the prefix attack described in
+CVE-2009-3555 and elsewhere.
+
+The deprecated and highly broken SSLv2 protocol does not support
+renegotiation at all: its use is B<strongly> discouraged.
+
+This attack has far reaching consequences which application writers should be
+aware of. In the description below an implementation supporting secure
+renegotiation is referred to as I<patched>. A server not supporting secure
+renegotiation is referred to as I<unpatched>.
+
+The following sections describe the operations permitted by OpenSSL's secure
+renegotiation implementation.
+
+=head2 Patched client and server
+
+Connections and renegotiation are always permitted by OpenSSL implementations.
+
+=head2 Unpatched client and patched OpenSSL server
+
+The initial connection succeeds but client renegotiation is denied by the
+server with a B<no_renegotiation> warning alert if TLS v1.0 is used or a fatal
+B<handshake_failure> alert in SSL v3.0.
+
+If the patched OpenSSL server attempts to renegotiate a fatal
+B<handshake_failure> alert is sent. This is because the server code may be
+unaware of the unpatched nature of the client.
+
+If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then
+renegotiation B<always> succeeds.
+
+B<NB:> a bug in OpenSSL clients earlier than 0.9.8m (all of which are
+unpatched) will result in the connection hanging if it receives a
+B<no_renegotiation> alert. OpenSSL versions 0.9.8m and later will regard
+a B<no_renegotiation> alert as fatal and respond with a fatal
+B<handshake_failure> alert. This is because the OpenSSL API currently has
+no provision to indicate to an application that a renegotiation attempt
+was refused.
+
+=head2 Patched OpenSSL client and unpatched server.
+
+If the option B<SSL_OP_LEGACY_SERVER_CONNECT> or
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then initial connections
+and renegotiation between patched OpenSSL clients and unpatched servers
+succeeds. If neither option is set then initial connections to unpatched
+servers will fail.
+
+The option B<SSL_OP_LEGACY_SERVER_CONNECT> is currently set by default even
+though it has security implications: otherwise it would be impossible to
+connect to unpatched servers (i.e. all of them initially) and this is clearly
+not acceptable. Renegotiation is permitted because this does not add any
+additional security issues: during an attack clients do not see any
+renegotiations anyway.
+
+As more servers become patched the option B<SSL_OP_LEGACY_SERVER_CONNECT> will
+B<not> be set by default in a future version of OpenSSL.
+
+OpenSSL client applications wishing to ensure they can connect to unpatched
+servers should always B<set> B<SSL_OP_LEGACY_SERVER_CONNECT>
+
+OpenSSL client applications that want to ensure they can B<not> connect to
+unpatched servers (and thus avoid any security issues) should always B<clear>
+B<SSL_OP_LEGACY_SERVER_CONNECT> using SSL_CTX_clear_options() or
+SSL_clear_options().
+
+The difference between the B<SSL_OP_LEGACY_SERVER_CONNECT> and
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> options is that
+B<SSL_OP_LEGACY_SERVER_CONNECT> enables initial connections and secure
+renegotiation between OpenSSL clients and unpatched servers B<only>, while
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> allows initial connections
+and renegotiation between OpenSSL and unpatched clients or servers.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
+after adding B<options>.
+
+SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
+after clearing B<options>.
+
+SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
+
+SSL_get_secure_renegotiation_support() returns 1 is the peer supports
+secure renegotiation and 0 if it does not.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<dhparam(1)|dhparam(1)>
+
+=head1 HISTORY
+
+B<SSL_OP_CIPHER_SERVER_PREFERENCE> and
+B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in
+OpenSSL 0.9.7.
+
+B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically
+enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL>
+and must be explicitly set.
+
+B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.
+Versions up to OpenSSL 0.9.6c do not include the countermeasure that
+can be disabled with this option (in OpenSSL 0.9.6d, it was always
+enabled).
+
+SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
+0.9.8m.
+
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>, B<SSL_OP_LEGACY_SERVER_CONNECT>
+and the function SSL_get_secure_renegotiation_support() were first added in
+OpenSSL 0.9.8m.
+
+=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod (from rev 11605, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg,
+SSL_set_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp,
+SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/tls1.h>
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx,
+ int (*callback)(SSL *, void *));
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);
+
+=head1 DESCRIPTION
+
+A client application may request that a server send back an OCSP status response
+(also known as OCSP stapling). To do so the client should call the
+SSL_set_tlsext_status_type() function prior to the start of the handshake.
+Currently the only supported type is B<TLSEXT_STATUSTYPE_ocsp>. This value
+should be passed in the B<type> argument. The client should additionally provide
+a callback function to decide what to do with the returned OCSP response by
+calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine
+whether the returned OCSP response is acceptable or not. The callback will be
+passed as an argument the value previously set via a call to
+SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in
+the event of a handshake where session resumption occurs (because there are no
+Certificates exchanged in such a handshake).
+
+The response returned by the server can be obtained via a call to
+SSL_get_tlsext_status_ocsp_resp(). The value B<*resp> will be updated to point
+to the OCSP response data and the return value will be the length of that data.
+Typically a callback would obtain an OCSP_RESPONSE object from this data via a
+call to the d2i_OCSP_RESPONSE() function. If the server has not provided any
+response data then B<*resp> will be NULL and the return value from
+SSL_get_tlsext_status_ocsp_resp() will be -1.
+
+A server application must also call the SSL_CTX_set_tlsext_status_cb() function
+if it wants to be able to provide clients with OCSP Certificate Status
+responses. Typically the server callback would obtain the server certificate
+that is being sent back to the client via a call to SSL_get_certificate();
+obtain the OCSP response to be sent back; and then set that response data by
+calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should
+be provided in the B<resp> argument, and the length of that data should be in
+the B<len> argument.
+
+=head1 RETURN VALUES
+
+The callback when used on the client side should return a negative value on
+error; 0 if the response is not acceptable (in which case the handshake will
+fail) or a positive value if it is acceptable.
+
+The callback when used on the server side should return with either
+SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be
+returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be
+returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has
+occurred).
+
+SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(),
+SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on
+error or 1 on success.
+
+SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data
+or -1 if there is no OCSP response data.
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,149 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
- long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
-
- void SSL_set_tmp_dh_callback(SSL *ctx,
- DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
- long SSL_set_tmp_dh(SSL *ssl, DH *dh)
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be
-used when a DH parameters are required to B<tmp_dh_callback>.
-The callback is inherited by all B<ssl> objects created from B<ctx>.
-
-SSL_CTX_set_tmp_dh() sets DH parameters to be used to be B<dh>.
-The key is inherited by all B<ssl> objects created from B<ctx>.
-
-SSL_set_tmp_dh_callback() sets the callback only for B<ssl>.
-
-SSL_set_tmp_dh() sets the parameters only for B<ssl>.
-
-These functions apply to SSL/TLS servers only.
-
-=head1 NOTES
-
-When using a cipher with RSA authentication, an ephemeral DH key exchange
-can take place. Ciphers with DSA keys always use ephemeral DH keys as well.
-In these cases, the session data are negotiated using the
-ephemeral/temporary DH key and the key supplied and certified
-by the certificate chain is only used for signing.
-Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
-
-Using ephemeral DH key exchange yields forward secrecy, as the connection
-can only be decrypted, when the DH key is known. By generating a temporary
-DH key inside the server application that is lost when the application
-is left, it becomes impossible for an attacker to decrypt past sessions,
-even if he gets hold of the normal (certified) key, as this key was
-only used for signing.
-
-In order to perform a DH key exchange the server must use a DH group
-(DH parameters) and generate a DH key.
-The server will always generate a new DH key during the negotiation
-if either the DH parameters are supplied via callback or the
-SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both).
-It will immediately create a DH key if DH parameters are supplied via
-SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set.
-In this case,
-it may happen that a key is generated on initialization without later
-being needed, while on the other hand the computer time during the
-negotiation is being saved.
-
-If "strong" primes were used to generate the DH parameters, it is not strictly
-necessary to generate a new key for each handshake but it does improve forward
-secrecy. If it is not assured that "strong" primes were used,
-SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup
-attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the
-computer time needed during negotiation, but it is not very large, so
-application authors/users should consider always enabling this option.
-The option is required to implement perfect forward secrecy (PFS).
-
-As generating DH parameters is extremely time consuming, an application
-should not generate the parameters on the fly but supply the parameters.
-DH parameters can be reused, as the actual key is newly generated during
-the negotiation. The risk in reusing DH parameters is that an attacker
-may specialize on a very often used DH group. Applications should therefore
-generate their own DH parameters during the installation process using the
-openssl L<dhparam(1)|dhparam(1)> application. This application
-guarantees that "strong" primes are used.
-
-Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current
-version of the OpenSSL distribution contain the 'SKIP' DH parameters,
-which use safe primes and were generated verifiably pseudo-randomly.
-These files can be converted into C code using the B<-C> option of the
-L<dhparam(1)|dhparam(1)> application. Generation of custom DH
-parameters during installation should still be preferred to stop an
-attacker from specializing on a commonly used group. Files dh1024.pem
-and dh512.pem contain old parameters that must not be used by
-applications.
-
-An application may either directly specify the DH parameters or
-can supply the DH parameters via a callback function.
-
-Previous versions of the callback used B<is_export> and B<keylength>
-parameters to control parameter generation for export and non-export
-cipher suites. Modern servers that do not support export ciphersuites
-are advised to either use SSL_CTX_set_tmp_dh() in combination with
-SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore
-B<keylength> and B<is_export> and simply supply at least 2048-bit
-parameters in the callback.
-
-=head1 EXAMPLES
-
-Setup DH parameters with a key length of 2048 bits. (Error handling
-partly left out.)
-
- Command-line parameter generation:
- $ openssl dhparam -out dh_param_2048.pem 2048
-
- Code for setting up parameters during server initialization:
-
- ...
- SSL_CTX ctx = SSL_CTX_new();
- ...
-
- /* Set up ephemeral DH parameters. */
- DH *dh_2048 = NULL;
- FILE *paramfile;
- paramfile = fopen("dh_param_2048.pem", "r");
- if (paramfile) {
- dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
- fclose(paramfile);
- } else {
- /* Error. */
- }
- if (dh_2048 == NULL) {
- /* Error. */
- }
- if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
- /* Error. */
- }
- SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
- ...
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return
-diagnostic output.
-
-SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0
-on failure. Check the error queue to find out the reason of failure.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<ciphers(1)|ciphers(1)>, L<dhparam(1)|dhparam(1)>
-
-=cut
Copied: vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod (from rev 11605, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,130 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+ DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
+ long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
+
+ void SSL_set_tmp_dh_callback(SSL *ctx,
+ DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
+ long SSL_set_tmp_dh(SSL *ssl, DH *dh)
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be
+used when a DH parameters are required to B<tmp_dh_callback>.
+The callback is inherited by all B<ssl> objects created from B<ctx>.
+
+SSL_CTX_set_tmp_dh() sets DH parameters to be used to be B<dh>.
+The key is inherited by all B<ssl> objects created from B<ctx>.
+
+SSL_set_tmp_dh_callback() sets the callback only for B<ssl>.
+
+SSL_set_tmp_dh() sets the parameters only for B<ssl>.
+
+These functions apply to SSL/TLS servers only.
+
+=head1 NOTES
+
+When using a cipher with RSA authentication, an ephemeral DH key exchange
+can take place. Ciphers with DSA keys always use ephemeral DH keys as well.
+In these cases, the session data are negotiated using the
+ephemeral/temporary DH key and the key supplied and certified
+by the certificate chain is only used for signing.
+Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
+
+Using ephemeral DH key exchange yields forward secrecy, as the connection
+can only be decrypted, when the DH key is known. By generating a temporary
+DH key inside the server application that is lost when the application
+is left, it becomes impossible for an attacker to decrypt past sessions,
+even if he gets hold of the normal (certified) key, as this key was
+only used for signing.
+
+In order to perform a DH key exchange the server must use a DH group
+(DH parameters) and generate a DH key. The server will always generate
+a new DH key during the negotiation.
+
+As generating DH parameters is extremely time consuming, an application
+should not generate the parameters on the fly but supply the parameters.
+DH parameters can be reused, as the actual key is newly generated during
+the negotiation. The risk in reusing DH parameters is that an attacker
+may specialize on a very often used DH group. Applications should therefore
+generate their own DH parameters during the installation process using the
+openssl L<dhparam(1)|dhparam(1)> application. This application
+guarantees that "strong" primes are used.
+
+Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current
+version of the OpenSSL distribution contain the 'SKIP' DH parameters,
+which use safe primes and were generated verifiably pseudo-randomly.
+These files can be converted into C code using the B<-C> option of the
+L<dhparam(1)|dhparam(1)> application. Generation of custom DH
+parameters during installation should still be preferred to stop an
+attacker from specializing on a commonly used group. Files dh1024.pem
+and dh512.pem contain old parameters that must not be used by
+applications.
+
+An application may either directly specify the DH parameters or
+can supply the DH parameters via a callback function.
+
+Previous versions of the callback used B<is_export> and B<keylength>
+parameters to control parameter generation for export and non-export
+cipher suites. Modern servers that do not support export ciphersuites
+are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use
+the callback but ignore B<keylength> and B<is_export> and simply
+supply at least 2048-bit parameters in the callback.
+
+=head1 EXAMPLES
+
+Setup DH parameters with a key length of 2048 bits. (Error handling
+partly left out.)
+
+ Command-line parameter generation:
+ $ openssl dhparam -out dh_param_2048.pem 2048
+
+ Code for setting up parameters during server initialization:
+
+ ...
+ SSL_CTX ctx = SSL_CTX_new();
+ ...
+
+ /* Set up ephemeral DH parameters. */
+ DH *dh_2048 = NULL;
+ FILE *paramfile;
+ paramfile = fopen("dh_param_2048.pem", "r");
+ if (paramfile) {
+ dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+ fclose(paramfile);
+ } else {
+ /* Error. */
+ }
+ if (dh_2048 == NULL) {
+ /* Error. */
+ }
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
+ /* Error. */
+ }
+ ...
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return
+diagnostic output.
+
+SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0
+on failure. Check the error queue to find out the reason of failure.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
+L<ciphers(1)|ciphers(1)>, L<dhparam(1)|dhparam(1)>
+
+=cut
Deleted: vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod
===================================================================
--- vendor-crypto/openssl/dist/doc/ssl/ssl.pod 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,765 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-SSL - OpenSSL SSL/TLS library
-
-=head1 SYNOPSIS
-
-=head1 DESCRIPTION
-
-The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
-Transport Layer Security (TLS v1) protocols. It provides a rich API which is
-documented here.
-
-At first the library must be initialized; see
-L<SSL_library_init(3)|SSL_library_init(3)>.
-
-Then an B<SSL_CTX> object is created as a framework to establish
-TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>).
-Various options regarding certificates, algorithms etc. can be set
-in this object.
-
-When a network connection has been created, it can be assigned to an
-B<SSL> object. After the B<SSL> object has been created using
-L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or
-L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network
-connection with the object.
-
-Then the TLS/SSL handshake is performed using
-L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)>
-respectively.
-L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used
-to read and write data on the TLS/SSL connection.
-L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the
-TLS/SSL connection.
-
-=head1 DATA STRUCTURES
-
-Currently the OpenSSL B<ssl> library functions deals with the following data
-structures:
-
-=over 4
-
-=item B<SSL_METHOD> (SSL Method)
-
-That's a dispatch structure describing the internal B<ssl> library
-methods/functions which implement the various protocol versions (SSLv1, SSLv2
-and TLSv1). It's needed to create an B<SSL_CTX>.
-
-=item B<SSL_CIPHER> (SSL Cipher)
-
-This structure holds the algorithm information for a particular cipher which
-are a core part of the SSL/TLS protocol. The available ciphers are configured
-on a B<SSL_CTX> basis and the actually used ones are then part of the
-B<SSL_SESSION>.
-
-=item B<SSL_CTX> (SSL Context)
-
-That's the global context structure which is created by a server or client
-once per program life-time and which holds mainly default values for the
-B<SSL> structures which are later created for the connections.
-
-=item B<SSL_SESSION> (SSL Session)
-
-This is a structure containing the current TLS/SSL session details for a
-connection: B<SSL_CIPHER>s, client and server certificates, keys, etc.
-
-=item B<SSL> (SSL Connection)
-
-That's the main SSL/TLS structure which is created by a server or client per
-established connection. This actually is the core structure in the SSL API.
-Under run-time the application usually deals with this structure which has
-links to mostly all other structures.
-
-=back
-
-
-=head1 HEADER FILES
-
-Currently the OpenSSL B<ssl> library provides the following C header files
-containing the prototypes for the data structures and and functions:
-
-=over 4
-
-=item B<ssl.h>
-
-That's the common header file for the SSL/TLS API. Include it into your
-program to make the API of the B<ssl> library available. It internally
-includes both more private SSL headers and headers from the B<crypto> library.
-Whenever you need hard-core details on the internals of the SSL API, look
-inside this header file.
-
-=item B<ssl2.h>
-
-That's the sub header file dealing with the SSLv2 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl3.h>
-
-That's the sub header file dealing with the SSLv3 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl23.h>
-
-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<tls1.h>
-
-That's the sub header file dealing with the TLSv1 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=back
-
-=head1 API FUNCTIONS
-
-Currently the OpenSSL B<ssl> library exports 214 API functions.
-They are documented in the following:
-
-=head2 DEALING WITH PROTOCOL METHODS
-
-Here we document the various API functions which deal with the SSL/TLS
-protocol methods defined in B<SSL_METHOD> structures.
-
-=over 4
-
-=item const SSL_METHOD *B<SSLv2_client_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-
-=item const SSL_METHOD *B<SSLv2_server_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-
-=item const SSL_METHOD *B<SSLv2_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-
-=item const SSL_METHOD *B<SSLv3_client_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
-
-=item const SSL_METHOD *B<SSLv3_server_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
-
-=item const SSL_METHOD *B<SSLv3_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
-
-=item const SSL_METHOD *B<TLSv1_client_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
-
-=item const SSL_METHOD *B<TLSv1_server_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
-
-=item const SSL_METHOD *B<TLSv1_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
-
-=back
-
-=head2 DEALING WITH CIPHERS
-
-Here we document the various API functions which deal with the SSL/TLS
-ciphers defined in B<SSL_CIPHER> structures.
-
-=over 4
-
-=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len);
-
-Write a string to I<buf> (with a maximum size of I<len>) containing a human
-readable description of I<cipher>. Returns I<buf>.
-
-=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits);
-
-Determine the number of bits in I<cipher>. Because of export crippled ciphers
-there are two bits: The bits the algorithm supports in general (stored to
-I<alg_bits>) and the bits which are actually used (the return value).
-
-=item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
-
-Return the internal name of I<cipher> as a string. These are the various
-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
-definitions in the header files.
-
-=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
-
-Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the
-SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined
-in the specification the first time).
-
-=back
-
-=head2 DEALING WITH PROTOCOL CONTEXTS
-
-Here we document the various API functions which deal with the SSL/TLS
-protocol context defined in the B<SSL_CTX> structure.
-
-=over 4
-
-=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x);
-
-=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509);
-
-=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c);
-
-=item int B<SSL_CTX_check_private_key>(const SSL_CTX *ctx);
-
-=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg);
-
-=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t);
-
-=item void B<SSL_CTX_free>(SSL_CTX *a);
-
-=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx);
-
-=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx);
-
-=item STACK *B<SSL_CTX_get_client_CA_list>(const SSL_CTX *ctx);
-
-=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-=item void B<SSL_CTX_get_default_read_ahead>(SSL_CTX *ctx);
-
-=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx);
-
-=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
-
-=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
-
-=item void B<SSL_CTX_get_read_ahead>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
-
-=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx);
-
-=item int (*B<SSL_CTX_get_verify_callback>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
-
-=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath);
-
-=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
-
-=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
-
-=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
-
-=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx);
-
-=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);
-
-=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);
-
-=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);
-
-=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx);
-
-=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t);
-
-=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));
-
-=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));
-
-=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));
-
-=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx);
-
-=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx);
-
-=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg);
-
-=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs);
-
-=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(), char *arg)
-
-=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str);
-
-=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list);
-
-=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
-
-=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void))
-
-=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m);
-
-=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg);
-
-=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));
-
-=item void B<SSL_CTX_set_msg_callback>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-
-=item void B<SSL_CTX_set_msg_callback_arg>(SSL_CTX *ctx, void *arg);
-
-=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op);
-
-=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
-
-=item void B<SSL_CTX_set_read_ahead>(SSL_CTX *ctx, int m);
-
-=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
-
-=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
-
-=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
-
-=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh);
-
-=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
-
-=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa);
-
-=item SSL_CTX_set_tmp_rsa_callback
-
-C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));>
-
-Sets the callback which will be called when a temporary private key is
-required. The B<C<export>> flag will be set if the reason for needing
-a temp key is that an export ciphersuite is in use, in which case,
-B<C<keylength>> will contain the required keylength in bits. Generate a key of
-appropriate size (using ???) and return it.
-
-=item SSL_set_tmp_rsa_callback
-
-long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength));
-
-The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL
-session instead of a context.
-
-=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
-
-=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey);
-
-=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len);
-
-=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type);
-
-=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa);
-
-=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len);
-
-=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type);
-
-=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x);
-
-=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d);
-
-=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
-
-=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
-
-=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX *ctx, const char *hint);
-
-=item void B<SSL_CTX_set_psk_server_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
-
-
-
-
-=back
-
-=head2 DEALING WITH SESSIONS
-
-Here we document the various API functions which deal with the SSL/TLS
-sessions defined in the B<SSL_SESSION> structures.
-
-=over 4
-
-=item int B<SSL_SESSION_cmp>(const SSL_SESSION *a, const SSL_SESSION *b);
-
-=item void B<SSL_SESSION_free>(SSL_SESSION *ss);
-
-=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s);
-
-=item char *B<SSL_SESSION_get_ex_data>(const SSL_SESSION *s, int idx);
-
-=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item long B<SSL_SESSION_get_time>(const SSL_SESSION *s);
-
-=item long B<SSL_SESSION_get_timeout>(const SSL_SESSION *s);
-
-=item unsigned long B<SSL_SESSION_hash>(const SSL_SESSION *a);
-
-=item SSL_SESSION *B<SSL_SESSION_new>(void);
-
-=item int B<SSL_SESSION_print>(BIO *bp, const SSL_SESSION *x);
-
-=item int B<SSL_SESSION_print_fp>(FILE *fp, const SSL_SESSION *x);
-
-=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a);
-
-=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg);
-
-=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t);
-
-=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t);
-
-=back
-
-=head2 DEALING WITH CONNECTIONS
-
-Here we document the various API functions which deal with the SSL/TLS
-connection defined in the B<SSL> structure.
-
-=over 4
-
-=item int B<SSL_accept>(SSL *ssl);
-
-=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir);
-
-=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file);
-
-=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x);
-
-=item char *B<SSL_alert_desc_string>(int value);
-
-=item char *B<SSL_alert_desc_string_long>(int value);
-
-=item char *B<SSL_alert_type_string>(int value);
-
-=item char *B<SSL_alert_type_string_long>(int value);
-
-=item int B<SSL_check_private_key>(const SSL *ssl);
-
-=item void B<SSL_clear>(SSL *ssl);
-
-=item long B<SSL_clear_num_renegotiations>(SSL *ssl);
-
-=item int B<SSL_connect>(SSL *ssl);
-
-=item void B<SSL_copy_session_id>(SSL *t, const SSL *f);
-
-=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
-
-=item int B<SSL_do_handshake>(SSL *ssl);
-
-=item SSL *B<SSL_dup>(SSL *ssl);
-
-=item STACK *B<SSL_dup_CA_list>(STACK *sk);
-
-=item void B<SSL_free>(SSL *ssl);
-
-=item SSL_CTX *B<SSL_get_SSL_CTX>(const SSL *ssl);
-
-=item char *B<SSL_get_app_data>(SSL *ssl);
-
-=item X509 *B<SSL_get_certificate>(const SSL *ssl);
-
-=item const char *B<SSL_get_cipher>(const SSL *ssl);
-
-=item int B<SSL_get_cipher_bits>(const SSL *ssl, int *alg_bits);
-
-=item char *B<SSL_get_cipher_list>(const SSL *ssl, int n);
-
-=item char *B<SSL_get_cipher_name>(const SSL *ssl);
-
-=item char *B<SSL_get_cipher_version>(const SSL *ssl);
-
-=item STACK *B<SSL_get_ciphers>(const SSL *ssl);
-
-=item STACK *B<SSL_get_client_CA_list>(const SSL *ssl);
-
-=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl);
-
-=item long B<SSL_get_default_timeout>(const SSL *ssl);
-
-=item int B<SSL_get_error>(const SSL *ssl, int i);
-
-=item char *B<SSL_get_ex_data>(const SSL *ssl, int idx);
-
-=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void);
-
-=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item int B<SSL_get_fd>(const SSL *ssl);
-
-=item void (*B<SSL_get_info_callback>(const SSL *ssl);)()
-
-=item STACK *B<SSL_get_peer_cert_chain>(const SSL *ssl);
-
-=item X509 *B<SSL_get_peer_certificate>(const SSL *ssl);
-
-=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl);
-
-=item int B<SSL_get_quiet_shutdown>(const SSL *ssl);
-
-=item BIO *B<SSL_get_rbio>(const SSL *ssl);
-
-=item int B<SSL_get_read_ahead>(const SSL *ssl);
-
-=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);
-
-=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
-
-=item int B<SSL_get_shutdown>(const SSL *ssl);
-
-=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
-
-=item int B<SSL_get_state>(const SSL *ssl);
-
-=item long B<SSL_get_time>(const SSL *ssl);
-
-=item long B<SSL_get_timeout>(const SSL *ssl);
-
-=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *)
-
-=item int B<SSL_get_verify_mode>(const SSL *ssl);
-
-=item long B<SSL_get_verify_result>(const SSL *ssl);
-
-=item char *B<SSL_get_version>(const SSL *ssl);
-
-=item BIO *B<SSL_get_wbio>(const SSL *ssl);
-
-=item int B<SSL_in_accept_init>(SSL *ssl);
-
-=item int B<SSL_in_before>(SSL *ssl);
-
-=item int B<SSL_in_connect_init>(SSL *ssl);
-
-=item int B<SSL_in_init>(SSL *ssl);
-
-=item int B<SSL_is_init_finished>(SSL *ssl);
-
-=item STACK *B<SSL_load_client_CA_file>(char *file);
-
-=item void B<SSL_load_error_strings>(void);
-
-=item SSL *B<SSL_new>(SSL_CTX *ctx);
-
-=item long B<SSL_num_renegotiations>(SSL *ssl);
-
-=item int B<SSL_peek>(SSL *ssl, void *buf, int num);
-
-=item int B<SSL_pending>(const SSL *ssl);
-
-=item int B<SSL_read>(SSL *ssl, void *buf, int num);
-
-=item int B<SSL_renegotiate>(SSL *ssl);
-
-=item char *B<SSL_rstate_string>(SSL *ssl);
-
-=item char *B<SSL_rstate_string_long>(SSL *ssl);
-
-=item long B<SSL_session_reused>(SSL *ssl);
-
-=item void B<SSL_set_accept_state>(SSL *ssl);
-
-=item void B<SSL_set_app_data>(SSL *ssl, char *arg);
-
-=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio);
-
-=item int B<SSL_set_cipher_list>(SSL *ssl, char *str);
-
-=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list);
-
-=item void B<SSL_set_connect_state>(SSL *ssl);
-
-=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg);
-
-=item int B<SSL_set_fd>(SSL *ssl, int fd);
-
-=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void))
-
-=item void B<SSL_set_msg_callback>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-
-=item void B<SSL_set_msg_callback_arg>(SSL *ctx, void *arg);
-
-=item void B<SSL_set_options>(SSL *ssl, unsigned long op);
-
-=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode);
-
-=item void B<SSL_set_read_ahead>(SSL *ssl, int yes);
-
-=item int B<SSL_set_rfd>(SSL *ssl, int fd);
-
-=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session);
-
-=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
-
-=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth);
-
-=item void B<SSL_set_time>(SSL *ssl, long t);
-
-=item void B<SSL_set_timeout>(SSL *ssl, long t);
-
-=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void))
-
-=item void B<SSL_set_verify_result>(SSL *ssl, long arg);
-
-=item int B<SSL_set_wfd>(SSL *ssl, int fd);
-
-=item int B<SSL_shutdown>(SSL *ssl);
-
-=item int B<SSL_state>(const SSL *ssl);
-
-=item char *B<SSL_state_string>(const SSL *ssl);
-
-=item char *B<SSL_state_string_long>(const SSL *ssl);
-
-=item long B<SSL_total_renegotiations>(SSL *ssl);
-
-=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey);
-
-=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len);
-
-=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa);
-
-=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len);
-
-=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_use_certificate>(SSL *ssl, X509 *x);
-
-=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d);
-
-=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_version>(const SSL *ssl);
-
-=item int B<SSL_want>(const SSL *ssl);
-
-=item int B<SSL_want_nothing>(const SSL *ssl);
-
-=item int B<SSL_want_read>(const SSL *ssl);
-
-=item int B<SSL_want_write>(const SSL *ssl);
-
-=item int B<SSL_want_x509_lookup>(const SSL *ssl);
-
-=item int B<SSL_write>(SSL *ssl, const void *buf, int num);
-
-=item void B<SSL_set_psk_client_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
-
-=item int B<SSL_use_psk_identity_hint>(SSL *ssl, const char *hint);
-
-=item void B<SSL_set_psk_server_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
-
-=item const char *B<SSL_get_psk_identity_hint>(SSL *ssl);
-
-=item const char *B<SSL_get_psk_identity>(SSL *ssl);
-
-=back
-
-=head1 SEE ALSO
-
-L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>,
-L<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>,
-L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
-L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>,
-L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>,
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
-L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
-L<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>,
-L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>,
-L<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>,
-L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
-L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
-L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
-L<SSL_get_fd(3)|SSL_get_fd(3)>,
-L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>,
-L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
-L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_get_version(3)|SSL_get_version(3)>,
-L<SSL_library_init(3)|SSL_library_init(3)>,
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
-L<SSL_new(3)|SSL_new(3)>,
-L<SSL_pending(3)|SSL_pending(3)>,
-L<SSL_read(3)|SSL_read(3)>,
-L<SSL_rstate_string(3)|SSL_rstate_string(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_set_bio(3)|SSL_set_bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_set_fd(3)|SSL_set_fd(3)>,
-L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_state_string(3)|SSL_state_string(3)>,
-L<SSL_want(3)|SSL_want(3)>,
-L<SSL_write(3)|SSL_write(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
-L<SSL_CTX_set_psk_client_callback(3)|SSL_CTX_set_psk_client_callback(3)>,
-L<SSL_CTX_use_psk_identity_hint(3)|SSL_CTX_use_psk_identity_hint(3)>,
-L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
-
-=head1 HISTORY
-
-The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
-
-=cut
-
Copied: vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod (from rev 11605, vendor-crypto/openssl/dist/doc/ssl/ssl.pod)
===================================================================
--- vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod (rev 0)
+++ vendor-crypto/openssl/1.0.1u/doc/ssl/ssl.pod 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,810 @@
+
+=pod
+
+=head1 NAME
+
+SSL - OpenSSL SSL/TLS library
+
+=head1 SYNOPSIS
+
+=head1 DESCRIPTION
+
+The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
+Transport Layer Security (TLS v1) protocols. It provides a rich API which is
+documented here.
+
+At first the library must be initialized; see
+L<SSL_library_init(3)|SSL_library_init(3)>.
+
+Then an B<SSL_CTX> object is created as a framework to establish
+TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>).
+Various options regarding certificates, algorithms etc. can be set
+in this object.
+
+When a network connection has been created, it can be assigned to an
+B<SSL> object. After the B<SSL> object has been created using
+L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or
+L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network
+connection with the object.
+
+Then the TLS/SSL handshake is performed using
+L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)>
+respectively.
+L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used
+to read and write data on the TLS/SSL connection.
+L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the
+TLS/SSL connection.
+
+=head1 DATA STRUCTURES
+
+Currently the OpenSSL B<ssl> library functions deals with the following data
+structures:
+
+=over 4
+
+=item B<SSL_METHOD> (SSL Method)
+
+That's a dispatch structure describing the internal B<ssl> library
+methods/functions which implement the various protocol versions (SSLv1, SSLv2
+and TLSv1). It's needed to create an B<SSL_CTX>.
+
+=item B<SSL_CIPHER> (SSL Cipher)
+
+This structure holds the algorithm information for a particular cipher which
+are a core part of the SSL/TLS protocol. The available ciphers are configured
+on a B<SSL_CTX> basis and the actually used ones are then part of the
+B<SSL_SESSION>.
+
+=item B<SSL_CTX> (SSL Context)
+
+That's the global context structure which is created by a server or client
+once per program life-time and which holds mainly default values for the
+B<SSL> structures which are later created for the connections.
+
+=item B<SSL_SESSION> (SSL Session)
+
+This is a structure containing the current TLS/SSL session details for a
+connection: B<SSL_CIPHER>s, client and server certificates, keys, etc.
+
+=item B<SSL> (SSL Connection)
+
+That's the main SSL/TLS structure which is created by a server or client per
+established connection. This actually is the core structure in the SSL API.
+Under run-time the application usually deals with this structure which has
+links to mostly all other structures.
+
+=back
+
+
+=head1 HEADER FILES
+
+Currently the OpenSSL B<ssl> library provides the following C header files
+containing the prototypes for the data structures and and functions:
+
+=over 4
+
+=item B<ssl.h>
+
+That's the common header file for the SSL/TLS API. Include it into your
+program to make the API of the B<ssl> library available. It internally
+includes both more private SSL headers and headers from the B<crypto> library.
+Whenever you need hard-core details on the internals of the SSL API, look
+inside this header file.
+
+=item B<ssl2.h>
+
+That's the sub header file dealing with the SSLv2 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<ssl3.h>
+
+That's the sub header file dealing with the SSLv3 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<ssl23.h>
+
+That's the sub header file dealing with the combined use of the SSLv2 and
+SSLv3 protocols.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<tls1.h>
+
+That's the sub header file dealing with the TLSv1 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=back
+
+=head1 API FUNCTIONS
+
+Currently the OpenSSL B<ssl> library exports 214 API functions.
+They are documented in the following:
+
+=head2 DEALING WITH PROTOCOL METHODS
+
+Here we document the various API functions which deal with the SSL/TLS
+protocol methods defined in B<SSL_METHOD> structures.
+
+=over 4
+
+=item const SSL_METHOD *B<SSLv23_method>(void);
+
+Constructor for the I<version-flexible> SSL_METHOD structure for
+clients, servers or both.
+See L<SSL_CTX_new(3)> for details.
+
+=item const SSL_METHOD *B<SSLv23_client_method>(void);
+
+Constructor for the I<version-flexible> SSL_METHOD structure for
+clients.
+
+=item const SSL_METHOD *B<SSLv23_client_method>(void);
+
+Constructor for the I<version-flexible> SSL_METHOD structure for
+servers.
+
+=item const SSL_METHOD *B<TLSv1_2_method>(void);
+
+Constructor for the TLSv1.2 SSL_METHOD structure for clients, servers
+or both.
+
+=item const SSL_METHOD *B<TLSv1_2_client_method>(void);
+
+Constructor for the TLSv1.2 SSL_METHOD structure for clients.
+
+=item const SSL_METHOD *B<TLSv1_2_server_method>(void);
+
+Constructor for the TLSv1.2 SSL_METHOD structure for servers.
+
+=item const SSL_METHOD *B<TLSv1_1_method>(void);
+
+Constructor for the TLSv1.1 SSL_METHOD structure for clients, servers
+or both.
+
+=item const SSL_METHOD *B<TLSv1_1_client_method>(void);
+
+Constructor for the TLSv1.1 SSL_METHOD structure for clients.
+
+=item const SSL_METHOD *B<TLSv1_1_server_method>(void);
+
+Constructor for the TLSv1.1 SSL_METHOD structure for servers.
+
+=item const SSL_METHOD *B<TLSv1_method>(void);
+
+Constructor for the TLSv1 SSL_METHOD structure for clients, servers
+or both.
+
+=item const SSL_METHOD *B<TLSv1_client_method>(void);
+
+Constructor for the TLSv1 SSL_METHOD structure for clients.
+
+=item const SSL_METHOD *B<TLSv1_server_method>(void);
+
+Constructor for the TLSv1 SSL_METHOD structure for servers.
+
+=item const SSL_METHOD *B<SSLv3_method>(void);
+
+Constructor for the SSLv3 SSL_METHOD structure for clients, servers
+or both.
+
+=item const SSL_METHOD *B<SSLv3_client_method>(void);
+
+Constructor for the SSLv3 SSL_METHOD structure for clients.
+
+=item const SSL_METHOD *B<SSLv3_server_method>(void);
+
+Constructor for the SSLv3 SSL_METHOD structure for servers.
+
+=item const SSL_METHOD *B<SSLv2_method>(void);
+
+Constructor for the SSLv2 SSL_METHOD structure for clients, servers
+or both.
+
+=item const SSL_METHOD *B<SSLv2_client_method>(void);
+
+Constructor for the SSLv2 SSL_METHOD structure for clients.
+
+=item const SSL_METHOD *B<SSLv2_server_method>(void);
+
+Constructor for the SSLv2 SSL_METHOD structure for servers.
+
+=back
+
+=head2 DEALING WITH CIPHERS
+
+Here we document the various API functions which deal with the SSL/TLS
+ciphers defined in B<SSL_CIPHER> structures.
+
+=over 4
+
+=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len);
+
+Write a string to I<buf> (with a maximum size of I<len>) containing a human
+readable description of I<cipher>. Returns I<buf>.
+
+=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits);
+
+Determine the number of bits in I<cipher>. Because of export crippled ciphers
+there are two bits: The bits the algorithm supports in general (stored to
+I<alg_bits>) and the bits which are actually used (the return value).
+
+=item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
+
+Return the internal name of I<cipher> as a string. These are the various
+strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
+definitions in the header files.
+
+=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
+
+Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the
+SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined
+in the specification the first time).
+
+=back
+
+=head2 DEALING WITH PROTOCOL CONTEXTS
+
+Here we document the various API functions which deal with the SSL/TLS
+protocol context defined in the B<SSL_CTX> structure.
+
+=over 4
+
+=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x);
+
+=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509);
+
+=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c);
+
+=item int B<SSL_CTX_check_private_key>(const SSL_CTX *ctx);
+
+=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg);
+
+=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t);
+
+=item void B<SSL_CTX_free>(SSL_CTX *a);
+
+=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx);
+
+=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx);
+
+=item STACK *B<SSL_CTX_get_client_CA_list>(const SSL_CTX *ctx);
+
+=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+=item void B<SSL_CTX_get_default_read_ahead>(SSL_CTX *ctx);
+
+=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx);
+
+=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
+
+=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
+
+=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
+
+=item void B<SSL_CTX_get_read_ahead>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
+
+=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx);
+
+=item int (*B<SSL_CTX_get_verify_callback>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
+
+=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath);
+
+=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
+
+=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
+
+=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
+
+=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx);
+
+=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);
+
+=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);
+
+=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);
+
+=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx);
+
+=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t);
+
+=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));
+
+=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));
+
+=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));
+
+=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx);
+
+=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx);
+
+=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg);
+
+=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs);
+
+=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(), char *arg)
+
+=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str);
+
+=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list);
+
+=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
+
+=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void))
+
+=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m);
+
+=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg);
+
+=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));
+
+=item void B<SSL_CTX_set_msg_callback>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+
+=item void B<SSL_CTX_set_msg_callback_arg>(SSL_CTX *ctx, void *arg);
+
+=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op);
+
+=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
+
+=item void B<SSL_CTX_set_read_ahead>(SSL_CTX *ctx, int m);
+
+=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
+
+=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
+
+=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh);
+
+=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
+
+=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa);
+
+=item SSL_CTX_set_tmp_rsa_callback
+
+C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));>
+
+Sets the callback which will be called when a temporary private key is
+required. The B<C<export>> flag will be set if the reason for needing
+a temp key is that an export ciphersuite is in use, in which case,
+B<C<keylength>> will contain the required keylength in bits. Generate a key of
+appropriate size (using ???) and return it.
+
+=item SSL_set_tmp_rsa_callback
+
+long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength));
+
+The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL
+session instead of a context.
+
+=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
+
+=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey);
+
+=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len);
+
+=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type);
+
+=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa);
+
+=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len);
+
+=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type);
+
+=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x);
+
+=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d);
+
+=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
+
+=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX *ctx, const char *hint);
+
+=item void B<SSL_CTX_set_psk_server_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+
+
+
+=back
+
+=head2 DEALING WITH SESSIONS
+
+Here we document the various API functions which deal with the SSL/TLS
+sessions defined in the B<SSL_SESSION> structures.
+
+=over 4
+
+=item int B<SSL_SESSION_cmp>(const SSL_SESSION *a, const SSL_SESSION *b);
+
+=item void B<SSL_SESSION_free>(SSL_SESSION *ss);
+
+=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s);
+
+=item char *B<SSL_SESSION_get_ex_data>(const SSL_SESSION *s, int idx);
+
+=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
+
+=item long B<SSL_SESSION_get_time>(const SSL_SESSION *s);
+
+=item long B<SSL_SESSION_get_timeout>(const SSL_SESSION *s);
+
+=item unsigned long B<SSL_SESSION_hash>(const SSL_SESSION *a);
+
+=item SSL_SESSION *B<SSL_SESSION_new>(void);
+
+=item int B<SSL_SESSION_print>(BIO *bp, const SSL_SESSION *x);
+
+=item int B<SSL_SESSION_print_fp>(FILE *fp, const SSL_SESSION *x);
+
+=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a);
+
+=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg);
+
+=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t);
+
+=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t);
+
+=back
+
+=head2 DEALING WITH CONNECTIONS
+
+Here we document the various API functions which deal with the SSL/TLS
+connection defined in the B<SSL> structure.
+
+=over 4
+
+=item int B<SSL_accept>(SSL *ssl);
+
+=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir);
+
+=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file);
+
+=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x);
+
+=item char *B<SSL_alert_desc_string>(int value);
+
+=item char *B<SSL_alert_desc_string_long>(int value);
+
+=item char *B<SSL_alert_type_string>(int value);
+
+=item char *B<SSL_alert_type_string_long>(int value);
+
+=item int B<SSL_check_private_key>(const SSL *ssl);
+
+=item void B<SSL_clear>(SSL *ssl);
+
+=item long B<SSL_clear_num_renegotiations>(SSL *ssl);
+
+=item int B<SSL_connect>(SSL *ssl);
+
+=item void B<SSL_copy_session_id>(SSL *t, const SSL *f);
+
+=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
+
+=item int B<SSL_do_handshake>(SSL *ssl);
+
+=item SSL *B<SSL_dup>(SSL *ssl);
+
+=item STACK *B<SSL_dup_CA_list>(STACK *sk);
+
+=item void B<SSL_free>(SSL *ssl);
+
+=item SSL_CTX *B<SSL_get_SSL_CTX>(const SSL *ssl);
+
+=item char *B<SSL_get_app_data>(SSL *ssl);
+
+=item X509 *B<SSL_get_certificate>(const SSL *ssl);
+
+=item const char *B<SSL_get_cipher>(const SSL *ssl);
+
+=item int B<SSL_get_cipher_bits>(const SSL *ssl, int *alg_bits);
+
+=item char *B<SSL_get_cipher_list>(const SSL *ssl, int n);
+
+=item char *B<SSL_get_cipher_name>(const SSL *ssl);
+
+=item char *B<SSL_get_cipher_version>(const SSL *ssl);
+
+=item STACK *B<SSL_get_ciphers>(const SSL *ssl);
+
+=item STACK *B<SSL_get_client_CA_list>(const SSL *ssl);
+
+=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl);
+
+=item long B<SSL_get_default_timeout>(const SSL *ssl);
+
+=item int B<SSL_get_error>(const SSL *ssl, int i);
+
+=item char *B<SSL_get_ex_data>(const SSL *ssl, int idx);
+
+=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void);
+
+=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
+
+=item int B<SSL_get_fd>(const SSL *ssl);
+
+=item void (*B<SSL_get_info_callback>(const SSL *ssl);)()
+
+=item STACK *B<SSL_get_peer_cert_chain>(const SSL *ssl);
+
+=item X509 *B<SSL_get_peer_certificate>(const SSL *ssl);
+
+=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl);
+
+=item int B<SSL_get_quiet_shutdown>(const SSL *ssl);
+
+=item BIO *B<SSL_get_rbio>(const SSL *ssl);
+
+=item int B<SSL_get_read_ahead>(const SSL *ssl);
+
+=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);
+
+=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
+
+=item int B<SSL_get_shutdown>(const SSL *ssl);
+
+=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
+
+=item int B<SSL_get_state>(const SSL *ssl);
+
+=item long B<SSL_get_time>(const SSL *ssl);
+
+=item long B<SSL_get_timeout>(const SSL *ssl);
+
+=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *)
+
+=item int B<SSL_get_verify_mode>(const SSL *ssl);
+
+=item long B<SSL_get_verify_result>(const SSL *ssl);
+
+=item char *B<SSL_get_version>(const SSL *ssl);
+
+=item BIO *B<SSL_get_wbio>(const SSL *ssl);
+
+=item int B<SSL_in_accept_init>(SSL *ssl);
+
+=item int B<SSL_in_before>(SSL *ssl);
+
+=item int B<SSL_in_connect_init>(SSL *ssl);
+
+=item int B<SSL_in_init>(SSL *ssl);
+
+=item int B<SSL_is_init_finished>(SSL *ssl);
+
+=item STACK *B<SSL_load_client_CA_file>(char *file);
+
+=item void B<SSL_load_error_strings>(void);
+
+=item SSL *B<SSL_new>(SSL_CTX *ctx);
+
+=item long B<SSL_num_renegotiations>(SSL *ssl);
+
+=item int B<SSL_peek>(SSL *ssl, void *buf, int num);
+
+=item int B<SSL_pending>(const SSL *ssl);
+
+=item int B<SSL_read>(SSL *ssl, void *buf, int num);
+
+=item int B<SSL_renegotiate>(SSL *ssl);
+
+=item char *B<SSL_rstate_string>(SSL *ssl);
+
+=item char *B<SSL_rstate_string_long>(SSL *ssl);
+
+=item long B<SSL_session_reused>(SSL *ssl);
+
+=item void B<SSL_set_accept_state>(SSL *ssl);
+
+=item void B<SSL_set_app_data>(SSL *ssl, char *arg);
+
+=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio);
+
+=item int B<SSL_set_cipher_list>(SSL *ssl, char *str);
+
+=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list);
+
+=item void B<SSL_set_connect_state>(SSL *ssl);
+
+=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg);
+
+=item int B<SSL_set_fd>(SSL *ssl, int fd);
+
+=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void))
+
+=item void B<SSL_set_msg_callback>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+
+=item void B<SSL_set_msg_callback_arg>(SSL *ctx, void *arg);
+
+=item void B<SSL_set_options>(SSL *ssl, unsigned long op);
+
+=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode);
+
+=item void B<SSL_set_read_ahead>(SSL *ssl, int yes);
+
+=item int B<SSL_set_rfd>(SSL *ssl, int fd);
+
+=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session);
+
+=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
+
+=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth);
+
+=item void B<SSL_set_time>(SSL *ssl, long t);
+
+=item void B<SSL_set_timeout>(SSL *ssl, long t);
+
+=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void))
+
+=item void B<SSL_set_verify_result>(SSL *ssl, long arg);
+
+=item int B<SSL_set_wfd>(SSL *ssl, int fd);
+
+=item int B<SSL_shutdown>(SSL *ssl);
+
+=item int B<SSL_state>(const SSL *ssl);
+
+=item char *B<SSL_state_string>(const SSL *ssl);
+
+=item char *B<SSL_state_string_long>(const SSL *ssl);
+
+=item long B<SSL_total_renegotiations>(SSL *ssl);
+
+=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey);
+
+=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len);
+
+=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type);
+
+=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa);
+
+=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len);
+
+=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type);
+
+=item int B<SSL_use_certificate>(SSL *ssl, X509 *x);
+
+=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d);
+
+=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
+
+=item int B<SSL_version>(const SSL *ssl);
+
+=item int B<SSL_want>(const SSL *ssl);
+
+=item int B<SSL_want_nothing>(const SSL *ssl);
+
+=item int B<SSL_want_read>(const SSL *ssl);
+
+=item int B<SSL_want_write>(const SSL *ssl);
+
+=item int B<SSL_want_x509_lookup>(const SSL *ssl);
+
+=item int B<SSL_write>(SSL *ssl, const void *buf, int num);
+
+=item void B<SSL_set_psk_client_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_use_psk_identity_hint>(SSL *ssl, const char *hint);
+
+=item void B<SSL_set_psk_server_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+=item const char *B<SSL_get_psk_identity_hint>(SSL *ssl);
+
+=item const char *B<SSL_get_psk_identity>(SSL *ssl);
+
+=back
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>,
+L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_connect(3)|SSL_connect(3)>,
+L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>,
+L<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
+L<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
+L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>,
+L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>,
+L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>,
+L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
+L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
+L<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>,
+L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>,
+L<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>,
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>,
+L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
+L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
+L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
+L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
+L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
+L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
+L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>,
+L<SSL_get_error(3)|SSL_get_error(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
+L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
+L<SSL_get_fd(3)|SSL_get_fd(3)>,
+L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>,
+L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
+L<SSL_get_session(3)|SSL_get_session(3)>,
+L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_get_version(3)|SSL_get_version(3)>,
+L<SSL_library_init(3)|SSL_library_init(3)>,
+L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
+L<SSL_new(3)|SSL_new(3)>,
+L<SSL_pending(3)|SSL_pending(3)>,
+L<SSL_read(3)|SSL_read(3)>,
+L<SSL_rstate_string(3)|SSL_rstate_string(3)>,
+L<SSL_session_reused(3)|SSL_session_reused(3)>,
+L<SSL_set_bio(3)|SSL_set_bio(3)>,
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<SSL_set_fd(3)|SSL_set_fd(3)>,
+L<SSL_set_session(3)|SSL_set_session(3)>,
+L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>,
+L<SSL_state_string(3)|SSL_state_string(3)>,
+L<SSL_want(3)|SSL_want(3)>,
+L<SSL_write(3)|SSL_write(3)>,
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
+L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
+L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_psk_client_callback(3)|SSL_CTX_set_psk_client_callback(3)>,
+L<SSL_CTX_use_psk_identity_hint(3)|SSL_CTX_use_psk_identity_hint(3)>,
+L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
+
+=head1 HISTORY
+
+The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
+
+=cut
+
Deleted: vendor-crypto/openssl/1.0.1u/engines/e_chil.c
===================================================================
--- vendor-crypto/openssl/dist/engines/e_chil.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/engines/e_chil.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1343 +0,0 @@
-/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard at levitte.org), Geoff Thorpe
- * (geoff at geoffthorpe.net) and Dr Stephen N Henson (steve at openssl.org) for
- * the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/ui.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_CHIL
-
-/*-
- * Attribution notice: nCipher have said several times that it's OK for
- * us to implement a general interface to their boxes, and recently declared
- * their HWCryptoHook to be public, and therefore available for us to use.
- * Thanks, nCipher.
- *
- * The hwcryptohook.h included here is from May 2000.
- * [Richard Levitte]
- */
-# ifdef FLAT_INC
-# include "hwcryptohook.h"
-# else
-# include "vendor_defns/hwcryptohook.h"
-# endif
-
-# define HWCRHK_LIB_NAME "CHIL engine"
-# include "e_chil_err.c"
-
-static int hwcrhk_destroy(ENGINE *e);
-static int hwcrhk_init(ENGINE *e);
-static int hwcrhk_finish(ENGINE *e);
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-/* Functions to handle mutexes */
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex *,
- HWCryptoHook_CallerContext *);
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *);
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex *);
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *);
-
-/* BIGNUM stuff */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int hwcrhk_rsa_finish(RSA *rsa);
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-/* RAND stuff */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num);
-static int hwcrhk_rand_status(void);
-
-/* KM stuff */
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data);
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data);
-
-/* Interaction stuff */
-static int hwcrhk_insert_card(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx);
-static int hwcrhk_get_pass(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx);
-static void hwcrhk_log_message(void *logstr, const char *message);
-
-/* The definitions for control commands specific to this engine */
-# define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE
-# define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1)
-# define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2)
-# define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3)
-# define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4)
-static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
- {HWCRHK_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'hwcrhk' shared library",
- ENGINE_CMD_FLAG_STRING},
- {HWCRHK_CMD_FORK_CHECK,
- "FORK_CHECK",
- "Turns fork() checking on (non-zero) or off (zero)",
- ENGINE_CMD_FLAG_NUMERIC},
- {HWCRHK_CMD_THREAD_LOCKING,
- "THREAD_LOCKING",
- "Turns thread-safe locking on (zero) or off (non-zero)",
- ENGINE_CMD_FLAG_NUMERIC},
- {HWCRHK_CMD_SET_USER_INTERFACE,
- "SET_USER_INTERFACE",
- "Set the global user interface (internal)",
- ENGINE_CMD_FLAG_INTERNAL},
- {HWCRHK_CMD_SET_CALLBACK_DATA,
- "SET_CALLBACK_DATA",
- "Set the global user interface extra data (internal)",
- ENGINE_CMD_FLAG_INTERNAL},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD hwcrhk_rsa = {
- "CHIL RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- hwcrhk_rsa_mod_exp,
- hwcrhk_mod_exp_mont,
- NULL,
- hwcrhk_rsa_finish,
- 0,
- NULL,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD hwcrhk_dh = {
- "CHIL DH method",
- NULL,
- NULL,
- hwcrhk_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-static RAND_METHOD hwcrhk_rand = {
- /* "CHIL RAND method", */
- NULL,
- hwcrhk_rand_bytes,
- NULL,
- NULL,
- hwcrhk_rand_bytes,
- hwcrhk_rand_status,
-};
-
-/* Constants used when creating the ENGINE */
-static const char *engine_hwcrhk_id = "chil";
-static const char *engine_hwcrhk_name = "CHIL hardware engine support";
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-/* Compatibility hack, the dynamic library uses this form in the path */
-static const char *engine_hwcrhk_id_alt = "ncipher";
-# endif
-
-/* Internal stuff for HWCryptoHook */
-
-/* Some structures needed for proper use of thread locks */
-/*
- * hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
- * into HWCryptoHook_Mutex
- */
-struct HWCryptoHook_MutexValue {
- int lockid;
-};
-
-/*
- * hwcryptohook.h has some typedefs that turn struct
- * HWCryptoHook_PassphraseContextValue into HWCryptoHook_PassphraseContext
- */
-struct HWCryptoHook_PassphraseContextValue {
- UI_METHOD *ui_method;
- void *callback_data;
-};
-
-/*
- * hwcryptohook.h has some typedefs that turn struct
- * HWCryptoHook_CallerContextValue into HWCryptoHook_CallerContext
- */
-struct HWCryptoHook_CallerContextValue {
- pem_password_cb *password_callback; /* Deprecated! Only present for
- * backward compatibility! */
- UI_METHOD *ui_method;
- void *callback_data;
-};
-
-/*
- * The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
- * BIGNUM's, so lets define a couple of conversion macros
- */
-# define BN2MPI(mp, bn) \
- {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-# define MPI2BN(bn, mp) \
- {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-
-static BIO *logstream = NULL;
-static int disable_mutex_callbacks = 0;
-
-/*
- * One might wonder why these are needed, since one can pass down at least a
- * UI_METHOD and a pointer to callback data to the key-loading functions. The
- * thing is that the ModExp and RSAImmed functions can load keys as well, if
- * the data they get is in a special, nCipher-defined format (hint: if you
- * look at the private exponent of the RSA data as a string, you'll see this
- * string: "nCipher KM tool key id", followed by some bytes, followed a key
- * identity string, followed by more bytes. This happens when you use
- * "embed" keys instead of "hwcrhk" keys). Unfortunately, those functions do
- * not take any passphrase or caller context, and our functions can't really
- * take any callback data either. Still, the "insert_card" and
- * "get_passphrase" callbacks may be called down the line, and will need to
- * know what user interface callbacks to call, and having callback data from
- * the application may be a nice thing as well, so we need to keep track of
- * that globally.
- */
-static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
-
-/* Stuff to pass to the HWCryptoHook library */
-static HWCryptoHook_InitInfo hwcrhk_globals = {
- HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
- &logstream, /* logstream */
- sizeof(BN_ULONG), /* limbsize */
- 0, /* mslimb first: false for BNs */
- -1, /* msbyte first: use native */
- 0, /* Max mutexes, 0 = no small limit */
- 0, /* Max simultaneous, 0 = default */
-
- /*
- * The next few are mutex stuff: we write wrapper functions around the OS
- * mutex functions. We initialise them to 0 here, and change that to
- * actual function pointers in hwcrhk_init() if dynamic locks are
- * supported (that is, if the application programmer has made sure of
- * setting up callbacks bafore starting this engine) *and* if
- * disable_mutex_callbacks hasn't been set by a call to
- * ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING).
- */
- sizeof(HWCryptoHook_Mutex),
- 0,
- 0,
- 0,
- 0,
-
- /*
- * The next few are condvar stuff: we write wrapper functions round the
- * OS functions. Currently not implemented and not and absolute
- * necessity even in threaded programs, therefore 0'ed. Will hopefully
- * be implemented some day, since it enhances the efficiency of
- * HWCryptoHook.
- */
- 0, /* sizeof(HWCryptoHook_CondVar), */
- 0, /* hwcrhk_cv_init, */
- 0, /* hwcrhk_cv_wait, */
- 0, /* hwcrhk_cv_signal, */
- 0, /* hwcrhk_cv_broadcast, */
- 0, /* hwcrhk_cv_destroy, */
-
- hwcrhk_get_pass, /* pass phrase */
- hwcrhk_insert_card, /* insert a card */
- hwcrhk_log_message /* Log message */
-};
-
-/* Now, to our own code */
-
-/*
- * This internal function is used by ENGINE_chil() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth2;
-# endif
- if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
- !ENGINE_set_name(e, engine_hwcrhk_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &hwcrhk_dh) ||
-# endif
- !ENGINE_set_RAND(e, &hwcrhk_rand) ||
- !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
- !ENGINE_set_init_function(e, hwcrhk_init) ||
- !ENGINE_set_finish_function(e, hwcrhk_finish) ||
- !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
- !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
- !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
- * We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth2 = DH_OpenSSL();
- hwcrhk_dh.generate_key = meth2->generate_key;
- hwcrhk_dh.compute_key = meth2->compute_key;
-# endif
-
- /* Ensure the hwcrhk error handling is set up */
- ERR_load_HWCRHK_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_chil(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_chil(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_chil();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * HWCryptoHook library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *hwcrhk_dso = NULL;
-static HWCryptoHook_ContextHandle hwcrhk_context = 0;
-# ifndef OPENSSL_NO_RSA
-/* Index for KM handle. Not really used yet. */
-static int hndidx_rsa = -1;
-# endif
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
-static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
-static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
-# ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
-# endif
-static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
-# ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
-static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
-static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
-# endif
-static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
-
-/* Used in the DSO operations. */
-static const char *HWCRHK_LIBNAME = NULL;
-static void free_HWCRHK_LIBNAME(void)
-{
- if (HWCRHK_LIBNAME)
- OPENSSL_free((void *)HWCRHK_LIBNAME);
- HWCRHK_LIBNAME = NULL;
-}
-
-static const char *get_HWCRHK_LIBNAME(void)
-{
- if (HWCRHK_LIBNAME)
- return HWCRHK_LIBNAME;
- return "nfhwcrhk";
-}
-
-static long set_HWCRHK_LIBNAME(const char *name)
-{
- free_HWCRHK_LIBNAME();
- return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
-static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
-static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
-# ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
-# endif
-static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
-# ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
-static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
-static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
-# endif
-static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
-
-/*
- * HWCryptoHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no error
- * checking, take a look lower down where these functions are called, the
- * checking and error handling is probably down there.
- */
-
-/* utility function to obtain a context */
-static int get_context(HWCryptoHook_ContextHandle * hac,
- HWCryptoHook_CallerContext * cac)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, cac);
- if (!*hac)
- return 0;
- return 1;
-}
-
-/* similarly to release one. */
-static void release_context(HWCryptoHook_ContextHandle hac)
-{
- p_hwcrhk_Finish(hac);
-}
-
-/* Destructor (complements the "ENGINE_chil()" constructor) */
-static int hwcrhk_destroy(ENGINE *e)
-{
- free_HWCRHK_LIBNAME();
- ERR_unload_HWCRHK_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int hwcrhk_init(ENGINE *e)
-{
- HWCryptoHook_Init_t *p1;
- HWCryptoHook_Finish_t *p2;
- HWCryptoHook_ModExp_t *p3;
-# ifndef OPENSSL_NO_RSA
- HWCryptoHook_RSA_t *p4;
- HWCryptoHook_RSALoadKey_t *p5;
- HWCryptoHook_RSAGetPublicKey_t *p6;
- HWCryptoHook_RSAUnloadKey_t *p7;
-# endif
- HWCryptoHook_RandomBytes_t *p8;
- HWCryptoHook_ModExpCRT_t *p9;
-
- if (hwcrhk_dso != NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
- hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
- if (hwcrhk_dso == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
- goto err;
- }
- if (!(p1 = (HWCryptoHook_Init_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
- !(p2 = (HWCryptoHook_Finish_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
- !(p3 = (HWCryptoHook_ModExp_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
-# ifndef OPENSSL_NO_RSA
- !(p4 = (HWCryptoHook_RSA_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
- !(p5 = (HWCryptoHook_RSALoadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
- !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
- !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
-# endif
- !(p8 = (HWCryptoHook_RandomBytes_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
- !(p9 = (HWCryptoHook_ModExpCRT_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
- goto err;
- }
- /* Copy the pointers */
- p_hwcrhk_Init = p1;
- p_hwcrhk_Finish = p2;
- p_hwcrhk_ModExp = p3;
-# ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = p4;
- p_hwcrhk_RSALoadKey = p5;
- p_hwcrhk_RSAGetPublicKey = p6;
- p_hwcrhk_RSAUnloadKey = p7;
-# endif
- p_hwcrhk_RandomBytes = p8;
- p_hwcrhk_ModExpCRT = p9;
-
- /*
- * Check if the application decided to support dynamic locks, and if it
- * does, use them.
- */
- if (disable_mutex_callbacks == 0) {
- if (CRYPTO_get_dynlock_create_callback() != NULL &&
- CRYPTO_get_dynlock_lock_callback() != NULL &&
- CRYPTO_get_dynlock_destroy_callback() != NULL) {
- hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
- hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
- hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
- hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
- }
- }
-
- /*
- * Try and get a context - if not, we may have a DSO but no accelerator!
- */
- if (!get_context(&hwcrhk_context, &password_context)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_UNIT_FAILURE);
- goto err;
- }
- /* Everything's fine. */
-# ifndef OPENSSL_NO_RSA
- if (hndidx_rsa == -1)
- hndidx_rsa = RSA_get_ex_new_index(0,
- "nFast HWCryptoHook RSA key handle",
- NULL, NULL, NULL);
-# endif
- return 1;
- err:
- if (hwcrhk_dso)
- DSO_free(hwcrhk_dso);
- hwcrhk_dso = NULL;
- p_hwcrhk_Init = NULL;
- p_hwcrhk_Finish = NULL;
- p_hwcrhk_ModExp = NULL;
-# ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = NULL;
- p_hwcrhk_RSALoadKey = NULL;
- p_hwcrhk_RSAGetPublicKey = NULL;
- p_hwcrhk_RSAUnloadKey = NULL;
-# endif
- p_hwcrhk_ModExpCRT = NULL;
- p_hwcrhk_RandomBytes = NULL;
- return 0;
-}
-
-static int hwcrhk_finish(ENGINE *e)
-{
- int to_return = 1;
- free_HWCRHK_LIBNAME();
- if (hwcrhk_dso == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_NOT_LOADED);
- to_return = 0;
- goto err;
- }
- release_context(hwcrhk_context);
- if (!DSO_free(hwcrhk_dso)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_DSO_FAILURE);
- to_return = 0;
- goto err;
- }
- err:
- if (logstream)
- BIO_free(logstream);
- hwcrhk_dso = NULL;
- p_hwcrhk_Init = NULL;
- p_hwcrhk_Finish = NULL;
- p_hwcrhk_ModExp = NULL;
-# ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = NULL;
- p_hwcrhk_RSALoadKey = NULL;
- p_hwcrhk_RSAGetPublicKey = NULL;
- p_hwcrhk_RSAUnloadKey = NULL;
-# endif
- p_hwcrhk_ModExpCRT = NULL;
- p_hwcrhk_RandomBytes = NULL;
- return to_return;
-}
-
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int to_return = 1;
-
- switch (cmd) {
- case HWCRHK_CMD_SO_PATH:
- if (hwcrhk_dso) {
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_ALREADY_LOADED);
- return 0;
- }
- if (p == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return set_HWCRHK_LIBNAME((const char *)p);
- case ENGINE_CTRL_SET_LOGSTREAM:
- {
- BIO *bio = (BIO *)p;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (logstream) {
- BIO_free(logstream);
- logstream = NULL;
- }
- if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
- logstream = bio;
- else
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.password_callback = (pem_password_cb *)f;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_USER_INTERFACE:
- case HWCRHK_CMD_SET_USER_INTERFACE:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.ui_method = (UI_METHOD *)p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_CALLBACK_DATA:
- case HWCRHK_CMD_SET_CALLBACK_DATA:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.callback_data = p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /*
- * this enables or disables the "SimpleForkCheck" flag used in the
- * initialisation structure.
- */
- case ENGINE_CTRL_CHIL_SET_FORKCHECK:
- case HWCRHK_CMD_FORK_CHECK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (i)
- hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck;
- else
- hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /*
- * This will prevent the initialisation function from "installing"
- * the mutex-handling callbacks, even if they are available from
- * within the library (or were provided to the library from the
- * calling application). This is to remove any baggage for
- * applications not using multithreading.
- */
- case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- disable_mutex_callbacks = 1;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case HWCRHK_CMD_THREAD_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- disable_mutex_callbacks = ((i == 0) ? 0 : 1);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
-
- /* The command isn't understood by this engine */
- default:
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
- HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- to_return = 0;
- break;
- }
-
- return to_return;
-}
-
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data)
-{
-# ifndef OPENSSL_NO_RSA
- RSA *rtmp = NULL;
-# endif
- EVP_PKEY *res = NULL;
-# ifndef OPENSSL_NO_RSA
- HWCryptoHook_MPI e, n;
- HWCryptoHook_RSAKeyHandle *hptr;
-# endif
-# if !defined(OPENSSL_NO_RSA)
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- HWCryptoHook_PassphraseContext ppctx;
-# endif
-
-# if !defined(OPENSSL_NO_RSA)
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-# endif
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-# ifndef OPENSSL_NO_RSA
- hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
- if (!hptr) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ppctx.ui_method = ui_method;
- ppctx.callback_data = callback_data;
- if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, &rmsg, &ppctx)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- if (!*hptr) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NO_KEY);
- goto err;
- }
-# endif
-# ifndef OPENSSL_NO_RSA
- rtmp = RSA_new_method(eng);
- RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
- rtmp->e = BN_new();
- rtmp->n = BN_new();
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
- MPI2BN(rtmp->e, e);
- MPI2BN(rtmp->n, n);
- if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
- != HWCRYPTOHOOK_ERROR_MPISIZE) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
-
- bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG));
- bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG));
- MPI2BN(rtmp->e, e);
- MPI2BN(rtmp->n, n);
-
- if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- rtmp->e->top = e.size / sizeof(BN_ULONG);
- bn_fix_top(rtmp->e);
- rtmp->n->top = n.size / sizeof(BN_ULONG);
- bn_fix_top(rtmp->n);
-
- res = EVP_PKEY_new();
- if (res == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- goto err;
- }
- EVP_PKEY_assign_RSA(res, rtmp);
-# endif
-
- if (!res)
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
- HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
-
- return res;
- err:
-# ifndef OPENSSL_NO_RSA
- if (rtmp)
- RSA_free(rtmp);
-# endif
- return NULL;
-}
-
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
-{
- EVP_PKEY *res = NULL;
-
-# ifndef OPENSSL_NO_RSA
- res = hwcrhk_load_privkey(eng, key_id, ui_method, callback_data);
-# endif
-
- if (res)
- switch (res->type) {
-# ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- {
- RSA *rsa = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
- rsa = res->pkey.rsa;
- res->pkey.rsa = RSA_new();
- res->pkey.rsa->n = rsa->n;
- res->pkey.rsa->e = rsa->e;
- rsa->n = NULL;
- rsa->e = NULL;
- CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
- RSA_free(rsa);
- }
- break;
-# endif
- default:
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
- HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- goto err;
- }
-
- return res;
- err:
- if (res)
- EVP_PKEY_free(res);
- return NULL;
-}
-
-/* A little mod_exp */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- /*
- * Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, we use them
- * directly, plus a little macro magic. We only thing we need to make
- * sure of is that enough space is allocated.
- */
- HWCryptoHook_MPI m_a, m_p, m_n, m_r;
- int to_return, ret;
-
- to_return = 0; /* expect failure */
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
- /* Prepare the params */
- bn_expand2(r, m->top); /* Check for error !! */
- BN2MPI(m_a, a);
- BN2MPI(m_p, p);
- BN2MPI(m_n, m);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
-
- to_return = 1;
- err:
- return to_return;
-}
-
-# ifndef OPENSSL_NO_RSA
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- HWCryptoHook_RSAKeyHandle *hptr;
- int to_return = 0, ret;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-
- /*
- * This provides support for nForce keys. Since that's opaque data all
- * we do is provide a handle to the proper key and let HWCryptoHook take
- * care of the rest.
- */
- if ((hptr =
- (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
- != NULL) {
- HWCryptoHook_MPI m_a, m_r;
-
- if (!rsa->n) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Prepare the params */
- bn_expand2(r, rsa->n->top); /* Check for error !! */
- BN2MPI(m_a, I);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good
- * thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- } else {
- HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
-
- if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Prepare the params */
- bn_expand2(r, rsa->n->top); /* Check for error !! */
- BN2MPI(m_a, I);
- BN2MPI(m_p, rsa->p);
- BN2MPI(m_q, rsa->q);
- BN2MPI(m_dmp1, rsa->dmp1);
- BN2MPI(m_dmq1, rsa->dmq1);
- BN2MPI(m_iqmp, rsa->iqmp);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
- m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good
- * thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- }
- /*
- * If we're here, we must be here with some semblance of success :-)
- */
- to_return = 1;
- err:
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return hwcrhk_mod_exp(r, a, p, m, ctx);
-}
-
-static int hwcrhk_rsa_finish(RSA *rsa)
-{
- HWCryptoHook_RSAKeyHandle *hptr;
-
- hptr = RSA_get_ex_data(rsa, hndidx_rsa);
- if (hptr) {
- p_hwcrhk_RSAUnloadKey(*hptr, NULL);
- OPENSSL_free(hptr);
- RSA_set_ex_data(rsa, hndidx_rsa, NULL);
- }
- return 1;
-}
-
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return hwcrhk_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-/* Random bytes are good */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- int to_return = 0; /* assume failure */
- int ret;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-
- ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- to_return = 1;
- err:
- return to_return;
-}
-
-static int hwcrhk_rand_status(void)
-{
- return 1;
-}
-
-/*
- * Mutex calls: since the HWCryptoHook model closely follows the POSIX model
- * these just wrap the POSIX functions and add some logging.
- */
-
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt,
- HWCryptoHook_CallerContext * cactx)
-{
- mt->lockid = CRYPTO_get_new_dynlockid();
- if (mt->lockid == 0)
- return 1; /* failure */
- return 0; /* success */
-}
-
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt)
-{
- CRYPTO_w_lock(mt->lockid);
- return 0;
-}
-
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
-{
- CRYPTO_w_unlock(mt->lockid);
-}
-
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt)
-{
- CRYPTO_destroy_dynlockid(mt->lockid);
-}
-
-static int hwcrhk_get_pass(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx)
-{
- pem_password_cb *callback = NULL;
- void *callback_data = NULL;
- UI_METHOD *ui_method = NULL;
- /*
- * Despite what the documentation says prompt_info can be an empty
- * string.
- */
- if (prompt_info && !*prompt_info)
- prompt_info = NULL;
-
- if (cactx) {
- if (cactx->ui_method)
- ui_method = cactx->ui_method;
- if (cactx->password_callback)
- callback = cactx->password_callback;
- if (cactx->callback_data)
- callback_data = cactx->callback_data;
- }
- if (ppctx) {
- if (ppctx->ui_method) {
- ui_method = ppctx->ui_method;
- callback = NULL;
- }
- if (ppctx->callback_data)
- callback_data = ppctx->callback_data;
- }
- if (callback == NULL && ui_method == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS, HWCRHK_R_NO_CALLBACK);
- return -1;
- }
-
- if (ui_method) {
- UI *ui = UI_new_method(ui_method);
- if (ui) {
- int ok;
- char *prompt = UI_construct_prompt(ui,
- "pass phrase", prompt_info);
-
- ok = UI_add_input_string(ui, prompt,
- UI_INPUT_FLAG_DEFAULT_PWD,
- buf, 0, (*len_io) - 1);
- UI_add_user_data(ui, callback_data);
- UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
- if (ok >= 0)
- do {
- ok = UI_process(ui);
- }
- while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
- if (ok >= 0)
- *len_io = strlen(buf);
-
- UI_free(ui);
- OPENSSL_free(prompt);
- }
- } else {
- *len_io = callback(buf, *len_io, 0, callback_data);
- }
- if (!*len_io)
- return -1;
- return 0;
-}
-
-static int hwcrhk_insert_card(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx)
-{
- int ok = -1;
- UI *ui;
- void *callback_data = NULL;
- UI_METHOD *ui_method = NULL;
-
- if (cactx) {
- if (cactx->ui_method)
- ui_method = cactx->ui_method;
- if (cactx->callback_data)
- callback_data = cactx->callback_data;
- }
- if (ppctx) {
- if (ppctx->ui_method)
- ui_method = ppctx->ui_method;
- if (ppctx->callback_data)
- callback_data = ppctx->callback_data;
- }
- if (ui_method == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, HWCRHK_R_NO_CALLBACK);
- return -1;
- }
-
- ui = UI_new_method(ui_method);
-
- if (ui) {
- char answer;
- char buf[BUFSIZ];
- /*
- * Despite what the documentation says wrong_info can be an empty
- * string.
- */
- if (wrong_info && *wrong_info)
- BIO_snprintf(buf, sizeof(buf) - 1,
- "Current card: \"%s\"\n", wrong_info);
- else
- buf[0] = 0;
- ok = UI_dup_info_string(ui, buf);
- if (ok >= 0 && prompt_info) {
- BIO_snprintf(buf, sizeof(buf) - 1,
- "Insert card \"%s\"", prompt_info);
- ok = UI_dup_input_boolean(ui, buf,
- "\n then hit <enter> or C<enter> to cancel\n",
- "\r\n", "Cc", UI_INPUT_FLAG_ECHO,
- &answer);
- }
- UI_add_user_data(ui, callback_data);
-
- if (ok >= 0)
- ok = UI_process(ui);
- UI_free(ui);
-
- if (ok == -2 || (ok >= 0 && answer == 'C'))
- ok = 1;
- else if (ok < 0)
- ok = -1;
- else
- ok = 0;
- }
- return ok;
-}
-
-static void hwcrhk_log_message(void *logstr, const char *message)
-{
- BIO *lstream = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
- if (logstr)
- lstream = *(BIO **)logstr;
- if (lstream) {
- BIO_printf(lstream, "%s\n", message);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
-}
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_hwcrhk_id) != 0) &&
- (strcmp(id, engine_hwcrhk_id_alt) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_CHIL */
-#endif /* !OPENSSL_NO_HW */
Copied: vendor-crypto/openssl/1.0.1u/engines/e_chil.c (from rev 11605, vendor-crypto/openssl/dist/engines/e_chil.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/engines/e_chil.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/engines/e_chil.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1343 @@
+/* crypto/engine/e_chil.c */
+/*
+ * Written by Richard Levitte (richard at levitte.org), Geoff Thorpe
+ * (geoff at geoffthorpe.net) and Dr Stephen N Henson (steve at openssl.org) for
+ * the OpenSSL project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/ui.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_CHIL
+
+/*-
+ * Attribution notice: nCipher have said several times that it's OK for
+ * us to implement a general interface to their boxes, and recently declared
+ * their HWCryptoHook to be public, and therefore available for us to use.
+ * Thanks, nCipher.
+ *
+ * The hwcryptohook.h included here is from May 2000.
+ * [Richard Levitte]
+ */
+# ifdef FLAT_INC
+# include "hwcryptohook.h"
+# else
+# include "vendor_defns/hwcryptohook.h"
+# endif
+
+# define HWCRHK_LIB_NAME "CHIL engine"
+# include "e_chil_err.c"
+
+static int hwcrhk_destroy(ENGINE *e);
+static int hwcrhk_init(ENGINE *e);
+static int hwcrhk_finish(ENGINE *e);
+static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+/* Functions to handle mutexes */
+static int hwcrhk_mutex_init(HWCryptoHook_Mutex *,
+ HWCryptoHook_CallerContext *);
+static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *);
+static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex *);
+static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *);
+
+/* BIGNUM stuff */
+static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+ BN_CTX *ctx);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx);
+static int hwcrhk_rsa_finish(RSA *rsa);
+# endif
+
+# ifndef OPENSSL_NO_DH
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
+ const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx);
+# endif
+
+/* RAND stuff */
+static int hwcrhk_rand_bytes(unsigned char *buf, int num);
+static int hwcrhk_rand_status(void);
+
+/* KM stuff */
+static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
+ UI_METHOD *ui_method,
+ void *callback_data);
+static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
+ UI_METHOD *ui_method,
+ void *callback_data);
+
+/* Interaction stuff */
+static int hwcrhk_insert_card(const char *prompt_info,
+ const char *wrong_info,
+ HWCryptoHook_PassphraseContext * ppctx,
+ HWCryptoHook_CallerContext * cactx);
+static int hwcrhk_get_pass(const char *prompt_info,
+ int *len_io, char *buf,
+ HWCryptoHook_PassphraseContext * ppctx,
+ HWCryptoHook_CallerContext * cactx);
+static void hwcrhk_log_message(void *logstr, const char *message);
+
+/* The definitions for control commands specific to this engine */
+# define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE
+# define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1)
+# define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2)
+# define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3)
+# define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4)
+static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
+ {HWCRHK_CMD_SO_PATH,
+ "SO_PATH",
+ "Specifies the path to the 'hwcrhk' shared library",
+ ENGINE_CMD_FLAG_STRING},
+ {HWCRHK_CMD_FORK_CHECK,
+ "FORK_CHECK",
+ "Turns fork() checking on (non-zero) or off (zero)",
+ ENGINE_CMD_FLAG_NUMERIC},
+ {HWCRHK_CMD_THREAD_LOCKING,
+ "THREAD_LOCKING",
+ "Turns thread-safe locking on (zero) or off (non-zero)",
+ ENGINE_CMD_FLAG_NUMERIC},
+ {HWCRHK_CMD_SET_USER_INTERFACE,
+ "SET_USER_INTERFACE",
+ "Set the global user interface (internal)",
+ ENGINE_CMD_FLAG_INTERNAL},
+ {HWCRHK_CMD_SET_CALLBACK_DATA,
+ "SET_CALLBACK_DATA",
+ "Set the global user interface extra data (internal)",
+ ENGINE_CMD_FLAG_INTERNAL},
+ {0, NULL, NULL, 0}
+};
+
+# ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD hwcrhk_rsa = {
+ "CHIL RSA method",
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ hwcrhk_rsa_mod_exp,
+ hwcrhk_mod_exp_mont,
+ NULL,
+ hwcrhk_rsa_finish,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ NULL
+};
+# endif
+
+# ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD hwcrhk_dh = {
+ "CHIL DH method",
+ NULL,
+ NULL,
+ hwcrhk_mod_exp_dh,
+ NULL,
+ NULL,
+ 0,
+ NULL,
+ NULL
+};
+# endif
+
+static RAND_METHOD hwcrhk_rand = {
+ /* "CHIL RAND method", */
+ NULL,
+ hwcrhk_rand_bytes,
+ NULL,
+ NULL,
+ hwcrhk_rand_bytes,
+ hwcrhk_rand_status,
+};
+
+/* Constants used when creating the ENGINE */
+static const char *engine_hwcrhk_id = "chil";
+static const char *engine_hwcrhk_name = "CHIL hardware engine support";
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+/* Compatibility hack, the dynamic library uses this form in the path */
+static const char *engine_hwcrhk_id_alt = "ncipher";
+# endif
+
+/* Internal stuff for HWCryptoHook */
+
+/* Some structures needed for proper use of thread locks */
+/*
+ * hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
+ * into HWCryptoHook_Mutex
+ */
+struct HWCryptoHook_MutexValue {
+ int lockid;
+};
+
+/*
+ * hwcryptohook.h has some typedefs that turn struct
+ * HWCryptoHook_PassphraseContextValue into HWCryptoHook_PassphraseContext
+ */
+struct HWCryptoHook_PassphraseContextValue {
+ UI_METHOD *ui_method;
+ void *callback_data;
+};
+
+/*
+ * hwcryptohook.h has some typedefs that turn struct
+ * HWCryptoHook_CallerContextValue into HWCryptoHook_CallerContext
+ */
+struct HWCryptoHook_CallerContextValue {
+ pem_password_cb *password_callback; /* Deprecated! Only present for
+ * backward compatibility! */
+ UI_METHOD *ui_method;
+ void *callback_data;
+};
+
+/*
+ * The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
+ * BIGNUM's, so lets define a couple of conversion macros
+ */
+# define BN2MPI(mp, bn) \
+ {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
+# define MPI2BN(bn, mp) \
+ {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
+
+static BIO *logstream = NULL;
+static int disable_mutex_callbacks = 0;
+
+/*
+ * One might wonder why these are needed, since one can pass down at least a
+ * UI_METHOD and a pointer to callback data to the key-loading functions. The
+ * thing is that the ModExp and RSAImmed functions can load keys as well, if
+ * the data they get is in a special, nCipher-defined format (hint: if you
+ * look at the private exponent of the RSA data as a string, you'll see this
+ * string: "nCipher KM tool key id", followed by some bytes, followed a key
+ * identity string, followed by more bytes. This happens when you use
+ * "embed" keys instead of "hwcrhk" keys). Unfortunately, those functions do
+ * not take any passphrase or caller context, and our functions can't really
+ * take any callback data either. Still, the "insert_card" and
+ * "get_passphrase" callbacks may be called down the line, and will need to
+ * know what user interface callbacks to call, and having callback data from
+ * the application may be a nice thing as well, so we need to keep track of
+ * that globally.
+ */
+static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
+
+/* Stuff to pass to the HWCryptoHook library */
+static HWCryptoHook_InitInfo hwcrhk_globals = {
+ HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
+ &logstream, /* logstream */
+ sizeof(BN_ULONG), /* limbsize */
+ 0, /* mslimb first: false for BNs */
+ -1, /* msbyte first: use native */
+ 0, /* Max mutexes, 0 = no small limit */
+ 0, /* Max simultaneous, 0 = default */
+
+ /*
+ * The next few are mutex stuff: we write wrapper functions around the OS
+ * mutex functions. We initialise them to 0 here, and change that to
+ * actual function pointers in hwcrhk_init() if dynamic locks are
+ * supported (that is, if the application programmer has made sure of
+ * setting up callbacks bafore starting this engine) *and* if
+ * disable_mutex_callbacks hasn't been set by a call to
+ * ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING).
+ */
+ sizeof(HWCryptoHook_Mutex),
+ 0,
+ 0,
+ 0,
+ 0,
+
+ /*
+ * The next few are condvar stuff: we write wrapper functions round the
+ * OS functions. Currently not implemented and not and absolute
+ * necessity even in threaded programs, therefore 0'ed. Will hopefully
+ * be implemented some day, since it enhances the efficiency of
+ * HWCryptoHook.
+ */
+ 0, /* sizeof(HWCryptoHook_CondVar), */
+ 0, /* hwcrhk_cv_init, */
+ 0, /* hwcrhk_cv_wait, */
+ 0, /* hwcrhk_cv_signal, */
+ 0, /* hwcrhk_cv_broadcast, */
+ 0, /* hwcrhk_cv_destroy, */
+
+ hwcrhk_get_pass, /* pass phrase */
+ hwcrhk_insert_card, /* insert a card */
+ hwcrhk_log_message /* Log message */
+};
+
+/* Now, to our own code */
+
+/*
+ * This internal function is used by ENGINE_chil() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+# ifndef OPENSSL_NO_RSA
+ const RSA_METHOD *meth1;
+# endif
+# ifndef OPENSSL_NO_DH
+ const DH_METHOD *meth2;
+# endif
+ if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
+ !ENGINE_set_name(e, engine_hwcrhk_name) ||
+# ifndef OPENSSL_NO_RSA
+ !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
+# endif
+# ifndef OPENSSL_NO_DH
+ !ENGINE_set_DH(e, &hwcrhk_dh) ||
+# endif
+ !ENGINE_set_RAND(e, &hwcrhk_rand) ||
+ !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
+ !ENGINE_set_init_function(e, hwcrhk_init) ||
+ !ENGINE_set_finish_function(e, hwcrhk_finish) ||
+ !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
+ !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
+ !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
+ !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
+ return 0;
+
+# ifndef OPENSSL_NO_RSA
+ /*
+ * We know that the "PKCS1_SSLeay()" functions hook properly to the
+ * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
+ * We don't use ENGINE_openssl() or anything "more generic" because
+ * something like the RSAref code may not hook properly, and if you own
+ * one of these cards then you have the right to do RSA operations on it
+ * anyway!
+ */
+ meth1 = RSA_PKCS1_SSLeay();
+ hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+ hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+ hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+ hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+# endif
+
+# ifndef OPENSSL_NO_DH
+ /* Much the same for Diffie-Hellman */
+ meth2 = DH_OpenSSL();
+ hwcrhk_dh.generate_key = meth2->generate_key;
+ hwcrhk_dh.compute_key = meth2->compute_key;
+# endif
+
+ /* Ensure the hwcrhk error handling is set up */
+ ERR_load_HWCRHK_strings();
+ return 1;
+}
+
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_chil(void)
+{
+ ENGINE *ret = ENGINE_new();
+ if (!ret)
+ return NULL;
+ if (!bind_helper(ret)) {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+void ENGINE_load_chil(void)
+{
+ /* Copied from eng_[openssl|dyn].c */
+ ENGINE *toadd = engine_chil();
+ if (!toadd)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+}
+# endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * HWCryptoHook library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+static DSO *hwcrhk_dso = NULL;
+static HWCryptoHook_ContextHandle hwcrhk_context = 0;
+# ifndef OPENSSL_NO_RSA
+/* Index for KM handle. Not really used yet. */
+static int hndidx_rsa = -1;
+# endif
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
+static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
+static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
+# ifndef OPENSSL_NO_RSA
+static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
+# endif
+static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
+# ifndef OPENSSL_NO_RSA
+static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
+static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
+static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
+# endif
+static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
+
+/* Used in the DSO operations. */
+static const char *HWCRHK_LIBNAME = NULL;
+static void free_HWCRHK_LIBNAME(void)
+{
+ if (HWCRHK_LIBNAME)
+ OPENSSL_free((void *)HWCRHK_LIBNAME);
+ HWCRHK_LIBNAME = NULL;
+}
+
+static const char *get_HWCRHK_LIBNAME(void)
+{
+ if (HWCRHK_LIBNAME)
+ return HWCRHK_LIBNAME;
+ return "nfhwcrhk";
+}
+
+static long set_HWCRHK_LIBNAME(const char *name)
+{
+ free_HWCRHK_LIBNAME();
+ return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
+static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
+static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
+# ifndef OPENSSL_NO_RSA
+static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
+# endif
+static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
+# ifndef OPENSSL_NO_RSA
+static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
+static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
+static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
+# endif
+static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
+
+/*
+ * HWCryptoHook library functions and mechanics - these are used by the
+ * higher-level functions further down. NB: As and where there's no error
+ * checking, take a look lower down where these functions are called, the
+ * checking and error handling is probably down there.
+ */
+
+/* utility function to obtain a context */
+static int get_context(HWCryptoHook_ContextHandle * hac,
+ HWCryptoHook_CallerContext * cac)
+{
+ char tempbuf[1024];
+ HWCryptoHook_ErrMsgBuf rmsg;
+
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+
+ *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, cac);
+ if (!*hac)
+ return 0;
+ return 1;
+}
+
+/* similarly to release one. */
+static void release_context(HWCryptoHook_ContextHandle hac)
+{
+ p_hwcrhk_Finish(hac);
+}
+
+/* Destructor (complements the "ENGINE_chil()" constructor) */
+static int hwcrhk_destroy(ENGINE *e)
+{
+ free_HWCRHK_LIBNAME();
+ ERR_unload_HWCRHK_strings();
+ return 1;
+}
+
+/* (de)initialisation functions. */
+static int hwcrhk_init(ENGINE *e)
+{
+ HWCryptoHook_Init_t *p1;
+ HWCryptoHook_Finish_t *p2;
+ HWCryptoHook_ModExp_t *p3;
+# ifndef OPENSSL_NO_RSA
+ HWCryptoHook_RSA_t *p4;
+ HWCryptoHook_RSALoadKey_t *p5;
+ HWCryptoHook_RSAGetPublicKey_t *p6;
+ HWCryptoHook_RSAUnloadKey_t *p7;
+# endif
+ HWCryptoHook_RandomBytes_t *p8;
+ HWCryptoHook_ModExpCRT_t *p9;
+
+ if (hwcrhk_dso != NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_ALREADY_LOADED);
+ goto err;
+ }
+ /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
+ hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
+ if (hwcrhk_dso == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
+ goto err;
+ }
+ if (!(p1 = (HWCryptoHook_Init_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
+ !(p2 = (HWCryptoHook_Finish_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
+ !(p3 = (HWCryptoHook_ModExp_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
+# ifndef OPENSSL_NO_RSA
+ !(p4 = (HWCryptoHook_RSA_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
+ !(p5 = (HWCryptoHook_RSALoadKey_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
+ !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
+ !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
+# endif
+ !(p8 = (HWCryptoHook_RandomBytes_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
+ !(p9 = (HWCryptoHook_ModExpCRT_t *)
+ DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
+ goto err;
+ }
+ /* Copy the pointers */
+ p_hwcrhk_Init = p1;
+ p_hwcrhk_Finish = p2;
+ p_hwcrhk_ModExp = p3;
+# ifndef OPENSSL_NO_RSA
+ p_hwcrhk_RSA = p4;
+ p_hwcrhk_RSALoadKey = p5;
+ p_hwcrhk_RSAGetPublicKey = p6;
+ p_hwcrhk_RSAUnloadKey = p7;
+# endif
+ p_hwcrhk_RandomBytes = p8;
+ p_hwcrhk_ModExpCRT = p9;
+
+ /*
+ * Check if the application decided to support dynamic locks, and if it
+ * does, use them.
+ */
+ if (disable_mutex_callbacks == 0) {
+ if (CRYPTO_get_dynlock_create_callback() != NULL &&
+ CRYPTO_get_dynlock_lock_callback() != NULL &&
+ CRYPTO_get_dynlock_destroy_callback() != NULL) {
+ hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+ hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+ hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+ hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
+ }
+ }
+
+ /*
+ * Try and get a context - if not, we may have a DSO but no accelerator!
+ */
+ if (!get_context(&hwcrhk_context, &password_context)) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_UNIT_FAILURE);
+ goto err;
+ }
+ /* Everything's fine. */
+# ifndef OPENSSL_NO_RSA
+ if (hndidx_rsa == -1)
+ hndidx_rsa = RSA_get_ex_new_index(0,
+ "nFast HWCryptoHook RSA key handle",
+ NULL, NULL, NULL);
+# endif
+ return 1;
+ err:
+ if (hwcrhk_dso)
+ DSO_free(hwcrhk_dso);
+ hwcrhk_dso = NULL;
+ p_hwcrhk_Init = NULL;
+ p_hwcrhk_Finish = NULL;
+ p_hwcrhk_ModExp = NULL;
+# ifndef OPENSSL_NO_RSA
+ p_hwcrhk_RSA = NULL;
+ p_hwcrhk_RSALoadKey = NULL;
+ p_hwcrhk_RSAGetPublicKey = NULL;
+ p_hwcrhk_RSAUnloadKey = NULL;
+# endif
+ p_hwcrhk_ModExpCRT = NULL;
+ p_hwcrhk_RandomBytes = NULL;
+ return 0;
+}
+
+static int hwcrhk_finish(ENGINE *e)
+{
+ int to_return = 1;
+ free_HWCRHK_LIBNAME();
+ if (hwcrhk_dso == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_NOT_LOADED);
+ to_return = 0;
+ goto err;
+ }
+ release_context(hwcrhk_context);
+ if (!DSO_free(hwcrhk_dso)) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_DSO_FAILURE);
+ to_return = 0;
+ goto err;
+ }
+ err:
+ if (logstream)
+ BIO_free(logstream);
+ hwcrhk_dso = NULL;
+ p_hwcrhk_Init = NULL;
+ p_hwcrhk_Finish = NULL;
+ p_hwcrhk_ModExp = NULL;
+# ifndef OPENSSL_NO_RSA
+ p_hwcrhk_RSA = NULL;
+ p_hwcrhk_RSALoadKey = NULL;
+ p_hwcrhk_RSAGetPublicKey = NULL;
+ p_hwcrhk_RSAUnloadKey = NULL;
+# endif
+ p_hwcrhk_ModExpCRT = NULL;
+ p_hwcrhk_RandomBytes = NULL;
+ return to_return;
+}
+
+static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+ int to_return = 1;
+
+ switch (cmd) {
+ case HWCRHK_CMD_SO_PATH:
+ if (hwcrhk_dso) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_ALREADY_LOADED);
+ return 0;
+ }
+ if (p == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ return set_HWCRHK_LIBNAME((const char *)p);
+ case ENGINE_CTRL_SET_LOGSTREAM:
+ {
+ BIO *bio = (BIO *)p;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ if (logstream) {
+ BIO_free(logstream);
+ logstream = NULL;
+ }
+ if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
+ logstream = bio;
+ else
+ HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+ case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ password_context.password_callback = (pem_password_cb *)f;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+ case ENGINE_CTRL_SET_USER_INTERFACE:
+ case HWCRHK_CMD_SET_USER_INTERFACE:
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ password_context.ui_method = (UI_METHOD *)p;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+ case ENGINE_CTRL_SET_CALLBACK_DATA:
+ case HWCRHK_CMD_SET_CALLBACK_DATA:
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ password_context.callback_data = p;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+ /*
+ * this enables or disables the "SimpleForkCheck" flag used in the
+ * initialisation structure.
+ */
+ case ENGINE_CTRL_CHIL_SET_FORKCHECK:
+ case HWCRHK_CMD_FORK_CHECK:
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ if (i)
+ hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck;
+ else
+ hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+ /*
+ * This will prevent the initialisation function from "installing"
+ * the mutex-handling callbacks, even if they are available from
+ * within the library (or were provided to the library from the
+ * calling application). This is to remove any baggage for
+ * applications not using multithreading.
+ */
+ case ENGINE_CTRL_CHIL_NO_LOCKING:
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ disable_mutex_callbacks = 1;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+ case HWCRHK_CMD_THREAD_LOCKING:
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ disable_mutex_callbacks = ((i == 0) ? 0 : 1);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ break;
+
+ /* The command isn't understood by this engine */
+ default:
+ HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
+ HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+ to_return = 0;
+ break;
+ }
+
+ return to_return;
+}
+
+static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
+ UI_METHOD *ui_method,
+ void *callback_data)
+{
+# ifndef OPENSSL_NO_RSA
+ RSA *rtmp = NULL;
+# endif
+ EVP_PKEY *res = NULL;
+# ifndef OPENSSL_NO_RSA
+ HWCryptoHook_MPI e, n;
+ HWCryptoHook_RSAKeyHandle *hptr;
+# endif
+# if !defined(OPENSSL_NO_RSA)
+ char tempbuf[1024];
+ HWCryptoHook_ErrMsgBuf rmsg;
+ HWCryptoHook_PassphraseContext ppctx;
+# endif
+
+# if !defined(OPENSSL_NO_RSA)
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+# endif
+
+ if (!hwcrhk_context) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NOT_INITIALISED);
+ goto err;
+ }
+# ifndef OPENSSL_NO_RSA
+ hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
+ if (!hptr) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ ppctx.ui_method = ui_method;
+ ppctx.callback_data = callback_data;
+ if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, &rmsg, &ppctx)) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+ if (!*hptr) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NO_KEY);
+ goto err;
+ }
+# endif
+# ifndef OPENSSL_NO_RSA
+ rtmp = RSA_new_method(eng);
+ RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
+ rtmp->e = BN_new();
+ rtmp->n = BN_new();
+ rtmp->flags |= RSA_FLAG_EXT_PKEY;
+ MPI2BN(rtmp->e, e);
+ MPI2BN(rtmp->n, n);
+ if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
+ != HWCRYPTOHOOK_ERROR_MPISIZE) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+
+ bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG));
+ bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG));
+ MPI2BN(rtmp->e, e);
+ MPI2BN(rtmp->n, n);
+
+ if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+ rtmp->e->top = e.size / sizeof(BN_ULONG);
+ bn_fix_top(rtmp->e);
+ rtmp->n->top = n.size / sizeof(BN_ULONG);
+ bn_fix_top(rtmp->n);
+
+ res = EVP_PKEY_new();
+ if (res == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ goto err;
+ }
+ EVP_PKEY_assign_RSA(res, rtmp);
+# endif
+
+ if (!res)
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
+ HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
+
+ return res;
+ err:
+# ifndef OPENSSL_NO_RSA
+ if (rtmp)
+ RSA_free(rtmp);
+# endif
+ return NULL;
+}
+
+static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
+ UI_METHOD *ui_method, void *callback_data)
+{
+ EVP_PKEY *res = NULL;
+
+# ifndef OPENSSL_NO_RSA
+ res = hwcrhk_load_privkey(eng, key_id, ui_method, callback_data);
+# endif
+
+ if (res)
+ switch (res->type) {
+# ifndef OPENSSL_NO_RSA
+ case EVP_PKEY_RSA:
+ {
+ RSA *rsa = NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+ rsa = res->pkey.rsa;
+ res->pkey.rsa = RSA_new();
+ res->pkey.rsa->n = rsa->n;
+ res->pkey.rsa->e = rsa->e;
+ rsa->n = NULL;
+ rsa->e = NULL;
+ CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+ RSA_free(rsa);
+ }
+ break;
+# endif
+ default:
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+ HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+ goto err;
+ }
+
+ return res;
+ err:
+ if (res)
+ EVP_PKEY_free(res);
+ return NULL;
+}
+
+/* A little mod_exp */
+static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx)
+{
+ char tempbuf[1024];
+ HWCryptoHook_ErrMsgBuf rmsg;
+ /*
+ * Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, we use them
+ * directly, plus a little macro magic. We only thing we need to make
+ * sure of is that enough space is allocated.
+ */
+ HWCryptoHook_MPI m_a, m_p, m_n, m_r;
+ int to_return, ret;
+
+ to_return = 0; /* expect failure */
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+
+ if (!hwcrhk_context) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
+ goto err;
+ }
+ /* Prepare the params */
+ bn_expand2(r, m->top); /* Check for error !! */
+ BN2MPI(m_a, a);
+ BN2MPI(m_p, p);
+ BN2MPI(m_n, m);
+ MPI2BN(r, m_r);
+
+ /* Perform the operation */
+ ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
+
+ /* Convert the response */
+ r->top = m_r.size / sizeof(BN_ULONG);
+ bn_fix_top(r);
+
+ if (ret < 0) {
+ /*
+ * FIXME: When this error is returned, HWCryptoHook is telling us
+ * that falling back to software computation might be a good thing.
+ */
+ if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FALLBACK);
+ } else {
+ HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FAILED);
+ }
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+
+ to_return = 1;
+ err:
+ return to_return;
+}
+
+# ifndef OPENSSL_NO_RSA
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+ BN_CTX *ctx)
+{
+ char tempbuf[1024];
+ HWCryptoHook_ErrMsgBuf rmsg;
+ HWCryptoHook_RSAKeyHandle *hptr;
+ int to_return = 0, ret;
+
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+
+ if (!hwcrhk_context) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
+ goto err;
+ }
+
+ /*
+ * This provides support for nForce keys. Since that's opaque data all
+ * we do is provide a handle to the proper key and let HWCryptoHook take
+ * care of the rest.
+ */
+ if ((hptr =
+ (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
+ != NULL) {
+ HWCryptoHook_MPI m_a, m_r;
+
+ if (!rsa->n) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+ HWCRHK_R_MISSING_KEY_COMPONENTS);
+ goto err;
+ }
+
+ /* Prepare the params */
+ bn_expand2(r, rsa->n->top); /* Check for error !! */
+ BN2MPI(m_a, I);
+ MPI2BN(r, m_r);
+
+ /* Perform the operation */
+ ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
+
+ /* Convert the response */
+ r->top = m_r.size / sizeof(BN_ULONG);
+ bn_fix_top(r);
+
+ if (ret < 0) {
+ /*
+ * FIXME: When this error is returned, HWCryptoHook is telling us
+ * that falling back to software computation might be a good
+ * thing.
+ */
+ if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+ HWCRHK_R_REQUEST_FALLBACK);
+ } else {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+ HWCRHK_R_REQUEST_FAILED);
+ }
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+ } else {
+ HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
+
+ if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+ HWCRHK_R_MISSING_KEY_COMPONENTS);
+ goto err;
+ }
+
+ /* Prepare the params */
+ bn_expand2(r, rsa->n->top); /* Check for error !! */
+ BN2MPI(m_a, I);
+ BN2MPI(m_p, rsa->p);
+ BN2MPI(m_q, rsa->q);
+ BN2MPI(m_dmp1, rsa->dmp1);
+ BN2MPI(m_dmq1, rsa->dmq1);
+ BN2MPI(m_iqmp, rsa->iqmp);
+ MPI2BN(r, m_r);
+
+ /* Perform the operation */
+ ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
+ m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
+
+ /* Convert the response */
+ r->top = m_r.size / sizeof(BN_ULONG);
+ bn_fix_top(r);
+
+ if (ret < 0) {
+ /*
+ * FIXME: When this error is returned, HWCryptoHook is telling us
+ * that falling back to software computation might be a good
+ * thing.
+ */
+ if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+ HWCRHK_R_REQUEST_FALLBACK);
+ } else {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+ HWCRHK_R_REQUEST_FAILED);
+ }
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+ }
+ /*
+ * If we're here, we must be here with some semblance of success :-)
+ */
+ to_return = 1;
+ err:
+ return to_return;
+}
+# endif
+
+# ifndef OPENSSL_NO_RSA
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx)
+{
+ return hwcrhk_mod_exp(r, a, p, m, ctx);
+}
+
+static int hwcrhk_rsa_finish(RSA *rsa)
+{
+ HWCryptoHook_RSAKeyHandle *hptr;
+
+ hptr = RSA_get_ex_data(rsa, hndidx_rsa);
+ if (hptr) {
+ p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+ OPENSSL_free(hptr);
+ RSA_set_ex_data(rsa, hndidx_rsa, NULL);
+ }
+ return 1;
+}
+
+# endif
+
+# ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
+ const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+ return hwcrhk_mod_exp(r, a, p, m, ctx);
+}
+# endif
+
+/* Random bytes are good */
+static int hwcrhk_rand_bytes(unsigned char *buf, int num)
+{
+ char tempbuf[1024];
+ HWCryptoHook_ErrMsgBuf rmsg;
+ int to_return = 0; /* assume failure */
+ int ret;
+
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+
+ if (!hwcrhk_context) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_NOT_INITIALISED);
+ goto err;
+ }
+
+ ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
+ if (ret < 0) {
+ /*
+ * FIXME: When this error is returned, HWCryptoHook is telling us
+ * that falling back to software computation might be a good thing.
+ */
+ if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FALLBACK);
+ } else {
+ HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FAILED);
+ }
+ ERR_add_error_data(1, rmsg.buf);
+ goto err;
+ }
+ to_return = 1;
+ err:
+ return to_return;
+}
+
+static int hwcrhk_rand_status(void)
+{
+ return 1;
+}
+
+/*
+ * Mutex calls: since the HWCryptoHook model closely follows the POSIX model
+ * these just wrap the POSIX functions and add some logging.
+ */
+
+static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt,
+ HWCryptoHook_CallerContext * cactx)
+{
+ mt->lockid = CRYPTO_get_new_dynlockid();
+ if (mt->lockid == 0)
+ return 1; /* failure */
+ return 0; /* success */
+}
+
+static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt)
+{
+ CRYPTO_w_lock(mt->lockid);
+ return 0;
+}
+
+static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
+{
+ CRYPTO_w_unlock(mt->lockid);
+}
+
+static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt)
+{
+ CRYPTO_destroy_dynlockid(mt->lockid);
+}
+
+static int hwcrhk_get_pass(const char *prompt_info,
+ int *len_io, char *buf,
+ HWCryptoHook_PassphraseContext * ppctx,
+ HWCryptoHook_CallerContext * cactx)
+{
+ pem_password_cb *callback = NULL;
+ void *callback_data = NULL;
+ UI_METHOD *ui_method = NULL;
+ /*
+ * Despite what the documentation says prompt_info can be an empty
+ * string.
+ */
+ if (prompt_info && !*prompt_info)
+ prompt_info = NULL;
+
+ if (cactx) {
+ if (cactx->ui_method)
+ ui_method = cactx->ui_method;
+ if (cactx->password_callback)
+ callback = cactx->password_callback;
+ if (cactx->callback_data)
+ callback_data = cactx->callback_data;
+ }
+ if (ppctx) {
+ if (ppctx->ui_method) {
+ ui_method = ppctx->ui_method;
+ callback = NULL;
+ }
+ if (ppctx->callback_data)
+ callback_data = ppctx->callback_data;
+ }
+ if (callback == NULL && ui_method == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS, HWCRHK_R_NO_CALLBACK);
+ return -1;
+ }
+
+ if (ui_method) {
+ UI *ui = UI_new_method(ui_method);
+ if (ui) {
+ int ok;
+ char *prompt = UI_construct_prompt(ui,
+ "pass phrase", prompt_info);
+
+ ok = UI_add_input_string(ui, prompt,
+ UI_INPUT_FLAG_DEFAULT_PWD,
+ buf, 0, (*len_io) - 1);
+ UI_add_user_data(ui, callback_data);
+ UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
+
+ if (ok >= 0)
+ do {
+ ok = UI_process(ui);
+ }
+ while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
+
+ if (ok >= 0)
+ *len_io = strlen(buf);
+
+ UI_free(ui);
+ OPENSSL_free(prompt);
+ }
+ } else {
+ *len_io = callback(buf, *len_io, 0, callback_data);
+ }
+ if (!*len_io)
+ return -1;
+ return 0;
+}
+
+static int hwcrhk_insert_card(const char *prompt_info,
+ const char *wrong_info,
+ HWCryptoHook_PassphraseContext * ppctx,
+ HWCryptoHook_CallerContext * cactx)
+{
+ int ok = -1;
+ UI *ui;
+ void *callback_data = NULL;
+ UI_METHOD *ui_method = NULL;
+
+ if (cactx) {
+ if (cactx->ui_method)
+ ui_method = cactx->ui_method;
+ if (cactx->callback_data)
+ callback_data = cactx->callback_data;
+ }
+ if (ppctx) {
+ if (ppctx->ui_method)
+ ui_method = ppctx->ui_method;
+ if (ppctx->callback_data)
+ callback_data = ppctx->callback_data;
+ }
+ if (ui_method == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, HWCRHK_R_NO_CALLBACK);
+ return -1;
+ }
+
+ ui = UI_new_method(ui_method);
+
+ if (ui) {
+ char answer;
+ char buf[BUFSIZ];
+ /*
+ * Despite what the documentation says wrong_info can be an empty
+ * string.
+ */
+ if (wrong_info && *wrong_info)
+ BIO_snprintf(buf, sizeof(buf) - 1,
+ "Current card: \"%s\"\n", wrong_info);
+ else
+ buf[0] = 0;
+ ok = UI_dup_info_string(ui, buf);
+ if (ok >= 0 && prompt_info) {
+ BIO_snprintf(buf, sizeof(buf) - 1,
+ "Insert card \"%s\"", prompt_info);
+ ok = UI_dup_input_boolean(ui, buf,
+ "\n then hit <enter> or C<enter> to cancel\n",
+ "\r\n", "Cc", UI_INPUT_FLAG_ECHO,
+ &answer);
+ }
+ UI_add_user_data(ui, callback_data);
+
+ if (ok >= 0)
+ ok = UI_process(ui);
+ UI_free(ui);
+
+ if (ok == -2 || (ok >= 0 && answer == 'C'))
+ ok = 1;
+ else if (ok < 0)
+ ok = -1;
+ else
+ ok = 0;
+ }
+ return ok;
+}
+
+static void hwcrhk_log_message(void *logstr, const char *message)
+{
+ BIO *lstream = NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_BIO);
+ if (logstr)
+ lstream = *(BIO **)logstr;
+ if (lstream) {
+ BIO_printf(lstream, "%s\n", message);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+ if (id && (strcmp(id, engine_hwcrhk_id) != 0) &&
+ (strcmp(id, engine_hwcrhk_id_alt) != 0))
+ return 0;
+ if (!bind_helper(e))
+ return 0;
+ return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif /* !OPENSSL_NO_HW_CHIL */
+#endif /* !OPENSSL_NO_HW */
Deleted: vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl
===================================================================
--- vendor-crypto/openssl/dist/ms/uplink-x86.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,33 +0,0 @@
-#!/usr/bin/env perl
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC, "${dir}.", "${dir}../crypto/perlasm");
-require "x86asm.pl";
-
-require "uplink-common.pl";
-
-&asm_init($ARGV[0],"uplink-x86");
-
-&external_label("OPENSSL_Uplink");
-&public_label("OPENSSL_UplinkTable");
-
-for ($i=1;$i<=$N;$i++) {
-&function_begin_B("_\$lazy${i}");
- &lea ("eax",&DWP(&label("OPENSSL_UplinkTable")));
- &push ("eax");
- &push ($i);
- &call (&label("OPENSSL_Uplink"));
- &add ("esp",8);
- &pop ("eax");
- &jmp_ptr(&DWP(4*$i,"eax"));
-&function_end_B("_\$lazy${i}");
-}
-
-&dataseg();
-&align(4);
-&set_label("OPENSSL_UplinkTable");
-&data_word($N);
-for ($i=1;$i<=$N;$i++) {
-&data_word(&label("_\$lazy${i}"));
-}
-&asm_finish();
Copied: vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl (from rev 11605, vendor-crypto/openssl/dist/ms/uplink-x86.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ms/uplink-x86.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,33 @@
+#!/usr/bin/env perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC, "${dir}.", "${dir}../crypto/perlasm");
+require "x86asm.pl";
+
+require "uplink-common.pl";
+
+&asm_init($ARGV[0],"uplink-x86");
+
+&external_label("OPENSSL_Uplink");
+&public_label("OPENSSL_UplinkTable");
+
+for ($i=1;$i<=$N;$i++) {
+&function_begin_B("_\$lazy${i}");
+ &lea ("eax",&DWP(&label("OPENSSL_UplinkTable")));
+ &push ($i);
+ &push ("eax");
+ &call (&label("OPENSSL_Uplink"));
+ &pop ("eax");
+ &add ("esp",4);
+ &jmp_ptr(&DWP(4*$i,"eax"));
+&function_end_B("_\$lazy${i}");
+}
+
+&dataseg();
+&align(4);
+&set_label("OPENSSL_UplinkTable");
+&data_word($N);
+for ($i=1;$i<=$N;$i++) {
+&data_word(&label("_\$lazy${i}"));
+}
+&asm_finish();
Deleted: vendor-crypto/openssl/1.0.1u/openssl.spec
===================================================================
--- vendor-crypto/openssl/dist/openssl.spec 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/openssl.spec 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,210 +0,0 @@
-%define _unpackaged_files_terminate_build 0
-
-Release: 1
-
-%define openssldir /var/ssl
-
-Summary: Secure Sockets Layer and cryptography libraries and tools
-Name: openssl
-#Version: %{libmaj}.%{libmin}.%{librel}
-Version: 1.0.1q
-Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
-License: OpenSSL
-Group: System Environment/Libraries
-Provides: SSL
-URL: http://www.openssl.org/
-Packager: Damien Miller <djm at mindrot.org>
-BuildRoot: /var/tmp/%{name}-%{version}-root
-
-%description
-The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, fully featured, and Open Source toolkit implementing the
-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
-protocols as well as a full-strength general purpose cryptography library.
-The project is managed by a worldwide community of volunteers that use the
-Internet to communicate, plan, and develop the OpenSSL tookit and its related
-documentation.
-
-OpenSSL is based on the excellent SSLeay library developed from Eric A.
-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
-Apache-style licence, which basically means that you are free to get and
-use it for commercial and non-commercial purposes.
-
-This package contains the base OpenSSL cryptography and SSL/TLS
-libraries and tools.
-
-%package devel
-Summary: Secure Sockets Layer and cryptography static libraries and headers
-Group: Development/Libraries
-Requires: openssl
-%description devel
-The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, fully featured, and Open Source toolkit implementing the
-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
-protocols as well as a full-strength general purpose cryptography library.
-The project is managed by a worldwide community of volunteers that use the
-Internet to communicate, plan, and develop the OpenSSL tookit and its related
-documentation.
-
-OpenSSL is based on the excellent SSLeay library developed from Eric A.
-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
-Apache-style licence, which basically means that you are free to get and
-use it for commercial and non-commercial purposes.
-
-This package contains the the OpenSSL cryptography and SSL/TLS
-static libraries and header files required when developing applications.
-
-%package doc
-Summary: OpenSSL miscellaneous files
-Group: Documentation
-Requires: openssl
-%description doc
-The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, fully featured, and Open Source toolkit implementing the
-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
-protocols as well as a full-strength general purpose cryptography library.
-The project is managed by a worldwide community of volunteers that use the
-Internet to communicate, plan, and develop the OpenSSL tookit and its related
-documentation.
-
-OpenSSL is based on the excellent SSLeay library developed from Eric A.
-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
-Apache-style licence, which basically means that you are free to get and
-use it for commercial and non-commercial purposes.
-
-This package contains the the OpenSSL cryptography and SSL/TLS extra
-documentation and POD files from which the man pages were produced.
-
-%prep
-
-%setup -q
-
-%build
-
-%define CONFIG_FLAGS -DSSL_ALLOW_ADH --prefix=/usr --openssldir=%{openssldir}
-
-perl util/perlpath.pl /usr/bin/perl
-
-%ifarch i386 i486 i586 i686
-./Configure %{CONFIG_FLAGS} linux-elf shared
-%endif
-%ifarch ppc
-./Configure %{CONFIG_FLAGS} linux-ppc shared
-%endif
-%ifarch alpha
-./Configure %{CONFIG_FLAGS} linux-alpha shared
-%endif
-%ifarch x86_64
-./Configure %{CONFIG_FLAGS} linux-x86_64 shared
-%endif
-LD_LIBRARY_PATH=`pwd` make
-LD_LIBRARY_PATH=`pwd` make rehash
-LD_LIBRARY_PATH=`pwd` make test
-
-%install
-rm -rf $RPM_BUILD_ROOT
-make MANDIR=/usr/man MANSUFFIX=ssl INSTALL_PREFIX="$RPM_BUILD_ROOT" install
-
-# Make backwards-compatibility symlink to ssleay
-ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%files
-%defattr(0644,root,root,0755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
-
-%attr(0755,root,root) /usr/bin/*
-%attr(0755,root,root) /usr/lib/*.so*
-%attr(0755,root,root) %{openssldir}/misc/*
-%attr(0644,root,root) /usr/man/man[157]/*
-
-%config %attr(0644,root,root) %{openssldir}/openssl.cnf
-%dir %attr(0755,root,root) %{openssldir}/certs
-%dir %attr(0755,root,root) %{openssldir}/misc
-%dir %attr(0750,root,root) %{openssldir}/private
-
-%files devel
-%defattr(0644,root,root,0755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
-
-%attr(0644,root,root) /usr/lib/*.a
-%attr(0644,root,root) /usr/lib/pkgconfig/openssl.pc
-%attr(0644,root,root) /usr/include/openssl/*
-%attr(0644,root,root) /usr/man/man[3]/*
-
-%files doc
-%defattr(0644,root,root,0755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
-%doc doc
-
-%post
-ldconfig
-
-%postun
-ldconfig
-
-%changelog
-* Sun Jun 6 2005 Richard Levitte <richard at levitte.org>
-- Remove the incorrect installation of '%{openssldir}/lib'.
-* Wed May 7 2003 Richard Levitte <richard at levitte.org>
-- Add /usr/lib/pkgconfig/openssl.pc to the development section.
-* Thu Mar 22 2001 Richard Levitte <richard at levitte.org>
-- Removed redundant subsection that re-installed libcrypto.a and libssl.a
- as well. Also remove RSAref stuff completely, since it's not needed
- any more.
-* Thu Mar 15 2001 Jeremiah Johnson <jjohnson at penguincomputing.com>
-- Removed redundant subsection that re-installed libcrypto.so.0.9.6 and
- libssl.so.0.9.6. As well as the subsection that created symlinks for
- these. make install handles all this.
-* Sat Oct 21 2000 Horms <horms at vergenet.net>
-- Make sure symlinks are created by using -f flag to ln.
- Otherwise some .so libraries are copied rather than
- linked in the resulting binary RPM. This causes the package
- to be larger than neccessary and makes ldconfig complain.
-* Fri Oct 13 2000 Horms <horms at vergenet.net>
-- Make defattr is set for files in all packages so packages built as
- non-root will still be installed with files owned by root.
-* Thu Sep 14 2000 Richard Levitte <richard at levitte.org>
-- Changed to adapt to the new (supported) way of making shared libraries
-- Installs all static libraries, not just libRSAglue.a
-- Extra documents now end up in a separate document package
-* Sun Feb 27 2000 Damien Miller <djm at mindrot.org>
-- Merged patches to spec
-- Updated to 0.9.5beta2 (now with manpages)
-* Sat Feb 5 2000 Michal Jaegermann <michal at harddata.com>
-- added 'linux-alpha' to configuration
-- fixed nasty absolute links
-* Tue Jan 25 2000 Bennett Todd <bet at rahul.net>
-- Added -DSSL_ALLOW_ADH, bumped Release to 4
-* Thu Oct 14 1999 Damien Miller <djm at mindrot.org>
-- Set default permissions
-- Removed documentation from devel sub-package
-* Thu Sep 30 1999 Damien Miller <djm at mindrot.org>
-- Added "make test" stage
-- GPG signed
-* Tue Sep 10 1999 Damien Miller <damien at ibs.com.au>
-- Updated to version 0.9.4
-* Tue May 25 1999 Damien Miller <damien at ibs.com.au>
-- Updated to version 0.9.3
-- Added attributes for all files
-- Paramatised openssl directory
-* Sat Mar 20 1999 Carlo M. Arenas Belon <carenas at jmconsultores.com.pe>
-- Added "official" bnrec patch and taking other out
-- making a link from ssleay to openssl binary
-- putting all changelog together on SPEC file
-* Fri Mar 5 1999 Henri Gomez <gomez at slib.fr>
-- Added bnrec patch
-* Tue Dec 29 1998 Jonathan Ruano <kobalt at james.encomix.es>
-- minimum spec and patches changes for openssl
-- modified for openssl sources
-* Sat Aug 8 1998 Khimenko Victor <khim at sch57.msk.ru>
-- shared library creating process honours $RPM_OPT_FLAGS
-- shared libarry supports threads (as well as static library)
-* Wed Jul 22 1998 Khimenko Victor <khim at sch57.msk.ru>
-- building of shared library completely reworked
-* Tue Jul 21 1998 Khimenko Victor <khim at sch57.msk.ru>
-- RPM is BuildRoot'ed
-* Tue Feb 10 1998 Khimenko Victor <khim at sch57.msk.ru>
-- all stuff is moved out of /usr/local
Copied: vendor-crypto/openssl/1.0.1u/openssl.spec (from rev 11605, vendor-crypto/openssl/dist/openssl.spec)
===================================================================
--- vendor-crypto/openssl/1.0.1u/openssl.spec (rev 0)
+++ vendor-crypto/openssl/1.0.1u/openssl.spec 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,210 @@
+%define _unpackaged_files_terminate_build 0
+
+Release: 1
+
+%define openssldir /var/ssl
+
+Summary: Secure Sockets Layer and cryptography libraries and tools
+Name: openssl
+#Version: %{libmaj}.%{libmin}.%{librel}
+Version: 1.0.1u
+Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
+License: OpenSSL
+Group: System Environment/Libraries
+Provides: SSL
+URL: http://www.openssl.org/
+Packager: Damien Miller <djm at mindrot.org>
+BuildRoot: /var/tmp/%{name}-%{version}-root
+
+%description
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation.
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes.
+
+This package contains the base OpenSSL cryptography and SSL/TLS
+libraries and tools.
+
+%package devel
+Summary: Secure Sockets Layer and cryptography static libraries and headers
+Group: Development/Libraries
+Requires: openssl
+%description devel
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation.
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes.
+
+This package contains the the OpenSSL cryptography and SSL/TLS
+static libraries and header files required when developing applications.
+
+%package doc
+Summary: OpenSSL miscellaneous files
+Group: Documentation
+Requires: openssl
+%description doc
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation.
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes.
+
+This package contains the the OpenSSL cryptography and SSL/TLS extra
+documentation and POD files from which the man pages were produced.
+
+%prep
+
+%setup -q
+
+%build
+
+%define CONFIG_FLAGS -DSSL_ALLOW_ADH --prefix=/usr --openssldir=%{openssldir}
+
+perl util/perlpath.pl /usr/bin/perl
+
+%ifarch i386 i486 i586 i686
+./Configure %{CONFIG_FLAGS} linux-elf shared
+%endif
+%ifarch ppc
+./Configure %{CONFIG_FLAGS} linux-ppc shared
+%endif
+%ifarch alpha
+./Configure %{CONFIG_FLAGS} linux-alpha shared
+%endif
+%ifarch x86_64
+./Configure %{CONFIG_FLAGS} linux-x86_64 shared
+%endif
+LD_LIBRARY_PATH=`pwd` make
+LD_LIBRARY_PATH=`pwd` make rehash
+LD_LIBRARY_PATH=`pwd` make test
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make MANDIR=/usr/man MANSUFFIX=ssl INSTALL_PREFIX="$RPM_BUILD_ROOT" install
+
+# Make backwards-compatibility symlink to ssleay
+ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(0644,root,root,0755)
+%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+
+%attr(0755,root,root) /usr/bin/*
+%attr(0755,root,root) /usr/lib/*.so*
+%attr(0755,root,root) %{openssldir}/misc/*
+%attr(0644,root,root) /usr/man/man[157]/*
+
+%config %attr(0644,root,root) %{openssldir}/openssl.cnf
+%dir %attr(0755,root,root) %{openssldir}/certs
+%dir %attr(0755,root,root) %{openssldir}/misc
+%dir %attr(0750,root,root) %{openssldir}/private
+
+%files devel
+%defattr(0644,root,root,0755)
+%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+
+%attr(0644,root,root) /usr/lib/*.a
+%attr(0644,root,root) /usr/lib/pkgconfig/openssl.pc
+%attr(0644,root,root) /usr/include/openssl/*
+%attr(0644,root,root) /usr/man/man[3]/*
+
+%files doc
+%defattr(0644,root,root,0755)
+%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+%doc doc
+
+%post
+ldconfig
+
+%postun
+ldconfig
+
+%changelog
+* Sun Jun 6 2005 Richard Levitte <richard at levitte.org>
+- Remove the incorrect installation of '%{openssldir}/lib'.
+* Wed May 7 2003 Richard Levitte <richard at levitte.org>
+- Add /usr/lib/pkgconfig/openssl.pc to the development section.
+* Thu Mar 22 2001 Richard Levitte <richard at levitte.org>
+- Removed redundant subsection that re-installed libcrypto.a and libssl.a
+ as well. Also remove RSAref stuff completely, since it's not needed
+ any more.
+* Thu Mar 15 2001 Jeremiah Johnson <jjohnson at penguincomputing.com>
+- Removed redundant subsection that re-installed libcrypto.so.0.9.6 and
+ libssl.so.0.9.6. As well as the subsection that created symlinks for
+ these. make install handles all this.
+* Sat Oct 21 2000 Horms <horms at vergenet.net>
+- Make sure symlinks are created by using -f flag to ln.
+ Otherwise some .so libraries are copied rather than
+ linked in the resulting binary RPM. This causes the package
+ to be larger than neccessary and makes ldconfig complain.
+* Fri Oct 13 2000 Horms <horms at vergenet.net>
+- Make defattr is set for files in all packages so packages built as
+ non-root will still be installed with files owned by root.
+* Thu Sep 14 2000 Richard Levitte <richard at levitte.org>
+- Changed to adapt to the new (supported) way of making shared libraries
+- Installs all static libraries, not just libRSAglue.a
+- Extra documents now end up in a separate document package
+* Sun Feb 27 2000 Damien Miller <djm at mindrot.org>
+- Merged patches to spec
+- Updated to 0.9.5beta2 (now with manpages)
+* Sat Feb 5 2000 Michal Jaegermann <michal at harddata.com>
+- added 'linux-alpha' to configuration
+- fixed nasty absolute links
+* Tue Jan 25 2000 Bennett Todd <bet at rahul.net>
+- Added -DSSL_ALLOW_ADH, bumped Release to 4
+* Thu Oct 14 1999 Damien Miller <djm at mindrot.org>
+- Set default permissions
+- Removed documentation from devel sub-package
+* Thu Sep 30 1999 Damien Miller <djm at mindrot.org>
+- Added "make test" stage
+- GPG signed
+* Tue Sep 10 1999 Damien Miller <damien at ibs.com.au>
+- Updated to version 0.9.4
+* Tue May 25 1999 Damien Miller <damien at ibs.com.au>
+- Updated to version 0.9.3
+- Added attributes for all files
+- Paramatised openssl directory
+* Sat Mar 20 1999 Carlo M. Arenas Belon <carenas at jmconsultores.com.pe>
+- Added "official" bnrec patch and taking other out
+- making a link from ssleay to openssl binary
+- putting all changelog together on SPEC file
+* Fri Mar 5 1999 Henri Gomez <gomez at slib.fr>
+- Added bnrec patch
+* Tue Dec 29 1998 Jonathan Ruano <kobalt at james.encomix.es>
+- minimum spec and patches changes for openssl
+- modified for openssl sources
+* Sat Aug 8 1998 Khimenko Victor <khim at sch57.msk.ru>
+- shared library creating process honours $RPM_OPT_FLAGS
+- shared libarry supports threads (as well as static library)
+* Wed Jul 22 1998 Khimenko Victor <khim at sch57.msk.ru>
+- building of shared library completely reworked
+* Tue Jul 21 1998 Khimenko Victor <khim at sch57.msk.ru>
+- RPM is BuildRoot'ed
+* Tue Feb 10 1998 Khimenko Victor <khim at sch57.msk.ru>
+- all stuff is moved out of /usr/local
Deleted: vendor-crypto/openssl/1.0.1u/ssl/Makefile
===================================================================
--- vendor-crypto/openssl/dist/ssl/Makefile 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1085 +0,0 @@
-#
-# OpenSSL/ssl/Makefile
-#
-
-DIR= ssl
-TOP= ..
-CC= cc
-INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-# KRB5 stuff
-KRB5_INCLUDES=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README ssl-lib.com install.com
-TEST=ssltest.c heartbeat_test.c clienthellotest.c
-APPS=
-
-LIB=$(TOP)/libssl.a
-SHARED_LIB= libssl$(SHLIB_EXT)
-LIBSRC= \
- s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \
- s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
- s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
- d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \
- d1_both.c d1_enc.c d1_srtp.c \
- ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
- ssl_ciph.c ssl_stat.c ssl_rsa.c \
- ssl_asn1.c ssl_txt.c ssl_algs.c \
- bio_ssl.c ssl_err.c kssl.c tls_srp.c t1_reneg.c ssl_utst.c
-LIBOBJ= \
- s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
- s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
- s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \
- d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \
- d1_both.o d1_enc.o d1_srtp.o\
- ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
- ssl_ciph.o ssl_stat.o ssl_rsa.o \
- ssl_asn1.o ssl_txt.o ssl_algs.o \
- bio_ssl.o ssl_err.o kssl.o tls_srp.o t1_reneg.o ssl_utst.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
-HEADER= $(EXHEADER) ssl_locl.h kssl_lcl.h
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all: shared
-
-lib: $(LIBOBJ)
- $(AR) $(LIB) $(LIBOBJ)
- $(RANLIB) $(LIB) || echo Never mind.
- @touch lib
-
-shared: lib
- if [ -n "$(SHARED_LIBS)" ]; then \
- (cd ..; $(MAKE) $(SHARED_LIB)); \
- fi
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
- @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
- @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-update: local_depend
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
-
-depend: local_depend
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
-local_depend:
- @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-bio_ssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-bio_ssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
-bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
-d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-d1_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-d1_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h
-d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
-d1_clnt.o: kssl_lcl.h ssl_locl.h
-d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-d1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-d1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-d1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-d1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-d1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-d1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-d1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_enc.c
-d1_enc.o: ssl_locl.h
-d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-d1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-d1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
-d1_lib.o: ssl_locl.h
-d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-d1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-d1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
-d1_meth.o: ssl_locl.h
-d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-d1_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-d1_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
-d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-d1_srtp.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-d1_srtp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_srtp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_srtp.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
-d1_srtp.o: srtp.h ssl_locl.h
-d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
-d1_srvr.o: ssl_locl.h
-kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-kssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-kssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-kssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-kssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
-kssl.o: kssl_lcl.h
-s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s23_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s23_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
-s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s23_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s23_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
-s23_lib.o: ssl_locl.h
-s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s23_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s23_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
-s23_meth.o: ssl_locl.h
-s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s23_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s23_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s23_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
-s23_pkt.o: ssl_locl.h
-s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s23_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s23_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
-s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
-s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
-s2_enc.o: ssl_locl.h
-s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
-s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
-s2_meth.o: ssl_locl.h
-s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
-s2_pkt.o: ssl_locl.h
-s2_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
-s2_srvr.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
-s2_srvr.o: ssl_locl.h
-s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
-s3_cbc.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
-s3_cbc.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-s3_cbc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_cbc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_cbc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_cbc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_cbc.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_cbc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s3_cbc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_cbc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_cbc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_cbc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_cbc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_cbc.c
-s3_cbc.o: ssl_locl.h
-s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s3_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-s3_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_clnt.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h
-s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
-s3_lib.o: ../crypto/ec/ec_lcl.h ../e_os.h ../include/openssl/asn1.h
-s3_lib.o: ../include/openssl/bio.h ../include/openssl/bn.h
-s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-s3_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_lib.o: s3_lib.c ssl_locl.h
-s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
-s3_meth.o: ssl_locl.h
-s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
-s3_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
-s3_srvr.o: ../include/openssl/bio.h ../include/openssl/bn.h
-s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_srvr.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-s3_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/krb5_asn.h
-s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_srvr.o: s3_srvr.c ssl_locl.h
-ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_algs.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_algs.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_algs.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_algs.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
-ssl_algs.o: ssl_locl.h
-ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
-ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_asn1.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_asn1.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
-ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
-ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
-ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_cert.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_cert.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_cert.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_cert.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_cert.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
-ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_ciph.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_ciph.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_ciph.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_ciph.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
-ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_err.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-ssl_err.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_err.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
-ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-ssl_err2.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_err2.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
-ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_lib.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h
-ssl_lib.o: ssl_lib.c ssl_locl.h
-ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_rsa.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_rsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_rsa.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_rsa.o: ssl_rsa.c
-ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_sess.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_sess.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_sess.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_sess.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_sess.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_sess.o: ssl_sess.c
-ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_stat.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_stat.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_stat.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_stat.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_stat.o: ssl_stat.c
-ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_txt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_txt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_txt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_txt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_txt.o: ssl_txt.c
-ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_utst.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_utst.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_utst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_utst.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_utst.o: ssl_utst.c
-t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-t1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-t1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-t1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
-t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-t1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-t1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_enc.o: t1_enc.c
-t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-t1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
-t1_lib.o: t1_lib.c
-t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-t1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-t1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-t1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_meth.o: t1_meth.c
-t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_reneg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_reneg.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-t1_reneg.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-t1_reneg.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-t1_reneg.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-t1_reneg.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_reneg.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_reneg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_reneg.o: t1_reneg.c
-t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-t1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-t1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-t1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
-tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-tls_srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-tls_srp.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-tls_srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-tls_srp.o: ../include/openssl/err.h ../include/openssl/evp.h
-tls_srp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-tls_srp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-tls_srp.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-tls_srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-tls_srp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-tls_srp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-tls_srp.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-tls_srp.o: ../include/openssl/srp.h ../include/openssl/srtp.h
-tls_srp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-tls_srp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-tls_srp.o: ../include/openssl/x509_vfy.h ssl_locl.h tls_srp.c
Copied: vendor-crypto/openssl/1.0.1u/ssl/Makefile (from rev 11605, vendor-crypto/openssl/dist/ssl/Makefile)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/Makefile (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/Makefile 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1084 @@
+#
+# OpenSSL/ssl/Makefile
+#
+
+DIR= ssl
+TOP= ..
+CC= cc
+INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+# KRB5 stuff
+KRB5_INCLUDES=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README ssl-lib.com install.com
+TEST=ssltest.c heartbeat_test.c clienthellotest.c
+APPS=
+
+LIB=$(TOP)/libssl.a
+SHARED_LIB= libssl$(SHLIB_EXT)
+LIBSRC= \
+ s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \
+ s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
+ s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
+ d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \
+ d1_both.c d1_enc.c d1_srtp.c \
+ ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+ ssl_ciph.c ssl_stat.c ssl_rsa.c \
+ ssl_asn1.c ssl_txt.c ssl_algs.c \
+ bio_ssl.c ssl_err.c kssl.c tls_srp.c t1_reneg.c ssl_utst.c
+LIBOBJ= \
+ s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
+ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
+ s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \
+ d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \
+ d1_both.o d1_enc.o d1_srtp.o\
+ ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+ ssl_ciph.o ssl_stat.o ssl_rsa.o \
+ ssl_asn1.o ssl_txt.o ssl_algs.o \
+ bio_ssl.o ssl_err.o kssl.o tls_srp.o t1_reneg.o ssl_utst.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
+HEADER= $(EXHEADER) ssl_locl.h kssl_lcl.h
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: shared
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+ @touch lib
+
+shared: lib
+ if [ -n "$(SHARED_LIBS)" ]; then \
+ (cd ..; $(MAKE) $(SHARED_LIB)); \
+ fi
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+ @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+
+install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+ @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+update: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+depend: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+ @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+bio_ssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+bio_ssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
+bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
+d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h
+d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+d1_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
+d1_clnt.o: kssl_lcl.h ssl_locl.h
+d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_enc.c
+d1_enc.o: ssl_locl.h
+d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
+d1_lib.o: ssl_locl.h
+d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
+d1_meth.o: ssl_locl.h
+d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
+d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_srtp.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_srtp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_srtp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_srtp.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
+d1_srtp.o: srtp.h ssl_locl.h
+d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+d1_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
+d1_srvr.o: ssl_locl.h
+kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+kssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+kssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+kssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+kssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
+kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
+kssl.o: kssl_lcl.h
+s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
+s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
+s23_lib.o: ssl_locl.h
+s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
+s23_meth.o: ssl_locl.h
+s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
+s23_pkt.o: ssl_locl.h
+s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
+s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
+s2_clnt.o: ssl_locl.h
+s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
+s2_enc.o: ssl_locl.h
+s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
+s2_lib.o: ssl_locl.h
+s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
+s2_meth.o: ssl_locl.h
+s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
+s2_pkt.o: ssl_locl.h
+s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
+s2_srvr.o: ssl_locl.h
+s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
+s3_cbc.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_cbc.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s3_cbc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+s3_cbc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_cbc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+s3_cbc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+s3_cbc.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_cbc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_cbc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_cbc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_cbc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_cbc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_cbc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_cbc.c
+s3_cbc.o: ssl_locl.h
+s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+s3_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_clnt.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h
+s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
+s3_lib.o: ../crypto/ec/ec_lcl.h ../e_os.h ../include/openssl/asn1.h
+s3_lib.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+s3_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+s3_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_lib.o: s3_lib.c ssl_locl.h
+s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
+s3_meth.o: ssl_locl.h
+s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
+s3_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_srvr.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_srvr.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+s3_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+s3_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/krb5_asn.h
+s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_srvr.o: s3_srvr.c ssl_locl.h
+ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_algs.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_algs.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_algs.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_algs.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
+ssl_algs.o: ssl_locl.h
+ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_asn1.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssl_asn1.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
+ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
+ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
+ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_cert.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssl_cert.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_cert.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_cert.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_cert.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
+ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_ciph.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_ciph.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_ciph.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_ciph.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
+ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_err.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ssl_err.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssl_err.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
+ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ssl_err2.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssl_err2.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
+ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssl_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_lib.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h
+ssl_lib.o: ssl_lib.c ssl_locl.h
+ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_rsa.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_rsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_rsa.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_rsa.o: ssl_rsa.c
+ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_sess.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_sess.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_sess.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_sess.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_sess.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_sess.o: ssl_sess.c
+ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_stat.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_stat.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_stat.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_stat.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_stat.o: ssl_stat.c
+ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_txt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_txt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_txt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_txt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_txt.o: ssl_txt.c
+ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_utst.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_utst.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_utst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_utst.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_utst.o: ssl_utst.c
+t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
+t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_enc.o: t1_enc.c
+t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+t1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+t1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
+t1_lib.o: t1_lib.c
+t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_meth.o: t1_meth.c
+t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_reneg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_reneg.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_reneg.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_reneg.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_reneg.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_reneg.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_reneg.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_reneg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_reneg.o: t1_reneg.c
+t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
+tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+tls_srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+tls_srp.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+tls_srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+tls_srp.o: ../include/openssl/err.h ../include/openssl/evp.h
+tls_srp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+tls_srp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+tls_srp.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+tls_srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+tls_srp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+tls_srp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+tls_srp.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+tls_srp.o: ../include/openssl/srp.h ../include/openssl/srtp.h
+tls_srp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+tls_srp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+tls_srp.o: ../include/openssl/x509_vfy.h ssl_locl.h tls_srp.c
Deleted: vendor-crypto/openssl/1.0.1u/ssl/d1_both.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/d1_both.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_both.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1670 +0,0 @@
-/* ssl/d1_both.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <string.h>
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
-
-#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \
- if ((end) - (start) <= 8) { \
- long ii; \
- for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] |= (1 << ((ii) & 7)); \
- } else { \
- long ii; \
- bitmask[((start) >> 3)] |= bitmask_start_values[((start) & 7)]; \
- for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \
- bitmask[(((end) - 1) >> 3)] |= bitmask_end_values[((end) & 7)]; \
- } }
-
-#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \
- long ii; \
- OPENSSL_assert((msg_len) > 0); \
- is_complete = 1; \
- if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \
- if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \
- if (bitmask[ii] != 0xff) { is_complete = 0; break; } }
-
-#if 0
-# define RSMBLY_BITMASK_PRINT(bitmask, msg_len) { \
- long ii; \
- printf("bitmask: "); for (ii = 0; ii < (msg_len); ii++) \
- printf("%d ", (bitmask[ii >> 3] & (1 << (ii & 7))) >> (ii & 7)); \
- printf("\n"); }
-#endif
-
-static unsigned char bitmask_start_values[] =
- { 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 };
-static unsigned char bitmask_end_values[] =
- { 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f };
-
-/* XDTLS: figure out the right values */
-static const unsigned int g_probable_mtu[] = { 1500, 512, 256 };
-
-static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
- unsigned long frag_len);
-static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
-static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
- unsigned long len,
- unsigned short seq_num,
- unsigned long frag_off,
- unsigned long frag_len);
-static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
- int *ok);
-
-static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
- int reassembly)
-{
- hm_fragment *frag = NULL;
- unsigned char *buf = NULL;
- unsigned char *bitmask = NULL;
-
- frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
- if (frag == NULL)
- return NULL;
-
- if (frag_len) {
- buf = (unsigned char *)OPENSSL_malloc(frag_len);
- if (buf == NULL) {
- OPENSSL_free(frag);
- return NULL;
- }
- }
-
- /* zero length fragment gets zero frag->fragment */
- frag->fragment = buf;
-
- /* Initialize reassembly bitmask if necessary */
- if (reassembly) {
- bitmask =
- (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
- if (bitmask == NULL) {
- if (buf != NULL)
- OPENSSL_free(buf);
- OPENSSL_free(frag);
- return NULL;
- }
- memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
- }
-
- frag->reassembly = bitmask;
-
- return frag;
-}
-
-void dtls1_hm_fragment_free(hm_fragment *frag)
-{
-
- if (frag->msg_header.is_ccs) {
- EVP_CIPHER_CTX_free(frag->msg_header.
- saved_retransmit_state.enc_write_ctx);
- EVP_MD_CTX_destroy(frag->msg_header.
- saved_retransmit_state.write_hash);
- }
- if (frag->fragment)
- OPENSSL_free(frag->fragment);
- if (frag->reassembly)
- OPENSSL_free(frag->reassembly);
- OPENSSL_free(frag);
-}
-
-static int dtls1_query_mtu(SSL *s)
-{
- if (s->d1->link_mtu) {
- s->d1->mtu =
- s->d1->link_mtu - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
- s->d1->link_mtu = 0;
- }
-
- /* AHA! Figure out the MTU, and stick to the right size */
- if (s->d1->mtu < dtls1_min_mtu(s)) {
- if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
- s->d1->mtu =
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
-
- /*
- * I've seen the kernel return bogus numbers when it doesn't know
- * (initial write), so just make sure we have a reasonable number
- */
- if (s->d1->mtu < dtls1_min_mtu(s)) {
- /* Set to min mtu */
- s->d1->mtu = dtls1_min_mtu(s);
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
- s->d1->mtu, NULL);
- }
- } else
- return 0;
- }
- return 1;
-}
-
-/*
- * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
- * SSL3_RT_CHANGE_CIPHER_SPEC)
- */
-int dtls1_do_write(SSL *s, int type)
-{
- int ret;
- unsigned int curr_mtu;
- int retry = 1;
- unsigned int len, frag_off, mac_size, blocksize, used_len;
-
- if (!dtls1_query_mtu(s))
- return -1;
-
- OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu(s)); /* should have something
- * reasonable now */
-
- if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
- OPENSSL_assert(s->init_num ==
- (int)s->d1->w_msg_hdr.msg_len +
- DTLS1_HM_HEADER_LENGTH);
-
- if (s->write_hash)
- mac_size = EVP_MD_CTX_size(s->write_hash);
- else
- mac_size = 0;
-
- if (s->enc_write_ctx &&
- (EVP_CIPHER_mode(s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
- blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
- else
- blocksize = 0;
-
- frag_off = 0;
- /* s->init_num shouldn't ever be < 0...but just in case */
- while (s->init_num > 0) {
- used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
- + mac_size + blocksize;
- if (s->d1->mtu > used_len)
- curr_mtu = s->d1->mtu - used_len;
- else
- curr_mtu = 0;
-
- if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
- /*
- * grr.. we could get an error if MTU picked was wrong
- */
- ret = BIO_flush(SSL_get_wbio(s));
- if (ret <= 0)
- return ret;
- used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
- if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
- curr_mtu = s->d1->mtu - used_len;
- } else {
- /* Shouldn't happen */
- return -1;
- }
- }
-
- /*
- * We just checked that s->init_num > 0 so this cast should be safe
- */
- if (((unsigned int)s->init_num) > curr_mtu)
- len = curr_mtu;
- else
- len = s->init_num;
-
- /* Shouldn't ever happen */
- if (len > INT_MAX)
- len = INT_MAX;
-
- /*
- * XDTLS: this function is too long. split out the CCS part
- */
- if (type == SSL3_RT_HANDSHAKE) {
- if (s->init_off != 0) {
- OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
- s->init_off -= DTLS1_HM_HEADER_LENGTH;
- s->init_num += DTLS1_HM_HEADER_LENGTH;
-
- /*
- * We just checked that s->init_num > 0 so this cast should
- * be safe
- */
- if (((unsigned int)s->init_num) > curr_mtu)
- len = curr_mtu;
- else
- len = s->init_num;
- }
-
- /* Shouldn't ever happen */
- if (len > INT_MAX)
- len = INT_MAX;
-
- if (len < DTLS1_HM_HEADER_LENGTH) {
- /*
- * len is so small that we really can't do anything sensible
- * so fail
- */
- return -1;
- }
- dtls1_fix_message_header(s, frag_off,
- len - DTLS1_HM_HEADER_LENGTH);
-
- dtls1_write_message_header(s,
- (unsigned char *)&s->init_buf->
- data[s->init_off]);
- }
-
- ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off],
- len);
- if (ret < 0) {
- /*
- * might need to update MTU here, but we don't know which
- * previous packet caused the failure -- so can't really
- * retransmit anything. continue as if everything is fine and
- * wait for an alert to handle the retransmit
- */
- if (retry && BIO_ctrl(SSL_get_wbio(s),
- BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
- if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
- if (!dtls1_query_mtu(s))
- return -1;
- /* Have one more go */
- retry = 0;
- } else
- return -1;
- } else {
- return (-1);
- }
- } else {
-
- /*
- * bad if this assert fails, only part of the handshake message
- * got sent. but why would this happen?
- */
- OPENSSL_assert(len == (unsigned int)ret);
-
- if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) {
- /*
- * should not be done for 'Hello Request's, but in that case
- * we'll ignore the result anyway
- */
- unsigned char *p =
- (unsigned char *)&s->init_buf->data[s->init_off];
- const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
- int xlen;
-
- if (frag_off == 0 && s->version != DTLS1_BAD_VER) {
- /*
- * reconstruct message header is if it is being sent in
- * single fragment
- */
- *p++ = msg_hdr->type;
- l2n3(msg_hdr->msg_len, p);
- s2n(msg_hdr->seq, p);
- l2n3(0, p);
- l2n3(msg_hdr->msg_len, p);
- p -= DTLS1_HM_HEADER_LENGTH;
- xlen = ret;
- } else {
- p += DTLS1_HM_HEADER_LENGTH;
- xlen = ret - DTLS1_HM_HEADER_LENGTH;
- }
-
- ssl3_finish_mac(s, p, xlen);
- }
-
- if (ret == s->init_num) {
- if (s->msg_callback)
- s->msg_callback(1, s->version, type, s->init_buf->data,
- (size_t)(s->init_off + s->init_num), s,
- s->msg_callback_arg);
-
- s->init_off = 0; /* done writing this message */
- s->init_num = 0;
-
- return (1);
- }
- s->init_off += ret;
- s->init_num -= ret;
- frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
- }
- }
- return (0);
-}
-
-/*
- * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
- * acceptable body length 'max'. Read an entire handshake message. Handshake
- * messages arrive in fragments.
- */
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-{
- int i, al;
- struct hm_header_st *msg_hdr;
- unsigned char *p;
- unsigned long msg_len;
-
- /*
- * s3->tmp is used to store messages that are unexpected, caused by the
- * absence of an optional handshake message
- */
- if (s->s3->tmp.reuse_message) {
- s->s3->tmp.reuse_message = 0;
- if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- *ok = 1;
- s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
- s->init_num = (int)s->s3->tmp.message_size;
- return s->init_num;
- }
-
- msg_hdr = &s->d1->r_msg_hdr;
- memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-
- again:
- i = dtls1_get_message_fragment(s, st1, stn, max, ok);
- if (i == DTLS1_HM_BAD_FRAGMENT || i == DTLS1_HM_FRAGMENT_RETRY) {
- /* bad fragment received */
- goto again;
- } else if (i <= 0 && !*ok) {
- return i;
- }
-
- if (mt >= 0 && s->s3->tmp.message_type != mt) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
-
- p = (unsigned char *)s->init_buf->data;
- msg_len = msg_hdr->msg_len;
-
- /* reconstruct message header */
- *(p++) = msg_hdr->type;
- l2n3(msg_len, p);
- s2n(msg_hdr->seq, p);
- l2n3(0, p);
- l2n3(msg_len, p);
- if (s->version != DTLS1_BAD_VER) {
- p -= DTLS1_HM_HEADER_LENGTH;
- msg_len += DTLS1_HM_HEADER_LENGTH;
- }
-
- ssl3_finish_mac(s, p, msg_len);
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- p, msg_len, s, s->msg_callback_arg);
-
- memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-
- /* Don't change sequence numbers while listening */
- if (!s->d1->listen)
- s->d1->handshake_read_seq++;
-
- s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
- return s->init_num;
-
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- *ok = 0;
- return -1;
-}
-
-static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr,
- int max)
-{
- size_t frag_off, frag_len, msg_len;
-
- msg_len = msg_hdr->msg_len;
- frag_off = msg_hdr->frag_off;
- frag_len = msg_hdr->frag_len;
-
- /* sanity checking */
- if ((frag_off + frag_len) > msg_len) {
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
- return SSL_AD_ILLEGAL_PARAMETER;
- }
-
- if ((frag_off + frag_len) > (unsigned long)max) {
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
- return SSL_AD_ILLEGAL_PARAMETER;
- }
-
- if (s->d1->r_msg_hdr.frag_off == 0) { /* first fragment */
- /*
- * msg_len is limited to 2^24, but is effectively checked against max
- * above
- */
- if (!BUF_MEM_grow_clean
- (s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH)) {
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
- return SSL_AD_INTERNAL_ERROR;
- }
-
- s->s3->tmp.message_size = msg_len;
- s->d1->r_msg_hdr.msg_len = msg_len;
- s->s3->tmp.message_type = msg_hdr->type;
- s->d1->r_msg_hdr.type = msg_hdr->type;
- s->d1->r_msg_hdr.seq = msg_hdr->seq;
- } else if (msg_len != s->d1->r_msg_hdr.msg_len) {
- /*
- * They must be playing with us! BTW, failure to enforce upper limit
- * would open possibility for buffer overrun.
- */
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
- return SSL_AD_ILLEGAL_PARAMETER;
- }
-
- return 0; /* no error */
-}
-
-static int dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
-{
- /*-
- * (0) check whether the desired fragment is available
- * if so:
- * (1) copy over the fragment to s->init_buf->data[]
- * (2) update s->init_num
- */
- pitem *item;
- hm_fragment *frag;
- int al;
-
- *ok = 0;
- item = pqueue_peek(s->d1->buffered_messages);
- if (item == NULL)
- return 0;
-
- frag = (hm_fragment *)item->data;
-
- /* Don't return if reassembly still in progress */
- if (frag->reassembly != NULL)
- return 0;
-
- if (s->d1->handshake_read_seq == frag->msg_header.seq) {
- unsigned long frag_len = frag->msg_header.frag_len;
- pqueue_pop(s->d1->buffered_messages);
-
- al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
-
- if (al == 0) { /* no alert */
- unsigned char *p =
- (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
- memcpy(&p[frag->msg_header.frag_off], frag->fragment,
- frag->msg_header.frag_len);
- }
-
- dtls1_hm_fragment_free(frag);
- pitem_free(item);
-
- if (al == 0) {
- *ok = 1;
- return frag_len;
- }
-
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- s->init_num = 0;
- *ok = 0;
- return -1;
- } else
- return 0;
-}
-
-/*
- * dtls1_max_handshake_message_len returns the maximum number of bytes
- * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but
- * may be greater if the maximum certificate list size requires it.
- */
-static unsigned long dtls1_max_handshake_message_len(const SSL *s)
-{
- unsigned long max_len =
- DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
- if (max_len < (unsigned long)s->max_cert_list)
- return s->max_cert_list;
- return max_len;
-}
-
-static int
-dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok)
-{
- hm_fragment *frag = NULL;
- pitem *item = NULL;
- int i = -1, is_complete;
- unsigned char seq64be[8];
- unsigned long frag_len = msg_hdr->frag_len;
-
- if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
- msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
- goto err;
-
- if (frag_len == 0)
- return DTLS1_HM_FRAGMENT_RETRY;
-
- /* Try to find item in queue */
- memset(seq64be, 0, sizeof(seq64be));
- seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
- seq64be[7] = (unsigned char)msg_hdr->seq;
- item = pqueue_find(s->d1->buffered_messages, seq64be);
-
- if (item == NULL) {
- frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
- if (frag == NULL)
- goto err;
- memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
- frag->msg_header.frag_len = frag->msg_header.msg_len;
- frag->msg_header.frag_off = 0;
- } else {
- frag = (hm_fragment *)item->data;
- if (frag->msg_header.msg_len != msg_hdr->msg_len) {
- item = NULL;
- frag = NULL;
- goto err;
- }
- }
-
- /*
- * If message is already reassembled, this must be a retransmit and can
- * be dropped. In this case item != NULL and so frag does not need to be
- * freed.
- */
- if (frag->reassembly == NULL) {
- unsigned char devnull[256];
-
- while (frag_len) {
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
- devnull,
- frag_len >
- sizeof(devnull) ? sizeof(devnull) :
- frag_len, 0);
- if (i <= 0)
- goto err;
- frag_len -= i;
- }
- return DTLS1_HM_FRAGMENT_RETRY;
- }
-
- /* read the body of the fragment (header has already been read */
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
- frag->fragment + msg_hdr->frag_off,
- frag_len, 0);
- if ((unsigned long)i != frag_len)
- i = -1;
- if (i <= 0)
- goto err;
-
- RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
- (long)(msg_hdr->frag_off + frag_len));
-
- RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
- is_complete);
-
- if (is_complete) {
- OPENSSL_free(frag->reassembly);
- frag->reassembly = NULL;
- }
-
- if (item == NULL) {
- item = pitem_new(seq64be, frag);
- if (item == NULL) {
- i = -1;
- goto err;
- }
-
- item = pqueue_insert(s->d1->buffered_messages, item);
- /*
- * pqueue_insert fails iff a duplicate item is inserted. However,
- * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
- * would have returned it and control would never have reached this
- * branch.
- */
- OPENSSL_assert(item != NULL);
- }
-
- return DTLS1_HM_FRAGMENT_RETRY;
-
- err:
- if (frag != NULL && item == NULL)
- dtls1_hm_fragment_free(frag);
- *ok = 0;
- return i;
-}
-
-static int
-dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr,
- int *ok)
-{
- int i = -1;
- hm_fragment *frag = NULL;
- pitem *item = NULL;
- unsigned char seq64be[8];
- unsigned long frag_len = msg_hdr->frag_len;
-
- if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
- goto err;
-
- /* Try to find item in queue, to prevent duplicate entries */
- memset(seq64be, 0, sizeof(seq64be));
- seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
- seq64be[7] = (unsigned char)msg_hdr->seq;
- item = pqueue_find(s->d1->buffered_messages, seq64be);
-
- /*
- * If we already have an entry and this one is a fragment, don't discard
- * it and rather try to reassemble it.
- */
- if (item != NULL && frag_len != msg_hdr->msg_len)
- item = NULL;
-
- /*
- * Discard the message if sequence number was already there, is too far
- * in the future, already in the queue or if we received a FINISHED
- * before the SERVER_HELLO, which then must be a stale retransmit.
- */
- if (msg_hdr->seq <= s->d1->handshake_read_seq ||
- msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
- (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
- {
- unsigned char devnull[256];
-
- while (frag_len) {
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
- devnull,
- frag_len >
- sizeof(devnull) ? sizeof(devnull) :
- frag_len, 0);
- if (i <= 0)
- goto err;
- frag_len -= i;
- }
- } else {
- if (frag_len != msg_hdr->msg_len)
- return dtls1_reassemble_fragment(s, msg_hdr, ok);
-
- if (frag_len > dtls1_max_handshake_message_len(s))
- goto err;
-
- frag = dtls1_hm_fragment_new(frag_len, 0);
- if (frag == NULL)
- goto err;
-
- memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
-
- if (frag_len) {
- /*
- * read the body of the fragment (header has already been read
- */
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
- frag->fragment, frag_len, 0);
- if ((unsigned long)i != frag_len)
- i = -1;
- if (i <= 0)
- goto err;
- }
-
- item = pitem_new(seq64be, frag);
- if (item == NULL)
- goto err;
-
- item = pqueue_insert(s->d1->buffered_messages, item);
- /*
- * pqueue_insert fails iff a duplicate item is inserted. However,
- * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
- * would have returned it. Then, either |frag_len| !=
- * |msg_hdr->msg_len| in which case |item| is set to NULL and it will
- * have been processed with |dtls1_reassemble_fragment|, above, or
- * the record will have been discarded.
- */
- OPENSSL_assert(item != NULL);
- }
-
- return DTLS1_HM_FRAGMENT_RETRY;
-
- err:
- if (frag != NULL && item == NULL)
- dtls1_hm_fragment_free(frag);
- *ok = 0;
- return i;
-}
-
-static long
-dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
-{
- unsigned char wire[DTLS1_HM_HEADER_LENGTH];
- unsigned long len, frag_off, frag_len;
- int i, al;
- struct hm_header_st msg_hdr;
-
- redo:
- /* see if we have the required fragment already */
- if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
- if (*ok)
- s->init_num = frag_len;
- return frag_len;
- }
-
- /* read handshake message header */
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
- DTLS1_HM_HEADER_LENGTH, 0);
- if (i <= 0) { /* nbio, or an error */
- s->rwstate = SSL_READING;
- *ok = 0;
- return i;
- }
- /* Handshake fails if message header is incomplete */
- if (i != DTLS1_HM_HEADER_LENGTH) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
-
- /* parse the message fragment header */
- dtls1_get_message_header(wire, &msg_hdr);
-
- len = msg_hdr.msg_len;
- frag_off = msg_hdr.frag_off;
- frag_len = msg_hdr.frag_len;
-
- /*
- * We must have at least frag_len bytes left in the record to be read.
- * Fragments must not span records.
- */
- if (frag_len > s->s3->rrec.length) {
- al = SSL3_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_LENGTH);
- goto f_err;
- }
-
- /*
- * if this is a future (or stale) message it gets buffered
- * (or dropped)--no further processing at this time
- * While listening, we accept seq 1 (ClientHello with cookie)
- * although we're still expecting seq 0 (ClientHello)
- */
- if (msg_hdr.seq != s->d1->handshake_read_seq
- && !(s->d1->listen && msg_hdr.seq == 1))
- return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
-
- if (frag_len && frag_len < len)
- return dtls1_reassemble_fragment(s, &msg_hdr, ok);
-
- if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
- wire[0] == SSL3_MT_HELLO_REQUEST) {
- /*
- * The server may always send 'Hello Request' messages -- we are
- * doing a handshake anyway now, so ignore them if their format is
- * correct. Does not count for 'Finished' MAC.
- */
- if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- wire, DTLS1_HM_HEADER_LENGTH, s,
- s->msg_callback_arg);
-
- s->init_num = 0;
- goto redo;
- } else { /* Incorrectly formated Hello request */
-
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
- SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- }
-
- if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
- goto f_err;
-
- if (frag_len > 0) {
- unsigned char *p =
- (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
- &p[frag_off], frag_len, 0);
-
- /*
- * This shouldn't ever fail due to NBIO because we already checked
- * that we have enough data in the record
- */
- if (i <= 0) {
- s->rwstate = SSL_READING;
- *ok = 0;
- return i;
- }
- } else
- i = 0;
-
- /*
- * XDTLS: an incorrectly formatted fragment should cause the handshake
- * to fail
- */
- if (i != (int)frag_len) {
- al = SSL3_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL3_AD_ILLEGAL_PARAMETER);
- goto f_err;
- }
-
- *ok = 1;
- s->state = stn;
-
- /*
- * Note that s->init_num is *not* used as current offset in
- * s->init_buf->data, but as a counter summing up fragments' lengths: as
- * soon as they sum up to handshake packet length, we assume we have got
- * all the fragments.
- */
- s->init_num = frag_len;
- return frag_len;
-
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- s->init_num = 0;
-
- *ok = 0;
- return (-1);
-}
-
-int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
-{
- unsigned char *p, *d;
- int i;
- unsigned long l;
-
- if (s->state == a) {
- d = (unsigned char *)s->init_buf->data;
- p = &(d[DTLS1_HM_HEADER_LENGTH]);
-
- i = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen,
- s->s3->tmp.finish_md);
- s->s3->tmp.finish_md_len = i;
- memcpy(p, s->s3->tmp.finish_md, i);
- p += i;
- l = i;
-
- /*
- * Copy the finished so we can use it for renegotiation checks
- */
- if (s->type == SSL_ST_CONNECT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
- s->s3->previous_client_finished_len = i;
- } else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i);
- s->s3->previous_server_finished_len = i;
- }
-
-#ifdef OPENSSL_SYS_WIN16
- /*
- * MSVC 1.5 does not clear the top bytes of the word unless I do
- * this.
- */
- l &= 0xffff;
-#endif
-
- d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l);
- s->init_num = (int)l + DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
-
- s->state = b;
- }
-
- /* SSL3_ST_SEND_xxxxxx_HELLO_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-/*-
- * for these 2 messages, we need to
- * ssl->enc_read_ctx re-init
- * ssl->s3->read_sequence zero
- * ssl->s3->read_mac_secret re-init
- * ssl->session->read_sym_enc assign
- * ssl->session->read_compression assign
- * ssl->session->read_hash assign
- */
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
-{
- unsigned char *p;
-
- if (s->state == a) {
- p = (unsigned char *)s->init_buf->data;
- *p++ = SSL3_MT_CCS;
- s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
- s->init_num = DTLS1_CCS_HEADER_LENGTH;
-
- if (s->version == DTLS1_BAD_VER) {
- s->d1->next_handshake_write_seq++;
- s2n(s->d1->handshake_write_seq, p);
- s->init_num += 2;
- }
-
- s->init_off = 0;
-
- dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
- s->d1->handshake_write_seq, 0, 0);
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 1);
-
- s->state = b;
- }
-
- /* SSL3_ST_CW_CHANGE_B */
- return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
-static int dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
-{
- int n;
- unsigned char *p;
-
- n = i2d_X509(x, NULL);
- if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
- SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
- return 0;
- }
- p = (unsigned char *)&(buf->data[*l]);
- l2n3(n, p);
- i2d_X509(x, &p);
- *l += n + 3;
-
- return 1;
-}
-
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
-{
- unsigned char *p;
- int i;
- unsigned long l = 3 + DTLS1_HM_HEADER_LENGTH;
- BUF_MEM *buf;
-
- /* TLSv1 sends a chain with nothing in it, instead of an alert */
- buf = s->init_buf;
- if (!BUF_MEM_grow_clean(buf, 10)) {
- SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
- return (0);
- }
- if (x != NULL) {
- X509_STORE_CTX xs_ctx;
-
- if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store, x, NULL)) {
- SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_X509_LIB);
- return (0);
- }
-
- X509_verify_cert(&xs_ctx);
- /* Don't leave errors in the queue */
- ERR_clear_error();
- for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
- x = sk_X509_value(xs_ctx.chain, i);
-
- if (!dtls1_add_cert_to_buf(buf, &l, x)) {
- X509_STORE_CTX_cleanup(&xs_ctx);
- return 0;
- }
- }
- X509_STORE_CTX_cleanup(&xs_ctx);
- }
- /* Thawte special :-) */
- for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
- x = sk_X509_value(s->ctx->extra_certs, i);
- if (!dtls1_add_cert_to_buf(buf, &l, x))
- return 0;
- }
-
- l -= (3 + DTLS1_HM_HEADER_LENGTH);
-
- p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
- l2n3(l, p);
- l += 3;
- p = (unsigned char *)&(buf->data[0]);
- p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l);
-
- l += DTLS1_HM_HEADER_LENGTH;
- return (l);
-}
-
-int dtls1_read_failed(SSL *s, int code)
-{
- if (code > 0) {
- fprintf(stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
- return 1;
- }
-
- if (!dtls1_is_timer_expired(s)) {
- /*
- * not a timeout, none of our business, let higher layers handle
- * this. in fact it's probably an error
- */
- return code;
- }
-#ifndef OPENSSL_NO_HEARTBEATS
- /* done, no need to send a retransmit */
- if (!SSL_in_init(s) && !s->tlsext_hb_pending)
-#else
- /* done, no need to send a retransmit */
- if (!SSL_in_init(s))
-#endif
- {
- BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
- return code;
- }
-#if 0 /* for now, each alert contains only one
- * record number */
- item = pqueue_peek(state->rcvd_records);
- if (item) {
- /* send an alert immediately for all the missing records */
- } else
-#endif
-
-#if 0 /* no more alert sending, just retransmit the
- * last set of messages */
- if (state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
- ssl3_send_alert(s, SSL3_AL_WARNING,
- DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
-#endif
-
- return dtls1_handle_timeout(s);
-}
-
-int dtls1_get_queue_priority(unsigned short seq, int is_ccs)
-{
- /*
- * The index of the retransmission queue actually is the message sequence
- * number, since the queue only contains messages of a single handshake.
- * However, the ChangeCipherSpec has no message sequence number and so
- * using only the sequence will result in the CCS and Finished having the
- * same index. To prevent this, the sequence number is multiplied by 2.
- * In case of a CCS 1 is subtracted. This does not only differ CSS and
- * Finished, it also maintains the order of the index (important for
- * priority queues) and fits in the unsigned short variable.
- */
- return seq * 2 - is_ccs;
-}
-
-int dtls1_retransmit_buffered_messages(SSL *s)
-{
- pqueue sent = s->d1->sent_messages;
- piterator iter;
- pitem *item;
- hm_fragment *frag;
- int found = 0;
-
- iter = pqueue_iterator(sent);
-
- for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {
- frag = (hm_fragment *)item->data;
- if (dtls1_retransmit_message(s, (unsigned short)
- dtls1_get_queue_priority
- (frag->msg_header.seq,
- frag->msg_header.is_ccs), 0,
- &found) <= 0 && found) {
- fprintf(stderr, "dtls1_retransmit_message() failed\n");
- return -1;
- }
- }
-
- return 1;
-}
-
-int dtls1_buffer_message(SSL *s, int is_ccs)
-{
- pitem *item;
- hm_fragment *frag;
- unsigned char seq64be[8];
-
- /*
- * this function is called immediately after a message has been
- * serialized
- */
- OPENSSL_assert(s->init_off == 0);
-
- frag = dtls1_hm_fragment_new(s->init_num, 0);
- if (!frag)
- return 0;
-
- memcpy(frag->fragment, s->init_buf->data, s->init_num);
-
- if (is_ccs) {
- OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- ((s->version ==
- DTLS1_VERSION) ? DTLS1_CCS_HEADER_LENGTH : 3) ==
- (unsigned int)s->init_num);
- } else {
- OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
- }
-
- frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
- frag->msg_header.seq = s->d1->w_msg_hdr.seq;
- frag->msg_header.type = s->d1->w_msg_hdr.type;
- frag->msg_header.frag_off = 0;
- frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
- frag->msg_header.is_ccs = is_ccs;
-
- /* save current state */
- frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
- frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
- frag->msg_header.saved_retransmit_state.compress = s->compress;
- frag->msg_header.saved_retransmit_state.session = s->session;
- frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
-
- memset(seq64be, 0, sizeof(seq64be));
- seq64be[6] =
- (unsigned
- char)(dtls1_get_queue_priority(frag->msg_header.seq,
- frag->msg_header.is_ccs) >> 8);
- seq64be[7] =
- (unsigned
- char)(dtls1_get_queue_priority(frag->msg_header.seq,
- frag->msg_header.is_ccs));
-
- item = pitem_new(seq64be, frag);
- if (item == NULL) {
- dtls1_hm_fragment_free(frag);
- return 0;
- }
-#if 0
- fprintf(stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
- fprintf(stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
- fprintf(stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
-#endif
-
- pqueue_insert(s->d1->sent_messages, item);
- return 1;
-}
-
-int
-dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
- int *found)
-{
- int ret;
- /* XDTLS: for now assuming that read/writes are blocking */
- pitem *item;
- hm_fragment *frag;
- unsigned long header_length;
- unsigned char seq64be[8];
- struct dtls1_retransmit_state saved_state;
- unsigned char save_write_sequence[8];
-
- /*-
- OPENSSL_assert(s->init_num == 0);
- OPENSSL_assert(s->init_off == 0);
- */
-
- /* XDTLS: the requested message ought to be found, otherwise error */
- memset(seq64be, 0, sizeof(seq64be));
- seq64be[6] = (unsigned char)(seq >> 8);
- seq64be[7] = (unsigned char)seq;
-
- item = pqueue_find(s->d1->sent_messages, seq64be);
- if (item == NULL) {
- fprintf(stderr, "retransmit: message %d non-existant\n", seq);
- *found = 0;
- return 0;
- }
-
- *found = 1;
- frag = (hm_fragment *)item->data;
-
- if (frag->msg_header.is_ccs)
- header_length = DTLS1_CCS_HEADER_LENGTH;
- else
- header_length = DTLS1_HM_HEADER_LENGTH;
-
- memcpy(s->init_buf->data, frag->fragment,
- frag->msg_header.msg_len + header_length);
- s->init_num = frag->msg_header.msg_len + header_length;
-
- dtls1_set_message_header_int(s, frag->msg_header.type,
- frag->msg_header.msg_len,
- frag->msg_header.seq, 0,
- frag->msg_header.frag_len);
-
- /* save current state */
- saved_state.enc_write_ctx = s->enc_write_ctx;
- saved_state.write_hash = s->write_hash;
- saved_state.compress = s->compress;
- saved_state.session = s->session;
- saved_state.epoch = s->d1->w_epoch;
- saved_state.epoch = s->d1->w_epoch;
-
- s->d1->retransmitting = 1;
-
- /* restore state in which the message was originally sent */
- s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
- s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
- s->compress = frag->msg_header.saved_retransmit_state.compress;
- s->session = frag->msg_header.saved_retransmit_state.session;
- s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
-
- if (frag->msg_header.saved_retransmit_state.epoch ==
- saved_state.epoch - 1) {
- memcpy(save_write_sequence, s->s3->write_sequence,
- sizeof(s->s3->write_sequence));
- memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
- sizeof(s->s3->write_sequence));
- }
-
- ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
- SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
-
- /* restore current state */
- s->enc_write_ctx = saved_state.enc_write_ctx;
- s->write_hash = saved_state.write_hash;
- s->compress = saved_state.compress;
- s->session = saved_state.session;
- s->d1->w_epoch = saved_state.epoch;
-
- if (frag->msg_header.saved_retransmit_state.epoch ==
- saved_state.epoch - 1) {
- memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
- sizeof(s->s3->write_sequence));
- memcpy(s->s3->write_sequence, save_write_sequence,
- sizeof(s->s3->write_sequence));
- }
-
- s->d1->retransmitting = 0;
-
- (void)BIO_flush(SSL_get_wbio(s));
- return ret;
-}
-
-/* call this function when the buffered messages are no longer needed */
-void dtls1_clear_record_buffer(SSL *s)
-{
- pitem *item;
-
- for (item = pqueue_pop(s->d1->sent_messages);
- item != NULL; item = pqueue_pop(s->d1->sent_messages)) {
- dtls1_hm_fragment_free((hm_fragment *)item->data);
- pitem_free(item);
- }
-}
-
-unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
- unsigned char mt, unsigned long len,
- unsigned long frag_off,
- unsigned long frag_len)
-{
- /* Don't change sequence numbers while listening */
- if (frag_off == 0 && !s->d1->listen) {
- s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
- s->d1->next_handshake_write_seq++;
- }
-
- dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
- frag_off, frag_len);
-
- return p += DTLS1_HM_HEADER_LENGTH;
-}
-
-/* don't actually do the writing, wait till the MTU has been retrieved */
-static void
-dtls1_set_message_header_int(SSL *s, unsigned char mt,
- unsigned long len, unsigned short seq_num,
- unsigned long frag_off, unsigned long frag_len)
-{
- struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
- msg_hdr->type = mt;
- msg_hdr->msg_len = len;
- msg_hdr->seq = seq_num;
- msg_hdr->frag_off = frag_off;
- msg_hdr->frag_len = frag_len;
-}
-
-static void
-dtls1_fix_message_header(SSL *s, unsigned long frag_off,
- unsigned long frag_len)
-{
- struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
- msg_hdr->frag_off = frag_off;
- msg_hdr->frag_len = frag_len;
-}
-
-static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p)
-{
- struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
- *p++ = msg_hdr->type;
- l2n3(msg_hdr->msg_len, p);
-
- s2n(msg_hdr->seq, p);
- l2n3(msg_hdr->frag_off, p);
- l2n3(msg_hdr->frag_len, p);
-
- return p;
-}
-
-unsigned int dtls1_link_min_mtu(void)
-{
- return (g_probable_mtu[(sizeof(g_probable_mtu) /
- sizeof(g_probable_mtu[0])) - 1]);
-}
-
-unsigned int dtls1_min_mtu(SSL *s)
-{
- return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
-}
-
-void
-dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
-{
- memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
- msg_hdr->type = *(data++);
- n2l3(data, msg_hdr->msg_len);
-
- n2s(data, msg_hdr->seq);
- n2l3(data, msg_hdr->frag_off);
- n2l3(data, msg_hdr->frag_len);
-}
-
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
- memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
-
- ccs_hdr->type = *(data++);
-}
-
-int dtls1_shutdown(SSL *s)
-{
- int ret;
-#ifndef OPENSSL_NO_SCTP
- BIO *wbio;
-
- wbio = SSL_get_wbio(s);
- if (wbio != NULL && BIO_dgram_is_sctp(wbio) &&
- !(s->shutdown & SSL_SENT_SHUTDOWN)) {
- ret = BIO_dgram_sctp_wait_for_dry(wbio);
- if (ret < 0)
- return -1;
-
- if (ret == 0)
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1,
- NULL);
- }
-#endif
- ret = ssl3_shutdown(s);
-#ifndef OPENSSL_NO_SCTP
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
-#endif
- return ret;
-}
-
-#ifndef OPENSSL_NO_HEARTBEATS
-int dtls1_process_heartbeat(SSL *s)
-{
- unsigned char *p = &s->s3->rrec.data[0], *pl;
- unsigned short hbtype;
- unsigned int payload;
- unsigned int padding = 16; /* Use minimum padding */
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
- &s->s3->rrec.data[0], s->s3->rrec.length,
- s, s->msg_callback_arg);
-
- /* Read type and payload length first */
- if (1 + 2 + 16 > s->s3->rrec.length)
- return 0; /* silently discard */
- if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
- return 0; /* silently discard per RFC 6520 sec. 4 */
-
- hbtype = *p++;
- n2s(p, payload);
- if (1 + 2 + payload + 16 > s->s3->rrec.length)
- return 0; /* silently discard per RFC 6520 sec. 4 */
- pl = p;
-
- if (hbtype == TLS1_HB_REQUEST) {
- unsigned char *buffer, *bp;
- unsigned int write_length = 1 /* heartbeat type */ +
- 2 /* heartbeat length */ +
- payload + padding;
- int r;
-
- if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
- return 0;
-
- /*
- * Allocate memory for the response, size is 1 byte message type,
- * plus 2 bytes payload length, plus payload, plus padding
- */
- buffer = OPENSSL_malloc(write_length);
- bp = buffer;
-
- /* Enter response type, length and copy payload */
- *bp++ = TLS1_HB_RESPONSE;
- s2n(payload, bp);
- memcpy(bp, pl, payload);
- bp += payload;
- /* Random padding */
- if (RAND_pseudo_bytes(bp, padding) < 0) {
- OPENSSL_free(buffer);
- return -1;
- }
-
- r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
-
- if (r >= 0 && s->msg_callback)
- s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
- buffer, write_length, s, s->msg_callback_arg);
-
- OPENSSL_free(buffer);
-
- if (r < 0)
- return r;
- } else if (hbtype == TLS1_HB_RESPONSE) {
- unsigned int seq;
-
- /*
- * We only send sequence numbers (2 bytes unsigned int), and 16
- * random bytes, so we just try to read the sequence number
- */
- n2s(pl, seq);
-
- if (payload == 18 && seq == s->tlsext_hb_seq) {
- dtls1_stop_timer(s);
- s->tlsext_hb_seq++;
- s->tlsext_hb_pending = 0;
- }
- }
-
- return 0;
-}
-
-int dtls1_heartbeat(SSL *s)
-{
- unsigned char *buf, *p;
- int ret = -1;
- unsigned int payload = 18; /* Sequence number + random bytes */
- unsigned int padding = 16; /* Use minimum padding */
-
- /* Only send if peer supports and accepts HB requests... */
- if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
- s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
- SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
- return -1;
- }
-
- /* ...and there is none in flight yet... */
- if (s->tlsext_hb_pending) {
- SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
- return -1;
- }
-
- /* ...and no handshake in progress. */
- if (SSL_in_init(s) || s->in_handshake) {
- SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
- return -1;
- }
-
- /*
- * Check if padding is too long, payload and padding must not exceed 2^14
- * - 3 = 16381 bytes in total.
- */
- OPENSSL_assert(payload + padding <= 16381);
-
- /*-
- * Create HeartBeat message, we just use a sequence number
- * as payload to distuingish different messages and add
- * some random stuff.
- * - Message Type, 1 byte
- * - Payload Length, 2 bytes (unsigned int)
- * - Payload, the sequence number (2 bytes uint)
- * - Payload, random bytes (16 bytes uint)
- * - Padding
- */
- buf = OPENSSL_malloc(1 + 2 + payload + padding);
- p = buf;
- /* Message Type */
- *p++ = TLS1_HB_REQUEST;
- /* Payload length (18 bytes here) */
- s2n(payload, p);
- /* Sequence number */
- s2n(s->tlsext_hb_seq, p);
- /* 16 random bytes */
- if (RAND_pseudo_bytes(p, 16) < 0)
- goto err;
- p += 16;
- /* Random padding */
- if (RAND_pseudo_bytes(p, padding) < 0)
- goto err;
-
- ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
- if (ret >= 0) {
- if (s->msg_callback)
- s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
- buf, 3 + payload + padding,
- s, s->msg_callback_arg);
-
- dtls1_start_timer(s);
- s->tlsext_hb_pending = 1;
- }
-
-err:
- OPENSSL_free(buf);
-
- return ret;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/d1_both.c (from rev 11605, vendor-crypto/openssl/dist/ssl/d1_both.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/d1_both.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_both.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1703 @@
+/* ssl/d1_both.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <limits.h>
+#include <string.h>
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
+
+#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \
+ if ((end) - (start) <= 8) { \
+ long ii; \
+ for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] |= (1 << ((ii) & 7)); \
+ } else { \
+ long ii; \
+ bitmask[((start) >> 3)] |= bitmask_start_values[((start) & 7)]; \
+ for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \
+ bitmask[(((end) - 1) >> 3)] |= bitmask_end_values[((end) & 7)]; \
+ } }
+
+#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \
+ long ii; \
+ OPENSSL_assert((msg_len) > 0); \
+ is_complete = 1; \
+ if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \
+ if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \
+ if (bitmask[ii] != 0xff) { is_complete = 0; break; } }
+
+#if 0
+# define RSMBLY_BITMASK_PRINT(bitmask, msg_len) { \
+ long ii; \
+ printf("bitmask: "); for (ii = 0; ii < (msg_len); ii++) \
+ printf("%d ", (bitmask[ii >> 3] & (1 << (ii & 7))) >> (ii & 7)); \
+ printf("\n"); }
+#endif
+
+static unsigned char bitmask_start_values[] =
+ { 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 };
+static unsigned char bitmask_end_values[] =
+ { 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f };
+
+/* XDTLS: figure out the right values */
+static const unsigned int g_probable_mtu[] = { 1500, 512, 256 };
+
+static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
+ unsigned long frag_len);
+static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
+static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
+ unsigned long len,
+ unsigned short seq_num,
+ unsigned long frag_off,
+ unsigned long frag_len);
+static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
+ int *ok);
+
+static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
+ int reassembly)
+{
+ hm_fragment *frag = NULL;
+ unsigned char *buf = NULL;
+ unsigned char *bitmask = NULL;
+
+ frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
+ if (frag == NULL)
+ return NULL;
+
+ if (frag_len) {
+ buf = (unsigned char *)OPENSSL_malloc(frag_len);
+ if (buf == NULL) {
+ OPENSSL_free(frag);
+ return NULL;
+ }
+ }
+
+ /* zero length fragment gets zero frag->fragment */
+ frag->fragment = buf;
+
+ /* Initialize reassembly bitmask if necessary */
+ if (reassembly) {
+ bitmask =
+ (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
+ if (bitmask == NULL) {
+ if (buf != NULL)
+ OPENSSL_free(buf);
+ OPENSSL_free(frag);
+ return NULL;
+ }
+ memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
+ }
+
+ frag->reassembly = bitmask;
+
+ return frag;
+}
+
+void dtls1_hm_fragment_free(hm_fragment *frag)
+{
+
+ if (frag->msg_header.is_ccs) {
+ EVP_CIPHER_CTX_free(frag->msg_header.
+ saved_retransmit_state.enc_write_ctx);
+ EVP_MD_CTX_destroy(frag->msg_header.
+ saved_retransmit_state.write_hash);
+ }
+ if (frag->fragment)
+ OPENSSL_free(frag->fragment);
+ if (frag->reassembly)
+ OPENSSL_free(frag->reassembly);
+ OPENSSL_free(frag);
+}
+
+static int dtls1_query_mtu(SSL *s)
+{
+ if (s->d1->link_mtu) {
+ s->d1->mtu =
+ s->d1->link_mtu - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
+ s->d1->link_mtu = 0;
+ }
+
+ /* AHA! Figure out the MTU, and stick to the right size */
+ if (s->d1->mtu < dtls1_min_mtu(s)) {
+ if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ s->d1->mtu =
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+
+ /*
+ * I've seen the kernel return bogus numbers when it doesn't know
+ * (initial write), so just make sure we have a reasonable number
+ */
+ if (s->d1->mtu < dtls1_min_mtu(s)) {
+ /* Set to min mtu */
+ s->d1->mtu = dtls1_min_mtu(s);
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
+ s->d1->mtu, NULL);
+ }
+ } else
+ return 0;
+ }
+ return 1;
+}
+
+/*
+ * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
+ * SSL3_RT_CHANGE_CIPHER_SPEC)
+ */
+int dtls1_do_write(SSL *s, int type)
+{
+ int ret;
+ unsigned int curr_mtu;
+ int retry = 1;
+ unsigned int len, frag_off, mac_size, blocksize, used_len;
+
+ if (!dtls1_query_mtu(s))
+ return -1;
+
+ OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu(s)); /* should have something
+ * reasonable now */
+
+ if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
+ OPENSSL_assert(s->init_num ==
+ (int)s->d1->w_msg_hdr.msg_len +
+ DTLS1_HM_HEADER_LENGTH);
+
+ if (s->write_hash)
+ mac_size = EVP_MD_CTX_size(s->write_hash);
+ else
+ mac_size = 0;
+
+ if (s->enc_write_ctx &&
+ (EVP_CIPHER_mode(s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
+ blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
+ else
+ blocksize = 0;
+
+ frag_off = 0;
+ s->rwstate = SSL_NOTHING;
+
+ /* s->init_num shouldn't ever be < 0...but just in case */
+ while (s->init_num > 0) {
+ if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) {
+ /* We must be writing a fragment other than the first one */
+
+ if (frag_off > 0) {
+ /* This is the first attempt at writing out this fragment */
+
+ if (s->init_off <= DTLS1_HM_HEADER_LENGTH) {
+ /*
+ * Each fragment that was already sent must at least have
+ * contained the message header plus one other byte.
+ * Therefore |init_off| must have progressed by at least
+ * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went
+ * wrong.
+ */
+ return -1;
+ }
+
+ /*
+ * Adjust |init_off| and |init_num| to allow room for a new
+ * message header for this fragment.
+ */
+ s->init_off -= DTLS1_HM_HEADER_LENGTH;
+ s->init_num += DTLS1_HM_HEADER_LENGTH;
+ } else {
+ /*
+ * We must have been called again after a retry so use the
+ * fragment offset from our last attempt. We do not need
+ * to adjust |init_off| and |init_num| as above, because
+ * that should already have been done before the retry.
+ */
+ frag_off = s->d1->w_msg_hdr.frag_off;
+ }
+ }
+
+ used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
+ + mac_size + blocksize;
+ if (s->d1->mtu > used_len)
+ curr_mtu = s->d1->mtu - used_len;
+ else
+ curr_mtu = 0;
+
+ if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
+ /*
+ * grr.. we could get an error if MTU picked was wrong
+ */
+ ret = BIO_flush(SSL_get_wbio(s));
+ if (ret <= 0) {
+ s->rwstate = SSL_WRITING;
+ return ret;
+ }
+ used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
+ if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
+ curr_mtu = s->d1->mtu - used_len;
+ } else {
+ /* Shouldn't happen */
+ return -1;
+ }
+ }
+
+ /*
+ * We just checked that s->init_num > 0 so this cast should be safe
+ */
+ if (((unsigned int)s->init_num) > curr_mtu)
+ len = curr_mtu;
+ else
+ len = s->init_num;
+
+ /* Shouldn't ever happen */
+ if (len > INT_MAX)
+ len = INT_MAX;
+
+ /*
+ * XDTLS: this function is too long. split out the CCS part
+ */
+ if (type == SSL3_RT_HANDSHAKE) {
+ if (len < DTLS1_HM_HEADER_LENGTH) {
+ /*
+ * len is so small that we really can't do anything sensible
+ * so fail
+ */
+ return -1;
+ }
+ dtls1_fix_message_header(s, frag_off,
+ len - DTLS1_HM_HEADER_LENGTH);
+
+ dtls1_write_message_header(s,
+ (unsigned char *)&s->init_buf->
+ data[s->init_off]);
+ }
+
+ ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off],
+ len);
+ if (ret < 0) {
+ /*
+ * might need to update MTU here, but we don't know which
+ * previous packet caused the failure -- so can't really
+ * retransmit anything. continue as if everything is fine and
+ * wait for an alert to handle the retransmit
+ */
+ if (retry && BIO_ctrl(SSL_get_wbio(s),
+ BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
+ if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ if (!dtls1_query_mtu(s))
+ return -1;
+ /* Have one more go */
+ retry = 0;
+ } else
+ return -1;
+ } else {
+ return (-1);
+ }
+ } else {
+
+ /*
+ * bad if this assert fails, only part of the handshake message
+ * got sent. but why would this happen?
+ */
+ OPENSSL_assert(len == (unsigned int)ret);
+
+ if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) {
+ /*
+ * should not be done for 'Hello Request's, but in that case
+ * we'll ignore the result anyway
+ */
+ unsigned char *p =
+ (unsigned char *)&s->init_buf->data[s->init_off];
+ const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+ int xlen;
+
+ if (frag_off == 0 && s->version != DTLS1_BAD_VER) {
+ /*
+ * reconstruct message header is if it is being sent in
+ * single fragment
+ */
+ *p++ = msg_hdr->type;
+ l2n3(msg_hdr->msg_len, p);
+ s2n(msg_hdr->seq, p);
+ l2n3(0, p);
+ l2n3(msg_hdr->msg_len, p);
+ p -= DTLS1_HM_HEADER_LENGTH;
+ xlen = ret;
+ } else {
+ p += DTLS1_HM_HEADER_LENGTH;
+ xlen = ret - DTLS1_HM_HEADER_LENGTH;
+ }
+
+ ssl3_finish_mac(s, p, xlen);
+ }
+
+ if (ret == s->init_num) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, type, s->init_buf->data,
+ (size_t)(s->init_off + s->init_num), s,
+ s->msg_callback_arg);
+
+ s->init_off = 0; /* done writing this message */
+ s->init_num = 0;
+
+ return (1);
+ }
+ s->init_off += ret;
+ s->init_num -= ret;
+ ret -= DTLS1_HM_HEADER_LENGTH;
+ frag_off += ret;
+
+ /*
+ * We save the fragment offset for the next fragment so we have it
+ * available in case of an IO retry. We don't know the length of the
+ * next fragment yet so just set that to 0 for now. It will be
+ * updated again later.
+ */
+ dtls1_fix_message_header(s, frag_off, 0);
+ }
+ }
+ return (0);
+}
+
+/*
+ * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
+ * acceptable body length 'max'. Read an entire handshake message. Handshake
+ * messages arrive in fragments.
+ */
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+{
+ int i, al;
+ struct hm_header_st *msg_hdr;
+ unsigned char *p;
+ unsigned long msg_len;
+
+ /*
+ * s3->tmp is used to store messages that are unexpected, caused by the
+ * absence of an optional handshake message
+ */
+ if (s->s3->tmp.reuse_message) {
+ s->s3->tmp.reuse_message = 0;
+ if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ *ok = 1;
+ s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+ s->init_num = (int)s->s3->tmp.message_size;
+ return s->init_num;
+ }
+
+ msg_hdr = &s->d1->r_msg_hdr;
+ memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+
+ again:
+ i = dtls1_get_message_fragment(s, st1, stn, max, ok);
+ if (i == DTLS1_HM_BAD_FRAGMENT || i == DTLS1_HM_FRAGMENT_RETRY) {
+ /* bad fragment received */
+ goto again;
+ } else if (i <= 0 && !*ok) {
+ return i;
+ }
+
+ if (mt >= 0 && s->s3->tmp.message_type != mt) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+
+ p = (unsigned char *)s->init_buf->data;
+ msg_len = msg_hdr->msg_len;
+
+ /* reconstruct message header */
+ *(p++) = msg_hdr->type;
+ l2n3(msg_len, p);
+ s2n(msg_hdr->seq, p);
+ l2n3(0, p);
+ l2n3(msg_len, p);
+ if (s->version != DTLS1_BAD_VER) {
+ p -= DTLS1_HM_HEADER_LENGTH;
+ msg_len += DTLS1_HM_HEADER_LENGTH;
+ }
+
+ ssl3_finish_mac(s, p, msg_len);
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+ p, msg_len, s, s->msg_callback_arg);
+
+ memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+
+ /* Don't change sequence numbers while listening */
+ if (!s->d1->listen)
+ s->d1->handshake_read_seq++;
+
+ s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+ return s->init_num;
+
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ *ok = 0;
+ return -1;
+}
+
+static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr,
+ int max)
+{
+ size_t frag_off, frag_len, msg_len;
+
+ msg_len = msg_hdr->msg_len;
+ frag_off = msg_hdr->frag_off;
+ frag_len = msg_hdr->frag_len;
+
+ /* sanity checking */
+ if ((frag_off + frag_len) > msg_len) {
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ return SSL_AD_ILLEGAL_PARAMETER;
+ }
+
+ if ((frag_off + frag_len) > (unsigned long)max) {
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ return SSL_AD_ILLEGAL_PARAMETER;
+ }
+
+ if (s->d1->r_msg_hdr.frag_off == 0) { /* first fragment */
+ /*
+ * msg_len is limited to 2^24, but is effectively checked against max
+ * above
+ *
+ * Make buffer slightly larger than message length as a precaution
+ * against small OOB reads e.g. CVE-2016-6306
+ */
+ if (!BUF_MEM_grow_clean
+ (s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH + 16)) {
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
+ return SSL_AD_INTERNAL_ERROR;
+ }
+
+ s->s3->tmp.message_size = msg_len;
+ s->d1->r_msg_hdr.msg_len = msg_len;
+ s->s3->tmp.message_type = msg_hdr->type;
+ s->d1->r_msg_hdr.type = msg_hdr->type;
+ s->d1->r_msg_hdr.seq = msg_hdr->seq;
+ } else if (msg_len != s->d1->r_msg_hdr.msg_len) {
+ /*
+ * They must be playing with us! BTW, failure to enforce upper limit
+ * would open possibility for buffer overrun.
+ */
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ return SSL_AD_ILLEGAL_PARAMETER;
+ }
+
+ return 0; /* no error */
+}
+
+static int dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
+{
+ /*-
+ * (0) check whether the desired fragment is available
+ * if so:
+ * (1) copy over the fragment to s->init_buf->data[]
+ * (2) update s->init_num
+ */
+ pitem *item;
+ hm_fragment *frag;
+ int al;
+
+ *ok = 0;
+ do {
+ item = pqueue_peek(s->d1->buffered_messages);
+ if (item == NULL)
+ return 0;
+
+ frag = (hm_fragment *)item->data;
+
+ if (frag->msg_header.seq < s->d1->handshake_read_seq) {
+ /* This is a stale message that has been buffered so clear it */
+ pqueue_pop(s->d1->buffered_messages);
+ dtls1_hm_fragment_free(frag);
+ pitem_free(item);
+ item = NULL;
+ frag = NULL;
+ }
+ } while (item == NULL);
+
+
+ /* Don't return if reassembly still in progress */
+ if (frag->reassembly != NULL)
+ return 0;
+
+ if (s->d1->handshake_read_seq == frag->msg_header.seq) {
+ unsigned long frag_len = frag->msg_header.frag_len;
+ pqueue_pop(s->d1->buffered_messages);
+
+ al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
+
+ if (al == 0) { /* no alert */
+ unsigned char *p =
+ (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+ memcpy(&p[frag->msg_header.frag_off], frag->fragment,
+ frag->msg_header.frag_len);
+ }
+
+ dtls1_hm_fragment_free(frag);
+ pitem_free(item);
+
+ if (al == 0) {
+ *ok = 1;
+ return frag_len;
+ }
+
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->init_num = 0;
+ *ok = 0;
+ return -1;
+ } else
+ return 0;
+}
+
+/*
+ * dtls1_max_handshake_message_len returns the maximum number of bytes
+ * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but
+ * may be greater if the maximum certificate list size requires it.
+ */
+static unsigned long dtls1_max_handshake_message_len(const SSL *s)
+{
+ unsigned long max_len =
+ DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
+ if (max_len < (unsigned long)s->max_cert_list)
+ return s->max_cert_list;
+ return max_len;
+}
+
+static int
+dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok)
+{
+ hm_fragment *frag = NULL;
+ pitem *item = NULL;
+ int i = -1, is_complete;
+ unsigned char seq64be[8];
+ unsigned long frag_len = msg_hdr->frag_len;
+
+ if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
+ msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
+ goto err;
+
+ if (frag_len == 0)
+ return DTLS1_HM_FRAGMENT_RETRY;
+
+ /* Try to find item in queue */
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+ seq64be[7] = (unsigned char)msg_hdr->seq;
+ item = pqueue_find(s->d1->buffered_messages, seq64be);
+
+ if (item == NULL) {
+ frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
+ if (frag == NULL)
+ goto err;
+ memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+ frag->msg_header.frag_len = frag->msg_header.msg_len;
+ frag->msg_header.frag_off = 0;
+ } else {
+ frag = (hm_fragment *)item->data;
+ if (frag->msg_header.msg_len != msg_hdr->msg_len) {
+ item = NULL;
+ frag = NULL;
+ goto err;
+ }
+ }
+
+ /*
+ * If message is already reassembled, this must be a retransmit and can
+ * be dropped. In this case item != NULL and so frag does not need to be
+ * freed.
+ */
+ if (frag->reassembly == NULL) {
+ unsigned char devnull[256];
+
+ while (frag_len) {
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ devnull,
+ frag_len >
+ sizeof(devnull) ? sizeof(devnull) :
+ frag_len, 0);
+ if (i <= 0)
+ goto err;
+ frag_len -= i;
+ }
+ return DTLS1_HM_FRAGMENT_RETRY;
+ }
+
+ /* read the body of the fragment (header has already been read */
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ frag->fragment + msg_hdr->frag_off,
+ frag_len, 0);
+ if ((unsigned long)i != frag_len)
+ i = -1;
+ if (i <= 0)
+ goto err;
+
+ RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
+ (long)(msg_hdr->frag_off + frag_len));
+
+ RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
+ is_complete);
+
+ if (is_complete) {
+ OPENSSL_free(frag->reassembly);
+ frag->reassembly = NULL;
+ }
+
+ if (item == NULL) {
+ item = pitem_new(seq64be, frag);
+ if (item == NULL) {
+ i = -1;
+ goto err;
+ }
+
+ item = pqueue_insert(s->d1->buffered_messages, item);
+ /*
+ * pqueue_insert fails iff a duplicate item is inserted. However,
+ * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
+ * would have returned it and control would never have reached this
+ * branch.
+ */
+ OPENSSL_assert(item != NULL);
+ }
+
+ return DTLS1_HM_FRAGMENT_RETRY;
+
+ err:
+ if (frag != NULL && item == NULL)
+ dtls1_hm_fragment_free(frag);
+ *ok = 0;
+ return i;
+}
+
+static int
+dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr,
+ int *ok)
+{
+ int i = -1;
+ hm_fragment *frag = NULL;
+ pitem *item = NULL;
+ unsigned char seq64be[8];
+ unsigned long frag_len = msg_hdr->frag_len;
+
+ if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
+ goto err;
+
+ /* Try to find item in queue, to prevent duplicate entries */
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+ seq64be[7] = (unsigned char)msg_hdr->seq;
+ item = pqueue_find(s->d1->buffered_messages, seq64be);
+
+ /*
+ * If we already have an entry and this one is a fragment, don't discard
+ * it and rather try to reassemble it.
+ */
+ if (item != NULL && frag_len != msg_hdr->msg_len)
+ item = NULL;
+
+ /*
+ * Discard the message if sequence number was already there, is too far
+ * in the future, already in the queue or if we received a FINISHED
+ * before the SERVER_HELLO, which then must be a stale retransmit.
+ */
+ if (msg_hdr->seq <= s->d1->handshake_read_seq ||
+ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
+ (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
+ {
+ unsigned char devnull[256];
+
+ while (frag_len) {
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ devnull,
+ frag_len >
+ sizeof(devnull) ? sizeof(devnull) :
+ frag_len, 0);
+ if (i <= 0)
+ goto err;
+ frag_len -= i;
+ }
+ } else {
+ if (frag_len != msg_hdr->msg_len)
+ return dtls1_reassemble_fragment(s, msg_hdr, ok);
+
+ if (frag_len > dtls1_max_handshake_message_len(s))
+ goto err;
+
+ frag = dtls1_hm_fragment_new(frag_len, 0);
+ if (frag == NULL)
+ goto err;
+
+ memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+
+ if (frag_len) {
+ /*
+ * read the body of the fragment (header has already been read
+ */
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ frag->fragment, frag_len, 0);
+ if ((unsigned long)i != frag_len)
+ i = -1;
+ if (i <= 0)
+ goto err;
+ }
+
+ item = pitem_new(seq64be, frag);
+ if (item == NULL)
+ goto err;
+
+ item = pqueue_insert(s->d1->buffered_messages, item);
+ /*
+ * pqueue_insert fails iff a duplicate item is inserted. However,
+ * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
+ * would have returned it. Then, either |frag_len| !=
+ * |msg_hdr->msg_len| in which case |item| is set to NULL and it will
+ * have been processed with |dtls1_reassemble_fragment|, above, or
+ * the record will have been discarded.
+ */
+ OPENSSL_assert(item != NULL);
+ }
+
+ return DTLS1_HM_FRAGMENT_RETRY;
+
+ err:
+ if (frag != NULL && item == NULL)
+ dtls1_hm_fragment_free(frag);
+ *ok = 0;
+ return i;
+}
+
+static long
+dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
+{
+ unsigned char wire[DTLS1_HM_HEADER_LENGTH];
+ unsigned long len, frag_off, frag_len;
+ int i, al;
+ struct hm_header_st msg_hdr;
+
+ redo:
+ /* see if we have the required fragment already */
+ if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
+ if (*ok)
+ s->init_num = frag_len;
+ return frag_len;
+ }
+
+ /* read handshake message header */
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
+ DTLS1_HM_HEADER_LENGTH, 0);
+ if (i <= 0) { /* nbio, or an error */
+ s->rwstate = SSL_READING;
+ *ok = 0;
+ return i;
+ }
+ /* Handshake fails if message header is incomplete */
+ if (i != DTLS1_HM_HEADER_LENGTH) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+
+ /* parse the message fragment header */
+ dtls1_get_message_header(wire, &msg_hdr);
+
+ len = msg_hdr.msg_len;
+ frag_off = msg_hdr.frag_off;
+ frag_len = msg_hdr.frag_len;
+
+ /*
+ * We must have at least frag_len bytes left in the record to be read.
+ * Fragments must not span records.
+ */
+ if (frag_len > s->s3->rrec.length) {
+ al = SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_LENGTH);
+ goto f_err;
+ }
+
+ /*
+ * if this is a future (or stale) message it gets buffered
+ * (or dropped)--no further processing at this time
+ * While listening, we accept seq 1 (ClientHello with cookie)
+ * although we're still expecting seq 0 (ClientHello)
+ */
+ if (msg_hdr.seq != s->d1->handshake_read_seq
+ && !(s->d1->listen && msg_hdr.seq == 1))
+ return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
+
+ if (frag_len && frag_len < len)
+ return dtls1_reassemble_fragment(s, &msg_hdr, ok);
+
+ if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
+ wire[0] == SSL3_MT_HELLO_REQUEST) {
+ /*
+ * The server may always send 'Hello Request' messages -- we are
+ * doing a handshake anyway now, so ignore them if their format is
+ * correct. Does not count for 'Finished' MAC.
+ */
+ if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+ wire, DTLS1_HM_HEADER_LENGTH, s,
+ s->msg_callback_arg);
+
+ s->init_num = 0;
+ goto redo;
+ } else { /* Incorrectly formated Hello request */
+
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ }
+
+ if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
+ goto f_err;
+
+ if (frag_len > 0) {
+ unsigned char *p =
+ (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ &p[frag_off], frag_len, 0);
+
+ /*
+ * This shouldn't ever fail due to NBIO because we already checked
+ * that we have enough data in the record
+ */
+ if (i <= 0) {
+ s->rwstate = SSL_READING;
+ *ok = 0;
+ return i;
+ }
+ } else
+ i = 0;
+
+ /*
+ * XDTLS: an incorrectly formatted fragment should cause the handshake
+ * to fail
+ */
+ if (i != (int)frag_len) {
+ al = SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL3_AD_ILLEGAL_PARAMETER);
+ goto f_err;
+ }
+
+ *ok = 1;
+ s->state = stn;
+
+ /*
+ * Note that s->init_num is *not* used as current offset in
+ * s->init_buf->data, but as a counter summing up fragments' lengths: as
+ * soon as they sum up to handshake packet length, we assume we have got
+ * all the fragments.
+ */
+ s->init_num = frag_len;
+ return frag_len;
+
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->init_num = 0;
+
+ *ok = 0;
+ return (-1);
+}
+
+int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
+{
+ unsigned char *p, *d;
+ int i;
+ unsigned long l;
+
+ if (s->state == a) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[DTLS1_HM_HEADER_LENGTH]);
+
+ i = s->method->ssl3_enc->final_finish_mac(s,
+ sender, slen,
+ s->s3->tmp.finish_md);
+ s->s3->tmp.finish_md_len = i;
+ memcpy(p, s->s3->tmp.finish_md, i);
+ p += i;
+ l = i;
+
+ /*
+ * Copy the finished so we can use it for renegotiation checks
+ */
+ if (s->type == SSL_ST_CONNECT) {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
+ s->s3->previous_client_finished_len = i;
+ } else {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i);
+ s->s3->previous_server_finished_len = i;
+ }
+
+#ifdef OPENSSL_SYS_WIN16
+ /*
+ * MSVC 1.5 does not clear the top bytes of the word unless I do
+ * this.
+ */
+ l &= 0xffff;
+#endif
+
+ d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l);
+ s->init_num = (int)l + DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+
+ s->state = b;
+ }
+
+ /* SSL3_ST_SEND_xxxxxx_HELLO_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+/*-
+ * for these 2 messages, we need to
+ * ssl->enc_read_ctx re-init
+ * ssl->s3->read_sequence zero
+ * ssl->s3->read_mac_secret re-init
+ * ssl->session->read_sym_enc assign
+ * ssl->session->read_compression assign
+ * ssl->session->read_hash assign
+ */
+int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
+{
+ unsigned char *p;
+
+ if (s->state == a) {
+ p = (unsigned char *)s->init_buf->data;
+ *p++ = SSL3_MT_CCS;
+ s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+ s->init_num = DTLS1_CCS_HEADER_LENGTH;
+
+ if (s->version == DTLS1_BAD_VER) {
+ s->d1->next_handshake_write_seq++;
+ s2n(s->d1->handshake_write_seq, p);
+ s->init_num += 2;
+ }
+
+ s->init_off = 0;
+
+ dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
+ s->d1->handshake_write_seq, 0, 0);
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 1);
+
+ s->state = b;
+ }
+
+ /* SSL3_ST_CW_CHANGE_B */
+ return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+}
+
+static int dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+{
+ int n;
+ unsigned char *p;
+
+ n = i2d_X509(x, NULL);
+ if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
+ SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
+ return 0;
+ }
+ p = (unsigned char *)&(buf->data[*l]);
+ l2n3(n, p);
+ i2d_X509(x, &p);
+ *l += n + 3;
+
+ return 1;
+}
+
+unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
+{
+ unsigned char *p;
+ int i;
+ unsigned long l = 3 + DTLS1_HM_HEADER_LENGTH;
+ BUF_MEM *buf;
+
+ /* TLSv1 sends a chain with nothing in it, instead of an alert */
+ buf = s->init_buf;
+ if (!BUF_MEM_grow_clean(buf, 10)) {
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
+ return (0);
+ }
+ if (x != NULL) {
+ X509_STORE_CTX xs_ctx;
+
+ if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store, x, NULL)) {
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_X509_LIB);
+ return (0);
+ }
+
+ X509_verify_cert(&xs_ctx);
+ /* Don't leave errors in the queue */
+ ERR_clear_error();
+ for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
+ x = sk_X509_value(xs_ctx.chain, i);
+
+ if (!dtls1_add_cert_to_buf(buf, &l, x)) {
+ X509_STORE_CTX_cleanup(&xs_ctx);
+ return 0;
+ }
+ }
+ X509_STORE_CTX_cleanup(&xs_ctx);
+ }
+ /* Thawte special :-) */
+ for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
+ x = sk_X509_value(s->ctx->extra_certs, i);
+ if (!dtls1_add_cert_to_buf(buf, &l, x))
+ return 0;
+ }
+
+ l -= (3 + DTLS1_HM_HEADER_LENGTH);
+
+ p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
+ l2n3(l, p);
+ l += 3;
+ p = (unsigned char *)&(buf->data[0]);
+ p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l);
+
+ l += DTLS1_HM_HEADER_LENGTH;
+ return (l);
+}
+
+int dtls1_read_failed(SSL *s, int code)
+{
+ if (code > 0) {
+ fprintf(stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
+ return 1;
+ }
+
+ if (!dtls1_is_timer_expired(s)) {
+ /*
+ * not a timeout, none of our business, let higher layers handle
+ * this. in fact it's probably an error
+ */
+ return code;
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* done, no need to send a retransmit */
+ if (!SSL_in_init(s) && !s->tlsext_hb_pending)
+#else
+ /* done, no need to send a retransmit */
+ if (!SSL_in_init(s))
+#endif
+ {
+ BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
+ return code;
+ }
+#if 0 /* for now, each alert contains only one
+ * record number */
+ item = pqueue_peek(state->rcvd_records);
+ if (item) {
+ /* send an alert immediately for all the missing records */
+ } else
+#endif
+
+#if 0 /* no more alert sending, just retransmit the
+ * last set of messages */
+ if (state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
+ ssl3_send_alert(s, SSL3_AL_WARNING,
+ DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
+
+ return dtls1_handle_timeout(s);
+}
+
+int dtls1_get_queue_priority(unsigned short seq, int is_ccs)
+{
+ /*
+ * The index of the retransmission queue actually is the message sequence
+ * number, since the queue only contains messages of a single handshake.
+ * However, the ChangeCipherSpec has no message sequence number and so
+ * using only the sequence will result in the CCS and Finished having the
+ * same index. To prevent this, the sequence number is multiplied by 2.
+ * In case of a CCS 1 is subtracted. This does not only differ CSS and
+ * Finished, it also maintains the order of the index (important for
+ * priority queues) and fits in the unsigned short variable.
+ */
+ return seq * 2 - is_ccs;
+}
+
+int dtls1_retransmit_buffered_messages(SSL *s)
+{
+ pqueue sent = s->d1->sent_messages;
+ piterator iter;
+ pitem *item;
+ hm_fragment *frag;
+ int found = 0;
+
+ iter = pqueue_iterator(sent);
+
+ for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {
+ frag = (hm_fragment *)item->data;
+ if (dtls1_retransmit_message(s, (unsigned short)
+ dtls1_get_queue_priority
+ (frag->msg_header.seq,
+ frag->msg_header.is_ccs), 0,
+ &found) <= 0 && found) {
+ fprintf(stderr, "dtls1_retransmit_message() failed\n");
+ return -1;
+ }
+ }
+
+ return 1;
+}
+
+int dtls1_buffer_message(SSL *s, int is_ccs)
+{
+ pitem *item;
+ hm_fragment *frag;
+ unsigned char seq64be[8];
+
+ /*
+ * this function is called immediately after a message has been
+ * serialized
+ */
+ OPENSSL_assert(s->init_off == 0);
+
+ frag = dtls1_hm_fragment_new(s->init_num, 0);
+ if (!frag)
+ return 0;
+
+ memcpy(frag->fragment, s->init_buf->data, s->init_num);
+
+ if (is_ccs) {
+ OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+ ((s->version ==
+ DTLS1_VERSION) ? DTLS1_CCS_HEADER_LENGTH : 3) ==
+ (unsigned int)s->init_num);
+ } else {
+ OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+ DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
+ }
+
+ frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
+ frag->msg_header.seq = s->d1->w_msg_hdr.seq;
+ frag->msg_header.type = s->d1->w_msg_hdr.type;
+ frag->msg_header.frag_off = 0;
+ frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
+ frag->msg_header.is_ccs = is_ccs;
+
+ /* save current state */
+ frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
+ frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
+ frag->msg_header.saved_retransmit_state.compress = s->compress;
+ frag->msg_header.saved_retransmit_state.session = s->session;
+ frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
+
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] =
+ (unsigned
+ char)(dtls1_get_queue_priority(frag->msg_header.seq,
+ frag->msg_header.is_ccs) >> 8);
+ seq64be[7] =
+ (unsigned
+ char)(dtls1_get_queue_priority(frag->msg_header.seq,
+ frag->msg_header.is_ccs));
+
+ item = pitem_new(seq64be, frag);
+ if (item == NULL) {
+ dtls1_hm_fragment_free(frag);
+ return 0;
+ }
+#if 0
+ fprintf(stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
+ fprintf(stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
+ fprintf(stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
+#endif
+
+ pqueue_insert(s->d1->sent_messages, item);
+ return 1;
+}
+
+int
+dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
+ int *found)
+{
+ int ret;
+ /* XDTLS: for now assuming that read/writes are blocking */
+ pitem *item;
+ hm_fragment *frag;
+ unsigned long header_length;
+ unsigned char seq64be[8];
+ struct dtls1_retransmit_state saved_state;
+ unsigned char save_write_sequence[8];
+
+ /*-
+ OPENSSL_assert(s->init_num == 0);
+ OPENSSL_assert(s->init_off == 0);
+ */
+
+ /* XDTLS: the requested message ought to be found, otherwise error */
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(seq >> 8);
+ seq64be[7] = (unsigned char)seq;
+
+ item = pqueue_find(s->d1->sent_messages, seq64be);
+ if (item == NULL) {
+ fprintf(stderr, "retransmit: message %d non-existant\n", seq);
+ *found = 0;
+ return 0;
+ }
+
+ *found = 1;
+ frag = (hm_fragment *)item->data;
+
+ if (frag->msg_header.is_ccs)
+ header_length = DTLS1_CCS_HEADER_LENGTH;
+ else
+ header_length = DTLS1_HM_HEADER_LENGTH;
+
+ memcpy(s->init_buf->data, frag->fragment,
+ frag->msg_header.msg_len + header_length);
+ s->init_num = frag->msg_header.msg_len + header_length;
+
+ dtls1_set_message_header_int(s, frag->msg_header.type,
+ frag->msg_header.msg_len,
+ frag->msg_header.seq, 0,
+ frag->msg_header.frag_len);
+
+ /* save current state */
+ saved_state.enc_write_ctx = s->enc_write_ctx;
+ saved_state.write_hash = s->write_hash;
+ saved_state.compress = s->compress;
+ saved_state.session = s->session;
+ saved_state.epoch = s->d1->w_epoch;
+ saved_state.epoch = s->d1->w_epoch;
+
+ s->d1->retransmitting = 1;
+
+ /* restore state in which the message was originally sent */
+ s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
+ s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
+ s->compress = frag->msg_header.saved_retransmit_state.compress;
+ s->session = frag->msg_header.saved_retransmit_state.session;
+ s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
+
+ if (frag->msg_header.saved_retransmit_state.epoch ==
+ saved_state.epoch - 1) {
+ memcpy(save_write_sequence, s->s3->write_sequence,
+ sizeof(s->s3->write_sequence));
+ memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
+ sizeof(s->s3->write_sequence));
+ }
+
+ ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
+ SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
+
+ /* restore current state */
+ s->enc_write_ctx = saved_state.enc_write_ctx;
+ s->write_hash = saved_state.write_hash;
+ s->compress = saved_state.compress;
+ s->session = saved_state.session;
+ s->d1->w_epoch = saved_state.epoch;
+
+ if (frag->msg_header.saved_retransmit_state.epoch ==
+ saved_state.epoch - 1) {
+ memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
+ sizeof(s->s3->write_sequence));
+ memcpy(s->s3->write_sequence, save_write_sequence,
+ sizeof(s->s3->write_sequence));
+ }
+
+ s->d1->retransmitting = 0;
+
+ (void)BIO_flush(SSL_get_wbio(s));
+ return ret;
+}
+
+unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
+ unsigned char mt, unsigned long len,
+ unsigned long frag_off,
+ unsigned long frag_len)
+{
+ /* Don't change sequence numbers while listening */
+ if (frag_off == 0 && !s->d1->listen) {
+ s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+ s->d1->next_handshake_write_seq++;
+ }
+
+ dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
+ frag_off, frag_len);
+
+ return p += DTLS1_HM_HEADER_LENGTH;
+}
+
+/* don't actually do the writing, wait till the MTU has been retrieved */
+static void
+dtls1_set_message_header_int(SSL *s, unsigned char mt,
+ unsigned long len, unsigned short seq_num,
+ unsigned long frag_off, unsigned long frag_len)
+{
+ struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+ msg_hdr->type = mt;
+ msg_hdr->msg_len = len;
+ msg_hdr->seq = seq_num;
+ msg_hdr->frag_off = frag_off;
+ msg_hdr->frag_len = frag_len;
+}
+
+static void
+dtls1_fix_message_header(SSL *s, unsigned long frag_off,
+ unsigned long frag_len)
+{
+ struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+ msg_hdr->frag_off = frag_off;
+ msg_hdr->frag_len = frag_len;
+}
+
+static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p)
+{
+ struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+ *p++ = msg_hdr->type;
+ l2n3(msg_hdr->msg_len, p);
+
+ s2n(msg_hdr->seq, p);
+ l2n3(msg_hdr->frag_off, p);
+ l2n3(msg_hdr->frag_len, p);
+
+ return p;
+}
+
+unsigned int dtls1_link_min_mtu(void)
+{
+ return (g_probable_mtu[(sizeof(g_probable_mtu) /
+ sizeof(g_probable_mtu[0])) - 1]);
+}
+
+unsigned int dtls1_min_mtu(SSL *s)
+{
+ return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
+}
+
+void
+dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
+{
+ memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+ msg_hdr->type = *(data++);
+ n2l3(data, msg_hdr->msg_len);
+
+ n2s(data, msg_hdr->seq);
+ n2l3(data, msg_hdr->frag_off);
+ n2l3(data, msg_hdr->frag_len);
+}
+
+void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
+{
+ memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
+
+ ccs_hdr->type = *(data++);
+}
+
+int dtls1_shutdown(SSL *s)
+{
+ int ret;
+#ifndef OPENSSL_NO_SCTP
+ BIO *wbio;
+
+ wbio = SSL_get_wbio(s);
+ if (wbio != NULL && BIO_dgram_is_sctp(wbio) &&
+ !(s->shutdown & SSL_SENT_SHUTDOWN)) {
+ ret = BIO_dgram_sctp_wait_for_dry(wbio);
+ if (ret < 0)
+ return -1;
+
+ if (ret == 0)
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1,
+ NULL);
+ }
+#endif
+ ret = ssl3_shutdown(s);
+#ifndef OPENSSL_NO_SCTP
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
+#endif
+ return ret;
+}
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int dtls1_process_heartbeat(SSL *s)
+{
+ unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned short hbtype;
+ unsigned int payload;
+ unsigned int padding = 16; /* Use minimum padding */
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
+
+ /* Read type and payload length first */
+ if (1 + 2 + 16 > s->s3->rrec.length)
+ return 0; /* silently discard */
+ if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+
+ hbtype = *p++;
+ n2s(p, payload);
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+ pl = p;
+
+ if (hbtype == TLS1_HB_REQUEST) {
+ unsigned char *buffer, *bp;
+ unsigned int write_length = 1 /* heartbeat type */ +
+ 2 /* heartbeat length */ +
+ payload + padding;
+ int r;
+
+ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0;
+
+ /*
+ * Allocate memory for the response, size is 1 byte message type,
+ * plus 2 bytes payload length, plus payload, plus padding
+ */
+ buffer = OPENSSL_malloc(write_length);
+ if (buffer == NULL)
+ return -1;
+ bp = buffer;
+
+ /* Enter response type, length and copy payload */
+ *bp++ = TLS1_HB_RESPONSE;
+ s2n(payload, bp);
+ memcpy(bp, pl, payload);
+ bp += payload;
+ /* Random padding */
+ if (RAND_bytes(bp, padding) <= 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
+
+ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
+
+ if (r >= 0 && s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buffer, write_length, s, s->msg_callback_arg);
+
+ OPENSSL_free(buffer);
+
+ if (r < 0)
+ return r;
+ } else if (hbtype == TLS1_HB_RESPONSE) {
+ unsigned int seq;
+
+ /*
+ * We only send sequence numbers (2 bytes unsigned int), and 16
+ * random bytes, so we just try to read the sequence number
+ */
+ n2s(pl, seq);
+
+ if (payload == 18 && seq == s->tlsext_hb_seq) {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_seq++;
+ s->tlsext_hb_pending = 0;
+ }
+ }
+
+ return 0;
+}
+
+int dtls1_heartbeat(SSL *s)
+{
+ unsigned char *buf, *p;
+ int ret = -1;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ return -1;
+ }
+
+ /* ...and there is none in flight yet... */
+ if (s->tlsext_hb_pending) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
+ return -1;
+ }
+
+ /* ...and no handshake in progress. */
+ if (SSL_in_init(s) || s->in_handshake) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ /*
+ * Check if padding is too long, payload and padding must not exceed 2^14
+ * - 3 = 16381 bytes in total.
+ */
+ OPENSSL_assert(payload + padding <= 16381);
+
+ /*-
+ * Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+ * - Message Type, 1 byte
+ * - Payload Length, 2 bytes (unsigned int)
+ * - Payload, the sequence number (2 bytes uint)
+ * - Payload, random bytes (16 bytes uint)
+ * - Padding
+ */
+ buf = OPENSSL_malloc(1 + 2 + payload + padding);
+ p = buf;
+ /* Message Type */
+ *p++ = TLS1_HB_REQUEST;
+ /* Payload length (18 bytes here) */
+ s2n(payload, p);
+ /* Sequence number */
+ s2n(s->tlsext_hb_seq, p);
+ /* 16 random bytes */
+ if (RAND_bytes(p, 16) <= 0)
+ goto err;
+ p += 16;
+ /* Random padding */
+ if (RAND_bytes(p, padding) <= 0)
+ goto err;
+
+ ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+ if (ret >= 0) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ dtls1_start_timer(s);
+ s->tlsext_hb_pending = 1;
+ }
+
+err:
+ OPENSSL_free(buf);
+
+ return ret;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/d1_clnt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1713 +0,0 @@
-/* ssl/d1_clnt.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_KRB5
-# include "kssl_lcl.h"
-#endif
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-static const SSL_METHOD *dtls1_get_client_method(int ver);
-static int dtls1_get_hello_verify(SSL *s);
-
-static const SSL_METHOD *dtls1_get_client_method(int ver)
-{
- if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
- return (DTLSv1_client_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_dtls1_meth_func(DTLSv1_client_method,
- ssl_undefined_function,
- dtls1_connect, dtls1_get_client_method)
-
-int dtls1_connect(SSL *s)
-{
- BUF_MEM *buf = NULL;
- unsigned long Time = (unsigned long)time(NULL);
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int ret = -1;
- int new_state, state, skip = 0;
-#ifndef OPENSSL_NO_SCTP
- unsigned char sctpauthkey[64];
- char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
-
- RAND_add(&Time, sizeof(Time), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Notify SCTP BIO socket to enter handshake mode and prevent stream
- * identifier other than 0. Will be ignored if no SCTP is used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
- s->in_handshake, NULL);
-#endif
-
-#ifndef OPENSSL_NO_HEARTBEATS
- /*
- * If we're awaiting a HeartbeatResponse, pretend we already got and
- * don't await it anymore, because Heartbeats don't make sense during
- * handshakes anyway.
- */
- if (s->tlsext_hb_pending) {
- dtls1_stop_timer(s);
- s->tlsext_hb_pending = 0;
- s->tlsext_hb_seq++;
- }
-#endif
-
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_RENEGOTIATE:
- s->renegotiate = 1;
- s->state = SSL_ST_CONNECT;
- s->ctx->stats.sess_connect_renegotiate++;
- /* break */
- case SSL_ST_BEFORE:
- case SSL_ST_CONNECT:
- case SSL_ST_BEFORE | SSL_ST_CONNECT:
- case SSL_ST_OK | SSL_ST_CONNECT:
-
- s->server = 0;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
- (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
- SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- /* s->version=SSL3_VERSION; */
- s->type = SSL_ST_CONNECT;
-
- if (s->init_buf == NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- s->init_buf = buf;
- buf = NULL;
- }
-
- if (!ssl3_setup_buffers(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- /* setup buffing BIO */
- if (!ssl_init_wbio_buffer(s, 0)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- /* don't push the buffering BIO quite yet */
-
- s->state = SSL3_ST_CW_CLNT_HELLO_A;
- s->ctx->stats.sess_connect++;
- s->init_num = 0;
- /* mark client_random uninitialized */
- memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
- s->d1->send_cookie = 0;
- s->hit = 0;
- s->d1->change_cipher_spec_ok = 0;
- /*
- * Should have been reset by ssl3_get_finished, too.
- */
- s->s3->change_cipher_spec = 0;
- break;
-
-#ifndef OPENSSL_NO_SCTP
- case DTLS1_SCTP_ST_CR_READ_SOCK:
-
- if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
- s->s3->in_read_app_data = 2;
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- ret = -1;
- goto end;
- }
-
- s->state = s->s3->tmp.next_state;
- break;
-
- case DTLS1_SCTP_ST_CW_WRITE_SOCK:
- /* read app data until dry event */
-
- ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
- if (ret < 0)
- goto end;
-
- if (ret == 0) {
- s->s3->in_read_app_data = 2;
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- ret = -1;
- goto end;
- }
-
- s->state = s->d1->next_state;
- break;
-#endif
-
- case SSL3_ST_CW_CLNT_HELLO_A:
- s->shutdown = 0;
-
- /* every DTLS ClientHello resets Finished MAC */
- ssl3_init_finished_mac(s);
-
- case SSL3_ST_CW_CLNT_HELLO_B:
- dtls1_start_timer(s);
- ret = dtls1_client_hello(s);
- if (ret <= 0)
- goto end;
-
- if (s->d1->send_cookie) {
- s->state = SSL3_ST_CW_FLUSH;
- s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
- } else
- s->state = SSL3_ST_CR_SRVR_HELLO_A;
-
- s->init_num = 0;
-
-#ifndef OPENSSL_NO_SCTP
- /* Disable buffering for SCTP */
- if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-#endif
- /*
- * turn on buffering for the next lot of output
- */
- if (s->bbio != s->wbio)
- s->wbio = BIO_push(s->bbio, s->wbio);
-#ifndef OPENSSL_NO_SCTP
- }
-#endif
-
- break;
-
- case SSL3_ST_CR_SRVR_HELLO_A:
- case SSL3_ST_CR_SRVR_HELLO_B:
- ret = ssl3_get_server_hello(s);
- if (ret <= 0)
- goto end;
- else {
- if (s->hit) {
-#ifndef OPENSSL_NO_SCTP
- /*
- * Add new shared key for SCTP-Auth, will be ignored if
- * no SCTP used.
- */
- snprintf((char *)labelbuffer,
- sizeof(DTLS1_SCTP_AUTH_LABEL),
- DTLS1_SCTP_AUTH_LABEL);
-
- if (SSL_export_keying_material(s, sctpauthkey,
- sizeof(sctpauthkey),
- labelbuffer,
- sizeof(labelbuffer), NULL, 0,
- 0) <= 0) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- BIO_ctrl(SSL_get_wbio(s),
- BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
- sizeof(sctpauthkey), sctpauthkey);
-#endif
-
- s->state = SSL3_ST_CR_FINISHED_A;
- if (s->tlsext_ticket_expected) {
- /* receive renewed session ticket */
- s->state = SSL3_ST_CR_SESSION_TICKET_A;
- }
- } else
- s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
- }
- s->init_num = 0;
- break;
-
- case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
- case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-
- ret = dtls1_get_hello_verify(s);
- if (ret <= 0)
- goto end;
- dtls1_stop_timer(s);
- if (s->d1->send_cookie) /* start again, with a cookie */
- s->state = SSL3_ST_CW_CLNT_HELLO_A;
- else
- s->state = SSL3_ST_CR_CERT_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_CERT_A:
- case SSL3_ST_CR_CERT_B:
- /* Check if it is anon DH or PSK */
- if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
- !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- ret = ssl3_get_server_certificate(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_status_expected)
- s->state = SSL3_ST_CR_CERT_STATUS_A;
- else
- s->state = SSL3_ST_CR_KEY_EXCH_A;
- } else {
- skip = 1;
- s->state = SSL3_ST_CR_KEY_EXCH_A;
- }
-#else
- } else
- skip = 1;
-
- s->state = SSL3_ST_CR_KEY_EXCH_A;
-#endif
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_KEY_EXCH_A:
- case SSL3_ST_CR_KEY_EXCH_B:
- ret = ssl3_get_key_exchange(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_CERT_REQ_A;
- s->init_num = 0;
-
- /*
- * at this point we check that we have the required stuff from
- * the server
- */
- if (!ssl3_check_cert_and_algorithm(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- break;
-
- case SSL3_ST_CR_CERT_REQ_A:
- case SSL3_ST_CR_CERT_REQ_B:
- ret = ssl3_get_certificate_request(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_SRVR_DONE_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_SRVR_DONE_A:
- case SSL3_ST_CR_SRVR_DONE_B:
- ret = ssl3_get_server_done(s);
- if (ret <= 0)
- goto end;
- dtls1_stop_timer(s);
- if (s->s3->tmp.cert_req)
- s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
- else
- s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
- s->init_num = 0;
-
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
- state == SSL_ST_RENEGOTIATE)
- s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
- else
-#endif
- s->state = s->s3->tmp.next_state;
- break;
-
- case SSL3_ST_CW_CERT_A:
- case SSL3_ST_CW_CERT_B:
- case SSL3_ST_CW_CERT_C:
- case SSL3_ST_CW_CERT_D:
- dtls1_start_timer(s);
- ret = dtls1_send_client_certificate(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CW_KEY_EXCH_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_KEY_EXCH_A:
- case SSL3_ST_CW_KEY_EXCH_B:
- dtls1_start_timer(s);
- ret = dtls1_send_client_key_exchange(s);
- if (ret <= 0)
- goto end;
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Add new shared key for SCTP-Auth, will be ignored if no SCTP
- * used.
- */
- snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
- DTLS1_SCTP_AUTH_LABEL);
-
- if (SSL_export_keying_material(s, sctpauthkey,
- sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0, 0) <= 0) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
- sizeof(sctpauthkey), sctpauthkey);
-#endif
-
- /*
- * EAY EAY EAY need to check for DH fix cert sent back
- */
- /*
- * For TLS, cert_req is set to 2, so a cert chain of nothing is
- * sent, but no verify packet is sent
- */
- if (s->s3->tmp.cert_req == 1) {
- s->state = SSL3_ST_CW_CERT_VRFY_A;
- } else {
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = SSL3_ST_CW_CHANGE_A;
- s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
- } else
-#endif
- s->state = SSL3_ST_CW_CHANGE_A;
- }
-
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_CERT_VRFY_A:
- case SSL3_ST_CW_CERT_VRFY_B:
- dtls1_start_timer(s);
- ret = dtls1_send_client_verify(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = SSL3_ST_CW_CHANGE_A;
- s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
- } else
-#endif
- s->state = SSL3_ST_CW_CHANGE_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_CHANGE_A:
- case SSL3_ST_CW_CHANGE_B:
- if (!s->hit)
- dtls1_start_timer(s);
- ret = dtls1_send_change_cipher_spec(s,
- SSL3_ST_CW_CHANGE_A,
- SSL3_ST_CW_CHANGE_B);
- if (ret <= 0)
- goto end;
-
- s->state = SSL3_ST_CW_FINISHED_A;
- s->init_num = 0;
-
- s->session->cipher = s->s3->tmp.new_cipher;
-#ifdef OPENSSL_NO_COMP
- s->session->compress_meth = 0;
-#else
- if (s->s3->tmp.new_compression == NULL)
- s->session->compress_meth = 0;
- else
- s->session->compress_meth = s->s3->tmp.new_compression->id;
-#endif
- if (!s->method->ssl3_enc->setup_key_block(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_CLIENT_WRITE))
- {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-#ifndef OPENSSL_NO_SCTP
- if (s->hit) {
- /*
- * Change to new shared key of SCTP-Auth, will be ignored if
- * no SCTP used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
- 0, NULL);
- }
-#endif
-
- dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
- break;
-
- case SSL3_ST_CW_FINISHED_A:
- case SSL3_ST_CW_FINISHED_B:
- if (!s->hit)
- dtls1_start_timer(s);
- ret = dtls1_send_finished(s,
- SSL3_ST_CW_FINISHED_A,
- SSL3_ST_CW_FINISHED_B,
- s->method->
- ssl3_enc->client_finished_label,
- s->method->
- ssl3_enc->client_finished_label_len);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CW_FLUSH;
-
- /* clear flags */
- s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
- if (s->hit) {
- s->s3->tmp.next_state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = s->s3->tmp.next_state;
- s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
- }
-#endif
- if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
- s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = SSL_ST_OK;
- s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
- }
-#endif
- s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
- s->s3->delay_buf_pop_ret = 0;
- }
- } else {
-#ifndef OPENSSL_NO_SCTP
- /*
- * Change to new shared key of SCTP-Auth, will be ignored if
- * no SCTP used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
- 0, NULL);
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
- /*
- * Allow NewSessionTicket if ticket expected
- */
- if (s->tlsext_ticket_expected)
- s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
- else
-#endif
-
- s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
- }
- s->init_num = 0;
- break;
-
-#ifndef OPENSSL_NO_TLSEXT
- case SSL3_ST_CR_SESSION_TICKET_A:
- case SSL3_ST_CR_SESSION_TICKET_B:
- ret = ssl3_get_new_session_ticket(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_FINISHED_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_CERT_STATUS_A:
- case SSL3_ST_CR_CERT_STATUS_B:
- ret = ssl3_get_cert_status(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_KEY_EXCH_A;
- s->init_num = 0;
- break;
-#endif
-
- case SSL3_ST_CR_FINISHED_A:
- case SSL3_ST_CR_FINISHED_B:
- s->d1->change_cipher_spec_ok = 1;
- ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
- SSL3_ST_CR_FINISHED_B);
- if (ret <= 0)
- goto end;
- dtls1_stop_timer(s);
-
- if (s->hit)
- s->state = SSL3_ST_CW_CHANGE_A;
- else
- s->state = SSL_ST_OK;
-
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
- state == SSL_ST_RENEGOTIATE) {
- s->d1->next_state = s->state;
- s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
- }
-#endif
-
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_FLUSH:
- s->rwstate = SSL_WRITING;
- if (BIO_flush(s->wbio) <= 0) {
- /*
- * If the write error was fatal, stop trying
- */
- if (!BIO_should_retry(s->wbio)) {
- s->rwstate = SSL_NOTHING;
- s->state = s->s3->tmp.next_state;
- }
-
- ret = -1;
- goto end;
- }
- s->rwstate = SSL_NOTHING;
- s->state = s->s3->tmp.next_state;
- break;
-
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-
-#if 0
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
-#endif
-
- /*
- * If we are not 'joining' the last two packets, remove the
- * buffering now
- */
- if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
- ssl_free_wbio_buffer(s);
- /* else do it later in ssl3_write */
-
- s->init_num = 0;
- s->renegotiate = 0;
- s->new_session = 0;
-
- ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
- if (s->hit)
- s->ctx->stats.sess_hit++;
-
- ret = 1;
- /* s->server=0; */
- s->handshake_func = dtls1_connect;
- s->ctx->stats.sess_connect_good++;
-
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
- /* done with handshaking */
- s->d1->handshake_read_seq = 0;
- s->d1->next_handshake_write_seq = 0;
- goto end;
- /* break; */
-
- case SSL_ST_ERR:
- default:
- SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
- ret = -1;
- goto end;
- /* break; */
- }
-
- /* did we do anything */
- if (!s->s3->tmp.reuse_message && !skip) {
- if (s->debug) {
- if ((ret = BIO_flush(s->wbio)) <= 0)
- goto end;
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_CONNECT_LOOP, 1);
- s->state = new_state;
- }
- }
- skip = 0;
- }
- end:
- s->in_handshake--;
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Notify SCTP BIO socket to leave handshake mode and allow stream
- * identifier other than 0. Will be ignored if no SCTP is used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
- s->in_handshake, NULL);
-#endif
-
- if (buf != NULL)
- BUF_MEM_free(buf);
- if (cb != NULL)
- cb(s, SSL_CB_CONNECT_EXIT, ret);
- return (ret);
-}
-
-int dtls1_client_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- unsigned int i, j;
- unsigned long l;
- SSL_COMP *comp;
-
- buf = (unsigned char *)s->init_buf->data;
- if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
- SSL_SESSION *sess = s->session;
- if ((s->session == NULL) || (s->session->ssl_version != s->version) ||
-#ifdef OPENSSL_NO_TLSEXT
- !sess->session_id_length ||
-#else
- (!sess->session_id_length && !sess->tlsext_tick) ||
-#endif
- (s->session->not_resumable)) {
- if (!ssl_get_new_session(s, 0))
- goto err;
- }
- /* else use the pre-loaded session */
-
- p = s->s3->client_random;
-
- /*
- * if client_random is initialized, reuse it, we are required to use
- * same upon reply to HelloVerify
- */
- for (i = 0; p[i] == '\0' && i < sizeof(s->s3->client_random); i++) ;
- if (i == sizeof(s->s3->client_random))
- ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random));
-
- /* Do the message type and length last */
- d = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
-
- *(p++) = s->version >> 8;
- *(p++) = s->version & 0xff;
- s->client_version = s->version;
-
- /* Random stuff */
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- /* Session ID */
- if (s->new_session)
- i = 0;
- else
- i = s->session->session_id_length;
- *(p++) = i;
- if (i != 0) {
- if (i > sizeof s->session->session_id) {
- SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- memcpy(p, s->session->session_id, i);
- p += i;
- }
-
- /* cookie stuff */
- if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
- SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- *(p++) = s->d1->cookie_len;
- memcpy(p, s->d1->cookie, s->d1->cookie_len);
- p += s->d1->cookie_len;
-
- /* Ciphers supported */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
- if (i == 0) {
- SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- goto err;
- }
- s2n(i, p);
- p += i;
-
- /* COMPRESSION */
- if (s->ctx->comp_methods == NULL)
- j = 0;
- else
- j = sk_SSL_COMP_num(s->ctx->comp_methods);
- *(p++) = 1 + j;
- for (i = 0; i < j; i++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
- *(p++) = comp->id;
- }
- *(p++) = 0; /* Add the NULL method */
-
-#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions */
- if (ssl_prepare_clienthello_tlsext(s) <= 0) {
- SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- goto err;
- }
- if ((p =
- ssl_add_clienthello_tlsext(s, p,
- buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
- NULL) {
- SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#endif
-
- l = (p - d);
- d = buf;
-
- d = dtls1_set_message_header(s, d, SSL3_MT_CLIENT_HELLO, l, 0, l);
-
- s->state = SSL3_ST_CW_CLNT_HELLO_B;
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- return (-1);
-}
-
-static int dtls1_get_hello_verify(SSL *s)
-{
- int n, al, ok = 0;
- unsigned char *data;
- unsigned int cookie_len;
-
- n = s->method->ssl_get_message(s,
- DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
- DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
- -1, s->max_cert_list, &ok);
-
- if (!ok)
- return ((int)n);
-
- if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
- s->d1->send_cookie = 0;
- s->s3->tmp.reuse_message = 1;
- return (1);
- }
-
- data = (unsigned char *)s->init_msg;
-
- if ((data[0] != (s->version >> 8)) || (data[1] != (s->version & 0xff))) {
- SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
- s->version = (s->version & 0xff00) | data[1];
- al = SSL_AD_PROTOCOL_VERSION;
- goto f_err;
- }
- data += 2;
-
- cookie_len = *(data++);
- if (cookie_len > sizeof(s->d1->cookie)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- goto f_err;
- }
-
- memcpy(s->d1->cookie, data, cookie_len);
- s->d1->cookie_len = cookie_len;
-
- s->d1->send_cookie = 1;
- return 1;
-
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- s->state = SSL_ST_ERR;
- return -1;
-}
-
-int dtls1_send_client_key_exchange(SSL *s)
-{
- unsigned char *p, *d;
- int n;
- unsigned long alg_k;
-#ifndef OPENSSL_NO_RSA
- unsigned char *q;
- EVP_PKEY *pkey = NULL;
-#endif
-#ifndef OPENSSL_NO_KRB5
- KSSL_ERR kssl_err;
-#endif /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_ECDH
- EC_KEY *clnt_ecdh = NULL;
- const EC_POINT *srvr_ecpoint = NULL;
- EVP_PKEY *srvr_pub_pkey = NULL;
- unsigned char *encodedPoint = NULL;
- int encoded_pt_len = 0;
- BN_CTX *bn_ctx = NULL;
-#endif
-
- if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
- d = (unsigned char *)s->init_buf->data;
- p = &(d[DTLS1_HM_HEADER_LENGTH]);
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
- /* Fool emacs indentation */
- if (0) {
- }
-#ifndef OPENSSL_NO_RSA
- else if (alg_k & SSL_kRSA) {
- RSA *rsa;
- unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-
- if (s->session->sess_cert == NULL) {
- /*
- * We should always have a server certificate with SSL_kRSA.
- */
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (s->session->sess_cert->peer_rsa_tmp != NULL)
- rsa = s->session->sess_cert->peer_rsa_tmp;
- else {
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].
- x509);
- if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
- || (pkey->pkey.rsa == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- rsa = pkey->pkey.rsa;
- EVP_PKEY_free(pkey);
- }
-
- tmp_buf[0] = s->client_version >> 8;
- tmp_buf[1] = s->client_version & 0xff;
- if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
- goto err;
-
- s->session->master_key_length = sizeof tmp_buf;
-
- q = p;
- /* Fix buf for TLS and [incidentally] DTLS */
- if (s->version > SSL3_VERSION)
- p += 2;
- n = RSA_public_encrypt(sizeof tmp_buf,
- tmp_buf, p, rsa, RSA_PKCS1_PADDING);
-# ifdef PKCS1_CHECK
- if (s->options & SSL_OP_PKCS1_CHECK_1)
- p[1]++;
- if (s->options & SSL_OP_PKCS1_CHECK_2)
- tmp_buf[0] = 0x70;
-# endif
- if (n <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_BAD_RSA_ENCRYPT);
- goto err;
- }
-
- /* Fix buf for TLS and [incidentally] DTLS */
- if (s->version > SSL3_VERSION) {
- s2n(n, q);
- n += 2;
- }
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- tmp_buf,
- sizeof tmp_buf);
- OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
- }
-#endif
-#ifndef OPENSSL_NO_KRB5
- else if (alg_k & SSL_kKRB5) {
- krb5_error_code krb5rc;
- KSSL_CTX *kssl_ctx = s->kssl_ctx;
- /* krb5_data krb5_ap_req; */
- krb5_data *enc_ticket;
- krb5_data authenticator, *authp = NULL;
- EVP_CIPHER_CTX ciph_ctx;
- const EVP_CIPHER *enc = NULL;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
- unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
- int padl, outl = sizeof(epms);
-
- EVP_CIPHER_CTX_init(&ciph_ctx);
-
-# ifdef KSSL_DEBUG
- printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
- alg_k, SSL_kKRB5);
-# endif /* KSSL_DEBUG */
-
- authp = NULL;
-# ifdef KRB5SENDAUTH
- if (KRB5SENDAUTH)
- authp = &authenticator;
-# endif /* KRB5SENDAUTH */
-
- krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp, &kssl_err);
- enc = kssl_map_enc(kssl_ctx->enctype);
- if (enc == NULL)
- goto err;
-# ifdef KSSL_DEBUG
- {
- printf("kssl_cget_tkt rtn %d\n", krb5rc);
- if (krb5rc && kssl_err.text)
- printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
- }
-# endif /* KSSL_DEBUG */
-
- if (krb5rc) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason);
- goto err;
- }
-
- /*-
- * 20010406 VRS - Earlier versions used KRB5 AP_REQ
- ** in place of RFC 2712 KerberosWrapper, as in:
- **
- ** Send ticket (copy to *p, set n = length)
- ** n = krb5_ap_req.length;
- ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
- ** if (krb5_ap_req.data)
- ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
- **
- ** Now using real RFC 2712 KerberosWrapper
- ** (Thanks to Simon Wilkinson <sxw at sxw.org.uk>)
- ** Note: 2712 "opaque" types are here replaced
- ** with a 2-byte length followed by the value.
- ** Example:
- ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
- ** Where "xx xx" = length bytes. Shown here with
- ** optional authenticator omitted.
- */
-
- /* KerberosWrapper.Ticket */
- s2n(enc_ticket->length, p);
- memcpy(p, enc_ticket->data, enc_ticket->length);
- p += enc_ticket->length;
- n = enc_ticket->length + 2;
-
- /* KerberosWrapper.Authenticator */
- if (authp && authp->length) {
- s2n(authp->length, p);
- memcpy(p, authp->data, authp->length);
- p += authp->length;
- n += authp->length + 2;
-
- free(authp->data);
- authp->data = NULL;
- authp->length = 0;
- } else {
- s2n(0, p); /* null authenticator length */
- n += 2;
- }
-
- if (RAND_bytes(tmp_buf, sizeof tmp_buf) <= 0)
- goto err;
-
- /*-
- * 20010420 VRS. Tried it this way; failed.
- * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
- * EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
- * kssl_ctx->length);
- * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
- */
-
- memset(iv, 0, sizeof iv); /* per RFC 1510 */
- EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
- EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
- sizeof tmp_buf);
- EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
- outl += padl;
- if (outl > (int)sizeof epms) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
- /* KerberosWrapper.EncryptedPreMasterSecret */
- s2n(outl, p);
- memcpy(p, epms, outl);
- p += outl;
- n += outl + 2;
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- tmp_buf,
- sizeof tmp_buf);
-
- OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
- OPENSSL_cleanse(epms, outl);
- }
-#endif
-#ifndef OPENSSL_NO_DH
- else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
- DH *dh_srvr, *dh_clnt;
-
- if (s->session->sess_cert == NULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_UNEXPECTED_MESSAGE);
- goto err;
- }
-
- if (s->session->sess_cert->peer_dh_tmp != NULL)
- dh_srvr = s->session->sess_cert->peer_dh_tmp;
- else {
- /* we get them from the cert */
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
- goto err;
- }
-
- /* generate a new random key */
- if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
- if (!DH_generate_key(dh_clnt)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
-
- /*
- * use the 'p' output buffer for the DH key, but make sure to
- * clear it out afterwards
- */
-
- n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
-
- if (n <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
-
- /* generate master key from the result */
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p, n);
- /* clean up */
- memset(p, 0, n);
-
- /* send off the data */
- n = BN_num_bytes(dh_clnt->pub_key);
- s2n(n, p);
- BN_bn2bin(dh_clnt->pub_key, p);
- n += 2;
-
- DH_free(dh_clnt);
-
- /* perhaps clean things up a bit EAY EAY EAY EAY */
- }
-#endif
-#ifndef OPENSSL_NO_ECDH
- else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
- const EC_GROUP *srvr_group = NULL;
- EC_KEY *tkey;
- int ecdh_clnt_cert = 0;
- int field_size = 0;
-
- if (s->session->sess_cert == NULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_UNEXPECTED_MESSAGE);
- goto err;
- }
-
- /*
- * Did we send out the client's ECDH share for use in premaster
- * computation as part of client certificate? If so, set
- * ecdh_clnt_cert to 1.
- */
- if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
- /*
- * XXX: For now, we do not support client authentication
- * using ECDH certificates. To add such support, one needs to
- * add code that checks for appropriate conditions and sets
- * ecdh_clnt_cert to 1. For example, the cert have an ECC key
- * on the same curve as the server's and the key should be
- * authorized for key agreement. One also needs to add code
- * in ssl3_connect to skip sending the certificate verify
- * message. if ((s->cert->key->privatekey != NULL) &&
- * (s->cert->key->privatekey->type == EVP_PKEY_EC) && ...)
- * ecdh_clnt_cert = 1;
- */
- }
-
- if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
- tkey = s->session->sess_cert->peer_ecdh_tmp;
- } else {
- /* Get the Server Public Key from Cert */
- srvr_pub_pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
- if ((srvr_pub_pkey == NULL)
- || (srvr_pub_pkey->type != EVP_PKEY_EC)
- || (srvr_pub_pkey->pkey.ec == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- tkey = srvr_pub_pkey->pkey.ec;
- }
-
- srvr_group = EC_KEY_get0_group(tkey);
- srvr_ecpoint = EC_KEY_get0_public_key(tkey);
-
- if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if ((clnt_ecdh = EC_KEY_new()) == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- if (ecdh_clnt_cert) {
- /*
- * Reuse key info from our certificate We only need our
- * private key to perform the ECDH computation.
- */
- const BIGNUM *priv_key;
- tkey = s->cert->key->privatekey->pkey.ec;
- priv_key = EC_KEY_get0_private_key(tkey);
- if (priv_key == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_EC_LIB);
- goto err;
- }
- } else {
- /* Generate a new ECDH key pair */
- if (!(EC_KEY_generate_key(clnt_ecdh))) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_ECDH_LIB);
- goto err;
- }
- }
-
- /*
- * use the 'p' output buffer for the ECDH key, but make sure to
- * clear it out afterwards
- */
-
- field_size = EC_GROUP_get_degree(srvr_group);
- if (field_size <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
- n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
- clnt_ecdh, NULL);
- if (n <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- /* generate master key from the result */
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p, n);
-
- memset(p, 0, n); /* clean up */
-
- if (ecdh_clnt_cert) {
- /* Send empty client key exch message */
- n = 0;
- } else {
- /*
- * First check the size of encoding and allocate memory
- * accordingly.
- */
- encoded_pt_len =
- EC_POINT_point2oct(srvr_group,
- EC_KEY_get0_public_key(clnt_ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- NULL, 0, NULL);
-
- encodedPoint = (unsigned char *)
- OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
- bn_ctx = BN_CTX_new();
- if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* Encode the public key */
- n = EC_POINT_point2oct(srvr_group,
- EC_KEY_get0_public_key(clnt_ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- encodedPoint, encoded_pt_len, bn_ctx);
-
- *p = n; /* length of encoded point */
- /* Encoded point will be copied here */
- p += 1;
- /* copy the point */
- memcpy((unsigned char *)p, encodedPoint, n);
- /* increment n to account for length field */
- n += 1;
- }
-
- /* Free allocated memory */
- BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
- EVP_PKEY_free(srvr_pub_pkey);
- }
-#endif /* !OPENSSL_NO_ECDH */
-
-#ifndef OPENSSL_NO_PSK
- else if (alg_k & SSL_kPSK) {
- char identity[PSK_MAX_IDENTITY_LEN];
- unsigned char *t = NULL;
- unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
- unsigned int pre_ms_len = 0, psk_len = 0;
- int psk_err = 1;
-
- n = 0;
- if (s->psk_client_callback == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_NO_CLIENT_CB);
- goto err;
- }
-
- psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
- identity, PSK_MAX_IDENTITY_LEN,
- psk_or_pre_ms,
- sizeof(psk_or_pre_ms));
- if (psk_len > PSK_MAX_PSK_LEN) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto psk_err;
- } else if (psk_len == 0) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_IDENTITY_NOT_FOUND);
- goto psk_err;
- }
-
- /* create PSK pre_master_secret */
- pre_ms_len = 2 + psk_len + 2 + psk_len;
- t = psk_or_pre_ms;
- memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
- s2n(psk_len, t);
- memset(t, 0, psk_len);
- t += psk_len;
- s2n(psk_len, t);
-
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
- s->session->psk_identity_hint =
- BUF_strdup(s->ctx->psk_identity_hint);
- if (s->ctx->psk_identity_hint != NULL
- && s->session->psk_identity_hint == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto psk_err;
- }
-
- if (s->session->psk_identity != NULL)
- OPENSSL_free(s->session->psk_identity);
- s->session->psk_identity = BUF_strdup(identity);
- if (s->session->psk_identity == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto psk_err;
- }
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- psk_or_pre_ms,
- pre_ms_len);
- n = strlen(identity);
- s2n(n, p);
- memcpy(p, identity, n);
- n += 2;
- psk_err = 0;
- psk_err:
- OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
- OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
- if (psk_err != 0) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- goto err;
- }
- }
-#endif
- else {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- d = dtls1_set_message_header(s, d,
- SSL3_MT_CLIENT_KEY_EXCHANGE, n, 0, n);
- /*-
- *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
- l2n3(n,d);
- l2n(s->d1->handshake_write_seq,d);
- s->d1->handshake_write_seq++;
- */
-
- s->state = SSL3_ST_CW_KEY_EXCH_B;
- /* number of bytes to write */
- s->init_num = n + DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- /* SSL3_ST_CW_KEY_EXCH_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
- err:
-#ifndef OPENSSL_NO_ECDH
- BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
- EVP_PKEY_free(srvr_pub_pkey);
-#endif
- return (-1);
-}
-
-int dtls1_send_client_verify(SSL *s)
-{
- unsigned char *p, *d;
- unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
- EVP_PKEY *pkey;
-#ifndef OPENSSL_NO_RSA
- unsigned u = 0;
-#endif
- unsigned long n;
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
- int j;
-#endif
-
- if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
- d = (unsigned char *)s->init_buf->data;
- p = &(d[DTLS1_HM_HEADER_LENGTH]);
- pkey = s->cert->key->privatekey;
-
- s->method->ssl3_enc->cert_verify_mac(s,
- NID_sha1,
- &(data[MD5_DIGEST_LENGTH]));
-
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
- if (RSA_sign(NID_md5_sha1, data,
- MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
- &(p[2]), &u, pkey->pkey.rsa) <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
- goto err;
- }
- s2n(u, p);
- n = u + 2;
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- if (!DSA_sign(pkey->save_type,
- &(data[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH, &(p[2]),
- (unsigned int *)&j, pkey->pkey.dsa)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
- goto err;
- }
- s2n(j, p);
- n = j + 2;
- } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC) {
- if (!ECDSA_sign(pkey->save_type,
- &(data[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH, &(p[2]),
- (unsigned int *)&j, pkey->pkey.ec)) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
- goto err;
- }
- s2n(j, p);
- n = j + 2;
- } else
-#endif
- {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- d = dtls1_set_message_header(s, d,
- SSL3_MT_CERTIFICATE_VERIFY, n, 0, n);
-
- s->init_num = (int)n + DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
-
- s->state = SSL3_ST_CW_CERT_VRFY_B;
- }
-
- /* s->state = SSL3_ST_CW_CERT_VRFY_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- return (-1);
-}
-
-int dtls1_send_client_certificate(SSL *s)
-{
- X509 *x509 = NULL;
- EVP_PKEY *pkey = NULL;
- int i;
- unsigned long l;
-
- if (s->state == SSL3_ST_CW_CERT_A) {
- if ((s->cert == NULL) ||
- (s->cert->key->x509 == NULL) ||
- (s->cert->key->privatekey == NULL))
- s->state = SSL3_ST_CW_CERT_B;
- else
- s->state = SSL3_ST_CW_CERT_C;
- }
-
- /* We need to get a client cert */
- if (s->state == SSL3_ST_CW_CERT_B) {
- /*
- * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP;
- * return(-1); We then get retied later
- */
- i = 0;
- i = ssl_do_client_cert_cb(s, &x509, &pkey);
- if (i < 0) {
- s->rwstate = SSL_X509_LOOKUP;
- return (-1);
- }
- s->rwstate = SSL_NOTHING;
- if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
- s->state = SSL3_ST_CW_CERT_B;
- if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey))
- i = 0;
- } else if (i == 1) {
- i = 0;
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE,
- SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
- }
-
- if (x509 != NULL)
- X509_free(x509);
- if (pkey != NULL)
- EVP_PKEY_free(pkey);
- if (i == 0) {
- if (s->version == SSL3_VERSION) {
- s->s3->tmp.cert_req = 0;
- ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
- return (1);
- } else {
- s->s3->tmp.cert_req = 2;
- }
- }
-
- /* Ok, we have a cert */
- s->state = SSL3_ST_CW_CERT_C;
- }
-
- if (s->state == SSL3_ST_CW_CERT_C) {
- s->state = SSL3_ST_CW_CERT_D;
- l = dtls1_output_cert_chain(s,
- (s->s3->tmp.cert_req ==
- 2) ? NULL : s->cert->key->x509);
- if (!l) {
- SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- return 0;
- }
- s->init_num = (int)l;
- s->init_off = 0;
-
- /* set header called by dtls1_output_cert_chain() */
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
- /* SSL3_ST_CW_CERT_D */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c (from rev 11605, vendor-crypto/openssl/dist/ssl/d1_clnt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1714 @@
+/* ssl/d1_clnt.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_KRB5
+# include "kssl_lcl.h"
+#endif
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+static const SSL_METHOD *dtls1_get_client_method(int ver);
+static int dtls1_get_hello_verify(SSL *s);
+
+static const SSL_METHOD *dtls1_get_client_method(int ver)
+{
+ if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
+ return (DTLSv1_client_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_dtls1_meth_func(DTLSv1_client_method,
+ ssl_undefined_function,
+ dtls1_connect, dtls1_get_client_method)
+
+int dtls1_connect(SSL *s)
+{
+ BUF_MEM *buf = NULL;
+ unsigned long Time = (unsigned long)time(NULL);
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int ret = -1;
+ int new_state, state, skip = 0;
+#ifndef OPENSSL_NO_SCTP
+ unsigned char sctpauthkey[64];
+ char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
+
+ RAND_add(&Time, sizeof(Time), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to enter handshake mode and prevent stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_RENEGOTIATE:
+ s->renegotiate = 1;
+ s->state = SSL_ST_CONNECT;
+ s->ctx->stats.sess_connect_renegotiate++;
+ /* break */
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE | SSL_ST_CONNECT:
+ case SSL_ST_OK | SSL_ST_CONNECT:
+
+ s->server = 0;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
+ (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
+ SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ /* s->version=SSL3_VERSION; */
+ s->type = SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ s->init_buf = buf;
+ buf = NULL;
+ }
+
+ if (!ssl3_setup_buffers(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ /* setup buffing BIO */
+ if (!ssl_init_wbio_buffer(s, 0)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ /* don't push the buffering BIO quite yet */
+
+ s->state = SSL3_ST_CW_CLNT_HELLO_A;
+ s->ctx->stats.sess_connect++;
+ s->init_num = 0;
+ /* mark client_random uninitialized */
+ memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
+ s->d1->send_cookie = 0;
+ s->hit = 0;
+ s->d1->change_cipher_spec_ok = 0;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
+ break;
+
+#ifndef OPENSSL_NO_SCTP
+ case DTLS1_SCTP_ST_CR_READ_SOCK:
+
+ if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case DTLS1_SCTP_ST_CW_WRITE_SOCK:
+ /* read app data until dry event */
+
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0)
+ goto end;
+
+ if (ret == 0) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state = s->d1->next_state;
+ break;
+#endif
+
+ case SSL3_ST_CW_CLNT_HELLO_A:
+ s->shutdown = 0;
+
+ /* every DTLS ClientHello resets Finished MAC */
+ ssl3_init_finished_mac(s);
+
+ case SSL3_ST_CW_CLNT_HELLO_B:
+ dtls1_start_timer(s);
+ ret = dtls1_client_hello(s);
+ if (ret <= 0)
+ goto end;
+
+ if (s->d1->send_cookie) {
+ s->state = SSL3_ST_CW_FLUSH;
+ s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
+ } else
+ s->state = SSL3_ST_CR_SRVR_HELLO_A;
+
+ s->init_num = 0;
+
+#ifndef OPENSSL_NO_SCTP
+ /* Disable buffering for SCTP */
+ if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+#endif
+ /*
+ * turn on buffering for the next lot of output
+ */
+ if (s->bbio != s->wbio)
+ s->wbio = BIO_push(s->bbio, s->wbio);
+#ifndef OPENSSL_NO_SCTP
+ }
+#endif
+
+ break;
+
+ case SSL3_ST_CR_SRVR_HELLO_A:
+ case SSL3_ST_CR_SRVR_HELLO_B:
+ ret = ssl3_get_server_hello(s);
+ if (ret <= 0)
+ goto end;
+ else {
+ if (s->hit) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ snprintf((char *)labelbuffer,
+ sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ if (SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey),
+ labelbuffer,
+ sizeof(labelbuffer), NULL, 0,
+ 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ BIO_ctrl(SSL_get_wbio(s),
+ BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+ s->state = SSL3_ST_CR_FINISHED_A;
+ if (s->tlsext_ticket_expected) {
+ /* receive renewed session ticket */
+ s->state = SSL3_ST_CR_SESSION_TICKET_A;
+ }
+ } else
+ s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
+ }
+ s->init_num = 0;
+ break;
+
+ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
+ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
+
+ ret = dtls1_get_hello_verify(s);
+ if (ret <= 0)
+ goto end;
+ dtls1_stop_timer(s);
+ if (s->d1->send_cookie) /* start again, with a cookie */
+ s->state = SSL3_ST_CW_CLNT_HELLO_A;
+ else
+ s->state = SSL3_ST_CR_CERT_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_CERT_A:
+ case SSL3_ST_CR_CERT_B:
+ /* Check if it is anon DH or PSK */
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+ !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ ret = ssl3_get_server_certificate(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_status_expected)
+ s->state = SSL3_ST_CR_CERT_STATUS_A;
+ else
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+ } else {
+ skip = 1;
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+ }
+#else
+ } else
+ skip = 1;
+
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+#endif
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_KEY_EXCH_A:
+ case SSL3_ST_CR_KEY_EXCH_B:
+ ret = ssl3_get_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_CERT_REQ_A;
+ s->init_num = 0;
+
+ /*
+ * at this point we check that we have the required stuff from
+ * the server
+ */
+ if (!ssl3_check_cert_and_algorithm(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ break;
+
+ case SSL3_ST_CR_CERT_REQ_A:
+ case SSL3_ST_CR_CERT_REQ_B:
+ ret = ssl3_get_certificate_request(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_SRVR_DONE_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_SRVR_DONE_A:
+ case SSL3_ST_CR_SRVR_DONE_B:
+ ret = ssl3_get_server_done(s);
+ if (ret <= 0)
+ goto end;
+ dtls1_stop_timer(s);
+ if (s->s3->tmp.cert_req)
+ s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
+ else
+ s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num = 0;
+
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
+ else
+#endif
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case SSL3_ST_CW_CERT_A:
+ case SSL3_ST_CW_CERT_B:
+ case SSL3_ST_CW_CERT_C:
+ case SSL3_ST_CW_CERT_D:
+ dtls1_start_timer(s);
+ ret = dtls1_send_client_certificate(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_KEY_EXCH_A:
+ case SSL3_ST_CW_KEY_EXCH_B:
+ dtls1_start_timer(s);
+ ret = dtls1_send_client_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+ * used.
+ */
+ snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ if (SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+ /*
+ * EAY EAY EAY need to check for DH fix cert sent back
+ */
+ /*
+ * For TLS, cert_req is set to 2, so a cert chain of nothing is
+ * sent, but no verify packet is sent
+ */
+ if (s->s3->tmp.cert_req == 1) {
+ s->state = SSL3_ST_CW_CERT_VRFY_A;
+ } else {
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_CW_CHANGE_A;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ } else
+#endif
+ s->state = SSL3_ST_CW_CHANGE_A;
+ }
+
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_CERT_VRFY_A:
+ case SSL3_ST_CW_CERT_VRFY_B:
+ dtls1_start_timer(s);
+ ret = dtls1_send_client_verify(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_CW_CHANGE_A;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ } else
+#endif
+ s->state = SSL3_ST_CW_CHANGE_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_CHANGE_A:
+ case SSL3_ST_CW_CHANGE_B:
+ if (!s->hit)
+ dtls1_start_timer(s);
+ ret = dtls1_send_change_cipher_spec(s,
+ SSL3_ST_CW_CHANGE_A,
+ SSL3_ST_CW_CHANGE_B);
+ if (ret <= 0)
+ goto end;
+
+ s->state = SSL3_ST_CW_FINISHED_A;
+ s->init_num = 0;
+
+ s->session->cipher = s->s3->tmp.new_cipher;
+#ifdef OPENSSL_NO_COMP
+ s->session->compress_meth = 0;
+#else
+ if (s->s3->tmp.new_compression == NULL)
+ s->session->compress_meth = 0;
+ else
+ s->session->compress_meth = s->s3->tmp.new_compression->id;
+#endif
+ if (!s->method->ssl3_enc->setup_key_block(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+ {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+#ifndef OPENSSL_NO_SCTP
+ if (s->hit) {
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+ }
+#endif
+
+ dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
+ break;
+
+ case SSL3_ST_CW_FINISHED_A:
+ case SSL3_ST_CW_FINISHED_B:
+ if (!s->hit)
+ dtls1_start_timer(s);
+ ret = dtls1_send_finished(s,
+ SSL3_ST_CW_FINISHED_A,
+ SSL3_ST_CW_FINISHED_B,
+ s->method->
+ ssl3_enc->client_finished_label,
+ s->method->
+ ssl3_enc->client_finished_label_len);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_FLUSH;
+
+ /* clear flags */
+ s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
+ if (s->hit) {
+ s->s3->tmp.next_state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
+ if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
+ s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL_ST_OK;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
+ s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
+ s->s3->delay_buf_pop_ret = 0;
+ }
+ } else {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+ /*
+ * Allow NewSessionTicket if ticket expected
+ */
+ if (s->tlsext_ticket_expected)
+ s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
+ else
+#endif
+
+ s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
+ }
+ s->init_num = 0;
+ break;
+
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL3_ST_CR_SESSION_TICKET_A:
+ case SSL3_ST_CR_SESSION_TICKET_B:
+ ret = ssl3_get_new_session_ticket(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_FINISHED_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_CERT_STATUS_A:
+ case SSL3_ST_CR_CERT_STATUS_B:
+ ret = ssl3_get_cert_status(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+ s->init_num = 0;
+ break;
+#endif
+
+ case SSL3_ST_CR_FINISHED_A:
+ case SSL3_ST_CR_FINISHED_B:
+ s->d1->change_cipher_spec_ok = 1;
+ ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
+ SSL3_ST_CR_FINISHED_B);
+ if (ret <= 0)
+ goto end;
+ dtls1_stop_timer(s);
+
+ if (s->hit)
+ s->state = SSL3_ST_CW_CHANGE_A;
+ else
+ s->state = SSL_ST_OK;
+
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE) {
+ s->d1->next_state = s->state;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
+
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_FLUSH:
+ s->rwstate = SSL_WRITING;
+ if (BIO_flush(s->wbio) <= 0) {
+ /*
+ * If the write error was fatal, stop trying
+ */
+ if (!BIO_should_retry(s->wbio)) {
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ }
+
+ ret = -1;
+ goto end;
+ }
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+#if 0
+ if (s->init_buf != NULL) {
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
+ }
+#endif
+
+ /*
+ * If we are not 'joining' the last two packets, remove the
+ * buffering now
+ */
+ if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+ ssl_free_wbio_buffer(s);
+ /* else do it later in ssl3_write */
+
+ s->init_num = 0;
+ s->renegotiate = 0;
+ s->new_session = 0;
+
+ ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
+ if (s->hit)
+ s->ctx->stats.sess_hit++;
+
+ ret = 1;
+ /* s->server=0; */
+ s->handshake_func = dtls1_connect;
+ s->ctx->stats.sess_connect_good++;
+
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+ /* done with handshaking */
+ s->d1->handshake_read_seq = 0;
+ s->d1->next_handshake_write_seq = 0;
+ dtls1_clear_received_buffer(s);
+ goto end;
+ /* break; */
+
+ case SSL_ST_ERR:
+ default:
+ SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
+ ret = -1;
+ goto end;
+ /* break; */
+ }
+
+ /* did we do anything */
+ if (!s->s3->tmp.reuse_message && !skip) {
+ if (s->debug) {
+ if ((ret = BIO_flush(s->wbio)) <= 0)
+ goto end;
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_CONNECT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ skip = 0;
+ }
+ end:
+ s->in_handshake--;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to leave handshake mode and allow stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
+ if (buf != NULL)
+ BUF_MEM_free(buf);
+ if (cb != NULL)
+ cb(s, SSL_CB_CONNECT_EXIT, ret);
+ return (ret);
+}
+
+int dtls1_client_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ unsigned int i, j;
+ unsigned long l;
+ SSL_COMP *comp;
+
+ buf = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
+ SSL_SESSION *sess = s->session;
+ if ((s->session == NULL) || (s->session->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+ !sess->session_id_length ||
+#else
+ (!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+ (s->session->not_resumable)) {
+ if (!ssl_get_new_session(s, 0))
+ goto err;
+ }
+ /* else use the pre-loaded session */
+
+ p = s->s3->client_random;
+
+ /*
+ * if client_random is initialized, reuse it, we are required to use
+ * same upon reply to HelloVerify
+ */
+ for (i = 0; p[i] == '\0' && i < sizeof(s->s3->client_random); i++) ;
+ if (i == sizeof(s->s3->client_random))
+ ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random));
+
+ /* Do the message type and length last */
+ d = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
+
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xff;
+ s->client_version = s->version;
+
+ /* Random stuff */
+ memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ /* Session ID */
+ if (s->new_session)
+ i = 0;
+ else
+ i = s->session->session_id_length;
+ *(p++) = i;
+ if (i != 0) {
+ if (i > sizeof s->session->session_id) {
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ memcpy(p, s->session->session_id, i);
+ p += i;
+ }
+
+ /* cookie stuff */
+ if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ *(p++) = s->d1->cookie_len;
+ memcpy(p, s->d1->cookie, s->d1->cookie_len);
+ p += s->d1->cookie_len;
+
+ /* Ciphers supported */
+ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
+ if (i == 0) {
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+ goto err;
+ }
+ s2n(i, p);
+ p += i;
+
+ /* COMPRESSION */
+ if (s->ctx->comp_methods == NULL)
+ j = 0;
+ else
+ j = sk_SSL_COMP_num(s->ctx->comp_methods);
+ *(p++) = 1 + j;
+ for (i = 0; i < j; i++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+ *(p++) = comp->id;
+ }
+ *(p++) = 0; /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
+ if ((p =
+ ssl_add_clienthello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
+ NULL) {
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+#endif
+
+ l = (p - d);
+ d = buf;
+
+ d = dtls1_set_message_header(s, d, SSL3_MT_CLIENT_HELLO, l, 0, l);
+
+ s->state = SSL3_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ return (-1);
+}
+
+static int dtls1_get_hello_verify(SSL *s)
+{
+ int n, al, ok = 0;
+ unsigned char *data;
+ unsigned int cookie_len;
+
+ n = s->method->ssl_get_message(s,
+ DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
+ DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
+ -1, s->max_cert_list, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
+ s->d1->send_cookie = 0;
+ s->s3->tmp.reuse_message = 1;
+ return (1);
+ }
+
+ data = (unsigned char *)s->init_msg;
+
+ if ((data[0] != (s->version >> 8)) || (data[1] != (s->version & 0xff))) {
+ SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
+ s->version = (s->version & 0xff00) | data[1];
+ al = SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+ data += 2;
+
+ cookie_len = *(data++);
+ if (cookie_len > sizeof(s->d1->cookie)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+ memcpy(s->d1->cookie, data, cookie_len);
+ s->d1->cookie_len = cookie_len;
+
+ s->d1->send_cookie = 1;
+ return 1;
+
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
+ return -1;
+}
+
+int dtls1_send_client_key_exchange(SSL *s)
+{
+ unsigned char *p, *d;
+ int n;
+ unsigned long alg_k;
+#ifndef OPENSSL_NO_RSA
+ unsigned char *q;
+ EVP_PKEY *pkey = NULL;
+#endif
+#ifndef OPENSSL_NO_KRB5
+ KSSL_ERR kssl_err;
+#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *clnt_ecdh = NULL;
+ const EC_POINT *srvr_ecpoint = NULL;
+ EVP_PKEY *srvr_pub_pkey = NULL;
+ unsigned char *encodedPoint = NULL;
+ int encoded_pt_len = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
+
+ if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[DTLS1_HM_HEADER_LENGTH]);
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+ /* Fool emacs indentation */
+ if (0) {
+ }
+#ifndef OPENSSL_NO_RSA
+ else if (alg_k & SSL_kRSA) {
+ RSA *rsa;
+ unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+
+ if (s->session->sess_cert == NULL) {
+ /*
+ * We should always have a server certificate with SSL_kRSA.
+ */
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (s->session->sess_cert->peer_rsa_tmp != NULL)
+ rsa = s->session->sess_cert->peer_rsa_tmp;
+ else {
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].
+ x509);
+ if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
+ || (pkey->pkey.rsa == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ rsa = pkey->pkey.rsa;
+ EVP_PKEY_free(pkey);
+ }
+
+ tmp_buf[0] = s->client_version >> 8;
+ tmp_buf[1] = s->client_version & 0xff;
+ if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+ goto err;
+
+ s->session->master_key_length = sizeof tmp_buf;
+
+ q = p;
+ /* Fix buf for TLS and [incidentally] DTLS */
+ if (s->version > SSL3_VERSION)
+ p += 2;
+ n = RSA_public_encrypt(sizeof tmp_buf,
+ tmp_buf, p, rsa, RSA_PKCS1_PADDING);
+# ifdef PKCS1_CHECK
+ if (s->options & SSL_OP_PKCS1_CHECK_1)
+ p[1]++;
+ if (s->options & SSL_OP_PKCS1_CHECK_2)
+ tmp_buf[0] = 0x70;
+# endif
+ if (n <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_RSA_ENCRYPT);
+ goto err;
+ }
+
+ /* Fix buf for TLS and [incidentally] DTLS */
+ if (s->version > SSL3_VERSION) {
+ s2n(n, q);
+ n += 2;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ tmp_buf,
+ sizeof tmp_buf);
+ OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+ }
+#endif
+#ifndef OPENSSL_NO_KRB5
+ else if (alg_k & SSL_kKRB5) {
+ krb5_error_code krb5rc;
+ KSSL_CTX *kssl_ctx = s->kssl_ctx;
+ /* krb5_data krb5_ap_req; */
+ krb5_data *enc_ticket;
+ krb5_data authenticator, *authp = NULL;
+ EVP_CIPHER_CTX ciph_ctx;
+ const EVP_CIPHER *enc = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+ unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
+ int padl, outl = sizeof(epms);
+
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+
+# ifdef KSSL_DEBUG
+ printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
+ alg_k, SSL_kKRB5);
+# endif /* KSSL_DEBUG */
+
+ authp = NULL;
+# ifdef KRB5SENDAUTH
+ if (KRB5SENDAUTH)
+ authp = &authenticator;
+# endif /* KRB5SENDAUTH */
+
+ krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp, &kssl_err);
+ enc = kssl_map_enc(kssl_ctx->enctype);
+ if (enc == NULL)
+ goto err;
+# ifdef KSSL_DEBUG
+ {
+ printf("kssl_cget_tkt rtn %d\n", krb5rc);
+ if (krb5rc && kssl_err.text)
+ printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
+ }
+# endif /* KSSL_DEBUG */
+
+ if (krb5rc) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+ goto err;
+ }
+
+ /*-
+ * 20010406 VRS - Earlier versions used KRB5 AP_REQ
+ ** in place of RFC 2712 KerberosWrapper, as in:
+ **
+ ** Send ticket (copy to *p, set n = length)
+ ** n = krb5_ap_req.length;
+ ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
+ ** if (krb5_ap_req.data)
+ ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
+ **
+ ** Now using real RFC 2712 KerberosWrapper
+ ** (Thanks to Simon Wilkinson <sxw at sxw.org.uk>)
+ ** Note: 2712 "opaque" types are here replaced
+ ** with a 2-byte length followed by the value.
+ ** Example:
+ ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
+ ** Where "xx xx" = length bytes. Shown here with
+ ** optional authenticator omitted.
+ */
+
+ /* KerberosWrapper.Ticket */
+ s2n(enc_ticket->length, p);
+ memcpy(p, enc_ticket->data, enc_ticket->length);
+ p += enc_ticket->length;
+ n = enc_ticket->length + 2;
+
+ /* KerberosWrapper.Authenticator */
+ if (authp && authp->length) {
+ s2n(authp->length, p);
+ memcpy(p, authp->data, authp->length);
+ p += authp->length;
+ n += authp->length + 2;
+
+ free(authp->data);
+ authp->data = NULL;
+ authp->length = 0;
+ } else {
+ s2n(0, p); /* null authenticator length */
+ n += 2;
+ }
+
+ if (RAND_bytes(tmp_buf, sizeof tmp_buf) <= 0)
+ goto err;
+
+ /*-
+ * 20010420 VRS. Tried it this way; failed.
+ * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+ * EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+ * kssl_ctx->length);
+ * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+ */
+
+ memset(iv, 0, sizeof iv); /* per RFC 1510 */
+ EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
+ EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
+ sizeof tmp_buf);
+ EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
+ outl += padl;
+ if (outl > (int)sizeof epms) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+ /* KerberosWrapper.EncryptedPreMasterSecret */
+ s2n(outl, p);
+ memcpy(p, epms, outl);
+ p += outl;
+ n += outl + 2;
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ tmp_buf,
+ sizeof tmp_buf);
+
+ OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+ OPENSSL_cleanse(epms, outl);
+ }
+#endif
+#ifndef OPENSSL_NO_DH
+ else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+ DH *dh_srvr, *dh_clnt;
+
+ if (s->session->sess_cert == NULL) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto err;
+ }
+
+ if (s->session->sess_cert->peer_dh_tmp != NULL)
+ dh_srvr = s->session->sess_cert->peer_dh_tmp;
+ else {
+ /* we get them from the cert */
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+ goto err;
+ }
+
+ /* generate a new random key */
+ if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+ if (!DH_generate_key(dh_clnt)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+
+ /*
+ * use the 'p' output buffer for the DH key, but make sure to
+ * clear it out afterwards
+ */
+
+ n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
+
+ if (n <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, n);
+ /* clean up */
+ memset(p, 0, n);
+
+ /* send off the data */
+ n = BN_num_bytes(dh_clnt->pub_key);
+ s2n(n, p);
+ BN_bn2bin(dh_clnt->pub_key, p);
+ n += 2;
+
+ DH_free(dh_clnt);
+
+ /* perhaps clean things up a bit EAY EAY EAY EAY */
+ }
+#endif
+#ifndef OPENSSL_NO_ECDH
+ else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
+ const EC_GROUP *srvr_group = NULL;
+ EC_KEY *tkey;
+ int ecdh_clnt_cert = 0;
+ int field_size = 0;
+
+ if (s->session->sess_cert == NULL) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto err;
+ }
+
+ /*
+ * Did we send out the client's ECDH share for use in premaster
+ * computation as part of client certificate? If so, set
+ * ecdh_clnt_cert to 1.
+ */
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
+ /*
+ * XXX: For now, we do not support client authentication
+ * using ECDH certificates. To add such support, one needs to
+ * add code that checks for appropriate conditions and sets
+ * ecdh_clnt_cert to 1. For example, the cert have an ECC key
+ * on the same curve as the server's and the key should be
+ * authorized for key agreement. One also needs to add code
+ * in ssl3_connect to skip sending the certificate verify
+ * message. if ((s->cert->key->privatekey != NULL) &&
+ * (s->cert->key->privatekey->type == EVP_PKEY_EC) && ...)
+ * ecdh_clnt_cert = 1;
+ */
+ }
+
+ if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
+ tkey = s->session->sess_cert->peer_ecdh_tmp;
+ } else {
+ /* Get the Server Public Key from Cert */
+ srvr_pub_pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+ if ((srvr_pub_pkey == NULL)
+ || (srvr_pub_pkey->type != EVP_PKEY_EC)
+ || (srvr_pub_pkey->pkey.ec == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ tkey = srvr_pub_pkey->pkey.ec;
+ }
+
+ srvr_group = EC_KEY_get0_group(tkey);
+ srvr_ecpoint = EC_KEY_get0_public_key(tkey);
+
+ if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if ((clnt_ecdh = EC_KEY_new()) == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (ecdh_clnt_cert) {
+ /*
+ * Reuse key info from our certificate We only need our
+ * private key to perform the ECDH computation.
+ */
+ const BIGNUM *priv_key;
+ tkey = s->cert->key->privatekey->pkey.ec;
+ priv_key = EC_KEY_get0_private_key(tkey);
+ if (priv_key == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ } else {
+ /* Generate a new ECDH key pair */
+ if (!(EC_KEY_generate_key(clnt_ecdh))) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ /*
+ * use the 'p' output buffer for the ECDH key, but make sure to
+ * clear it out afterwards
+ */
+
+ field_size = EC_GROUP_get_degree(srvr_group);
+ if (field_size <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
+ clnt_ecdh, NULL);
+ if (n <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, n);
+
+ memset(p, 0, n); /* clean up */
+
+ if (ecdh_clnt_cert) {
+ /* Send empty client key exch message */
+ n = 0;
+ } else {
+ /*
+ * First check the size of encoding and allocate memory
+ * accordingly.
+ */
+ encoded_pt_len =
+ EC_POINT_point2oct(srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Encode the public key */
+ n = EC_POINT_point2oct(srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encoded_pt_len, bn_ctx);
+
+ *p = n; /* length of encoded point */
+ /* Encoded point will be copied here */
+ p += 1;
+ /* copy the point */
+ memcpy((unsigned char *)p, encodedPoint, n);
+ /* increment n to account for length field */
+ n += 1;
+ }
+
+ /* Free allocated memory */
+ BN_CTX_free(bn_ctx);
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ if (clnt_ecdh != NULL)
+ EC_KEY_free(clnt_ecdh);
+ EVP_PKEY_free(srvr_pub_pkey);
+ }
+#endif /* !OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_PSK
+ else if (alg_k & SSL_kPSK) {
+ char identity[PSK_MAX_IDENTITY_LEN];
+ unsigned char *t = NULL;
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+ unsigned int pre_ms_len = 0, psk_len = 0;
+ int psk_err = 1;
+
+ n = 0;
+ if (s->psk_client_callback == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_NO_CLIENT_CB);
+ goto err;
+ }
+
+ psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+ identity, PSK_MAX_IDENTITY_LEN,
+ psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
+ if (psk_len > PSK_MAX_PSK_LEN) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ } else if (psk_len == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
+ goto psk_err;
+ }
+
+ /* create PSK pre_master_secret */
+ pre_ms_len = 2 + psk_len + 2 + psk_len;
+ t = psk_or_pre_ms;
+ memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ s2n(psk_len, t);
+ memset(t, 0, psk_len);
+ t += psk_len;
+ s2n(psk_len, t);
+
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ s->session->psk_identity_hint =
+ BUF_strdup(s->ctx->psk_identity_hint);
+ if (s->ctx->psk_identity_hint != NULL
+ && s->session->psk_identity_hint == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ if (s->session->psk_identity != NULL)
+ OPENSSL_free(s->session->psk_identity);
+ s->session->psk_identity = BUF_strdup(identity);
+ if (s->session->psk_identity == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ psk_or_pre_ms,
+ pre_ms_len);
+ n = strlen(identity);
+ s2n(n, p);
+ memcpy(p, identity, n);
+ n += 2;
+ psk_err = 0;
+ psk_err:
+ OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ if (psk_err != 0) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ goto err;
+ }
+ }
+#endif
+ else {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ d = dtls1_set_message_header(s, d,
+ SSL3_MT_CLIENT_KEY_EXCHANGE, n, 0, n);
+ /*-
+ *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
+ l2n3(n,d);
+ l2n(s->d1->handshake_write_seq,d);
+ s->d1->handshake_write_seq++;
+ */
+
+ s->state = SSL3_ST_CW_KEY_EXCH_B;
+ /* number of bytes to write */
+ s->init_num = n + DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ /* SSL3_ST_CW_KEY_EXCH_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+#ifndef OPENSSL_NO_ECDH
+ BN_CTX_free(bn_ctx);
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ if (clnt_ecdh != NULL)
+ EC_KEY_free(clnt_ecdh);
+ EVP_PKEY_free(srvr_pub_pkey);
+#endif
+ return (-1);
+}
+
+int dtls1_send_client_verify(SSL *s)
+{
+ unsigned char *p, *d;
+ unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+ EVP_PKEY *pkey;
+#ifndef OPENSSL_NO_RSA
+ unsigned u = 0;
+#endif
+ unsigned long n;
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+ int j;
+#endif
+
+ if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[DTLS1_HM_HEADER_LENGTH]);
+ pkey = s->cert->key->privatekey;
+
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_sha1,
+ &(data[MD5_DIGEST_LENGTH]));
+
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA) {
+ s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
+ if (RSA_sign(NID_md5_sha1, data,
+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+ &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
+ goto err;
+ }
+ s2n(u, p);
+ n = u + 2;
+ } else
+#endif
+#ifndef OPENSSL_NO_DSA
+ if (pkey->type == EVP_PKEY_DSA) {
+ if (!DSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, &(p[2]),
+ (unsigned int *)&j, pkey->pkey.dsa)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
+ goto err;
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC) {
+ if (!ECDSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, &(p[2]),
+ (unsigned int *)&j, pkey->pkey.ec)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
+ goto err;
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else
+#endif
+ {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ d = dtls1_set_message_header(s, d,
+ SSL3_MT_CERTIFICATE_VERIFY, n, 0, n);
+
+ s->init_num = (int)n + DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+
+ s->state = SSL3_ST_CW_CERT_VRFY_B;
+ }
+
+ /* s->state = SSL3_ST_CW_CERT_VRFY_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ return (-1);
+}
+
+int dtls1_send_client_certificate(SSL *s)
+{
+ X509 *x509 = NULL;
+ EVP_PKEY *pkey = NULL;
+ int i;
+ unsigned long l;
+
+ if (s->state == SSL3_ST_CW_CERT_A) {
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL))
+ s->state = SSL3_ST_CW_CERT_B;
+ else
+ s->state = SSL3_ST_CW_CERT_C;
+ }
+
+ /* We need to get a client cert */
+ if (s->state == SSL3_ST_CW_CERT_B) {
+ /*
+ * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP;
+ * return(-1); We then get retied later
+ */
+ i = 0;
+ i = ssl_do_client_cert_cb(s, &x509, &pkey);
+ if (i < 0) {
+ s->rwstate = SSL_X509_LOOKUP;
+ return (-1);
+ }
+ s->rwstate = SSL_NOTHING;
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
+ s->state = SSL3_ST_CW_CERT_B;
+ if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey))
+ i = 0;
+ } else if (i == 1) {
+ i = 0;
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE,
+ SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ }
+
+ if (x509 != NULL)
+ X509_free(x509);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if (i == 0) {
+ if (s->version == SSL3_VERSION) {
+ s->s3->tmp.cert_req = 0;
+ ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
+ return (1);
+ } else {
+ s->s3->tmp.cert_req = 2;
+ }
+ }
+
+ /* Ok, we have a cert */
+ s->state = SSL3_ST_CW_CERT_C;
+ }
+
+ if (s->state == SSL3_ST_CW_CERT_C) {
+ s->state = SSL3_ST_CW_CERT_D;
+ l = dtls1_output_cert_chain(s,
+ (s->s3->tmp.cert_req ==
+ 2) ? NULL : s->cert->key->x509);
+ if (!l) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ return 0;
+ }
+ s->init_num = (int)l;
+ s->init_off = 0;
+
+ /* set header called by dtls1_output_cert_chain() */
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+ /* SSL3_ST_CW_CERT_D */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/d1_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,511 +0,0 @@
-/* ssl/d1_lib.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#define USE_SOCKETS
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
-# include <sys/timeb.h>
-#endif
-
-static void get_current_time(struct timeval *t);
-const char dtls1_version_str[] = "DTLSv1" OPENSSL_VERSION_PTEXT;
-int dtls1_listen(SSL *s, struct sockaddr *client);
-
-SSL3_ENC_METHOD DTLSv1_enc_data = {
- dtls1_enc,
- tls1_mac,
- tls1_setup_key_block,
- tls1_generate_master_secret,
- tls1_change_cipher_state,
- tls1_final_finish_mac,
- TLS1_FINISH_MAC_LENGTH,
- tls1_cert_verify_mac,
- TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
- TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
- tls1_alert_code,
- tls1_export_keying_material,
-};
-
-long dtls1_default_timeout(void)
-{
- /*
- * 2 hours, the 24 hours mentioned in the DTLSv1 spec is way too long for
- * http, the cache would over fill
- */
- return (60 * 60 * 2);
-}
-
-int dtls1_new(SSL *s)
-{
- DTLS1_STATE *d1;
-
- if (!ssl3_new(s))
- return (0);
- if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL)
- return (0);
- memset(d1, 0, sizeof *d1);
-
- /* d1->handshake_epoch=0; */
-
- d1->unprocessed_rcds.q = pqueue_new();
- d1->processed_rcds.q = pqueue_new();
- d1->buffered_messages = pqueue_new();
- d1->sent_messages = pqueue_new();
- d1->buffered_app_data.q = pqueue_new();
-
- if (s->server) {
- d1->cookie_len = sizeof(s->d1->cookie);
- }
-
- d1->link_mtu = 0;
- d1->mtu = 0;
-
- if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q
- || !d1->buffered_messages || !d1->sent_messages
- || !d1->buffered_app_data.q) {
- if (d1->unprocessed_rcds.q)
- pqueue_free(d1->unprocessed_rcds.q);
- if (d1->processed_rcds.q)
- pqueue_free(d1->processed_rcds.q);
- if (d1->buffered_messages)
- pqueue_free(d1->buffered_messages);
- if (d1->sent_messages)
- pqueue_free(d1->sent_messages);
- if (d1->buffered_app_data.q)
- pqueue_free(d1->buffered_app_data.q);
- OPENSSL_free(d1);
- return (0);
- }
-
- s->d1 = d1;
- s->method->ssl_clear(s);
- return (1);
-}
-
-static void dtls1_clear_queues(SSL *s)
-{
- pitem *item = NULL;
- hm_fragment *frag = NULL;
- DTLS1_RECORD_DATA *rdata;
-
- while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) {
- rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
- OPENSSL_free(item->data);
- pitem_free(item);
- }
-
- while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) {
- rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
- OPENSSL_free(item->data);
- pitem_free(item);
- }
-
- while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
- frag = (hm_fragment *)item->data;
- dtls1_hm_fragment_free(frag);
- pitem_free(item);
- }
-
- while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {
- frag = (hm_fragment *)item->data;
- dtls1_hm_fragment_free(frag);
- pitem_free(item);
- }
-
- while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) {
- rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
- OPENSSL_free(item->data);
- pitem_free(item);
- }
-}
-
-void dtls1_free(SSL *s)
-{
- ssl3_free(s);
-
- dtls1_clear_queues(s);
-
- pqueue_free(s->d1->unprocessed_rcds.q);
- pqueue_free(s->d1->processed_rcds.q);
- pqueue_free(s->d1->buffered_messages);
- pqueue_free(s->d1->sent_messages);
- pqueue_free(s->d1->buffered_app_data.q);
-
- OPENSSL_free(s->d1);
- s->d1 = NULL;
-}
-
-void dtls1_clear(SSL *s)
-{
- pqueue unprocessed_rcds;
- pqueue processed_rcds;
- pqueue buffered_messages;
- pqueue sent_messages;
- pqueue buffered_app_data;
- unsigned int mtu;
- unsigned int link_mtu;
-
- if (s->d1) {
- unprocessed_rcds = s->d1->unprocessed_rcds.q;
- processed_rcds = s->d1->processed_rcds.q;
- buffered_messages = s->d1->buffered_messages;
- sent_messages = s->d1->sent_messages;
- buffered_app_data = s->d1->buffered_app_data.q;
- mtu = s->d1->mtu;
- link_mtu = s->d1->link_mtu;
-
- dtls1_clear_queues(s);
-
- memset(s->d1, 0, sizeof(*(s->d1)));
-
- if (s->server) {
- s->d1->cookie_len = sizeof(s->d1->cookie);
- }
-
- if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {
- s->d1->mtu = mtu;
- s->d1->link_mtu = link_mtu;
- }
-
- s->d1->unprocessed_rcds.q = unprocessed_rcds;
- s->d1->processed_rcds.q = processed_rcds;
- s->d1->buffered_messages = buffered_messages;
- s->d1->sent_messages = sent_messages;
- s->d1->buffered_app_data.q = buffered_app_data;
- }
-
- ssl3_clear(s);
- if (s->options & SSL_OP_CISCO_ANYCONNECT)
- s->version = DTLS1_BAD_VER;
- else
- s->version = DTLS1_VERSION;
-}
-
-long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
- int ret = 0;
-
- switch (cmd) {
- case DTLS_CTRL_GET_TIMEOUT:
- if (dtls1_get_timeout(s, (struct timeval *)parg) != NULL) {
- ret = 1;
- }
- break;
- case DTLS_CTRL_HANDLE_TIMEOUT:
- ret = dtls1_handle_timeout(s);
- break;
- case DTLS_CTRL_LISTEN:
- ret = dtls1_listen(s, parg);
- break;
- case SSL_CTRL_CHECK_PROTO_VERSION:
- /*
- * For library-internal use; checks that the current protocol is the
- * highest enabled version (according to s->ctx->method, as version
- * negotiation may have changed s->method).
- */
-#if DTLS_MAX_VERSION != DTLS1_VERSION
-# error Code needs update for DTLS_method() support beyond DTLS1_VERSION.
-#endif
- /*
- * Just one protocol version is supported so far; fail closed if the
- * version is not as expected.
- */
- return s->version == DTLS_MAX_VERSION;
- case DTLS_CTRL_SET_LINK_MTU:
- if (larg < (long)dtls1_link_min_mtu())
- return 0;
- s->d1->link_mtu = larg;
- return 1;
- case DTLS_CTRL_GET_LINK_MIN_MTU:
- return (long)dtls1_link_min_mtu();
- case SSL_CTRL_SET_MTU:
- /*
- * We may not have a BIO set yet so can't call dtls1_min_mtu()
- * We'll have to make do with dtls1_link_min_mtu() and max overhead
- */
- if (larg < (long)dtls1_link_min_mtu() - DTLS1_MAX_MTU_OVERHEAD)
- return 0;
- s->d1->mtu = larg;
- return larg;
- default:
- ret = ssl3_ctrl(s, cmd, larg, parg);
- break;
- }
- return (ret);
-}
-
-/*
- * As it's impossible to use stream ciphers in "datagram" mode, this
- * simple filter is designed to disengage them in DTLS. Unfortunately
- * there is no universal way to identify stream SSL_CIPHER, so we have
- * to explicitly list their SSL_* codes. Currently RC4 is the only one
- * available, but if new ones emerge, they will have to be added...
- */
-const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
-{
- const SSL_CIPHER *ciph = ssl3_get_cipher(u);
-
- if (ciph != NULL) {
- if (ciph->algorithm_enc == SSL_RC4)
- return NULL;
- }
-
- return ciph;
-}
-
-void dtls1_start_timer(SSL *s)
-{
-#ifndef OPENSSL_NO_SCTP
- /* Disable timer for SCTP */
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
- return;
- }
-#endif
-
- /* If timer is not set, initialize duration with 1 second */
- if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
- s->d1->timeout_duration = 1;
- }
-
- /* Set timeout to current time */
- get_current_time(&(s->d1->next_timeout));
-
- /* Add duration to current time */
- s->d1->next_timeout.tv_sec += s->d1->timeout_duration;
- BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
- &(s->d1->next_timeout));
-}
-
-struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft)
-{
- struct timeval timenow;
-
- /* If no timeout is set, just return NULL */
- if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
- return NULL;
- }
-
- /* Get current time */
- get_current_time(&timenow);
-
- /* If timer already expired, set remaining time to 0 */
- if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||
- (s->d1->next_timeout.tv_sec == timenow.tv_sec &&
- s->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
- memset(timeleft, 0, sizeof(struct timeval));
- return timeleft;
- }
-
- /* Calculate time left until timer expires */
- memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
- timeleft->tv_sec -= timenow.tv_sec;
- timeleft->tv_usec -= timenow.tv_usec;
- if (timeleft->tv_usec < 0) {
- timeleft->tv_sec--;
- timeleft->tv_usec += 1000000;
- }
-
- /*
- * If remaining time is less than 15 ms, set it to 0 to prevent issues
- * because of small devergences with socket timeouts.
- */
- if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
- memset(timeleft, 0, sizeof(struct timeval));
- }
-
- return timeleft;
-}
-
-int dtls1_is_timer_expired(SSL *s)
-{
- struct timeval timeleft;
-
- /* Get time left until timeout, return false if no timer running */
- if (dtls1_get_timeout(s, &timeleft) == NULL) {
- return 0;
- }
-
- /* Return false if timer is not expired yet */
- if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
- return 0;
- }
-
- /* Timer expired, so return true */
- return 1;
-}
-
-void dtls1_double_timeout(SSL *s)
-{
- s->d1->timeout_duration *= 2;
- if (s->d1->timeout_duration > 60)
- s->d1->timeout_duration = 60;
- dtls1_start_timer(s);
-}
-
-void dtls1_stop_timer(SSL *s)
-{
- /* Reset everything */
- memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
- memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
- s->d1->timeout_duration = 1;
- BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
- &(s->d1->next_timeout));
- /* Clear retransmission buffer */
- dtls1_clear_record_buffer(s);
-}
-
-int dtls1_check_timeout_num(SSL *s)
-{
- unsigned int mtu;
-
- s->d1->timeout.num_alerts++;
-
- /* Reduce MTU after 2 unsuccessful retransmissions */
- if (s->d1->timeout.num_alerts > 2
- && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
- mtu =
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0,
- NULL);
- if (mtu < s->d1->mtu)
- s->d1->mtu = mtu;
- }
-
- if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
- /* fail the connection, enough alerts have been sent */
- SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM, SSL_R_READ_TIMEOUT_EXPIRED);
- return -1;
- }
-
- return 0;
-}
-
-int dtls1_handle_timeout(SSL *s)
-{
- /* if no timer is expired, don't do anything */
- if (!dtls1_is_timer_expired(s)) {
- return 0;
- }
-
- dtls1_double_timeout(s);
-
- if (dtls1_check_timeout_num(s) < 0)
- return -1;
-
- s->d1->timeout.read_timeouts++;
- if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
- s->d1->timeout.read_timeouts = 1;
- }
-#ifndef OPENSSL_NO_HEARTBEATS
- if (s->tlsext_hb_pending) {
- s->tlsext_hb_pending = 0;
- return dtls1_heartbeat(s);
- }
-#endif
-
- dtls1_start_timer(s);
- return dtls1_retransmit_buffered_messages(s);
-}
-
-static void get_current_time(struct timeval *t)
-{
-#ifdef OPENSSL_SYS_WIN32
- struct _timeb tb;
- _ftime(&tb);
- t->tv_sec = (long)tb.time;
- t->tv_usec = (long)tb.millitm * 1000;
-#elif defined(OPENSSL_SYS_VMS)
- struct timeb tb;
- ftime(&tb);
- t->tv_sec = (long)tb.time;
- t->tv_usec = (long)tb.millitm * 1000;
-#else
- gettimeofday(t, NULL);
-#endif
-}
-
-int dtls1_listen(SSL *s, struct sockaddr *client)
-{
- int ret;
-
- /* Ensure there is no state left over from a previous invocation */
- SSL_clear(s);
-
- SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
- s->d1->listen = 1;
-
- ret = SSL_accept(s);
- if (ret <= 0)
- return ret;
-
- (void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c (from rev 11605, vendor-crypto/openssl/dist/ssl/d1_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,526 @@
+/* ssl/d1_lib.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#define USE_SOCKETS
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
+# include <sys/timeb.h>
+#endif
+
+static void get_current_time(struct timeval *t);
+const char dtls1_version_str[] = "DTLSv1" OPENSSL_VERSION_PTEXT;
+int dtls1_listen(SSL *s, struct sockaddr *client);
+
+SSL3_ENC_METHOD DTLSv1_enc_data = {
+ dtls1_enc,
+ tls1_mac,
+ tls1_setup_key_block,
+ tls1_generate_master_secret,
+ tls1_change_cipher_state,
+ tls1_final_finish_mac,
+ TLS1_FINISH_MAC_LENGTH,
+ tls1_cert_verify_mac,
+ TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+ TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+ tls1_alert_code,
+ tls1_export_keying_material,
+};
+
+long dtls1_default_timeout(void)
+{
+ /*
+ * 2 hours, the 24 hours mentioned in the DTLSv1 spec is way too long for
+ * http, the cache would over fill
+ */
+ return (60 * 60 * 2);
+}
+
+int dtls1_new(SSL *s)
+{
+ DTLS1_STATE *d1;
+
+ if (!ssl3_new(s))
+ return (0);
+ if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL)
+ return (0);
+ memset(d1, 0, sizeof *d1);
+
+ /* d1->handshake_epoch=0; */
+
+ d1->unprocessed_rcds.q = pqueue_new();
+ d1->processed_rcds.q = pqueue_new();
+ d1->buffered_messages = pqueue_new();
+ d1->sent_messages = pqueue_new();
+ d1->buffered_app_data.q = pqueue_new();
+
+ if (s->server) {
+ d1->cookie_len = sizeof(s->d1->cookie);
+ }
+
+ d1->link_mtu = 0;
+ d1->mtu = 0;
+
+ if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q
+ || !d1->buffered_messages || !d1->sent_messages
+ || !d1->buffered_app_data.q) {
+ if (d1->unprocessed_rcds.q)
+ pqueue_free(d1->unprocessed_rcds.q);
+ if (d1->processed_rcds.q)
+ pqueue_free(d1->processed_rcds.q);
+ if (d1->buffered_messages)
+ pqueue_free(d1->buffered_messages);
+ if (d1->sent_messages)
+ pqueue_free(d1->sent_messages);
+ if (d1->buffered_app_data.q)
+ pqueue_free(d1->buffered_app_data.q);
+ OPENSSL_free(d1);
+ return (0);
+ }
+
+ s->d1 = d1;
+ s->method->ssl_clear(s);
+ return (1);
+}
+
+static void dtls1_clear_queues(SSL *s)
+{
+ pitem *item = NULL;
+ DTLS1_RECORD_DATA *rdata;
+
+ while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) {
+ rdata = (DTLS1_RECORD_DATA *)item->data;
+ if (rdata->rbuf.buf) {
+ OPENSSL_free(rdata->rbuf.buf);
+ }
+ OPENSSL_free(item->data);
+ pitem_free(item);
+ }
+
+ while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) {
+ rdata = (DTLS1_RECORD_DATA *)item->data;
+ if (rdata->rbuf.buf) {
+ OPENSSL_free(rdata->rbuf.buf);
+ }
+ OPENSSL_free(item->data);
+ pitem_free(item);
+ }
+
+ while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) {
+ rdata = (DTLS1_RECORD_DATA *)item->data;
+ if (rdata->rbuf.buf) {
+ OPENSSL_free(rdata->rbuf.buf);
+ }
+ OPENSSL_free(item->data);
+ pitem_free(item);
+ }
+
+ dtls1_clear_received_buffer(s);
+ dtls1_clear_sent_buffer(s);
+}
+
+void dtls1_clear_received_buffer(SSL *s)
+{
+ pitem *item = NULL;
+ hm_fragment *frag = NULL;
+
+ while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
+ frag = (hm_fragment *)item->data;
+ dtls1_hm_fragment_free(frag);
+ pitem_free(item);
+ }
+}
+
+void dtls1_clear_sent_buffer(SSL *s)
+{
+ pitem *item = NULL;
+ hm_fragment *frag = NULL;
+
+ while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {
+ frag = (hm_fragment *)item->data;
+ dtls1_hm_fragment_free(frag);
+ pitem_free(item);
+ }
+}
+
+
+void dtls1_free(SSL *s)
+{
+ ssl3_free(s);
+
+ dtls1_clear_queues(s);
+
+ pqueue_free(s->d1->unprocessed_rcds.q);
+ pqueue_free(s->d1->processed_rcds.q);
+ pqueue_free(s->d1->buffered_messages);
+ pqueue_free(s->d1->sent_messages);
+ pqueue_free(s->d1->buffered_app_data.q);
+
+ OPENSSL_free(s->d1);
+ s->d1 = NULL;
+}
+
+void dtls1_clear(SSL *s)
+{
+ pqueue unprocessed_rcds;
+ pqueue processed_rcds;
+ pqueue buffered_messages;
+ pqueue sent_messages;
+ pqueue buffered_app_data;
+ unsigned int mtu;
+ unsigned int link_mtu;
+
+ if (s->d1) {
+ unprocessed_rcds = s->d1->unprocessed_rcds.q;
+ processed_rcds = s->d1->processed_rcds.q;
+ buffered_messages = s->d1->buffered_messages;
+ sent_messages = s->d1->sent_messages;
+ buffered_app_data = s->d1->buffered_app_data.q;
+ mtu = s->d1->mtu;
+ link_mtu = s->d1->link_mtu;
+
+ dtls1_clear_queues(s);
+
+ memset(s->d1, 0, sizeof(*(s->d1)));
+
+ if (s->server) {
+ s->d1->cookie_len = sizeof(s->d1->cookie);
+ }
+
+ if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {
+ s->d1->mtu = mtu;
+ s->d1->link_mtu = link_mtu;
+ }
+
+ s->d1->unprocessed_rcds.q = unprocessed_rcds;
+ s->d1->processed_rcds.q = processed_rcds;
+ s->d1->buffered_messages = buffered_messages;
+ s->d1->sent_messages = sent_messages;
+ s->d1->buffered_app_data.q = buffered_app_data;
+ }
+
+ ssl3_clear(s);
+ if (s->options & SSL_OP_CISCO_ANYCONNECT)
+ s->version = DTLS1_BAD_VER;
+ else
+ s->version = DTLS1_VERSION;
+}
+
+long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+ int ret = 0;
+
+ switch (cmd) {
+ case DTLS_CTRL_GET_TIMEOUT:
+ if (dtls1_get_timeout(s, (struct timeval *)parg) != NULL) {
+ ret = 1;
+ }
+ break;
+ case DTLS_CTRL_HANDLE_TIMEOUT:
+ ret = dtls1_handle_timeout(s);
+ break;
+ case DTLS_CTRL_LISTEN:
+ ret = dtls1_listen(s, parg);
+ break;
+ case SSL_CTRL_CHECK_PROTO_VERSION:
+ /*
+ * For library-internal use; checks that the current protocol is the
+ * highest enabled version (according to s->ctx->method, as version
+ * negotiation may have changed s->method).
+ */
+#if DTLS_MAX_VERSION != DTLS1_VERSION
+# error Code needs update for DTLS_method() support beyond DTLS1_VERSION.
+#endif
+ /*
+ * Just one protocol version is supported so far; fail closed if the
+ * version is not as expected.
+ */
+ return s->version == DTLS_MAX_VERSION;
+ case DTLS_CTRL_SET_LINK_MTU:
+ if (larg < (long)dtls1_link_min_mtu())
+ return 0;
+ s->d1->link_mtu = larg;
+ return 1;
+ case DTLS_CTRL_GET_LINK_MIN_MTU:
+ return (long)dtls1_link_min_mtu();
+ case SSL_CTRL_SET_MTU:
+ /*
+ * We may not have a BIO set yet so can't call dtls1_min_mtu()
+ * We'll have to make do with dtls1_link_min_mtu() and max overhead
+ */
+ if (larg < (long)dtls1_link_min_mtu() - DTLS1_MAX_MTU_OVERHEAD)
+ return 0;
+ s->d1->mtu = larg;
+ return larg;
+ default:
+ ret = ssl3_ctrl(s, cmd, larg, parg);
+ break;
+ }
+ return (ret);
+}
+
+/*
+ * As it's impossible to use stream ciphers in "datagram" mode, this
+ * simple filter is designed to disengage them in DTLS. Unfortunately
+ * there is no universal way to identify stream SSL_CIPHER, so we have
+ * to explicitly list their SSL_* codes. Currently RC4 is the only one
+ * available, but if new ones emerge, they will have to be added...
+ */
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
+{
+ const SSL_CIPHER *ciph = ssl3_get_cipher(u);
+
+ if (ciph != NULL) {
+ if (ciph->algorithm_enc == SSL_RC4)
+ return NULL;
+ }
+
+ return ciph;
+}
+
+void dtls1_start_timer(SSL *s)
+{
+#ifndef OPENSSL_NO_SCTP
+ /* Disable timer for SCTP */
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+ return;
+ }
+#endif
+
+ /* If timer is not set, initialize duration with 1 second */
+ if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
+ s->d1->timeout_duration = 1;
+ }
+
+ /* Set timeout to current time */
+ get_current_time(&(s->d1->next_timeout));
+
+ /* Add duration to current time */
+ s->d1->next_timeout.tv_sec += s->d1->timeout_duration;
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
+ &(s->d1->next_timeout));
+}
+
+struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft)
+{
+ struct timeval timenow;
+
+ /* If no timeout is set, just return NULL */
+ if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
+ return NULL;
+ }
+
+ /* Get current time */
+ get_current_time(&timenow);
+
+ /* If timer already expired, set remaining time to 0 */
+ if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||
+ (s->d1->next_timeout.tv_sec == timenow.tv_sec &&
+ s->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
+ memset(timeleft, 0, sizeof(struct timeval));
+ return timeleft;
+ }
+
+ /* Calculate time left until timer expires */
+ memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
+ timeleft->tv_sec -= timenow.tv_sec;
+ timeleft->tv_usec -= timenow.tv_usec;
+ if (timeleft->tv_usec < 0) {
+ timeleft->tv_sec--;
+ timeleft->tv_usec += 1000000;
+ }
+
+ /*
+ * If remaining time is less than 15 ms, set it to 0 to prevent issues
+ * because of small devergences with socket timeouts.
+ */
+ if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
+ memset(timeleft, 0, sizeof(struct timeval));
+ }
+
+ return timeleft;
+}
+
+int dtls1_is_timer_expired(SSL *s)
+{
+ struct timeval timeleft;
+
+ /* Get time left until timeout, return false if no timer running */
+ if (dtls1_get_timeout(s, &timeleft) == NULL) {
+ return 0;
+ }
+
+ /* Return false if timer is not expired yet */
+ if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
+ return 0;
+ }
+
+ /* Timer expired, so return true */
+ return 1;
+}
+
+void dtls1_double_timeout(SSL *s)
+{
+ s->d1->timeout_duration *= 2;
+ if (s->d1->timeout_duration > 60)
+ s->d1->timeout_duration = 60;
+ dtls1_start_timer(s);
+}
+
+void dtls1_stop_timer(SSL *s)
+{
+ /* Reset everything */
+ memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
+ memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+ s->d1->timeout_duration = 1;
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
+ &(s->d1->next_timeout));
+ /* Clear retransmission buffer */
+ dtls1_clear_sent_buffer(s);
+}
+
+int dtls1_check_timeout_num(SSL *s)
+{
+ unsigned int mtu;
+
+ s->d1->timeout.num_alerts++;
+
+ /* Reduce MTU after 2 unsuccessful retransmissions */
+ if (s->d1->timeout.num_alerts > 2
+ && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ mtu =
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0,
+ NULL);
+ if (mtu < s->d1->mtu)
+ s->d1->mtu = mtu;
+ }
+
+ if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
+ /* fail the connection, enough alerts have been sent */
+ SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM, SSL_R_READ_TIMEOUT_EXPIRED);
+ return -1;
+ }
+
+ return 0;
+}
+
+int dtls1_handle_timeout(SSL *s)
+{
+ /* if no timer is expired, don't do anything */
+ if (!dtls1_is_timer_expired(s)) {
+ return 0;
+ }
+
+ dtls1_double_timeout(s);
+
+ if (dtls1_check_timeout_num(s) < 0)
+ return -1;
+
+ s->d1->timeout.read_timeouts++;
+ if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
+ s->d1->timeout.read_timeouts = 1;
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ if (s->tlsext_hb_pending) {
+ s->tlsext_hb_pending = 0;
+ return dtls1_heartbeat(s);
+ }
+#endif
+
+ dtls1_start_timer(s);
+ return dtls1_retransmit_buffered_messages(s);
+}
+
+static void get_current_time(struct timeval *t)
+{
+#ifdef OPENSSL_SYS_WIN32
+ struct _timeb tb;
+ _ftime(&tb);
+ t->tv_sec = (long)tb.time;
+ t->tv_usec = (long)tb.millitm * 1000;
+#elif defined(OPENSSL_SYS_VMS)
+ struct timeb tb;
+ ftime(&tb);
+ t->tv_sec = (long)tb.time;
+ t->tv_usec = (long)tb.millitm * 1000;
+#else
+ gettimeofday(t, NULL);
+#endif
+}
+
+int dtls1_listen(SSL *s, struct sockaddr *client)
+{
+ int ret;
+
+ /* Ensure there is no state left over from a previous invocation */
+ SSL_clear(s);
+
+ SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
+ s->d1->listen = 1;
+
+ ret = SSL_accept(s);
+ if (ret <= 0)
+ return ret;
+
+ (void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/d1_pkt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1905 +0,0 @@
-/* ssl/d1_pkt.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include <openssl/pqueue.h>
-#include <openssl/rand.h>
-
-/* mod 128 saturating subtract of two 64-bit values in big-endian order */
-static int satsub64be(const unsigned char *v1, const unsigned char *v2)
-{
- int ret, sat, brw, i;
-
- if (sizeof(long) == 8)
- do {
- const union {
- long one;
- char little;
- } is_endian = {
- 1
- };
- long l;
-
- if (is_endian.little)
- break;
- /* not reached on little-endians */
- /*
- * following test is redundant, because input is always aligned,
- * but I take no chances...
- */
- if (((size_t)v1 | (size_t)v2) & 0x7)
- break;
-
- l = *((long *)v1);
- l -= *((long *)v2);
- if (l > 128)
- return 128;
- else if (l < -128)
- return -128;
- else
- return (int)l;
- } while (0);
-
- ret = (int)v1[7] - (int)v2[7];
- sat = 0;
- brw = ret >> 8; /* brw is either 0 or -1 */
- if (ret & 0x80) {
- for (i = 6; i >= 0; i--) {
- brw += (int)v1[i] - (int)v2[i];
- sat |= ~brw;
- brw >>= 8;
- }
- } else {
- for (i = 6; i >= 0; i--) {
- brw += (int)v1[i] - (int)v2[i];
- sat |= brw;
- brw >>= 8;
- }
- }
- brw <<= 8; /* brw is either 0 or -256 */
-
- if (sat & 0xff)
- return brw | 0x80;
- else
- return brw + (ret & 0xFF);
-}
-
-static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
- int len, int peek);
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
-static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
-static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
- unsigned int *is_next_epoch);
-#if 0
-static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
- unsigned short *priority,
- unsigned long *offset);
-#endif
-static int dtls1_buffer_record(SSL *s, record_pqueue *q,
- unsigned char *priority);
-static int dtls1_process_record(SSL *s);
-
-/* copy buffered record into SSL structure */
-static int dtls1_copy_record(SSL *s, pitem *item)
-{
- DTLS1_RECORD_DATA *rdata;
-
- rdata = (DTLS1_RECORD_DATA *)item->data;
-
- if (s->s3->rbuf.buf != NULL)
- OPENSSL_free(s->s3->rbuf.buf);
-
- s->packet = rdata->packet;
- s->packet_length = rdata->packet_length;
- memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
- memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
-
- /* Set proper sequence number for mac calculation */
- memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6);
-
- return (1);
-}
-
-static int
-dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
-{
- DTLS1_RECORD_DATA *rdata;
- pitem *item;
-
- /* Limit the size of the queue to prevent DOS attacks */
- if (pqueue_size(queue->q) >= 100)
- return 0;
-
- rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
- item = pitem_new(priority, rdata);
- if (rdata == NULL || item == NULL) {
- if (rdata != NULL)
- OPENSSL_free(rdata);
- if (item != NULL)
- pitem_free(item);
-
- SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
- return -1;
- }
-
- rdata->packet = s->packet;
- rdata->packet_length = s->packet_length;
- memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
- memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
-
- item->data = rdata;
-
-#ifndef OPENSSL_NO_SCTP
- /* Store bio_dgram_sctp_rcvinfo struct */
- if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
- (s->state == SSL3_ST_SR_FINISHED_A
- || s->state == SSL3_ST_CR_FINISHED_A)) {
- BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
- sizeof(rdata->recordinfo), &rdata->recordinfo);
- }
-#endif
-
- s->packet = NULL;
- s->packet_length = 0;
- memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
- memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
-
- if (!ssl3_setup_buffers(s)) {
- SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
- if (rdata->rbuf.buf != NULL)
- OPENSSL_free(rdata->rbuf.buf);
- OPENSSL_free(rdata);
- pitem_free(item);
- return (-1);
- }
-
- /* insert should not fail, since duplicates are dropped */
- if (pqueue_insert(queue->q, item) == NULL) {
- SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
- if (rdata->rbuf.buf != NULL)
- OPENSSL_free(rdata->rbuf.buf);
- OPENSSL_free(rdata);
- pitem_free(item);
- return (-1);
- }
-
- return (1);
-}
-
-static int dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue)
-{
- pitem *item;
-
- item = pqueue_pop(queue->q);
- if (item) {
- dtls1_copy_record(s, item);
-
- OPENSSL_free(item->data);
- pitem_free(item);
-
- return (1);
- }
-
- return (0);
-}
-
-/*
- * retrieve a buffered record that belongs to the new epoch, i.e., not
- * processed yet
- */
-#define dtls1_get_unprocessed_record(s) \
- dtls1_retrieve_buffered_record((s), \
- &((s)->d1->unprocessed_rcds))
-
-/*
- * retrieve a buffered record that belongs to the current epoch, ie,
- * processed
- */
-#define dtls1_get_processed_record(s) \
- dtls1_retrieve_buffered_record((s), \
- &((s)->d1->processed_rcds))
-
-static int dtls1_process_buffered_records(SSL *s)
-{
- pitem *item;
-
- item = pqueue_peek(s->d1->unprocessed_rcds.q);
- if (item) {
- /* Check if epoch is current. */
- if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
- return (1); /* Nothing to do. */
-
- /* Process all the records. */
- while (pqueue_peek(s->d1->unprocessed_rcds.q)) {
- dtls1_get_unprocessed_record(s);
- if (!dtls1_process_record(s))
- return (0);
- if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
- s->s3->rrec.seq_num) < 0)
- return -1;
- }
- }
-
- /*
- * sync epoch numbers once all the unprocessed records have been
- * processed
- */
- s->d1->processed_rcds.epoch = s->d1->r_epoch;
- s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
-
- return (1);
-}
-
-#if 0
-
-static int dtls1_get_buffered_record(SSL *s)
-{
- pitem *item;
- PQ_64BIT priority =
- (((PQ_64BIT) s->d1->handshake_read_seq) << 32) |
- ((PQ_64BIT) s->d1->r_msg_hdr.frag_off);
-
- /* if we're not (re)negotiating, nothing buffered */
- if (!SSL_in_init(s))
- return 0;
-
- item = pqueue_peek(s->d1->rcvd_records);
- if (item && item->priority == priority) {
- /*
- * Check if we've received the record of interest. It must be a
- * handshake record, since data records as passed up without
- * buffering
- */
- DTLS1_RECORD_DATA *rdata;
- item = pqueue_pop(s->d1->rcvd_records);
- rdata = (DTLS1_RECORD_DATA *)item->data;
-
- if (s->s3->rbuf.buf != NULL)
- OPENSSL_free(s->s3->rbuf.buf);
-
- s->packet = rdata->packet;
- s->packet_length = rdata->packet_length;
- memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
- memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
-
- OPENSSL_free(item->data);
- pitem_free(item);
-
- /* s->d1->next_expected_seq_num++; */
- return (1);
- }
-
- return 0;
-}
-
-#endif
-
-static int dtls1_process_record(SSL *s)
-{
- int i, al;
- int enc_err;
- SSL_SESSION *sess;
- SSL3_RECORD *rr;
- unsigned int mac_size, orig_len;
- unsigned char md[EVP_MAX_MD_SIZE];
-
- rr = &(s->s3->rrec);
- sess = s->session;
-
- /*
- * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
- * and we have that many bytes in s->packet
- */
- rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
-
- /*
- * ok, we can now read from 's->packet' data into 'rr' rr->input points
- * at rr->length bytes, which need to be copied into rr->data by either
- * the decryption or by the decompression When the data is 'copied' into
- * the rr->data buffer, rr->input will be pointed at the new buffer
- */
-
- /*
- * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
- * bytes of encrypted compressed stuff.
- */
-
- /* check is not needed I believe */
- if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
- al = SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
- goto f_err;
- }
-
- /* decrypt in place in 'rr->input' */
- rr->data = rr->input;
-
- enc_err = s->method->ssl3_enc->enc(s, 0);
- /*-
- * enc_err is:
- * 0: (in non-constant time) if the record is publically invalid.
- * 1: if the padding is valid
- * -1: if the padding is invalid
- */
- if (enc_err == 0) {
- /* For DTLS we simply ignore bad packets. */
- rr->length = 0;
- s->packet_length = 0;
- goto err;
- }
-#ifdef TLS_DEBUG
- printf("dec %d\n", rr->length);
- {
- unsigned int z;
- for (z = 0; z < rr->length; z++)
- printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
- }
- printf("\n");
-#endif
-
- /* r->length is now the compressed data plus mac */
- if ((sess != NULL) &&
- (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
- /* s->read_hash != NULL => mac_size != -1 */
- unsigned char *mac = NULL;
- unsigned char mac_tmp[EVP_MAX_MD_SIZE];
- mac_size = EVP_MD_CTX_size(s->read_hash);
- OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
-
- /*
- * kludge: *_cbc_remove_padding passes padding length in rr->type
- */
- orig_len = rr->length + ((unsigned int)rr->type >> 8);
-
- /*
- * orig_len is the length of the record before any padding was
- * removed. This is public information, as is the MAC in use,
- * therefore we can safely process the record in a different amount
- * of time if it's too short to possibly contain a MAC.
- */
- if (orig_len < mac_size ||
- /* CBC records must have a padding length byte too. */
- (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
- orig_len < mac_size + 1)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
-
- if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
- /*
- * We update the length so that the TLS header bytes can be
- * constructed correctly but we need to extract the MAC in
- * constant time from within the record, without leaking the
- * contents of the padding bytes.
- */
- mac = mac_tmp;
- ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
- rr->length -= mac_size;
- } else {
- /*
- * In this case there's no padding, so |orig_len| equals
- * |rec->length| and we checked that there's enough bytes for
- * |mac_size| above.
- */
- rr->length -= mac_size;
- mac = &rr->data[rr->length];
- }
-
- i = s->method->ssl3_enc->mac(s, md, 0 /* not send */ );
- if (i < 0 || mac == NULL
- || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
- enc_err = -1;
- if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
- enc_err = -1;
- }
-
- if (enc_err < 0) {
- /* decryption failed, silently discard message */
- rr->length = 0;
- s->packet_length = 0;
- goto err;
- }
-
- /* r->length is now just compressed */
- if (s->expand != NULL) {
- if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {
- al = SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD,
- SSL_R_COMPRESSED_LENGTH_TOO_LONG);
- goto f_err;
- }
- if (!ssl3_do_uncompress(s)) {
- al = SSL_AD_DECOMPRESSION_FAILURE;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_BAD_DECOMPRESSION);
- goto f_err;
- }
- }
-
- if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
- al = SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
- goto f_err;
- }
-
- rr->off = 0;
- /*-
- * So at this point the following is true
- * ssl->s3->rrec.type is the type of record
- * ssl->s3->rrec.length == number of bytes in record
- * ssl->s3->rrec.off == offset to first valid byte
- * ssl->s3->rrec.data == where to take bytes from, increment
- * after use :-).
- */
-
- /* we have pulled in a full packet so zero things */
- s->packet_length = 0;
- return (1);
-
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- return (0);
-}
-
-/*-
- * Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type - is the type of record
- * ssl->s3->rrec.data, - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by dtls1_read_bytes */
-int dtls1_get_record(SSL *s)
-{
- int ssl_major, ssl_minor;
- int i, n;
- SSL3_RECORD *rr;
- unsigned char *p = NULL;
- unsigned short version;
- DTLS1_BITMAP *bitmap;
- unsigned int is_next_epoch;
-
- rr = &(s->s3->rrec);
-
- /*
- * The epoch may have changed. If so, process all the pending records.
- * This is a non-blocking operation.
- */
- if (dtls1_process_buffered_records(s) < 0)
- return -1;
-
- /* if we're renegotiating, then there may be buffered records */
- if (dtls1_get_processed_record(s))
- return 1;
-
- /* get something from the wire */
- again:
- /* check if we have the header */
- if ((s->rstate != SSL_ST_READ_BODY) ||
- (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
- n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
- /* read timeout is handled by dtls1_read_bytes */
- if (n <= 0)
- return (n); /* error or non-blocking */
-
- /* this packet contained a partial record, dump it */
- if (s->packet_length != DTLS1_RT_HEADER_LENGTH) {
- s->packet_length = 0;
- goto again;
- }
-
- s->rstate = SSL_ST_READ_BODY;
-
- p = s->packet;
-
- /* Pull apart the header into the DTLS1_RECORD */
- rr->type = *(p++);
- ssl_major = *(p++);
- ssl_minor = *(p++);
- version = (ssl_major << 8) | ssl_minor;
-
- /* sequence number is 64 bits, with top 2 bytes = epoch */
- n2s(p, rr->epoch);
-
- memcpy(&(s->s3->read_sequence[2]), p, 6);
- p += 6;
-
- n2s(p, rr->length);
-
- /* Lets check version */
- if (!s->first_packet) {
- if (version != s->version) {
- /* unexpected version, silently discard */
- rr->length = 0;
- s->packet_length = 0;
- goto again;
- }
- }
-
- if ((version & 0xff00) != (s->version & 0xff00)) {
- /* wrong version, silently discard record */
- rr->length = 0;
- s->packet_length = 0;
- goto again;
- }
-
- if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
- /* record too long, silently discard it */
- rr->length = 0;
- s->packet_length = 0;
- goto again;
- }
-
- /* now s->rstate == SSL_ST_READ_BODY */
- }
-
- /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
- if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
- /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
- i = rr->length;
- n = ssl3_read_n(s, i, i, 1);
- /* this packet contained a partial record, dump it */
- if (n != i) {
- rr->length = 0;
- s->packet_length = 0;
- goto again;
- }
-
- /*
- * now n == rr->length, and s->packet_length ==
- * DTLS1_RT_HEADER_LENGTH + rr->length
- */
- }
- s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
-
- /* match epochs. NULL means the packet is dropped on the floor */
- bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
- if (bitmap == NULL) {
- rr->length = 0;
- s->packet_length = 0; /* dump this record */
- goto again; /* get another record */
- }
-#ifndef OPENSSL_NO_SCTP
- /* Only do replay check if no SCTP bio */
- if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
-#endif
- /*
- * Check whether this is a repeat, or aged record. Don't check if
- * we're listening and this message is a ClientHello. They can look
- * as if they're replayed, since they arrive from different
- * connections and would be dropped unnecessarily.
- */
- if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
- s->packet_length > DTLS1_RT_HEADER_LENGTH &&
- s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
- !dtls1_record_replay_check(s, bitmap)) {
- rr->length = 0;
- s->packet_length = 0; /* dump this record */
- goto again; /* get another record */
- }
-#ifndef OPENSSL_NO_SCTP
- }
-#endif
-
- /* just read a 0 length packet */
- if (rr->length == 0)
- goto again;
-
- /*
- * If this record is from the next epoch (either HM or ALERT), and a
- * handshake is currently in progress, buffer it since it cannot be
- * processed at this time. However, do not buffer anything while
- * listening.
- */
- if (is_next_epoch) {
- if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
- if (dtls1_buffer_record
- (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
- return -1;
- /* Mark receipt of record. */
- dtls1_record_bitmap_update(s, bitmap);
- }
- rr->length = 0;
- s->packet_length = 0;
- goto again;
- }
-
- if (!dtls1_process_record(s)) {
- rr->length = 0;
- s->packet_length = 0; /* dump this record */
- goto again; /* get another record */
- }
- dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */
-
- return (1);
-
-}
-
-/*-
- * Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- * - 0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- * Change cipher spec protocol
- * just 1 byte needed, no need for keeping anything stored
- * Alert protocol
- * 2 bytes needed (AlertLevel, AlertDescription)
- * Handshake protocol
- * 4 bytes needed (HandshakeType, uint24 length) -- we just have
- * to detect unexpected Client Hello and Hello Request messages
- * here, anything else is handled by higher layers
- * Application data protocol
- * none of our business
- */
-int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
-{
- int al, i, j, ret;
- unsigned int n;
- SSL3_RECORD *rr;
- void (*cb) (const SSL *ssl, int type2, int val) = NULL;
-
- if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
- if (!ssl3_setup_buffers(s))
- return (-1);
-
- /* XXX: check what the second '&& type' is about */
- if ((type && (type != SSL3_RT_APPLICATION_DATA) &&
- (type != SSL3_RT_HANDSHAKE) && type) ||
- (peek && (type != SSL3_RT_APPLICATION_DATA))) {
- SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
- return -1;
- }
-
- /*
- * check whether there's a handshake message (client hello?) waiting
- */
- if ((ret = have_handshake_fragment(s, type, buf, len, peek)))
- return ret;
-
- /*
- * Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
- */
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Continue handshake if it had to be interrupted to read app data with
- * SCTP.
- */
- if ((!s->in_handshake && SSL_in_init(s)) ||
- (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
- (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
- || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)
- && s->s3->in_read_app_data != 2))
-#else
- if (!s->in_handshake && SSL_in_init(s))
-#endif
- {
- /* type == SSL3_RT_APPLICATION_DATA */
- i = s->handshake_func(s);
- if (i < 0)
- return (i);
- if (i == 0) {
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
- return (-1);
- }
- }
-
- start:
- s->rwstate = SSL_NOTHING;
-
- /*-
- * s->s3->rrec.type - is the type of record
- * s->s3->rrec.data, - data
- * s->s3->rrec.off, - offset into 'data' for next read
- * s->s3->rrec.length, - number of bytes.
- */
- rr = &(s->s3->rrec);
-
- /*
- * We are not handshaking and have no data yet, so process data buffered
- * during the last handshake in advance, if any.
- */
- if (s->state == SSL_ST_OK && rr->length == 0) {
- pitem *item;
- item = pqueue_pop(s->d1->buffered_app_data.q);
- if (item) {
-#ifndef OPENSSL_NO_SCTP
- /* Restore bio_dgram_sctp_rcvinfo struct */
- if (BIO_dgram_is_sctp(SSL_get_rbio(s))) {
- DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *)item->data;
- BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO,
- sizeof(rdata->recordinfo), &rdata->recordinfo);
- }
-#endif
-
- dtls1_copy_record(s, item);
-
- OPENSSL_free(item->data);
- pitem_free(item);
- }
- }
-
- /* Check for timeout */
- if (dtls1_handle_timeout(s) > 0)
- goto start;
-
- /* get new packet if necessary */
- if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
- ret = dtls1_get_record(s);
- if (ret <= 0) {
- ret = dtls1_read_failed(s, ret);
- /* anything other than a timeout is an error */
- if (ret <= 0)
- return (ret);
- else
- goto start;
- }
- }
-
- if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
- rr->length = 0;
- goto start;
- }
-
- /* we now have a packet which can be read and processed */
-
- if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
- * reset by ssl3_get_finished */
- && (rr->type != SSL3_RT_HANDSHAKE)) {
- /*
- * We now have application data between CCS and Finished. Most likely
- * the packets were reordered on their way, so buffer the application
- * data for later processing rather than dropping the connection.
- */
- if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
- 0) {
- SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- rr->length = 0;
- goto start;
- }
-
- /*
- * If the other end has shut down, throw anything we read away (even in
- * 'peek' mode)
- */
- if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
- rr->length = 0;
- s->rwstate = SSL_NOTHING;
- return (0);
- }
-
- if (type == rr->type) { /* SSL3_RT_APPLICATION_DATA or
- * SSL3_RT_HANDSHAKE */
- /*
- * make sure that we are not getting application data when we are
- * doing a handshake for the first time
- */
- if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
- (s->enc_read_ctx == NULL)) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
- goto f_err;
- }
-
- if (len <= 0)
- return (len);
-
- if ((unsigned int)len > rr->length)
- n = rr->length;
- else
- n = (unsigned int)len;
-
- memcpy(buf, &(rr->data[rr->off]), n);
- if (!peek) {
- rr->length -= n;
- rr->off += n;
- if (rr->length == 0) {
- s->rstate = SSL_ST_READ_HEADER;
- rr->off = 0;
- }
- }
-#ifndef OPENSSL_NO_SCTP
- /*
- * We were about to renegotiate but had to read belated application
- * data first, so retry.
- */
- if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
- rr->type == SSL3_RT_APPLICATION_DATA &&
- (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
- || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)) {
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- }
-
- /*
- * We might had to delay a close_notify alert because of reordered
- * app data. If there was an alert and there is no message to read
- * anymore, finally set shutdown.
- */
- if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
- s->d1->shutdown_received
- && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
- s->shutdown |= SSL_RECEIVED_SHUTDOWN;
- return (0);
- }
-#endif
- return (n);
- }
-
- /*
- * If we get here, then type != rr->type; if we have a handshake message,
- * then it was unexpected (Hello Request or Client Hello).
- */
-
- /*
- * In case of record types for which we have 'fragment' storage, fill
- * that so that we can process the data at a fixed place.
- */
- {
- unsigned int k, dest_maxlen = 0;
- unsigned char *dest = NULL;
- unsigned int *dest_len = NULL;
-
- if (rr->type == SSL3_RT_HANDSHAKE) {
- dest_maxlen = sizeof s->d1->handshake_fragment;
- dest = s->d1->handshake_fragment;
- dest_len = &s->d1->handshake_fragment_len;
- } else if (rr->type == SSL3_RT_ALERT) {
- dest_maxlen = sizeof(s->d1->alert_fragment);
- dest = s->d1->alert_fragment;
- dest_len = &s->d1->alert_fragment_len;
- }
-#ifndef OPENSSL_NO_HEARTBEATS
- else if (rr->type == TLS1_RT_HEARTBEAT) {
- dtls1_process_heartbeat(s);
-
- /* Exit and notify application to read again */
- rr->length = 0;
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- return (-1);
- }
-#endif
- /* else it's a CCS message, or application data or wrong */
- else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
- /*
- * Application data while renegotiating is allowed. Try again
- * reading.
- */
- if (rr->type == SSL3_RT_APPLICATION_DATA) {
- BIO *bio;
- s->s3->in_read_app_data = 2;
- bio = SSL_get_rbio(s);
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return (-1);
- }
-
- /* Not certain if this is the right error handling */
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
- goto f_err;
- }
-
- if (dest_maxlen > 0) {
- /*
- * XDTLS: In a pathalogical case, the Client Hello may be
- * fragmented--don't always expect dest_maxlen bytes
- */
- if (rr->length < dest_maxlen) {
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
- /*
- * for normal alerts rr->length is 2, while
- * dest_maxlen is 7 if we were to handle this
- * non-existing alert...
- */
- FIX ME
-#endif
- s->rstate = SSL_ST_READ_HEADER;
- rr->length = 0;
- goto start;
- }
-
- /* now move 'n' bytes: */
- for (k = 0; k < dest_maxlen; k++) {
- dest[k] = rr->data[rr->off++];
- rr->length--;
- }
- *dest_len = dest_maxlen;
- }
- }
-
- /*-
- * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE;
- * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT.
- * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
- */
-
- /* If we are a client, check for an incoming 'Hello Request': */
- if ((!s->server) &&
- (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
- (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
- (s->session != NULL) && (s->session->cipher != NULL)) {
- s->d1->handshake_fragment_len = 0;
-
- if ((s->d1->handshake_fragment[1] != 0) ||
- (s->d1->handshake_fragment[2] != 0) ||
- (s->d1->handshake_fragment[3] != 0)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
- goto f_err;
- }
-
- /*
- * no need to check sequence number on HELLO REQUEST messages
- */
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- s->d1->handshake_fragment, 4, s,
- s->msg_callback_arg);
-
- if (SSL_is_init_finished(s) &&
- !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
- !s->s3->renegotiate) {
- s->d1->handshake_read_seq++;
- s->new_session = 1;
- ssl3_renegotiate(s);
- if (ssl3_renegotiate_check(s)) {
- i = s->handshake_func(s);
- if (i < 0)
- return (i);
- if (i == 0) {
- SSLerr(SSL_F_DTLS1_READ_BYTES,
- SSL_R_SSL_HANDSHAKE_FAILURE);
- return (-1);
- }
-
- if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
- if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
- BIO *bio;
- /*
- * In the case where we try to read application data,
- * but we trigger an SSL handshake, we return -1 with
- * the retry option set. Otherwise renegotiation may
- * cause nasty problems in the blocking world
- */
- s->rwstate = SSL_READING;
- bio = SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return (-1);
- }
- }
- }
- }
- /*
- * we either finished a handshake or ignored the request, now try
- * again to obtain the (application) data we were asked for
- */
- goto start;
- }
-
- if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
- int alert_level = s->d1->alert_fragment[0];
- int alert_descr = s->d1->alert_fragment[1];
-
- s->d1->alert_fragment_len = 0;
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_ALERT,
- s->d1->alert_fragment, 2, s, s->msg_callback_arg);
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- if (cb != NULL) {
- j = (alert_level << 8) | alert_descr;
- cb(s, SSL_CB_READ_ALERT, j);
- }
-
- if (alert_level == SSL3_AL_WARNING) {
- s->s3->warn_alert = alert_descr;
- if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
-#ifndef OPENSSL_NO_SCTP
- /*
- * With SCTP and streams the socket may deliver app data
- * after a close_notify alert. We have to check this first so
- * that nothing gets discarded.
- */
- if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
- BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
- s->d1->shutdown_received = 1;
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- return -1;
- }
-#endif
- s->shutdown |= SSL_RECEIVED_SHUTDOWN;
- return (0);
- }
-#if 0
- /* XXX: this is a possible improvement in the future */
- /* now check if it's a missing record */
- if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
- unsigned short seq;
- unsigned int frag_off;
- unsigned char *p = &(s->d1->alert_fragment[2]);
-
- n2s(p, seq);
- n2l3(p, frag_off);
-
- dtls1_retransmit_message(s,
- dtls1_get_queue_priority
- (frag->msg_header.seq, 0), frag_off,
- &found);
- if (!found && SSL_in_init(s)) {
- /*
- * fprintf( stderr,"in init = %d\n", SSL_in_init(s));
- */
- /*
- * requested a message not yet sent, send an alert
- * ourselves
- */
- ssl3_send_alert(s, SSL3_AL_WARNING,
- DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
- }
- }
-#endif
- } else if (alert_level == SSL3_AL_FATAL) {
- char tmp[16];
-
- s->rwstate = SSL_NOTHING;
- s->s3->fatal_alert = alert_descr;
- SSLerr(SSL_F_DTLS1_READ_BYTES,
- SSL_AD_REASON_OFFSET + alert_descr);
- BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
- ERR_add_error_data(2, "SSL alert number ", tmp);
- s->shutdown |= SSL_RECEIVED_SHUTDOWN;
- SSL_CTX_remove_session(s->ctx, s->session);
- return (0);
- } else {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
- goto f_err;
- }
-
- goto start;
- }
-
- if (s->shutdown & SSL_SENT_SHUTDOWN) { /* but we have not received a
- * shutdown */
- s->rwstate = SSL_NOTHING;
- rr->length = 0;
- return (0);
- }
-
- if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
- struct ccs_header_st ccs_hdr;
- unsigned int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
-
- dtls1_get_ccs_header(rr->data, &ccs_hdr);
-
- if (s->version == DTLS1_BAD_VER)
- ccs_hdr_len = 3;
-
- /*
- * 'Change Cipher Spec' is just a single byte, so we know exactly
- * what the record payload has to look like
- */
- /* XDTLS: check that epoch is consistent */
- if ((rr->length != ccs_hdr_len) ||
- (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
- i = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
- goto err;
- }
-
- rr->length = 0;
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
- rr->data, 1, s, s->msg_callback_arg);
-
- /*
- * We can't process a CCS now, because previous handshake messages
- * are still missing, so just drop it.
- */
- if (!s->d1->change_cipher_spec_ok) {
- goto start;
- }
-
- s->d1->change_cipher_spec_ok = 0;
-
- s->s3->change_cipher_spec = 1;
- if (!ssl3_do_change_cipher_spec(s))
- goto err;
-
- /* do this whenever CCS is processed */
- dtls1_reset_seq_numbers(s, SSL3_CC_READ);
-
- if (s->version == DTLS1_BAD_VER)
- s->d1->handshake_read_seq++;
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Remember that a CCS has been received, so that an old key of
- * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no
- * SCTP is used
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
-#endif
-
- goto start;
- }
-
- /*
- * Unexpected handshake message (Client Hello, or protocol violation)
- */
- if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
- !s->in_handshake) {
- struct hm_header_st msg_hdr;
-
- /* this may just be a stale retransmit */
- dtls1_get_message_header(rr->data, &msg_hdr);
- if (rr->epoch != s->d1->r_epoch) {
- rr->length = 0;
- goto start;
- }
-
- /*
- * If we are server, we may have a repeated FINISHED of the client
- * here, then retransmit our CCS and FINISHED.
- */
- if (msg_hdr.type == SSL3_MT_FINISHED) {
- if (dtls1_check_timeout_num(s) < 0)
- return -1;
-
- dtls1_retransmit_buffered_messages(s);
- rr->length = 0;
- goto start;
- }
-
- if (((s->state & SSL_ST_MASK) == SSL_ST_OK) &&
- !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-#if 0 /* worked only because C operator preferences
- * are not as expected (and because this is
- * not really needed for clients except for
- * detecting protocol violations): */
- s->state = SSL_ST_BEFORE | (s->server)
- ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#else
- s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#endif
- s->renegotiate = 1;
- s->new_session = 1;
- }
- i = s->handshake_func(s);
- if (i < 0)
- return (i);
- if (i == 0) {
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
- return (-1);
- }
-
- if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
- if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
- BIO *bio;
- /*
- * In the case where we try to read application data, but we
- * trigger an SSL handshake, we return -1 with the retry
- * option set. Otherwise renegotiation may cause nasty
- * problems in the blocking world
- */
- s->rwstate = SSL_READING;
- bio = SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return (-1);
- }
- }
- goto start;
- }
-
- switch (rr->type) {
- default:
-#ifndef OPENSSL_NO_TLS
- /* TLS just ignores unknown message types */
- if (s->version == TLS1_VERSION) {
- rr->length = 0;
- goto start;
- }
-#endif
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
- goto f_err;
- case SSL3_RT_CHANGE_CIPHER_SPEC:
- case SSL3_RT_ALERT:
- case SSL3_RT_HANDSHAKE:
- /*
- * we already handled all of these, with the possible exception of
- * SSL3_RT_HANDSHAKE when s->in_handshake is set, but that should not
- * happen when type != rr->type
- */
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
- goto f_err;
- case SSL3_RT_APPLICATION_DATA:
- /*
- * At this point, we were expecting handshake data, but have
- * application data. If the library was running inside ssl3_read()
- * (i.e. in_read_app_data is set) and it makes sense to read
- * application data at this point (session renegotiation not yet
- * started), we will indulge it.
- */
- if (s->s3->in_read_app_data &&
- (s->s3->total_renegotiations != 0) &&
- (((s->state & SSL_ST_CONNECT) &&
- (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
- (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
- ) || ((s->state & SSL_ST_ACCEPT) &&
- (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
- (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
- )
- )) {
- s->s3->in_read_app_data = 2;
- return (-1);
- } else {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
- goto f_err;
- }
- }
- /* not reached */
-
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- return (-1);
-}
-
-int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
-{
- int i;
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Check if we have to continue an interrupted handshake for reading
- * belated app data with SCTP.
- */
- if ((SSL_in_init(s) && !s->in_handshake) ||
- (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
- (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
- || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)))
-#else
- if (SSL_in_init(s) && !s->in_handshake)
-#endif
- {
- i = s->handshake_func(s);
- if (i < 0)
- return (i);
- if (i == 0) {
- SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,
- SSL_R_SSL_HANDSHAKE_FAILURE);
- return -1;
- }
- }
-
- if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
- SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG);
- return -1;
- }
-
- i = dtls1_write_bytes(s, type, buf_, len);
- return i;
-}
-
- /*
- * this only happens when a client hello is received and a handshake
- * is started.
- */
-static int
-have_handshake_fragment(SSL *s, int type, unsigned char *buf,
- int len, int peek)
-{
-
- if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
- /* (partially) satisfy request from storage */
- {
- unsigned char *src = s->d1->handshake_fragment;
- unsigned char *dst = buf;
- unsigned int k, n;
-
- /* peek == 0 */
- n = 0;
- while ((len > 0) && (s->d1->handshake_fragment_len > 0)) {
- *dst++ = *src++;
- len--;
- s->d1->handshake_fragment_len--;
- n++;
- }
- /* move any remaining fragment bytes: */
- for (k = 0; k < s->d1->handshake_fragment_len; k++)
- s->d1->handshake_fragment[k] = *src++;
- return n;
- }
-
- return 0;
-}
-
-/*
- * Call this to write data in records of type 'type' It will return <= 0 if
- * not all data has been sent or non-blocking IO.
- */
-int dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
-{
- int i;
-
- OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
- s->rwstate = SSL_NOTHING;
- i = do_dtls1_write(s, type, buf, len, 0);
- return i;
-}
-
-int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
- unsigned int len, int create_empty_fragment)
-{
- unsigned char *p, *pseq;
- int i, mac_size, clear = 0;
- int prefix_len = 0;
- SSL3_RECORD *wr;
- SSL3_BUFFER *wb;
- SSL_SESSION *sess;
- int bs;
-
- /*
- * first check if there is a SSL3_BUFFER still being written out. This
- * will happen with non blocking IO
- */
- if (s->s3->wbuf.left != 0) {
- OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */
- return (ssl3_write_pending(s, type, buf, len));
- }
-
- /* If we have an alert to send, lets send it */
- if (s->s3->alert_dispatch) {
- i = s->method->ssl_dispatch_alert(s);
- if (i <= 0)
- return (i);
- /* if it went, fall through and send more stuff */
- }
-
- if (len == 0 && !create_empty_fragment)
- return 0;
-
- wr = &(s->s3->wrec);
- wb = &(s->s3->wbuf);
- sess = s->session;
-
- if ((sess == NULL) ||
- (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL))
- clear = 1;
-
- if (clear)
- mac_size = 0;
- else {
- mac_size = EVP_MD_CTX_size(s->write_hash);
- if (mac_size < 0)
- goto err;
- }
-
- /* DTLS implements explicit IV, so no need for empty fragments */
-#if 0
- /*
- * 'create_empty_fragment' is true only when this function calls itself
- */
- if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
- && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
- {
- /*
- * countermeasure against known-IV weakness in CBC ciphersuites (see
- * http://www.openssl.org/~bodo/tls-cbc.txt)
- */
-
- if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
- /*
- * recursive function call with 'create_empty_fragment' set; this
- * prepares and buffers the data for an empty fragment (these
- * 'prefix_len' bytes are sent out later together with the actual
- * payload)
- */
- prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
- if (prefix_len <= 0)
- goto err;
-
- if (s->s3->wbuf.len <
- (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
- /* insufficient space */
- SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- s->s3->empty_fragment_done = 1;
- }
-#endif
- p = wb->buf + prefix_len;
-
- /* write the header */
-
- *(p++) = type & 0xff;
- wr->type = type;
-
- *(p++) = (s->version >> 8);
- *(p++) = s->version & 0xff;
-
- /* field where we are to write out packet epoch, seq num and len */
- pseq = p;
- p += 10;
-
- /* lets setup the record stuff. */
-
- /*
- * Make space for the explicit IV in case of CBC. (this is a bit of a
- * boundary violation, but what the heck).
- */
- if (s->enc_write_ctx &&
- (EVP_CIPHER_mode(s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
- bs = EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
- else
- bs = 0;
-
- wr->data = p + bs; /* make room for IV in case of CBC */
- wr->length = (int)len;
- wr->input = (unsigned char *)buf;
-
- /*
- * we now 'read' from wr->input, wr->length bytes into wr->data
- */
-
- /* first we compress */
- if (s->compress != NULL) {
- if (!ssl3_do_compress(s)) {
- SSLerr(SSL_F_DO_DTLS1_WRITE, SSL_R_COMPRESSION_FAILURE);
- goto err;
- }
- } else {
- memcpy(wr->data, wr->input, wr->length);
- wr->input = wr->data;
- }
-
- /*
- * we should still have the output to wr->data and the input from
- * wr->input. Length should be wr->length. wr->data still points in the
- * wb->buf
- */
-
- if (mac_size != 0) {
- if (s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
- goto err;
- wr->length += mac_size;
- }
-
- /* this is true regardless of mac size */
- wr->input = p;
- wr->data = p;
-
- /* ssl3_enc can only have an error on read */
- if (bs) { /* bs != 0 in case of CBC */
- RAND_pseudo_bytes(p, bs);
- /*
- * master IV and last CBC residue stand for the rest of randomness
- */
- wr->length += bs;
- }
-
- if (s->method->ssl3_enc->enc(s, 1) < 1)
- goto err;
-
- /* record length after mac and block padding */
- /*
- * if (type == SSL3_RT_APPLICATION_DATA || (type == SSL3_RT_ALERT && !
- * SSL_in_init(s)))
- */
-
- /* there's only one epoch between handshake and app data */
-
- s2n(s->d1->w_epoch, pseq);
-
- /* XDTLS: ?? */
- /*
- * else s2n(s->d1->handshake_epoch, pseq);
- */
-
- memcpy(pseq, &(s->s3->write_sequence[2]), 6);
- pseq += 6;
- s2n(wr->length, pseq);
-
- /*
- * we should now have wr->data pointing to the encrypted data, which is
- * wr->length long
- */
- wr->type = type; /* not needed but helps for debugging */
- wr->length += DTLS1_RT_HEADER_LENGTH;
-
-#if 0 /* this is now done at the message layer */
- /* buffer the record, making it easy to handle retransmits */
- if (type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
- dtls1_buffer_record(s, wr->data, wr->length,
- *((PQ_64BIT *) & (s->s3->write_sequence[0])));
-#endif
-
- ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
-
- if (create_empty_fragment) {
- /*
- * we are in a recursive call; just return the length, don't write
- * out anything here
- */
- return wr->length;
- }
-
- /* now let's set up wb */
- wb->left = prefix_len + wr->length;
- wb->offset = 0;
-
- /*
- * memorize arguments so that ssl3_write_pending can detect bad write
- * retries later
- */
- s->s3->wpend_tot = len;
- s->s3->wpend_buf = buf;
- s->s3->wpend_type = type;
- s->s3->wpend_ret = len;
-
- /* we now just need to write the buffer */
- return ssl3_write_pending(s, type, buf, len);
- err:
- return -1;
-}
-
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
-{
- int cmp;
- unsigned int shift;
- const unsigned char *seq = s->s3->read_sequence;
-
- cmp = satsub64be(seq, bitmap->max_seq_num);
- if (cmp > 0) {
- memcpy(s->s3->rrec.seq_num, seq, 8);
- return 1; /* this record in new */
- }
- shift = -cmp;
- if (shift >= sizeof(bitmap->map) * 8)
- return 0; /* stale, outside the window */
- else if (bitmap->map & (1UL << shift))
- return 0; /* record previously received */
-
- memcpy(s->s3->rrec.seq_num, seq, 8);
- return 1;
-}
-
-static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
-{
- int cmp;
- unsigned int shift;
- const unsigned char *seq = s->s3->read_sequence;
-
- cmp = satsub64be(seq, bitmap->max_seq_num);
- if (cmp > 0) {
- shift = cmp;
- if (shift < sizeof(bitmap->map) * 8)
- bitmap->map <<= shift, bitmap->map |= 1UL;
- else
- bitmap->map = 1UL;
- memcpy(bitmap->max_seq_num, seq, 8);
- } else {
- shift = -cmp;
- if (shift < sizeof(bitmap->map) * 8)
- bitmap->map |= 1UL << shift;
- }
-}
-
-int dtls1_dispatch_alert(SSL *s)
-{
- int i, j;
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- unsigned char buf[DTLS1_AL_HEADER_LENGTH];
- unsigned char *ptr = &buf[0];
-
- s->s3->alert_dispatch = 0;
-
- memset(buf, 0x00, sizeof(buf));
- *ptr++ = s->s3->send_alert[0];
- *ptr++ = s->s3->send_alert[1];
-
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
- if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
- s2n(s->d1->handshake_read_seq, ptr);
-# if 0
- if (s->d1->r_msg_hdr.frag_off == 0)
- /*
- * waiting for a new msg
- */
- else
- s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
-# endif
-
-# if 0
- fprintf(stderr,
- "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n",
- s->d1->handshake_read_seq, s->d1->r_msg_hdr.seq);
-# endif
- l2n3(s->d1->r_msg_hdr.frag_off, ptr);
- }
-#endif
-
- i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
- if (i <= 0) {
- s->s3->alert_dispatch = 1;
- /* fprintf( stderr, "not done with alert\n" ); */
- } else {
- if (s->s3->send_alert[0] == SSL3_AL_FATAL
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
- || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#endif
- )
- (void)BIO_flush(s->wbio);
-
- if (s->msg_callback)
- s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
- 2, s, s->msg_callback_arg);
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- if (cb != NULL) {
- j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
- cb(s, SSL_CB_WRITE_ALERT, j);
- }
- }
- return (i);
-}
-
-static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
- unsigned int *is_next_epoch)
-{
-
- *is_next_epoch = 0;
-
- /* In current epoch, accept HM, CCS, DATA, & ALERT */
- if (rr->epoch == s->d1->r_epoch)
- return &s->d1->bitmap;
-
- /* Only HM and ALERT messages can be from the next epoch */
- else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
- (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
- *is_next_epoch = 1;
- return &s->d1->next_bitmap;
- }
-
- return NULL;
-}
-
-#if 0
-static int
-dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
- unsigned short *priority, unsigned long *offset)
-{
-
- /* alerts are passed up immediately */
- if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
- return 0;
-
- /*
- * Only need to buffer if a handshake is underway. (this implies that
- * Hello Request and Client Hello are passed up immediately)
- */
- if (SSL_in_init(s)) {
- unsigned char *data = rr->data;
- /* need to extract the HM/CCS sequence number here */
- if (rr->type == SSL3_RT_HANDSHAKE ||
- rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
- unsigned short seq_num;
- struct hm_header_st msg_hdr;
- struct ccs_header_st ccs_hdr;
-
- if (rr->type == SSL3_RT_HANDSHAKE) {
- dtls1_get_message_header(data, &msg_hdr);
- seq_num = msg_hdr.seq;
- *offset = msg_hdr.frag_off;
- } else {
- dtls1_get_ccs_header(data, &ccs_hdr);
- seq_num = ccs_hdr.seq;
- *offset = 0;
- }
-
- /*
- * this is either a record we're waiting for, or a retransmit of
- * something we happened to previously receive (higher layers
- * will drop the repeat silently
- */
- if (seq_num < s->d1->handshake_read_seq)
- return 0;
- if (rr->type == SSL3_RT_HANDSHAKE &&
- seq_num == s->d1->handshake_read_seq &&
- msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
- return 0;
- else if (seq_num == s->d1->handshake_read_seq &&
- (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||
- msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
- return 0;
- else {
- *priority = seq_num;
- return 1;
- }
- } else /* unknown record type */
- return 0;
- }
-
- return 0;
-}
-#endif
-
-void dtls1_reset_seq_numbers(SSL *s, int rw)
-{
- unsigned char *seq;
- unsigned int seq_bytes = sizeof(s->s3->read_sequence);
-
- if (rw & SSL3_CC_READ) {
- seq = s->s3->read_sequence;
- s->d1->r_epoch++;
- memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
- memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
- } else {
- seq = s->s3->write_sequence;
- memcpy(s->d1->last_write_sequence, seq,
- sizeof(s->s3->write_sequence));
- s->d1->w_epoch++;
- }
-
- memset(seq, 0x00, seq_bytes);
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c (from rev 11605, vendor-crypto/openssl/dist/ssl/d1_pkt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_pkt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1967 @@
+/* ssl/d1_pkt.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+#include <openssl/pqueue.h>
+#include <openssl/rand.h>
+
+/* mod 128 saturating subtract of two 64-bit values in big-endian order */
+static int satsub64be(const unsigned char *v1, const unsigned char *v2)
+{
+ int ret, sat, brw, i;
+
+ if (sizeof(long) == 8)
+ do {
+ const union {
+ long one;
+ char little;
+ } is_endian = {
+ 1
+ };
+ long l;
+
+ if (is_endian.little)
+ break;
+ /* not reached on little-endians */
+ /*
+ * following test is redundant, because input is always aligned,
+ * but I take no chances...
+ */
+ if (((size_t)v1 | (size_t)v2) & 0x7)
+ break;
+
+ l = *((long *)v1);
+ l -= *((long *)v2);
+ if (l > 128)
+ return 128;
+ else if (l < -128)
+ return -128;
+ else
+ return (int)l;
+ } while (0);
+
+ ret = (int)v1[7] - (int)v2[7];
+ sat = 0;
+ brw = ret >> 8; /* brw is either 0 or -1 */
+ if (ret & 0x80) {
+ for (i = 6; i >= 0; i--) {
+ brw += (int)v1[i] - (int)v2[i];
+ sat |= ~brw;
+ brw >>= 8;
+ }
+ } else {
+ for (i = 6; i >= 0; i--) {
+ brw += (int)v1[i] - (int)v2[i];
+ sat |= brw;
+ brw >>= 8;
+ }
+ }
+ brw <<= 8; /* brw is either 0 or -256 */
+
+ if (sat & 0xff)
+ return brw | 0x80;
+ else
+ return brw + (ret & 0xFF);
+}
+
+static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
+ int len, int peek);
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
+static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
+static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
+ unsigned int *is_next_epoch);
+#if 0
+static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
+ unsigned short *priority,
+ unsigned long *offset);
+#endif
+static int dtls1_buffer_record(SSL *s, record_pqueue *q,
+ unsigned char *priority);
+static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap);
+
+/* copy buffered record into SSL structure */
+static int dtls1_copy_record(SSL *s, pitem *item)
+{
+ DTLS1_RECORD_DATA *rdata;
+
+ rdata = (DTLS1_RECORD_DATA *)item->data;
+
+ if (s->s3->rbuf.buf != NULL)
+ OPENSSL_free(s->s3->rbuf.buf);
+
+ s->packet = rdata->packet;
+ s->packet_length = rdata->packet_length;
+ memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
+ memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+
+ /* Set proper sequence number for mac calculation */
+ memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6);
+
+ return (1);
+}
+
+static int
+dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
+{
+ DTLS1_RECORD_DATA *rdata;
+ pitem *item;
+
+ /* Limit the size of the queue to prevent DOS attacks */
+ if (pqueue_size(queue->q) >= 100)
+ return 0;
+
+ rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+ item = pitem_new(priority, rdata);
+ if (rdata == NULL || item == NULL) {
+ if (rdata != NULL)
+ OPENSSL_free(rdata);
+ if (item != NULL)
+ pitem_free(item);
+
+ SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+
+ rdata->packet = s->packet;
+ rdata->packet_length = s->packet_length;
+ memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
+ memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
+
+ item->data = rdata;
+
+#ifndef OPENSSL_NO_SCTP
+ /* Store bio_dgram_sctp_rcvinfo struct */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ (s->state == SSL3_ST_SR_FINISHED_A
+ || s->state == SSL3_ST_CR_FINISHED_A)) {
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
+ sizeof(rdata->recordinfo), &rdata->recordinfo);
+ }
+#endif
+
+ s->packet = NULL;
+ s->packet_length = 0;
+ memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
+ memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
+
+ if (!ssl3_setup_buffers(s)) {
+ SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+ if (rdata->rbuf.buf != NULL)
+ OPENSSL_free(rdata->rbuf.buf);
+ OPENSSL_free(rdata);
+ pitem_free(item);
+ return (-1);
+ }
+
+ /* insert should not fail, since duplicates are dropped */
+ if (pqueue_insert(queue->q, item) == NULL) {
+ SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+ if (rdata->rbuf.buf != NULL)
+ OPENSSL_free(rdata->rbuf.buf);
+ OPENSSL_free(rdata);
+ pitem_free(item);
+ return (-1);
+ }
+
+ return (1);
+}
+
+static int dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue)
+{
+ pitem *item;
+
+ item = pqueue_pop(queue->q);
+ if (item) {
+ dtls1_copy_record(s, item);
+
+ OPENSSL_free(item->data);
+ pitem_free(item);
+
+ return (1);
+ }
+
+ return (0);
+}
+
+/*
+ * retrieve a buffered record that belongs to the new epoch, i.e., not
+ * processed yet
+ */
+#define dtls1_get_unprocessed_record(s) \
+ dtls1_retrieve_buffered_record((s), \
+ &((s)->d1->unprocessed_rcds))
+
+/*
+ * retrieve a buffered record that belongs to the current epoch, ie,
+ * processed
+ */
+#define dtls1_get_processed_record(s) \
+ dtls1_retrieve_buffered_record((s), \
+ &((s)->d1->processed_rcds))
+
+static int dtls1_process_buffered_records(SSL *s)
+{
+ pitem *item;
+ SSL3_BUFFER *rb;
+ SSL3_RECORD *rr;
+ DTLS1_BITMAP *bitmap;
+ unsigned int is_next_epoch;
+ int replayok = 1;
+
+ item = pqueue_peek(s->d1->unprocessed_rcds.q);
+ if (item) {
+ /* Check if epoch is current. */
+ if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
+ return 1; /* Nothing to do. */
+
+ rr = &s->s3->rrec;
+ rb = &s->s3->rbuf;
+
+ if (rb->left > 0) {
+ /*
+ * We've still got data from the current packet to read. There could
+ * be a record from the new epoch in it - so don't overwrite it
+ * with the unprocessed records yet (we'll do it when we've
+ * finished reading the current packet).
+ */
+ return 1;
+ }
+
+
+ /* Process all the records. */
+ while (pqueue_peek(s->d1->unprocessed_rcds.q)) {
+ dtls1_get_unprocessed_record(s);
+ bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
+ if (bitmap == NULL) {
+ /*
+ * Should not happen. This will only ever be NULL when the
+ * current record is from a different epoch. But that cannot
+ * be the case because we already checked the epoch above
+ */
+ SSLerr(SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+#ifndef OPENSSL_NO_SCTP
+ /* Only do replay check if no SCTP bio */
+ if (!BIO_dgram_is_sctp(SSL_get_rbio(s)))
+#endif
+ {
+ /*
+ * Check whether this is a repeat, or aged record. We did this
+ * check once already when we first received the record - but
+ * we might have updated the window since then due to
+ * records we subsequently processed.
+ */
+ replayok = dtls1_record_replay_check(s, bitmap);
+ }
+
+ if (!replayok || !dtls1_process_record(s, bitmap)) {
+ /* dump this record */
+ rr->length = 0;
+ s->packet_length = 0;
+ continue;
+ }
+
+ if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
+ s->s3->rrec.seq_num) < 0)
+ return 0;
+ }
+ }
+
+ /*
+ * sync epoch numbers once all the unprocessed records have been
+ * processed
+ */
+ s->d1->processed_rcds.epoch = s->d1->r_epoch;
+ s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
+
+ return 1;
+}
+
+#if 0
+
+static int dtls1_get_buffered_record(SSL *s)
+{
+ pitem *item;
+ PQ_64BIT priority =
+ (((PQ_64BIT) s->d1->handshake_read_seq) << 32) |
+ ((PQ_64BIT) s->d1->r_msg_hdr.frag_off);
+
+ /* if we're not (re)negotiating, nothing buffered */
+ if (!SSL_in_init(s))
+ return 0;
+
+ item = pqueue_peek(s->d1->rcvd_records);
+ if (item && item->priority == priority) {
+ /*
+ * Check if we've received the record of interest. It must be a
+ * handshake record, since data records as passed up without
+ * buffering
+ */
+ DTLS1_RECORD_DATA *rdata;
+ item = pqueue_pop(s->d1->rcvd_records);
+ rdata = (DTLS1_RECORD_DATA *)item->data;
+
+ if (s->s3->rbuf.buf != NULL)
+ OPENSSL_free(s->s3->rbuf.buf);
+
+ s->packet = rdata->packet;
+ s->packet_length = rdata->packet_length;
+ memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
+ memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+
+ OPENSSL_free(item->data);
+ pitem_free(item);
+
+ /* s->d1->next_expected_seq_num++; */
+ return (1);
+ }
+
+ return 0;
+}
+
+#endif
+
+static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
+{
+ int i, al;
+ int enc_err;
+ SSL_SESSION *sess;
+ SSL3_RECORD *rr;
+ unsigned int mac_size, orig_len;
+ unsigned char md[EVP_MAX_MD_SIZE];
+
+ rr = &(s->s3->rrec);
+ sess = s->session;
+
+ /*
+ * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
+ * and we have that many bytes in s->packet
+ */
+ rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
+
+ /*
+ * ok, we can now read from 's->packet' data into 'rr' rr->input points
+ * at rr->length bytes, which need to be copied into rr->data by either
+ * the decryption or by the decompression When the data is 'copied' into
+ * the rr->data buffer, rr->input will be pointed at the new buffer
+ */
+
+ /*
+ * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
+ * bytes of encrypted compressed stuff.
+ */
+
+ /* check is not needed I believe */
+ if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
+ al = SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ /* decrypt in place in 'rr->input' */
+ rr->data = rr->input;
+
+ enc_err = s->method->ssl3_enc->enc(s, 0);
+ /*-
+ * enc_err is:
+ * 0: (in non-constant time) if the record is publically invalid.
+ * 1: if the padding is valid
+ * -1: if the padding is invalid
+ */
+ if (enc_err == 0) {
+ /* For DTLS we simply ignore bad packets. */
+ rr->length = 0;
+ s->packet_length = 0;
+ goto err;
+ }
+#ifdef TLS_DEBUG
+ printf("dec %d\n", rr->length);
+ {
+ unsigned int z;
+ for (z = 0; z < rr->length; z++)
+ printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
+ }
+ printf("\n");
+#endif
+
+ /* r->length is now the compressed data plus mac */
+ if ((sess != NULL) &&
+ (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
+ /* s->read_hash != NULL => mac_size != -1 */
+ unsigned char *mac = NULL;
+ unsigned char mac_tmp[EVP_MAX_MD_SIZE];
+ mac_size = EVP_MD_CTX_size(s->read_hash);
+ OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
+
+ /*
+ * kludge: *_cbc_remove_padding passes padding length in rr->type
+ */
+ orig_len = rr->length + ((unsigned int)rr->type >> 8);
+
+ /*
+ * orig_len is the length of the record before any padding was
+ * removed. This is public information, as is the MAC in use,
+ * therefore we can safely process the record in a different amount
+ * of time if it's too short to possibly contain a MAC.
+ */
+ if (orig_len < mac_size ||
+ /* CBC records must have a padding length byte too. */
+ (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+ orig_len < mac_size + 1)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
+ /*
+ * We update the length so that the TLS header bytes can be
+ * constructed correctly but we need to extract the MAC in
+ * constant time from within the record, without leaking the
+ * contents of the padding bytes.
+ */
+ mac = mac_tmp;
+ ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
+ rr->length -= mac_size;
+ } else {
+ /*
+ * In this case there's no padding, so |orig_len| equals
+ * |rec->length| and we checked that there's enough bytes for
+ * |mac_size| above.
+ */
+ rr->length -= mac_size;
+ mac = &rr->data[rr->length];
+ }
+
+ i = s->method->ssl3_enc->mac(s, md, 0 /* not send */ );
+ if (i < 0 || mac == NULL
+ || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
+ enc_err = -1;
+ if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
+ enc_err = -1;
+ }
+
+ if (enc_err < 0) {
+ /* decryption failed, silently discard message */
+ rr->length = 0;
+ s->packet_length = 0;
+ goto err;
+ }
+
+ /* r->length is now just compressed */
+ if (s->expand != NULL) {
+ if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {
+ al = SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD,
+ SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ if (!ssl3_do_uncompress(s)) {
+ al = SSL_AD_DECOMPRESSION_FAILURE;
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_BAD_DECOMPRESSION);
+ goto f_err;
+ }
+ }
+
+ if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
+ al = SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ rr->off = 0;
+ /*-
+ * So at this point the following is true
+ * ssl->s3->rrec.type is the type of record
+ * ssl->s3->rrec.length == number of bytes in record
+ * ssl->s3->rrec.off == offset to first valid byte
+ * ssl->s3->rrec.data == where to take bytes from, increment
+ * after use :-).
+ */
+
+ /* we have pulled in a full packet so zero things */
+ s->packet_length = 0;
+
+ /* Mark receipt of record. */
+ dtls1_record_bitmap_update(s, bitmap);
+
+ return (1);
+
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ return (0);
+}
+
+/*-
+ * Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type - is the type of record
+ * ssl->s3->rrec.data, - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+/* used only by dtls1_read_bytes */
+int dtls1_get_record(SSL *s)
+{
+ int ssl_major, ssl_minor;
+ int i, n;
+ SSL3_RECORD *rr;
+ unsigned char *p = NULL;
+ unsigned short version;
+ DTLS1_BITMAP *bitmap;
+ unsigned int is_next_epoch;
+
+ rr = &(s->s3->rrec);
+
+ again:
+ /*
+ * The epoch may have changed. If so, process all the pending records.
+ * This is a non-blocking operation.
+ */
+ if (!dtls1_process_buffered_records(s))
+ return -1;
+
+ /* if we're renegotiating, then there may be buffered records */
+ if (dtls1_get_processed_record(s))
+ return 1;
+
+ /* get something from the wire */
+ /* check if we have the header */
+ if ((s->rstate != SSL_ST_READ_BODY) ||
+ (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
+ n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
+ /* read timeout is handled by dtls1_read_bytes */
+ if (n <= 0)
+ return (n); /* error or non-blocking */
+
+ /* this packet contained a partial record, dump it */
+ if (s->packet_length != DTLS1_RT_HEADER_LENGTH) {
+ s->packet_length = 0;
+ goto again;
+ }
+
+ s->rstate = SSL_ST_READ_BODY;
+
+ p = s->packet;
+
+ /* Pull apart the header into the DTLS1_RECORD */
+ rr->type = *(p++);
+ ssl_major = *(p++);
+ ssl_minor = *(p++);
+ version = (ssl_major << 8) | ssl_minor;
+
+ /* sequence number is 64 bits, with top 2 bytes = epoch */
+ n2s(p, rr->epoch);
+
+ memcpy(&(s->s3->read_sequence[2]), p, 6);
+ p += 6;
+
+ n2s(p, rr->length);
+
+ /* Lets check version */
+ if (!s->first_packet) {
+ if (version != s->version) {
+ /* unexpected version, silently discard */
+ rr->length = 0;
+ s->packet_length = 0;
+ goto again;
+ }
+ }
+
+ if ((version & 0xff00) != (s->version & 0xff00)) {
+ /* wrong version, silently discard record */
+ rr->length = 0;
+ s->packet_length = 0;
+ goto again;
+ }
+
+ if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
+ /* record too long, silently discard it */
+ rr->length = 0;
+ s->packet_length = 0;
+ goto again;
+ }
+
+ /* now s->rstate == SSL_ST_READ_BODY */
+ }
+
+ /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
+
+ if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
+ /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
+ i = rr->length;
+ n = ssl3_read_n(s, i, i, 1);
+ /* this packet contained a partial record, dump it */
+ if (n != i) {
+ rr->length = 0;
+ s->packet_length = 0;
+ goto again;
+ }
+
+ /*
+ * now n == rr->length, and s->packet_length ==
+ * DTLS1_RT_HEADER_LENGTH + rr->length
+ */
+ }
+ s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
+
+ /* match epochs. NULL means the packet is dropped on the floor */
+ bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
+ if (bitmap == NULL) {
+ rr->length = 0;
+ s->packet_length = 0; /* dump this record */
+ goto again; /* get another record */
+ }
+#ifndef OPENSSL_NO_SCTP
+ /* Only do replay check if no SCTP bio */
+ if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
+#endif
+ /*
+ * Check whether this is a repeat, or aged record. Don't check if
+ * we're listening and this message is a ClientHello. They can look
+ * as if they're replayed, since they arrive from different
+ * connections and would be dropped unnecessarily.
+ */
+ if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+ s->packet_length > DTLS1_RT_HEADER_LENGTH &&
+ s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
+ !dtls1_record_replay_check(s, bitmap)) {
+ rr->length = 0;
+ s->packet_length = 0; /* dump this record */
+ goto again; /* get another record */
+ }
+#ifndef OPENSSL_NO_SCTP
+ }
+#endif
+
+ /* just read a 0 length packet */
+ if (rr->length == 0)
+ goto again;
+
+ /*
+ * If this record is from the next epoch (either HM or ALERT), and a
+ * handshake is currently in progress, buffer it since it cannot be
+ * processed at this time. However, do not buffer anything while
+ * listening.
+ */
+ if (is_next_epoch) {
+ if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
+ if (dtls1_buffer_record
+ (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
+ return -1;
+ }
+ rr->length = 0;
+ s->packet_length = 0;
+ goto again;
+ }
+
+ if (!dtls1_process_record(s, bitmap)) {
+ rr->length = 0;
+ s->packet_length = 0; /* dump this record */
+ goto again; /* get another record */
+ }
+
+ return (1);
+
+}
+
+/*-
+ * Return up to 'len' payload bytes received in 'type' records.
+ * 'type' is one of the following:
+ *
+ * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
+ * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
+ * - 0 (during a shutdown, no data has to be returned)
+ *
+ * If we don't have stored data to work from, read a SSL/TLS record first
+ * (possibly multiple records if we still don't have anything to return).
+ *
+ * This function must handle any surprises the peer may have for us, such as
+ * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
+ * a surprise, but handled as if it were), or renegotiation requests.
+ * Also if record payloads contain fragments too small to process, we store
+ * them until there is enough for the respective protocol (the record protocol
+ * may use arbitrary fragmentation and even interleaving):
+ * Change cipher spec protocol
+ * just 1 byte needed, no need for keeping anything stored
+ * Alert protocol
+ * 2 bytes needed (AlertLevel, AlertDescription)
+ * Handshake protocol
+ * 4 bytes needed (HandshakeType, uint24 length) -- we just have
+ * to detect unexpected Client Hello and Hello Request messages
+ * here, anything else is handled by higher layers
+ * Application data protocol
+ * none of our business
+ */
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
+{
+ int al, i, j, ret;
+ unsigned int n;
+ SSL3_RECORD *rr;
+ void (*cb) (const SSL *ssl, int type2, int val) = NULL;
+
+ if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
+ if (!ssl3_setup_buffers(s))
+ return (-1);
+
+ /* XXX: check what the second '&& type' is about */
+ if ((type && (type != SSL3_RT_APPLICATION_DATA) &&
+ (type != SSL3_RT_HANDSHAKE) && type) ||
+ (peek && (type != SSL3_RT_APPLICATION_DATA))) {
+ SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+
+ /*
+ * check whether there's a handshake message (client hello?) waiting
+ */
+ if ((ret = have_handshake_fragment(s, type, buf, len, peek)))
+ return ret;
+
+ /*
+ * Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
+ */
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Continue handshake if it had to be interrupted to read app data with
+ * SCTP.
+ */
+ if ((!s->in_handshake && SSL_in_init(s)) ||
+ (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+ || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)
+ && s->s3->in_read_app_data != 2))
+#else
+ if (!s->in_handshake && SSL_in_init(s))
+#endif
+ {
+ /* type == SSL3_RT_APPLICATION_DATA */
+ i = s->handshake_func(s);
+ if (i < 0)
+ return (i);
+ if (i == 0) {
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+ return (-1);
+ }
+ }
+
+ start:
+ s->rwstate = SSL_NOTHING;
+
+ /*-
+ * s->s3->rrec.type - is the type of record
+ * s->s3->rrec.data, - data
+ * s->s3->rrec.off, - offset into 'data' for next read
+ * s->s3->rrec.length, - number of bytes.
+ */
+ rr = &(s->s3->rrec);
+
+ /*
+ * We are not handshaking and have no data yet, so process data buffered
+ * during the last handshake in advance, if any.
+ */
+ if (s->state == SSL_ST_OK && rr->length == 0) {
+ pitem *item;
+ item = pqueue_pop(s->d1->buffered_app_data.q);
+ if (item) {
+#ifndef OPENSSL_NO_SCTP
+ /* Restore bio_dgram_sctp_rcvinfo struct */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s))) {
+ DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *)item->data;
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO,
+ sizeof(rdata->recordinfo), &rdata->recordinfo);
+ }
+#endif
+
+ dtls1_copy_record(s, item);
+
+ OPENSSL_free(item->data);
+ pitem_free(item);
+ }
+ }
+
+ /* Check for timeout */
+ if (dtls1_handle_timeout(s) > 0)
+ goto start;
+
+ /* get new packet if necessary */
+ if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
+ ret = dtls1_get_record(s);
+ if (ret <= 0) {
+ ret = dtls1_read_failed(s, ret);
+ /* anything other than a timeout is an error */
+ if (ret <= 0)
+ return (ret);
+ else
+ goto start;
+ }
+ }
+
+ if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
+ rr->length = 0;
+ goto start;
+ }
+
+ /* we now have a packet which can be read and processed */
+
+ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+ * reset by ssl3_get_finished */
+ && (rr->type != SSL3_RT_HANDSHAKE)) {
+ /*
+ * We now have application data between CCS and Finished. Most likely
+ * the packets were reordered on their way, so buffer the application
+ * data for later processing rather than dropping the connection.
+ */
+ if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
+ 0) {
+ SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ rr->length = 0;
+ goto start;
+ }
+
+ /*
+ * If the other end has shut down, throw anything we read away (even in
+ * 'peek' mode)
+ */
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+ rr->length = 0;
+ s->rwstate = SSL_NOTHING;
+ return (0);
+ }
+
+ if (type == rr->type) { /* SSL3_RT_APPLICATION_DATA or
+ * SSL3_RT_HANDSHAKE */
+ /*
+ * make sure that we are not getting application data when we are
+ * doing a handshake for the first time
+ */
+ if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+ (s->enc_read_ctx == NULL)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
+ goto f_err;
+ }
+
+ if (len <= 0)
+ return (len);
+
+ if ((unsigned int)len > rr->length)
+ n = rr->length;
+ else
+ n = (unsigned int)len;
+
+ memcpy(buf, &(rr->data[rr->off]), n);
+ if (!peek) {
+ rr->length -= n;
+ rr->off += n;
+ if (rr->length == 0) {
+ s->rstate = SSL_ST_READ_HEADER;
+ rr->off = 0;
+ }
+ }
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * We were about to renegotiate but had to read belated application
+ * data first, so retry.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ rr->type == SSL3_RT_APPLICATION_DATA &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+ || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)) {
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ }
+
+ /*
+ * We might had to delay a close_notify alert because of reordered
+ * app data. If there was an alert and there is no message to read
+ * anymore, finally set shutdown.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ s->d1->shutdown_received
+ && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+ return (0);
+ }
+#endif
+ return (n);
+ }
+
+ /*
+ * If we get here, then type != rr->type; if we have a handshake message,
+ * then it was unexpected (Hello Request or Client Hello).
+ */
+
+ /*
+ * In case of record types for which we have 'fragment' storage, fill
+ * that so that we can process the data at a fixed place.
+ */
+ {
+ unsigned int k, dest_maxlen = 0;
+ unsigned char *dest = NULL;
+ unsigned int *dest_len = NULL;
+
+ if (rr->type == SSL3_RT_HANDSHAKE) {
+ dest_maxlen = sizeof s->d1->handshake_fragment;
+ dest = s->d1->handshake_fragment;
+ dest_len = &s->d1->handshake_fragment_len;
+ } else if (rr->type == SSL3_RT_ALERT) {
+ dest_maxlen = sizeof(s->d1->alert_fragment);
+ dest = s->d1->alert_fragment;
+ dest_len = &s->d1->alert_fragment_len;
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (rr->type == TLS1_RT_HEARTBEAT) {
+ dtls1_process_heartbeat(s);
+
+ /* Exit and notify application to read again */
+ rr->length = 0;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return (-1);
+ }
+#endif
+ /* else it's a CCS message, or application data or wrong */
+ else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
+ /*
+ * Application data while renegotiating is allowed. Try again
+ * reading.
+ */
+ if (rr->type == SSL3_RT_APPLICATION_DATA) {
+ BIO *bio;
+ s->s3->in_read_app_data = 2;
+ bio = SSL_get_rbio(s);
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return (-1);
+ }
+
+ /* Not certain if this is the right error handling */
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+ goto f_err;
+ }
+
+ if (dest_maxlen > 0) {
+ /*
+ * XDTLS: In a pathalogical case, the Client Hello may be
+ * fragmented--don't always expect dest_maxlen bytes
+ */
+ if (rr->length < dest_maxlen) {
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ /*
+ * for normal alerts rr->length is 2, while
+ * dest_maxlen is 7 if we were to handle this
+ * non-existing alert...
+ */
+ FIX ME
+#endif
+ s->rstate = SSL_ST_READ_HEADER;
+ rr->length = 0;
+ goto start;
+ }
+
+ /* now move 'n' bytes: */
+ for (k = 0; k < dest_maxlen; k++) {
+ dest[k] = rr->data[rr->off++];
+ rr->length--;
+ }
+ *dest_len = dest_maxlen;
+ }
+ }
+
+ /*-
+ * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE;
+ * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT.
+ * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
+ */
+
+ /* If we are a client, check for an incoming 'Hello Request': */
+ if ((!s->server) &&
+ (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+ (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
+ (s->session != NULL) && (s->session->cipher != NULL)) {
+ s->d1->handshake_fragment_len = 0;
+
+ if ((s->d1->handshake_fragment[1] != 0) ||
+ (s->d1->handshake_fragment[2] != 0) ||
+ (s->d1->handshake_fragment[3] != 0)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
+ goto f_err;
+ }
+
+ /*
+ * no need to check sequence number on HELLO REQUEST messages
+ */
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+ s->d1->handshake_fragment, 4, s,
+ s->msg_callback_arg);
+
+ if (SSL_is_init_finished(s) &&
+ !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+ !s->s3->renegotiate) {
+ s->d1->handshake_read_seq++;
+ s->new_session = 1;
+ ssl3_renegotiate(s);
+ if (ssl3_renegotiate_check(s)) {
+ i = s->handshake_func(s);
+ if (i < 0)
+ return (i);
+ if (i == 0) {
+ SSLerr(SSL_F_DTLS1_READ_BYTES,
+ SSL_R_SSL_HANDSHAKE_FAILURE);
+ return (-1);
+ }
+
+ if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+ if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
+ BIO *bio;
+ /*
+ * In the case where we try to read application data,
+ * but we trigger an SSL handshake, we return -1 with
+ * the retry option set. Otherwise renegotiation may
+ * cause nasty problems in the blocking world
+ */
+ s->rwstate = SSL_READING;
+ bio = SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return (-1);
+ }
+ }
+ }
+ }
+ /*
+ * we either finished a handshake or ignored the request, now try
+ * again to obtain the (application) data we were asked for
+ */
+ goto start;
+ }
+
+ if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
+ int alert_level = s->d1->alert_fragment[0];
+ int alert_descr = s->d1->alert_fragment[1];
+
+ s->d1->alert_fragment_len = 0;
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_ALERT,
+ s->d1->alert_fragment, 2, s, s->msg_callback_arg);
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ if (cb != NULL) {
+ j = (alert_level << 8) | alert_descr;
+ cb(s, SSL_CB_READ_ALERT, j);
+ }
+
+ if (alert_level == SSL3_AL_WARNING) {
+ s->s3->warn_alert = alert_descr;
+ if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * With SCTP and streams the socket may deliver app data
+ * after a close_notify alert. We have to check this first so
+ * that nothing gets discarded.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->d1->shutdown_received = 1;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return -1;
+ }
+#endif
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+ return (0);
+ }
+#if 0
+ /* XXX: this is a possible improvement in the future */
+ /* now check if it's a missing record */
+ if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
+ unsigned short seq;
+ unsigned int frag_off;
+ unsigned char *p = &(s->d1->alert_fragment[2]);
+
+ n2s(p, seq);
+ n2l3(p, frag_off);
+
+ dtls1_retransmit_message(s,
+ dtls1_get_queue_priority
+ (frag->msg_header.seq, 0), frag_off,
+ &found);
+ if (!found && SSL_in_init(s)) {
+ /*
+ * fprintf( stderr,"in init = %d\n", SSL_in_init(s));
+ */
+ /*
+ * requested a message not yet sent, send an alert
+ * ourselves
+ */
+ ssl3_send_alert(s, SSL3_AL_WARNING,
+ DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+ }
+ }
+#endif
+ } else if (alert_level == SSL3_AL_FATAL) {
+ char tmp[16];
+
+ s->rwstate = SSL_NOTHING;
+ s->s3->fatal_alert = alert_descr;
+ SSLerr(SSL_F_DTLS1_READ_BYTES,
+ SSL_AD_REASON_OFFSET + alert_descr);
+ BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
+ ERR_add_error_data(2, "SSL alert number ", tmp);
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+ SSL_CTX_remove_session(s->ctx, s->session);
+ return (0);
+ } else {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
+ goto f_err;
+ }
+
+ goto start;
+ }
+
+ if (s->shutdown & SSL_SENT_SHUTDOWN) { /* but we have not received a
+ * shutdown */
+ s->rwstate = SSL_NOTHING;
+ rr->length = 0;
+ return (0);
+ }
+
+ if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+ struct ccs_header_st ccs_hdr;
+ unsigned int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
+
+ dtls1_get_ccs_header(rr->data, &ccs_hdr);
+
+ if (s->version == DTLS1_BAD_VER)
+ ccs_hdr_len = 3;
+
+ /*
+ * 'Change Cipher Spec' is just a single byte, so we know exactly
+ * what the record payload has to look like
+ */
+ /* XDTLS: check that epoch is consistent */
+ if ((rr->length != ccs_hdr_len) ||
+ (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
+ i = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+ goto err;
+ }
+
+ rr->length = 0;
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
+ rr->data, 1, s, s->msg_callback_arg);
+
+ /*
+ * We can't process a CCS now, because previous handshake messages
+ * are still missing, so just drop it.
+ */
+ if (!s->d1->change_cipher_spec_ok) {
+ goto start;
+ }
+
+ s->d1->change_cipher_spec_ok = 0;
+
+ s->s3->change_cipher_spec = 1;
+ if (!ssl3_do_change_cipher_spec(s))
+ goto err;
+
+ /* do this whenever CCS is processed */
+ dtls1_reset_seq_numbers(s, SSL3_CC_READ);
+
+ if (s->version == DTLS1_BAD_VER)
+ s->d1->handshake_read_seq++;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Remember that a CCS has been received, so that an old key of
+ * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no
+ * SCTP is used
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
+#endif
+
+ goto start;
+ }
+
+ /*
+ * Unexpected handshake message (Client Hello, or protocol violation)
+ */
+ if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+ !s->in_handshake) {
+ struct hm_header_st msg_hdr;
+
+ /* this may just be a stale retransmit */
+ dtls1_get_message_header(rr->data, &msg_hdr);
+ if (rr->epoch != s->d1->r_epoch) {
+ rr->length = 0;
+ goto start;
+ }
+
+ /*
+ * If we are server, we may have a repeated FINISHED of the client
+ * here, then retransmit our CCS and FINISHED.
+ */
+ if (msg_hdr.type == SSL3_MT_FINISHED) {
+ if (dtls1_check_timeout_num(s) < 0)
+ return -1;
+
+ dtls1_retransmit_buffered_messages(s);
+ rr->length = 0;
+ goto start;
+ }
+
+ if (((s->state & SSL_ST_MASK) == SSL_ST_OK) &&
+ !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
+#if 0 /* worked only because C operator preferences
+ * are not as expected (and because this is
+ * not really needed for clients except for
+ * detecting protocol violations): */
+ s->state = SSL_ST_BEFORE | (s->server)
+ ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#else
+ s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#endif
+ s->renegotiate = 1;
+ s->new_session = 1;
+ }
+ i = s->handshake_func(s);
+ if (i < 0)
+ return (i);
+ if (i == 0) {
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+ return (-1);
+ }
+
+ if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+ if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
+ BIO *bio;
+ /*
+ * In the case where we try to read application data, but we
+ * trigger an SSL handshake, we return -1 with the retry
+ * option set. Otherwise renegotiation may cause nasty
+ * problems in the blocking world
+ */
+ s->rwstate = SSL_READING;
+ bio = SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return (-1);
+ }
+ }
+ goto start;
+ }
+
+ switch (rr->type) {
+ default:
+#ifndef OPENSSL_NO_TLS
+ /* TLS just ignores unknown message types */
+ if (s->version == TLS1_VERSION) {
+ rr->length = 0;
+ goto start;
+ }
+#endif
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+ goto f_err;
+ case SSL3_RT_CHANGE_CIPHER_SPEC:
+ case SSL3_RT_ALERT:
+ case SSL3_RT_HANDSHAKE:
+ /*
+ * we already handled all of these, with the possible exception of
+ * SSL3_RT_HANDSHAKE when s->in_handshake is set, but that should not
+ * happen when type != rr->type
+ */
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ case SSL3_RT_APPLICATION_DATA:
+ /*
+ * At this point, we were expecting handshake data, but have
+ * application data. If the library was running inside ssl3_read()
+ * (i.e. in_read_app_data is set) and it makes sense to read
+ * application data at this point (session renegotiation not yet
+ * started), we will indulge it.
+ */
+ if (s->s3->in_read_app_data &&
+ (s->s3->total_renegotiations != 0) &&
+ (((s->state & SSL_ST_CONNECT) &&
+ (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+ (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+ ) || ((s->state & SSL_ST_ACCEPT) &&
+ (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+ (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+ )
+ )) {
+ s->s3->in_read_app_data = 2;
+ return (-1);
+ } else {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+ goto f_err;
+ }
+ }
+ /* not reached */
+
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ return (-1);
+}
+
+int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
+{
+ int i;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Check if we have to continue an interrupted handshake for reading
+ * belated app data with SCTP.
+ */
+ if ((SSL_in_init(s) && !s->in_handshake) ||
+ (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+ || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)))
+#else
+ if (SSL_in_init(s) && !s->in_handshake)
+#endif
+ {
+ i = s->handshake_func(s);
+ if (i < 0)
+ return (i);
+ if (i == 0) {
+ SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,
+ SSL_R_SSL_HANDSHAKE_FAILURE);
+ return -1;
+ }
+ }
+
+ if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
+ SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG);
+ return -1;
+ }
+
+ i = dtls1_write_bytes(s, type, buf_, len);
+ return i;
+}
+
+ /*
+ * this only happens when a client hello is received and a handshake
+ * is started.
+ */
+static int
+have_handshake_fragment(SSL *s, int type, unsigned char *buf,
+ int len, int peek)
+{
+
+ if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
+ /* (partially) satisfy request from storage */
+ {
+ unsigned char *src = s->d1->handshake_fragment;
+ unsigned char *dst = buf;
+ unsigned int k, n;
+
+ /* peek == 0 */
+ n = 0;
+ while ((len > 0) && (s->d1->handshake_fragment_len > 0)) {
+ *dst++ = *src++;
+ len--;
+ s->d1->handshake_fragment_len--;
+ n++;
+ }
+ /* move any remaining fragment bytes: */
+ for (k = 0; k < s->d1->handshake_fragment_len; k++)
+ s->d1->handshake_fragment[k] = *src++;
+ return n;
+ }
+
+ return 0;
+}
+
+/*
+ * Call this to write data in records of type 'type' It will return <= 0 if
+ * not all data has been sent or non-blocking IO.
+ */
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
+{
+ int i;
+
+ OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
+ s->rwstate = SSL_NOTHING;
+ i = do_dtls1_write(s, type, buf, len, 0);
+ return i;
+}
+
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
+ unsigned int len, int create_empty_fragment)
+{
+ unsigned char *p, *pseq;
+ int i, mac_size, clear = 0;
+ int prefix_len = 0;
+ SSL3_RECORD *wr;
+ SSL3_BUFFER *wb;
+ SSL_SESSION *sess;
+ int bs;
+
+ /*
+ * first check if there is a SSL3_BUFFER still being written out. This
+ * will happen with non blocking IO
+ */
+ if (s->s3->wbuf.left != 0) {
+ OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */
+ return (ssl3_write_pending(s, type, buf, len));
+ }
+
+ /* If we have an alert to send, lets send it */
+ if (s->s3->alert_dispatch) {
+ i = s->method->ssl_dispatch_alert(s);
+ if (i <= 0)
+ return (i);
+ /* if it went, fall through and send more stuff */
+ }
+
+ if (len == 0 && !create_empty_fragment)
+ return 0;
+
+ wr = &(s->s3->wrec);
+ wb = &(s->s3->wbuf);
+ sess = s->session;
+
+ if ((sess == NULL) ||
+ (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL))
+ clear = 1;
+
+ if (clear)
+ mac_size = 0;
+ else {
+ mac_size = EVP_MD_CTX_size(s->write_hash);
+ if (mac_size < 0)
+ goto err;
+ }
+
+ /* DTLS implements explicit IV, so no need for empty fragments */
+#if 0
+ /*
+ * 'create_empty_fragment' is true only when this function calls itself
+ */
+ if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
+ && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
+ {
+ /*
+ * countermeasure against known-IV weakness in CBC ciphersuites (see
+ * http://www.openssl.org/~bodo/tls-cbc.txt)
+ */
+
+ if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
+ /*
+ * recursive function call with 'create_empty_fragment' set; this
+ * prepares and buffers the data for an empty fragment (these
+ * 'prefix_len' bytes are sent out later together with the actual
+ * payload)
+ */
+ prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
+ if (prefix_len <= 0)
+ goto err;
+
+ if (s->s3->wbuf.len <
+ (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
+ /* insufficient space */
+ SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ s->s3->empty_fragment_done = 1;
+ }
+#endif
+ p = wb->buf + prefix_len;
+
+ /* write the header */
+
+ *(p++) = type & 0xff;
+ wr->type = type;
+
+ *(p++) = (s->version >> 8);
+ *(p++) = s->version & 0xff;
+
+ /* field where we are to write out packet epoch, seq num and len */
+ pseq = p;
+ p += 10;
+
+ /* lets setup the record stuff. */
+
+ /*
+ * Make space for the explicit IV in case of CBC. (this is a bit of a
+ * boundary violation, but what the heck).
+ */
+ if (s->enc_write_ctx &&
+ (EVP_CIPHER_mode(s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
+ bs = EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
+ else
+ bs = 0;
+
+ wr->data = p + bs; /* make room for IV in case of CBC */
+ wr->length = (int)len;
+ wr->input = (unsigned char *)buf;
+
+ /*
+ * we now 'read' from wr->input, wr->length bytes into wr->data
+ */
+
+ /* first we compress */
+ if (s->compress != NULL) {
+ if (!ssl3_do_compress(s)) {
+ SSLerr(SSL_F_DO_DTLS1_WRITE, SSL_R_COMPRESSION_FAILURE);
+ goto err;
+ }
+ } else {
+ memcpy(wr->data, wr->input, wr->length);
+ wr->input = wr->data;
+ }
+
+ /*
+ * we should still have the output to wr->data and the input from
+ * wr->input. Length should be wr->length. wr->data still points in the
+ * wb->buf
+ */
+
+ if (mac_size != 0) {
+ if (s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
+ goto err;
+ wr->length += mac_size;
+ }
+
+ /* this is true regardless of mac size */
+ wr->input = p;
+ wr->data = p;
+
+ /* ssl3_enc can only have an error on read */
+ if (bs) { /* bs != 0 in case of CBC */
+ if (RAND_bytes(p, bs) <= 0)
+ goto err;
+ /*
+ * master IV and last CBC residue stand for the rest of randomness
+ */
+ wr->length += bs;
+ }
+
+ if (s->method->ssl3_enc->enc(s, 1) < 1)
+ goto err;
+
+ /* record length after mac and block padding */
+ /*
+ * if (type == SSL3_RT_APPLICATION_DATA || (type == SSL3_RT_ALERT && !
+ * SSL_in_init(s)))
+ */
+
+ /* there's only one epoch between handshake and app data */
+
+ s2n(s->d1->w_epoch, pseq);
+
+ /* XDTLS: ?? */
+ /*
+ * else s2n(s->d1->handshake_epoch, pseq);
+ */
+
+ memcpy(pseq, &(s->s3->write_sequence[2]), 6);
+ pseq += 6;
+ s2n(wr->length, pseq);
+
+ /*
+ * we should now have wr->data pointing to the encrypted data, which is
+ * wr->length long
+ */
+ wr->type = type; /* not needed but helps for debugging */
+ wr->length += DTLS1_RT_HEADER_LENGTH;
+
+#if 0 /* this is now done at the message layer */
+ /* buffer the record, making it easy to handle retransmits */
+ if (type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
+ dtls1_buffer_record(s, wr->data, wr->length,
+ *((PQ_64BIT *) & (s->s3->write_sequence[0])));
+#endif
+
+ ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
+
+ if (create_empty_fragment) {
+ /*
+ * we are in a recursive call; just return the length, don't write
+ * out anything here
+ */
+ return wr->length;
+ }
+
+ /* now let's set up wb */
+ wb->left = prefix_len + wr->length;
+ wb->offset = 0;
+
+ /*
+ * memorize arguments so that ssl3_write_pending can detect bad write
+ * retries later
+ */
+ s->s3->wpend_tot = len;
+ s->s3->wpend_buf = buf;
+ s->s3->wpend_type = type;
+ s->s3->wpend_ret = len;
+
+ /* we now just need to write the buffer */
+ return ssl3_write_pending(s, type, buf, len);
+ err:
+ return -1;
+}
+
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
+{
+ int cmp;
+ unsigned int shift;
+ const unsigned char *seq = s->s3->read_sequence;
+
+ cmp = satsub64be(seq, bitmap->max_seq_num);
+ if (cmp > 0) {
+ memcpy(s->s3->rrec.seq_num, seq, 8);
+ return 1; /* this record in new */
+ }
+ shift = -cmp;
+ if (shift >= sizeof(bitmap->map) * 8)
+ return 0; /* stale, outside the window */
+ else if (bitmap->map & (1UL << shift))
+ return 0; /* record previously received */
+
+ memcpy(s->s3->rrec.seq_num, seq, 8);
+ return 1;
+}
+
+static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
+{
+ int cmp;
+ unsigned int shift;
+ const unsigned char *seq = s->s3->read_sequence;
+
+ cmp = satsub64be(seq, bitmap->max_seq_num);
+ if (cmp > 0) {
+ shift = cmp;
+ if (shift < sizeof(bitmap->map) * 8)
+ bitmap->map <<= shift, bitmap->map |= 1UL;
+ else
+ bitmap->map = 1UL;
+ memcpy(bitmap->max_seq_num, seq, 8);
+ } else {
+ shift = -cmp;
+ if (shift < sizeof(bitmap->map) * 8)
+ bitmap->map |= 1UL << shift;
+ }
+}
+
+int dtls1_dispatch_alert(SSL *s)
+{
+ int i, j;
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ unsigned char buf[DTLS1_AL_HEADER_LENGTH];
+ unsigned char *ptr = &buf[0];
+
+ s->s3->alert_dispatch = 0;
+
+ memset(buf, 0x00, sizeof(buf));
+ *ptr++ = s->s3->send_alert[0];
+ *ptr++ = s->s3->send_alert[1];
+
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
+ s2n(s->d1->handshake_read_seq, ptr);
+# if 0
+ if (s->d1->r_msg_hdr.frag_off == 0)
+ /*
+ * waiting for a new msg
+ */
+ else
+ s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
+# endif
+
+# if 0
+ fprintf(stderr,
+ "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n",
+ s->d1->handshake_read_seq, s->d1->r_msg_hdr.seq);
+# endif
+ l2n3(s->d1->r_msg_hdr.frag_off, ptr);
+ }
+#endif
+
+ i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
+ if (i <= 0) {
+ s->s3->alert_dispatch = 1;
+ /* fprintf( stderr, "not done with alert\n" ); */
+ } else {
+ if (s->s3->send_alert[0] == SSL3_AL_FATAL
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#endif
+ )
+ (void)BIO_flush(s->wbio);
+
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
+ 2, s, s->msg_callback_arg);
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ if (cb != NULL) {
+ j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
+ cb(s, SSL_CB_WRITE_ALERT, j);
+ }
+ }
+ return (i);
+}
+
+static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
+ unsigned int *is_next_epoch)
+{
+
+ *is_next_epoch = 0;
+
+ /* In current epoch, accept HM, CCS, DATA, & ALERT */
+ if (rr->epoch == s->d1->r_epoch)
+ return &s->d1->bitmap;
+
+ /*
+ * Only HM and ALERT messages can be from the next epoch and only if we
+ * have already processed all of the unprocessed records from the last
+ * epoch
+ */
+ else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
+ s->d1->unprocessed_rcds.epoch != s->d1->r_epoch &&
+ (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
+ *is_next_epoch = 1;
+ return &s->d1->next_bitmap;
+ }
+
+ return NULL;
+}
+
+#if 0
+static int
+dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
+ unsigned short *priority, unsigned long *offset)
+{
+
+ /* alerts are passed up immediately */
+ if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
+ return 0;
+
+ /*
+ * Only need to buffer if a handshake is underway. (this implies that
+ * Hello Request and Client Hello are passed up immediately)
+ */
+ if (SSL_in_init(s)) {
+ unsigned char *data = rr->data;
+ /* need to extract the HM/CCS sequence number here */
+ if (rr->type == SSL3_RT_HANDSHAKE ||
+ rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+ unsigned short seq_num;
+ struct hm_header_st msg_hdr;
+ struct ccs_header_st ccs_hdr;
+
+ if (rr->type == SSL3_RT_HANDSHAKE) {
+ dtls1_get_message_header(data, &msg_hdr);
+ seq_num = msg_hdr.seq;
+ *offset = msg_hdr.frag_off;
+ } else {
+ dtls1_get_ccs_header(data, &ccs_hdr);
+ seq_num = ccs_hdr.seq;
+ *offset = 0;
+ }
+
+ /*
+ * this is either a record we're waiting for, or a retransmit of
+ * something we happened to previously receive (higher layers
+ * will drop the repeat silently
+ */
+ if (seq_num < s->d1->handshake_read_seq)
+ return 0;
+ if (rr->type == SSL3_RT_HANDSHAKE &&
+ seq_num == s->d1->handshake_read_seq &&
+ msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
+ return 0;
+ else if (seq_num == s->d1->handshake_read_seq &&
+ (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||
+ msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
+ return 0;
+ else {
+ *priority = seq_num;
+ return 1;
+ }
+ } else /* unknown record type */
+ return 0;
+ }
+
+ return 0;
+}
+#endif
+
+void dtls1_reset_seq_numbers(SSL *s, int rw)
+{
+ unsigned char *seq;
+ unsigned int seq_bytes = sizeof(s->s3->read_sequence);
+
+ if (rw & SSL3_CC_READ) {
+ seq = s->s3->read_sequence;
+ s->d1->r_epoch++;
+ memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
+ memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
+
+ /*
+ * We must not use any buffered messages received from the previous
+ * epoch
+ */
+ dtls1_clear_received_buffer(s);
+ } else {
+ seq = s->s3->write_sequence;
+ memcpy(s->d1->last_write_sequence, seq,
+ sizeof(s->s3->write_sequence));
+ s->d1->w_epoch++;
+ }
+
+ memset(seq, 0x00, seq_bytes);
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/d1_srvr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1759 +0,0 @@
-/* ssl/d1_srvr.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/md5.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-static const SSL_METHOD *dtls1_get_server_method(int ver);
-static int dtls1_send_hello_verify_request(SSL *s);
-
-static const SSL_METHOD *dtls1_get_server_method(int ver)
-{
- if (ver == DTLS1_VERSION)
- return (DTLSv1_server_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
- dtls1_accept,
- ssl_undefined_function, dtls1_get_server_method)
-
-int dtls1_accept(SSL *s)
-{
- BUF_MEM *buf;
- unsigned long Time = (unsigned long)time(NULL);
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- unsigned long alg_k;
- int ret = -1;
- int new_state, state, skip = 0;
- int listen;
-#ifndef OPENSSL_NO_SCTP
- unsigned char sctpauthkey[64];
- char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
-
- RAND_add(&Time, sizeof(Time), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- listen = s->d1->listen;
-
- /* init things to blank */
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
- s->d1->listen = listen;
-#ifndef OPENSSL_NO_SCTP
- /*
- * Notify SCTP BIO socket to enter handshake mode and prevent stream
- * identifier other than 0. Will be ignored if no SCTP is used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
- s->in_handshake, NULL);
-#endif
-
- if (s->cert == NULL) {
- SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
- return (-1);
- }
-#ifndef OPENSSL_NO_HEARTBEATS
- /*
- * If we're awaiting a HeartbeatResponse, pretend we already got and
- * don't await it anymore, because Heartbeats don't make sense during
- * handshakes anyway.
- */
- if (s->tlsext_hb_pending) {
- dtls1_stop_timer(s);
- s->tlsext_hb_pending = 0;
- s->tlsext_hb_seq++;
- }
-#endif
-
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_RENEGOTIATE:
- s->renegotiate = 1;
- /* s->state=SSL_ST_ACCEPT; */
-
- case SSL_ST_BEFORE:
- case SSL_ST_ACCEPT:
- case SSL_ST_BEFORE | SSL_ST_ACCEPT:
- case SSL_ST_OK | SSL_ST_ACCEPT:
-
- s->server = 1;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
- SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- s->type = SSL_ST_ACCEPT;
-
- if (s->init_buf == NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
- BUF_MEM_free(buf);
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- s->init_buf = buf;
- }
-
- if (!ssl3_setup_buffers(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- s->init_num = 0;
- s->d1->change_cipher_spec_ok = 0;
- /*
- * Should have been reset by ssl3_get_finished, too.
- */
- s->s3->change_cipher_spec = 0;
-
- if (s->state != SSL_ST_RENEGOTIATE) {
- /*
- * Ok, we now need to push on a buffering BIO so that the
- * output is sent in a way that TCP likes :-) ...but not with
- * SCTP :-)
- */
-#ifndef OPENSSL_NO_SCTP
- if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
-#endif
- if (!ssl_init_wbio_buffer(s, 1)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- ssl3_init_finished_mac(s);
- s->state = SSL3_ST_SR_CLNT_HELLO_A;
- s->ctx->stats.sess_accept++;
- } else if (!s->s3->send_connection_binding &&
- !(s->options &
- SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
- /*
- * Server attempting to renegotiate with client that doesn't
- * support secure renegotiation.
- */
- SSLerr(SSL_F_DTLS1_ACCEPT,
- SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- } else {
- /*
- * s->state == SSL_ST_RENEGOTIATE, we will just send a
- * HelloRequest
- */
- s->ctx->stats.sess_accept_renegotiate++;
- s->state = SSL3_ST_SW_HELLO_REQ_A;
- }
-
- break;
-
- case SSL3_ST_SW_HELLO_REQ_A:
- case SSL3_ST_SW_HELLO_REQ_B:
-
- s->shutdown = 0;
- dtls1_clear_record_buffer(s);
- dtls1_start_timer(s);
- ret = dtls1_send_hello_request(s);
- if (ret <= 0)
- goto end;
- s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
- s->state = SSL3_ST_SW_FLUSH;
- s->init_num = 0;
-
- ssl3_init_finished_mac(s);
- break;
-
- case SSL3_ST_SW_HELLO_REQ_C:
- s->state = SSL_ST_OK;
- break;
-
- case SSL3_ST_SR_CLNT_HELLO_A:
- case SSL3_ST_SR_CLNT_HELLO_B:
- case SSL3_ST_SR_CLNT_HELLO_C:
-
- s->shutdown = 0;
- ret = ssl3_get_client_hello(s);
- if (ret <= 0)
- goto end;
- dtls1_stop_timer(s);
-
- if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
- s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
- else
- s->state = SSL3_ST_SW_SRVR_HELLO_A;
-
- s->init_num = 0;
-
- /*
- * Reflect ClientHello sequence to remain stateless while
- * listening
- */
- if (listen) {
- memcpy(s->s3->write_sequence, s->s3->read_sequence,
- sizeof(s->s3->write_sequence));
- }
-
- /* If we're just listening, stop here */
- if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
- ret = 2;
- s->d1->listen = 0;
- /*
- * Set expected sequence numbers to continue the handshake.
- */
- s->d1->handshake_read_seq = 2;
- s->d1->handshake_write_seq = 1;
- s->d1->next_handshake_write_seq = 1;
- goto end;
- }
-
- break;
-
- case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
- case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-
- ret = dtls1_send_hello_verify_request(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_FLUSH;
- s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
-
- /* HelloVerifyRequest resets Finished MAC */
- if (s->version != DTLS1_BAD_VER)
- ssl3_init_finished_mac(s);
- break;
-
-#ifndef OPENSSL_NO_SCTP
- case DTLS1_SCTP_ST_SR_READ_SOCK:
-
- if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
- s->s3->in_read_app_data = 2;
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- ret = -1;
- goto end;
- }
-
- s->state = SSL3_ST_SR_FINISHED_A;
- break;
-
- case DTLS1_SCTP_ST_SW_WRITE_SOCK:
- ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
- if (ret < 0)
- goto end;
-
- if (ret == 0) {
- if (s->d1->next_state != SSL_ST_OK) {
- s->s3->in_read_app_data = 2;
- s->rwstate = SSL_READING;
- BIO_clear_retry_flags(SSL_get_rbio(s));
- BIO_set_retry_read(SSL_get_rbio(s));
- ret = -1;
- goto end;
- }
- }
-
- s->state = s->d1->next_state;
- break;
-#endif
-
- case SSL3_ST_SW_SRVR_HELLO_A:
- case SSL3_ST_SW_SRVR_HELLO_B:
- s->renegotiate = 2;
- dtls1_start_timer(s);
- ret = dtls1_send_server_hello(s);
- if (ret <= 0)
- goto end;
-
- if (s->hit) {
-#ifndef OPENSSL_NO_SCTP
- /*
- * Add new shared key for SCTP-Auth, will be ignored if no
- * SCTP used.
- */
- snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
- DTLS1_SCTP_AUTH_LABEL);
-
- if (SSL_export_keying_material(s, sctpauthkey,
- sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0, 0) <= 0) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
- sizeof(sctpauthkey), sctpauthkey);
-#endif
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_ticket_expected)
- s->state = SSL3_ST_SW_SESSION_TICKET_A;
- else
- s->state = SSL3_ST_SW_CHANGE_A;
-#else
- s->state = SSL3_ST_SW_CHANGE_A;
-#endif
- } else
- s->state = SSL3_ST_SW_CERT_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_CERT_A:
- case SSL3_ST_SW_CERT_B:
- /* Check if it is anon DH or normal PSK */
- if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
- && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- dtls1_start_timer(s);
- ret = dtls1_send_server_certificate(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_status_expected)
- s->state = SSL3_ST_SW_CERT_STATUS_A;
- else
- s->state = SSL3_ST_SW_KEY_EXCH_A;
- } else {
- skip = 1;
- s->state = SSL3_ST_SW_KEY_EXCH_A;
- }
-#else
- } else
- skip = 1;
-
- s->state = SSL3_ST_SW_KEY_EXCH_A;
-#endif
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_KEY_EXCH_A:
- case SSL3_ST_SW_KEY_EXCH_B:
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
- /*
- * clear this, it may get reset by
- * send_server_key_exchange
- */
- s->s3->tmp.use_rsa_tmp = 0;
-
- /*
- * only send if a DH key exchange or RSA but we have a sign only
- * certificate
- */
- if (0
- /*
- * PSK: send ServerKeyExchange if PSK identity hint if
- * provided
- */
-#ifndef OPENSSL_NO_PSK
- || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
-#endif
- || (alg_k & SSL_kEDH)
- || (alg_k & SSL_kEECDH)
- || ((alg_k & SSL_kRSA)
- && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
- && EVP_PKEY_size(s->cert->pkeys
- [SSL_PKEY_RSA_ENC].privatekey) *
- 8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
- )
- )
- )
- ) {
- dtls1_start_timer(s);
- ret = dtls1_send_server_key_exchange(s);
- if (ret <= 0)
- goto end;
- } else
- skip = 1;
-
- s->state = SSL3_ST_SW_CERT_REQ_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_CERT_REQ_A:
- case SSL3_ST_SW_CERT_REQ_B:
- if ( /* don't request cert unless asked for it: */
- !(s->verify_mode & SSL_VERIFY_PEER) ||
- /*
- * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
- * during re-negotiation:
- */
- ((s->session->peer != NULL) &&
- (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
- /*
- * never request cert in anonymous ciphersuites (see
- * section "Certificate request" in SSL 3 drafts and in
- * RFC 2246):
- */
- ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
- /*
- * ... except when the application insists on
- * verification (against the specs, but s3_clnt.c accepts
- * this for SSL 3)
- */
- !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
- /*
- * never request cert in Kerberos ciphersuites
- */
- (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
- /*
- * With normal PSK Certificates and Certificate Requests
- * are omitted
- */
- || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- /* no cert request */
- skip = 1;
- s->s3->tmp.cert_request = 0;
- s->state = SSL3_ST_SW_SRVR_DONE_A;
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
- s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
- }
-#endif
- } else {
- s->s3->tmp.cert_request = 1;
- dtls1_start_timer(s);
- ret = dtls1_send_certificate_request(s);
- if (ret <= 0)
- goto end;
-#ifndef NETSCAPE_HANG_BUG
- s->state = SSL3_ST_SW_SRVR_DONE_A;
-# ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
- s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
- }
-# endif
-#else
- s->state = SSL3_ST_SW_FLUSH;
- s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-# ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = s->s3->tmp.next_state;
- s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
- }
-# endif
-#endif
- s->init_num = 0;
- }
- break;
-
- case SSL3_ST_SW_SRVR_DONE_A:
- case SSL3_ST_SW_SRVR_DONE_B:
- dtls1_start_timer(s);
- ret = dtls1_send_server_done(s);
- if (ret <= 0)
- goto end;
- s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
- s->state = SSL3_ST_SW_FLUSH;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_FLUSH:
- s->rwstate = SSL_WRITING;
- if (BIO_flush(s->wbio) <= 0) {
- /*
- * If the write error was fatal, stop trying
- */
- if (!BIO_should_retry(s->wbio)) {
- s->rwstate = SSL_NOTHING;
- s->state = s->s3->tmp.next_state;
- }
-
- ret = -1;
- goto end;
- }
- s->rwstate = SSL_NOTHING;
- s->state = s->s3->tmp.next_state;
- break;
-
- case SSL3_ST_SR_CERT_A:
- case SSL3_ST_SR_CERT_B:
- /* Check for second client hello (MS SGC) */
- ret = ssl3_check_client_hello(s);
- if (ret <= 0)
- goto end;
- if (ret == 2) {
- dtls1_stop_timer(s);
- s->state = SSL3_ST_SR_CLNT_HELLO_C;
- } else {
- if (s->s3->tmp.cert_request) {
- ret = ssl3_get_client_certificate(s);
- if (ret <= 0)
- goto end;
- }
- s->init_num = 0;
- s->state = SSL3_ST_SR_KEY_EXCH_A;
- }
- break;
-
- case SSL3_ST_SR_KEY_EXCH_A:
- case SSL3_ST_SR_KEY_EXCH_B:
- ret = ssl3_get_client_key_exchange(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_SCTP
- /*
- * Add new shared key for SCTP-Auth, will be ignored if no SCTP
- * used.
- */
- snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
- DTLS1_SCTP_AUTH_LABEL);
-
- if (SSL_export_keying_material(s, sctpauthkey,
- sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0, 0) <= 0) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
- sizeof(sctpauthkey), sctpauthkey);
-#endif
-
- s->state = SSL3_ST_SR_CERT_VRFY_A;
- s->init_num = 0;
-
- if (ret == 2) {
- /*
- * For the ECDH ciphersuites when the client sends its ECDH
- * pub key in a certificate, the CertificateVerify message is
- * not sent.
- */
- s->state = SSL3_ST_SR_FINISHED_A;
- s->init_num = 0;
- } else {
- s->state = SSL3_ST_SR_CERT_VRFY_A;
- s->init_num = 0;
-
- /*
- * We need to get hashes here so if there is a client cert,
- * it can be verified
- */
- s->method->ssl3_enc->cert_verify_mac(s,
- NID_md5,
- &(s->s3->
- tmp.cert_verify_md
- [0]));
- s->method->ssl3_enc->cert_verify_mac(s, NID_sha1,
- &(s->s3->
- tmp.cert_verify_md
- [MD5_DIGEST_LENGTH]));
- }
- break;
-
- case SSL3_ST_SR_CERT_VRFY_A:
- case SSL3_ST_SR_CERT_VRFY_B:
- ret = ssl3_get_cert_verify(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
- state == SSL_ST_RENEGOTIATE)
- s->state = DTLS1_SCTP_ST_SR_READ_SOCK;
- else
-#endif
- s->state = SSL3_ST_SR_FINISHED_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SR_FINISHED_A:
- case SSL3_ST_SR_FINISHED_B:
- /*
- * Enable CCS. Receiving a CCS clears the flag, so make
- * sure not to re-enable it to ban duplicates. This *should* be the
- * first time we have received one - but we check anyway to be
- * cautious.
- * s->s3->change_cipher_spec is set when a CCS is
- * processed in d1_pkt.c, and remains set until
- * the client's Finished message is read.
- */
- if (!s->s3->change_cipher_spec)
- s->d1->change_cipher_spec_ok = 1;
- ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
- SSL3_ST_SR_FINISHED_B);
- if (ret <= 0)
- goto end;
- dtls1_stop_timer(s);
- if (s->hit)
- s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_TLSEXT
- else if (s->tlsext_ticket_expected)
- s->state = SSL3_ST_SW_SESSION_TICKET_A;
-#endif
- else
- s->state = SSL3_ST_SW_CHANGE_A;
- s->init_num = 0;
- break;
-
-#ifndef OPENSSL_NO_TLSEXT
- case SSL3_ST_SW_SESSION_TICKET_A:
- case SSL3_ST_SW_SESSION_TICKET_B:
- ret = dtls1_send_newsession_ticket(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_CHANGE_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_CERT_STATUS_A:
- case SSL3_ST_SW_CERT_STATUS_B:
- ret = ssl3_send_cert_status(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_KEY_EXCH_A;
- s->init_num = 0;
- break;
-
-#endif
-
- case SSL3_ST_SW_CHANGE_A:
- case SSL3_ST_SW_CHANGE_B:
-
- s->session->cipher = s->s3->tmp.new_cipher;
- if (!s->method->ssl3_enc->setup_key_block(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- ret = dtls1_send_change_cipher_spec(s,
- SSL3_ST_SW_CHANGE_A,
- SSL3_ST_SW_CHANGE_B);
-
- if (ret <= 0)
- goto end;
-
-#ifndef OPENSSL_NO_SCTP
- if (!s->hit) {
- /*
- * Change to new shared key of SCTP-Auth, will be ignored if
- * no SCTP used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
- 0, NULL);
- }
-#endif
-
- s->state = SSL3_ST_SW_FINISHED_A;
- s->init_num = 0;
-
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_SERVER_WRITE))
- {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
- break;
-
- case SSL3_ST_SW_FINISHED_A:
- case SSL3_ST_SW_FINISHED_B:
- ret = dtls1_send_finished(s,
- SSL3_ST_SW_FINISHED_A,
- SSL3_ST_SW_FINISHED_B,
- s->method->
- ssl3_enc->server_finished_label,
- s->method->
- ssl3_enc->server_finished_label_len);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_FLUSH;
- if (s->hit) {
- s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-
-#ifndef OPENSSL_NO_SCTP
- /*
- * Change to new shared key of SCTP-Auth, will be ignored if
- * no SCTP used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
- 0, NULL);
-#endif
- } else {
- s->s3->tmp.next_state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- s->d1->next_state = s->s3->tmp.next_state;
- s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
- }
-#endif
- }
- s->init_num = 0;
- break;
-
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-
-#if 0
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
-#endif
-
- /* remove buffering on output */
- ssl_free_wbio_buffer(s);
-
- s->init_num = 0;
-
- if (s->renegotiate == 2) { /* skipped if we just sent a
- * HelloRequest */
- s->renegotiate = 0;
- s->new_session = 0;
-
- ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
- s->ctx->stats.sess_accept_good++;
- /* s->server=1; */
- s->handshake_func = dtls1_accept;
-
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
- }
-
- ret = 1;
-
- /* done handshaking, next message is client hello */
- s->d1->handshake_read_seq = 0;
- /* next message is server hello */
- s->d1->handshake_write_seq = 0;
- s->d1->next_handshake_write_seq = 0;
- goto end;
- /* break; */
-
- case SSL_ST_ERR:
- default:
- SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
- ret = -1;
- goto end;
- /* break; */
- }
-
- if (!s->s3->tmp.reuse_message && !skip) {
- if (s->debug) {
- if ((ret = BIO_flush(s->wbio)) <= 0)
- goto end;
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_ACCEPT_LOOP, 1);
- s->state = new_state;
- }
- }
- skip = 0;
- }
- end:
- /* BIO_flush(s->wbio); */
-
- s->in_handshake--;
-#ifndef OPENSSL_NO_SCTP
- /*
- * Notify SCTP BIO socket to leave handshake mode and prevent stream
- * identifier other than 0. Will be ignored if no SCTP is used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
- s->in_handshake, NULL);
-#endif
-
- if (cb != NULL)
- cb(s, SSL_CB_ACCEPT_EXIT, ret);
- return (ret);
-}
-
-int dtls1_send_hello_request(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
- p = (unsigned char *)s->init_buf->data;
- p = dtls1_set_message_header(s, p, SSL3_MT_HELLO_REQUEST, 0, 0, 0);
-
- s->state = SSL3_ST_SW_HELLO_REQ_B;
- /* number of bytes to write */
- s->init_num = DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-
- /*
- * no need to buffer this message, since there are no retransmit
- * requests for it
- */
- }
-
- /* SSL3_ST_SW_HELLO_REQ_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int dtls1_send_hello_verify_request(SSL *s)
-{
- unsigned int msg_len;
- unsigned char *msg, *buf, *p;
-
- if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
- buf = (unsigned char *)s->init_buf->data;
-
- msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
- *(p++) = s->version >> 8;
- *(p++) = s->version & 0xFF;
-
- if (s->ctx->app_gen_cookie_cb == NULL ||
- s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
- &(s->d1->cookie_len)) == 0) {
- SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
- ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return 0;
- }
-
- *(p++) = (unsigned char)s->d1->cookie_len;
- memcpy(p, s->d1->cookie, s->d1->cookie_len);
- p += s->d1->cookie_len;
- msg_len = p - msg;
-
- dtls1_set_message_header(s, buf,
- DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0,
- msg_len);
-
- s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
- }
-
- /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int dtls1_send_server_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- int i;
- unsigned int sl;
- unsigned long l;
-
- if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
- buf = (unsigned char *)s->init_buf->data;
- p = s->s3->server_random;
- ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);
- /* Do the message type and length last */
- d = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
-
- *(p++) = s->version >> 8;
- *(p++) = s->version & 0xff;
-
- /* Random stuff */
- memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- /*
- * now in theory we have 3 options to sending back the session id.
- * If it is a re-use, we send back the old session-id, if it is a new
- * session, we send back the new session-id or we send back a 0
- * length session-id if we want it to be single use. Currently I will
- * not implement the '0' length session-id 12-Jan-98 - I'll now
- * support the '0' length stuff.
- */
- if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
- s->session->session_id_length = 0;
-
- sl = s->session->session_id_length;
- if (sl > sizeof s->session->session_id) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- *(p++) = sl;
- memcpy(p, s->session->session_id, sl);
- p += sl;
-
- /* put the cipher */
- if (s->s3->tmp.new_cipher == NULL)
- return -1;
- i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
- p += i;
-
- /* put the compression method */
-#ifdef OPENSSL_NO_COMP
- *(p++) = 0;
-#else
- if (s->s3->tmp.new_compression == NULL)
- *(p++) = 0;
- else
- *(p++) = s->s3->tmp.new_compression->id;
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
- if (ssl_prepare_serverhello_tlsext(s) <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
- return -1;
- }
- if ((p =
- ssl_add_serverhello_tlsext(s, p,
- buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
- NULL) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
-#endif
-
- /* do the header */
- l = (p - d);
- d = buf;
-
- d = dtls1_set_message_header(s, d, SSL3_MT_SERVER_HELLO, l, 0, l);
-
- s->state = SSL3_ST_SW_SRVR_HELLO_B;
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- /* SSL3_ST_SW_SRVR_HELLO_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int dtls1_send_server_done(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
- p = (unsigned char *)s->init_buf->data;
-
- /* do the header */
- p = dtls1_set_message_header(s, p, SSL3_MT_SERVER_DONE, 0, 0, 0);
-
- s->state = SSL3_ST_SW_SRVR_DONE_B;
- /* number of bytes to write */
- s->init_num = DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- /* SSL3_ST_SW_SRVR_DONE_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int dtls1_send_server_key_exchange(SSL *s)
-{
-#ifndef OPENSSL_NO_RSA
- unsigned char *q;
- int j, num;
- RSA *rsa;
- unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
- unsigned int u;
-#endif
-#ifndef OPENSSL_NO_DH
- DH *dh = NULL, *dhp;
-#endif
-#ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh = NULL, *ecdhp;
- unsigned char *encodedPoint = NULL;
- int encodedlen = 0;
- int curve_id = 0;
- BN_CTX *bn_ctx = NULL;
-#endif
- EVP_PKEY *pkey;
- unsigned char *p, *d;
- int al, i;
- unsigned long type;
- int n;
- CERT *cert;
- BIGNUM *r[4];
- int nr[4], kn;
- BUF_MEM *buf;
- EVP_MD_CTX md_ctx;
-
- EVP_MD_CTX_init(&md_ctx);
- if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
- type = s->s3->tmp.new_cipher->algorithm_mkey;
- cert = s->cert;
-
- buf = s->init_buf;
-
- r[0] = r[1] = r[2] = r[3] = NULL;
- n = 0;
-#ifndef OPENSSL_NO_RSA
- if (type & SSL_kRSA) {
- rsa = cert->rsa_tmp;
- if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->
- tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->
- tmp.new_cipher));
- if (rsa == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
- goto f_err;
- }
- RSA_up_ref(rsa);
- cert->rsa_tmp = rsa;
- }
- if (rsa == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_RSA_KEY);
- goto f_err;
- }
- r[0] = rsa->n;
- r[1] = rsa->e;
- s->s3->tmp.use_rsa_tmp = 1;
- } else
-#endif
-#ifndef OPENSSL_NO_DH
- if (type & SSL_kEDH) {
- dhp = cert->dh_tmp;
- if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->
- tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->
- tmp.new_cipher));
- if (dhp == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_DH_KEY);
- goto f_err;
- }
-
- if (s->s3->tmp.dh != NULL) {
- DH_free(dh);
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if ((dh = DHparams_dup(dhp)) == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
-
- s->s3->tmp.dh = dh;
- if ((dhp->pub_key == NULL ||
- dhp->priv_key == NULL ||
- (s->options & SSL_OP_SINGLE_DH_USE))) {
- if (!DH_generate_key(dh)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_DH_LIB);
- goto err;
- }
- } else {
- dh->pub_key = BN_dup(dhp->pub_key);
- dh->priv_key = BN_dup(dhp->priv_key);
- if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_DH_LIB);
- goto err;
- }
- }
- r[0] = dh->p;
- r[1] = dh->g;
- r[2] = dh->pub_key;
- } else
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (type & SSL_kEECDH) {
- const EC_GROUP *group;
-
- ecdhp = cert->ecdh_tmp;
- if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
- ecdhp = s->cert->ecdh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->
- tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->
- s3->tmp.new_cipher));
- }
- if (ecdhp == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_ECDH_KEY);
- goto f_err;
- }
-
- if (s->s3->tmp.ecdh != NULL) {
- EC_KEY_free(s->s3->tmp.ecdh);
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- /* Duplicate the ECDH structure. */
- if (ecdhp == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
- if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- s->s3->tmp.ecdh = ecdh;
- if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
- (EC_KEY_get0_private_key(ecdh) == NULL) ||
- (s->options & SSL_OP_SINGLE_ECDH_USE)) {
- if (!EC_KEY_generate_key(ecdh)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_ECDH_LIB);
- goto err;
- }
- }
-
- if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
- (EC_KEY_get0_public_key(ecdh) == NULL) ||
- (EC_KEY_get0_private_key(ecdh) == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto err;
- }
-
- /*
- * XXX: For now, we only support ephemeral ECDH keys over named
- * (not generic) curves. For supported named curves, curve_id is
- * non-zero.
- */
- if ((curve_id =
- tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
- == 0) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
- goto err;
- }
-
- /*
- * Encode the public key. First check the size of encoding and
- * allocate memory accordingly.
- */
- encodedlen = EC_POINT_point2oct(group,
- EC_KEY_get0_public_key(ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- NULL, 0, NULL);
-
- encodedPoint = (unsigned char *)
- OPENSSL_malloc(encodedlen * sizeof(unsigned char));
- bn_ctx = BN_CTX_new();
- if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- encodedlen = EC_POINT_point2oct(group,
- EC_KEY_get0_public_key(ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- encodedPoint, encodedlen, bn_ctx);
-
- if (encodedlen == 0) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- BN_CTX_free(bn_ctx);
- bn_ctx = NULL;
-
- /*
- * XXX: For now, we only support named (not generic) curves in
- * ECDH ephemeral key exchanges. In this situation, we need four
- * additional bytes to encode the entire ServerECDHParams
- * structure.
- */
- n = 4 + encodedlen;
-
- /*
- * We'll generate the serverKeyExchange message explicitly so we
- * can set these to NULLs
- */
- r[0] = NULL;
- r[1] = NULL;
- r[2] = NULL;
- r[3] = NULL;
- } else
-#endif /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_PSK
- if (type & SSL_kPSK) {
- /*
- * reserve size for record length and PSK identity hint
- */
- n += 2 + strlen(s->ctx->psk_identity_hint);
- } else
-#endif /* !OPENSSL_NO_PSK */
- {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
- for (i = 0; r[i] != NULL; i++) {
- nr[i] = BN_num_bytes(r[i]);
- n += 2 + nr[i];
- }
-
- if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
- && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, NULL))
- == NULL) {
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
- kn = EVP_PKEY_size(pkey);
- } else {
- pkey = NULL;
- kn = 0;
- }
-
- if (!BUF_MEM_grow_clean(buf, n + DTLS1_HM_HEADER_LENGTH + kn)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_BUF);
- goto err;
- }
- d = (unsigned char *)s->init_buf->data;
- p = &(d[DTLS1_HM_HEADER_LENGTH]);
-
- for (i = 0; r[i] != NULL; i++) {
- s2n(nr[i], p);
- BN_bn2bin(r[i], p);
- p += nr[i];
- }
-
-#ifndef OPENSSL_NO_ECDH
- if (type & SSL_kEECDH) {
- /*
- * XXX: For now, we only support named (not generic) curves. In
- * this situation, the serverKeyExchange message has: [1 byte
- * CurveType], [2 byte CurveName] [1 byte length of encoded
- * point], followed by the actual encoded point itself
- */
- *p = NAMED_CURVE_TYPE;
- p += 1;
- *p = 0;
- p += 1;
- *p = curve_id;
- p += 1;
- *p = encodedlen;
- p += 1;
- memcpy((unsigned char *)p,
- (unsigned char *)encodedPoint, encodedlen);
- OPENSSL_free(encodedPoint);
- encodedPoint = NULL;
- p += encodedlen;
- }
-#endif
-
-#ifndef OPENSSL_NO_PSK
- if (type & SSL_kPSK) {
- /* copy PSK identity hint */
- s2n(strlen(s->ctx->psk_identity_hint), p);
- strncpy((char *)p, s->ctx->psk_identity_hint,
- strlen(s->ctx->psk_identity_hint));
- p += strlen(s->ctx->psk_identity_hint);
- }
-#endif
-
- /* not anonymous */
- if (pkey != NULL) {
- /*
- * n is the length of the params, they start at
- * &(d[DTLS1_HM_HEADER_LENGTH]) and p points to the space at the
- * end.
- */
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- q = md_buf;
- j = 0;
- for (num = 2; num > 0; num--) {
- EVP_DigestInit_ex(&md_ctx, (num == 2)
- ? s->ctx->md5 : s->ctx->sha1, NULL);
- EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]),
- n);
- EVP_DigestFinal_ex(&md_ctx, q, (unsigned int *)&i);
- q += i;
- j += i;
- }
- if (RSA_sign(NID_md5_sha1, md_buf, j,
- &(p[2]), &u, pkey->pkey.rsa) <= 0) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_RSA);
- goto err;
- }
- s2n(u, p);
- n += u + 2;
- } else
-#endif
-#if !defined(OPENSSL_NO_DSA)
- if (pkey->type == EVP_PKEY_DSA) {
- /* lets do DSS */
- EVP_SignInit_ex(&md_ctx, EVP_dss1(), NULL);
- EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]), n);
- if (!EVP_SignFinal(&md_ctx, &(p[2]),
- (unsigned int *)&i, pkey)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_DSA);
- goto err;
- }
- s2n(i, p);
- n += i + 2;
- } else
-#endif
-#if !defined(OPENSSL_NO_ECDSA)
- if (pkey->type == EVP_PKEY_EC) {
- /* let's do ECDSA */
- EVP_SignInit_ex(&md_ctx, EVP_ecdsa(), NULL);
- EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]), n);
- if (!EVP_SignFinal(&md_ctx, &(p[2]),
- (unsigned int *)&i, pkey)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- ERR_LIB_ECDSA);
- goto err;
- }
- s2n(i, p);
- n += i + 2;
- } else
-#endif
- {
- /* Is this error check actually needed? */
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_UNKNOWN_PKEY_TYPE);
- goto f_err;
- }
- }
-
- d = dtls1_set_message_header(s, d,
- SSL3_MT_SERVER_KEY_EXCHANGE, n, 0, n);
-
- /*
- * we should now have things packed up, so lets send it off
- */
- s->init_num = n + DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- s->state = SSL3_ST_SW_KEY_EXCH_B;
- EVP_MD_CTX_cleanup(&md_ctx);
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-#ifndef OPENSSL_NO_ECDH
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
- BN_CTX_free(bn_ctx);
-#endif
- EVP_MD_CTX_cleanup(&md_ctx);
- return (-1);
-}
-
-int dtls1_send_certificate_request(SSL *s)
-{
- unsigned char *p, *d;
- int i, j, nl, off, n;
- STACK_OF(X509_NAME) *sk = NULL;
- X509_NAME *name;
- BUF_MEM *buf;
- unsigned int msg_len;
-
- if (s->state == SSL3_ST_SW_CERT_REQ_A) {
- buf = s->init_buf;
-
- d = p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
-
- /* get the list of acceptable cert types */
- p++;
- n = ssl3_get_req_cert_type(s, p);
- d[0] = n;
- p += n;
- n++;
-
- off = n;
- p += 2;
- n += 2;
-
- sk = SSL_get_client_CA_list(s);
- nl = 0;
- if (sk != NULL) {
- for (i = 0; i < sk_X509_NAME_num(sk); i++) {
- name = sk_X509_NAME_value(sk, i);
- j = i2d_X509_NAME(name, NULL);
- if (!BUF_MEM_grow_clean
- (buf, DTLS1_HM_HEADER_LENGTH + n + j + 2)) {
- SSLerr(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST,
- ERR_R_BUF_LIB);
- goto err;
- }
- p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH + n]);
- if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) {
- s2n(j, p);
- i2d_X509_NAME(name, &p);
- n += 2 + j;
- nl += 2 + j;
- } else {
- d = p;
- i2d_X509_NAME(name, &p);
- j -= 2;
- s2n(j, d);
- j += 2;
- n += j;
- nl += j;
- }
- }
- }
- /* else no CA names */
- p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH + off]);
- s2n(nl, p);
-
- d = (unsigned char *)buf->data;
- *(d++) = SSL3_MT_CERTIFICATE_REQUEST;
- l2n3(n, d);
- s2n(s->d1->handshake_write_seq, d);
- s->d1->handshake_write_seq++;
-
- /*
- * we should now have things packed up, so lets send it off
- */
-
- s->init_num = n + DTLS1_HM_HEADER_LENGTH;
- s->init_off = 0;
-#ifdef NETSCAPE_HANG_BUG
-/* XXX: what to do about this? */
- p = (unsigned char *)s->init_buf->data + s->init_num;
-
- /* do the header */
- *(p++) = SSL3_MT_SERVER_DONE;
- *(p++) = 0;
- *(p++) = 0;
- *(p++) = 0;
- s->init_num += 4;
-#endif
-
- /* XDTLS: set message header ? */
- msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
- dtls1_set_message_header(s, (void *)s->init_buf->data,
- SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0,
- msg_len);
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
-
- s->state = SSL3_ST_SW_CERT_REQ_B;
- }
-
- /* SSL3_ST_SW_CERT_REQ_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- return (-1);
-}
-
-int dtls1_send_server_certificate(SSL *s)
-{
- unsigned long l;
- X509 *x;
-
- if (s->state == SSL3_ST_SW_CERT_A) {
- x = ssl_get_server_send_cert(s);
- if (x == NULL) {
- /* VRS: allow null cert if auth == KRB5 */
- if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
- (s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,
- ERR_R_INTERNAL_ERROR);
- return (0);
- }
- }
-
- l = dtls1_output_cert_chain(s, x);
- if (!l) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
- return (0);
- }
- s->state = SSL3_ST_SW_CERT_B;
- s->init_num = (int)l;
- s->init_off = 0;
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- /* SSL3_ST_SW_CERT_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-int dtls1_send_newsession_ticket(SSL *s)
-{
- if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
- unsigned char *p, *senc, *macstart;
- int len, slen;
- unsigned int hlen, msg_len;
- EVP_CIPHER_CTX ctx;
- HMAC_CTX hctx;
- SSL_CTX *tctx = s->initial_ctx;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char key_name[16];
-
- /* get session encoding length */
- slen = i2d_SSL_SESSION(s->session, NULL);
- /*
- * Some length values are 16 bits, so forget it if session is too
- * long
- */
- if (slen > 0xFF00)
- return -1;
- /*
- * Grow buffer if need be: the length calculation is as follows 12
- * (DTLS handshake message header) + 4 (ticket lifetime hint) + 2
- * (ticket length) + 16 (key name) + max_iv_len (iv length) +
- * session_length + max_enc_block_size (max encrypted session length)
- * + max_md_size (HMAC).
- */
- if (!BUF_MEM_grow(s->init_buf,
- DTLS1_HM_HEADER_LENGTH + 22 + EVP_MAX_IV_LENGTH +
- EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
- return -1;
- senc = OPENSSL_malloc(slen);
- if (!senc)
- return -1;
- p = senc;
- i2d_SSL_SESSION(s->session, &p);
-
- p = (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
- EVP_CIPHER_CTX_init(&ctx);
- HMAC_CTX_init(&hctx);
- /*
- * Initialize HMAC and cipher contexts. If callback present it does
- * all the work otherwise use generated values from parent ctx.
- */
- if (tctx->tlsext_ticket_key_cb) {
- if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
- &hctx, 1) < 0) {
- OPENSSL_free(senc);
- return -1;
- }
- } else {
- RAND_pseudo_bytes(iv, 16);
- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
- tctx->tlsext_tick_aes_key, iv);
- HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
- tlsext_tick_md(), NULL);
- memcpy(key_name, tctx->tlsext_tick_key_name, 16);
- }
- l2n(s->session->tlsext_tick_lifetime_hint, p);
- /* Skip ticket length for now */
- p += 2;
- /* Output key name */
- macstart = p;
- memcpy(p, key_name, 16);
- p += 16;
- /* output IV */
- memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
- p += EVP_CIPHER_CTX_iv_length(&ctx);
- /* Encrypt session data */
- EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
- p += len;
- EVP_EncryptFinal(&ctx, p, &len);
- p += len;
- EVP_CIPHER_CTX_cleanup(&ctx);
-
- HMAC_Update(&hctx, macstart, p - macstart);
- HMAC_Final(&hctx, p, &hlen);
- HMAC_CTX_cleanup(&hctx);
-
- p += hlen;
- /* Now write out lengths: p points to end of data written */
- /* Total length */
- len = p - (unsigned char *)(s->init_buf->data);
- /* Ticket length */
- p = (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4;
- s2n(len - DTLS1_HM_HEADER_LENGTH - 6, p);
-
- /* number of bytes to write */
- s->init_num = len;
- s->state = SSL3_ST_SW_SESSION_TICKET_B;
- s->init_off = 0;
- OPENSSL_free(senc);
-
- /* XDTLS: set message header ? */
- msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
- dtls1_set_message_header(s, (void *)s->init_buf->data,
- SSL3_MT_NEWSESSION_TICKET, msg_len, 0,
- msg_len);
-
- /* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
- }
-
- /* SSL3_ST_SW_SESSION_TICKET_B */
- return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c (from rev 11605, vendor-crypto/openssl/dist/ssl/d1_srvr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/d1_srvr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1763 @@
+/* ssl/d1_srvr.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+static const SSL_METHOD *dtls1_get_server_method(int ver);
+static int dtls1_send_hello_verify_request(SSL *s);
+
+static const SSL_METHOD *dtls1_get_server_method(int ver)
+{
+ if (ver == DTLS1_VERSION)
+ return (DTLSv1_server_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
+ dtls1_accept,
+ ssl_undefined_function, dtls1_get_server_method)
+
+int dtls1_accept(SSL *s)
+{
+ BUF_MEM *buf;
+ unsigned long Time = (unsigned long)time(NULL);
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ unsigned long alg_k;
+ int ret = -1;
+ int new_state, state, skip = 0;
+ int listen;
+#ifndef OPENSSL_NO_SCTP
+ unsigned char sctpauthkey[64];
+ char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
+
+ RAND_add(&Time, sizeof(Time), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ listen = s->d1->listen;
+
+ /* init things to blank */
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+ s->d1->listen = listen;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to enter handshake mode and prevent stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
+ if (s->cert == NULL) {
+ SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
+ return (-1);
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_RENEGOTIATE:
+ s->renegotiate = 1;
+ /* s->state=SSL_ST_ACCEPT; */
+
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+ case SSL_ST_OK | SSL_ST_ACCEPT:
+
+ s->server = 1;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
+ SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ s->type = SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ BUF_MEM_free(buf);
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ s->init_buf = buf;
+ }
+
+ if (!ssl3_setup_buffers(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ s->init_num = 0;
+ s->d1->change_cipher_spec_ok = 0;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
+
+ if (s->state != SSL_ST_RENEGOTIATE) {
+ /*
+ * Ok, we now need to push on a buffering BIO so that the
+ * output is sent in a way that TCP likes :-) ...but not with
+ * SCTP :-)
+ */
+#ifndef OPENSSL_NO_SCTP
+ if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
+#endif
+ if (!ssl_init_wbio_buffer(s, 1)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ ssl3_init_finished_mac(s);
+ s->state = SSL3_ST_SR_CLNT_HELLO_A;
+ s->ctx->stats.sess_accept++;
+ } else if (!s->s3->send_connection_binding &&
+ !(s->options &
+ SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+ /*
+ * Server attempting to renegotiate with client that doesn't
+ * support secure renegotiation.
+ */
+ SSLerr(SSL_F_DTLS1_ACCEPT,
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ } else {
+ /*
+ * s->state == SSL_ST_RENEGOTIATE, we will just send a
+ * HelloRequest
+ */
+ s->ctx->stats.sess_accept_renegotiate++;
+ s->state = SSL3_ST_SW_HELLO_REQ_A;
+ }
+
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_A:
+ case SSL3_ST_SW_HELLO_REQ_B:
+
+ s->shutdown = 0;
+ dtls1_clear_sent_buffer(s);
+ dtls1_start_timer(s);
+ ret = dtls1_send_hello_request(s);
+ if (ret <= 0)
+ goto end;
+ s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
+ s->state = SSL3_ST_SW_FLUSH;
+ s->init_num = 0;
+
+ ssl3_init_finished_mac(s);
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_C:
+ s->state = SSL_ST_OK;
+ break;
+
+ case SSL3_ST_SR_CLNT_HELLO_A:
+ case SSL3_ST_SR_CLNT_HELLO_B:
+ case SSL3_ST_SR_CLNT_HELLO_C:
+
+ s->shutdown = 0;
+ ret = ssl3_get_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ dtls1_stop_timer(s);
+
+ if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
+ s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
+ else
+ s->state = SSL3_ST_SW_SRVR_HELLO_A;
+
+ s->init_num = 0;
+
+ /*
+ * Reflect ClientHello sequence to remain stateless while
+ * listening
+ */
+ if (listen) {
+ memcpy(s->s3->write_sequence, s->s3->read_sequence,
+ sizeof(s->s3->write_sequence));
+ }
+
+ /* If we're just listening, stop here */
+ if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
+ ret = 2;
+ s->d1->listen = 0;
+ /*
+ * Set expected sequence numbers to continue the handshake.
+ */
+ s->d1->handshake_read_seq = 2;
+ s->d1->handshake_write_seq = 1;
+ s->d1->next_handshake_write_seq = 1;
+ goto end;
+ }
+
+ break;
+
+ case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
+ case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
+
+ ret = dtls1_send_hello_verify_request(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_FLUSH;
+ s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
+
+ /* HelloVerifyRequest resets Finished MAC */
+ if (s->version != DTLS1_BAD_VER)
+ ssl3_init_finished_mac(s);
+ break;
+
+#ifndef OPENSSL_NO_SCTP
+ case DTLS1_SCTP_ST_SR_READ_SOCK:
+
+ if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state = SSL3_ST_SR_FINISHED_A;
+ break;
+
+ case DTLS1_SCTP_ST_SW_WRITE_SOCK:
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0)
+ goto end;
+
+ if (ret == 0) {
+ if (s->d1->next_state != SSL_ST_OK) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+ }
+
+ s->state = s->d1->next_state;
+ break;
+#endif
+
+ case SSL3_ST_SW_SRVR_HELLO_A:
+ case SSL3_ST_SW_SRVR_HELLO_B:
+ s->renegotiate = 2;
+ dtls1_start_timer(s);
+ ret = dtls1_send_server_hello(s);
+ if (ret <= 0)
+ goto end;
+
+ if (s->hit) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if no
+ * SCTP used.
+ */
+ snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ if (SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_ticket_expected)
+ s->state = SSL3_ST_SW_SESSION_TICKET_A;
+ else
+ s->state = SSL3_ST_SW_CHANGE_A;
+#else
+ s->state = SSL3_ST_SW_CHANGE_A;
+#endif
+ } else
+ s->state = SSL3_ST_SW_CERT_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_CERT_A:
+ case SSL3_ST_SW_CERT_B:
+ /* Check if it is anon DH or normal PSK */
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ dtls1_start_timer(s);
+ ret = dtls1_send_server_certificate(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_status_expected)
+ s->state = SSL3_ST_SW_CERT_STATUS_A;
+ else
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+ } else {
+ skip = 1;
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+ }
+#else
+ } else
+ skip = 1;
+
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+#endif
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_KEY_EXCH_A:
+ case SSL3_ST_SW_KEY_EXCH_B:
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+ /*
+ * clear this, it may get reset by
+ * send_server_key_exchange
+ */
+ s->s3->tmp.use_rsa_tmp = 0;
+
+ /*
+ * only send if a DH key exchange or RSA but we have a sign only
+ * certificate
+ */
+ if (0
+ /*
+ * PSK: send ServerKeyExchange if PSK identity hint if
+ * provided
+ */
+#ifndef OPENSSL_NO_PSK
+ || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+ || (alg_k & SSL_kEDH)
+ || (alg_k & SSL_kEECDH)
+ || ((alg_k & SSL_kRSA)
+ && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
+ || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+ && EVP_PKEY_size(s->cert->pkeys
+ [SSL_PKEY_RSA_ENC].privatekey) *
+ 8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
+ )
+ )
+ )
+ ) {
+ dtls1_start_timer(s);
+ ret = dtls1_send_server_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+ } else
+ skip = 1;
+
+ s->state = SSL3_ST_SW_CERT_REQ_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_CERT_REQ_A:
+ case SSL3_ST_SW_CERT_REQ_B:
+ if ( /* don't request cert unless asked for it: */
+ !(s->verify_mode & SSL_VERIFY_PEER) ||
+ /*
+ * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
+ * during re-negotiation:
+ */
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+ /*
+ * never request cert in anonymous ciphersuites (see
+ * section "Certificate request" in SSL 3 drafts and in
+ * RFC 2246):
+ */
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+ /*
+ * ... except when the application insists on
+ * verification (against the specs, but s3_clnt.c accepts
+ * this for SSL 3)
+ */
+ !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
+ /*
+ * never request cert in Kerberos ciphersuites
+ */
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
+ /*
+ * With normal PSK Certificates and Certificate Requests
+ * are omitted
+ */
+ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ /* no cert request */
+ skip = 1;
+ s->s3->tmp.cert_request = 0;
+ s->state = SSL3_ST_SW_SRVR_DONE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+ s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
+ } else {
+ s->s3->tmp.cert_request = 1;
+ dtls1_start_timer(s);
+ ret = dtls1_send_certificate_request(s);
+ if (ret <= 0)
+ goto end;
+#ifndef NETSCAPE_HANG_BUG
+ s->state = SSL3_ST_SW_SRVR_DONE_A;
+# ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+ s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+# endif
+#else
+ s->state = SSL3_ST_SW_FLUSH;
+ s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+# ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+# endif
+#endif
+ s->init_num = 0;
+ }
+ break;
+
+ case SSL3_ST_SW_SRVR_DONE_A:
+ case SSL3_ST_SW_SRVR_DONE_B:
+ dtls1_start_timer(s);
+ ret = dtls1_send_server_done(s);
+ if (ret <= 0)
+ goto end;
+ s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+ s->state = SSL3_ST_SW_FLUSH;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_FLUSH:
+ s->rwstate = SSL_WRITING;
+ if (BIO_flush(s->wbio) <= 0) {
+ /*
+ * If the write error was fatal, stop trying
+ */
+ if (!BIO_should_retry(s->wbio)) {
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ }
+
+ ret = -1;
+ goto end;
+ }
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case SSL3_ST_SR_CERT_A:
+ case SSL3_ST_SR_CERT_B:
+ /* Check for second client hello (MS SGC) */
+ ret = ssl3_check_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ if (ret == 2) {
+ dtls1_stop_timer(s);
+ s->state = SSL3_ST_SR_CLNT_HELLO_C;
+ } else {
+ if (s->s3->tmp.cert_request) {
+ ret = ssl3_get_client_certificate(s);
+ if (ret <= 0)
+ goto end;
+ }
+ s->init_num = 0;
+ s->state = SSL3_ST_SR_KEY_EXCH_A;
+ }
+ break;
+
+ case SSL3_ST_SR_KEY_EXCH_A:
+ case SSL3_ST_SR_KEY_EXCH_B:
+ ret = ssl3_get_client_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+ * used.
+ */
+ snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ if (SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+ s->state = SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num = 0;
+
+ if (ret == 2) {
+ /*
+ * For the ECDH ciphersuites when the client sends its ECDH
+ * pub key in a certificate, the CertificateVerify message is
+ * not sent.
+ */
+ s->state = SSL3_ST_SR_FINISHED_A;
+ s->init_num = 0;
+ } else {
+ s->state = SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num = 0;
+
+ /*
+ * We need to get hashes here so if there is a client cert,
+ * it can be verified
+ */
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_md5,
+ &(s->s3->
+ tmp.cert_verify_md
+ [0]));
+ s->method->ssl3_enc->cert_verify_mac(s, NID_sha1,
+ &(s->s3->
+ tmp.cert_verify_md
+ [MD5_DIGEST_LENGTH]));
+ }
+ break;
+
+ case SSL3_ST_SR_CERT_VRFY_A:
+ case SSL3_ST_SR_CERT_VRFY_B:
+ ret = ssl3_get_cert_verify(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ s->state = DTLS1_SCTP_ST_SR_READ_SOCK;
+ else
+#endif
+ s->state = SSL3_ST_SR_FINISHED_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SR_FINISHED_A:
+ case SSL3_ST_SR_FINISHED_B:
+ /*
+ * Enable CCS. Receiving a CCS clears the flag, so make
+ * sure not to re-enable it to ban duplicates. This *should* be the
+ * first time we have received one - but we check anyway to be
+ * cautious.
+ * s->s3->change_cipher_spec is set when a CCS is
+ * processed in d1_pkt.c, and remains set until
+ * the client's Finished message is read.
+ */
+ if (!s->s3->change_cipher_spec)
+ s->d1->change_cipher_spec_ok = 1;
+ ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
+ SSL3_ST_SR_FINISHED_B);
+ if (ret <= 0)
+ goto end;
+ dtls1_stop_timer(s);
+ if (s->hit)
+ s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_TLSEXT
+ else if (s->tlsext_ticket_expected)
+ s->state = SSL3_ST_SW_SESSION_TICKET_A;
+#endif
+ else
+ s->state = SSL3_ST_SW_CHANGE_A;
+ s->init_num = 0;
+ break;
+
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL3_ST_SW_SESSION_TICKET_A:
+ case SSL3_ST_SW_SESSION_TICKET_B:
+ ret = dtls1_send_newsession_ticket(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_CHANGE_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_CERT_STATUS_A:
+ case SSL3_ST_SW_CERT_STATUS_B:
+ ret = ssl3_send_cert_status(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+ s->init_num = 0;
+ break;
+
+#endif
+
+ case SSL3_ST_SW_CHANGE_A:
+ case SSL3_ST_SW_CHANGE_B:
+
+ s->session->cipher = s->s3->tmp.new_cipher;
+ if (!s->method->ssl3_enc->setup_key_block(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ ret = dtls1_send_change_cipher_spec(s,
+ SSL3_ST_SW_CHANGE_A,
+ SSL3_ST_SW_CHANGE_B);
+
+ if (ret <= 0)
+ goto end;
+
+#ifndef OPENSSL_NO_SCTP
+ if (!s->hit) {
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+ }
+#endif
+
+ s->state = SSL3_ST_SW_FINISHED_A;
+ s->init_num = 0;
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_SERVER_WRITE))
+ {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
+ break;
+
+ case SSL3_ST_SW_FINISHED_A:
+ case SSL3_ST_SW_FINISHED_B:
+ ret = dtls1_send_finished(s,
+ SSL3_ST_SW_FINISHED_A,
+ SSL3_ST_SW_FINISHED_B,
+ s->method->
+ ssl3_enc->server_finished_label,
+ s->method->
+ ssl3_enc->server_finished_label_len);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_FLUSH;
+ if (s->hit) {
+ s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+#endif
+ } else {
+ s->s3->tmp.next_state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
+ }
+ s->init_num = 0;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+#if 0
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
+#endif
+
+ /* remove buffering on output */
+ ssl_free_wbio_buffer(s);
+
+ s->init_num = 0;
+
+ if (s->renegotiate == 2) { /* skipped if we just sent a
+ * HelloRequest */
+ s->renegotiate = 0;
+ s->new_session = 0;
+
+ ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
+ s->ctx->stats.sess_accept_good++;
+ /* s->server=1; */
+ s->handshake_func = dtls1_accept;
+
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+ }
+
+ ret = 1;
+
+ /* done handshaking, next message is client hello */
+ s->d1->handshake_read_seq = 0;
+ /* next message is server hello */
+ s->d1->handshake_write_seq = 0;
+ s->d1->next_handshake_write_seq = 0;
+ dtls1_clear_received_buffer(s);
+ goto end;
+ /* break; */
+
+ case SSL_ST_ERR:
+ default:
+ SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
+ ret = -1;
+ goto end;
+ /* break; */
+ }
+
+ if (!s->s3->tmp.reuse_message && !skip) {
+ if (s->debug) {
+ if ((ret = BIO_flush(s->wbio)) <= 0)
+ goto end;
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_ACCEPT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ skip = 0;
+ }
+ end:
+ /* BIO_flush(s->wbio); */
+
+ s->in_handshake--;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to leave handshake mode and prevent stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
+ if (cb != NULL)
+ cb(s, SSL_CB_ACCEPT_EXIT, ret);
+ return (ret);
+}
+
+int dtls1_send_hello_request(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
+ p = (unsigned char *)s->init_buf->data;
+ p = dtls1_set_message_header(s, p, SSL3_MT_HELLO_REQUEST, 0, 0, 0);
+
+ s->state = SSL3_ST_SW_HELLO_REQ_B;
+ /* number of bytes to write */
+ s->init_num = DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+
+ /*
+ * no need to buffer this message, since there are no retransmit
+ * requests for it
+ */
+ }
+
+ /* SSL3_ST_SW_HELLO_REQ_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int dtls1_send_hello_verify_request(SSL *s)
+{
+ unsigned int msg_len;
+ unsigned char *msg, *buf, *p;
+
+ if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
+ buf = (unsigned char *)s->init_buf->data;
+
+ msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xFF;
+
+ if (s->ctx->app_gen_cookie_cb == NULL ||
+ s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
+ &(s->d1->cookie_len)) == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
+ ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+
+ *(p++) = (unsigned char)s->d1->cookie_len;
+ memcpy(p, s->d1->cookie, s->d1->cookie_len);
+ p += s->d1->cookie_len;
+ msg_len = p - msg;
+
+ dtls1_set_message_header(s, buf,
+ DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0,
+ msg_len);
+
+ s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+ }
+
+ /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int dtls1_send_server_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int i;
+ unsigned int sl;
+ unsigned long l;
+
+ if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
+ buf = (unsigned char *)s->init_buf->data;
+ p = s->s3->server_random;
+ ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);
+ /* Do the message type and length last */
+ d = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
+
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xff;
+
+ /* Random stuff */
+ memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ /*
+ * now in theory we have 3 options to sending back the session id.
+ * If it is a re-use, we send back the old session-id, if it is a new
+ * session, we send back the new session-id or we send back a 0
+ * length session-id if we want it to be single use. Currently I will
+ * not implement the '0' length session-id 12-Jan-98 - I'll now
+ * support the '0' length stuff.
+ */
+ if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
+ s->session->session_id_length = 0;
+
+ sl = s->session->session_id_length;
+ if (sl > sizeof s->session->session_id) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ *(p++) = sl;
+ memcpy(p, s->session->session_id, sl);
+ p += sl;
+
+ /* put the cipher */
+ if (s->s3->tmp.new_cipher == NULL)
+ return -1;
+ i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+ p += i;
+
+ /* put the compression method */
+#ifdef OPENSSL_NO_COMP
+ *(p++) = 0;
+#else
+ if (s->s3->tmp.new_compression == NULL)
+ *(p++) = 0;
+ else
+ *(p++) = s->s3->tmp.new_compression->id;
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+ if (ssl_prepare_serverhello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ return -1;
+ }
+ if ((p =
+ ssl_add_serverhello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
+ NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+#endif
+
+ /* do the header */
+ l = (p - d);
+ d = buf;
+
+ d = dtls1_set_message_header(s, d, SSL3_MT_SERVER_HELLO, l, 0, l);
+
+ s->state = SSL3_ST_SW_SRVR_HELLO_B;
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ /* SSL3_ST_SW_SRVR_HELLO_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int dtls1_send_server_done(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
+ p = (unsigned char *)s->init_buf->data;
+
+ /* do the header */
+ p = dtls1_set_message_header(s, p, SSL3_MT_SERVER_DONE, 0, 0, 0);
+
+ s->state = SSL3_ST_SW_SRVR_DONE_B;
+ /* number of bytes to write */
+ s->init_num = DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ /* SSL3_ST_SW_SRVR_DONE_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int dtls1_send_server_key_exchange(SSL *s)
+{
+#ifndef OPENSSL_NO_RSA
+ unsigned char *q;
+ int j, num;
+ RSA *rsa;
+ unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+ unsigned int u;
+#endif
+#ifndef OPENSSL_NO_DH
+ DH *dh = NULL, *dhp;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh = NULL, *ecdhp;
+ unsigned char *encodedPoint = NULL;
+ int encodedlen = 0;
+ int curve_id = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
+ EVP_PKEY *pkey;
+ unsigned char *p, *d;
+ int al, i;
+ unsigned long type;
+ int n;
+ CERT *cert;
+ BIGNUM *r[4];
+ int nr[4], kn;
+ BUF_MEM *buf;
+ EVP_MD_CTX md_ctx;
+
+ EVP_MD_CTX_init(&md_ctx);
+ if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
+ type = s->s3->tmp.new_cipher->algorithm_mkey;
+ cert = s->cert;
+
+ buf = s->init_buf;
+
+ r[0] = r[1] = r[2] = r[3] = NULL;
+ n = 0;
+#ifndef OPENSSL_NO_RSA
+ if (type & SSL_kRSA) {
+ rsa = cert->rsa_tmp;
+ if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
+ rsa = s->cert->rsa_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->
+ tmp.new_cipher));
+ if (rsa == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+ goto f_err;
+ }
+ RSA_up_ref(rsa);
+ cert->rsa_tmp = rsa;
+ }
+ if (rsa == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_RSA_KEY);
+ goto f_err;
+ }
+ r[0] = rsa->n;
+ r[1] = rsa->e;
+ s->s3->tmp.use_rsa_tmp = 1;
+ } else
+#endif
+#ifndef OPENSSL_NO_DH
+ if (type & SSL_kEDH) {
+ dhp = cert->dh_tmp;
+ if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
+ dhp = s->cert->dh_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->
+ tmp.new_cipher));
+ if (dhp == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ }
+
+ if (s->s3->tmp.dh != NULL) {
+ DH_free(dh);
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if ((dh = DHparams_dup(dhp)) == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.dh = dh;
+ if ((dhp->pub_key == NULL ||
+ dhp->priv_key == NULL ||
+ (s->options & SSL_OP_SINGLE_DH_USE))) {
+ if (!DH_generate_key(dh)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
+ goto err;
+ }
+ } else {
+ dh->pub_key = BN_dup(dhp->pub_key);
+ dh->priv_key = BN_dup(dhp->priv_key);
+ if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
+ goto err;
+ }
+ }
+ r[0] = dh->p;
+ r[1] = dh->g;
+ r[2] = dh->pub_key;
+ } else
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kEECDH) {
+ const EC_GROUP *group;
+
+ ecdhp = cert->ecdh_tmp;
+ if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
+ ecdhp = s->cert->ecdh_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->
+ s3->tmp.new_cipher));
+ }
+ if (ecdhp == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_ECDH_KEY);
+ goto f_err;
+ }
+
+ if (s->s3->tmp.ecdh != NULL) {
+ EC_KEY_free(s->s3->tmp.ecdh);
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* Duplicate the ECDH structure. */
+ if (ecdhp == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.ecdh = ecdh;
+ if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL) ||
+ (s->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+ (EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ (EC_GROUP_get_degree(group) > 163)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+ goto err;
+ }
+
+ /*
+ * XXX: For now, we only support ephemeral ECDH keys over named
+ * (not generic) curves. For supported named curves, curve_id is
+ * non-zero.
+ */
+ if ((curve_id =
+ tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
+ == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
+ goto err;
+ }
+
+ /*
+ * Encode the public key. First check the size of encoding and
+ * allocate memory accordingly.
+ */
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encodedlen * sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encodedlen, bn_ctx);
+
+ if (encodedlen == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ BN_CTX_free(bn_ctx);
+ bn_ctx = NULL;
+
+ /*
+ * XXX: For now, we only support named (not generic) curves in
+ * ECDH ephemeral key exchanges. In this situation, we need four
+ * additional bytes to encode the entire ServerECDHParams
+ * structure.
+ */
+ n = 4 + encodedlen;
+
+ /*
+ * We'll generate the serverKeyExchange message explicitly so we
+ * can set these to NULLs
+ */
+ r[0] = NULL;
+ r[1] = NULL;
+ r[2] = NULL;
+ r[3] = NULL;
+ } else
+#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /*
+ * reserve size for record length and PSK identity hint
+ */
+ n += 2 + strlen(s->ctx->psk_identity_hint);
+ } else
+#endif /* !OPENSSL_NO_PSK */
+ {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ for (i = 0; r[i] != NULL; i++) {
+ nr[i] = BN_num_bytes(r[i]);
+ n += 2 + nr[i];
+ }
+
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, NULL))
+ == NULL) {
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ kn = EVP_PKEY_size(pkey);
+ } else {
+ pkey = NULL;
+ kn = 0;
+ }
+
+ if (!BUF_MEM_grow_clean(buf, n + DTLS1_HM_HEADER_LENGTH + kn)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_BUF);
+ goto err;
+ }
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[DTLS1_HM_HEADER_LENGTH]);
+
+ for (i = 0; r[i] != NULL; i++) {
+ s2n(nr[i], p);
+ BN_bn2bin(r[i], p);
+ p += nr[i];
+ }
+
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kEECDH) {
+ /*
+ * XXX: For now, we only support named (not generic) curves. In
+ * this situation, the serverKeyExchange message has: [1 byte
+ * CurveType], [2 byte CurveName] [1 byte length of encoded
+ * point], followed by the actual encoded point itself
+ */
+ *p = NAMED_CURVE_TYPE;
+ p += 1;
+ *p = 0;
+ p += 1;
+ *p = curve_id;
+ p += 1;
+ *p = encodedlen;
+ p += 1;
+ memcpy((unsigned char *)p,
+ (unsigned char *)encodedPoint, encodedlen);
+ OPENSSL_free(encodedPoint);
+ encodedPoint = NULL;
+ p += encodedlen;
+ }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /* copy PSK identity hint */
+ s2n(strlen(s->ctx->psk_identity_hint), p);
+ strncpy((char *)p, s->ctx->psk_identity_hint,
+ strlen(s->ctx->psk_identity_hint));
+ p += strlen(s->ctx->psk_identity_hint);
+ }
+#endif
+
+ /* not anonymous */
+ if (pkey != NULL) {
+ /*
+ * n is the length of the params, they start at
+ * &(d[DTLS1_HM_HEADER_LENGTH]) and p points to the space at the
+ * end.
+ */
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA) {
+ q = md_buf;
+ j = 0;
+ for (num = 2; num > 0; num--) {
+ EVP_DigestInit_ex(&md_ctx, (num == 2)
+ ? s->ctx->md5 : s->ctx->sha1, NULL);
+ EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]),
+ n);
+ EVP_DigestFinal_ex(&md_ctx, q, (unsigned int *)&i);
+ q += i;
+ j += i;
+ }
+ if (RSA_sign(NID_md5_sha1, md_buf, j,
+ &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_RSA);
+ goto err;
+ }
+ s2n(u, p);
+ n += u + 2;
+ } else
+#endif
+#if !defined(OPENSSL_NO_DSA)
+ if (pkey->type == EVP_PKEY_DSA) {
+ /* lets do DSS */
+ EVP_SignInit_ex(&md_ctx, EVP_dss1(), NULL);
+ EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]), n);
+ if (!EVP_SignFinal(&md_ctx, &(p[2]),
+ (unsigned int *)&i, pkey)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_DSA);
+ goto err;
+ }
+ s2n(i, p);
+ n += i + 2;
+ } else
+#endif
+#if !defined(OPENSSL_NO_ECDSA)
+ if (pkey->type == EVP_PKEY_EC) {
+ /* let's do ECDSA */
+ EVP_SignInit_ex(&md_ctx, EVP_ecdsa(), NULL);
+ EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]), n);
+ if (!EVP_SignFinal(&md_ctx, &(p[2]),
+ (unsigned int *)&i, pkey)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_LIB_ECDSA);
+ goto err;
+ }
+ s2n(i, p);
+ n += i + 2;
+ } else
+#endif
+ {
+ /* Is this error check actually needed? */
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNKNOWN_PKEY_TYPE);
+ goto f_err;
+ }
+ }
+
+ d = dtls1_set_message_header(s, d,
+ SSL3_MT_SERVER_KEY_EXCHANGE, n, 0, n);
+
+ /*
+ * we should now have things packed up, so lets send it off
+ */
+ s->init_num = n + DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ s->state = SSL3_ST_SW_KEY_EXCH_B;
+ EVP_MD_CTX_cleanup(&md_ctx);
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+#ifndef OPENSSL_NO_ECDH
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ BN_CTX_free(bn_ctx);
+#endif
+ EVP_MD_CTX_cleanup(&md_ctx);
+ return (-1);
+}
+
+int dtls1_send_certificate_request(SSL *s)
+{
+ unsigned char *p, *d;
+ int i, j, nl, off, n;
+ STACK_OF(X509_NAME) *sk = NULL;
+ X509_NAME *name;
+ BUF_MEM *buf;
+ unsigned int msg_len;
+
+ if (s->state == SSL3_ST_SW_CERT_REQ_A) {
+ buf = s->init_buf;
+
+ d = p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
+
+ /* get the list of acceptable cert types */
+ p++;
+ n = ssl3_get_req_cert_type(s, p);
+ d[0] = n;
+ p += n;
+ n++;
+
+ off = n;
+ p += 2;
+ n += 2;
+
+ sk = SSL_get_client_CA_list(s);
+ nl = 0;
+ if (sk != NULL) {
+ for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+ name = sk_X509_NAME_value(sk, i);
+ j = i2d_X509_NAME(name, NULL);
+ if (!BUF_MEM_grow_clean
+ (buf, DTLS1_HM_HEADER_LENGTH + n + j + 2)) {
+ SSLerr(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST,
+ ERR_R_BUF_LIB);
+ goto err;
+ }
+ p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH + n]);
+ if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) {
+ s2n(j, p);
+ i2d_X509_NAME(name, &p);
+ n += 2 + j;
+ nl += 2 + j;
+ } else {
+ d = p;
+ i2d_X509_NAME(name, &p);
+ j -= 2;
+ s2n(j, d);
+ j += 2;
+ n += j;
+ nl += j;
+ }
+ }
+ }
+ /* else no CA names */
+ p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH + off]);
+ s2n(nl, p);
+
+ d = (unsigned char *)buf->data;
+ *(d++) = SSL3_MT_CERTIFICATE_REQUEST;
+ l2n3(n, d);
+ s2n(s->d1->handshake_write_seq, d);
+ s->d1->handshake_write_seq++;
+
+ /*
+ * we should now have things packed up, so lets send it off
+ */
+
+ s->init_num = n + DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
+#ifdef NETSCAPE_HANG_BUG
+/* XXX: what to do about this? */
+ p = (unsigned char *)s->init_buf->data + s->init_num;
+
+ /* do the header */
+ *(p++) = SSL3_MT_SERVER_DONE;
+ *(p++) = 0;
+ *(p++) = 0;
+ *(p++) = 0;
+ s->init_num += 4;
+#endif
+
+ /* XDTLS: set message header ? */
+ msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+ dtls1_set_message_header(s, (void *)s->init_buf->data,
+ SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0,
+ msg_len);
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+
+ s->state = SSL3_ST_SW_CERT_REQ_B;
+ }
+
+ /* SSL3_ST_SW_CERT_REQ_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ return (-1);
+}
+
+int dtls1_send_server_certificate(SSL *s)
+{
+ unsigned long l;
+ X509 *x;
+
+ if (s->state == SSL3_ST_SW_CERT_A) {
+ x = ssl_get_server_send_cert(s);
+ if (x == NULL) {
+ /* VRS: allow null cert if auth == KRB5 */
+ if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
+ (s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,
+ ERR_R_INTERNAL_ERROR);
+ return (0);
+ }
+ }
+
+ l = dtls1_output_cert_chain(s, x);
+ if (!l) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ return (0);
+ }
+ s->state = SSL3_ST_SW_CERT_B;
+ s->init_num = (int)l;
+ s->init_off = 0;
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ /* SSL3_ST_SW_CERT_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+int dtls1_send_newsession_ticket(SSL *s)
+{
+ if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
+ unsigned char *p, *senc, *macstart;
+ int len, slen;
+ unsigned int hlen, msg_len;
+ EVP_CIPHER_CTX ctx;
+ HMAC_CTX hctx;
+ SSL_CTX *tctx = s->initial_ctx;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char key_name[16];
+
+ /* get session encoding length */
+ slen = i2d_SSL_SESSION(s->session, NULL);
+ /*
+ * Some length values are 16 bits, so forget it if session is too
+ * long
+ */
+ if (slen > 0xFF00)
+ return -1;
+ /*
+ * Grow buffer if need be: the length calculation is as follows 12
+ * (DTLS handshake message header) + 4 (ticket lifetime hint) + 2
+ * (ticket length) + 16 (key name) + max_iv_len (iv length) +
+ * session_length + max_enc_block_size (max encrypted session length)
+ * + max_md_size (HMAC).
+ */
+ if (!BUF_MEM_grow(s->init_buf,
+ DTLS1_HM_HEADER_LENGTH + 22 + EVP_MAX_IV_LENGTH +
+ EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
+ return -1;
+ senc = OPENSSL_malloc(slen);
+ if (!senc)
+ return -1;
+ p = senc;
+ i2d_SSL_SESSION(s->session, &p);
+
+ p = (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
+ EVP_CIPHER_CTX_init(&ctx);
+ HMAC_CTX_init(&hctx);
+ /*
+ * Initialize HMAC and cipher contexts. If callback present it does
+ * all the work otherwise use generated values from parent ctx.
+ */
+ if (tctx->tlsext_ticket_key_cb) {
+ if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
+ &hctx, 1) < 0) {
+ OPENSSL_free(senc);
+ return -1;
+ }
+ } else {
+ if (RAND_bytes(iv, 16) <= 0) {
+ OPENSSL_free(senc);
+ return -1;
+ }
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+ tctx->tlsext_tick_aes_key, iv);
+ HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+ tlsext_tick_md(), NULL);
+ memcpy(key_name, tctx->tlsext_tick_key_name, 16);
+ }
+ l2n(s->session->tlsext_tick_lifetime_hint, p);
+ /* Skip ticket length for now */
+ p += 2;
+ /* Output key name */
+ macstart = p;
+ memcpy(p, key_name, 16);
+ p += 16;
+ /* output IV */
+ memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
+ p += EVP_CIPHER_CTX_iv_length(&ctx);
+ /* Encrypt session data */
+ EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
+ p += len;
+ EVP_EncryptFinal(&ctx, p, &len);
+ p += len;
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
+ HMAC_Update(&hctx, macstart, p - macstart);
+ HMAC_Final(&hctx, p, &hlen);
+ HMAC_CTX_cleanup(&hctx);
+
+ p += hlen;
+ /* Now write out lengths: p points to end of data written */
+ /* Total length */
+ len = p - (unsigned char *)(s->init_buf->data);
+ /* Ticket length */
+ p = (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4;
+ s2n(len - DTLS1_HM_HEADER_LENGTH - 6, p);
+
+ /* number of bytes to write */
+ s->init_num = len;
+ s->state = SSL3_ST_SW_SESSION_TICKET_B;
+ s->init_off = 0;
+ OPENSSL_free(senc);
+
+ /* XDTLS: set message header ? */
+ msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+ dtls1_set_message_header(s, (void *)s->init_buf->data,
+ SSL3_MT_NEWSESSION_TICKET, msg_len, 0,
+ msg_len);
+
+ /* buffer the message to handle re-xmits */
+ dtls1_buffer_message(s, 0);
+ }
+
+ /* SSL3_ST_SW_SESSION_TICKET_B */
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/kssl.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/kssl.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/kssl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2260 +0,0 @@
-/* ssl/kssl.c -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Vern Staats <staatsvr at asc.hpc.mil> for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*-
- * ssl/kssl.c -- Routines to support (& debug) Kerberos5 auth for openssl
- *
- * 19990701 VRS Started.
- * 200011?? Jeffrey Altman, Richard Levitte
- * Generalized for Heimdal, Newer MIT, & Win32.
- * Integrated into main OpenSSL 0.9.7 snapshots.
- * 20010413 Simon Wilkinson, VRS
- * Real RFC2712 KerberosWrapper replaces AP_REQ.
- */
-
-#include <openssl/opensslconf.h>
-
-#include <string.h>
-
-#define KRB5_PRIVATE 1
-
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/krb5_asn.h>
-#include "kssl_lcl.h"
-
-#ifndef OPENSSL_NO_KRB5
-
-# ifndef ENOMEM
-# define ENOMEM KRB5KRB_ERR_GENERIC
-# endif
-
-/*
- * When OpenSSL is built on Windows, we do not want to require that
- * the Kerberos DLLs be available in order for the OpenSSL DLLs to
- * work. Therefore, all Kerberos routines are loaded at run time
- * and we do not link to a .LIB file.
- */
-
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-/*
- * The purpose of the following pre-processor statements is to provide
- * compatibility with different releases of MIT Kerberos for Windows.
- * All versions up to 1.2 used macros. But macros do not allow for
- * a binary compatible interface for DLLs. Therefore, all macros are
- * being replaced by function calls. The following code will allow
- * an OpenSSL DLL built on Windows to work whether or not the macro
- * or function form of the routines are utilized.
- */
-# ifdef krb5_cc_get_principal
-# define NO_DEF_KRB5_CCACHE
-# undef krb5_cc_get_principal
-# endif
-# define krb5_cc_get_principal kssl_krb5_cc_get_principal
-
-# define krb5_free_data_contents kssl_krb5_free_data_contents
-# define krb5_free_context kssl_krb5_free_context
-# define krb5_auth_con_free kssl_krb5_auth_con_free
-# define krb5_free_principal kssl_krb5_free_principal
-# define krb5_mk_req_extended kssl_krb5_mk_req_extended
-# define krb5_get_credentials kssl_krb5_get_credentials
-# define krb5_cc_default kssl_krb5_cc_default
-# define krb5_sname_to_principal kssl_krb5_sname_to_principal
-# define krb5_init_context kssl_krb5_init_context
-# define krb5_free_ticket kssl_krb5_free_ticket
-# define krb5_rd_req kssl_krb5_rd_req
-# define krb5_kt_default kssl_krb5_kt_default
-# define krb5_kt_resolve kssl_krb5_kt_resolve
-/* macros in mit 1.2.2 and earlier; functions in mit 1.2.3 and greater */
-# ifndef krb5_kt_close
-# define krb5_kt_close kssl_krb5_kt_close
-# endif /* krb5_kt_close */
-# ifndef krb5_kt_get_entry
-# define krb5_kt_get_entry kssl_krb5_kt_get_entry
-# endif /* krb5_kt_get_entry */
-# define krb5_auth_con_init kssl_krb5_auth_con_init
-
-# define krb5_principal_compare kssl_krb5_principal_compare
-# define krb5_decrypt_tkt_part kssl_krb5_decrypt_tkt_part
-# define krb5_timeofday kssl_krb5_timeofday
-# define krb5_rc_default kssl_krb5_rc_default
-
-# ifdef krb5_rc_initialize
-# undef krb5_rc_initialize
-# endif
-# define krb5_rc_initialize kssl_krb5_rc_initialize
-
-# ifdef krb5_rc_get_lifespan
-# undef krb5_rc_get_lifespan
-# endif
-# define krb5_rc_get_lifespan kssl_krb5_rc_get_lifespan
-
-# ifdef krb5_rc_destroy
-# undef krb5_rc_destroy
-# endif
-# define krb5_rc_destroy kssl_krb5_rc_destroy
-
-# define valid_cksumtype kssl_valid_cksumtype
-# define krb5_checksum_size kssl_krb5_checksum_size
-# define krb5_kt_free_entry kssl_krb5_kt_free_entry
-# define krb5_auth_con_setrcache kssl_krb5_auth_con_setrcache
-# define krb5_auth_con_getrcache kssl_krb5_auth_con_getrcache
-# define krb5_get_server_rcache kssl_krb5_get_server_rcache
-
-/* Prototypes for built in stubs */
-void kssl_krb5_free_data_contents(krb5_context, krb5_data *);
-void kssl_krb5_free_principal(krb5_context, krb5_principal);
-krb5_error_code kssl_krb5_kt_resolve(krb5_context,
- krb5_const char *, krb5_keytab *);
-krb5_error_code kssl_krb5_kt_default(krb5_context, krb5_keytab *);
-krb5_error_code kssl_krb5_free_ticket(krb5_context, krb5_ticket *);
-krb5_error_code kssl_krb5_rd_req(krb5_context, krb5_auth_context *,
- krb5_const krb5_data *,
- krb5_const_principal, krb5_keytab,
- krb5_flags *, krb5_ticket **);
-
-krb5_boolean kssl_krb5_principal_compare(krb5_context, krb5_const_principal,
- krb5_const_principal);
-krb5_error_code kssl_krb5_mk_req_extended(krb5_context,
- krb5_auth_context *,
- krb5_const krb5_flags,
- krb5_data *,
- krb5_creds *, krb5_data *);
-krb5_error_code kssl_krb5_init_context(krb5_context *);
-void kssl_krb5_free_context(krb5_context);
-krb5_error_code kssl_krb5_cc_default(krb5_context, krb5_ccache *);
-krb5_error_code kssl_krb5_sname_to_principal(krb5_context,
- krb5_const char *,
- krb5_const char *,
- krb5_int32, krb5_principal *);
-krb5_error_code kssl_krb5_get_credentials(krb5_context,
- krb5_const krb5_flags,
- krb5_ccache,
- krb5_creds *, krb5_creds * *);
-krb5_error_code kssl_krb5_auth_con_init(krb5_context, krb5_auth_context *);
-krb5_error_code kssl_krb5_cc_get_principal(krb5_context context,
- krb5_ccache cache,
- krb5_principal *principal);
-krb5_error_code kssl_krb5_auth_con_free(krb5_context, krb5_auth_context);
-size_t kssl_krb5_checksum_size(krb5_context context, krb5_cksumtype ctype);
-krb5_boolean kssl_valid_cksumtype(krb5_cksumtype ctype);
-krb5_error_code krb5_kt_free_entry(krb5_context, krb5_keytab_entry FAR *);
-krb5_error_code kssl_krb5_auth_con_setrcache(krb5_context,
- krb5_auth_context, krb5_rcache);
-krb5_error_code kssl_krb5_get_server_rcache(krb5_context,
- krb5_const krb5_data *,
- krb5_rcache *);
-krb5_error_code kssl_krb5_auth_con_getrcache(krb5_context,
- krb5_auth_context,
- krb5_rcache *);
-
-/* Function pointers (almost all Kerberos functions are _stdcall) */
-static void (_stdcall *p_krb5_free_data_contents) (krb5_context, krb5_data *)
- = NULL;
-static void (_stdcall *p_krb5_free_principal) (krb5_context, krb5_principal)
- = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_resolve)
- (krb5_context, krb5_const char *, krb5_keytab *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_default) (krb5_context,
- krb5_keytab *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_free_ticket) (krb5_context,
- krb5_ticket *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rd_req) (krb5_context,
- krb5_auth_context *,
- krb5_const krb5_data *,
- krb5_const_principal,
- krb5_keytab, krb5_flags *,
- krb5_ticket **) = NULL;
-static krb5_error_code(_stdcall *p_krb5_mk_req_extended)
- (krb5_context, krb5_auth_context *,
- krb5_const krb5_flags, krb5_data *, krb5_creds *, krb5_data *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_init_context) (krb5_context *) = NULL;
-static void (_stdcall *p_krb5_free_context) (krb5_context) = NULL;
-static krb5_error_code(_stdcall *p_krb5_cc_default) (krb5_context,
- krb5_ccache *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_sname_to_principal)
- (krb5_context, krb5_const char *, krb5_const char *,
- krb5_int32, krb5_principal *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_get_credentials)
- (krb5_context, krb5_const krb5_flags, krb5_ccache,
- krb5_creds *, krb5_creds **) = NULL;
-static krb5_error_code(_stdcall *p_krb5_auth_con_init)
- (krb5_context, krb5_auth_context *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_cc_get_principal)
- (krb5_context context, krb5_ccache cache, krb5_principal *principal) = NULL;
-static krb5_error_code(_stdcall *p_krb5_auth_con_free)
- (krb5_context, krb5_auth_context) = NULL;
-static krb5_error_code(_stdcall *p_krb5_decrypt_tkt_part)
- (krb5_context, krb5_const krb5_keyblock *, krb5_ticket *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_timeofday)
- (krb5_context context, krb5_int32 *timeret) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_default)
- (krb5_context context, krb5_rcache *rc) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_initialize)
- (krb5_context context, krb5_rcache rc, krb5_deltat lifespan) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_get_lifespan)
- (krb5_context context, krb5_rcache rc, krb5_deltat *lifespan) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_destroy)
- (krb5_context context, krb5_rcache rc) = NULL;
-static krb5_boolean(_stdcall *p_krb5_principal_compare)
- (krb5_context, krb5_const_principal, krb5_const_principal) = NULL;
-static size_t (_stdcall *p_krb5_checksum_size) (krb5_context context,
- krb5_cksumtype ctype) = NULL;
-static krb5_boolean(_stdcall *p_valid_cksumtype) (krb5_cksumtype ctype) =
- NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_free_entry)
- (krb5_context, krb5_keytab_entry *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_auth_con_setrcache) (krb5_context,
- krb5_auth_context,
- krb5_rcache) =
- NULL;
-static krb5_error_code(_stdcall *p_krb5_get_server_rcache) (krb5_context,
- krb5_const
- krb5_data *,
- krb5_rcache *) =
- NULL;
-static krb5_error_code(*p_krb5_auth_con_getrcache) (krb5_context,
- krb5_auth_context,
- krb5_rcache *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_close) (krb5_context context,
- krb5_keytab keytab) = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_get_entry) (krb5_context context,
- krb5_keytab keytab,
- krb5_const_principal
- principal,
- krb5_kvno vno,
- krb5_enctype enctype,
- krb5_keytab_entry
- *entry) = NULL;
-static int krb5_loaded = 0; /* only attempt to initialize func ptrs once */
-
-/* Function to Load the Kerberos 5 DLL and initialize function pointers */
-void load_krb5_dll(void)
-{
- HANDLE hKRB5_32;
-
- krb5_loaded++;
- hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
- if (!hKRB5_32)
- return;
-
- (FARPROC) p_krb5_free_data_contents =
- GetProcAddress(hKRB5_32, "krb5_free_data_contents");
- (FARPROC) p_krb5_free_context =
- GetProcAddress(hKRB5_32, "krb5_free_context");
- (FARPROC) p_krb5_auth_con_free =
- GetProcAddress(hKRB5_32, "krb5_auth_con_free");
- (FARPROC) p_krb5_free_principal =
- GetProcAddress(hKRB5_32, "krb5_free_principal");
- (FARPROC) p_krb5_mk_req_extended =
- GetProcAddress(hKRB5_32, "krb5_mk_req_extended");
- (FARPROC) p_krb5_get_credentials =
- GetProcAddress(hKRB5_32, "krb5_get_credentials");
- (FARPROC) p_krb5_cc_get_principal =
- GetProcAddress(hKRB5_32, "krb5_cc_get_principal");
- (FARPROC) p_krb5_cc_default = GetProcAddress(hKRB5_32, "krb5_cc_default");
- (FARPROC) p_krb5_sname_to_principal =
- GetProcAddress(hKRB5_32, "krb5_sname_to_principal");
- (FARPROC) p_krb5_init_context =
- GetProcAddress(hKRB5_32, "krb5_init_context");
- (FARPROC) p_krb5_free_ticket =
- GetProcAddress(hKRB5_32, "krb5_free_ticket");
- (FARPROC) p_krb5_rd_req = GetProcAddress(hKRB5_32, "krb5_rd_req");
- (FARPROC) p_krb5_principal_compare =
- GetProcAddress(hKRB5_32, "krb5_principal_compare");
- (FARPROC) p_krb5_decrypt_tkt_part =
- GetProcAddress(hKRB5_32, "krb5_decrypt_tkt_part");
- (FARPROC) p_krb5_timeofday = GetProcAddress(hKRB5_32, "krb5_timeofday");
- (FARPROC) p_krb5_rc_default = GetProcAddress(hKRB5_32, "krb5_rc_default");
- (FARPROC) p_krb5_rc_initialize =
- GetProcAddress(hKRB5_32, "krb5_rc_initialize");
- (FARPROC) p_krb5_rc_get_lifespan =
- GetProcAddress(hKRB5_32, "krb5_rc_get_lifespan");
- (FARPROC) p_krb5_rc_destroy = GetProcAddress(hKRB5_32, "krb5_rc_destroy");
- (FARPROC) p_krb5_kt_default = GetProcAddress(hKRB5_32, "krb5_kt_default");
- (FARPROC) p_krb5_kt_resolve = GetProcAddress(hKRB5_32, "krb5_kt_resolve");
- (FARPROC) p_krb5_auth_con_init =
- GetProcAddress(hKRB5_32, "krb5_auth_con_init");
- (FARPROC) p_valid_cksumtype = GetProcAddress(hKRB5_32, "valid_cksumtype");
- (FARPROC) p_krb5_checksum_size =
- GetProcAddress(hKRB5_32, "krb5_checksum_size");
- (FARPROC) p_krb5_kt_free_entry =
- GetProcAddress(hKRB5_32, "krb5_kt_free_entry");
- (FARPROC) p_krb5_auth_con_setrcache =
- GetProcAddress(hKRB5_32, "krb5_auth_con_setrcache");
- (FARPROC) p_krb5_get_server_rcache =
- GetProcAddress(hKRB5_32, "krb5_get_server_rcache");
- (FARPROC) p_krb5_auth_con_getrcache =
- GetProcAddress(hKRB5_32, "krb5_auth_con_getrcache");
- (FARPROC) p_krb5_kt_close = GetProcAddress(hKRB5_32, "krb5_kt_close");
- (FARPROC) p_krb5_kt_get_entry =
- GetProcAddress(hKRB5_32, "krb5_kt_get_entry");
-}
-
-/* Stubs for each function to be dynamicly loaded */
-void kssl_krb5_free_data_contents(krb5_context CO, krb5_data *data)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_free_data_contents)
- p_krb5_free_data_contents(CO, data);
-}
-
-krb5_error_code
-kssl_krb5_mk_req_extended(krb5_context CO,
- krb5_auth_context *pACO,
- krb5_const krb5_flags F,
- krb5_data *pD1, krb5_creds *pC, krb5_data *pD2)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_mk_req_extended)
- return (p_krb5_mk_req_extended(CO, pACO, F, pD1, pC, pD2));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_auth_con_init(krb5_context CO, krb5_auth_context *pACO)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_auth_con_init)
- return (p_krb5_auth_con_init(CO, pACO));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_auth_con_free(krb5_context CO, krb5_auth_context ACO)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_auth_con_free)
- return (p_krb5_auth_con_free(CO, ACO));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_get_credentials(krb5_context CO,
- krb5_const krb5_flags F,
- krb5_ccache CC, krb5_creds *pCR, krb5_creds **ppCR)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_get_credentials)
- return (p_krb5_get_credentials(CO, F, CC, pCR, ppCR));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_sname_to_principal(krb5_context CO,
- krb5_const char *pC1,
- krb5_const char *pC2,
- krb5_int32 I, krb5_principal *pPR)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_sname_to_principal)
- return (p_krb5_sname_to_principal(CO, pC1, pC2, I, pPR));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_cc_default(krb5_context CO, krb5_ccache *pCC)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_cc_default)
- return (p_krb5_cc_default(CO, pCC));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_init_context(krb5_context *pCO)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_init_context)
- return (p_krb5_init_context(pCO));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-void kssl_krb5_free_context(krb5_context CO)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_free_context)
- p_krb5_free_context(CO);
-}
-
-void kssl_krb5_free_principal(krb5_context c, krb5_principal p)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_free_principal)
- p_krb5_free_principal(c, p);
-}
-
-krb5_error_code
-kssl_krb5_kt_resolve(krb5_context con, krb5_const char *sz, krb5_keytab *kt)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_kt_resolve)
- return (p_krb5_kt_resolve(con, sz, kt));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_kt_default(krb5_context con, krb5_keytab *kt)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_kt_default)
- return (p_krb5_kt_default(con, kt));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_free_ticket(krb5_context con, krb5_ticket *kt)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_free_ticket)
- return (p_krb5_free_ticket(con, kt));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_rd_req(krb5_context con, krb5_auth_context *pacon,
- krb5_const krb5_data *data,
- krb5_const_principal princ, krb5_keytab keytab,
- krb5_flags *flags, krb5_ticket **pptkt)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_rd_req)
- return (p_krb5_rd_req(con, pacon, data, princ, keytab, flags, pptkt));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_boolean
-krb5_principal_compare(krb5_context con, krb5_const_principal princ1,
- krb5_const_principal princ2)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_principal_compare)
- return (p_krb5_principal_compare(con, princ1, princ2));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-krb5_decrypt_tkt_part(krb5_context con, krb5_const krb5_keyblock *keys,
- krb5_ticket *ticket)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_decrypt_tkt_part)
- return (p_krb5_decrypt_tkt_part(con, keys, ticket));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_timeofday(krb5_context con, krb5_int32 *timeret)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_timeofday)
- return (p_krb5_timeofday(con, timeret));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_rc_default(krb5_context con, krb5_rcache *rc)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_rc_default)
- return (p_krb5_rc_default(con, rc));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-krb5_rc_initialize(krb5_context con, krb5_rcache rc, krb5_deltat lifespan)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_rc_initialize)
- return (p_krb5_rc_initialize(con, rc, lifespan));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-krb5_rc_get_lifespan(krb5_context con, krb5_rcache rc, krb5_deltat *lifespanp)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_rc_get_lifespan)
- return (p_krb5_rc_get_lifespan(con, rc, lifespanp));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_rc_destroy(krb5_context con, krb5_rcache rc)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_rc_destroy)
- return (p_krb5_rc_destroy(con, rc));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-size_t krb5_checksum_size(krb5_context context, krb5_cksumtype ctype)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_checksum_size)
- return (p_krb5_checksum_size(context, ctype));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_boolean valid_cksumtype(krb5_cksumtype ctype)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_valid_cksumtype)
- return (p_valid_cksumtype(ctype));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_kt_free_entry(krb5_context con, krb5_keytab_entry *entry)
-{
- if (!krb5_loaded)
- load_krb5_dll();
-
- if (p_krb5_kt_free_entry)
- return (p_krb5_kt_free_entry(con, entry));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-/* Structure definitions */
-# ifndef NO_DEF_KRB5_CCACHE
-# ifndef krb5_x
-# define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
-# define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
-# endif
-
-typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
-
-typedef struct _krb5_ccache {
- krb5_magic magic;
- struct _krb5_cc_ops FAR *ops;
- krb5_pointer data;
-} *krb5_ccache;
-
-typedef struct _krb5_cc_ops {
- krb5_magic magic;
- char *prefix;
- char *(KRB5_CALLCONV *get_name)
- (krb5_context, krb5_ccache);
- krb5_error_code(KRB5_CALLCONV *resolve)
- (krb5_context, krb5_ccache *, const char *);
- krb5_error_code(KRB5_CALLCONV *gen_new)
- (krb5_context, krb5_ccache *);
- krb5_error_code(KRB5_CALLCONV *init)
- (krb5_context, krb5_ccache, krb5_principal);
- krb5_error_code(KRB5_CALLCONV *destroy)
- (krb5_context, krb5_ccache);
- krb5_error_code(KRB5_CALLCONV *close)
- (krb5_context, krb5_ccache);
- krb5_error_code(KRB5_CALLCONV *store)
- (krb5_context, krb5_ccache, krb5_creds *);
- krb5_error_code(KRB5_CALLCONV *retrieve)
- (krb5_context, krb5_ccache, krb5_flags, krb5_creds *, krb5_creds *);
- krb5_error_code(KRB5_CALLCONV *get_princ)
- (krb5_context, krb5_ccache, krb5_principal *);
- krb5_error_code(KRB5_CALLCONV *get_first)
- (krb5_context, krb5_ccache, krb5_cc_cursor *);
- krb5_error_code(KRB5_CALLCONV *get_next)
- (krb5_context, krb5_ccache, krb5_cc_cursor *, krb5_creds *);
- krb5_error_code(KRB5_CALLCONV *end_get)
- (krb5_context, krb5_ccache, krb5_cc_cursor *);
- krb5_error_code(KRB5_CALLCONV *remove_cred)
- (krb5_context, krb5_ccache, krb5_flags, krb5_creds *);
- krb5_error_code(KRB5_CALLCONV *set_flags)
- (krb5_context, krb5_ccache, krb5_flags);
-} krb5_cc_ops;
-# endif /* NO_DEF_KRB5_CCACHE */
-
-krb5_error_code
- kssl_krb5_cc_get_principal
- (krb5_context context, krb5_ccache cache, krb5_principal *principal) {
- if (p_krb5_cc_get_principal)
- return (p_krb5_cc_get_principal(context, cache, principal));
- else
- return (krb5_x((cache)->ops->get_princ, (context, cache, principal)));
-}
-
-krb5_error_code
-kssl_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
- krb5_rcache rcache)
-{
- if (p_krb5_auth_con_setrcache)
- return (p_krb5_auth_con_setrcache(con, acon, rcache));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data *data,
- krb5_rcache *rcache)
-{
- if (p_krb5_get_server_rcache)
- return (p_krb5_get_server_rcache(con, data, rcache));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
- krb5_rcache *prcache)
-{
- if (p_krb5_auth_con_getrcache)
- return (p_krb5_auth_con_getrcache(con, acon, prcache));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_kt_close(krb5_context context, krb5_keytab keytab)
-{
- if (p_krb5_kt_close)
- return (p_krb5_kt_close(context, keytab));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
- krb5_const_principal principal, krb5_kvno vno,
- krb5_enctype enctype, krb5_keytab_entry *entry)
-{
- if (p_krb5_kt_get_entry)
- return (p_krb5_kt_get_entry
- (context, keytab, principal, vno, enctype, entry));
- else
- return KRB5KRB_ERR_GENERIC;
-}
-# endif /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
-
-/*
- * memory allocation functions for non-temporary storage (e.g. stuff that
- * gets saved into the kssl context)
- */
-static void *kssl_calloc(size_t nmemb, size_t size)
-{
- void *p;
-
- p = OPENSSL_malloc(nmemb * size);
- if (p) {
- memset(p, 0, nmemb * size);
- }
- return p;
-}
-
-# define kssl_malloc(size) OPENSSL_malloc((size))
-# define kssl_realloc(ptr, size) OPENSSL_realloc(ptr, size)
-# define kssl_free(ptr) OPENSSL_free((ptr))
-
-char
-*kstring(char *string)
-{
- static char *null = "[NULL]";
-
- return ((string == NULL) ? null : string);
-}
-
-/*
- * Given KRB5 enctype (basically DES or 3DES), return closest match openssl
- * EVP_ encryption algorithm. Return NULL for unknown or problematic
- * (krb5_dk_encrypt) enctypes. Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are
- * OK.
- */
-const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype)
-{
- switch (enctype) {
- case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
- case ENCTYPE_DES_CBC_CRC:
- case ENCTYPE_DES_CBC_MD4:
- case ENCTYPE_DES_CBC_MD5:
- case ENCTYPE_DES_CBC_RAW:
- return EVP_des_cbc();
- break;
- case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
- case ENCTYPE_DES3_CBC_SHA:
- case ENCTYPE_DES3_CBC_RAW:
- return EVP_des_ede3_cbc();
- break;
- default:
- return NULL;
- break;
- }
-}
-
-/*
- * Return true:1 if p "looks like" the start of the real authenticator
- * described in kssl_skip_confound() below. The ASN.1 pattern is "62 xx 30
- * yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and xx and yy are
- * possibly multi-byte length fields.
- */
-static int kssl_test_confound(unsigned char *p)
-{
- int len = 2;
- int xx = 0, yy = 0;
-
- if (*p++ != 0x62)
- return 0;
- if (*p > 0x82)
- return 0;
- switch (*p) {
- case 0x82:
- p++;
- xx = (*p++ << 8);
- xx += *p++;
- break;
- case 0x81:
- p++;
- xx = *p++;
- break;
- case 0x80:
- return 0;
- default:
- xx = *p++;
- break;
- }
- if (*p++ != 0x30)
- return 0;
- if (*p > 0x82)
- return 0;
- switch (*p) {
- case 0x82:
- p++;
- len += 2;
- yy = (*p++ << 8);
- yy += *p++;
- break;
- case 0x81:
- p++;
- len++;
- yy = *p++;
- break;
- case 0x80:
- return 0;
- default:
- yy = *p++;
- break;
- }
-
- return (xx - len == yy) ? 1 : 0;
-}
-
-/*
- * Allocate, fill, and return cksumlens array of checksum lengths. This
- * array holds just the unique elements from the krb5_cksumarray[]. array[n]
- * == 0 signals end of data. The krb5_cksumarray[] was an internal variable
- * that has since been replaced by a more general method for storing the
- * data. It should not be used. Instead we use real API calls and make a
- * guess for what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
- * it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
- */
-static size_t *populate_cksumlens(void)
-{
- int i, j, n;
- static size_t *cklens = NULL;
-
-# ifdef KRB5_MIT_OLD11
- n = krb5_max_cksum;
-# else
- n = 0x0010;
-# endif /* KRB5_MIT_OLD11 */
-
-# ifdef KRB5CHECKAUTH
- if (!cklens && !(cklens = (size_t *)calloc(sizeof(int), n + 1)))
- return NULL;
-
- for (i = 0; i < n; i++) {
- if (!valid_cksumtype(i))
- continue; /* array has holes */
- for (j = 0; j < n; j++) {
- if (cklens[j] == 0) {
- cklens[j] = krb5_checksum_size(NULL, i);
- break; /* krb5 elem was new: add */
- }
- if (cklens[j] == krb5_checksum_size(NULL, i)) {
- break; /* ignore duplicate elements */
- }
- }
- }
-# endif /* KRB5CHECKAUTH */
-
- return cklens;
-}
-
-/*-
- * Return pointer to start of real authenticator within authenticator, or
- * return NULL on error.
- * Decrypted authenticator looks like this:
- * [0 or 8 byte confounder] [4-24 byte checksum] [real authent'r]
- * This hackery wouldn't be necessary if MIT KRB5 1.0.6 had the
- * krb5_auth_con_getcksumtype() function advertised in its krb5.h.
- */
-unsigned char *kssl_skip_confound(krb5_enctype etype, unsigned char *a)
-{
- int i, conlen;
- size_t cklen;
- static size_t *cksumlens = NULL;
- unsigned char *test_auth;
-
- conlen = (etype) ? 8 : 0;
-
- if (!cksumlens && !(cksumlens = populate_cksumlens()))
- return NULL;
- for (i = 0; (cklen = cksumlens[i]) != 0; i++) {
- test_auth = a + conlen + cklen;
- if (kssl_test_confound(test_auth))
- return test_auth;
- }
-
- return NULL;
-}
-
-/*
- * Set kssl_err error info when reason text is a simple string kssl_err =
- * struct { int reason; char text[KSSL_ERR_MAX+1]; }
- */
-void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text)
-{
- if (kssl_err == NULL)
- return;
-
- kssl_err->reason = reason;
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "%s", text);
- return;
-}
-
-/*
- * Display contents of krb5_data struct, for debugging
- */
-void print_krb5_data(char *label, krb5_data *kdata)
-{
- int i;
-
- fprintf(stderr, "%s[%d] ", label, kdata->length);
- for (i = 0; i < (int)kdata->length; i++) {
- if (0 && isprint((int)kdata->data[i]))
- fprintf(stderr, "%c ", kdata->data[i]);
- else
- fprintf(stderr, "%02x ", (unsigned char)kdata->data[i]);
- }
- fprintf(stderr, "\n");
-}
-
-/*
- * Display contents of krb5_authdata struct, for debugging
- */
-void print_krb5_authdata(char *label, krb5_authdata **adata)
-{
- if (adata == NULL) {
- fprintf(stderr, "%s, authdata==0\n", label);
- return;
- }
- fprintf(stderr, "%s [%p]\n", label, (void *)adata);
-# if 0
- {
- int i;
- fprintf(stderr, "%s[at%d:%d] ", label, adata->ad_type, adata->length);
- for (i = 0; i < adata->length; i++) {
- fprintf(stderr, (isprint(adata->contents[i])) ? "%c " : "%02x",
- adata->contents[i]);
- }
- fprintf(stderr, "\n");
- }
-# endif
-}
-
-/*
- * Display contents of krb5_keyblock struct, for debugging
- */
-void print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
-{
- int i;
-
- if (keyblk == NULL) {
- fprintf(stderr, "%s, keyblk==0\n", label);
- return;
- }
-# ifdef KRB5_HEIMDAL
- fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->keytype,
- keyblk->keyvalue->length);
- for (i = 0; i < (int)keyblk->keyvalue->length; i++) {
- fprintf(stderr, "%02x",
- (unsigned char *)(keyblk->keyvalue->contents)[i]);
- }
- fprintf(stderr, "\n");
-# else
- fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->enctype,
- keyblk->length);
- for (i = 0; i < (int)keyblk->length; i++) {
- fprintf(stderr, "%02x", keyblk->contents[i]);
- }
- fprintf(stderr, "\n");
-# endif
-}
-
-/*
- * Display contents of krb5_principal_data struct, for debugging
- * (krb5_principal is typedef'd == krb5_principal_data *)
- */
-static void print_krb5_princ(char *label, krb5_principal_data *princ)
-{
- int i, ui, uj;
-
- fprintf(stderr, "%s principal Realm: ", label);
- if (princ == NULL)
- return;
- for (ui = 0; ui < (int)princ->realm.length; ui++)
- putchar(princ->realm.data[ui]);
- fprintf(stderr, " (nametype %d) has %d strings:\n", princ->type,
- princ->length);
- for (i = 0; i < (int)princ->length; i++) {
- fprintf(stderr, "\t%d [%d]: ", i, princ->data[i].length);
- for (uj = 0; uj < (int)princ->data[i].length; uj++) {
- putchar(princ->data[i].data[uj]);
- }
- fprintf(stderr, "\n");
- }
- return;
-}
-
-/*- Given krb5 service (typically "kssl") and hostname in kssl_ctx,
- * Return encrypted Kerberos ticket for service @ hostname.
- * If authenp is non-NULL, also return encrypted authenticator,
- * whose data should be freed by caller.
- * (Originally was: Create Kerberos AP_REQ message for SSL Client.)
- *
- * 19990628 VRS Started; Returns Kerberos AP_REQ message.
- * 20010409 VRS Modified for RFC2712; Returns enc tkt.
- * 20010606 VRS May also return optional authenticator.
- */
-krb5_error_code kssl_cget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
- /*
- * OUT
- */ krb5_data **enc_ticketp,
- /*
- * UPDATE
- */ krb5_data *authenp,
- /*
- * OUT
- */ KSSL_ERR *kssl_err)
-{
- krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
- krb5_context krb5context = NULL;
- krb5_auth_context krb5auth_context = NULL;
- krb5_ccache krb5ccdef = NULL;
- krb5_creds krb5creds, *krb5credsp = NULL;
- krb5_data krb5_app_req;
-
- kssl_err_set(kssl_err, 0, "");
- memset((char *)&krb5creds, 0, sizeof(krb5creds));
-
- if (!kssl_ctx) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
- goto err;
- } else if (!kssl_ctx->service_host) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "kssl_ctx service_host undefined.\n");
- goto err;
- }
-
- if ((krb5rc = krb5_init_context(&krb5context)) != 0) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "krb5_init_context() fails: %d\n", krb5rc);
- kssl_err->reason = SSL_R_KRB5_C_INIT;
- goto err;
- }
-
- if ((krb5rc = krb5_sname_to_principal(krb5context,
- kssl_ctx->service_host,
- (kssl_ctx->service_name) ?
- kssl_ctx->service_name : KRB5SVC,
- KRB5_NT_SRV_HST,
- &krb5creds.server)) != 0) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "krb5_sname_to_principal() fails for %s/%s\n",
- kssl_ctx->service_host,
- (kssl_ctx->
- service_name) ? kssl_ctx->service_name : KRB5SVC);
- kssl_err->reason = SSL_R_KRB5_C_INIT;
- goto err;
- }
-
- if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0) {
- kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
- "krb5_cc_default fails.\n");
- goto err;
- }
-
- if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
- &krb5creds.client)) != 0) {
- kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
- "krb5_cc_get_principal() fails.\n");
- goto err;
- }
-
- if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
- &krb5creds, &krb5credsp)) != 0) {
- kssl_err_set(kssl_err, SSL_R_KRB5_C_GET_CRED,
- "krb5_get_credentials() fails.\n");
- goto err;
- }
-
- *enc_ticketp = &krb5credsp->ticket;
-# ifdef KRB5_HEIMDAL
- kssl_ctx->enctype = krb5credsp->session.keytype;
-# else
- kssl_ctx->enctype = krb5credsp->keyblock.enctype;
-# endif
-
- krb5rc = KRB5KRB_ERR_GENERIC;
- /* caller should free data of krb5_app_req */
- /*
- * 20010406 VRS deleted for real KerberosWrapper 20010605 VRS reinstated
- * to offer Authenticator to KerberosWrapper
- */
- krb5_app_req.length = 0;
- if (authenp) {
- krb5_data krb5in_data;
- const unsigned char *p;
- long arlen;
- KRB5_APREQBODY *ap_req;
-
- authenp->length = 0;
- krb5in_data.data = NULL;
- krb5in_data.length = 0;
- if ((krb5rc = krb5_mk_req_extended(krb5context,
- &krb5auth_context, 0, &krb5in_data,
- krb5credsp, &krb5_app_req)) != 0) {
- kssl_err_set(kssl_err, SSL_R_KRB5_C_MK_REQ,
- "krb5_mk_req_extended() fails.\n");
- goto err;
- }
-
- arlen = krb5_app_req.length;
- p = (unsigned char *)krb5_app_req.data;
- ap_req = (KRB5_APREQBODY *)d2i_KRB5_APREQ(NULL, &p, arlen);
- if (ap_req) {
- authenp->length = i2d_KRB5_ENCDATA(ap_req->authenticator, NULL);
- if (authenp->length && (authenp->data = malloc(authenp->length))) {
- unsigned char *adp = (unsigned char *)authenp->data;
- authenp->length =
- i2d_KRB5_ENCDATA(ap_req->authenticator, &adp);
- }
- }
-
- if (ap_req)
- KRB5_APREQ_free((KRB5_APREQ *) ap_req);
- if (krb5_app_req.length)
- kssl_krb5_free_data_contents(krb5context, &krb5_app_req);
- }
-# ifdef KRB5_HEIMDAL
- if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->session)) {
- kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
- "kssl_ctx_setkey() fails.\n");
- }
-# else
- if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->keyblock)) {
- kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
- "kssl_ctx_setkey() fails.\n");
- }
-# endif
- else
- krb5rc = 0;
-
- err:
-# ifdef KSSL_DEBUG
- kssl_ctx_show(kssl_ctx);
-# endif /* KSSL_DEBUG */
-
- if (krb5creds.client)
- krb5_free_principal(krb5context, krb5creds.client);
- if (krb5creds.server)
- krb5_free_principal(krb5context, krb5creds.server);
- if (krb5auth_context)
- krb5_auth_con_free(krb5context, krb5auth_context);
- if (krb5context)
- krb5_free_context(krb5context);
- return (krb5rc);
-}
-
-/*-
- * Given d2i_-decoded asn1ticket, allocate and return a new krb5_ticket.
- * Return Kerberos error code and kssl_err struct on error.
- * Allocates krb5_ticket and krb5_principal; caller should free these.
- *
- * 20010410 VRS Implemented krb5_decode_ticket() as
- * old_krb5_decode_ticket(). Missing from MIT1.0.6.
- * 20010615 VRS Re-cast as openssl/asn1 d2i_*() functions.
- * Re-used some of the old krb5_decode_ticket()
- * code here. This tkt should alloc/free just
- * like the real thing.
- */
-static krb5_error_code kssl_TKT2tkt( /* IN */ krb5_context krb5context,
- /*
- * IN
- */ KRB5_TKTBODY *asn1ticket,
- /*
- * OUT
- */ krb5_ticket **krb5ticket,
- /*
- * OUT
- */ KSSL_ERR *kssl_err)
-{
- krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
- krb5_ticket *new5ticket = NULL;
- ASN1_GENERALSTRING *gstr_svc, *gstr_host;
-
- *krb5ticket = NULL;
-
- if (asn1ticket == NULL || asn1ticket->realm == NULL ||
- asn1ticket->sname == NULL ||
- sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "Null field in asn1ticket.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- return KRB5KRB_ERR_GENERIC;
- }
-
- if ((new5ticket = (krb5_ticket *)calloc(1, sizeof(krb5_ticket))) == NULL) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "Unable to allocate new krb5_ticket.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- return ENOMEM; /* or KRB5KRB_ERR_GENERIC; */
- }
-
- gstr_svc = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0);
- gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1);
-
- if ((krb5rc = kssl_build_principal_2(krb5context,
- &new5ticket->server,
- asn1ticket->realm->length,
- (char *)asn1ticket->realm->data,
- gstr_svc->length,
- (char *)gstr_svc->data,
- gstr_host->length,
- (char *)gstr_host->data)) != 0) {
- free(new5ticket);
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "Error building ticket server principal.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- return krb5rc; /* or KRB5KRB_ERR_GENERIC; */
- }
-
- krb5_princ_type(krb5context, new5ticket->server) =
- asn1ticket->sname->nametype->data[0];
- new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0];
- new5ticket->enc_part.kvno = asn1ticket->encdata->kvno->data[0];
- new5ticket->enc_part.ciphertext.length =
- asn1ticket->encdata->cipher->length;
- if ((new5ticket->enc_part.ciphertext.data =
- calloc(1, asn1ticket->encdata->cipher->length)) == NULL) {
- free(new5ticket);
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "Error allocating cipher in krb5ticket.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- return KRB5KRB_ERR_GENERIC;
- } else {
- memcpy(new5ticket->enc_part.ciphertext.data,
- asn1ticket->encdata->cipher->data,
- asn1ticket->encdata->cipher->length);
- }
-
- *krb5ticket = new5ticket;
- return 0;
-}
-
-/*-
- * Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
- * and krb5 AP_REQ message & message length,
- * Return Kerberos session key and client principle
- * to SSL Server in KSSL_CTX *kssl_ctx.
- *
- * 19990702 VRS Started.
- */
-krb5_error_code kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
- /*
- * IN
- */ krb5_data *indata,
- /*
- * OUT
- */ krb5_ticket_times *ttimes,
- /*
- * OUT
- */ KSSL_ERR *kssl_err)
-{
- krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
- static krb5_context krb5context = NULL;
- static krb5_auth_context krb5auth_context = NULL;
- krb5_ticket *krb5ticket = NULL;
- KRB5_TKTBODY *asn1ticket = NULL;
- const unsigned char *p;
- krb5_keytab krb5keytab = NULL;
- krb5_keytab_entry kt_entry;
- krb5_principal krb5server;
- krb5_rcache rcache = NULL;
-
- kssl_err_set(kssl_err, 0, "");
-
- if (!kssl_ctx) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
- goto err;
- }
-# ifdef KSSL_DEBUG
- fprintf(stderr, "in kssl_sget_tkt(%s)\n",
- kstring(kssl_ctx->service_name));
-# endif /* KSSL_DEBUG */
-
- if (!krb5context && (krb5rc = krb5_init_context(&krb5context))) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_init_context() fails.\n");
- goto err;
- }
- if (krb5auth_context &&
- (krb5rc = krb5_auth_con_free(krb5context, krb5auth_context))) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_auth_con_free() fails.\n");
- goto err;
- } else
- krb5auth_context = NULL;
- if (!krb5auth_context &&
- (krb5rc = krb5_auth_con_init(krb5context, &krb5auth_context))) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_auth_con_init() fails.\n");
- goto err;
- }
-
- if ((krb5rc = krb5_auth_con_getrcache(krb5context, krb5auth_context,
- &rcache))) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_auth_con_getrcache() fails.\n");
- goto err;
- }
-
- if ((krb5rc = krb5_sname_to_principal(krb5context, NULL,
- (kssl_ctx->service_name) ?
- kssl_ctx->service_name : KRB5SVC,
- KRB5_NT_SRV_HST,
- &krb5server)) != 0) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_sname_to_principal() fails.\n");
- goto err;
- }
-
- if (rcache == NULL) {
- if ((krb5rc = krb5_get_server_rcache(krb5context,
- krb5_princ_component(krb5context,
- krb5server,
- 0),
- &rcache))) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_get_server_rcache() fails.\n");
- goto err;
- }
- }
-
- if ((krb5rc =
- krb5_auth_con_setrcache(krb5context, krb5auth_context, rcache))) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_auth_con_setrcache() fails.\n");
- goto err;
- }
-
- /*
- * kssl_ctx->keytab_file == NULL ==> use Kerberos default
- */
- if (kssl_ctx->keytab_file) {
- krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
- &krb5keytab);
- if (krb5rc) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_kt_resolve() fails.\n");
- goto err;
- }
- } else {
- krb5rc = krb5_kt_default(krb5context, &krb5keytab);
- if (krb5rc) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "krb5_kt_default() fails.\n");
- goto err;
- }
- }
-
- /*- Actual Kerberos5 krb5_recvauth() has initial conversation here
- * o check KRB5_SENDAUTH_BADAUTHVERS
- * unless KRB5_RECVAUTH_SKIP_VERSION
- * o check KRB5_SENDAUTH_BADAPPLVERS
- * o send "0" msg if all OK
- */
-
- /*-
- * 20010411 was using AP_REQ instead of true KerberosWrapper
- *
- * if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context,
- * &krb5in_data, krb5server, krb5keytab,
- * &ap_option, &krb5ticket)) != 0) { Error }
- */
-
- p = (unsigned char *)indata->data;
- if ((asn1ticket = (KRB5_TKTBODY *)d2i_KRB5_TICKET(NULL, &p,
- (long)indata->length))
- == NULL) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "d2i_KRB5_TICKET() ASN.1 decode failure.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- goto err;
- }
-
- /*
- * Was: krb5rc = krb5_decode_ticket(krb5in_data,&krb5ticket)) != 0)
- */
- if ((krb5rc = kssl_TKT2tkt(krb5context, asn1ticket, &krb5ticket,
- kssl_err)) != 0) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "Error converting ASN.1 ticket to krb5_ticket.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- goto err;
- }
-
- if (!krb5_principal_compare(krb5context, krb5server, krb5ticket->server)) {
- krb5rc = KRB5_PRINC_NOMATCH;
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "server principal != ticket principal\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- goto err;
- }
- if ((krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
- krb5ticket->server,
- krb5ticket->enc_part.kvno,
- krb5ticket->enc_part.enctype,
- &kt_entry)) != 0) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "krb5_kt_get_entry() fails with %x.\n", krb5rc);
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- goto err;
- }
- if ((krb5rc = krb5_decrypt_tkt_part(krb5context, &kt_entry.key,
- krb5ticket)) != 0) {
- BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
- "krb5_decrypt_tkt_part() failed.\n");
- kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
- goto err;
- } else {
- krb5_kt_free_entry(krb5context, &kt_entry);
-# ifdef KSSL_DEBUG
- {
- int i;
- krb5_address **paddr = krb5ticket->enc_part2->caddrs;
- fprintf(stderr, "Decrypted ticket fields:\n");
- fprintf(stderr, "\tflags: %X, transit-type: %X",
- krb5ticket->enc_part2->flags,
- krb5ticket->enc_part2->transited.tr_type);
- print_krb5_data("\ttransit-data: ",
- &(krb5ticket->enc_part2->transited.tr_contents));
- fprintf(stderr, "\tcaddrs: %p, authdata: %p\n",
- krb5ticket->enc_part2->caddrs,
- krb5ticket->enc_part2->authorization_data);
- if (paddr) {
- fprintf(stderr, "\tcaddrs:\n");
- for (i = 0; paddr[i] != NULL; i++) {
- krb5_data d;
- d.length = paddr[i]->length;
- d.data = paddr[i]->contents;
- print_krb5_data("\t\tIP: ", &d);
- }
- }
- fprintf(stderr, "\tstart/auth/end times: %d / %d / %d\n",
- krb5ticket->enc_part2->times.starttime,
- krb5ticket->enc_part2->times.authtime,
- krb5ticket->enc_part2->times.endtime);
- }
-# endif /* KSSL_DEBUG */
- }
-
- krb5rc = KRB5_NO_TKT_SUPPLIED;
- if (!krb5ticket || !krb5ticket->enc_part2 ||
- !krb5ticket->enc_part2->client ||
- !krb5ticket->enc_part2->client->data ||
- !krb5ticket->enc_part2->session) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
- "bad ticket from krb5_rd_req.\n");
- } else if (kssl_ctx_setprinc(kssl_ctx, KSSL_CLIENT,
- &krb5ticket->enc_part2->client->realm,
- krb5ticket->enc_part2->client->data,
- krb5ticket->enc_part2->client->length)) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
- "kssl_ctx_setprinc() fails.\n");
- } else if (kssl_ctx_setkey(kssl_ctx, krb5ticket->enc_part2->session)) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
- "kssl_ctx_setkey() fails.\n");
- } else if (krb5ticket->enc_part2->flags & TKT_FLG_INVALID) {
- krb5rc = KRB5KRB_AP_ERR_TKT_INVALID;
- kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
- "invalid ticket from krb5_rd_req.\n");
- } else
- krb5rc = 0;
-
- kssl_ctx->enctype = krb5ticket->enc_part.enctype;
- ttimes->authtime = krb5ticket->enc_part2->times.authtime;
- ttimes->starttime = krb5ticket->enc_part2->times.starttime;
- ttimes->endtime = krb5ticket->enc_part2->times.endtime;
- ttimes->renew_till = krb5ticket->enc_part2->times.renew_till;
-
- err:
-# ifdef KSSL_DEBUG
- kssl_ctx_show(kssl_ctx);
-# endif /* KSSL_DEBUG */
-
- if (asn1ticket)
- KRB5_TICKET_free((KRB5_TICKET *) asn1ticket);
- if (krb5keytab)
- krb5_kt_close(krb5context, krb5keytab);
- if (krb5ticket)
- krb5_free_ticket(krb5context, krb5ticket);
- if (krb5server)
- krb5_free_principal(krb5context, krb5server);
- return (krb5rc);
-}
-
-/*
- * Allocate & return a new kssl_ctx struct.
- */
-KSSL_CTX *kssl_ctx_new(void)
-{
- return ((KSSL_CTX *)kssl_calloc(1, sizeof(KSSL_CTX)));
-}
-
-/*
- * Frees a kssl_ctx struct and any allocated memory it holds. Returns NULL.
- */
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx)
-{
- if (kssl_ctx == NULL)
- return kssl_ctx;
-
- if (kssl_ctx->key)
- OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
- if (kssl_ctx->key)
- kssl_free(kssl_ctx->key);
- if (kssl_ctx->client_princ)
- kssl_free(kssl_ctx->client_princ);
- if (kssl_ctx->service_host)
- kssl_free(kssl_ctx->service_host);
- if (kssl_ctx->service_name)
- kssl_free(kssl_ctx->service_name);
- if (kssl_ctx->keytab_file)
- kssl_free(kssl_ctx->keytab_file);
-
- kssl_free(kssl_ctx);
- return (KSSL_CTX *)NULL;
-}
-
-/*
- * Given an array of (krb5_data *) entity (and optional realm), set the plain
- * (char *) client_princ or service_host member of the kssl_ctx struct.
- */
-krb5_error_code
-kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
- krb5_data *realm, krb5_data *entity, int nentities)
-{
- char **princ;
- int length;
- int i;
-
- if (kssl_ctx == NULL || entity == NULL)
- return KSSL_CTX_ERR;
-
- switch (which) {
- case KSSL_CLIENT:
- princ = &kssl_ctx->client_princ;
- break;
- case KSSL_SERVER:
- princ = &kssl_ctx->service_host;
- break;
- default:
- return KSSL_CTX_ERR;
- break;
- }
- if (*princ)
- kssl_free(*princ);
-
- /* Add up all the entity->lengths */
- length = 0;
- for (i = 0; i < nentities; i++) {
- length += entity[i].length;
- }
- /* Add in space for the '/' character(s) (if any) */
- length += nentities - 1;
- /* Space for the ('@'+realm+NULL | NULL) */
- length += ((realm) ? realm->length + 2 : 1);
-
- if ((*princ = kssl_calloc(1, length)) == NULL)
- return KSSL_CTX_ERR;
- else {
- for (i = 0; i < nentities; i++) {
- strncat(*princ, entity[i].data, entity[i].length);
- if (i < nentities - 1) {
- strcat(*princ, "/");
- }
- }
- if (realm) {
- strcat(*princ, "@");
- (void)strncat(*princ, realm->data, realm->length);
- }
- }
-
- return KSSL_CTX_OK;
-}
-
-/*- Set one of the plain (char *) string members of the kssl_ctx struct.
- * Default values should be:
- * which == KSSL_SERVICE => "khost" (KRB5SVC)
- * which == KSSL_KEYTAB => "/etc/krb5.keytab" (KRB5KEYTAB)
- */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
-{
- char **string;
-
- if (!kssl_ctx)
- return KSSL_CTX_ERR;
-
- switch (which) {
- case KSSL_SERVICE:
- string = &kssl_ctx->service_name;
- break;
- case KSSL_SERVER:
- string = &kssl_ctx->service_host;
- break;
- case KSSL_CLIENT:
- string = &kssl_ctx->client_princ;
- break;
- case KSSL_KEYTAB:
- string = &kssl_ctx->keytab_file;
- break;
- default:
- return KSSL_CTX_ERR;
- break;
- }
- if (*string)
- kssl_free(*string);
-
- if (!text) {
- *string = '\0';
- return KSSL_CTX_OK;
- }
-
- if ((*string = kssl_calloc(1, strlen(text) + 1)) == NULL)
- return KSSL_CTX_ERR;
- else
- strcpy(*string, text);
-
- return KSSL_CTX_OK;
-}
-
-/*
- * Copy the Kerberos session key from a (krb5_keyblock *) to a kssl_ctx
- * struct. Clear kssl_ctx->key if Kerberos session key is NULL.
- */
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
-{
- int length;
- krb5_enctype enctype;
- krb5_octet FAR *contents = NULL;
-
- if (!kssl_ctx)
- return KSSL_CTX_ERR;
-
- if (kssl_ctx->key) {
- OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
- kssl_free(kssl_ctx->key);
- }
-
- if (session) {
-
-# ifdef KRB5_HEIMDAL
- length = session->keyvalue->length;
- enctype = session->keytype;
- contents = session->keyvalue->contents;
-# else
- length = session->length;
- enctype = session->enctype;
- contents = session->contents;
-# endif
- kssl_ctx->enctype = enctype;
- kssl_ctx->length = length;
- } else {
- kssl_ctx->enctype = ENCTYPE_UNKNOWN;
- kssl_ctx->length = 0;
- return KSSL_CTX_OK;
- }
-
- if ((kssl_ctx->key =
- (krb5_octet FAR *)kssl_calloc(1, kssl_ctx->length)) == NULL) {
- kssl_ctx->length = 0;
- return KSSL_CTX_ERR;
- } else
- memcpy(kssl_ctx->key, contents, length);
-
- return KSSL_CTX_OK;
-}
-
-/*
- * Display contents of kssl_ctx struct
- */
-void kssl_ctx_show(KSSL_CTX *kssl_ctx)
-{
- int i;
-
- printf("kssl_ctx: ");
- if (kssl_ctx == NULL) {
- printf("NULL\n");
- return;
- } else
- printf("%p\n", (void *)kssl_ctx);
-
- printf("\tservice:\t%s\n",
- (kssl_ctx->service_name) ? kssl_ctx->service_name : "NULL");
- printf("\tclient:\t%s\n",
- (kssl_ctx->client_princ) ? kssl_ctx->client_princ : "NULL");
- printf("\tserver:\t%s\n",
- (kssl_ctx->service_host) ? kssl_ctx->service_host : "NULL");
- printf("\tkeytab:\t%s\n",
- (kssl_ctx->keytab_file) ? kssl_ctx->keytab_file : "NULL");
- printf("\tkey [%d:%d]:\t", kssl_ctx->enctype, kssl_ctx->length);
-
- for (i = 0; i < kssl_ctx->length && kssl_ctx->key; i++) {
- printf("%02x", kssl_ctx->key[i]);
- }
- printf("\n");
- return;
-}
-
-int kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
-{
- krb5_context krb5context = NULL;
- krb5_keytab krb5keytab = NULL;
- krb5_keytab_entry entry;
- krb5_principal princ = NULL;
- krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
- int rc = 0;
-
- if ((krb5rc = krb5_init_context(&krb5context)))
- return (0);
-
- /*
- * kssl_ctx->keytab_file == NULL ==> use Kerberos default
- */
- if (kssl_ctx->keytab_file) {
- krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
- &krb5keytab);
- if (krb5rc)
- goto exit;
- } else {
- krb5rc = krb5_kt_default(krb5context, &krb5keytab);
- if (krb5rc)
- goto exit;
- }
-
- /* the host key we are looking for */
- krb5rc = krb5_sname_to_principal(krb5context, NULL,
- kssl_ctx->
- service_name ? kssl_ctx->service_name :
- KRB5SVC, KRB5_NT_SRV_HST, &princ);
-
- if (krb5rc)
- goto exit;
-
- krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, princ,
- /* IGNORE_VNO */
- 0,
- /* IGNORE_ENCTYPE */
- 0, &entry);
- if (krb5rc == KRB5_KT_NOTFOUND) {
- rc = 1;
- goto exit;
- } else if (krb5rc)
- goto exit;
-
- krb5_kt_free_entry(krb5context, &entry);
- rc = 1;
-
- exit:
- if (krb5keytab)
- krb5_kt_close(krb5context, krb5keytab);
- if (princ)
- krb5_free_principal(krb5context, princ);
- if (krb5context)
- krb5_free_context(krb5context);
- return (rc);
-}
-
-int kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
-{
- krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
- krb5_context krb5context = NULL;
- krb5_ccache krb5ccdef = NULL;
- krb5_creds krb5creds, *krb5credsp = NULL;
- int rc = 0;
-
- memset((char *)&krb5creds, 0, sizeof(krb5creds));
-
- if (!kssl_ctx)
- return (0);
-
- if (!kssl_ctx->service_host)
- return (0);
-
- if ((krb5rc = krb5_init_context(&krb5context)) != 0)
- goto err;
-
- if ((krb5rc = krb5_sname_to_principal(krb5context,
- kssl_ctx->service_host,
- (kssl_ctx->service_name) ?
- kssl_ctx->service_name : KRB5SVC,
- KRB5_NT_SRV_HST,
- &krb5creds.server)) != 0)
- goto err;
-
- if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0)
- goto err;
-
- if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
- &krb5creds.client)) != 0)
- goto err;
-
- if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
- &krb5creds, &krb5credsp)) != 0)
- goto err;
-
- rc = 1;
-
- err:
-# ifdef KSSL_DEBUG
- kssl_ctx_show(kssl_ctx);
-# endif /* KSSL_DEBUG */
-
- if (krb5creds.client)
- krb5_free_principal(krb5context, krb5creds.client);
- if (krb5creds.server)
- krb5_free_principal(krb5context, krb5creds.server);
- if (krb5context)
- krb5_free_context(krb5context);
- return (rc);
-}
-
-# if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WIN32)
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
-{
-# ifdef KRB5_HEIMDAL
- data->length = 0;
- if (data->data)
- free(data->data);
-# elif defined(KRB5_MIT_OLD11)
- if (data->data) {
- krb5_xfree(data->data);
- data->data = 0;
- }
-# else
- krb5_free_data_contents(NULL, data);
-# endif
-}
-# endif
-/* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
-
-/*
- * Given pointers to KerberosTime and struct tm structs, convert the
- * KerberosTime string to struct tm. Note that KerberosTime is a
- * ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional seconds
- * as defined in RFC 1510. Return pointer to the (partially) filled in
- * struct tm on success, return NULL on failure.
- */
-static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
-{
- char c, *p;
-
- if (!k_tm)
- return NULL;
- if (gtime == NULL || gtime->length < 14)
- return NULL;
- if (gtime->data == NULL)
- return NULL;
-
- p = (char *)>ime->data[14];
-
- c = *p;
- *p = '\0';
- p -= 2;
- k_tm->tm_sec = atoi(p);
- *(p + 2) = c;
- c = *p;
- *p = '\0';
- p -= 2;
- k_tm->tm_min = atoi(p);
- *(p + 2) = c;
- c = *p;
- *p = '\0';
- p -= 2;
- k_tm->tm_hour = atoi(p);
- *(p + 2) = c;
- c = *p;
- *p = '\0';
- p -= 2;
- k_tm->tm_mday = atoi(p);
- *(p + 2) = c;
- c = *p;
- *p = '\0';
- p -= 2;
- k_tm->tm_mon = atoi(p) - 1;
- *(p + 2) = c;
- c = *p;
- *p = '\0';
- p -= 4;
- k_tm->tm_year = atoi(p) - 1900;
- *(p + 4) = c;
-
- return k_tm;
-}
-
-/*
- * Helper function for kssl_validate_times(). We need context->clockskew,
- * but krb5_context is an opaque struct. So we try to sneek the clockskew
- * out through the replay cache. If that fails just return a likely default
- * (300 seconds).
- */
-static krb5_deltat get_rc_clockskew(krb5_context context)
-{
- krb5_rcache rc;
- krb5_deltat clockskew;
-
- if (krb5_rc_default(context, &rc))
- return KSSL_CLOCKSKEW;
- if (krb5_rc_initialize(context, rc, 0))
- return KSSL_CLOCKSKEW;
- if (krb5_rc_get_lifespan(context, rc, &clockskew)) {
- clockskew = KSSL_CLOCKSKEW;
- }
- (void)krb5_rc_destroy(context, rc);
- return clockskew;
-}
-
-/*
- * kssl_validate_times() combines (and more importantly exposes) the MIT KRB5
- * internal function krb5_validate_times() and the in_clock_skew() macro.
- * The authenticator client time is checked to be within clockskew secs of
- * the current time and the current time is checked to be within the ticket
- * start and expire times. Either check may be omitted by supplying a NULL
- * value. Returns 0 for valid times, SSL_R_KRB5* error codes otherwise. See
- * Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c 20010420 VRS
- */
-krb5_error_code kssl_validate_times(krb5_timestamp atime,
- krb5_ticket_times *ttimes)
-{
- krb5_deltat skew;
- krb5_timestamp start, now;
- krb5_error_code rc;
- krb5_context context;
-
- if ((rc = krb5_init_context(&context)))
- return SSL_R_KRB5_S_BAD_TICKET;
- skew = get_rc_clockskew(context);
- if ((rc = krb5_timeofday(context, &now)))
- return SSL_R_KRB5_S_BAD_TICKET;
- krb5_free_context(context);
-
- if (atime && labs(atime - now) >= skew)
- return SSL_R_KRB5_S_TKT_SKEW;
-
- if (!ttimes)
- return 0;
-
- start = (ttimes->starttime != 0) ? ttimes->starttime : ttimes->authtime;
- if (start - now > skew)
- return SSL_R_KRB5_S_TKT_NYV;
- if ((now - ttimes->endtime) > skew)
- return SSL_R_KRB5_S_TKT_EXPIRED;
-
-# ifdef KSSL_DEBUG
- fprintf(stderr, "kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
- start, atime, now, skew, ttimes->endtime);
-# endif /* KSSL_DEBUG */
-
- return 0;
-}
-
-/*
- * Decode and decrypt given DER-encoded authenticator, then pass
- * authenticator ctime back in *atimep (or 0 if time unavailable). Returns
- * krb5_error_code and kssl_err on error. A NULL authenticator
- * (authentp->length == 0) is not considered an error. Note that
- * kssl_check_authent() makes use of the KRB5 session key; you must call
- * kssl_sget_tkt() to get the key before calling this routine.
- */
-krb5_error_code kssl_check_authent(
- /*
- * IN
- */ KSSL_CTX *kssl_ctx,
- /*
- * IN
- */ krb5_data *authentp,
- /*
- * OUT
- */ krb5_timestamp *atimep,
- /*
- * OUT
- */ KSSL_ERR *kssl_err)
-{
- krb5_error_code krb5rc = 0;
- KRB5_ENCDATA *dec_authent = NULL;
- KRB5_AUTHENTBODY *auth = NULL;
- krb5_enctype enctype;
- EVP_CIPHER_CTX ciph_ctx;
- const EVP_CIPHER *enc = NULL;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- const unsigned char *p;
- unsigned char *unenc_authent;
- int outl, unencbufsize;
- struct tm tm_time, *tm_l, *tm_g;
- time_t now, tl, tg, tr, tz_offset;
-
- EVP_CIPHER_CTX_init(&ciph_ctx);
- *atimep = 0;
- kssl_err_set(kssl_err, 0, "");
-
-# ifndef KRB5CHECKAUTH
- authentp = NULL;
-# else
-# if KRB5CHECKAUTH == 0
- authentp = NULL;
-# endif
-# endif /* KRB5CHECKAUTH */
-
- if (authentp == NULL || authentp->length == 0)
- return 0;
-
-# ifdef KSSL_DEBUG
- {
- unsigned int ui;
- fprintf(stderr, "kssl_check_authent: authenticator[%d]:\n",
- authentp->length);
- p = authentp->data;
- for (ui = 0; ui < authentp->length; ui++)
- fprintf(stderr, "%02x ", p[ui]);
- fprintf(stderr, "\n");
- }
-# endif /* KSSL_DEBUG */
-
- unencbufsize = 2 * authentp->length;
- if ((unenc_authent = calloc(1, unencbufsize)) == NULL) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "Unable to allocate authenticator buffer.\n");
- krb5rc = KRB5KRB_ERR_GENERIC;
- goto err;
- }
-
- p = (unsigned char *)authentp->data;
- if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
- (long)authentp->length)) == NULL) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "Error decoding authenticator.\n");
- krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto err;
- }
-
- enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
-# if !defined(KRB5_MIT_OLD11)
- switch (enctype) {
- case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
- case ENCTYPE_DES3_CBC_SHA:
- case ENCTYPE_DES3_CBC_RAW:
- krb5rc = 0; /* Skip, can't handle derived keys */
- goto err;
- }
-# endif
- enc = kssl_map_enc(enctype);
- memset(iv, 0, sizeof iv); /* per RFC 1510 */
-
- if (enc == NULL) {
- /*
- * Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1. This
- * enctype indicates the authenticator was encrypted using key-usage
- * derived keys which openssl cannot decrypt.
- */
- goto err;
- }
-
- if (!EVP_CipherInit(&ciph_ctx, enc, kssl_ctx->key, iv, 0)) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "EVP_CipherInit error decrypting authenticator.\n");
- krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto err;
- }
- outl = dec_authent->cipher->length;
- if (!EVP_Cipher
- (&ciph_ctx, unenc_authent, dec_authent->cipher->data, outl)) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "EVP_Cipher error decrypting authenticator.\n");
- krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto err;
- }
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-# ifdef KSSL_DEBUG
- {
- int padl;
- fprintf(stderr, "kssl_check_authent: decrypted authenticator[%d] =\n",
- outl);
- for (padl = 0; padl < outl; padl++)
- fprintf(stderr, "%02x ", unenc_authent[padl]);
- fprintf(stderr, "\n");
- }
-# endif /* KSSL_DEBUG */
-
- if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "confounded by authenticator.\n");
- krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto err;
- }
- outl -= p - unenc_authent;
-
- if ((auth = (KRB5_AUTHENTBODY *)d2i_KRB5_AUTHENT(NULL, &p,
- (long)outl)) == NULL) {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "Error decoding authenticator body.\n");
- krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto err;
- }
-
- memset(&tm_time, 0, sizeof(struct tm));
- if (k_gmtime(auth->ctime, &tm_time) &&
- ((tr = mktime(&tm_time)) != (time_t)(-1))) {
- now = time(&now);
- tm_l = localtime(&now);
- tl = mktime(tm_l);
- tm_g = gmtime(&now);
- tg = mktime(tm_g);
- tz_offset = tg - tl;
-
- *atimep = (krb5_timestamp)(tr - tz_offset);
- }
-# ifdef KSSL_DEBUG
- fprintf(stderr, "kssl_check_authent: returns %d for client time ",
- *atimep);
- if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
- fprintf(stderr, "%.*s\n", auth->ctime->length, auth->ctime->data);
- else
- fprintf(stderr, "NULL\n");
-# endif /* KSSL_DEBUG */
-
- err:
- if (auth)
- KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
- if (dec_authent)
- KRB5_ENCDATA_free(dec_authent);
- if (unenc_authent)
- free(unenc_authent);
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
- return krb5rc;
-}
-
-/*
- * Replaces krb5_build_principal_ext(), with varargs length == 2 (svc, host),
- * because I don't know how to stub varargs. Returns krb5_error_code ==
- * ENOMEM on alloc error, otherwise passes back newly constructed principal,
- * which should be freed by caller.
- */
-krb5_error_code kssl_build_principal_2(
- /*
- * UPDATE
- */ krb5_context context,
- /*
- * OUT
- */ krb5_principal *princ,
- /*
- * IN
- */ int rlen, const char *realm,
- /*
- * IN
- */ int slen, const char *svc,
- /*
- * IN
- */ int hlen, const char *host)
-{
- krb5_data *p_data = NULL;
- krb5_principal new_p = NULL;
- char *new_r = NULL;
-
- if ((p_data = (krb5_data *)calloc(2, sizeof(krb5_data))) == NULL ||
- (new_p = (krb5_principal)calloc(1, sizeof(krb5_principal_data)))
- == NULL)
- goto err;
- new_p->length = 2;
- new_p->data = p_data;
-
- if ((new_r = calloc(1, rlen + 1)) == NULL)
- goto err;
- memcpy(new_r, realm, rlen);
- krb5_princ_set_realm_length(context, new_p, rlen);
- krb5_princ_set_realm_data(context, new_p, new_r);
-
- if ((new_p->data[0].data = calloc(1, slen + 1)) == NULL)
- goto err;
- memcpy(new_p->data[0].data, svc, slen);
- new_p->data[0].length = slen;
-
- if ((new_p->data[1].data = calloc(1, hlen + 1)) == NULL)
- goto err;
- memcpy(new_p->data[1].data, host, hlen);
- new_p->data[1].length = hlen;
-
- krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
- *princ = new_p;
- return 0;
-
- err:
- if (new_p && new_p[0].data)
- free(new_p[0].data);
- if (new_p && new_p[1].data)
- free(new_p[1].data);
- if (new_p)
- free(new_p);
- if (new_r)
- free(new_r);
- return ENOMEM;
-}
-
-void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
-{
- s->kssl_ctx = kctx;
-}
-
-KSSL_CTX *SSL_get0_kssl_ctx(SSL *s)
-{
- return s->kssl_ctx;
-}
-
-char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
-{
- if (kctx)
- return kctx->client_princ;
- return NULL;
-}
-
-#else /* !OPENSSL_NO_KRB5 */
-
-# if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
-static void *dummy = &dummy;
-# endif
-
-#endif /* !OPENSSL_NO_KRB5 */
Copied: vendor-crypto/openssl/1.0.1u/ssl/kssl.c (from rev 11605, vendor-crypto/openssl/dist/ssl/kssl.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/kssl.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/kssl.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2260 @@
+/* ssl/kssl.c */
+/*
+ * Written by Vern Staats <staatsvr at asc.hpc.mil> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*-
+ * ssl/kssl.c -- Routines to support (& debug) Kerberos5 auth for openssl
+ *
+ * 19990701 VRS Started.
+ * 200011?? Jeffrey Altman, Richard Levitte
+ * Generalized for Heimdal, Newer MIT, & Win32.
+ * Integrated into main OpenSSL 0.9.7 snapshots.
+ * 20010413 Simon Wilkinson, VRS
+ * Real RFC2712 KerberosWrapper replaces AP_REQ.
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <string.h>
+
+#define KRB5_PRIVATE 1
+
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/krb5_asn.h>
+#include "kssl_lcl.h"
+
+#ifndef OPENSSL_NO_KRB5
+
+# ifndef ENOMEM
+# define ENOMEM KRB5KRB_ERR_GENERIC
+# endif
+
+/*
+ * When OpenSSL is built on Windows, we do not want to require that
+ * the Kerberos DLLs be available in order for the OpenSSL DLLs to
+ * work. Therefore, all Kerberos routines are loaded at run time
+ * and we do not link to a .LIB file.
+ */
+
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+/*
+ * The purpose of the following pre-processor statements is to provide
+ * compatibility with different releases of MIT Kerberos for Windows.
+ * All versions up to 1.2 used macros. But macros do not allow for
+ * a binary compatible interface for DLLs. Therefore, all macros are
+ * being replaced by function calls. The following code will allow
+ * an OpenSSL DLL built on Windows to work whether or not the macro
+ * or function form of the routines are utilized.
+ */
+# ifdef krb5_cc_get_principal
+# define NO_DEF_KRB5_CCACHE
+# undef krb5_cc_get_principal
+# endif
+# define krb5_cc_get_principal kssl_krb5_cc_get_principal
+
+# define krb5_free_data_contents kssl_krb5_free_data_contents
+# define krb5_free_context kssl_krb5_free_context
+# define krb5_auth_con_free kssl_krb5_auth_con_free
+# define krb5_free_principal kssl_krb5_free_principal
+# define krb5_mk_req_extended kssl_krb5_mk_req_extended
+# define krb5_get_credentials kssl_krb5_get_credentials
+# define krb5_cc_default kssl_krb5_cc_default
+# define krb5_sname_to_principal kssl_krb5_sname_to_principal
+# define krb5_init_context kssl_krb5_init_context
+# define krb5_free_ticket kssl_krb5_free_ticket
+# define krb5_rd_req kssl_krb5_rd_req
+# define krb5_kt_default kssl_krb5_kt_default
+# define krb5_kt_resolve kssl_krb5_kt_resolve
+/* macros in mit 1.2.2 and earlier; functions in mit 1.2.3 and greater */
+# ifndef krb5_kt_close
+# define krb5_kt_close kssl_krb5_kt_close
+# endif /* krb5_kt_close */
+# ifndef krb5_kt_get_entry
+# define krb5_kt_get_entry kssl_krb5_kt_get_entry
+# endif /* krb5_kt_get_entry */
+# define krb5_auth_con_init kssl_krb5_auth_con_init
+
+# define krb5_principal_compare kssl_krb5_principal_compare
+# define krb5_decrypt_tkt_part kssl_krb5_decrypt_tkt_part
+# define krb5_timeofday kssl_krb5_timeofday
+# define krb5_rc_default kssl_krb5_rc_default
+
+# ifdef krb5_rc_initialize
+# undef krb5_rc_initialize
+# endif
+# define krb5_rc_initialize kssl_krb5_rc_initialize
+
+# ifdef krb5_rc_get_lifespan
+# undef krb5_rc_get_lifespan
+# endif
+# define krb5_rc_get_lifespan kssl_krb5_rc_get_lifespan
+
+# ifdef krb5_rc_destroy
+# undef krb5_rc_destroy
+# endif
+# define krb5_rc_destroy kssl_krb5_rc_destroy
+
+# define valid_cksumtype kssl_valid_cksumtype
+# define krb5_checksum_size kssl_krb5_checksum_size
+# define krb5_kt_free_entry kssl_krb5_kt_free_entry
+# define krb5_auth_con_setrcache kssl_krb5_auth_con_setrcache
+# define krb5_auth_con_getrcache kssl_krb5_auth_con_getrcache
+# define krb5_get_server_rcache kssl_krb5_get_server_rcache
+
+/* Prototypes for built in stubs */
+void kssl_krb5_free_data_contents(krb5_context, krb5_data *);
+void kssl_krb5_free_principal(krb5_context, krb5_principal);
+krb5_error_code kssl_krb5_kt_resolve(krb5_context,
+ krb5_const char *, krb5_keytab *);
+krb5_error_code kssl_krb5_kt_default(krb5_context, krb5_keytab *);
+krb5_error_code kssl_krb5_free_ticket(krb5_context, krb5_ticket *);
+krb5_error_code kssl_krb5_rd_req(krb5_context, krb5_auth_context *,
+ krb5_const krb5_data *,
+ krb5_const_principal, krb5_keytab,
+ krb5_flags *, krb5_ticket **);
+
+krb5_boolean kssl_krb5_principal_compare(krb5_context, krb5_const_principal,
+ krb5_const_principal);
+krb5_error_code kssl_krb5_mk_req_extended(krb5_context,
+ krb5_auth_context *,
+ krb5_const krb5_flags,
+ krb5_data *,
+ krb5_creds *, krb5_data *);
+krb5_error_code kssl_krb5_init_context(krb5_context *);
+void kssl_krb5_free_context(krb5_context);
+krb5_error_code kssl_krb5_cc_default(krb5_context, krb5_ccache *);
+krb5_error_code kssl_krb5_sname_to_principal(krb5_context,
+ krb5_const char *,
+ krb5_const char *,
+ krb5_int32, krb5_principal *);
+krb5_error_code kssl_krb5_get_credentials(krb5_context,
+ krb5_const krb5_flags,
+ krb5_ccache,
+ krb5_creds *, krb5_creds * *);
+krb5_error_code kssl_krb5_auth_con_init(krb5_context, krb5_auth_context *);
+krb5_error_code kssl_krb5_cc_get_principal(krb5_context context,
+ krb5_ccache cache,
+ krb5_principal *principal);
+krb5_error_code kssl_krb5_auth_con_free(krb5_context, krb5_auth_context);
+size_t kssl_krb5_checksum_size(krb5_context context, krb5_cksumtype ctype);
+krb5_boolean kssl_valid_cksumtype(krb5_cksumtype ctype);
+krb5_error_code krb5_kt_free_entry(krb5_context, krb5_keytab_entry FAR *);
+krb5_error_code kssl_krb5_auth_con_setrcache(krb5_context,
+ krb5_auth_context, krb5_rcache);
+krb5_error_code kssl_krb5_get_server_rcache(krb5_context,
+ krb5_const krb5_data *,
+ krb5_rcache *);
+krb5_error_code kssl_krb5_auth_con_getrcache(krb5_context,
+ krb5_auth_context,
+ krb5_rcache *);
+
+/* Function pointers (almost all Kerberos functions are _stdcall) */
+static void (_stdcall *p_krb5_free_data_contents) (krb5_context, krb5_data *)
+ = NULL;
+static void (_stdcall *p_krb5_free_principal) (krb5_context, krb5_principal)
+ = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_resolve)
+ (krb5_context, krb5_const char *, krb5_keytab *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_default) (krb5_context,
+ krb5_keytab *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_free_ticket) (krb5_context,
+ krb5_ticket *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rd_req) (krb5_context,
+ krb5_auth_context *,
+ krb5_const krb5_data *,
+ krb5_const_principal,
+ krb5_keytab, krb5_flags *,
+ krb5_ticket **) = NULL;
+static krb5_error_code(_stdcall *p_krb5_mk_req_extended)
+ (krb5_context, krb5_auth_context *,
+ krb5_const krb5_flags, krb5_data *, krb5_creds *, krb5_data *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_init_context) (krb5_context *) = NULL;
+static void (_stdcall *p_krb5_free_context) (krb5_context) = NULL;
+static krb5_error_code(_stdcall *p_krb5_cc_default) (krb5_context,
+ krb5_ccache *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_sname_to_principal)
+ (krb5_context, krb5_const char *, krb5_const char *,
+ krb5_int32, krb5_principal *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_get_credentials)
+ (krb5_context, krb5_const krb5_flags, krb5_ccache,
+ krb5_creds *, krb5_creds **) = NULL;
+static krb5_error_code(_stdcall *p_krb5_auth_con_init)
+ (krb5_context, krb5_auth_context *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_cc_get_principal)
+ (krb5_context context, krb5_ccache cache, krb5_principal *principal) = NULL;
+static krb5_error_code(_stdcall *p_krb5_auth_con_free)
+ (krb5_context, krb5_auth_context) = NULL;
+static krb5_error_code(_stdcall *p_krb5_decrypt_tkt_part)
+ (krb5_context, krb5_const krb5_keyblock *, krb5_ticket *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_timeofday)
+ (krb5_context context, krb5_int32 *timeret) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_default)
+ (krb5_context context, krb5_rcache *rc) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_initialize)
+ (krb5_context context, krb5_rcache rc, krb5_deltat lifespan) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_get_lifespan)
+ (krb5_context context, krb5_rcache rc, krb5_deltat *lifespan) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_destroy)
+ (krb5_context context, krb5_rcache rc) = NULL;
+static krb5_boolean(_stdcall *p_krb5_principal_compare)
+ (krb5_context, krb5_const_principal, krb5_const_principal) = NULL;
+static size_t (_stdcall *p_krb5_checksum_size) (krb5_context context,
+ krb5_cksumtype ctype) = NULL;
+static krb5_boolean(_stdcall *p_valid_cksumtype) (krb5_cksumtype ctype) =
+ NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_free_entry)
+ (krb5_context, krb5_keytab_entry *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_auth_con_setrcache) (krb5_context,
+ krb5_auth_context,
+ krb5_rcache) =
+ NULL;
+static krb5_error_code(_stdcall *p_krb5_get_server_rcache) (krb5_context,
+ krb5_const
+ krb5_data *,
+ krb5_rcache *) =
+ NULL;
+static krb5_error_code(*p_krb5_auth_con_getrcache) (krb5_context,
+ krb5_auth_context,
+ krb5_rcache *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_close) (krb5_context context,
+ krb5_keytab keytab) = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_get_entry) (krb5_context context,
+ krb5_keytab keytab,
+ krb5_const_principal
+ principal,
+ krb5_kvno vno,
+ krb5_enctype enctype,
+ krb5_keytab_entry
+ *entry) = NULL;
+static int krb5_loaded = 0; /* only attempt to initialize func ptrs once */
+
+/* Function to Load the Kerberos 5 DLL and initialize function pointers */
+void load_krb5_dll(void)
+{
+ HANDLE hKRB5_32;
+
+ krb5_loaded++;
+ hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
+ if (!hKRB5_32)
+ return;
+
+ (FARPROC) p_krb5_free_data_contents =
+ GetProcAddress(hKRB5_32, "krb5_free_data_contents");
+ (FARPROC) p_krb5_free_context =
+ GetProcAddress(hKRB5_32, "krb5_free_context");
+ (FARPROC) p_krb5_auth_con_free =
+ GetProcAddress(hKRB5_32, "krb5_auth_con_free");
+ (FARPROC) p_krb5_free_principal =
+ GetProcAddress(hKRB5_32, "krb5_free_principal");
+ (FARPROC) p_krb5_mk_req_extended =
+ GetProcAddress(hKRB5_32, "krb5_mk_req_extended");
+ (FARPROC) p_krb5_get_credentials =
+ GetProcAddress(hKRB5_32, "krb5_get_credentials");
+ (FARPROC) p_krb5_cc_get_principal =
+ GetProcAddress(hKRB5_32, "krb5_cc_get_principal");
+ (FARPROC) p_krb5_cc_default = GetProcAddress(hKRB5_32, "krb5_cc_default");
+ (FARPROC) p_krb5_sname_to_principal =
+ GetProcAddress(hKRB5_32, "krb5_sname_to_principal");
+ (FARPROC) p_krb5_init_context =
+ GetProcAddress(hKRB5_32, "krb5_init_context");
+ (FARPROC) p_krb5_free_ticket =
+ GetProcAddress(hKRB5_32, "krb5_free_ticket");
+ (FARPROC) p_krb5_rd_req = GetProcAddress(hKRB5_32, "krb5_rd_req");
+ (FARPROC) p_krb5_principal_compare =
+ GetProcAddress(hKRB5_32, "krb5_principal_compare");
+ (FARPROC) p_krb5_decrypt_tkt_part =
+ GetProcAddress(hKRB5_32, "krb5_decrypt_tkt_part");
+ (FARPROC) p_krb5_timeofday = GetProcAddress(hKRB5_32, "krb5_timeofday");
+ (FARPROC) p_krb5_rc_default = GetProcAddress(hKRB5_32, "krb5_rc_default");
+ (FARPROC) p_krb5_rc_initialize =
+ GetProcAddress(hKRB5_32, "krb5_rc_initialize");
+ (FARPROC) p_krb5_rc_get_lifespan =
+ GetProcAddress(hKRB5_32, "krb5_rc_get_lifespan");
+ (FARPROC) p_krb5_rc_destroy = GetProcAddress(hKRB5_32, "krb5_rc_destroy");
+ (FARPROC) p_krb5_kt_default = GetProcAddress(hKRB5_32, "krb5_kt_default");
+ (FARPROC) p_krb5_kt_resolve = GetProcAddress(hKRB5_32, "krb5_kt_resolve");
+ (FARPROC) p_krb5_auth_con_init =
+ GetProcAddress(hKRB5_32, "krb5_auth_con_init");
+ (FARPROC) p_valid_cksumtype = GetProcAddress(hKRB5_32, "valid_cksumtype");
+ (FARPROC) p_krb5_checksum_size =
+ GetProcAddress(hKRB5_32, "krb5_checksum_size");
+ (FARPROC) p_krb5_kt_free_entry =
+ GetProcAddress(hKRB5_32, "krb5_kt_free_entry");
+ (FARPROC) p_krb5_auth_con_setrcache =
+ GetProcAddress(hKRB5_32, "krb5_auth_con_setrcache");
+ (FARPROC) p_krb5_get_server_rcache =
+ GetProcAddress(hKRB5_32, "krb5_get_server_rcache");
+ (FARPROC) p_krb5_auth_con_getrcache =
+ GetProcAddress(hKRB5_32, "krb5_auth_con_getrcache");
+ (FARPROC) p_krb5_kt_close = GetProcAddress(hKRB5_32, "krb5_kt_close");
+ (FARPROC) p_krb5_kt_get_entry =
+ GetProcAddress(hKRB5_32, "krb5_kt_get_entry");
+}
+
+/* Stubs for each function to be dynamicly loaded */
+void kssl_krb5_free_data_contents(krb5_context CO, krb5_data *data)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_free_data_contents)
+ p_krb5_free_data_contents(CO, data);
+}
+
+krb5_error_code
+kssl_krb5_mk_req_extended(krb5_context CO,
+ krb5_auth_context *pACO,
+ krb5_const krb5_flags F,
+ krb5_data *pD1, krb5_creds *pC, krb5_data *pD2)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_mk_req_extended)
+ return (p_krb5_mk_req_extended(CO, pACO, F, pD1, pC, pD2));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_auth_con_init(krb5_context CO, krb5_auth_context *pACO)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_auth_con_init)
+ return (p_krb5_auth_con_init(CO, pACO));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_auth_con_free(krb5_context CO, krb5_auth_context ACO)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_auth_con_free)
+ return (p_krb5_auth_con_free(CO, ACO));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_get_credentials(krb5_context CO,
+ krb5_const krb5_flags F,
+ krb5_ccache CC, krb5_creds *pCR, krb5_creds **ppCR)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_get_credentials)
+ return (p_krb5_get_credentials(CO, F, CC, pCR, ppCR));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_sname_to_principal(krb5_context CO,
+ krb5_const char *pC1,
+ krb5_const char *pC2,
+ krb5_int32 I, krb5_principal *pPR)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_sname_to_principal)
+ return (p_krb5_sname_to_principal(CO, pC1, pC2, I, pPR));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_cc_default(krb5_context CO, krb5_ccache *pCC)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_cc_default)
+ return (p_krb5_cc_default(CO, pCC));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_init_context(krb5_context *pCO)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_init_context)
+ return (p_krb5_init_context(pCO));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+void kssl_krb5_free_context(krb5_context CO)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_free_context)
+ p_krb5_free_context(CO);
+}
+
+void kssl_krb5_free_principal(krb5_context c, krb5_principal p)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_free_principal)
+ p_krb5_free_principal(c, p);
+}
+
+krb5_error_code
+kssl_krb5_kt_resolve(krb5_context con, krb5_const char *sz, krb5_keytab *kt)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_kt_resolve)
+ return (p_krb5_kt_resolve(con, sz, kt));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_kt_default(krb5_context con, krb5_keytab *kt)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_kt_default)
+ return (p_krb5_kt_default(con, kt));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_free_ticket(krb5_context con, krb5_ticket *kt)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_free_ticket)
+ return (p_krb5_free_ticket(con, kt));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_rd_req(krb5_context con, krb5_auth_context *pacon,
+ krb5_const krb5_data *data,
+ krb5_const_principal princ, krb5_keytab keytab,
+ krb5_flags *flags, krb5_ticket **pptkt)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_rd_req)
+ return (p_krb5_rd_req(con, pacon, data, princ, keytab, flags, pptkt));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_boolean
+krb5_principal_compare(krb5_context con, krb5_const_principal princ1,
+ krb5_const_principal princ2)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_principal_compare)
+ return (p_krb5_principal_compare(con, princ1, princ2));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+krb5_decrypt_tkt_part(krb5_context con, krb5_const krb5_keyblock *keys,
+ krb5_ticket *ticket)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_decrypt_tkt_part)
+ return (p_krb5_decrypt_tkt_part(con, keys, ticket));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_timeofday(krb5_context con, krb5_int32 *timeret)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_timeofday)
+ return (p_krb5_timeofday(con, timeret));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_rc_default(krb5_context con, krb5_rcache *rc)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_rc_default)
+ return (p_krb5_rc_default(con, rc));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+krb5_rc_initialize(krb5_context con, krb5_rcache rc, krb5_deltat lifespan)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_rc_initialize)
+ return (p_krb5_rc_initialize(con, rc, lifespan));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+krb5_rc_get_lifespan(krb5_context con, krb5_rcache rc, krb5_deltat *lifespanp)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_rc_get_lifespan)
+ return (p_krb5_rc_get_lifespan(con, rc, lifespanp));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_rc_destroy(krb5_context con, krb5_rcache rc)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_rc_destroy)
+ return (p_krb5_rc_destroy(con, rc));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+size_t krb5_checksum_size(krb5_context context, krb5_cksumtype ctype)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_checksum_size)
+ return (p_krb5_checksum_size(context, ctype));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_boolean valid_cksumtype(krb5_cksumtype ctype)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_valid_cksumtype)
+ return (p_valid_cksumtype(ctype));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_kt_free_entry(krb5_context con, krb5_keytab_entry *entry)
+{
+ if (!krb5_loaded)
+ load_krb5_dll();
+
+ if (p_krb5_kt_free_entry)
+ return (p_krb5_kt_free_entry(con, entry));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+/* Structure definitions */
+# ifndef NO_DEF_KRB5_CCACHE
+# ifndef krb5_x
+# define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
+# define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
+# endif
+
+typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
+
+typedef struct _krb5_ccache {
+ krb5_magic magic;
+ struct _krb5_cc_ops FAR *ops;
+ krb5_pointer data;
+} *krb5_ccache;
+
+typedef struct _krb5_cc_ops {
+ krb5_magic magic;
+ char *prefix;
+ char *(KRB5_CALLCONV *get_name)
+ (krb5_context, krb5_ccache);
+ krb5_error_code(KRB5_CALLCONV *resolve)
+ (krb5_context, krb5_ccache *, const char *);
+ krb5_error_code(KRB5_CALLCONV *gen_new)
+ (krb5_context, krb5_ccache *);
+ krb5_error_code(KRB5_CALLCONV *init)
+ (krb5_context, krb5_ccache, krb5_principal);
+ krb5_error_code(KRB5_CALLCONV *destroy)
+ (krb5_context, krb5_ccache);
+ krb5_error_code(KRB5_CALLCONV *close)
+ (krb5_context, krb5_ccache);
+ krb5_error_code(KRB5_CALLCONV *store)
+ (krb5_context, krb5_ccache, krb5_creds *);
+ krb5_error_code(KRB5_CALLCONV *retrieve)
+ (krb5_context, krb5_ccache, krb5_flags, krb5_creds *, krb5_creds *);
+ krb5_error_code(KRB5_CALLCONV *get_princ)
+ (krb5_context, krb5_ccache, krb5_principal *);
+ krb5_error_code(KRB5_CALLCONV *get_first)
+ (krb5_context, krb5_ccache, krb5_cc_cursor *);
+ krb5_error_code(KRB5_CALLCONV *get_next)
+ (krb5_context, krb5_ccache, krb5_cc_cursor *, krb5_creds *);
+ krb5_error_code(KRB5_CALLCONV *end_get)
+ (krb5_context, krb5_ccache, krb5_cc_cursor *);
+ krb5_error_code(KRB5_CALLCONV *remove_cred)
+ (krb5_context, krb5_ccache, krb5_flags, krb5_creds *);
+ krb5_error_code(KRB5_CALLCONV *set_flags)
+ (krb5_context, krb5_ccache, krb5_flags);
+} krb5_cc_ops;
+# endif /* NO_DEF_KRB5_CCACHE */
+
+krb5_error_code
+ kssl_krb5_cc_get_principal
+ (krb5_context context, krb5_ccache cache, krb5_principal *principal) {
+ if (p_krb5_cc_get_principal)
+ return (p_krb5_cc_get_principal(context, cache, principal));
+ else
+ return (krb5_x((cache)->ops->get_princ, (context, cache, principal)));
+}
+
+krb5_error_code
+kssl_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
+ krb5_rcache rcache)
+{
+ if (p_krb5_auth_con_setrcache)
+ return (p_krb5_auth_con_setrcache(con, acon, rcache));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data *data,
+ krb5_rcache *rcache)
+{
+ if (p_krb5_get_server_rcache)
+ return (p_krb5_get_server_rcache(con, data, rcache));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
+ krb5_rcache *prcache)
+{
+ if (p_krb5_auth_con_getrcache)
+ return (p_krb5_auth_con_getrcache(con, acon, prcache));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_kt_close(krb5_context context, krb5_keytab keytab)
+{
+ if (p_krb5_kt_close)
+ return (p_krb5_kt_close(context, keytab));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
+ krb5_const_principal principal, krb5_kvno vno,
+ krb5_enctype enctype, krb5_keytab_entry *entry)
+{
+ if (p_krb5_kt_get_entry)
+ return (p_krb5_kt_get_entry
+ (context, keytab, principal, vno, enctype, entry));
+ else
+ return KRB5KRB_ERR_GENERIC;
+}
+# endif /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
+
+/*
+ * memory allocation functions for non-temporary storage (e.g. stuff that
+ * gets saved into the kssl context)
+ */
+static void *kssl_calloc(size_t nmemb, size_t size)
+{
+ void *p;
+
+ p = OPENSSL_malloc(nmemb * size);
+ if (p) {
+ memset(p, 0, nmemb * size);
+ }
+ return p;
+}
+
+# define kssl_malloc(size) OPENSSL_malloc((size))
+# define kssl_realloc(ptr, size) OPENSSL_realloc(ptr, size)
+# define kssl_free(ptr) OPENSSL_free((ptr))
+
+char
+*kstring(char *string)
+{
+ static char *null = "[NULL]";
+
+ return ((string == NULL) ? null : string);
+}
+
+/*
+ * Given KRB5 enctype (basically DES or 3DES), return closest match openssl
+ * EVP_ encryption algorithm. Return NULL for unknown or problematic
+ * (krb5_dk_encrypt) enctypes. Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are
+ * OK.
+ */
+const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype)
+{
+ switch (enctype) {
+ case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
+ case ENCTYPE_DES_CBC_CRC:
+ case ENCTYPE_DES_CBC_MD4:
+ case ENCTYPE_DES_CBC_MD5:
+ case ENCTYPE_DES_CBC_RAW:
+ return EVP_des_cbc();
+ break;
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+ case ENCTYPE_DES3_CBC_SHA:
+ case ENCTYPE_DES3_CBC_RAW:
+ return EVP_des_ede3_cbc();
+ break;
+ default:
+ return NULL;
+ break;
+ }
+}
+
+/*
+ * Return true:1 if p "looks like" the start of the real authenticator
+ * described in kssl_skip_confound() below. The ASN.1 pattern is "62 xx 30
+ * yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and xx and yy are
+ * possibly multi-byte length fields.
+ */
+static int kssl_test_confound(unsigned char *p)
+{
+ int len = 2;
+ int xx = 0, yy = 0;
+
+ if (*p++ != 0x62)
+ return 0;
+ if (*p > 0x82)
+ return 0;
+ switch (*p) {
+ case 0x82:
+ p++;
+ xx = (*p++ << 8);
+ xx += *p++;
+ break;
+ case 0x81:
+ p++;
+ xx = *p++;
+ break;
+ case 0x80:
+ return 0;
+ default:
+ xx = *p++;
+ break;
+ }
+ if (*p++ != 0x30)
+ return 0;
+ if (*p > 0x82)
+ return 0;
+ switch (*p) {
+ case 0x82:
+ p++;
+ len += 2;
+ yy = (*p++ << 8);
+ yy += *p++;
+ break;
+ case 0x81:
+ p++;
+ len++;
+ yy = *p++;
+ break;
+ case 0x80:
+ return 0;
+ default:
+ yy = *p++;
+ break;
+ }
+
+ return (xx - len == yy) ? 1 : 0;
+}
+
+/*
+ * Allocate, fill, and return cksumlens array of checksum lengths. This
+ * array holds just the unique elements from the krb5_cksumarray[]. array[n]
+ * == 0 signals end of data. The krb5_cksumarray[] was an internal variable
+ * that has since been replaced by a more general method for storing the
+ * data. It should not be used. Instead we use real API calls and make a
+ * guess for what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
+ * it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
+ */
+static size_t *populate_cksumlens(void)
+{
+ int i, j, n;
+ static size_t *cklens = NULL;
+
+# ifdef KRB5_MIT_OLD11
+ n = krb5_max_cksum;
+# else
+ n = 0x0010;
+# endif /* KRB5_MIT_OLD11 */
+
+# ifdef KRB5CHECKAUTH
+ if (!cklens && !(cklens = (size_t *)calloc(sizeof(int), n + 1)))
+ return NULL;
+
+ for (i = 0; i < n; i++) {
+ if (!valid_cksumtype(i))
+ continue; /* array has holes */
+ for (j = 0; j < n; j++) {
+ if (cklens[j] == 0) {
+ cklens[j] = krb5_checksum_size(NULL, i);
+ break; /* krb5 elem was new: add */
+ }
+ if (cklens[j] == krb5_checksum_size(NULL, i)) {
+ break; /* ignore duplicate elements */
+ }
+ }
+ }
+# endif /* KRB5CHECKAUTH */
+
+ return cklens;
+}
+
+/*-
+ * Return pointer to start of real authenticator within authenticator, or
+ * return NULL on error.
+ * Decrypted authenticator looks like this:
+ * [0 or 8 byte confounder] [4-24 byte checksum] [real authent'r]
+ * This hackery wouldn't be necessary if MIT KRB5 1.0.6 had the
+ * krb5_auth_con_getcksumtype() function advertised in its krb5.h.
+ */
+unsigned char *kssl_skip_confound(krb5_enctype etype, unsigned char *a)
+{
+ int i, conlen;
+ size_t cklen;
+ static size_t *cksumlens = NULL;
+ unsigned char *test_auth;
+
+ conlen = (etype) ? 8 : 0;
+
+ if (!cksumlens && !(cksumlens = populate_cksumlens()))
+ return NULL;
+ for (i = 0; (cklen = cksumlens[i]) != 0; i++) {
+ test_auth = a + conlen + cklen;
+ if (kssl_test_confound(test_auth))
+ return test_auth;
+ }
+
+ return NULL;
+}
+
+/*
+ * Set kssl_err error info when reason text is a simple string kssl_err =
+ * struct { int reason; char text[KSSL_ERR_MAX+1]; }
+ */
+void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text)
+{
+ if (kssl_err == NULL)
+ return;
+
+ kssl_err->reason = reason;
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "%s", text);
+ return;
+}
+
+/*
+ * Display contents of krb5_data struct, for debugging
+ */
+void print_krb5_data(char *label, krb5_data *kdata)
+{
+ int i;
+
+ fprintf(stderr, "%s[%d] ", label, kdata->length);
+ for (i = 0; i < (int)kdata->length; i++) {
+ if (0 && isprint((int)kdata->data[i]))
+ fprintf(stderr, "%c ", kdata->data[i]);
+ else
+ fprintf(stderr, "%02x ", (unsigned char)kdata->data[i]);
+ }
+ fprintf(stderr, "\n");
+}
+
+/*
+ * Display contents of krb5_authdata struct, for debugging
+ */
+void print_krb5_authdata(char *label, krb5_authdata **adata)
+{
+ if (adata == NULL) {
+ fprintf(stderr, "%s, authdata==0\n", label);
+ return;
+ }
+ fprintf(stderr, "%s [%p]\n", label, (void *)adata);
+# if 0
+ {
+ int i;
+ fprintf(stderr, "%s[at%d:%d] ", label, adata->ad_type, adata->length);
+ for (i = 0; i < adata->length; i++) {
+ fprintf(stderr, (isprint(adata->contents[i])) ? "%c " : "%02x",
+ adata->contents[i]);
+ }
+ fprintf(stderr, "\n");
+ }
+# endif
+}
+
+/*
+ * Display contents of krb5_keyblock struct, for debugging
+ */
+void print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
+{
+ int i;
+
+ if (keyblk == NULL) {
+ fprintf(stderr, "%s, keyblk==0\n", label);
+ return;
+ }
+# ifdef KRB5_HEIMDAL
+ fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->keytype,
+ keyblk->keyvalue->length);
+ for (i = 0; i < (int)keyblk->keyvalue->length; i++) {
+ fprintf(stderr, "%02x",
+ (unsigned char *)(keyblk->keyvalue->contents)[i]);
+ }
+ fprintf(stderr, "\n");
+# else
+ fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->enctype,
+ keyblk->length);
+ for (i = 0; i < (int)keyblk->length; i++) {
+ fprintf(stderr, "%02x", keyblk->contents[i]);
+ }
+ fprintf(stderr, "\n");
+# endif
+}
+
+/*
+ * Display contents of krb5_principal_data struct, for debugging
+ * (krb5_principal is typedef'd == krb5_principal_data *)
+ */
+static void print_krb5_princ(char *label, krb5_principal_data *princ)
+{
+ int i, ui, uj;
+
+ fprintf(stderr, "%s principal Realm: ", label);
+ if (princ == NULL)
+ return;
+ for (ui = 0; ui < (int)princ->realm.length; ui++)
+ putchar(princ->realm.data[ui]);
+ fprintf(stderr, " (nametype %d) has %d strings:\n", princ->type,
+ princ->length);
+ for (i = 0; i < (int)princ->length; i++) {
+ fprintf(stderr, "\t%d [%d]: ", i, princ->data[i].length);
+ for (uj = 0; uj < (int)princ->data[i].length; uj++) {
+ putchar(princ->data[i].data[uj]);
+ }
+ fprintf(stderr, "\n");
+ }
+ return;
+}
+
+/*- Given krb5 service (typically "kssl") and hostname in kssl_ctx,
+ * Return encrypted Kerberos ticket for service @ hostname.
+ * If authenp is non-NULL, also return encrypted authenticator,
+ * whose data should be freed by caller.
+ * (Originally was: Create Kerberos AP_REQ message for SSL Client.)
+ *
+ * 19990628 VRS Started; Returns Kerberos AP_REQ message.
+ * 20010409 VRS Modified for RFC2712; Returns enc tkt.
+ * 20010606 VRS May also return optional authenticator.
+ */
+krb5_error_code kssl_cget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
+ /*
+ * OUT
+ */ krb5_data **enc_ticketp,
+ /*
+ * UPDATE
+ */ krb5_data *authenp,
+ /*
+ * OUT
+ */ KSSL_ERR *kssl_err)
+{
+ krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+ krb5_context krb5context = NULL;
+ krb5_auth_context krb5auth_context = NULL;
+ krb5_ccache krb5ccdef = NULL;
+ krb5_creds krb5creds, *krb5credsp = NULL;
+ krb5_data krb5_app_req;
+
+ kssl_err_set(kssl_err, 0, "");
+ memset((char *)&krb5creds, 0, sizeof(krb5creds));
+
+ if (!kssl_ctx) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
+ goto err;
+ } else if (!kssl_ctx->service_host) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "kssl_ctx service_host undefined.\n");
+ goto err;
+ }
+
+ if ((krb5rc = krb5_init_context(&krb5context)) != 0) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "krb5_init_context() fails: %d\n", krb5rc);
+ kssl_err->reason = SSL_R_KRB5_C_INIT;
+ goto err;
+ }
+
+ if ((krb5rc = krb5_sname_to_principal(krb5context,
+ kssl_ctx->service_host,
+ (kssl_ctx->service_name) ?
+ kssl_ctx->service_name : KRB5SVC,
+ KRB5_NT_SRV_HST,
+ &krb5creds.server)) != 0) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "krb5_sname_to_principal() fails for %s/%s\n",
+ kssl_ctx->service_host,
+ (kssl_ctx->
+ service_name) ? kssl_ctx->service_name : KRB5SVC);
+ kssl_err->reason = SSL_R_KRB5_C_INIT;
+ goto err;
+ }
+
+ if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
+ "krb5_cc_default fails.\n");
+ goto err;
+ }
+
+ if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
+ &krb5creds.client)) != 0) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
+ "krb5_cc_get_principal() fails.\n");
+ goto err;
+ }
+
+ if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
+ &krb5creds, &krb5credsp)) != 0) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_C_GET_CRED,
+ "krb5_get_credentials() fails.\n");
+ goto err;
+ }
+
+ *enc_ticketp = &krb5credsp->ticket;
+# ifdef KRB5_HEIMDAL
+ kssl_ctx->enctype = krb5credsp->session.keytype;
+# else
+ kssl_ctx->enctype = krb5credsp->keyblock.enctype;
+# endif
+
+ krb5rc = KRB5KRB_ERR_GENERIC;
+ /* caller should free data of krb5_app_req */
+ /*
+ * 20010406 VRS deleted for real KerberosWrapper 20010605 VRS reinstated
+ * to offer Authenticator to KerberosWrapper
+ */
+ krb5_app_req.length = 0;
+ if (authenp) {
+ krb5_data krb5in_data;
+ const unsigned char *p;
+ long arlen;
+ KRB5_APREQBODY *ap_req;
+
+ authenp->length = 0;
+ krb5in_data.data = NULL;
+ krb5in_data.length = 0;
+ if ((krb5rc = krb5_mk_req_extended(krb5context,
+ &krb5auth_context, 0, &krb5in_data,
+ krb5credsp, &krb5_app_req)) != 0) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_C_MK_REQ,
+ "krb5_mk_req_extended() fails.\n");
+ goto err;
+ }
+
+ arlen = krb5_app_req.length;
+ p = (unsigned char *)krb5_app_req.data;
+ ap_req = (KRB5_APREQBODY *)d2i_KRB5_APREQ(NULL, &p, arlen);
+ if (ap_req) {
+ authenp->length = i2d_KRB5_ENCDATA(ap_req->authenticator, NULL);
+ if (authenp->length && (authenp->data = malloc(authenp->length))) {
+ unsigned char *adp = (unsigned char *)authenp->data;
+ authenp->length =
+ i2d_KRB5_ENCDATA(ap_req->authenticator, &adp);
+ }
+ }
+
+ if (ap_req)
+ KRB5_APREQ_free((KRB5_APREQ *) ap_req);
+ if (krb5_app_req.length)
+ kssl_krb5_free_data_contents(krb5context, &krb5_app_req);
+ }
+# ifdef KRB5_HEIMDAL
+ if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->session)) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
+ "kssl_ctx_setkey() fails.\n");
+ }
+# else
+ if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->keyblock)) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
+ "kssl_ctx_setkey() fails.\n");
+ }
+# endif
+ else
+ krb5rc = 0;
+
+ err:
+# ifdef KSSL_DEBUG
+ kssl_ctx_show(kssl_ctx);
+# endif /* KSSL_DEBUG */
+
+ if (krb5creds.client)
+ krb5_free_principal(krb5context, krb5creds.client);
+ if (krb5creds.server)
+ krb5_free_principal(krb5context, krb5creds.server);
+ if (krb5auth_context)
+ krb5_auth_con_free(krb5context, krb5auth_context);
+ if (krb5context)
+ krb5_free_context(krb5context);
+ return (krb5rc);
+}
+
+/*-
+ * Given d2i_-decoded asn1ticket, allocate and return a new krb5_ticket.
+ * Return Kerberos error code and kssl_err struct on error.
+ * Allocates krb5_ticket and krb5_principal; caller should free these.
+ *
+ * 20010410 VRS Implemented krb5_decode_ticket() as
+ * old_krb5_decode_ticket(). Missing from MIT1.0.6.
+ * 20010615 VRS Re-cast as openssl/asn1 d2i_*() functions.
+ * Re-used some of the old krb5_decode_ticket()
+ * code here. This tkt should alloc/free just
+ * like the real thing.
+ */
+static krb5_error_code kssl_TKT2tkt( /* IN */ krb5_context krb5context,
+ /*
+ * IN
+ */ KRB5_TKTBODY *asn1ticket,
+ /*
+ * OUT
+ */ krb5_ticket **krb5ticket,
+ /*
+ * OUT
+ */ KSSL_ERR *kssl_err)
+{
+ krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+ krb5_ticket *new5ticket = NULL;
+ ASN1_GENERALSTRING *gstr_svc, *gstr_host;
+
+ *krb5ticket = NULL;
+
+ if (asn1ticket == NULL || asn1ticket->realm == NULL ||
+ asn1ticket->sname == NULL ||
+ sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "Null field in asn1ticket.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ return KRB5KRB_ERR_GENERIC;
+ }
+
+ if ((new5ticket = (krb5_ticket *)calloc(1, sizeof(krb5_ticket))) == NULL) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "Unable to allocate new krb5_ticket.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ return ENOMEM; /* or KRB5KRB_ERR_GENERIC; */
+ }
+
+ gstr_svc = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0);
+ gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1);
+
+ if ((krb5rc = kssl_build_principal_2(krb5context,
+ &new5ticket->server,
+ asn1ticket->realm->length,
+ (char *)asn1ticket->realm->data,
+ gstr_svc->length,
+ (char *)gstr_svc->data,
+ gstr_host->length,
+ (char *)gstr_host->data)) != 0) {
+ free(new5ticket);
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "Error building ticket server principal.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ return krb5rc; /* or KRB5KRB_ERR_GENERIC; */
+ }
+
+ krb5_princ_type(krb5context, new5ticket->server) =
+ asn1ticket->sname->nametype->data[0];
+ new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0];
+ new5ticket->enc_part.kvno = asn1ticket->encdata->kvno->data[0];
+ new5ticket->enc_part.ciphertext.length =
+ asn1ticket->encdata->cipher->length;
+ if ((new5ticket->enc_part.ciphertext.data =
+ calloc(1, asn1ticket->encdata->cipher->length)) == NULL) {
+ free(new5ticket);
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "Error allocating cipher in krb5ticket.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ return KRB5KRB_ERR_GENERIC;
+ } else {
+ memcpy(new5ticket->enc_part.ciphertext.data,
+ asn1ticket->encdata->cipher->data,
+ asn1ticket->encdata->cipher->length);
+ }
+
+ *krb5ticket = new5ticket;
+ return 0;
+}
+
+/*-
+ * Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
+ * and krb5 AP_REQ message & message length,
+ * Return Kerberos session key and client principle
+ * to SSL Server in KSSL_CTX *kssl_ctx.
+ *
+ * 19990702 VRS Started.
+ */
+krb5_error_code kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
+ /*
+ * IN
+ */ krb5_data *indata,
+ /*
+ * OUT
+ */ krb5_ticket_times *ttimes,
+ /*
+ * OUT
+ */ KSSL_ERR *kssl_err)
+{
+ krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+ static krb5_context krb5context = NULL;
+ static krb5_auth_context krb5auth_context = NULL;
+ krb5_ticket *krb5ticket = NULL;
+ KRB5_TKTBODY *asn1ticket = NULL;
+ const unsigned char *p;
+ krb5_keytab krb5keytab = NULL;
+ krb5_keytab_entry kt_entry;
+ krb5_principal krb5server;
+ krb5_rcache rcache = NULL;
+
+ kssl_err_set(kssl_err, 0, "");
+
+ if (!kssl_ctx) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
+ goto err;
+ }
+# ifdef KSSL_DEBUG
+ fprintf(stderr, "in kssl_sget_tkt(%s)\n",
+ kstring(kssl_ctx->service_name));
+# endif /* KSSL_DEBUG */
+
+ if (!krb5context && (krb5rc = krb5_init_context(&krb5context))) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_init_context() fails.\n");
+ goto err;
+ }
+ if (krb5auth_context &&
+ (krb5rc = krb5_auth_con_free(krb5context, krb5auth_context))) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_auth_con_free() fails.\n");
+ goto err;
+ } else
+ krb5auth_context = NULL;
+ if (!krb5auth_context &&
+ (krb5rc = krb5_auth_con_init(krb5context, &krb5auth_context))) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_auth_con_init() fails.\n");
+ goto err;
+ }
+
+ if ((krb5rc = krb5_auth_con_getrcache(krb5context, krb5auth_context,
+ &rcache))) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_auth_con_getrcache() fails.\n");
+ goto err;
+ }
+
+ if ((krb5rc = krb5_sname_to_principal(krb5context, NULL,
+ (kssl_ctx->service_name) ?
+ kssl_ctx->service_name : KRB5SVC,
+ KRB5_NT_SRV_HST,
+ &krb5server)) != 0) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_sname_to_principal() fails.\n");
+ goto err;
+ }
+
+ if (rcache == NULL) {
+ if ((krb5rc = krb5_get_server_rcache(krb5context,
+ krb5_princ_component(krb5context,
+ krb5server,
+ 0),
+ &rcache))) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_get_server_rcache() fails.\n");
+ goto err;
+ }
+ }
+
+ if ((krb5rc =
+ krb5_auth_con_setrcache(krb5context, krb5auth_context, rcache))) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_auth_con_setrcache() fails.\n");
+ goto err;
+ }
+
+ /*
+ * kssl_ctx->keytab_file == NULL ==> use Kerberos default
+ */
+ if (kssl_ctx->keytab_file) {
+ krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
+ &krb5keytab);
+ if (krb5rc) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_kt_resolve() fails.\n");
+ goto err;
+ }
+ } else {
+ krb5rc = krb5_kt_default(krb5context, &krb5keytab);
+ if (krb5rc) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "krb5_kt_default() fails.\n");
+ goto err;
+ }
+ }
+
+ /*- Actual Kerberos5 krb5_recvauth() has initial conversation here
+ * o check KRB5_SENDAUTH_BADAUTHVERS
+ * unless KRB5_RECVAUTH_SKIP_VERSION
+ * o check KRB5_SENDAUTH_BADAPPLVERS
+ * o send "0" msg if all OK
+ */
+
+ /*-
+ * 20010411 was using AP_REQ instead of true KerberosWrapper
+ *
+ * if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context,
+ * &krb5in_data, krb5server, krb5keytab,
+ * &ap_option, &krb5ticket)) != 0) { Error }
+ */
+
+ p = (unsigned char *)indata->data;
+ if ((asn1ticket = (KRB5_TKTBODY *)d2i_KRB5_TICKET(NULL, &p,
+ (long)indata->length))
+ == NULL) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "d2i_KRB5_TICKET() ASN.1 decode failure.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ goto err;
+ }
+
+ /*
+ * Was: krb5rc = krb5_decode_ticket(krb5in_data,&krb5ticket)) != 0)
+ */
+ if ((krb5rc = kssl_TKT2tkt(krb5context, asn1ticket, &krb5ticket,
+ kssl_err)) != 0) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "Error converting ASN.1 ticket to krb5_ticket.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ goto err;
+ }
+
+ if (!krb5_principal_compare(krb5context, krb5server, krb5ticket->server)) {
+ krb5rc = KRB5_PRINC_NOMATCH;
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "server principal != ticket principal\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ goto err;
+ }
+ if ((krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
+ krb5ticket->server,
+ krb5ticket->enc_part.kvno,
+ krb5ticket->enc_part.enctype,
+ &kt_entry)) != 0) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "krb5_kt_get_entry() fails with %x.\n", krb5rc);
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ goto err;
+ }
+ if ((krb5rc = krb5_decrypt_tkt_part(krb5context, &kt_entry.key,
+ krb5ticket)) != 0) {
+ BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+ "krb5_decrypt_tkt_part() failed.\n");
+ kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+ goto err;
+ } else {
+ krb5_kt_free_entry(krb5context, &kt_entry);
+# ifdef KSSL_DEBUG
+ {
+ int i;
+ krb5_address **paddr = krb5ticket->enc_part2->caddrs;
+ fprintf(stderr, "Decrypted ticket fields:\n");
+ fprintf(stderr, "\tflags: %X, transit-type: %X",
+ krb5ticket->enc_part2->flags,
+ krb5ticket->enc_part2->transited.tr_type);
+ print_krb5_data("\ttransit-data: ",
+ &(krb5ticket->enc_part2->transited.tr_contents));
+ fprintf(stderr, "\tcaddrs: %p, authdata: %p\n",
+ krb5ticket->enc_part2->caddrs,
+ krb5ticket->enc_part2->authorization_data);
+ if (paddr) {
+ fprintf(stderr, "\tcaddrs:\n");
+ for (i = 0; paddr[i] != NULL; i++) {
+ krb5_data d;
+ d.length = paddr[i]->length;
+ d.data = paddr[i]->contents;
+ print_krb5_data("\t\tIP: ", &d);
+ }
+ }
+ fprintf(stderr, "\tstart/auth/end times: %d / %d / %d\n",
+ krb5ticket->enc_part2->times.starttime,
+ krb5ticket->enc_part2->times.authtime,
+ krb5ticket->enc_part2->times.endtime);
+ }
+# endif /* KSSL_DEBUG */
+ }
+
+ krb5rc = KRB5_NO_TKT_SUPPLIED;
+ if (!krb5ticket || !krb5ticket->enc_part2 ||
+ !krb5ticket->enc_part2->client ||
+ !krb5ticket->enc_part2->client->data ||
+ !krb5ticket->enc_part2->session) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+ "bad ticket from krb5_rd_req.\n");
+ } else if (kssl_ctx_setprinc(kssl_ctx, KSSL_CLIENT,
+ &krb5ticket->enc_part2->client->realm,
+ krb5ticket->enc_part2->client->data,
+ krb5ticket->enc_part2->client->length)) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+ "kssl_ctx_setprinc() fails.\n");
+ } else if (kssl_ctx_setkey(kssl_ctx, krb5ticket->enc_part2->session)) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+ "kssl_ctx_setkey() fails.\n");
+ } else if (krb5ticket->enc_part2->flags & TKT_FLG_INVALID) {
+ krb5rc = KRB5KRB_AP_ERR_TKT_INVALID;
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+ "invalid ticket from krb5_rd_req.\n");
+ } else
+ krb5rc = 0;
+
+ kssl_ctx->enctype = krb5ticket->enc_part.enctype;
+ ttimes->authtime = krb5ticket->enc_part2->times.authtime;
+ ttimes->starttime = krb5ticket->enc_part2->times.starttime;
+ ttimes->endtime = krb5ticket->enc_part2->times.endtime;
+ ttimes->renew_till = krb5ticket->enc_part2->times.renew_till;
+
+ err:
+# ifdef KSSL_DEBUG
+ kssl_ctx_show(kssl_ctx);
+# endif /* KSSL_DEBUG */
+
+ if (asn1ticket)
+ KRB5_TICKET_free((KRB5_TICKET *) asn1ticket);
+ if (krb5keytab)
+ krb5_kt_close(krb5context, krb5keytab);
+ if (krb5ticket)
+ krb5_free_ticket(krb5context, krb5ticket);
+ if (krb5server)
+ krb5_free_principal(krb5context, krb5server);
+ return (krb5rc);
+}
+
+/*
+ * Allocate & return a new kssl_ctx struct.
+ */
+KSSL_CTX *kssl_ctx_new(void)
+{
+ return ((KSSL_CTX *)kssl_calloc(1, sizeof(KSSL_CTX)));
+}
+
+/*
+ * Frees a kssl_ctx struct and any allocated memory it holds. Returns NULL.
+ */
+KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx)
+{
+ if (kssl_ctx == NULL)
+ return kssl_ctx;
+
+ if (kssl_ctx->key)
+ OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
+ if (kssl_ctx->key)
+ kssl_free(kssl_ctx->key);
+ if (kssl_ctx->client_princ)
+ kssl_free(kssl_ctx->client_princ);
+ if (kssl_ctx->service_host)
+ kssl_free(kssl_ctx->service_host);
+ if (kssl_ctx->service_name)
+ kssl_free(kssl_ctx->service_name);
+ if (kssl_ctx->keytab_file)
+ kssl_free(kssl_ctx->keytab_file);
+
+ kssl_free(kssl_ctx);
+ return (KSSL_CTX *)NULL;
+}
+
+/*
+ * Given an array of (krb5_data *) entity (and optional realm), set the plain
+ * (char *) client_princ or service_host member of the kssl_ctx struct.
+ */
+krb5_error_code
+kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
+ krb5_data *realm, krb5_data *entity, int nentities)
+{
+ char **princ;
+ int length;
+ int i;
+
+ if (kssl_ctx == NULL || entity == NULL)
+ return KSSL_CTX_ERR;
+
+ switch (which) {
+ case KSSL_CLIENT:
+ princ = &kssl_ctx->client_princ;
+ break;
+ case KSSL_SERVER:
+ princ = &kssl_ctx->service_host;
+ break;
+ default:
+ return KSSL_CTX_ERR;
+ break;
+ }
+ if (*princ)
+ kssl_free(*princ);
+
+ /* Add up all the entity->lengths */
+ length = 0;
+ for (i = 0; i < nentities; i++) {
+ length += entity[i].length;
+ }
+ /* Add in space for the '/' character(s) (if any) */
+ length += nentities - 1;
+ /* Space for the ('@'+realm+NULL | NULL) */
+ length += ((realm) ? realm->length + 2 : 1);
+
+ if ((*princ = kssl_calloc(1, length)) == NULL)
+ return KSSL_CTX_ERR;
+ else {
+ for (i = 0; i < nentities; i++) {
+ strncat(*princ, entity[i].data, entity[i].length);
+ if (i < nentities - 1) {
+ strcat(*princ, "/");
+ }
+ }
+ if (realm) {
+ strcat(*princ, "@");
+ (void)strncat(*princ, realm->data, realm->length);
+ }
+ }
+
+ return KSSL_CTX_OK;
+}
+
+/*- Set one of the plain (char *) string members of the kssl_ctx struct.
+ * Default values should be:
+ * which == KSSL_SERVICE => "khost" (KRB5SVC)
+ * which == KSSL_KEYTAB => "/etc/krb5.keytab" (KRB5KEYTAB)
+ */
+krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
+{
+ char **string;
+
+ if (!kssl_ctx)
+ return KSSL_CTX_ERR;
+
+ switch (which) {
+ case KSSL_SERVICE:
+ string = &kssl_ctx->service_name;
+ break;
+ case KSSL_SERVER:
+ string = &kssl_ctx->service_host;
+ break;
+ case KSSL_CLIENT:
+ string = &kssl_ctx->client_princ;
+ break;
+ case KSSL_KEYTAB:
+ string = &kssl_ctx->keytab_file;
+ break;
+ default:
+ return KSSL_CTX_ERR;
+ break;
+ }
+ if (*string)
+ kssl_free(*string);
+
+ if (!text) {
+ *string = '\0';
+ return KSSL_CTX_OK;
+ }
+
+ if ((*string = kssl_calloc(1, strlen(text) + 1)) == NULL)
+ return KSSL_CTX_ERR;
+ else
+ strcpy(*string, text);
+
+ return KSSL_CTX_OK;
+}
+
+/*
+ * Copy the Kerberos session key from a (krb5_keyblock *) to a kssl_ctx
+ * struct. Clear kssl_ctx->key if Kerberos session key is NULL.
+ */
+krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
+{
+ int length;
+ krb5_enctype enctype;
+ krb5_octet FAR *contents = NULL;
+
+ if (!kssl_ctx)
+ return KSSL_CTX_ERR;
+
+ if (kssl_ctx->key) {
+ OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
+ kssl_free(kssl_ctx->key);
+ }
+
+ if (session) {
+
+# ifdef KRB5_HEIMDAL
+ length = session->keyvalue->length;
+ enctype = session->keytype;
+ contents = session->keyvalue->contents;
+# else
+ length = session->length;
+ enctype = session->enctype;
+ contents = session->contents;
+# endif
+ kssl_ctx->enctype = enctype;
+ kssl_ctx->length = length;
+ } else {
+ kssl_ctx->enctype = ENCTYPE_UNKNOWN;
+ kssl_ctx->length = 0;
+ return KSSL_CTX_OK;
+ }
+
+ if ((kssl_ctx->key =
+ (krb5_octet FAR *)kssl_calloc(1, kssl_ctx->length)) == NULL) {
+ kssl_ctx->length = 0;
+ return KSSL_CTX_ERR;
+ } else
+ memcpy(kssl_ctx->key, contents, length);
+
+ return KSSL_CTX_OK;
+}
+
+/*
+ * Display contents of kssl_ctx struct
+ */
+void kssl_ctx_show(KSSL_CTX *kssl_ctx)
+{
+ int i;
+
+ printf("kssl_ctx: ");
+ if (kssl_ctx == NULL) {
+ printf("NULL\n");
+ return;
+ } else
+ printf("%p\n", (void *)kssl_ctx);
+
+ printf("\tservice:\t%s\n",
+ (kssl_ctx->service_name) ? kssl_ctx->service_name : "NULL");
+ printf("\tclient:\t%s\n",
+ (kssl_ctx->client_princ) ? kssl_ctx->client_princ : "NULL");
+ printf("\tserver:\t%s\n",
+ (kssl_ctx->service_host) ? kssl_ctx->service_host : "NULL");
+ printf("\tkeytab:\t%s\n",
+ (kssl_ctx->keytab_file) ? kssl_ctx->keytab_file : "NULL");
+ printf("\tkey [%d:%d]:\t", kssl_ctx->enctype, kssl_ctx->length);
+
+ for (i = 0; i < kssl_ctx->length && kssl_ctx->key; i++) {
+ printf("%02x", kssl_ctx->key[i]);
+ }
+ printf("\n");
+ return;
+}
+
+int kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
+{
+ krb5_context krb5context = NULL;
+ krb5_keytab krb5keytab = NULL;
+ krb5_keytab_entry entry;
+ krb5_principal princ = NULL;
+ krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+ int rc = 0;
+
+ if ((krb5rc = krb5_init_context(&krb5context)))
+ return (0);
+
+ /*
+ * kssl_ctx->keytab_file == NULL ==> use Kerberos default
+ */
+ if (kssl_ctx->keytab_file) {
+ krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
+ &krb5keytab);
+ if (krb5rc)
+ goto exit;
+ } else {
+ krb5rc = krb5_kt_default(krb5context, &krb5keytab);
+ if (krb5rc)
+ goto exit;
+ }
+
+ /* the host key we are looking for */
+ krb5rc = krb5_sname_to_principal(krb5context, NULL,
+ kssl_ctx->
+ service_name ? kssl_ctx->service_name :
+ KRB5SVC, KRB5_NT_SRV_HST, &princ);
+
+ if (krb5rc)
+ goto exit;
+
+ krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, princ,
+ /* IGNORE_VNO */
+ 0,
+ /* IGNORE_ENCTYPE */
+ 0, &entry);
+ if (krb5rc == KRB5_KT_NOTFOUND) {
+ rc = 1;
+ goto exit;
+ } else if (krb5rc)
+ goto exit;
+
+ krb5_kt_free_entry(krb5context, &entry);
+ rc = 1;
+
+ exit:
+ if (krb5keytab)
+ krb5_kt_close(krb5context, krb5keytab);
+ if (princ)
+ krb5_free_principal(krb5context, princ);
+ if (krb5context)
+ krb5_free_context(krb5context);
+ return (rc);
+}
+
+int kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
+{
+ krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+ krb5_context krb5context = NULL;
+ krb5_ccache krb5ccdef = NULL;
+ krb5_creds krb5creds, *krb5credsp = NULL;
+ int rc = 0;
+
+ memset((char *)&krb5creds, 0, sizeof(krb5creds));
+
+ if (!kssl_ctx)
+ return (0);
+
+ if (!kssl_ctx->service_host)
+ return (0);
+
+ if ((krb5rc = krb5_init_context(&krb5context)) != 0)
+ goto err;
+
+ if ((krb5rc = krb5_sname_to_principal(krb5context,
+ kssl_ctx->service_host,
+ (kssl_ctx->service_name) ?
+ kssl_ctx->service_name : KRB5SVC,
+ KRB5_NT_SRV_HST,
+ &krb5creds.server)) != 0)
+ goto err;
+
+ if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0)
+ goto err;
+
+ if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
+ &krb5creds.client)) != 0)
+ goto err;
+
+ if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
+ &krb5creds, &krb5credsp)) != 0)
+ goto err;
+
+ rc = 1;
+
+ err:
+# ifdef KSSL_DEBUG
+ kssl_ctx_show(kssl_ctx);
+# endif /* KSSL_DEBUG */
+
+ if (krb5creds.client)
+ krb5_free_principal(krb5context, krb5creds.client);
+ if (krb5creds.server)
+ krb5_free_principal(krb5context, krb5creds.server);
+ if (krb5context)
+ krb5_free_context(krb5context);
+ return (rc);
+}
+
+# if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WIN32)
+void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
+{
+# ifdef KRB5_HEIMDAL
+ data->length = 0;
+ if (data->data)
+ free(data->data);
+# elif defined(KRB5_MIT_OLD11)
+ if (data->data) {
+ krb5_xfree(data->data);
+ data->data = 0;
+ }
+# else
+ krb5_free_data_contents(NULL, data);
+# endif
+}
+# endif
+/* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
+
+/*
+ * Given pointers to KerberosTime and struct tm structs, convert the
+ * KerberosTime string to struct tm. Note that KerberosTime is a
+ * ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional seconds
+ * as defined in RFC 1510. Return pointer to the (partially) filled in
+ * struct tm on success, return NULL on failure.
+ */
+static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+{
+ char c, *p;
+
+ if (!k_tm)
+ return NULL;
+ if (gtime == NULL || gtime->length < 14)
+ return NULL;
+ if (gtime->data == NULL)
+ return NULL;
+
+ p = (char *)>ime->data[14];
+
+ c = *p;
+ *p = '\0';
+ p -= 2;
+ k_tm->tm_sec = atoi(p);
+ *(p + 2) = c;
+ c = *p;
+ *p = '\0';
+ p -= 2;
+ k_tm->tm_min = atoi(p);
+ *(p + 2) = c;
+ c = *p;
+ *p = '\0';
+ p -= 2;
+ k_tm->tm_hour = atoi(p);
+ *(p + 2) = c;
+ c = *p;
+ *p = '\0';
+ p -= 2;
+ k_tm->tm_mday = atoi(p);
+ *(p + 2) = c;
+ c = *p;
+ *p = '\0';
+ p -= 2;
+ k_tm->tm_mon = atoi(p) - 1;
+ *(p + 2) = c;
+ c = *p;
+ *p = '\0';
+ p -= 4;
+ k_tm->tm_year = atoi(p) - 1900;
+ *(p + 4) = c;
+
+ return k_tm;
+}
+
+/*
+ * Helper function for kssl_validate_times(). We need context->clockskew,
+ * but krb5_context is an opaque struct. So we try to sneek the clockskew
+ * out through the replay cache. If that fails just return a likely default
+ * (300 seconds).
+ */
+static krb5_deltat get_rc_clockskew(krb5_context context)
+{
+ krb5_rcache rc;
+ krb5_deltat clockskew;
+
+ if (krb5_rc_default(context, &rc))
+ return KSSL_CLOCKSKEW;
+ if (krb5_rc_initialize(context, rc, 0))
+ return KSSL_CLOCKSKEW;
+ if (krb5_rc_get_lifespan(context, rc, &clockskew)) {
+ clockskew = KSSL_CLOCKSKEW;
+ }
+ (void)krb5_rc_destroy(context, rc);
+ return clockskew;
+}
+
+/*
+ * kssl_validate_times() combines (and more importantly exposes) the MIT KRB5
+ * internal function krb5_validate_times() and the in_clock_skew() macro.
+ * The authenticator client time is checked to be within clockskew secs of
+ * the current time and the current time is checked to be within the ticket
+ * start and expire times. Either check may be omitted by supplying a NULL
+ * value. Returns 0 for valid times, SSL_R_KRB5* error codes otherwise. See
+ * Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c 20010420 VRS
+ */
+krb5_error_code kssl_validate_times(krb5_timestamp atime,
+ krb5_ticket_times *ttimes)
+{
+ krb5_deltat skew;
+ krb5_timestamp start, now;
+ krb5_error_code rc;
+ krb5_context context;
+
+ if ((rc = krb5_init_context(&context)))
+ return SSL_R_KRB5_S_BAD_TICKET;
+ skew = get_rc_clockskew(context);
+ if ((rc = krb5_timeofday(context, &now)))
+ return SSL_R_KRB5_S_BAD_TICKET;
+ krb5_free_context(context);
+
+ if (atime && labs(atime - now) >= skew)
+ return SSL_R_KRB5_S_TKT_SKEW;
+
+ if (!ttimes)
+ return 0;
+
+ start = (ttimes->starttime != 0) ? ttimes->starttime : ttimes->authtime;
+ if (start - now > skew)
+ return SSL_R_KRB5_S_TKT_NYV;
+ if ((now - ttimes->endtime) > skew)
+ return SSL_R_KRB5_S_TKT_EXPIRED;
+
+# ifdef KSSL_DEBUG
+ fprintf(stderr, "kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
+ start, atime, now, skew, ttimes->endtime);
+# endif /* KSSL_DEBUG */
+
+ return 0;
+}
+
+/*
+ * Decode and decrypt given DER-encoded authenticator, then pass
+ * authenticator ctime back in *atimep (or 0 if time unavailable). Returns
+ * krb5_error_code and kssl_err on error. A NULL authenticator
+ * (authentp->length == 0) is not considered an error. Note that
+ * kssl_check_authent() makes use of the KRB5 session key; you must call
+ * kssl_sget_tkt() to get the key before calling this routine.
+ */
+krb5_error_code kssl_check_authent(
+ /*
+ * IN
+ */ KSSL_CTX *kssl_ctx,
+ /*
+ * IN
+ */ krb5_data *authentp,
+ /*
+ * OUT
+ */ krb5_timestamp *atimep,
+ /*
+ * OUT
+ */ KSSL_ERR *kssl_err)
+{
+ krb5_error_code krb5rc = 0;
+ KRB5_ENCDATA *dec_authent = NULL;
+ KRB5_AUTHENTBODY *auth = NULL;
+ krb5_enctype enctype;
+ EVP_CIPHER_CTX ciph_ctx;
+ const EVP_CIPHER *enc = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ const unsigned char *p;
+ unsigned char *unenc_authent;
+ int outl, unencbufsize;
+ struct tm tm_time, *tm_l, *tm_g;
+ time_t now, tl, tg, tr, tz_offset;
+
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+ *atimep = 0;
+ kssl_err_set(kssl_err, 0, "");
+
+# ifndef KRB5CHECKAUTH
+ authentp = NULL;
+# else
+# if KRB5CHECKAUTH == 0
+ authentp = NULL;
+# endif
+# endif /* KRB5CHECKAUTH */
+
+ if (authentp == NULL || authentp->length == 0)
+ return 0;
+
+# ifdef KSSL_DEBUG
+ {
+ unsigned int ui;
+ fprintf(stderr, "kssl_check_authent: authenticator[%d]:\n",
+ authentp->length);
+ p = authentp->data;
+ for (ui = 0; ui < authentp->length; ui++)
+ fprintf(stderr, "%02x ", p[ui]);
+ fprintf(stderr, "\n");
+ }
+# endif /* KSSL_DEBUG */
+
+ unencbufsize = 2 * authentp->length;
+ if ((unenc_authent = calloc(1, unencbufsize)) == NULL) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "Unable to allocate authenticator buffer.\n");
+ krb5rc = KRB5KRB_ERR_GENERIC;
+ goto err;
+ }
+
+ p = (unsigned char *)authentp->data;
+ if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
+ (long)authentp->length)) == NULL) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "Error decoding authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+
+ enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
+# if !defined(KRB5_MIT_OLD11)
+ switch (enctype) {
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+ case ENCTYPE_DES3_CBC_SHA:
+ case ENCTYPE_DES3_CBC_RAW:
+ krb5rc = 0; /* Skip, can't handle derived keys */
+ goto err;
+ }
+# endif
+ enc = kssl_map_enc(enctype);
+ memset(iv, 0, sizeof iv); /* per RFC 1510 */
+
+ if (enc == NULL) {
+ /*
+ * Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1. This
+ * enctype indicates the authenticator was encrypted using key-usage
+ * derived keys which openssl cannot decrypt.
+ */
+ goto err;
+ }
+
+ if (!EVP_CipherInit(&ciph_ctx, enc, kssl_ctx->key, iv, 0)) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_CipherInit error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ outl = dec_authent->cipher->length;
+ if (!EVP_Cipher
+ (&ciph_ctx, unenc_authent, dec_authent->cipher->data, outl)) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_Cipher error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+# ifdef KSSL_DEBUG
+ {
+ int padl;
+ fprintf(stderr, "kssl_check_authent: decrypted authenticator[%d] =\n",
+ outl);
+ for (padl = 0; padl < outl; padl++)
+ fprintf(stderr, "%02x ", unenc_authent[padl]);
+ fprintf(stderr, "\n");
+ }
+# endif /* KSSL_DEBUG */
+
+ if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "confounded by authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ outl -= p - unenc_authent;
+
+ if ((auth = (KRB5_AUTHENTBODY *)d2i_KRB5_AUTHENT(NULL, &p,
+ (long)outl)) == NULL) {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "Error decoding authenticator body.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+
+ memset(&tm_time, 0, sizeof(struct tm));
+ if (k_gmtime(auth->ctime, &tm_time) &&
+ ((tr = mktime(&tm_time)) != (time_t)(-1))) {
+ now = time(&now);
+ tm_l = localtime(&now);
+ tl = mktime(tm_l);
+ tm_g = gmtime(&now);
+ tg = mktime(tm_g);
+ tz_offset = tg - tl;
+
+ *atimep = (krb5_timestamp)(tr - tz_offset);
+ }
+# ifdef KSSL_DEBUG
+ fprintf(stderr, "kssl_check_authent: returns %d for client time ",
+ *atimep);
+ if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
+ fprintf(stderr, "%.*s\n", auth->ctime->length, auth->ctime->data);
+ else
+ fprintf(stderr, "NULL\n");
+# endif /* KSSL_DEBUG */
+
+ err:
+ if (auth)
+ KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
+ if (dec_authent)
+ KRB5_ENCDATA_free(dec_authent);
+ if (unenc_authent)
+ free(unenc_authent);
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+ return krb5rc;
+}
+
+/*
+ * Replaces krb5_build_principal_ext(), with varargs length == 2 (svc, host),
+ * because I don't know how to stub varargs. Returns krb5_error_code ==
+ * ENOMEM on alloc error, otherwise passes back newly constructed principal,
+ * which should be freed by caller.
+ */
+krb5_error_code kssl_build_principal_2(
+ /*
+ * UPDATE
+ */ krb5_context context,
+ /*
+ * OUT
+ */ krb5_principal *princ,
+ /*
+ * IN
+ */ int rlen, const char *realm,
+ /*
+ * IN
+ */ int slen, const char *svc,
+ /*
+ * IN
+ */ int hlen, const char *host)
+{
+ krb5_data *p_data = NULL;
+ krb5_principal new_p = NULL;
+ char *new_r = NULL;
+
+ if ((p_data = (krb5_data *)calloc(2, sizeof(krb5_data))) == NULL ||
+ (new_p = (krb5_principal)calloc(1, sizeof(krb5_principal_data)))
+ == NULL)
+ goto err;
+ new_p->length = 2;
+ new_p->data = p_data;
+
+ if ((new_r = calloc(1, rlen + 1)) == NULL)
+ goto err;
+ memcpy(new_r, realm, rlen);
+ krb5_princ_set_realm_length(context, new_p, rlen);
+ krb5_princ_set_realm_data(context, new_p, new_r);
+
+ if ((new_p->data[0].data = calloc(1, slen + 1)) == NULL)
+ goto err;
+ memcpy(new_p->data[0].data, svc, slen);
+ new_p->data[0].length = slen;
+
+ if ((new_p->data[1].data = calloc(1, hlen + 1)) == NULL)
+ goto err;
+ memcpy(new_p->data[1].data, host, hlen);
+ new_p->data[1].length = hlen;
+
+ krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
+ *princ = new_p;
+ return 0;
+
+ err:
+ if (new_p && new_p[0].data)
+ free(new_p[0].data);
+ if (new_p && new_p[1].data)
+ free(new_p[1].data);
+ if (new_p)
+ free(new_p);
+ if (new_r)
+ free(new_r);
+ return ENOMEM;
+}
+
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
+{
+ s->kssl_ctx = kctx;
+}
+
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s)
+{
+ return s->kssl_ctx;
+}
+
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
+{
+ if (kctx)
+ return kctx->client_princ;
+ return NULL;
+}
+
+#else /* !OPENSSL_NO_KRB5 */
+
+# if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
+static void *dummy = &dummy;
+# endif
+
+#endif /* !OPENSSL_NO_KRB5 */
Deleted: vendor-crypto/openssl/1.0.1u/ssl/kssl.h
===================================================================
--- vendor-crypto/openssl/dist/ssl/kssl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/kssl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,197 +0,0 @@
-/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Vern Staats <staatsvr at asc.hpc.mil> for the OpenSSL project
- * 2000. project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- ** 19990701 VRS Started.
- */
-
-#ifndef KSSL_H
-# define KSSL_H
-
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_KRB5
-
-# include <stdio.h>
-# include <ctype.h>
-# include <krb5.h>
-# ifdef OPENSSL_SYS_WIN32
-/*
- * These can sometimes get redefined indirectly by krb5 header files after
- * they get undefed in ossl_typ.h
- */
-# undef X509_NAME
-# undef X509_EXTENSIONS
-# undef OCSP_REQUEST
-# undef OCSP_RESPONSE
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Depending on which KRB5 implementation used, some types from
- * the other may be missing. Resolve that here and now
- */
-# ifdef KRB5_HEIMDAL
-typedef unsigned char krb5_octet;
-# define FAR
-# else
-
-# ifndef FAR
-# define FAR
-# endif
-
-# endif
-
-/*-
- * Uncomment this to debug kssl problems or
- * to trace usage of the Kerberos session key
- *
- * #define KSSL_DEBUG
- */
-
-# ifndef KRB5SVC
-# define KRB5SVC "host"
-# endif
-
-# ifndef KRB5KEYTAB
-# define KRB5KEYTAB "/etc/krb5.keytab"
-# endif
-
-# ifndef KRB5SENDAUTH
-# define KRB5SENDAUTH 1
-# endif
-
-# ifndef KRB5CHECKAUTH
-# define KRB5CHECKAUTH 1
-# endif
-
-# ifndef KSSL_CLOCKSKEW
-# define KSSL_CLOCKSKEW 300;
-# endif
-
-# define KSSL_ERR_MAX 255
-typedef struct kssl_err_st {
- int reason;
- char text[KSSL_ERR_MAX + 1];
-} KSSL_ERR;
-
-/*- Context for passing
- * (1) Kerberos session key to SSL, and
- * (2) Config data between application and SSL lib
- */
-typedef struct kssl_ctx_st {
- /* used by: disposition: */
- char *service_name; /* C,S default ok (kssl) */
- char *service_host; /* C input, REQUIRED */
- char *client_princ; /* S output from krb5 ticket */
- char *keytab_file; /* S NULL (/etc/krb5.keytab) */
- char *cred_cache; /* C NULL (default) */
- krb5_enctype enctype;
- int length;
- krb5_octet FAR *key;
-} KSSL_CTX;
-
-# define KSSL_CLIENT 1
-# define KSSL_SERVER 2
-# define KSSL_SERVICE 3
-# define KSSL_KEYTAB 4
-
-# define KSSL_CTX_OK 0
-# define KSSL_CTX_ERR 1
-# define KSSL_NOMEM 2
-
-/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
-KSSL_CTX *kssl_ctx_new(void);
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
-void kssl_ctx_show(KSSL_CTX *kssl_ctx);
-krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
- krb5_data *realm, krb5_data *entity,
- int nentities);
-krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
- krb5_data *authenp, KSSL_ERR *kssl_err);
-krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
- krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
-void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
-krb5_error_code kssl_build_principal_2(krb5_context context,
- krb5_principal *princ, int rlen,
- const char *realm, int slen,
- const char *svc, int hlen,
- const char *host);
-krb5_error_code kssl_validate_times(krb5_timestamp atime,
- krb5_ticket_times *ttimes);
-krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
- krb5_timestamp *atimep,
- KSSL_ERR *kssl_err);
-unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
-
-void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
-KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
-char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
-
-#ifdef __cplusplus
-}
-#endif
-# endif /* OPENSSL_NO_KRB5 */
-#endif /* KSSL_H */
Copied: vendor-crypto/openssl/1.0.1u/ssl/kssl.h (from rev 11605, vendor-crypto/openssl/dist/ssl/kssl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/kssl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/kssl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,197 @@
+/* ssl/kssl.h */
+/*
+ * Written by Vern Staats <staatsvr at asc.hpc.mil> for the OpenSSL project
+ * 2000. project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ ** 19990701 VRS Started.
+ */
+
+#ifndef KSSL_H
+# define KSSL_H
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_KRB5
+
+# include <stdio.h>
+# include <ctype.h>
+# include <krb5.h>
+# ifdef OPENSSL_SYS_WIN32
+/*
+ * These can sometimes get redefined indirectly by krb5 header files after
+ * they get undefed in ossl_typ.h
+ */
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# undef OCSP_REQUEST
+# undef OCSP_RESPONSE
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Depending on which KRB5 implementation used, some types from
+ * the other may be missing. Resolve that here and now
+ */
+# ifdef KRB5_HEIMDAL
+typedef unsigned char krb5_octet;
+# define FAR
+# else
+
+# ifndef FAR
+# define FAR
+# endif
+
+# endif
+
+/*-
+ * Uncomment this to debug kssl problems or
+ * to trace usage of the Kerberos session key
+ *
+ * #define KSSL_DEBUG
+ */
+
+# ifndef KRB5SVC
+# define KRB5SVC "host"
+# endif
+
+# ifndef KRB5KEYTAB
+# define KRB5KEYTAB "/etc/krb5.keytab"
+# endif
+
+# ifndef KRB5SENDAUTH
+# define KRB5SENDAUTH 1
+# endif
+
+# ifndef KRB5CHECKAUTH
+# define KRB5CHECKAUTH 1
+# endif
+
+# ifndef KSSL_CLOCKSKEW
+# define KSSL_CLOCKSKEW 300;
+# endif
+
+# define KSSL_ERR_MAX 255
+typedef struct kssl_err_st {
+ int reason;
+ char text[KSSL_ERR_MAX + 1];
+} KSSL_ERR;
+
+/*- Context for passing
+ * (1) Kerberos session key to SSL, and
+ * (2) Config data between application and SSL lib
+ */
+typedef struct kssl_ctx_st {
+ /* used by: disposition: */
+ char *service_name; /* C,S default ok (kssl) */
+ char *service_host; /* C input, REQUIRED */
+ char *client_princ; /* S output from krb5 ticket */
+ char *keytab_file; /* S NULL (/etc/krb5.keytab) */
+ char *cred_cache; /* C NULL (default) */
+ krb5_enctype enctype;
+ int length;
+ krb5_octet FAR *key;
+} KSSL_CTX;
+
+# define KSSL_CLIENT 1
+# define KSSL_SERVER 2
+# define KSSL_SERVICE 3
+# define KSSL_KEYTAB 4
+
+# define KSSL_CTX_OK 0
+# define KSSL_CTX_ERR 1
+# define KSSL_NOMEM 2
+
+/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
+krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
+KSSL_CTX *kssl_ctx_new(void);
+KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
+void kssl_ctx_show(KSSL_CTX *kssl_ctx);
+krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
+ krb5_data *realm, krb5_data *entity,
+ int nentities);
+krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
+ krb5_data *authenp, KSSL_ERR *kssl_err);
+krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
+ krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
+krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
+void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
+void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
+krb5_error_code kssl_build_principal_2(krb5_context context,
+ krb5_principal *princ, int rlen,
+ const char *realm, int slen,
+ const char *svc, int hlen,
+ const char *host);
+krb5_error_code kssl_validate_times(krb5_timestamp atime,
+ krb5_ticket_times *ttimes);
+krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
+ krb5_timestamp *atimep,
+ KSSL_ERR *kssl_err);
+unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
+
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
+
+#ifdef __cplusplus
+}
+#endif
+# endif /* OPENSSL_NO_KRB5 */
+#endif /* KSSL_H */
Deleted: vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h
===================================================================
--- vendor-crypto/openssl/dist/ssl/kssl_lcl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,88 +0,0 @@
-/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Vern Staats <staatsvr at asc.hpc.mil> for the OpenSSL project
- * 2000. project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef KSSL_LCL_H
-# define KSSL_LCL_H
-
-# include <openssl/kssl.h>
-
-# ifndef OPENSSL_NO_KRB5
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Private (internal to OpenSSL) */
-void print_krb5_data(char *label, krb5_data *kdata);
-void print_krb5_authdata(char *label, krb5_authdata **adata);
-void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
-
-char *kstring(char *string);
-char *knumber(int len, krb5_octet *contents);
-
-const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
-
-int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
-int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
-
-#ifdef __cplusplus
-}
-#endif
-# endif /* OPENSSL_NO_KRB5 */
-#endif /* KSSL_LCL_H */
Copied: vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h (from rev 11605, vendor-crypto/openssl/dist/ssl/kssl_lcl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/kssl_lcl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,88 @@
+/* ssl/kssl.h */
+/*
+ * Written by Vern Staats <staatsvr at asc.hpc.mil> for the OpenSSL project
+ * 2000. project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#ifndef KSSL_LCL_H
+# define KSSL_LCL_H
+
+# include <openssl/kssl.h>
+
+# ifndef OPENSSL_NO_KRB5
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Private (internal to OpenSSL) */
+void print_krb5_data(char *label, krb5_data *kdata);
+void print_krb5_authdata(char *label, krb5_authdata **adata);
+void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
+
+char *kstring(char *string);
+char *knumber(int len, krb5_octet *contents);
+
+const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
+
+int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
+int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
+
+#ifdef __cplusplus
+}
+#endif
+# endif /* OPENSSL_NO_KRB5 */
+#endif /* KSSL_LCL_H */
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s23_clnt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,790 +0,0 @@
-/* ssl/s23_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static const SSL_METHOD *ssl23_get_client_method(int ver);
-static int ssl23_client_hello(SSL *s);
-static int ssl23_get_server_hello(SSL *s);
-static const SSL_METHOD *ssl23_get_client_method(int ver)
-{
-#ifndef OPENSSL_NO_SSL2
- if (ver == SSL2_VERSION)
- return (SSLv2_client_method());
-#endif
-#ifndef OPENSSL_NO_SSL3
- if (ver == SSL3_VERSION)
- return (SSLv3_client_method());
-#endif
- if (ver == TLS1_VERSION)
- return (TLSv1_client_method());
- else if (ver == TLS1_1_VERSION)
- return (TLSv1_1_client_method());
- else if (ver == TLS1_2_VERSION)
- return (TLSv1_2_client_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
- ssl_undefined_function,
- ssl23_connect, ssl23_get_client_method)
-
-int ssl23_connect(SSL *s)
-{
- BUF_MEM *buf = NULL;
- unsigned long Time = (unsigned long)time(NULL);
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int ret = -1;
- int new_state, state;
-
- RAND_add(&Time, sizeof(Time), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_BEFORE:
- case SSL_ST_CONNECT:
- case SSL_ST_BEFORE | SSL_ST_CONNECT:
- case SSL_ST_OK | SSL_ST_CONNECT:
-
- if (s->session != NULL) {
- SSLerr(SSL_F_SSL23_CONNECT,
- SSL_R_SSL23_DOING_SESSION_ID_REUSE);
- ret = -1;
- goto end;
- }
- s->server = 0;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- /* s->version=TLS1_VERSION; */
- s->type = SSL_ST_CONNECT;
-
- if (s->init_buf == NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- ret = -1;
- goto end;
- }
- if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
- ret = -1;
- goto end;
- }
- s->init_buf = buf;
- buf = NULL;
- }
-
- if (!ssl3_setup_buffers(s)) {
- ret = -1;
- goto end;
- }
-
- ssl3_init_finished_mac(s);
-
- s->state = SSL23_ST_CW_CLNT_HELLO_A;
- s->ctx->stats.sess_connect++;
- s->init_num = 0;
- break;
-
- case SSL23_ST_CW_CLNT_HELLO_A:
- case SSL23_ST_CW_CLNT_HELLO_B:
-
- s->shutdown = 0;
- ret = ssl23_client_hello(s);
- if (ret <= 0)
- goto end;
- s->state = SSL23_ST_CR_SRVR_HELLO_A;
- s->init_num = 0;
-
- break;
-
- case SSL23_ST_CR_SRVR_HELLO_A:
- case SSL23_ST_CR_SRVR_HELLO_B:
- ret = ssl23_get_server_hello(s);
- if (ret >= 0)
- cb = NULL;
- goto end;
- /* break; */
-
- default:
- SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
- ret = -1;
- goto end;
- /* break; */
- }
-
- if (s->debug) {
- (void)BIO_flush(s->wbio);
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_CONNECT_LOOP, 1);
- s->state = new_state;
- }
- }
- end:
- s->in_handshake--;
- if (buf != NULL)
- BUF_MEM_free(buf);
- if (cb != NULL)
- cb(s, SSL_CB_CONNECT_EXIT, ret);
- return (ret);
-}
-
-static int ssl23_no_ssl2_ciphers(SSL *s)
-{
- SSL_CIPHER *cipher;
- STACK_OF(SSL_CIPHER) *ciphers;
- int i;
- ciphers = SSL_get_ciphers(s);
- for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
- cipher = sk_SSL_CIPHER_value(ciphers, i);
- if (cipher->algorithm_ssl == SSL_SSLV2)
- return 0;
- }
- return 1;
-}
-
-/*
- * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
- * failure, 1 on success.
- */
-int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
-{
- int send_time = 0;
-
- if (len < 4)
- return 0;
- if (server)
- send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
- else
- send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
- if (send_time) {
- unsigned long Time = (unsigned long)time(NULL);
- unsigned char *p = result;
- l2n(Time, p);
- return RAND_pseudo_bytes(p, len - 4);
- } else
- return RAND_pseudo_bytes(result, len);
-}
-
-static int ssl23_client_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- int i, ch_len;
- unsigned long l;
- int ssl2_compat;
- int version = 0, version_major, version_minor;
-#ifndef OPENSSL_NO_COMP
- int j;
- SSL_COMP *comp;
-#endif
- int ret;
- unsigned long mask, options = s->options;
-
- ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
-
- if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
- ssl2_compat = 0;
-
- /*
- * SSL_OP_NO_X disables all protocols above X *if* there are
- * some protocols below X enabled. This is required in order
- * to maintain "version capability" vector contiguous. So
- * that if application wants to disable TLS1.0 in favour of
- * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
- * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
- */
- mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
-#if !defined(OPENSSL_NO_SSL3)
- | SSL_OP_NO_SSLv3
-#endif
-#if !defined(OPENSSL_NO_SSL2)
- | (ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
-#endif
- ;
-#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
- version = TLS1_2_VERSION;
-
- if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
- version = TLS1_1_VERSION;
-#else
- version = TLS1_1_VERSION;
-#endif
- mask &= ~SSL_OP_NO_TLSv1_1;
- if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
- version = TLS1_VERSION;
- mask &= ~SSL_OP_NO_TLSv1;
-#if !defined(OPENSSL_NO_SSL3)
- if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
- version = SSL3_VERSION;
- mask &= ~SSL_OP_NO_SSLv3;
-#endif
-#if !defined(OPENSSL_NO_SSL2)
- if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
- version = SSL2_VERSION;
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
- if (version != SSL2_VERSION) {
- /*
- * have to disable SSL 2.0 compatibility if we need TLS extensions
- */
-
- if (s->tlsext_hostname != NULL)
- ssl2_compat = 0;
- if (s->tlsext_status_type != -1)
- ssl2_compat = 0;
-# ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->ctx->tlsext_opaque_prf_input_callback != 0
- || s->tlsext_opaque_prf_input != NULL)
- ssl2_compat = 0;
-# endif
- }
-#endif
-
- buf = (unsigned char *)s->init_buf->data;
- if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
- /*
- * Since we're sending s23 client hello, we're not reusing a session, as
- * we'd be using the method from the saved session instead
- */
- if (!ssl_get_new_session(s, 0)) {
- return -1;
- }
-
- p = s->s3->client_random;
- if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
- return -1;
-
- if (version == TLS1_2_VERSION) {
- version_major = TLS1_2_VERSION_MAJOR;
- version_minor = TLS1_2_VERSION_MINOR;
- } else if (version == TLS1_1_VERSION) {
- version_major = TLS1_1_VERSION_MAJOR;
- version_minor = TLS1_1_VERSION_MINOR;
- } else if (version == TLS1_VERSION) {
- version_major = TLS1_VERSION_MAJOR;
- version_minor = TLS1_VERSION_MINOR;
- }
-#ifdef OPENSSL_FIPS
- else if (FIPS_mode()) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO,
- SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
- return -1;
- }
-#endif
- else if (version == SSL3_VERSION) {
- version_major = SSL3_VERSION_MAJOR;
- version_minor = SSL3_VERSION_MINOR;
- } else if (version == SSL2_VERSION) {
- version_major = SSL2_VERSION_MAJOR;
- version_minor = SSL2_VERSION_MINOR;
- } else {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
- return (-1);
- }
-
- s->client_version = version;
-
- if (ssl2_compat) {
- /* create SSL 2.0 compatible Client Hello */
-
- /* two byte record header will be written last */
- d = &(buf[2]);
- p = d + 9; /* leave space for message type, version,
- * individual length fields */
-
- *(d++) = SSL2_MT_CLIENT_HELLO;
- *(d++) = version_major;
- *(d++) = version_minor;
-
- /* Ciphers supported */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
- if (i == 0) {
- /* no ciphers */
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return -1;
- }
- s2n(i, d);
- p += i;
-
- /*
- * put in the session-id length (zero since there is no reuse)
- */
- s2n(0, d);
-
- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
- ch_len = SSL2_CHALLENGE_LENGTH;
- else
- ch_len = SSL2_MAX_CHALLENGE_LENGTH;
-
- /* write out sslv2 challenge */
- /*
- * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it
- * is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
- * SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
- * futurproofing
- */
- if (SSL3_RANDOM_SIZE < ch_len)
- i = SSL3_RANDOM_SIZE;
- else
- i = ch_len;
- s2n(i, d);
- memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
- if (RAND_pseudo_bytes
- (&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i) <= 0)
- return -1;
-
- memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
- p += i;
-
- i = p - &(buf[2]);
- buf[0] = ((i >> 8) & 0xff) | 0x80;
- buf[1] = (i & 0xff);
-
- /* number of bytes to write */
- s->init_num = i + 2;
- s->init_off = 0;
-
- ssl3_finish_mac(s, &(buf[2]), i);
- } else {
- /* create Client Hello in SSL 3.0/TLS 1.0 format */
-
- /*
- * do the record header (5 bytes) and handshake message header (4
- * bytes) last
- */
- d = p = &(buf[9]);
-
- *(p++) = version_major;
- *(p++) = version_minor;
-
- /* Random stuff */
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- /* Session ID (zero since there is no reuse) */
- *(p++) = 0;
-
- /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
- ssl3_put_cipher_by_char);
- if (i == 0) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return -1;
- }
-#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
- /*
- * Some servers hang if client hello > 256 bytes as hack
- * workaround chop number of supported ciphers to keep it well
- * below this if we use TLS v1.2
- */
- if (TLS1_get_version(s) >= TLS1_2_VERSION
- && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
- i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
-#endif
- s2n(i, p);
- p += i;
-
- /* COMPRESSION */
-#ifdef OPENSSL_NO_COMP
- *(p++) = 1;
-#else
- if ((s->options & SSL_OP_NO_COMPRESSION)
- || !s->ctx->comp_methods)
- j = 0;
- else
- j = sk_SSL_COMP_num(s->ctx->comp_methods);
- *(p++) = 1 + j;
- for (i = 0; i < j; i++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
- *(p++) = comp->id;
- }
-#endif
- *(p++) = 0; /* Add the NULL method */
-
-#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions */
- if (ssl_prepare_clienthello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- return -1;
- }
- if ((p =
- ssl_add_clienthello_tlsext(s, p,
- buf +
- SSL3_RT_MAX_PLAIN_LENGTH)) ==
- NULL) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
-#endif
-
- l = p - d;
-
- /* fill in 4-byte handshake header */
- d = &(buf[5]);
- *(d++) = SSL3_MT_CLIENT_HELLO;
- l2n3(l, d);
-
- l += 4;
-
- if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
-
- /* fill in 5-byte record header */
- d = buf;
- *(d++) = SSL3_RT_HANDSHAKE;
- *(d++) = version_major;
- /*
- * Some servers hang if we use long client hellos and a record
- * number > TLS 1.0.
- */
- if (TLS1_get_client_version(s) > TLS1_VERSION)
- *(d++) = 1;
- else
- *(d++) = version_minor;
- s2n((int)l, d);
-
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
-
- ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
- }
-
- s->state = SSL23_ST_CW_CLNT_HELLO_B;
- s->init_off = 0;
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- ret = ssl23_write_bytes(s);
-
- if ((ret >= 2) && s->msg_callback) {
- /* Client Hello has been sent; tell msg_callback */
-
- if (ssl2_compat)
- s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2,
- ret - 2, s, s->msg_callback_arg);
- else
- s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
- s->init_buf->data + 5, ret - 5, s,
- s->msg_callback_arg);
- }
-
- return ret;
-}
-
-static int ssl23_get_server_hello(SSL *s)
-{
- char buf[8];
- unsigned char *p;
- int i;
- int n;
-
- n = ssl23_read_bytes(s, 7);
-
- if (n != 7)
- return (n);
- p = s->packet;
-
- memcpy(buf, p, n);
-
- if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
- (p[5] == 0x00) && (p[6] == 0x02)) {
-#ifdef OPENSSL_NO_SSL2
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
-#else
- /* we are talking sslv2 */
- /*
- * we need to clean up the SSLv3 setup and put in the sslv2 stuff.
- */
- int ch_len;
-
- if (s->options & SSL_OP_NO_SSLv2) {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
- }
- if (s->s2 == NULL) {
- if (!ssl2_new(s))
- goto err;
- } else
- ssl2_clear(s);
-
- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
- ch_len = SSL2_CHALLENGE_LENGTH;
- else
- ch_len = SSL2_MAX_CHALLENGE_LENGTH;
-
- /* write out sslv2 challenge */
- /*
- * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it is
- * one of SSL2_MAX_CHALLENGE_LENGTH (32) or SSL2_MAX_CHALLENGE_LENGTH
- * (16), but leave the check in for futurproofing
- */
- i = (SSL3_RANDOM_SIZE < ch_len)
- ? SSL3_RANDOM_SIZE : ch_len;
- s->s2->challenge_length = i;
- memcpy(s->s2->challenge,
- &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
-
- if (s->s3 != NULL)
- ssl3_free(s);
-
- if (!BUF_MEM_grow_clean(s->init_buf,
- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
- goto err;
- }
-
- s->state = SSL2_ST_GET_SERVER_HELLO_A;
- if (!(s->client_version == SSL2_VERSION))
- /*
- * use special padding (SSL 3.0 draft/RFC 2246, App. E.2)
- */
- s->s2->ssl2_rollback = 1;
-
- /*
- * setup the 7 bytes we have read so we get them from the sslv2
- * buffer
- */
- s->rstate = SSL_ST_READ_HEADER;
- s->packet_length = n;
- s->packet = &(s->s2->rbuf[0]);
- memcpy(s->packet, buf, n);
- s->s2->rbuf_left = n;
- s->s2->rbuf_offs = 0;
-
- /* we have already written one */
- s->s2->write_sequence = 1;
-
- s->method = SSLv2_client_method();
- s->handshake_func = s->method->ssl_connect;
-#endif
- } else if (p[1] == SSL3_VERSION_MAJOR &&
- p[2] <= TLS1_2_VERSION_MINOR &&
- ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
- (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
- /* we have sslv3 or tls1 (server hello or alert) */
-
-#ifndef OPENSSL_NO_SSL3
- if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) {
-# ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
- SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
- goto err;
- }
-# endif
- s->version = SSL3_VERSION;
- s->method = SSLv3_client_method();
- } else
-#endif
- if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) {
- s->version = TLS1_VERSION;
- s->method = TLSv1_client_method();
- } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
- !(s->options & SSL_OP_NO_TLSv1_1)) {
- s->version = TLS1_1_VERSION;
- s->method = TLSv1_1_client_method();
- } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
- !(s->options & SSL_OP_NO_TLSv1_2)) {
- s->version = TLS1_2_VERSION;
- s->method = TLSv1_2_client_method();
- } else {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
- }
-
- s->session->ssl_version = s->version;
-
- /* ensure that TLS_MAX_VERSION is up-to-date */
- OPENSSL_assert(s->version <= TLS_MAX_VERSION);
-
- if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
- /* fatal alert */
-
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int j;
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- i = p[5];
- if (cb != NULL) {
- j = (i << 8) | p[6];
- cb(s, SSL_CB_READ_ALERT, j);
- }
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s,
- s->msg_callback_arg);
-
- s->rwstate = SSL_NOTHING;
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
- goto err;
- }
-
- if (!ssl_init_wbio_buffer(s, 1))
- goto err;
-
- /* we are in this state */
- s->state = SSL3_ST_CR_SRVR_HELLO_A;
-
- /*
- * put the 7 bytes we have read into the input buffer for SSLv3
- */
- s->rstate = SSL_ST_READ_HEADER;
- s->packet_length = n;
- if (s->s3->rbuf.buf == NULL)
- if (!ssl3_setup_read_buffer(s))
- goto err;
- s->packet = &(s->s3->rbuf.buf[0]);
- memcpy(s->packet, buf, n);
- s->s3->rbuf.left = n;
- s->s3->rbuf.offset = 0;
-
- s->handshake_func = s->method->ssl_connect;
- } else {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
- goto err;
- }
- s->init_num = 0;
-
- return (SSL_connect(s));
- err:
- return (-1);
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s23_clnt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s23_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,790 @@
+/* ssl/s23_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+
+static const SSL_METHOD *ssl23_get_client_method(int ver);
+static int ssl23_client_hello(SSL *s);
+static int ssl23_get_server_hello(SSL *s);
+static const SSL_METHOD *ssl23_get_client_method(int ver)
+{
+#ifndef OPENSSL_NO_SSL2
+ if (ver == SSL2_VERSION)
+ return (SSLv2_client_method());
+#endif
+#ifndef OPENSSL_NO_SSL3
+ if (ver == SSL3_VERSION)
+ return (SSLv3_client_method());
+#endif
+ if (ver == TLS1_VERSION)
+ return (TLSv1_client_method());
+ else if (ver == TLS1_1_VERSION)
+ return (TLSv1_1_client_method());
+ else if (ver == TLS1_2_VERSION)
+ return (TLSv1_2_client_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
+ ssl_undefined_function,
+ ssl23_connect, ssl23_get_client_method)
+
+int ssl23_connect(SSL *s)
+{
+ BUF_MEM *buf = NULL;
+ unsigned long Time = (unsigned long)time(NULL);
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int ret = -1;
+ int new_state, state;
+
+ RAND_add(&Time, sizeof(Time), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE | SSL_ST_CONNECT:
+ case SSL_ST_OK | SSL_ST_CONNECT:
+
+ if (s->session != NULL) {
+ SSLerr(SSL_F_SSL23_CONNECT,
+ SSL_R_SSL23_DOING_SESSION_ID_REUSE);
+ ret = -1;
+ goto end;
+ }
+ s->server = 0;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ /* s->version=TLS1_VERSION; */
+ s->type = SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ ret = -1;
+ goto end;
+ }
+ s->init_buf = buf;
+ buf = NULL;
+ }
+
+ if (!ssl3_setup_buffers(s)) {
+ ret = -1;
+ goto end;
+ }
+
+ ssl3_init_finished_mac(s);
+
+ s->state = SSL23_ST_CW_CLNT_HELLO_A;
+ s->ctx->stats.sess_connect++;
+ s->init_num = 0;
+ break;
+
+ case SSL23_ST_CW_CLNT_HELLO_A:
+ case SSL23_ST_CW_CLNT_HELLO_B:
+
+ s->shutdown = 0;
+ ret = ssl23_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL23_ST_CR_SRVR_HELLO_A;
+ s->init_num = 0;
+
+ break;
+
+ case SSL23_ST_CR_SRVR_HELLO_A:
+ case SSL23_ST_CR_SRVR_HELLO_B:
+ ret = ssl23_get_server_hello(s);
+ if (ret >= 0)
+ cb = NULL;
+ goto end;
+ /* break; */
+
+ default:
+ SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
+ ret = -1;
+ goto end;
+ /* break; */
+ }
+
+ if (s->debug) {
+ (void)BIO_flush(s->wbio);
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_CONNECT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ end:
+ s->in_handshake--;
+ if (buf != NULL)
+ BUF_MEM_free(buf);
+ if (cb != NULL)
+ cb(s, SSL_CB_CONNECT_EXIT, ret);
+ return (ret);
+}
+
+static int ssl23_no_ssl2_ciphers(SSL *s)
+{
+ SSL_CIPHER *cipher;
+ STACK_OF(SSL_CIPHER) *ciphers;
+ int i;
+ ciphers = SSL_get_ciphers(s);
+ for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+ cipher = sk_SSL_CIPHER_value(ciphers, i);
+ if (cipher->algorithm_ssl == SSL_SSLV2)
+ return 0;
+ }
+ return 1;
+}
+
+/*
+ * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
+ * failure, 1 on success.
+ */
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
+{
+ int send_time = 0;
+
+ if (len < 4)
+ return 0;
+ if (server)
+ send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
+ else
+ send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
+ if (send_time) {
+ unsigned long Time = (unsigned long)time(NULL);
+ unsigned char *p = result;
+ l2n(Time, p);
+ return RAND_bytes(p, len - 4);
+ } else
+ return RAND_bytes(result, len);
+}
+
+static int ssl23_client_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int i, ch_len;
+ unsigned long l;
+ int ssl2_compat;
+ int version = 0, version_major, version_minor;
+#ifndef OPENSSL_NO_COMP
+ int j;
+ SSL_COMP *comp;
+#endif
+ int ret;
+ unsigned long mask, options = s->options;
+
+ ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
+
+ if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
+ ssl2_compat = 0;
+
+ /*
+ * SSL_OP_NO_X disables all protocols above X *if* there are
+ * some protocols below X enabled. This is required in order
+ * to maintain "version capability" vector contiguous. So
+ * that if application wants to disable TLS1.0 in favour of
+ * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
+ * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
+ */
+ mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
+#if !defined(OPENSSL_NO_SSL3)
+ | SSL_OP_NO_SSLv3
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+ | (ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
+#endif
+ ;
+#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
+ version = TLS1_2_VERSION;
+
+ if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
+ version = TLS1_1_VERSION;
+#else
+ version = TLS1_1_VERSION;
+#endif
+ mask &= ~SSL_OP_NO_TLSv1_1;
+ if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
+ version = TLS1_VERSION;
+ mask &= ~SSL_OP_NO_TLSv1;
+#if !defined(OPENSSL_NO_SSL3)
+ if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
+ version = SSL3_VERSION;
+ mask &= ~SSL_OP_NO_SSLv3;
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+ if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
+ version = SSL2_VERSION;
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+ if (version != SSL2_VERSION) {
+ /*
+ * have to disable SSL 2.0 compatibility if we need TLS extensions
+ */
+
+ if (s->tlsext_hostname != NULL)
+ ssl2_compat = 0;
+ if (s->tlsext_status_type != -1)
+ ssl2_compat = 0;
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->ctx->tlsext_opaque_prf_input_callback != 0
+ || s->tlsext_opaque_prf_input != NULL)
+ ssl2_compat = 0;
+# endif
+ }
+#endif
+
+ buf = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
+ /*
+ * Since we're sending s23 client hello, we're not reusing a session, as
+ * we'd be using the method from the saved session instead
+ */
+ if (!ssl_get_new_session(s, 0)) {
+ return -1;
+ }
+
+ p = s->s3->client_random;
+ if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
+ return -1;
+
+ if (version == TLS1_2_VERSION) {
+ version_major = TLS1_2_VERSION_MAJOR;
+ version_minor = TLS1_2_VERSION_MINOR;
+ } else if (version == TLS1_1_VERSION) {
+ version_major = TLS1_1_VERSION_MAJOR;
+ version_minor = TLS1_1_VERSION_MINOR;
+ } else if (version == TLS1_VERSION) {
+ version_major = TLS1_VERSION_MAJOR;
+ version_minor = TLS1_VERSION_MINOR;
+ }
+#ifdef OPENSSL_FIPS
+ else if (FIPS_mode()) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+ SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ return -1;
+ }
+#endif
+ else if (version == SSL3_VERSION) {
+ version_major = SSL3_VERSION_MAJOR;
+ version_minor = SSL3_VERSION_MINOR;
+ } else if (version == SSL2_VERSION) {
+ version_major = SSL2_VERSION_MAJOR;
+ version_minor = SSL2_VERSION_MINOR;
+ } else {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
+ return (-1);
+ }
+
+ s->client_version = version;
+
+ if (ssl2_compat) {
+ /* create SSL 2.0 compatible Client Hello */
+
+ /* two byte record header will be written last */
+ d = &(buf[2]);
+ p = d + 9; /* leave space for message type, version,
+ * individual length fields */
+
+ *(d++) = SSL2_MT_CLIENT_HELLO;
+ *(d++) = version_major;
+ *(d++) = version_minor;
+
+ /* Ciphers supported */
+ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
+ if (i == 0) {
+ /* no ciphers */
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+ return -1;
+ }
+ s2n(i, d);
+ p += i;
+
+ /*
+ * put in the session-id length (zero since there is no reuse)
+ */
+ s2n(0, d);
+
+ if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+ ch_len = SSL2_CHALLENGE_LENGTH;
+ else
+ ch_len = SSL2_MAX_CHALLENGE_LENGTH;
+
+ /* write out sslv2 challenge */
+ /*
+ * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it
+ * is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
+ * SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
+ * futurproofing
+ */
+ if (SSL3_RANDOM_SIZE < ch_len)
+ i = SSL3_RANDOM_SIZE;
+ else
+ i = ch_len;
+ s2n(i, d);
+ memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
+ if (RAND_bytes (&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i)
+ <= 0)
+ return -1;
+
+ memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
+ p += i;
+
+ i = p - &(buf[2]);
+ buf[0] = ((i >> 8) & 0xff) | 0x80;
+ buf[1] = (i & 0xff);
+
+ /* number of bytes to write */
+ s->init_num = i + 2;
+ s->init_off = 0;
+
+ ssl3_finish_mac(s, &(buf[2]), i);
+ } else {
+ /* create Client Hello in SSL 3.0/TLS 1.0 format */
+
+ /*
+ * do the record header (5 bytes) and handshake message header (4
+ * bytes) last
+ */
+ d = p = &(buf[9]);
+
+ *(p++) = version_major;
+ *(p++) = version_minor;
+
+ /* Random stuff */
+ memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ /* Session ID (zero since there is no reuse) */
+ *(p++) = 0;
+
+ /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
+ ssl3_put_cipher_by_char);
+ if (i == 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+ return -1;
+ }
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+ /*
+ * Some servers hang if client hello > 256 bytes as hack
+ * workaround chop number of supported ciphers to keep it well
+ * below this if we use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
+ s2n(i, p);
+ p += i;
+
+ /* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+ *(p++) = 1;
+#else
+ if ((s->options & SSL_OP_NO_COMPRESSION)
+ || !s->ctx->comp_methods)
+ j = 0;
+ else
+ j = sk_SSL_COMP_num(s->ctx->comp_methods);
+ *(p++) = 1 + j;
+ for (i = 0; i < j; i++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+ *(p++) = comp->id;
+ }
+#endif
+ *(p++) = 0; /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ return -1;
+ }
+ if ((p =
+ ssl_add_clienthello_tlsext(s, p,
+ buf +
+ SSL3_RT_MAX_PLAIN_LENGTH)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+#endif
+
+ l = p - d;
+
+ /* fill in 4-byte handshake header */
+ d = &(buf[5]);
+ *(d++) = SSL3_MT_CLIENT_HELLO;
+ l2n3(l, d);
+
+ l += 4;
+
+ if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+
+ /* fill in 5-byte record header */
+ d = buf;
+ *(d++) = SSL3_RT_HANDSHAKE;
+ *(d++) = version_major;
+ /*
+ * Some servers hang if we use long client hellos and a record
+ * number > TLS 1.0.
+ */
+ if (TLS1_get_client_version(s) > TLS1_VERSION)
+ *(d++) = 1;
+ else
+ *(d++) = version_minor;
+ s2n((int)l, d);
+
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+
+ ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
+ }
+
+ s->state = SSL23_ST_CW_CLNT_HELLO_B;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ ret = ssl23_write_bytes(s);
+
+ if ((ret >= 2) && s->msg_callback) {
+ /* Client Hello has been sent; tell msg_callback */
+
+ if (ssl2_compat)
+ s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2,
+ ret - 2, s, s->msg_callback_arg);
+ else
+ s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
+ s->init_buf->data + 5, ret - 5, s,
+ s->msg_callback_arg);
+ }
+
+ return ret;
+}
+
+static int ssl23_get_server_hello(SSL *s)
+{
+ char buf[8];
+ unsigned char *p;
+ int i;
+ int n;
+
+ n = ssl23_read_bytes(s, 7);
+
+ if (n != 7)
+ return (n);
+ p = s->packet;
+
+ memcpy(buf, p, n);
+
+ if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
+ (p[5] == 0x00) && (p[6] == 0x02)) {
+#ifdef OPENSSL_NO_SSL2
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+#else
+ /* we are talking sslv2 */
+ /*
+ * we need to clean up the SSLv3 setup and put in the sslv2 stuff.
+ */
+ int ch_len;
+
+ if (s->options & SSL_OP_NO_SSLv2) {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+ }
+ if (s->s2 == NULL) {
+ if (!ssl2_new(s))
+ goto err;
+ } else
+ ssl2_clear(s);
+
+ if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+ ch_len = SSL2_CHALLENGE_LENGTH;
+ else
+ ch_len = SSL2_MAX_CHALLENGE_LENGTH;
+
+ /* write out sslv2 challenge */
+ /*
+ * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it is
+ * one of SSL2_MAX_CHALLENGE_LENGTH (32) or SSL2_MAX_CHALLENGE_LENGTH
+ * (16), but leave the check in for futurproofing
+ */
+ i = (SSL3_RANDOM_SIZE < ch_len)
+ ? SSL3_RANDOM_SIZE : ch_len;
+ s->s2->challenge_length = i;
+ memcpy(s->s2->challenge,
+ &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
+
+ if (s->s3 != NULL)
+ ssl3_free(s);
+
+ if (!BUF_MEM_grow_clean(s->init_buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
+ goto err;
+ }
+
+ s->state = SSL2_ST_GET_SERVER_HELLO_A;
+ if (!(s->client_version == SSL2_VERSION))
+ /*
+ * use special padding (SSL 3.0 draft/RFC 2246, App. E.2)
+ */
+ s->s2->ssl2_rollback = 1;
+
+ /*
+ * setup the 7 bytes we have read so we get them from the sslv2
+ * buffer
+ */
+ s->rstate = SSL_ST_READ_HEADER;
+ s->packet_length = n;
+ s->packet = &(s->s2->rbuf[0]);
+ memcpy(s->packet, buf, n);
+ s->s2->rbuf_left = n;
+ s->s2->rbuf_offs = 0;
+
+ /* we have already written one */
+ s->s2->write_sequence = 1;
+
+ s->method = SSLv2_client_method();
+ s->handshake_func = s->method->ssl_connect;
+#endif
+ } else if (p[1] == SSL3_VERSION_MAJOR &&
+ p[2] <= TLS1_2_VERSION_MINOR &&
+ ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
+ (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
+ /* we have sslv3 or tls1 (server hello or alert) */
+
+#ifndef OPENSSL_NO_SSL3
+ if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) {
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode()) {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ goto err;
+ }
+# endif
+ s->version = SSL3_VERSION;
+ s->method = SSLv3_client_method();
+ } else
+#endif
+ if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) {
+ s->version = TLS1_VERSION;
+ s->method = TLSv1_client_method();
+ } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1_1)) {
+ s->version = TLS1_1_VERSION;
+ s->method = TLSv1_1_client_method();
+ } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1_2)) {
+ s->version = TLS1_2_VERSION;
+ s->method = TLSv1_2_client_method();
+ } else {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+ }
+
+ s->session->ssl_version = s->version;
+
+ /* ensure that TLS_MAX_VERSION is up-to-date */
+ OPENSSL_assert(s->version <= TLS_MAX_VERSION);
+
+ if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
+ /* fatal alert */
+
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int j;
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ i = p[5];
+ if (cb != NULL) {
+ j = (i << 8) | p[6];
+ cb(s, SSL_CB_READ_ALERT, j);
+ }
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s,
+ s->msg_callback_arg);
+
+ s->rwstate = SSL_NOTHING;
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
+ goto err;
+ }
+
+ if (!ssl_init_wbio_buffer(s, 1))
+ goto err;
+
+ /* we are in this state */
+ s->state = SSL3_ST_CR_SRVR_HELLO_A;
+
+ /*
+ * put the 7 bytes we have read into the input buffer for SSLv3
+ */
+ s->rstate = SSL_ST_READ_HEADER;
+ s->packet_length = n;
+ if (s->s3->rbuf.buf == NULL)
+ if (!ssl3_setup_read_buffer(s))
+ goto err;
+ s->packet = &(s->s3->rbuf.buf[0]);
+ memcpy(s->packet, buf, n);
+ s->s3->rbuf.left = n;
+ s->s3->rbuf.offset = 0;
+
+ s->handshake_func = s->method->ssl_connect;
+ } else {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+ }
+ s->init_num = 0;
+
+ return (SSL_connect(s));
+ err:
+ return (-1);
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s2_clnt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1094 +0,0 @@
-/* ssl/s2_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <openssl/rand.h>
-# include <openssl/buffer.h>
-# include <openssl/objects.h>
-# include <openssl/evp.h>
-
-static const SSL_METHOD *ssl2_get_client_method(int ver);
-static int get_server_finished(SSL *s);
-static int get_server_verify(SSL *s);
-static int get_server_hello(SSL *s);
-static int client_hello(SSL *s);
-static int client_master_key(SSL *s);
-static int client_finished(SSL *s);
-static int client_certificate(SSL *s);
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
- unsigned char *to, int padding);
-# define BREAK break
-
-static const SSL_METHOD *ssl2_get_client_method(int ver)
-{
- if (ver == SSL2_VERSION)
- return (SSLv2_client_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
- ssl_undefined_function,
- ssl2_connect, ssl2_get_client_method)
-
-int ssl2_connect(SSL *s)
-{
- unsigned long l = (unsigned long)time(NULL);
- BUF_MEM *buf = NULL;
- int ret = -1;
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int new_state, state;
-
- RAND_add(&l, sizeof(l), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- /* init things to blank */
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_BEFORE:
- case SSL_ST_CONNECT:
- case SSL_ST_BEFORE | SSL_ST_CONNECT:
- case SSL_ST_OK | SSL_ST_CONNECT:
-
- s->server = 0;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- s->version = SSL2_VERSION;
- s->type = SSL_ST_CONNECT;
-
- buf = s->init_buf;
- if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
- ret = -1;
- goto end;
- }
- if (!BUF_MEM_grow(buf, SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
- if (buf == s->init_buf)
- buf = NULL;
- ret = -1;
- goto end;
- }
- s->init_buf = buf;
- buf = NULL;
- s->init_num = 0;
- s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
- s->ctx->stats.sess_connect++;
- s->handshake_func = ssl2_connect;
- BREAK;
-
- case SSL2_ST_SEND_CLIENT_HELLO_A:
- case SSL2_ST_SEND_CLIENT_HELLO_B:
- s->shutdown = 0;
- ret = client_hello(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_GET_SERVER_HELLO_A;
- BREAK;
-
- case SSL2_ST_GET_SERVER_HELLO_A:
- case SSL2_ST_GET_SERVER_HELLO_B:
- ret = get_server_hello(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- if (!s->hit) { /* new session */
- s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
- BREAK;
- } else {
- s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
- break;
- }
-
- case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
- case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
- ret = client_master_key(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
- break;
-
- case SSL2_ST_CLIENT_START_ENCRYPTION:
- /*
- * Ok, we now have all the stuff needed to start encrypting, so
- * lets fire it up :-)
- */
- if (!ssl2_enc_init(s, 1)) {
- ret = -1;
- goto end;
- }
- s->s2->clear_text = 0;
- s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
- break;
-
- case SSL2_ST_SEND_CLIENT_FINISHED_A:
- case SSL2_ST_SEND_CLIENT_FINISHED_B:
- ret = client_finished(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_GET_SERVER_VERIFY_A;
- break;
-
- case SSL2_ST_GET_SERVER_VERIFY_A:
- case SSL2_ST_GET_SERVER_VERIFY_B:
- ret = get_server_verify(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_GET_SERVER_FINISHED_A;
- break;
-
- case SSL2_ST_GET_SERVER_FINISHED_A:
- case SSL2_ST_GET_SERVER_FINISHED_B:
- ret = get_server_finished(s);
- if (ret <= 0)
- goto end;
- break;
-
- case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
- case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
- case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
- case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
- case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
- ret = client_certificate(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_GET_SERVER_FINISHED_A;
- break;
-
- case SSL_ST_OK:
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
- s->init_num = 0;
- /* ERR_clear_error(); */
-
- /*
- * If we want to cache session-ids in the client and we
- * successfully add the session-id to the cache, and there is a
- * callback, then pass it out. 26/11/96 - eay - only add if not a
- * re-used session.
- */
-
- ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
- if (s->hit)
- s->ctx->stats.sess_hit++;
-
- ret = 1;
- /* s->server=0; */
- s->ctx->stats.sess_connect_good++;
-
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
- goto end;
- /* break; */
- default:
- SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
- return (-1);
- /* break; */
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_CONNECT_LOOP, 1);
- s->state = new_state;
- }
- }
- end:
- s->in_handshake--;
- if (buf != NULL)
- BUF_MEM_free(buf);
- if (cb != NULL)
- cb(s, SSL_CB_CONNECT_EXIT, ret);
- return (ret);
-}
-
-static int get_server_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p;
- int i, j;
- unsigned long len;
- STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
-
- buf = (unsigned char *)s->init_buf->data;
- p = buf;
- if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
- i = ssl2_read(s, (char *)&(buf[s->init_num]), 11 - s->init_num);
- if (i < (11 - s->init_num))
- return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
- s->init_num = 11;
-
- if (*(p++) != SSL2_MT_SERVER_HELLO) {
- if (p[-1] != SSL2_MT_ERROR) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
- } else
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_PEER_ERROR);
- return (-1);
- }
-# if 0
- s->hit = (*(p++)) ? 1 : 0;
- /*
- * Some [PPC?] compilers fail to increment p in above statement, e.g.
- * one provided with Rhapsody 5.5, but most recent example XL C 11.1
- * for AIX, even without optimization flag...
- */
-# else
- s->hit = (*p) ? 1 : 0;
- p++;
-# endif
- s->s2->tmp.cert_type = *(p++);
- n2s(p, i);
- if (i < s->version)
- s->version = i;
- n2s(p, i);
- s->s2->tmp.cert_length = i;
- n2s(p, i);
- s->s2->tmp.csl = i;
- n2s(p, i);
- s->s2->tmp.conn_id_length = i;
- s->state = SSL2_ST_GET_SERVER_HELLO_B;
- }
-
- /* SSL2_ST_GET_SERVER_HELLO_B */
- len =
- 11 + (unsigned long)s->s2->tmp.cert_length +
- (unsigned long)s->s2->tmp.csl +
- (unsigned long)s->s2->tmp.conn_id_length;
- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
- return -1;
- }
- j = (int)len - s->init_num;
- i = ssl2_read(s, (char *)&(buf[s->init_num]), j);
- if (i != j)
- return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
- if (s->msg_callback) {
- /* SERVER-HELLO */
- s->msg_callback(0, s->version, 0, buf, (size_t)len, s,
- s->msg_callback_arg);
- }
-
- /* things are looking good */
-
- p = buf + 11;
- if (s->hit) {
- if (s->s2->tmp.cert_length != 0) {
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
- return (-1);
- }
- if (s->s2->tmp.cert_type != 0) {
- if (!(s->options & SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
- SSLerr(SSL_F_GET_SERVER_HELLO,
- SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
- return (-1);
- }
- }
- if (s->s2->tmp.csl != 0) {
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
- return (-1);
- }
- } else {
-# ifdef undef
- /* very bad */
- memset(s->session->session_id, 0,
- SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
- s->session->session_id_length = 0;
- */
-# endif
- /*
- * we need to do this in case we were trying to reuse a client
- * session but others are already reusing it. If this was a new
- * 'blank' session ID, the session-id length will still be 0
- */
- if (s->session->session_id_length > 0) {
- if (!ssl_get_new_session(s, 0)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- }
- }
-
- if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
- s->s2->tmp.cert_length, p) <= 0) {
- ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
- return (-1);
- }
- p += s->s2->tmp.cert_length;
-
- if (s->s2->tmp.csl == 0) {
- ssl2_return_error(s, SSL2_PE_NO_CIPHER);
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
- return (-1);
- }
-
- /*
- * We have just received a list of ciphers back from the server. We
- * need to get the ones that match, then select the one we want the
- * most :-).
- */
-
- /* load the ciphers */
- sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
- &s->session->ciphers);
- p += s->s2->tmp.csl;
- if (sk == NULL) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
- return (-1);
- }
-
- (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
-
- /* get the array of ciphers we will accept */
- cl = SSL_get_ciphers(s);
- (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
-
- /*
- * If server preference flag set, choose the first
- * (highest priority) cipher the server sends, otherwise
- * client preference has priority.
- */
- if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
- prio = sk;
- allow = cl;
- } else {
- prio = cl;
- allow = sk;
- }
- /*
- * In theory we could have ciphers sent back that we don't want to
- * use but that does not matter since we will check against the list
- * we originally sent and for performance reasons we should not
- * bother to match the two lists up just to check.
- */
- for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, i)) >= 0)
- break;
- }
-
- if (i >= sk_SSL_CIPHER_num(prio)) {
- ssl2_return_error(s, SSL2_PE_NO_CIPHER);
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
- return (-1);
- }
- s->session->cipher = sk_SSL_CIPHER_value(prio, i);
-
- if (s->session->peer != NULL) { /* can't happen */
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- return (-1);
- }
-
- s->session->peer = s->session->sess_cert->peer_key->x509;
- /* peer_key->x509 has been set by ssl2_set_certificate. */
- CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
- }
-
- if (s->session->sess_cert == NULL
- || s->session->peer != s->session->sess_cert->peer_key->x509)
- /* can't happen */
- {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- return (-1);
- }
-
- s->s2->conn_id_length = s->s2->tmp.conn_id_length;
- if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
- return -1;
- }
- memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
- return (1);
-}
-
-static int client_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
-/* CIPHER **cipher;*/
- int i, n, j;
-
- buf = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
- if ((s->session == NULL) || (s->session->ssl_version != s->version)) {
- if (!ssl_get_new_session(s, 0)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- }
- }
- /* else use the pre-loaded session */
-
- p = buf; /* header */
- d = p + 9; /* data section */
- *(p++) = SSL2_MT_CLIENT_HELLO; /* type */
- s2n(SSL2_VERSION, p); /* version */
- n = j = 0;
-
- n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
- d += n;
-
- if (n == 0) {
- SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return (-1);
- }
-
- s2n(n, p); /* cipher spec num bytes */
-
- if ((s->session->session_id_length > 0) &&
- (s->session->session_id_length <=
- SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
- i = s->session->session_id_length;
- s2n(i, p); /* session id length */
- memcpy(d, s->session->session_id, (unsigned int)i);
- d += i;
- } else {
- s2n(0, p);
- }
-
- s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
- s2n(SSL2_CHALLENGE_LENGTH, p); /* challenge length */
- /*
- * challenge id data
- */
- if (RAND_pseudo_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
- return -1;
- memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
- d += SSL2_CHALLENGE_LENGTH;
-
- s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
- s->init_num = d - buf;
- s->init_off = 0;
- }
- /* SSL2_ST_SEND_CLIENT_HELLO_B */
- return (ssl2_do_write(s));
-}
-
-static int client_master_key(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- int clear, enc, karg, i;
- SSL_SESSION *sess;
- const EVP_CIPHER *c;
- const EVP_MD *md;
-
- buf = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
-
- if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
- ssl2_return_error(s, SSL2_PE_NO_CIPHER);
- SSLerr(SSL_F_CLIENT_MASTER_KEY,
- SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
- return (-1);
- }
- sess = s->session;
- p = buf;
- d = p + 10;
- *(p++) = SSL2_MT_CLIENT_MASTER_KEY; /* type */
-
- i = ssl_put_cipher_by_char(s, sess->cipher, p);
- p += i;
-
- /* make key_arg data */
- i = EVP_CIPHER_iv_length(c);
- sess->key_arg_length = i;
- if (i > SSL_MAX_KEY_ARG_LENGTH) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- if (i > 0)
- if (RAND_pseudo_bytes(sess->key_arg, i) <= 0)
- return -1;
-
- /* make a master key */
- i = EVP_CIPHER_key_length(c);
- sess->master_key_length = i;
- if (i > 0) {
- if (i > (int)sizeof(sess->master_key)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- if (RAND_bytes(sess->master_key, i) <= 0) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- }
- }
-
- if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
- enc = 8;
- else if (SSL_C_IS_EXPORT(sess->cipher))
- enc = 5;
- else
- enc = i;
-
- if ((int)i < enc) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
- return (-1);
- }
- clear = i - enc;
- s2n(clear, p);
- memcpy(d, sess->master_key, (unsigned int)clear);
- d += clear;
-
- enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
- &(sess->master_key[clear]), d,
- (s->
- s2->ssl2_rollback) ? RSA_SSLV23_PADDING
- : RSA_PKCS1_PADDING);
- if (enc <= 0) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
- return (-1);
- }
-# ifdef PKCS1_CHECK
- if (s->options & SSL_OP_PKCS1_CHECK_1)
- d[1]++;
- if (s->options & SSL_OP_PKCS1_CHECK_2)
- sess->master_key[clear]++;
-# endif
- s2n(enc, p);
- d += enc;
- karg = sess->key_arg_length;
- s2n(karg, p); /* key arg size */
- if (karg > (int)sizeof(sess->key_arg)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- memcpy(d, sess->key_arg, (unsigned int)karg);
- d += karg;
-
- s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
- s->init_num = d - buf;
- s->init_off = 0;
- }
-
- /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
- return (ssl2_do_write(s));
-}
-
-static int client_finished(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
- p = (unsigned char *)s->init_buf->data;
- *(p++) = SSL2_MT_CLIENT_FINISHED;
- if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
- SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- memcpy(p, s->s2->conn_id, (unsigned int)s->s2->conn_id_length);
-
- s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
- s->init_num = s->s2->conn_id_length + 1;
- s->init_off = 0;
- }
- return (ssl2_do_write(s));
-}
-
-/* read the data and then respond */
-static int client_certificate(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- int i;
- unsigned int n;
- int cert_ch_len;
- unsigned char *cert_ch;
-
- buf = (unsigned char *)s->init_buf->data;
-
- /*
- * We have a cert associated with the SSL, so attach it to the session if
- * it does not have one
- */
-
- if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
- i = ssl2_read(s, (char *)&(buf[s->init_num]),
- SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
- if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
- return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
- s->init_num += i;
- if (s->msg_callback) {
- /* REQUEST-CERTIFICATE */
- s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
- s->msg_callback_arg);
- }
-
- /* type=buf[0]; */
- /* type eq x509 */
- if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
- ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
- SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
- return (-1);
- }
-
- if ((s->cert == NULL) ||
- (s->cert->key->x509 == NULL) ||
- (s->cert->key->privatekey == NULL)) {
- s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
- } else
- s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
- }
-
- cert_ch = buf + 2;
- cert_ch_len = s->init_num - 2;
-
- if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
- X509 *x509 = NULL;
- EVP_PKEY *pkey = NULL;
-
- /*
- * If we get an error we need to ssl->rwstate=SSL_X509_LOOKUP;
- * return(error); We should then be retried when things are ok and we
- * can get a cert or not
- */
-
- i = 0;
- if (s->ctx->client_cert_cb != NULL) {
- i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
- }
-
- if (i < 0) {
- s->rwstate = SSL_X509_LOOKUP;
- return (-1);
- }
- s->rwstate = SSL_NOTHING;
-
- if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
- s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
- if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey)) {
- i = 0;
- }
- X509_free(x509);
- EVP_PKEY_free(pkey);
- } else if (i == 1) {
- if (x509 != NULL)
- X509_free(x509);
- if (pkey != NULL)
- EVP_PKEY_free(pkey);
- SSLerr(SSL_F_CLIENT_CERTIFICATE,
- SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
- i = 0;
- }
-
- if (i == 0) {
- /*
- * We have no client certificate to respond with so send the
- * correct error message back
- */
- s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
- p = buf;
- *(p++) = SSL2_MT_ERROR;
- s2n(SSL2_PE_NO_CERTIFICATE, p);
- s->init_off = 0;
- s->init_num = 3;
- /* Write is done at the end */
- }
- }
-
- if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
- return (ssl2_do_write(s));
- }
-
- if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
- EVP_MD_CTX ctx;
-
- /*
- * ok, now we calculate the checksum do it first so we can reuse buf
- * :-)
- */
- p = buf;
- EVP_MD_CTX_init(&ctx);
- EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
- EVP_SignUpdate(&ctx, s->s2->key_material, s->s2->key_material_length);
- EVP_SignUpdate(&ctx, cert_ch, (unsigned int)cert_ch_len);
- i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
- /*
- * Don't update the signature if it fails - FIXME: probably should
- * handle this better
- */
- if (i > 0)
- EVP_SignUpdate(&ctx, buf, (unsigned int)i);
-
- p = buf;
- d = p + 6;
- *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
- *(p++) = SSL2_CT_X509_CERTIFICATE;
- n = i2d_X509(s->cert->key->x509, &d);
- s2n(n, p);
-
- if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
- /*
- * this is not good. If things have failed it means there so
- * something wrong with the key. We will continue with a 0 length
- * signature
- */
- }
- EVP_MD_CTX_cleanup(&ctx);
- s2n(n, p);
- d += n;
-
- s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
- s->init_num = d - buf;
- s->init_off = 0;
- }
- /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
- return (ssl2_do_write(s));
-}
-
-static int get_server_verify(SSL *s)
-{
- unsigned char *p;
- int i, n, len;
-
- p = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
- i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
- if (i < (1 - s->init_num))
- return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
- s->init_num += i;
-
- s->state = SSL2_ST_GET_SERVER_VERIFY_B;
- if (*p != SSL2_MT_SERVER_VERIFY) {
- if (p[0] != SSL2_MT_ERROR) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_READ_WRONG_PACKET_TYPE);
- } else {
- SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
- /* try to read the error message */
- i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
- return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
- }
- return (-1);
- }
- }
-
- p = (unsigned char *)s->init_buf->data;
- len = 1 + s->s2->challenge_length;
- n = len - s->init_num;
- i = ssl2_read(s, (char *)&(p[s->init_num]), n);
- if (i < n)
- return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
- if (s->msg_callback) {
- /* SERVER-VERIFY */
- s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
- }
- p += 1;
-
- if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
- return (-1);
- }
- return (1);
-}
-
-static int get_server_finished(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p;
- int i, n, len;
-
- buf = (unsigned char *)s->init_buf->data;
- p = buf;
- if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
- i = ssl2_read(s, (char *)&(buf[s->init_num]), 1 - s->init_num);
- if (i < (1 - s->init_num))
- return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
- s->init_num += i;
-
- if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
- s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
- return (1);
- } else if (*p != SSL2_MT_SERVER_FINISHED) {
- if (p[0] != SSL2_MT_ERROR) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_FINISHED,
- SSL_R_READ_WRONG_PACKET_TYPE);
- } else {
- SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
- /* try to read the error message */
- i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
- return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
- }
- return (-1);
- }
- s->state = SSL2_ST_GET_SERVER_FINISHED_B;
- }
-
- len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
- n = len - s->init_num;
- i = ssl2_read(s, (char *)&(buf[s->init_num]), n);
- if (i < n) {
- /*
- * XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH,
- * that's the maximum
- */
- return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
- }
- s->init_num += i;
- if (s->msg_callback) {
- /* SERVER-FINISHED */
- s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
- s->msg_callback_arg);
- }
-
- if (!s->hit) { /* new session */
- /* new session-id */
- /*
- * Make sure we were not trying to re-use an old SSL_SESSION or bad
- * things can happen
- */
- /* ZZZZZZZZZZZZZ */
- s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
- } else {
- if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
- if ((s->session->session_id_length >
- sizeof s->session->session_id)
- || (0 !=
- memcmp(buf + 1, s->session->session_id,
- (unsigned int)s->session->session_id_length))) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_SERVER_FINISHED,
- SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
- return (-1);
- }
- }
- }
- s->state = SSL_ST_OK;
- return (1);
-}
-
-/* loads in the certificate from the server */
-int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
-{
- STACK_OF(X509) *sk = NULL;
- EVP_PKEY *pkey = NULL;
- SESS_CERT *sc = NULL;
- int i;
- X509 *x509 = NULL;
- int ret = 0;
-
- x509 = d2i_X509(NULL, &data, (long)len);
- if (x509 == NULL) {
- SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
- goto err;
- }
-
- if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
- SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- i = ssl_verify_cert_chain(s, sk);
-
- if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
- SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
- goto err;
- }
- ERR_clear_error(); /* but we keep s->verify_result */
- s->session->verify_result = s->verify_result;
-
- /* server's cert for this session */
- sc = ssl_sess_cert_new();
- if (sc == NULL) {
- ret = -1;
- goto err;
- }
- if (s->session->sess_cert)
- ssl_sess_cert_free(s->session->sess_cert);
- s->session->sess_cert = sc;
-
- sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
- sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
-
- pkey = X509_get_pubkey(x509);
- x509 = NULL;
- if (pkey == NULL) {
- SSLerr(SSL_F_SSL2_SET_CERTIFICATE,
- SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
- goto err;
- }
- if (pkey->type != EVP_PKEY_RSA) {
- SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
- goto err;
- }
-
- if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
- goto err;
- ret = 1;
- err:
- sk_X509_free(sk);
- X509_free(x509);
- EVP_PKEY_free(pkey);
- return (ret);
-}
-
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
- unsigned char *to, int padding)
-{
- EVP_PKEY *pkey = NULL;
- int i = -1;
-
- if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
- ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
- SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
- return (-1);
- }
- if (pkey->type != EVP_PKEY_RSA) {
- SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
- goto end;
- }
-
- /* we have the public key */
- i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
- if (i < 0)
- SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
- end:
- EVP_PKEY_free(pkey);
- return (i);
-}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s2_clnt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1094 @@
+/* ssl/s2_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/rand.h>
+# include <openssl/buffer.h>
+# include <openssl/objects.h>
+# include <openssl/evp.h>
+
+static const SSL_METHOD *ssl2_get_client_method(int ver);
+static int get_server_finished(SSL *s);
+static int get_server_verify(SSL *s);
+static int get_server_hello(SSL *s);
+static int client_hello(SSL *s);
+static int client_master_key(SSL *s);
+static int client_finished(SSL *s);
+static int client_certificate(SSL *s);
+static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
+ unsigned char *to, int padding);
+# define BREAK break
+
+static const SSL_METHOD *ssl2_get_client_method(int ver)
+{
+ if (ver == SSL2_VERSION)
+ return (SSLv2_client_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
+ ssl_undefined_function,
+ ssl2_connect, ssl2_get_client_method)
+
+int ssl2_connect(SSL *s)
+{
+ unsigned long l = (unsigned long)time(NULL);
+ BUF_MEM *buf = NULL;
+ int ret = -1;
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int new_state, state;
+
+ RAND_add(&l, sizeof(l), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ /* init things to blank */
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE | SSL_ST_CONNECT:
+ case SSL_ST_OK | SSL_ST_CONNECT:
+
+ s->server = 0;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ s->version = SSL2_VERSION;
+ s->type = SSL_ST_CONNECT;
+
+ buf = s->init_buf;
+ if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
+ ret = -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf, SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+ if (buf == s->init_buf)
+ buf = NULL;
+ ret = -1;
+ goto end;
+ }
+ s->init_buf = buf;
+ buf = NULL;
+ s->init_num = 0;
+ s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
+ s->ctx->stats.sess_connect++;
+ s->handshake_func = ssl2_connect;
+ BREAK;
+
+ case SSL2_ST_SEND_CLIENT_HELLO_A:
+ case SSL2_ST_SEND_CLIENT_HELLO_B:
+ s->shutdown = 0;
+ ret = client_hello(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_GET_SERVER_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_GET_SERVER_HELLO_A:
+ case SSL2_ST_GET_SERVER_HELLO_B:
+ ret = get_server_hello(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ if (!s->hit) { /* new session */
+ s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
+ BREAK;
+ } else {
+ s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
+ break;
+ }
+
+ case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
+ case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
+ ret = client_master_key(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
+ break;
+
+ case SSL2_ST_CLIENT_START_ENCRYPTION:
+ /*
+ * Ok, we now have all the stuff needed to start encrypting, so
+ * lets fire it up :-)
+ */
+ if (!ssl2_enc_init(s, 1)) {
+ ret = -1;
+ goto end;
+ }
+ s->s2->clear_text = 0;
+ s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
+ break;
+
+ case SSL2_ST_SEND_CLIENT_FINISHED_A:
+ case SSL2_ST_SEND_CLIENT_FINISHED_B:
+ ret = client_finished(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_GET_SERVER_VERIFY_A;
+ break;
+
+ case SSL2_ST_GET_SERVER_VERIFY_A:
+ case SSL2_ST_GET_SERVER_VERIFY_B:
+ ret = get_server_verify(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_GET_SERVER_FINISHED_A;
+ break;
+
+ case SSL2_ST_GET_SERVER_FINISHED_A:
+ case SSL2_ST_GET_SERVER_FINISHED_B:
+ ret = get_server_finished(s);
+ if (ret <= 0)
+ goto end;
+ break;
+
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
+ case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
+ ret = client_certificate(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_GET_SERVER_FINISHED_A;
+ break;
+
+ case SSL_ST_OK:
+ if (s->init_buf != NULL) {
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
+ }
+ s->init_num = 0;
+ /* ERR_clear_error(); */
+
+ /*
+ * If we want to cache session-ids in the client and we
+ * successfully add the session-id to the cache, and there is a
+ * callback, then pass it out. 26/11/96 - eay - only add if not a
+ * re-used session.
+ */
+
+ ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
+ if (s->hit)
+ s->ctx->stats.sess_hit++;
+
+ ret = 1;
+ /* s->server=0; */
+ s->ctx->stats.sess_connect_good++;
+
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+ goto end;
+ /* break; */
+ default:
+ SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
+ return (-1);
+ /* break; */
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_CONNECT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ end:
+ s->in_handshake--;
+ if (buf != NULL)
+ BUF_MEM_free(buf);
+ if (cb != NULL)
+ cb(s, SSL_CB_CONNECT_EXIT, ret);
+ return (ret);
+}
+
+static int get_server_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p;
+ int i, j;
+ unsigned long len;
+ STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
+
+ buf = (unsigned char *)s->init_buf->data;
+ p = buf;
+ if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
+ i = ssl2_read(s, (char *)&(buf[s->init_num]), 11 - s->init_num);
+ if (i < (11 - s->init_num))
+ return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
+ s->init_num = 11;
+
+ if (*(p++) != SSL2_MT_SERVER_HELLO) {
+ if (p[-1] != SSL2_MT_ERROR) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
+ } else
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_PEER_ERROR);
+ return (-1);
+ }
+# if 0
+ s->hit = (*(p++)) ? 1 : 0;
+ /*
+ * Some [PPC?] compilers fail to increment p in above statement, e.g.
+ * one provided with Rhapsody 5.5, but most recent example XL C 11.1
+ * for AIX, even without optimization flag...
+ */
+# else
+ s->hit = (*p) ? 1 : 0;
+ p++;
+# endif
+ s->s2->tmp.cert_type = *(p++);
+ n2s(p, i);
+ if (i < s->version)
+ s->version = i;
+ n2s(p, i);
+ s->s2->tmp.cert_length = i;
+ n2s(p, i);
+ s->s2->tmp.csl = i;
+ n2s(p, i);
+ s->s2->tmp.conn_id_length = i;
+ s->state = SSL2_ST_GET_SERVER_HELLO_B;
+ }
+
+ /* SSL2_ST_GET_SERVER_HELLO_B */
+ len =
+ 11 + (unsigned long)s->s2->tmp.cert_length +
+ (unsigned long)s->s2->tmp.csl +
+ (unsigned long)s->s2->tmp.conn_id_length;
+ if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
+ return -1;
+ }
+ j = (int)len - s->init_num;
+ i = ssl2_read(s, (char *)&(buf[s->init_num]), j);
+ if (i != j)
+ return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
+ if (s->msg_callback) {
+ /* SERVER-HELLO */
+ s->msg_callback(0, s->version, 0, buf, (size_t)len, s,
+ s->msg_callback_arg);
+ }
+
+ /* things are looking good */
+
+ p = buf + 11;
+ if (s->hit) {
+ if (s->s2->tmp.cert_length != 0) {
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
+ return (-1);
+ }
+ if (s->s2->tmp.cert_type != 0) {
+ if (!(s->options & SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
+ SSLerr(SSL_F_GET_SERVER_HELLO,
+ SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
+ return (-1);
+ }
+ }
+ if (s->s2->tmp.csl != 0) {
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
+ return (-1);
+ }
+ } else {
+# ifdef undef
+ /* very bad */
+ memset(s->session->session_id, 0,
+ SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
+ s->session->session_id_length = 0;
+ */
+# endif
+ /*
+ * we need to do this in case we were trying to reuse a client
+ * session but others are already reusing it. If this was a new
+ * 'blank' session ID, the session-id length will still be 0
+ */
+ if (s->session->session_id_length > 0) {
+ if (!ssl_get_new_session(s, 0)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ return (-1);
+ }
+ }
+
+ if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
+ s->s2->tmp.cert_length, p) <= 0) {
+ ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
+ return (-1);
+ }
+ p += s->s2->tmp.cert_length;
+
+ if (s->s2->tmp.csl == 0) {
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
+ return (-1);
+ }
+
+ /*
+ * We have just received a list of ciphers back from the server. We
+ * need to get the ones that match, then select the one we want the
+ * most :-).
+ */
+
+ /* load the ciphers */
+ sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
+ &s->session->ciphers);
+ p += s->s2->tmp.csl;
+ if (sk == NULL) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
+ return (-1);
+ }
+
+ (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
+
+ /* get the array of ciphers we will accept */
+ cl = SSL_get_ciphers(s);
+ (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
+
+ /*
+ * If server preference flag set, choose the first
+ * (highest priority) cipher the server sends, otherwise
+ * client preference has priority.
+ */
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+ prio = sk;
+ allow = cl;
+ } else {
+ prio = cl;
+ allow = sk;
+ }
+ /*
+ * In theory we could have ciphers sent back that we don't want to
+ * use but that does not matter since we will check against the list
+ * we originally sent and for performance reasons we should not
+ * bother to match the two lists up just to check.
+ */
+ for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
+ if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, i)) >= 0)
+ break;
+ }
+
+ if (i >= sk_SSL_CIPHER_num(prio)) {
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
+ return (-1);
+ }
+ s->session->cipher = sk_SSL_CIPHER_value(prio, i);
+
+ if (s->session->peer != NULL) { /* can't happen */
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ return (-1);
+ }
+
+ s->session->peer = s->session->sess_cert->peer_key->x509;
+ /* peer_key->x509 has been set by ssl2_set_certificate. */
+ CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
+ }
+
+ if (s->session->sess_cert == NULL
+ || s->session->peer != s->session->sess_cert->peer_key->x509)
+ /* can't happen */
+ {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ return (-1);
+ }
+
+ s->s2->conn_id_length = s->s2->tmp.conn_id_length;
+ if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
+ return -1;
+ }
+ memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
+ return (1);
+}
+
+static int client_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+/* CIPHER **cipher;*/
+ int i, n, j;
+
+ buf = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
+ if ((s->session == NULL) || (s->session->ssl_version != s->version)) {
+ if (!ssl_get_new_session(s, 0)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ return (-1);
+ }
+ }
+ /* else use the pre-loaded session */
+
+ p = buf; /* header */
+ d = p + 9; /* data section */
+ *(p++) = SSL2_MT_CLIENT_HELLO; /* type */
+ s2n(SSL2_VERSION, p); /* version */
+ n = j = 0;
+
+ n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
+ d += n;
+
+ if (n == 0) {
+ SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+ return (-1);
+ }
+
+ s2n(n, p); /* cipher spec num bytes */
+
+ if ((s->session->session_id_length > 0) &&
+ (s->session->session_id_length <=
+ SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
+ i = s->session->session_id_length;
+ s2n(i, p); /* session id length */
+ memcpy(d, s->session->session_id, (unsigned int)i);
+ d += i;
+ } else {
+ s2n(0, p);
+ }
+
+ s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
+ s2n(SSL2_CHALLENGE_LENGTH, p); /* challenge length */
+ /*
+ * challenge id data
+ */
+ if (RAND_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
+ return -1;
+ memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
+ d += SSL2_CHALLENGE_LENGTH;
+
+ s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
+ s->init_num = d - buf;
+ s->init_off = 0;
+ }
+ /* SSL2_ST_SEND_CLIENT_HELLO_B */
+ return (ssl2_do_write(s));
+}
+
+static int client_master_key(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int clear, enc, karg, i;
+ SSL_SESSION *sess;
+ const EVP_CIPHER *c;
+ const EVP_MD *md;
+
+ buf = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
+
+ if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,
+ SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return (-1);
+ }
+ sess = s->session;
+ p = buf;
+ d = p + 10;
+ *(p++) = SSL2_MT_CLIENT_MASTER_KEY; /* type */
+
+ i = ssl_put_cipher_by_char(s, sess->cipher, p);
+ p += i;
+
+ /* make key_arg data */
+ i = EVP_CIPHER_iv_length(c);
+ sess->key_arg_length = i;
+ if (i > SSL_MAX_KEY_ARG_LENGTH) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ if (i > 0)
+ if (RAND_bytes(sess->key_arg, i) <= 0)
+ return -1;
+
+ /* make a master key */
+ i = EVP_CIPHER_key_length(c);
+ sess->master_key_length = i;
+ if (i > 0) {
+ if (i > (int)sizeof(sess->master_key)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ if (RAND_bytes(sess->master_key, i) <= 0) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ return (-1);
+ }
+ }
+
+ if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ enc = 8;
+ else if (SSL_C_IS_EXPORT(sess->cipher))
+ enc = 5;
+ else
+ enc = i;
+
+ if ((int)i < enc) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
+ return (-1);
+ }
+ clear = i - enc;
+ s2n(clear, p);
+ memcpy(d, sess->master_key, (unsigned int)clear);
+ d += clear;
+
+ enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
+ &(sess->master_key[clear]), d,
+ (s->
+ s2->ssl2_rollback) ? RSA_SSLV23_PADDING
+ : RSA_PKCS1_PADDING);
+ if (enc <= 0) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
+ return (-1);
+ }
+# ifdef PKCS1_CHECK
+ if (s->options & SSL_OP_PKCS1_CHECK_1)
+ d[1]++;
+ if (s->options & SSL_OP_PKCS1_CHECK_2)
+ sess->master_key[clear]++;
+# endif
+ s2n(enc, p);
+ d += enc;
+ karg = sess->key_arg_length;
+ s2n(karg, p); /* key arg size */
+ if (karg > (int)sizeof(sess->key_arg)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ memcpy(d, sess->key_arg, (unsigned int)karg);
+ d += karg;
+
+ s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
+ s->init_num = d - buf;
+ s->init_off = 0;
+ }
+
+ /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
+ return (ssl2_do_write(s));
+}
+
+static int client_finished(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
+ p = (unsigned char *)s->init_buf->data;
+ *(p++) = SSL2_MT_CLIENT_FINISHED;
+ if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+ SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ memcpy(p, s->s2->conn_id, (unsigned int)s->s2->conn_id_length);
+
+ s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
+ s->init_num = s->s2->conn_id_length + 1;
+ s->init_off = 0;
+ }
+ return (ssl2_do_write(s));
+}
+
+/* read the data and then respond */
+static int client_certificate(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int i;
+ unsigned int n;
+ int cert_ch_len;
+ unsigned char *cert_ch;
+
+ buf = (unsigned char *)s->init_buf->data;
+
+ /*
+ * We have a cert associated with the SSL, so attach it to the session if
+ * it does not have one
+ */
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
+ i = ssl2_read(s, (char *)&(buf[s->init_num]),
+ SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
+ if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
+ return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
+ s->init_num += i;
+ if (s->msg_callback) {
+ /* REQUEST-CERTIFICATE */
+ s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
+ s->msg_callback_arg);
+ }
+
+ /* type=buf[0]; */
+ /* type eq x509 */
+ if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
+ ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+ SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
+ return (-1);
+ }
+
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL)) {
+ s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
+ } else
+ s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+ }
+
+ cert_ch = buf + 2;
+ cert_ch_len = s->init_num - 2;
+
+ if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
+ X509 *x509 = NULL;
+ EVP_PKEY *pkey = NULL;
+
+ /*
+ * If we get an error we need to ssl->rwstate=SSL_X509_LOOKUP;
+ * return(error); We should then be retried when things are ok and we
+ * can get a cert or not
+ */
+
+ i = 0;
+ if (s->ctx->client_cert_cb != NULL) {
+ i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
+ }
+
+ if (i < 0) {
+ s->rwstate = SSL_X509_LOOKUP;
+ return (-1);
+ }
+ s->rwstate = SSL_NOTHING;
+
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
+ s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+ if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey)) {
+ i = 0;
+ }
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
+ } else if (i == 1) {
+ if (x509 != NULL)
+ X509_free(x509);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ SSLerr(SSL_F_CLIENT_CERTIFICATE,
+ SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ i = 0;
+ }
+
+ if (i == 0) {
+ /*
+ * We have no client certificate to respond with so send the
+ * correct error message back
+ */
+ s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
+ p = buf;
+ *(p++) = SSL2_MT_ERROR;
+ s2n(SSL2_PE_NO_CERTIFICATE, p);
+ s->init_off = 0;
+ s->init_num = 3;
+ /* Write is done at the end */
+ }
+ }
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
+ return (ssl2_do_write(s));
+ }
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
+ EVP_MD_CTX ctx;
+
+ /*
+ * ok, now we calculate the checksum do it first so we can reuse buf
+ * :-)
+ */
+ p = buf;
+ EVP_MD_CTX_init(&ctx);
+ EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
+ EVP_SignUpdate(&ctx, s->s2->key_material, s->s2->key_material_length);
+ EVP_SignUpdate(&ctx, cert_ch, (unsigned int)cert_ch_len);
+ i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
+ /*
+ * Don't update the signature if it fails - FIXME: probably should
+ * handle this better
+ */
+ if (i > 0)
+ EVP_SignUpdate(&ctx, buf, (unsigned int)i);
+
+ p = buf;
+ d = p + 6;
+ *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
+ *(p++) = SSL2_CT_X509_CERTIFICATE;
+ n = i2d_X509(s->cert->key->x509, &d);
+ s2n(n, p);
+
+ if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
+ /*
+ * this is not good. If things have failed it means there so
+ * something wrong with the key. We will continue with a 0 length
+ * signature
+ */
+ }
+ EVP_MD_CTX_cleanup(&ctx);
+ s2n(n, p);
+ d += n;
+
+ s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
+ s->init_num = d - buf;
+ s->init_off = 0;
+ }
+ /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
+ return (ssl2_do_write(s));
+}
+
+static int get_server_verify(SSL *s)
+{
+ unsigned char *p;
+ int i, n, len;
+
+ p = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
+ if (i < (1 - s->init_num))
+ return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
+ s->init_num += i;
+
+ s->state = SSL2_ST_GET_SERVER_VERIFY_B;
+ if (*p != SSL2_MT_SERVER_VERIFY) {
+ if (p[0] != SSL2_MT_ERROR) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_READ_WRONG_PACKET_TYPE);
+ } else {
+ SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
+ /* try to read the error message */
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
+ return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
+ }
+ return (-1);
+ }
+ }
+
+ p = (unsigned char *)s->init_buf->data;
+ len = 1 + s->s2->challenge_length;
+ n = len - s->init_num;
+ i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+ if (i < n)
+ return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
+ if (s->msg_callback) {
+ /* SERVER-VERIFY */
+ s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
+ }
+ p += 1;
+
+ if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
+ return (-1);
+ }
+ return (1);
+}
+
+static int get_server_finished(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p;
+ int i, n, len;
+
+ buf = (unsigned char *)s->init_buf->data;
+ p = buf;
+ if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
+ i = ssl2_read(s, (char *)&(buf[s->init_num]), 1 - s->init_num);
+ if (i < (1 - s->init_num))
+ return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
+ s->init_num += i;
+
+ if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
+ s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
+ return (1);
+ } else if (*p != SSL2_MT_SERVER_FINISHED) {
+ if (p[0] != SSL2_MT_ERROR) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_FINISHED,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ } else {
+ SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
+ /* try to read the error message */
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
+ return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
+ }
+ return (-1);
+ }
+ s->state = SSL2_ST_GET_SERVER_FINISHED_B;
+ }
+
+ len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
+ n = len - s->init_num;
+ i = ssl2_read(s, (char *)&(buf[s->init_num]), n);
+ if (i < n) {
+ /*
+ * XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH,
+ * that's the maximum
+ */
+ return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
+ }
+ s->init_num += i;
+ if (s->msg_callback) {
+ /* SERVER-FINISHED */
+ s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
+ s->msg_callback_arg);
+ }
+
+ if (!s->hit) { /* new session */
+ /* new session-id */
+ /*
+ * Make sure we were not trying to re-use an old SSL_SESSION or bad
+ * things can happen
+ */
+ /* ZZZZZZZZZZZZZ */
+ s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+ memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
+ } else {
+ if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
+ if ((s->session->session_id_length >
+ sizeof s->session->session_id)
+ || (0 !=
+ memcmp(buf + 1, s->session->session_id,
+ (unsigned int)s->session->session_id_length))) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_FINISHED,
+ SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
+ return (-1);
+ }
+ }
+ }
+ s->state = SSL_ST_OK;
+ return (1);
+}
+
+/* loads in the certificate from the server */
+int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
+{
+ STACK_OF(X509) *sk = NULL;
+ EVP_PKEY *pkey = NULL;
+ SESS_CERT *sc = NULL;
+ int i;
+ X509 *x509 = NULL;
+ int ret = 0;
+
+ x509 = d2i_X509(NULL, &data, (long)len);
+ if (x509 == NULL) {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
+ goto err;
+ }
+
+ if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ i = ssl_verify_cert_chain(s, sk);
+
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
+ goto err;
+ }
+ ERR_clear_error(); /* but we keep s->verify_result */
+ s->session->verify_result = s->verify_result;
+
+ /* server's cert for this session */
+ sc = ssl_sess_cert_new();
+ if (sc == NULL) {
+ ret = -1;
+ goto err;
+ }
+ if (s->session->sess_cert)
+ ssl_sess_cert_free(s->session->sess_cert);
+ s->session->sess_cert = sc;
+
+ sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
+ sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
+
+ pkey = X509_get_pubkey(x509);
+ x509 = NULL;
+ if (pkey == NULL) {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,
+ SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
+ goto err;
+ }
+ if (pkey->type != EVP_PKEY_RSA) {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
+ goto err;
+ }
+
+ if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
+ goto err;
+ ret = 1;
+ err:
+ sk_X509_free(sk);
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
+ return (ret);
+}
+
+static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
+ unsigned char *to, int padding)
+{
+ EVP_PKEY *pkey = NULL;
+ int i = -1;
+
+ if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
+ ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
+ return (-1);
+ }
+ if (pkey->type != EVP_PKEY_RSA) {
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+ goto end;
+ }
+
+ /* we have the public key */
+ i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
+ if (i < 0)
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
+ end:
+ EVP_PKEY_free(pkey);
+ return (i);
+}
+#else /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s2_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,567 +0,0 @@
-/* ssl/s2_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <openssl/objects.h>
-# include <openssl/evp.h>
-# include <openssl/md5.h>
-
-const char ssl2_version_str[] = "SSLv2" OPENSSL_VERSION_PTEXT;
-
-# define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
-
-/* list of available SSLv2 ciphers (sorted by id) */
-OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
-# if 0
-/* NULL_WITH_MD5 v3 */
- {
- 1,
- SSL2_TXT_NULL_WITH_MD5,
- SSL2_CK_NULL_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_MD5,
- SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE,
- 0,
- 0,
- 0,
- },
-# endif
-
-/* RC4_128_WITH_MD5 */
- {
- 1,
- SSL2_TXT_RC4_128_WITH_MD5,
- SSL2_CK_RC4_128_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
- 0,
- 128,
- 128,
- },
-
-/* RC4_128_EXPORT40_WITH_MD5 */
- {
- 1,
- SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
- SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
- SSL2_CF_5_BYTE_ENC,
- 40,
- 128,
- },
-
-/* RC2_128_CBC_WITH_MD5 */
- {
- 1,
- SSL2_TXT_RC2_128_CBC_WITH_MD5,
- SSL2_CK_RC2_128_CBC_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC2,
- SSL_MD5,
- SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
- 0,
- 128,
- 128,
- },
-
-/* RC2_128_CBC_EXPORT40_WITH_MD5 */
- {
- 1,
- SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
- SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC2,
- SSL_MD5,
- SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
- SSL2_CF_5_BYTE_ENC,
- 40,
- 128,
- },
-
-# ifndef OPENSSL_NO_IDEA
-/* IDEA_128_CBC_WITH_MD5 */
- {
- 1,
- SSL2_TXT_IDEA_128_CBC_WITH_MD5,
- SSL2_CK_IDEA_128_CBC_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_IDEA,
- SSL_MD5,
- SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
- 0,
- 128,
- 128,
- },
-# endif
-
-/* DES_64_CBC_WITH_MD5 */
- {
- 1,
- SSL2_TXT_DES_64_CBC_WITH_MD5,
- SSL2_CK_DES_64_CBC_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_DES,
- SSL_MD5,
- SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
- 0,
- 56,
- 56,
- },
-
-/* DES_192_EDE3_CBC_WITH_MD5 */
- {
- 1,
- SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
- SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_3DES,
- SSL_MD5,
- SSL_SSLV2,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
- 112,
- 168,
- },
-
-# if 0
-/* RC4_64_WITH_MD5 */
- {
- 1,
- SSL2_TXT_RC4_64_WITH_MD5,
- SSL2_CK_RC4_64_WITH_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
- SSL2_CF_8_BYTE_ENC,
- 64,
- 64,
- },
-# endif
-
-# if 0
-/* NULL SSLeay (testing) */
- {
- 0,
- SSL2_TXT_NULL,
- SSL2_CK_NULL,
- 0,
- 0,
- 0,
- 0,
- SSL_SSLV2,
- SSL_STRONG_NONE,
- 0,
- 0,
- 0,
- },
-# endif
-
-/* end of list :-) */
-};
-
-long ssl2_default_timeout(void)
-{
- return (300);
-}
-
-int ssl2_num_ciphers(void)
-{
- return (SSL2_NUM_CIPHERS);
-}
-
-const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
-{
- if (u < SSL2_NUM_CIPHERS)
- return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
- else
- return (NULL);
-}
-
-int ssl2_pending(const SSL *s)
-{
- return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
-}
-
-int ssl2_new(SSL *s)
-{
- SSL2_STATE *s2;
-
- if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
- goto err;
- memset(s2, 0, sizeof *s2);
-
-# if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
-# error "assertion failed"
-# endif
-
- if ((s2->rbuf =
- OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
- goto err;
- /*
- * wbuf needs one byte more because when using two-byte headers, we leave
- * the first byte unused in do_ssl_write (s2_pkt.c)
- */
- if ((s2->wbuf =
- OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
- goto err;
- s->s2 = s2;
-
- ssl2_clear(s);
- return (1);
- err:
- if (s2 != NULL) {
- if (s2->wbuf != NULL)
- OPENSSL_free(s2->wbuf);
- if (s2->rbuf != NULL)
- OPENSSL_free(s2->rbuf);
- OPENSSL_free(s2);
- }
- return (0);
-}
-
-void ssl2_free(SSL *s)
-{
- SSL2_STATE *s2;
-
- if (s == NULL)
- return;
-
- s2 = s->s2;
- if (s2->rbuf != NULL)
- OPENSSL_free(s2->rbuf);
- if (s2->wbuf != NULL)
- OPENSSL_free(s2->wbuf);
- OPENSSL_cleanse(s2, sizeof *s2);
- OPENSSL_free(s2);
- s->s2 = NULL;
-}
-
-void ssl2_clear(SSL *s)
-{
- SSL2_STATE *s2;
- unsigned char *rbuf, *wbuf;
-
- s2 = s->s2;
-
- rbuf = s2->rbuf;
- wbuf = s2->wbuf;
-
- memset(s2, 0, sizeof *s2);
-
- s2->rbuf = rbuf;
- s2->wbuf = wbuf;
- s2->clear_text = 1;
- s->packet = s2->rbuf;
- s->version = SSL2_VERSION;
- s->packet_length = 0;
-}
-
-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
- int ret = 0;
-
- switch (cmd) {
- case SSL_CTRL_GET_SESSION_REUSED:
- ret = s->hit;
- break;
- case SSL_CTRL_CHECK_PROTO_VERSION:
- return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
- default:
- break;
- }
- return (ret);
-}
-
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
-{
- return (0);
-}
-
-long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
- return (0);
-}
-
-long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
-{
- return (0);
-}
-
-/*
- * This function needs to check if the ciphers required are actually
- * available
- */
-const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
-{
- SSL_CIPHER c;
- const SSL_CIPHER *cp;
- unsigned long id;
-
- id = 0x02000000L | ((unsigned long)p[0] << 16L) |
- ((unsigned long)p[1] << 8L) | (unsigned long)p[2];
- c.id = id;
- cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
- if ((cp == NULL) || (cp->valid == 0))
- return NULL;
- else
- return cp;
-}
-
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
- long l;
-
- if (p != NULL) {
- l = c->id;
- if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV)
- return (0);
- p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
- p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
- p[2] = ((unsigned char)(l)) & 0xFF;
- }
- return (3);
-}
-
-int ssl2_generate_key_material(SSL *s)
-{
- unsigned int i;
- EVP_MD_CTX ctx;
- unsigned char *km;
- unsigned char c = '0';
- const EVP_MD *md5;
- int md_size;
-
- md5 = EVP_md5();
-
-# ifdef CHARSET_EBCDIC
- c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', see
- * SSLv2 docu */
-# endif
- EVP_MD_CTX_init(&ctx);
- km = s->s2->key_material;
-
- if (s->session->master_key_length < 0 ||
- s->session->master_key_length > (int)sizeof(s->session->master_key)) {
- SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- md_size = EVP_MD_size(md5);
- if (md_size < 0)
- return 0;
- for (i = 0; i < s->s2->key_material_length; i += md_size) {
- if (((km - s->s2->key_material) + md_size) >
- (int)sizeof(s->s2->key_material)) {
- /*
- * EVP_DigestFinal_ex() below would write beyond buffer
- */
- SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
- return 0;
- }
-
- EVP_DigestInit_ex(&ctx, md5, NULL);
-
- OPENSSL_assert(s->session->master_key_length >= 0
- && s->session->master_key_length
- <= (int)sizeof(s->session->master_key));
- EVP_DigestUpdate(&ctx, s->session->master_key,
- s->session->master_key_length);
- EVP_DigestUpdate(&ctx, &c, 1);
- c++;
- EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
- EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
- EVP_DigestFinal_ex(&ctx, km, NULL);
- km += md_size;
- }
-
- EVP_MD_CTX_cleanup(&ctx);
- return 1;
-}
-
-void ssl2_return_error(SSL *s, int err)
-{
- if (!s->error) {
- s->error = 3;
- s->error_code = err;
-
- ssl2_write_error(s);
- }
-}
-
-void ssl2_write_error(SSL *s)
-{
- unsigned char buf[3];
- int i, error;
-
- buf[0] = SSL2_MT_ERROR;
- buf[1] = (s->error_code >> 8) & 0xff;
- buf[2] = (s->error_code) & 0xff;
-
-/* state=s->rwstate;*/
-
- error = s->error; /* number of bytes left to write */
- s->error = 0;
- OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
- i = ssl2_write(s, &(buf[3 - error]), error);
-
-/* if (i == error) s->rwstate=state; */
-
- if (i < 0)
- s->error = error;
- else {
- s->error = error - i;
-
- if (s->error == 0)
- if (s->msg_callback) {
- /* ERROR */
- s->msg_callback(1, s->version, 0, buf, 3, s,
- s->msg_callback_arg);
- }
- }
-}
-
-int ssl2_shutdown(SSL *s)
-{
- s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
- return (1);
-}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s2_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,573 @@
+/* ssl/s2_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/objects.h>
+# include <openssl/evp.h>
+# include <openssl/md5.h>
+
+const char ssl2_version_str[] = "SSLv2" OPENSSL_VERSION_PTEXT;
+
+# define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
+
+/* list of available SSLv2 ciphers (sorted by id) */
+OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
+# if 0
+/* NULL_WITH_MD5 v3 */
+ {
+ 1,
+ SSL2_TXT_NULL_WITH_MD5,
+ SSL2_CK_NULL_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE,
+ 0,
+ 0,
+ 0,
+ },
+# endif
+
+/* RC4_128_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_128_WITH_MD5,
+ SSL2_CK_RC4_128_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+# if 0
+/* RC4_128_EXPORT40_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
+ SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL2_CF_5_BYTE_ENC,
+ 40,
+ 128,
+ },
+# endif
+
+/* RC2_128_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC2_128_CBC_WITH_MD5,
+ SSL2_CK_RC2_128_CBC_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+# if 0
+/* RC2_128_CBC_EXPORT40_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
+ SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL2_CF_5_BYTE_ENC,
+ 40,
+ 128,
+ },
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+/* IDEA_128_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_IDEA_128_CBC_WITH_MD5,
+ SSL2_CK_IDEA_128_CBC_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_IDEA,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+# endif
+
+# if 0
+/* DES_64_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_DES_64_CBC_WITH_MD5,
+ SSL2_CK_DES_64_CBC_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ 0,
+ 56,
+ 56,
+ },
+# endif
+
+/* DES_192_EDE3_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
+ SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
+ 0,
+ 112,
+ 168,
+ },
+
+# if 0
+/* RC4_64_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_64_WITH_MD5,
+ SSL2_CK_RC4_64_WITH_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL2_CF_8_BYTE_ENC,
+ 64,
+ 64,
+ },
+# endif
+
+# if 0
+/* NULL SSLeay (testing) */
+ {
+ 0,
+ SSL2_TXT_NULL,
+ SSL2_CK_NULL,
+ 0,
+ 0,
+ 0,
+ 0,
+ SSL_SSLV2,
+ SSL_STRONG_NONE,
+ 0,
+ 0,
+ 0,
+ },
+# endif
+
+/* end of list :-) */
+};
+
+long ssl2_default_timeout(void)
+{
+ return (300);
+}
+
+int ssl2_num_ciphers(void)
+{
+ return (SSL2_NUM_CIPHERS);
+}
+
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
+{
+ if (u < SSL2_NUM_CIPHERS)
+ return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
+ else
+ return (NULL);
+}
+
+int ssl2_pending(const SSL *s)
+{
+ return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
+}
+
+int ssl2_new(SSL *s)
+{
+ SSL2_STATE *s2;
+
+ if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
+ goto err;
+ memset(s2, 0, sizeof *s2);
+
+# if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
+# error "assertion failed"
+# endif
+
+ if ((s2->rbuf =
+ OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
+ goto err;
+ /*
+ * wbuf needs one byte more because when using two-byte headers, we leave
+ * the first byte unused in do_ssl_write (s2_pkt.c)
+ */
+ if ((s2->wbuf =
+ OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
+ goto err;
+ s->s2 = s2;
+
+ ssl2_clear(s);
+ return (1);
+ err:
+ if (s2 != NULL) {
+ if (s2->wbuf != NULL)
+ OPENSSL_free(s2->wbuf);
+ if (s2->rbuf != NULL)
+ OPENSSL_free(s2->rbuf);
+ OPENSSL_free(s2);
+ }
+ return (0);
+}
+
+void ssl2_free(SSL *s)
+{
+ SSL2_STATE *s2;
+
+ if (s == NULL)
+ return;
+
+ s2 = s->s2;
+ if (s2->rbuf != NULL)
+ OPENSSL_free(s2->rbuf);
+ if (s2->wbuf != NULL)
+ OPENSSL_free(s2->wbuf);
+ OPENSSL_cleanse(s2, sizeof *s2);
+ OPENSSL_free(s2);
+ s->s2 = NULL;
+}
+
+void ssl2_clear(SSL *s)
+{
+ SSL2_STATE *s2;
+ unsigned char *rbuf, *wbuf;
+
+ s2 = s->s2;
+
+ rbuf = s2->rbuf;
+ wbuf = s2->wbuf;
+
+ memset(s2, 0, sizeof *s2);
+
+ s2->rbuf = rbuf;
+ s2->wbuf = wbuf;
+ s2->clear_text = 1;
+ s->packet = s2->rbuf;
+ s->version = SSL2_VERSION;
+ s->packet_length = 0;
+}
+
+long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+ int ret = 0;
+
+ switch (cmd) {
+ case SSL_CTRL_GET_SESSION_REUSED:
+ ret = s->hit;
+ break;
+ case SSL_CTRL_CHECK_PROTO_VERSION:
+ return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
+ default:
+ break;
+ }
+ return (ret);
+}
+
+long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+{
+ return (0);
+}
+
+long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
+ return (0);
+}
+
+long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+{
+ return (0);
+}
+
+/*
+ * This function needs to check if the ciphers required are actually
+ * available
+ */
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
+{
+ SSL_CIPHER c;
+ const SSL_CIPHER *cp;
+ unsigned long id;
+
+ id = 0x02000000L | ((unsigned long)p[0] << 16L) |
+ ((unsigned long)p[1] << 8L) | (unsigned long)p[2];
+ c.id = id;
+ cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
+ if ((cp == NULL) || (cp->valid == 0))
+ return NULL;
+ else
+ return cp;
+}
+
+int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+{
+ long l;
+
+ if (p != NULL) {
+ l = c->id;
+ if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV)
+ return (0);
+ p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
+ p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
+ p[2] = ((unsigned char)(l)) & 0xFF;
+ }
+ return (3);
+}
+
+int ssl2_generate_key_material(SSL *s)
+{
+ unsigned int i;
+ EVP_MD_CTX ctx;
+ unsigned char *km;
+ unsigned char c = '0';
+ const EVP_MD *md5;
+ int md_size;
+
+ md5 = EVP_md5();
+
+# ifdef CHARSET_EBCDIC
+ c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', see
+ * SSLv2 docu */
+# endif
+ EVP_MD_CTX_init(&ctx);
+ km = s->s2->key_material;
+
+ if (s->session->master_key_length < 0 ||
+ s->session->master_key_length > (int)sizeof(s->session->master_key)) {
+ SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ md_size = EVP_MD_size(md5);
+ if (md_size < 0)
+ return 0;
+ for (i = 0; i < s->s2->key_material_length; i += md_size) {
+ if (((km - s->s2->key_material) + md_size) >
+ (int)sizeof(s->s2->key_material)) {
+ /*
+ * EVP_DigestFinal_ex() below would write beyond buffer
+ */
+ SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
+ EVP_DigestInit_ex(&ctx, md5, NULL);
+
+ OPENSSL_assert(s->session->master_key_length >= 0
+ && s->session->master_key_length
+ <= (int)sizeof(s->session->master_key));
+ EVP_DigestUpdate(&ctx, s->session->master_key,
+ s->session->master_key_length);
+ EVP_DigestUpdate(&ctx, &c, 1);
+ c++;
+ EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
+ EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
+ EVP_DigestFinal_ex(&ctx, km, NULL);
+ km += md_size;
+ }
+
+ EVP_MD_CTX_cleanup(&ctx);
+ return 1;
+}
+
+void ssl2_return_error(SSL *s, int err)
+{
+ if (!s->error) {
+ s->error = 3;
+ s->error_code = err;
+
+ ssl2_write_error(s);
+ }
+}
+
+void ssl2_write_error(SSL *s)
+{
+ unsigned char buf[3];
+ int i, error;
+
+ buf[0] = SSL2_MT_ERROR;
+ buf[1] = (s->error_code >> 8) & 0xff;
+ buf[2] = (s->error_code) & 0xff;
+
+/* state=s->rwstate;*/
+
+ error = s->error; /* number of bytes left to write */
+ s->error = 0;
+ OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
+ i = ssl2_write(s, &(buf[3 - error]), error);
+
+/* if (i == error) s->rwstate=state; */
+
+ if (i < 0)
+ s->error = error;
+ else {
+ s->error = error - i;
+
+ if (s->error == 0)
+ if (s->msg_callback) {
+ /* ERROR */
+ s->msg_callback(1, s->version, 0, buf, 3, s,
+ s->msg_callback_arg);
+ }
+ }
+}
+
+int ssl2_shutdown(SSL *s)
+{
+ s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ return (1);
+}
+#else /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s2_meth.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,81 +0,0 @@
-/* ssl/s2_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <openssl/objects.h>
-
-static const SSL_METHOD *ssl2_get_method(int ver);
-static const SSL_METHOD *ssl2_get_method(int ver)
-{
- if (ver == SSL2_VERSION)
- return (SSLv2_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_ssl2_meth_func(SSLv2_method,
- ssl2_accept, ssl2_connect, ssl2_get_method)
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s2_meth.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_meth.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,91 @@
+/* ssl/s2_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2_METHOD
+# ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/objects.h>
+
+static const SSL_METHOD *ssl2_get_method(int ver);
+static const SSL_METHOD *ssl2_get_method(int ver)
+{
+ if (ver == SSL2_VERSION)
+ return (SSLv2_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_ssl2_meth_func(SSLv2_method,
+ ssl2_accept, ssl2_connect, ssl2_get_method)
+
+# else /* !OPENSSL_NO_SSL2 */
+
+const SSL_METHOD *SSLv2_method(void) { return NULL; }
+const SSL_METHOD *SSLv2_client_method(void) { return NULL; }
+const SSL_METHOD *SSLv2_server_method(void) { return NULL; }
+
+# endif
+
+#else /* !OPENSSL_NO_SSL2_METHOD */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s2_srvr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1155 +0,0 @@
-/* ssl/s2_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include "../crypto/constant_time_locl.h"
-# include <stdio.h>
-# include <openssl/bio.h>
-# include <openssl/rand.h>
-# include <openssl/objects.h>
-# include <openssl/evp.h>
-
-static const SSL_METHOD *ssl2_get_server_method(int ver);
-static int get_client_master_key(SSL *s);
-static int get_client_hello(SSL *s);
-static int server_hello(SSL *s);
-static int get_client_finished(SSL *s);
-static int server_verify(SSL *s);
-static int server_finish(SSL *s);
-static int request_certificate(SSL *s);
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
- unsigned char *to, int padding);
-# define BREAK break
-
-static const SSL_METHOD *ssl2_get_server_method(int ver)
-{
- if (ver == SSL2_VERSION)
- return (SSLv2_server_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
- ssl2_accept,
- ssl_undefined_function, ssl2_get_server_method)
-
-int ssl2_accept(SSL *s)
-{
- unsigned long l = (unsigned long)time(NULL);
- BUF_MEM *buf = NULL;
- int ret = -1;
- long num1;
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int new_state, state;
-
- RAND_add(&l, sizeof(l), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- /* init things to blank */
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
- if (s->cert == NULL) {
- SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
- return (-1);
- }
-
- clear_sys_error();
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_BEFORE:
- case SSL_ST_ACCEPT:
- case SSL_ST_BEFORE | SSL_ST_ACCEPT:
- case SSL_ST_OK | SSL_ST_ACCEPT:
-
- s->server = 1;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- s->version = SSL2_VERSION;
- s->type = SSL_ST_ACCEPT;
-
- if (s->init_buf == NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- ret = -1;
- goto end;
- }
- if (!BUF_MEM_grow
- (buf, (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
- BUF_MEM_free(buf);
- ret = -1;
- goto end;
- }
- s->init_buf = buf;
- }
- s->init_num = 0;
- s->ctx->stats.sess_accept++;
- s->handshake_func = ssl2_accept;
- s->state = SSL2_ST_GET_CLIENT_HELLO_A;
- BREAK;
-
- case SSL2_ST_GET_CLIENT_HELLO_A:
- case SSL2_ST_GET_CLIENT_HELLO_B:
- case SSL2_ST_GET_CLIENT_HELLO_C:
- s->shutdown = 0;
- ret = get_client_hello(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_SEND_SERVER_HELLO_A;
- BREAK;
-
- case SSL2_ST_SEND_SERVER_HELLO_A:
- case SSL2_ST_SEND_SERVER_HELLO_B:
- ret = server_hello(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- if (!s->hit) {
- s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
- BREAK;
- } else {
- s->state = SSL2_ST_SERVER_START_ENCRYPTION;
- BREAK;
- }
- case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
- case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
- ret = get_client_master_key(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_SERVER_START_ENCRYPTION;
- BREAK;
-
- case SSL2_ST_SERVER_START_ENCRYPTION:
- /*
- * Ok we how have sent all the stuff needed to start encrypting,
- * the next packet back will be encrypted.
- */
- if (!ssl2_enc_init(s, 0)) {
- ret = -1;
- goto end;
- }
- s->s2->clear_text = 0;
- s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
- BREAK;
-
- case SSL2_ST_SEND_SERVER_VERIFY_A:
- case SSL2_ST_SEND_SERVER_VERIFY_B:
- ret = server_verify(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- if (s->hit) {
- /*
- * If we are in here, we have been buffering the output, so
- * we need to flush it and remove buffering from future
- * traffic
- */
- s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
- BREAK;
- } else {
- s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
- break;
- }
-
- case SSL2_ST_SEND_SERVER_VERIFY_C:
- /* get the number of bytes to write */
- num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
- if (num1 > 0) {
- s->rwstate = SSL_WRITING;
- num1 = BIO_flush(s->wbio);
- if (num1 <= 0) {
- ret = -1;
- goto end;
- }
- s->rwstate = SSL_NOTHING;
- }
-
- /* flushed and now remove buffering */
- s->wbio = BIO_pop(s->wbio);
-
- s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
- BREAK;
-
- case SSL2_ST_GET_CLIENT_FINISHED_A:
- case SSL2_ST_GET_CLIENT_FINISHED_B:
- ret = get_client_finished(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
- BREAK;
-
- case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
- case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
- case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
- case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
- /*
- * don't do a 'request certificate' if we don't want to, or we
- * already have one, and we only want to do it once.
- */
- if (!(s->verify_mode & SSL_VERIFY_PEER) ||
- ((s->session->peer != NULL) &&
- (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
- s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
- break;
- } else {
- ret = request_certificate(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
- }
- BREAK;
-
- case SSL2_ST_SEND_SERVER_FINISHED_A:
- case SSL2_ST_SEND_SERVER_FINISHED_B:
- ret = server_finish(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL_ST_OK;
- break;
-
- case SSL_ST_OK:
- BUF_MEM_free(s->init_buf);
- ssl_free_wbio_buffer(s);
- s->init_buf = NULL;
- s->init_num = 0;
- /* ERR_clear_error(); */
-
- ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
- s->ctx->stats.sess_accept_good++;
- /* s->server=1; */
- ret = 1;
-
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
- goto end;
- /* BREAK; */
-
- default:
- SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
- ret = -1;
- goto end;
- /* BREAK; */
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_ACCEPT_LOOP, 1);
- s->state = new_state;
- }
- }
- end:
- s->in_handshake--;
- if (cb != NULL)
- cb(s, SSL_CB_ACCEPT_EXIT, ret);
- return (ret);
-}
-
-static int get_client_master_key(SSL *s)
-{
- int is_export, i, n, keya;
- unsigned int num_encrypted_key_bytes, key_length;
- unsigned long len;
- unsigned char *p;
- const SSL_CIPHER *cp;
- const EVP_CIPHER *c;
- const EVP_MD *md;
- unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
- unsigned char decrypt_good;
- size_t j;
-
- p = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
- i = ssl2_read(s, (char *)&(p[s->init_num]), 10 - s->init_num);
-
- if (i < (10 - s->init_num))
- return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
- s->init_num = 10;
-
- if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
- if (p[-1] != SSL2_MT_ERROR) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
- SSL_R_READ_WRONG_PACKET_TYPE);
- } else
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
- return (-1);
- }
-
- cp = ssl2_get_cipher_by_char(p);
- if (cp == NULL) {
- ssl2_return_error(s, SSL2_PE_NO_CIPHER);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
- return (-1);
- }
- s->session->cipher = cp;
-
- p += 3;
- n2s(p, i);
- s->s2->tmp.clear = i;
- n2s(p, i);
- s->s2->tmp.enc = i;
- n2s(p, i);
- if (i > SSL_MAX_KEY_ARG_LENGTH) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
- return -1;
- }
- s->session->key_arg_length = i;
- s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
- }
-
- /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
- p = (unsigned char *)s->init_buf->data;
- if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- keya = s->session->key_arg_length;
- len =
- 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc +
- (unsigned long)keya;
- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
- return -1;
- }
- n = (int)len - s->init_num;
- i = ssl2_read(s, (char *)&(p[s->init_num]), n);
- if (i != n)
- return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
- if (s->msg_callback) {
- /* CLIENT-MASTER-KEY */
- s->msg_callback(0, s->version, 0, p, (size_t)len, s,
- s->msg_callback_arg);
- }
- p += 10;
-
- memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
- (unsigned int)keya);
-
- if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
- return (-1);
- }
-
- is_export = SSL_C_IS_EXPORT(s->session->cipher);
-
- if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
- ssl2_return_error(s, SSL2_PE_NO_CIPHER);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
- SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
- return (0);
- }
-
- /*
- * The format of the CLIENT-MASTER-KEY message is
- * 1 byte message type
- * 3 bytes cipher
- * 2-byte clear key length (stored in s->s2->tmp.clear)
- * 2-byte encrypted key length (stored in s->s2->tmp.enc)
- * 2-byte key args length (IV etc)
- * clear key
- * encrypted key
- * key args
- *
- * If the cipher is an export cipher, then the encrypted key bytes
- * are a fixed portion of the total key (5 or 8 bytes). The size of
- * this portion is in |num_encrypted_key_bytes|. If the cipher is not an
- * export cipher, then the entire key material is encrypted (i.e., clear
- * key length must be zero).
- */
- key_length = (unsigned int)EVP_CIPHER_key_length(c);
- if (key_length > SSL_MAX_MASTER_KEY_LENGTH) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
-
- if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
- is_export = 1;
- num_encrypted_key_bytes = 8;
- } else if (is_export) {
- num_encrypted_key_bytes = 5;
- } else {
- num_encrypted_key_bytes = key_length;
- }
-
- if (s->s2->tmp.clear + num_encrypted_key_bytes != key_length) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH);
- return -1;
- }
- /*
- * The encrypted blob must decrypt to the encrypted portion of the key.
- * Decryption can't be expanding, so if we don't have enough encrypted
- * bytes to fit the key in the buffer, stop now.
- */
- if (s->s2->tmp.enc < num_encrypted_key_bytes) {
- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT);
- return -1;
- }
-
- /*
- * We must not leak whether a decryption failure occurs because of
- * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
- * section 7.4.7.1). The code follows that advice of the TLS RFC and
- * generates a random premaster secret for the case that the decrypt
- * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
- */
-
- /*
- * should be RAND_bytes, but we cannot work around a failure.
- */
- if (RAND_pseudo_bytes(rand_premaster_secret,
- (int)num_encrypted_key_bytes) <= 0)
- return 0;
-
- i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
- &(p[s->s2->tmp.clear]),
- &(p[s->s2->tmp.clear]),
- (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
- RSA_PKCS1_PADDING);
- ERR_clear_error();
- /*
- * If a bad decrypt, continue with protocol but with a random master
- * secret (Bleichenbacher attack)
- */
- decrypt_good = constant_time_eq_int_8(i, (int)num_encrypted_key_bytes);
- for (j = 0; j < num_encrypted_key_bytes; j++) {
- p[s->s2->tmp.clear + j] =
- constant_time_select_8(decrypt_good, p[s->s2->tmp.clear + j],
- rand_premaster_secret[j]);
- }
-
- s->session->master_key_length = (int)key_length;
- memcpy(s->session->master_key, p, key_length);
- OPENSSL_cleanse(p, key_length);
-
- return 1;
-}
-
-static int get_client_hello(SSL *s)
-{
- int i, n;
- unsigned long len;
- unsigned char *p;
- STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
- STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
- STACK_OF(SSL_CIPHER) *prio, *allow;
- int z;
-
- /*
- * This is a bit of a hack to check for the correct packet type the first
- * time round.
- */
- if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
- s->first_packet = 1;
- s->state = SSL2_ST_GET_CLIENT_HELLO_B;
- }
-
- p = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
- i = ssl2_read(s, (char *)&(p[s->init_num]), 9 - s->init_num);
- if (i < (9 - s->init_num))
- return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
- s->init_num = 9;
-
- if (*(p++) != SSL2_MT_CLIENT_HELLO) {
- if (p[-1] != SSL2_MT_ERROR) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
- } else
- SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
- return (-1);
- }
- n2s(p, i);
- if (i < s->version)
- s->version = i;
- n2s(p, i);
- s->s2->tmp.cipher_spec_length = i;
- n2s(p, i);
- s->s2->tmp.session_id_length = i;
- n2s(p, i);
- s->s2->challenge_length = i;
- if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
- (i > SSL2_MAX_CHALLENGE_LENGTH)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
- return (-1);
- }
- s->state = SSL2_ST_GET_CLIENT_HELLO_C;
- }
-
- /* SSL2_ST_GET_CLIENT_HELLO_C */
- p = (unsigned char *)s->init_buf->data;
- len =
- 9 + (unsigned long)s->s2->tmp.cipher_spec_length +
- (unsigned long)s->s2->challenge_length +
- (unsigned long)s->s2->tmp.session_id_length;
- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
- return -1;
- }
- n = (int)len - s->init_num;
- i = ssl2_read(s, (char *)&(p[s->init_num]), n);
- if (i != n)
- return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
- if (s->msg_callback) {
- /* CLIENT-HELLO */
- s->msg_callback(0, s->version, 0, p, (size_t)len, s,
- s->msg_callback_arg);
- }
- p += 9;
-
- /*
- * get session-id before cipher stuff so we can get out session structure
- * if it is cached
- */
- /* session-id */
- if ((s->s2->tmp.session_id_length != 0) &&
- (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
- return (-1);
- }
-
- if (s->s2->tmp.session_id_length == 0) {
- if (!ssl_get_new_session(s, 1)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- }
- } else {
- i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
- s->s2->tmp.session_id_length, NULL);
- if (i == 1) { /* previous session */
- s->hit = 1;
- } else if (i == -1) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- } else {
- if (s->cert == NULL) {
- ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
- SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
- return (-1);
- }
-
- if (!ssl_get_new_session(s, 1)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- }
- }
- }
-
- if (!s->hit) {
- cs = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.cipher_spec_length,
- &s->session->ciphers);
- if (cs == NULL)
- goto mem_err;
-
- cl = SSL_get_ciphers(s);
-
- if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
- prio = sk_SSL_CIPHER_dup(cl);
- if (prio == NULL)
- goto mem_err;
- allow = cs;
- } else {
- prio = cs;
- allow = cl;
- }
- for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
- (void)sk_SSL_CIPHER_delete(prio, z);
- z--;
- }
- }
- if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
- sk_SSL_CIPHER_free(s->session->ciphers);
- s->session->ciphers = prio;
- }
- /*
- * s->session->ciphers should now have a list of ciphers that are on
- * both the client and server. This list is ordered by the order the
- * client sent the ciphers or in the order of the server's preference
- * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
- */
- }
- p += s->s2->tmp.cipher_spec_length;
- /* done cipher selection */
-
- /* session id extracted already */
- p += s->s2->tmp.session_id_length;
-
- /* challenge */
- if (s->s2->challenge_length > sizeof s->s2->challenge) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
- return (1);
- mem_err:
- SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
- return (0);
-}
-
-static int server_hello(SSL *s)
-{
- unsigned char *p, *d;
- int n, hit;
-
- p = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
- d = p + 11;
- *(p++) = SSL2_MT_SERVER_HELLO; /* type */
- hit = s->hit;
- *(p++) = (unsigned char)hit;
-# if 1
- if (!hit) {
- if (s->session->sess_cert != NULL)
- /*
- * This can't really happen because get_client_hello has
- * called ssl_get_new_session, which does not set sess_cert.
- */
- ssl_sess_cert_free(s->session->sess_cert);
- s->session->sess_cert = ssl_sess_cert_new();
- if (s->session->sess_cert == NULL) {
- SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
- return (-1);
- }
- }
- /*
- * If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
- * depending on whether it survived in the internal cache or was
- * retrieved from an external cache. If it is NULL, we cannot put any
- * useful data in it anyway, so we don't touch it.
- */
-
-# else /* That's what used to be done when cert_st
- * and sess_cert_st were * the same. */
- if (!hit) { /* else add cert to session */
- CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
- if (s->session->sess_cert != NULL)
- ssl_cert_free(s->session->sess_cert);
- s->session->sess_cert = s->cert;
- } else { /* We have a session id-cache hit, if the *
- * session-id has no certificate listed
- * against * the 'cert' structure, grab the
- * 'old' one * listed against the SSL
- * connection */
- if (s->session->sess_cert == NULL) {
- CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
- s->session->sess_cert = s->cert;
- }
- }
-# endif
-
- if (s->cert == NULL) {
- ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
- SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
- return (-1);
- }
-
- if (hit) {
- *(p++) = 0; /* no certificate type */
- s2n(s->version, p); /* version */
- s2n(0, p); /* cert len */
- s2n(0, p); /* ciphers len */
- } else {
- /* EAY EAY */
- /* put certificate type */
- *(p++) = SSL2_CT_X509_CERTIFICATE;
- s2n(s->version, p); /* version */
- n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
- s2n(n, p); /* certificate length */
- i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
- n = 0;
-
- /*
- * lets send out the ciphers we like in the prefered order
- */
- n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
- d += n;
- s2n(n, p); /* add cipher length */
- }
-
- /* make and send conn_id */
- s2n(SSL2_CONNECTION_ID_LENGTH, p); /* add conn_id length */
- s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
- if (RAND_pseudo_bytes(s->s2->conn_id, (int)s->s2->conn_id_length) <=
- 0)
- return -1;
- memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
- d += SSL2_CONNECTION_ID_LENGTH;
-
- s->state = SSL2_ST_SEND_SERVER_HELLO_B;
- s->init_num = d - (unsigned char *)s->init_buf->data;
- s->init_off = 0;
- }
- /* SSL2_ST_SEND_SERVER_HELLO_B */
- /*
- * If we are using TCP/IP, the performance is bad if we do 2 writes
- * without a read between them. This occurs when Session-id reuse is
- * used, so I will put in a buffering module
- */
- if (s->hit) {
- if (!ssl_init_wbio_buffer(s, 1))
- return (-1);
- }
-
- return (ssl2_do_write(s));
-}
-
-static int get_client_finished(SSL *s)
-{
- unsigned char *p;
- int i, n;
- unsigned long len;
-
- p = (unsigned char *)s->init_buf->data;
- if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
- i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
- if (i < 1 - s->init_num)
- return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
- s->init_num += i;
-
- if (*p != SSL2_MT_CLIENT_FINISHED) {
- if (*p != SSL2_MT_ERROR) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_FINISHED,
- SSL_R_READ_WRONG_PACKET_TYPE);
- } else {
- SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
- /* try to read the error message */
- i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
- return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
- }
- return (-1);
- }
- s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
- }
-
- /* SSL2_ST_GET_CLIENT_FINISHED_B */
- if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- len = 1 + (unsigned long)s->s2->conn_id_length;
- n = (int)len - s->init_num;
- i = ssl2_read(s, (char *)&(p[s->init_num]), n);
- if (i < n) {
- return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
- }
- if (s->msg_callback) {
- /* CLIENT-FINISHED */
- s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
- }
- p += 1;
- if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
- return (-1);
- }
- return (1);
-}
-
-static int server_verify(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
- p = (unsigned char *)s->init_buf->data;
- *(p++) = SSL2_MT_SERVER_VERIFY;
- if (s->s2->challenge_length > sizeof s->s2->challenge) {
- SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- memcpy(p, s->s2->challenge, (unsigned int)s->s2->challenge_length);
- /* p+=s->s2->challenge_length; */
-
- s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
- s->init_num = s->s2->challenge_length + 1;
- s->init_off = 0;
- }
- return (ssl2_do_write(s));
-}
-
-static int server_finish(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
- p = (unsigned char *)s->init_buf->data;
- *(p++) = SSL2_MT_SERVER_FINISHED;
-
- if (s->session->session_id_length > sizeof s->session->session_id) {
- SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- memcpy(p, s->session->session_id,
- (unsigned int)s->session->session_id_length);
- /* p+=s->session->session_id_length; */
-
- s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
- s->init_num = s->session->session_id_length + 1;
- s->init_off = 0;
- }
-
- /* SSL2_ST_SEND_SERVER_FINISHED_B */
- return (ssl2_do_write(s));
-}
-
-/* send the request and check the response */
-static int request_certificate(SSL *s)
-{
- const unsigned char *cp;
- unsigned char *p, *p2, *buf2;
- unsigned char *ccd;
- int i, j, ctype, ret = -1;
- unsigned long len;
- X509 *x509 = NULL;
- STACK_OF(X509) *sk = NULL;
-
- ccd = s->s2->tmp.ccl;
- if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
- p = (unsigned char *)s->init_buf->data;
- *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
- *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
- if (RAND_pseudo_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
- return -1;
- memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
-
- s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
- s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
- s->init_off = 0;
- }
-
- if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
- i = ssl2_do_write(s);
- if (i <= 0) {
- ret = i;
- goto end;
- }
-
- s->init_num = 0;
- s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
- }
-
- if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
- p = (unsigned char *)s->init_buf->data;
- /* try to read 6 octets ... */
- i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num);
- /*
- * ... but don't call ssl2_part_read now if we got at least 3
- * (probably NO-CERTIFICATE-ERROR)
- */
- if (i < 3 - s->init_num) {
- ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
- goto end;
- }
- s->init_num += i;
-
- if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
- n2s(p, i);
- if (i != SSL2_PE_NO_CERTIFICATE) {
- /*
- * not the error message we expected -- let ssl2_part_read
- * handle it
- */
- s->init_num -= 3;
- ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
- goto end;
- }
-
- if (s->msg_callback) {
- /* ERROR */
- s->msg_callback(0, s->version, 0, p, 3, s,
- s->msg_callback_arg);
- }
-
- /*
- * this is the one place where we can recover from an SSL 2.0
- * error
- */
-
- if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
- ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
- SSLerr(SSL_F_REQUEST_CERTIFICATE,
- SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
- goto end;
- }
- ret = 1;
- goto end;
- }
- if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
- goto end;
- }
- if (s->init_num != 6) {
- SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
- goto end;
- }
-
- /* ok we have a response */
- /* certificate type, there is only one right now. */
- ctype = *(p++);
- if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
- ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
- SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
- goto end;
- }
- n2s(p, i);
- s->s2->tmp.clen = i;
- n2s(p, i);
- s->s2->tmp.rlen = i;
- s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
- }
-
- /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
- p = (unsigned char *)s->init_buf->data;
- len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
- SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
- goto end;
- }
- j = (int)len - s->init_num;
- i = ssl2_read(s, (char *)&(p[s->init_num]), j);
- if (i < j) {
- ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
- goto end;
- }
- if (s->msg_callback) {
- /* CLIENT-CERTIFICATE */
- s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
- }
- p += 6;
-
- cp = p;
- x509 = (X509 *)d2i_X509(NULL, &cp, (long)s->s2->tmp.clen);
- if (x509 == NULL) {
- SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
- goto msg_end;
- }
-
- if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
- SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto msg_end;
- }
-
- i = ssl_verify_cert_chain(s, sk);
-
- if (i > 0) { /* we like the packet, now check the chksum */
- EVP_MD_CTX ctx;
- EVP_PKEY *pkey = NULL;
-
- EVP_MD_CTX_init(&ctx);
- if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL)
- || !EVP_VerifyUpdate(&ctx, s->s2->key_material,
- s->s2->key_material_length)
- || !EVP_VerifyUpdate(&ctx, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH))
- goto msg_end;
-
- i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
- buf2 = OPENSSL_malloc((unsigned int)i);
- if (buf2 == NULL) {
- SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto msg_end;
- }
- p2 = buf2;
- i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
- if (!EVP_VerifyUpdate(&ctx, buf2, (unsigned int)i)) {
- OPENSSL_free(buf2);
- goto msg_end;
- }
- OPENSSL_free(buf2);
-
- pkey = X509_get_pubkey(x509);
- if (pkey == NULL)
- goto end;
- i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
- EVP_PKEY_free(pkey);
- EVP_MD_CTX_cleanup(&ctx);
-
- if (i > 0) {
- if (s->session->peer != NULL)
- X509_free(s->session->peer);
- s->session->peer = x509;
- CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
- s->session->verify_result = s->verify_result;
- ret = 1;
- goto end;
- } else {
- SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
- goto msg_end;
- }
- } else {
- msg_end:
- ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
- }
- end:
- sk_X509_free(sk);
- X509_free(x509);
- return (ret);
-}
-
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
- unsigned char *to, int padding)
-{
- RSA *rsa;
- int i;
-
- if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
- SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
- return (-1);
- }
- if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
- SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
- return (-1);
- }
- rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
-
- /* we have the public key */
- i = RSA_private_decrypt(len, from, to, rsa, padding);
- if (i < 0)
- SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
- return (i);
-}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s2_srvr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s2_srvr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1167 @@
+/* ssl/s2_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+#include "../crypto/constant_time_locl.h"
+# include <stdio.h>
+# include <openssl/bio.h>
+# include <openssl/rand.h>
+# include <openssl/objects.h>
+# include <openssl/evp.h>
+
+static const SSL_METHOD *ssl2_get_server_method(int ver);
+static int get_client_master_key(SSL *s);
+static int get_client_hello(SSL *s);
+static int server_hello(SSL *s);
+static int get_client_finished(SSL *s);
+static int server_verify(SSL *s);
+static int server_finish(SSL *s);
+static int request_certificate(SSL *s);
+static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
+ unsigned char *to, int padding);
+# define BREAK break
+
+static const SSL_METHOD *ssl2_get_server_method(int ver)
+{
+ if (ver == SSL2_VERSION)
+ return (SSLv2_server_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
+ ssl2_accept,
+ ssl_undefined_function, ssl2_get_server_method)
+
+int ssl2_accept(SSL *s)
+{
+ unsigned long l = (unsigned long)time(NULL);
+ BUF_MEM *buf = NULL;
+ int ret = -1;
+ long num1;
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int new_state, state;
+
+ RAND_add(&l, sizeof(l), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ /* init things to blank */
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+ if (s->cert == NULL) {
+ SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
+ return (-1);
+ }
+
+ clear_sys_error();
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+ case SSL_ST_OK | SSL_ST_ACCEPT:
+
+ s->server = 1;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ s->version = SSL2_VERSION;
+ s->type = SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow
+ (buf, (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+ BUF_MEM_free(buf);
+ ret = -1;
+ goto end;
+ }
+ s->init_buf = buf;
+ }
+ s->init_num = 0;
+ s->ctx->stats.sess_accept++;
+ s->handshake_func = ssl2_accept;
+ s->state = SSL2_ST_GET_CLIENT_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_GET_CLIENT_HELLO_A:
+ case SSL2_ST_GET_CLIENT_HELLO_B:
+ case SSL2_ST_GET_CLIENT_HELLO_C:
+ s->shutdown = 0;
+ ret = get_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_SEND_SERVER_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_HELLO_A:
+ case SSL2_ST_SEND_SERVER_HELLO_B:
+ ret = server_hello(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ if (!s->hit) {
+ s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
+ BREAK;
+ } else {
+ s->state = SSL2_ST_SERVER_START_ENCRYPTION;
+ BREAK;
+ }
+ case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
+ case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
+ ret = get_client_master_key(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_SERVER_START_ENCRYPTION;
+ BREAK;
+
+ case SSL2_ST_SERVER_START_ENCRYPTION:
+ /*
+ * Ok we how have sent all the stuff needed to start encrypting,
+ * the next packet back will be encrypted.
+ */
+ if (!ssl2_enc_init(s, 0)) {
+ ret = -1;
+ goto end;
+ }
+ s->s2->clear_text = 0;
+ s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_VERIFY_A:
+ case SSL2_ST_SEND_SERVER_VERIFY_B:
+ ret = server_verify(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ if (s->hit) {
+ /*
+ * If we are in here, we have been buffering the output, so
+ * we need to flush it and remove buffering from future
+ * traffic
+ */
+ s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
+ BREAK;
+ } else {
+ s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
+ break;
+ }
+
+ case SSL2_ST_SEND_SERVER_VERIFY_C:
+ /* get the number of bytes to write */
+ num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
+ if (num1 > 0) {
+ s->rwstate = SSL_WRITING;
+ num1 = BIO_flush(s->wbio);
+ if (num1 <= 0) {
+ ret = -1;
+ goto end;
+ }
+ s->rwstate = SSL_NOTHING;
+ }
+
+ /* flushed and now remove buffering */
+ s->wbio = BIO_pop(s->wbio);
+
+ s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
+ BREAK;
+
+ case SSL2_ST_GET_CLIENT_FINISHED_A:
+ case SSL2_ST_GET_CLIENT_FINISHED_B:
+ ret = get_client_finished(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
+ BREAK;
+
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
+ /*
+ * don't do a 'request certificate' if we don't want to, or we
+ * already have one, and we only want to do it once.
+ */
+ if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
+ s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
+ break;
+ } else {
+ ret = request_certificate(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
+ }
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_FINISHED_A:
+ case SSL2_ST_SEND_SERVER_FINISHED_B:
+ ret = server_finish(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL_ST_OK;
+ break;
+
+ case SSL_ST_OK:
+ BUF_MEM_free(s->init_buf);
+ ssl_free_wbio_buffer(s);
+ s->init_buf = NULL;
+ s->init_num = 0;
+ /* ERR_clear_error(); */
+
+ ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
+ s->ctx->stats.sess_accept_good++;
+ /* s->server=1; */
+ ret = 1;
+
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+ goto end;
+ /* BREAK; */
+
+ default:
+ SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
+ ret = -1;
+ goto end;
+ /* BREAK; */
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_ACCEPT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s, SSL_CB_ACCEPT_EXIT, ret);
+ return (ret);
+}
+
+static int get_client_master_key(SSL *s)
+{
+ int is_export, i, n, keya;
+ unsigned int num_encrypted_key_bytes, key_length;
+ unsigned long len;
+ unsigned char *p;
+ const SSL_CIPHER *cp;
+ const EVP_CIPHER *c;
+ const EVP_MD *md;
+ unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
+ unsigned char decrypt_good;
+ size_t j;
+
+ p = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 10 - s->init_num);
+
+ if (i < (10 - s->init_num))
+ return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
+ s->init_num = 10;
+
+ if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
+ if (p[-1] != SSL2_MT_ERROR) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ } else
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
+ return (-1);
+ }
+
+ cp = ssl2_get_cipher_by_char(p);
+ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) {
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
+ return (-1);
+ }
+ s->session->cipher = cp;
+
+ p += 3;
+ n2s(p, i);
+ s->s2->tmp.clear = i;
+ n2s(p, i);
+ s->s2->tmp.enc = i;
+ n2s(p, i);
+ if (i > SSL_MAX_KEY_ARG_LENGTH) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
+ return -1;
+ }
+ s->session->key_arg_length = i;
+ s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
+ }
+
+ /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
+ p = (unsigned char *)s->init_buf->data;
+ if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ keya = s->session->key_arg_length;
+ len =
+ 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc +
+ (unsigned long)keya;
+ if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
+ return -1;
+ }
+ n = (int)len - s->init_num;
+ i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+ if (i != n)
+ return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
+ if (s->msg_callback) {
+ /* CLIENT-MASTER-KEY */
+ s->msg_callback(0, s->version, 0, p, (size_t)len, s,
+ s->msg_callback_arg);
+ }
+ p += 10;
+
+ memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
+ (unsigned int)keya);
+
+ if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
+ return (-1);
+ }
+
+ is_export = SSL_C_IS_EXPORT(s->session->cipher);
+
+ if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return (0);
+ }
+
+ /*
+ * The format of the CLIENT-MASTER-KEY message is
+ * 1 byte message type
+ * 3 bytes cipher
+ * 2-byte clear key length (stored in s->s2->tmp.clear)
+ * 2-byte encrypted key length (stored in s->s2->tmp.enc)
+ * 2-byte key args length (IV etc)
+ * clear key
+ * encrypted key
+ * key args
+ *
+ * If the cipher is an export cipher, then the encrypted key bytes
+ * are a fixed portion of the total key (5 or 8 bytes). The size of
+ * this portion is in |num_encrypted_key_bytes|. If the cipher is not an
+ * export cipher, then the entire key material is encrypted (i.e., clear
+ * key length must be zero).
+ */
+ key_length = (unsigned int)EVP_CIPHER_key_length(c);
+ if (key_length > SSL_MAX_MASTER_KEY_LENGTH) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+
+ if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
+ is_export = 1;
+ num_encrypted_key_bytes = 8;
+ } else if (is_export) {
+ num_encrypted_key_bytes = 5;
+ } else {
+ num_encrypted_key_bytes = key_length;
+ }
+
+ if (s->s2->tmp.clear + num_encrypted_key_bytes != key_length) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH);
+ return -1;
+ }
+ /*
+ * The encrypted blob must decrypt to the encrypted portion of the key.
+ * Decryption can't be expanding, so if we don't have enough encrypted
+ * bytes to fit the key in the buffer, stop now.
+ */
+ if (s->s2->tmp.enc < num_encrypted_key_bytes) {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT);
+ return -1;
+ }
+
+ /*
+ * We must not leak whether a decryption failure occurs because of
+ * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
+ * section 7.4.7.1). The code follows that advice of the TLS RFC and
+ * generates a random premaster secret for the case that the decrypt
+ * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
+ */
+
+ if (RAND_bytes(rand_premaster_secret,
+ (int)num_encrypted_key_bytes) <= 0)
+ return 0;
+
+ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
+ &(p[s->s2->tmp.clear]),
+ &(p[s->s2->tmp.clear]),
+ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
+ RSA_PKCS1_PADDING);
+ ERR_clear_error();
+ /*
+ * If a bad decrypt, continue with protocol but with a random master
+ * secret (Bleichenbacher attack)
+ */
+ decrypt_good = constant_time_eq_int_8(i, (int)num_encrypted_key_bytes);
+ for (j = 0; j < num_encrypted_key_bytes; j++) {
+ p[s->s2->tmp.clear + j] =
+ constant_time_select_8(decrypt_good, p[s->s2->tmp.clear + j],
+ rand_premaster_secret[j]);
+ }
+
+ s->session->master_key_length = (int)key_length;
+ memcpy(s->session->master_key, p, key_length);
+ OPENSSL_cleanse(p, key_length);
+
+ return 1;
+}
+
+static int get_client_hello(SSL *s)
+{
+ int i, n;
+ unsigned long len;
+ unsigned char *p;
+ STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
+ STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
+ STACK_OF(SSL_CIPHER) *prio, *allow;
+ int z;
+
+ /*
+ * This is a bit of a hack to check for the correct packet type the first
+ * time round.
+ */
+ if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
+ s->first_packet = 1;
+ s->state = SSL2_ST_GET_CLIENT_HELLO_B;
+ }
+
+ p = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 9 - s->init_num);
+ if (i < (9 - s->init_num))
+ return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
+ s->init_num = 9;
+
+ if (*(p++) != SSL2_MT_CLIENT_HELLO) {
+ if (p[-1] != SSL2_MT_ERROR) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
+ } else
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
+ return (-1);
+ }
+ n2s(p, i);
+ if (i < s->version)
+ s->version = i;
+ n2s(p, i);
+ s->s2->tmp.cipher_spec_length = i;
+ n2s(p, i);
+ s->s2->tmp.session_id_length = i;
+ if ((i < 0) || (i > SSL_MAX_SSL_SESSION_ID_LENGTH)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+ return -1;
+ }
+ n2s(p, i);
+ s->s2->challenge_length = i;
+ if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
+ (i > SSL2_MAX_CHALLENGE_LENGTH)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
+ return (-1);
+ }
+ s->state = SSL2_ST_GET_CLIENT_HELLO_C;
+ }
+
+ /* SSL2_ST_GET_CLIENT_HELLO_C */
+ p = (unsigned char *)s->init_buf->data;
+ len =
+ 9 + (unsigned long)s->s2->tmp.cipher_spec_length +
+ (unsigned long)s->s2->challenge_length +
+ (unsigned long)s->s2->tmp.session_id_length;
+ if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
+ return -1;
+ }
+ n = (int)len - s->init_num;
+ i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+ if (i != n)
+ return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
+ if (s->msg_callback) {
+ /* CLIENT-HELLO */
+ s->msg_callback(0, s->version, 0, p, (size_t)len, s,
+ s->msg_callback_arg);
+ }
+ p += 9;
+
+ /*
+ * get session-id before cipher stuff so we can get out session structure
+ * if it is cached
+ */
+ /* session-id */
+ if ((s->s2->tmp.session_id_length != 0) &&
+ (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
+ return (-1);
+ }
+
+ if (s->s2->tmp.session_id_length == 0) {
+ if (!ssl_get_new_session(s, 1)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ return (-1);
+ }
+ } else {
+ i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
+ s->s2->tmp.session_id_length, NULL);
+ if (i == 1) { /* previous session */
+ s->hit = 1;
+ } else if (i == -1) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ return (-1);
+ } else {
+ if (s->cert == NULL) {
+ ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
+ return (-1);
+ }
+
+ if (!ssl_get_new_session(s, 1)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ return (-1);
+ }
+ }
+ }
+
+ if (!s->hit) {
+ cs = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.cipher_spec_length,
+ &s->session->ciphers);
+ if (cs == NULL)
+ goto mem_err;
+
+ cl = SSL_get_ciphers(s);
+
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+ prio = sk_SSL_CIPHER_dup(cl);
+ if (prio == NULL)
+ goto mem_err;
+ allow = cs;
+ } else {
+ prio = cs;
+ allow = cl;
+ }
+
+ /* Generate list of SSLv2 ciphers shared between client and server */
+ for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
+ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z);
+ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 ||
+ sk_SSL_CIPHER_find(allow, cp) < 0) {
+ (void)sk_SSL_CIPHER_delete(prio, z);
+ z--;
+ }
+ }
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+ sk_SSL_CIPHER_free(s->session->ciphers);
+ s->session->ciphers = prio;
+ }
+
+ /* Make sure we have at least one cipher in common */
+ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) {
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH);
+ return -1;
+ }
+ /*
+ * s->session->ciphers should now have a list of ciphers that are on
+ * both the client and server. This list is ordered by the order the
+ * client sent the ciphers or in the order of the server's preference
+ * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
+ */
+ }
+ p += s->s2->tmp.cipher_spec_length;
+ /* done cipher selection */
+
+ /* session id extracted already */
+ p += s->s2->tmp.session_id_length;
+
+ /* challenge */
+ if (s->s2->challenge_length > sizeof s->s2->challenge) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
+ return (1);
+ mem_err:
+ SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
+ return (0);
+}
+
+static int server_hello(SSL *s)
+{
+ unsigned char *p, *d;
+ int n, hit;
+
+ p = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
+ d = p + 11;
+ *(p++) = SSL2_MT_SERVER_HELLO; /* type */
+ hit = s->hit;
+ *(p++) = (unsigned char)hit;
+# if 1
+ if (!hit) {
+ if (s->session->sess_cert != NULL)
+ /*
+ * This can't really happen because get_client_hello has
+ * called ssl_get_new_session, which does not set sess_cert.
+ */
+ ssl_sess_cert_free(s->session->sess_cert);
+ s->session->sess_cert = ssl_sess_cert_new();
+ if (s->session->sess_cert == NULL) {
+ SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
+ return (-1);
+ }
+ }
+ /*
+ * If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
+ * depending on whether it survived in the internal cache or was
+ * retrieved from an external cache. If it is NULL, we cannot put any
+ * useful data in it anyway, so we don't touch it.
+ */
+
+# else /* That's what used to be done when cert_st
+ * and sess_cert_st were * the same. */
+ if (!hit) { /* else add cert to session */
+ CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
+ if (s->session->sess_cert != NULL)
+ ssl_cert_free(s->session->sess_cert);
+ s->session->sess_cert = s->cert;
+ } else { /* We have a session id-cache hit, if the *
+ * session-id has no certificate listed
+ * against * the 'cert' structure, grab the
+ * 'old' one * listed against the SSL
+ * connection */
+ if (s->session->sess_cert == NULL) {
+ CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
+ s->session->sess_cert = s->cert;
+ }
+ }
+# endif
+
+ if (s->cert == NULL) {
+ ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
+ SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
+ return (-1);
+ }
+
+ if (hit) {
+ *(p++) = 0; /* no certificate type */
+ s2n(s->version, p); /* version */
+ s2n(0, p); /* cert len */
+ s2n(0, p); /* ciphers len */
+ } else {
+ /* EAY EAY */
+ /* put certificate type */
+ *(p++) = SSL2_CT_X509_CERTIFICATE;
+ s2n(s->version, p); /* version */
+ n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
+ s2n(n, p); /* certificate length */
+ i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
+ n = 0;
+
+ /*
+ * lets send out the ciphers we like in the prefered order
+ */
+ n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
+ d += n;
+ s2n(n, p); /* add cipher length */
+ }
+
+ /* make and send conn_id */
+ s2n(SSL2_CONNECTION_ID_LENGTH, p); /* add conn_id length */
+ s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
+ if (RAND_bytes(s->s2->conn_id, (int)s->s2->conn_id_length) <= 0)
+ return -1;
+ memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
+ d += SSL2_CONNECTION_ID_LENGTH;
+
+ s->state = SSL2_ST_SEND_SERVER_HELLO_B;
+ s->init_num = d - (unsigned char *)s->init_buf->data;
+ s->init_off = 0;
+ }
+ /* SSL2_ST_SEND_SERVER_HELLO_B */
+ /*
+ * If we are using TCP/IP, the performance is bad if we do 2 writes
+ * without a read between them. This occurs when Session-id reuse is
+ * used, so I will put in a buffering module
+ */
+ if (s->hit) {
+ if (!ssl_init_wbio_buffer(s, 1))
+ return (-1);
+ }
+
+ return (ssl2_do_write(s));
+}
+
+static int get_client_finished(SSL *s)
+{
+ unsigned char *p;
+ int i, n;
+ unsigned long len;
+
+ p = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
+ if (i < 1 - s->init_num)
+ return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
+ s->init_num += i;
+
+ if (*p != SSL2_MT_CLIENT_FINISHED) {
+ if (*p != SSL2_MT_ERROR) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ } else {
+ SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
+ /* try to read the error message */
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
+ return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
+ }
+ return (-1);
+ }
+ s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
+ }
+
+ /* SSL2_ST_GET_CLIENT_FINISHED_B */
+ if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ len = 1 + (unsigned long)s->s2->conn_id_length;
+ n = (int)len - s->init_num;
+ i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+ if (i < n) {
+ return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
+ }
+ if (s->msg_callback) {
+ /* CLIENT-FINISHED */
+ s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
+ }
+ p += 1;
+ if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
+ return (-1);
+ }
+ return (1);
+}
+
+static int server_verify(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
+ p = (unsigned char *)s->init_buf->data;
+ *(p++) = SSL2_MT_SERVER_VERIFY;
+ if (s->s2->challenge_length > sizeof s->s2->challenge) {
+ SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ memcpy(p, s->s2->challenge, (unsigned int)s->s2->challenge_length);
+ /* p+=s->s2->challenge_length; */
+
+ s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
+ s->init_num = s->s2->challenge_length + 1;
+ s->init_off = 0;
+ }
+ return (ssl2_do_write(s));
+}
+
+static int server_finish(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
+ p = (unsigned char *)s->init_buf->data;
+ *(p++) = SSL2_MT_SERVER_FINISHED;
+
+ if (s->session->session_id_length > sizeof s->session->session_id) {
+ SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ memcpy(p, s->session->session_id,
+ (unsigned int)s->session->session_id_length);
+ /* p+=s->session->session_id_length; */
+
+ s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
+ s->init_num = s->session->session_id_length + 1;
+ s->init_off = 0;
+ }
+
+ /* SSL2_ST_SEND_SERVER_FINISHED_B */
+ return (ssl2_do_write(s));
+}
+
+/* send the request and check the response */
+static int request_certificate(SSL *s)
+{
+ const unsigned char *cp;
+ unsigned char *p, *p2, *buf2;
+ unsigned char *ccd;
+ int i, j, ctype, ret = -1;
+ unsigned long len;
+ X509 *x509 = NULL;
+ STACK_OF(X509) *sk = NULL;
+
+ ccd = s->s2->tmp.ccl;
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
+ p = (unsigned char *)s->init_buf->data;
+ *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
+ *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
+ if (RAND_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
+ return -1;
+ memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
+
+ s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
+ s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
+ s->init_off = 0;
+ }
+
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
+ i = ssl2_do_write(s);
+ if (i <= 0) {
+ ret = i;
+ goto end;
+ }
+
+ s->init_num = 0;
+ s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
+ }
+
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
+ p = (unsigned char *)s->init_buf->data;
+ /* try to read 6 octets ... */
+ i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num);
+ /*
+ * ... but don't call ssl2_part_read now if we got at least 3
+ * (probably NO-CERTIFICATE-ERROR)
+ */
+ if (i < 3 - s->init_num) {
+ ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
+ goto end;
+ }
+ s->init_num += i;
+
+ if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
+ n2s(p, i);
+ if (i != SSL2_PE_NO_CERTIFICATE) {
+ /*
+ * not the error message we expected -- let ssl2_part_read
+ * handle it
+ */
+ s->init_num -= 3;
+ ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
+ goto end;
+ }
+
+ if (s->msg_callback) {
+ /* ERROR */
+ s->msg_callback(0, s->version, 0, p, 3, s,
+ s->msg_callback_arg);
+ }
+
+ /*
+ * this is the one place where we can recover from an SSL 2.0
+ * error
+ */
+
+ if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
+ ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,
+ SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ goto end;
+ }
+ ret = 1;
+ goto end;
+ }
+ if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
+ goto end;
+ }
+ if (s->init_num != 6) {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ goto end;
+ }
+
+ /* ok we have a response */
+ /* certificate type, there is only one right now. */
+ ctype = *(p++);
+ if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
+ ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
+ goto end;
+ }
+ n2s(p, i);
+ s->s2->tmp.clen = i;
+ n2s(p, i);
+ s->s2->tmp.rlen = i;
+ s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
+ }
+
+ /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
+ p = (unsigned char *)s->init_buf->data;
+ len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
+ if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
+ goto end;
+ }
+ j = (int)len - s->init_num;
+ i = ssl2_read(s, (char *)&(p[s->init_num]), j);
+ if (i < j) {
+ ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
+ goto end;
+ }
+ if (s->msg_callback) {
+ /* CLIENT-CERTIFICATE */
+ s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
+ }
+ p += 6;
+
+ cp = p;
+ x509 = (X509 *)d2i_X509(NULL, &cp, (long)s->s2->tmp.clen);
+ if (x509 == NULL) {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
+ goto msg_end;
+ }
+
+ if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto msg_end;
+ }
+
+ i = ssl_verify_cert_chain(s, sk);
+
+ if (i > 0) { /* we like the packet, now check the chksum */
+ EVP_MD_CTX ctx;
+ EVP_PKEY *pkey = NULL;
+
+ EVP_MD_CTX_init(&ctx);
+ if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL)
+ || !EVP_VerifyUpdate(&ctx, s->s2->key_material,
+ s->s2->key_material_length)
+ || !EVP_VerifyUpdate(&ctx, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH))
+ goto msg_end;
+
+ i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
+ buf2 = OPENSSL_malloc((unsigned int)i);
+ if (buf2 == NULL) {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto msg_end;
+ }
+ p2 = buf2;
+ i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
+ if (!EVP_VerifyUpdate(&ctx, buf2, (unsigned int)i)) {
+ OPENSSL_free(buf2);
+ goto msg_end;
+ }
+ OPENSSL_free(buf2);
+
+ pkey = X509_get_pubkey(x509);
+ if (pkey == NULL)
+ goto end;
+ i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
+ EVP_PKEY_free(pkey);
+ EVP_MD_CTX_cleanup(&ctx);
+
+ if (i > 0) {
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+ s->session->peer = x509;
+ CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
+ s->session->verify_result = s->verify_result;
+ ret = 1;
+ goto end;
+ } else {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
+ goto msg_end;
+ }
+ } else {
+ msg_end:
+ ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
+ }
+ end:
+ sk_X509_free(sk);
+ X509_free(x509);
+ return (ret);
+}
+
+static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
+ unsigned char *to, int padding)
+{
+ RSA *rsa;
+ int i;
+
+ if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
+ return (-1);
+ }
+ if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+ return (-1);
+ }
+ rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
+
+ /* we have the public key */
+ i = RSA_private_decrypt(len, from, to, rsa, padding);
+ if (i < 0)
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
+ return (i);
+}
+#else /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s3_both.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s3_both.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_both.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,818 +0,0 @@
-/* ssl/s3_both.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <limits.h>
-#include <string.h>
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/*
- * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
- * SSL3_RT_CHANGE_CIPHER_SPEC)
- */
-int ssl3_do_write(SSL *s, int type)
-{
- int ret;
-
- ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
- s->init_num);
- if (ret < 0)
- return (-1);
- if (type == SSL3_RT_HANDSHAKE)
- /*
- * should not be done for 'Hello Request's, but in that case we'll
- * ignore the result anyway
- */
- ssl3_finish_mac(s, (unsigned char *)&s->init_buf->data[s->init_off],
- ret);
-
- if (ret == s->init_num) {
- if (s->msg_callback)
- s->msg_callback(1, s->version, type, s->init_buf->data,
- (size_t)(s->init_off + s->init_num), s,
- s->msg_callback_arg);
- return (1);
- }
- s->init_off += ret;
- s->init_num -= ret;
- return (0);
-}
-
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
-{
- unsigned char *p, *d;
- int i;
- unsigned long l;
-
- if (s->state == a) {
- d = (unsigned char *)s->init_buf->data;
- p = &(d[4]);
-
- i = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen,
- s->s3->tmp.finish_md);
- if (i <= 0)
- return 0;
- s->s3->tmp.finish_md_len = i;
- memcpy(p, s->s3->tmp.finish_md, i);
- p += i;
- l = i;
-
- /*
- * Copy the finished so we can use it for renegotiation checks
- */
- if (s->type == SSL_ST_CONNECT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
- s->s3->previous_client_finished_len = i;
- } else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i);
- s->s3->previous_server_finished_len = i;
- }
-
-#ifdef OPENSSL_SYS_WIN16
- /*
- * MSVC 1.5 does not clear the top bytes of the word unless I do
- * this.
- */
- l &= 0xffff;
-#endif
-
- *(d++) = SSL3_MT_FINISHED;
- l2n3(l, d);
- s->init_num = (int)l + 4;
- s->init_off = 0;
-
- s->state = b;
- }
-
- /* SSL3_ST_SEND_xxxxxx_HELLO_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
- * to far.
- */
-static void ssl3_take_mac(SSL *s)
-{
- const char *sender;
- int slen;
- /*
- * If no new cipher setup return immediately: other functions will set
- * the appropriate error.
- */
- if (s->s3->tmp.new_cipher == NULL)
- return;
- if (s->state & SSL_ST_CONNECT) {
- sender = s->method->ssl3_enc->server_finished_label;
- slen = s->method->ssl3_enc->server_finished_label_len;
- } else {
- sender = s->method->ssl3_enc->client_finished_label;
- slen = s->method->ssl3_enc->client_finished_label_len;
- }
-
- s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- sender,
- slen,
- s->s3->tmp.peer_finish_md);
-}
-#endif
-
-int ssl3_get_finished(SSL *s, int a, int b)
-{
- int al, i, ok;
- long n;
- unsigned char *p;
-
-#ifdef OPENSSL_NO_NEXTPROTONEG
- /*
- * the mac has already been generated when we received the change cipher
- * spec message and is in s->s3->tmp.peer_finish_md.
- */
-#endif
-
- /* 64 argument should actually be 36+4 :-) */
- n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
-
- if (!ok)
- return ((int)n);
-
- /* If this occurs, we have missed a message */
- if (!s->s3->change_cipher_spec) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
- goto f_err;
- }
- s->s3->change_cipher_spec = 0;
-
- p = (unsigned char *)s->init_msg;
- i = s->s3->tmp.peer_finish_md_len;
-
- if (i != n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
- goto f_err;
- }
-
- if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED);
- goto f_err;
- }
-
- /*
- * Copy the finished so we can use it for renegotiation checks
- */
- if (s->type == SSL_ST_ACCEPT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
- s->s3->previous_client_finished_len = i;
- } else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_server_finished, s->s3->tmp.peer_finish_md, i);
- s->s3->previous_server_finished_len = i;
- }
-
- return (1);
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- return (0);
-}
-
-/*-
- * for these 2 messages, we need to
- * ssl->enc_read_ctx re-init
- * ssl->s3->read_sequence zero
- * ssl->s3->read_mac_secret re-init
- * ssl->session->read_sym_enc assign
- * ssl->session->read_compression assign
- * ssl->session->read_hash assign
- */
-int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
-{
- unsigned char *p;
-
- if (s->state == a) {
- p = (unsigned char *)s->init_buf->data;
- *p = SSL3_MT_CCS;
- s->init_num = 1;
- s->init_off = 0;
-
- s->state = b;
- }
-
- /* SSL3_ST_CW_CHANGE_B */
- return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
-static int ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
-{
- int n;
- unsigned char *p;
-
- n = i2d_X509(x, NULL);
- if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
- SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
- return (-1);
- }
- p = (unsigned char *)&(buf->data[*l]);
- l2n3(n, p);
- i2d_X509(x, &p);
- *l += n + 3;
-
- return (0);
-}
-
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
-{
- unsigned char *p;
- int i;
- unsigned long l = 7;
- BUF_MEM *buf;
- int no_chain;
-
- if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
- no_chain = 1;
- else
- no_chain = 0;
-
- /* TLSv1 sends a chain with nothing in it, instead of an alert */
- buf = s->init_buf;
- if (!BUF_MEM_grow_clean(buf, 10)) {
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
- return (0);
- }
- if (x != NULL) {
- if (no_chain) {
- if (ssl3_add_cert_to_buf(buf, &l, x))
- return (0);
- } else {
- X509_STORE_CTX xs_ctx;
-
- if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store, x, NULL)) {
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_X509_LIB);
- return (0);
- }
- X509_verify_cert(&xs_ctx);
- /* Don't leave errors in the queue */
- ERR_clear_error();
- for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
- x = sk_X509_value(xs_ctx.chain, i);
-
- if (ssl3_add_cert_to_buf(buf, &l, x)) {
- X509_STORE_CTX_cleanup(&xs_ctx);
- return 0;
- }
- }
- X509_STORE_CTX_cleanup(&xs_ctx);
- }
- }
- /* Thawte special :-) */
- for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
- x = sk_X509_value(s->ctx->extra_certs, i);
- if (ssl3_add_cert_to_buf(buf, &l, x))
- return (0);
- }
-
- l -= 7;
- p = (unsigned char *)&(buf->data[4]);
- l2n3(l, p);
- l += 3;
- p = (unsigned char *)&(buf->data[0]);
- *(p++) = SSL3_MT_CERTIFICATE;
- l2n3(l, p);
- l += 4;
- return (l);
-}
-
-/*
- * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
- * acceptable body length 'max'. The first four bytes (msg_type and length)
- * are read in state 'st1', the body is read in state 'stn'.
- */
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-{
- unsigned char *p;
- unsigned long l;
- long n;
- int i, al;
-
- if (s->s3->tmp.reuse_message) {
- s->s3->tmp.reuse_message = 0;
- if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- *ok = 1;
- s->state = stn;
- s->init_msg = s->init_buf->data + 4;
- s->init_num = (int)s->s3->tmp.message_size;
- return s->init_num;
- }
-
- p = (unsigned char *)s->init_buf->data;
-
- if (s->state == st1) { /* s->init_num < 4 */
- int skip_message;
-
- do {
- while (s->init_num < 4) {
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
- &p[s->init_num],
- 4 - s->init_num, 0);
- if (i <= 0) {
- s->rwstate = SSL_READING;
- *ok = 0;
- return i;
- }
- s->init_num += i;
- }
-
- skip_message = 0;
- if (!s->server)
- if (p[0] == SSL3_MT_HELLO_REQUEST)
- /*
- * The server may always send 'Hello Request' messages --
- * we are doing a handshake anyway now, so ignore them if
- * their format is correct. Does not count for 'Finished'
- * MAC.
- */
- if (p[1] == 0 && p[2] == 0 && p[3] == 0) {
- s->init_num = 0;
- skip_message = 1;
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- p, 4, s, s->msg_callback_arg);
- }
- }
- while (skip_message);
-
- /* s->init_num == 4 */
-
- if ((mt >= 0) && (*p != mt)) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
- (st1 == SSL3_ST_SR_CERT_A) && (stn == SSL3_ST_SR_CERT_B)) {
- /*
- * At this point we have got an MS SGC second client hello (maybe
- * we should always allow the client to start a new handshake?).
- * We need to restart the mac. Don't increment
- * {num,total}_renegotiations because we have not completed the
- * handshake.
- */
- ssl3_init_finished_mac(s);
- }
-
- s->s3->tmp.message_type = *(p++);
-
- n2l3(p, l);
- if (l > (unsigned long)max) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
- goto f_err;
- }
- if (l > (INT_MAX - 4)) { /* BUF_MEM_grow takes an 'int' parameter */
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
- goto f_err;
- }
- if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l + 4)) {
- SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
- goto err;
- }
- s->s3->tmp.message_size = l;
- s->state = stn;
-
- s->init_msg = s->init_buf->data + 4;
- s->init_num = 0;
- }
-
- /* next state (stn) */
- p = s->init_msg;
- n = s->s3->tmp.message_size - s->init_num;
- while (n > 0) {
- i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num],
- n, 0);
- if (i <= 0) {
- s->rwstate = SSL_READING;
- *ok = 0;
- return i;
- }
- s->init_num += i;
- n -= i;
- }
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
- /*
- * If receiving Finished, record MAC of prior handshake messages for
- * Finished verification.
- */
- if (*s->init_buf->data == SSL3_MT_FINISHED)
- ssl3_take_mac(s);
-#endif
-
- /* Feed this message into MAC computation. */
- ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data,
- (size_t)s->init_num + 4, s, s->msg_callback_arg);
- *ok = 1;
- return s->init_num;
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- *ok = 0;
- return (-1);
-}
-
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
-{
- EVP_PKEY *pk;
- int ret = -1, i;
-
- if (pkey == NULL)
- pk = X509_get_pubkey(x);
- else
- pk = pkey;
- if (pk == NULL)
- goto err;
-
- i = pk->type;
- if (i == EVP_PKEY_RSA) {
- ret = SSL_PKEY_RSA_ENC;
- } else if (i == EVP_PKEY_DSA) {
- ret = SSL_PKEY_DSA_SIGN;
- }
-#ifndef OPENSSL_NO_EC
- else if (i == EVP_PKEY_EC) {
- ret = SSL_PKEY_ECC;
- }
-#endif
- else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) {
- ret = SSL_PKEY_GOST94;
- } else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) {
- ret = SSL_PKEY_GOST01;
- }
- err:
- if (!pkey)
- EVP_PKEY_free(pk);
- return (ret);
-}
-
-int ssl_verify_alarm_type(long type)
-{
- int al;
-
- switch (type) {
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- case X509_V_ERR_UNABLE_TO_GET_CRL:
- case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
- al = SSL_AD_UNKNOWN_CA;
- break;
- case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
- case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
- case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
- case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
- case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
- case X509_V_ERR_CERT_NOT_YET_VALID:
- case X509_V_ERR_CRL_NOT_YET_VALID:
- case X509_V_ERR_CERT_UNTRUSTED:
- case X509_V_ERR_CERT_REJECTED:
- al = SSL_AD_BAD_CERTIFICATE;
- break;
- case X509_V_ERR_CERT_SIGNATURE_FAILURE:
- case X509_V_ERR_CRL_SIGNATURE_FAILURE:
- al = SSL_AD_DECRYPT_ERROR;
- break;
- case X509_V_ERR_CERT_HAS_EXPIRED:
- case X509_V_ERR_CRL_HAS_EXPIRED:
- al = SSL_AD_CERTIFICATE_EXPIRED;
- break;
- case X509_V_ERR_CERT_REVOKED:
- al = SSL_AD_CERTIFICATE_REVOKED;
- break;
- case X509_V_ERR_OUT_OF_MEM:
- al = SSL_AD_INTERNAL_ERROR;
- break;
- case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
- case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
- case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
- case X509_V_ERR_CERT_CHAIN_TOO_LONG:
- case X509_V_ERR_PATH_LENGTH_EXCEEDED:
- case X509_V_ERR_INVALID_CA:
- al = SSL_AD_UNKNOWN_CA;
- break;
- case X509_V_ERR_APPLICATION_VERIFICATION:
- al = SSL_AD_HANDSHAKE_FAILURE;
- break;
- case X509_V_ERR_INVALID_PURPOSE:
- al = SSL_AD_UNSUPPORTED_CERTIFICATE;
- break;
- default:
- al = SSL_AD_CERTIFICATE_UNKNOWN;
- break;
- }
- return (al);
-}
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-/*-
- * On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers. Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context. (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- * - Link against a faster malloc implementation.
- * - Use a separate SSL_CTX for each option set.
- * - Improve this code.
- */
-static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-{
- SSL3_BUF_FREELIST *list;
- SSL3_BUF_FREELIST_ENTRY *ent = NULL;
- void *result = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
- if (list != NULL && sz == (int)list->chunklen)
- ent = list->head;
- if (ent != NULL) {
- list->head = ent->next;
- result = ent;
- if (--list->len == 0)
- list->chunklen = 0;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- if (!result)
- result = OPENSSL_malloc(sz);
- return result;
-}
-
-static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-{
- SSL3_BUF_FREELIST *list;
- SSL3_BUF_FREELIST_ENTRY *ent;
-
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
- if (list != NULL &&
- (sz == list->chunklen || list->chunklen == 0) &&
- list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
- list->chunklen = sz;
- ent = mem;
- ent->next = list->head;
- list->head = ent;
- ++list->len;
- mem = NULL;
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- if (mem)
- OPENSSL_free(mem);
-}
-#else
-# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
-
-int ssl3_setup_read_buffer(SSL *s)
-{
- unsigned char *p;
- size_t len, align = 0, headerlen;
-
- if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
- headerlen = DTLS1_RT_HEADER_LENGTH;
- else
- headerlen = SSL3_RT_HEADER_LENGTH;
-
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
- align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-
- if (s->s3->rbuf.buf == NULL) {
- len = SSL3_RT_MAX_PLAIN_LENGTH
- + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {
- s->s3->init_extra = 1;
- len += SSL3_RT_MAX_EXTRA;
- }
-#ifndef OPENSSL_NO_COMP
- if (!(s->options & SSL_OP_NO_COMPRESSION))
- len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-#endif
- if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
- goto err;
- s->s3->rbuf.buf = p;
- s->s3->rbuf.len = len;
- }
-
- s->packet = &(s->s3->rbuf.buf[0]);
- return 1;
-
- err:
- SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE);
- return 0;
-}
-
-int ssl3_setup_write_buffer(SSL *s)
-{
- unsigned char *p;
- size_t len, align = 0, headerlen;
-
- if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
- headerlen = DTLS1_RT_HEADER_LENGTH + 1;
- else
- headerlen = SSL3_RT_HEADER_LENGTH;
-
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
- align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-
- if (s->s3->wbuf.buf == NULL) {
- len = s->max_send_fragment
- + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
-#ifndef OPENSSL_NO_COMP
- if (!(s->options & SSL_OP_NO_COMPRESSION))
- len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-#endif
- if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
- len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
-
- if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
- goto err;
- s->s3->wbuf.buf = p;
- s->s3->wbuf.len = len;
- }
-
- return 1;
-
- err:
- SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
- return 0;
-}
-
-int ssl3_setup_buffers(SSL *s)
-{
- if (!ssl3_setup_read_buffer(s))
- return 0;
- if (!ssl3_setup_write_buffer(s))
- return 0;
- return 1;
-}
-
-int ssl3_release_write_buffer(SSL *s)
-{
- if (s->s3->wbuf.buf != NULL) {
- freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
- s->s3->wbuf.buf = NULL;
- }
- return 1;
-}
-
-int ssl3_release_read_buffer(SSL *s)
-{
- if (s->s3->rbuf.buf != NULL) {
- freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
- s->s3->rbuf.buf = NULL;
- }
- return 1;
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/s3_both.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s3_both.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s3_both.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_both.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,826 @@
+/* ssl/s3_both.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <limits.h>
+#include <string.h>
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+/*
+ * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
+ * SSL3_RT_CHANGE_CIPHER_SPEC)
+ */
+int ssl3_do_write(SSL *s, int type)
+{
+ int ret;
+
+ ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
+ s->init_num);
+ if (ret < 0)
+ return (-1);
+ if (type == SSL3_RT_HANDSHAKE)
+ /*
+ * should not be done for 'Hello Request's, but in that case we'll
+ * ignore the result anyway
+ */
+ ssl3_finish_mac(s, (unsigned char *)&s->init_buf->data[s->init_off],
+ ret);
+
+ if (ret == s->init_num) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, type, s->init_buf->data,
+ (size_t)(s->init_off + s->init_num), s,
+ s->msg_callback_arg);
+ return (1);
+ }
+ s->init_off += ret;
+ s->init_num -= ret;
+ return (0);
+}
+
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
+{
+ unsigned char *p, *d;
+ int i;
+ unsigned long l;
+
+ if (s->state == a) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[4]);
+
+ i = s->method->ssl3_enc->final_finish_mac(s,
+ sender, slen,
+ s->s3->tmp.finish_md);
+ if (i <= 0)
+ return 0;
+ s->s3->tmp.finish_md_len = i;
+ memcpy(p, s->s3->tmp.finish_md, i);
+ p += i;
+ l = i;
+
+ /*
+ * Copy the finished so we can use it for renegotiation checks
+ */
+ if (s->type == SSL_ST_CONNECT) {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
+ s->s3->previous_client_finished_len = i;
+ } else {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i);
+ s->s3->previous_server_finished_len = i;
+ }
+
+#ifdef OPENSSL_SYS_WIN16
+ /*
+ * MSVC 1.5 does not clear the top bytes of the word unless I do
+ * this.
+ */
+ l &= 0xffff;
+#endif
+
+ *(d++) = SSL3_MT_FINISHED;
+ l2n3(l, d);
+ s->init_num = (int)l + 4;
+ s->init_off = 0;
+
+ s->state = b;
+ }
+
+ /* SSL3_ST_SEND_xxxxxx_HELLO_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
+ * to far.
+ */
+static void ssl3_take_mac(SSL *s)
+{
+ const char *sender;
+ int slen;
+ /*
+ * If no new cipher setup return immediately: other functions will set
+ * the appropriate error.
+ */
+ if (s->s3->tmp.new_cipher == NULL)
+ return;
+ if (s->state & SSL_ST_CONNECT) {
+ sender = s->method->ssl3_enc->server_finished_label;
+ slen = s->method->ssl3_enc->server_finished_label_len;
+ } else {
+ sender = s->method->ssl3_enc->client_finished_label;
+ slen = s->method->ssl3_enc->client_finished_label_len;
+ }
+
+ s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
+ sender,
+ slen,
+ s->s3->tmp.peer_finish_md);
+}
+#endif
+
+int ssl3_get_finished(SSL *s, int a, int b)
+{
+ int al, i, ok;
+ long n;
+ unsigned char *p;
+
+#ifdef OPENSSL_NO_NEXTPROTONEG
+ /*
+ * the mac has already been generated when we received the change cipher
+ * spec message and is in s->s3->tmp.peer_finish_md.
+ */
+#endif
+
+ /* 64 argument should actually be 36+4 :-) */
+ n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ /* If this occurs, we have missed a message */
+ if (!s->s3->change_cipher_spec) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
+ goto f_err;
+ }
+ s->s3->change_cipher_spec = 0;
+
+ p = (unsigned char *)s->init_msg;
+ i = s->s3->tmp.peer_finish_md_len;
+
+ if (i != n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
+ goto f_err;
+ }
+
+ if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED);
+ goto f_err;
+ }
+
+ /*
+ * Copy the finished so we can use it for renegotiation checks
+ */
+ if (s->type == SSL_ST_ACCEPT) {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
+ s->s3->previous_client_finished_len = i;
+ } else {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_server_finished, s->s3->tmp.peer_finish_md, i);
+ s->s3->previous_server_finished_len = i;
+ }
+
+ return (1);
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ return (0);
+}
+
+/*-
+ * for these 2 messages, we need to
+ * ssl->enc_read_ctx re-init
+ * ssl->s3->read_sequence zero
+ * ssl->s3->read_mac_secret re-init
+ * ssl->session->read_sym_enc assign
+ * ssl->session->read_compression assign
+ * ssl->session->read_hash assign
+ */
+int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
+{
+ unsigned char *p;
+
+ if (s->state == a) {
+ p = (unsigned char *)s->init_buf->data;
+ *p = SSL3_MT_CCS;
+ s->init_num = 1;
+ s->init_off = 0;
+
+ s->state = b;
+ }
+
+ /* SSL3_ST_CW_CHANGE_B */
+ return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+}
+
+static int ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+{
+ int n;
+ unsigned char *p;
+
+ n = i2d_X509(x, NULL);
+ if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
+ SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
+ return (-1);
+ }
+ p = (unsigned char *)&(buf->data[*l]);
+ l2n3(n, p);
+ i2d_X509(x, &p);
+ *l += n + 3;
+
+ return (0);
+}
+
+unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
+{
+ unsigned char *p;
+ int i;
+ unsigned long l = 7;
+ BUF_MEM *buf;
+ int no_chain;
+
+ if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
+ no_chain = 1;
+ else
+ no_chain = 0;
+
+ /* TLSv1 sends a chain with nothing in it, instead of an alert */
+ buf = s->init_buf;
+ if (!BUF_MEM_grow_clean(buf, 10)) {
+ SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
+ return (0);
+ }
+ if (x != NULL) {
+ if (no_chain) {
+ if (ssl3_add_cert_to_buf(buf, &l, x))
+ return (0);
+ } else {
+ X509_STORE_CTX xs_ctx;
+
+ if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store, x, NULL)) {
+ SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_X509_LIB);
+ return (0);
+ }
+ X509_verify_cert(&xs_ctx);
+ /* Don't leave errors in the queue */
+ ERR_clear_error();
+ for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
+ x = sk_X509_value(xs_ctx.chain, i);
+
+ if (ssl3_add_cert_to_buf(buf, &l, x)) {
+ X509_STORE_CTX_cleanup(&xs_ctx);
+ return 0;
+ }
+ }
+ X509_STORE_CTX_cleanup(&xs_ctx);
+ }
+ }
+ /* Thawte special :-) */
+ for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
+ x = sk_X509_value(s->ctx->extra_certs, i);
+ if (ssl3_add_cert_to_buf(buf, &l, x))
+ return (0);
+ }
+
+ l -= 7;
+ p = (unsigned char *)&(buf->data[4]);
+ l2n3(l, p);
+ l += 3;
+ p = (unsigned char *)&(buf->data[0]);
+ *(p++) = SSL3_MT_CERTIFICATE;
+ l2n3(l, p);
+ l += 4;
+ return (l);
+}
+
+/*
+ * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
+ * acceptable body length 'max'. The first four bytes (msg_type and length)
+ * are read in state 'st1', the body is read in state 'stn'.
+ */
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+{
+ unsigned char *p;
+ unsigned long l;
+ long n;
+ int i, al;
+
+ if (s->s3->tmp.reuse_message) {
+ s->s3->tmp.reuse_message = 0;
+ if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ *ok = 1;
+ s->state = stn;
+ s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH;
+ s->init_num = (int)s->s3->tmp.message_size;
+ return s->init_num;
+ }
+
+ p = (unsigned char *)s->init_buf->data;
+
+ if (s->state == st1) { /* s->init_num < SSL3_HM_HEADER_LENGTH */
+ int skip_message;
+
+ do {
+ while (s->init_num < SSL3_HM_HEADER_LENGTH) {
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ &p[s->init_num],
+ SSL3_HM_HEADER_LENGTH -
+ s->init_num, 0);
+ if (i <= 0) {
+ s->rwstate = SSL_READING;
+ *ok = 0;
+ return i;
+ }
+ s->init_num += i;
+ }
+
+ skip_message = 0;
+ if (!s->server)
+ if (p[0] == SSL3_MT_HELLO_REQUEST)
+ /*
+ * The server may always send 'Hello Request' messages --
+ * we are doing a handshake anyway now, so ignore them if
+ * their format is correct. Does not count for 'Finished'
+ * MAC.
+ */
+ if (p[1] == 0 && p[2] == 0 && p[3] == 0) {
+ s->init_num = 0;
+ skip_message = 1;
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+ p, SSL3_HM_HEADER_LENGTH, s,
+ s->msg_callback_arg);
+ }
+ }
+ while (skip_message);
+
+ /* s->init_num == SSL3_HM_HEADER_LENGTH */
+
+ if ((mt >= 0) && (*p != mt)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
+ (st1 == SSL3_ST_SR_CERT_A) && (stn == SSL3_ST_SR_CERT_B)) {
+ /*
+ * At this point we have got an MS SGC second client hello (maybe
+ * we should always allow the client to start a new handshake?).
+ * We need to restart the mac. Don't increment
+ * {num,total}_renegotiations because we have not completed the
+ * handshake.
+ */
+ ssl3_init_finished_mac(s);
+ }
+
+ s->s3->tmp.message_type = *(p++);
+
+ n2l3(p, l);
+ if (l > (unsigned long)max) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ goto f_err;
+ }
+ /*
+ * Make buffer slightly larger than message length as a precaution
+ * against small OOB reads e.g. CVE-2016-6306
+ */
+ if (l
+ && !BUF_MEM_grow_clean(s->init_buf,
+ (int)l + SSL3_HM_HEADER_LENGTH + 16)) {
+ SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
+ goto err;
+ }
+ s->s3->tmp.message_size = l;
+ s->state = stn;
+
+ s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH;
+ s->init_num = 0;
+ }
+
+ /* next state (stn) */
+ p = s->init_msg;
+ n = s->s3->tmp.message_size - s->init_num;
+ while (n > 0) {
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num],
+ n, 0);
+ if (i <= 0) {
+ s->rwstate = SSL_READING;
+ *ok = 0;
+ return i;
+ }
+ s->init_num += i;
+ n -= i;
+ }
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ /*
+ * If receiving Finished, record MAC of prior handshake messages for
+ * Finished verification.
+ */
+ if (*s->init_buf->data == SSL3_MT_FINISHED)
+ ssl3_take_mac(s);
+#endif
+
+ /* Feed this message into MAC computation. */
+ ssl3_finish_mac(s, (unsigned char *)s->init_buf->data,
+ s->init_num + SSL3_HM_HEADER_LENGTH);
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data,
+ (size_t)s->init_num + SSL3_HM_HEADER_LENGTH, s,
+ s->msg_callback_arg);
+ *ok = 1;
+ return s->init_num;
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ *ok = 0;
+ return (-1);
+}
+
+int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
+{
+ EVP_PKEY *pk;
+ int ret = -1, i;
+
+ if (pkey == NULL)
+ pk = X509_get_pubkey(x);
+ else
+ pk = pkey;
+ if (pk == NULL)
+ goto err;
+
+ i = pk->type;
+ if (i == EVP_PKEY_RSA) {
+ ret = SSL_PKEY_RSA_ENC;
+ } else if (i == EVP_PKEY_DSA) {
+ ret = SSL_PKEY_DSA_SIGN;
+ }
+#ifndef OPENSSL_NO_EC
+ else if (i == EVP_PKEY_EC) {
+ ret = SSL_PKEY_ECC;
+ }
+#endif
+ else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) {
+ ret = SSL_PKEY_GOST94;
+ } else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) {
+ ret = SSL_PKEY_GOST01;
+ }
+ err:
+ if (!pkey)
+ EVP_PKEY_free(pk);
+ return (ret);
+}
+
+int ssl_verify_alarm_type(long type)
+{
+ int al;
+
+ switch (type) {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
+ al = SSL_AD_UNKNOWN_CA;
+ break;
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+ case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ case X509_V_ERR_CERT_UNTRUSTED:
+ case X509_V_ERR_CERT_REJECTED:
+ al = SSL_AD_BAD_CERTIFICATE;
+ break;
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+ al = SSL_AD_DECRYPT_ERROR;
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_CRL_HAS_EXPIRED:
+ al = SSL_AD_CERTIFICATE_EXPIRED;
+ break;
+ case X509_V_ERR_CERT_REVOKED:
+ al = SSL_AD_CERTIFICATE_REVOKED;
+ break;
+ case X509_V_ERR_UNSPECIFIED:
+ case X509_V_ERR_OUT_OF_MEM:
+ case X509_V_ERR_INVALID_CALL:
+ case X509_V_ERR_STORE_LOOKUP:
+ al = SSL_AD_INTERNAL_ERROR;
+ break;
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+ case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+ case X509_V_ERR_INVALID_CA:
+ al = SSL_AD_UNKNOWN_CA;
+ break;
+ case X509_V_ERR_APPLICATION_VERIFICATION:
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ break;
+ case X509_V_ERR_INVALID_PURPOSE:
+ al = SSL_AD_UNSUPPORTED_CERTIFICATE;
+ break;
+ default:
+ al = SSL_AD_CERTIFICATE_UNKNOWN;
+ break;
+ }
+ return (al);
+}
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+/*-
+ * On some platforms, malloc() performance is bad enough that you can't just
+ * free() and malloc() buffers all the time, so we need to use freelists from
+ * unused buffers. Currently, each freelist holds memory chunks of only a
+ * given size (list->chunklen); other sized chunks are freed and malloced.
+ * This doesn't help much if you're using many different SSL option settings
+ * with a given context. (The options affecting buffer size are
+ * max_send_fragment, read buffer vs write buffer,
+ * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
+ * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
+ * possible size is not an option, since max_send_fragment can take on many
+ * different values.
+ *
+ * If you are on a platform with a slow malloc(), and you're using SSL
+ * connections with many different settings for these options, and you need to
+ * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
+ * - Link against a faster malloc implementation.
+ * - Use a separate SSL_CTX for each option set.
+ * - Improve this code.
+ */
+static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
+{
+ SSL3_BUF_FREELIST *list;
+ SSL3_BUF_FREELIST_ENTRY *ent = NULL;
+ void *result = NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+ if (list != NULL && sz == (int)list->chunklen)
+ ent = list->head;
+ if (ent != NULL) {
+ list->head = ent->next;
+ result = ent;
+ if (--list->len == 0)
+ list->chunklen = 0;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (!result)
+ result = OPENSSL_malloc(sz);
+ return result;
+}
+
+static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
+{
+ SSL3_BUF_FREELIST *list;
+ SSL3_BUF_FREELIST_ENTRY *ent;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+ if (list != NULL &&
+ (sz == list->chunklen || list->chunklen == 0) &&
+ list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
+ list->chunklen = sz;
+ ent = mem;
+ ent->next = list->head;
+ list->head = ent;
+ ++list->len;
+ mem = NULL;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (mem)
+ OPENSSL_free(mem);
+}
+#else
+# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
+# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
+#endif
+
+int ssl3_setup_read_buffer(SSL *s)
+{
+ unsigned char *p;
+ size_t len, align = 0, headerlen;
+
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+ headerlen = DTLS1_RT_HEADER_LENGTH;
+ else
+ headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
+ if (s->s3->rbuf.buf == NULL) {
+ len = SSL3_RT_MAX_PLAIN_LENGTH
+ + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {
+ s->s3->init_extra = 1;
+ len += SSL3_RT_MAX_EXTRA;
+ }
+#ifndef OPENSSL_NO_COMP
+ if (!(s->options & SSL_OP_NO_COMPRESSION))
+ len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+ if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
+ goto err;
+ s->s3->rbuf.buf = p;
+ s->s3->rbuf.len = len;
+ }
+
+ s->packet = &(s->s3->rbuf.buf[0]);
+ return 1;
+
+ err:
+ SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE);
+ return 0;
+}
+
+int ssl3_setup_write_buffer(SSL *s)
+{
+ unsigned char *p;
+ size_t len, align = 0, headerlen;
+
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+ headerlen = DTLS1_RT_HEADER_LENGTH + 1;
+ else
+ headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
+ if (s->s3->wbuf.buf == NULL) {
+ len = s->max_send_fragment
+ + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
+#ifndef OPENSSL_NO_COMP
+ if (!(s->options & SSL_OP_NO_COMPRESSION))
+ len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+ if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
+ len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
+
+ if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
+ goto err;
+ s->s3->wbuf.buf = p;
+ s->s3->wbuf.len = len;
+ }
+
+ return 1;
+
+ err:
+ SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
+ return 0;
+}
+
+int ssl3_setup_buffers(SSL *s)
+{
+ if (!ssl3_setup_read_buffer(s))
+ return 0;
+ if (!ssl3_setup_write_buffer(s))
+ return 0;
+ return 1;
+}
+
+int ssl3_release_write_buffer(SSL *s)
+{
+ if (s->s3->wbuf.buf != NULL) {
+ freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+ s->s3->wbuf.buf = NULL;
+ }
+ return 1;
+}
+
+int ssl3_release_read_buffer(SSL *s)
+{
+ if (s->s3->rbuf.buf != NULL) {
+ freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+ s->s3->rbuf.buf = NULL;
+ }
+ return 1;
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s3_clnt.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,3561 +0,0 @@
-/* ssl/s3_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
-#ifndef OPENSSL_NO_TLSEXT
-static int ssl3_check_finished(SSL *s);
-#endif
-
-#ifndef OPENSSL_NO_SSL3_METHOD
-static const SSL_METHOD *ssl3_get_client_method(int ver)
-{
- if (ver == SSL3_VERSION)
- return (SSLv3_client_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
- ssl_undefined_function,
- ssl3_connect, ssl3_get_client_method)
-#endif
-int ssl3_connect(SSL *s)
-{
- BUF_MEM *buf = NULL;
- unsigned long Time = (unsigned long)time(NULL);
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int ret = -1;
- int new_state, state, skip = 0;
-
- RAND_add(&Time, sizeof(Time), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
-#ifndef OPENSSL_NO_HEARTBEATS
- /*
- * If we're awaiting a HeartbeatResponse, pretend we already got and
- * don't await it anymore, because Heartbeats don't make sense during
- * handshakes anyway.
- */
- if (s->tlsext_hb_pending) {
- s->tlsext_hb_pending = 0;
- s->tlsext_hb_seq++;
- }
-#endif
-
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_RENEGOTIATE:
- s->renegotiate = 1;
- s->state = SSL_ST_CONNECT;
- s->ctx->stats.sess_connect_renegotiate++;
- /* break */
- case SSL_ST_BEFORE:
- case SSL_ST_CONNECT:
- case SSL_ST_BEFORE | SSL_ST_CONNECT:
- case SSL_ST_OK | SSL_ST_CONNECT:
-
- s->server = 0;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- if ((s->version & 0xff00) != 0x0300) {
- SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- ret = -1;
- goto end;
- }
-
- /* s->version=SSL3_VERSION; */
- s->type = SSL_ST_CONNECT;
-
- if (s->init_buf == NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- s->init_buf = buf;
- buf = NULL;
- }
-
- if (!ssl3_setup_buffers(s)) {
- ret = -1;
- goto end;
- }
-
- /* setup buffing BIO */
- if (!ssl_init_wbio_buffer(s, 0)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- /* don't push the buffering BIO quite yet */
-
- ssl3_init_finished_mac(s);
-
- s->state = SSL3_ST_CW_CLNT_HELLO_A;
- s->ctx->stats.sess_connect++;
- s->init_num = 0;
- s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
- /*
- * Should have been reset by ssl3_get_finished, too.
- */
- s->s3->change_cipher_spec = 0;
- break;
-
- case SSL3_ST_CW_CLNT_HELLO_A:
- case SSL3_ST_CW_CLNT_HELLO_B:
-
- s->shutdown = 0;
- ret = ssl3_client_hello(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_SRVR_HELLO_A;
- s->init_num = 0;
-
- /* turn on buffering for the next lot of output */
- if (s->bbio != s->wbio)
- s->wbio = BIO_push(s->bbio, s->wbio);
-
- break;
-
- case SSL3_ST_CR_SRVR_HELLO_A:
- case SSL3_ST_CR_SRVR_HELLO_B:
- ret = ssl3_get_server_hello(s);
- if (ret <= 0)
- goto end;
-
- if (s->hit) {
- s->state = SSL3_ST_CR_FINISHED_A;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_ticket_expected) {
- /* receive renewed session ticket */
- s->state = SSL3_ST_CR_SESSION_TICKET_A;
- }
-#endif
- } else
- s->state = SSL3_ST_CR_CERT_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_CERT_A:
- case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
- /* Noop (ret = 0) for everything but EAP-FAST. */
- ret = ssl3_check_finished(s);
- if (ret < 0)
- goto end;
- if (ret == 1) {
- s->hit = 1;
- s->state = SSL3_ST_CR_FINISHED_A;
- s->init_num = 0;
- break;
- }
-#endif
- /* Check if it is anon DH/ECDH, SRP auth */
- /* or PSK */
- if (!
- (s->s3->tmp.
- new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
- && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- ret = ssl3_get_server_certificate(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_status_expected)
- s->state = SSL3_ST_CR_CERT_STATUS_A;
- else
- s->state = SSL3_ST_CR_KEY_EXCH_A;
- } else {
- skip = 1;
- s->state = SSL3_ST_CR_KEY_EXCH_A;
- }
-#else
- } else
- skip = 1;
-
- s->state = SSL3_ST_CR_KEY_EXCH_A;
-#endif
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_KEY_EXCH_A:
- case SSL3_ST_CR_KEY_EXCH_B:
- ret = ssl3_get_key_exchange(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_CERT_REQ_A;
- s->init_num = 0;
-
- /*
- * at this point we check that we have the required stuff from
- * the server
- */
- if (!ssl3_check_cert_and_algorithm(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- break;
-
- case SSL3_ST_CR_CERT_REQ_A:
- case SSL3_ST_CR_CERT_REQ_B:
- ret = ssl3_get_certificate_request(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_SRVR_DONE_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_SRVR_DONE_A:
- case SSL3_ST_CR_SRVR_DONE_B:
- ret = ssl3_get_server_done(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_SRP
- if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
- if ((ret = SRP_Calc_A_param(s)) <= 0) {
- SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- goto end;
- }
- }
-#endif
- if (s->s3->tmp.cert_req)
- s->state = SSL3_ST_CW_CERT_A;
- else
- s->state = SSL3_ST_CW_KEY_EXCH_A;
- s->init_num = 0;
-
- break;
-
- case SSL3_ST_CW_CERT_A:
- case SSL3_ST_CW_CERT_B:
- case SSL3_ST_CW_CERT_C:
- case SSL3_ST_CW_CERT_D:
- ret = ssl3_send_client_certificate(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CW_KEY_EXCH_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_KEY_EXCH_A:
- case SSL3_ST_CW_KEY_EXCH_B:
- ret = ssl3_send_client_key_exchange(s);
- if (ret <= 0)
- goto end;
- /*
- * EAY EAY EAY need to check for DH fix cert sent back
- */
- /*
- * For TLS, cert_req is set to 2, so a cert chain of nothing is
- * sent, but no verify packet is sent
- */
- /*
- * XXX: For now, we do not support client authentication in ECDH
- * cipher suites with ECDH (rather than ECDSA) certificates. We
- * need to skip the certificate verify message when client's
- * ECDH public key is sent inside the client certificate.
- */
- if (s->s3->tmp.cert_req == 1) {
- s->state = SSL3_ST_CW_CERT_VRFY_A;
- } else {
- s->state = SSL3_ST_CW_CHANGE_A;
- }
- if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
- s->state = SSL3_ST_CW_CHANGE_A;
- }
-
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_CERT_VRFY_A:
- case SSL3_ST_CW_CERT_VRFY_B:
- ret = ssl3_send_client_verify(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CW_CHANGE_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_CHANGE_A:
- case SSL3_ST_CW_CHANGE_B:
- ret = ssl3_send_change_cipher_spec(s,
- SSL3_ST_CW_CHANGE_A,
- SSL3_ST_CW_CHANGE_B);
- if (ret <= 0)
- goto end;
-
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->state = SSL3_ST_CW_FINISHED_A;
-#else
- if (s->s3->next_proto_neg_seen)
- s->state = SSL3_ST_CW_NEXT_PROTO_A;
- else
- s->state = SSL3_ST_CW_FINISHED_A;
-#endif
- s->init_num = 0;
-
- s->session->cipher = s->s3->tmp.new_cipher;
-#ifdef OPENSSL_NO_COMP
- s->session->compress_meth = 0;
-#else
- if (s->s3->tmp.new_compression == NULL)
- s->session->compress_meth = 0;
- else
- s->session->compress_meth = s->s3->tmp.new_compression->id;
-#endif
- if (!s->method->ssl3_enc->setup_key_block(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_CLIENT_WRITE))
- {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- break;
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- case SSL3_ST_CW_NEXT_PROTO_A:
- case SSL3_ST_CW_NEXT_PROTO_B:
- ret = ssl3_send_next_proto(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CW_FINISHED_A;
- break;
-#endif
-
- case SSL3_ST_CW_FINISHED_A:
- case SSL3_ST_CW_FINISHED_B:
- ret = ssl3_send_finished(s,
- SSL3_ST_CW_FINISHED_A,
- SSL3_ST_CW_FINISHED_B,
- s->method->
- ssl3_enc->client_finished_label,
- s->method->
- ssl3_enc->client_finished_label_len);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CW_FLUSH;
-
- /* clear flags */
- s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
- if (s->hit) {
- s->s3->tmp.next_state = SSL_ST_OK;
- if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
- s->state = SSL_ST_OK;
- s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
- s->s3->delay_buf_pop_ret = 0;
- }
- } else {
-#ifndef OPENSSL_NO_TLSEXT
- /*
- * Allow NewSessionTicket if ticket expected
- */
- if (s->tlsext_ticket_expected)
- s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
- else
-#endif
-
- s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
- }
- s->init_num = 0;
- break;
-
-#ifndef OPENSSL_NO_TLSEXT
- case SSL3_ST_CR_SESSION_TICKET_A:
- case SSL3_ST_CR_SESSION_TICKET_B:
- ret = ssl3_get_new_session_ticket(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_FINISHED_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CR_CERT_STATUS_A:
- case SSL3_ST_CR_CERT_STATUS_B:
- ret = ssl3_get_cert_status(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_CR_KEY_EXCH_A;
- s->init_num = 0;
- break;
-#endif
-
- case SSL3_ST_CR_FINISHED_A:
- case SSL3_ST_CR_FINISHED_B:
- if (!s->s3->change_cipher_spec)
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
- ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
- SSL3_ST_CR_FINISHED_B);
- if (ret <= 0)
- goto end;
-
- if (s->hit)
- s->state = SSL3_ST_CW_CHANGE_A;
- else
- s->state = SSL_ST_OK;
- s->init_num = 0;
- break;
-
- case SSL3_ST_CW_FLUSH:
- s->rwstate = SSL_WRITING;
- if (BIO_flush(s->wbio) <= 0) {
- ret = -1;
- goto end;
- }
- s->rwstate = SSL_NOTHING;
- s->state = s->s3->tmp.next_state;
- break;
-
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
-
- /*
- * If we are not 'joining' the last two packets, remove the
- * buffering now
- */
- if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
- ssl_free_wbio_buffer(s);
- /* else do it later in ssl3_write */
-
- s->init_num = 0;
- s->renegotiate = 0;
- s->new_session = 0;
-
- ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
- if (s->hit)
- s->ctx->stats.sess_hit++;
-
- ret = 1;
- /* s->server=0; */
- s->handshake_func = ssl3_connect;
- s->ctx->stats.sess_connect_good++;
-
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
- goto end;
- /* break; */
-
- case SSL_ST_ERR:
- default:
- SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
- ret = -1;
- goto end;
- /* break; */
- }
-
- /* did we do anything */
- if (!s->s3->tmp.reuse_message && !skip) {
- if (s->debug) {
- if ((ret = BIO_flush(s->wbio)) <= 0)
- goto end;
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_CONNECT_LOOP, 1);
- s->state = new_state;
- }
- }
- skip = 0;
- }
- end:
- s->in_handshake--;
- if (buf != NULL)
- BUF_MEM_free(buf);
- if (cb != NULL)
- cb(s, SSL_CB_CONNECT_EXIT, ret);
- return (ret);
-}
-
-int ssl3_client_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- int i;
- unsigned long l;
-#ifndef OPENSSL_NO_COMP
- int j;
- SSL_COMP *comp;
-#endif
-
- buf = (unsigned char *)s->init_buf->data;
- if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
- SSL_SESSION *sess = s->session;
- if ((sess == NULL) || (sess->ssl_version != s->version) ||
-#ifdef OPENSSL_NO_TLSEXT
- !sess->session_id_length ||
-#else
- /*
- * In the case of EAP-FAST, we can have a pre-shared
- * "ticket" without a session ID.
- */
- (!sess->session_id_length && !sess->tlsext_tick) ||
-#endif
- (sess->not_resumable)) {
- if (!ssl_get_new_session(s, 0))
- goto err;
- }
- /* else use the pre-loaded session */
-
- p = s->s3->client_random;
-
- if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
- goto err;
-
- /* Do the message type and length last */
- d = p = &(buf[4]);
-
- /*-
- * version indicates the negotiated version: for example from
- * an SSLv2/v3 compatible client hello). The client_version
- * field is the maximum version we permit and it is also
- * used in RSA encrypted premaster secrets. Some servers can
- * choke if we initially report a higher version then
- * renegotiate to a lower one in the premaster secret. This
- * didn't happen with TLS 1.0 as most servers supported it
- * but it can with TLS 1.1 or later if the server only supports
- * 1.0.
- *
- * Possible scenario with previous logic:
- * 1. Client hello indicates TLS 1.2
- * 2. Server hello says TLS 1.0
- * 3. RSA encrypted premaster secret uses 1.2.
- * 4. Handhaked proceeds using TLS 1.0.
- * 5. Server sends hello request to renegotiate.
- * 6. Client hello indicates TLS v1.0 as we now
- * know that is maximum server supports.
- * 7. Server chokes on RSA encrypted premaster secret
- * containing version 1.0.
- *
- * For interoperability it should be OK to always use the
- * maximum version we support in client hello and then rely
- * on the checking of version to ensure the servers isn't
- * being inconsistent: for example initially negotiating with
- * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
- * client_version in client hello and not resetting it to
- * the negotiated version.
- */
-#if 0
- *(p++) = s->version >> 8;
- *(p++) = s->version & 0xff;
- s->client_version = s->version;
-#else
- *(p++) = s->client_version >> 8;
- *(p++) = s->client_version & 0xff;
-#endif
-
- /* Random stuff */
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- /* Session ID */
- if (s->new_session)
- i = 0;
- else
- i = s->session->session_id_length;
- *(p++) = i;
- if (i != 0) {
- if (i > (int)sizeof(s->session->session_id)) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- memcpy(p, s->session->session_id, i);
- p += i;
- }
-
- /* Ciphers supported */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
- if (i == 0) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- goto err;
- }
-#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
- /*
- * Some servers hang if client hello > 256 bytes as hack workaround
- * chop number of supported ciphers to keep it well below this if we
- * use TLS v1.2
- */
- if (TLS1_get_version(s) >= TLS1_2_VERSION
- && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
- i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
-#endif
- s2n(i, p);
- p += i;
-
- /* COMPRESSION */
-#ifdef OPENSSL_NO_COMP
- *(p++) = 1;
-#else
-
- if ((s->options & SSL_OP_NO_COMPRESSION)
- || !s->ctx->comp_methods)
- j = 0;
- else
- j = sk_SSL_COMP_num(s->ctx->comp_methods);
- *(p++) = 1 + j;
- for (i = 0; i < j; i++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
- *(p++) = comp->id;
- }
-#endif
- *(p++) = 0; /* Add the NULL method */
-
-#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions */
- if (ssl_prepare_clienthello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- goto err;
- }
- if ((p =
- ssl_add_clienthello_tlsext(s, p,
- buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
- NULL) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#endif
-
- l = (p - d);
- d = buf;
- *(d++) = SSL3_MT_CLIENT_HELLO;
- l2n3(l, d);
-
- s->state = SSL3_ST_CW_CLNT_HELLO_B;
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_get_server_hello(SSL *s)
-{
- STACK_OF(SSL_CIPHER) *sk;
- const SSL_CIPHER *c;
- unsigned char *p, *d;
- int i, al, ok;
- unsigned int j;
- long n;
-#ifndef OPENSSL_NO_COMP
- SSL_COMP *comp;
-#endif
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_SRVR_HELLO_A,
- SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, &ok);
-
- if (!ok)
- return ((int)n);
-
- if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) {
- if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
- if (s->d1->send_cookie == 0) {
- s->s3->tmp.reuse_message = 1;
- return 1;
- } else { /* already sent a cookie */
-
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
- goto f_err;
- }
- }
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
- goto f_err;
- }
-
- d = p = (unsigned char *)s->init_msg;
-
- if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
- s->version = (s->version & 0xff00) | p[1];
- al = SSL_AD_PROTOCOL_VERSION;
- goto f_err;
- }
- p += 2;
-
- /* load the server hello data */
- /* load the server random */
- memcpy(s->s3->server_random, p, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- s->hit = 0;
-
- /* get the session-id */
- j = *(p++);
-
- if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
- goto f_err;
- }
-#ifndef OPENSSL_NO_TLSEXT
- /*
- * Check if we can resume the session based on external pre-shared secret.
- * EAP-FAST (RFC 4851) supports two types of session resumption.
- * Resumption based on server-side state works with session IDs.
- * Resumption based on pre-shared Protected Access Credentials (PACs)
- * works by overriding the SessionTicket extension at the application
- * layer, and does not send a session ID. (We do not know whether EAP-FAST
- * servers would honour the session ID.) Therefore, the session ID alone
- * is not a reliable indicator of session resumption, so we first check if
- * we can resume, and later peek at the next handshake message to see if the
- * server wants to resume.
- */
- if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
- s->session->tlsext_tick) {
- SSL_CIPHER *pref_cipher = NULL;
- s->session->master_key_length = sizeof(s->session->master_key);
- if (s->tls_session_secret_cb(s, s->session->master_key,
- &s->session->master_key_length,
- NULL, &pref_cipher,
- s->tls_session_secret_cb_arg)) {
- s->session->cipher = pref_cipher ?
- pref_cipher : ssl_get_cipher_by_char(s, p + j);
- } else {
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- }
-#endif /* OPENSSL_NO_TLSEXT */
-
- if (j != 0 && j == s->session->session_id_length
- && memcmp(p, s->session->session_id, j) == 0) {
- if (s->sid_ctx_length != s->session->sid_ctx_length
- || memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) {
- /* actually a client application bug */
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
- SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
- goto f_err;
- }
- s->hit = 1;
- } else {
- /*
- * If we were trying for session-id reuse but the server
- * didn't echo the ID, make a new SSL_SESSION.
- * In the case of EAP-FAST and PAC, we do not send a session ID,
- * so the PAC-based session secret is always preserved. It'll be
- * overwritten if the server refuses resumption.
- */
- if (s->session->session_id_length > 0) {
- if (!ssl_get_new_session(s, 0)) {
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- }
- s->session->session_id_length = j;
- memcpy(s->session->session_id, p, j); /* j could be 0 */
- }
- p += j;
- c = ssl_get_cipher_by_char(s, p);
- if (c == NULL) {
- /* unknown cipher */
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
- goto f_err;
- }
- /* TLS v1.2 only ciphersuites require v1.2 or later */
- if ((c->algorithm_ssl & SSL_TLSV1_2) &&
- (TLS1_get_version(s) < TLS1_2_VERSION)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
- goto f_err;
- }
-#ifndef OPENSSL_NO_SRP
- if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) &&
- !(s->srp_ctx.srp_Mask & SSL_kSRP)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
- goto f_err;
- }
-#endif /* OPENSSL_NO_SRP */
- p += ssl_put_cipher_by_char(s, NULL, NULL);
-
- sk = ssl_get_ciphers_by_id(s);
- i = sk_SSL_CIPHER_find(sk, c);
- if (i < 0) {
- /* we did not say we would use this cipher */
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
- goto f_err;
- }
-
- /*
- * Depending on the session caching (internal/external), the cipher
- * and/or cipher_id values may not be set. Make sure that cipher_id is
- * set and use it for comparison.
- */
- if (s->session->cipher)
- s->session->cipher_id = s->session->cipher->id;
- if (s->hit && (s->session->cipher_id != c->id)) {
-/* Workaround is now obsolete */
-#if 0
- if (!(s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
-#endif
- {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
- SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
- goto f_err;
- }
- }
- s->s3->tmp.new_cipher = c;
- /*
- * Don't digest cached records if TLS v1.2: we may need them for client
- * authentication.
- */
- if (TLS1_get_version(s) < TLS1_2_VERSION
- && !ssl3_digest_cached_records(s)) {
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- /* lets get the compression algorithm */
- /* COMPRESSION */
-#ifdef OPENSSL_NO_COMP
- if (*(p++) != 0) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
- SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
- goto f_err;
- }
- /*
- * If compression is disabled we'd better not try to resume a session
- * using compression.
- */
- if (s->session->compress_meth != 0) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
- goto f_err;
- }
-#else
- j = *(p++);
- if (s->hit && j != s->session->compress_meth) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
- SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
- goto f_err;
- }
- if (j == 0)
- comp = NULL;
- else if (s->options & SSL_OP_NO_COMPRESSION) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_COMPRESSION_DISABLED);
- goto f_err;
- } else
- comp = ssl3_comp_find(s->ctx->comp_methods, j);
-
- if ((j != 0) && (comp == NULL)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
- SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
- goto f_err;
- } else {
- s->s3->tmp.new_compression = comp;
- }
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions */
- if (s->version >= SSL3_VERSION) {
- if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) {
- /* 'al' set by ssl_parse_serverhello_tlsext */
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT);
- goto f_err;
- }
- if (ssl_check_serverhello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
- goto err;
- }
- }
-#endif
-
- if (p != (d + n)) {
- /* wrong packet length */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);
- goto f_err;
- }
-
- return (1);
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_get_server_certificate(SSL *s)
-{
- int al, i, ok, ret = -1;
- unsigned long n, nc, llen, l;
- X509 *x = NULL;
- const unsigned char *q, *p;
- unsigned char *d;
- STACK_OF(X509) *sk = NULL;
- SESS_CERT *sc;
- EVP_PKEY *pkey = NULL;
- int need_cert = 1; /* VRS: 0=> will allow null cert if auth ==
- * KRB5 */
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_CERT_A,
- SSL3_ST_CR_CERT_B,
- -1, s->max_cert_list, &ok);
-
- if (!ok)
- return ((int)n);
-
- if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
- ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) &&
- (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE))) {
- s->s3->tmp.reuse_message = 1;
- return (1);
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_BAD_MESSAGE_TYPE);
- goto f_err;
- }
- p = d = (unsigned char *)s->init_msg;
-
- if ((sk = sk_X509_new_null()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- n2l3(p, llen);
- if (llen + 3 != n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- for (nc = 0; nc < llen;) {
- n2l3(p, l);
- if ((l + nc + 3) > llen) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
- SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
-
- q = p;
- x = d2i_X509(NULL, &q, l);
- if (x == NULL) {
- al = SSL_AD_BAD_CERTIFICATE;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_ASN1_LIB);
- goto f_err;
- }
- if (q != (p + l)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
- SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
- if (!sk_X509_push(sk, x)) {
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- x = NULL;
- nc += l + 3;
- p = q;
- }
-
- i = ssl_verify_cert_chain(s, sk);
- if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
-#ifndef OPENSSL_NO_KRB5
- && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
- (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
-#endif /* OPENSSL_NO_KRB5 */
- ) {
- al = ssl_verify_alarm_type(s->verify_result);
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
- SSL_R_CERTIFICATE_VERIFY_FAILED);
- goto f_err;
- }
- ERR_clear_error(); /* but we keep s->verify_result */
-
- sc = ssl_sess_cert_new();
- if (sc == NULL)
- goto err;
-
- if (s->session->sess_cert)
- ssl_sess_cert_free(s->session->sess_cert);
- s->session->sess_cert = sc;
-
- sc->cert_chain = sk;
- /*
- * Inconsistency alert: cert_chain does include the peer's certificate,
- * which we don't include in s3_srvr.c
- */
- x = sk_X509_value(sk, 0);
- sk = NULL;
- /*
- * VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end
- */
-
- pkey = X509_get_pubkey(x);
-
- /* VRS: allow null cert if auth == KRB5 */
- need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
- (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
- ? 0 : 1;
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "pkey,x = %p, %p\n", pkey, x);
- fprintf(stderr, "ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x, pkey));
- fprintf(stderr, "cipher, alg, nc = %s, %lx, %lx, %d\n",
- s->s3->tmp.new_cipher->name,
- s->s3->tmp.new_cipher->algorithm_mkey,
- s->s3->tmp.new_cipher->algorithm_auth, need_cert);
-#endif /* KSSL_DEBUG */
-
- if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) {
- x = NULL;
- al = SSL3_AL_FATAL;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
- SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
- goto f_err;
- }
-
- i = ssl_cert_type(x, pkey);
- if (need_cert && i < 0) {
- x = NULL;
- al = SSL3_AL_FATAL;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
- SSL_R_UNKNOWN_CERTIFICATE_TYPE);
- goto f_err;
- }
-
- if (need_cert) {
- sc->peer_cert_type = i;
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
- /*
- * Why would the following ever happen? We just created sc a couple
- * of lines ago.
- */
- if (sc->peer_pkeys[i].x509 != NULL)
- X509_free(sc->peer_pkeys[i].x509);
- sc->peer_pkeys[i].x509 = x;
- sc->peer_key = &(sc->peer_pkeys[i]);
-
- if (s->session->peer != NULL)
- X509_free(s->session->peer);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
- s->session->peer = x;
- } else {
- sc->peer_cert_type = i;
- sc->peer_key = NULL;
-
- if (s->session->peer != NULL)
- X509_free(s->session->peer);
- s->session->peer = NULL;
- }
- s->session->verify_result = s->verify_result;
-
- x = NULL;
- ret = 1;
-
- if (0) {
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- s->state = SSL_ST_ERR;
- }
-
- EVP_PKEY_free(pkey);
- X509_free(x);
- sk_X509_pop_free(sk, X509_free);
- return (ret);
-}
-
-int ssl3_get_key_exchange(SSL *s)
-{
-#ifndef OPENSSL_NO_RSA
- unsigned char *q, md_buf[EVP_MAX_MD_SIZE * 2];
-#endif
- EVP_MD_CTX md_ctx;
- unsigned char *param, *p;
- int al, j, ok;
- long i, param_len, n, alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- const EVP_MD *md = NULL;
-#ifndef OPENSSL_NO_RSA
- RSA *rsa = NULL;
-#endif
-#ifndef OPENSSL_NO_DH
- DH *dh = NULL;
-#endif
-#ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh = NULL;
- BN_CTX *bn_ctx = NULL;
- EC_POINT *srvr_ecpoint = NULL;
- int curve_nid = 0;
- int encoded_pt_len = 0;
-#endif
-
- EVP_MD_CTX_init(&md_ctx);
-
- /*
- * use same message size as in ssl3_get_certificate_request() as
- * ServerKeyExchange message may be skipped
- */
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_KEY_EXCH_A,
- SSL3_ST_CR_KEY_EXCH_B,
- -1, s->max_cert_list, &ok);
- if (!ok)
- return ((int)n);
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
- if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
- /*
- * Can't skip server key exchange if this is an ephemeral
- * ciphersuite.
- */
- if (alg_k & (SSL_kEDH | SSL_kEECDH)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
- al = SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
-#ifndef OPENSSL_NO_PSK
- /*
- * In plain PSK ciphersuite, ServerKeyExchange can be omitted if no
- * identity hint is sent. Set session->sess_cert anyway to avoid
- * problems later.
- */
- if (alg_k & SSL_kPSK) {
- s->session->sess_cert = ssl_sess_cert_new();
- if (s->ctx->psk_identity_hint)
- OPENSSL_free(s->ctx->psk_identity_hint);
- s->ctx->psk_identity_hint = NULL;
- }
-#endif
- s->s3->tmp.reuse_message = 1;
- return (1);
- }
-
- param = p = (unsigned char *)s->init_msg;
- if (s->session->sess_cert != NULL) {
-#ifndef OPENSSL_NO_RSA
- if (s->session->sess_cert->peer_rsa_tmp != NULL) {
- RSA_free(s->session->sess_cert->peer_rsa_tmp);
- s->session->sess_cert->peer_rsa_tmp = NULL;
- }
-#endif
-#ifndef OPENSSL_NO_DH
- if (s->session->sess_cert->peer_dh_tmp) {
- DH_free(s->session->sess_cert->peer_dh_tmp);
- s->session->sess_cert->peer_dh_tmp = NULL;
- }
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (s->session->sess_cert->peer_ecdh_tmp) {
- EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
- s->session->sess_cert->peer_ecdh_tmp = NULL;
- }
-#endif
- } else {
- s->session->sess_cert = ssl_sess_cert_new();
- }
-
- /* Total length of the parameters including the length prefix */
- param_len = 0;
-
- alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
- al = SSL_AD_DECODE_ERROR;
-
-#ifndef OPENSSL_NO_PSK
- if (alg_k & SSL_kPSK) {
- param_len = 2;
- if (param_len > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- n2s(p, i);
-
- /*
- * Store PSK identity hint for later use, hint is used in
- * ssl3_send_client_key_exchange. Assume that the maximum length of
- * a PSK identity hint can be as long as the maximum length of a PSK
- * identity.
- */
- if (i > PSK_MAX_IDENTITY_LEN) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG);
- goto f_err;
- }
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- s->session->psk_identity_hint = BUF_strndup((char *)p, i);
- if (s->session->psk_identity_hint == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto f_err;
- }
-
- p += i;
- n -= param_len;
- } else
-#endif /* !OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
- if (alg_k & SSL_kSRP) {
- param_len = 2;
- if (param_len > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_N_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(s->srp_ctx.N = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
-
- if (2 > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- param_len += 2;
-
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_G_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(s->srp_ctx.g = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
-
- if (1 > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- param_len += 1;
-
- i = (unsigned int)(p[0]);
- p++;
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_S_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(s->srp_ctx.s = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
-
- if (2 > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- param_len += 2;
-
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_B_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(s->srp_ctx.B = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
- n -= param_len;
-
- if (!srp_verify_server_param(s, &al)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_PARAMETERS);
- goto f_err;
- }
-
-/* We must check if there is a certificate */
-# ifndef OPENSSL_NO_RSA
- if (alg_a & SSL_aRSA)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-# else
- if (0) ;
-# endif
-# ifndef OPENSSL_NO_DSA
- else if (alg_a & SSL_aDSS)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
- x509);
-# endif
- } else
-#endif /* !OPENSSL_NO_SRP */
-#ifndef OPENSSL_NO_RSA
- if (alg_k & SSL_kRSA) {
- /* Temporary RSA keys only allowed in export ciphersuites */
- if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- if ((rsa = RSA_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- param_len = 2;
- if (param_len > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_MODULUS_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(rsa->n = BN_bin2bn(p, i, rsa->n))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
-
- if (2 > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- param_len += 2;
-
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_E_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(rsa->e = BN_bin2bn(p, i, rsa->e))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
- n -= param_len;
-
- /* this should be because we are using an export cipher */
- if (alg_a & SSL_aRSA)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
- else {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
-
- s->session->sess_cert->peer_rsa_tmp = rsa;
- rsa = NULL;
- }
-#else /* OPENSSL_NO_RSA */
- if (0) ;
-#endif
-#ifndef OPENSSL_NO_DH
- else if (alg_k & SSL_kEDH) {
- if ((dh = DH_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
-
- param_len = 2;
- if (param_len > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(dh->p = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
-
- if (BN_is_zero(dh->p)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
- goto f_err;
- }
-
-
- if (2 > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- param_len += 2;
-
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(dh->g = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
-
- if (BN_is_zero(dh->g)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
- goto f_err;
- }
-
- if (2 > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- param_len += 2;
-
- n2s(p, i);
-
- if (i > n - param_len) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_LENGTH);
- goto f_err;
- }
- param_len += i;
-
- if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
- n -= param_len;
-
- if (BN_is_zero(dh->pub_key)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_VALUE);
- goto f_err;
- }
-
-# ifndef OPENSSL_NO_RSA
- if (alg_a & SSL_aRSA)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-# else
- if (0) ;
-# endif
-# ifndef OPENSSL_NO_DSA
- else if (alg_a & SSL_aDSS)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
- x509);
-# endif
- /* else anonymous DH, so no certificate or pkey. */
-
- s->session->sess_cert->peer_dh_tmp = dh;
- dh = NULL;
- } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
- goto f_err;
- }
-#endif /* !OPENSSL_NO_DH */
-
-#ifndef OPENSSL_NO_ECDH
- else if (alg_k & SSL_kEECDH) {
- EC_GROUP *ngroup;
- const EC_GROUP *group;
-
- if ((ecdh = EC_KEY_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /*
- * Extract elliptic curve parameters and the server's ephemeral ECDH
- * public key. Keep accumulating lengths of various components in
- * param_len and make sure it never exceeds n.
- */
-
- /*
- * XXX: For now we only support named (not generic) curves and the
- * ECParameters in this case is just three bytes. We also need one
- * byte for the length of the encoded point
- */
- param_len = 4;
- if (param_len > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
-
- if ((*p != NAMED_CURVE_TYPE) ||
- ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
- goto f_err;
- }
-
- ngroup = EC_GROUP_new_by_curve_name(curve_nid);
- if (ngroup == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- if (EC_KEY_set_group(ecdh, ngroup) == 0) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- EC_GROUP_free(ngroup);
-
- group = EC_KEY_get0_group(ecdh);
-
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- al = SSL_AD_EXPORT_RESTRICTION;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto f_err;
- }
-
- p += 3;
-
- /* Next, get the encoded ECPoint */
- if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
- ((bn_ctx = BN_CTX_new()) == NULL)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- encoded_pt_len = *p; /* length of encoded point */
- p += 1;
-
- if ((encoded_pt_len > n - param_len) ||
- (EC_POINT_oct2point(group, srvr_ecpoint,
- p, encoded_pt_len, bn_ctx) == 0)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_ECPOINT);
- goto f_err;
- }
- param_len += encoded_pt_len;
-
- n -= param_len;
- p += encoded_pt_len;
-
- /*
- * The ECC/TLS specification does not mention the use of DSA to sign
- * ECParameters in the server key exchange message. We do support RSA
- * and ECDSA.
- */
- if (0) ;
-# ifndef OPENSSL_NO_RSA
- else if (alg_a & SSL_aRSA)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-# endif
-# ifndef OPENSSL_NO_ECDSA
- else if (alg_a & SSL_aECDSA)
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
-# endif
- /* else anonymous ECDH, so no certificate or pkey. */
- EC_KEY_set_public_key(ecdh, srvr_ecpoint);
- s->session->sess_cert->peer_ecdh_tmp = ecdh;
- ecdh = NULL;
- BN_CTX_free(bn_ctx);
- bn_ctx = NULL;
- EC_POINT_free(srvr_ecpoint);
- srvr_ecpoint = NULL;
- } else if (alg_k) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
-#endif /* !OPENSSL_NO_ECDH */
-
- /* p points to the next byte, there are 'n' bytes left */
-
- /* if it was signed, check the signature */
- if (pkey != NULL) {
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- int sigalg;
- if (2 > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
-
- sigalg = tls12_get_sigid(pkey);
- /* Should never happen */
- if (sigalg == -1) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- /* Check key type is consistent with signature */
- if (sigalg != (int)p[1]) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_WRONG_SIGNATURE_TYPE);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
- md = tls12_get_hash(p[0]);
- if (md == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNKNOWN_DIGEST);
- goto f_err;
- }
-#ifdef SSL_DEBUG
- fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
-#endif
- p += 2;
- n -= 2;
- } else
- md = EVP_sha1();
-
- if (2 > n) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- n2s(p, i);
- n -= 2;
- j = EVP_PKEY_size(pkey);
-
- /*
- * Check signature length. If n is 0 then signature is empty
- */
- if ((i != n) || (n > j) || (n <= 0)) {
- /* wrong packet length */
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
- goto f_err;
- }
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA
- && TLS1_get_version(s) < TLS1_2_VERSION) {
- int num;
- unsigned int size;
-
- j = 0;
- q = md_buf;
- for (num = 2; num > 0; num--) {
- EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- if (EVP_DigestInit_ex(&md_ctx,
- (num == 2) ? s->ctx->md5 : s->ctx->sha1,
- NULL) <= 0
- || EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(&md_ctx, param, param_len) <= 0
- || EVP_DigestFinal_ex(&md_ctx, q, &size) <= 0) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- q += size;
- j += size;
- }
- i = RSA_verify(NID_md5_sha1, md_buf, j, p, n, pkey->pkey.rsa);
- if (i < 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_DECRYPT);
- goto f_err;
- }
- if (i == 0) {
- /* bad signature */
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- } else
-#endif
- {
- if (EVP_VerifyInit_ex(&md_ctx, md, NULL) <= 0
- || EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_VerifyUpdate(&md_ctx, param, param_len) <= 0) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EVP_LIB);
- goto f_err;
- }
- if (EVP_VerifyFinal(&md_ctx, p, (int)n, pkey) <= 0) {
- /* bad signature */
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- }
- } else {
- /* aNULL, aSRP or kPSK do not need public keys */
- if (!(alg_a & (SSL_aNULL | SSL_aSRP)) && !(alg_k & SSL_kPSK)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- /* still data left over */
- if (n != 0) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);
- goto f_err;
- }
- }
- EVP_PKEY_free(pkey);
- EVP_MD_CTX_cleanup(&md_ctx);
- return (1);
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- EVP_PKEY_free(pkey);
-#ifndef OPENSSL_NO_RSA
- if (rsa != NULL)
- RSA_free(rsa);
-#endif
-#ifndef OPENSSL_NO_DH
- if (dh != NULL)
- DH_free(dh);
-#endif
-#ifndef OPENSSL_NO_ECDH
- BN_CTX_free(bn_ctx);
- EC_POINT_free(srvr_ecpoint);
- if (ecdh != NULL)
- EC_KEY_free(ecdh);
-#endif
- EVP_MD_CTX_cleanup(&md_ctx);
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_get_certificate_request(SSL *s)
-{
- int ok, ret = 0;
- unsigned long n, nc, l;
- unsigned int llen, ctype_num, i;
- X509_NAME *xn = NULL;
- const unsigned char *p, *q;
- unsigned char *d;
- STACK_OF(X509_NAME) *ca_sk = NULL;
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_CERT_REQ_A,
- SSL3_ST_CR_CERT_REQ_B,
- -1, s->max_cert_list, &ok);
-
- if (!ok)
- return ((int)n);
-
- s->s3->tmp.cert_req = 0;
-
- if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
- s->s3->tmp.reuse_message = 1;
- /*
- * If we get here we don't need any cached handshake records as we
- * wont be doing client auth.
- */
- if (s->s3->handshake_buffer) {
- if (!ssl3_digest_cached_records(s))
- goto err;
- }
- return (1);
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_WRONG_MESSAGE_TYPE);
- goto err;
- }
-
- /* TLS does not like anon-DH with client cert */
- if (s->version > SSL3_VERSION) {
- if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
- SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
- goto err;
- }
- }
-
- p = d = (unsigned char *)s->init_msg;
-
- if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* get the certificate types */
- ctype_num = *(p++);
- if (ctype_num > SSL3_CT_NUMBER)
- ctype_num = SSL3_CT_NUMBER;
- for (i = 0; i < ctype_num; i++)
- s->s3->tmp.ctype[i] = p[i];
- p += ctype_num;
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- n2s(p, llen);
- /*
- * Check we have enough room for signature algorithms and following
- * length value.
- */
- if ((unsigned long)(p - d + llen + 2) > n) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
- SSL_R_DATA_LENGTH_TOO_LONG);
- goto err;
- }
- if ((llen & 1) || !tls1_process_sigalgs(s, p, llen)) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
- SSL_R_SIGNATURE_ALGORITHMS_ERROR);
- goto err;
- }
- p += llen;
- }
-
- /* get the CA RDNs */
- n2s(p, llen);
-#if 0
- {
- FILE *out;
- out = fopen("/tmp/vsign.der", "w");
- fwrite(p, 1, llen, out);
- fclose(out);
- }
-#endif
-
- if ((unsigned long)(p - d + llen) != n) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);
- goto err;
- }
-
- for (nc = 0; nc < llen;) {
- n2s(p, l);
- if ((l + nc + 2) > llen) {
- if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
- goto cont; /* netscape bugs */
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
- goto err;
- }
-
- q = p;
-
- if ((xn = d2i_X509_NAME(NULL, &q, l)) == NULL) {
- /* If netscape tolerance is on, ignore errors */
- if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
- goto cont;
- else {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_ASN1_LIB);
- goto err;
- }
- }
-
- if (q != (p + l)) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
- SSL_R_CA_DN_LENGTH_MISMATCH);
- goto err;
- }
- if (!sk_X509_NAME_push(ca_sk, xn)) {
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- p += l;
- nc += l + 2;
- }
-
- if (0) {
- cont:
- ERR_clear_error();
- }
-
- /* we should setup a certificate to return.... */
- s->s3->tmp.cert_req = 1;
- s->s3->tmp.ctype_num = ctype_num;
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- s->s3->tmp.ca_names = ca_sk;
- ca_sk = NULL;
-
- ret = 1;
- goto done;
- err:
- s->state = SSL_ST_ERR;
- done:
- if (ca_sk != NULL)
- sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
- return (ret);
-}
-
-static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
-{
- return (X509_NAME_cmp(*a, *b));
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-int ssl3_get_new_session_ticket(SSL *s)
-{
- int ok, al, ret = 0, ticklen;
- long n;
- const unsigned char *p;
- unsigned char *d;
- unsigned long ticket_lifetime_hint;
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_SESSION_TICKET_A,
- SSL3_ST_CR_SESSION_TICKET_B,
- SSL3_MT_NEWSESSION_TICKET, 16384, &ok);
-
- if (!ok)
- return ((int)n);
-
- if (n < 6) {
- /* need at least ticket_lifetime_hint + ticket length */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
-
- p = d = (unsigned char *)s->init_msg;
-
- n2l(p, ticket_lifetime_hint);
- n2s(p, ticklen);
- /* ticket_lifetime_hint + ticket_length + ticket */
- if (ticklen + 6 != n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
-
- /* Server is allowed to change its mind and send an empty ticket. */
- if (ticklen == 0)
- return 1;
-
- if (s->session->session_id_length > 0) {
- int i = s->session_ctx->session_cache_mode;
- SSL_SESSION *new_sess;
- /*
- * We reused an existing session, so we need to replace it with a new
- * one
- */
- if (i & SSL_SESS_CACHE_CLIENT) {
- /*
- * Remove the old session from the cache
- */
- if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) {
- if (s->session_ctx->remove_session_cb != NULL)
- s->session_ctx->remove_session_cb(s->session_ctx,
- s->session);
- } else {
- /* We carry on if this fails */
- SSL_CTX_remove_session(s->session_ctx, s->session);
- }
- }
-
- if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
- goto f_err;
- }
-
- SSL_SESSION_free(s->session);
- s->session = new_sess;
- }
-
- if (s->session->tlsext_tick) {
- OPENSSL_free(s->session->tlsext_tick);
- s->session->tlsext_ticklen = 0;
- }
- s->session->tlsext_tick = OPENSSL_malloc(ticklen);
- if (!s->session->tlsext_tick) {
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(s->session->tlsext_tick, p, ticklen);
- s->session->tlsext_tick_lifetime_hint = ticket_lifetime_hint;
- s->session->tlsext_ticklen = ticklen;
- /*
- * There are two ways to detect a resumed ticket session. One is to set
- * an appropriate session ID and then the server must return a match in
- * ServerHello. This allows the normal client session ID matching to work
- * and we know much earlier that the ticket has been accepted. The
- * other way is to set zero length session ID when the ticket is
- * presented and rely on the handshake to determine session resumption.
- * We choose the former approach because this fits in with assumptions
- * elsewhere in OpenSSL. The session ID is set to the SHA256 (or SHA1 is
- * SHA256 is disabled) hash of the ticket.
- */
- EVP_Digest(p, ticklen,
- s->session->session_id, &s->session->session_id_length,
-# ifndef OPENSSL_NO_SHA256
- EVP_sha256(), NULL);
-# else
- EVP_sha1(), NULL);
-# endif
- ret = 1;
- return (ret);
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_get_cert_status(SSL *s)
-{
- int ok, al;
- unsigned long resplen, n;
- const unsigned char *p;
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_CERT_STATUS_A,
- SSL3_ST_CR_CERT_STATUS_B,
- SSL3_MT_CERTIFICATE_STATUS, 16384, &ok);
-
- if (!ok)
- return ((int)n);
- if (n < 4) {
- /* need at least status type + length */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- p = (unsigned char *)s->init_msg;
- if (*p++ != TLSEXT_STATUSTYPE_ocsp) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE);
- goto f_err;
- }
- n2l3(p, resplen);
- if (resplen + 4 != n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
- if (!s->tlsext_ocsp_resp) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
- goto f_err;
- }
- s->tlsext_ocsp_resplen = resplen;
- if (s->ctx->tlsext_status_cb) {
- int ret;
- ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
- if (ret == 0) {
- al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_INVALID_STATUS_RESPONSE);
- goto f_err;
- }
- if (ret < 0) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
- goto f_err;
- }
- }
- return 1;
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- s->state = SSL_ST_ERR;
- return (-1);
-}
-#endif
-
-int ssl3_get_server_done(SSL *s)
-{
- int ok, ret = 0;
- long n;
-
- /* Second to last param should be very small, like 0 :-) */
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_SRVR_DONE_A,
- SSL3_ST_CR_SRVR_DONE_B,
- SSL3_MT_SERVER_DONE, 30, &ok);
-
- if (!ok)
- return ((int)n);
- if (n > 0) {
- /* should contain no data */
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
- s->state = SSL_ST_ERR;
- return -1;
- }
- ret = 1;
- return (ret);
-}
-
-int ssl3_send_client_key_exchange(SSL *s)
-{
- unsigned char *p, *d;
- int n;
- unsigned long alg_k;
-#ifndef OPENSSL_NO_RSA
- unsigned char *q;
- EVP_PKEY *pkey = NULL;
-#endif
-#ifndef OPENSSL_NO_KRB5
- KSSL_ERR kssl_err;
-#endif /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_ECDH
- EC_KEY *clnt_ecdh = NULL;
- const EC_POINT *srvr_ecpoint = NULL;
- EVP_PKEY *srvr_pub_pkey = NULL;
- unsigned char *encodedPoint = NULL;
- int encoded_pt_len = 0;
- BN_CTX *bn_ctx = NULL;
-#endif
-
- if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
- d = (unsigned char *)s->init_buf->data;
- p = &(d[4]);
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
- /* Fool emacs indentation */
- if (0) {
- }
-#ifndef OPENSSL_NO_RSA
- else if (alg_k & SSL_kRSA) {
- RSA *rsa;
- unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-
- if (s->session->sess_cert == NULL) {
- /*
- * We should always have a server certificate with SSL_kRSA.
- */
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (s->session->sess_cert->peer_rsa_tmp != NULL)
- rsa = s->session->sess_cert->peer_rsa_tmp;
- else {
- pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].
- x509);
- if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
- || (pkey->pkey.rsa == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- EVP_PKEY_free(pkey);
- goto err;
- }
- rsa = pkey->pkey.rsa;
- EVP_PKEY_free(pkey);
- }
-
- tmp_buf[0] = s->client_version >> 8;
- tmp_buf[1] = s->client_version & 0xff;
- if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
- goto err;
-
- s->session->master_key_length = sizeof tmp_buf;
-
- q = p;
- /* Fix buf for TLS and beyond */
- if (s->version > SSL3_VERSION)
- p += 2;
- n = RSA_public_encrypt(sizeof tmp_buf,
- tmp_buf, p, rsa, RSA_PKCS1_PADDING);
-# ifdef PKCS1_CHECK
- if (s->options & SSL_OP_PKCS1_CHECK_1)
- p[1]++;
- if (s->options & SSL_OP_PKCS1_CHECK_2)
- tmp_buf[0] = 0x70;
-# endif
- if (n <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_BAD_RSA_ENCRYPT);
- goto err;
- }
-
- /* Fix buf for TLS and beyond */
- if (s->version > SSL3_VERSION) {
- s2n(n, q);
- n += 2;
- }
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- tmp_buf,
- sizeof tmp_buf);
- OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
- }
-#endif
-#ifndef OPENSSL_NO_KRB5
- else if (alg_k & SSL_kKRB5) {
- krb5_error_code krb5rc;
- KSSL_CTX *kssl_ctx = s->kssl_ctx;
- /* krb5_data krb5_ap_req; */
- krb5_data *enc_ticket;
- krb5_data authenticator, *authp = NULL;
- EVP_CIPHER_CTX ciph_ctx;
- const EVP_CIPHER *enc = NULL;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
- unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
- int padl, outl = sizeof(epms);
-
- EVP_CIPHER_CTX_init(&ciph_ctx);
-
-# ifdef KSSL_DEBUG
- fprintf(stderr, "ssl3_send_client_key_exchange(%lx & %lx)\n",
- alg_k, SSL_kKRB5);
-# endif /* KSSL_DEBUG */
-
- authp = NULL;
-# ifdef KRB5SENDAUTH
- if (KRB5SENDAUTH)
- authp = &authenticator;
-# endif /* KRB5SENDAUTH */
-
- krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp, &kssl_err);
- enc = kssl_map_enc(kssl_ctx->enctype);
- if (enc == NULL)
- goto err;
-# ifdef KSSL_DEBUG
- {
- fprintf(stderr, "kssl_cget_tkt rtn %d\n", krb5rc);
- if (krb5rc && kssl_err.text)
- fprintf(stderr, "kssl_cget_tkt kssl_err=%s\n",
- kssl_err.text);
- }
-# endif /* KSSL_DEBUG */
-
- if (krb5rc) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason);
- goto err;
- }
-
- /*-
- * 20010406 VRS - Earlier versions used KRB5 AP_REQ
- * in place of RFC 2712 KerberosWrapper, as in:
- *
- * Send ticket (copy to *p, set n = length)
- * n = krb5_ap_req.length;
- * memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
- * if (krb5_ap_req.data)
- * kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
- *
- * Now using real RFC 2712 KerberosWrapper
- * (Thanks to Simon Wilkinson <sxw at sxw.org.uk>)
- * Note: 2712 "opaque" types are here replaced
- * with a 2-byte length followed by the value.
- * Example:
- * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
- * Where "xx xx" = length bytes. Shown here with
- * optional authenticator omitted.
- */
-
- /* KerberosWrapper.Ticket */
- s2n(enc_ticket->length, p);
- memcpy(p, enc_ticket->data, enc_ticket->length);
- p += enc_ticket->length;
- n = enc_ticket->length + 2;
-
- /* KerberosWrapper.Authenticator */
- if (authp && authp->length) {
- s2n(authp->length, p);
- memcpy(p, authp->data, authp->length);
- p += authp->length;
- n += authp->length + 2;
-
- free(authp->data);
- authp->data = NULL;
- authp->length = 0;
- } else {
- s2n(0, p); /* null authenticator length */
- n += 2;
- }
-
- tmp_buf[0] = s->client_version >> 8;
- tmp_buf[1] = s->client_version & 0xff;
- if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
- goto err;
-
- /*-
- * 20010420 VRS. Tried it this way; failed.
- * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
- * EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
- * kssl_ctx->length);
- * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
- */
-
- memset(iv, 0, sizeof iv); /* per RFC 1510 */
- EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
- EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
- sizeof tmp_buf);
- EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
- outl += padl;
- if (outl > (int)sizeof epms) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
- /* KerberosWrapper.EncryptedPreMasterSecret */
- s2n(outl, p);
- memcpy(p, epms, outl);
- p += outl;
- n += outl + 2;
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- tmp_buf,
- sizeof tmp_buf);
-
- OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
- OPENSSL_cleanse(epms, outl);
- }
-#endif
-#ifndef OPENSSL_NO_DH
- else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
- DH *dh_srvr, *dh_clnt;
-
- if (s->session->sess_cert == NULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_UNEXPECTED_MESSAGE);
- goto err;
- }
-
- if (s->session->sess_cert->peer_dh_tmp != NULL)
- dh_srvr = s->session->sess_cert->peer_dh_tmp;
- else {
- /* we get them from the cert */
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
- goto err;
- }
-
- /* generate a new random key */
- if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
- if (!DH_generate_key(dh_clnt)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- DH_free(dh_clnt);
- goto err;
- }
-
- /*
- * use the 'p' output buffer for the DH key, but make sure to
- * clear it out afterwards
- */
-
- n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
-
- if (n <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- DH_free(dh_clnt);
- goto err;
- }
-
- /* generate master key from the result */
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p, n);
- /* clean up */
- memset(p, 0, n);
-
- /* send off the data */
- n = BN_num_bytes(dh_clnt->pub_key);
- s2n(n, p);
- BN_bn2bin(dh_clnt->pub_key, p);
- n += 2;
-
- DH_free(dh_clnt);
- }
-#endif
-
-#ifndef OPENSSL_NO_ECDH
- else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
- const EC_GROUP *srvr_group = NULL;
- EC_KEY *tkey;
- int ecdh_clnt_cert = 0;
- int field_size = 0;
-
- if (s->session->sess_cert == NULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_UNEXPECTED_MESSAGE);
- goto err;
- }
-
- /*
- * Did we send out the client's ECDH share for use in premaster
- * computation as part of client certificate? If so, set
- * ecdh_clnt_cert to 1.
- */
- if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
- /*-
- * XXX: For now, we do not support client
- * authentication using ECDH certificates.
- * To add such support, one needs to add
- * code that checks for appropriate
- * conditions and sets ecdh_clnt_cert to 1.
- * For example, the cert have an ECC
- * key on the same curve as the server's
- * and the key should be authorized for
- * key agreement.
- *
- * One also needs to add code in ssl3_connect
- * to skip sending the certificate verify
- * message.
- *
- * if ((s->cert->key->privatekey != NULL) &&
- * (s->cert->key->privatekey->type ==
- * EVP_PKEY_EC) && ...)
- * ecdh_clnt_cert = 1;
- */
- }
-
- if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
- tkey = s->session->sess_cert->peer_ecdh_tmp;
- } else {
- /* Get the Server Public Key from Cert */
- srvr_pub_pkey =
- X509_get_pubkey(s->session->
- sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
- if ((srvr_pub_pkey == NULL)
- || (srvr_pub_pkey->type != EVP_PKEY_EC)
- || (srvr_pub_pkey->pkey.ec == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- tkey = srvr_pub_pkey->pkey.ec;
- }
-
- srvr_group = EC_KEY_get0_group(tkey);
- srvr_ecpoint = EC_KEY_get0_public_key(tkey);
-
- if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if ((clnt_ecdh = EC_KEY_new()) == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- if (ecdh_clnt_cert) {
- /*
- * Reuse key info from our certificate We only need our
- * private key to perform the ECDH computation.
- */
- const BIGNUM *priv_key;
- tkey = s->cert->key->privatekey->pkey.ec;
- priv_key = EC_KEY_get0_private_key(tkey);
- if (priv_key == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- } else {
- /* Generate a new ECDH key pair */
- if (!(EC_KEY_generate_key(clnt_ecdh))) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_ECDH_LIB);
- goto err;
- }
- }
-
- /*
- * use the 'p' output buffer for the ECDH key, but make sure to
- * clear it out afterwards
- */
-
- field_size = EC_GROUP_get_degree(srvr_group);
- if (field_size <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
- n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
- clnt_ecdh, NULL);
- if (n <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- /* generate master key from the result */
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p, n);
-
- memset(p, 0, n); /* clean up */
-
- if (ecdh_clnt_cert) {
- /* Send empty client key exch message */
- n = 0;
- } else {
- /*
- * First check the size of encoding and allocate memory
- * accordingly.
- */
- encoded_pt_len =
- EC_POINT_point2oct(srvr_group,
- EC_KEY_get0_public_key(clnt_ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- NULL, 0, NULL);
-
- encodedPoint = (unsigned char *)
- OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
- bn_ctx = BN_CTX_new();
- if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* Encode the public key */
- n = EC_POINT_point2oct(srvr_group,
- EC_KEY_get0_public_key(clnt_ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- encodedPoint, encoded_pt_len, bn_ctx);
-
- *p = n; /* length of encoded point */
- /* Encoded point will be copied here */
- p += 1;
- /* copy the point */
- memcpy((unsigned char *)p, encodedPoint, n);
- /* increment n to account for length field */
- n += 1;
- }
-
- /* Free allocated memory */
- BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
- EVP_PKEY_free(srvr_pub_pkey);
- }
-#endif /* !OPENSSL_NO_ECDH */
- else if (alg_k & SSL_kGOST) {
- /* GOST key exchange message creation */
- EVP_PKEY_CTX *pkey_ctx;
- X509 *peer_cert;
- size_t msglen;
- unsigned int md_len;
- int keytype;
- unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
- EVP_MD_CTX *ukm_hash;
- EVP_PKEY *pub_key;
-
- /*
- * Get server sertificate PKEY and create ctx from it
- */
- peer_cert =
- s->session->
- sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST01)].x509;
- if (!peer_cert)
- peer_cert =
- s->session->
- sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST94)].x509;
- if (!peer_cert) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
- goto err;
- }
-
- pkey_ctx = EVP_PKEY_CTX_new(pub_key =
- X509_get_pubkey(peer_cert), NULL);
- if (pkey_ctx == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- /*
- * If we have send a certificate, and certificate key
- *
- * * parameters match those of server certificate, use
- * certificate key for key exchange
- */
-
- /* Otherwise, generate ephemeral key pair */
-
- if (pkey_ctx == NULL
- || EVP_PKEY_encrypt_init(pkey_ctx) <= 0
- /* Generate session key */
- || RAND_bytes(premaster_secret, 32) <= 0) {
- EVP_PKEY_CTX_free(pkey_ctx);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- /*
- * If we have client certificate, use its secret as peer key
- */
- if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
- if (EVP_PKEY_derive_set_peer
- (pkey_ctx, s->cert->key->privatekey) <= 0) {
- /*
- * If there was an error - just ignore it. Ephemeral key
- * * would be used
- */
- ERR_clear_error();
- }
- }
- /*
- * Compute shared IV and store it in algorithm-specific context
- * data
- */
- ukm_hash = EVP_MD_CTX_create();
- if (EVP_DigestInit(ukm_hash,
- EVP_get_digestbynid(NID_id_GostR3411_94)) <= 0
- || EVP_DigestUpdate(ukm_hash, s->s3->client_random,
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(ukm_hash, s->s3->server_random,
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len) <= 0) {
- EVP_MD_CTX_destroy(ukm_hash);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- EVP_MD_CTX_destroy(ukm_hash);
- if (EVP_PKEY_CTX_ctrl
- (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8,
- shared_ukm) < 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_LIBRARY_BUG);
- goto err;
- }
- /* Make GOST keytransport blob message */
- /*
- * Encapsulate it into sequence
- */
- *(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
- msglen = 255;
- if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 32)
- <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_LIBRARY_BUG);
- goto err;
- }
- if (msglen >= 0x80) {
- *(p++) = 0x81;
- *(p++) = msglen & 0xff;
- n = msglen + 3;
- } else {
- *(p++) = msglen & 0xff;
- n = msglen + 2;
- }
- memcpy(p, tmp, msglen);
- /* Check if pubkey from client certificate was used */
- if (EVP_PKEY_CTX_ctrl
- (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0) {
- /* Set flag "skip certificate verify" */
- s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
- }
- EVP_PKEY_CTX_free(pkey_ctx);
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- premaster_secret,
- 32);
- EVP_PKEY_free(pub_key);
-
- }
-#ifndef OPENSSL_NO_SRP
- else if (alg_k & SSL_kSRP) {
- if (s->srp_ctx.A != NULL) {
- /* send off the data */
- n = BN_num_bytes(s->srp_ctx.A);
- s2n(n, p);
- BN_bn2bin(s->srp_ctx.A, p);
- n += 2;
- } else {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- if (s->session->srp_username != NULL)
- OPENSSL_free(s->session->srp_username);
- s->session->srp_username = BUF_strdup(s->srp_ctx.login);
- if (s->session->srp_username == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if ((s->session->master_key_length =
- SRP_generate_client_master_secret(s,
- s->session->master_key)) <
- 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-#endif
-#ifndef OPENSSL_NO_PSK
- else if (alg_k & SSL_kPSK) {
- /*
- * The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes to return a
- * \0-terminated identity. The last byte is for us for simulating
- * strnlen.
- */
- char identity[PSK_MAX_IDENTITY_LEN + 2];
- size_t identity_len;
- unsigned char *t = NULL;
- unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
- unsigned int pre_ms_len = 0, psk_len = 0;
- int psk_err = 1;
-
- n = 0;
- if (s->psk_client_callback == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_NO_CLIENT_CB);
- goto err;
- }
-
- memset(identity, 0, sizeof(identity));
- psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,
- identity, sizeof(identity) - 1,
- psk_or_pre_ms,
- sizeof(psk_or_pre_ms));
- if (psk_len > PSK_MAX_PSK_LEN) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto psk_err;
- } else if (psk_len == 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_IDENTITY_NOT_FOUND);
- goto psk_err;
- }
- identity[PSK_MAX_IDENTITY_LEN + 1] = '\0';
- identity_len = strlen(identity);
- if (identity_len > PSK_MAX_IDENTITY_LEN) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto psk_err;
- }
- /* create PSK pre_master_secret */
- pre_ms_len = 2 + psk_len + 2 + psk_len;
- t = psk_or_pre_ms;
- memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
- s2n(psk_len, t);
- memset(t, 0, psk_len);
- t += psk_len;
- s2n(psk_len, t);
-
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
- s->session->psk_identity_hint =
- BUF_strdup(s->ctx->psk_identity_hint);
- if (s->ctx->psk_identity_hint != NULL
- && s->session->psk_identity_hint == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto psk_err;
- }
-
- if (s->session->psk_identity != NULL)
- OPENSSL_free(s->session->psk_identity);
- s->session->psk_identity = BUF_strdup(identity);
- if (s->session->psk_identity == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto psk_err;
- }
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- psk_or_pre_ms,
- pre_ms_len);
- s2n(identity_len, p);
- memcpy(p, identity, identity_len);
- n = 2 + identity_len;
- psk_err = 0;
- psk_err:
- OPENSSL_cleanse(identity, sizeof(identity));
- OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
- if (psk_err != 0) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- goto err;
- }
- }
-#endif
- else {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- *(d++) = SSL3_MT_CLIENT_KEY_EXCHANGE;
- l2n3(n, d);
-
- s->state = SSL3_ST_CW_KEY_EXCH_B;
- /* number of bytes to write */
- s->init_num = n + 4;
- s->init_off = 0;
- }
-
- /* SSL3_ST_CW_KEY_EXCH_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
- err:
-#ifndef OPENSSL_NO_ECDH
- BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
- EVP_PKEY_free(srvr_pub_pkey);
-#endif
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_send_client_verify(SSL *s)
-{
- unsigned char *p, *d;
- unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
- EVP_PKEY *pkey;
- EVP_PKEY_CTX *pctx = NULL;
- EVP_MD_CTX mctx;
- unsigned u = 0;
- unsigned long n;
- int j;
-
- EVP_MD_CTX_init(&mctx);
-
- if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
- d = (unsigned char *)s->init_buf->data;
- p = &(d[4]);
- pkey = s->cert->key->privatekey;
-/* Create context from key and test if sha1 is allowed as digest */
- pctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (pctx == NULL || EVP_PKEY_sign_init(pctx) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
- if (TLS1_get_version(s) < TLS1_2_VERSION)
- s->method->ssl3_enc->cert_verify_mac(s,
- NID_sha1,
- &(data
- [MD5_DIGEST_LENGTH]));
- } else {
- ERR_clear_error();
- }
- /*
- * For TLS v1.2 send signature algorithm and signature using agreed
- * digest and cached handshake records.
- */
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- long hdatalen = 0;
- void *hdata;
- const EVP_MD *md = s->cert->key->digest;
- hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
- if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- p += 2;
-#ifdef SSL_DEBUG
- fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
- EVP_MD_name(md));
-#endif
- if (!EVP_SignInit_ex(&mctx, md, NULL)
- || !EVP_SignUpdate(&mctx, hdata, hdatalen)
- || !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_EVP_LIB);
- goto err;
- }
- s2n(u, p);
- n = u + 4;
- if (!ssl3_digest_cached_records(s))
- goto err;
- } else
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
- if (RSA_sign(NID_md5_sha1, data,
- MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
- &(p[2]), &u, pkey->pkey.rsa) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
- goto err;
- }
- s2n(u, p);
- n = u + 2;
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- if (!DSA_sign(pkey->save_type,
- &(data[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH, &(p[2]),
- (unsigned int *)&j, pkey->pkey.dsa)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
- goto err;
- }
- s2n(j, p);
- n = j + 2;
- } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC) {
- if (!ECDSA_sign(pkey->save_type,
- &(data[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH, &(p[2]),
- (unsigned int *)&j, pkey->pkey.ec)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
- goto err;
- }
- s2n(j, p);
- n = j + 2;
- } else
-#endif
- if (pkey->type == NID_id_GostR3410_94
- || pkey->type == NID_id_GostR3410_2001) {
- unsigned char signbuf[64];
- int i;
- size_t sigsize = 64;
- s->method->ssl3_enc->cert_verify_mac(s,
- NID_id_GostR3411_94, data);
- if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- for (i = 63, j = 0; i >= 0; j++, i--) {
- p[2 + j] = signbuf[i];
- }
- s2n(j, p);
- n = j + 2;
- } else {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- *(d++) = SSL3_MT_CERTIFICATE_VERIFY;
- l2n3(n, d);
-
- s->state = SSL3_ST_CW_CERT_VRFY_B;
- s->init_num = (int)n + 4;
- s->init_off = 0;
- }
- EVP_MD_CTX_cleanup(&mctx);
- EVP_PKEY_CTX_free(pctx);
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- EVP_MD_CTX_cleanup(&mctx);
- EVP_PKEY_CTX_free(pctx);
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_send_client_certificate(SSL *s)
-{
- X509 *x509 = NULL;
- EVP_PKEY *pkey = NULL;
- int i;
- unsigned long l;
-
- if (s->state == SSL3_ST_CW_CERT_A) {
- if ((s->cert == NULL) ||
- (s->cert->key->x509 == NULL) ||
- (s->cert->key->privatekey == NULL))
- s->state = SSL3_ST_CW_CERT_B;
- else
- s->state = SSL3_ST_CW_CERT_C;
- }
-
- /* We need to get a client cert */
- if (s->state == SSL3_ST_CW_CERT_B) {
- /*
- * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP;
- * return(-1); We then get retied later
- */
- i = ssl_do_client_cert_cb(s, &x509, &pkey);
- if (i < 0) {
- s->rwstate = SSL_X509_LOOKUP;
- return (-1);
- }
- s->rwstate = SSL_NOTHING;
- if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
- s->state = SSL3_ST_CW_CERT_B;
- if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey))
- i = 0;
- } else if (i == 1) {
- i = 0;
- SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,
- SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
- }
-
- if (x509 != NULL)
- X509_free(x509);
- if (pkey != NULL)
- EVP_PKEY_free(pkey);
- if (i == 0) {
- if (s->version == SSL3_VERSION) {
- s->s3->tmp.cert_req = 0;
- ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
- return (1);
- } else {
- s->s3->tmp.cert_req = 2;
- }
- }
-
- /* Ok, we have a cert */
- s->state = SSL3_ST_CW_CERT_C;
- }
-
- if (s->state == SSL3_ST_CW_CERT_C) {
- s->state = SSL3_ST_CW_CERT_D;
- l = ssl3_output_cert_chain(s,
- (s->s3->tmp.cert_req ==
- 2) ? NULL : s->cert->key->x509);
- if (!l) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return 0;
- }
- s->init_num = (int)l;
- s->init_off = 0;
- }
- /* SSL3_ST_CW_CERT_D */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-#define has_bits(i,m) (((i)&(m)) == (m))
-
-int ssl3_check_cert_and_algorithm(SSL *s)
-{
- int i, idx;
- long alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- int pkey_bits;
- SESS_CERT *sc;
-#ifndef OPENSSL_NO_RSA
- RSA *rsa;
-#endif
-#ifndef OPENSSL_NO_DH
- DH *dh;
-#endif
- int al = SSL_AD_HANDSHAKE_FAILURE;
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
- alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
- /* we don't have a certificate */
- if ((alg_a & (SSL_aDH | SSL_aNULL | SSL_aKRB5)) || (alg_k & SSL_kPSK))
- return (1);
-
- sc = s->session->sess_cert;
- if (sc == NULL) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifndef OPENSSL_NO_RSA
- rsa = s->session->sess_cert->peer_rsa_tmp;
-#endif
-#ifndef OPENSSL_NO_DH
- dh = s->session->sess_cert->peer_dh_tmp;
-#endif
-
- /* This is the passed certificate */
-
- idx = sc->peer_cert_type;
-#ifndef OPENSSL_NO_ECDH
- if (idx == SSL_PKEY_ECC) {
- if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) {
- /* check failed */
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT);
- goto f_err;
- } else {
- return 1;
- }
- }
-#endif
- pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
- pkey_bits = EVP_PKEY_bits(pkey);
- i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
- EVP_PKEY_free(pkey);
-
- /* Check that we have a certificate if we require one */
- if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA | EVP_PKT_SIGN)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_RSA_SIGNING_CERT);
- goto f_err;
- }
-#ifndef OPENSSL_NO_DSA
- else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA | EVP_PKT_SIGN)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_DSA_SIGNING_CERT);
- goto f_err;
- }
-#endif
-#ifndef OPENSSL_NO_RSA
- if (alg_k & SSL_kRSA) {
- if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- !has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_RSA_ENCRYPTING_CERT);
- goto f_err;
- } else if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
- if (pkey_bits <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- if (!has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_RSA_ENCRYPTING_CERT);
- goto f_err;
- }
- if (rsa != NULL) {
- /* server key exchange is not allowed. */
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
- goto f_err;
- }
- }
- }
- }
-#endif
-#ifndef OPENSSL_NO_DH
- if ((alg_k & SSL_kEDH) && dh == NULL) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
- goto f_err;
- }
- if ((alg_k & SSL_kDHr) && !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_DH_RSA_CERT);
- goto f_err;
- }
-# ifndef OPENSSL_NO_DSA
- if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_DH_DSA_CERT);
- goto f_err;
- }
-# endif
-
- /* Check DHE only: static DH not implemented. */
- if (alg_k & SSL_kEDH) {
- int dh_size = BN_num_bits(dh->p);
- if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
- goto f_err;
- }
- }
-#endif /* !OPENSSL_NO_DH */
-
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
-#ifndef OPENSSL_NO_RSA
- if (alg_k & SSL_kRSA) {
- if (rsa == NULL) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
- goto f_err;
- } else if (BN_num_bits(rsa->n) >
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- /* We have a temporary RSA key but it's too large. */
- al = SSL_AD_EXPORT_RESTRICTION;
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
- goto f_err;
- }
- } else
-#endif
-#ifndef OPENSSL_NO_DH
- if (alg_k & SSL_kEDH) {
- if (BN_num_bits(dh->p) >
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- /* We have a temporary DH key but it's too large. */
- al = SSL_AD_EXPORT_RESTRICTION;
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_EXPORT_TMP_DH_KEY);
- goto f_err;
- }
- } else if (alg_k & (SSL_kDHr | SSL_kDHd)) {
- /* The cert should have had an export DH key. */
- al = SSL_AD_EXPORT_RESTRICTION;
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_EXPORT_TMP_DH_KEY);
- goto f_err;
- } else
-#endif
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
- }
- return (1);
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- return (0);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-/*
- * Normally, we can tell if the server is resuming the session from
- * the session ID. EAP-FAST (RFC 4851), however, relies on the next server
- * message after the ServerHello to determine if the server is resuming.
- * Therefore, we allow EAP-FAST to peek ahead.
- * ssl3_check_finished returns 1 if we are resuming from an external
- * pre-shared secret, we have a "ticket" and the next server handshake message
- * is Finished; and 0 otherwise. It returns -1 upon an error.
- */
-static int ssl3_check_finished(SSL *s)
-{
- int ok = 0;
-
- if (s->version < TLS1_VERSION || !s->tls_session_secret_cb ||
- !s->session->tlsext_tick)
- return 0;
-
- /* Need to permit this temporarily, in case the next message is Finished. */
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
- /*
- * This function is called when we might get a Certificate message instead,
- * so permit appropriate message length.
- * We ignore the return value as we're only interested in the message type
- * and not its length.
- */
- s->method->ssl_get_message(s,
- SSL3_ST_CR_CERT_A,
- SSL3_ST_CR_CERT_B,
- -1, s->max_cert_list, &ok);
- s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-
- if (!ok)
- return -1;
-
- s->s3->tmp.reuse_message = 1;
-
- if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
- return 1;
-
- /* If we're not done, then the CCS arrived early and we should bail. */
- if (s->s3->change_cipher_spec) {
- SSLerr(SSL_F_SSL3_CHECK_FINISHED, SSL_R_CCS_RECEIVED_EARLY);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- return -1;
- }
-
- return 0;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-int ssl3_send_next_proto(SSL *s)
-{
- unsigned int len, padding_len;
- unsigned char *d;
-
- if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
- len = s->next_proto_negotiated_len;
- padding_len = 32 - ((len + 2) % 32);
- d = (unsigned char *)s->init_buf->data;
- d[4] = len;
- memcpy(d + 5, s->next_proto_negotiated, len);
- d[5 + len] = padding_len;
- memset(d + 6 + len, 0, padding_len);
- *(d++) = SSL3_MT_NEXT_PROTO;
- l2n3(2 + len + padding_len, d);
- s->state = SSL3_ST_CW_NEXT_PROTO_B;
- s->init_num = 4 + 2 + len + padding_len;
- s->init_off = 0;
- }
-
- return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
-}
-#endif /* !OPENSSL_NO_NEXTPROTONEG */
-#endif /* !OPENSSL_NO_TLSEXT */
-
-int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
-{
- int i = 0;
-#ifndef OPENSSL_NO_ENGINE
- if (s->ctx->client_cert_engine) {
- i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
- SSL_get_client_CA_list(s),
- px509, ppkey, NULL, NULL, NULL);
- if (i != 0)
- return i;
- }
-#endif
- if (s->ctx->client_cert_cb)
- i = s->ctx->client_cert_cb(s, px509, ppkey);
- return i;
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s3_clnt.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_clnt.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,3562 @@
+/* ssl/s3_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
+#ifndef OPENSSL_NO_TLSEXT
+static int ssl3_check_finished(SSL *s);
+#endif
+
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_client_method(int ver)
+{
+ if (ver == SSL3_VERSION)
+ return (SSLv3_client_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
+ ssl_undefined_function,
+ ssl3_connect, ssl3_get_client_method)
+#endif
+int ssl3_connect(SSL *s)
+{
+ BUF_MEM *buf = NULL;
+ unsigned long Time = (unsigned long)time(NULL);
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int ret = -1;
+ int new_state, state, skip = 0;
+
+ RAND_add(&Time, sizeof(Time), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_RENEGOTIATE:
+ s->renegotiate = 1;
+ s->state = SSL_ST_CONNECT;
+ s->ctx->stats.sess_connect_renegotiate++;
+ /* break */
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE | SSL_ST_CONNECT:
+ case SSL_ST_OK | SSL_ST_CONNECT:
+
+ s->server = 0;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ if ((s->version & 0xff00) != 0x0300) {
+ SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ ret = -1;
+ goto end;
+ }
+
+ /* s->version=SSL3_VERSION; */
+ s->type = SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ s->init_buf = buf;
+ buf = NULL;
+ }
+
+ if (!ssl3_setup_buffers(s)) {
+ ret = -1;
+ goto end;
+ }
+
+ /* setup buffing BIO */
+ if (!ssl_init_wbio_buffer(s, 0)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ /* don't push the buffering BIO quite yet */
+
+ ssl3_init_finished_mac(s);
+
+ s->state = SSL3_ST_CW_CLNT_HELLO_A;
+ s->ctx->stats.sess_connect++;
+ s->init_num = 0;
+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
+ break;
+
+ case SSL3_ST_CW_CLNT_HELLO_A:
+ case SSL3_ST_CW_CLNT_HELLO_B:
+
+ s->shutdown = 0;
+ ret = ssl3_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_SRVR_HELLO_A;
+ s->init_num = 0;
+
+ /* turn on buffering for the next lot of output */
+ if (s->bbio != s->wbio)
+ s->wbio = BIO_push(s->bbio, s->wbio);
+
+ break;
+
+ case SSL3_ST_CR_SRVR_HELLO_A:
+ case SSL3_ST_CR_SRVR_HELLO_B:
+ ret = ssl3_get_server_hello(s);
+ if (ret <= 0)
+ goto end;
+
+ if (s->hit) {
+ s->state = SSL3_ST_CR_FINISHED_A;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_ticket_expected) {
+ /* receive renewed session ticket */
+ s->state = SSL3_ST_CR_SESSION_TICKET_A;
+ }
+#endif
+ } else
+ s->state = SSL3_ST_CR_CERT_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_CERT_A:
+ case SSL3_ST_CR_CERT_B:
+#ifndef OPENSSL_NO_TLSEXT
+ /* Noop (ret = 0) for everything but EAP-FAST. */
+ ret = ssl3_check_finished(s);
+ if (ret < 0)
+ goto end;
+ if (ret == 1) {
+ s->hit = 1;
+ s->state = SSL3_ST_CR_FINISHED_A;
+ s->init_num = 0;
+ break;
+ }
+#endif
+ /* Check if it is anon DH/ECDH, SRP auth */
+ /* or PSK */
+ if (!
+ (s->s3->tmp.
+ new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ ret = ssl3_get_server_certificate(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_status_expected)
+ s->state = SSL3_ST_CR_CERT_STATUS_A;
+ else
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+ } else {
+ skip = 1;
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+ }
+#else
+ } else
+ skip = 1;
+
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+#endif
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_KEY_EXCH_A:
+ case SSL3_ST_CR_KEY_EXCH_B:
+ ret = ssl3_get_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_CERT_REQ_A;
+ s->init_num = 0;
+
+ /*
+ * at this point we check that we have the required stuff from
+ * the server
+ */
+ if (!ssl3_check_cert_and_algorithm(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ break;
+
+ case SSL3_ST_CR_CERT_REQ_A:
+ case SSL3_ST_CR_CERT_REQ_B:
+ ret = ssl3_get_certificate_request(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_SRVR_DONE_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_SRVR_DONE_A:
+ case SSL3_ST_CR_SRVR_DONE_B:
+ ret = ssl3_get_server_done(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_SRP
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
+ if ((ret = SRP_Calc_A_param(s)) <= 0) {
+ SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ }
+#endif
+ if (s->s3->tmp.cert_req)
+ s->state = SSL3_ST_CW_CERT_A;
+ else
+ s->state = SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num = 0;
+
+ break;
+
+ case SSL3_ST_CW_CERT_A:
+ case SSL3_ST_CW_CERT_B:
+ case SSL3_ST_CW_CERT_C:
+ case SSL3_ST_CW_CERT_D:
+ ret = ssl3_send_client_certificate(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_KEY_EXCH_A:
+ case SSL3_ST_CW_KEY_EXCH_B:
+ ret = ssl3_send_client_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+ /*
+ * EAY EAY EAY need to check for DH fix cert sent back
+ */
+ /*
+ * For TLS, cert_req is set to 2, so a cert chain of nothing is
+ * sent, but no verify packet is sent
+ */
+ /*
+ * XXX: For now, we do not support client authentication in ECDH
+ * cipher suites with ECDH (rather than ECDSA) certificates. We
+ * need to skip the certificate verify message when client's
+ * ECDH public key is sent inside the client certificate.
+ */
+ if (s->s3->tmp.cert_req == 1) {
+ s->state = SSL3_ST_CW_CERT_VRFY_A;
+ } else {
+ s->state = SSL3_ST_CW_CHANGE_A;
+ }
+ if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
+ s->state = SSL3_ST_CW_CHANGE_A;
+ }
+
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_CERT_VRFY_A:
+ case SSL3_ST_CW_CERT_VRFY_B:
+ ret = ssl3_send_client_verify(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_CHANGE_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_CHANGE_A:
+ case SSL3_ST_CW_CHANGE_B:
+ ret = ssl3_send_change_cipher_spec(s,
+ SSL3_ST_CW_CHANGE_A,
+ SSL3_ST_CW_CHANGE_B);
+ if (ret <= 0)
+ goto end;
+
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+ s->state = SSL3_ST_CW_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen)
+ s->state = SSL3_ST_CW_NEXT_PROTO_A;
+ else
+ s->state = SSL3_ST_CW_FINISHED_A;
+#endif
+ s->init_num = 0;
+
+ s->session->cipher = s->s3->tmp.new_cipher;
+#ifdef OPENSSL_NO_COMP
+ s->session->compress_meth = 0;
+#else
+ if (s->s3->tmp.new_compression == NULL)
+ s->session->compress_meth = 0;
+ else
+ s->session->compress_meth = s->s3->tmp.new_compression->id;
+#endif
+ if (!s->method->ssl3_enc->setup_key_block(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+ {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ break;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ case SSL3_ST_CW_NEXT_PROTO_A:
+ case SSL3_ST_CW_NEXT_PROTO_B:
+ ret = ssl3_send_next_proto(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_FINISHED_A;
+ break;
+#endif
+
+ case SSL3_ST_CW_FINISHED_A:
+ case SSL3_ST_CW_FINISHED_B:
+ ret = ssl3_send_finished(s,
+ SSL3_ST_CW_FINISHED_A,
+ SSL3_ST_CW_FINISHED_B,
+ s->method->
+ ssl3_enc->client_finished_label,
+ s->method->
+ ssl3_enc->client_finished_label_len);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_FLUSH;
+
+ /* clear flags */
+ s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
+ if (s->hit) {
+ s->s3->tmp.next_state = SSL_ST_OK;
+ if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
+ s->state = SSL_ST_OK;
+ s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
+ s->s3->delay_buf_pop_ret = 0;
+ }
+ } else {
+#ifndef OPENSSL_NO_TLSEXT
+ /*
+ * Allow NewSessionTicket if ticket expected
+ */
+ if (s->tlsext_ticket_expected)
+ s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
+ else
+#endif
+
+ s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
+ }
+ s->init_num = 0;
+ break;
+
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL3_ST_CR_SESSION_TICKET_A:
+ case SSL3_ST_CR_SESSION_TICKET_B:
+ ret = ssl3_get_new_session_ticket(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_FINISHED_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CR_CERT_STATUS_A:
+ case SSL3_ST_CR_CERT_STATUS_B:
+ ret = ssl3_get_cert_status(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CR_KEY_EXCH_A;
+ s->init_num = 0;
+ break;
+#endif
+
+ case SSL3_ST_CR_FINISHED_A:
+ case SSL3_ST_CR_FINISHED_B:
+ if (!s->s3->change_cipher_spec)
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
+ ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
+ SSL3_ST_CR_FINISHED_B);
+ if (ret <= 0)
+ goto end;
+
+ if (s->hit)
+ s->state = SSL3_ST_CW_CHANGE_A;
+ else
+ s->state = SSL_ST_OK;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_CW_FLUSH:
+ s->rwstate = SSL_WRITING;
+ if (BIO_flush(s->wbio) <= 0) {
+ ret = -1;
+ goto end;
+ }
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+ if (s->init_buf != NULL) {
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
+ }
+
+ /*
+ * If we are not 'joining' the last two packets, remove the
+ * buffering now
+ */
+ if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+ ssl_free_wbio_buffer(s);
+ /* else do it later in ssl3_write */
+
+ s->init_num = 0;
+ s->renegotiate = 0;
+ s->new_session = 0;
+
+ ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
+ if (s->hit)
+ s->ctx->stats.sess_hit++;
+
+ ret = 1;
+ /* s->server=0; */
+ s->handshake_func = ssl3_connect;
+ s->ctx->stats.sess_connect_good++;
+
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+ goto end;
+ /* break; */
+
+ case SSL_ST_ERR:
+ default:
+ SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
+ ret = -1;
+ goto end;
+ /* break; */
+ }
+
+ /* did we do anything */
+ if (!s->s3->tmp.reuse_message && !skip) {
+ if (s->debug) {
+ if ((ret = BIO_flush(s->wbio)) <= 0)
+ goto end;
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_CONNECT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ skip = 0;
+ }
+ end:
+ s->in_handshake--;
+ if (buf != NULL)
+ BUF_MEM_free(buf);
+ if (cb != NULL)
+ cb(s, SSL_CB_CONNECT_EXIT, ret);
+ return (ret);
+}
+
+int ssl3_client_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int i;
+ unsigned long l;
+#ifndef OPENSSL_NO_COMP
+ int j;
+ SSL_COMP *comp;
+#endif
+
+ buf = (unsigned char *)s->init_buf->data;
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
+ SSL_SESSION *sess = s->session;
+ if ((sess == NULL) || (sess->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+ !sess->session_id_length ||
+#else
+ /*
+ * In the case of EAP-FAST, we can have a pre-shared
+ * "ticket" without a session ID.
+ */
+ (!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+ (sess->not_resumable)) {
+ if (!ssl_get_new_session(s, 0))
+ goto err;
+ }
+ /* else use the pre-loaded session */
+
+ p = s->s3->client_random;
+
+ if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
+ goto err;
+
+ /* Do the message type and length last */
+ d = p = &(buf[4]);
+
+ /*-
+ * version indicates the negotiated version: for example from
+ * an SSLv2/v3 compatible client hello). The client_version
+ * field is the maximum version we permit and it is also
+ * used in RSA encrypted premaster secrets. Some servers can
+ * choke if we initially report a higher version then
+ * renegotiate to a lower one in the premaster secret. This
+ * didn't happen with TLS 1.0 as most servers supported it
+ * but it can with TLS 1.1 or later if the server only supports
+ * 1.0.
+ *
+ * Possible scenario with previous logic:
+ * 1. Client hello indicates TLS 1.2
+ * 2. Server hello says TLS 1.0
+ * 3. RSA encrypted premaster secret uses 1.2.
+ * 4. Handhaked proceeds using TLS 1.0.
+ * 5. Server sends hello request to renegotiate.
+ * 6. Client hello indicates TLS v1.0 as we now
+ * know that is maximum server supports.
+ * 7. Server chokes on RSA encrypted premaster secret
+ * containing version 1.0.
+ *
+ * For interoperability it should be OK to always use the
+ * maximum version we support in client hello and then rely
+ * on the checking of version to ensure the servers isn't
+ * being inconsistent: for example initially negotiating with
+ * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
+ * client_version in client hello and not resetting it to
+ * the negotiated version.
+ */
+#if 0
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xff;
+ s->client_version = s->version;
+#else
+ *(p++) = s->client_version >> 8;
+ *(p++) = s->client_version & 0xff;
+#endif
+
+ /* Random stuff */
+ memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ /* Session ID */
+ if (s->new_session)
+ i = 0;
+ else
+ i = s->session->session_id_length;
+ *(p++) = i;
+ if (i != 0) {
+ if (i > (int)sizeof(s->session->session_id)) {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ memcpy(p, s->session->session_id, i);
+ p += i;
+ }
+
+ /* Ciphers supported */
+ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
+ if (i == 0) {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+ goto err;
+ }
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+ /*
+ * Some servers hang if client hello > 256 bytes as hack workaround
+ * chop number of supported ciphers to keep it well below this if we
+ * use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
+ s2n(i, p);
+ p += i;
+
+ /* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+ *(p++) = 1;
+#else
+
+ if ((s->options & SSL_OP_NO_COMPRESSION)
+ || !s->ctx->comp_methods)
+ j = 0;
+ else
+ j = sk_SSL_COMP_num(s->ctx->comp_methods);
+ *(p++) = 1 + j;
+ for (i = 0; i < j; i++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+ *(p++) = comp->id;
+ }
+#endif
+ *(p++) = 0; /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
+ if ((p =
+ ssl_add_clienthello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+#endif
+
+ l = (p - d);
+ d = buf;
+ *(d++) = SSL3_MT_CLIENT_HELLO;
+ l2n3(l, d);
+
+ s->state = SSL3_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_get_server_hello(SSL *s)
+{
+ STACK_OF(SSL_CIPHER) *sk;
+ const SSL_CIPHER *c;
+ unsigned char *p, *d;
+ int i, al, ok;
+ unsigned int j;
+ long n;
+#ifndef OPENSSL_NO_COMP
+ SSL_COMP *comp;
+#endif
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_SRVR_HELLO_A,
+ SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) {
+ if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
+ if (s->d1->send_cookie == 0) {
+ s->s3->tmp.reuse_message = 1;
+ return 1;
+ } else { /* already sent a cookie */
+
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
+ goto f_err;
+ }
+ }
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
+ goto f_err;
+ }
+
+ d = p = (unsigned char *)s->init_msg;
+
+ if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
+ s->version = (s->version & 0xff00) | p[1];
+ al = SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+ p += 2;
+
+ /* load the server hello data */
+ /* load the server random */
+ memcpy(s->s3->server_random, p, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ s->hit = 0;
+
+ /* get the session-id */
+ j = *(p++);
+
+ if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ /*
+ * Check if we can resume the session based on external pre-shared secret.
+ * EAP-FAST (RFC 4851) supports two types of session resumption.
+ * Resumption based on server-side state works with session IDs.
+ * Resumption based on pre-shared Protected Access Credentials (PACs)
+ * works by overriding the SessionTicket extension at the application
+ * layer, and does not send a session ID. (We do not know whether EAP-FAST
+ * servers would honour the session ID.) Therefore, the session ID alone
+ * is not a reliable indicator of session resumption, so we first check if
+ * we can resume, and later peek at the next handshake message to see if the
+ * server wants to resume.
+ */
+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
+ s->session->tlsext_tick) {
+ SSL_CIPHER *pref_cipher = NULL;
+ s->session->master_key_length = sizeof(s->session->master_key);
+ if (s->tls_session_secret_cb(s, s->session->master_key,
+ &s->session->master_key_length,
+ NULL, &pref_cipher,
+ s->tls_session_secret_cb_arg)) {
+ s->session->cipher = pref_cipher ?
+ pref_cipher : ssl_get_cipher_by_char(s, p + j);
+ } else {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+#endif /* OPENSSL_NO_TLSEXT */
+
+ if (j != 0 && j == s->session->session_id_length
+ && memcmp(p, s->session->session_id, j) == 0) {
+ if (s->sid_ctx_length != s->session->sid_ctx_length
+ || memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) {
+ /* actually a client application bug */
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+ goto f_err;
+ }
+ s->hit = 1;
+ } else {
+ /*
+ * If we were trying for session-id reuse but the server
+ * didn't echo the ID, make a new SSL_SESSION.
+ * In the case of EAP-FAST and PAC, we do not send a session ID,
+ * so the PAC-based session secret is always preserved. It'll be
+ * overwritten if the server refuses resumption.
+ */
+ if (s->session->session_id_length > 0) {
+ if (!ssl_get_new_session(s, 0)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+ s->session->session_id_length = j;
+ memcpy(s->session->session_id, p, j); /* j could be 0 */
+ }
+ p += j;
+ c = ssl_get_cipher_by_char(s, p);
+ if (c == NULL) {
+ /* unknown cipher */
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
+ goto f_err;
+ }
+ /* TLS v1.2 only ciphersuites require v1.2 or later */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_version(s) < TLS1_2_VERSION)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_SRP
+ if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) &&
+ !(s->srp_ctx.srp_Mask & SSL_kSRP)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+#endif /* OPENSSL_NO_SRP */
+ p += ssl_put_cipher_by_char(s, NULL, NULL);
+
+ sk = ssl_get_ciphers_by_id(s);
+ i = sk_SSL_CIPHER_find(sk, c);
+ if (i < 0) {
+ /* we did not say we would use this cipher */
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+
+ /*
+ * Depending on the session caching (internal/external), the cipher
+ * and/or cipher_id values may not be set. Make sure that cipher_id is
+ * set and use it for comparison.
+ */
+ if (s->session->cipher)
+ s->session->cipher_id = s->session->cipher->id;
+ if (s->hit && (s->session->cipher_id != c->id)) {
+/* Workaround is now obsolete */
+#if 0
+ if (!(s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
+#endif
+ {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+ goto f_err;
+ }
+ }
+ s->s3->tmp.new_cipher = c;
+ /*
+ * Don't digest cached records if TLS v1.2: we may need them for client
+ * authentication.
+ */
+ if (TLS1_get_version(s) < TLS1_2_VERSION
+ && !ssl3_digest_cached_records(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ /* lets get the compression algorithm */
+ /* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+ if (*(p++) != 0) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+ goto f_err;
+ }
+ /*
+ * If compression is disabled we'd better not try to resume a session
+ * using compression.
+ */
+ if (s->session->compress_meth != 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+ goto f_err;
+ }
+#else
+ j = *(p++);
+ if (s->hit && j != s->session->compress_meth) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
+ goto f_err;
+ }
+ if (j == 0)
+ comp = NULL;
+ else if (s->options & SSL_OP_NO_COMPRESSION) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_COMPRESSION_DISABLED);
+ goto f_err;
+ } else
+ comp = ssl3_comp_find(s->ctx->comp_methods, j);
+
+ if ((j != 0) && (comp == NULL)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+ goto f_err;
+ } else {
+ s->s3->tmp.new_compression = comp;
+ }
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (s->version >= SSL3_VERSION) {
+ if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) {
+ /* 'al' set by ssl_parse_serverhello_tlsext */
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT);
+ goto f_err;
+ }
+ if (ssl_check_serverhello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ goto err;
+ }
+ }
+#endif
+
+ if (p != (d + n)) {
+ /* wrong packet length */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);
+ goto f_err;
+ }
+
+ return (1);
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_get_server_certificate(SSL *s)
+{
+ int al, i, ok, ret = -1;
+ unsigned long n, nc, llen, l;
+ X509 *x = NULL;
+ const unsigned char *q, *p;
+ unsigned char *d;
+ STACK_OF(X509) *sk = NULL;
+ SESS_CERT *sc;
+ EVP_PKEY *pkey = NULL;
+ int need_cert = 1; /* VRS: 0=> will allow null cert if auth ==
+ * KRB5 */
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_CERT_A,
+ SSL3_ST_CR_CERT_B,
+ -1, s->max_cert_list, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) &&
+ (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE))) {
+ s->s3->tmp.reuse_message = 1;
+ return (1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_BAD_MESSAGE_TYPE);
+ goto f_err;
+ }
+ p = d = (unsigned char *)s->init_msg;
+
+ if ((sk = sk_X509_new_null()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ n2l3(p, llen);
+ if (llen + 3 != n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ for (nc = 0; nc < llen;) {
+ if (nc + 3 > llen) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ n2l3(p, l);
+ if ((l + nc + 3) > llen) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ q = p;
+ x = d2i_X509(NULL, &q, l);
+ if (x == NULL) {
+ al = SSL_AD_BAD_CERTIFICATE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_ASN1_LIB);
+ goto f_err;
+ }
+ if (q != (p + l)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (!sk_X509_push(sk, x)) {
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ x = NULL;
+ nc += l + 3;
+ p = q;
+ }
+
+ i = ssl_verify_cert_chain(s, sk);
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
+#ifndef OPENSSL_NO_KRB5
+ && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+#endif /* OPENSSL_NO_KRB5 */
+ ) {
+ al = ssl_verify_alarm_type(s->verify_result);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERTIFICATE_VERIFY_FAILED);
+ goto f_err;
+ }
+ ERR_clear_error(); /* but we keep s->verify_result */
+
+ sc = ssl_sess_cert_new();
+ if (sc == NULL)
+ goto err;
+
+ if (s->session->sess_cert)
+ ssl_sess_cert_free(s->session->sess_cert);
+ s->session->sess_cert = sc;
+
+ sc->cert_chain = sk;
+ /*
+ * Inconsistency alert: cert_chain does include the peer's certificate,
+ * which we don't include in s3_srvr.c
+ */
+ x = sk_X509_value(sk, 0);
+ sk = NULL;
+ /*
+ * VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end
+ */
+
+ pkey = X509_get_pubkey(x);
+
+ /* VRS: allow null cert if auth == KRB5 */
+ need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+ ? 0 : 1;
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "pkey,x = %p, %p\n", pkey, x);
+ fprintf(stderr, "ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x, pkey));
+ fprintf(stderr, "cipher, alg, nc = %s, %lx, %lx, %d\n",
+ s->s3->tmp.new_cipher->name,
+ s->s3->tmp.new_cipher->algorithm_mkey,
+ s->s3->tmp.new_cipher->algorithm_auth, need_cert);
+#endif /* KSSL_DEBUG */
+
+ if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) {
+ x = NULL;
+ al = SSL3_AL_FATAL;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
+ goto f_err;
+ }
+
+ i = ssl_cert_type(x, pkey);
+ if (need_cert && i < 0) {
+ x = NULL;
+ al = SSL3_AL_FATAL;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ goto f_err;
+ }
+
+ if (need_cert) {
+ sc->peer_cert_type = i;
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ /*
+ * Why would the following ever happen? We just created sc a couple
+ * of lines ago.
+ */
+ if (sc->peer_pkeys[i].x509 != NULL)
+ X509_free(sc->peer_pkeys[i].x509);
+ sc->peer_pkeys[i].x509 = x;
+ sc->peer_key = &(sc->peer_pkeys[i]);
+
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ s->session->peer = x;
+ } else {
+ sc->peer_cert_type = i;
+ sc->peer_key = NULL;
+
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+ s->session->peer = NULL;
+ }
+ s->session->verify_result = s->verify_result;
+
+ x = NULL;
+ ret = 1;
+
+ if (0) {
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
+ }
+
+ EVP_PKEY_free(pkey);
+ X509_free(x);
+ sk_X509_pop_free(sk, X509_free);
+ return (ret);
+}
+
+int ssl3_get_key_exchange(SSL *s)
+{
+#ifndef OPENSSL_NO_RSA
+ unsigned char *q, md_buf[EVP_MAX_MD_SIZE * 2];
+#endif
+ EVP_MD_CTX md_ctx;
+ unsigned char *param, *p;
+ int al, j, ok;
+ long i, param_len, n, alg_k, alg_a;
+ EVP_PKEY *pkey = NULL;
+ const EVP_MD *md = NULL;
+#ifndef OPENSSL_NO_RSA
+ RSA *rsa = NULL;
+#endif
+#ifndef OPENSSL_NO_DH
+ DH *dh = NULL;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh = NULL;
+ BN_CTX *bn_ctx = NULL;
+ EC_POINT *srvr_ecpoint = NULL;
+ int curve_nid = 0;
+ int encoded_pt_len = 0;
+#endif
+
+ EVP_MD_CTX_init(&md_ctx);
+
+ /*
+ * use same message size as in ssl3_get_certificate_request() as
+ * ServerKeyExchange message may be skipped
+ */
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_KEY_EXCH_A,
+ SSL3_ST_CR_KEY_EXCH_B,
+ -1, s->max_cert_list, &ok);
+ if (!ok)
+ return ((int)n);
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+ if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
+ /*
+ * Can't skip server key exchange if this is an ephemeral
+ * ciphersuite.
+ */
+ if (alg_k & (SSL_kEDH | SSL_kEECDH)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_PSK
+ /*
+ * In plain PSK ciphersuite, ServerKeyExchange can be omitted if no
+ * identity hint is sent. Set session->sess_cert anyway to avoid
+ * problems later.
+ */
+ if (alg_k & SSL_kPSK) {
+ s->session->sess_cert = ssl_sess_cert_new();
+ if (s->ctx->psk_identity_hint)
+ OPENSSL_free(s->ctx->psk_identity_hint);
+ s->ctx->psk_identity_hint = NULL;
+ }
+#endif
+ s->s3->tmp.reuse_message = 1;
+ return (1);
+ }
+
+ param = p = (unsigned char *)s->init_msg;
+ if (s->session->sess_cert != NULL) {
+#ifndef OPENSSL_NO_RSA
+ if (s->session->sess_cert->peer_rsa_tmp != NULL) {
+ RSA_free(s->session->sess_cert->peer_rsa_tmp);
+ s->session->sess_cert->peer_rsa_tmp = NULL;
+ }
+#endif
+#ifndef OPENSSL_NO_DH
+ if (s->session->sess_cert->peer_dh_tmp) {
+ DH_free(s->session->sess_cert->peer_dh_tmp);
+ s->session->sess_cert->peer_dh_tmp = NULL;
+ }
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (s->session->sess_cert->peer_ecdh_tmp) {
+ EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
+ s->session->sess_cert->peer_ecdh_tmp = NULL;
+ }
+#endif
+ } else {
+ s->session->sess_cert = ssl_sess_cert_new();
+ }
+
+ /* Total length of the parameters including the length prefix */
+ param_len = 0;
+
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
+ al = SSL_AD_DECODE_ERROR;
+
+#ifndef OPENSSL_NO_PSK
+ if (alg_k & SSL_kPSK) {
+ param_len = 2;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ /*
+ * Store PSK identity hint for later use, hint is used in
+ * ssl3_send_client_key_exchange. Assume that the maximum length of
+ * a PSK identity hint can be as long as the maximum length of a PSK
+ * identity.
+ */
+ if (i > PSK_MAX_IDENTITY_LEN) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ s->session->psk_identity_hint = BUF_strndup((char *)p, i);
+ if (s->session->psk_identity_hint == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+
+ p += i;
+ n -= param_len;
+ } else
+#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP) {
+ param_len = 2;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_N_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.N = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_G_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.g = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (1 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 1;
+
+ i = (unsigned int)(p[0]);
+ p++;
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_S_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.s = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_B_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.B = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+ n -= param_len;
+
+ if (!srp_verify_server_param(s, &al)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_PARAMETERS);
+ goto f_err;
+ }
+
+/* We must check if there is a certificate */
+# ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# else
+ if (0) ;
+# endif
+# ifndef OPENSSL_NO_DSA
+ else if (alg_a & SSL_aDSS)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
+ x509);
+# endif
+ } else
+#endif /* !OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_RSA
+ if (alg_k & SSL_kRSA) {
+ /* Temporary RSA keys only allowed in export ciphersuites */
+ if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ if ((rsa = RSA_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ param_len = 2;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_MODULUS_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(rsa->n = BN_bin2bn(p, i, rsa->n))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_E_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(rsa->e = BN_bin2bn(p, i, rsa->e))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+ n -= param_len;
+
+ /* this should be because we are using an export cipher */
+ if (alg_a & SSL_aRSA)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+ else {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+
+ s->session->sess_cert->peer_rsa_tmp = rsa;
+ rsa = NULL;
+ }
+#else /* OPENSSL_NO_RSA */
+ if (0) ;
+#endif
+#ifndef OPENSSL_NO_DH
+ else if (alg_k & SSL_kEDH) {
+ if ((dh = DH_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+
+ param_len = 2;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(dh->p = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (BN_is_zero(dh->p)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
+ goto f_err;
+ }
+
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(dh->g = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (BN_is_zero(dh->g)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
+ goto f_err;
+ }
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+ n -= param_len;
+
+ if (BN_is_zero(dh->pub_key)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_VALUE);
+ goto f_err;
+ }
+
+# ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# else
+ if (0) ;
+# endif
+# ifndef OPENSSL_NO_DSA
+ else if (alg_a & SSL_aDSS)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
+ x509);
+# endif
+ /* else anonymous DH, so no certificate or pkey. */
+
+ s->session->sess_cert->peer_dh_tmp = dh;
+ dh = NULL;
+ } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
+ goto f_err;
+ }
+#endif /* !OPENSSL_NO_DH */
+
+#ifndef OPENSSL_NO_ECDH
+ else if (alg_k & SSL_kEECDH) {
+ EC_GROUP *ngroup;
+ const EC_GROUP *group;
+
+ if ((ecdh = EC_KEY_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /*
+ * Extract elliptic curve parameters and the server's ephemeral ECDH
+ * public key. Keep accumulating lengths of various components in
+ * param_len and make sure it never exceeds n.
+ */
+
+ /*
+ * XXX: For now we only support named (not generic) curves and the
+ * ECParameters in this case is just three bytes. We also need one
+ * byte for the length of the encoded point
+ */
+ param_len = 4;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ if ((*p != NAMED_CURVE_TYPE) ||
+ ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
+ goto f_err;
+ }
+
+ ngroup = EC_GROUP_new_by_curve_name(curve_nid);
+ if (ngroup == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (EC_KEY_set_group(ecdh, ngroup) == 0) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ EC_GROUP_free(ngroup);
+
+ group = EC_KEY_get0_group(ecdh);
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ (EC_GROUP_get_degree(group) > 163)) {
+ al = SSL_AD_EXPORT_RESTRICTION;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+ goto f_err;
+ }
+
+ p += 3;
+
+ /* Next, get the encoded ECPoint */
+ if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
+ ((bn_ctx = BN_CTX_new()) == NULL)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ encoded_pt_len = *p; /* length of encoded point */
+ p += 1;
+
+ if ((encoded_pt_len > n - param_len) ||
+ (EC_POINT_oct2point(group, srvr_ecpoint,
+ p, encoded_pt_len, bn_ctx) == 0)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_ECPOINT);
+ goto f_err;
+ }
+ param_len += encoded_pt_len;
+
+ n -= param_len;
+ p += encoded_pt_len;
+
+ /*
+ * The ECC/TLS specification does not mention the use of DSA to sign
+ * ECParameters in the server key exchange message. We do support RSA
+ * and ECDSA.
+ */
+ if (0) ;
+# ifndef OPENSSL_NO_RSA
+ else if (alg_a & SSL_aRSA)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ else if (alg_a & SSL_aECDSA)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+# endif
+ /* else anonymous ECDH, so no certificate or pkey. */
+ EC_KEY_set_public_key(ecdh, srvr_ecpoint);
+ s->session->sess_cert->peer_ecdh_tmp = ecdh;
+ ecdh = NULL;
+ BN_CTX_free(bn_ctx);
+ bn_ctx = NULL;
+ EC_POINT_free(srvr_ecpoint);
+ srvr_ecpoint = NULL;
+ } else if (alg_k) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+#endif /* !OPENSSL_NO_ECDH */
+
+ /* p points to the next byte, there are 'n' bytes left */
+
+ /* if it was signed, check the signature */
+ if (pkey != NULL) {
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ int sigalg;
+ if (2 > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ sigalg = tls12_get_sigid(pkey);
+ /* Should never happen */
+ if (sigalg == -1) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ /* Check key type is consistent with signature */
+ if (sigalg != (int)p[1]) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_WRONG_SIGNATURE_TYPE);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ md = tls12_get_hash(p[0]);
+ if (md == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNKNOWN_DIGEST);
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+ p += 2;
+ n -= 2;
+ } else
+ md = EVP_sha1();
+
+ if (2 > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+ n -= 2;
+ j = EVP_PKEY_size(pkey);
+
+ /*
+ * Check signature length. If n is 0 then signature is empty
+ */
+ if ((i != n) || (n > j) || (n <= 0)) {
+ /* wrong packet length */
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA
+ && TLS1_get_version(s) < TLS1_2_VERSION) {
+ int num;
+ unsigned int size;
+
+ j = 0;
+ q = md_buf;
+ for (num = 2; num > 0; num--) {
+ EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ if (EVP_DigestInit_ex(&md_ctx,
+ (num == 2) ? s->ctx->md5 : s->ctx->sha1,
+ NULL) <= 0
+ || EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestUpdate(&md_ctx, param, param_len) <= 0
+ || EVP_DigestFinal_ex(&md_ctx, q, &size) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ q += size;
+ j += size;
+ }
+ i = RSA_verify(NID_md5_sha1, md_buf, j, p, n, pkey->pkey.rsa);
+ if (i < 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+ if (i == 0) {
+ /* bad signature */
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ } else
+#endif
+ {
+ if (EVP_VerifyInit_ex(&md_ctx, md, NULL) <= 0
+ || EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_VerifyUpdate(&md_ctx, param, param_len) <= 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EVP_LIB);
+ goto f_err;
+ }
+ if (EVP_VerifyFinal(&md_ctx, p, (int)n, pkey) <= 0) {
+ /* bad signature */
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ }
+ } else {
+ /* aNULL, aSRP or kPSK do not need public keys */
+ if (!(alg_a & (SSL_aNULL | SSL_aSRP)) && !(alg_k & SSL_kPSK)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ /* still data left over */
+ if (n != 0) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);
+ goto f_err;
+ }
+ }
+ EVP_PKEY_free(pkey);
+ EVP_MD_CTX_cleanup(&md_ctx);
+ return (1);
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ EVP_PKEY_free(pkey);
+#ifndef OPENSSL_NO_RSA
+ if (rsa != NULL)
+ RSA_free(rsa);
+#endif
+#ifndef OPENSSL_NO_DH
+ if (dh != NULL)
+ DH_free(dh);
+#endif
+#ifndef OPENSSL_NO_ECDH
+ BN_CTX_free(bn_ctx);
+ EC_POINT_free(srvr_ecpoint);
+ if (ecdh != NULL)
+ EC_KEY_free(ecdh);
+#endif
+ EVP_MD_CTX_cleanup(&md_ctx);
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_get_certificate_request(SSL *s)
+{
+ int ok, ret = 0;
+ unsigned long n, nc, l;
+ unsigned int llen, ctype_num, i;
+ X509_NAME *xn = NULL;
+ const unsigned char *p, *q;
+ unsigned char *d;
+ STACK_OF(X509_NAME) *ca_sk = NULL;
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_CERT_REQ_A,
+ SSL3_ST_CR_CERT_REQ_B,
+ -1, s->max_cert_list, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ s->s3->tmp.cert_req = 0;
+
+ if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
+ s->s3->tmp.reuse_message = 1;
+ /*
+ * If we get here we don't need any cached handshake records as we
+ * wont be doing client auth.
+ */
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s))
+ goto err;
+ }
+ return (1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_WRONG_MESSAGE_TYPE);
+ goto err;
+ }
+
+ /* TLS does not like anon-DH with client cert */
+ if (s->version > SSL3_VERSION) {
+ if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
+ goto err;
+ }
+ }
+
+ p = d = (unsigned char *)s->init_msg;
+
+ if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* get the certificate types */
+ ctype_num = *(p++);
+ if (ctype_num > SSL3_CT_NUMBER)
+ ctype_num = SSL3_CT_NUMBER;
+ for (i = 0; i < ctype_num; i++)
+ s->s3->tmp.ctype[i] = p[i];
+ p += ctype_num;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ n2s(p, llen);
+ /*
+ * Check we have enough room for signature algorithms and following
+ * length value.
+ */
+ if ((unsigned long)(p - d + llen + 2) > n) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+ if ((llen & 1) || !tls1_process_sigalgs(s, p, llen)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_SIGNATURE_ALGORITHMS_ERROR);
+ goto err;
+ }
+ p += llen;
+ }
+
+ /* get the CA RDNs */
+ n2s(p, llen);
+#if 0
+ {
+ FILE *out;
+ out = fopen("/tmp/vsign.der", "w");
+ fwrite(p, 1, llen, out);
+ fclose(out);
+ }
+#endif
+
+ if ((unsigned long)(p - d + llen) != n) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ for (nc = 0; nc < llen;) {
+ if (nc + 2 > llen) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
+ goto err;
+ }
+ n2s(p, l);
+ if ((l + nc + 2) > llen) {
+ if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+ goto cont; /* netscape bugs */
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
+ goto err;
+ }
+
+ q = p;
+
+ if ((xn = d2i_X509_NAME(NULL, &q, l)) == NULL) {
+ /* If netscape tolerance is on, ignore errors */
+ if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
+ goto cont;
+ else {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+
+ if (q != (p + l)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_CA_DN_LENGTH_MISMATCH);
+ goto err;
+ }
+ if (!sk_X509_NAME_push(ca_sk, xn)) {
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ xn = NULL;
+
+ p += l;
+ nc += l + 2;
+ }
+
+ if (0) {
+ cont:
+ ERR_clear_error();
+ }
+
+ /* we should setup a certificate to return.... */
+ s->s3->tmp.cert_req = 1;
+ s->s3->tmp.ctype_num = ctype_num;
+ if (s->s3->tmp.ca_names != NULL)
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ s->s3->tmp.ca_names = ca_sk;
+ ca_sk = NULL;
+
+ ret = 1;
+ goto done;
+ err:
+ s->state = SSL_ST_ERR;
+ done:
+ X509_NAME_free(xn);
+ if (ca_sk != NULL)
+ sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
+ return (ret);
+}
+
+static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
+{
+ return (X509_NAME_cmp(*a, *b));
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+int ssl3_get_new_session_ticket(SSL *s)
+{
+ int ok, al, ret = 0, ticklen;
+ long n;
+ const unsigned char *p;
+ unsigned char *d;
+ unsigned long ticket_lifetime_hint;
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_SESSION_TICKET_A,
+ SSL3_ST_CR_SESSION_TICKET_B,
+ SSL3_MT_NEWSESSION_TICKET, 16384, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ if (n < 6) {
+ /* need at least ticket_lifetime_hint + ticket length */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ p = d = (unsigned char *)s->init_msg;
+
+ n2l(p, ticket_lifetime_hint);
+ n2s(p, ticklen);
+ /* ticket_lifetime_hint + ticket_length + ticket */
+ if (ticklen + 6 != n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ /* Server is allowed to change its mind and send an empty ticket. */
+ if (ticklen == 0)
+ return 1;
+
+ if (s->session->session_id_length > 0) {
+ int i = s->session_ctx->session_cache_mode;
+ SSL_SESSION *new_sess;
+ /*
+ * We reused an existing session, so we need to replace it with a new
+ * one
+ */
+ if (i & SSL_SESS_CACHE_CLIENT) {
+ /*
+ * Remove the old session from the cache
+ */
+ if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) {
+ if (s->session_ctx->remove_session_cb != NULL)
+ s->session_ctx->remove_session_cb(s->session_ctx,
+ s->session);
+ } else {
+ /* We carry on if this fails */
+ SSL_CTX_remove_session(s->session_ctx, s->session);
+ }
+ }
+
+ if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+
+ SSL_SESSION_free(s->session);
+ s->session = new_sess;
+ }
+
+ if (s->session->tlsext_tick) {
+ OPENSSL_free(s->session->tlsext_tick);
+ s->session->tlsext_ticklen = 0;
+ }
+ s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+ if (!s->session->tlsext_tick) {
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ memcpy(s->session->tlsext_tick, p, ticklen);
+ s->session->tlsext_tick_lifetime_hint = ticket_lifetime_hint;
+ s->session->tlsext_ticklen = ticklen;
+ /*
+ * There are two ways to detect a resumed ticket session. One is to set
+ * an appropriate session ID and then the server must return a match in
+ * ServerHello. This allows the normal client session ID matching to work
+ * and we know much earlier that the ticket has been accepted. The
+ * other way is to set zero length session ID when the ticket is
+ * presented and rely on the handshake to determine session resumption.
+ * We choose the former approach because this fits in with assumptions
+ * elsewhere in OpenSSL. The session ID is set to the SHA256 (or SHA1 is
+ * SHA256 is disabled) hash of the ticket.
+ */
+ EVP_Digest(p, ticklen,
+ s->session->session_id, &s->session->session_id_length,
+# ifndef OPENSSL_NO_SHA256
+ EVP_sha256(), NULL);
+# else
+ EVP_sha1(), NULL);
+# endif
+ ret = 1;
+ return (ret);
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_get_cert_status(SSL *s)
+{
+ int ok, al;
+ unsigned long resplen, n;
+ const unsigned char *p;
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_CERT_STATUS_A,
+ SSL3_ST_CR_CERT_STATUS_B,
+ -1, 16384, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_STATUS) {
+ /*
+ * The CertificateStatus message is optional even if
+ * tlsext_status_expected is set
+ */
+ s->s3->tmp.reuse_message = 1;
+ } else {
+ if (n < 4) {
+ /* need at least status type + length */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ p = (unsigned char *)s->init_msg;
+ if (*p++ != TLSEXT_STATUSTYPE_ocsp) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE);
+ goto f_err;
+ }
+ n2l3(p, resplen);
+ if (resplen + 4 != n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
+ if (s->tlsext_ocsp_resp == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+ s->tlsext_ocsp_resplen = resplen;
+ }
+ if (s->ctx->tlsext_status_cb) {
+ int ret;
+ ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ if (ret == 0) {
+ al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_INVALID_STATUS_RESPONSE);
+ goto f_err;
+ }
+ if (ret < 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+ }
+ return 1;
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+#endif
+
+int ssl3_get_server_done(SSL *s)
+{
+ int ok, ret = 0;
+ long n;
+
+ /* Second to last param should be very small, like 0 :-) */
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_CR_SRVR_DONE_A,
+ SSL3_ST_CR_SRVR_DONE_B,
+ SSL3_MT_SERVER_DONE, 30, &ok);
+
+ if (!ok)
+ return ((int)n);
+ if (n > 0) {
+ /* should contain no data */
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ ret = 1;
+ return (ret);
+}
+
+int ssl3_send_client_key_exchange(SSL *s)
+{
+ unsigned char *p, *d;
+ int n;
+ unsigned long alg_k;
+#ifndef OPENSSL_NO_RSA
+ unsigned char *q;
+ EVP_PKEY *pkey = NULL;
+#endif
+#ifndef OPENSSL_NO_KRB5
+ KSSL_ERR kssl_err;
+#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *clnt_ecdh = NULL;
+ const EC_POINT *srvr_ecpoint = NULL;
+ EVP_PKEY *srvr_pub_pkey = NULL;
+ unsigned char *encodedPoint = NULL;
+ int encoded_pt_len = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
+
+ if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[4]);
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+ /* Fool emacs indentation */
+ if (0) {
+ }
+#ifndef OPENSSL_NO_RSA
+ else if (alg_k & SSL_kRSA) {
+ RSA *rsa;
+ unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+
+ if (s->session->sess_cert == NULL) {
+ /*
+ * We should always have a server certificate with SSL_kRSA.
+ */
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (s->session->sess_cert->peer_rsa_tmp != NULL)
+ rsa = s->session->sess_cert->peer_rsa_tmp;
+ else {
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].
+ x509);
+ if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
+ || (pkey->pkey.rsa == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ EVP_PKEY_free(pkey);
+ goto err;
+ }
+ rsa = pkey->pkey.rsa;
+ EVP_PKEY_free(pkey);
+ }
+
+ tmp_buf[0] = s->client_version >> 8;
+ tmp_buf[1] = s->client_version & 0xff;
+ if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+ goto err;
+
+ s->session->master_key_length = sizeof tmp_buf;
+
+ q = p;
+ /* Fix buf for TLS and beyond */
+ if (s->version > SSL3_VERSION)
+ p += 2;
+ n = RSA_public_encrypt(sizeof tmp_buf,
+ tmp_buf, p, rsa, RSA_PKCS1_PADDING);
+# ifdef PKCS1_CHECK
+ if (s->options & SSL_OP_PKCS1_CHECK_1)
+ p[1]++;
+ if (s->options & SSL_OP_PKCS1_CHECK_2)
+ tmp_buf[0] = 0x70;
+# endif
+ if (n <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_RSA_ENCRYPT);
+ goto err;
+ }
+
+ /* Fix buf for TLS and beyond */
+ if (s->version > SSL3_VERSION) {
+ s2n(n, q);
+ n += 2;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ tmp_buf,
+ sizeof tmp_buf);
+ OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+ }
+#endif
+#ifndef OPENSSL_NO_KRB5
+ else if (alg_k & SSL_kKRB5) {
+ krb5_error_code krb5rc;
+ KSSL_CTX *kssl_ctx = s->kssl_ctx;
+ /* krb5_data krb5_ap_req; */
+ krb5_data *enc_ticket;
+ krb5_data authenticator, *authp = NULL;
+ EVP_CIPHER_CTX ciph_ctx;
+ const EVP_CIPHER *enc = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+ unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
+ int padl, outl = sizeof(epms);
+
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+
+# ifdef KSSL_DEBUG
+ fprintf(stderr, "ssl3_send_client_key_exchange(%lx & %lx)\n",
+ alg_k, SSL_kKRB5);
+# endif /* KSSL_DEBUG */
+
+ authp = NULL;
+# ifdef KRB5SENDAUTH
+ if (KRB5SENDAUTH)
+ authp = &authenticator;
+# endif /* KRB5SENDAUTH */
+
+ krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp, &kssl_err);
+ enc = kssl_map_enc(kssl_ctx->enctype);
+ if (enc == NULL)
+ goto err;
+# ifdef KSSL_DEBUG
+ {
+ fprintf(stderr, "kssl_cget_tkt rtn %d\n", krb5rc);
+ if (krb5rc && kssl_err.text)
+ fprintf(stderr, "kssl_cget_tkt kssl_err=%s\n",
+ kssl_err.text);
+ }
+# endif /* KSSL_DEBUG */
+
+ if (krb5rc) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+ goto err;
+ }
+
+ /*-
+ * 20010406 VRS - Earlier versions used KRB5 AP_REQ
+ * in place of RFC 2712 KerberosWrapper, as in:
+ *
+ * Send ticket (copy to *p, set n = length)
+ * n = krb5_ap_req.length;
+ * memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
+ * if (krb5_ap_req.data)
+ * kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
+ *
+ * Now using real RFC 2712 KerberosWrapper
+ * (Thanks to Simon Wilkinson <sxw at sxw.org.uk>)
+ * Note: 2712 "opaque" types are here replaced
+ * with a 2-byte length followed by the value.
+ * Example:
+ * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
+ * Where "xx xx" = length bytes. Shown here with
+ * optional authenticator omitted.
+ */
+
+ /* KerberosWrapper.Ticket */
+ s2n(enc_ticket->length, p);
+ memcpy(p, enc_ticket->data, enc_ticket->length);
+ p += enc_ticket->length;
+ n = enc_ticket->length + 2;
+
+ /* KerberosWrapper.Authenticator */
+ if (authp && authp->length) {
+ s2n(authp->length, p);
+ memcpy(p, authp->data, authp->length);
+ p += authp->length;
+ n += authp->length + 2;
+
+ free(authp->data);
+ authp->data = NULL;
+ authp->length = 0;
+ } else {
+ s2n(0, p); /* null authenticator length */
+ n += 2;
+ }
+
+ tmp_buf[0] = s->client_version >> 8;
+ tmp_buf[1] = s->client_version & 0xff;
+ if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+ goto err;
+
+ /*-
+ * 20010420 VRS. Tried it this way; failed.
+ * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+ * EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+ * kssl_ctx->length);
+ * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+ */
+
+ memset(iv, 0, sizeof iv); /* per RFC 1510 */
+ EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
+ EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
+ sizeof tmp_buf);
+ EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
+ outl += padl;
+ if (outl > (int)sizeof epms) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+ /* KerberosWrapper.EncryptedPreMasterSecret */
+ s2n(outl, p);
+ memcpy(p, epms, outl);
+ p += outl;
+ n += outl + 2;
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ tmp_buf,
+ sizeof tmp_buf);
+
+ OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+ OPENSSL_cleanse(epms, outl);
+ }
+#endif
+#ifndef OPENSSL_NO_DH
+ else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+ DH *dh_srvr, *dh_clnt;
+
+ if (s->session->sess_cert == NULL) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto err;
+ }
+
+ if (s->session->sess_cert->peer_dh_tmp != NULL)
+ dh_srvr = s->session->sess_cert->peer_dh_tmp;
+ else {
+ /* we get them from the cert */
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+ goto err;
+ }
+
+ /* generate a new random key */
+ if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+ if (!DH_generate_key(dh_clnt)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ DH_free(dh_clnt);
+ goto err;
+ }
+
+ /*
+ * use the 'p' output buffer for the DH key, but make sure to
+ * clear it out afterwards
+ */
+
+ n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
+
+ if (n <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ DH_free(dh_clnt);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, n);
+ /* clean up */
+ memset(p, 0, n);
+
+ /* send off the data */
+ n = BN_num_bytes(dh_clnt->pub_key);
+ s2n(n, p);
+ BN_bn2bin(dh_clnt->pub_key, p);
+ n += 2;
+
+ DH_free(dh_clnt);
+ }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
+ const EC_GROUP *srvr_group = NULL;
+ EC_KEY *tkey;
+ int ecdh_clnt_cert = 0;
+ int field_size = 0;
+
+ if (s->session->sess_cert == NULL) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto err;
+ }
+
+ /*
+ * Did we send out the client's ECDH share for use in premaster
+ * computation as part of client certificate? If so, set
+ * ecdh_clnt_cert to 1.
+ */
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
+ /*-
+ * XXX: For now, we do not support client
+ * authentication using ECDH certificates.
+ * To add such support, one needs to add
+ * code that checks for appropriate
+ * conditions and sets ecdh_clnt_cert to 1.
+ * For example, the cert have an ECC
+ * key on the same curve as the server's
+ * and the key should be authorized for
+ * key agreement.
+ *
+ * One also needs to add code in ssl3_connect
+ * to skip sending the certificate verify
+ * message.
+ *
+ * if ((s->cert->key->privatekey != NULL) &&
+ * (s->cert->key->privatekey->type ==
+ * EVP_PKEY_EC) && ...)
+ * ecdh_clnt_cert = 1;
+ */
+ }
+
+ if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
+ tkey = s->session->sess_cert->peer_ecdh_tmp;
+ } else {
+ /* Get the Server Public Key from Cert */
+ srvr_pub_pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+ if ((srvr_pub_pkey == NULL)
+ || (srvr_pub_pkey->type != EVP_PKEY_EC)
+ || (srvr_pub_pkey->pkey.ec == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ tkey = srvr_pub_pkey->pkey.ec;
+ }
+
+ srvr_group = EC_KEY_get0_group(tkey);
+ srvr_ecpoint = EC_KEY_get0_public_key(tkey);
+
+ if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if ((clnt_ecdh = EC_KEY_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (ecdh_clnt_cert) {
+ /*
+ * Reuse key info from our certificate We only need our
+ * private key to perform the ECDH computation.
+ */
+ const BIGNUM *priv_key;
+ tkey = s->cert->key->privatekey->pkey.ec;
+ priv_key = EC_KEY_get0_private_key(tkey);
+ if (priv_key == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ } else {
+ /* Generate a new ECDH key pair */
+ if (!(EC_KEY_generate_key(clnt_ecdh))) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ /*
+ * use the 'p' output buffer for the ECDH key, but make sure to
+ * clear it out afterwards
+ */
+
+ field_size = EC_GROUP_get_degree(srvr_group);
+ if (field_size <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
+ clnt_ecdh, NULL);
+ if (n <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, n);
+
+ memset(p, 0, n); /* clean up */
+
+ if (ecdh_clnt_cert) {
+ /* Send empty client key exch message */
+ n = 0;
+ } else {
+ /*
+ * First check the size of encoding and allocate memory
+ * accordingly.
+ */
+ encoded_pt_len =
+ EC_POINT_point2oct(srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Encode the public key */
+ n = EC_POINT_point2oct(srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encoded_pt_len, bn_ctx);
+
+ *p = n; /* length of encoded point */
+ /* Encoded point will be copied here */
+ p += 1;
+ /* copy the point */
+ memcpy((unsigned char *)p, encodedPoint, n);
+ /* increment n to account for length field */
+ n += 1;
+ }
+
+ /* Free allocated memory */
+ BN_CTX_free(bn_ctx);
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ if (clnt_ecdh != NULL)
+ EC_KEY_free(clnt_ecdh);
+ EVP_PKEY_free(srvr_pub_pkey);
+ }
+#endif /* !OPENSSL_NO_ECDH */
+ else if (alg_k & SSL_kGOST) {
+ /* GOST key exchange message creation */
+ EVP_PKEY_CTX *pkey_ctx;
+ X509 *peer_cert;
+ size_t msglen;
+ unsigned int md_len;
+ int keytype;
+ unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
+ EVP_MD_CTX *ukm_hash;
+ EVP_PKEY *pub_key;
+
+ /*
+ * Get server sertificate PKEY and create ctx from it
+ */
+ peer_cert =
+ s->session->
+ sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST01)].x509;
+ if (!peer_cert)
+ peer_cert =
+ s->session->
+ sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST94)].x509;
+ if (!peer_cert) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
+ goto err;
+ }
+
+ pkey_ctx = EVP_PKEY_CTX_new(pub_key =
+ X509_get_pubkey(peer_cert), NULL);
+ if (pkey_ctx == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ /*
+ * If we have send a certificate, and certificate key
+ *
+ * * parameters match those of server certificate, use
+ * certificate key for key exchange
+ */
+
+ /* Otherwise, generate ephemeral key pair */
+
+ if (pkey_ctx == NULL
+ || EVP_PKEY_encrypt_init(pkey_ctx) <= 0
+ /* Generate session key */
+ || RAND_bytes(premaster_secret, 32) <= 0) {
+ EVP_PKEY_CTX_free(pkey_ctx);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ /*
+ * Compute shared IV and store it in algorithm-specific context
+ * data
+ */
+ ukm_hash = EVP_MD_CTX_create();
+ if (EVP_DigestInit(ukm_hash,
+ EVP_get_digestbynid(NID_id_GostR3411_94)) <= 0
+ || EVP_DigestUpdate(ukm_hash, s->s3->client_random,
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestUpdate(ukm_hash, s->s3->server_random,
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len) <= 0) {
+ EVP_MD_CTX_destroy(ukm_hash);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ EVP_MD_CTX_destroy(ukm_hash);
+ if (EVP_PKEY_CTX_ctrl
+ (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8,
+ shared_ukm) < 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_LIBRARY_BUG);
+ goto err;
+ }
+ /* Make GOST keytransport blob message */
+ /*
+ * Encapsulate it into sequence
+ */
+ *(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
+ msglen = 255;
+ if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 32)
+ <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_LIBRARY_BUG);
+ goto err;
+ }
+ if (msglen >= 0x80) {
+ *(p++) = 0x81;
+ *(p++) = msglen & 0xff;
+ n = msglen + 3;
+ } else {
+ *(p++) = msglen & 0xff;
+ n = msglen + 2;
+ }
+ memcpy(p, tmp, msglen);
+ EVP_PKEY_CTX_free(pkey_ctx);
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ premaster_secret,
+ 32);
+ EVP_PKEY_free(pub_key);
+
+ }
+#ifndef OPENSSL_NO_SRP
+ else if (alg_k & SSL_kSRP) {
+ if (s->srp_ctx.A != NULL) {
+ /* send off the data */
+ n = BN_num_bytes(s->srp_ctx.A);
+ s2n(n, p);
+ BN_bn2bin(s->srp_ctx.A, p);
+ n += 2;
+ } else {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length =
+ SRP_generate_client_master_secret(s,
+ s->session->master_key)) <
+ 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_PSK
+ else if (alg_k & SSL_kPSK) {
+ /*
+ * The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes to return a
+ * \0-terminated identity. The last byte is for us for simulating
+ * strnlen.
+ */
+ char identity[PSK_MAX_IDENTITY_LEN + 2];
+ size_t identity_len;
+ unsigned char *t = NULL;
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+ unsigned int pre_ms_len = 0, psk_len = 0;
+ int psk_err = 1;
+
+ n = 0;
+ if (s->psk_client_callback == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_NO_CLIENT_CB);
+ goto err;
+ }
+
+ memset(identity, 0, sizeof(identity));
+ psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,
+ identity, sizeof(identity) - 1,
+ psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
+ if (psk_len > PSK_MAX_PSK_LEN) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ } else if (psk_len == 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
+ goto psk_err;
+ }
+ identity[PSK_MAX_IDENTITY_LEN + 1] = '\0';
+ identity_len = strlen(identity);
+ if (identity_len > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ }
+ /* create PSK pre_master_secret */
+ pre_ms_len = 2 + psk_len + 2 + psk_len;
+ t = psk_or_pre_ms;
+ memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ s2n(psk_len, t);
+ memset(t, 0, psk_len);
+ t += psk_len;
+ s2n(psk_len, t);
+
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ s->session->psk_identity_hint =
+ BUF_strdup(s->ctx->psk_identity_hint);
+ if (s->ctx->psk_identity_hint != NULL
+ && s->session->psk_identity_hint == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ if (s->session->psk_identity != NULL)
+ OPENSSL_free(s->session->psk_identity);
+ s->session->psk_identity = BUF_strdup(identity);
+ if (s->session->psk_identity == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ psk_or_pre_ms,
+ pre_ms_len);
+ s2n(identity_len, p);
+ memcpy(p, identity, identity_len);
+ n = 2 + identity_len;
+ psk_err = 0;
+ psk_err:
+ OPENSSL_cleanse(identity, sizeof(identity));
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ if (psk_err != 0) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ goto err;
+ }
+ }
+#endif
+ else {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ *(d++) = SSL3_MT_CLIENT_KEY_EXCHANGE;
+ l2n3(n, d);
+
+ s->state = SSL3_ST_CW_KEY_EXCH_B;
+ /* number of bytes to write */
+ s->init_num = n + 4;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_CW_KEY_EXCH_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+#ifndef OPENSSL_NO_ECDH
+ BN_CTX_free(bn_ctx);
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ if (clnt_ecdh != NULL)
+ EC_KEY_free(clnt_ecdh);
+ EVP_PKEY_free(srvr_pub_pkey);
+#endif
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_send_client_verify(SSL *s)
+{
+ unsigned char *p, *d;
+ unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+ EVP_PKEY *pkey;
+ EVP_PKEY_CTX *pctx = NULL;
+ EVP_MD_CTX mctx;
+ unsigned u = 0;
+ unsigned long n;
+ int j;
+
+ EVP_MD_CTX_init(&mctx);
+
+ if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[4]);
+ pkey = s->cert->key->privatekey;
+/* Create context from key and test if sha1 is allowed as digest */
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (pctx == NULL || EVP_PKEY_sign_init(pctx) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_sha1,
+ &(data
+ [MD5_DIGEST_LENGTH]));
+ } else {
+ ERR_clear_error();
+ }
+ /*
+ * For TLS v1.2 send signature algorithm and signature using agreed
+ * digest and cached handshake records.
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ long hdatalen = 0;
+ void *hdata;
+ const EVP_MD *md = s->cert->key->digest;
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+ if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ p += 2;
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
+ EVP_MD_name(md));
+#endif
+ if (!EVP_SignInit_ex(&mctx, md, NULL)
+ || !EVP_SignUpdate(&mctx, hdata, hdatalen)
+ || !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_EVP_LIB);
+ goto err;
+ }
+ s2n(u, p);
+ n = u + 4;
+ if (!ssl3_digest_cached_records(s))
+ goto err;
+ } else
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA) {
+ s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
+ if (RSA_sign(NID_md5_sha1, data,
+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+ &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
+ goto err;
+ }
+ s2n(u, p);
+ n = u + 2;
+ } else
+#endif
+#ifndef OPENSSL_NO_DSA
+ if (pkey->type == EVP_PKEY_DSA) {
+ if (!DSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, &(p[2]),
+ (unsigned int *)&j, pkey->pkey.dsa)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
+ goto err;
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC) {
+ if (!ECDSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, &(p[2]),
+ (unsigned int *)&j, pkey->pkey.ec)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
+ goto err;
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else
+#endif
+ if (pkey->type == NID_id_GostR3410_94
+ || pkey->type == NID_id_GostR3410_2001) {
+ unsigned char signbuf[64];
+ int i;
+ size_t sigsize = 64;
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_id_GostR3411_94, data);
+ if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ for (i = 63, j = 0; i >= 0; j++, i--) {
+ p[2 + j] = signbuf[i];
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ *(d++) = SSL3_MT_CERTIFICATE_VERIFY;
+ l2n3(n, d);
+
+ s->state = SSL3_ST_CW_CERT_VRFY_B;
+ s->init_num = (int)n + 4;
+ s->init_off = 0;
+ }
+ EVP_MD_CTX_cleanup(&mctx);
+ EVP_PKEY_CTX_free(pctx);
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ EVP_MD_CTX_cleanup(&mctx);
+ EVP_PKEY_CTX_free(pctx);
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_send_client_certificate(SSL *s)
+{
+ X509 *x509 = NULL;
+ EVP_PKEY *pkey = NULL;
+ int i;
+ unsigned long l;
+
+ if (s->state == SSL3_ST_CW_CERT_A) {
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL))
+ s->state = SSL3_ST_CW_CERT_B;
+ else
+ s->state = SSL3_ST_CW_CERT_C;
+ }
+
+ /* We need to get a client cert */
+ if (s->state == SSL3_ST_CW_CERT_B) {
+ /*
+ * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP;
+ * return(-1); We then get retied later
+ */
+ i = ssl_do_client_cert_cb(s, &x509, &pkey);
+ if (i < 0) {
+ s->rwstate = SSL_X509_LOOKUP;
+ return (-1);
+ }
+ s->rwstate = SSL_NOTHING;
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
+ s->state = SSL3_ST_CW_CERT_B;
+ if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey))
+ i = 0;
+ } else if (i == 1) {
+ i = 0;
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,
+ SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ }
+
+ if (x509 != NULL)
+ X509_free(x509);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if (i == 0) {
+ if (s->version == SSL3_VERSION) {
+ s->s3->tmp.cert_req = 0;
+ ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
+ return (1);
+ } else {
+ s->s3->tmp.cert_req = 2;
+ }
+ }
+
+ /* Ok, we have a cert */
+ s->state = SSL3_ST_CW_CERT_C;
+ }
+
+ if (s->state == SSL3_ST_CW_CERT_C) {
+ s->state = SSL3_ST_CW_CERT_D;
+ l = ssl3_output_cert_chain(s,
+ (s->s3->tmp.cert_req ==
+ 2) ? NULL : s->cert->key->x509);
+ if (!l) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+ s->init_num = (int)l;
+ s->init_off = 0;
+ }
+ /* SSL3_ST_CW_CERT_D */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+#define has_bits(i,m) (((i)&(m)) == (m))
+
+int ssl3_check_cert_and_algorithm(SSL *s)
+{
+ int i, idx;
+ long alg_k, alg_a;
+ EVP_PKEY *pkey = NULL;
+ int pkey_bits;
+ SESS_CERT *sc;
+#ifndef OPENSSL_NO_RSA
+ RSA *rsa;
+#endif
+#ifndef OPENSSL_NO_DH
+ DH *dh;
+#endif
+ int al = SSL_AD_HANDSHAKE_FAILURE;
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
+ /* we don't have a certificate */
+ if ((alg_a & (SSL_aDH | SSL_aNULL | SSL_aKRB5)) || (alg_k & SSL_kPSK))
+ return (1);
+
+ sc = s->session->sess_cert;
+ if (sc == NULL) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+#ifndef OPENSSL_NO_RSA
+ rsa = s->session->sess_cert->peer_rsa_tmp;
+#endif
+#ifndef OPENSSL_NO_DH
+ dh = s->session->sess_cert->peer_dh_tmp;
+#endif
+
+ /* This is the passed certificate */
+
+ idx = sc->peer_cert_type;
+#ifndef OPENSSL_NO_ECDH
+ if (idx == SSL_PKEY_ECC) {
+ if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) {
+ /* check failed */
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT);
+ goto f_err;
+ } else {
+ return 1;
+ }
+ }
+#endif
+ pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
+ pkey_bits = EVP_PKEY_bits(pkey);
+ i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
+ EVP_PKEY_free(pkey);
+
+ /* Check that we have a certificate if we require one */
+ if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA | EVP_PKT_SIGN)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_SIGNING_CERT);
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_DSA
+ else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA | EVP_PKT_SIGN)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DSA_SIGNING_CERT);
+ goto f_err;
+ }
+#endif
+#ifndef OPENSSL_NO_RSA
+ if (alg_k & SSL_kRSA) {
+ if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ !has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ goto f_err;
+ } else if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
+ if (pkey_bits <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ if (!has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ goto f_err;
+ }
+ if (rsa != NULL) {
+ /* server key exchange is not allowed. */
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ }
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_DH
+ if ((alg_k & SSL_kEDH) && dh == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ if ((alg_k & SSL_kDHr) && !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DH_RSA_CERT);
+ goto f_err;
+ }
+# ifndef OPENSSL_NO_DSA
+ if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DH_DSA_CERT);
+ goto f_err;
+ }
+# endif
+
+ /* Check DHE only: static DH not implemented. */
+ if (alg_k & SSL_kEDH) {
+ int dh_size = BN_num_bits(dh->p);
+ if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024)
+ || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
+ goto f_err;
+ }
+ }
+#endif /* !OPENSSL_NO_DH */
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+#ifndef OPENSSL_NO_RSA
+ if (alg_k & SSL_kRSA) {
+ if (rsa == NULL) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+ goto f_err;
+ } else if (BN_num_bits(rsa->n) >
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ /* We have a temporary RSA key but it's too large. */
+ al = SSL_AD_EXPORT_RESTRICTION;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+ goto f_err;
+ }
+ } else
+#endif
+#ifndef OPENSSL_NO_DH
+ if (alg_k & SSL_kEDH) {
+ if (BN_num_bits(dh->p) >
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ /* We have a temporary DH key but it's too large. */
+ al = SSL_AD_EXPORT_RESTRICTION;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ goto f_err;
+ }
+ } else if (alg_k & (SSL_kDHr | SSL_kDHd)) {
+ /* The cert should have had an export DH key. */
+ al = SSL_AD_EXPORT_RESTRICTION;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ goto f_err;
+ } else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ }
+ return (1);
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ return (0);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+/*
+ * Normally, we can tell if the server is resuming the session from
+ * the session ID. EAP-FAST (RFC 4851), however, relies on the next server
+ * message after the ServerHello to determine if the server is resuming.
+ * Therefore, we allow EAP-FAST to peek ahead.
+ * ssl3_check_finished returns 1 if we are resuming from an external
+ * pre-shared secret, we have a "ticket" and the next server handshake message
+ * is Finished; and 0 otherwise. It returns -1 upon an error.
+ */
+static int ssl3_check_finished(SSL *s)
+{
+ int ok = 0;
+
+ if (s->version < TLS1_VERSION || !s->tls_session_secret_cb ||
+ !s->session->tlsext_tick)
+ return 0;
+
+ /* Need to permit this temporarily, in case the next message is Finished. */
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
+ /*
+ * This function is called when we might get a Certificate message instead,
+ * so permit appropriate message length.
+ * We ignore the return value as we're only interested in the message type
+ * and not its length.
+ */
+ s->method->ssl_get_message(s,
+ SSL3_ST_CR_CERT_A,
+ SSL3_ST_CR_CERT_B,
+ -1, s->max_cert_list, &ok);
+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+
+ if (!ok)
+ return -1;
+
+ s->s3->tmp.reuse_message = 1;
+
+ if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
+ return 1;
+
+ /* If we're not done, then the CCS arrived early and we should bail. */
+ if (s->s3->change_cipher_spec) {
+ SSLerr(SSL_F_SSL3_CHECK_FINISHED, SSL_R_CCS_RECEIVED_EARLY);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ return 0;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_send_next_proto(SSL *s)
+{
+ unsigned int len, padding_len;
+ unsigned char *d;
+
+ if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
+ len = s->next_proto_negotiated_len;
+ padding_len = 32 - ((len + 2) % 32);
+ d = (unsigned char *)s->init_buf->data;
+ d[4] = len;
+ memcpy(d + 5, s->next_proto_negotiated, len);
+ d[5 + len] = padding_len;
+ memset(d + 6 + len, 0, padding_len);
+ *(d++) = SSL3_MT_NEXT_PROTO;
+ l2n3(2 + len + padding_len, d);
+ s->state = SSL3_ST_CW_NEXT_PROTO_B;
+ s->init_num = 4 + 2 + len + padding_len;
+ s->init_off = 0;
+ }
+
+ return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+}
+#endif /* !OPENSSL_NO_NEXTPROTONEG */
+#endif /* !OPENSSL_NO_TLSEXT */
+
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
+{
+ int i = 0;
+#ifndef OPENSSL_NO_ENGINE
+ if (s->ctx->client_cert_engine) {
+ i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
+ SSL_get_client_CA_list(s),
+ px509, ppkey, NULL, NULL, NULL);
+ if (i != 0)
+ return i;
+ }
+#endif
+ if (s->ctx->client_cert_cb)
+ i = s->ctx->client_cert_cb(s, px509, ppkey);
+ return i;
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s3_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,4323 +0,0 @@
-/* ssl/s3_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
-# include "../crypto/ec/ec_lcl.h"
-# endif /* OPENSSL_NO_EC */
-#endif /* OPENSSL_NO_TLSEXT */
-#include <openssl/md5.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT;
-
-#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
-
-/* list of available SSLv3 ciphers (sorted by id) */
-OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
-
-/* The RSA ciphers */
-/* Cipher 01 */
- {
- 1,
- SSL3_TXT_RSA_NULL_MD5,
- SSL3_CK_RSA_NULL_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
-/* Cipher 02 */
- {
- 1,
- SSL3_TXT_RSA_NULL_SHA,
- SSL3_CK_RSA_NULL_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
-/* Cipher 03 */
- {
- 1,
- SSL3_TXT_RSA_RC4_40_MD5,
- SSL3_CK_RSA_RC4_40_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 04 */
- {
- 1,
- SSL3_TXT_RSA_RC4_128_MD5,
- SSL3_CK_RSA_RC4_128_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 05 */
- {
- 1,
- SSL3_TXT_RSA_RC4_128_SHA,
- SSL3_CK_RSA_RC4_128_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 06 */
- {
- 1,
- SSL3_TXT_RSA_RC2_40_MD5,
- SSL3_CK_RSA_RC2_40_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC2,
- SSL_MD5,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 07 */
-#ifndef OPENSSL_NO_IDEA
- {
- 1,
- SSL3_TXT_RSA_IDEA_128_SHA,
- SSL3_CK_RSA_IDEA_128_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_IDEA,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-#endif
-
-/* Cipher 08 */
- {
- 1,
- SSL3_TXT_RSA_DES_40_CBC_SHA,
- SSL3_CK_RSA_DES_40_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 09 */
- {
- 1,
- SSL3_TXT_RSA_DES_64_CBC_SHA,
- SSL3_CK_RSA_DES_64_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 0A */
- {
- 1,
- SSL3_TXT_RSA_DES_192_CBC3_SHA,
- SSL3_CK_RSA_DES_192_CBC3_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* The DH ciphers */
-/* Cipher 0B */
- {
- 0,
- SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
- SSL3_CK_DH_DSS_DES_40_CBC_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 0C */
- {
- 0, /* not implemented (non-ephemeral DH) */
- SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
- SSL3_CK_DH_DSS_DES_64_CBC_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 0D */
- {
- 0, /* not implemented (non-ephemeral DH) */
- SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
- SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* Cipher 0E */
- {
- 0, /* not implemented (non-ephemeral DH) */
- SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
- SSL3_CK_DH_RSA_DES_40_CBC_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 0F */
- {
- 0, /* not implemented (non-ephemeral DH) */
- SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
- SSL3_CK_DH_RSA_DES_64_CBC_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 10 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
- SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
- {
- 1,
- SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
- SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 12 */
- {
- 1,
- SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
- SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 13 */
- {
- 1,
- SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
- SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* Cipher 14 */
- {
- 1,
- SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
- SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 15 */
- {
- 1,
- SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
- SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 16 */
- {
- 1,
- SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
- SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* Cipher 17 */
- {
- 1,
- SSL3_TXT_ADH_RC4_40_MD5,
- SSL3_CK_ADH_RC4_40_MD5,
- SSL_kEDH,
- SSL_aNULL,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 18 */
- {
- 1,
- SSL3_TXT_ADH_RC4_128_MD5,
- SSL3_CK_ADH_RC4_128_MD5,
- SSL_kEDH,
- SSL_aNULL,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 19 */
- {
- 1,
- SSL3_TXT_ADH_DES_40_CBC_SHA,
- SSL3_CK_ADH_DES_40_CBC_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 1A */
- {
- 1,
- SSL3_TXT_ADH_DES_64_CBC_SHA,
- SSL3_CK_ADH_DES_64_CBC_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 1B */
- {
- 1,
- SSL3_TXT_ADH_DES_192_CBC_SHA,
- SSL3_CK_ADH_DES_192_CBC_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* Fortezza ciphersuite from SSL 3.0 spec */
-#if 0
-/* Cipher 1C */
- {
- 0,
- SSL3_TXT_FZA_DMS_NULL_SHA,
- SSL3_CK_FZA_DMS_NULL_SHA,
- SSL_kFZA,
- SSL_aFZA,
- SSL_eNULL,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
-/* Cipher 1D */
- {
- 0,
- SSL3_TXT_FZA_DMS_FZA_SHA,
- SSL3_CK_FZA_DMS_FZA_SHA,
- SSL_kFZA,
- SSL_aFZA,
- SSL_eFZA,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
-/* Cipher 1E */
- {
- 0,
- SSL3_TXT_FZA_DMS_RC4_SHA,
- SSL3_CK_FZA_DMS_RC4_SHA,
- SSL_kFZA,
- SSL_aFZA,
- SSL_RC4,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-#endif
-
-#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers*/
-/* Cipher 1E */
- {
- 1,
- SSL3_TXT_KRB5_DES_64_CBC_SHA,
- SSL3_CK_KRB5_DES_64_CBC_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 1F */
- {
- 1,
- SSL3_TXT_KRB5_DES_192_CBC3_SHA,
- SSL3_CK_KRB5_DES_192_CBC3_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_3DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* Cipher 20 */
- {
- 1,
- SSL3_TXT_KRB5_RC4_128_SHA,
- SSL3_CK_KRB5_RC4_128_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_RC4,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 21 */
- {
- 1,
- SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
- SSL3_CK_KRB5_IDEA_128_CBC_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_IDEA,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 22 */
- {
- 1,
- SSL3_TXT_KRB5_DES_64_CBC_MD5,
- SSL3_CK_KRB5_DES_64_CBC_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_DES,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
-/* Cipher 23 */
- {
- 1,
- SSL3_TXT_KRB5_DES_192_CBC3_MD5,
- SSL3_CK_KRB5_DES_192_CBC3_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_3DES,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
-/* Cipher 24 */
- {
- 1,
- SSL3_TXT_KRB5_RC4_128_MD5,
- SSL3_CK_KRB5_RC4_128_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 25 */
- {
- 1,
- SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
- SSL3_CK_KRB5_IDEA_128_CBC_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_IDEA,
- SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 26 */
- {
- 1,
- SSL3_TXT_KRB5_DES_40_CBC_SHA,
- SSL3_CK_KRB5_DES_40_CBC_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_DES,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 27 */
- {
- 1,
- SSL3_TXT_KRB5_RC2_40_CBC_SHA,
- SSL3_CK_KRB5_RC2_40_CBC_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_RC2,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 28 */
- {
- 1,
- SSL3_TXT_KRB5_RC4_40_SHA,
- SSL3_CK_KRB5_RC4_40_SHA,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_RC4,
- SSL_SHA1,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 29 */
- {
- 1,
- SSL3_TXT_KRB5_DES_40_CBC_MD5,
- SSL3_CK_KRB5_DES_40_CBC_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_DES,
- SSL_MD5,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 56,
- },
-
-/* Cipher 2A */
- {
- 1,
- SSL3_TXT_KRB5_RC2_40_CBC_MD5,
- SSL3_CK_KRB5_RC2_40_CBC_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_RC2,
- SSL_MD5,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-
-/* Cipher 2B */
- {
- 1,
- SSL3_TXT_KRB5_RC4_40_MD5,
- SSL3_CK_KRB5_RC4_40_MD5,
- SSL_kKRB5,
- SSL_aKRB5,
- SSL_RC4,
- SSL_MD5,
- SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 40,
- 128,
- },
-#endif /* OPENSSL_NO_KRB5 */
-
-/* New AES ciphersuites */
-/* Cipher 2F */
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_128_SHA,
- TLS1_CK_RSA_WITH_AES_128_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-/* Cipher 30 */
- {
- 0,
- TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
- TLS1_CK_DH_DSS_WITH_AES_128_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-/* Cipher 31 */
- {
- 0,
- TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
- TLS1_CK_DH_RSA_WITH_AES_128_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-/* Cipher 32 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
- TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-/* Cipher 33 */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
- TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-/* Cipher 34 */
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_128_SHA,
- TLS1_CK_ADH_WITH_AES_128_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-/* Cipher 35 */
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_SHA,
- TLS1_CK_RSA_WITH_AES_256_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-/* Cipher 36 */
- {
- 0,
- TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
- TLS1_CK_DH_DSS_WITH_AES_256_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
-/* Cipher 37 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
- TLS1_CK_DH_RSA_WITH_AES_256_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
-/* Cipher 38 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
- TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
-/* Cipher 39 */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
- TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 3A */
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_256_SHA,
- TLS1_CK_ADH_WITH_AES_256_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* TLS v1.2 ciphersuites */
- /* Cipher 3B */
- {
- 1,
- TLS1_TXT_RSA_WITH_NULL_SHA256,
- TLS1_CK_RSA_WITH_NULL_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
- /* Cipher 3C */
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_128_SHA256,
- TLS1_CK_RSA_WITH_AES_128_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 3D */
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_SHA256,
- TLS1_CK_RSA_WITH_AES_256_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 3E */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
- TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
- SSL_kDHd,
- SSL_aDH,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 3F */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
- TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
- SSL_kDHr,
- SSL_aDH,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 40 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
- TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
- SSL_kEDH,
- SSL_aDSS,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-#ifndef OPENSSL_NO_CAMELLIA
- /* Camellia ciphersuites from RFC4132 (128-bit portion) */
-
- /* Cipher 41 */
- {
- 1,
- TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 42 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 43 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 44 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 45 */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 46 */
- {
- 1,
- TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-#endif /* OPENSSL_NO_CAMELLIA */
-
-#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
- /* New TLS Export CipherSuites from expired ID */
-# if 0
- /* Cipher 60 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
- TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 128,
- },
-
- /* Cipher 61 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
- TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC2,
- SSL_MD5,
- SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 128,
- },
-# endif
-
- /* Cipher 62 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
- /* Cipher 63 */
- {
- 1,
- TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
- TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 56,
- },
-
- /* Cipher 64 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
- TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 128,
- },
-
- /* Cipher 65 */
- {
- 1,
- TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
- TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 56,
- 128,
- },
-
- /* Cipher 66 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
- TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-#endif
-
- /* TLS v1.2 ciphersuites */
- /* Cipher 67 */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
- TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
- SSL_kEDH,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 68 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
- TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
- SSL_kDHd,
- SSL_aDH,
- SSL_AES256,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 69 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
- TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
- SSL_kDHr,
- SSL_aDH,
- SSL_AES256,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 6A */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
- TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
- SSL_kEDH,
- SSL_aDSS,
- SSL_AES256,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 6B */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
- TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
- SSL_kEDH,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 6C */
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_128_SHA256,
- TLS1_CK_ADH_WITH_AES_128_SHA256,
- SSL_kEDH,
- SSL_aNULL,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 6D */
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_256_SHA256,
- TLS1_CK_ADH_WITH_AES_256_SHA256,
- SSL_kEDH,
- SSL_aNULL,
- SSL_AES256,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* GOST Ciphersuites */
-
- {
- 1,
- "GOST94-GOST89-GOST89",
- 0x3000080,
- SSL_kGOST,
- SSL_aGOST94,
- SSL_eGOST2814789CNT,
- SSL_GOST89MAC,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
- 256,
- 256},
- {
- 1,
- "GOST2001-GOST89-GOST89",
- 0x3000081,
- SSL_kGOST,
- SSL_aGOST01,
- SSL_eGOST2814789CNT,
- SSL_GOST89MAC,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
- 256,
- 256},
- {
- 1,
- "GOST94-NULL-GOST94",
- 0x3000082,
- SSL_kGOST,
- SSL_aGOST94,
- SSL_eNULL,
- SSL_GOST94,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
- 0,
- 0},
- {
- 1,
- "GOST2001-NULL-GOST94",
- 0x3000083,
- SSL_kGOST,
- SSL_aGOST01,
- SSL_eNULL,
- SSL_GOST94,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
- 0,
- 0},
-
-#ifndef OPENSSL_NO_CAMELLIA
- /* Camellia ciphersuites from RFC4132 (256-bit portion) */
-
- /* Cipher 84 */
- {
- 1,
- TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- /* Cipher 85 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 86 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 87 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 88 */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher 89 */
- {
- 1,
- TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-#endif /* OPENSSL_NO_CAMELLIA */
-
-#ifndef OPENSSL_NO_PSK
- /* Cipher 8A */
- {
- 1,
- TLS1_TXT_PSK_WITH_RC4_128_SHA,
- TLS1_CK_PSK_WITH_RC4_128_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 8B */
- {
- 1,
- TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher 8C */
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
- TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 8D */
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
- TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-#endif /* OPENSSL_NO_PSK */
-
-#ifndef OPENSSL_NO_SEED
- /* SEED ciphersuites from RFC4162 */
-
- /* Cipher 96 */
- {
- 1,
- TLS1_TXT_RSA_WITH_SEED_SHA,
- TLS1_CK_RSA_WITH_SEED_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_SEED,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 97 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_DSS_WITH_SEED_SHA,
- TLS1_CK_DH_DSS_WITH_SEED_SHA,
- SSL_kDHd,
- SSL_aDH,
- SSL_SEED,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 98 */
- {
- 0, /* not implemented (non-ephemeral DH) */
- TLS1_TXT_DH_RSA_WITH_SEED_SHA,
- TLS1_CK_DH_RSA_WITH_SEED_SHA,
- SSL_kDHr,
- SSL_aDH,
- SSL_SEED,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 99 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
- TLS1_CK_DHE_DSS_WITH_SEED_SHA,
- SSL_kEDH,
- SSL_aDSS,
- SSL_SEED,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 9A */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
- TLS1_CK_DHE_RSA_WITH_SEED_SHA,
- SSL_kEDH,
- SSL_aRSA,
- SSL_SEED,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher 9B */
- {
- 1,
- TLS1_TXT_ADH_WITH_SEED_SHA,
- TLS1_CK_ADH_WITH_SEED_SHA,
- SSL_kEDH,
- SSL_aNULL,
- SSL_SEED,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
-#endif /* OPENSSL_NO_SEED */
-
- /* GCM ciphersuites from RFC5288 */
-
- /* Cipher 9C */
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher 9D */
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher 9E */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kEDH,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher 9F */
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kEDH,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher A0 */
- {
- 0,
- TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kDHr,
- SSL_aDH,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher A1 */
- {
- 0,
- TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kDHr,
- SSL_aDH,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher A2 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
- SSL_kEDH,
- SSL_aDSS,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher A3 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
- SSL_kEDH,
- SSL_aDSS,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher A4 */
- {
- 0,
- TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
- SSL_kDHd,
- SSL_aDH,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher A5 */
- {
- 0,
- TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
- SSL_kDHd,
- SSL_aDH,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher A6 */
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
- SSL_kEDH,
- SSL_aNULL,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher A7 */
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
- SSL_kEDH,
- SSL_aNULL,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
-#ifndef OPENSSL_NO_ECDH
- /* Cipher C001 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_eNULL,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
- /* Cipher C002 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C003 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C004 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C005 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher C006 */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_eNULL,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
- /* Cipher C007 */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C008 */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C009 */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C00A */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher C00B */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
- TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_eNULL,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
- /* Cipher C00C */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C00D */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C00E */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C00F */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher C010 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
- TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
- /* Cipher C011 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C012 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C013 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C014 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher C015 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
- TLS1_CK_ECDH_anon_WITH_NULL_SHA,
- SSL_kEECDH,
- SSL_aNULL,
- SSL_eNULL,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
-
- /* Cipher C016 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
- SSL_kEECDH,
- SSL_aNULL,
- SSL_RC4,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C017 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
- SSL_kEECDH,
- SSL_aNULL,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C018 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
- SSL_kEECDH,
- SSL_aNULL,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C019 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
- SSL_kEECDH,
- SSL_aNULL,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-#endif /* OPENSSL_NO_ECDH */
-
-#ifndef OPENSSL_NO_SRP
- /* Cipher C01A */
- {
- 1,
- TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
- SSL_kSRP,
- SSL_aSRP,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C01B */
- {
- 1,
- TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
- SSL_kSRP,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C01C */
- {
- 1,
- TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
- SSL_kSRP,
- SSL_aDSS,
- SSL_3DES,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-
- /* Cipher C01D */
- {
- 1,
- TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
- TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
- SSL_kSRP,
- SSL_aSRP,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C01E */
- {
- 1,
- TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
- SSL_kSRP,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C01F */
- {
- 1,
- TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
- TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
- SSL_kSRP,
- SSL_aDSS,
- SSL_AES128,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- /* Cipher C020 */
- {
- 1,
- TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
- TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
- SSL_kSRP,
- SSL_aSRP,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher C021 */
- {
- 1,
- TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
- SSL_kSRP,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- /* Cipher C022 */
- {
- 1,
- TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
- TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
- SSL_kSRP,
- SSL_aDSS,
- SSL_AES256,
- SSL_SHA1,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-#endif /* OPENSSL_NO_SRP */
-#ifndef OPENSSL_NO_ECDH
-
- /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
-
- /* Cipher C023 */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C024 */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_AES256,
- SSL_SHA384,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher C025 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
- TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C026 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
- TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_AES256,
- SSL_SHA384,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher C027 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C028 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
- TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA384,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher C029 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
- TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_AES128,
- SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C02A */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
- TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_AES256,
- SSL_SHA384,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* GCM based TLS v1.2 ciphersuites from RFC5289 */
-
- /* Cipher C02B */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C02C */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
- SSL_kEECDH,
- SSL_aECDSA,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher C02D */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C02E */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
- SSL_kECDHe,
- SSL_aECDH,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher C02F */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C030 */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kEECDH,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
- /* Cipher C031 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_AES128GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
-
- /* Cipher C032 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kECDHr,
- SSL_aECDH,
- SSL_AES256GCM,
- SSL_AEAD,
- SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
-
-#endif /* OPENSSL_NO_ECDH */
-
-#ifdef TEMP_GOST_TLS
-/* Cipher FF00 */
- {
- 1,
- "GOST-MD5",
- 0x0300ff00,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eGOST2814789CNT,
- SSL_MD5,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- "GOST-GOST94",
- 0x0300ff01,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eGOST2814789CNT,
- SSL_GOST94,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256},
- {
- 1,
- "GOST-GOST89MAC",
- 0x0300ff02,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eGOST2814789CNT,
- SSL_GOST89MAC,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256},
- {
- 1,
- "GOST-GOST89STREAM",
- 0x0300ff03,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eGOST2814789CNT,
- SSL_GOST89MAC,
- SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC,
- 256,
- 256},
-#endif
-
-/* end of list */
-};
-
-SSL3_ENC_METHOD SSLv3_enc_data = {
- ssl3_enc,
- n_ssl3_mac,
- ssl3_setup_key_block,
- ssl3_generate_master_secret,
- ssl3_change_cipher_state,
- ssl3_final_finish_mac,
- MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
- ssl3_cert_verify_mac,
- SSL3_MD_CLIENT_FINISHED_CONST, 4,
- SSL3_MD_SERVER_FINISHED_CONST, 4,
- ssl3_alert_code,
- (int (*)(SSL *, unsigned char *, size_t, const char *,
- size_t, const unsigned char *, size_t,
- int use_context))ssl_undefined_function,
-};
-
-long ssl3_default_timeout(void)
-{
- /*
- * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
- * http, the cache would over fill
- */
- return (60 * 60 * 2);
-}
-
-int ssl3_num_ciphers(void)
-{
- return (SSL3_NUM_CIPHERS);
-}
-
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
-{
- if (u < SSL3_NUM_CIPHERS)
- return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
- else
- return (NULL);
-}
-
-int ssl3_pending(const SSL *s)
-{
- if (s->rstate == SSL_ST_READ_BODY)
- return 0;
-
- return (s->s3->rrec.type ==
- SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
-}
-
-int ssl3_new(SSL *s)
-{
- SSL3_STATE *s3;
-
- if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
- goto err;
- memset(s3, 0, sizeof *s3);
- memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
- memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
-
- s->s3 = s3;
-
-#ifndef OPENSSL_NO_SRP
- SSL_SRP_CTX_init(s);
-#endif
- s->method->ssl_clear(s);
- return (1);
- err:
- return (0);
-}
-
-void ssl3_free(SSL *s)
-{
- if (s == NULL || s->s3 == NULL)
- return;
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL)
- OPENSSL_free(s->s3->client_opaque_prf_input);
- if (s->s3->server_opaque_prf_input != NULL)
- OPENSSL_free(s->s3->server_opaque_prf_input);
-#endif
-
- ssl3_cleanup_key_block(s);
- if (s->s3->rbuf.buf != NULL)
- ssl3_release_read_buffer(s);
- if (s->s3->wbuf.buf != NULL)
- ssl3_release_write_buffer(s);
- if (s->s3->rrec.comp != NULL)
- OPENSSL_free(s->s3->rrec.comp);
-#ifndef OPENSSL_NO_DH
- if (s->s3->tmp.dh != NULL)
- DH_free(s->s3->tmp.dh);
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (s->s3->tmp.ecdh != NULL)
- EC_KEY_free(s->s3->tmp.ecdh);
-#endif
-
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- if (s->s3->handshake_buffer) {
- BIO_free(s->s3->handshake_buffer);
- }
- if (s->s3->handshake_dgst)
- ssl3_free_digest_list(s);
-#ifndef OPENSSL_NO_SRP
- SSL_SRP_CTX_free(s);
-#endif
- OPENSSL_cleanse(s->s3, sizeof *s->s3);
- OPENSSL_free(s->s3);
- s->s3 = NULL;
-}
-
-void ssl3_clear(SSL *s)
-{
- unsigned char *rp, *wp;
- size_t rlen, wlen;
- int init_extra;
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL)
- OPENSSL_free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
- if (s->s3->server_opaque_prf_input != NULL)
- OPENSSL_free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-#endif
-
- ssl3_cleanup_key_block(s);
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-
- if (s->s3->rrec.comp != NULL) {
- OPENSSL_free(s->s3->rrec.comp);
- s->s3->rrec.comp = NULL;
- }
-#ifndef OPENSSL_NO_DH
- if (s->s3->tmp.dh != NULL) {
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh = NULL;
- }
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (s->s3->tmp.ecdh != NULL) {
- EC_KEY_free(s->s3->tmp.ecdh);
- s->s3->tmp.ecdh = NULL;
- }
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
- s->s3->is_probably_safari = 0;
-# endif /* !OPENSSL_NO_EC */
-#endif /* !OPENSSL_NO_TLSEXT */
-
- rp = s->s3->rbuf.buf;
- wp = s->s3->wbuf.buf;
- rlen = s->s3->rbuf.len;
- wlen = s->s3->wbuf.len;
- init_extra = s->s3->init_extra;
- if (s->s3->handshake_buffer) {
- BIO_free(s->s3->handshake_buffer);
- s->s3->handshake_buffer = NULL;
- }
- if (s->s3->handshake_dgst) {
- ssl3_free_digest_list(s);
- }
- memset(s->s3, 0, sizeof *s->s3);
- s->s3->rbuf.buf = rp;
- s->s3->wbuf.buf = wp;
- s->s3->rbuf.len = rlen;
- s->s3->wbuf.len = wlen;
- s->s3->init_extra = init_extra;
-
- ssl_free_wbio_buffer(s);
-
- s->packet_length = 0;
- s->s3->renegotiate = 0;
- s->s3->total_renegotiations = 0;
- s->s3->num_renegotiations = 0;
- s->s3->in_read_app_data = 0;
- s->version = SSL3_VERSION;
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- if (s->next_proto_negotiated) {
- OPENSSL_free(s->next_proto_negotiated);
- s->next_proto_negotiated = NULL;
- s->next_proto_negotiated_len = 0;
- }
-#endif
-}
-
-#ifndef OPENSSL_NO_SRP
-static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
-{
- return BUF_strdup(s->srp_ctx.info);
-}
-#endif
-
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
- int ret = 0;
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
- if (
-# ifndef OPENSSL_NO_RSA
- cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-# endif
-# ifndef OPENSSL_NO_DSA
- cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB ||
-# endif
- 0) {
- if (!ssl_cert_inst(&s->cert)) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- }
-#endif
-
- switch (cmd) {
- case SSL_CTRL_GET_SESSION_REUSED:
- ret = s->hit;
- break;
- case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
- break;
- case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
- ret = s->s3->num_renegotiations;
- break;
- case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
- ret = s->s3->num_renegotiations;
- s->s3->num_renegotiations = 0;
- break;
- case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
- ret = s->s3->total_renegotiations;
- break;
- case SSL_CTRL_GET_FLAGS:
- ret = (int)(s->s3->flags);
- break;
-#ifndef OPENSSL_NO_RSA
- case SSL_CTRL_NEED_TMP_RSA:
- if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
- ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
- (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
- (512 / 8))))
- ret = 1;
- break;
- case SSL_CTRL_SET_TMP_RSA:
- {
- RSA *rsa = (RSA *)parg;
- if (rsa == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return (ret);
- }
- if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
- return (ret);
- }
- if (s->cert->rsa_tmp != NULL)
- RSA_free(s->cert->rsa_tmp);
- s->cert->rsa_tmp = rsa;
- ret = 1;
- }
- break;
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (ret);
- }
- break;
-#endif
-#ifndef OPENSSL_NO_DH
- case SSL_CTRL_SET_TMP_DH:
- {
- DH *dh = (DH *)parg;
- if (dh == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return (ret);
- }
- if ((dh = DHparams_dup(dh)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
- return (ret);
- }
- if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
- if (!DH_generate_key(dh)) {
- DH_free(dh);
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
- return (ret);
- }
- }
- if (s->cert->dh_tmp != NULL)
- DH_free(s->cert->dh_tmp);
- s->cert->dh_tmp = dh;
- ret = 1;
- }
- break;
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (ret);
- }
- break;
-#endif
-#ifndef OPENSSL_NO_ECDH
- case SSL_CTRL_SET_TMP_ECDH:
- {
- EC_KEY *ecdh = NULL;
-
- if (parg == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return (ret);
- }
- if (!EC_KEY_up_ref((EC_KEY *)parg)) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
- return (ret);
- }
- ecdh = (EC_KEY *)parg;
- if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
- if (!EC_KEY_generate_key(ecdh)) {
- EC_KEY_free(ecdh);
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
- return (ret);
- }
- }
- if (s->cert->ecdh_tmp != NULL)
- EC_KEY_free(s->cert->ecdh_tmp);
- s->cert->ecdh_tmp = ecdh;
- ret = 1;
- }
- break;
- case SSL_CTRL_SET_TMP_ECDH_CB:
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (ret);
- }
- break;
-#endif /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_TLSEXT
- case SSL_CTRL_SET_TLSEXT_HOSTNAME:
- if (larg == TLSEXT_NAMETYPE_host_name) {
- if (s->tlsext_hostname != NULL)
- OPENSSL_free(s->tlsext_hostname);
- s->tlsext_hostname = NULL;
-
- ret = 1;
- if (parg == NULL)
- break;
- if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
- SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
- return 0;
- }
- if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- } else {
- SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
- return 0;
- }
- break;
- case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
- s->tlsext_debug_arg = parg;
- ret = 1;
- break;
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
- if (larg > 12288) { /* actual internal limit is 2^16 for the
- * complete hello message * (including the
- * cert chain and everything) */
- SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
- break;
- }
- if (s->tlsext_opaque_prf_input != NULL)
- OPENSSL_free(s->tlsext_opaque_prf_input);
- if ((size_t)larg == 0)
- s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte
- * just to get
- * non-NULL */
- else
- s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
- if (s->tlsext_opaque_prf_input != NULL) {
- s->tlsext_opaque_prf_input_len = (size_t)larg;
- ret = 1;
- } else
- s->tlsext_opaque_prf_input_len = 0;
- break;
-# endif
-
- case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
- s->tlsext_status_type = larg;
- ret = 1;
- break;
-
- case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
- *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
- ret = 1;
- break;
-
- case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
- s->tlsext_ocsp_exts = parg;
- ret = 1;
- break;
-
- case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
- *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
- ret = 1;
- break;
-
- case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
- s->tlsext_ocsp_ids = parg;
- ret = 1;
- break;
-
- case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
- *(unsigned char **)parg = s->tlsext_ocsp_resp;
- return s->tlsext_ocsp_resplen;
-
- case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = parg;
- s->tlsext_ocsp_resplen = larg;
- ret = 1;
- break;
-
-# ifndef OPENSSL_NO_HEARTBEATS
- case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
- if (SSL_version(s) == DTLS1_VERSION
- || SSL_version(s) == DTLS1_BAD_VER)
- ret = dtls1_heartbeat(s);
- else
- ret = tls1_heartbeat(s);
- break;
-
- case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
- ret = s->tlsext_hb_pending;
- break;
-
- case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
- if (larg)
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
- else
- s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
- ret = 1;
- break;
-# endif
-
-#endif /* !OPENSSL_NO_TLSEXT */
-
- case SSL_CTRL_CHECK_PROTO_VERSION:
- /*
- * For library-internal use; checks that the current protocol is the
- * highest enabled version (according to s->ctx->method, as version
- * negotiation may have changed s->method).
- */
- if (s->version == s->ctx->method->version)
- return 1;
- /*
- * Apparently we're using a version-flexible SSL_METHOD (not at its
- * highest protocol version).
- */
- if (s->ctx->method->version == SSLv23_method()->version) {
-#if TLS_MAX_VERSION != TLS1_2_VERSION
-# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
-#endif
- if (!(s->options & SSL_OP_NO_TLSv1_2))
- return s->version == TLS1_2_VERSION;
- if (!(s->options & SSL_OP_NO_TLSv1_1))
- return s->version == TLS1_1_VERSION;
- if (!(s->options & SSL_OP_NO_TLSv1))
- return s->version == TLS1_VERSION;
- if (!(s->options & SSL_OP_NO_SSLv3))
- return s->version == SSL3_VERSION;
- if (!(s->options & SSL_OP_NO_SSLv2))
- return s->version == SSL2_VERSION;
- }
- return 0; /* Unexpected state; fail closed. */
-
- default:
- break;
- }
- return (ret);
-}
-
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
-{
- int ret = 0;
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
- if (
-# ifndef OPENSSL_NO_RSA
- cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-# endif
-# ifndef OPENSSL_NO_DSA
- cmd == SSL_CTRL_SET_TMP_DH_CB ||
-# endif
- 0) {
- if (!ssl_cert_inst(&s->cert)) {
- SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- }
-#endif
-
- switch (cmd) {
-#ifndef OPENSSL_NO_RSA
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef OPENSSL_NO_DH
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef OPENSSL_NO_ECDH
- case SSL_CTRL_SET_TMP_ECDH_CB:
- {
- s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
- case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
- s->tlsext_debug_cb = (void (*)(SSL *, int, int,
- unsigned char *, int, void *))fp;
- break;
-#endif
- default:
- break;
- }
- return (ret);
-}
-
-long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
- CERT *cert;
-
- cert = ctx->cert;
-
- switch (cmd) {
-#ifndef OPENSSL_NO_RSA
- case SSL_CTRL_NEED_TMP_RSA:
- if ((cert->rsa_tmp == NULL) &&
- ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
- (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
- (512 / 8)))
- )
- return (1);
- else
- return (0);
- /* break; */
- case SSL_CTRL_SET_TMP_RSA:
- {
- RSA *rsa;
- int i;
-
- rsa = (RSA *)parg;
- i = 1;
- if (rsa == NULL)
- i = 0;
- else {
- if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
- i = 0;
- }
- if (!i) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
- return (0);
- } else {
- if (cert->rsa_tmp != NULL)
- RSA_free(cert->rsa_tmp);
- cert->rsa_tmp = rsa;
- return (1);
- }
- }
- /* break; */
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
- }
- break;
-#endif
-#ifndef OPENSSL_NO_DH
- case SSL_CTRL_SET_TMP_DH:
- {
- DH *new = NULL, *dh;
-
- dh = (DH *)parg;
- if ((new = DHparams_dup(dh)) == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
- return 0;
- }
- if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
- if (!DH_generate_key(new)) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
- DH_free(new);
- return 0;
- }
- }
- if (cert->dh_tmp != NULL)
- DH_free(cert->dh_tmp);
- cert->dh_tmp = new;
- return 1;
- }
- /*
- * break;
- */
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
- }
- break;
-#endif
-#ifndef OPENSSL_NO_ECDH
- case SSL_CTRL_SET_TMP_ECDH:
- {
- EC_KEY *ecdh = NULL;
-
- if (parg == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
- return 0;
- }
- ecdh = EC_KEY_dup((EC_KEY *)parg);
- if (ecdh == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
- return 0;
- }
- if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
- if (!EC_KEY_generate_key(ecdh)) {
- EC_KEY_free(ecdh);
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
- return 0;
- }
- }
-
- if (cert->ecdh_tmp != NULL) {
- EC_KEY_free(cert->ecdh_tmp);
- }
- cert->ecdh_tmp = ecdh;
- return 1;
- }
- /* break; */
- case SSL_CTRL_SET_TMP_ECDH_CB:
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
- }
- break;
-#endif /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_TLSEXT
- case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
- ctx->tlsext_servername_arg = parg;
- break;
- case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
- case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
- {
- unsigned char *keys = parg;
- if (!keys)
- return 48;
- if (larg != 48) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
- return 0;
- }
- if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
- memcpy(ctx->tlsext_tick_key_name, keys, 16);
- memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
- memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
- } else {
- memcpy(keys, ctx->tlsext_tick_key_name, 16);
- memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
- memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
- }
- return 1;
- }
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
- ctx->tlsext_opaque_prf_input_callback_arg = parg;
- return 1;
-# endif
-
- case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
- ctx->tlsext_status_arg = parg;
- return 1;
- break;
-
-# ifndef OPENSSL_NO_SRP
- case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
- ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- if (ctx->srp_ctx.login != NULL)
- OPENSSL_free(ctx->srp_ctx.login);
- ctx->srp_ctx.login = NULL;
- if (parg == NULL)
- break;
- if (strlen((const char *)parg) > 255
- || strlen((const char *)parg) < 1) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
- return 0;
- }
- if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- break;
- case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
- ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
- srp_password_from_info_cb;
- ctx->srp_ctx.info = parg;
- break;
- case SSL_CTRL_SET_SRP_ARG:
- ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- ctx->srp_ctx.SRP_cb_arg = parg;
- break;
-
- case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
- ctx->srp_ctx.strength = larg;
- break;
-# endif
-#endif /* !OPENSSL_NO_TLSEXT */
-
- /* A Thawte special :-) */
- case SSL_CTRL_EXTRA_CHAIN_CERT:
- if (ctx->extra_certs == NULL) {
- if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
- return (0);
- }
- sk_X509_push(ctx->extra_certs, (X509 *)parg);
- break;
-
- case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
- *(STACK_OF(X509) **)parg = ctx->extra_certs;
- break;
-
- case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
- if (ctx->extra_certs) {
- sk_X509_pop_free(ctx->extra_certs, X509_free);
- ctx->extra_certs = NULL;
- }
- break;
-
- default:
- return (0);
- }
- return (1);
-}
-
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
-{
- CERT *cert;
-
- cert = ctx->cert;
-
- switch (cmd) {
-#ifndef OPENSSL_NO_RSA
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef OPENSSL_NO_DH
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef OPENSSL_NO_ECDH
- case SSL_CTRL_SET_TMP_ECDH_CB:
- {
- cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
- case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
- ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
- break;
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
- ctx->tlsext_opaque_prf_input_callback =
- (int (*)(SSL *, void *, size_t, void *))fp;
- break;
-# endif
-
- case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
- ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
- break;
-
- case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
- ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
- unsigned char *,
- EVP_CIPHER_CTX *,
- HMAC_CTX *, int))fp;
- break;
-
-# ifndef OPENSSL_NO_SRP
- case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
- ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
- break;
- case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
- ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- ctx->srp_ctx.TLS_ext_srp_username_callback =
- (int (*)(SSL *, int *, void *))fp;
- break;
- case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
- ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
- (char *(*)(SSL *, void *))fp;
- break;
-# endif
-#endif
-
- default:
- return (0);
- }
- return (1);
-}
-
-/*
- * This function needs to check if the ciphers required are actually
- * available
- */
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
-{
- SSL_CIPHER c;
- const SSL_CIPHER *cp;
- unsigned long id;
-
- id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
- c.id = id;
- cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
-#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
- if (cp == NULL)
- fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
-#endif
- if (cp == NULL || cp->valid == 0)
- return NULL;
- else
- return cp;
-}
-
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
- long l;
-
- if (p != NULL) {
- l = c->id;
- if ((l & 0xff000000) != 0x03000000)
- return (0);
- p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
- p[1] = ((unsigned char)(l)) & 0xFF;
- }
- return (2);
-}
-
-SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
- STACK_OF(SSL_CIPHER) *srvr)
-{
- SSL_CIPHER *c, *ret = NULL;
- STACK_OF(SSL_CIPHER) *prio, *allow;
- int i, ii, ok;
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
- unsigned int j;
- int ec_ok, ec_nid;
- unsigned char ec_search1 = 0, ec_search2 = 0;
-#endif
- CERT *cert;
- unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
-
- /* Let's see which ciphers we can support */
- cert = s->cert;
-
-#if 0
- /*
- * Do not set the compare functions, because this may lead to a
- * reordering by "id". We want to keep the original ordering. We may pay
- * a price in performance during sk_SSL_CIPHER_find(), but would have to
- * pay with the price of sk_SSL_CIPHER_dup().
- */
- sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
- sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
-#endif
-
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
- (void *)srvr);
- for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
- c = sk_SSL_CIPHER_value(srvr, i);
- fprintf(stderr, "%p:%s\n", (void *)c, c->name);
- }
- fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
- (void *)clnt);
- for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
- c = sk_SSL_CIPHER_value(clnt, i);
- fprintf(stderr, "%p:%s\n", (void *)c, c->name);
- }
-#endif
-
- if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
- prio = srvr;
- allow = clnt;
- } else {
- prio = clnt;
- allow = srvr;
- }
-
- for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
- c = sk_SSL_CIPHER_value(prio, i);
-
- /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
- if ((c->algorithm_ssl & SSL_TLSV1_2) &&
- (TLS1_get_version(s) < TLS1_2_VERSION))
- continue;
-
- ssl_set_cert_masks(cert, c);
- mask_k = cert->mask_k;
- mask_a = cert->mask_a;
- emask_k = cert->export_mask_k;
- emask_a = cert->export_mask_a;
-#ifndef OPENSSL_NO_SRP
- if (s->srp_ctx.srp_Mask & SSL_kSRP) {
- mask_k |= SSL_kSRP;
- emask_k |= SSL_kSRP;
- mask_a |= SSL_aSRP;
- emask_a |= SSL_aSRP;
- }
-#endif
-
-#ifdef KSSL_DEBUG
- /*
- * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n",
- * i,c->algorithms);
- */
-#endif /* KSSL_DEBUG */
-
- alg_k = c->algorithm_mkey;
- alg_a = c->algorithm_auth;
-
-#ifndef OPENSSL_NO_KRB5
- if (alg_k & SSL_kKRB5) {
- if (!kssl_keytab_is_available(s->kssl_ctx))
- continue;
- }
-#endif /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_PSK
- /* with PSK there must be server callback set */
- if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
- continue;
-#endif /* OPENSSL_NO_PSK */
-
- if (SSL_C_IS_EXPORT(c)) {
- ok = (alg_k & emask_k) && (alg_a & emask_a);
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
- ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name);
-#endif
- } else {
- ok = (alg_k & mask_k) && (alg_a & mask_a);
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
- alg_a, mask_k, mask_a, (void *)c, c->name);
-#endif
- }
-
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
- if (
- /*
- * if we are considering an ECC cipher suite that uses our
- * certificate
- */
- (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
- /* and we have an ECC certificate */
- && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
- /*
- * and the client specified a Supported Point Formats
- * extension
- */
- && ((s->session->tlsext_ecpointformatlist_length > 0)
- && (s->session->tlsext_ecpointformatlist != NULL))
- /* and our certificate's point is compressed */
- && ((s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
- && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key !=
- NULL)
- && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
- key->public_key != NULL)
- && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
- key->public_key->data != NULL)
- &&
- ((*
- (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
- key->public_key->data) == POINT_CONVERSION_COMPRESSED)
- ||
- (*
- (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
- key->public_key->data) ==
- POINT_CONVERSION_COMPRESSED + 1)
- )
- )
- ) {
- ec_ok = 0;
- /*
- * if our certificate's curve is over a field type that the
- * client does not support then do not allow this cipher suite to
- * be negotiated
- */
- if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
- && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group !=
- NULL)
- && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
- group->meth != NULL)
- &&
- (EC_METHOD_get_field_type
- (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
- group->meth) == NID_X9_62_prime_field)
- ) {
- for (j = 0; j < s->session->tlsext_ecpointformatlist_length;
- j++) {
- if (s->session->tlsext_ecpointformatlist[j] ==
- TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) {
- ec_ok = 1;
- break;
- }
- }
- } else
- if (EC_METHOD_get_field_type
- (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
- group->meth) == NID_X9_62_characteristic_two_field) {
- for (j = 0; j < s->session->tlsext_ecpointformatlist_length;
- j++) {
- if (s->session->tlsext_ecpointformatlist[j] ==
- TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) {
- ec_ok = 1;
- break;
- }
- }
- }
- ok = ok && ec_ok;
- }
- if (
- /*
- * if we are considering an ECC cipher suite that uses our
- * certificate
- */
- (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
- /* and we have an ECC certificate */
- && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
- /*
- * and the client specified an EllipticCurves extension
- */
- && ((s->session->tlsext_ellipticcurvelist_length > 0)
- && (s->session->tlsext_ellipticcurvelist != NULL))
- ) {
- ec_ok = 0;
- if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
- && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group !=
- NULL)
- ) {
- ec_nid =
- EC_GROUP_get_curve_name(s->cert->
- pkeys[SSL_PKEY_ECC].privatekey->
- pkey.ec->group);
- if ((ec_nid == 0)
- && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.
- ec->group->meth != NULL)
- ) {
- if (EC_METHOD_get_field_type
- (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.
- ec->group->meth) == NID_X9_62_prime_field) {
- ec_search1 = 0xFF;
- ec_search2 = 0x01;
- } else
- if (EC_METHOD_get_field_type
- (s->cert->pkeys[SSL_PKEY_ECC].privatekey->
- pkey.ec->group->meth) ==
- NID_X9_62_characteristic_two_field) {
- ec_search1 = 0xFF;
- ec_search2 = 0x02;
- }
- } else {
- ec_search1 = 0x00;
- ec_search2 = tls1_ec_nid2curve_id(ec_nid);
- }
- if ((ec_search1 != 0) || (ec_search2 != 0)) {
- for (j = 0;
- j < s->session->tlsext_ellipticcurvelist_length / 2;
- j++) {
- if ((s->session->tlsext_ellipticcurvelist[2 * j] ==
- ec_search1)
- && (s->session->tlsext_ellipticcurvelist[2 * j +
- 1] ==
- ec_search2)) {
- ec_ok = 1;
- break;
- }
- }
- }
- }
- ok = ok && ec_ok;
- }
-# ifndef OPENSSL_NO_ECDH
- if (
- /*
- * if we are considering an ECC cipher suite that uses an
- * ephemeral EC key
- */
- (alg_k & SSL_kEECDH)
- /* and we have an ephemeral EC key */
- && (s->cert->ecdh_tmp != NULL)
- /*
- * and the client specified an EllipticCurves extension
- */
- && ((s->session->tlsext_ellipticcurvelist_length > 0)
- && (s->session->tlsext_ellipticcurvelist != NULL))
- ) {
- ec_ok = 0;
- if (s->cert->ecdh_tmp->group != NULL) {
- ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
- if ((ec_nid == 0)
- && (s->cert->ecdh_tmp->group->meth != NULL)
- ) {
- if (EC_METHOD_get_field_type
- (s->cert->ecdh_tmp->group->meth) ==
- NID_X9_62_prime_field) {
- ec_search1 = 0xFF;
- ec_search2 = 0x01;
- } else
- if (EC_METHOD_get_field_type
- (s->cert->ecdh_tmp->group->meth) ==
- NID_X9_62_characteristic_two_field) {
- ec_search1 = 0xFF;
- ec_search2 = 0x02;
- }
- } else {
- ec_search1 = 0x00;
- ec_search2 = tls1_ec_nid2curve_id(ec_nid);
- }
- if ((ec_search1 != 0) || (ec_search2 != 0)) {
- for (j = 0;
- j < s->session->tlsext_ellipticcurvelist_length / 2;
- j++) {
- if ((s->session->tlsext_ellipticcurvelist[2 * j] ==
- ec_search1)
- && (s->session->tlsext_ellipticcurvelist[2 * j +
- 1] ==
- ec_search2)) {
- ec_ok = 1;
- break;
- }
- }
- }
- }
- ok = ok && ec_ok;
- }
-# endif /* OPENSSL_NO_ECDH */
-# endif /* OPENSSL_NO_EC */
-#endif /* OPENSSL_NO_TLSEXT */
-
- if (!ok)
- continue;
- ii = sk_SSL_CIPHER_find(allow, c);
- if (ii >= 0) {
-#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
- if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA)
- && s->s3->is_probably_safari) {
- if (!ret)
- ret = sk_SSL_CIPHER_value(allow, ii);
- continue;
- }
-#endif
- ret = sk_SSL_CIPHER_value(allow, ii);
- break;
- }
- }
- return (ret);
-}
-
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
-{
- int ret = 0;
- unsigned long alg_k;
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-#ifndef OPENSSL_NO_GOST
- if (s->version >= TLS1_VERSION) {
- if (alg_k & SSL_kGOST) {
- p[ret++] = TLS_CT_GOST94_SIGN;
- p[ret++] = TLS_CT_GOST01_SIGN;
- return (ret);
- }
- }
-#endif
-
-#ifndef OPENSSL_NO_DH
- if (alg_k & (SSL_kDHr | SSL_kEDH)) {
-# ifndef OPENSSL_NO_RSA
- p[ret++] = SSL3_CT_RSA_FIXED_DH;
-# endif
-# ifndef OPENSSL_NO_DSA
- p[ret++] = SSL3_CT_DSS_FIXED_DH;
-# endif
- }
- if ((s->version == SSL3_VERSION) &&
- (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
-# ifndef OPENSSL_NO_RSA
- p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
-# endif
-# ifndef OPENSSL_NO_DSA
- p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
-# endif
- }
-#endif /* !OPENSSL_NO_DH */
-#ifndef OPENSSL_NO_RSA
- p[ret++] = SSL3_CT_RSA_SIGN;
-#endif
-#ifndef OPENSSL_NO_DSA
- p[ret++] = SSL3_CT_DSS_SIGN;
-#endif
-#ifndef OPENSSL_NO_ECDH
- if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
- p[ret++] = TLS_CT_RSA_FIXED_ECDH;
- p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
- }
-#endif
-
-#ifndef OPENSSL_NO_ECDSA
- /*
- * ECDSA certs can be used with RSA cipher suites as well so we don't
- * need to check for SSL_kECDH or SSL_kEECDH
- */
- if (s->version >= TLS1_VERSION) {
- p[ret++] = TLS_CT_ECDSA_SIGN;
- }
-#endif
- return (ret);
-}
-
-int ssl3_shutdown(SSL *s)
-{
- int ret;
-
- /*
- * Don't do anything much if we have not done the handshake or we don't
- * want to send messages :-)
- */
- if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
- s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
- return (1);
- }
-
- if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
- s->shutdown |= SSL_SENT_SHUTDOWN;
-#if 1
- ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
-#endif
- /*
- * our shutdown alert has been sent now, and if it still needs to be
- * written, s->s3->alert_dispatch will be true
- */
- if (s->s3->alert_dispatch)
- return (-1); /* return WANT_WRITE */
- } else if (s->s3->alert_dispatch) {
- /* resend it if not sent */
-#if 1
- ret = s->method->ssl_dispatch_alert(s);
- if (ret == -1) {
- /*
- * we only get to return -1 here the 2nd/Nth invocation, we must
- * have already signalled return 0 upon a previous invoation,
- * return WANT_WRITE
- */
- return (ret);
- }
-#endif
- } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
- /*
- * If we are waiting for a close from our peer, we are closed
- */
- s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
- if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
- return (-1); /* return WANT_READ */
- }
- }
-
- if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
- !s->s3->alert_dispatch)
- return (1);
- else
- return (0);
-}
-
-int ssl3_write(SSL *s, const void *buf, int len)
-{
- int ret, n;
-
-#if 0
- if (s->shutdown & SSL_SEND_SHUTDOWN) {
- s->rwstate = SSL_NOTHING;
- return (0);
- }
-#endif
- clear_sys_error();
- if (s->s3->renegotiate)
- ssl3_renegotiate_check(s);
-
- /*
- * This is an experimental flag that sends the last handshake message in
- * the same packet as the first use data - used to see if it helps the
- * TCP protocol during session-id reuse
- */
- /* The second test is because the buffer may have been removed */
- if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
- /* First time through, we write into the buffer */
- if (s->s3->delay_buf_pop_ret == 0) {
- ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len);
- if (ret <= 0)
- return (ret);
-
- s->s3->delay_buf_pop_ret = ret;
- }
-
- s->rwstate = SSL_WRITING;
- n = BIO_flush(s->wbio);
- if (n <= 0)
- return (n);
- s->rwstate = SSL_NOTHING;
-
- /* We have flushed the buffer, so remove it */
- ssl_free_wbio_buffer(s);
- s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
-
- ret = s->s3->delay_buf_pop_ret;
- s->s3->delay_buf_pop_ret = 0;
- } else {
- ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
- buf, len);
- if (ret <= 0)
- return (ret);
- }
-
- return (ret);
-}
-
-static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
-{
- int ret;
-
- clear_sys_error();
- if (s->s3->renegotiate)
- ssl3_renegotiate_check(s);
- s->s3->in_read_app_data = 1;
- ret =
- s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
- peek);
- if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
- /*
- * ssl3_read_bytes decided to call s->handshake_func, which called
- * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
- * actually found application data and thinks that application data
- * makes sense here; so disable handshake processing and try to read
- * application data again.
- */
- s->in_handshake++;
- ret =
- s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
- peek);
- s->in_handshake--;
- } else
- s->s3->in_read_app_data = 0;
-
- return (ret);
-}
-
-int ssl3_read(SSL *s, void *buf, int len)
-{
- return ssl3_read_internal(s, buf, len, 0);
-}
-
-int ssl3_peek(SSL *s, void *buf, int len)
-{
- return ssl3_read_internal(s, buf, len, 1);
-}
-
-int ssl3_renegotiate(SSL *s)
-{
- if (s->handshake_func == NULL)
- return (1);
-
- if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
- return (0);
-
- s->s3->renegotiate = 1;
- return (1);
-}
-
-int ssl3_renegotiate_check(SSL *s)
-{
- int ret = 0;
-
- if (s->s3->renegotiate) {
- if ((s->s3->rbuf.left == 0) &&
- (s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
- /*
- * if we are the server, and we have sent a 'RENEGOTIATE'
- * message, we need to go to SSL_ST_ACCEPT.
- */
- /* SSL_ST_ACCEPT */
- s->state = SSL_ST_RENEGOTIATE;
- s->s3->renegotiate = 0;
- s->s3->num_renegotiations++;
- s->s3->total_renegotiations++;
- ret = 1;
- }
- }
- return (ret);
-}
-
-/*
- * If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
- * to new SHA256 PRF and handshake macs
- */
-long ssl_get_algorithm2(SSL *s)
-{
- long alg2 = s->s3->tmp.new_cipher->algorithm2;
- if (s->method->version == TLS1_2_VERSION &&
- alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
- return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
- return alg2;
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s3_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,4366 @@
+/* ssl/s3_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+# include "../crypto/ec/ec_lcl.h"
+# endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
+#include <openssl/md5.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT;
+
+#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+
+/* list of available SSLv3 ciphers (sorted by id) */
+OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
+
+/* The RSA ciphers */
+/* Cipher 01 */
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_MD5,
+ SSL3_CK_RSA_NULL_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+/* Cipher 02 */
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_SHA,
+ SSL3_CK_RSA_NULL_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+/* Cipher 03 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_40_MD5,
+ SSL3_CK_RSA_RC4_40_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+#endif
+
+/* Cipher 04 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_MD5,
+ SSL3_CK_RSA_RC4_128_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 05 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_SHA,
+ SSL3_CK_RSA_RC4_128_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 06 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_RSA_RC2_40_MD5,
+ SSL3_CK_RSA_RC2_40_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+#endif
+
+/* Cipher 07 */
+#ifndef OPENSSL_NO_IDEA
+ {
+ 1,
+ SSL3_TXT_RSA_IDEA_128_SHA,
+ SSL3_CK_RSA_IDEA_128_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_IDEA,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+#endif
+
+/* Cipher 08 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_RSA_DES_40_CBC_SHA,
+ SSL3_CK_RSA_DES_40_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+#endif
+
+/* Cipher 09 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_RSA_DES_64_CBC_SHA,
+ SSL3_CK_RSA_DES_64_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+#endif
+
+/* Cipher 0A */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_RSA_DES_192_CBC3_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* The DH ciphers */
+/* Cipher 0B */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+ SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+#endif
+
+/* Cipher 0C */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+ SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+#endif
+
+/* Cipher 0D */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* Cipher 0E */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+ SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+#endif
+
+/* Cipher 0F */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+ SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+#endif
+
+/* Cipher 10 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* The Ephemeral DH ciphers */
+/* Cipher 11 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+ SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+#endif
+
+/* Cipher 12 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+ SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+#endif
+
+/* Cipher 13 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* Cipher 14 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+ SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+#endif
+
+/* Cipher 15 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+ SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+#endif
+
+/* Cipher 16 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* Cipher 17 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_40_MD5,
+ SSL3_CK_ADH_RC4_40_MD5,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+#endif
+
+/* Cipher 18 */
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_128_MD5,
+ SSL3_CK_ADH_RC4_128_MD5,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 19 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_ADH_DES_40_CBC_SHA,
+ SSL3_CK_ADH_DES_40_CBC_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+#endif
+
+/* Cipher 1A */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_ADH_DES_64_CBC_SHA,
+ SSL3_CK_ADH_DES_64_CBC_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+#endif
+
+/* Cipher 1B */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_192_CBC_SHA,
+ SSL3_CK_ADH_DES_192_CBC_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* Fortezza ciphersuite from SSL 3.0 spec */
+#if 0
+/* Cipher 1C */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_NULL_SHA,
+ SSL3_CK_FZA_DMS_NULL_SHA,
+ SSL_kFZA,
+ SSL_aFZA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+/* Cipher 1D */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_FZA_SHA,
+ SSL3_CK_FZA_DMS_FZA_SHA,
+ SSL_kFZA,
+ SSL_aFZA,
+ SSL_eFZA,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+/* Cipher 1E */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_RC4_SHA,
+ SSL3_CK_FZA_DMS_RC4_SHA,
+ SSL_kFZA,
+ SSL_aFZA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+#endif
+
+#ifndef OPENSSL_NO_KRB5
+/* The Kerberos ciphers*/
+/* Cipher 1E */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_DES_64_CBC_SHA,
+ SSL3_CK_KRB5_DES_64_CBC_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+# endif
+
+/* Cipher 1F */
+ {
+ 1,
+ SSL3_TXT_KRB5_DES_192_CBC3_SHA,
+ SSL3_CK_KRB5_DES_192_CBC3_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* Cipher 20 */
+ {
+ 1,
+ SSL3_TXT_KRB5_RC4_128_SHA,
+ SSL3_CK_KRB5_RC4_128_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 21 */
+ {
+ 1,
+ SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
+ SSL3_CK_KRB5_IDEA_128_CBC_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_IDEA,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 22 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_DES_64_CBC_MD5,
+ SSL3_CK_KRB5_DES_64_CBC_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+# endif
+
+/* Cipher 23 */
+ {
+ 1,
+ SSL3_TXT_KRB5_DES_192_CBC3_MD5,
+ SSL3_CK_KRB5_DES_192_CBC3_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_3DES,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+/* Cipher 24 */
+ {
+ 1,
+ SSL3_TXT_KRB5_RC4_128_MD5,
+ SSL3_CK_KRB5_RC4_128_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 25 */
+ {
+ 1,
+ SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
+ SSL3_CK_KRB5_IDEA_128_CBC_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_IDEA,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 26 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_DES_40_CBC_SHA,
+ SSL3_CK_KRB5_DES_40_CBC_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+# endif
+
+/* Cipher 27 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_RC2_40_CBC_SHA,
+ SSL3_CK_KRB5_RC2_40_CBC_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC2,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+# endif
+
+/* Cipher 28 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_RC4_40_SHA,
+ SSL3_CK_KRB5_RC4_40_SHA,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+# endif
+
+/* Cipher 29 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_DES_40_CBC_MD5,
+ SSL3_CK_KRB5_DES_40_CBC_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 56,
+ },
+# endif
+
+/* Cipher 2A */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_RC2_40_CBC_MD5,
+ SSL3_CK_KRB5_RC2_40_CBC_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+# endif
+
+/* Cipher 2B */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ SSL3_TXT_KRB5_RC4_40_MD5,
+ SSL3_CK_KRB5_RC4_40_MD5,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 40,
+ 128,
+ },
+# endif
+#endif /* OPENSSL_NO_KRB5 */
+
+/* New AES ciphersuites */
+/* Cipher 2F */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_SHA,
+ TLS1_CK_RSA_WITH_AES_128_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+/* Cipher 30 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+ TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+/* Cipher 31 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+ TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+/* Cipher 32 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+ TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+/* Cipher 33 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+ TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+/* Cipher 34 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_SHA,
+ TLS1_CK_ADH_WITH_AES_128_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+/* Cipher 35 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_SHA,
+ TLS1_CK_RSA_WITH_AES_256_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+/* Cipher 36 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+ TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+/* Cipher 37 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+ TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+/* Cipher 38 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+ TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+/* Cipher 39 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 3A */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_SHA,
+ TLS1_CK_ADH_WITH_AES_256_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* TLS v1.2 ciphersuites */
+ /* Cipher 3B */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_NULL_SHA256,
+ TLS1_CK_RSA_WITH_NULL_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher 3C */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 3D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_RSA_WITH_AES_256_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 3E */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 3F */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 40 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+#ifndef OPENSSL_NO_CAMELLIA
+ /* Camellia ciphersuites from RFC4132 (128-bit portion) */
+
+ /* Cipher 41 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 42 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 43 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 44 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 45 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 46 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+#endif /* OPENSSL_NO_CAMELLIA */
+
+#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
+ /* New TLS Export CipherSuites from expired ID */
+# if 0
+ /* Cipher 60 */
+ {
+ 1,
+ TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
+ TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 128,
+ },
+
+ /* Cipher 61 */
+ {
+ 1,
+ TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+ TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 128,
+ },
+# endif
+
+ /* Cipher 62 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+ TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+# endif
+
+ /* Cipher 63 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+ TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 56,
+ },
+# endif
+
+ /* Cipher 64 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
+ TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 128,
+ },
+# endif
+
+ /* Cipher 65 */
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+ TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 56,
+ 128,
+ },
+# endif
+
+ /* Cipher 66 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
+ TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+#endif
+
+ /* TLS v1.2 ciphersuites */
+ /* Cipher 67 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 68 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 69 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6A */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6B */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6C */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 6D */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_SHA256,
+ TLS1_CK_ADH_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* GOST Ciphersuites */
+
+ {
+ 1,
+ "GOST94-GOST89-GOST89",
+ 0x3000080,
+ SSL_kGOST,
+ SSL_aGOST94,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST2001-GOST89-GOST89",
+ 0x3000081,
+ SSL_kGOST,
+ SSL_aGOST01,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST94-NULL-GOST94",
+ 0x3000082,
+ SSL_kGOST,
+ SSL_aGOST94,
+ SSL_eNULL,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+ 0,
+ 0},
+ {
+ 1,
+ "GOST2001-NULL-GOST94",
+ 0x3000083,
+ SSL_kGOST,
+ SSL_aGOST01,
+ SSL_eNULL,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+ 0,
+ 0},
+
+#ifndef OPENSSL_NO_CAMELLIA
+ /* Camellia ciphersuites from RFC4132 (256-bit portion) */
+
+ /* Cipher 84 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ /* Cipher 85 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 86 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 87 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 88 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 89 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_CAMELLIA */
+
+#ifndef OPENSSL_NO_PSK
+ /* Cipher 8A */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_RC4_128_SHA,
+ TLS1_CK_PSK_WITH_RC4_128_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 8B */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher 8C */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 8D */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_PSK */
+
+#ifndef OPENSSL_NO_SEED
+ /* SEED ciphersuites from RFC4162 */
+
+ /* Cipher 96 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_SEED_SHA,
+ TLS1_CK_RSA_WITH_SEED_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 97 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_SEED_SHA,
+ TLS1_CK_DH_DSS_WITH_SEED_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 98 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_SEED_SHA,
+ TLS1_CK_DH_RSA_WITH_SEED_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 99 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+ TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9A */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+ TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9B */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_SEED_SHA,
+ TLS1_CK_ADH_WITH_SEED_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+#endif /* OPENSSL_NO_SEED */
+
+ /* GCM ciphersuites from RFC5288 */
+
+ /* Cipher 9C */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher 9E */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9F */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A0 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A1 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A2 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A3 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A4 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A5 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A6 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A7 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+#ifndef OPENSSL_NO_ECDH
+ /* Cipher C001 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C002 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C003 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C004 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C005 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C006 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C007 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C008 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C009 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C00A */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C00B */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+ TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C00C */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C00D */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C00E */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C00F */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C010 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C011 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C012 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C013 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C014 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C015 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+ TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C016 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C017 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C018 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C019 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_SRP
+ /* Cipher C01A */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01B */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01C */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01D */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01E */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01F */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C020 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C021 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C022 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_ECDH
+
+ /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C023 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C024 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C025 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C026 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C027 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C028 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C029 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02A */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* GCM based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C02B */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02C */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02D */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02E */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02F */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C030 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C031 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C032 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+#endif /* OPENSSL_NO_ECDH */
+
+#ifdef TEMP_GOST_TLS
+/* Cipher FF00 */
+ {
+ 1,
+ "GOST-MD5",
+ 0x0300ff00,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_MD5,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ "GOST-GOST94",
+ 0x0300ff01,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST-GOST89MAC",
+ 0x0300ff02,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST-GOST89STREAM",
+ 0x0300ff03,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC,
+ 256,
+ 256},
+#endif
+
+/* end of list */
+};
+
+SSL3_ENC_METHOD SSLv3_enc_data = {
+ ssl3_enc,
+ n_ssl3_mac,
+ ssl3_setup_key_block,
+ ssl3_generate_master_secret,
+ ssl3_change_cipher_state,
+ ssl3_final_finish_mac,
+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+ ssl3_cert_verify_mac,
+ SSL3_MD_CLIENT_FINISHED_CONST, 4,
+ SSL3_MD_SERVER_FINISHED_CONST, 4,
+ ssl3_alert_code,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
+ int use_context))ssl_undefined_function,
+};
+
+long ssl3_default_timeout(void)
+{
+ /*
+ * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
+ * http, the cache would over fill
+ */
+ return (60 * 60 * 2);
+}
+
+int ssl3_num_ciphers(void)
+{
+ return (SSL3_NUM_CIPHERS);
+}
+
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
+{
+ if (u < SSL3_NUM_CIPHERS)
+ return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
+ else
+ return (NULL);
+}
+
+int ssl3_pending(const SSL *s)
+{
+ if (s->rstate == SSL_ST_READ_BODY)
+ return 0;
+
+ return (s->s3->rrec.type ==
+ SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
+}
+
+int ssl3_new(SSL *s)
+{
+ SSL3_STATE *s3;
+
+ if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
+ goto err;
+ memset(s3, 0, sizeof *s3);
+ memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
+ memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
+
+ s->s3 = s3;
+
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_init(s);
+#endif
+ s->method->ssl_clear(s);
+ return (1);
+ err:
+ return (0);
+}
+
+void ssl3_free(SSL *s)
+{
+ if (s == NULL || s->s3 == NULL)
+ return;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ if (s->s3->server_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+#endif
+
+ ssl3_cleanup_key_block(s);
+ if (s->s3->rbuf.buf != NULL)
+ ssl3_release_read_buffer(s);
+ if (s->s3->wbuf.buf != NULL)
+ ssl3_release_write_buffer(s);
+ if (s->s3->rrec.comp != NULL)
+ OPENSSL_free(s->s3->rrec.comp);
+#ifndef OPENSSL_NO_DH
+ if (s->s3->tmp.dh != NULL)
+ DH_free(s->s3->tmp.dh);
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (s->s3->tmp.ecdh != NULL)
+ EC_KEY_free(s->s3->tmp.ecdh);
+#endif
+
+ if (s->s3->tmp.ca_names != NULL)
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ if (s->s3->handshake_buffer) {
+ BIO_free(s->s3->handshake_buffer);
+ }
+ if (s->s3->handshake_dgst)
+ ssl3_free_digest_list(s);
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_free(s);
+#endif
+ OPENSSL_cleanse(s->s3, sizeof *s->s3);
+ OPENSSL_free(s->s3);
+ s->s3 = NULL;
+}
+
+void ssl3_clear(SSL *s)
+{
+ unsigned char *rp, *wp;
+ size_t rlen, wlen;
+ int init_extra;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ s->s3->client_opaque_prf_input = NULL;
+ if (s->s3->server_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+ s->s3->server_opaque_prf_input = NULL;
+#endif
+
+ ssl3_cleanup_key_block(s);
+ if (s->s3->tmp.ca_names != NULL)
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+
+ if (s->s3->rrec.comp != NULL) {
+ OPENSSL_free(s->s3->rrec.comp);
+ s->s3->rrec.comp = NULL;
+ }
+#ifndef OPENSSL_NO_DH
+ if (s->s3->tmp.dh != NULL) {
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh = NULL;
+ }
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (s->s3->tmp.ecdh != NULL) {
+ EC_KEY_free(s->s3->tmp.ecdh);
+ s->s3->tmp.ecdh = NULL;
+ }
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+ s->s3->is_probably_safari = 0;
+# endif /* !OPENSSL_NO_EC */
+#endif /* !OPENSSL_NO_TLSEXT */
+
+ rp = s->s3->rbuf.buf;
+ wp = s->s3->wbuf.buf;
+ rlen = s->s3->rbuf.len;
+ wlen = s->s3->wbuf.len;
+ init_extra = s->s3->init_extra;
+ if (s->s3->handshake_buffer) {
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ }
+ if (s->s3->handshake_dgst) {
+ ssl3_free_digest_list(s);
+ }
+ memset(s->s3, 0, sizeof *s->s3);
+ s->s3->rbuf.buf = rp;
+ s->s3->wbuf.buf = wp;
+ s->s3->rbuf.len = rlen;
+ s->s3->wbuf.len = wlen;
+ s->s3->init_extra = init_extra;
+
+ ssl_free_wbio_buffer(s);
+
+ s->packet_length = 0;
+ s->s3->renegotiate = 0;
+ s->s3->total_renegotiations = 0;
+ s->s3->num_renegotiations = 0;
+ s->s3->in_read_app_data = 0;
+ s->version = SSL3_VERSION;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (s->next_proto_negotiated) {
+ OPENSSL_free(s->next_proto_negotiated);
+ s->next_proto_negotiated = NULL;
+ s->next_proto_negotiated_len = 0;
+ }
+#endif
+}
+
+#ifndef OPENSSL_NO_SRP
+static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
+{
+ return BUF_strdup(s->srp_ctx.info);
+}
+#endif
+
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+ int ret = 0;
+
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
+ if (
+# ifndef OPENSSL_NO_RSA
+ cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+# endif
+# ifndef OPENSSL_NO_DSA
+ cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB ||
+# endif
+ 0) {
+ if (!ssl_cert_inst(&s->cert)) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ }
+#endif
+
+ switch (cmd) {
+ case SSL_CTRL_GET_SESSION_REUSED:
+ ret = s->hit;
+ break;
+ case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
+ break;
+ case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
+ ret = s->s3->num_renegotiations;
+ break;
+ case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
+ ret = s->s3->num_renegotiations;
+ s->s3->num_renegotiations = 0;
+ break;
+ case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
+ ret = s->s3->total_renegotiations;
+ break;
+ case SSL_CTRL_GET_FLAGS:
+ ret = (int)(s->s3->flags);
+ break;
+#ifndef OPENSSL_NO_RSA
+ case SSL_CTRL_NEED_TMP_RSA:
+ if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
+ ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+ (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
+ (512 / 8))))
+ ret = 1;
+ break;
+ case SSL_CTRL_SET_TMP_RSA:
+ {
+ RSA *rsa = (RSA *)parg;
+ if (rsa == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return (ret);
+ }
+ if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
+ return (ret);
+ }
+ if (s->cert->rsa_tmp != NULL)
+ RSA_free(s->cert->rsa_tmp);
+ s->cert->rsa_tmp = rsa;
+ ret = 1;
+ }
+ break;
+ case SSL_CTRL_SET_TMP_RSA_CB:
+ {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (ret);
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
+ case SSL_CTRL_SET_TMP_DH:
+ {
+ DH *dh = (DH *)parg;
+ if (dh == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return (ret);
+ }
+ if ((dh = DHparams_dup(dh)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+ return (ret);
+ }
+ if (s->cert->dh_tmp != NULL)
+ DH_free(s->cert->dh_tmp);
+ s->cert->dh_tmp = dh;
+ ret = 1;
+ }
+ break;
+ case SSL_CTRL_SET_TMP_DH_CB:
+ {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (ret);
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ case SSL_CTRL_SET_TMP_ECDH:
+ {
+ EC_KEY *ecdh = NULL;
+
+ if (parg == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ return (ret);
+ }
+ if (!EC_KEY_up_ref((EC_KEY *)parg)) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+ return (ret);
+ }
+ ecdh = (EC_KEY *)parg;
+ if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ EC_KEY_free(ecdh);
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+ return (ret);
+ }
+ }
+ if (s->cert->ecdh_tmp != NULL)
+ EC_KEY_free(s->cert->ecdh_tmp);
+ s->cert->ecdh_tmp = ecdh;
+ ret = 1;
+ }
+ break;
+ case SSL_CTRL_SET_TMP_ECDH_CB:
+ {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (ret);
+ }
+ break;
+#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL_CTRL_SET_TLSEXT_HOSTNAME:
+ if (larg == TLSEXT_NAMETYPE_host_name) {
+ size_t len;
+
+ if (s->tlsext_hostname != NULL)
+ OPENSSL_free(s->tlsext_hostname);
+ s->tlsext_hostname = NULL;
+
+ ret = 1;
+ if (parg == NULL)
+ break;
+ len = strlen((char *)parg);
+ if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
+ SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
+ return 0;
+ }
+ if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ } else {
+ SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
+ return 0;
+ }
+ break;
+ case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
+ s->tlsext_debug_arg = parg;
+ ret = 1;
+ break;
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
+ if (larg > 12288) { /* actual internal limit is 2^16 for the
+ * complete hello message * (including the
+ * cert chain and everything) */
+ SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
+ break;
+ }
+ if (s->tlsext_opaque_prf_input != NULL)
+ OPENSSL_free(s->tlsext_opaque_prf_input);
+ if ((size_t)larg == 0)
+ s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte
+ * just to get
+ * non-NULL */
+ else
+ s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
+ if (s->tlsext_opaque_prf_input != NULL) {
+ s->tlsext_opaque_prf_input_len = (size_t)larg;
+ ret = 1;
+ } else
+ s->tlsext_opaque_prf_input_len = 0;
+ break;
+# endif
+
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
+ s->tlsext_status_type = larg;
+ ret = 1;
+ break;
+
+ case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
+ *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
+ ret = 1;
+ break;
+
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
+ s->tlsext_ocsp_exts = parg;
+ ret = 1;
+ break;
+
+ case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
+ *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
+ ret = 1;
+ break;
+
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
+ s->tlsext_ocsp_ids = parg;
+ ret = 1;
+ break;
+
+ case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
+ *(unsigned char **)parg = s->tlsext_ocsp_resp;
+ return s->tlsext_ocsp_resplen;
+
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
+ if (s->tlsext_ocsp_resp)
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ s->tlsext_ocsp_resp = parg;
+ s->tlsext_ocsp_resplen = larg;
+ ret = 1;
+ break;
+
+# ifndef OPENSSL_NO_HEARTBEATS
+ case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
+ if (SSL_version(s) == DTLS1_VERSION
+ || SSL_version(s) == DTLS1_BAD_VER)
+ ret = dtls1_heartbeat(s);
+ else
+ ret = tls1_heartbeat(s);
+ break;
+
+ case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
+ ret = s->tlsext_hb_pending;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
+ if (larg)
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+ else
+ s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+ ret = 1;
+ break;
+# endif
+
+#endif /* !OPENSSL_NO_TLSEXT */
+
+ case SSL_CTRL_CHECK_PROTO_VERSION:
+ /*
+ * For library-internal use; checks that the current protocol is the
+ * highest enabled version (according to s->ctx->method, as version
+ * negotiation may have changed s->method).
+ */
+ if (s->version == s->ctx->method->version)
+ return 1;
+ /*
+ * Apparently we're using a version-flexible SSL_METHOD (not at its
+ * highest protocol version).
+ */
+ if (s->ctx->method->version == SSLv23_method()->version) {
+#if TLS_MAX_VERSION != TLS1_2_VERSION
+# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
+#endif
+ if (!(s->options & SSL_OP_NO_TLSv1_2))
+ return s->version == TLS1_2_VERSION;
+ if (!(s->options & SSL_OP_NO_TLSv1_1))
+ return s->version == TLS1_1_VERSION;
+ if (!(s->options & SSL_OP_NO_TLSv1))
+ return s->version == TLS1_VERSION;
+ if (!(s->options & SSL_OP_NO_SSLv3))
+ return s->version == SSL3_VERSION;
+ if (!(s->options & SSL_OP_NO_SSLv2))
+ return s->version == SSL2_VERSION;
+ }
+ return 0; /* Unexpected state; fail closed. */
+
+ default:
+ break;
+ }
+ return (ret);
+}
+
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+{
+ int ret = 0;
+
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
+ if (
+# ifndef OPENSSL_NO_RSA
+ cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+# endif
+# ifndef OPENSSL_NO_DSA
+ cmd == SSL_CTRL_SET_TMP_DH_CB ||
+# endif
+ 0) {
+ if (!ssl_cert_inst(&s->cert)) {
+ SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ }
+#endif
+
+ switch (cmd) {
+#ifndef OPENSSL_NO_RSA
+ case SSL_CTRL_SET_TMP_RSA_CB:
+ {
+ s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
+ case SSL_CTRL_SET_TMP_DH_CB:
+ {
+ s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ case SSL_CTRL_SET_TMP_ECDH_CB:
+ {
+ s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
+ s->tlsext_debug_cb = (void (*)(SSL *, int, int,
+ unsigned char *, int, void *))fp;
+ break;
+#endif
+ default:
+ break;
+ }
+ return (ret);
+}
+
+long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
+ CERT *cert;
+
+ cert = ctx->cert;
+
+ switch (cmd) {
+#ifndef OPENSSL_NO_RSA
+ case SSL_CTRL_NEED_TMP_RSA:
+ if ((cert->rsa_tmp == NULL) &&
+ ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+ (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
+ (512 / 8)))
+ )
+ return (1);
+ else
+ return (0);
+ /* break; */
+ case SSL_CTRL_SET_TMP_RSA:
+ {
+ RSA *rsa;
+ int i;
+
+ rsa = (RSA *)parg;
+ i = 1;
+ if (rsa == NULL)
+ i = 0;
+ else {
+ if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
+ i = 0;
+ }
+ if (!i) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
+ return (0);
+ } else {
+ if (cert->rsa_tmp != NULL)
+ RSA_free(cert->rsa_tmp);
+ cert->rsa_tmp = rsa;
+ return (1);
+ }
+ }
+ /* break; */
+ case SSL_CTRL_SET_TMP_RSA_CB:
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
+ case SSL_CTRL_SET_TMP_DH:
+ {
+ DH *new = NULL, *dh;
+
+ dh = (DH *)parg;
+ if ((new = DHparams_dup(dh)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
+ return 0;
+ }
+ if (cert->dh_tmp != NULL)
+ DH_free(cert->dh_tmp);
+ cert->dh_tmp = new;
+ return 1;
+ }
+ /*
+ * break;
+ */
+ case SSL_CTRL_SET_TMP_DH_CB:
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ case SSL_CTRL_SET_TMP_ECDH:
+ {
+ EC_KEY *ecdh = NULL;
+
+ if (parg == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+ return 0;
+ }
+ ecdh = EC_KEY_dup((EC_KEY *)parg);
+ if (ecdh == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
+ return 0;
+ }
+ if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ EC_KEY_free(ecdh);
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+ return 0;
+ }
+ }
+
+ if (cert->ecdh_tmp != NULL) {
+ EC_KEY_free(cert->ecdh_tmp);
+ }
+ cert->ecdh_tmp = ecdh;
+ return 1;
+ }
+ /* break; */
+ case SSL_CTRL_SET_TMP_ECDH_CB:
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
+ }
+ break;
+#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
+ ctx->tlsext_servername_arg = parg;
+ break;
+ case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
+ case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
+ {
+ unsigned char *keys = parg;
+ if (!keys)
+ return 48;
+ if (larg != 48) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+ return 0;
+ }
+ if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
+ memcpy(ctx->tlsext_tick_key_name, keys, 16);
+ memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+ memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+ } else {
+ memcpy(keys, ctx->tlsext_tick_key_name, 16);
+ memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
+ memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
+ }
+ return 1;
+ }
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
+ ctx->tlsext_opaque_prf_input_callback_arg = parg;
+ return 1;
+# endif
+
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
+ ctx->tlsext_status_arg = parg;
+ return 1;
+ break;
+
+# ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ if (ctx->srp_ctx.login != NULL)
+ OPENSSL_free(ctx->srp_ctx.login);
+ ctx->srp_ctx.login = NULL;
+ if (parg == NULL)
+ break;
+ if (strlen((const char *)parg) > 255
+ || strlen((const char *)parg) < 1) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
+ return 0;
+ }
+ if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+ srp_password_from_info_cb;
+ ctx->srp_ctx.info = parg;
+ break;
+ case SSL_CTRL_SET_SRP_ARG:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.SRP_cb_arg = parg;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
+ ctx->srp_ctx.strength = larg;
+ break;
+# endif
+#endif /* !OPENSSL_NO_TLSEXT */
+
+ /* A Thawte special :-) */
+ case SSL_CTRL_EXTRA_CHAIN_CERT:
+ if (ctx->extra_certs == NULL) {
+ if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
+ return (0);
+ }
+ sk_X509_push(ctx->extra_certs, (X509 *)parg);
+ break;
+
+ case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
+ *(STACK_OF(X509) **)parg = ctx->extra_certs;
+ break;
+
+ case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
+ if (ctx->extra_certs) {
+ sk_X509_pop_free(ctx->extra_certs, X509_free);
+ ctx->extra_certs = NULL;
+ }
+ break;
+
+ default:
+ return (0);
+ }
+ return (1);
+}
+
+long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+{
+ CERT *cert;
+
+ cert = ctx->cert;
+
+ switch (cmd) {
+#ifndef OPENSSL_NO_RSA
+ case SSL_CTRL_SET_TMP_RSA_CB:
+ {
+ cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
+ case SSL_CTRL_SET_TMP_DH_CB:
+ {
+ cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ case SSL_CTRL_SET_TMP_ECDH_CB:
+ {
+ cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
+ ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
+ break;
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
+ ctx->tlsext_opaque_prf_input_callback =
+ (int (*)(SSL *, void *, size_t, void *))fp;
+ break;
+# endif
+
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
+ ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
+ break;
+
+ case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
+ ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
+ unsigned char *,
+ EVP_CIPHER_CTX *,
+ HMAC_CTX *, int))fp;
+ break;
+
+# ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.TLS_ext_srp_username_callback =
+ (int (*)(SSL *, int *, void *))fp;
+ break;
+ case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+ (char *(*)(SSL *, void *))fp;
+ break;
+# endif
+#endif
+
+ default:
+ return (0);
+ }
+ return (1);
+}
+
+/*
+ * This function needs to check if the ciphers required are actually
+ * available
+ */
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
+{
+ SSL_CIPHER c;
+ const SSL_CIPHER *cp;
+ unsigned long id;
+
+ id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
+ c.id = id;
+ cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
+ if (cp == NULL)
+ fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
+#endif
+ if (cp == NULL || cp->valid == 0)
+ return NULL;
+ else
+ return cp;
+}
+
+int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+{
+ long l;
+
+ if (p != NULL) {
+ l = c->id;
+ if ((l & 0xff000000) != 0x03000000)
+ return (0);
+ p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
+ p[1] = ((unsigned char)(l)) & 0xFF;
+ }
+ return (2);
+}
+
+SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+ STACK_OF(SSL_CIPHER) *srvr)
+{
+ SSL_CIPHER *c, *ret = NULL;
+ STACK_OF(SSL_CIPHER) *prio, *allow;
+ int i, ii, ok;
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
+ unsigned int j;
+ int ec_ok, ec_nid;
+ unsigned char ec_search1 = 0, ec_search2 = 0;
+#endif
+ CERT *cert;
+ unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
+
+ /* Let's see which ciphers we can support */
+ cert = s->cert;
+
+#if 0
+ /*
+ * Do not set the compare functions, because this may lead to a
+ * reordering by "id". We want to keep the original ordering. We may pay
+ * a price in performance during sk_SSL_CIPHER_find(), but would have to
+ * pay with the price of sk_SSL_CIPHER_dup().
+ */
+ sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
+ sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
+#endif
+
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
+ (void *)srvr);
+ for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
+ c = sk_SSL_CIPHER_value(srvr, i);
+ fprintf(stderr, "%p:%s\n", (void *)c, c->name);
+ }
+ fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
+ (void *)clnt);
+ for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
+ c = sk_SSL_CIPHER_value(clnt, i);
+ fprintf(stderr, "%p:%s\n", (void *)c, c->name);
+ }
+#endif
+
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+ prio = srvr;
+ allow = clnt;
+ } else {
+ prio = clnt;
+ allow = srvr;
+ }
+
+ for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
+ c = sk_SSL_CIPHER_value(prio, i);
+
+ /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_version(s) < TLS1_2_VERSION))
+ continue;
+
+ ssl_set_cert_masks(cert, c);
+ mask_k = cert->mask_k;
+ mask_a = cert->mask_a;
+ emask_k = cert->export_mask_k;
+ emask_a = cert->export_mask_a;
+#ifndef OPENSSL_NO_SRP
+ if (s->srp_ctx.srp_Mask & SSL_kSRP) {
+ mask_k |= SSL_kSRP;
+ emask_k |= SSL_kSRP;
+ mask_a |= SSL_aSRP;
+ emask_a |= SSL_aSRP;
+ }
+#endif
+
+#ifdef KSSL_DEBUG
+ /*
+ * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n",
+ * i,c->algorithms);
+ */
+#endif /* KSSL_DEBUG */
+
+ alg_k = c->algorithm_mkey;
+ alg_a = c->algorithm_auth;
+
+#ifndef OPENSSL_NO_KRB5
+ if (alg_k & SSL_kKRB5) {
+ if (!kssl_keytab_is_available(s->kssl_ctx))
+ continue;
+ }
+#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+ /* with PSK there must be server callback set */
+ if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
+ continue;
+#endif /* OPENSSL_NO_PSK */
+
+ if (SSL_C_IS_EXPORT(c)) {
+ ok = (alg_k & emask_k) && (alg_a & emask_a);
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
+ ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name);
+#endif
+ } else {
+ ok = (alg_k & mask_k) && (alg_a & mask_a);
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
+ alg_a, mask_k, mask_a, (void *)c, c->name);
+#endif
+ }
+
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+ if (
+ /*
+ * if we are considering an ECC cipher suite that uses our
+ * certificate
+ */
+ (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+ /* and we have an ECC certificate */
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+ /*
+ * and the client specified a Supported Point Formats
+ * extension
+ */
+ && ((s->session->tlsext_ecpointformatlist_length > 0)
+ && (s->session->tlsext_ecpointformatlist != NULL))
+ /* and our certificate's point is compressed */
+ && ((s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key !=
+ NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key->data != NULL)
+ &&
+ ((*
+ (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key->data) == POINT_CONVERSION_COMPRESSED)
+ ||
+ (*
+ (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key->data) ==
+ POINT_CONVERSION_COMPRESSED + 1)
+ )
+ )
+ ) {
+ ec_ok = 0;
+ /*
+ * if our certificate's curve is over a field type that the
+ * client does not support then do not allow this cipher suite to
+ * be negotiated
+ */
+ if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group !=
+ NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
+ group->meth != NULL)
+ &&
+ (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
+ group->meth) == NID_X9_62_prime_field)
+ ) {
+ for (j = 0; j < s->session->tlsext_ecpointformatlist_length;
+ j++) {
+ if (s->session->tlsext_ecpointformatlist[j] ==
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ } else
+ if (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
+ group->meth) == NID_X9_62_characteristic_two_field) {
+ for (j = 0; j < s->session->tlsext_ecpointformatlist_length;
+ j++) {
+ if (s->session->tlsext_ecpointformatlist[j] ==
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ }
+ ok = ok && ec_ok;
+ }
+ if (
+ /*
+ * if we are considering an ECC cipher suite that uses our
+ * certificate
+ */
+ (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+ /* and we have an ECC certificate */
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+ /*
+ * and the client specified an EllipticCurves extension
+ */
+ && ((s->session->tlsext_ellipticcurvelist_length > 0)
+ && (s->session->tlsext_ellipticcurvelist != NULL))
+ ) {
+ ec_ok = 0;
+ if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group !=
+ NULL)
+ ) {
+ ec_nid =
+ EC_GROUP_get_curve_name(s->cert->
+ pkeys[SSL_PKEY_ECC].privatekey->
+ pkey.ec->group);
+ if ((ec_nid == 0)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.
+ ec->group->meth != NULL)
+ ) {
+ if (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.
+ ec->group->meth) == NID_X9_62_prime_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x01;
+ } else
+ if (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->
+ pkey.ec->group->meth) ==
+ NID_X9_62_characteristic_two_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x02;
+ }
+ } else {
+ ec_search1 = 0x00;
+ ec_search2 = tls1_ec_nid2curve_id(ec_nid);
+ }
+ if ((ec_search1 != 0) || (ec_search2 != 0)) {
+ for (j = 0;
+ j < s->session->tlsext_ellipticcurvelist_length / 2;
+ j++) {
+ if ((s->session->tlsext_ellipticcurvelist[2 * j] ==
+ ec_search1)
+ && (s->session->tlsext_ellipticcurvelist[2 * j +
+ 1] ==
+ ec_search2)) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ }
+ }
+ ok = ok && ec_ok;
+ }
+# ifndef OPENSSL_NO_ECDH
+ if (
+ /*
+ * if we are considering an ECC cipher suite that uses an
+ * ephemeral EC key
+ */
+ (alg_k & SSL_kEECDH)
+ /* and we have an ephemeral EC key */
+ && (s->cert->ecdh_tmp != NULL)
+ /*
+ * and the client specified an EllipticCurves extension
+ */
+ && ((s->session->tlsext_ellipticcurvelist_length > 0)
+ && (s->session->tlsext_ellipticcurvelist != NULL))
+ ) {
+ ec_ok = 0;
+ if (s->cert->ecdh_tmp->group != NULL) {
+ ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
+ if ((ec_nid == 0)
+ && (s->cert->ecdh_tmp->group->meth != NULL)
+ ) {
+ if (EC_METHOD_get_field_type
+ (s->cert->ecdh_tmp->group->meth) ==
+ NID_X9_62_prime_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x01;
+ } else
+ if (EC_METHOD_get_field_type
+ (s->cert->ecdh_tmp->group->meth) ==
+ NID_X9_62_characteristic_two_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x02;
+ }
+ } else {
+ ec_search1 = 0x00;
+ ec_search2 = tls1_ec_nid2curve_id(ec_nid);
+ }
+ if ((ec_search1 != 0) || (ec_search2 != 0)) {
+ for (j = 0;
+ j < s->session->tlsext_ellipticcurvelist_length / 2;
+ j++) {
+ if ((s->session->tlsext_ellipticcurvelist[2 * j] ==
+ ec_search1)
+ && (s->session->tlsext_ellipticcurvelist[2 * j +
+ 1] ==
+ ec_search2)) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ }
+ }
+ ok = ok && ec_ok;
+ }
+# endif /* OPENSSL_NO_ECDH */
+# endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
+
+ if (!ok)
+ continue;
+ ii = sk_SSL_CIPHER_find(allow, c);
+ if (ii >= 0) {
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
+ if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA)
+ && s->s3->is_probably_safari) {
+ if (!ret)
+ ret = sk_SSL_CIPHER_value(allow, ii);
+ continue;
+ }
+#endif
+ ret = sk_SSL_CIPHER_value(allow, ii);
+ break;
+ }
+ }
+ return (ret);
+}
+
+int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
+{
+ int ret = 0;
+ unsigned long alg_k;
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+#ifndef OPENSSL_NO_GOST
+ if (s->version >= TLS1_VERSION) {
+ if (alg_k & SSL_kGOST) {
+ p[ret++] = TLS_CT_GOST94_SIGN;
+ p[ret++] = TLS_CT_GOST01_SIGN;
+ return (ret);
+ }
+ }
+#endif
+
+#ifndef OPENSSL_NO_DH
+ if (alg_k & (SSL_kDHr | SSL_kEDH)) {
+# ifndef OPENSSL_NO_RSA
+ p[ret++] = SSL3_CT_RSA_FIXED_DH;
+# endif
+# ifndef OPENSSL_NO_DSA
+ p[ret++] = SSL3_CT_DSS_FIXED_DH;
+# endif
+ }
+ if ((s->version == SSL3_VERSION) &&
+ (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
+# ifndef OPENSSL_NO_RSA
+ p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
+# endif
+# ifndef OPENSSL_NO_DSA
+ p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
+# endif
+ }
+#endif /* !OPENSSL_NO_DH */
+#ifndef OPENSSL_NO_RSA
+ p[ret++] = SSL3_CT_RSA_SIGN;
+#endif
+#ifndef OPENSSL_NO_DSA
+ p[ret++] = SSL3_CT_DSS_SIGN;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
+ p[ret++] = TLS_CT_RSA_FIXED_ECDH;
+ p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
+ }
+#endif
+
+#ifndef OPENSSL_NO_ECDSA
+ /*
+ * ECDSA certs can be used with RSA cipher suites as well so we don't
+ * need to check for SSL_kECDH or SSL_kEECDH
+ */
+ if (s->version >= TLS1_VERSION) {
+ p[ret++] = TLS_CT_ECDSA_SIGN;
+ }
+#endif
+ return (ret);
+}
+
+int ssl3_shutdown(SSL *s)
+{
+ int ret;
+
+ /*
+ * Don't do anything much if we have not done the handshake or we don't
+ * want to send messages :-)
+ */
+ if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
+ s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ return (1);
+ }
+
+ if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
+ s->shutdown |= SSL_SENT_SHUTDOWN;
+#if 1
+ ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
+#endif
+ /*
+ * our shutdown alert has been sent now, and if it still needs to be
+ * written, s->s3->alert_dispatch will be true
+ */
+ if (s->s3->alert_dispatch)
+ return (-1); /* return WANT_WRITE */
+ } else if (s->s3->alert_dispatch) {
+ /* resend it if not sent */
+#if 1
+ ret = s->method->ssl_dispatch_alert(s);
+ if (ret == -1) {
+ /*
+ * we only get to return -1 here the 2nd/Nth invocation, we must
+ * have already signalled return 0 upon a previous invoation,
+ * return WANT_WRITE
+ */
+ return (ret);
+ }
+#endif
+ } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
+ /*
+ * If we are waiting for a close from our peer, we are closed
+ */
+ s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
+ if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
+ return (-1); /* return WANT_READ */
+ }
+ }
+
+ if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
+ !s->s3->alert_dispatch)
+ return (1);
+ else
+ return (0);
+}
+
+int ssl3_write(SSL *s, const void *buf, int len)
+{
+ int ret, n;
+
+#if 0
+ if (s->shutdown & SSL_SEND_SHUTDOWN) {
+ s->rwstate = SSL_NOTHING;
+ return (0);
+ }
+#endif
+ clear_sys_error();
+ if (s->s3->renegotiate)
+ ssl3_renegotiate_check(s);
+
+ /*
+ * This is an experimental flag that sends the last handshake message in
+ * the same packet as the first use data - used to see if it helps the
+ * TCP protocol during session-id reuse
+ */
+ /* The second test is because the buffer may have been removed */
+ if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
+ /* First time through, we write into the buffer */
+ if (s->s3->delay_buf_pop_ret == 0) {
+ ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len);
+ if (ret <= 0)
+ return (ret);
+
+ s->s3->delay_buf_pop_ret = ret;
+ }
+
+ s->rwstate = SSL_WRITING;
+ n = BIO_flush(s->wbio);
+ if (n <= 0)
+ return (n);
+ s->rwstate = SSL_NOTHING;
+
+ /* We have flushed the buffer, so remove it */
+ ssl_free_wbio_buffer(s);
+ s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
+
+ ret = s->s3->delay_buf_pop_ret;
+ s->s3->delay_buf_pop_ret = 0;
+ } else {
+ ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
+ buf, len);
+ if (ret <= 0)
+ return (ret);
+ }
+
+ return (ret);
+}
+
+static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
+{
+ int ret;
+
+ clear_sys_error();
+ if (s->s3->renegotiate)
+ ssl3_renegotiate_check(s);
+ s->s3->in_read_app_data = 1;
+ ret =
+ s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
+ peek);
+ if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
+ /*
+ * ssl3_read_bytes decided to call s->handshake_func, which called
+ * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
+ * actually found application data and thinks that application data
+ * makes sense here; so disable handshake processing and try to read
+ * application data again.
+ */
+ s->in_handshake++;
+ ret =
+ s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
+ peek);
+ s->in_handshake--;
+ } else
+ s->s3->in_read_app_data = 0;
+
+ return (ret);
+}
+
+int ssl3_read(SSL *s, void *buf, int len)
+{
+ return ssl3_read_internal(s, buf, len, 0);
+}
+
+int ssl3_peek(SSL *s, void *buf, int len)
+{
+ return ssl3_read_internal(s, buf, len, 1);
+}
+
+int ssl3_renegotiate(SSL *s)
+{
+ if (s->handshake_func == NULL)
+ return (1);
+
+ if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+ return (0);
+
+ s->s3->renegotiate = 1;
+ return (1);
+}
+
+int ssl3_renegotiate_check(SSL *s)
+{
+ int ret = 0;
+
+ if (s->s3->renegotiate) {
+ if ((s->s3->rbuf.left == 0) &&
+ (s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
+ /*
+ * if we are the server, and we have sent a 'RENEGOTIATE'
+ * message, we need to go to SSL_ST_ACCEPT.
+ */
+ /* SSL_ST_ACCEPT */
+ s->state = SSL_ST_RENEGOTIATE;
+ s->s3->renegotiate = 0;
+ s->s3->num_renegotiations++;
+ s->s3->total_renegotiations++;
+ ret = 1;
+ }
+ }
+ return (ret);
+}
+
+/*
+ * If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
+ * to new SHA256 PRF and handshake macs
+ */
+long ssl_get_algorithm2(SSL *s)
+{
+ long alg2 = s->s3->tmp.new_cipher->algorithm2;
+ if (s->method->version == TLS1_2_VERSION &&
+ alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
+ return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
+ return alg2;
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/s3_srvr.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,3654 +0,0 @@
-/* ssl/s3_srvr.c -*- mode:C; c-file-style: "eay" -*- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#define REUSE_CIPHER_BUG
-#define NETSCAPE_HANG_BUG
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include "../crypto/constant_time_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_KRB5
-# include <openssl/krb5_asn.h>
-#endif
-#include <openssl/md5.h>
-
-#ifndef OPENSSL_NO_SSL3_METHOD
-static const SSL_METHOD *ssl3_get_server_method(int ver);
-
-static const SSL_METHOD *ssl3_get_server_method(int ver)
-{
- if (ver == SSL3_VERSION)
- return (SSLv3_server_method());
- else
- return (NULL);
-}
-
-IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
- ssl3_accept,
- ssl_undefined_function, ssl3_get_server_method)
-#endif
-#ifndef OPENSSL_NO_SRP
-static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
-{
- int ret = SSL_ERROR_NONE;
-
- *al = SSL_AD_UNRECOGNIZED_NAME;
-
- if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
- (s->srp_ctx.TLS_ext_srp_username_callback != NULL)) {
- if (s->srp_ctx.login == NULL) {
- /*
- * RFC 5054 says SHOULD reject, we do so if There is no srp
- * login name
- */
- ret = SSL3_AL_FATAL;
- *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
- } else {
- ret = SSL_srp_server_param_with_username(s, al);
- }
- }
- return ret;
-}
-#endif
-
-int ssl3_accept(SSL *s)
-{
- BUF_MEM *buf;
- unsigned long alg_k, Time = (unsigned long)time(NULL);
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
- int ret = -1;
- int new_state, state, skip = 0;
-
- RAND_add(&Time, sizeof(Time), 0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- /* init things to blank */
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s))
- SSL_clear(s);
-
- if (s->cert == NULL) {
- SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
- return (-1);
- }
-#ifndef OPENSSL_NO_HEARTBEATS
- /*
- * If we're awaiting a HeartbeatResponse, pretend we already got and
- * don't await it anymore, because Heartbeats don't make sense during
- * handshakes anyway.
- */
- if (s->tlsext_hb_pending) {
- s->tlsext_hb_pending = 0;
- s->tlsext_hb_seq++;
- }
-#endif
-
- for (;;) {
- state = s->state;
-
- switch (s->state) {
- case SSL_ST_RENEGOTIATE:
- s->renegotiate = 1;
- /* s->state=SSL_ST_ACCEPT; */
-
- case SSL_ST_BEFORE:
- case SSL_ST_ACCEPT:
- case SSL_ST_BEFORE | SSL_ST_ACCEPT:
- case SSL_ST_OK | SSL_ST_ACCEPT:
-
- s->server = 1;
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_START, 1);
-
- if ((s->version >> 8) != 3) {
- SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return -1;
- }
- s->type = SSL_ST_ACCEPT;
-
- if (s->init_buf == NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
- BUF_MEM_free(buf);
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- s->init_buf = buf;
- }
-
- if (!ssl3_setup_buffers(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- s->init_num = 0;
- s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
- s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
- /*
- * Should have been reset by ssl3_get_finished, too.
- */
- s->s3->change_cipher_spec = 0;
-
- if (s->state != SSL_ST_RENEGOTIATE) {
- /*
- * Ok, we now need to push on a buffering BIO so that the
- * output is sent in a way that TCP likes :-)
- */
- if (!ssl_init_wbio_buffer(s, 1)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- ssl3_init_finished_mac(s);
- s->state = SSL3_ST_SR_CLNT_HELLO_A;
- s->ctx->stats.sess_accept++;
- } else if (!s->s3->send_connection_binding &&
- !(s->options &
- SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
- /*
- * Server attempting to renegotiate with client that doesn't
- * support secure renegotiation.
- */
- SSLerr(SSL_F_SSL3_ACCEPT,
- SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- } else {
- /*
- * s->state == SSL_ST_RENEGOTIATE, we will just send a
- * HelloRequest
- */
- s->ctx->stats.sess_accept_renegotiate++;
- s->state = SSL3_ST_SW_HELLO_REQ_A;
- }
- break;
-
- case SSL3_ST_SW_HELLO_REQ_A:
- case SSL3_ST_SW_HELLO_REQ_B:
-
- s->shutdown = 0;
- ret = ssl3_send_hello_request(s);
- if (ret <= 0)
- goto end;
- s->s3->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C;
- s->state = SSL3_ST_SW_FLUSH;
- s->init_num = 0;
-
- ssl3_init_finished_mac(s);
- break;
-
- case SSL3_ST_SW_HELLO_REQ_C:
- s->state = SSL_ST_OK;
- break;
-
- case SSL3_ST_SR_CLNT_HELLO_A:
- case SSL3_ST_SR_CLNT_HELLO_B:
- case SSL3_ST_SR_CLNT_HELLO_C:
-
- s->shutdown = 0;
- if (s->rwstate != SSL_X509_LOOKUP) {
- ret = ssl3_get_client_hello(s);
- if (ret <= 0)
- goto end;
- }
-#ifndef OPENSSL_NO_SRP
- {
- int al;
- if ((ret = ssl_check_srp_ext_ClientHello(s, &al)) < 0) {
- /*
- * callback indicates firther work to be done
- */
- s->rwstate = SSL_X509_LOOKUP;
- goto end;
- }
- if (ret != SSL_ERROR_NONE) {
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- /*
- * This is not really an error but the only means to for
- * a client to detect whether srp is supported.
- */
- if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
- SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
- }
-#endif
-
- s->renegotiate = 2;
- s->state = SSL3_ST_SW_SRVR_HELLO_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_SRVR_HELLO_A:
- case SSL3_ST_SW_SRVR_HELLO_B:
- ret = ssl3_send_server_hello(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->hit) {
- if (s->tlsext_ticket_expected)
- s->state = SSL3_ST_SW_SESSION_TICKET_A;
- else
- s->state = SSL3_ST_SW_CHANGE_A;
- }
-#else
- if (s->hit)
- s->state = SSL3_ST_SW_CHANGE_A;
-#endif
- else
- s->state = SSL3_ST_SW_CERT_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_CERT_A:
- case SSL3_ST_SW_CERT_B:
- /* Check if it is anon DH or anon ECDH, */
- /* normal PSK or KRB5 or SRP */
- if (!
- (s->s3->tmp.
- new_cipher->algorithm_auth & (SSL_aNULL | SSL_aKRB5 |
- SSL_aSRP))
-&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- ret = ssl3_send_server_certificate(s);
- if (ret <= 0)
- goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_status_expected)
- s->state = SSL3_ST_SW_CERT_STATUS_A;
- else
- s->state = SSL3_ST_SW_KEY_EXCH_A;
- } else {
- skip = 1;
- s->state = SSL3_ST_SW_KEY_EXCH_A;
- }
-#else
- } else
- skip = 1;
-
- s->state = SSL3_ST_SW_KEY_EXCH_A;
-#endif
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_KEY_EXCH_A:
- case SSL3_ST_SW_KEY_EXCH_B:
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
- /*
- * clear this, it may get reset by
- * send_server_key_exchange
- */
- s->s3->tmp.use_rsa_tmp = 0;
-
- /*
- * only send if a DH key exchange, fortezza or RSA but we have a
- * sign only certificate PSK: may send PSK identity hints For
- * ECC ciphersuites, we send a serverKeyExchange message only if
- * the cipher suite is either ECDH-anon or ECDHE. In other cases,
- * the server certificate contains the server's public key for
- * key exchange.
- */
- if (0
- /*
- * PSK: send ServerKeyExchange if PSK identity hint if
- * provided
- */
-#ifndef OPENSSL_NO_PSK
- || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
-#endif
-#ifndef OPENSSL_NO_SRP
- /* SRP: send ServerKeyExchange */
- || (alg_k & SSL_kSRP)
-#endif
- || (alg_k & (SSL_kDHr | SSL_kDHd | SSL_kEDH))
- || (alg_k & SSL_kEECDH)
- || ((alg_k & SSL_kRSA)
- && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
- && EVP_PKEY_size(s->cert->pkeys
- [SSL_PKEY_RSA_ENC].privatekey) *
- 8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
- )
- )
- )
- ) {
- ret = ssl3_send_server_key_exchange(s);
- if (ret <= 0)
- goto end;
- } else
- skip = 1;
-
- s->state = SSL3_ST_SW_CERT_REQ_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_CERT_REQ_A:
- case SSL3_ST_SW_CERT_REQ_B:
- if ( /* don't request cert unless asked for it: */
- !(s->verify_mode & SSL_VERIFY_PEER) ||
- /*
- * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
- * during re-negotiation:
- */
- ((s->session->peer != NULL) &&
- (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
- /*
- * never request cert in anonymous ciphersuites (see
- * section "Certificate request" in SSL 3 drafts and in
- * RFC 2246):
- */
- ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
- /*
- * ... except when the application insists on
- * verification (against the specs, but s3_clnt.c accepts
- * this for SSL 3)
- */
- !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
- /*
- * never request cert in Kerberos ciphersuites
- */
- (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||
- /* don't request certificate for SRP auth */
- (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)
- /*
- * With normal PSK Certificates and Certificate Requests
- * are omitted
- */
- || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- /* no cert request */
- skip = 1;
- s->s3->tmp.cert_request = 0;
- s->state = SSL3_ST_SW_SRVR_DONE_A;
- if (s->s3->handshake_buffer) {
- if (!ssl3_digest_cached_records(s)) {
- s->state = SSL_ST_ERR;
- return -1;
- }
- }
- } else {
- s->s3->tmp.cert_request = 1;
- ret = ssl3_send_certificate_request(s);
- if (ret <= 0)
- goto end;
-#ifndef NETSCAPE_HANG_BUG
- s->state = SSL3_ST_SW_SRVR_DONE_A;
-#else
- s->state = SSL3_ST_SW_FLUSH;
- s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-#endif
- s->init_num = 0;
- }
- break;
-
- case SSL3_ST_SW_SRVR_DONE_A:
- case SSL3_ST_SW_SRVR_DONE_B:
- ret = ssl3_send_server_done(s);
- if (ret <= 0)
- goto end;
- s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
- s->state = SSL3_ST_SW_FLUSH;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_FLUSH:
-
- /*
- * This code originally checked to see if any data was pending
- * using BIO_CTRL_INFO and then flushed. This caused problems as
- * documented in PR#1939. The proposed fix doesn't completely
- * resolve this issue as buggy implementations of
- * BIO_CTRL_PENDING still exist. So instead we just flush
- * unconditionally.
- */
-
- s->rwstate = SSL_WRITING;
- if (BIO_flush(s->wbio) <= 0) {
- ret = -1;
- goto end;
- }
- s->rwstate = SSL_NOTHING;
-
- s->state = s->s3->tmp.next_state;
- break;
-
- case SSL3_ST_SR_CERT_A:
- case SSL3_ST_SR_CERT_B:
- /* Check for second client hello (MS SGC) */
- ret = ssl3_check_client_hello(s);
- if (ret <= 0)
- goto end;
- if (ret == 2)
- s->state = SSL3_ST_SR_CLNT_HELLO_C;
- else {
- if (s->s3->tmp.cert_request) {
- ret = ssl3_get_client_certificate(s);
- if (ret <= 0)
- goto end;
- }
- s->init_num = 0;
- s->state = SSL3_ST_SR_KEY_EXCH_A;
- }
- break;
-
- case SSL3_ST_SR_KEY_EXCH_A:
- case SSL3_ST_SR_KEY_EXCH_B:
- ret = ssl3_get_client_key_exchange(s);
- if (ret <= 0)
- goto end;
- if (ret == 2) {
- /*
- * For the ECDH ciphersuites when the client sends its ECDH
- * pub key in a certificate, the CertificateVerify message is
- * not sent. Also for GOST ciphersuites when the client uses
- * its key from the certificate for key exchange.
- */
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->state = SSL3_ST_SR_FINISHED_A;
-#else
- if (s->s3->next_proto_neg_seen)
- s->state = SSL3_ST_SR_NEXT_PROTO_A;
- else
- s->state = SSL3_ST_SR_FINISHED_A;
-#endif
- s->init_num = 0;
- } else if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- s->state = SSL3_ST_SR_CERT_VRFY_A;
- s->init_num = 0;
- if (!s->session->peer)
- break;
- /*
- * For TLS v1.2 freeze the handshake buffer at this point and
- * digest cached records.
- */
- if (!s->s3->handshake_buffer) {
- SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return -1;
- }
- s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
- if (!ssl3_digest_cached_records(s)) {
- s->state = SSL_ST_ERR;
- return -1;
- }
- } else {
- int offset = 0;
- int dgst_num;
-
- s->state = SSL3_ST_SR_CERT_VRFY_A;
- s->init_num = 0;
-
- /*
- * We need to get hashes here so if there is a client cert,
- * it can be verified FIXME - digest processing for
- * CertificateVerify should be generalized. But it is next
- * step
- */
- if (s->s3->handshake_buffer) {
- if (!ssl3_digest_cached_records(s)) {
- s->state = SSL_ST_ERR;
- return -1;
- }
- }
- for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
- if (s->s3->handshake_dgst[dgst_num]) {
- int dgst_size;
-
- s->method->ssl3_enc->cert_verify_mac(s,
- EVP_MD_CTX_type
- (s->
- s3->handshake_dgst
- [dgst_num]),
- &(s->s3->
- tmp.cert_verify_md
- [offset]));
- dgst_size =
- EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
- if (dgst_size < 0) {
- s->state = SSL_ST_ERR;
- ret = -1;
- goto end;
- }
- offset += dgst_size;
- }
- }
- break;
-
- case SSL3_ST_SR_CERT_VRFY_A:
- case SSL3_ST_SR_CERT_VRFY_B:
- ret = ssl3_get_cert_verify(s);
- if (ret <= 0)
- goto end;
-
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->state = SSL3_ST_SR_FINISHED_A;
-#else
- if (s->s3->next_proto_neg_seen)
- s->state = SSL3_ST_SR_NEXT_PROTO_A;
- else
- s->state = SSL3_ST_SR_FINISHED_A;
-#endif
- s->init_num = 0;
- break;
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- case SSL3_ST_SR_NEXT_PROTO_A:
- case SSL3_ST_SR_NEXT_PROTO_B:
- /*
- * Enable CCS for NPN. Receiving a CCS clears the flag, so make
- * sure not to re-enable it to ban duplicates. This *should* be the
- * first time we have received one - but we check anyway to be
- * cautious.
- * s->s3->change_cipher_spec is set when a CCS is
- * processed in s3_pkt.c, and remains set until
- * the client's Finished message is read.
- */
- if (!s->s3->change_cipher_spec)
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
-
- ret = ssl3_get_next_proto(s);
- if (ret <= 0)
- goto end;
- s->init_num = 0;
- s->state = SSL3_ST_SR_FINISHED_A;
- break;
-#endif
-
- case SSL3_ST_SR_FINISHED_A:
- case SSL3_ST_SR_FINISHED_B:
- /*
- * Enable CCS for handshakes without NPN. In NPN the CCS flag has
- * already been set. Receiving a CCS clears the flag, so make
- * sure not to re-enable it to ban duplicates.
- * s->s3->change_cipher_spec is set when a CCS is
- * processed in s3_pkt.c, and remains set until
- * the client's Finished message is read.
- */
- if (!s->s3->change_cipher_spec)
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
- ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
- SSL3_ST_SR_FINISHED_B);
- if (ret <= 0)
- goto end;
- if (s->hit)
- s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_TLSEXT
- else if (s->tlsext_ticket_expected)
- s->state = SSL3_ST_SW_SESSION_TICKET_A;
-#endif
- else
- s->state = SSL3_ST_SW_CHANGE_A;
- s->init_num = 0;
- break;
-
-#ifndef OPENSSL_NO_TLSEXT
- case SSL3_ST_SW_SESSION_TICKET_A:
- case SSL3_ST_SW_SESSION_TICKET_B:
- ret = ssl3_send_newsession_ticket(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_CHANGE_A;
- s->init_num = 0;
- break;
-
- case SSL3_ST_SW_CERT_STATUS_A:
- case SSL3_ST_SW_CERT_STATUS_B:
- ret = ssl3_send_cert_status(s);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_KEY_EXCH_A;
- s->init_num = 0;
- break;
-
-#endif
-
- case SSL3_ST_SW_CHANGE_A:
- case SSL3_ST_SW_CHANGE_B:
-
- s->session->cipher = s->s3->tmp.new_cipher;
- if (!s->method->ssl3_enc->setup_key_block(s)) {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- ret = ssl3_send_change_cipher_spec(s,
- SSL3_ST_SW_CHANGE_A,
- SSL3_ST_SW_CHANGE_B);
-
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_FINISHED_A;
- s->init_num = 0;
-
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_SERVER_WRITE))
- {
- ret = -1;
- s->state = SSL_ST_ERR;
- goto end;
- }
-
- break;
-
- case SSL3_ST_SW_FINISHED_A:
- case SSL3_ST_SW_FINISHED_B:
- ret = ssl3_send_finished(s,
- SSL3_ST_SW_FINISHED_A,
- SSL3_ST_SW_FINISHED_B,
- s->method->
- ssl3_enc->server_finished_label,
- s->method->
- ssl3_enc->server_finished_label_len);
- if (ret <= 0)
- goto end;
- s->state = SSL3_ST_SW_FLUSH;
- if (s->hit) {
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-#else
- if (s->s3->next_proto_neg_seen) {
- s->s3->tmp.next_state = SSL3_ST_SR_NEXT_PROTO_A;
- } else
- s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-#endif
- } else
- s->s3->tmp.next_state = SSL_ST_OK;
- s->init_num = 0;
- break;
-
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
-
- /* remove buffering on output */
- ssl_free_wbio_buffer(s);
-
- s->init_num = 0;
-
- if (s->renegotiate == 2) { /* skipped if we just sent a
- * HelloRequest */
- s->renegotiate = 0;
- s->new_session = 0;
-
- ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
- s->ctx->stats.sess_accept_good++;
- /* s->server=1; */
- s->handshake_func = ssl3_accept;
-
- if (cb != NULL)
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
- }
-
- ret = 1;
- goto end;
- /* break; */
-
- case SSL_ST_ERR:
- default:
- SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
- ret = -1;
- goto end;
- /* break; */
- }
-
- if (!s->s3->tmp.reuse_message && !skip) {
- if (s->debug) {
- if ((ret = BIO_flush(s->wbio)) <= 0)
- goto end;
- }
-
- if ((cb != NULL) && (s->state != state)) {
- new_state = s->state;
- s->state = state;
- cb(s, SSL_CB_ACCEPT_LOOP, 1);
- s->state = new_state;
- }
- }
- skip = 0;
- }
- end:
- /* BIO_flush(s->wbio); */
-
- s->in_handshake--;
- if (cb != NULL)
- cb(s, SSL_CB_ACCEPT_EXIT, ret);
- return (ret);
-}
-
-int ssl3_send_hello_request(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
- p = (unsigned char *)s->init_buf->data;
- *(p++) = SSL3_MT_HELLO_REQUEST;
- *(p++) = 0;
- *(p++) = 0;
- *(p++) = 0;
-
- s->state = SSL3_ST_SW_HELLO_REQ_B;
- /* number of bytes to write */
- s->init_num = 4;
- s->init_off = 0;
- }
-
- /* SSL3_ST_SW_HELLO_REQ_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int ssl3_check_client_hello(SSL *s)
-{
- int ok;
- long n;
-
- /*
- * this function is called when we really expect a Certificate message,
- * so permit appropriate message length
- */
- n = s->method->ssl_get_message(s,
- SSL3_ST_SR_CERT_A,
- SSL3_ST_SR_CERT_B,
- -1, s->max_cert_list, &ok);
- if (!ok)
- return ((int)n);
- s->s3->tmp.reuse_message = 1;
- if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) {
- /*
- * We only allow the client to restart the handshake once per
- * negotiation.
- */
- if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE) {
- SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO,
- SSL_R_MULTIPLE_SGC_RESTARTS);
- return -1;
- }
- /*
- * Throw away what we have done so far in the current handshake,
- * which will now be aborted. (A full SSL_clear would be too much.)
- */
-#ifndef OPENSSL_NO_DH
- if (s->s3->tmp.dh != NULL) {
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh = NULL;
- }
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (s->s3->tmp.ecdh != NULL) {
- EC_KEY_free(s->s3->tmp.ecdh);
- s->s3->tmp.ecdh = NULL;
- }
-#endif
- s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
- return 2;
- }
- return 1;
-}
-
-int ssl3_get_client_hello(SSL *s)
-{
- int i, j, ok, al, ret = -1, cookie_valid = 0;
- unsigned int cookie_len;
- long n;
- unsigned long id;
- unsigned char *p, *d, *q;
- SSL_CIPHER *c;
-#ifndef OPENSSL_NO_COMP
- SSL_COMP *comp = NULL;
-#endif
- STACK_OF(SSL_CIPHER) *ciphers = NULL;
-
- /*
- * We do this so that we will respond with our native type. If we are
- * TLSv1 and we get SSLv3, we will respond with TLSv1, This down
- * switching should be handled by a different method. If we are SSLv3, we
- * will respond with SSLv3, even if prompted with TLSv1.
- */
- if (s->state == SSL3_ST_SR_CLNT_HELLO_A) {
- s->state = SSL3_ST_SR_CLNT_HELLO_B;
- }
- s->first_packet = 1;
- n = s->method->ssl_get_message(s,
- SSL3_ST_SR_CLNT_HELLO_B,
- SSL3_ST_SR_CLNT_HELLO_C,
- SSL3_MT_CLIENT_HELLO,
- SSL3_RT_MAX_PLAIN_LENGTH, &ok);
-
- if (!ok)
- return ((int)n);
- s->first_packet = 0;
- d = p = (unsigned char *)s->init_msg;
-
- /*
- * 2 bytes for client version, SSL3_RANDOM_SIZE bytes for random, 1 byte
- * for session id length
- */
- if (n < 2 + SSL3_RANDOM_SIZE + 1) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
-
- /*
- * use version from inside client hello, not from record header (may
- * differ: see RFC 2246, Appendix E, second paragraph)
- */
- s->client_version = (((int)p[0]) << 8) | (int)p[1];
- p += 2;
-
- if ((s->version == DTLS1_VERSION && s->client_version > s->version) ||
- (s->version != DTLS1_VERSION && s->client_version < s->version)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
- if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
- !s->enc_write_ctx && !s->write_hash) {
- /*
- * similar to ssl3_get_record, send alert using remote version
- * number
- */
- s->version = s->client_version;
- }
- al = SSL_AD_PROTOCOL_VERSION;
- goto f_err;
- }
-
- /*
- * If we require cookies and this ClientHello doesn't contain one, just
- * return since we do not want to allocate any memory yet. So check
- * cookie length...
- */
- if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
- unsigned int session_length, cookie_length;
-
- session_length = *(p + SSL3_RANDOM_SIZE);
-
- if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
-
- if (cookie_length == 0)
- return 1;
- }
-
- /* load the client random */
- memcpy(s->s3->client_random, p, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- /* get the session-id */
- j = *(p++);
-
- if (p + j > d + n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
-
- s->hit = 0;
- /*
- * Versions before 0.9.7 always allow clients to resume sessions in
- * renegotiation. 0.9.7 and later allow this by default, but optionally
- * ignore resumption requests with flag
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag rather
- * than a change to default behavior so that applications relying on this
- * for security won't even compile against older library versions).
- * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() to
- * request renegotiation but not a new session (s->new_session remains
- * unset): for servers, this essentially just means that the
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be ignored.
- */
- if ((s->new_session
- && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
- if (!ssl_get_new_session(s, 1))
- goto err;
- } else {
- i = ssl_get_prev_session(s, p, j, d + n);
- /*
- * Only resume if the session's version matches the negotiated
- * version.
- * RFC 5246 does not provide much useful advice on resumption
- * with a different protocol version. It doesn't forbid it but
- * the sanity of such behaviour would be questionable.
- * In practice, clients do not accept a version mismatch and
- * will abort the handshake with an error.
- */
- if (i == 1 && s->version == s->session->ssl_version) { /* previous
- * session */
- s->hit = 1;
- } else if (i == -1)
- goto err;
- else { /* i == 0 */
-
- if (!ssl_get_new_session(s, 1))
- goto err;
- }
- }
-
- p += j;
-
- if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
- /* cookie stuff */
- if (p + 1 > d + n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- cookie_len = *(p++);
-
- if (p + cookie_len > d + n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
-
- /*
- * The ClientHello may contain a cookie even if the
- * HelloVerify message has not been sent--make sure that it
- * does not cause an overflow.
- */
- if (cookie_len > sizeof(s->d1->rcvd_cookie)) {
- /* too much data */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
- goto f_err;
- }
-
- /* verify the cookie if appropriate option is set. */
- if ((SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) && cookie_len > 0) {
- memcpy(s->d1->rcvd_cookie, p, cookie_len);
-
- if (s->ctx->app_verify_cookie_cb != NULL) {
- if (s->ctx->app_verify_cookie_cb(s, s->d1->rcvd_cookie,
- cookie_len) == 0) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
- SSL_R_COOKIE_MISMATCH);
- goto f_err;
- }
- /* else cookie verification succeeded */
- }
- /* default verification */
- else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,
- s->d1->cookie_len) != 0) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
- goto f_err;
- }
- cookie_valid = 1;
- }
-
- p += cookie_len;
- }
-
- if (p + 2 > d + n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- n2s(p, i);
-
- if (i == 0) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_SPECIFIED);
- goto f_err;
- }
-
- /* i bytes of cipher data + 1 byte for compression length later */
- if ((p + i + 1) > (d + n)) {
- /* not enough data */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- if (ssl_bytes_to_cipher_list(s, p, i, &(ciphers)) == NULL) {
- goto err;
- }
- p += i;
-
- /* If it is a hit, check that the cipher is in the list */
- if (s->hit) {
- j = 0;
- id = s->session->cipher->id;
-
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "client sent %d ciphers\n",
- sk_SSL_CIPHER_num(ciphers));
-#endif
- for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
- c = sk_SSL_CIPHER_value(ciphers, i);
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "client [%2d of %2d]:%s\n",
- i, sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c));
-#endif
- if (c->id == id) {
- j = 1;
- break;
- }
- }
- /*
- * Disabled because it can be used in a ciphersuite downgrade attack:
- * CVE-2010-4180.
- */
-#if 0
- if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
- && (sk_SSL_CIPHER_num(ciphers) == 1)) {
- /*
- * Special case as client bug workaround: the previously used
- * cipher may not be in the current list, the client instead
- * might be trying to continue using a cipher that before wasn't
- * chosen due to server preferences. We'll have to reject the
- * connection if the cipher is not enabled, though.
- */
- c = sk_SSL_CIPHER_value(ciphers, 0);
- if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0) {
- s->session->cipher = c;
- j = 1;
- }
- }
-#endif
- if (j == 0) {
- /*
- * we need to have the cipher in the cipher list if we are asked
- * to reuse it
- */
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
- SSL_R_REQUIRED_CIPHER_MISSING);
- goto f_err;
- }
- }
-
- /* compression */
- i = *(p++);
- if ((p + i) > (d + n)) {
- /* not enough data */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- q = p;
- for (j = 0; j < i; j++) {
- if (p[j] == 0)
- break;
- }
-
- p += i;
- if (j >= i) {
- /* no compress */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_COMPRESSION_SPECIFIED);
- goto f_err;
- }
-#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions */
- if (s->version >= SSL3_VERSION) {
- if (!ssl_parse_clienthello_tlsext(s, &p, d + n, &al)) {
- /* 'al' set by ssl_parse_clienthello_tlsext */
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT);
- goto f_err;
- }
- }
- if (ssl_check_clienthello_tlsext_early(s) <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- goto err;
- }
-
- /*
- * Check if we want to use external pre-shared secret for this handshake
- * for not reused session only. We need to generate server_random before
- * calling tls_session_secret_cb in order to allow SessionTicket
- * processing to use it in key derivation.
- */
- {
- unsigned char *pos;
- pos = s->s3->server_random;
- if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- }
-
- if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
- SSL_CIPHER *pref_cipher = NULL;
-
- s->session->master_key_length = sizeof(s->session->master_key);
- if (s->tls_session_secret_cb(s, s->session->master_key,
- &s->session->master_key_length, ciphers,
- &pref_cipher,
- s->tls_session_secret_cb_arg)) {
- s->hit = 1;
- s->session->ciphers = ciphers;
- s->session->verify_result = X509_V_OK;
-
- ciphers = NULL;
-
- /* check if some cipher was preferred by call back */
- pref_cipher =
- pref_cipher ? pref_cipher : ssl3_choose_cipher(s,
- s->
- session->ciphers,
- SSL_get_ciphers
- (s));
- if (pref_cipher == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
- goto f_err;
- }
-
- s->session->cipher = pref_cipher;
-
- if (s->cipher_list)
- sk_SSL_CIPHER_free(s->cipher_list);
-
- if (s->cipher_list_by_id)
- sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
- s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
- s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
- }
- }
-#endif
-
- /*
- * Worst case, we will use the NULL compression, but if we have other
- * options, we will now look for them. We have i-1 compression
- * algorithms from the client, starting at q.
- */
- s->s3->tmp.new_compression = NULL;
-#ifndef OPENSSL_NO_COMP
- /* This only happens if we have a cache hit */
- if (s->session->compress_meth != 0) {
- int m, comp_id = s->session->compress_meth;
- /* Perform sanity checks on resumed compression algorithm */
- /* Can't disable compression */
- if (s->options & SSL_OP_NO_COMPRESSION) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
- SSL_R_INCONSISTENT_COMPRESSION);
- goto f_err;
- }
- /* Look for resumed compression method */
- for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
- if (comp_id == comp->id) {
- s->s3->tmp.new_compression = comp;
- break;
- }
- }
- if (s->s3->tmp.new_compression == NULL) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
- SSL_R_INVALID_COMPRESSION_ALGORITHM);
- goto f_err;
- }
- /* Look for resumed method in compression list */
- for (m = 0; m < i; m++) {
- if (q[m] == comp_id)
- break;
- }
- if (m >= i) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
- SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
- goto f_err;
- }
- } else if (s->hit)
- comp = NULL;
- else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods) {
- /* See if we have a match */
- int m, nn, o, v, done = 0;
-
- nn = sk_SSL_COMP_num(s->ctx->comp_methods);
- for (m = 0; m < nn; m++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
- v = comp->id;
- for (o = 0; o < i; o++) {
- if (v == q[o]) {
- done = 1;
- break;
- }
- }
- if (done)
- break;
- }
- if (done)
- s->s3->tmp.new_compression = comp;
- else
- comp = NULL;
- }
-#else
- /*
- * If compression is disabled we'd better not try to resume a session
- * using compression.
- */
- if (s->session->compress_meth != 0) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
- goto f_err;
- }
-#endif
-
- /*
- * Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher
- */
-
- if (!s->hit) {
-#ifdef OPENSSL_NO_COMP
- s->session->compress_meth = 0;
-#else
- s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
-#endif
- if (s->session->ciphers != NULL)
- sk_SSL_CIPHER_free(s->session->ciphers);
- s->session->ciphers = ciphers;
- if (ciphers == NULL) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto f_err;
- }
- ciphers = NULL;
- c = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
-
- if (c == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
- goto f_err;
- }
- s->s3->tmp.new_cipher = c;
- } else {
- /* Session-id reuse */
-#ifdef REUSE_CIPHER_BUG
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *nc = NULL;
- SSL_CIPHER *ec = NULL;
-
- if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) {
- sk = s->session->ciphers;
- for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
- c = sk_SSL_CIPHER_value(sk, i);
- if (c->algorithm_enc & SSL_eNULL)
- nc = c;
- if (SSL_C_IS_EXPORT(c))
- ec = c;
- }
- if (nc != NULL)
- s->s3->tmp.new_cipher = nc;
- else if (ec != NULL)
- s->s3->tmp.new_cipher = ec;
- else
- s->s3->tmp.new_cipher = s->session->cipher;
- } else
-#endif
- s->s3->tmp.new_cipher = s->session->cipher;
- }
-
- if (TLS1_get_version(s) < TLS1_2_VERSION
- || !(s->verify_mode & SSL_VERIFY_PEER)) {
- if (!ssl3_digest_cached_records(s)) {
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- }
-
- /*-
- * we now have the following setup.
- * client_random
- * cipher_list - our prefered list of ciphers
- * ciphers - the clients prefered list of ciphers
- * compression - basically ignored right now
- * ssl version is set - sslv3
- * s->session - The ssl session has been setup.
- * s->hit - session reuse flag
- * s->tmp.new_cipher - the new cipher to use.
- */
-
- /* Handles TLS extensions that we couldn't check earlier */
- if (s->version >= SSL3_VERSION) {
- if (ssl_check_clienthello_tlsext_late(s) <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- goto err;
- }
- }
-
- ret = cookie_valid ? 2 : 1;
- if (0) {
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- s->state = SSL_ST_ERR;
- }
-
- if (ciphers != NULL)
- sk_SSL_CIPHER_free(ciphers);
- return ret;
-}
-
-int ssl3_send_server_hello(SSL *s)
-{
- unsigned char *buf;
- unsigned char *p, *d;
- int i, sl;
- unsigned long l;
-
- if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
- buf = (unsigned char *)s->init_buf->data;
-#ifdef OPENSSL_NO_TLSEXT
- p = s->s3->server_random;
- if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
- s->state = SSL_ST_ERR;
- return -1;
- }
-#endif
- /* Do the message type and length last */
- d = p = &(buf[4]);
-
- *(p++) = s->version >> 8;
- *(p++) = s->version & 0xff;
-
- /* Random stuff */
- memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- /*-
- * There are several cases for the session ID to send
- * back in the server hello:
- * - For session reuse from the session cache,
- * we send back the old session ID.
- * - If stateless session reuse (using a session ticket)
- * is successful, we send back the client's "session ID"
- * (which doesn't actually identify the session).
- * - If it is a new session, we send back the new
- * session ID.
- * - However, if we want the new session to be single-use,
- * we send back a 0-length session ID.
- * s->hit is non-zero in either case of session reuse,
- * so the following won't overwrite an ID that we're supposed
- * to send back.
- */
- if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
- && !s->hit)
- s->session->session_id_length = 0;
-
- sl = s->session->session_id_length;
- if (sl > (int)sizeof(s->session->session_id)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return -1;
- }
- *(p++) = sl;
- memcpy(p, s->session->session_id, sl);
- p += sl;
-
- /* put the cipher */
- i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
- p += i;
-
- /* put the compression method */
-#ifdef OPENSSL_NO_COMP
- *(p++) = 0;
-#else
- if (s->s3->tmp.new_compression == NULL)
- *(p++) = 0;
- else
- *(p++) = s->s3->tmp.new_compression->id;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
- if (ssl_prepare_serverhello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
- s->state = SSL_ST_ERR;
- return -1;
- }
- if ((p =
- ssl_add_serverhello_tlsext(s, p,
- buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
- NULL) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return -1;
- }
-#endif
- /* do the header */
- l = (p - d);
- d = buf;
- *(d++) = SSL3_MT_SERVER_HELLO;
- l2n3(l, d);
-
- s->state = SSL3_ST_SW_SRVR_HELLO_B;
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
- }
-
- /* SSL3_ST_SW_SRVR_HELLO_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int ssl3_send_server_done(SSL *s)
-{
- unsigned char *p;
-
- if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
- p = (unsigned char *)s->init_buf->data;
-
- /* do the header */
- *(p++) = SSL3_MT_SERVER_DONE;
- *(p++) = 0;
- *(p++) = 0;
- *(p++) = 0;
-
- s->state = SSL3_ST_SW_SRVR_DONE_B;
- /* number of bytes to write */
- s->init_num = 4;
- s->init_off = 0;
- }
-
- /* SSL3_ST_SW_SRVR_DONE_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-int ssl3_send_server_key_exchange(SSL *s)
-{
-#ifndef OPENSSL_NO_RSA
- unsigned char *q;
- int j, num;
- RSA *rsa;
- unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
- unsigned int u;
-#endif
-#ifndef OPENSSL_NO_DH
- DH *dh = NULL, *dhp;
-#endif
-#ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh = NULL, *ecdhp;
- unsigned char *encodedPoint = NULL;
- int encodedlen = 0;
- int curve_id = 0;
- BN_CTX *bn_ctx = NULL;
-#endif
- EVP_PKEY *pkey;
- const EVP_MD *md = NULL;
- unsigned char *p, *d;
- int al, i;
- unsigned long type;
- int n;
- CERT *cert;
- BIGNUM *r[4];
- int nr[4], kn;
- BUF_MEM *buf;
- EVP_MD_CTX md_ctx;
-
- EVP_MD_CTX_init(&md_ctx);
- if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
- type = s->s3->tmp.new_cipher->algorithm_mkey;
- cert = s->cert;
-
- buf = s->init_buf;
-
- r[0] = r[1] = r[2] = r[3] = NULL;
- n = 0;
-#ifndef OPENSSL_NO_RSA
- if (type & SSL_kRSA) {
- rsa = cert->rsa_tmp;
- if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->
- tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->
- tmp.new_cipher));
- if (rsa == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
- goto f_err;
- }
- RSA_up_ref(rsa);
- cert->rsa_tmp = rsa;
- }
- if (rsa == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_RSA_KEY);
- goto f_err;
- }
- r[0] = rsa->n;
- r[1] = rsa->e;
- s->s3->tmp.use_rsa_tmp = 1;
- } else
-#endif
-#ifndef OPENSSL_NO_DH
- if (type & SSL_kEDH) {
- dhp = cert->dh_tmp;
- if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->
- tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->
- tmp.new_cipher));
- if (dhp == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_DH_KEY);
- goto f_err;
- }
-
- if (s->s3->tmp.dh != NULL) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if ((dh = DHparams_dup(dhp)) == NULL) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
-
- s->s3->tmp.dh = dh;
- if ((dhp->pub_key == NULL ||
- dhp->priv_key == NULL ||
- (s->options & SSL_OP_SINGLE_DH_USE))) {
- if (!DH_generate_key(dh)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
- } else {
- dh->pub_key = BN_dup(dhp->pub_key);
- dh->priv_key = BN_dup(dhp->priv_key);
- if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
- }
- r[0] = dh->p;
- r[1] = dh->g;
- r[2] = dh->pub_key;
- } else
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (type & SSL_kEECDH) {
- const EC_GROUP *group;
-
- ecdhp = cert->ecdh_tmp;
- if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
- ecdhp = s->cert->ecdh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->
- tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->
- s3->tmp.new_cipher));
- }
- if (ecdhp == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_ECDH_KEY);
- goto f_err;
- }
-
- if (s->s3->tmp.ecdh != NULL) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- /* Duplicate the ECDH structure. */
- if (ecdhp == NULL) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
- if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- s->s3->tmp.ecdh = ecdh;
- if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
- (EC_KEY_get0_private_key(ecdh) == NULL) ||
- (s->options & SSL_OP_SINGLE_ECDH_USE)) {
- if (!EC_KEY_generate_key(ecdh)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_ECDH_LIB);
- goto err;
- }
- }
-
- if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
- (EC_KEY_get0_public_key(ecdh) == NULL) ||
- (EC_KEY_get0_private_key(ecdh) == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto err;
- }
-
- /*
- * XXX: For now, we only support ephemeral ECDH keys over named
- * (not generic) curves. For supported named curves, curve_id is
- * non-zero.
- */
- if ((curve_id =
- tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
- == 0) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
- goto err;
- }
-
- /*
- * Encode the public key. First check the size of encoding and
- * allocate memory accordingly.
- */
- encodedlen = EC_POINT_point2oct(group,
- EC_KEY_get0_public_key(ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- NULL, 0, NULL);
-
- encodedPoint = (unsigned char *)
- OPENSSL_malloc(encodedlen * sizeof(unsigned char));
- bn_ctx = BN_CTX_new();
- if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- encodedlen = EC_POINT_point2oct(group,
- EC_KEY_get0_public_key(ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- encodedPoint, encodedlen, bn_ctx);
-
- if (encodedlen == 0) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- BN_CTX_free(bn_ctx);
- bn_ctx = NULL;
-
- /*
- * XXX: For now, we only support named (not generic) curves in
- * ECDH ephemeral key exchanges. In this situation, we need four
- * additional bytes to encode the entire ServerECDHParams
- * structure.
- */
- n = 4 + encodedlen;
-
- /*
- * We'll generate the serverKeyExchange message explicitly so we
- * can set these to NULLs
- */
- r[0] = NULL;
- r[1] = NULL;
- r[2] = NULL;
- r[3] = NULL;
- } else
-#endif /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_PSK
- if (type & SSL_kPSK) {
- /*
- * reserve size for record length and PSK identity hint
- */
- n += 2 + strlen(s->ctx->psk_identity_hint);
- } else
-#endif /* !OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
- if (type & SSL_kSRP) {
- if ((s->srp_ctx.N == NULL) ||
- (s->srp_ctx.g == NULL) ||
- (s->srp_ctx.s == NULL) || (s->srp_ctx.B == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_MISSING_SRP_PARAM);
- goto err;
- }
- r[0] = s->srp_ctx.N;
- r[1] = s->srp_ctx.g;
- r[2] = s->srp_ctx.s;
- r[3] = s->srp_ctx.B;
- } else
-#endif
- {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
- for (i = 0; i < 4 && r[i] != NULL; i++) {
- nr[i] = BN_num_bytes(r[i]);
-#ifndef OPENSSL_NO_SRP
- if ((i == 2) && (type & SSL_kSRP))
- n += 1 + nr[i];
- else
-#endif
- n += 2 + nr[i];
- }
-
- if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
- && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
- if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, &md))
- == NULL) {
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
- kn = EVP_PKEY_size(pkey);
- } else {
- pkey = NULL;
- kn = 0;
- }
-
- if (!BUF_MEM_grow_clean(buf, n + 4 + kn)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_BUF);
- goto err;
- }
- d = (unsigned char *)s->init_buf->data;
- p = &(d[4]);
-
- for (i = 0; i < 4 && r[i] != NULL; i++) {
-#ifndef OPENSSL_NO_SRP
- if ((i == 2) && (type & SSL_kSRP)) {
- *p = nr[i];
- p++;
- } else
-#endif
- s2n(nr[i], p);
- BN_bn2bin(r[i], p);
- p += nr[i];
- }
-
-#ifndef OPENSSL_NO_ECDH
- if (type & SSL_kEECDH) {
- /*
- * XXX: For now, we only support named (not generic) curves. In
- * this situation, the serverKeyExchange message has: [1 byte
- * CurveType], [2 byte CurveName] [1 byte length of encoded
- * point], followed by the actual encoded point itself
- */
- *p = NAMED_CURVE_TYPE;
- p += 1;
- *p = 0;
- p += 1;
- *p = curve_id;
- p += 1;
- *p = encodedlen;
- p += 1;
- memcpy((unsigned char *)p,
- (unsigned char *)encodedPoint, encodedlen);
- OPENSSL_free(encodedPoint);
- encodedPoint = NULL;
- p += encodedlen;
- }
-#endif
-
-#ifndef OPENSSL_NO_PSK
- if (type & SSL_kPSK) {
- /* copy PSK identity hint */
- s2n(strlen(s->ctx->psk_identity_hint), p);
- strncpy((char *)p, s->ctx->psk_identity_hint,
- strlen(s->ctx->psk_identity_hint));
- p += strlen(s->ctx->psk_identity_hint);
- }
-#endif
-
- /* not anonymous */
- if (pkey != NULL) {
- /*
- * n is the length of the params, they start at &(d[4]) and p
- * points to the space at the end.
- */
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA
- && TLS1_get_version(s) < TLS1_2_VERSION) {
- q = md_buf;
- j = 0;
- for (num = 2; num > 0; num--) {
- EVP_MD_CTX_set_flags(&md_ctx,
- EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- if (EVP_DigestInit_ex(&md_ctx,
- (num == 2) ? s->ctx->md5
- : s->ctx->sha1,
- NULL) <= 0
- || EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(&md_ctx, &(d[4]), n) <= 0
- || EVP_DigestFinal_ex(&md_ctx, q,
- (unsigned int *)&i) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_LIB_EVP);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- q += i;
- j += i;
- }
- if (RSA_sign(NID_md5_sha1, md_buf, j,
- &(p[2]), &u, pkey->pkey.rsa) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_RSA);
- goto err;
- }
- s2n(u, p);
- n += u + 2;
- } else
-#endif
- if (md) {
- /*
- * For TLS1.2 and later send signature algorithm
- */
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- if (!tls12_get_sigandhash(p, pkey, md)) {
- /* Should never happen */
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
- goto f_err;
- }
- p += 2;
- }
-#ifdef SSL_DEBUG
- fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
-#endif
- if (EVP_SignInit_ex(&md_ctx, md, NULL) <= 0
- || EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_SignUpdate(&md_ctx, &(d[4]), n) <= 0
- || EVP_SignFinal(&md_ctx, &(p[2]),
- (unsigned int *)&i, pkey) <= 0) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- s2n(i, p);
- n += i + 2;
- if (TLS1_get_version(s) >= TLS1_2_VERSION)
- n += 2;
- } else {
- /* Is this error check actually needed? */
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_UNKNOWN_PKEY_TYPE);
- goto f_err;
- }
- }
-
- *(d++) = SSL3_MT_SERVER_KEY_EXCHANGE;
- l2n3(n, d);
-
- /*
- * we should now have things packed up, so lets send it off
- */
- s->init_num = n + 4;
- s->init_off = 0;
- }
-
- s->state = SSL3_ST_SW_KEY_EXCH_B;
- EVP_MD_CTX_cleanup(&md_ctx);
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-#ifndef OPENSSL_NO_ECDH
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
- BN_CTX_free(bn_ctx);
-#endif
- EVP_MD_CTX_cleanup(&md_ctx);
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_send_certificate_request(SSL *s)
-{
- unsigned char *p, *d;
- int i, j, nl, off, n;
- STACK_OF(X509_NAME) *sk = NULL;
- X509_NAME *name;
- BUF_MEM *buf;
-
- if (s->state == SSL3_ST_SW_CERT_REQ_A) {
- buf = s->init_buf;
-
- d = p = (unsigned char *)&(buf->data[4]);
-
- /* get the list of acceptable cert types */
- p++;
- n = ssl3_get_req_cert_type(s, p);
- d[0] = n;
- p += n;
- n++;
-
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- nl = tls12_get_req_sig_algs(s, p + 2);
- s2n(nl, p);
- p += nl + 2;
- n += nl + 2;
- }
-
- off = n;
- p += 2;
- n += 2;
-
- sk = SSL_get_client_CA_list(s);
- nl = 0;
- if (sk != NULL) {
- for (i = 0; i < sk_X509_NAME_num(sk); i++) {
- name = sk_X509_NAME_value(sk, i);
- j = i2d_X509_NAME(name, NULL);
- if (!BUF_MEM_grow_clean(buf, 4 + n + j + 2)) {
- SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
- ERR_R_BUF_LIB);
- goto err;
- }
- p = (unsigned char *)&(buf->data[4 + n]);
- if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) {
- s2n(j, p);
- i2d_X509_NAME(name, &p);
- n += 2 + j;
- nl += 2 + j;
- } else {
- d = p;
- i2d_X509_NAME(name, &p);
- j -= 2;
- s2n(j, d);
- j += 2;
- n += j;
- nl += j;
- }
- }
- }
- /* else no CA names */
- p = (unsigned char *)&(buf->data[4 + off]);
- s2n(nl, p);
-
- d = (unsigned char *)buf->data;
- *(d++) = SSL3_MT_CERTIFICATE_REQUEST;
- l2n3(n, d);
-
- /*
- * we should now have things packed up, so lets send it off
- */
-
- s->init_num = n + 4;
- s->init_off = 0;
-#ifdef NETSCAPE_HANG_BUG
- if (!BUF_MEM_grow_clean(buf, s->init_num + 4)) {
- SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_BUF_LIB);
- goto err;
- }
- p = (unsigned char *)s->init_buf->data + s->init_num;
-
- /* do the header */
- *(p++) = SSL3_MT_SERVER_DONE;
- *(p++) = 0;
- *(p++) = 0;
- *(p++) = 0;
- s->init_num += 4;
-#endif
-
- s->state = SSL3_ST_SW_CERT_REQ_B;
- }
-
- /* SSL3_ST_SW_CERT_REQ_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_get_client_key_exchange(SSL *s)
-{
- int i, al, ok;
- long n;
- unsigned long alg_k;
- unsigned char *p;
-#ifndef OPENSSL_NO_RSA
- RSA *rsa = NULL;
- EVP_PKEY *pkey = NULL;
-#endif
-#ifndef OPENSSL_NO_DH
- BIGNUM *pub = NULL;
- DH *dh_srvr;
-#endif
-#ifndef OPENSSL_NO_KRB5
- KSSL_ERR kssl_err;
-#endif /* OPENSSL_NO_KRB5 */
-
-#ifndef OPENSSL_NO_ECDH
- EC_KEY *srvr_ecdh = NULL;
- EVP_PKEY *clnt_pub_pkey = NULL;
- EC_POINT *clnt_ecpoint = NULL;
- BN_CTX *bn_ctx = NULL;
-#endif
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_SR_KEY_EXCH_A,
- SSL3_ST_SR_KEY_EXCH_B,
- SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok);
-
- if (!ok)
- return ((int)n);
- p = (unsigned char *)s->init_msg;
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-#ifndef OPENSSL_NO_RSA
- if (alg_k & SSL_kRSA) {
- unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
- int decrypt_len;
- unsigned char decrypt_good, version_good;
- size_t j;
-
- /* FIX THIS UP EAY EAY EAY EAY */
- if (s->s3->tmp.use_rsa_tmp) {
- if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
- rsa = s->cert->rsa_tmp;
- /*
- * Don't do a callback because rsa_tmp should be sent already
- */
- if (rsa == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_RSA_PKEY);
- goto f_err;
-
- }
- } else {
- pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
- if ((pkey == NULL) ||
- (pkey->type != EVP_PKEY_RSA) || (pkey->pkey.rsa == NULL)) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_MISSING_RSA_CERTIFICATE);
- goto f_err;
- }
- rsa = pkey->pkey.rsa;
- }
-
- /* TLS and [incidentally] DTLS{0xFEFF} */
- if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
- n2s(p, i);
- if (n != i + 2) {
- if (!(s->options & SSL_OP_TLS_D5_BUG)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
- goto f_err;
- } else
- p -= 2;
- } else
- n = i;
- }
-
- /*
- * Reject overly short RSA ciphertext because we want to be sure
- * that the buffer size makes it safe to iterate over the entire
- * size of a premaster secret (SSL_MAX_MASTER_KEY_LENGTH). The
- * actual expected size is larger due to RSA padding, but the
- * bound is sufficient to be safe.
- */
- if (n < SSL_MAX_MASTER_KEY_LENGTH) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
- goto f_err;
- }
-
- /*
- * We must not leak whether a decryption failure occurs because of
- * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
- * section 7.4.7.1). The code follows that advice of the TLS RFC and
- * generates a random premaster secret for the case that the decrypt
- * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
- */
-
- /*
- * should be RAND_bytes, but we cannot work around a failure.
- */
- if (RAND_pseudo_bytes(rand_premaster_secret,
- sizeof(rand_premaster_secret)) <= 0)
- goto err;
- decrypt_len =
- RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING);
- ERR_clear_error();
-
- /*
- * decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. decrypt_good will
- * be 0xff if so and zero otherwise.
- */
- decrypt_good =
- constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH);
-
- /*
- * If the version in the decrypted pre-master secret is correct then
- * version_good will be 0xff, otherwise it'll be zero. The
- * Klima-Pokorny-Rosa extension of Bleichenbacher's attack
- * (http://eprint.iacr.org/2003/052/) exploits the version number
- * check as a "bad version oracle". Thus version checks are done in
- * constant time and are treated like any other decryption error.
- */
- version_good =
- constant_time_eq_8(p[0], (unsigned)(s->client_version >> 8));
- version_good &=
- constant_time_eq_8(p[1], (unsigned)(s->client_version & 0xff));
-
- /*
- * The premaster secret must contain the same version number as the
- * ClientHello to detect version rollback attacks (strangely, the
- * protocol does not offer such protection for DH ciphersuites).
- * However, buggy clients exist that send the negotiated protocol
- * version instead if the server does not support the requested
- * protocol version. If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
- * clients.
- */
- if (s->options & SSL_OP_TLS_ROLLBACK_BUG) {
- unsigned char workaround_good;
- workaround_good =
- constant_time_eq_8(p[0], (unsigned)(s->version >> 8));
- workaround_good &=
- constant_time_eq_8(p[1], (unsigned)(s->version & 0xff));
- version_good |= workaround_good;
- }
-
- /*
- * Both decryption and version must be good for decrypt_good to
- * remain non-zero (0xff).
- */
- decrypt_good &= version_good;
-
- /*
- * Now copy rand_premaster_secret over from p using
- * decrypt_good_mask. If decryption failed, then p does not
- * contain valid plaintext, however, a check above guarantees
- * it is still sufficiently large to read from.
- */
- for (j = 0; j < sizeof(rand_premaster_secret); j++) {
- p[j] = constant_time_select_8(decrypt_good, p[j],
- rand_premaster_secret[j]);
- }
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p,
- sizeof
- (rand_premaster_secret));
- OPENSSL_cleanse(p, sizeof(rand_premaster_secret));
- } else
-#endif
-#ifndef OPENSSL_NO_DH
- if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
- n2s(p, i);
- if (n != i + 2) {
- if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
- goto err;
- } else {
- p -= 2;
- i = (int)n;
- }
- }
-
- if (n == 0L) { /* the parameters are in the cert */
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_UNABLE_TO_DECODE_DH_CERTS);
- goto f_err;
- } else {
- if (s->s3->tmp.dh == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_DH_KEY);
- goto f_err;
- } else
- dh_srvr = s->s3->tmp.dh;
- }
-
- pub = BN_bin2bn(p, i, NULL);
- if (pub == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB);
- goto err;
- }
-
- i = DH_compute_key(p, pub, dh_srvr);
-
- if (i <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
- BN_clear_free(pub);
- goto err;
- }
-
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh = NULL;
-
- BN_clear_free(pub);
- pub = NULL;
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p, i);
- OPENSSL_cleanse(p, i);
- } else
-#endif
-#ifndef OPENSSL_NO_KRB5
- if (alg_k & SSL_kKRB5) {
- krb5_error_code krb5rc;
- krb5_data enc_ticket;
- krb5_data authenticator;
- krb5_data enc_pms;
- KSSL_CTX *kssl_ctx = s->kssl_ctx;
- EVP_CIPHER_CTX ciph_ctx;
- const EVP_CIPHER *enc = NULL;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_BLOCK_LENGTH];
- int padl, outl;
- krb5_timestamp authtime = 0;
- krb5_ticket_times ttimes;
- int kerr = 0;
-
- EVP_CIPHER_CTX_init(&ciph_ctx);
-
- if (!kssl_ctx)
- kssl_ctx = kssl_ctx_new();
-
- n2s(p, i);
- enc_ticket.length = i;
-
- if (n < (long)(enc_ticket.length + 6)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- goto err;
- }
-
- enc_ticket.data = (char *)p;
- p += enc_ticket.length;
-
- n2s(p, i);
- authenticator.length = i;
-
- if (n < (long)(enc_ticket.length + authenticator.length + 6)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- goto err;
- }
-
- authenticator.data = (char *)p;
- p += authenticator.length;
-
- n2s(p, i);
- enc_pms.length = i;
- enc_pms.data = (char *)p;
- p += enc_pms.length;
-
- /*
- * Note that the length is checked again below, ** after decryption
- */
- if (enc_pms.length > sizeof pms) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- goto err;
- }
-
- if (n != (long)(enc_ticket.length + authenticator.length +
- enc_pms.length + 6)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- goto err;
- }
-
- if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
- &kssl_err)) != 0) {
-# ifdef KSSL_DEBUG
- fprintf(stderr, "kssl_sget_tkt rtn %d [%d]\n",
- krb5rc, kssl_err.reason);
- if (kssl_err.text)
- fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
-# endif /* KSSL_DEBUG */
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
- goto err;
- }
-
- /*
- * Note: no authenticator is not considered an error, ** but will
- * return authtime == 0.
- */
- if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
- &authtime, &kssl_err)) != 0) {
-# ifdef KSSL_DEBUG
- fprintf(stderr, "kssl_check_authent rtn %d [%d]\n",
- krb5rc, kssl_err.reason);
- if (kssl_err.text)
- fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
-# endif /* KSSL_DEBUG */
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
- goto err;
- }
-
- if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, krb5rc);
- goto err;
- }
-# ifdef KSSL_DEBUG
- kssl_ctx_show(kssl_ctx);
-# endif /* KSSL_DEBUG */
-
- enc = kssl_map_enc(kssl_ctx->enctype);
- if (enc == NULL)
- goto err;
-
- memset(iv, 0, sizeof iv); /* per RFC 1510 */
-
- if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DECRYPTION_FAILED);
- goto err;
- }
- if (!EVP_DecryptUpdate(&ciph_ctx, pms, &outl,
- (unsigned char *)enc_pms.data, enc_pms.length))
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DECRYPTION_FAILED);
- kerr = 1;
- goto kclean;
- }
- if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- kerr = 1;
- goto kclean;
- }
- if (!EVP_DecryptFinal_ex(&ciph_ctx, &(pms[outl]), &padl)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DECRYPTION_FAILED);
- kerr = 1;
- goto kclean;
- }
- outl += padl;
- if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- kerr = 1;
- goto kclean;
- }
- if (!((pms[0] == (s->client_version >> 8))
- && (pms[1] == (s->client_version & 0xff)))) {
- /*
- * The premaster secret must contain the same version number as
- * the ClientHello to detect version rollback attacks (strangely,
- * the protocol does not offer such protection for DH
- * ciphersuites). However, buggy clients exist that send random
- * bytes instead of the protocol version. If
- * SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients.
- * (Perhaps we should have a separate BUG value for the Kerberos
- * cipher)
- */
- if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_AD_DECODE_ERROR);
- kerr = 1;
- goto kclean;
- }
- }
-
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- pms, outl);
-
- if (kssl_ctx->client_princ) {
- size_t len = strlen(kssl_ctx->client_princ);
- if (len < SSL_MAX_KRB5_PRINCIPAL_LENGTH) {
- s->session->krb5_client_princ_len = len;
- memcpy(s->session->krb5_client_princ, kssl_ctx->client_princ,
- len);
- }
- }
-
- /*- Was doing kssl_ctx_free() here,
- * but it caused problems for apache.
- * kssl_ctx = kssl_ctx_free(kssl_ctx);
- * if (s->kssl_ctx) s->kssl_ctx = NULL;
- */
-
- kclean:
- OPENSSL_cleanse(pms, sizeof(pms));
- if (kerr)
- goto err;
- } else
-#endif /* OPENSSL_NO_KRB5 */
-
-#ifndef OPENSSL_NO_ECDH
- if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
- int ret = 1;
- int field_size = 0;
- const EC_KEY *tkey;
- const EC_GROUP *group;
- const BIGNUM *priv_key;
-
- /* initialize structures for server's ECDH key pair */
- if ((srvr_ecdh = EC_KEY_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* Let's get server private key and group information */
- if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
- /* use the certificate */
- tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
- } else {
- /*
- * use the ephermeral values we saved when generating the
- * ServerKeyExchange msg.
- */
- tkey = s->s3->tmp.ecdh;
- }
-
- group = EC_KEY_get0_group(tkey);
- priv_key = EC_KEY_get0_private_key(tkey);
-
- if (!EC_KEY_set_group(srvr_ecdh, group) ||
- !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
-
- /* Let's get client's public key */
- if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (n == 0L) {
- /* Client Publickey was in Client Certificate */
-
- if (alg_k & SSL_kEECDH) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_MISSING_TMP_ECDH_KEY);
- goto f_err;
- }
- if (((clnt_pub_pkey = X509_get_pubkey(s->session->peer))
- == NULL) || (clnt_pub_pkey->type != EVP_PKEY_EC)) {
- /*
- * XXX: For now, we do not support client authentication
- * using ECDH certificates so this branch (n == 0L) of the
- * code is never executed. When that support is added, we
- * ought to ensure the key received in the certificate is
- * authorized for key agreement. ECDH_compute_key implicitly
- * checks that the two ECDH shares are for the same group.
- */
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
- goto f_err;
- }
-
- if (EC_POINT_copy(clnt_ecpoint,
- EC_KEY_get0_public_key(clnt_pub_pkey->
- pkey.ec)) == 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- ret = 2; /* Skip certificate verify processing */
- } else {
- /*
- * Get client's public key from encoded point in the
- * ClientKeyExchange message.
- */
- if ((bn_ctx = BN_CTX_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* Get encoded point length */
- i = *p;
- p += 1;
- if (n != 1 + i) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- if (EC_POINT_oct2point(group, clnt_ecpoint, p, i, bn_ctx) == 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- /*
- * p is pointing to somewhere in the buffer currently, so set it
- * to the start
- */
- p = (unsigned char *)s->init_buf->data;
- }
-
- /* Compute the shared pre-master secret */
- field_size = EC_GROUP_get_degree(group);
- if (field_size <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
- i = ECDH_compute_key(p, (field_size + 7) / 8, clnt_ecpoint, srvr_ecdh,
- NULL);
- if (i <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
- goto err;
- }
-
- EVP_PKEY_free(clnt_pub_pkey);
- EC_POINT_free(clnt_ecpoint);
- EC_KEY_free(srvr_ecdh);
- BN_CTX_free(bn_ctx);
- EC_KEY_free(s->s3->tmp.ecdh);
- s->s3->tmp.ecdh = NULL;
-
- /* Compute the master secret */
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- p, i);
-
- OPENSSL_cleanse(p, i);
- return (ret);
- } else
-#endif
-#ifndef OPENSSL_NO_PSK
- if (alg_k & SSL_kPSK) {
- unsigned char *t = NULL;
- unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
- unsigned int pre_ms_len = 0, psk_len = 0;
- int psk_err = 1;
- char tmp_id[PSK_MAX_IDENTITY_LEN + 1];
-
- al = SSL_AD_HANDSHAKE_FAILURE;
-
- n2s(p, i);
- if (n != i + 2) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);
- goto psk_err;
- }
- if (i > PSK_MAX_IDENTITY_LEN) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
- goto psk_err;
- }
- if (s->psk_server_callback == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_NO_SERVER_CB);
- goto psk_err;
- }
-
- /*
- * Create guaranteed NULL-terminated identity string for the callback
- */
- memcpy(tmp_id, p, i);
- memset(tmp_id + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
- psk_len = s->psk_server_callback(s, tmp_id,
- psk_or_pre_ms,
- sizeof(psk_or_pre_ms));
- OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN + 1);
-
- if (psk_len > PSK_MAX_PSK_LEN) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto psk_err;
- } else if (psk_len == 0) {
- /*
- * PSK related to the given identity not found
- */
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_IDENTITY_NOT_FOUND);
- al = SSL_AD_UNKNOWN_PSK_IDENTITY;
- goto psk_err;
- }
-
- /* create PSK pre_master_secret */
- pre_ms_len = 2 + psk_len + 2 + psk_len;
- t = psk_or_pre_ms;
- memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
- s2n(psk_len, t);
- memset(t, 0, psk_len);
- t += psk_len;
- s2n(psk_len, t);
-
- if (s->session->psk_identity != NULL)
- OPENSSL_free(s->session->psk_identity);
- s->session->psk_identity = BUF_strndup((char *)p, i);
- if (s->session->psk_identity == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto psk_err;
- }
-
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
- s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
- if (s->ctx->psk_identity_hint != NULL &&
- s->session->psk_identity_hint == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto psk_err;
- }
-
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- psk_or_pre_ms,
- pre_ms_len);
- psk_err = 0;
- psk_err:
- OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
- if (psk_err != 0)
- goto f_err;
- } else
-#endif
-#ifndef OPENSSL_NO_SRP
- if (alg_k & SSL_kSRP) {
- int param_len;
-
- n2s(p, i);
- param_len = i + 2;
- if (param_len > n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_BAD_SRP_A_LENGTH);
- goto f_err;
- }
- if (!(s->srp_ctx.A = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
- || BN_is_zero(s->srp_ctx.A)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_BAD_SRP_PARAMETERS);
- goto f_err;
- }
- if (s->session->srp_username != NULL)
- OPENSSL_free(s->session->srp_username);
- s->session->srp_username = BUF_strdup(s->srp_ctx.login);
- if (s->session->srp_username == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if ((s->session->master_key_length =
- SRP_generate_server_master_secret(s,
- s->session->master_key)) < 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- p += i;
- } else
-#endif /* OPENSSL_NO_SRP */
- if (alg_k & SSL_kGOST) {
- int ret = 0;
- EVP_PKEY_CTX *pkey_ctx;
- EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
- unsigned char premaster_secret[32], *start;
- size_t outlen = 32, inlen;
- unsigned long alg_a;
- int Ttag, Tclass;
- long Tlen;
-
- /* Get our certificate private key */
- alg_a = s->s3->tmp.new_cipher->algorithm_auth;
- if (alg_a & SSL_aGOST94)
- pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
- else if (alg_a & SSL_aGOST01)
- pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
-
- pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
- if (pkey_ctx == NULL) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto f_err;
- }
- if (EVP_PKEY_decrypt_init(pkey_ctx) <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto gerr;
- }
- /*
- * If client certificate is present and is of the same type, maybe
- * use it for key exchange. Don't mind errors from
- * EVP_PKEY_derive_set_peer, because it is completely valid to use a
- * client certificate for authorization only.
- */
- client_pub_pkey = X509_get_pubkey(s->session->peer);
- if (client_pub_pkey) {
- if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
- ERR_clear_error();
- }
- /* Decrypt session key */
- if (ASN1_get_object
- ((const unsigned char **)&p, &Tlen, &Ttag, &Tclass,
- n) != V_ASN1_CONSTRUCTED || Ttag != V_ASN1_SEQUENCE
- || Tclass != V_ASN1_UNIVERSAL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DECRYPTION_FAILED);
- goto gerr;
- }
- start = p;
- inlen = Tlen;
- if (EVP_PKEY_decrypt
- (pkey_ctx, premaster_secret, &outlen, start, inlen) <= 0) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
- SSL_R_DECRYPTION_FAILED);
- goto gerr;
- }
- /* Generate master secret */
- s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->
- session->master_key,
- premaster_secret, 32);
- OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
- /* Check if pubkey from client certificate was used */
- if (EVP_PKEY_CTX_ctrl
- (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
- ret = 2;
- else
- ret = 1;
- gerr:
- EVP_PKEY_free(client_pub_pkey);
- EVP_PKEY_CTX_free(pkey_ctx);
- if (ret)
- return ret;
- else
- goto err;
- } else {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE);
- goto f_err;
- }
-
- return (1);
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
- err:
-#endif
-#ifndef OPENSSL_NO_ECDH
- EVP_PKEY_free(clnt_pub_pkey);
- EC_POINT_free(clnt_ecpoint);
- if (srvr_ecdh != NULL)
- EC_KEY_free(srvr_ecdh);
- BN_CTX_free(bn_ctx);
-#endif
- s->state = SSL_ST_ERR;
- return (-1);
-}
-
-int ssl3_get_cert_verify(SSL *s)
-{
- EVP_PKEY *pkey = NULL;
- unsigned char *p;
- int al, ok, ret = 0;
- long n;
- int type = 0, i, j;
- X509 *peer;
- const EVP_MD *md = NULL;
- EVP_MD_CTX mctx;
- EVP_MD_CTX_init(&mctx);
-
- /*
- * We should only process a CertificateVerify message if we have received
- * a Certificate from the client. If so then |s->session->peer| will be non
- * NULL. In some instances a CertificateVerify message is not required even
- * if the peer has sent a Certificate (e.g. such as in the case of static
- * DH). In that case the ClientKeyExchange processing will skip the
- * CertificateVerify state so we should not arrive here.
- */
- if (s->session->peer == NULL) {
- ret = 1;
- goto end;
- }
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_SR_CERT_VRFY_A,
- SSL3_ST_SR_CERT_VRFY_B,
- SSL3_MT_CERTIFICATE_VERIFY,
- SSL3_RT_MAX_PLAIN_LENGTH, &ok);
-
- if (!ok)
- return ((int)n);
-
- peer = s->session->peer;
- pkey = X509_get_pubkey(peer);
- type = X509_certificate_type(peer, pkey);
-
- if (!(type & EVP_PKT_SIGN)) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
- SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
- al = SSL_AD_ILLEGAL_PARAMETER;
- goto f_err;
- }
-
- /* we now have a signature that we need to verify */
- p = (unsigned char *)s->init_msg;
- /* Check for broken implementations of GOST ciphersuites */
- /*
- * If key is GOST and n is exactly 64, it is bare signature without
- * length field
- */
- if (n == 64 && (pkey->type == NID_id_GostR3410_94 ||
- pkey->type == NID_id_GostR3410_2001)) {
- i = 64;
- } else {
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- int sigalg = tls12_get_sigid(pkey);
- /* Should never happen */
- if (sigalg == -1) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- /* Check key type is consistent with signature */
- if (sigalg != (int)p[1]) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
- SSL_R_WRONG_SIGNATURE_TYPE);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
- md = tls12_get_hash(p[0]);
- if (md == NULL) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_UNKNOWN_DIGEST);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
-#ifdef SSL_DEBUG
- fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
-#endif
- p += 2;
- n -= 2;
- }
- n2s(p, i);
- n -= 2;
- if (i > n) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_LENGTH_MISMATCH);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
- }
- j = EVP_PKEY_size(pkey);
- if ((i > j) || (n > j) || (n <= 0)) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_WRONG_SIGNATURE_SIZE);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
- }
-
- if (TLS1_get_version(s) >= TLS1_2_VERSION) {
- long hdatalen = 0;
- void *hdata;
- hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
- if (hdatalen <= 0) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
-#ifdef SSL_DEBUG
- fprintf(stderr, "Using TLS 1.2 with client verify alg %s\n",
- EVP_MD_name(md));
-#endif
- if (!EVP_VerifyInit_ex(&mctx, md, NULL)
- || !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_EVP_LIB);
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
-
- if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- } else
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- i = RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
- MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, p, i,
- pkey->pkey.rsa);
- if (i < 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_DECRYPT);
- goto f_err;
- }
- if (i == 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_SIGNATURE);
- goto f_err;
- }
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- j = DSA_verify(pkey->save_type,
- &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH, p, i, pkey->pkey.dsa);
- if (j <= 0) {
- /* bad signature */
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_DSA_SIGNATURE);
- goto f_err;
- }
- } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC) {
- j = ECDSA_verify(pkey->save_type,
- &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH, p, i, pkey->pkey.ec);
- if (j <= 0) {
- /* bad signature */
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
- goto f_err;
- }
- } else
-#endif
- if (pkey->type == NID_id_GostR3410_94
- || pkey->type == NID_id_GostR3410_2001) {
- unsigned char signature[64];
- int idx;
- EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (pctx == NULL) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
- goto f_err;
- }
- if (EVP_PKEY_verify_init(pctx) <= 0) {
- EVP_PKEY_CTX_free(pctx);
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto f_err;
- }
- if (i != 64) {
- fprintf(stderr, "GOST signature length is %d", i);
- }
- for (idx = 0; idx < 64; idx++) {
- signature[63 - idx] = p[idx];
- }
- j = EVP_PKEY_verify(pctx, signature, 64, s->s3->tmp.cert_verify_md,
- 32);
- EVP_PKEY_CTX_free(pctx);
- if (j <= 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
- goto f_err;
- }
- } else {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
- al = SSL_AD_UNSUPPORTED_CERTIFICATE;
- goto f_err;
- }
-
- ret = 1;
- if (0) {
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- s->state = SSL_ST_ERR;
- }
- end:
- if (s->s3->handshake_buffer) {
- BIO_free(s->s3->handshake_buffer);
- s->s3->handshake_buffer = NULL;
- s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
- }
- EVP_MD_CTX_cleanup(&mctx);
- EVP_PKEY_free(pkey);
- return (ret);
-}
-
-int ssl3_get_client_certificate(SSL *s)
-{
- int i, ok, al, ret = -1;
- X509 *x = NULL;
- unsigned long l, nc, llen, n;
- const unsigned char *p, *q;
- unsigned char *d;
- STACK_OF(X509) *sk = NULL;
-
- n = s->method->ssl_get_message(s,
- SSL3_ST_SR_CERT_A,
- SSL3_ST_SR_CERT_B,
- -1, s->max_cert_list, &ok);
-
- if (!ok)
- return ((int)n);
-
- if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
- if ((s->verify_mode & SSL_VERIFY_PEER) &&
- (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
- al = SSL_AD_HANDSHAKE_FAILURE;
- goto f_err;
- }
- /*
- * If tls asked for a client cert, the client must return a 0 list
- */
- if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
- al = SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
- s->s3->tmp.reuse_message = 1;
- return (1);
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_WRONG_MESSAGE_TYPE);
- goto f_err;
- }
- p = d = (unsigned char *)s->init_msg;
-
- if ((sk = sk_X509_new_null()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- n2l3(p, llen);
- if (llen + 3 != n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- for (nc = 0; nc < llen;) {
- n2l3(p, l);
- if ((l + nc + 3) > llen) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
-
- q = p;
- x = d2i_X509(NULL, &p, l);
- if (x == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_ASN1_LIB);
- goto err;
- }
- if (p != (q + l)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
- if (!sk_X509_push(sk, x)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- x = NULL;
- nc += l + 3;
- }
-
- if (sk_X509_num(sk) <= 0) {
- /* TLS does not mind 0 certs returned */
- if (s->version == SSL3_VERSION) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_NO_CERTIFICATES_RETURNED);
- goto f_err;
- }
- /* Fail for TLS only if we required a certificate */
- else if ((s->verify_mode & SSL_VERIFY_PEER) &&
- (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
- al = SSL_AD_HANDSHAKE_FAILURE;
- goto f_err;
- }
- /* No client certificate so digest cached records */
- if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
- al = SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- } else {
- i = ssl_verify_cert_chain(s, sk);
- if (i <= 0) {
- al = ssl_verify_alarm_type(s->verify_result);
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
- SSL_R_NO_CERTIFICATE_RETURNED);
- goto f_err;
- }
- }
-
- if (s->session->peer != NULL) /* This should not be needed */
- X509_free(s->session->peer);
- s->session->peer = sk_X509_shift(sk);
- s->session->verify_result = s->verify_result;
-
- /*
- * With the current implementation, sess_cert will always be NULL when we
- * arrive here.
- */
- if (s->session->sess_cert == NULL) {
- s->session->sess_cert = ssl_sess_cert_new();
- if (s->session->sess_cert == NULL) {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- if (s->session->sess_cert->cert_chain != NULL)
- sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
- s->session->sess_cert->cert_chain = sk;
- /*
- * Inconsistency alert: cert_chain does *not* include the peer's own
- * certificate, while we do include it in s3_clnt.c
- */
-
- sk = NULL;
-
- ret = 1;
- if (0) {
- f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
- s->state = SSL_ST_ERR;
- }
-
- if (x != NULL)
- X509_free(x);
- if (sk != NULL)
- sk_X509_pop_free(sk, X509_free);
- return (ret);
-}
-
-int ssl3_send_server_certificate(SSL *s)
-{
- unsigned long l;
- X509 *x;
-
- if (s->state == SSL3_ST_SW_CERT_A) {
- x = ssl_get_server_send_cert(s);
- if (x == NULL) {
- /* VRS: allow null cert if auth == KRB5 */
- if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
- (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
- ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return (0);
- }
- }
-
- l = ssl3_output_cert_chain(s, x);
- if (!l) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
- s->state = SSL_ST_ERR;
- return (0);
- }
- s->state = SSL3_ST_SW_CERT_B;
- s->init_num = (int)l;
- s->init_off = 0;
- }
-
- /* SSL3_ST_SW_CERT_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-/* send a new session ticket (not necessarily for a new session) */
-int ssl3_send_newsession_ticket(SSL *s)
-{
- unsigned char *senc = NULL;
- EVP_CIPHER_CTX ctx;
- HMAC_CTX hctx;
-
- if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
- unsigned char *p, *macstart;
- const unsigned char *const_p;
- int len, slen_full, slen;
- SSL_SESSION *sess;
- unsigned int hlen;
- SSL_CTX *tctx = s->initial_ctx;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char key_name[16];
-
- /* get session encoding length */
- slen_full = i2d_SSL_SESSION(s->session, NULL);
- /*
- * Some length values are 16 bits, so forget it if session is too
- * long
- */
- if (slen_full == 0 || slen_full > 0xFF00) {
- s->state = SSL_ST_ERR;
- return -1;
- }
- senc = OPENSSL_malloc(slen_full);
- if (!senc) {
- s->state = SSL_ST_ERR;
- return -1;
- }
-
- EVP_CIPHER_CTX_init(&ctx);
- HMAC_CTX_init(&hctx);
-
- p = senc;
- if (!i2d_SSL_SESSION(s->session, &p))
- goto err;
-
- /*
- * create a fresh copy (not shared with other threads) to clean up
- */
- const_p = senc;
- sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
- if (sess == NULL)
- goto err;
- sess->session_id_length = 0; /* ID is irrelevant for the ticket */
-
- slen = i2d_SSL_SESSION(sess, NULL);
- if (slen == 0 || slen > slen_full) { /* shouldn't ever happen */
- SSL_SESSION_free(sess);
- goto err;
- }
- p = senc;
- if (!i2d_SSL_SESSION(sess, &p)) {
- SSL_SESSION_free(sess);
- goto err;
- }
- SSL_SESSION_free(sess);
-
- /*-
- * Grow buffer if need be: the length calculation is as
- * follows 1 (size of message name) + 3 (message length
- * bytes) + 4 (ticket lifetime hint) + 2 (ticket length) +
- * 16 (key name) + max_iv_len (iv length) +
- * session_length + max_enc_block_size (max encrypted session
- * length) + max_md_size (HMAC).
- */
- if (!BUF_MEM_grow(s->init_buf,
- 26 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
- EVP_MAX_MD_SIZE + slen))
- goto err;
-
- p = (unsigned char *)s->init_buf->data;
- /* do the header */
- *(p++) = SSL3_MT_NEWSESSION_TICKET;
- /* Skip message length for now */
- p += 3;
- /*
- * Initialize HMAC and cipher contexts. If callback present it does
- * all the work otherwise use generated values from parent ctx.
- */
- if (tctx->tlsext_ticket_key_cb) {
- if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
- &hctx, 1) < 0)
- goto err;
- } else {
- if (RAND_bytes(iv, 16) <= 0)
- goto err;
- if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
- tctx->tlsext_tick_aes_key, iv))
- goto err;
- if (!HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
- tlsext_tick_md(), NULL))
- goto err;
- memcpy(key_name, tctx->tlsext_tick_key_name, 16);
- }
-
- /*
- * Ticket lifetime hint (advisory only): We leave this unspecified
- * for resumed session (for simplicity), and guess that tickets for
- * new sessions will live as long as their sessions.
- */
- l2n(s->hit ? 0 : s->session->timeout, p);
-
- /* Skip ticket length for now */
- p += 2;
- /* Output key name */
- macstart = p;
- memcpy(p, key_name, 16);
- p += 16;
- /* output IV */
- memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
- p += EVP_CIPHER_CTX_iv_length(&ctx);
- /* Encrypt session data */
- if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen))
- goto err;
- p += len;
- if (!EVP_EncryptFinal(&ctx, p, &len))
- goto err;
- p += len;
-
- if (!HMAC_Update(&hctx, macstart, p - macstart))
- goto err;
- if (!HMAC_Final(&hctx, p, &hlen))
- goto err;
-
- EVP_CIPHER_CTX_cleanup(&ctx);
- HMAC_CTX_cleanup(&hctx);
-
- p += hlen;
- /* Now write out lengths: p points to end of data written */
- /* Total length */
- len = p - (unsigned char *)s->init_buf->data;
- p = (unsigned char *)s->init_buf->data + 1;
- l2n3(len - 4, p); /* Message length */
- p += 4;
- s2n(len - 10, p); /* Ticket length */
-
- /* number of bytes to write */
- s->init_num = len;
- s->state = SSL3_ST_SW_SESSION_TICKET_B;
- s->init_off = 0;
- OPENSSL_free(senc);
- }
-
- /* SSL3_ST_SW_SESSION_TICKET_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
- err:
- if (senc)
- OPENSSL_free(senc);
- EVP_CIPHER_CTX_cleanup(&ctx);
- HMAC_CTX_cleanup(&hctx);
- s->state = SSL_ST_ERR;
- return -1;
-}
-
-int ssl3_send_cert_status(SSL *s)
-{
- if (s->state == SSL3_ST_SW_CERT_STATUS_A) {
- unsigned char *p;
- /*-
- * Grow buffer if need be: the length calculation is as
- * follows 1 (message type) + 3 (message length) +
- * 1 (ocsp response type) + 3 (ocsp response length)
- * + (ocsp response)
- */
- if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) {
- s->state = SSL_ST_ERR;
- return -1;
- }
-
- p = (unsigned char *)s->init_buf->data;
-
- /* do the header */
- *(p++) = SSL3_MT_CERTIFICATE_STATUS;
- /* message length */
- l2n3(s->tlsext_ocsp_resplen + 4, p);
- /* status type */
- *(p++) = s->tlsext_status_type;
- /* length of OCSP response */
- l2n3(s->tlsext_ocsp_resplen, p);
- /* actual response */
- memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen);
- /* number of bytes to write */
- s->init_num = 8 + s->tlsext_ocsp_resplen;
- s->state = SSL3_ST_SW_CERT_STATUS_B;
- s->init_off = 0;
- }
-
- /* SSL3_ST_SW_CERT_STATUS_B */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * ssl3_get_next_proto reads a Next Protocol Negotiation handshake message.
- * It sets the next_proto member in s if found
- */
-int ssl3_get_next_proto(SSL *s)
-{
- int ok;
- int proto_len, padding_len;
- long n;
- const unsigned char *p;
-
- /*
- * Clients cannot send a NextProtocol message if we didn't see the
- * extension in their ClientHello
- */
- if (!s->s3->next_proto_neg_seen) {
- SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
- SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
- s->state = SSL_ST_ERR;
- return -1;
- }
-
- /* See the payload format below */
- n = s->method->ssl_get_message(s,
- SSL3_ST_SR_NEXT_PROTO_A,
- SSL3_ST_SR_NEXT_PROTO_B,
- SSL3_MT_NEXT_PROTO, 514, &ok);
-
- if (!ok)
- return ((int)n);
-
- /*
- * s->state doesn't reflect whether ChangeCipherSpec has been received in
- * this handshake, but s->s3->change_cipher_spec does (will be reset by
- * ssl3_get_finished).
- */
- if (!s->s3->change_cipher_spec) {
- SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
- s->state = SSL_ST_ERR;
- return -1;
- }
-
- if (n < 2) {
- s->state = SSL_ST_ERR;
- return 0; /* The body must be > 1 bytes long */
- }
-
- p = (unsigned char *)s->init_msg;
-
- /*-
- * The payload looks like:
- * uint8 proto_len;
- * uint8 proto[proto_len];
- * uint8 padding_len;
- * uint8 padding[padding_len];
- */
- proto_len = p[0];
- if (proto_len + 2 > s->init_num) {
- s->state = SSL_ST_ERR;
- return 0;
- }
- padding_len = p[proto_len + 1];
- if (proto_len + padding_len + 2 != s->init_num) {
- s->state = SSL_ST_ERR;
- return 0;
- }
-
- s->next_proto_negotiated = OPENSSL_malloc(proto_len);
- if (!s->next_proto_negotiated) {
- SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
- s->state = SSL_ST_ERR;
- return 0;
- }
- memcpy(s->next_proto_negotiated, p + 1, proto_len);
- s->next_proto_negotiated_len = proto_len;
-
- return 1;
-}
-# endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c (from rev 11605, vendor-crypto/openssl/dist/ssl/s3_srvr.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/s3_srvr.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,3652 @@
+/* ssl/s3_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#define REUSE_CIPHER_BUG
+#define NETSCAPE_HANG_BUG
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include "../crypto/constant_time_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_KRB5
+# include <openssl/krb5_asn.h>
+#endif
+#include <openssl/md5.h>
+
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_server_method(int ver);
+
+static const SSL_METHOD *ssl3_get_server_method(int ver)
+{
+ if (ver == SSL3_VERSION)
+ return (SSLv3_server_method());
+ else
+ return (NULL);
+}
+
+IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
+ ssl3_accept,
+ ssl_undefined_function, ssl3_get_server_method)
+#endif
+#ifndef OPENSSL_NO_SRP
+static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
+{
+ int ret = SSL_ERROR_NONE;
+
+ *al = SSL_AD_UNRECOGNIZED_NAME;
+
+ if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
+ (s->srp_ctx.TLS_ext_srp_username_callback != NULL)) {
+ if (s->srp_ctx.login == NULL) {
+ /*
+ * RFC 5054 says SHOULD reject, we do so if There is no srp
+ * login name
+ */
+ ret = SSL3_AL_FATAL;
+ *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+ } else {
+ ret = SSL_srp_server_param_with_username(s, al);
+ }
+ }
+ return ret;
+}
+#endif
+
+int ssl3_accept(SSL *s)
+{
+ BUF_MEM *buf;
+ unsigned long alg_k, Time = (unsigned long)time(NULL);
+ void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ int ret = -1;
+ int new_state, state, skip = 0;
+
+ RAND_add(&Time, sizeof(Time), 0);
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb = s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb = s->ctx->info_callback;
+
+ /* init things to blank */
+ s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s))
+ SSL_clear(s);
+
+ if (s->cert == NULL) {
+ SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
+ return (-1);
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
+ for (;;) {
+ state = s->state;
+
+ switch (s->state) {
+ case SSL_ST_RENEGOTIATE:
+ s->renegotiate = 1;
+ /* s->state=SSL_ST_ACCEPT; */
+
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+ case SSL_ST_OK | SSL_ST_ACCEPT:
+
+ s->server = 1;
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+ if ((s->version >> 8) != 3) {
+ SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ s->type = SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ BUF_MEM_free(buf);
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ s->init_buf = buf;
+ }
+
+ if (!ssl3_setup_buffers(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ s->init_num = 0;
+ s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
+
+ if (s->state != SSL_ST_RENEGOTIATE) {
+ /*
+ * Ok, we now need to push on a buffering BIO so that the
+ * output is sent in a way that TCP likes :-)
+ */
+ if (!ssl_init_wbio_buffer(s, 1)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ ssl3_init_finished_mac(s);
+ s->state = SSL3_ST_SR_CLNT_HELLO_A;
+ s->ctx->stats.sess_accept++;
+ } else if (!s->s3->send_connection_binding &&
+ !(s->options &
+ SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+ /*
+ * Server attempting to renegotiate with client that doesn't
+ * support secure renegotiation.
+ */
+ SSLerr(SSL_F_SSL3_ACCEPT,
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ } else {
+ /*
+ * s->state == SSL_ST_RENEGOTIATE, we will just send a
+ * HelloRequest
+ */
+ s->ctx->stats.sess_accept_renegotiate++;
+ s->state = SSL3_ST_SW_HELLO_REQ_A;
+ }
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_A:
+ case SSL3_ST_SW_HELLO_REQ_B:
+
+ s->shutdown = 0;
+ ret = ssl3_send_hello_request(s);
+ if (ret <= 0)
+ goto end;
+ s->s3->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C;
+ s->state = SSL3_ST_SW_FLUSH;
+ s->init_num = 0;
+
+ ssl3_init_finished_mac(s);
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_C:
+ s->state = SSL_ST_OK;
+ break;
+
+ case SSL3_ST_SR_CLNT_HELLO_A:
+ case SSL3_ST_SR_CLNT_HELLO_B:
+ case SSL3_ST_SR_CLNT_HELLO_C:
+
+ s->shutdown = 0;
+ if (s->rwstate != SSL_X509_LOOKUP) {
+ ret = ssl3_get_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ }
+#ifndef OPENSSL_NO_SRP
+ {
+ int al;
+ if ((ret = ssl_check_srp_ext_ClientHello(s, &al)) < 0) {
+ /*
+ * callback indicates firther work to be done
+ */
+ s->rwstate = SSL_X509_LOOKUP;
+ goto end;
+ }
+ if (ret != SSL_ERROR_NONE) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ /*
+ * This is not really an error but the only means to for
+ * a client to detect whether srp is supported.
+ */
+ if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
+ SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ }
+#endif
+
+ s->renegotiate = 2;
+ s->state = SSL3_ST_SW_SRVR_HELLO_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_SRVR_HELLO_A:
+ case SSL3_ST_SW_SRVR_HELLO_B:
+ ret = ssl3_send_server_hello(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->hit) {
+ if (s->tlsext_ticket_expected)
+ s->state = SSL3_ST_SW_SESSION_TICKET_A;
+ else
+ s->state = SSL3_ST_SW_CHANGE_A;
+ }
+#else
+ if (s->hit)
+ s->state = SSL3_ST_SW_CHANGE_A;
+#endif
+ else
+ s->state = SSL3_ST_SW_CERT_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_CERT_A:
+ case SSL3_ST_SW_CERT_B:
+ /* Check if it is anon DH or anon ECDH, */
+ /* normal PSK or KRB5 or SRP */
+ if (!
+ (s->s3->tmp.
+ new_cipher->algorithm_auth & (SSL_aNULL | SSL_aKRB5 |
+ SSL_aSRP))
+&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ ret = ssl3_send_server_certificate(s);
+ if (ret <= 0)
+ goto end;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_status_expected)
+ s->state = SSL3_ST_SW_CERT_STATUS_A;
+ else
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+ } else {
+ skip = 1;
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+ }
+#else
+ } else
+ skip = 1;
+
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+#endif
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_KEY_EXCH_A:
+ case SSL3_ST_SW_KEY_EXCH_B:
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+ /*
+ * clear this, it may get reset by
+ * send_server_key_exchange
+ */
+ s->s3->tmp.use_rsa_tmp = 0;
+
+ /*
+ * only send if a DH key exchange, fortezza or RSA but we have a
+ * sign only certificate PSK: may send PSK identity hints For
+ * ECC ciphersuites, we send a serverKeyExchange message only if
+ * the cipher suite is either ECDH-anon or ECDHE. In other cases,
+ * the server certificate contains the server's public key for
+ * key exchange.
+ */
+ if (0
+ /*
+ * PSK: send ServerKeyExchange if PSK identity hint if
+ * provided
+ */
+#ifndef OPENSSL_NO_PSK
+ || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+#ifndef OPENSSL_NO_SRP
+ /* SRP: send ServerKeyExchange */
+ || (alg_k & SSL_kSRP)
+#endif
+ || (alg_k & (SSL_kDHr | SSL_kDHd | SSL_kEDH))
+ || (alg_k & SSL_kEECDH)
+ || ((alg_k & SSL_kRSA)
+ && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
+ || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+ && EVP_PKEY_size(s->cert->pkeys
+ [SSL_PKEY_RSA_ENC].privatekey) *
+ 8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
+ )
+ )
+ )
+ ) {
+ ret = ssl3_send_server_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+ } else
+ skip = 1;
+
+ s->state = SSL3_ST_SW_CERT_REQ_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_CERT_REQ_A:
+ case SSL3_ST_SW_CERT_REQ_B:
+ if ( /* don't request cert unless asked for it: */
+ !(s->verify_mode & SSL_VERIFY_PEER) ||
+ /*
+ * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
+ * during re-negotiation:
+ */
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+ /*
+ * never request cert in anonymous ciphersuites (see
+ * section "Certificate request" in SSL 3 drafts and in
+ * RFC 2246):
+ */
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+ /*
+ * ... except when the application insists on
+ * verification (against the specs, but s3_clnt.c accepts
+ * this for SSL 3)
+ */
+ !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
+ /*
+ * never request cert in Kerberos ciphersuites
+ */
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||
+ /* don't request certificate for SRP auth */
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)
+ /*
+ * With normal PSK Certificates and Certificate Requests
+ * are omitted
+ */
+ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ /* no cert request */
+ skip = 1;
+ s->s3->tmp.cert_request = 0;
+ s->state = SSL3_ST_SW_SRVR_DONE_A;
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ }
+ } else {
+ s->s3->tmp.cert_request = 1;
+ ret = ssl3_send_certificate_request(s);
+ if (ret <= 0)
+ goto end;
+#ifndef NETSCAPE_HANG_BUG
+ s->state = SSL3_ST_SW_SRVR_DONE_A;
+#else
+ s->state = SSL3_ST_SW_FLUSH;
+ s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+#endif
+ s->init_num = 0;
+ }
+ break;
+
+ case SSL3_ST_SW_SRVR_DONE_A:
+ case SSL3_ST_SW_SRVR_DONE_B:
+ ret = ssl3_send_server_done(s);
+ if (ret <= 0)
+ goto end;
+ s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+ s->state = SSL3_ST_SW_FLUSH;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_FLUSH:
+
+ /*
+ * This code originally checked to see if any data was pending
+ * using BIO_CTRL_INFO and then flushed. This caused problems as
+ * documented in PR#1939. The proposed fix doesn't completely
+ * resolve this issue as buggy implementations of
+ * BIO_CTRL_PENDING still exist. So instead we just flush
+ * unconditionally.
+ */
+
+ s->rwstate = SSL_WRITING;
+ if (BIO_flush(s->wbio) <= 0) {
+ ret = -1;
+ goto end;
+ }
+ s->rwstate = SSL_NOTHING;
+
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case SSL3_ST_SR_CERT_A:
+ case SSL3_ST_SR_CERT_B:
+ /* Check for second client hello (MS SGC) */
+ ret = ssl3_check_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ if (ret == 2)
+ s->state = SSL3_ST_SR_CLNT_HELLO_C;
+ else {
+ if (s->s3->tmp.cert_request) {
+ ret = ssl3_get_client_certificate(s);
+ if (ret <= 0)
+ goto end;
+ }
+ s->init_num = 0;
+ s->state = SSL3_ST_SR_KEY_EXCH_A;
+ }
+ break;
+
+ case SSL3_ST_SR_KEY_EXCH_A:
+ case SSL3_ST_SR_KEY_EXCH_B:
+ ret = ssl3_get_client_key_exchange(s);
+ if (ret <= 0)
+ goto end;
+ if (ret == 2) {
+ /*
+ * For the ECDH ciphersuites when the client sends its ECDH
+ * pub key in a certificate, the CertificateVerify message is
+ * not sent. Also for GOST ciphersuites when the client uses
+ * its key from the certificate for key exchange.
+ */
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+ s->state = SSL3_ST_SR_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen)
+ s->state = SSL3_ST_SR_NEXT_PROTO_A;
+ else
+ s->state = SSL3_ST_SR_FINISHED_A;
+#endif
+ s->init_num = 0;
+ } else if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ s->state = SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num = 0;
+ if (!s->session->peer)
+ break;
+ /*
+ * For TLS v1.2 freeze the handshake buffer at this point and
+ * digest cached records.
+ */
+ if (!s->s3->handshake_buffer) {
+ SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ } else {
+ int offset = 0;
+ int dgst_num;
+
+ s->state = SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num = 0;
+
+ /*
+ * We need to get hashes here so if there is a client cert,
+ * it can be verified FIXME - digest processing for
+ * CertificateVerify should be generalized. But it is next
+ * step
+ */
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ }
+ for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
+ if (s->s3->handshake_dgst[dgst_num]) {
+ int dgst_size;
+
+ s->method->ssl3_enc->cert_verify_mac(s,
+ EVP_MD_CTX_type
+ (s->
+ s3->handshake_dgst
+ [dgst_num]),
+ &(s->s3->
+ tmp.cert_verify_md
+ [offset]));
+ dgst_size =
+ EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
+ if (dgst_size < 0) {
+ s->state = SSL_ST_ERR;
+ ret = -1;
+ goto end;
+ }
+ offset += dgst_size;
+ }
+ }
+ break;
+
+ case SSL3_ST_SR_CERT_VRFY_A:
+ case SSL3_ST_SR_CERT_VRFY_B:
+ ret = ssl3_get_cert_verify(s);
+ if (ret <= 0)
+ goto end;
+
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+ s->state = SSL3_ST_SR_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen)
+ s->state = SSL3_ST_SR_NEXT_PROTO_A;
+ else
+ s->state = SSL3_ST_SR_FINISHED_A;
+#endif
+ s->init_num = 0;
+ break;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ case SSL3_ST_SR_NEXT_PROTO_A:
+ case SSL3_ST_SR_NEXT_PROTO_B:
+ /*
+ * Enable CCS for NPN. Receiving a CCS clears the flag, so make
+ * sure not to re-enable it to ban duplicates. This *should* be the
+ * first time we have received one - but we check anyway to be
+ * cautious.
+ * s->s3->change_cipher_spec is set when a CCS is
+ * processed in s3_pkt.c, and remains set until
+ * the client's Finished message is read.
+ */
+ if (!s->s3->change_cipher_spec)
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
+
+ ret = ssl3_get_next_proto(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL3_ST_SR_FINISHED_A;
+ break;
+#endif
+
+ case SSL3_ST_SR_FINISHED_A:
+ case SSL3_ST_SR_FINISHED_B:
+ /*
+ * Enable CCS for handshakes without NPN. In NPN the CCS flag has
+ * already been set. Receiving a CCS clears the flag, so make
+ * sure not to re-enable it to ban duplicates.
+ * s->s3->change_cipher_spec is set when a CCS is
+ * processed in s3_pkt.c, and remains set until
+ * the client's Finished message is read.
+ */
+ if (!s->s3->change_cipher_spec)
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
+ ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
+ SSL3_ST_SR_FINISHED_B);
+ if (ret <= 0)
+ goto end;
+ if (s->hit)
+ s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_TLSEXT
+ else if (s->tlsext_ticket_expected)
+ s->state = SSL3_ST_SW_SESSION_TICKET_A;
+#endif
+ else
+ s->state = SSL3_ST_SW_CHANGE_A;
+ s->init_num = 0;
+ break;
+
+#ifndef OPENSSL_NO_TLSEXT
+ case SSL3_ST_SW_SESSION_TICKET_A:
+ case SSL3_ST_SW_SESSION_TICKET_B:
+ ret = ssl3_send_newsession_ticket(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_CHANGE_A;
+ s->init_num = 0;
+ break;
+
+ case SSL3_ST_SW_CERT_STATUS_A:
+ case SSL3_ST_SW_CERT_STATUS_B:
+ ret = ssl3_send_cert_status(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_KEY_EXCH_A;
+ s->init_num = 0;
+ break;
+
+#endif
+
+ case SSL3_ST_SW_CHANGE_A:
+ case SSL3_ST_SW_CHANGE_B:
+
+ s->session->cipher = s->s3->tmp.new_cipher;
+ if (!s->method->ssl3_enc->setup_key_block(s)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ ret = ssl3_send_change_cipher_spec(s,
+ SSL3_ST_SW_CHANGE_A,
+ SSL3_ST_SW_CHANGE_B);
+
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_FINISHED_A;
+ s->init_num = 0;
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_SERVER_WRITE))
+ {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+
+ break;
+
+ case SSL3_ST_SW_FINISHED_A:
+ case SSL3_ST_SW_FINISHED_B:
+ ret = ssl3_send_finished(s,
+ SSL3_ST_SW_FINISHED_A,
+ SSL3_ST_SW_FINISHED_B,
+ s->method->
+ ssl3_enc->server_finished_label,
+ s->method->
+ ssl3_enc->server_finished_label_len);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_SW_FLUSH;
+ if (s->hit) {
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+ s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen) {
+ s->s3->tmp.next_state = SSL3_ST_SR_NEXT_PROTO_A;
+ } else
+ s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+#endif
+ } else
+ s->s3->tmp.next_state = SSL_ST_OK;
+ s->init_num = 0;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
+
+ /* remove buffering on output */
+ ssl_free_wbio_buffer(s);
+
+ s->init_num = 0;
+
+ if (s->renegotiate == 2) { /* skipped if we just sent a
+ * HelloRequest */
+ s->renegotiate = 0;
+ s->new_session = 0;
+
+ ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
+ s->ctx->stats.sess_accept_good++;
+ /* s->server=1; */
+ s->handshake_func = ssl3_accept;
+
+ if (cb != NULL)
+ cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+ }
+
+ ret = 1;
+ goto end;
+ /* break; */
+
+ case SSL_ST_ERR:
+ default:
+ SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
+ ret = -1;
+ goto end;
+ /* break; */
+ }
+
+ if (!s->s3->tmp.reuse_message && !skip) {
+ if (s->debug) {
+ if ((ret = BIO_flush(s->wbio)) <= 0)
+ goto end;
+ }
+
+ if ((cb != NULL) && (s->state != state)) {
+ new_state = s->state;
+ s->state = state;
+ cb(s, SSL_CB_ACCEPT_LOOP, 1);
+ s->state = new_state;
+ }
+ }
+ skip = 0;
+ }
+ end:
+ /* BIO_flush(s->wbio); */
+
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s, SSL_CB_ACCEPT_EXIT, ret);
+ return (ret);
+}
+
+int ssl3_send_hello_request(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
+ p = (unsigned char *)s->init_buf->data;
+ *(p++) = SSL3_MT_HELLO_REQUEST;
+ *(p++) = 0;
+ *(p++) = 0;
+ *(p++) = 0;
+
+ s->state = SSL3_ST_SW_HELLO_REQ_B;
+ /* number of bytes to write */
+ s->init_num = 4;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_SW_HELLO_REQ_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int ssl3_check_client_hello(SSL *s)
+{
+ int ok;
+ long n;
+
+ /*
+ * this function is called when we really expect a Certificate message,
+ * so permit appropriate message length
+ */
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_CERT_A,
+ SSL3_ST_SR_CERT_B,
+ -1, s->max_cert_list, &ok);
+ if (!ok)
+ return ((int)n);
+ s->s3->tmp.reuse_message = 1;
+ if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) {
+ /*
+ * We only allow the client to restart the handshake once per
+ * negotiation.
+ */
+ if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE) {
+ SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO,
+ SSL_R_MULTIPLE_SGC_RESTARTS);
+ return -1;
+ }
+ /*
+ * Throw away what we have done so far in the current handshake,
+ * which will now be aborted. (A full SSL_clear would be too much.)
+ */
+#ifndef OPENSSL_NO_DH
+ if (s->s3->tmp.dh != NULL) {
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh = NULL;
+ }
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (s->s3->tmp.ecdh != NULL) {
+ EC_KEY_free(s->s3->tmp.ecdh);
+ s->s3->tmp.ecdh = NULL;
+ }
+#endif
+ s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
+ return 2;
+ }
+ return 1;
+}
+
+int ssl3_get_client_hello(SSL *s)
+{
+ int i, j, ok, al, ret = -1, cookie_valid = 0;
+ unsigned int cookie_len;
+ long n;
+ unsigned long id;
+ unsigned char *p, *d, *q;
+ SSL_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
+ SSL_COMP *comp = NULL;
+#endif
+ STACK_OF(SSL_CIPHER) *ciphers = NULL;
+
+ /*
+ * We do this so that we will respond with our native type. If we are
+ * TLSv1 and we get SSLv3, we will respond with TLSv1, This down
+ * switching should be handled by a different method. If we are SSLv3, we
+ * will respond with SSLv3, even if prompted with TLSv1.
+ */
+ if (s->state == SSL3_ST_SR_CLNT_HELLO_A) {
+ s->state = SSL3_ST_SR_CLNT_HELLO_B;
+ }
+ s->first_packet = 1;
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_CLNT_HELLO_B,
+ SSL3_ST_SR_CLNT_HELLO_C,
+ SSL3_MT_CLIENT_HELLO,
+ SSL3_RT_MAX_PLAIN_LENGTH, &ok);
+
+ if (!ok)
+ return ((int)n);
+ s->first_packet = 0;
+ d = p = (unsigned char *)s->init_msg;
+
+ /*
+ * 2 bytes for client version, SSL3_RANDOM_SIZE bytes for random, 1 byte
+ * for session id length
+ */
+ if (n < 2 + SSL3_RANDOM_SIZE + 1) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ /*
+ * use version from inside client hello, not from record header (may
+ * differ: see RFC 2246, Appendix E, second paragraph)
+ */
+ s->client_version = (((int)p[0]) << 8) | (int)p[1];
+ p += 2;
+
+ if ((s->version == DTLS1_VERSION && s->client_version > s->version) ||
+ (s->version != DTLS1_VERSION && s->client_version < s->version)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
+ if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
+ !s->enc_write_ctx && !s->write_hash) {
+ /*
+ * similar to ssl3_get_record, send alert using remote version
+ * number
+ */
+ s->version = s->client_version;
+ }
+ al = SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+
+ /*
+ * If we require cookies and this ClientHello doesn't contain one, just
+ * return since we do not want to allocate any memory yet. So check
+ * cookie length...
+ */
+ if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
+ unsigned int session_length, cookie_length;
+
+ session_length = *(p + SSL3_RANDOM_SIZE);
+
+ if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
+
+ if (cookie_length == 0)
+ return 1;
+ }
+
+ /* load the client random */
+ memcpy(s->s3->client_random, p, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ /* get the session-id */
+ j = *(p++);
+
+ if ((d + n) - p < j) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ if ((j < 0) || (j > SSL_MAX_SSL_SESSION_ID_LENGTH)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ s->hit = 0;
+ /*
+ * Versions before 0.9.7 always allow clients to resume sessions in
+ * renegotiation. 0.9.7 and later allow this by default, but optionally
+ * ignore resumption requests with flag
+ * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag rather
+ * than a change to default behavior so that applications relying on this
+ * for security won't even compile against older library versions).
+ * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() to
+ * request renegotiation but not a new session (s->new_session remains
+ * unset): for servers, this essentially just means that the
+ * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be ignored.
+ */
+ if ((s->new_session
+ && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
+ if (!ssl_get_new_session(s, 1))
+ goto err;
+ } else {
+ i = ssl_get_prev_session(s, p, j, d + n);
+ /*
+ * Only resume if the session's version matches the negotiated
+ * version.
+ * RFC 5246 does not provide much useful advice on resumption
+ * with a different protocol version. It doesn't forbid it but
+ * the sanity of such behaviour would be questionable.
+ * In practice, clients do not accept a version mismatch and
+ * will abort the handshake with an error.
+ */
+ if (i == 1 && s->version == s->session->ssl_version) { /* previous
+ * session */
+ s->hit = 1;
+ } else if (i == -1)
+ goto err;
+ else { /* i == 0 */
+
+ if (!ssl_get_new_session(s, 1))
+ goto err;
+ }
+ }
+
+ p += j;
+
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+ /* cookie stuff */
+ if ((d + n) - p < 1) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ cookie_len = *(p++);
+
+ if ((d + n ) - p < cookie_len) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ /*
+ * The ClientHello may contain a cookie even if the
+ * HelloVerify message has not been sent--make sure that it
+ * does not cause an overflow.
+ */
+ if (cookie_len > sizeof(s->d1->rcvd_cookie)) {
+ /* too much data */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+
+ /* verify the cookie if appropriate option is set. */
+ if ((SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) && cookie_len > 0) {
+ memcpy(s->d1->rcvd_cookie, p, cookie_len);
+
+ if (s->ctx->app_verify_cookie_cb != NULL) {
+ if (s->ctx->app_verify_cookie_cb(s, s->d1->rcvd_cookie,
+ cookie_len) == 0) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+ /* else cookie verification succeeded */
+ }
+ /* default verification */
+ else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,
+ s->d1->cookie_len) != 0) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+ cookie_valid = 1;
+ }
+
+ p += cookie_len;
+ }
+
+ if ((d + n ) - p < 2) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ if (i == 0) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_SPECIFIED);
+ goto f_err;
+ }
+
+ /* i bytes of cipher data + 1 byte for compression length later */
+ if ((d + n) - p < i + 1) {
+ /* not enough data */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (ssl_bytes_to_cipher_list(s, p, i, &(ciphers)) == NULL) {
+ goto err;
+ }
+ p += i;
+
+ /* If it is a hit, check that the cipher is in the list */
+ if (s->hit) {
+ j = 0;
+ id = s->session->cipher->id;
+
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "client sent %d ciphers\n",
+ sk_SSL_CIPHER_num(ciphers));
+#endif
+ for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+ c = sk_SSL_CIPHER_value(ciphers, i);
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "client [%2d of %2d]:%s\n",
+ i, sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c));
+#endif
+ if (c->id == id) {
+ j = 1;
+ break;
+ }
+ }
+ /*
+ * Disabled because it can be used in a ciphersuite downgrade attack:
+ * CVE-2010-4180.
+ */
+#if 0
+ if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
+ && (sk_SSL_CIPHER_num(ciphers) == 1)) {
+ /*
+ * Special case as client bug workaround: the previously used
+ * cipher may not be in the current list, the client instead
+ * might be trying to continue using a cipher that before wasn't
+ * chosen due to server preferences. We'll have to reject the
+ * connection if the cipher is not enabled, though.
+ */
+ c = sk_SSL_CIPHER_value(ciphers, 0);
+ if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0) {
+ s->session->cipher = c;
+ j = 1;
+ }
+ }
+#endif
+ if (j == 0) {
+ /*
+ * we need to have the cipher in the cipher list if we are asked
+ * to reuse it
+ */
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_REQUIRED_CIPHER_MISSING);
+ goto f_err;
+ }
+ }
+
+ /* compression */
+ i = *(p++);
+ if ((d + n) - p < i) {
+ /* not enough data */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ q = p;
+ for (j = 0; j < i; j++) {
+ if (p[j] == 0)
+ break;
+ }
+
+ p += i;
+ if (j >= i) {
+ /* no compress */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_COMPRESSION_SPECIFIED);
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (s->version >= SSL3_VERSION) {
+ if (!ssl_parse_clienthello_tlsext(s, &p, d + n, &al)) {
+ /* 'al' set by ssl_parse_clienthello_tlsext */
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT);
+ goto f_err;
+ }
+ }
+ if (ssl_check_clienthello_tlsext_early(s) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
+
+ /*
+ * Check if we want to use external pre-shared secret for this handshake
+ * for not reused session only. We need to generate server_random before
+ * calling tls_session_secret_cb in order to allow SessionTicket
+ * processing to use it in key derivation.
+ */
+ {
+ unsigned char *pos;
+ pos = s->s3->server_random;
+ if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+
+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
+ SSL_CIPHER *pref_cipher = NULL;
+
+ s->session->master_key_length = sizeof(s->session->master_key);
+ if (s->tls_session_secret_cb(s, s->session->master_key,
+ &s->session->master_key_length, ciphers,
+ &pref_cipher,
+ s->tls_session_secret_cb_arg)) {
+ s->hit = 1;
+ s->session->ciphers = ciphers;
+ s->session->verify_result = X509_V_OK;
+
+ ciphers = NULL;
+
+ /* check if some cipher was preferred by call back */
+ pref_cipher =
+ pref_cipher ? pref_cipher : ssl3_choose_cipher(s,
+ s->
+ session->ciphers,
+ SSL_get_ciphers
+ (s));
+ if (pref_cipher == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
+ goto f_err;
+ }
+
+ s->session->cipher = pref_cipher;
+
+ if (s->cipher_list)
+ sk_SSL_CIPHER_free(s->cipher_list);
+
+ if (s->cipher_list_by_id)
+ sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
+ }
+ }
+#endif
+
+ /*
+ * Worst case, we will use the NULL compression, but if we have other
+ * options, we will now look for them. We have i-1 compression
+ * algorithms from the client, starting at q.
+ */
+ s->s3->tmp.new_compression = NULL;
+#ifndef OPENSSL_NO_COMP
+ /* This only happens if we have a cache hit */
+ if (s->session->compress_meth != 0) {
+ int m, comp_id = s->session->compress_meth;
+ /* Perform sanity checks on resumed compression algorithm */
+ /* Can't disable compression */
+ if (s->options & SSL_OP_NO_COMPRESSION) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_INCONSISTENT_COMPRESSION);
+ goto f_err;
+ }
+ /* Look for resumed compression method */
+ for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
+ if (comp_id == comp->id) {
+ s->s3->tmp.new_compression = comp;
+ break;
+ }
+ }
+ if (s->s3->tmp.new_compression == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_INVALID_COMPRESSION_ALGORITHM);
+ goto f_err;
+ }
+ /* Look for resumed method in compression list */
+ for (m = 0; m < i; m++) {
+ if (q[m] == comp_id)
+ break;
+ }
+ if (m >= i) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
+ goto f_err;
+ }
+ } else if (s->hit)
+ comp = NULL;
+ else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods) {
+ /* See if we have a match */
+ int m, nn, o, v, done = 0;
+
+ nn = sk_SSL_COMP_num(s->ctx->comp_methods);
+ for (m = 0; m < nn; m++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
+ v = comp->id;
+ for (o = 0; o < i; o++) {
+ if (v == q[o]) {
+ done = 1;
+ break;
+ }
+ }
+ if (done)
+ break;
+ }
+ if (done)
+ s->s3->tmp.new_compression = comp;
+ else
+ comp = NULL;
+ }
+#else
+ /*
+ * If compression is disabled we'd better not try to resume a session
+ * using compression.
+ */
+ if (s->session->compress_meth != 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+ goto f_err;
+ }
+#endif
+
+ /*
+ * Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher
+ */
+
+ if (!s->hit) {
+#ifdef OPENSSL_NO_COMP
+ s->session->compress_meth = 0;
+#else
+ s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
+#endif
+ if (s->session->ciphers != NULL)
+ sk_SSL_CIPHER_free(s->session->ciphers);
+ s->session->ciphers = ciphers;
+ if (ciphers == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ ciphers = NULL;
+ c = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
+
+ if (c == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
+ goto f_err;
+ }
+ s->s3->tmp.new_cipher = c;
+ } else {
+ /* Session-id reuse */
+#ifdef REUSE_CIPHER_BUG
+ STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *nc = NULL;
+ SSL_CIPHER *ec = NULL;
+
+ if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) {
+ sk = s->session->ciphers;
+ for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+ c = sk_SSL_CIPHER_value(sk, i);
+ if (c->algorithm_enc & SSL_eNULL)
+ nc = c;
+ if (SSL_C_IS_EXPORT(c))
+ ec = c;
+ }
+ if (nc != NULL)
+ s->s3->tmp.new_cipher = nc;
+ else if (ec != NULL)
+ s->s3->tmp.new_cipher = ec;
+ else
+ s->s3->tmp.new_cipher = s->session->cipher;
+ } else
+#endif
+ s->s3->tmp.new_cipher = s->session->cipher;
+ }
+
+ if (TLS1_get_version(s) < TLS1_2_VERSION
+ || !(s->verify_mode & SSL_VERIFY_PEER)) {
+ if (!ssl3_digest_cached_records(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+
+ /*-
+ * we now have the following setup.
+ * client_random
+ * cipher_list - our prefered list of ciphers
+ * ciphers - the clients prefered list of ciphers
+ * compression - basically ignored right now
+ * ssl version is set - sslv3
+ * s->session - The ssl session has been setup.
+ * s->hit - session reuse flag
+ * s->tmp.new_cipher - the new cipher to use.
+ */
+
+ /* Handles TLS extensions that we couldn't check earlier */
+ if (s->version >= SSL3_VERSION) {
+ if (ssl_check_clienthello_tlsext_late(s) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
+ }
+
+ ret = cookie_valid ? 2 : 1;
+ if (0) {
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
+ }
+
+ if (ciphers != NULL)
+ sk_SSL_CIPHER_free(ciphers);
+ return ret;
+}
+
+int ssl3_send_server_hello(SSL *s)
+{
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int i, sl;
+ unsigned long l;
+
+ if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
+ buf = (unsigned char *)s->init_buf->data;
+#ifdef OPENSSL_NO_TLSEXT
+ p = s->s3->server_random;
+ if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+#endif
+ /* Do the message type and length last */
+ d = p = &(buf[4]);
+
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xff;
+
+ /* Random stuff */
+ memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
+
+ /*-
+ * There are several cases for the session ID to send
+ * back in the server hello:
+ * - For session reuse from the session cache,
+ * we send back the old session ID.
+ * - If stateless session reuse (using a session ticket)
+ * is successful, we send back the client's "session ID"
+ * (which doesn't actually identify the session).
+ * - If it is a new session, we send back the new
+ * session ID.
+ * - However, if we want the new session to be single-use,
+ * we send back a 0-length session ID.
+ * s->hit is non-zero in either case of session reuse,
+ * so the following won't overwrite an ID that we're supposed
+ * to send back.
+ */
+ if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
+ && !s->hit)
+ s->session->session_id_length = 0;
+
+ sl = s->session->session_id_length;
+ if (sl > (int)sizeof(s->session->session_id)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ *(p++) = sl;
+ memcpy(p, s->session->session_id, sl);
+ p += sl;
+
+ /* put the cipher */
+ i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+ p += i;
+
+ /* put the compression method */
+#ifdef OPENSSL_NO_COMP
+ *(p++) = 0;
+#else
+ if (s->s3->tmp.new_compression == NULL)
+ *(p++) = 0;
+ else
+ *(p++) = s->s3->tmp.new_compression->id;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+ if (ssl_prepare_serverhello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ if ((p =
+ ssl_add_serverhello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+#endif
+ /* do the header */
+ l = (p - d);
+ d = buf;
+ *(d++) = SSL3_MT_SERVER_HELLO;
+ l2n3(l, d);
+
+ s->state = SSL3_ST_SW_SRVR_HELLO_B;
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_SW_SRVR_HELLO_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int ssl3_send_server_done(SSL *s)
+{
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
+ p = (unsigned char *)s->init_buf->data;
+
+ /* do the header */
+ *(p++) = SSL3_MT_SERVER_DONE;
+ *(p++) = 0;
+ *(p++) = 0;
+ *(p++) = 0;
+
+ s->state = SSL3_ST_SW_SRVR_DONE_B;
+ /* number of bytes to write */
+ s->init_num = 4;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_SW_SRVR_DONE_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+int ssl3_send_server_key_exchange(SSL *s)
+{
+#ifndef OPENSSL_NO_RSA
+ unsigned char *q;
+ int j, num;
+ RSA *rsa;
+ unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+ unsigned int u;
+#endif
+#ifndef OPENSSL_NO_DH
+ DH *dh = NULL, *dhp;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh = NULL, *ecdhp;
+ unsigned char *encodedPoint = NULL;
+ int encodedlen = 0;
+ int curve_id = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
+ EVP_PKEY *pkey;
+ const EVP_MD *md = NULL;
+ unsigned char *p, *d;
+ int al, i;
+ unsigned long type;
+ int n;
+ CERT *cert;
+ BIGNUM *r[4];
+ int nr[4], kn;
+ BUF_MEM *buf;
+ EVP_MD_CTX md_ctx;
+
+ EVP_MD_CTX_init(&md_ctx);
+ if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
+ type = s->s3->tmp.new_cipher->algorithm_mkey;
+ cert = s->cert;
+
+ buf = s->init_buf;
+
+ r[0] = r[1] = r[2] = r[3] = NULL;
+ n = 0;
+#ifndef OPENSSL_NO_RSA
+ if (type & SSL_kRSA) {
+ rsa = cert->rsa_tmp;
+ if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
+ rsa = s->cert->rsa_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->
+ tmp.new_cipher));
+ if (rsa == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+ goto f_err;
+ }
+ RSA_up_ref(rsa);
+ cert->rsa_tmp = rsa;
+ }
+ if (rsa == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_RSA_KEY);
+ goto f_err;
+ }
+ r[0] = rsa->n;
+ r[1] = rsa->e;
+ s->s3->tmp.use_rsa_tmp = 1;
+ } else
+#endif
+#ifndef OPENSSL_NO_DH
+ if (type & SSL_kEDH) {
+ dhp = cert->dh_tmp;
+ if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
+ dhp = s->cert->dh_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->
+ tmp.new_cipher));
+ if (dhp == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ }
+
+ if (s->s3->tmp.dh != NULL) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if ((dh = DHparams_dup(dhp)) == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.dh = dh;
+ if (!DH_generate_key(dh)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
+ goto err;
+ }
+ r[0] = dh->p;
+ r[1] = dh->g;
+ r[2] = dh->pub_key;
+ } else
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kEECDH) {
+ const EC_GROUP *group;
+
+ ecdhp = cert->ecdh_tmp;
+ if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
+ ecdhp = s->cert->ecdh_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->
+ s3->tmp.new_cipher));
+ }
+ if (ecdhp == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_ECDH_KEY);
+ goto f_err;
+ }
+
+ if (s->s3->tmp.ecdh != NULL) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* Duplicate the ECDH structure. */
+ if (ecdhp == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.ecdh = ecdh;
+ if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL) ||
+ (s->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+ (EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ (EC_GROUP_get_degree(group) > 163)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+ goto err;
+ }
+
+ /*
+ * XXX: For now, we only support ephemeral ECDH keys over named
+ * (not generic) curves. For supported named curves, curve_id is
+ * non-zero.
+ */
+ if ((curve_id =
+ tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
+ == 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
+ goto err;
+ }
+
+ /*
+ * Encode the public key. First check the size of encoding and
+ * allocate memory accordingly.
+ */
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encodedlen * sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encodedlen, bn_ctx);
+
+ if (encodedlen == 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ BN_CTX_free(bn_ctx);
+ bn_ctx = NULL;
+
+ /*
+ * XXX: For now, we only support named (not generic) curves in
+ * ECDH ephemeral key exchanges. In this situation, we need four
+ * additional bytes to encode the entire ServerECDHParams
+ * structure.
+ */
+ n = 4 + encodedlen;
+
+ /*
+ * We'll generate the serverKeyExchange message explicitly so we
+ * can set these to NULLs
+ */
+ r[0] = NULL;
+ r[1] = NULL;
+ r[2] = NULL;
+ r[3] = NULL;
+ } else
+#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /*
+ * reserve size for record length and PSK identity hint
+ */
+ n += 2 + strlen(s->ctx->psk_identity_hint);
+ } else
+#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (type & SSL_kSRP) {
+ if ((s->srp_ctx.N == NULL) ||
+ (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) || (s->srp_ctx.B == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_SRP_PARAM);
+ goto err;
+ }
+ r[0] = s->srp_ctx.N;
+ r[1] = s->srp_ctx.g;
+ r[2] = s->srp_ctx.s;
+ r[3] = s->srp_ctx.B;
+ } else
+#endif
+ {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ for (i = 0; i < 4 && r[i] != NULL; i++) {
+ nr[i] = BN_num_bytes(r[i]);
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP))
+ n += 1 + nr[i];
+ else
+#endif
+ n += 2 + nr[i];
+ }
+
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, &md))
+ == NULL) {
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ kn = EVP_PKEY_size(pkey);
+ } else {
+ pkey = NULL;
+ kn = 0;
+ }
+
+ if (!BUF_MEM_grow_clean(buf, n + 4 + kn)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_BUF);
+ goto err;
+ }
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[4]);
+
+ for (i = 0; i < 4 && r[i] != NULL; i++) {
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP)) {
+ *p = nr[i];
+ p++;
+ } else
+#endif
+ s2n(nr[i], p);
+ BN_bn2bin(r[i], p);
+ p += nr[i];
+ }
+
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kEECDH) {
+ /*
+ * XXX: For now, we only support named (not generic) curves. In
+ * this situation, the serverKeyExchange message has: [1 byte
+ * CurveType], [2 byte CurveName] [1 byte length of encoded
+ * point], followed by the actual encoded point itself
+ */
+ *p = NAMED_CURVE_TYPE;
+ p += 1;
+ *p = 0;
+ p += 1;
+ *p = curve_id;
+ p += 1;
+ *p = encodedlen;
+ p += 1;
+ memcpy((unsigned char *)p,
+ (unsigned char *)encodedPoint, encodedlen);
+ OPENSSL_free(encodedPoint);
+ encodedPoint = NULL;
+ p += encodedlen;
+ }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /* copy PSK identity hint */
+ s2n(strlen(s->ctx->psk_identity_hint), p);
+ strncpy((char *)p, s->ctx->psk_identity_hint,
+ strlen(s->ctx->psk_identity_hint));
+ p += strlen(s->ctx->psk_identity_hint);
+ }
+#endif
+
+ /* not anonymous */
+ if (pkey != NULL) {
+ /*
+ * n is the length of the params, they start at &(d[4]) and p
+ * points to the space at the end.
+ */
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA
+ && TLS1_get_version(s) < TLS1_2_VERSION) {
+ q = md_buf;
+ j = 0;
+ for (num = 2; num > 0; num--) {
+ EVP_MD_CTX_set_flags(&md_ctx,
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ if (EVP_DigestInit_ex(&md_ctx,
+ (num == 2) ? s->ctx->md5
+ : s->ctx->sha1,
+ NULL) <= 0
+ || EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestUpdate(&md_ctx, &(d[4]), n) <= 0
+ || EVP_DigestFinal_ex(&md_ctx, q,
+ (unsigned int *)&i) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_LIB_EVP);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ q += i;
+ j += i;
+ }
+ if (RSA_sign(NID_md5_sha1, md_buf, j,
+ &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_RSA);
+ goto err;
+ }
+ s2n(u, p);
+ n += u + 2;
+ } else
+#endif
+ if (md) {
+ /*
+ * For TLS1.2 and later send signature algorithm
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ if (!tls12_get_sigandhash(p, pkey, md)) {
+ /* Should never happen */
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ p += 2;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
+#endif
+ if (EVP_SignInit_ex(&md_ctx, md, NULL) <= 0
+ || EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_SignUpdate(&md_ctx, &(d[4]), n) <= 0
+ || EVP_SignFinal(&md_ctx, &(p[2]),
+ (unsigned int *)&i, pkey) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ s2n(i, p);
+ n += i + 2;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ n += 2;
+ } else {
+ /* Is this error check actually needed? */
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNKNOWN_PKEY_TYPE);
+ goto f_err;
+ }
+ }
+
+ *(d++) = SSL3_MT_SERVER_KEY_EXCHANGE;
+ l2n3(n, d);
+
+ /*
+ * we should now have things packed up, so lets send it off
+ */
+ s->init_num = n + 4;
+ s->init_off = 0;
+ }
+
+ s->state = SSL3_ST_SW_KEY_EXCH_B;
+ EVP_MD_CTX_cleanup(&md_ctx);
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+#ifndef OPENSSL_NO_ECDH
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ BN_CTX_free(bn_ctx);
+#endif
+ EVP_MD_CTX_cleanup(&md_ctx);
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_send_certificate_request(SSL *s)
+{
+ unsigned char *p, *d;
+ int i, j, nl, off, n;
+ STACK_OF(X509_NAME) *sk = NULL;
+ X509_NAME *name;
+ BUF_MEM *buf;
+
+ if (s->state == SSL3_ST_SW_CERT_REQ_A) {
+ buf = s->init_buf;
+
+ d = p = (unsigned char *)&(buf->data[4]);
+
+ /* get the list of acceptable cert types */
+ p++;
+ n = ssl3_get_req_cert_type(s, p);
+ d[0] = n;
+ p += n;
+ n++;
+
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ nl = tls12_get_req_sig_algs(s, p + 2);
+ s2n(nl, p);
+ p += nl + 2;
+ n += nl + 2;
+ }
+
+ off = n;
+ p += 2;
+ n += 2;
+
+ sk = SSL_get_client_CA_list(s);
+ nl = 0;
+ if (sk != NULL) {
+ for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+ name = sk_X509_NAME_value(sk, i);
+ j = i2d_X509_NAME(name, NULL);
+ if (!BUF_MEM_grow_clean(buf, 4 + n + j + 2)) {
+ SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
+ ERR_R_BUF_LIB);
+ goto err;
+ }
+ p = (unsigned char *)&(buf->data[4 + n]);
+ if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) {
+ s2n(j, p);
+ i2d_X509_NAME(name, &p);
+ n += 2 + j;
+ nl += 2 + j;
+ } else {
+ d = p;
+ i2d_X509_NAME(name, &p);
+ j -= 2;
+ s2n(j, d);
+ j += 2;
+ n += j;
+ nl += j;
+ }
+ }
+ }
+ /* else no CA names */
+ p = (unsigned char *)&(buf->data[4 + off]);
+ s2n(nl, p);
+
+ d = (unsigned char *)buf->data;
+ *(d++) = SSL3_MT_CERTIFICATE_REQUEST;
+ l2n3(n, d);
+
+ /*
+ * we should now have things packed up, so lets send it off
+ */
+
+ s->init_num = n + 4;
+ s->init_off = 0;
+#ifdef NETSCAPE_HANG_BUG
+ if (!BUF_MEM_grow_clean(buf, s->init_num + 4)) {
+ SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_BUF_LIB);
+ goto err;
+ }
+ p = (unsigned char *)s->init_buf->data + s->init_num;
+
+ /* do the header */
+ *(p++) = SSL3_MT_SERVER_DONE;
+ *(p++) = 0;
+ *(p++) = 0;
+ *(p++) = 0;
+ s->init_num += 4;
+#endif
+
+ s->state = SSL3_ST_SW_CERT_REQ_B;
+ }
+
+ /* SSL3_ST_SW_CERT_REQ_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_get_client_key_exchange(SSL *s)
+{
+ int i, al, ok;
+ long n;
+ unsigned long alg_k;
+ unsigned char *p;
+#ifndef OPENSSL_NO_RSA
+ RSA *rsa = NULL;
+ EVP_PKEY *pkey = NULL;
+#endif
+#ifndef OPENSSL_NO_DH
+ BIGNUM *pub = NULL;
+ DH *dh_srvr;
+#endif
+#ifndef OPENSSL_NO_KRB5
+ KSSL_ERR kssl_err;
+#endif /* OPENSSL_NO_KRB5 */
+
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *srvr_ecdh = NULL;
+ EVP_PKEY *clnt_pub_pkey = NULL;
+ EC_POINT *clnt_ecpoint = NULL;
+ BN_CTX *bn_ctx = NULL;
+#endif
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_KEY_EXCH_A,
+ SSL3_ST_SR_KEY_EXCH_B,
+ SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok);
+
+ if (!ok)
+ return ((int)n);
+ p = (unsigned char *)s->init_msg;
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+#ifndef OPENSSL_NO_RSA
+ if (alg_k & SSL_kRSA) {
+ unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
+ int decrypt_len;
+ unsigned char decrypt_good, version_good;
+ size_t j;
+
+ /* FIX THIS UP EAY EAY EAY EAY */
+ if (s->s3->tmp.use_rsa_tmp) {
+ if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
+ rsa = s->cert->rsa_tmp;
+ /*
+ * Don't do a callback because rsa_tmp should be sent already
+ */
+ if (rsa == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_RSA_PKEY);
+ goto f_err;
+
+ }
+ } else {
+ pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
+ if ((pkey == NULL) ||
+ (pkey->type != EVP_PKEY_RSA) || (pkey->pkey.rsa == NULL)) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_MISSING_RSA_CERTIFICATE);
+ goto f_err;
+ }
+ rsa = pkey->pkey.rsa;
+ }
+
+ /* TLS and [incidentally] DTLS{0xFEFF} */
+ if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
+ n2s(p, i);
+ if (n != i + 2) {
+ if (!(s->options & SSL_OP_TLS_D5_BUG)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+ goto f_err;
+ } else
+ p -= 2;
+ } else
+ n = i;
+ }
+
+ /*
+ * Reject overly short RSA ciphertext because we want to be sure
+ * that the buffer size makes it safe to iterate over the entire
+ * size of a premaster secret (SSL_MAX_MASTER_KEY_LENGTH). The
+ * actual expected size is larger due to RSA padding, but the
+ * bound is sufficient to be safe.
+ */
+ if (n < SSL_MAX_MASTER_KEY_LENGTH) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+ goto f_err;
+ }
+
+ /*
+ * We must not leak whether a decryption failure occurs because of
+ * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
+ * section 7.4.7.1). The code follows that advice of the TLS RFC and
+ * generates a random premaster secret for the case that the decrypt
+ * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
+ */
+
+ if (RAND_bytes(rand_premaster_secret,
+ sizeof(rand_premaster_secret)) <= 0)
+ goto err;
+ decrypt_len =
+ RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING);
+ ERR_clear_error();
+
+ /*
+ * decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. decrypt_good will
+ * be 0xff if so and zero otherwise.
+ */
+ decrypt_good =
+ constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH);
+
+ /*
+ * If the version in the decrypted pre-master secret is correct then
+ * version_good will be 0xff, otherwise it'll be zero. The
+ * Klima-Pokorny-Rosa extension of Bleichenbacher's attack
+ * (http://eprint.iacr.org/2003/052/) exploits the version number
+ * check as a "bad version oracle". Thus version checks are done in
+ * constant time and are treated like any other decryption error.
+ */
+ version_good =
+ constant_time_eq_8(p[0], (unsigned)(s->client_version >> 8));
+ version_good &=
+ constant_time_eq_8(p[1], (unsigned)(s->client_version & 0xff));
+
+ /*
+ * The premaster secret must contain the same version number as the
+ * ClientHello to detect version rollback attacks (strangely, the
+ * protocol does not offer such protection for DH ciphersuites).
+ * However, buggy clients exist that send the negotiated protocol
+ * version instead if the server does not support the requested
+ * protocol version. If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
+ * clients.
+ */
+ if (s->options & SSL_OP_TLS_ROLLBACK_BUG) {
+ unsigned char workaround_good;
+ workaround_good =
+ constant_time_eq_8(p[0], (unsigned)(s->version >> 8));
+ workaround_good &=
+ constant_time_eq_8(p[1], (unsigned)(s->version & 0xff));
+ version_good |= workaround_good;
+ }
+
+ /*
+ * Both decryption and version must be good for decrypt_good to
+ * remain non-zero (0xff).
+ */
+ decrypt_good &= version_good;
+
+ /*
+ * Now copy rand_premaster_secret over from p using
+ * decrypt_good_mask. If decryption failed, then p does not
+ * contain valid plaintext, however, a check above guarantees
+ * it is still sufficiently large to read from.
+ */
+ for (j = 0; j < sizeof(rand_premaster_secret); j++) {
+ p[j] = constant_time_select_8(decrypt_good, p[j],
+ rand_premaster_secret[j]);
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p,
+ sizeof
+ (rand_premaster_secret));
+ OPENSSL_cleanse(p, sizeof(rand_premaster_secret));
+ } else
+#endif
+#ifndef OPENSSL_NO_DH
+ if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+ n2s(p, i);
+ if (n != i + 2) {
+ if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+ goto err;
+ } else {
+ p -= 2;
+ i = (int)n;
+ }
+ }
+
+ if (n == 0L) { /* the parameters are in the cert */
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_DECODE_DH_CERTS);
+ goto f_err;
+ } else {
+ if (s->s3->tmp.dh == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ } else
+ dh_srvr = s->s3->tmp.dh;
+ }
+
+ pub = BN_bin2bn(p, i, NULL);
+ if (pub == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB);
+ goto err;
+ }
+
+ i = DH_compute_key(p, pub, dh_srvr);
+
+ if (i <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ BN_clear_free(pub);
+ goto err;
+ }
+
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh = NULL;
+
+ BN_clear_free(pub);
+ pub = NULL;
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, i);
+ OPENSSL_cleanse(p, i);
+ } else
+#endif
+#ifndef OPENSSL_NO_KRB5
+ if (alg_k & SSL_kKRB5) {
+ krb5_error_code krb5rc;
+ krb5_data enc_ticket;
+ krb5_data authenticator;
+ krb5_data enc_pms;
+ KSSL_CTX *kssl_ctx = s->kssl_ctx;
+ EVP_CIPHER_CTX ciph_ctx;
+ const EVP_CIPHER *enc = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_BLOCK_LENGTH];
+ int padl, outl;
+ krb5_timestamp authtime = 0;
+ krb5_ticket_times ttimes;
+ int kerr = 0;
+
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+
+ if (!kssl_ctx)
+ kssl_ctx = kssl_ctx_new();
+
+ n2s(p, i);
+ enc_ticket.length = i;
+
+ if (n < (long)(enc_ticket.length + 6)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+
+ enc_ticket.data = (char *)p;
+ p += enc_ticket.length;
+
+ n2s(p, i);
+ authenticator.length = i;
+
+ if (n < (long)(enc_ticket.length + authenticator.length + 6)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+
+ authenticator.data = (char *)p;
+ p += authenticator.length;
+
+ n2s(p, i);
+ enc_pms.length = i;
+ enc_pms.data = (char *)p;
+ p += enc_pms.length;
+
+ /*
+ * Note that the length is checked again below, ** after decryption
+ */
+ if (enc_pms.length > sizeof pms) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+
+ if (n != (long)(enc_ticket.length + authenticator.length +
+ enc_pms.length + 6)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+
+ if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
+ &kssl_err)) != 0) {
+# ifdef KSSL_DEBUG
+ fprintf(stderr, "kssl_sget_tkt rtn %d [%d]\n",
+ krb5rc, kssl_err.reason);
+ if (kssl_err.text)
+ fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
+# endif /* KSSL_DEBUG */
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+ goto err;
+ }
+
+ /*
+ * Note: no authenticator is not considered an error, ** but will
+ * return authtime == 0.
+ */
+ if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
+ &authtime, &kssl_err)) != 0) {
+# ifdef KSSL_DEBUG
+ fprintf(stderr, "kssl_check_authent rtn %d [%d]\n",
+ krb5rc, kssl_err.reason);
+ if (kssl_err.text)
+ fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
+# endif /* KSSL_DEBUG */
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+ goto err;
+ }
+
+ if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, krb5rc);
+ goto err;
+ }
+# ifdef KSSL_DEBUG
+ kssl_ctx_show(kssl_ctx);
+# endif /* KSSL_DEBUG */
+
+ enc = kssl_map_enc(kssl_ctx->enctype);
+ if (enc == NULL)
+ goto err;
+
+ memset(iv, 0, sizeof iv); /* per RFC 1510 */
+
+ if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ goto err;
+ }
+ if (!EVP_DecryptUpdate(&ciph_ctx, pms, &outl,
+ (unsigned char *)enc_pms.data, enc_pms.length))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ kerr = 1;
+ goto kclean;
+ }
+ if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ kerr = 1;
+ goto kclean;
+ }
+ if (!EVP_DecryptFinal_ex(&ciph_ctx, &(pms[outl]), &padl)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ kerr = 1;
+ goto kclean;
+ }
+ outl += padl;
+ if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ kerr = 1;
+ goto kclean;
+ }
+ if (!((pms[0] == (s->client_version >> 8))
+ && (pms[1] == (s->client_version & 0xff)))) {
+ /*
+ * The premaster secret must contain the same version number as
+ * the ClientHello to detect version rollback attacks (strangely,
+ * the protocol does not offer such protection for DH
+ * ciphersuites). However, buggy clients exist that send random
+ * bytes instead of the protocol version. If
+ * SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients.
+ * (Perhaps we should have a separate BUG value for the Kerberos
+ * cipher)
+ */
+ if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_AD_DECODE_ERROR);
+ kerr = 1;
+ goto kclean;
+ }
+ }
+
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ pms, outl);
+
+ if (kssl_ctx->client_princ) {
+ size_t len = strlen(kssl_ctx->client_princ);
+ if (len < SSL_MAX_KRB5_PRINCIPAL_LENGTH) {
+ s->session->krb5_client_princ_len = len;
+ memcpy(s->session->krb5_client_princ, kssl_ctx->client_princ,
+ len);
+ }
+ }
+
+ /*- Was doing kssl_ctx_free() here,
+ * but it caused problems for apache.
+ * kssl_ctx = kssl_ctx_free(kssl_ctx);
+ * if (s->kssl_ctx) s->kssl_ctx = NULL;
+ */
+
+ kclean:
+ OPENSSL_cleanse(pms, sizeof(pms));
+ if (kerr)
+ goto err;
+ } else
+#endif /* OPENSSL_NO_KRB5 */
+
+#ifndef OPENSSL_NO_ECDH
+ if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
+ int ret = 1;
+ int field_size = 0;
+ const EC_KEY *tkey;
+ const EC_GROUP *group;
+ const BIGNUM *priv_key;
+
+ /* initialize structures for server's ECDH key pair */
+ if ((srvr_ecdh = EC_KEY_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Let's get server private key and group information */
+ if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
+ /* use the certificate */
+ tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
+ } else {
+ /*
+ * use the ephermeral values we saved when generating the
+ * ServerKeyExchange msg.
+ */
+ tkey = s->s3->tmp.ecdh;
+ }
+
+ group = EC_KEY_get0_group(tkey);
+ priv_key = EC_KEY_get0_private_key(tkey);
+
+ if (!EC_KEY_set_group(srvr_ecdh, group) ||
+ !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+
+ /* Let's get client's public key */
+ if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (n == 0L) {
+ /* Client Publickey was in Client Certificate */
+
+ if (alg_k & SSL_kEECDH) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_ECDH_KEY);
+ goto f_err;
+ }
+ if (((clnt_pub_pkey = X509_get_pubkey(s->session->peer))
+ == NULL) || (clnt_pub_pkey->type != EVP_PKEY_EC)) {
+ /*
+ * XXX: For now, we do not support client authentication
+ * using ECDH certificates so this branch (n == 0L) of the
+ * code is never executed. When that support is added, we
+ * ought to ensure the key received in the certificate is
+ * authorized for key agreement. ECDH_compute_key implicitly
+ * checks that the two ECDH shares are for the same group.
+ */
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
+ goto f_err;
+ }
+
+ if (EC_POINT_copy(clnt_ecpoint,
+ EC_KEY_get0_public_key(clnt_pub_pkey->
+ pkey.ec)) == 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ ret = 2; /* Skip certificate verify processing */
+ } else {
+ /*
+ * Get client's public key from encoded point in the
+ * ClientKeyExchange message.
+ */
+ if ((bn_ctx = BN_CTX_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Get encoded point length */
+ i = *p;
+ p += 1;
+ if (n != 1 + i) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (EC_POINT_oct2point(group, clnt_ecpoint, p, i, bn_ctx) == 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ /*
+ * p is pointing to somewhere in the buffer currently, so set it
+ * to the start
+ */
+ p = (unsigned char *)s->init_buf->data;
+ }
+
+ /* Compute the shared pre-master secret */
+ field_size = EC_GROUP_get_degree(group);
+ if (field_size <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ i = ECDH_compute_key(p, (field_size + 7) / 8, clnt_ecpoint, srvr_ecdh,
+ NULL);
+ if (i <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ EVP_PKEY_free(clnt_pub_pkey);
+ EC_POINT_free(clnt_ecpoint);
+ EC_KEY_free(srvr_ecdh);
+ BN_CTX_free(bn_ctx);
+ EC_KEY_free(s->s3->tmp.ecdh);
+ s->s3->tmp.ecdh = NULL;
+
+ /* Compute the master secret */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, i);
+
+ OPENSSL_cleanse(p, i);
+ return (ret);
+ } else
+#endif
+#ifndef OPENSSL_NO_PSK
+ if (alg_k & SSL_kPSK) {
+ unsigned char *t = NULL;
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+ unsigned int pre_ms_len = 0, psk_len = 0;
+ int psk_err = 1;
+ char tmp_id[PSK_MAX_IDENTITY_LEN + 1];
+
+ al = SSL_AD_HANDSHAKE_FAILURE;
+
+ n2s(p, i);
+ if (n != i + 2) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);
+ goto psk_err;
+ }
+ if (i > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto psk_err;
+ }
+ if (s->psk_server_callback == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_NO_SERVER_CB);
+ goto psk_err;
+ }
+
+ /*
+ * Create guaranteed NULL-terminated identity string for the callback
+ */
+ memcpy(tmp_id, p, i);
+ memset(tmp_id + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
+ psk_len = s->psk_server_callback(s, tmp_id,
+ psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
+ OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN + 1);
+
+ if (psk_len > PSK_MAX_PSK_LEN) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ } else if (psk_len == 0) {
+ /*
+ * PSK related to the given identity not found
+ */
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
+ al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+ goto psk_err;
+ }
+
+ /* create PSK pre_master_secret */
+ pre_ms_len = 2 + psk_len + 2 + psk_len;
+ t = psk_or_pre_ms;
+ memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ s2n(psk_len, t);
+ memset(t, 0, psk_len);
+ t += psk_len;
+ s2n(psk_len, t);
+
+ if (s->session->psk_identity != NULL)
+ OPENSSL_free(s->session->psk_identity);
+ s->session->psk_identity = BUF_strndup((char *)p, i);
+ if (s->session->psk_identity == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+ if (s->ctx->psk_identity_hint != NULL &&
+ s->session->psk_identity_hint == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ psk_or_pre_ms,
+ pre_ms_len);
+ psk_err = 0;
+ psk_err:
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ if (psk_err != 0)
+ goto f_err;
+ } else
+#endif
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP) {
+ int param_len;
+
+ n2s(p, i);
+ param_len = i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_A_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.A = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
+ || BN_is_zero(s->srp_ctx.A)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_PARAMETERS);
+ goto f_err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length =
+ SRP_generate_server_master_secret(s,
+ s->session->master_key)) < 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ p += i;
+ } else
+#endif /* OPENSSL_NO_SRP */
+ if (alg_k & SSL_kGOST) {
+ int ret = 0;
+ EVP_PKEY_CTX *pkey_ctx;
+ EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
+ unsigned char premaster_secret[32], *start;
+ size_t outlen = 32, inlen;
+ unsigned long alg_a;
+ int Ttag, Tclass;
+ long Tlen;
+
+ /* Get our certificate private key */
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ if (alg_a & SSL_aGOST94)
+ pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
+ else if (alg_a & SSL_aGOST01)
+ pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
+
+ pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
+ if (pkey_ctx == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+ if (EVP_PKEY_decrypt_init(pkey_ctx) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto gerr;
+ }
+ /*
+ * If client certificate is present and is of the same type, maybe
+ * use it for key exchange. Don't mind errors from
+ * EVP_PKEY_derive_set_peer, because it is completely valid to use a
+ * client certificate for authorization only.
+ */
+ client_pub_pkey = X509_get_pubkey(s->session->peer);
+ if (client_pub_pkey) {
+ if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
+ ERR_clear_error();
+ }
+ /* Decrypt session key */
+ if (ASN1_get_object
+ ((const unsigned char **)&p, &Tlen, &Ttag, &Tclass,
+ n) != V_ASN1_CONSTRUCTED || Ttag != V_ASN1_SEQUENCE
+ || Tclass != V_ASN1_UNIVERSAL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ goto gerr;
+ }
+ start = p;
+ inlen = Tlen;
+ if (EVP_PKEY_decrypt
+ (pkey_ctx, premaster_secret, &outlen, start, inlen) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ goto gerr;
+ }
+ /* Generate master secret */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ premaster_secret, 32);
+ OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
+ /* Check if pubkey from client certificate was used */
+ if (EVP_PKEY_CTX_ctrl
+ (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
+ ret = 2;
+ else
+ ret = 1;
+ gerr:
+ EVP_PKEY_free(client_pub_pkey);
+ EVP_PKEY_CTX_free(pkey_ctx);
+ if (ret)
+ return ret;
+ else
+ goto err;
+ } else {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE);
+ goto f_err;
+ }
+
+ return (1);
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
+ err:
+#endif
+#ifndef OPENSSL_NO_ECDH
+ EVP_PKEY_free(clnt_pub_pkey);
+ EC_POINT_free(clnt_ecpoint);
+ if (srvr_ecdh != NULL)
+ EC_KEY_free(srvr_ecdh);
+ BN_CTX_free(bn_ctx);
+#endif
+ s->state = SSL_ST_ERR;
+ return (-1);
+}
+
+int ssl3_get_cert_verify(SSL *s)
+{
+ EVP_PKEY *pkey = NULL;
+ unsigned char *p;
+ int al, ok, ret = 0;
+ long n;
+ int type = 0, i, j;
+ X509 *peer;
+ const EVP_MD *md = NULL;
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+
+ /*
+ * We should only process a CertificateVerify message if we have received
+ * a Certificate from the client. If so then |s->session->peer| will be non
+ * NULL. In some instances a CertificateVerify message is not required even
+ * if the peer has sent a Certificate (e.g. such as in the case of static
+ * DH). In that case the ClientKeyExchange processing will skip the
+ * CertificateVerify state so we should not arrive here.
+ */
+ if (s->session->peer == NULL) {
+ ret = 1;
+ goto end;
+ }
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_CERT_VRFY_A,
+ SSL3_ST_SR_CERT_VRFY_B,
+ SSL3_MT_CERTIFICATE_VERIFY,
+ SSL3_RT_MAX_PLAIN_LENGTH, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ peer = s->session->peer;
+ pkey = X509_get_pubkey(peer);
+ type = X509_certificate_type(peer, pkey);
+
+ if (!(type & EVP_PKT_SIGN)) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
+ SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+ /* we now have a signature that we need to verify */
+ p = (unsigned char *)s->init_msg;
+ /* Check for broken implementations of GOST ciphersuites */
+ /*
+ * If key is GOST and n is exactly 64, it is bare signature without
+ * length field
+ */
+ if (n == 64 && (pkey->type == NID_id_GostR3410_94 ||
+ pkey->type == NID_id_GostR3410_2001)) {
+ i = 64;
+ } else {
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ int sigalg = tls12_get_sigid(pkey);
+ /* Should never happen */
+ if (sigalg == -1) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ /* Check key type is consistent with signature */
+ if (sigalg != (int)p[1]) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
+ SSL_R_WRONG_SIGNATURE_TYPE);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ md = tls12_get_hash(p[0]);
+ if (md == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_UNKNOWN_DIGEST);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+ p += 2;
+ n -= 2;
+ }
+ n2s(p, i);
+ n -= 2;
+ if (i > n) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_LENGTH_MISMATCH);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ }
+ j = EVP_PKEY_size(pkey);
+ if ((i > j) || (n > j) || (n <= 0)) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_WRONG_SIGNATURE_SIZE);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ long hdatalen = 0;
+ void *hdata;
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+ if (hdatalen <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using TLS 1.2 with client verify alg %s\n",
+ EVP_MD_name(md));
+#endif
+ if (!EVP_VerifyInit_ex(&mctx, md, NULL)
+ || !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_EVP_LIB);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+
+ if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ } else
+#ifndef OPENSSL_NO_RSA
+ if (pkey->type == EVP_PKEY_RSA) {
+ i = RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, p, i,
+ pkey->pkey.rsa);
+ if (i < 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+ if (i == 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_SIGNATURE);
+ goto f_err;
+ }
+ } else
+#endif
+#ifndef OPENSSL_NO_DSA
+ if (pkey->type == EVP_PKEY_DSA) {
+ j = DSA_verify(pkey->save_type,
+ &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, p, i, pkey->pkey.dsa);
+ if (j <= 0) {
+ /* bad signature */
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_DSA_SIGNATURE);
+ goto f_err;
+ }
+ } else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC) {
+ j = ECDSA_verify(pkey->save_type,
+ &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, p, i, pkey->pkey.ec);
+ if (j <= 0) {
+ /* bad signature */
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
+ goto f_err;
+ }
+ } else
+#endif
+ if (pkey->type == NID_id_GostR3410_94
+ || pkey->type == NID_id_GostR3410_2001) {
+ unsigned char signature[64];
+ int idx;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (pctx == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+ if (EVP_PKEY_verify_init(pctx) <= 0) {
+ EVP_PKEY_CTX_free(pctx);
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ if (i != 64) {
+ fprintf(stderr, "GOST signature length is %d", i);
+ }
+ for (idx = 0; idx < 64; idx++) {
+ signature[63 - idx] = p[idx];
+ }
+ j = EVP_PKEY_verify(pctx, signature, 64, s->s3->tmp.cert_verify_md,
+ 32);
+ EVP_PKEY_CTX_free(pctx);
+ if (j <= 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
+ goto f_err;
+ }
+ } else {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_UNSUPPORTED_CERTIFICATE;
+ goto f_err;
+ }
+
+ ret = 1;
+ if (0) {
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
+ }
+ end:
+ if (s->s3->handshake_buffer) {
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
+ }
+ EVP_MD_CTX_cleanup(&mctx);
+ EVP_PKEY_free(pkey);
+ return (ret);
+}
+
+int ssl3_get_client_certificate(SSL *s)
+{
+ int i, ok, al, ret = -1;
+ X509 *x = NULL;
+ unsigned long l, nc, llen, n;
+ const unsigned char *p, *q;
+ unsigned char *d;
+ STACK_OF(X509) *sk = NULL;
+
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_CERT_A,
+ SSL3_ST_SR_CERT_B,
+ -1, s->max_cert_list, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
+ if ((s->verify_mode & SSL_VERIFY_PEER) &&
+ (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ goto f_err;
+ }
+ /*
+ * If tls asked for a client cert, the client must return a 0 list
+ */
+ if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+ s->s3->tmp.reuse_message = 1;
+ return (1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_WRONG_MESSAGE_TYPE);
+ goto f_err;
+ }
+ p = d = (unsigned char *)s->init_msg;
+
+ if ((sk = sk_X509_new_null()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ n2l3(p, llen);
+ if (llen + 3 != n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ for (nc = 0; nc < llen;) {
+ if (nc + 3 > llen) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ n2l3(p, l);
+ if ((l + nc + 3) > llen) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ q = p;
+ x = d2i_X509(NULL, &p, l);
+ if (x == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (p != (q + l)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (!sk_X509_push(sk, x)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ x = NULL;
+ nc += l + 3;
+ }
+
+ if (sk_X509_num(sk) <= 0) {
+ /* TLS does not mind 0 certs returned */
+ if (s->version == SSL3_VERSION) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_NO_CERTIFICATES_RETURNED);
+ goto f_err;
+ }
+ /* Fail for TLS only if we required a certificate */
+ else if ((s->verify_mode & SSL_VERIFY_PEER) &&
+ (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ goto f_err;
+ }
+ /* No client certificate so digest cached records */
+ if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ } else {
+ i = ssl_verify_cert_chain(s, sk);
+ if (i <= 0) {
+ al = ssl_verify_alarm_type(s->verify_result);
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+ SSL_R_NO_CERTIFICATE_RETURNED);
+ goto f_err;
+ }
+ }
+
+ if (s->session->peer != NULL) /* This should not be needed */
+ X509_free(s->session->peer);
+ s->session->peer = sk_X509_shift(sk);
+ s->session->verify_result = s->verify_result;
+
+ /*
+ * With the current implementation, sess_cert will always be NULL when we
+ * arrive here.
+ */
+ if (s->session->sess_cert == NULL) {
+ s->session->sess_cert = ssl_sess_cert_new();
+ if (s->session->sess_cert == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ if (s->session->sess_cert->cert_chain != NULL)
+ sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
+ s->session->sess_cert->cert_chain = sk;
+ /*
+ * Inconsistency alert: cert_chain does *not* include the peer's own
+ * certificate, while we do include it in s3_clnt.c
+ */
+
+ sk = NULL;
+
+ ret = 1;
+ if (0) {
+ f_err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
+ }
+
+ if (x != NULL)
+ X509_free(x);
+ if (sk != NULL)
+ sk_X509_pop_free(sk, X509_free);
+ return (ret);
+}
+
+int ssl3_send_server_certificate(SSL *s)
+{
+ unsigned long l;
+ X509 *x;
+
+ if (s->state == SSL3_ST_SW_CERT_A) {
+ x = ssl_get_server_send_cert(s);
+ if (x == NULL) {
+ /* VRS: allow null cert if auth == KRB5 */
+ if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
+ (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
+ ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return (0);
+ }
+ }
+
+ l = ssl3_output_cert_chain(s, x);
+ if (!l) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return (0);
+ }
+ s->state = SSL3_ST_SW_CERT_B;
+ s->init_num = (int)l;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_SW_CERT_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+/* send a new session ticket (not necessarily for a new session) */
+int ssl3_send_newsession_ticket(SSL *s)
+{
+ unsigned char *senc = NULL;
+ EVP_CIPHER_CTX ctx;
+ HMAC_CTX hctx;
+
+ if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
+ unsigned char *p, *macstart;
+ const unsigned char *const_p;
+ int len, slen_full, slen;
+ SSL_SESSION *sess;
+ unsigned int hlen;
+ SSL_CTX *tctx = s->initial_ctx;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char key_name[16];
+
+ /* get session encoding length */
+ slen_full = i2d_SSL_SESSION(s->session, NULL);
+ /*
+ * Some length values are 16 bits, so forget it if session is too
+ * long
+ */
+ if (slen_full == 0 || slen_full > 0xFF00) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ senc = OPENSSL_malloc(slen_full);
+ if (!senc) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ EVP_CIPHER_CTX_init(&ctx);
+ HMAC_CTX_init(&hctx);
+
+ p = senc;
+ if (!i2d_SSL_SESSION(s->session, &p))
+ goto err;
+
+ /*
+ * create a fresh copy (not shared with other threads) to clean up
+ */
+ const_p = senc;
+ sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
+ if (sess == NULL)
+ goto err;
+ sess->session_id_length = 0; /* ID is irrelevant for the ticket */
+
+ slen = i2d_SSL_SESSION(sess, NULL);
+ if (slen == 0 || slen > slen_full) { /* shouldn't ever happen */
+ SSL_SESSION_free(sess);
+ goto err;
+ }
+ p = senc;
+ if (!i2d_SSL_SESSION(sess, &p)) {
+ SSL_SESSION_free(sess);
+ goto err;
+ }
+ SSL_SESSION_free(sess);
+
+ /*-
+ * Grow buffer if need be: the length calculation is as
+ * follows 1 (size of message name) + 3 (message length
+ * bytes) + 4 (ticket lifetime hint) + 2 (ticket length) +
+ * 16 (key name) + max_iv_len (iv length) +
+ * session_length + max_enc_block_size (max encrypted session
+ * length) + max_md_size (HMAC).
+ */
+ if (!BUF_MEM_grow(s->init_buf,
+ 26 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
+ EVP_MAX_MD_SIZE + slen))
+ goto err;
+
+ p = (unsigned char *)s->init_buf->data;
+ /* do the header */
+ *(p++) = SSL3_MT_NEWSESSION_TICKET;
+ /* Skip message length for now */
+ p += 3;
+ /*
+ * Initialize HMAC and cipher contexts. If callback present it does
+ * all the work otherwise use generated values from parent ctx.
+ */
+ if (tctx->tlsext_ticket_key_cb) {
+ if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
+ &hctx, 1) < 0)
+ goto err;
+ } else {
+ if (RAND_bytes(iv, 16) <= 0)
+ goto err;
+ if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+ tctx->tlsext_tick_aes_key, iv))
+ goto err;
+ if (!HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+ tlsext_tick_md(), NULL))
+ goto err;
+ memcpy(key_name, tctx->tlsext_tick_key_name, 16);
+ }
+
+ /*
+ * Ticket lifetime hint (advisory only): We leave this unspecified
+ * for resumed session (for simplicity), and guess that tickets for
+ * new sessions will live as long as their sessions.
+ */
+ l2n(s->hit ? 0 : s->session->timeout, p);
+
+ /* Skip ticket length for now */
+ p += 2;
+ /* Output key name */
+ macstart = p;
+ memcpy(p, key_name, 16);
+ p += 16;
+ /* output IV */
+ memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
+ p += EVP_CIPHER_CTX_iv_length(&ctx);
+ /* Encrypt session data */
+ if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen))
+ goto err;
+ p += len;
+ if (!EVP_EncryptFinal(&ctx, p, &len))
+ goto err;
+ p += len;
+
+ if (!HMAC_Update(&hctx, macstart, p - macstart))
+ goto err;
+ if (!HMAC_Final(&hctx, p, &hlen))
+ goto err;
+
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ HMAC_CTX_cleanup(&hctx);
+
+ p += hlen;
+ /* Now write out lengths: p points to end of data written */
+ /* Total length */
+ len = p - (unsigned char *)s->init_buf->data;
+ p = (unsigned char *)s->init_buf->data + 1;
+ l2n3(len - 4, p); /* Message length */
+ p += 4;
+ s2n(len - 10, p); /* Ticket length */
+
+ /* number of bytes to write */
+ s->init_num = len;
+ s->state = SSL3_ST_SW_SESSION_TICKET_B;
+ s->init_off = 0;
+ OPENSSL_free(senc);
+ }
+
+ /* SSL3_ST_SW_SESSION_TICKET_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ if (senc)
+ OPENSSL_free(senc);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ HMAC_CTX_cleanup(&hctx);
+ s->state = SSL_ST_ERR;
+ return -1;
+}
+
+int ssl3_send_cert_status(SSL *s)
+{
+ if (s->state == SSL3_ST_SW_CERT_STATUS_A) {
+ unsigned char *p;
+ /*-
+ * Grow buffer if need be: the length calculation is as
+ * follows 1 (message type) + 3 (message length) +
+ * 1 (ocsp response type) + 3 (ocsp response length)
+ * + (ocsp response)
+ */
+ if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ p = (unsigned char *)s->init_buf->data;
+
+ /* do the header */
+ *(p++) = SSL3_MT_CERTIFICATE_STATUS;
+ /* message length */
+ l2n3(s->tlsext_ocsp_resplen + 4, p);
+ /* status type */
+ *(p++) = s->tlsext_status_type;
+ /* length of OCSP response */
+ l2n3(s->tlsext_ocsp_resplen, p);
+ /* actual response */
+ memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen);
+ /* number of bytes to write */
+ s->init_num = 8 + s->tlsext_ocsp_resplen;
+ s->state = SSL3_ST_SW_CERT_STATUS_B;
+ s->init_off = 0;
+ }
+
+ /* SSL3_ST_SW_CERT_STATUS_B */
+ return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl3_get_next_proto reads a Next Protocol Negotiation handshake message.
+ * It sets the next_proto member in s if found
+ */
+int ssl3_get_next_proto(SSL *s)
+{
+ int ok;
+ int proto_len, padding_len;
+ long n;
+ const unsigned char *p;
+
+ /*
+ * Clients cannot send a NextProtocol message if we didn't see the
+ * extension in their ClientHello
+ */
+ if (!s->s3->next_proto_neg_seen) {
+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
+ SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ /* See the payload format below */
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_NEXT_PROTO_A,
+ SSL3_ST_SR_NEXT_PROTO_B,
+ SSL3_MT_NEXT_PROTO, 514, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ /*
+ * s->state doesn't reflect whether ChangeCipherSpec has been received in
+ * this handshake, but s->s3->change_cipher_spec does (will be reset by
+ * ssl3_get_finished).
+ */
+ if (!s->s3->change_cipher_spec) {
+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ if (n < 2) {
+ s->state = SSL_ST_ERR;
+ return 0; /* The body must be > 1 bytes long */
+ }
+
+ p = (unsigned char *)s->init_msg;
+
+ /*-
+ * The payload looks like:
+ * uint8 proto_len;
+ * uint8 proto[proto_len];
+ * uint8 padding_len;
+ * uint8 padding[padding_len];
+ */
+ proto_len = p[0];
+ if (proto_len + 2 > s->init_num) {
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+ padding_len = p[proto_len + 1];
+ if (proto_len + padding_len + 2 != s->init_num) {
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+
+ s->next_proto_negotiated = OPENSSL_malloc(proto_len);
+ if (!s->next_proto_negotiated) {
+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+ memcpy(s->next_proto_negotiated, p + 1, proto_len);
+ s->next_proto_negotiated_len = proto_len;
+
+ return 1;
+}
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/ssl.h
===================================================================
--- vendor-crypto/openssl/dist/ssl/ssl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2770 +0,0 @@
-/* ssl/ssl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_H
-# define HEADER_SSL_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-# endif
-# ifndef OPENSSL_NO_BIO
-# include <openssl/bio.h>
-# endif
-# ifndef OPENSSL_NO_DEPRECATED
-# ifndef OPENSSL_NO_X509
-# include <openssl/x509.h>
-# endif
-# include <openssl/crypto.h>
-# include <openssl/lhash.h>
-# include <openssl/buffer.h>
-# endif
-# include <openssl/pem.h>
-# include <openssl/hmac.h>
-
-# include <openssl/kssl.h>
-# include <openssl/safestack.h>
-# include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* SSLeay version number for ASN.1 encoding of the session information */
-/*-
- * Version 0 - initial version
- * Version 1 - added the optional peer certificate
- */
-# define SSL_SESSION_ASN1_VERSION 0x0001
-
-/* text strings for the ciphers */
-# define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
-# define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
-# define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
-# define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
-# define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
-# define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
-# define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
-# define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
-# define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
-# define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
-
-/*
- * VRS Additional Kerberos5 entries
- */
-# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
-# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-# define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
-# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
-# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
-# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-# define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
-# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
-
-# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
-# define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
-# define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
-# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
-# define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
-# define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
-
-# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
-# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
-# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
-# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
-# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-# define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
-
-# define SSL_MAX_SSL_SESSION_ID_LENGTH 32
-# define SSL_MAX_SID_CTX_LENGTH 32
-
-# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
-# define SSL_MAX_KEY_ARG_LENGTH 8
-# define SSL_MAX_MASTER_KEY_LENGTH 48
-
-/* These are used to specify which ciphers to use and not to use */
-
-# define SSL_TXT_EXP40 "EXPORT40"
-# define SSL_TXT_EXP56 "EXPORT56"
-# define SSL_TXT_LOW "LOW"
-# define SSL_TXT_MEDIUM "MEDIUM"
-# define SSL_TXT_HIGH "HIGH"
-# define SSL_TXT_FIPS "FIPS"
-
-# define SSL_TXT_kFZA "kFZA"/* unused! */
-# define SSL_TXT_aFZA "aFZA"/* unused! */
-# define SSL_TXT_eFZA "eFZA"/* unused! */
-# define SSL_TXT_FZA "FZA"/* unused! */
-
-# define SSL_TXT_aNULL "aNULL"
-# define SSL_TXT_eNULL "eNULL"
-# define SSL_TXT_NULL "NULL"
-
-# define SSL_TXT_kRSA "kRSA"
-# define SSL_TXT_kDHr "kDHr"/* no such ciphersuites supported! */
-# define SSL_TXT_kDHd "kDHd"/* no such ciphersuites supported! */
-# define SSL_TXT_kDH "kDH"/* no such ciphersuites supported! */
-# define SSL_TXT_kEDH "kEDH"
-# define SSL_TXT_kKRB5 "kKRB5"
-# define SSL_TXT_kECDHr "kECDHr"
-# define SSL_TXT_kECDHe "kECDHe"
-# define SSL_TXT_kECDH "kECDH"
-# define SSL_TXT_kEECDH "kEECDH"
-# define SSL_TXT_kPSK "kPSK"
-# define SSL_TXT_kGOST "kGOST"
-# define SSL_TXT_kSRP "kSRP"
-
-# define SSL_TXT_aRSA "aRSA"
-# define SSL_TXT_aDSS "aDSS"
-# define SSL_TXT_aDH "aDH"/* no such ciphersuites supported! */
-# define SSL_TXT_aECDH "aECDH"
-# define SSL_TXT_aKRB5 "aKRB5"
-# define SSL_TXT_aECDSA "aECDSA"
-# define SSL_TXT_aPSK "aPSK"
-# define SSL_TXT_aGOST94 "aGOST94"
-# define SSL_TXT_aGOST01 "aGOST01"
-# define SSL_TXT_aGOST "aGOST"
-# define SSL_TXT_aSRP "aSRP"
-
-# define SSL_TXT_DSS "DSS"
-# define SSL_TXT_DH "DH"
-# define SSL_TXT_EDH "EDH"/* same as "kEDH:-ADH" */
-# define SSL_TXT_ADH "ADH"
-# define SSL_TXT_RSA "RSA"
-# define SSL_TXT_ECDH "ECDH"
-# define SSL_TXT_EECDH "EECDH"/* same as "kEECDH:-AECDH" */
-# define SSL_TXT_AECDH "AECDH"
-# define SSL_TXT_ECDSA "ECDSA"
-# define SSL_TXT_KRB5 "KRB5"
-# define SSL_TXT_PSK "PSK"
-# define SSL_TXT_SRP "SRP"
-
-# define SSL_TXT_DES "DES"
-# define SSL_TXT_3DES "3DES"
-# define SSL_TXT_RC4 "RC4"
-# define SSL_TXT_RC2 "RC2"
-# define SSL_TXT_IDEA "IDEA"
-# define SSL_TXT_SEED "SEED"
-# define SSL_TXT_AES128 "AES128"
-# define SSL_TXT_AES256 "AES256"
-# define SSL_TXT_AES "AES"
-# define SSL_TXT_AES_GCM "AESGCM"
-# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
-# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
-# define SSL_TXT_CAMELLIA "CAMELLIA"
-
-# define SSL_TXT_MD5 "MD5"
-# define SSL_TXT_SHA1 "SHA1"
-# define SSL_TXT_SHA "SHA"/* same as "SHA1" */
-# define SSL_TXT_GOST94 "GOST94"
-# define SSL_TXT_GOST89MAC "GOST89MAC"
-# define SSL_TXT_SHA256 "SHA256"
-# define SSL_TXT_SHA384 "SHA384"
-
-# define SSL_TXT_SSLV2 "SSLv2"
-# define SSL_TXT_SSLV3 "SSLv3"
-# define SSL_TXT_TLSV1 "TLSv1"
-# define SSL_TXT_TLSV1_1 "TLSv1.1"
-# define SSL_TXT_TLSV1_2 "TLSv1.2"
-
-# define SSL_TXT_EXP "EXP"
-# define SSL_TXT_EXPORT "EXPORT"
-
-# define SSL_TXT_ALL "ALL"
-
-/*-
- * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
- * ciphers normally not being used.
- * Example: "RC4" will activate all ciphers using RC4 including ciphers
- * without authentication, which would normally disabled by DEFAULT (due
- * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
- * will make sure that it is also disabled in the specific selection.
- * COMPLEMENTOF* identifiers are portable between version, as adjustments
- * to the default cipher setup will also be included here.
- *
- * COMPLEMENTOFDEFAULT does not experience the same special treatment that
- * DEFAULT gets, as only selection is being done and no sorting as needed
- * for DEFAULT.
- */
-# define SSL_TXT_CMPALL "COMPLEMENTOFALL"
-# define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
-
-/*
- * The following cipher list is used by default. It also is substituted when
- * an application-defined cipher list string starts with 'DEFAULT'.
- */
-# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2"
-/*
- * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
- * starts with a reasonable order, and all we have to do for DEFAULT is
- * throwing out anonymous and unencrypted ciphersuites! (The latter are not
- * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
- */
-
-/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
-# define SSL_SENT_SHUTDOWN 1
-# define SSL_RECEIVED_SHUTDOWN 2
-
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
-# define OPENSSL_NO_SSL2
-# endif
-
-# define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
-# define SSL_FILETYPE_PEM X509_FILETYPE_PEM
-
-/*
- * This is needed to stop compilers complaining about the 'struct ssl_st *'
- * function parameters used to prototype callbacks in SSL_CTX.
- */
-typedef struct ssl_st *ssl_crock_st;
-typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
-typedef struct ssl_method_st SSL_METHOD;
-typedef struct ssl_cipher_st SSL_CIPHER;
-typedef struct ssl_session_st SSL_SESSION;
-
-DECLARE_STACK_OF(SSL_CIPHER)
-
-/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
-typedef struct srtp_protection_profile_st {
- const char *name;
- unsigned long id;
-} SRTP_PROTECTION_PROFILE;
-
-DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
-
-typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
- const unsigned char *data,
- int len, void *arg);
-typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
- int *secret_len,
- STACK_OF(SSL_CIPHER) *peer_ciphers,
- SSL_CIPHER **cipher, void *arg);
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-/* used to hold info on the particular ciphers used */
-struct ssl_cipher_st {
- int valid;
- const char *name; /* text name */
- unsigned long id; /* id, 4 bytes, first is version */
- /*
- * changed in 0.9.9: these four used to be portions of a single value
- * 'algorithms'
- */
- unsigned long algorithm_mkey; /* key exchange algorithm */
- unsigned long algorithm_auth; /* server authentication */
- unsigned long algorithm_enc; /* symmetric encryption */
- unsigned long algorithm_mac; /* symmetric authentication */
- unsigned long algorithm_ssl; /* (major) protocol version */
- unsigned long algo_strength; /* strength and export flags */
- unsigned long algorithm2; /* Extra flags */
- int strength_bits; /* Number of bits really used */
- int alg_bits; /* Number of bits for algorithm */
-};
-
-/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
-struct ssl_method_st {
- int version;
- int (*ssl_new) (SSL *s);
- void (*ssl_clear) (SSL *s);
- void (*ssl_free) (SSL *s);
- int (*ssl_accept) (SSL *s);
- int (*ssl_connect) (SSL *s);
- int (*ssl_read) (SSL *s, void *buf, int len);
- int (*ssl_peek) (SSL *s, void *buf, int len);
- int (*ssl_write) (SSL *s, const void *buf, int len);
- int (*ssl_shutdown) (SSL *s);
- int (*ssl_renegotiate) (SSL *s);
- int (*ssl_renegotiate_check) (SSL *s);
- long (*ssl_get_message) (SSL *s, int st1, int stn, int mt, long
- max, int *ok);
- int (*ssl_read_bytes) (SSL *s, int type, unsigned char *buf, int len,
- int peek);
- int (*ssl_write_bytes) (SSL *s, int type, const void *buf_, int len);
- int (*ssl_dispatch_alert) (SSL *s);
- long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg);
- long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg);
- const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
- int (*put_cipher_by_char) (const SSL_CIPHER *cipher, unsigned char *ptr);
- int (*ssl_pending) (const SSL *s);
- int (*num_ciphers) (void);
- const SSL_CIPHER *(*get_cipher) (unsigned ncipher);
- const struct ssl_method_st *(*get_ssl_method) (int version);
- long (*get_timeout) (void);
- struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
- int (*ssl_version) (void);
- long (*ssl_callback_ctrl) (SSL *s, int cb_id, void (*fp) (void));
- long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
-};
-
-/*-
- * Lets make this into an ASN.1 type structure as follows
- * SSL_SESSION_ID ::= SEQUENCE {
- * version INTEGER, -- structure version number
- * SSLversion INTEGER, -- SSL version number
- * Cipher OCTET STRING, -- the 3 byte cipher ID
- * Session_ID OCTET STRING, -- the Session ID
- * Master_key OCTET STRING, -- the master key
- * KRB5_principal OCTET STRING -- optional Kerberos principal
- * Key_Arg [ 0 ] IMPLICIT OCTET STRING, -- the optional Key argument
- * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
- * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
- * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
- * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
- * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
- * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
- * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
- * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
- * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
- * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
- * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
- * }
- * Look in ssl/ssl_asn1.c for more details
- * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
- */
-struct ssl_session_st {
- int ssl_version; /* what ssl version session info is being
- * kept in here? */
- /* only really used in SSLv2 */
- unsigned int key_arg_length;
- unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
- int master_key_length;
- unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
- /* session_id - valid? */
- unsigned int session_id_length;
- unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
- /*
- * this is used to determine whether the session is being reused in the
- * appropriate context. It is up to the application to set this, via
- * SSL_new
- */
- unsigned int sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-# ifndef OPENSSL_NO_KRB5
- unsigned int krb5_client_princ_len;
- unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
-# endif /* OPENSSL_NO_KRB5 */
-# ifndef OPENSSL_NO_PSK
- char *psk_identity_hint;
- char *psk_identity;
-# endif
- /*
- * Used to indicate that session resumption is not allowed. Applications
- * can also set this bit for a new session via not_resumable_session_cb
- * to disable session caching and tickets.
- */
- int not_resumable;
- /* The cert is the certificate used to establish this connection */
- struct sess_cert_st /* SESS_CERT */ *sess_cert;
- /*
- * This is the cert for the other end. On clients, it will be the same as
- * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is
- * not retained in the external representation of sessions, see
- * ssl_asn1.c).
- */
- X509 *peer;
- /*
- * when app_verify_callback accepts a session where the peer's
- * certificate is not ok, we must remember the error for session reuse:
- */
- long verify_result; /* only for servers */
- int references;
- long timeout;
- long time;
- unsigned int compress_meth; /* Need to lookup the method */
- const SSL_CIPHER *cipher;
- unsigned long cipher_id; /* when ASN.1 loaded, this needs to be used
- * to load the 'cipher' structure */
- STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
- CRYPTO_EX_DATA ex_data; /* application specific data */
- /*
- * These are used to make removal of session-ids more efficient and to
- * implement a maximum cache size.
- */
- struct ssl_session_st *prev, *next;
-# ifndef OPENSSL_NO_TLSEXT
- char *tlsext_hostname;
-# ifndef OPENSSL_NO_EC
- size_t tlsext_ecpointformatlist_length;
- unsigned char *tlsext_ecpointformatlist; /* peer's list */
- size_t tlsext_ellipticcurvelist_length;
- unsigned char *tlsext_ellipticcurvelist; /* peer's list */
-# endif /* OPENSSL_NO_EC */
- /* RFC4507 info */
- unsigned char *tlsext_tick; /* Session ticket */
- size_t tlsext_ticklen; /* Session ticket length */
- long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
-# endif
-# ifndef OPENSSL_NO_SRP
- char *srp_username;
-# endif
-};
-
-# endif
-
-# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
-# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
-/* Allow initial connection to servers that don't support RI */
-# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
-# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
-# define SSL_OP_TLSEXT_PADDING 0x00000010L
-# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
-# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L
-# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
-# define SSL_OP_TLS_D5_BUG 0x00000100L
-# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
-
-/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
-# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
-/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
-# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
-
-/*
- * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
- * OpenSSL 0.9.6d. Usually (depending on the application protocol) the
- * workaround is not needed. Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include it in
- * SSL_OP_ALL.
- */
-/* added in 0.9.6e */
-# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L
-
-/*
- * SSL_OP_ALL: various bug workarounds that should be rather harmless. This
- * used to be 0x000FFFFFL before 0.9.7.
- */
-# define SSL_OP_ALL 0x80000BFFL
-
-/* DTLS options */
-# define SSL_OP_NO_QUERY_MTU 0x00001000L
-/* Turn on Cookie Exchange (on relevant for servers) */
-# define SSL_OP_COOKIE_EXCHANGE 0x00002000L
-/* Don't use RFC4507 ticket extension */
-# define SSL_OP_NO_TICKET 0x00004000L
-/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
-# define SSL_OP_CISCO_ANYCONNECT 0x00008000L
-
-/* As server, disallow session resumption on renegotiation */
-# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
-/* Don't use compression even if supported */
-# define SSL_OP_NO_COMPRESSION 0x00020000L
-/* Permit unsafe legacy renegotiation */
-# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
-/* If set, always create a new key when using tmp_ecdh parameters */
-# define SSL_OP_SINGLE_ECDH_USE 0x00080000L
-/* If set, always create a new key when using tmp_dh parameters */
-# define SSL_OP_SINGLE_DH_USE 0x00100000L
-/* Does nothing: retained for compatibiity */
-# define SSL_OP_EPHEMERAL_RSA 0x0
-/*
- * Set on servers to choose the cipher according to the server's preferences
- */
-# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
-/*
- * If set, a server will allow a client to issue a SSLv3.0 version number as
- * latest version supported in the premaster secret, even when TLSv1.0
- * (version 3.1) was announced in the client hello. Normally this is
- * forbidden to prevent version rollback attacks.
- */
-# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
-
-# define SSL_OP_NO_SSLv2 0x01000000L
-# define SSL_OP_NO_SSLv3 0x02000000L
-# define SSL_OP_NO_TLSv1 0x04000000L
-# define SSL_OP_NO_TLSv1_2 0x08000000L
-# define SSL_OP_NO_TLSv1_1 0x10000000L
-
-/*
- * These next two were never actually used for anything since SSLeay zap so
- * we have some more flags.
- */
-/*
- * The next flag deliberately changes the ciphertest, this is a check for the
- * PKCS#1 attack
- */
-# define SSL_OP_PKCS1_CHECK_1 0x0
-# define SSL_OP_PKCS1_CHECK_2 0x0
-
-# define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
-# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
-/*
- * Make server add server-hello extension from early version of cryptopro
- * draft, when GOST ciphersuite is negotiated. Required for interoperability
- * with CryptoPro CSP 3.x
- */
-# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
-
-/*
- * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
- * when just a single record has been written):
- */
-# define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
-/*
- * Make it possible to retry SSL_write() with changed buffer location (buffer
- * contents must stay the same!); this is not the default to avoid the
- * misconception that non-blocking SSL_write() behaves like non-blocking
- * write():
- */
-# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
-/*
- * Never bother the application with retries if the transport is blocking:
- */
-# define SSL_MODE_AUTO_RETRY 0x00000004L
-/* Don't attempt to automatically build certificate chain */
-# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
-/*
- * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
- * TLS only.) "Released" buffers are put onto a free-list in the context or
- * just freed (depending on the context's setting for freelist_max_len).
- */
-# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-/*
- * Send the current time in the Random fields of the ClientHello and
- * ServerHello records for compatibility with hypothetical implementations
- * that require it.
- */
-# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
-# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
-/*
- * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
- * that reconnect with a downgraded protocol version; see
- * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
- * application attempts a normal handshake. Only use this in explicit
- * fallback retries, following the guidance in
- * draft-ietf-tls-downgrade-scsv-00.
- */
-# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
-
-/*
- * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
- * cannot be used to clear bits.
- */
-
-# define SSL_CTX_set_options(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
-# define SSL_CTX_clear_options(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-# define SSL_CTX_get_options(ctx) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
-# define SSL_set_options(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
-# define SSL_clear_options(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-# define SSL_get_options(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
-
-# define SSL_CTX_set_mode(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
-# define SSL_CTX_clear_mode(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
-# define SSL_CTX_get_mode(ctx) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
-# define SSL_clear_mode(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
-# define SSL_set_mode(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
-# define SSL_get_mode(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
-# define SSL_set_mtu(ssl, mtu) \
- SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
-# define DTLS_set_link_mtu(ssl, mtu) \
- SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
-# define DTLS_get_link_min_mtu(ssl) \
- SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
-
-# define SSL_get_secure_renegotiation_support(ssl) \
- SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
-
-# ifndef OPENSSL_NO_HEARTBEATS
-# define SSL_heartbeat(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
-# endif
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
- void (*cb) (int write_p, int version,
- int content_type, const void *buf,
- size_t len, SSL *ssl, void *arg));
-void SSL_set_msg_callback(SSL *ssl,
- void (*cb) (int write_p, int version,
- int content_type, const void *buf,
- size_t len, SSL *ssl, void *arg));
-# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-
-# ifndef OPENSSL_NO_SRP
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct srp_ctx_st {
- /* param for all the callbacks */
- void *SRP_cb_arg;
- /* set client Hello login callback */
- int (*TLS_ext_srp_username_callback) (SSL *, int *, void *);
- /* set SRP N/g param callback for verification */
- int (*SRP_verify_param_callback) (SSL *, void *);
- /* set SRP client passwd callback */
- char *(*SRP_give_srp_client_pwd_callback) (SSL *, void *);
- char *login;
- BIGNUM *N, *g, *s, *B, *A;
- BIGNUM *a, *b, *v;
- char *info;
- int strength;
- unsigned long srp_Mask;
-} SRP_CTX;
-
-# endif
-
-/* see tls_srp.c */
-int SSL_SRP_CTX_init(SSL *s);
-int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
-int SSL_SRP_CTX_free(SSL *ctx);
-int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
-int SSL_srp_server_param_with_username(SSL *s, int *ad);
-int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
-int SRP_Calc_A_param(SSL *s);
-int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
-
-# endif
-
-# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
-# define SSL_MAX_CERT_LIST_DEFAULT 1024*30
- /* 30k max cert list :-) */
-# else
-# define SSL_MAX_CERT_LIST_DEFAULT 1024*100
- /* 100k max cert list :-) */
-# endif
-
-# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
-
-/*
- * This callback type is used inside SSL_CTX, SSL, and in the functions that
- * set them. It is used to override the generation of SSL/TLS session IDs in
- * a server. Return value should be zero on an error, non-zero to proceed.
- * Also, callbacks should themselves check if the id they generate is unique
- * otherwise the SSL handshake will fail with an error - callbacks can do
- * this using the 'ssl' value they're passed by;
- * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
- * is set at the maximum size the session ID can be. In SSLv2 this is 16
- * bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback can alter this
- * length to be less if desired, but under SSLv2 session IDs are supposed to
- * be fixed at 16 bytes so the id will be padded after the callback returns
- * in this case. It is also an error for the callback to set the size to
- * zero.
- */
-typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
- unsigned int *id_len);
-
-typedef struct ssl_comp_st SSL_COMP;
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-struct ssl_comp_st {
- int id;
- const char *name;
-# ifndef OPENSSL_NO_COMP
- COMP_METHOD *method;
-# else
- char *method;
-# endif
-};
-
-DECLARE_STACK_OF(SSL_COMP)
-DECLARE_LHASH_OF(SSL_SESSION);
-
-struct ssl_ctx_st {
- const SSL_METHOD *method;
- STACK_OF(SSL_CIPHER) *cipher_list;
- /* same as above but sorted for lookup */
- STACK_OF(SSL_CIPHER) *cipher_list_by_id;
- struct x509_store_st /* X509_STORE */ *cert_store;
- LHASH_OF(SSL_SESSION) *sessions;
- /*
- * Most session-ids that will be cached, default is
- * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
- */
- unsigned long session_cache_size;
- struct ssl_session_st *session_cache_head;
- struct ssl_session_st *session_cache_tail;
- /*
- * This can have one of 2 values, ored together, SSL_SESS_CACHE_CLIENT,
- * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which
- * means only SSL_accept which cache SSL_SESSIONS.
- */
- int session_cache_mode;
- /*
- * If timeout is not 0, it is the default timeout value set when
- * SSL_new() is called. This has been put in to make life easier to set
- * things up
- */
- long session_timeout;
- /*
- * If this callback is not null, it will be called each time a session id
- * is added to the cache. If this function returns 1, it means that the
- * callback will do a SSL_SESSION_free() when it has finished using it.
- * Otherwise, on 0, it means the callback has finished with it. If
- * remove_session_cb is not null, it will be called when a session-id is
- * removed from the cache. After the call, OpenSSL will
- * SSL_SESSION_free() it.
- */
- int (*new_session_cb) (struct ssl_st *ssl, SSL_SESSION *sess);
- void (*remove_session_cb) (struct ssl_ctx_st *ctx, SSL_SESSION *sess);
- SSL_SESSION *(*get_session_cb) (struct ssl_st *ssl,
- unsigned char *data, int len, int *copy);
- struct {
- int sess_connect; /* SSL new conn - started */
- int sess_connect_renegotiate; /* SSL reneg - requested */
- int sess_connect_good; /* SSL new conne/reneg - finished */
- int sess_accept; /* SSL new accept - started */
- int sess_accept_renegotiate; /* SSL reneg - requested */
- int sess_accept_good; /* SSL accept/reneg - finished */
- int sess_miss; /* session lookup misses */
- int sess_timeout; /* reuse attempt on timeouted session */
- int sess_cache_full; /* session removed due to full cache */
- int sess_hit; /* session reuse actually done */
- int sess_cb_hit; /* session-id that was not in the cache was
- * passed back via the callback. This
- * indicates that the application is
- * supplying session-id's from other
- * processes - spooky :-) */
- } stats;
-
- int references;
-
- /* if defined, these override the X509_verify_cert() calls */
- int (*app_verify_callback) (X509_STORE_CTX *, void *);
- void *app_verify_arg;
- /*
- * before OpenSSL 0.9.7, 'app_verify_arg' was ignored
- * ('app_verify_callback' was called with just one argument)
- */
-
- /* Default password callback. */
- pem_password_cb *default_passwd_callback;
-
- /* Default password callback user data. */
- void *default_passwd_callback_userdata;
-
- /* get client cert callback */
- int (*client_cert_cb) (SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
- /* cookie generate callback */
- int (*app_gen_cookie_cb) (SSL *ssl, unsigned char *cookie,
- unsigned int *cookie_len);
-
- /* verify cookie callback */
- int (*app_verify_cookie_cb) (SSL *ssl, unsigned char *cookie,
- unsigned int cookie_len);
-
- CRYPTO_EX_DATA ex_data;
-
- const EVP_MD *rsa_md5; /* For SSLv2 - name is 'ssl2-md5' */
- const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
- const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
-
- STACK_OF(X509) *extra_certs;
- STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
-
- /* Default values used when no per-SSL value is defined follow */
-
- /* used if SSL's info_callback is NULL */
- void (*info_callback) (const SSL *ssl, int type, int val);
-
- /* what we put in client cert requests */
- STACK_OF(X509_NAME) *client_CA;
-
- /*
- * Default values to use in SSL structures follow (these are copied by
- * SSL_new)
- */
-
- unsigned long options;
- unsigned long mode;
- long max_cert_list;
-
- struct cert_st /* CERT */ *cert;
- int read_ahead;
-
- /* callback that allows applications to peek at protocol messages */
- void (*msg_callback) (int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl, void *arg);
- void *msg_callback_arg;
-
- int verify_mode;
- unsigned int sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
- /* called 'verify_callback' in the SSL */
- int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx);
-
- /* Default generate session ID callback. */
- GEN_SESSION_CB generate_session_id;
-
- X509_VERIFY_PARAM *param;
-
-# if 0
- int purpose; /* Purpose setting */
- int trust; /* Trust setting */
-# endif
-
- int quiet_shutdown;
-
- /*
- * Maximum amount of data to send in one fragment. actual record size can
- * be more than this due to padding and MAC overheads.
- */
- unsigned int max_send_fragment;
-
-# ifndef OPENSSL_NO_ENGINE
- /*
- * Engine to pass requests for client certs to
- */
- ENGINE *client_cert_engine;
-# endif
-
-# ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions servername callback */
- int (*tlsext_servername_callback) (SSL *, int *, void *);
- void *tlsext_servername_arg;
- /* RFC 4507 session ticket keys */
- unsigned char tlsext_tick_key_name[16];
- unsigned char tlsext_tick_hmac_key[16];
- unsigned char tlsext_tick_aes_key[16];
- /* Callback to support customisation of ticket key setting */
- int (*tlsext_ticket_key_cb) (SSL *ssl,
- unsigned char *name, unsigned char *iv,
- EVP_CIPHER_CTX *ectx,
- HMAC_CTX *hctx, int enc);
-
- /* certificate status request info */
- /* Callback for status request */
- int (*tlsext_status_cb) (SSL *ssl, void *arg);
- void *tlsext_status_arg;
-
- /* draft-rescorla-tls-opaque-prf-input-00.txt information */
- int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput,
- size_t len, void *arg);
- void *tlsext_opaque_prf_input_callback_arg;
-# endif
-
-# ifndef OPENSSL_NO_PSK
- char *psk_identity_hint;
- unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len);
- unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len);
-# endif
-
-# ifndef OPENSSL_NO_BUF_FREELISTS
-# define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
- unsigned int freelist_max_len;
- struct ssl3_buf_freelist_st *wbuf_freelist;
- struct ssl3_buf_freelist_st *rbuf_freelist;
-# endif
-# ifndef OPENSSL_NO_SRP
- SRP_CTX srp_ctx; /* ctx for SRP authentication */
-# endif
-
-# ifndef OPENSSL_NO_TLSEXT
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
- /* Next protocol negotiation information */
- /* (for experimental NPN extension). */
-
- /*
- * For a server, this contains a callback function by which the set of
- * advertised protocols can be provided.
- */
- int (*next_protos_advertised_cb) (SSL *s, const unsigned char **buf,
- unsigned int *len, void *arg);
- void *next_protos_advertised_cb_arg;
- /*
- * For a client, this contains a callback function that selects the next
- * protocol from the list provided by the server.
- */
- int (*next_proto_select_cb) (SSL *s, unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen, void *arg);
- void *next_proto_select_cb_arg;
-# endif
- /* SRTP profiles we are willing to do from RFC 5764 */
- STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
-# endif
-};
-
-# endif
-
-# define SSL_SESS_CACHE_OFF 0x0000
-# define SSL_SESS_CACHE_CLIENT 0x0001
-# define SSL_SESS_CACHE_SERVER 0x0002
-# define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-# define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
-/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
-# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
-# define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
-# define SSL_SESS_CACHE_NO_INTERNAL \
- (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
-
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
-# define SSL_CTX_sess_number(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
-# define SSL_CTX_sess_connect(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
-# define SSL_CTX_sess_connect_good(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
-# define SSL_CTX_sess_connect_renegotiate(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
-# define SSL_CTX_sess_accept(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
-# define SSL_CTX_sess_accept_renegotiate(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
-# define SSL_CTX_sess_accept_good(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
-# define SSL_CTX_sess_hits(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
-# define SSL_CTX_sess_cb_hits(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
-# define SSL_CTX_sess_misses(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
-# define SSL_CTX_sess_timeouts(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
-# define SSL_CTX_sess_cache_full(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
- int (*new_session_cb) (struct ssl_st *ssl,
- SSL_SESSION *sess));
-int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
- SSL_SESSION *sess);
-void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
- void (*remove_session_cb) (struct ssl_ctx_st
- *ctx,
- SSL_SESSION
- *sess));
-void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
- SSL_SESSION *sess);
-void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
- SSL_SESSION *(*get_session_cb) (struct ssl_st
- *ssl,
- unsigned char
- *data, int len,
- int *copy));
-SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
- unsigned char *Data,
- int len, int *copy);
-void SSL_CTX_set_info_callback(SSL_CTX *ctx,
- void (*cb) (const SSL *ssl, int type,
- int val));
-void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
- int val);
-void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
- int (*client_cert_cb) (SSL *ssl, X509 **x509,
- EVP_PKEY **pkey));
-int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
- EVP_PKEY **pkey);
-# ifndef OPENSSL_NO_ENGINE
-int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
-# endif
-void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
- int (*app_gen_cookie_cb) (SSL *ssl,
- unsigned char
- *cookie,
- unsigned int
- *cookie_len));
-void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
- int (*app_verify_cookie_cb) (SSL *ssl,
- unsigned char
- *cookie,
- unsigned int
- cookie_len));
-# ifndef OPENSSL_NO_NEXTPROTONEG
-void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl,
- const unsigned char
- **out,
- unsigned int *outlen,
- void *arg), void *arg);
-void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl,
- unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg), void *arg);
-
-int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
- const unsigned char *in, unsigned int inlen,
- const unsigned char *client,
- unsigned int client_len);
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
- unsigned *len);
-
-# define OPENSSL_NPN_UNSUPPORTED 0
-# define OPENSSL_NPN_NEGOTIATED 1
-# define OPENSSL_NPN_NO_OVERLAP 2
-# endif
-
-# ifndef OPENSSL_NO_PSK
-/*
- * the maximum length of the buffer given to callbacks containing the
- * resulting identity/psk
- */
-# define PSK_MAX_IDENTITY_LEN 128
-# define PSK_MAX_PSK_LEN 256
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
- unsigned int (*psk_client_callback) (SSL
- *ssl,
- const
- char
- *hint,
- char
- *identity,
- unsigned
- int
- max_identity_len,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_set_psk_client_callback(SSL *ssl,
- unsigned int (*psk_client_callback) (SSL
- *ssl,
- const
- char
- *hint,
- char
- *identity,
- unsigned
- int
- max_identity_len,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
- unsigned int (*psk_server_callback) (SSL
- *ssl,
- const
- char
- *identity,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_set_psk_server_callback(SSL *ssl,
- unsigned int (*psk_server_callback) (SSL
- *ssl,
- const
- char
- *identity,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
-int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
-const char *SSL_get_psk_identity_hint(const SSL *s);
-const char *SSL_get_psk_identity(const SSL *s);
-# endif
-
-# define SSL_NOTHING 1
-# define SSL_WRITING 2
-# define SSL_READING 3
-# define SSL_X509_LOOKUP 4
-
-/* These will only be used when doing non-blocking IO */
-# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
-# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
-# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
-# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-
-# define SSL_MAC_FLAG_READ_MAC_STREAM 1
-# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-struct ssl_st {
- /*
- * protocol version (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION,
- * DTLS1_VERSION)
- */
- int version;
- /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
- int type;
- /* SSLv3 */
- const SSL_METHOD *method;
- /*
- * There are 2 BIO's even though they are normally both the same. This
- * is so data can be read and written to different handlers
- */
-# ifndef OPENSSL_NO_BIO
- /* used by SSL_read */
- BIO *rbio;
- /* used by SSL_write */
- BIO *wbio;
- /* used during session-id reuse to concatenate messages */
- BIO *bbio;
-# else
- /* used by SSL_read */
- char *rbio;
- /* used by SSL_write */
- char *wbio;
- char *bbio;
-# endif
- /*
- * This holds a variable that indicates what we were doing when a 0 or -1
- * is returned. This is needed for non-blocking IO so we know what
- * request needs re-doing when in SSL_accept or SSL_connect
- */
- int rwstate;
- /* true when we are actually in SSL_accept() or SSL_connect() */
- int in_handshake;
- int (*handshake_func) (SSL *);
- /*
- * Imagine that here's a boolean member "init" that is switched as soon
- * as SSL_set_{accept/connect}_state is called for the first time, so
- * that "state" and "handshake_func" are properly initialized. But as
- * handshake_func is == 0 until then, we use this test instead of an
- * "init" member.
- */
- /* are we the server side? - mostly used by SSL_clear */
- int server;
- /*
- * Generate a new session or reuse an old one.
- * NB: For servers, the 'new' session may actually be a previously
- * cached session or even the previous session unless
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
- */
- int new_session;
- /* don't send shutdown packets */
- int quiet_shutdown;
- /* we have shut things down, 0x01 sent, 0x02 for received */
- int shutdown;
- /* where we are */
- int state;
- /* where we are when reading */
- int rstate;
- BUF_MEM *init_buf; /* buffer used during init */
- void *init_msg; /* pointer to handshake message body, set by
- * ssl3_get_message() */
- int init_num; /* amount read/written */
- int init_off; /* amount read/written */
- /* used internally to point at a raw packet */
- unsigned char *packet;
- unsigned int packet_length;
- struct ssl2_state_st *s2; /* SSLv2 variables */
- struct ssl3_state_st *s3; /* SSLv3 variables */
- struct dtls1_state_st *d1; /* DTLSv1 variables */
- int read_ahead; /* Read as many input bytes as possible (for
- * non-blocking reads) */
- /* callback that allows applications to peek at protocol messages */
- void (*msg_callback) (int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl, void *arg);
- void *msg_callback_arg;
- int hit; /* reusing a previous session */
- X509_VERIFY_PARAM *param;
-# if 0
- int purpose; /* Purpose setting */
- int trust; /* Trust setting */
-# endif
- /* crypto */
- STACK_OF(SSL_CIPHER) *cipher_list;
- STACK_OF(SSL_CIPHER) *cipher_list_by_id;
- /*
- * These are the ones being used, the ones in SSL_SESSION are the ones to
- * be 'copied' into these ones
- */
- int mac_flags;
- EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
- EVP_MD_CTX *read_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
- COMP_CTX *expand; /* uncompress */
-# else
- char *expand;
-# endif
- EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
- EVP_MD_CTX *write_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
- COMP_CTX *compress; /* compression */
-# else
- char *compress;
-# endif
- /* session info */
- /* client cert? */
- /* This is used to hold the server certificate used */
- struct cert_st /* CERT */ *cert;
- /*
- * the session_id_context is used to ensure sessions are only reused in
- * the appropriate context
- */
- unsigned int sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
- /* This can also be in the session once a session is established */
- SSL_SESSION *session;
- /* Default generate session ID callback. */
- GEN_SESSION_CB generate_session_id;
- /* Used in SSL2 and SSL3 */
- /*
- * 0 don't care about verify failure.
- * 1 fail if verify fails
- */
- int verify_mode;
- /* fail if callback returns 0 */
- int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
- /* optional informational callback */
- void (*info_callback) (const SSL *ssl, int type, int val);
- /* error bytes to be written */
- int error;
- /* actual code */
- int error_code;
-# ifndef OPENSSL_NO_KRB5
- /* Kerberos 5 context */
- KSSL_CTX *kssl_ctx;
-# endif /* OPENSSL_NO_KRB5 */
-# ifndef OPENSSL_NO_PSK
- unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len);
- unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len);
-# endif
- SSL_CTX *ctx;
- /*
- * set this flag to 1 and a sleep(1) is put into all SSL_read() and
- * SSL_write() calls, good for nbio debuging :-)
- */
- int debug;
- /* extra application data */
- long verify_result;
- CRYPTO_EX_DATA ex_data;
- /* for server side, keep the list of CA_dn we can use */
- STACK_OF(X509_NAME) *client_CA;
- int references;
- /* protocol behaviour */
- unsigned long options;
- /* API behaviour */
- unsigned long mode;
- long max_cert_list;
- int first_packet;
- /* what was passed, used for SSLv3/TLS rollback check */
- int client_version;
- unsigned int max_send_fragment;
-# ifndef OPENSSL_NO_TLSEXT
- /* TLS extension debug callback */
- void (*tlsext_debug_cb) (SSL *s, int client_server, int type,
- unsigned char *data, int len, void *arg);
- void *tlsext_debug_arg;
- char *tlsext_hostname;
- /*-
- * no further mod of servername
- * 0 : call the servername extension callback.
- * 1 : prepare 2, allow last ack just after in server callback.
- * 2 : don't call servername callback, no ack in server hello
- */
- int servername_done;
- /* certificate status request info */
- /* Status type or -1 if no status type */
- int tlsext_status_type;
- /* Expect OCSP CertificateStatus message */
- int tlsext_status_expected;
- /* OCSP status request only */
- STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
- X509_EXTENSIONS *tlsext_ocsp_exts;
- /* OCSP response received or to be sent */
- unsigned char *tlsext_ocsp_resp;
- int tlsext_ocsp_resplen;
- /* RFC4507 session ticket expected to be received or sent */
- int tlsext_ticket_expected;
-# ifndef OPENSSL_NO_EC
- size_t tlsext_ecpointformatlist_length;
- /* our list */
- unsigned char *tlsext_ecpointformatlist;
- size_t tlsext_ellipticcurvelist_length;
- /* our list */
- unsigned char *tlsext_ellipticcurvelist;
-# endif /* OPENSSL_NO_EC */
- /*
- * draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
- * handshakes
- */
- void *tlsext_opaque_prf_input;
- size_t tlsext_opaque_prf_input_len;
- /* TLS Session Ticket extension override */
- TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
- /* TLS Session Ticket extension callback */
- tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
- void *tls_session_ticket_ext_cb_arg;
- /* TLS pre-shared secret session resumption */
- tls_session_secret_cb_fn tls_session_secret_cb;
- void *tls_session_secret_cb_arg;
- SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */
-# ifndef OPENSSL_NO_NEXTPROTONEG
- /*
- * Next protocol negotiation. For the client, this is the protocol that
- * we sent in NextProtocol and is set when handling ServerHello
- * extensions. For a server, this is the client's selected_protocol from
- * NextProtocol and is set when handling the NextProtocol message, before
- * the Finished message.
- */
- unsigned char *next_proto_negotiated;
- unsigned char next_proto_negotiated_len;
-# endif
-# define session_ctx initial_ctx
- /* What we'll do */
- STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
- /* What's been chosen */
- SRTP_PROTECTION_PROFILE *srtp_profile;
- /*-
- * Is use of the Heartbeat extension negotiated?
- * 0: disabled
- * 1: enabled
- * 2: enabled, but not allowed to send Requests
- */
- unsigned int tlsext_heartbeat;
- /* Indicates if a HeartbeatRequest is in flight */
- unsigned int tlsext_hb_pending;
- /* HeartbeatRequest sequence number */
- unsigned int tlsext_hb_seq;
-# else
-# define session_ctx ctx
-# endif /* OPENSSL_NO_TLSEXT */
- /*-
- * 1 if we are renegotiating.
- * 2 if we are a server and are inside a handshake
- * (i.e. not just sending a HelloRequest)
- */
- int renegotiate;
-# ifndef OPENSSL_NO_SRP
- /* ctx for SRP authentication */
- SRP_CTX srp_ctx;
-# endif
-};
-
-# endif
-
-#ifdef __cplusplus
-}
-#endif
-
-# include <openssl/ssl2.h>
-# include <openssl/ssl3.h>
-# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
-# include <openssl/dtls1.h> /* Datagram TLS */
-# include <openssl/ssl23.h>
-# include <openssl/srtp.h> /* Support for the use_srtp extension */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* compatibility */
-# define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
-# define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
-# define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
-# define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
-# define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
-# define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
-
-/*
- * The following are the possible values for ssl->state are are used to
- * indicate where we are up to in the SSL connection establishment. The
- * macros that follow are about the only things you should need to use and
- * even then, only when using non-blocking IO. It can also be useful to work
- * out where you were when the connection failed
- */
-
-# define SSL_ST_CONNECT 0x1000
-# define SSL_ST_ACCEPT 0x2000
-# define SSL_ST_MASK 0x0FFF
-# define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
-# define SSL_ST_BEFORE 0x4000
-# define SSL_ST_OK 0x03
-# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
-# define SSL_ST_ERR 0x05
-
-# define SSL_CB_LOOP 0x01
-# define SSL_CB_EXIT 0x02
-# define SSL_CB_READ 0x04
-# define SSL_CB_WRITE 0x08
-# define SSL_CB_ALERT 0x4000/* used in callback */
-# define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
-# define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
-# define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
-# define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
-# define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
-# define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
-# define SSL_CB_HANDSHAKE_START 0x10
-# define SSL_CB_HANDSHAKE_DONE 0x20
-
-/* Is the SSL_connection established? */
-# define SSL_get_state(a) SSL_state(a)
-# define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
-# define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
-# define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
-# define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
-# define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
-
-/*
- * The following 2 states are kept in ssl->rstate when reads fail, you should
- * not need these
- */
-# define SSL_ST_READ_HEADER 0xF0
-# define SSL_ST_READ_BODY 0xF1
-# define SSL_ST_READ_DONE 0xF2
-
-/*-
- * Obtain latest Finished message
- * -- that we sent (SSL_get_finished)
- * -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes.
- */
-size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
-
-/*
- * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
- * 'ored' with SSL_VERIFY_PEER if they are desired
- */
-# define SSL_VERIFY_NONE 0x00
-# define SSL_VERIFY_PEER 0x01
-# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
-# define SSL_VERIFY_CLIENT_ONCE 0x04
-
-# define OpenSSL_add_ssl_algorithms() SSL_library_init()
-# define SSLeay_add_ssl_algorithms() SSL_library_init()
-
-/* this is for backward compatibility */
-# if 0 /* NEW_SSLEAY */
-# define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
-# define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
-# define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
-# define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
-# define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
-# endif
-/* More backward compatibility */
-# define SSL_get_cipher(s) \
- SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-# define SSL_get_cipher_bits(s,np) \
- SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-# define SSL_get_cipher_version(s) \
- SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-# define SSL_get_cipher_name(s) \
- SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-# define SSL_get_time(a) SSL_SESSION_get_time(a)
-# define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
-# define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
-# define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
-
-# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
-# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
-
-DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
-# define SSL_AD_REASON_OFFSET 1000/* offset to get SSL_R_... value
- * from SSL_AD_... */
-/* These alert types are for SSLv3 and TLSv1 */
-# define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
-/* fatal */
-# define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE
-/* fatal */
-# define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC
-# define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
-# define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
-/* fatal */
-# define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE
-/* fatal */
-# define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE
-/* Not for TLS */
-# define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE
-# define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
-# define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
-# define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
-# define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
-# define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
-/* fatal */
-# define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER
-/* fatal */
-# define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA
-/* fatal */
-# define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED
-/* fatal */
-# define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR
-# define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
-/* fatal */
-# define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION
-/* fatal */
-# define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION
-/* fatal */
-# define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY
-/* fatal */
-# define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR
-# define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
-# define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
-# define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
-# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
-# define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
-# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
-# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
-/* fatal */
-# define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
-/* fatal */
-# define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
-# define SSL_ERROR_NONE 0
-# define SSL_ERROR_SSL 1
-# define SSL_ERROR_WANT_READ 2
-# define SSL_ERROR_WANT_WRITE 3
-# define SSL_ERROR_WANT_X509_LOOKUP 4
-# define SSL_ERROR_SYSCALL 5/* look at error stack/return
- * value/errno */
-# define SSL_ERROR_ZERO_RETURN 6
-# define SSL_ERROR_WANT_CONNECT 7
-# define SSL_ERROR_WANT_ACCEPT 8
-# define SSL_CTRL_NEED_TMP_RSA 1
-# define SSL_CTRL_SET_TMP_RSA 2
-# define SSL_CTRL_SET_TMP_DH 3
-# define SSL_CTRL_SET_TMP_ECDH 4
-# define SSL_CTRL_SET_TMP_RSA_CB 5
-# define SSL_CTRL_SET_TMP_DH_CB 6
-# define SSL_CTRL_SET_TMP_ECDH_CB 7
-# define SSL_CTRL_GET_SESSION_REUSED 8
-# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
-# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
-# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
-# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
-# define SSL_CTRL_GET_FLAGS 13
-# define SSL_CTRL_EXTRA_CHAIN_CERT 14
-# define SSL_CTRL_SET_MSG_CALLBACK 15
-# define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
-/* only applies to datagram connections */
-# define SSL_CTRL_SET_MTU 17
-/* Stats */
-# define SSL_CTRL_SESS_NUMBER 20
-# define SSL_CTRL_SESS_CONNECT 21
-# define SSL_CTRL_SESS_CONNECT_GOOD 22
-# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
-# define SSL_CTRL_SESS_ACCEPT 24
-# define SSL_CTRL_SESS_ACCEPT_GOOD 25
-# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
-# define SSL_CTRL_SESS_HIT 27
-# define SSL_CTRL_SESS_CB_HIT 28
-# define SSL_CTRL_SESS_MISSES 29
-# define SSL_CTRL_SESS_TIMEOUTS 30
-# define SSL_CTRL_SESS_CACHE_FULL 31
-# define SSL_CTRL_OPTIONS 32
-# define SSL_CTRL_MODE 33
-# define SSL_CTRL_GET_READ_AHEAD 40
-# define SSL_CTRL_SET_READ_AHEAD 41
-# define SSL_CTRL_SET_SESS_CACHE_SIZE 42
-# define SSL_CTRL_GET_SESS_CACHE_SIZE 43
-# define SSL_CTRL_SET_SESS_CACHE_MODE 44
-# define SSL_CTRL_GET_SESS_CACHE_MODE 45
-# define SSL_CTRL_GET_MAX_CERT_LIST 50
-# define SSL_CTRL_SET_MAX_CERT_LIST 51
-# define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
-/* see tls1.h for macros based on these */
-# ifndef OPENSSL_NO_TLSEXT
-# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
-# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
-# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
-# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
-# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
-# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
-# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
-# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60
-# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
-# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
-# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
-# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
-# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
-# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
-# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
-# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
-# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
-# define SSL_CTRL_SET_SRP_ARG 78
-# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
-# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
-# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
-# ifndef OPENSSL_NO_HEARTBEATS
-# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
-# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
-# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
-# endif
-# endif
-# define DTLS_CTRL_GET_TIMEOUT 73
-# define DTLS_CTRL_HANDLE_TIMEOUT 74
-# define DTLS_CTRL_LISTEN 75
-# define SSL_CTRL_GET_RI_SUPPORT 76
-# define SSL_CTRL_CLEAR_OPTIONS 77
-# define SSL_CTRL_CLEAR_MODE 78
-# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
-# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
-# define SSL_CTRL_CHECK_PROTO_VERSION 119
-# define DTLS_CTRL_SET_LINK_MTU 120
-# define DTLS_CTRL_GET_LINK_MIN_MTU 121
-# define DTLSv1_get_timeout(ssl, arg) \
- SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
-# define DTLSv1_handle_timeout(ssl) \
- SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
-# define DTLSv1_listen(ssl, peer) \
- SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
-# define SSL_session_reused(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
-# define SSL_num_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
-# define SSL_clear_num_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
-# define SSL_total_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-# define SSL_CTX_need_tmp_RSA(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-# define SSL_CTX_set_tmp_dh(ctx,dh) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-# define SSL_need_tmp_RSA(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-# define SSL_set_tmp_rsa(ssl,rsa) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-# define SSL_set_tmp_dh(ssl,dh) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-# define SSL_set_tmp_ecdh(ssl,ecdh) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
-# define SSL_CTX_clear_extra_chain_certs(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
-# ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_ssl(void);
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
-int BIO_ssl_copy_session_id(BIO *to, BIO *from);
-void BIO_ssl_shutdown(BIO *ssl_bio);
-
-# endif
-
-int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
-SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
-void SSL_CTX_free(SSL_CTX *);
-long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
-long SSL_CTX_get_timeout(const SSL_CTX *ctx);
-X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
-void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
-int SSL_want(const SSL *s);
-int SSL_clear(SSL *s);
-
-void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
-
-const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
-int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
-char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
-const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
-unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
-
-int SSL_get_fd(const SSL *s);
-int SSL_get_rfd(const SSL *s);
-int SSL_get_wfd(const SSL *s);
-const char *SSL_get_cipher_list(const SSL *s, int n);
-char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
-int SSL_get_read_ahead(const SSL *s);
-int SSL_pending(const SSL *s);
-# ifndef OPENSSL_NO_SOCK
-int SSL_set_fd(SSL *s, int fd);
-int SSL_set_rfd(SSL *s, int fd);
-int SSL_set_wfd(SSL *s, int fd);
-# endif
-# ifndef OPENSSL_NO_BIO
-void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
-BIO *SSL_get_rbio(const SSL *s);
-BIO *SSL_get_wbio(const SSL *s);
-# endif
-int SSL_set_cipher_list(SSL *s, const char *str);
-void SSL_set_read_ahead(SSL *s, int yes);
-int SSL_get_verify_mode(const SSL *s);
-int SSL_get_verify_depth(const SSL *s);
-int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
-void SSL_set_verify(SSL *s, int mode,
- int (*callback) (int ok, X509_STORE_CTX *ctx));
-void SSL_set_verify_depth(SSL *s, int depth);
-# ifndef OPENSSL_NO_RSA
-int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-# endif
-int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
-int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
- long len);
-int SSL_use_certificate(SSL *ssl, X509 *x);
-int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-
-# ifndef OPENSSL_NO_STDIO
-int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
-int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-/* PEM type */
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
- const char *file);
-# ifndef OPENSSL_SYS_VMS
-/* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
-# ifndef OPENSSL_SYS_MACINTOSH_CLASSIC
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
- const char *dir);
-# endif
-# endif
-
-# endif
-
-void SSL_load_error_strings(void);
-const char *SSL_state_string(const SSL *s);
-const char *SSL_rstate_string(const SSL *s);
-const char *SSL_state_string_long(const SSL *s);
-const char *SSL_rstate_string_long(const SSL *s);
-long SSL_SESSION_get_time(const SSL_SESSION *s);
-long SSL_SESSION_set_time(SSL_SESSION *s, long t);
-long SSL_SESSION_get_timeout(const SSL_SESSION *s);
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void SSL_copy_session_id(SSL *to, const SSL *from);
-X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
-int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-SSL_SESSION *SSL_SESSION_new(void);
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
- unsigned int *len);
-unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
-# ifndef OPENSSL_NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
-# endif
-# ifndef OPENSSL_NO_BIO
-int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
-# endif
-void SSL_SESSION_free(SSL_SESSION *ses);
-int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
-int SSL_set_session(SSL *to, SSL_SESSION *session);
-int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
-int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
-int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
- unsigned int id_len);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
- long length);
-
-# ifdef HEADER_X509_H
-X509 *SSL_get_peer_certificate(const SSL *s);
-# endif
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
-
-int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
-int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
- X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
- int (*callback) (int, X509_STORE_CTX *));
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
- int (*cb) (X509_STORE_CTX *, void *),
- void *arg);
-# ifndef OPENSSL_NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-# endif
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
- long len);
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
- const unsigned char *d, long len);
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
- const unsigned char *d);
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
-int SSL_CTX_check_private_key(const SSL_CTX *ctx);
-int SSL_check_private_key(const SSL *ctx);
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-SSL *SSL_new(SSL_CTX *ctx);
-int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-int SSL_set_purpose(SSL *s, int purpose);
-int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-int SSL_set_trust(SSL *s, int trust);
-
-int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
-int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
-
-# ifndef OPENSSL_NO_SRP
-int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
-int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
-int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
-int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
- char *(*cb) (SSL *, void *));
-int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
- int (*cb) (SSL *, void *));
-int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
- int (*cb) (SSL *, int *, void *));
-int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
-
-int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
- BIGNUM *sa, BIGNUM *v, char *info);
-int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
- const char *grp);
-
-BIGNUM *SSL_get_srp_g(SSL *s);
-BIGNUM *SSL_get_srp_N(SSL *s);
-
-char *SSL_get_srp_username(SSL *s);
-char *SSL_get_srp_userinfo(SSL *s);
-# endif
-
-void SSL_free(SSL *ssl);
-int SSL_accept(SSL *ssl);
-int SSL_connect(SSL *ssl);
-int SSL_read(SSL *ssl, void *buf, int num);
-int SSL_peek(SSL *ssl, void *buf, int num);
-int SSL_write(SSL *ssl, const void *buf, int num);
-long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
-long SSL_callback_ctrl(SSL *, int, void (*)(void));
-long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
-long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
-
-int SSL_get_error(const SSL *s, int ret_code);
-const char *SSL_get_version(const SSL *s);
-
-/* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-
-# ifndef OPENSSL_NO_SSL2
-const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
-const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
-const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
-# endif
-
-# ifndef OPENSSL_NO_SSL3_METHOD
-const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
-const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
-const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
-# endif
-
-const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
- * version */
-const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
- * SSL/TLS version */
-const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
- * SSL/TLS version */
-
-const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
-const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
-const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
-
-const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
-const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
-const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
-
-const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
-const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
-const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
-
-const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
-const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
-const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
-
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
-
-int SSL_do_handshake(SSL *s);
-int SSL_renegotiate(SSL *s);
-int SSL_renegotiate_abbreviated(SSL *s);
-int SSL_renegotiate_pending(SSL *s);
-int SSL_shutdown(SSL *s);
-
-const SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
-const char *SSL_alert_type_string_long(int value);
-const char *SSL_alert_type_string(int value);
-const char *SSL_alert_desc_string_long(int value);
-const char *SSL_alert_desc_string(int value);
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
-int SSL_add_client_CA(SSL *ssl, X509 *x);
-int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
-
-void SSL_set_connect_state(SSL *s);
-void SSL_set_accept_state(SSL *s);
-
-long SSL_get_default_timeout(const SSL *s);
-
-int SSL_library_init(void);
-
-char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-SSL *SSL_dup(SSL *ssl);
-
-X509 *SSL_get_certificate(const SSL *ssl);
-/*
- * EVP_PKEY
- */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
-int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
-void SSL_set_quiet_shutdown(SSL *ssl, int mode);
-int SSL_get_quiet_shutdown(const SSL *ssl);
-void SSL_set_shutdown(SSL *ssl, int mode);
-int SSL_get_shutdown(const SSL *ssl);
-int SSL_version(const SSL *ssl);
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
- const char *CApath);
-# define SSL_get0_session SSL_get_session/* just peek at pointer */
-SSL_SESSION *SSL_get_session(const SSL *ssl);
-SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
-SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
-void SSL_set_info_callback(SSL *ssl,
- void (*cb) (const SSL *ssl, int type, int val));
-void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
- int val);
-int SSL_state(const SSL *ssl);
-void SSL_set_state(SSL *ssl, int state);
-
-void SSL_set_verify_result(SSL *ssl, long v);
-long SSL_get_verify_result(const SSL *ssl);
-
-int SSL_set_ex_data(SSL *ssl, int idx, void *data);
-void *SSL_get_ex_data(const SSL *ssl, int idx);
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
-void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
-int SSL_SESSION_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
-void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void);
-
-# define SSL_CTX_sess_set_cache_size(ctx,t) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
-# define SSL_CTX_sess_get_cache_size(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
-# define SSL_CTX_set_session_cache_mode(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
-# define SSL_CTX_get_session_cache_mode(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
-
-# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
-# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
-# define SSL_CTX_get_read_ahead(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
-# define SSL_CTX_set_read_ahead(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
-# define SSL_CTX_get_max_cert_list(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-# define SSL_CTX_set_max_cert_list(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-# define SSL_get_max_cert_list(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-# define SSL_set_max_cert_list(ssl,m) \
- SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-
-# define SSL_CTX_set_max_send_fragment(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-# define SSL_set_max_send_fragment(ssl,m) \
- SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-
- /* NB: the keylength is only applicable when is_export is true */
-# ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
- RSA *(*cb) (SSL *ssl, int is_export,
- int keylength));
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,
- RSA *(*cb) (SSL *ssl, int is_export,
- int keylength));
-# endif
-# ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength));
-void SSL_set_tmp_dh_callback(SSL *ssl,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength));
-# endif
-# ifndef OPENSSL_NO_ECDH
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
- EC_KEY *(*ecdh) (SSL *ssl, int is_export,
- int keylength));
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
- EC_KEY *(*ecdh) (SSL *ssl, int is_export,
- int keylength));
-# endif
-
-# ifndef OPENSSL_NO_COMP
-const COMP_METHOD *SSL_get_current_compression(SSL *s);
-const COMP_METHOD *SSL_get_current_expansion(SSL *s);
-const char *SSL_COMP_get_name(const COMP_METHOD *comp);
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
-# else
-const void *SSL_get_current_compression(SSL *s);
-const void *SSL_get_current_expansion(SSL *s);
-const char *SSL_COMP_get_name(const void *comp);
-void *SSL_COMP_get_compression_methods(void);
-int SSL_COMP_add_compression_method(int id, void *cm);
-# endif
-
-/* TLS extensions functions */
-int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
-
-int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
- void *arg);
-
-/* Pre-shared secret session resumption functions */
-int SSL_set_session_secret_cb(SSL *s,
- tls_session_secret_cb_fn tls_session_secret_cb,
- void *arg);
-
-void SSL_set_debug(SSL *s, int debug);
-int SSL_cache_hit(SSL *s);
-
-# ifndef OPENSSL_NO_UNIT_TEST
-const struct openssl_ssl_test_functions *SSL_test_functions(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_SSL_strings(void);
-
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-# define SSL_F_CLIENT_CERTIFICATE 100
-# define SSL_F_CLIENT_FINISHED 167
-# define SSL_F_CLIENT_HELLO 101
-# define SSL_F_CLIENT_MASTER_KEY 102
-# define SSL_F_D2I_SSL_SESSION 103
-# define SSL_F_DO_DTLS1_WRITE 245
-# define SSL_F_DO_SSL3_WRITE 104
-# define SSL_F_DTLS1_ACCEPT 246
-# define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
-# define SSL_F_DTLS1_BUFFER_RECORD 247
-# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
-# define SSL_F_DTLS1_CLIENT_HELLO 248
-# define SSL_F_DTLS1_CONNECT 249
-# define SSL_F_DTLS1_ENC 250
-# define SSL_F_DTLS1_GET_HELLO_VERIFY 251
-# define SSL_F_DTLS1_GET_MESSAGE 252
-# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
-# define SSL_F_DTLS1_GET_RECORD 254
-# define SSL_F_DTLS1_HANDLE_TIMEOUT 297
-# define SSL_F_DTLS1_HEARTBEAT 305
-# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
-# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
-# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
-# define SSL_F_DTLS1_PROCESS_RECORD 257
-# define SSL_F_DTLS1_READ_BYTES 258
-# define SSL_F_DTLS1_READ_FAILED 259
-# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
-# define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261
-# define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262
-# define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263
-# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
-# define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265
-# define SSL_F_DTLS1_SEND_SERVER_HELLO 266
-# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
-# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
-# define SSL_F_GET_CLIENT_FINISHED 105
-# define SSL_F_GET_CLIENT_HELLO 106
-# define SSL_F_GET_CLIENT_MASTER_KEY 107
-# define SSL_F_GET_SERVER_FINISHED 108
-# define SSL_F_GET_SERVER_HELLO 109
-# define SSL_F_GET_SERVER_VERIFY 110
-# define SSL_F_I2D_SSL_SESSION 111
-# define SSL_F_READ_N 112
-# define SSL_F_REQUEST_CERTIFICATE 113
-# define SSL_F_SERVER_FINISH 239
-# define SSL_F_SERVER_HELLO 114
-# define SSL_F_SERVER_VERIFY 240
-# define SSL_F_SSL23_ACCEPT 115
-# define SSL_F_SSL23_CLIENT_HELLO 116
-# define SSL_F_SSL23_CONNECT 117
-# define SSL_F_SSL23_GET_CLIENT_HELLO 118
-# define SSL_F_SSL23_GET_SERVER_HELLO 119
-# define SSL_F_SSL23_PEEK 237
-# define SSL_F_SSL23_READ 120
-# define SSL_F_SSL23_WRITE 121
-# define SSL_F_SSL2_ACCEPT 122
-# define SSL_F_SSL2_CONNECT 123
-# define SSL_F_SSL2_ENC_INIT 124
-# define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241
-# define SSL_F_SSL2_PEEK 234
-# define SSL_F_SSL2_READ 125
-# define SSL_F_SSL2_READ_INTERNAL 236
-# define SSL_F_SSL2_SET_CERTIFICATE 126
-# define SSL_F_SSL2_WRITE 127
-# define SSL_F_SSL3_ACCEPT 128
-# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
-# define SSL_F_SSL3_CALLBACK_CTRL 233
-# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
-# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
-# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
-# define SSL_F_SSL3_CHECK_FINISHED 339
-# define SSL_F_SSL3_CLIENT_HELLO 131
-# define SSL_F_SSL3_CONNECT 132
-# define SSL_F_SSL3_CTRL 213
-# define SSL_F_SSL3_CTX_CTRL 133
-# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
-# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
-# define SSL_F_SSL3_ENC 134
-# define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
-# define SSL_F_SSL3_GENERATE_MASTER_SECRET 388
-# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
-# define SSL_F_SSL3_GET_CERT_STATUS 289
-# define SSL_F_SSL3_GET_CERT_VERIFY 136
-# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
-# define SSL_F_SSL3_GET_CLIENT_HELLO 138
-# define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
-# define SSL_F_SSL3_GET_FINISHED 140
-# define SSL_F_SSL3_GET_KEY_EXCHANGE 141
-# define SSL_F_SSL3_GET_MESSAGE 142
-# define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
-# define SSL_F_SSL3_GET_NEXT_PROTO 306
-# define SSL_F_SSL3_GET_RECORD 143
-# define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
-# define SSL_F_SSL3_GET_SERVER_DONE 145
-# define SSL_F_SSL3_GET_SERVER_HELLO 146
-# define SSL_F_SSL3_HANDSHAKE_MAC 285
-# define SSL_F_SSL3_NEW_SESSION_TICKET 287
-# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
-# define SSL_F_SSL3_PEEK 235
-# define SSL_F_SSL3_READ_BYTES 148
-# define SSL_F_SSL3_READ_N 149
-# define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
-# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
-# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
-# define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
-# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
-# define SSL_F_SSL3_SEND_SERVER_HELLO 242
-# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
-# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
-# define SSL_F_SSL3_SETUP_READ_BUFFER 156
-# define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
-# define SSL_F_SSL3_WRITE_BYTES 158
-# define SSL_F_SSL3_WRITE_PENDING 159
-# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
-# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
-# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
-# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
-# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
-# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
-# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
-# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
-# define SSL_F_SSL_BAD_METHOD 160
-# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
-# define SSL_F_SSL_CERT_DUP 221
-# define SSL_F_SSL_CERT_INST 222
-# define SSL_F_SSL_CERT_INSTANTIATE 214
-# define SSL_F_SSL_CERT_NEW 162
-# define SSL_F_SSL_CHECK_PRIVATE_KEY 163
-# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
-# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
-# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
-# define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
-# define SSL_F_SSL_CLEAR 164
-# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
-# define SSL_F_SSL_CREATE_CIPHER_LIST 166
-# define SSL_F_SSL_CTRL 232
-# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
-# define SSL_F_SSL_CTX_MAKE_PROFILES 309
-# define SSL_F_SSL_CTX_NEW 169
-# define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
-# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
-# define SSL_F_SSL_CTX_SET_PURPOSE 226
-# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
-# define SSL_F_SSL_CTX_SET_SSL_VERSION 170
-# define SSL_F_SSL_CTX_SET_TRUST 229
-# define SSL_F_SSL_CTX_USE_CERTIFICATE 171
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
-# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
-# define SSL_F_SSL_DO_HANDSHAKE 180
-# define SSL_F_SSL_GET_NEW_SESSION 181
-# define SSL_F_SSL_GET_PREV_SESSION 217
-# define SSL_F_SSL_GET_SERVER_SEND_CERT 182
-# define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
-# define SSL_F_SSL_GET_SIGN_PKEY 183
-# define SSL_F_SSL_INIT_WBIO_BUFFER 184
-# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
-# define SSL_F_SSL_NEW 186
-# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
-# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
-# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
-# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
-# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
-# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
-# define SSL_F_SSL_PEEK 270
-# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
-# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
-# define SSL_F_SSL_READ 223
-# define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
-# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
-# define SSL_F_SSL_SESSION_DUP 348
-# define SSL_F_SSL_SESSION_NEW 189
-# define SSL_F_SSL_SESSION_PRINT_FP 190
-# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
-# define SSL_F_SSL_SESS_CERT_NEW 225
-# define SSL_F_SSL_SET_CERT 191
-# define SSL_F_SSL_SET_CIPHER_LIST 271
-# define SSL_F_SSL_SET_FD 192
-# define SSL_F_SSL_SET_PKEY 193
-# define SSL_F_SSL_SET_PURPOSE 227
-# define SSL_F_SSL_SET_RFD 194
-# define SSL_F_SSL_SET_SESSION 195
-# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
-# define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
-# define SSL_F_SSL_SET_TRUST 228
-# define SSL_F_SSL_SET_WFD 196
-# define SSL_F_SSL_SHUTDOWN 224
-# define SSL_F_SSL_SRP_CTX_INIT 313
-# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
-# define SSL_F_SSL_UNDEFINED_FUNCTION 197
-# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
-# define SSL_F_SSL_USE_CERTIFICATE 198
-# define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
-# define SSL_F_SSL_USE_CERTIFICATE_FILE 200
-# define SSL_F_SSL_USE_PRIVATEKEY 201
-# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
-# define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
-# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
-# define SSL_F_SSL_USE_RSAPRIVATEKEY 204
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
-# define SSL_F_SSL_VERIFY_CERT_CHAIN 207
-# define SSL_F_SSL_WRITE 208
-# define SSL_F_TLS1_CERT_VERIFY_MAC 286
-# define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
-# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
-# define SSL_F_TLS1_ENC 210
-# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
-# define SSL_F_TLS1_HEARTBEAT 315
-# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
-# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
-# define SSL_F_TLS1_PRF 284
-# define SSL_F_TLS1_SETUP_KEY_BLOCK 211
-# define SSL_F_WRITE_PENDING 212
-
-/* Reason codes. */
-# define SSL_R_APP_DATA_IN_HANDSHAKE 100
-# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-# define SSL_R_BAD_ALERT_RECORD 101
-# define SSL_R_BAD_AUTHENTICATION_TYPE 102
-# define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
-# define SSL_R_BAD_CHECKSUM 104
-# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
-# define SSL_R_BAD_DECOMPRESSION 107
-# define SSL_R_BAD_DH_G_LENGTH 108
-# define SSL_R_BAD_DH_G_VALUE 375
-# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
-# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
-# define SSL_R_BAD_DH_P_LENGTH 110
-# define SSL_R_BAD_DH_P_VALUE 395
-# define SSL_R_BAD_DIGEST_LENGTH 111
-# define SSL_R_BAD_DSA_SIGNATURE 112
-# define SSL_R_BAD_ECC_CERT 304
-# define SSL_R_BAD_ECDSA_SIGNATURE 305
-# define SSL_R_BAD_ECPOINT 306
-# define SSL_R_BAD_HANDSHAKE_LENGTH 332
-# define SSL_R_BAD_HELLO_REQUEST 105
-# define SSL_R_BAD_LENGTH 271
-# define SSL_R_BAD_MAC_DECODE 113
-# define SSL_R_BAD_MAC_LENGTH 333
-# define SSL_R_BAD_MESSAGE_TYPE 114
-# define SSL_R_BAD_PACKET_LENGTH 115
-# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
-# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
-# define SSL_R_BAD_RESPONSE_ARGUMENT 117
-# define SSL_R_BAD_RSA_DECRYPT 118
-# define SSL_R_BAD_RSA_ENCRYPT 119
-# define SSL_R_BAD_RSA_E_LENGTH 120
-# define SSL_R_BAD_RSA_MODULUS_LENGTH 121
-# define SSL_R_BAD_RSA_SIGNATURE 122
-# define SSL_R_BAD_SIGNATURE 123
-# define SSL_R_BAD_SRP_A_LENGTH 347
-# define SSL_R_BAD_SRP_B_LENGTH 348
-# define SSL_R_BAD_SRP_G_LENGTH 349
-# define SSL_R_BAD_SRP_N_LENGTH 350
-# define SSL_R_BAD_SRP_PARAMETERS 371
-# define SSL_R_BAD_SRP_S_LENGTH 351
-# define SSL_R_BAD_SRTP_MKI_VALUE 352
-# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
-# define SSL_R_BAD_SSL_FILETYPE 124
-# define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
-# define SSL_R_BAD_STATE 126
-# define SSL_R_BAD_WRITE_RETRY 127
-# define SSL_R_BIO_NOT_SET 128
-# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
-# define SSL_R_BN_LIB 130
-# define SSL_R_CA_DN_LENGTH_MISMATCH 131
-# define SSL_R_CA_DN_TOO_LONG 132
-# define SSL_R_CCS_RECEIVED_EARLY 133
-# define SSL_R_CERTIFICATE_VERIFY_FAILED 134
-# define SSL_R_CERT_LENGTH_MISMATCH 135
-# define SSL_R_CHALLENGE_IS_DIFFERENT 136
-# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
-# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
-# define SSL_R_CIPHER_TABLE_SRC_ERROR 139
-# define SSL_R_CLIENTHELLO_TLSEXT 226
-# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
-# define SSL_R_COMPRESSION_DISABLED 343
-# define SSL_R_COMPRESSION_FAILURE 141
-# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
-# define SSL_R_COMPRESSION_LIBRARY_ERROR 142
-# define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
-# define SSL_R_CONNECTION_TYPE_NOT_SET 144
-# define SSL_R_COOKIE_MISMATCH 308
-# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
-# define SSL_R_DATA_LENGTH_TOO_LONG 146
-# define SSL_R_DECRYPTION_FAILED 147
-# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
-# define SSL_R_DH_KEY_TOO_SMALL 372
-# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
-# define SSL_R_DIGEST_CHECK_FAILED 149
-# define SSL_R_DTLS_MESSAGE_TOO_BIG 334
-# define SSL_R_DUPLICATE_COMPRESSION_ID 309
-# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
-# define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
-# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
-# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
-# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
-# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
-# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
-# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
-# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
-# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
-# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
-# define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
-# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
-# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
-# define SSL_R_HTTPS_PROXY_REQUEST 155
-# define SSL_R_HTTP_REQUEST 156
-# define SSL_R_ILLEGAL_PADDING 283
-# define SSL_R_INAPPROPRIATE_FALLBACK 373
-# define SSL_R_INCONSISTENT_COMPRESSION 340
-# define SSL_R_INVALID_CHALLENGE_LENGTH 158
-# define SSL_R_INVALID_COMMAND 280
-# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
-# define SSL_R_INVALID_PURPOSE 278
-# define SSL_R_INVALID_SRP_USERNAME 357
-# define SSL_R_INVALID_STATUS_RESPONSE 328
-# define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
-# define SSL_R_INVALID_TRUST 279
-# define SSL_R_KEY_ARG_TOO_LONG 284
-# define SSL_R_KRB5 285
-# define SSL_R_KRB5_C_CC_PRINC 286
-# define SSL_R_KRB5_C_GET_CRED 287
-# define SSL_R_KRB5_C_INIT 288
-# define SSL_R_KRB5_C_MK_REQ 289
-# define SSL_R_KRB5_S_BAD_TICKET 290
-# define SSL_R_KRB5_S_INIT 291
-# define SSL_R_KRB5_S_RD_REQ 292
-# define SSL_R_KRB5_S_TKT_EXPIRED 293
-# define SSL_R_KRB5_S_TKT_NYV 294
-# define SSL_R_KRB5_S_TKT_SKEW 295
-# define SSL_R_LENGTH_MISMATCH 159
-# define SSL_R_LENGTH_TOO_SHORT 160
-# define SSL_R_LIBRARY_BUG 274
-# define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
-# define SSL_R_MESSAGE_TOO_LONG 296
-# define SSL_R_MISSING_DH_DSA_CERT 162
-# define SSL_R_MISSING_DH_KEY 163
-# define SSL_R_MISSING_DH_RSA_CERT 164
-# define SSL_R_MISSING_DSA_SIGNING_CERT 165
-# define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
-# define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
-# define SSL_R_MISSING_RSA_CERTIFICATE 168
-# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
-# define SSL_R_MISSING_RSA_SIGNING_CERT 170
-# define SSL_R_MISSING_SRP_PARAM 358
-# define SSL_R_MISSING_TMP_DH_KEY 171
-# define SSL_R_MISSING_TMP_ECDH_KEY 311
-# define SSL_R_MISSING_TMP_RSA_KEY 172
-# define SSL_R_MISSING_TMP_RSA_PKEY 173
-# define SSL_R_MISSING_VERIFY_MESSAGE 174
-# define SSL_R_MULTIPLE_SGC_RESTARTS 346
-# define SSL_R_NON_SSLV2_INITIAL_PACKET 175
-# define SSL_R_NO_CERTIFICATES_RETURNED 176
-# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
-# define SSL_R_NO_CERTIFICATE_RETURNED 178
-# define SSL_R_NO_CERTIFICATE_SET 179
-# define SSL_R_NO_CERTIFICATE_SPECIFIED 180
-# define SSL_R_NO_CIPHERS_AVAILABLE 181
-# define SSL_R_NO_CIPHERS_PASSED 182
-# define SSL_R_NO_CIPHERS_SPECIFIED 183
-# define SSL_R_NO_CIPHER_LIST 184
-# define SSL_R_NO_CIPHER_MATCH 185
-# define SSL_R_NO_CLIENT_CERT_METHOD 331
-# define SSL_R_NO_CLIENT_CERT_RECEIVED 186
-# define SSL_R_NO_COMPRESSION_SPECIFIED 187
-# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
-# define SSL_R_NO_METHOD_SPECIFIED 188
-# define SSL_R_NO_PRIVATEKEY 189
-# define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
-# define SSL_R_NO_PROTOCOLS_AVAILABLE 191
-# define SSL_R_NO_PUBLICKEY 192
-# define SSL_R_NO_RENEGOTIATION 339
-# define SSL_R_NO_REQUIRED_DIGEST 324
-# define SSL_R_NO_SHARED_CIPHER 193
-# define SSL_R_NO_SRTP_PROFILES 359
-# define SSL_R_NO_VERIFY_CALLBACK 194
-# define SSL_R_NULL_SSL_CTX 195
-# define SSL_R_NULL_SSL_METHOD_PASSED 196
-# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
-# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
-# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
-# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
-# define SSL_R_PACKET_LENGTH_TOO_LONG 198
-# define SSL_R_PARSE_TLSEXT 227
-# define SSL_R_PATH_TOO_LONG 270
-# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
-# define SSL_R_PEER_ERROR 200
-# define SSL_R_PEER_ERROR_CERTIFICATE 201
-# define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
-# define SSL_R_PEER_ERROR_NO_CIPHER 203
-# define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
-# define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
-# define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
-# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
-# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
-# define SSL_R_PSK_NO_CLIENT_CB 224
-# define SSL_R_PSK_NO_SERVER_CB 225
-# define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
-# define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
-# define SSL_R_PUBLIC_KEY_NOT_RSA 210
-# define SSL_R_READ_BIO_NOT_SET 211
-# define SSL_R_READ_TIMEOUT_EXPIRED 312
-# define SSL_R_READ_WRONG_PACKET_TYPE 212
-# define SSL_R_RECORD_LENGTH_MISMATCH 213
-# define SSL_R_RECORD_TOO_LARGE 214
-# define SSL_R_RECORD_TOO_SMALL 298
-# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
-# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
-# define SSL_R_RENEGOTIATION_MISMATCH 337
-# define SSL_R_REQUIRED_CIPHER_MISSING 215
-# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
-# define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
-# define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
-# define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
-# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
-# define SSL_R_SERVERHELLO_TLSEXT 275
-# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
-# define SSL_R_SHORT_READ 219
-# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
-# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
-# define SSL_R_SRP_A_CALC 361
-# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
-# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
-# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
-# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
-# define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
-# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
-# define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
-# define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
-# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
-# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
-# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
-# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
-# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
-# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
-# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
-# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
-# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
-# define SSL_R_SSL_HANDSHAKE_FAILURE 229
-# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
-# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
-# define SSL_R_SSL_SESSION_ID_CONFLICT 302
-# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
-# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
-# define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
-# define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
-# define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
-# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
-# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
-# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
-# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
-# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
-# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
-# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
-# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
-# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
-# define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
-# define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
-# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
-# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
-# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
-# define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
-# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
-# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
-# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
-# define SSL_R_TLS_HEARTBEAT_PENDING 366
-# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
-# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
-# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
-# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
-# define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
-# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
-# define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
-# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
-# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
-# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
-# define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
-# define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
-# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
-# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
-# define SSL_R_UNEXPECTED_MESSAGE 244
-# define SSL_R_UNEXPECTED_RECORD 245
-# define SSL_R_UNINITIALIZED 276
-# define SSL_R_UNKNOWN_ALERT_TYPE 246
-# define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
-# define SSL_R_UNKNOWN_CIPHER_RETURNED 248
-# define SSL_R_UNKNOWN_CIPHER_TYPE 249
-# define SSL_R_UNKNOWN_DIGEST 368
-# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
-# define SSL_R_UNKNOWN_PKEY_TYPE 251
-# define SSL_R_UNKNOWN_PROTOCOL 252
-# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
-# define SSL_R_UNKNOWN_SSL_VERSION 254
-# define SSL_R_UNKNOWN_STATE 255
-# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
-# define SSL_R_UNSUPPORTED_CIPHER 256
-# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
-# define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
-# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
-# define SSL_R_UNSUPPORTED_PROTOCOL 258
-# define SSL_R_UNSUPPORTED_SSL_VERSION 259
-# define SSL_R_UNSUPPORTED_STATUS_TYPE 329
-# define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
-# define SSL_R_WRITE_BIO_NOT_SET 260
-# define SSL_R_WRONG_CIPHER_RETURNED 261
-# define SSL_R_WRONG_MESSAGE_TYPE 262
-# define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
-# define SSL_R_WRONG_SIGNATURE_LENGTH 264
-# define SSL_R_WRONG_SIGNATURE_SIZE 265
-# define SSL_R_WRONG_SIGNATURE_TYPE 370
-# define SSL_R_WRONG_SSL_VERSION 266
-# define SSL_R_WRONG_VERSION_NUMBER 267
-# define SSL_R_X509_LIB 268
-# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
-
-#ifdef __cplusplus
-}
-#endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/ssl.h (from rev 11605, vendor-crypto/openssl/dist/ssl/ssl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/ssl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2771 @@
+/* ssl/ssl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_SSL_H
+# define HEADER_SSL_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+# endif
+# ifndef OPENSSL_NO_BIO
+# include <openssl/bio.h>
+# endif
+# ifndef OPENSSL_NO_DEPRECATED
+# ifndef OPENSSL_NO_X509
+# include <openssl/x509.h>
+# endif
+# include <openssl/crypto.h>
+# include <openssl/lhash.h>
+# include <openssl/buffer.h>
+# endif
+# include <openssl/pem.h>
+# include <openssl/hmac.h>
+
+# include <openssl/kssl.h>
+# include <openssl/safestack.h>
+# include <openssl/symhacks.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* SSLeay version number for ASN.1 encoding of the session information */
+/*-
+ * Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+# define SSL_SESSION_ASN1_VERSION 0x0001
+
+/* text strings for the ciphers */
+# define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
+# define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
+# define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
+# define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
+# define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
+# define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
+# define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
+# define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
+# define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
+# define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
+
+/*
+ * VRS Additional Kerberos5 entries
+ */
+# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
+# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+# define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
+# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
+# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
+# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+# define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
+# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
+
+# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
+# define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
+# define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
+# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
+# define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
+# define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
+
+# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
+# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
+# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
+# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
+# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+# define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
+
+# define SSL_MAX_SSL_SESSION_ID_LENGTH 32
+# define SSL_MAX_SID_CTX_LENGTH 32
+
+# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
+# define SSL_MAX_KEY_ARG_LENGTH 8
+# define SSL_MAX_MASTER_KEY_LENGTH 48
+
+/* These are used to specify which ciphers to use and not to use */
+
+# define SSL_TXT_EXP40 "EXPORT40"
+# define SSL_TXT_EXP56 "EXPORT56"
+# define SSL_TXT_LOW "LOW"
+# define SSL_TXT_MEDIUM "MEDIUM"
+# define SSL_TXT_HIGH "HIGH"
+# define SSL_TXT_FIPS "FIPS"
+
+# define SSL_TXT_kFZA "kFZA"/* unused! */
+# define SSL_TXT_aFZA "aFZA"/* unused! */
+# define SSL_TXT_eFZA "eFZA"/* unused! */
+# define SSL_TXT_FZA "FZA"/* unused! */
+
+# define SSL_TXT_aNULL "aNULL"
+# define SSL_TXT_eNULL "eNULL"
+# define SSL_TXT_NULL "NULL"
+
+# define SSL_TXT_kRSA "kRSA"
+# define SSL_TXT_kDHr "kDHr"/* no such ciphersuites supported! */
+# define SSL_TXT_kDHd "kDHd"/* no such ciphersuites supported! */
+# define SSL_TXT_kDH "kDH"/* no such ciphersuites supported! */
+# define SSL_TXT_kEDH "kEDH"
+# define SSL_TXT_kKRB5 "kKRB5"
+# define SSL_TXT_kECDHr "kECDHr"
+# define SSL_TXT_kECDHe "kECDHe"
+# define SSL_TXT_kECDH "kECDH"
+# define SSL_TXT_kEECDH "kEECDH"
+# define SSL_TXT_kPSK "kPSK"
+# define SSL_TXT_kGOST "kGOST"
+# define SSL_TXT_kSRP "kSRP"
+
+# define SSL_TXT_aRSA "aRSA"
+# define SSL_TXT_aDSS "aDSS"
+# define SSL_TXT_aDH "aDH"/* no such ciphersuites supported! */
+# define SSL_TXT_aECDH "aECDH"
+# define SSL_TXT_aKRB5 "aKRB5"
+# define SSL_TXT_aECDSA "aECDSA"
+# define SSL_TXT_aPSK "aPSK"
+# define SSL_TXT_aGOST94 "aGOST94"
+# define SSL_TXT_aGOST01 "aGOST01"
+# define SSL_TXT_aGOST "aGOST"
+# define SSL_TXT_aSRP "aSRP"
+
+# define SSL_TXT_DSS "DSS"
+# define SSL_TXT_DH "DH"
+# define SSL_TXT_EDH "EDH"/* same as "kEDH:-ADH" */
+# define SSL_TXT_ADH "ADH"
+# define SSL_TXT_RSA "RSA"
+# define SSL_TXT_ECDH "ECDH"
+# define SSL_TXT_EECDH "EECDH"/* same as "kEECDH:-AECDH" */
+# define SSL_TXT_AECDH "AECDH"
+# define SSL_TXT_ECDSA "ECDSA"
+# define SSL_TXT_KRB5 "KRB5"
+# define SSL_TXT_PSK "PSK"
+# define SSL_TXT_SRP "SRP"
+
+# define SSL_TXT_DES "DES"
+# define SSL_TXT_3DES "3DES"
+# define SSL_TXT_RC4 "RC4"
+# define SSL_TXT_RC2 "RC2"
+# define SSL_TXT_IDEA "IDEA"
+# define SSL_TXT_SEED "SEED"
+# define SSL_TXT_AES128 "AES128"
+# define SSL_TXT_AES256 "AES256"
+# define SSL_TXT_AES "AES"
+# define SSL_TXT_AES_GCM "AESGCM"
+# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
+# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
+# define SSL_TXT_CAMELLIA "CAMELLIA"
+
+# define SSL_TXT_MD5 "MD5"
+# define SSL_TXT_SHA1 "SHA1"
+# define SSL_TXT_SHA "SHA"/* same as "SHA1" */
+# define SSL_TXT_GOST94 "GOST94"
+# define SSL_TXT_GOST89MAC "GOST89MAC"
+# define SSL_TXT_SHA256 "SHA256"
+# define SSL_TXT_SHA384 "SHA384"
+
+# define SSL_TXT_SSLV2 "SSLv2"
+# define SSL_TXT_SSLV3 "SSLv3"
+# define SSL_TXT_TLSV1 "TLSv1"
+# define SSL_TXT_TLSV1_1 "TLSv1.1"
+# define SSL_TXT_TLSV1_2 "TLSv1.2"
+
+# define SSL_TXT_EXP "EXP"
+# define SSL_TXT_EXPORT "EXPORT"
+
+# define SSL_TXT_ALL "ALL"
+
+/*-
+ * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+ * ciphers normally not being used.
+ * Example: "RC4" will activate all ciphers using RC4 including ciphers
+ * without authentication, which would normally disabled by DEFAULT (due
+ * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+ * will make sure that it is also disabled in the specific selection.
+ * COMPLEMENTOF* identifiers are portable between version, as adjustments
+ * to the default cipher setup will also be included here.
+ *
+ * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+ * DEFAULT gets, as only selection is being done and no sorting as needed
+ * for DEFAULT.
+ */
+# define SSL_TXT_CMPALL "COMPLEMENTOFALL"
+# define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
+
+/*
+ * The following cipher list is used by default. It also is substituted when
+ * an application-defined cipher list string starts with 'DEFAULT'.
+ */
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
+/*
+ * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is
+ * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+ * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+ */
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+# define SSL_SENT_SHUTDOWN 1
+# define SSL_RECEIVED_SHUTDOWN 2
+
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
+# define OPENSSL_NO_SSL2
+# endif
+
+# define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
+# define SSL_FILETYPE_PEM X509_FILETYPE_PEM
+
+/*
+ * This is needed to stop compilers complaining about the 'struct ssl_st *'
+ * function parameters used to prototype callbacks in SSL_CTX.
+ */
+typedef struct ssl_st *ssl_crock_st;
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_cipher_st SSL_CIPHER;
+typedef struct ssl_session_st SSL_SESSION;
+
+DECLARE_STACK_OF(SSL_CIPHER)
+
+/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
+typedef struct srtp_protection_profile_st {
+ const char *name;
+ unsigned long id;
+} SRTP_PROTECTION_PROFILE;
+
+DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
+ const unsigned char *data,
+ int len, void *arg);
+typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
+ int *secret_len,
+ STACK_OF(SSL_CIPHER) *peer_ciphers,
+ SSL_CIPHER **cipher, void *arg);
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+/* used to hold info on the particular ciphers used */
+struct ssl_cipher_st {
+ int valid;
+ const char *name; /* text name */
+ unsigned long id; /* id, 4 bytes, first is version */
+ /*
+ * changed in 0.9.9: these four used to be portions of a single value
+ * 'algorithms'
+ */
+ unsigned long algorithm_mkey; /* key exchange algorithm */
+ unsigned long algorithm_auth; /* server authentication */
+ unsigned long algorithm_enc; /* symmetric encryption */
+ unsigned long algorithm_mac; /* symmetric authentication */
+ unsigned long algorithm_ssl; /* (major) protocol version */
+ unsigned long algo_strength; /* strength and export flags */
+ unsigned long algorithm2; /* Extra flags */
+ int strength_bits; /* Number of bits really used */
+ int alg_bits; /* Number of bits for algorithm */
+};
+
+/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
+struct ssl_method_st {
+ int version;
+ int (*ssl_new) (SSL *s);
+ void (*ssl_clear) (SSL *s);
+ void (*ssl_free) (SSL *s);
+ int (*ssl_accept) (SSL *s);
+ int (*ssl_connect) (SSL *s);
+ int (*ssl_read) (SSL *s, void *buf, int len);
+ int (*ssl_peek) (SSL *s, void *buf, int len);
+ int (*ssl_write) (SSL *s, const void *buf, int len);
+ int (*ssl_shutdown) (SSL *s);
+ int (*ssl_renegotiate) (SSL *s);
+ int (*ssl_renegotiate_check) (SSL *s);
+ long (*ssl_get_message) (SSL *s, int st1, int stn, int mt, long
+ max, int *ok);
+ int (*ssl_read_bytes) (SSL *s, int type, unsigned char *buf, int len,
+ int peek);
+ int (*ssl_write_bytes) (SSL *s, int type, const void *buf_, int len);
+ int (*ssl_dispatch_alert) (SSL *s);
+ long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg);
+ long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg);
+ const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
+ int (*put_cipher_by_char) (const SSL_CIPHER *cipher, unsigned char *ptr);
+ int (*ssl_pending) (const SSL *s);
+ int (*num_ciphers) (void);
+ const SSL_CIPHER *(*get_cipher) (unsigned ncipher);
+ const struct ssl_method_st *(*get_ssl_method) (int version);
+ long (*get_timeout) (void);
+ struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
+ int (*ssl_version) (void);
+ long (*ssl_callback_ctrl) (SSL *s, int cb_id, void (*fp) (void));
+ long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
+};
+
+/*-
+ * Lets make this into an ASN.1 type structure as follows
+ * SSL_SESSION_ID ::= SEQUENCE {
+ * version INTEGER, -- structure version number
+ * SSLversion INTEGER, -- SSL version number
+ * Cipher OCTET STRING, -- the 3 byte cipher ID
+ * Session_ID OCTET STRING, -- the Session ID
+ * Master_key OCTET STRING, -- the master key
+ * KRB5_principal OCTET STRING -- optional Kerberos principal
+ * Key_Arg [ 0 ] IMPLICIT OCTET STRING, -- the optional Key argument
+ * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
+ * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
+ * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
+ * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
+ * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
+ * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
+ * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
+ * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
+ * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
+ * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
+ * }
+ * Look in ssl/ssl_asn1.c for more details
+ * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
+ */
+struct ssl_session_st {
+ int ssl_version; /* what ssl version session info is being
+ * kept in here? */
+ /* only really used in SSLv2 */
+ unsigned int key_arg_length;
+ unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
+ int master_key_length;
+ unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+ /* session_id - valid? */
+ unsigned int session_id_length;
+ unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+ /*
+ * this is used to determine whether the session is being reused in the
+ * appropriate context. It is up to the application to set this, via
+ * SSL_new
+ */
+ unsigned int sid_ctx_length;
+ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+# ifndef OPENSSL_NO_KRB5
+ unsigned int krb5_client_princ_len;
+ unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
+# endif /* OPENSSL_NO_KRB5 */
+# ifndef OPENSSL_NO_PSK
+ char *psk_identity_hint;
+ char *psk_identity;
+# endif
+ /*
+ * Used to indicate that session resumption is not allowed. Applications
+ * can also set this bit for a new session via not_resumable_session_cb
+ * to disable session caching and tickets.
+ */
+ int not_resumable;
+ /* The cert is the certificate used to establish this connection */
+ struct sess_cert_st /* SESS_CERT */ *sess_cert;
+ /*
+ * This is the cert for the other end. On clients, it will be the same as
+ * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is
+ * not retained in the external representation of sessions, see
+ * ssl_asn1.c).
+ */
+ X509 *peer;
+ /*
+ * when app_verify_callback accepts a session where the peer's
+ * certificate is not ok, we must remember the error for session reuse:
+ */
+ long verify_result; /* only for servers */
+ int references;
+ long timeout;
+ long time;
+ unsigned int compress_meth; /* Need to lookup the method */
+ const SSL_CIPHER *cipher;
+ unsigned long cipher_id; /* when ASN.1 loaded, this needs to be used
+ * to load the 'cipher' structure */
+ STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
+ CRYPTO_EX_DATA ex_data; /* application specific data */
+ /*
+ * These are used to make removal of session-ids more efficient and to
+ * implement a maximum cache size.
+ */
+ struct ssl_session_st *prev, *next;
+# ifndef OPENSSL_NO_TLSEXT
+ char *tlsext_hostname;
+# ifndef OPENSSL_NO_EC
+ size_t tlsext_ecpointformatlist_length;
+ unsigned char *tlsext_ecpointformatlist; /* peer's list */
+ size_t tlsext_ellipticcurvelist_length;
+ unsigned char *tlsext_ellipticcurvelist; /* peer's list */
+# endif /* OPENSSL_NO_EC */
+ /* RFC4507 info */
+ unsigned char *tlsext_tick; /* Session ticket */
+ size_t tlsext_ticklen; /* Session ticket length */
+ long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
+# endif
+# ifndef OPENSSL_NO_SRP
+ char *srp_username;
+# endif
+};
+
+# endif
+
+# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
+# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
+/* Allow initial connection to servers that don't support RI */
+# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
+# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
+# define SSL_OP_TLSEXT_PADDING 0x00000010L
+# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
+# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L
+# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
+# define SSL_OP_TLS_D5_BUG 0x00000100L
+# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
+
+/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
+# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
+/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
+# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
+
+/*
+ * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+ * OpenSSL 0.9.6d. Usually (depending on the application protocol) the
+ * workaround is not needed. Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include it in
+ * SSL_OP_ALL.
+ */
+/* added in 0.9.6e */
+# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L
+
+/*
+ * SSL_OP_ALL: various bug workarounds that should be rather harmless. This
+ * used to be 0x000FFFFFL before 0.9.7.
+ */
+# define SSL_OP_ALL 0x80000BFFL
+
+/* DTLS options */
+# define SSL_OP_NO_QUERY_MTU 0x00001000L
+/* Turn on Cookie Exchange (on relevant for servers) */
+# define SSL_OP_COOKIE_EXCHANGE 0x00002000L
+/* Don't use RFC4507 ticket extension */
+# define SSL_OP_NO_TICKET 0x00004000L
+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
+# define SSL_OP_CISCO_ANYCONNECT 0x00008000L
+
+/* As server, disallow session resumption on renegotiation */
+# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
+/* Don't use compression even if supported */
+# define SSL_OP_NO_COMPRESSION 0x00020000L
+/* Permit unsafe legacy renegotiation */
+# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
+/* If set, always create a new key when using tmp_ecdh parameters */
+# define SSL_OP_SINGLE_ECDH_USE 0x00080000L
+/* Does nothing: retained for compatibility */
+# define SSL_OP_SINGLE_DH_USE 0x00100000L
+/* Does nothing: retained for compatibiity */
+# define SSL_OP_EPHEMERAL_RSA 0x0
+/*
+ * Set on servers to choose the cipher according to the server's preferences
+ */
+# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
+/*
+ * If set, a server will allow a client to issue a SSLv3.0 version number as
+ * latest version supported in the premaster secret, even when TLSv1.0
+ * (version 3.1) was announced in the client hello. Normally this is
+ * forbidden to prevent version rollback attacks.
+ */
+# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
+
+# define SSL_OP_NO_SSLv2 0x01000000L
+# define SSL_OP_NO_SSLv3 0x02000000L
+# define SSL_OP_NO_TLSv1 0x04000000L
+# define SSL_OP_NO_TLSv1_2 0x08000000L
+# define SSL_OP_NO_TLSv1_1 0x10000000L
+
+/*
+ * These next two were never actually used for anything since SSLeay zap so
+ * we have some more flags.
+ */
+/*
+ * The next flag deliberately changes the ciphertest, this is a check for the
+ * PKCS#1 attack
+ */
+# define SSL_OP_PKCS1_CHECK_1 0x0
+# define SSL_OP_PKCS1_CHECK_2 0x0
+
+# define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
+# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
+/*
+ * Make server add server-hello extension from early version of cryptopro
+ * draft, when GOST ciphersuite is negotiated. Required for interoperability
+ * with CryptoPro CSP 3.x
+ */
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
+
+/*
+ * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+ * when just a single record has been written):
+ */
+# define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
+/*
+ * Make it possible to retry SSL_write() with changed buffer location (buffer
+ * contents must stay the same!); this is not the default to avoid the
+ * misconception that non-blocking SSL_write() behaves like non-blocking
+ * write():
+ */
+# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
+/*
+ * Never bother the application with retries if the transport is blocking:
+ */
+# define SSL_MODE_AUTO_RETRY 0x00000004L
+/* Don't attempt to automatically build certificate chain */
+# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
+/*
+ * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+ * TLS only.) "Released" buffers are put onto a free-list in the context or
+ * just freed (depending on the context's setting for freelist_max_len).
+ */
+# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
+/*
+ * Send the current time in the Random fields of the ClientHello and
+ * ServerHello records for compatibility with hypothetical implementations
+ * that require it.
+ */
+# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
+# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
+/*
+ * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+ * that reconnect with a downgraded protocol version; see
+ * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+ * application attempts a normal handshake. Only use this in explicit
+ * fallback retries, following the guidance in
+ * draft-ietf-tls-downgrade-scsv-00.
+ */
+# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
+
+/*
+ * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
+ * cannot be used to clear bits.
+ */
+
+# define SSL_CTX_set_options(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+# define SSL_CTX_clear_options(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
+# define SSL_CTX_get_options(ctx) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
+# define SSL_set_options(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
+# define SSL_clear_options(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
+# define SSL_get_options(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
+
+# define SSL_CTX_set_mode(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+# define SSL_CTX_clear_mode(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_CTX_get_mode(ctx) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+# define SSL_clear_mode(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_set_mode(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+# define SSL_get_mode(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+# define SSL_set_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+# define DTLS_set_link_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+# define DTLS_get_link_min_mtu(ssl) \
+ SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+
+# define SSL_get_secure_renegotiation_support(ssl) \
+ SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_heartbeat(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
+# endif
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg));
+void SSL_set_msg_callback(SSL *ssl,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg));
+# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+
+# ifndef OPENSSL_NO_SRP
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct srp_ctx_st {
+ /* param for all the callbacks */
+ void *SRP_cb_arg;
+ /* set client Hello login callback */
+ int (*TLS_ext_srp_username_callback) (SSL *, int *, void *);
+ /* set SRP N/g param callback for verification */
+ int (*SRP_verify_param_callback) (SSL *, void *);
+ /* set SRP client passwd callback */
+ char *(*SRP_give_srp_client_pwd_callback) (SSL *, void *);
+ char *login;
+ BIGNUM *N, *g, *s, *B, *A;
+ BIGNUM *a, *b, *v;
+ char *info;
+ int strength;
+ unsigned long srp_Mask;
+} SRP_CTX;
+
+# endif
+
+/* see tls_srp.c */
+int SSL_SRP_CTX_init(SSL *s);
+int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+int SSL_srp_server_param_with_username(SSL *s, int *ad);
+int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
+int SRP_Calc_A_param(SSL *s);
+int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
+
+# endif
+
+# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
+# define SSL_MAX_CERT_LIST_DEFAULT 1024*30
+ /* 30k max cert list :-) */
+# else
+# define SSL_MAX_CERT_LIST_DEFAULT 1024*100
+ /* 100k max cert list :-) */
+# endif
+
+# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
+
+/*
+ * This callback type is used inside SSL_CTX, SSL, and in the functions that
+ * set them. It is used to override the generation of SSL/TLS session IDs in
+ * a server. Return value should be zero on an error, non-zero to proceed.
+ * Also, callbacks should themselves check if the id they generate is unique
+ * otherwise the SSL handshake will fail with an error - callbacks can do
+ * this using the 'ssl' value they're passed by;
+ * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
+ * is set at the maximum size the session ID can be. In SSLv2 this is 16
+ * bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback can alter this
+ * length to be less if desired, but under SSLv2 session IDs are supposed to
+ * be fixed at 16 bytes so the id will be padded after the callback returns
+ * in this case. It is also an error for the callback to set the size to
+ * zero.
+ */
+typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
+ unsigned int *id_len);
+
+typedef struct ssl_comp_st SSL_COMP;
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+struct ssl_comp_st {
+ int id;
+ const char *name;
+# ifndef OPENSSL_NO_COMP
+ COMP_METHOD *method;
+# else
+ char *method;
+# endif
+};
+
+DECLARE_STACK_OF(SSL_COMP)
+DECLARE_LHASH_OF(SSL_SESSION);
+
+struct ssl_ctx_st {
+ const SSL_METHOD *method;
+ STACK_OF(SSL_CIPHER) *cipher_list;
+ /* same as above but sorted for lookup */
+ STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+ struct x509_store_st /* X509_STORE */ *cert_store;
+ LHASH_OF(SSL_SESSION) *sessions;
+ /*
+ * Most session-ids that will be cached, default is
+ * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
+ */
+ unsigned long session_cache_size;
+ struct ssl_session_st *session_cache_head;
+ struct ssl_session_st *session_cache_tail;
+ /*
+ * This can have one of 2 values, ored together, SSL_SESS_CACHE_CLIENT,
+ * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which
+ * means only SSL_accept which cache SSL_SESSIONS.
+ */
+ int session_cache_mode;
+ /*
+ * If timeout is not 0, it is the default timeout value set when
+ * SSL_new() is called. This has been put in to make life easier to set
+ * things up
+ */
+ long session_timeout;
+ /*
+ * If this callback is not null, it will be called each time a session id
+ * is added to the cache. If this function returns 1, it means that the
+ * callback will do a SSL_SESSION_free() when it has finished using it.
+ * Otherwise, on 0, it means the callback has finished with it. If
+ * remove_session_cb is not null, it will be called when a session-id is
+ * removed from the cache. After the call, OpenSSL will
+ * SSL_SESSION_free() it.
+ */
+ int (*new_session_cb) (struct ssl_st *ssl, SSL_SESSION *sess);
+ void (*remove_session_cb) (struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+ SSL_SESSION *(*get_session_cb) (struct ssl_st *ssl,
+ unsigned char *data, int len, int *copy);
+ struct {
+ int sess_connect; /* SSL new conn - started */
+ int sess_connect_renegotiate; /* SSL reneg - requested */
+ int sess_connect_good; /* SSL new conne/reneg - finished */
+ int sess_accept; /* SSL new accept - started */
+ int sess_accept_renegotiate; /* SSL reneg - requested */
+ int sess_accept_good; /* SSL accept/reneg - finished */
+ int sess_miss; /* session lookup misses */
+ int sess_timeout; /* reuse attempt on timeouted session */
+ int sess_cache_full; /* session removed due to full cache */
+ int sess_hit; /* session reuse actually done */
+ int sess_cb_hit; /* session-id that was not in the cache was
+ * passed back via the callback. This
+ * indicates that the application is
+ * supplying session-id's from other
+ * processes - spooky :-) */
+ } stats;
+
+ int references;
+
+ /* if defined, these override the X509_verify_cert() calls */
+ int (*app_verify_callback) (X509_STORE_CTX *, void *);
+ void *app_verify_arg;
+ /*
+ * before OpenSSL 0.9.7, 'app_verify_arg' was ignored
+ * ('app_verify_callback' was called with just one argument)
+ */
+
+ /* Default password callback. */
+ pem_password_cb *default_passwd_callback;
+
+ /* Default password callback user data. */
+ void *default_passwd_callback_userdata;
+
+ /* get client cert callback */
+ int (*client_cert_cb) (SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+ /* cookie generate callback */
+ int (*app_gen_cookie_cb) (SSL *ssl, unsigned char *cookie,
+ unsigned int *cookie_len);
+
+ /* verify cookie callback */
+ int (*app_verify_cookie_cb) (SSL *ssl, unsigned char *cookie,
+ unsigned int cookie_len);
+
+ CRYPTO_EX_DATA ex_data;
+
+ const EVP_MD *rsa_md5; /* For SSLv2 - name is 'ssl2-md5' */
+ const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
+ const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
+
+ STACK_OF(X509) *extra_certs;
+ STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
+
+ /* Default values used when no per-SSL value is defined follow */
+
+ /* used if SSL's info_callback is NULL */
+ void (*info_callback) (const SSL *ssl, int type, int val);
+
+ /* what we put in client cert requests */
+ STACK_OF(X509_NAME) *client_CA;
+
+ /*
+ * Default values to use in SSL structures follow (these are copied by
+ * SSL_new)
+ */
+
+ unsigned long options;
+ unsigned long mode;
+ long max_cert_list;
+
+ struct cert_st /* CERT */ *cert;
+ int read_ahead;
+
+ /* callback that allows applications to peek at protocol messages */
+ void (*msg_callback) (int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl, void *arg);
+ void *msg_callback_arg;
+
+ int verify_mode;
+ unsigned int sid_ctx_length;
+ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+ /* called 'verify_callback' in the SSL */
+ int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx);
+
+ /* Default generate session ID callback. */
+ GEN_SESSION_CB generate_session_id;
+
+ X509_VERIFY_PARAM *param;
+
+# if 0
+ int purpose; /* Purpose setting */
+ int trust; /* Trust setting */
+# endif
+
+ int quiet_shutdown;
+
+ /*
+ * Maximum amount of data to send in one fragment. actual record size can
+ * be more than this due to padding and MAC overheads.
+ */
+ unsigned int max_send_fragment;
+
+# ifndef OPENSSL_NO_ENGINE
+ /*
+ * Engine to pass requests for client certs to
+ */
+ ENGINE *client_cert_engine;
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions servername callback */
+ int (*tlsext_servername_callback) (SSL *, int *, void *);
+ void *tlsext_servername_arg;
+ /* RFC 4507 session ticket keys */
+ unsigned char tlsext_tick_key_name[16];
+ unsigned char tlsext_tick_hmac_key[16];
+ unsigned char tlsext_tick_aes_key[16];
+ /* Callback to support customisation of ticket key setting */
+ int (*tlsext_ticket_key_cb) (SSL *ssl,
+ unsigned char *name, unsigned char *iv,
+ EVP_CIPHER_CTX *ectx,
+ HMAC_CTX *hctx, int enc);
+
+ /* certificate status request info */
+ /* Callback for status request */
+ int (*tlsext_status_cb) (SSL *ssl, void *arg);
+ void *tlsext_status_arg;
+
+ /* draft-rescorla-tls-opaque-prf-input-00.txt information */
+ int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput,
+ size_t len, void *arg);
+ void *tlsext_opaque_prf_input_callback_arg;
+# endif
+
+# ifndef OPENSSL_NO_PSK
+ char *psk_identity_hint;
+ unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+ unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+# endif
+
+# ifndef OPENSSL_NO_BUF_FREELISTS
+# define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
+ unsigned int freelist_max_len;
+ struct ssl3_buf_freelist_st *wbuf_freelist;
+ struct ssl3_buf_freelist_st *rbuf_freelist;
+# endif
+# ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ /* Next protocol negotiation information */
+ /* (for experimental NPN extension). */
+
+ /*
+ * For a server, this contains a callback function by which the set of
+ * advertised protocols can be provided.
+ */
+ int (*next_protos_advertised_cb) (SSL *s, const unsigned char **buf,
+ unsigned int *len, void *arg);
+ void *next_protos_advertised_cb_arg;
+ /*
+ * For a client, this contains a callback function that selects the next
+ * protocol from the list provided by the server.
+ */
+ int (*next_proto_select_cb) (SSL *s, unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen, void *arg);
+ void *next_proto_select_cb_arg;
+# endif
+ /* SRTP profiles we are willing to do from RFC 5764 */
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+# endif
+};
+
+# endif
+
+# define SSL_SESS_CACHE_OFF 0x0000
+# define SSL_SESS_CACHE_CLIENT 0x0001
+# define SSL_SESS_CACHE_SERVER 0x0002
+# define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+# define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
+/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
+# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
+# define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
+# define SSL_SESS_CACHE_NO_INTERNAL \
+ (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
+# define SSL_CTX_sess_number(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+# define SSL_CTX_sess_connect(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+# define SSL_CTX_sess_connect_good(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+# define SSL_CTX_sess_connect_renegotiate(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+# define SSL_CTX_sess_accept_renegotiate(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept_good(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+# define SSL_CTX_sess_hits(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+# define SSL_CTX_sess_cb_hits(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+# define SSL_CTX_sess_misses(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+# define SSL_CTX_sess_timeouts(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+# define SSL_CTX_sess_cache_full(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+ int (*new_session_cb) (struct ssl_st *ssl,
+ SSL_SESSION *sess));
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+ SSL_SESSION *sess);
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+ void (*remove_session_cb) (struct ssl_ctx_st
+ *ctx,
+ SSL_SESSION
+ *sess));
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
+ SSL_SESSION *sess);
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+ SSL_SESSION *(*get_session_cb) (struct ssl_st
+ *ssl,
+ unsigned char
+ *data, int len,
+ int *copy));
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+ unsigned char *Data,
+ int len, int *copy);
+void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+ void (*cb) (const SSL *ssl, int type,
+ int val));
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
+ int val);
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+ int (*client_cert_cb) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey));
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey);
+# ifndef OPENSSL_NO_ENGINE
+int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
+# endif
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+ int (*app_gen_cookie_cb) (SSL *ssl,
+ unsigned char
+ *cookie,
+ unsigned int
+ *cookie_len));
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+ int (*app_verify_cookie_cb) (SSL *ssl,
+ unsigned char
+ *cookie,
+ unsigned int
+ cookie_len));
+# ifndef OPENSSL_NO_NEXTPROTONEG
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
+ int (*cb) (SSL *ssl,
+ const unsigned char
+ **out,
+ unsigned int *outlen,
+ void *arg), void *arg);
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
+ int (*cb) (SSL *ssl,
+ unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg);
+
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *in, unsigned int inlen,
+ const unsigned char *client,
+ unsigned int client_len);
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len);
+
+# define OPENSSL_NPN_UNSUPPORTED 0
+# define OPENSSL_NPN_NEGOTIATED 1
+# define OPENSSL_NPN_NO_OVERLAP 2
+# endif
+
+# ifndef OPENSSL_NO_PSK
+/*
+ * the maximum length of the buffer given to callbacks containing the
+ * resulting identity/psk
+ */
+# define PSK_MAX_IDENTITY_LEN 128
+# define PSK_MAX_PSK_LEN 256
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+ unsigned int (*psk_client_callback) (SSL
+ *ssl,
+ const
+ char
+ *hint,
+ char
+ *identity,
+ unsigned
+ int
+ max_identity_len,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_set_psk_client_callback(SSL *ssl,
+ unsigned int (*psk_client_callback) (SSL
+ *ssl,
+ const
+ char
+ *hint,
+ char
+ *identity,
+ unsigned
+ int
+ max_identity_len,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+ unsigned int (*psk_server_callback) (SSL
+ *ssl,
+ const
+ char
+ *identity,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_set_psk_server_callback(SSL *ssl,
+ unsigned int (*psk_server_callback) (SSL
+ *ssl,
+ const
+ char
+ *identity,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
+const char *SSL_get_psk_identity_hint(const SSL *s);
+const char *SSL_get_psk_identity(const SSL *s);
+# endif
+
+# define SSL_NOTHING 1
+# define SSL_WRITING 2
+# define SSL_READING 3
+# define SSL_X509_LOOKUP 4
+
+/* These will only be used when doing non-blocking IO */
+# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
+# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
+# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
+# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+
+# define SSL_MAC_FLAG_READ_MAC_STREAM 1
+# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+struct ssl_st {
+ /*
+ * protocol version (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION,
+ * DTLS1_VERSION)
+ */
+ int version;
+ /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+ int type;
+ /* SSLv3 */
+ const SSL_METHOD *method;
+ /*
+ * There are 2 BIO's even though they are normally both the same. This
+ * is so data can be read and written to different handlers
+ */
+# ifndef OPENSSL_NO_BIO
+ /* used by SSL_read */
+ BIO *rbio;
+ /* used by SSL_write */
+ BIO *wbio;
+ /* used during session-id reuse to concatenate messages */
+ BIO *bbio;
+# else
+ /* used by SSL_read */
+ char *rbio;
+ /* used by SSL_write */
+ char *wbio;
+ char *bbio;
+# endif
+ /*
+ * This holds a variable that indicates what we were doing when a 0 or -1
+ * is returned. This is needed for non-blocking IO so we know what
+ * request needs re-doing when in SSL_accept or SSL_connect
+ */
+ int rwstate;
+ /* true when we are actually in SSL_accept() or SSL_connect() */
+ int in_handshake;
+ int (*handshake_func) (SSL *);
+ /*
+ * Imagine that here's a boolean member "init" that is switched as soon
+ * as SSL_set_{accept/connect}_state is called for the first time, so
+ * that "state" and "handshake_func" are properly initialized. But as
+ * handshake_func is == 0 until then, we use this test instead of an
+ * "init" member.
+ */
+ /* are we the server side? - mostly used by SSL_clear */
+ int server;
+ /*
+ * Generate a new session or reuse an old one.
+ * NB: For servers, the 'new' session may actually be a previously
+ * cached session or even the previous session unless
+ * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
+ */
+ int new_session;
+ /* don't send shutdown packets */
+ int quiet_shutdown;
+ /* we have shut things down, 0x01 sent, 0x02 for received */
+ int shutdown;
+ /* where we are */
+ int state;
+ /* where we are when reading */
+ int rstate;
+ BUF_MEM *init_buf; /* buffer used during init */
+ void *init_msg; /* pointer to handshake message body, set by
+ * ssl3_get_message() */
+ int init_num; /* amount read/written */
+ int init_off; /* amount read/written */
+ /* used internally to point at a raw packet */
+ unsigned char *packet;
+ unsigned int packet_length;
+ struct ssl2_state_st *s2; /* SSLv2 variables */
+ struct ssl3_state_st *s3; /* SSLv3 variables */
+ struct dtls1_state_st *d1; /* DTLSv1 variables */
+ int read_ahead; /* Read as many input bytes as possible (for
+ * non-blocking reads) */
+ /* callback that allows applications to peek at protocol messages */
+ void (*msg_callback) (int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl, void *arg);
+ void *msg_callback_arg;
+ int hit; /* reusing a previous session */
+ X509_VERIFY_PARAM *param;
+# if 0
+ int purpose; /* Purpose setting */
+ int trust; /* Trust setting */
+# endif
+ /* crypto */
+ STACK_OF(SSL_CIPHER) *cipher_list;
+ STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+ /*
+ * These are the ones being used, the ones in SSL_SESSION are the ones to
+ * be 'copied' into these ones
+ */
+ int mac_flags;
+ EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
+ EVP_MD_CTX *read_hash; /* used for mac generation */
+# ifndef OPENSSL_NO_COMP
+ COMP_CTX *expand; /* uncompress */
+# else
+ char *expand;
+# endif
+ EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
+ EVP_MD_CTX *write_hash; /* used for mac generation */
+# ifndef OPENSSL_NO_COMP
+ COMP_CTX *compress; /* compression */
+# else
+ char *compress;
+# endif
+ /* session info */
+ /* client cert? */
+ /* This is used to hold the server certificate used */
+ struct cert_st /* CERT */ *cert;
+ /*
+ * the session_id_context is used to ensure sessions are only reused in
+ * the appropriate context
+ */
+ unsigned int sid_ctx_length;
+ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+ /* This can also be in the session once a session is established */
+ SSL_SESSION *session;
+ /* Default generate session ID callback. */
+ GEN_SESSION_CB generate_session_id;
+ /* Used in SSL2 and SSL3 */
+ /*
+ * 0 don't care about verify failure.
+ * 1 fail if verify fails
+ */
+ int verify_mode;
+ /* fail if callback returns 0 */
+ int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
+ /* optional informational callback */
+ void (*info_callback) (const SSL *ssl, int type, int val);
+ /* error bytes to be written */
+ int error;
+ /* actual code */
+ int error_code;
+# ifndef OPENSSL_NO_KRB5
+ /* Kerberos 5 context */
+ KSSL_CTX *kssl_ctx;
+# endif /* OPENSSL_NO_KRB5 */
+# ifndef OPENSSL_NO_PSK
+ unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+ unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+# endif
+ SSL_CTX *ctx;
+ /*
+ * set this flag to 1 and a sleep(1) is put into all SSL_read() and
+ * SSL_write() calls, good for nbio debuging :-)
+ */
+ int debug;
+ /* extra application data */
+ long verify_result;
+ CRYPTO_EX_DATA ex_data;
+ /* for server side, keep the list of CA_dn we can use */
+ STACK_OF(X509_NAME) *client_CA;
+ int references;
+ /* protocol behaviour */
+ unsigned long options;
+ /* API behaviour */
+ unsigned long mode;
+ long max_cert_list;
+ int first_packet;
+ /* what was passed, used for SSLv3/TLS rollback check */
+ int client_version;
+ unsigned int max_send_fragment;
+# ifndef OPENSSL_NO_TLSEXT
+ /* TLS extension debug callback */
+ void (*tlsext_debug_cb) (SSL *s, int client_server, int type,
+ unsigned char *data, int len, void *arg);
+ void *tlsext_debug_arg;
+ char *tlsext_hostname;
+ /*-
+ * no further mod of servername
+ * 0 : call the servername extension callback.
+ * 1 : prepare 2, allow last ack just after in server callback.
+ * 2 : don't call servername callback, no ack in server hello
+ */
+ int servername_done;
+ /* certificate status request info */
+ /* Status type or -1 if no status type */
+ int tlsext_status_type;
+ /* Expect OCSP CertificateStatus message */
+ int tlsext_status_expected;
+ /* OCSP status request only */
+ STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
+ X509_EXTENSIONS *tlsext_ocsp_exts;
+ /* OCSP response received or to be sent */
+ unsigned char *tlsext_ocsp_resp;
+ int tlsext_ocsp_resplen;
+ /* RFC4507 session ticket expected to be received or sent */
+ int tlsext_ticket_expected;
+# ifndef OPENSSL_NO_EC
+ size_t tlsext_ecpointformatlist_length;
+ /* our list */
+ unsigned char *tlsext_ecpointformatlist;
+ size_t tlsext_ellipticcurvelist_length;
+ /* our list */
+ unsigned char *tlsext_ellipticcurvelist;
+# endif /* OPENSSL_NO_EC */
+ /*
+ * draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
+ * handshakes
+ */
+ void *tlsext_opaque_prf_input;
+ size_t tlsext_opaque_prf_input_len;
+ /* TLS Session Ticket extension override */
+ TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
+ /* TLS Session Ticket extension callback */
+ tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
+ void *tls_session_ticket_ext_cb_arg;
+ /* TLS pre-shared secret session resumption */
+ tls_session_secret_cb_fn tls_session_secret_cb;
+ void *tls_session_secret_cb_arg;
+ SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ /*
+ * Next protocol negotiation. For the client, this is the protocol that
+ * we sent in NextProtocol and is set when handling ServerHello
+ * extensions. For a server, this is the client's selected_protocol from
+ * NextProtocol and is set when handling the NextProtocol message, before
+ * the Finished message.
+ */
+ unsigned char *next_proto_negotiated;
+ unsigned char next_proto_negotiated_len;
+# endif
+# define session_ctx initial_ctx
+ /* What we'll do */
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+ /* What's been chosen */
+ SRTP_PROTECTION_PROFILE *srtp_profile;
+ /*-
+ * Is use of the Heartbeat extension negotiated?
+ * 0: disabled
+ * 1: enabled
+ * 2: enabled, but not allowed to send Requests
+ */
+ unsigned int tlsext_heartbeat;
+ /* Indicates if a HeartbeatRequest is in flight */
+ unsigned int tlsext_hb_pending;
+ /* HeartbeatRequest sequence number */
+ unsigned int tlsext_hb_seq;
+# else
+# define session_ctx ctx
+# endif /* OPENSSL_NO_TLSEXT */
+ /*-
+ * 1 if we are renegotiating.
+ * 2 if we are a server and are inside a handshake
+ * (i.e. not just sending a HelloRequest)
+ */
+ int renegotiate;
+# ifndef OPENSSL_NO_SRP
+ /* ctx for SRP authentication */
+ SRP_CTX srp_ctx;
+# endif
+};
+
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/ssl2.h>
+# include <openssl/ssl3.h>
+# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
+# include <openssl/dtls1.h> /* Datagram TLS */
+# include <openssl/ssl23.h>
+# include <openssl/srtp.h> /* Support for the use_srtp extension */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* compatibility */
+# define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
+# define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
+# define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
+# define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
+# define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
+# define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
+
+/*
+ * The following are the possible values for ssl->state are are used to
+ * indicate where we are up to in the SSL connection establishment. The
+ * macros that follow are about the only things you should need to use and
+ * even then, only when using non-blocking IO. It can also be useful to work
+ * out where you were when the connection failed
+ */
+
+# define SSL_ST_CONNECT 0x1000
+# define SSL_ST_ACCEPT 0x2000
+# define SSL_ST_MASK 0x0FFF
+# define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
+# define SSL_ST_BEFORE 0x4000
+# define SSL_ST_OK 0x03
+# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
+# define SSL_ST_ERR 0x05
+
+# define SSL_CB_LOOP 0x01
+# define SSL_CB_EXIT 0x02
+# define SSL_CB_READ 0x04
+# define SSL_CB_WRITE 0x08
+# define SSL_CB_ALERT 0x4000/* used in callback */
+# define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
+# define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
+# define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
+# define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
+# define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
+# define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
+# define SSL_CB_HANDSHAKE_START 0x10
+# define SSL_CB_HANDSHAKE_DONE 0x20
+
+/* Is the SSL_connection established? */
+# define SSL_get_state(a) SSL_state(a)
+# define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
+# define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
+# define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
+# define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
+# define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
+
+/*
+ * The following 2 states are kept in ssl->rstate when reads fail, you should
+ * not need these
+ */
+# define SSL_ST_READ_HEADER 0xF0
+# define SSL_ST_READ_BODY 0xF1
+# define SSL_ST_READ_DONE 0xF2
+
+/*-
+ * Obtain latest Finished message
+ * -- that we sent (SSL_get_finished)
+ * -- that we expected from peer (SSL_get_peer_finished).
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+ */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
+
+/*
+ * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
+ * 'ored' with SSL_VERIFY_PEER if they are desired
+ */
+# define SSL_VERIFY_NONE 0x00
+# define SSL_VERIFY_PEER 0x01
+# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+# define SSL_VERIFY_CLIENT_ONCE 0x04
+
+# define OpenSSL_add_ssl_algorithms() SSL_library_init()
+# define SSLeay_add_ssl_algorithms() SSL_library_init()
+
+/* this is for backward compatibility */
+# if 0 /* NEW_SSLEAY */
+# define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
+# define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
+# define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
+# define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
+# define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
+# endif
+/* More backward compatibility */
+# define SSL_get_cipher(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_cipher_bits(s,np) \
+ SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+# define SSL_get_cipher_version(s) \
+ SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+# define SSL_get_cipher_name(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_time(a) SSL_SESSION_get_time(a)
+# define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
+# define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
+# define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
+
+# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+# define SSL_AD_REASON_OFFSET 1000/* offset to get SSL_R_... value
+ * from SSL_AD_... */
+/* These alert types are for SSLv3 and TLSv1 */
+# define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
+/* fatal */
+# define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE
+/* fatal */
+# define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC
+# define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
+# define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
+/* fatal */
+# define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE
+/* fatal */
+# define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE
+/* Not for TLS */
+# define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE
+# define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
+# define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
+# define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
+# define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
+# define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
+/* fatal */
+# define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER
+/* fatal */
+# define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA
+/* fatal */
+# define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED
+/* fatal */
+# define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR
+# define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
+/* fatal */
+# define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION
+/* fatal */
+# define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION
+/* fatal */
+# define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY
+/* fatal */
+# define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR
+# define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
+# define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
+# define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
+# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
+# define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
+# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
+# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
+/* fatal */
+# define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
+/* fatal */
+# define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
+# define SSL_ERROR_NONE 0
+# define SSL_ERROR_SSL 1
+# define SSL_ERROR_WANT_READ 2
+# define SSL_ERROR_WANT_WRITE 3
+# define SSL_ERROR_WANT_X509_LOOKUP 4
+# define SSL_ERROR_SYSCALL 5/* look at error stack/return
+ * value/errno */
+# define SSL_ERROR_ZERO_RETURN 6
+# define SSL_ERROR_WANT_CONNECT 7
+# define SSL_ERROR_WANT_ACCEPT 8
+# define SSL_CTRL_NEED_TMP_RSA 1
+# define SSL_CTRL_SET_TMP_RSA 2
+# define SSL_CTRL_SET_TMP_DH 3
+# define SSL_CTRL_SET_TMP_ECDH 4
+# define SSL_CTRL_SET_TMP_RSA_CB 5
+# define SSL_CTRL_SET_TMP_DH_CB 6
+# define SSL_CTRL_SET_TMP_ECDH_CB 7
+# define SSL_CTRL_GET_SESSION_REUSED 8
+# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
+# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
+# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
+# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
+# define SSL_CTRL_GET_FLAGS 13
+# define SSL_CTRL_EXTRA_CHAIN_CERT 14
+# define SSL_CTRL_SET_MSG_CALLBACK 15
+# define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
+/* only applies to datagram connections */
+# define SSL_CTRL_SET_MTU 17
+/* Stats */
+# define SSL_CTRL_SESS_NUMBER 20
+# define SSL_CTRL_SESS_CONNECT 21
+# define SSL_CTRL_SESS_CONNECT_GOOD 22
+# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
+# define SSL_CTRL_SESS_ACCEPT 24
+# define SSL_CTRL_SESS_ACCEPT_GOOD 25
+# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
+# define SSL_CTRL_SESS_HIT 27
+# define SSL_CTRL_SESS_CB_HIT 28
+# define SSL_CTRL_SESS_MISSES 29
+# define SSL_CTRL_SESS_TIMEOUTS 30
+# define SSL_CTRL_SESS_CACHE_FULL 31
+# define SSL_CTRL_OPTIONS 32
+# define SSL_CTRL_MODE 33
+# define SSL_CTRL_GET_READ_AHEAD 40
+# define SSL_CTRL_SET_READ_AHEAD 41
+# define SSL_CTRL_SET_SESS_CACHE_SIZE 42
+# define SSL_CTRL_GET_SESS_CACHE_SIZE 43
+# define SSL_CTRL_SET_SESS_CACHE_MODE 44
+# define SSL_CTRL_GET_SESS_CACHE_MODE 45
+# define SSL_CTRL_GET_MAX_CERT_LIST 50
+# define SSL_CTRL_SET_MAX_CERT_LIST 51
+# define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
+/* see tls1.h for macros based on these */
+# ifndef OPENSSL_NO_TLSEXT
+# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
+# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
+# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
+# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
+# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
+# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
+# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60
+# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
+# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
+# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
+# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
+# define SSL_CTRL_SET_SRP_ARG 78
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
+# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
+# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
+# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
+# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
+# endif
+# endif
+# define DTLS_CTRL_GET_TIMEOUT 73
+# define DTLS_CTRL_HANDLE_TIMEOUT 74
+# define DTLS_CTRL_LISTEN 75
+# define SSL_CTRL_GET_RI_SUPPORT 76
+# define SSL_CTRL_CLEAR_OPTIONS 77
+# define SSL_CTRL_CLEAR_MODE 78
+# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
+# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
+# define SSL_CTRL_CHECK_PROTO_VERSION 119
+# define DTLS_CTRL_SET_LINK_MTU 120
+# define DTLS_CTRL_GET_LINK_MIN_MTU 121
+# define DTLSv1_get_timeout(ssl, arg) \
+ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
+# define DTLSv1_handle_timeout(ssl) \
+ SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+# define DTLSv1_listen(ssl, peer) \
+ SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
+# define SSL_session_reused(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
+# define SSL_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_clear_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_total_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+# define SSL_CTX_need_tmp_RSA(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+# define SSL_CTX_set_tmp_dh(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
+# define SSL_need_tmp_RSA(ssl) \
+ SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+# define SSL_set_tmp_rsa(ssl,rsa) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+# define SSL_set_tmp_dh(ssl,dh) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+# define SSL_set_tmp_ecdh(ssl,ecdh) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
+# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+# define SSL_CTX_clear_extra_chain_certs(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+# ifndef OPENSSL_NO_BIO
+BIO_METHOD *BIO_f_ssl(void);
+BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+# endif
+
+int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
+void SSL_CTX_free(SSL_CTX *);
+long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
+void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
+int SSL_want(const SSL *s);
+int SSL_clear(SSL *s);
+
+void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
+
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
+
+int SSL_get_fd(const SSL *s);
+int SSL_get_rfd(const SSL *s);
+int SSL_get_wfd(const SSL *s);
+const char *SSL_get_cipher_list(const SSL *s, int n);
+char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
+int SSL_get_read_ahead(const SSL *s);
+int SSL_pending(const SSL *s);
+# ifndef OPENSSL_NO_SOCK
+int SSL_set_fd(SSL *s, int fd);
+int SSL_set_rfd(SSL *s, int fd);
+int SSL_set_wfd(SSL *s, int fd);
+# endif
+# ifndef OPENSSL_NO_BIO
+void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
+BIO *SSL_get_rbio(const SSL *s);
+BIO *SSL_get_wbio(const SSL *s);
+# endif
+int SSL_set_cipher_list(SSL *s, const char *str);
+void SSL_set_read_ahead(SSL *s, int yes);
+int SSL_get_verify_mode(const SSL *s);
+int SSL_get_verify_depth(const SSL *s);
+int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
+void SSL_set_verify(SSL *s, int mode,
+ int (*callback) (int ok, X509_STORE_CTX *ctx));
+void SSL_set_verify_depth(SSL *s, int depth);
+# ifndef OPENSSL_NO_RSA
+int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+# endif
+int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
+ long len);
+int SSL_use_certificate(SSL *ssl, X509 *x);
+int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
+
+# ifndef OPENSSL_NO_STDIO
+int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+/* PEM type */
+int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *file);
+# ifndef OPENSSL_SYS_VMS
+/* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
+# ifndef OPENSSL_SYS_MACINTOSH_CLASSIC
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *dir);
+# endif
+# endif
+
+# endif
+
+void SSL_load_error_strings(void);
+const char *SSL_state_string(const SSL *s);
+const char *SSL_rstate_string(const SSL *s);
+const char *SSL_state_string_long(const SSL *s);
+const char *SSL_rstate_string_long(const SSL *s);
+long SSL_SESSION_get_time(const SSL_SESSION *s);
+long SSL_SESSION_set_time(SSL_SESSION *s, long t);
+long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+void SSL_copy_session_id(SSL *to, const SSL *from);
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
+int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+SSL_SESSION *SSL_SESSION_new(void);
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+ unsigned int *len);
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
+# ifndef OPENSSL_NO_FP_API
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+# endif
+# ifndef OPENSSL_NO_BIO
+int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+# endif
+void SSL_SESSION_free(SSL_SESSION *ses);
+int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
+int SSL_set_session(SSL *to, SSL_SESSION *session);
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
+int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
+int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
+int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+ unsigned int id_len);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+ long length);
+
+# ifdef HEADER_X509_H
+X509 *SSL_get_peer_certificate(const SSL *s);
+# endif
+
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
+
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
+ X509_STORE_CTX *);
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
+ int (*callback) (int, X509_STORE_CTX *));
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+ int (*cb) (X509_STORE_CTX *, void *),
+ void *arg);
+# ifndef OPENSSL_NO_RSA
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+# endif
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
+ long len);
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
+ const unsigned char *d, long len);
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+ const unsigned char *d);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+
+int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+int SSL_check_private_key(const SSL *ctx);
+
+int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+SSL *SSL_new(SSL_CTX *ctx);
+int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
+int SSL_set_purpose(SSL *s, int purpose);
+int SSL_CTX_set_trust(SSL_CTX *s, int trust);
+int SSL_set_trust(SSL *s, int trust);
+
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+
+# ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+ char *(*cb) (SSL *, void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, int *, void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+ const char *grp);
+
+BIGNUM *SSL_get_srp_g(SSL *s);
+BIGNUM *SSL_get_srp_N(SSL *s);
+
+char *SSL_get_srp_username(SSL *s);
+char *SSL_get_srp_userinfo(SSL *s);
+# endif
+
+void SSL_free(SSL *ssl);
+int SSL_accept(SSL *ssl);
+int SSL_connect(SSL *ssl);
+int SSL_read(SSL *ssl, void *buf, int num);
+int SSL_peek(SSL *ssl, void *buf, int num);
+int SSL_write(SSL *ssl, const void *buf, int num);
+long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+long SSL_callback_ctrl(SSL *, int, void (*)(void));
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
+
+int SSL_get_error(const SSL *s, int ret_code);
+const char *SSL_get_version(const SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+# ifndef OPENSSL_NO_SSL2_METHOD
+const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
+const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
+const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
+# endif
+
+# ifndef OPENSSL_NO_SSL3_METHOD
+const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
+const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
+const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
+# endif
+
+const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
+ * version */
+const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
+ * SSL/TLS version */
+const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
+ * SSL/TLS version */
+
+const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+
+const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
+
+const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
+
+const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
+
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
+
+int SSL_do_handshake(SSL *s);
+int SSL_renegotiate(SSL *s);
+int SSL_renegotiate_abbreviated(SSL *s);
+int SSL_renegotiate_pending(SSL *s);
+int SSL_shutdown(SSL *s);
+
+const SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+const char *SSL_alert_type_string_long(int value);
+const char *SSL_alert_type_string(int value);
+const char *SSL_alert_desc_string_long(int value);
+const char *SSL_alert_desc_string(int value);
+
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+int SSL_add_client_CA(SSL *ssl, X509 *x);
+int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+long SSL_get_default_timeout(const SSL *s);
+
+int SSL_library_init(void);
+
+char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
+STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
+
+SSL *SSL_dup(SSL *ssl);
+
+X509 *SSL_get_certificate(const SSL *ssl);
+/*
+ * EVP_PKEY
+ */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+int SSL_get_quiet_shutdown(const SSL *ssl);
+void SSL_set_shutdown(SSL *ssl, int mode);
+int SSL_get_shutdown(const SSL *ssl);
+int SSL_version(const SSL *ssl);
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+ const char *CApath);
+# define SSL_get0_session SSL_get_session/* just peek at pointer */
+SSL_SESSION *SSL_get_session(const SSL *ssl);
+SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
+void SSL_set_info_callback(SSL *ssl,
+ void (*cb) (const SSL *ssl, int type, int val));
+void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
+ int val);
+int SSL_state(const SSL *ssl);
+void SSL_set_state(SSL *ssl, int state);
+
+void SSL_set_verify_result(SSL *ssl, long v);
+long SSL_get_verify_result(const SSL *ssl);
+
+int SSL_set_ex_data(SSL *ssl, int idx, void *data);
+void *SSL_get_ex_data(const SSL *ssl, int idx);
+int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
+int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
+void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
+int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+# define SSL_CTX_sess_set_cache_size(ctx,t) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+# define SSL_CTX_sess_get_cache_size(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+# define SSL_CTX_set_session_cache_mode(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+# define SSL_CTX_get_session_cache_mode(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+
+# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+# define SSL_CTX_get_read_ahead(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+# define SSL_CTX_set_read_ahead(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+# define SSL_CTX_get_max_cert_list(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_CTX_set_max_cert_list(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+# define SSL_get_max_cert_list(ssl) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_set_max_cert_list(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+
+# define SSL_CTX_set_max_send_fragment(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+# define SSL_set_max_send_fragment(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+
+ /* NB: the keylength is only applicable when is_export is true */
+# ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
+ RSA *(*cb) (SSL *ssl, int is_export,
+ int keylength));
+
+void SSL_set_tmp_rsa_callback(SSL *ssl,
+ RSA *(*cb) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+# ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength));
+void SSL_set_tmp_dh_callback(SSL *ssl,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+# ifndef OPENSSL_NO_ECDH
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
+ EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+ int keylength));
+void SSL_set_tmp_ecdh_callback(SSL *ssl,
+ EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+
+# ifndef OPENSSL_NO_COMP
+const COMP_METHOD *SSL_get_current_compression(SSL *s);
+const COMP_METHOD *SSL_get_current_expansion(SSL *s);
+const char *SSL_COMP_get_name(const COMP_METHOD *comp);
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+# else
+const void *SSL_get_current_compression(SSL *s);
+const void *SSL_get_current_expansion(SSL *s);
+const char *SSL_COMP_get_name(const void *comp);
+void *SSL_COMP_get_compression_methods(void);
+int SSL_COMP_add_compression_method(int id, void *cm);
+# endif
+
+/* TLS extensions functions */
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+ void *arg);
+
+/* Pre-shared secret session resumption functions */
+int SSL_set_session_secret_cb(SSL *s,
+ tls_session_secret_cb_fn tls_session_secret_cb,
+ void *arg);
+
+void SSL_set_debug(SSL *s, int debug);
+int SSL_cache_hit(SSL *s);
+
+# ifndef OPENSSL_NO_UNIT_TEST
+const struct openssl_ssl_test_functions *SSL_test_functions(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_SSL_strings(void);
+
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+# define SSL_F_CLIENT_CERTIFICATE 100
+# define SSL_F_CLIENT_FINISHED 167
+# define SSL_F_CLIENT_HELLO 101
+# define SSL_F_CLIENT_MASTER_KEY 102
+# define SSL_F_D2I_SSL_SESSION 103
+# define SSL_F_DO_DTLS1_WRITE 245
+# define SSL_F_DO_SSL3_WRITE 104
+# define SSL_F_DTLS1_ACCEPT 246
+# define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
+# define SSL_F_DTLS1_BUFFER_RECORD 247
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
+# define SSL_F_DTLS1_CLIENT_HELLO 248
+# define SSL_F_DTLS1_CONNECT 249
+# define SSL_F_DTLS1_ENC 250
+# define SSL_F_DTLS1_GET_HELLO_VERIFY 251
+# define SSL_F_DTLS1_GET_MESSAGE 252
+# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
+# define SSL_F_DTLS1_GET_RECORD 254
+# define SSL_F_DTLS1_HANDLE_TIMEOUT 297
+# define SSL_F_DTLS1_HEARTBEAT 305
+# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
+# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS 424
+# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
+# define SSL_F_DTLS1_PROCESS_RECORD 257
+# define SSL_F_DTLS1_READ_BYTES 258
+# define SSL_F_DTLS1_READ_FAILED 259
+# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
+# define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261
+# define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262
+# define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263
+# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
+# define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265
+# define SSL_F_DTLS1_SEND_SERVER_HELLO 266
+# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
+# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
+# define SSL_F_GET_CLIENT_FINISHED 105
+# define SSL_F_GET_CLIENT_HELLO 106
+# define SSL_F_GET_CLIENT_MASTER_KEY 107
+# define SSL_F_GET_SERVER_FINISHED 108
+# define SSL_F_GET_SERVER_HELLO 109
+# define SSL_F_GET_SERVER_VERIFY 110
+# define SSL_F_I2D_SSL_SESSION 111
+# define SSL_F_READ_N 112
+# define SSL_F_REQUEST_CERTIFICATE 113
+# define SSL_F_SERVER_FINISH 239
+# define SSL_F_SERVER_HELLO 114
+# define SSL_F_SERVER_VERIFY 240
+# define SSL_F_SSL23_ACCEPT 115
+# define SSL_F_SSL23_CLIENT_HELLO 116
+# define SSL_F_SSL23_CONNECT 117
+# define SSL_F_SSL23_GET_CLIENT_HELLO 118
+# define SSL_F_SSL23_GET_SERVER_HELLO 119
+# define SSL_F_SSL23_PEEK 237
+# define SSL_F_SSL23_READ 120
+# define SSL_F_SSL23_WRITE 121
+# define SSL_F_SSL2_ACCEPT 122
+# define SSL_F_SSL2_CONNECT 123
+# define SSL_F_SSL2_ENC_INIT 124
+# define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241
+# define SSL_F_SSL2_PEEK 234
+# define SSL_F_SSL2_READ 125
+# define SSL_F_SSL2_READ_INTERNAL 236
+# define SSL_F_SSL2_SET_CERTIFICATE 126
+# define SSL_F_SSL2_WRITE 127
+# define SSL_F_SSL3_ACCEPT 128
+# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
+# define SSL_F_SSL3_CALLBACK_CTRL 233
+# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
+# define SSL_F_SSL3_CHECK_FINISHED 339
+# define SSL_F_SSL3_CLIENT_HELLO 131
+# define SSL_F_SSL3_CONNECT 132
+# define SSL_F_SSL3_CTRL 213
+# define SSL_F_SSL3_CTX_CTRL 133
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
+# define SSL_F_SSL3_ENC 134
+# define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
+# define SSL_F_SSL3_GENERATE_MASTER_SECRET 388
+# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
+# define SSL_F_SSL3_GET_CERT_STATUS 289
+# define SSL_F_SSL3_GET_CERT_VERIFY 136
+# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
+# define SSL_F_SSL3_GET_CLIENT_HELLO 138
+# define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
+# define SSL_F_SSL3_GET_FINISHED 140
+# define SSL_F_SSL3_GET_KEY_EXCHANGE 141
+# define SSL_F_SSL3_GET_MESSAGE 142
+# define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
+# define SSL_F_SSL3_GET_NEXT_PROTO 306
+# define SSL_F_SSL3_GET_RECORD 143
+# define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
+# define SSL_F_SSL3_GET_SERVER_DONE 145
+# define SSL_F_SSL3_GET_SERVER_HELLO 146
+# define SSL_F_SSL3_HANDSHAKE_MAC 285
+# define SSL_F_SSL3_NEW_SESSION_TICKET 287
+# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+# define SSL_F_SSL3_PEEK 235
+# define SSL_F_SSL3_READ_BYTES 148
+# define SSL_F_SSL3_READ_N 149
+# define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
+# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
+# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
+# define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
+# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
+# define SSL_F_SSL3_SEND_SERVER_HELLO 242
+# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
+# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+# define SSL_F_SSL3_SETUP_READ_BUFFER 156
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
+# define SSL_F_SSL3_WRITE_BYTES 158
+# define SSL_F_SSL3_WRITE_PENDING 159
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
+# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
+# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
+# define SSL_F_SSL_BAD_METHOD 160
+# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+# define SSL_F_SSL_CERT_DUP 221
+# define SSL_F_SSL_CERT_INST 222
+# define SSL_F_SSL_CERT_INSTANTIATE 214
+# define SSL_F_SSL_CERT_NEW 162
+# define SSL_F_SSL_CHECK_PRIVATE_KEY 163
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
+# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
+# define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
+# define SSL_F_SSL_CLEAR 164
+# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
+# define SSL_F_SSL_CREATE_CIPHER_LIST 166
+# define SSL_F_SSL_CTRL 232
+# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
+# define SSL_F_SSL_CTX_MAKE_PROFILES 309
+# define SSL_F_SSL_CTX_NEW 169
+# define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
+# define SSL_F_SSL_CTX_SET_PURPOSE 226
+# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
+# define SSL_F_SSL_CTX_SET_SSL_VERSION 170
+# define SSL_F_SSL_CTX_SET_TRUST 229
+# define SSL_F_SSL_CTX_USE_CERTIFICATE 171
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
+# define SSL_F_SSL_DO_HANDSHAKE 180
+# define SSL_F_SSL_GET_NEW_SESSION 181
+# define SSL_F_SSL_GET_PREV_SESSION 217
+# define SSL_F_SSL_GET_SERVER_SEND_CERT 182
+# define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
+# define SSL_F_SSL_GET_SIGN_PKEY 183
+# define SSL_F_SSL_INIT_WBIO_BUFFER 184
+# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
+# define SSL_F_SSL_NEW 186
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
+# define SSL_F_SSL_PEEK 270
+# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
+# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
+# define SSL_F_SSL_READ 223
+# define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
+# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
+# define SSL_F_SSL_SESSION_DUP 348
+# define SSL_F_SSL_SESSION_NEW 189
+# define SSL_F_SSL_SESSION_PRINT_FP 190
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
+# define SSL_F_SSL_SESS_CERT_NEW 225
+# define SSL_F_SSL_SET_CERT 191
+# define SSL_F_SSL_SET_CIPHER_LIST 271
+# define SSL_F_SSL_SET_FD 192
+# define SSL_F_SSL_SET_PKEY 193
+# define SSL_F_SSL_SET_PURPOSE 227
+# define SSL_F_SSL_SET_RFD 194
+# define SSL_F_SSL_SET_SESSION 195
+# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
+# define SSL_F_SSL_SET_TRUST 228
+# define SSL_F_SSL_SET_WFD 196
+# define SSL_F_SSL_SHUTDOWN 224
+# define SSL_F_SSL_SRP_CTX_INIT 313
+# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
+# define SSL_F_SSL_UNDEFINED_FUNCTION 197
+# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
+# define SSL_F_SSL_USE_CERTIFICATE 198
+# define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
+# define SSL_F_SSL_USE_CERTIFICATE_FILE 200
+# define SSL_F_SSL_USE_PRIVATEKEY 201
+# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
+# define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
+# define SSL_F_SSL_USE_RSAPRIVATEKEY 204
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
+# define SSL_F_SSL_VERIFY_CERT_CHAIN 207
+# define SSL_F_SSL_WRITE 208
+# define SSL_F_TLS1_CERT_VERIFY_MAC 286
+# define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
+# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
+# define SSL_F_TLS1_ENC 210
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
+# define SSL_F_TLS1_HEARTBEAT 315
+# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
+# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
+# define SSL_F_TLS1_PRF 284
+# define SSL_F_TLS1_SETUP_KEY_BLOCK 211
+# define SSL_F_WRITE_PENDING 212
+
+/* Reason codes. */
+# define SSL_R_APP_DATA_IN_HANDSHAKE 100
+# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+# define SSL_R_BAD_ALERT_RECORD 101
+# define SSL_R_BAD_AUTHENTICATION_TYPE 102
+# define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+# define SSL_R_BAD_CHECKSUM 104
+# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+# define SSL_R_BAD_DECOMPRESSION 107
+# define SSL_R_BAD_DH_G_LENGTH 108
+# define SSL_R_BAD_DH_G_VALUE 375
+# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
+# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
+# define SSL_R_BAD_DH_P_LENGTH 110
+# define SSL_R_BAD_DH_P_VALUE 395
+# define SSL_R_BAD_DIGEST_LENGTH 111
+# define SSL_R_BAD_DSA_SIGNATURE 112
+# define SSL_R_BAD_ECC_CERT 304
+# define SSL_R_BAD_ECDSA_SIGNATURE 305
+# define SSL_R_BAD_ECPOINT 306
+# define SSL_R_BAD_HANDSHAKE_LENGTH 332
+# define SSL_R_BAD_HELLO_REQUEST 105
+# define SSL_R_BAD_LENGTH 271
+# define SSL_R_BAD_MAC_DECODE 113
+# define SSL_R_BAD_MAC_LENGTH 333
+# define SSL_R_BAD_MESSAGE_TYPE 114
+# define SSL_R_BAD_PACKET_LENGTH 115
+# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
+# define SSL_R_BAD_RESPONSE_ARGUMENT 117
+# define SSL_R_BAD_RSA_DECRYPT 118
+# define SSL_R_BAD_RSA_ENCRYPT 119
+# define SSL_R_BAD_RSA_E_LENGTH 120
+# define SSL_R_BAD_RSA_MODULUS_LENGTH 121
+# define SSL_R_BAD_RSA_SIGNATURE 122
+# define SSL_R_BAD_SIGNATURE 123
+# define SSL_R_BAD_SRP_A_LENGTH 347
+# define SSL_R_BAD_SRP_B_LENGTH 348
+# define SSL_R_BAD_SRP_G_LENGTH 349
+# define SSL_R_BAD_SRP_N_LENGTH 350
+# define SSL_R_BAD_SRP_PARAMETERS 371
+# define SSL_R_BAD_SRP_S_LENGTH 351
+# define SSL_R_BAD_SRTP_MKI_VALUE 352
+# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
+# define SSL_R_BAD_SSL_FILETYPE 124
+# define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
+# define SSL_R_BAD_STATE 126
+# define SSL_R_BAD_WRITE_RETRY 127
+# define SSL_R_BIO_NOT_SET 128
+# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
+# define SSL_R_BN_LIB 130
+# define SSL_R_CA_DN_LENGTH_MISMATCH 131
+# define SSL_R_CA_DN_TOO_LONG 132
+# define SSL_R_CCS_RECEIVED_EARLY 133
+# define SSL_R_CERTIFICATE_VERIFY_FAILED 134
+# define SSL_R_CERT_LENGTH_MISMATCH 135
+# define SSL_R_CHALLENGE_IS_DIFFERENT 136
+# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
+# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
+# define SSL_R_CIPHER_TABLE_SRC_ERROR 139
+# define SSL_R_CLIENTHELLO_TLSEXT 226
+# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
+# define SSL_R_COMPRESSION_DISABLED 343
+# define SSL_R_COMPRESSION_FAILURE 141
+# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
+# define SSL_R_COMPRESSION_LIBRARY_ERROR 142
+# define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
+# define SSL_R_CONNECTION_TYPE_NOT_SET 144
+# define SSL_R_COOKIE_MISMATCH 308
+# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
+# define SSL_R_DATA_LENGTH_TOO_LONG 146
+# define SSL_R_DECRYPTION_FAILED 147
+# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
+# define SSL_R_DH_KEY_TOO_SMALL 372
+# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
+# define SSL_R_DIGEST_CHECK_FAILED 149
+# define SSL_R_DTLS_MESSAGE_TOO_BIG 334
+# define SSL_R_DUPLICATE_COMPRESSION_ID 309
+# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
+# define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
+# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
+# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
+# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
+# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
+# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
+# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
+# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
+# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
+# define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
+# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
+# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
+# define SSL_R_HTTPS_PROXY_REQUEST 155
+# define SSL_R_HTTP_REQUEST 156
+# define SSL_R_ILLEGAL_PADDING 283
+# define SSL_R_INAPPROPRIATE_FALLBACK 373
+# define SSL_R_INCONSISTENT_COMPRESSION 340
+# define SSL_R_INVALID_CHALLENGE_LENGTH 158
+# define SSL_R_INVALID_COMMAND 280
+# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
+# define SSL_R_INVALID_PURPOSE 278
+# define SSL_R_INVALID_SRP_USERNAME 357
+# define SSL_R_INVALID_STATUS_RESPONSE 328
+# define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
+# define SSL_R_INVALID_TRUST 279
+# define SSL_R_KEY_ARG_TOO_LONG 284
+# define SSL_R_KRB5 285
+# define SSL_R_KRB5_C_CC_PRINC 286
+# define SSL_R_KRB5_C_GET_CRED 287
+# define SSL_R_KRB5_C_INIT 288
+# define SSL_R_KRB5_C_MK_REQ 289
+# define SSL_R_KRB5_S_BAD_TICKET 290
+# define SSL_R_KRB5_S_INIT 291
+# define SSL_R_KRB5_S_RD_REQ 292
+# define SSL_R_KRB5_S_TKT_EXPIRED 293
+# define SSL_R_KRB5_S_TKT_NYV 294
+# define SSL_R_KRB5_S_TKT_SKEW 295
+# define SSL_R_LENGTH_MISMATCH 159
+# define SSL_R_LENGTH_TOO_SHORT 160
+# define SSL_R_LIBRARY_BUG 274
+# define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
+# define SSL_R_MESSAGE_TOO_LONG 296
+# define SSL_R_MISSING_DH_DSA_CERT 162
+# define SSL_R_MISSING_DH_KEY 163
+# define SSL_R_MISSING_DH_RSA_CERT 164
+# define SSL_R_MISSING_DSA_SIGNING_CERT 165
+# define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
+# define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
+# define SSL_R_MISSING_RSA_CERTIFICATE 168
+# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
+# define SSL_R_MISSING_RSA_SIGNING_CERT 170
+# define SSL_R_MISSING_SRP_PARAM 358
+# define SSL_R_MISSING_TMP_DH_KEY 171
+# define SSL_R_MISSING_TMP_ECDH_KEY 311
+# define SSL_R_MISSING_TMP_RSA_KEY 172
+# define SSL_R_MISSING_TMP_RSA_PKEY 173
+# define SSL_R_MISSING_VERIFY_MESSAGE 174
+# define SSL_R_MULTIPLE_SGC_RESTARTS 346
+# define SSL_R_NON_SSLV2_INITIAL_PACKET 175
+# define SSL_R_NO_CERTIFICATES_RETURNED 176
+# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
+# define SSL_R_NO_CERTIFICATE_RETURNED 178
+# define SSL_R_NO_CERTIFICATE_SET 179
+# define SSL_R_NO_CERTIFICATE_SPECIFIED 180
+# define SSL_R_NO_CIPHERS_AVAILABLE 181
+# define SSL_R_NO_CIPHERS_PASSED 182
+# define SSL_R_NO_CIPHERS_SPECIFIED 183
+# define SSL_R_NO_CIPHER_LIST 184
+# define SSL_R_NO_CIPHER_MATCH 185
+# define SSL_R_NO_CLIENT_CERT_METHOD 331
+# define SSL_R_NO_CLIENT_CERT_RECEIVED 186
+# define SSL_R_NO_COMPRESSION_SPECIFIED 187
+# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
+# define SSL_R_NO_METHOD_SPECIFIED 188
+# define SSL_R_NO_PRIVATEKEY 189
+# define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
+# define SSL_R_NO_PROTOCOLS_AVAILABLE 191
+# define SSL_R_NO_PUBLICKEY 192
+# define SSL_R_NO_RENEGOTIATION 339
+# define SSL_R_NO_REQUIRED_DIGEST 324
+# define SSL_R_NO_SHARED_CIPHER 193
+# define SSL_R_NO_SRTP_PROFILES 359
+# define SSL_R_NO_VERIFY_CALLBACK 194
+# define SSL_R_NULL_SSL_CTX 195
+# define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
+# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
+# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
+# define SSL_R_PACKET_LENGTH_TOO_LONG 198
+# define SSL_R_PARSE_TLSEXT 227
+# define SSL_R_PATH_TOO_LONG 270
+# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
+# define SSL_R_PEER_ERROR 200
+# define SSL_R_PEER_ERROR_CERTIFICATE 201
+# define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
+# define SSL_R_PEER_ERROR_NO_CIPHER 203
+# define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
+# define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
+# define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
+# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
+# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
+# define SSL_R_PSK_NO_CLIENT_CB 224
+# define SSL_R_PSK_NO_SERVER_CB 225
+# define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
+# define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
+# define SSL_R_PUBLIC_KEY_NOT_RSA 210
+# define SSL_R_READ_BIO_NOT_SET 211
+# define SSL_R_READ_TIMEOUT_EXPIRED 312
+# define SSL_R_READ_WRONG_PACKET_TYPE 212
+# define SSL_R_RECORD_LENGTH_MISMATCH 213
+# define SSL_R_RECORD_TOO_LARGE 214
+# define SSL_R_RECORD_TOO_SMALL 298
+# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
+# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
+# define SSL_R_RENEGOTIATION_MISMATCH 337
+# define SSL_R_REQUIRED_CIPHER_MISSING 215
+# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
+# define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
+# define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
+# define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
+# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
+# define SSL_R_SERVERHELLO_TLSEXT 275
+# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
+# define SSL_R_SHORT_READ 219
+# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
+# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+# define SSL_R_SRP_A_CALC 361
+# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
+# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
+# define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
+# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
+# define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
+# define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
+# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
+# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
+# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
+# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
+# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
+# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
+# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
+# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
+# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
+# define SSL_R_SSL_HANDSHAKE_FAILURE 229
+# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
+# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
+# define SSL_R_SSL_SESSION_ID_CONFLICT 302
+# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
+# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
+# define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
+# define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
+# define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
+# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
+# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
+# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
+# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
+# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
+# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
+# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
+# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
+# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
+# define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
+# define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
+# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
+# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
+# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
+# define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
+# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
+# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
+# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
+# define SSL_R_TLS_HEARTBEAT_PENDING 366
+# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
+# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
+# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
+# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
+# define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
+# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
+# define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
+# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
+# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
+# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
+# define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
+# define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
+# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
+# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
+# define SSL_R_UNEXPECTED_MESSAGE 244
+# define SSL_R_UNEXPECTED_RECORD 245
+# define SSL_R_UNINITIALIZED 276
+# define SSL_R_UNKNOWN_ALERT_TYPE 246
+# define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
+# define SSL_R_UNKNOWN_CIPHER_RETURNED 248
+# define SSL_R_UNKNOWN_CIPHER_TYPE 249
+# define SSL_R_UNKNOWN_DIGEST 368
+# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
+# define SSL_R_UNKNOWN_PKEY_TYPE 251
+# define SSL_R_UNKNOWN_PROTOCOL 252
+# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
+# define SSL_R_UNKNOWN_SSL_VERSION 254
+# define SSL_R_UNKNOWN_STATE 255
+# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
+# define SSL_R_UNSUPPORTED_CIPHER 256
+# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
+# define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
+# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
+# define SSL_R_UNSUPPORTED_PROTOCOL 258
+# define SSL_R_UNSUPPORTED_SSL_VERSION 259
+# define SSL_R_UNSUPPORTED_STATUS_TYPE 329
+# define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
+# define SSL_R_WRITE_BIO_NOT_SET 260
+# define SSL_R_WRONG_CIPHER_RETURNED 261
+# define SSL_R_WRONG_MESSAGE_TYPE 262
+# define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
+# define SSL_R_WRONG_SIGNATURE_LENGTH 264
+# define SSL_R_WRONG_SIGNATURE_SIZE 265
+# define SSL_R_WRONG_SIGNATURE_TYPE 370
+# define SSL_R_WRONG_SSL_VERSION 266
+# define SSL_R_WRONG_VERSION_NUMBER 267
+# define SSL_R_X509_LIB 268
+# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
+
+#ifdef __cplusplus
+}
+#endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/ssl_ciph.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1911 +0,0 @@
-/* ssl/ssl_ciph.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include "ssl_locl.h"
-
-#define SSL_ENC_DES_IDX 0
-#define SSL_ENC_3DES_IDX 1
-#define SSL_ENC_RC4_IDX 2
-#define SSL_ENC_RC2_IDX 3
-#define SSL_ENC_IDEA_IDX 4
-#define SSL_ENC_NULL_IDX 5
-#define SSL_ENC_AES128_IDX 6
-#define SSL_ENC_AES256_IDX 7
-#define SSL_ENC_CAMELLIA128_IDX 8
-#define SSL_ENC_CAMELLIA256_IDX 9
-#define SSL_ENC_GOST89_IDX 10
-#define SSL_ENC_SEED_IDX 11
-#define SSL_ENC_AES128GCM_IDX 12
-#define SSL_ENC_AES256GCM_IDX 13
-#define SSL_ENC_NUM_IDX 14
-
-static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL
-};
-
-#define SSL_COMP_NULL_IDX 0
-#define SSL_COMP_ZLIB_IDX 1
-#define SSL_COMP_NUM_IDX 2
-
-static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
-
-#define SSL_MD_MD5_IDX 0
-#define SSL_MD_SHA1_IDX 1
-#define SSL_MD_GOST94_IDX 2
-#define SSL_MD_GOST89MAC_IDX 3
-#define SSL_MD_SHA256_IDX 4
-#define SSL_MD_SHA384_IDX 5
-/*
- * Constant SSL_MAX_DIGEST equal to size of digests array should be defined
- * in the ssl_locl.h
- */
-#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
-static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
- NULL, NULL, NULL, NULL, NULL, NULL
-};
-
-/*
- * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation
- * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is
- * found
- */
-static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
- EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
- EVP_PKEY_HMAC, EVP_PKEY_HMAC
-};
-
-static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
- 0, 0, 0, 0, 0, 0
-};
-
-static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
- SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
- SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
- SSL_HANDSHAKE_MAC_SHA384
-};
-
-#define CIPHER_ADD 1
-#define CIPHER_KILL 2
-#define CIPHER_DEL 3
-#define CIPHER_ORD 4
-#define CIPHER_SPECIAL 5
-
-typedef struct cipher_order_st {
- const SSL_CIPHER *cipher;
- int active;
- int dead;
- struct cipher_order_st *next, *prev;
-} CIPHER_ORDER;
-
-static const SSL_CIPHER cipher_aliases[] = {
- /* "ALL" doesn't include eNULL (must be specifically enabled) */
- {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0},
- /* "COMPLEMENTOFALL" */
- {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
-
- /*
- * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
- * ALL!)
- */
- {0, SSL_TXT_CMPDEF, 0, 0, SSL_aNULL, ~SSL_eNULL, 0, ~SSL_SSLV2,
- SSL_EXP_MASK, 0, 0, 0},
-
- /*
- * key exchange aliases (some of those using only a single bit here
- * combine multiple key exchange algs according to the RFCs, e.g. kEDH
- * combines DHE_DSS and DHE_RSA)
- */
- {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0},
-
- /* no such ciphersuites supported! */
- {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0},
- /* no such ciphersuites supported! */
- {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
- /* no such ciphersuites supported! */
- {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0,
- 0},
-
- {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0},
-
- {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0,
- 0, 0, 0},
-
- {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0},
-
- /* server authentication aliases */
- {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
- /* no such ciphersuites supported! */
- {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0},
-
- /* aliases combining key exchange and server authentication */
- {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
-
- /* symmetric encryption aliases */
- {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
- 0},
- {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
- 0},
- {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
- 0, 0},
- {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
- 0, 0, 0},
-
- /* MAC aliases */
- {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
- {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
- {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
- {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0},
- {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0},
- {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0},
- {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0},
-
- /* protocol version aliases */
- {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0},
- {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
- {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0},
- {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0},
-
- /* export flag */
- {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
- {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
-
- /* strength classes */
- {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0},
- {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0},
- {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
- {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
- {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
- /* FIPS 140-2 approved ciphersuite */
- {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0},
-};
-
-/*
- * Search for public key algorithm with given name and return its pkey_id if
- * it is available. Otherwise return 0
- */
-#ifdef OPENSSL_NO_ENGINE
-
-static int get_optional_pkey_id(const char *pkey_name)
-{
- const EVP_PKEY_ASN1_METHOD *ameth;
- int pkey_id = 0;
- ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1);
- if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
- ameth) > 0) {
- return pkey_id;
- }
- return 0;
-}
-
-#else
-
-static int get_optional_pkey_id(const char *pkey_name)
-{
- const EVP_PKEY_ASN1_METHOD *ameth;
- ENGINE *tmpeng = NULL;
- int pkey_id = 0;
- ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1);
- if (ameth) {
- if (EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
- ameth) <= 0)
- pkey_id = 0;
- }
- if (tmpeng)
- ENGINE_finish(tmpeng);
- return pkey_id;
-}
-
-#endif
-
-void ssl_load_ciphers(void)
-{
- ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc);
- ssl_cipher_methods[SSL_ENC_3DES_IDX] =
- EVP_get_cipherbyname(SN_des_ede3_cbc);
- ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4);
- ssl_cipher_methods[SSL_ENC_RC2_IDX] = EVP_get_cipherbyname(SN_rc2_cbc);
-#ifndef OPENSSL_NO_IDEA
- ssl_cipher_methods[SSL_ENC_IDEA_IDX] = EVP_get_cipherbyname(SN_idea_cbc);
-#else
- ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
-#endif
- ssl_cipher_methods[SSL_ENC_AES128_IDX] =
- EVP_get_cipherbyname(SN_aes_128_cbc);
- ssl_cipher_methods[SSL_ENC_AES256_IDX] =
- EVP_get_cipherbyname(SN_aes_256_cbc);
- ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
- EVP_get_cipherbyname(SN_camellia_128_cbc);
- ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
- EVP_get_cipherbyname(SN_camellia_256_cbc);
- ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
- EVP_get_cipherbyname(SN_gost89_cnt);
- ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc);
-
- ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
- EVP_get_cipherbyname(SN_aes_128_gcm);
- ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
- EVP_get_cipherbyname(SN_aes_256_gcm);
-
- ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5);
- ssl_mac_secret_size[SSL_MD_MD5_IDX] =
- EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
- OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
- ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1);
- ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
- EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
- OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
- ssl_digest_methods[SSL_MD_GOST94_IDX] =
- EVP_get_digestbyname(SN_id_GostR3411_94);
- if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
- ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
- EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
- OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
- }
- ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
- EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
- ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
- if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
- ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
- }
-
- ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256);
- ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
- EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
- ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384);
- ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
- EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
-}
-
-#ifndef OPENSSL_NO_COMP
-
-static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b)
-{
- return ((*a)->id - (*b)->id);
-}
-
-static void load_builtin_compressions(void)
-{
- int got_write_lock = 0;
-
- CRYPTO_r_lock(CRYPTO_LOCK_SSL);
- if (ssl_comp_methods == NULL) {
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
- CRYPTO_w_lock(CRYPTO_LOCK_SSL);
- got_write_lock = 1;
-
- if (ssl_comp_methods == NULL) {
- SSL_COMP *comp = NULL;
-
- MemCheck_off();
- ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
- if (ssl_comp_methods != NULL) {
- comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
- if (comp != NULL) {
- comp->method = COMP_zlib();
- if (comp->method && comp->method->type == NID_undef)
- OPENSSL_free(comp);
- else {
- comp->id = SSL_COMP_ZLIB_IDX;
- comp->name = comp->method->name;
- sk_SSL_COMP_push(ssl_comp_methods, comp);
- }
- }
- sk_SSL_COMP_sort(ssl_comp_methods);
- }
- MemCheck_on();
- }
- }
-
- if (got_write_lock)
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
- else
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
-}
-#endif
-
-int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, int *mac_pkey_type,
- int *mac_secret_size, SSL_COMP **comp)
-{
- int i;
- const SSL_CIPHER *c;
-
- c = s->cipher;
- if (c == NULL)
- return (0);
- if (comp != NULL) {
- SSL_COMP ctmp;
-#ifndef OPENSSL_NO_COMP
- load_builtin_compressions();
-#endif
-
- *comp = NULL;
- ctmp.id = s->compress_meth;
- if (ssl_comp_methods != NULL) {
- i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
- if (i >= 0)
- *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
- else
- *comp = NULL;
- }
- }
-
- if ((enc == NULL) || (md == NULL))
- return (0);
-
- switch (c->algorithm_enc) {
- case SSL_DES:
- i = SSL_ENC_DES_IDX;
- break;
- case SSL_3DES:
- i = SSL_ENC_3DES_IDX;
- break;
- case SSL_RC4:
- i = SSL_ENC_RC4_IDX;
- break;
- case SSL_RC2:
- i = SSL_ENC_RC2_IDX;
- break;
- case SSL_IDEA:
- i = SSL_ENC_IDEA_IDX;
- break;
- case SSL_eNULL:
- i = SSL_ENC_NULL_IDX;
- break;
- case SSL_AES128:
- i = SSL_ENC_AES128_IDX;
- break;
- case SSL_AES256:
- i = SSL_ENC_AES256_IDX;
- break;
- case SSL_CAMELLIA128:
- i = SSL_ENC_CAMELLIA128_IDX;
- break;
- case SSL_CAMELLIA256:
- i = SSL_ENC_CAMELLIA256_IDX;
- break;
- case SSL_eGOST2814789CNT:
- i = SSL_ENC_GOST89_IDX;
- break;
- case SSL_SEED:
- i = SSL_ENC_SEED_IDX;
- break;
- case SSL_AES128GCM:
- i = SSL_ENC_AES128GCM_IDX;
- break;
- case SSL_AES256GCM:
- i = SSL_ENC_AES256GCM_IDX;
- break;
- default:
- i = -1;
- break;
- }
-
- if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
- *enc = NULL;
- else {
- if (i == SSL_ENC_NULL_IDX)
- *enc = EVP_enc_null();
- else
- *enc = ssl_cipher_methods[i];
- }
-
- switch (c->algorithm_mac) {
- case SSL_MD5:
- i = SSL_MD_MD5_IDX;
- break;
- case SSL_SHA1:
- i = SSL_MD_SHA1_IDX;
- break;
- case SSL_SHA256:
- i = SSL_MD_SHA256_IDX;
- break;
- case SSL_SHA384:
- i = SSL_MD_SHA384_IDX;
- break;
- case SSL_GOST94:
- i = SSL_MD_GOST94_IDX;
- break;
- case SSL_GOST89MAC:
- i = SSL_MD_GOST89MAC_IDX;
- break;
- default:
- i = -1;
- break;
- }
- if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
- *md = NULL;
- if (mac_pkey_type != NULL)
- *mac_pkey_type = NID_undef;
- if (mac_secret_size != NULL)
- *mac_secret_size = 0;
- if (c->algorithm_mac == SSL_AEAD)
- mac_pkey_type = NULL;
- } else {
- *md = ssl_digest_methods[i];
- if (mac_pkey_type != NULL)
- *mac_pkey_type = ssl_mac_pkey_id[i];
- if (mac_secret_size != NULL)
- *mac_secret_size = ssl_mac_secret_size[i];
- }
-
- if ((*enc != NULL) &&
- (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))
- && (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
- const EVP_CIPHER *evp;
-
- if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
- s->ssl_version < TLS1_VERSION)
- return 1;
-
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- return 1;
-#endif
-
- if (c->algorithm_enc == SSL_RC4 &&
- c->algorithm_mac == SSL_MD5 &&
- (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
- *enc = evp, *md = NULL;
- else if (c->algorithm_enc == SSL_AES128 &&
- c->algorithm_mac == SSL_SHA1 &&
- (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
- *enc = evp, *md = NULL;
- else if (c->algorithm_enc == SSL_AES256 &&
- c->algorithm_mac == SSL_SHA1 &&
- (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
- *enc = evp, *md = NULL;
- return (1);
- } else
- return (0);
-}
-
-int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
-{
- if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
- return 0;
- }
- *mask = ssl_handshake_digest_flag[idx];
- if (*mask)
- *md = ssl_digest_methods[idx];
- else
- *md = NULL;
- return 1;
-}
-
-#define ITEM_SEP(a) \
- (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
-
-static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
- CIPHER_ORDER **tail)
-{
- if (curr == *tail)
- return;
- if (curr == *head)
- *head = curr->next;
- if (curr->prev != NULL)
- curr->prev->next = curr->next;
- if (curr->next != NULL)
- curr->next->prev = curr->prev;
- (*tail)->next = curr;
- curr->prev = *tail;
- curr->next = NULL;
- *tail = curr;
-}
-
-static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
- CIPHER_ORDER **tail)
-{
- if (curr == *head)
- return;
- if (curr == *tail)
- *tail = curr->prev;
- if (curr->next != NULL)
- curr->next->prev = curr->prev;
- if (curr->prev != NULL)
- curr->prev->next = curr->next;
- (*head)->prev = curr;
- curr->next = *head;
- curr->prev = NULL;
- *head = curr;
-}
-
-static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
- unsigned long *enc, unsigned long *mac,
- unsigned long *ssl)
-{
- *mkey = 0;
- *auth = 0;
- *enc = 0;
- *mac = 0;
- *ssl = 0;
-
-#ifdef OPENSSL_NO_RSA
- *mkey |= SSL_kRSA;
- *auth |= SSL_aRSA;
-#endif
-#ifdef OPENSSL_NO_DSA
- *auth |= SSL_aDSS;
-#endif
- *mkey |= SSL_kDHr | SSL_kDHd; /* no such ciphersuites supported! */
- *auth |= SSL_aDH;
-#ifdef OPENSSL_NO_DH
- *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH;
- *auth |= SSL_aDH;
-#endif
-#ifdef OPENSSL_NO_KRB5
- *mkey |= SSL_kKRB5;
- *auth |= SSL_aKRB5;
-#endif
-#ifdef OPENSSL_NO_ECDSA
- *auth |= SSL_aECDSA;
-#endif
-#ifdef OPENSSL_NO_ECDH
- *mkey |= SSL_kECDHe | SSL_kECDHr;
- *auth |= SSL_aECDH;
-#endif
-#ifdef OPENSSL_NO_PSK
- *mkey |= SSL_kPSK;
- *auth |= SSL_aPSK;
-#endif
-#ifdef OPENSSL_NO_SRP
- *mkey |= SSL_kSRP;
-#endif
- /*
- * Check for presence of GOST 34.10 algorithms, and if they do not
- * present, disable appropriate auth and key exchange
- */
- if (!get_optional_pkey_id("gost94")) {
- *auth |= SSL_aGOST94;
- }
- if (!get_optional_pkey_id("gost2001")) {
- *auth |= SSL_aGOST01;
- }
- /*
- * Disable GOST key exchange if no GOST signature algs are available *
- */
- if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) {
- *mkey |= SSL_kGOST;
- }
-#ifdef SSL_FORBID_ENULL
- *enc |= SSL_eNULL;
-#endif
-
- *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
- *enc |=
- (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
- NULL) ? SSL_AES128GCM : 0;
- *enc |=
- (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
- NULL) ? SSL_AES256GCM : 0;
- *enc |=
- (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] ==
- NULL) ? SSL_CAMELLIA128 : 0;
- *enc |=
- (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] ==
- NULL) ? SSL_CAMELLIA256 : 0;
- *enc |=
- (ssl_cipher_methods[SSL_ENC_GOST89_IDX] ==
- NULL) ? SSL_eGOST2814789CNT : 0;
- *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0;
-
- *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0;
- *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
- *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
- *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
- *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
- *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL
- || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] ==
- NID_undef) ? SSL_GOST89MAC : 0;
-
-}
-
-static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
- int num_of_ciphers,
- unsigned long disabled_mkey,
- unsigned long disabled_auth,
- unsigned long disabled_enc,
- unsigned long disabled_mac,
- unsigned long disabled_ssl,
- CIPHER_ORDER *co_list,
- CIPHER_ORDER **head_p,
- CIPHER_ORDER **tail_p)
-{
- int i, co_list_num;
- const SSL_CIPHER *c;
-
- /*
- * We have num_of_ciphers descriptions compiled in, depending on the
- * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
- * These will later be sorted in a linked list with at most num
- * entries.
- */
-
- /* Get the initial list of ciphers */
- co_list_num = 0; /* actual count of ciphers */
- for (i = 0; i < num_of_ciphers; i++) {
- c = ssl_method->get_cipher(i);
- /* drop those that use any of that is not available */
- if ((c != NULL) && c->valid &&
-#ifdef OPENSSL_FIPS
- (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
-#endif
- !(c->algorithm_mkey & disabled_mkey) &&
- !(c->algorithm_auth & disabled_auth) &&
- !(c->algorithm_enc & disabled_enc) &&
- !(c->algorithm_mac & disabled_mac) &&
- !(c->algorithm_ssl & disabled_ssl)) {
- co_list[co_list_num].cipher = c;
- co_list[co_list_num].next = NULL;
- co_list[co_list_num].prev = NULL;
- co_list[co_list_num].active = 0;
- co_list_num++;
-#ifdef KSSL_DEBUG
- fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id,
- c->algorithm_mkey, c->algorithm_auth);
-#endif /* KSSL_DEBUG */
- /*
- * if (!sk_push(ca_list,(char *)c)) goto err;
- */
- }
- }
-
- /*
- * Prepare linked list from list entries
- */
- if (co_list_num > 0) {
- co_list[0].prev = NULL;
-
- if (co_list_num > 1) {
- co_list[0].next = &co_list[1];
-
- for (i = 1; i < co_list_num - 1; i++) {
- co_list[i].prev = &co_list[i - 1];
- co_list[i].next = &co_list[i + 1];
- }
-
- co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
- }
-
- co_list[co_list_num - 1].next = NULL;
-
- *head_p = &co_list[0];
- *tail_p = &co_list[co_list_num - 1];
- }
-}
-
-static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
- int num_of_group_aliases,
- unsigned long disabled_mkey,
- unsigned long disabled_auth,
- unsigned long disabled_enc,
- unsigned long disabled_mac,
- unsigned long disabled_ssl,
- CIPHER_ORDER *head)
-{
- CIPHER_ORDER *ciph_curr;
- const SSL_CIPHER **ca_curr;
- int i;
- unsigned long mask_mkey = ~disabled_mkey;
- unsigned long mask_auth = ~disabled_auth;
- unsigned long mask_enc = ~disabled_enc;
- unsigned long mask_mac = ~disabled_mac;
- unsigned long mask_ssl = ~disabled_ssl;
-
- /*
- * First, add the real ciphers as already collected
- */
- ciph_curr = head;
- ca_curr = ca_list;
- while (ciph_curr != NULL) {
- *ca_curr = ciph_curr->cipher;
- ca_curr++;
- ciph_curr = ciph_curr->next;
- }
-
- /*
- * Now we add the available ones from the cipher_aliases[] table.
- * They represent either one or more algorithms, some of which
- * in any affected category must be supported (set in enabled_mask),
- * or represent a cipher strength value (will be added in any case because algorithms=0).
- */
- for (i = 0; i < num_of_group_aliases; i++) {
- unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
- unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
- unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
- unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
- unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
-
- if (algorithm_mkey)
- if ((algorithm_mkey & mask_mkey) == 0)
- continue;
-
- if (algorithm_auth)
- if ((algorithm_auth & mask_auth) == 0)
- continue;
-
- if (algorithm_enc)
- if ((algorithm_enc & mask_enc) == 0)
- continue;
-
- if (algorithm_mac)
- if ((algorithm_mac & mask_mac) == 0)
- continue;
-
- if (algorithm_ssl)
- if ((algorithm_ssl & mask_ssl) == 0)
- continue;
-
- *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
- ca_curr++;
- }
-
- *ca_curr = NULL; /* end of list */
-}
-
-static void ssl_cipher_apply_rule(unsigned long cipher_id,
- unsigned long alg_mkey,
- unsigned long alg_auth,
- unsigned long alg_enc,
- unsigned long alg_mac,
- unsigned long alg_ssl,
- unsigned long algo_strength, int rule,
- int strength_bits, CIPHER_ORDER **head_p,
- CIPHER_ORDER **tail_p)
-{
- CIPHER_ORDER *head, *tail, *curr, *next, *last;
- const SSL_CIPHER *cp;
- int reverse = 0;
-
-#ifdef CIPHER_DEBUG
- fprintf(stderr,
- "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
- rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
- algo_strength, strength_bits);
-#endif
-
- if (rule == CIPHER_DEL)
- reverse = 1; /* needed to maintain sorting between
- * currently deleted ciphers */
-
- head = *head_p;
- tail = *tail_p;
-
- if (reverse) {
- next = tail;
- last = head;
- } else {
- next = head;
- last = tail;
- }
-
- curr = NULL;
- for (;;) {
- if (curr == last)
- break;
-
- curr = next;
-
- if (curr == NULL)
- break;
-
- next = reverse ? curr->prev : curr->next;
-
- cp = curr->cipher;
-
- /*
- * Selection criteria is either the value of strength_bits
- * or the algorithms used.
- */
- if (strength_bits >= 0) {
- if (strength_bits != cp->strength_bits)
- continue;
- } else {
-#ifdef CIPHER_DEBUG
- fprintf(stderr,
- "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n",
- cp->name, cp->algorithm_mkey, cp->algorithm_auth,
- cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl,
- cp->algo_strength);
-#endif
- if (algo_strength == SSL_EXP_MASK && SSL_C_IS_EXPORT(cp))
- goto ok;
- if (alg_ssl == ~SSL_SSLV2 && cp->algorithm_ssl == SSL_SSLV2)
- goto ok;
- if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
- continue;
- if (alg_auth && !(alg_auth & cp->algorithm_auth))
- continue;
- if (alg_enc && !(alg_enc & cp->algorithm_enc))
- continue;
- if (alg_mac && !(alg_mac & cp->algorithm_mac))
- continue;
- if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
- continue;
- if ((algo_strength & SSL_EXP_MASK)
- && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
- continue;
- if ((algo_strength & SSL_STRONG_MASK)
- && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
- continue;
- }
-
- ok:
-
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "Action = %d\n", rule);
-#endif
-
- /* add the cipher if it has not been added yet. */
- if (rule == CIPHER_ADD) {
- /* reverse == 0 */
- if (!curr->active) {
- ll_append_tail(&head, curr, &tail);
- curr->active = 1;
- }
- }
- /* Move the added cipher to this location */
- else if (rule == CIPHER_ORD) {
- /* reverse == 0 */
- if (curr->active) {
- ll_append_tail(&head, curr, &tail);
- }
- } else if (rule == CIPHER_DEL) {
- /* reverse == 1 */
- if (curr->active) {
- /*
- * most recently deleted ciphersuites get best positions for
- * any future CIPHER_ADD (note that the CIPHER_DEL loop works
- * in reverse to maintain the order)
- */
- ll_append_head(&head, curr, &tail);
- curr->active = 0;
- }
- } else if (rule == CIPHER_KILL) {
- /* reverse == 0 */
- if (head == curr)
- head = curr->next;
- else
- curr->prev->next = curr->next;
- if (tail == curr)
- tail = curr->prev;
- curr->active = 0;
- if (curr->next != NULL)
- curr->next->prev = curr->prev;
- if (curr->prev != NULL)
- curr->prev->next = curr->next;
- curr->next = NULL;
- curr->prev = NULL;
- }
- }
-
- *head_p = head;
- *tail_p = tail;
-}
-
-static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
- CIPHER_ORDER **tail_p)
-{
- int max_strength_bits, i, *number_uses;
- CIPHER_ORDER *curr;
-
- /*
- * This routine sorts the ciphers with descending strength. The sorting
- * must keep the pre-sorted sequence, so we apply the normal sorting
- * routine as '+' movement to the end of the list.
- */
- max_strength_bits = 0;
- curr = *head_p;
- while (curr != NULL) {
- if (curr->active && (curr->cipher->strength_bits > max_strength_bits))
- max_strength_bits = curr->cipher->strength_bits;
- curr = curr->next;
- }
-
- number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
- if (!number_uses) {
- SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
-
- /*
- * Now find the strength_bits values actually used
- */
- curr = *head_p;
- while (curr != NULL) {
- if (curr->active)
- number_uses[curr->cipher->strength_bits]++;
- curr = curr->next;
- }
- /*
- * Go through the list of used strength_bits values in descending
- * order.
- */
- for (i = max_strength_bits; i >= 0; i--)
- if (number_uses[i] > 0)
- ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p,
- tail_p);
-
- OPENSSL_free(number_uses);
- return (1);
-}
-
-static int ssl_cipher_process_rulestr(const char *rule_str,
- CIPHER_ORDER **head_p,
- CIPHER_ORDER **tail_p,
- const SSL_CIPHER **ca_list)
-{
- unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
- algo_strength;
- const char *l, *buf;
- int j, multi, found, rule, retval, ok, buflen;
- unsigned long cipher_id = 0;
- char ch;
-
- retval = 1;
- l = rule_str;
- for (;;) {
- ch = *l;
-
- if (ch == '\0')
- break; /* done */
- if (ch == '-') {
- rule = CIPHER_DEL;
- l++;
- } else if (ch == '+') {
- rule = CIPHER_ORD;
- l++;
- } else if (ch == '!') {
- rule = CIPHER_KILL;
- l++;
- } else if (ch == '@') {
- rule = CIPHER_SPECIAL;
- l++;
- } else {
- rule = CIPHER_ADD;
- }
-
- if (ITEM_SEP(ch)) {
- l++;
- continue;
- }
-
- alg_mkey = 0;
- alg_auth = 0;
- alg_enc = 0;
- alg_mac = 0;
- alg_ssl = 0;
- algo_strength = 0;
-
- for (;;) {
- ch = *l;
- buf = l;
- buflen = 0;
-#ifndef CHARSET_EBCDIC
- while (((ch >= 'A') && (ch <= 'Z')) ||
- ((ch >= '0') && (ch <= '9')) ||
- ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.'))
-#else
- while (isalnum(ch) || (ch == '-') || (ch == '.'))
-#endif
- {
- ch = *(++l);
- buflen++;
- }
-
- if (buflen == 0) {
- /*
- * We hit something we cannot deal with,
- * it is no command or separator nor
- * alphanumeric, so we call this an error.
- */
- SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
- SSL_R_INVALID_COMMAND);
- retval = found = 0;
- l++;
- break;
- }
-
- if (rule == CIPHER_SPECIAL) {
- found = 0; /* unused -- avoid compiler warning */
- break; /* special treatment */
- }
-
- /* check for multi-part specification */
- if (ch == '+') {
- multi = 1;
- l++;
- } else
- multi = 0;
-
- /*
- * Now search for the cipher alias in the ca_list. Be careful
- * with the strncmp, because the "buflen" limitation
- * will make the rule "ADH:SOME" and the cipher
- * "ADH-MY-CIPHER" look like a match for buflen=3.
- * So additionally check whether the cipher name found
- * has the correct length. We can save a strlen() call:
- * just checking for the '\0' at the right place is
- * sufficient, we have to strncmp() anyway. (We cannot
- * use strcmp(), because buf is not '\0' terminated.)
- */
- j = found = 0;
- cipher_id = 0;
- while (ca_list[j]) {
- if (!strncmp(buf, ca_list[j]->name, buflen) &&
- (ca_list[j]->name[buflen] == '\0')) {
- found = 1;
- break;
- } else
- j++;
- }
-
- if (!found)
- break; /* ignore this entry */
-
- if (ca_list[j]->algorithm_mkey) {
- if (alg_mkey) {
- alg_mkey &= ca_list[j]->algorithm_mkey;
- if (!alg_mkey) {
- found = 0;
- break;
- }
- } else
- alg_mkey = ca_list[j]->algorithm_mkey;
- }
-
- if (ca_list[j]->algorithm_auth) {
- if (alg_auth) {
- alg_auth &= ca_list[j]->algorithm_auth;
- if (!alg_auth) {
- found = 0;
- break;
- }
- } else
- alg_auth = ca_list[j]->algorithm_auth;
- }
-
- if (ca_list[j]->algorithm_enc) {
- if (alg_enc) {
- alg_enc &= ca_list[j]->algorithm_enc;
- if (!alg_enc) {
- found = 0;
- break;
- }
- } else
- alg_enc = ca_list[j]->algorithm_enc;
- }
-
- if (ca_list[j]->algorithm_mac) {
- if (alg_mac) {
- alg_mac &= ca_list[j]->algorithm_mac;
- if (!alg_mac) {
- found = 0;
- break;
- }
- } else
- alg_mac = ca_list[j]->algorithm_mac;
- }
-
- if (ca_list[j]->algo_strength & SSL_EXP_MASK) {
- if (algo_strength & SSL_EXP_MASK) {
- algo_strength &=
- (ca_list[j]->algo_strength & SSL_EXP_MASK) |
- ~SSL_EXP_MASK;
- if (!(algo_strength & SSL_EXP_MASK)) {
- found = 0;
- break;
- }
- } else
- algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
- }
-
- if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
- if (algo_strength & SSL_STRONG_MASK) {
- algo_strength &=
- (ca_list[j]->algo_strength & SSL_STRONG_MASK) |
- ~SSL_STRONG_MASK;
- if (!(algo_strength & SSL_STRONG_MASK)) {
- found = 0;
- break;
- }
- } else
- algo_strength |=
- ca_list[j]->algo_strength & SSL_STRONG_MASK;
- }
-
- if (ca_list[j]->valid) {
- /*
- * explicit ciphersuite found; its protocol version does not
- * become part of the search pattern!
- */
-
- cipher_id = ca_list[j]->id;
- } else {
- /*
- * not an explicit ciphersuite; only in this case, the
- * protocol version is considered part of the search pattern
- */
-
- if (ca_list[j]->algorithm_ssl) {
- if (alg_ssl) {
- alg_ssl &= ca_list[j]->algorithm_ssl;
- if (!alg_ssl) {
- found = 0;
- break;
- }
- } else
- alg_ssl = ca_list[j]->algorithm_ssl;
- }
- }
-
- if (!multi)
- break;
- }
-
- /*
- * Ok, we have the rule, now apply it
- */
- if (rule == CIPHER_SPECIAL) { /* special command */
- ok = 0;
- if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
- ok = ssl_cipher_strength_sort(head_p, tail_p);
- else
- SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
- SSL_R_INVALID_COMMAND);
- if (ok == 0)
- retval = 0;
- /*
- * We do not support any "multi" options
- * together with "@", so throw away the
- * rest of the command, if any left, until
- * end or ':' is found.
- */
- while ((*l != '\0') && !ITEM_SEP(*l))
- l++;
- } else if (found) {
- ssl_cipher_apply_rule(cipher_id,
- alg_mkey, alg_auth, alg_enc, alg_mac,
- alg_ssl, algo_strength, rule, -1, head_p,
- tail_p);
- } else {
- while ((*l != '\0') && !ITEM_SEP(*l))
- l++;
- }
- if (*l == '\0')
- break; /* done */
- }
-
- return (retval);
-}
-
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER)
- **cipher_list, STACK_OF(SSL_CIPHER)
- **cipher_list_by_id,
- const char *rule_str)
-{
- int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
- unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac,
- disabled_ssl;
- STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
- const char *rule_p;
- CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
- const SSL_CIPHER **ca_list = NULL;
-
- /*
- * Return with error if nothing to do.
- */
- if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
- return NULL;
-
- /*
- * To reduce the work to do we only want to process the compiled
- * in algorithms, so we first get the mask of disabled ciphers.
- */
- ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc,
- &disabled_mac, &disabled_ssl);
-
- /*
- * Now we have to collect the available ciphers from the compiled
- * in ciphers. We cannot get more than the number compiled in, so
- * it is used for allocation.
- */
- num_of_ciphers = ssl_method->num_ciphers();
-#ifdef KSSL_DEBUG
- fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
- num_of_ciphers);
-#endif /* KSSL_DEBUG */
- co_list =
- (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
- if (co_list == NULL) {
- SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- return (NULL); /* Failure */
- }
-
- ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
- disabled_mkey, disabled_auth, disabled_enc,
- disabled_mac, disabled_ssl, co_list, &head,
- &tail);
-
- /* Now arrange all ciphers by preference: */
-
- /*
- * Everything else being equal, prefer ephemeral ECDH over other key
- * exchange mechanisms
- */
- ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head,
- &tail);
- ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
- &tail);
-
- /* AES is our preferred symmetric cipher */
- ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
- &tail);
-
- /* Temporarily enable everything else for sorting */
- ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-
- /* Low priority for MD5 */
- ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
-
- /*
- * Move anonymous ciphers to the end. Usually, these will remain
- * disabled. (For applications that allow them, they aren't too bad, but
- * we prefer authenticated ciphers.)
- */
- ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
-
- /* Move ciphers without forward secrecy to the end */
- ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
- /*
- * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1,
- * &head, &tail);
- */
- ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
- ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
- ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
-
- /* RC4 is sort-of broken -- move the the end */
- ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head,
- &tail);
-
- /*
- * Now sort by symmetric encryption strength. The above ordering remains
- * in force within each class
- */
- if (!ssl_cipher_strength_sort(&head, &tail)) {
- OPENSSL_free(co_list);
- return NULL;
- }
-
- /* Now disable everything (maintaining the ordering!) */
- ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
-
- /*
- * We also need cipher aliases for selecting based on the rule_str.
- * There might be two types of entries in the rule_str: 1) names
- * of ciphers themselves 2) aliases for groups of ciphers.
- * For 1) we need the available ciphers and for 2) the cipher
- * groups of cipher_aliases added together in one list (otherwise
- * we would be happy with just the cipher_aliases table).
- */
- num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
- num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
- ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
- if (ca_list == NULL) {
- OPENSSL_free(co_list);
- SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- return (NULL); /* Failure */
- }
- ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
- disabled_mkey, disabled_auth, disabled_enc,
- disabled_mac, disabled_ssl, head);
-
- /*
- * If the rule_string begins with DEFAULT, apply the default rule
- * before using the (possibly available) additional rules.
- */
- ok = 1;
- rule_p = rule_str;
- if (strncmp(rule_str, "DEFAULT", 7) == 0) {
- ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
- &head, &tail, ca_list);
- rule_p += 7;
- if (*rule_p == ':')
- rule_p++;
- }
-
- if (ok && (strlen(rule_p) > 0))
- ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
-
- OPENSSL_free((void *)ca_list); /* Not needed anymore */
-
- if (!ok) { /* Rule processing failure */
- OPENSSL_free(co_list);
- return (NULL);
- }
-
- /*
- * Allocate new "cipherstack" for the result, return with error
- * if we cannot get one.
- */
- if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
- OPENSSL_free(co_list);
- return (NULL);
- }
-
- /*
- * The cipher selection for the list is done. The ciphers are added
- * to the resulting precedence to the STACK_OF(SSL_CIPHER).
- */
- for (curr = head; curr != NULL; curr = curr->next) {
-#ifdef OPENSSL_FIPS
- if (curr->active
- && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
-#else
- if (curr->active)
-#endif
- {
- sk_SSL_CIPHER_push(cipherstack, curr->cipher);
-#ifdef CIPHER_DEBUG
- fprintf(stderr, "<%s>\n", curr->cipher->name);
-#endif
- }
- }
- OPENSSL_free(co_list); /* Not needed any longer */
-
- tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
- if (tmp_cipher_list == NULL) {
- sk_SSL_CIPHER_free(cipherstack);
- return NULL;
- }
- if (*cipher_list != NULL)
- sk_SSL_CIPHER_free(*cipher_list);
- *cipher_list = cipherstack;
- if (*cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(*cipher_list_by_id);
- *cipher_list_by_id = tmp_cipher_list;
- (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
- ssl_cipher_ptr_id_cmp);
-
- sk_SSL_CIPHER_sort(*cipher_list_by_id);
- return (cipherstack);
-}
-
-char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
-{
- int is_export, pkl, kl;
- const char *ver, *exp_str;
- const char *kx, *au, *enc, *mac;
- unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
-#ifdef KSSL_DEBUG
- static const char *format =
- "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
-#else
- static const char *format =
- "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
-#endif /* KSSL_DEBUG */
-
- alg_mkey = cipher->algorithm_mkey;
- alg_auth = cipher->algorithm_auth;
- alg_enc = cipher->algorithm_enc;
- alg_mac = cipher->algorithm_mac;
- alg_ssl = cipher->algorithm_ssl;
-
- alg2 = cipher->algorithm2;
-
- is_export = SSL_C_IS_EXPORT(cipher);
- pkl = SSL_C_EXPORT_PKEYLENGTH(cipher);
- kl = SSL_C_EXPORT_KEYLENGTH(cipher);
- exp_str = is_export ? " export" : "";
-
- if (alg_ssl & SSL_SSLV2)
- ver = "SSLv2";
- else if (alg_ssl & SSL_SSLV3)
- ver = "SSLv3";
- else if (alg_ssl & SSL_TLSV1_2)
- ver = "TLSv1.2";
- else
- ver = "unknown";
-
- switch (alg_mkey) {
- case SSL_kRSA:
- kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA";
- break;
- case SSL_kDHr:
- kx = "DH/RSA";
- break;
- case SSL_kDHd:
- kx = "DH/DSS";
- break;
- case SSL_kKRB5:
- kx = "KRB5";
- break;
- case SSL_kEDH:
- kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH";
- break;
- case SSL_kECDHr:
- kx = "ECDH/RSA";
- break;
- case SSL_kECDHe:
- kx = "ECDH/ECDSA";
- break;
- case SSL_kEECDH:
- kx = "ECDH";
- break;
- case SSL_kPSK:
- kx = "PSK";
- break;
- case SSL_kSRP:
- kx = "SRP";
- break;
- case SSL_kGOST:
- kx = "GOST";
- break;
- default:
- kx = "unknown";
- }
-
- switch (alg_auth) {
- case SSL_aRSA:
- au = "RSA";
- break;
- case SSL_aDSS:
- au = "DSS";
- break;
- case SSL_aDH:
- au = "DH";
- break;
- case SSL_aKRB5:
- au = "KRB5";
- break;
- case SSL_aECDH:
- au = "ECDH";
- break;
- case SSL_aNULL:
- au = "None";
- break;
- case SSL_aECDSA:
- au = "ECDSA";
- break;
- case SSL_aPSK:
- au = "PSK";
- break;
- case SSL_aSRP:
- au = "SRP";
- break;
- case SSL_aGOST94:
- au = "GOST94";
- break;
- case SSL_aGOST01:
- au = "GOST01";
- break;
- default:
- au = "unknown";
- break;
- }
-
- switch (alg_enc) {
- case SSL_DES:
- enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)";
- break;
- case SSL_3DES:
- enc = "3DES(168)";
- break;
- case SSL_RC4:
- enc = is_export ? (kl == 5 ? "RC4(40)" : "RC4(56)")
- : ((alg2 & SSL2_CF_8_BYTE_ENC) ? "RC4(64)" : "RC4(128)");
- break;
- case SSL_RC2:
- enc = is_export ? (kl == 5 ? "RC2(40)" : "RC2(56)") : "RC2(128)";
- break;
- case SSL_IDEA:
- enc = "IDEA(128)";
- break;
- case SSL_eNULL:
- enc = "None";
- break;
- case SSL_AES128:
- enc = "AES(128)";
- break;
- case SSL_AES256:
- enc = "AES(256)";
- break;
- case SSL_AES128GCM:
- enc = "AESGCM(128)";
- break;
- case SSL_AES256GCM:
- enc = "AESGCM(256)";
- break;
- case SSL_CAMELLIA128:
- enc = "Camellia(128)";
- break;
- case SSL_CAMELLIA256:
- enc = "Camellia(256)";
- break;
- case SSL_SEED:
- enc = "SEED(128)";
- break;
- case SSL_eGOST2814789CNT:
- enc = "GOST89(256)";
- break;
- default:
- enc = "unknown";
- break;
- }
-
- switch (alg_mac) {
- case SSL_MD5:
- mac = "MD5";
- break;
- case SSL_SHA1:
- mac = "SHA1";
- break;
- case SSL_SHA256:
- mac = "SHA256";
- break;
- case SSL_SHA384:
- mac = "SHA384";
- break;
- case SSL_AEAD:
- mac = "AEAD";
- break;
- case SSL_GOST89MAC:
- mac = "GOST89";
- break;
- case SSL_GOST94:
- mac = "GOST94";
- break;
- default:
- mac = "unknown";
- break;
- }
-
- if (buf == NULL) {
- len = 128;
- buf = OPENSSL_malloc(len);
- if (buf == NULL)
- return ("OPENSSL_malloc Error");
- } else if (len < 128)
- return ("Buffer too small");
-
-#ifdef KSSL_DEBUG
- BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
- exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl);
-#else
- BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
- exp_str);
-#endif /* KSSL_DEBUG */
- return (buf);
-}
-
-char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
-{
- int i;
-
- if (c == NULL)
- return ("(NONE)");
- i = (int)(c->id >> 24L);
- if (i == 3)
- return ("TLSv1/SSLv3");
- else if (i == 2)
- return ("SSLv2");
- else
- return ("unknown");
-}
-
-/* return the actual cipher being used */
-const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
-{
- if (c != NULL)
- return (c->name);
- return ("(NONE)");
-}
-
-/* number of bits for symmetric cipher */
-int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
-{
- int ret = 0;
-
- if (c != NULL) {
- if (alg_bits != NULL)
- *alg_bits = c->alg_bits;
- ret = c->strength_bits;
- }
- return (ret);
-}
-
-unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
-{
- return c->id;
-}
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
-{
- SSL_COMP *ctmp;
- int i, nn;
-
- if ((n == 0) || (sk == NULL))
- return (NULL);
- nn = sk_SSL_COMP_num(sk);
- for (i = 0; i < nn; i++) {
- ctmp = sk_SSL_COMP_value(sk, i);
- if (ctmp->id == n)
- return (ctmp);
- }
- return (NULL);
-}
-
-#ifdef OPENSSL_NO_COMP
-void *SSL_COMP_get_compression_methods(void)
-{
- return NULL;
-}
-
-int SSL_COMP_add_compression_method(int id, void *cm)
-{
- return 1;
-}
-
-const char *SSL_COMP_get_name(const void *comp)
-{
- return NULL;
-}
-#else
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
-{
- load_builtin_compressions();
- return (ssl_comp_methods);
-}
-
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
-{
- SSL_COMP *comp;
-
- if (cm == NULL || cm->type == NID_undef)
- return 1;
-
- /*-
- * According to draft-ietf-tls-compression-04.txt, the
- * compression number ranges should be the following:
- *
- * 0 to 63: methods defined by the IETF
- * 64 to 192: external party methods assigned by IANA
- * 193 to 255: reserved for private use
- */
- if (id < 193 || id > 255) {
- SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
- SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
- return 0;
- }
-
- MemCheck_off();
- comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
- comp->id = id;
- comp->method = cm;
- load_builtin_compressions();
- if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
- OPENSSL_free(comp);
- MemCheck_on();
- SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
- SSL_R_DUPLICATE_COMPRESSION_ID);
- return (1);
- } else if ((ssl_comp_methods == NULL)
- || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
- OPENSSL_free(comp);
- MemCheck_on();
- SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
- return (1);
- } else {
- MemCheck_on();
- return (0);
- }
-}
-
-const char *SSL_COMP_get_name(const COMP_METHOD *comp)
-{
- if (comp)
- return comp->name;
- return NULL;
-}
-
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c (from rev 11605, vendor-crypto/openssl/dist/ssl/ssl_ciph.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_ciph.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1911 @@
+/* ssl/ssl_ciph.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "ssl_locl.h"
+
+#define SSL_ENC_DES_IDX 0
+#define SSL_ENC_3DES_IDX 1
+#define SSL_ENC_RC4_IDX 2
+#define SSL_ENC_RC2_IDX 3
+#define SSL_ENC_IDEA_IDX 4
+#define SSL_ENC_NULL_IDX 5
+#define SSL_ENC_AES128_IDX 6
+#define SSL_ENC_AES256_IDX 7
+#define SSL_ENC_CAMELLIA128_IDX 8
+#define SSL_ENC_CAMELLIA256_IDX 9
+#define SSL_ENC_GOST89_IDX 10
+#define SSL_ENC_SEED_IDX 11
+#define SSL_ENC_AES128GCM_IDX 12
+#define SSL_ENC_AES256GCM_IDX 13
+#define SSL_ENC_NUM_IDX 14
+
+static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL
+};
+
+#define SSL_COMP_NULL_IDX 0
+#define SSL_COMP_ZLIB_IDX 1
+#define SSL_COMP_NUM_IDX 2
+
+static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+
+#define SSL_MD_MD5_IDX 0
+#define SSL_MD_SHA1_IDX 1
+#define SSL_MD_GOST94_IDX 2
+#define SSL_MD_GOST89MAC_IDX 3
+#define SSL_MD_SHA256_IDX 4
+#define SSL_MD_SHA384_IDX 5
+/*
+ * Constant SSL_MAX_DIGEST equal to size of digests array should be defined
+ * in the ssl_locl.h
+ */
+#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
+static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
+ NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+/*
+ * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation
+ * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is
+ * found
+ */
+static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
+ EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
+ EVP_PKEY_HMAC, EVP_PKEY_HMAC
+};
+
+static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
+ 0, 0, 0, 0, 0, 0
+};
+
+static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
+ SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
+ SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
+ SSL_HANDSHAKE_MAC_SHA384
+};
+
+#define CIPHER_ADD 1
+#define CIPHER_KILL 2
+#define CIPHER_DEL 3
+#define CIPHER_ORD 4
+#define CIPHER_SPECIAL 5
+
+typedef struct cipher_order_st {
+ const SSL_CIPHER *cipher;
+ int active;
+ int dead;
+ struct cipher_order_st *next, *prev;
+} CIPHER_ORDER;
+
+static const SSL_CIPHER cipher_aliases[] = {
+ /* "ALL" doesn't include eNULL (must be specifically enabled) */
+ {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0},
+ /* "COMPLEMENTOFALL" */
+ {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+
+ /*
+ * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
+ * ALL!)
+ */
+ {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
+
+ /*
+ * key exchange aliases (some of those using only a single bit here
+ * combine multiple key exchange algs according to the RFCs, e.g. kEDH
+ * combines DHE_DSS and DHE_RSA)
+ */
+ {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0},
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0,
+ 0},
+
+ {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0,
+ 0, 0, 0},
+
+ {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ /* server authentication aliases */
+ {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0},
+
+ /* aliases combining key exchange and server authentication */
+ {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ /* symmetric encryption aliases */
+ {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
+ 0},
+ {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
+ 0},
+ {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
+ 0, 0},
+ {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
+ 0, 0, 0},
+
+ /* MAC aliases */
+ {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0},
+
+ /* protocol version aliases */
+ {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0},
+ {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
+ {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0},
+ {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0},
+
+ /* export flag */
+ {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
+ {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
+
+ /* strength classes */
+ {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0},
+ {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0},
+ {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
+ {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
+ {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
+ /* FIPS 140-2 approved ciphersuite */
+ {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0},
+};
+
+/*
+ * Search for public key algorithm with given name and return its pkey_id if
+ * it is available. Otherwise return 0
+ */
+#ifdef OPENSSL_NO_ENGINE
+
+static int get_optional_pkey_id(const char *pkey_name)
+{
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ int pkey_id = 0;
+ ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1);
+ if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
+ ameth) > 0) {
+ return pkey_id;
+ }
+ return 0;
+}
+
+#else
+
+static int get_optional_pkey_id(const char *pkey_name)
+{
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *tmpeng = NULL;
+ int pkey_id = 0;
+ ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1);
+ if (ameth) {
+ if (EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
+ ameth) <= 0)
+ pkey_id = 0;
+ }
+ if (tmpeng)
+ ENGINE_finish(tmpeng);
+ return pkey_id;
+}
+
+#endif
+
+void ssl_load_ciphers(void)
+{
+ ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc);
+ ssl_cipher_methods[SSL_ENC_3DES_IDX] =
+ EVP_get_cipherbyname(SN_des_ede3_cbc);
+ ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4);
+ ssl_cipher_methods[SSL_ENC_RC2_IDX] = EVP_get_cipherbyname(SN_rc2_cbc);
+#ifndef OPENSSL_NO_IDEA
+ ssl_cipher_methods[SSL_ENC_IDEA_IDX] = EVP_get_cipherbyname(SN_idea_cbc);
+#else
+ ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
+#endif
+ ssl_cipher_methods[SSL_ENC_AES128_IDX] =
+ EVP_get_cipherbyname(SN_aes_128_cbc);
+ ssl_cipher_methods[SSL_ENC_AES256_IDX] =
+ EVP_get_cipherbyname(SN_aes_256_cbc);
+ ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
+ EVP_get_cipherbyname(SN_camellia_128_cbc);
+ ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
+ EVP_get_cipherbyname(SN_camellia_256_cbc);
+ ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
+ EVP_get_cipherbyname(SN_gost89_cnt);
+ ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc);
+
+ ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
+ EVP_get_cipherbyname(SN_aes_128_gcm);
+ ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
+ EVP_get_cipherbyname(SN_aes_256_gcm);
+
+ ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5);
+ ssl_mac_secret_size[SSL_MD_MD5_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
+ ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1);
+ ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
+ ssl_digest_methods[SSL_MD_GOST94_IDX] =
+ EVP_get_digestbyname(SN_id_GostR3411_94);
+ if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
+ ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
+ }
+ ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
+ EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
+ ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
+ if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
+ ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
+ }
+
+ ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256);
+ ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
+ ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384);
+ ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
+}
+
+#ifndef OPENSSL_NO_COMP
+
+static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b)
+{
+ return ((*a)->id - (*b)->id);
+}
+
+static void load_builtin_compressions(void)
+{
+ int got_write_lock = 0;
+
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL);
+ if (ssl_comp_methods == NULL) {
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+ got_write_lock = 1;
+
+ if (ssl_comp_methods == NULL) {
+ SSL_COMP *comp = NULL;
+
+ MemCheck_off();
+ ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
+ if (ssl_comp_methods != NULL) {
+ comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+ if (comp != NULL) {
+ comp->method = COMP_zlib();
+ if (comp->method && comp->method->type == NID_undef)
+ OPENSSL_free(comp);
+ else {
+ comp->id = SSL_COMP_ZLIB_IDX;
+ comp->name = comp->method->name;
+ sk_SSL_COMP_push(ssl_comp_methods, comp);
+ }
+ }
+ sk_SSL_COMP_sort(ssl_comp_methods);
+ }
+ MemCheck_on();
+ }
+ }
+
+ if (got_write_lock)
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+ else
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
+}
+#endif
+
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+ const EVP_MD **md, int *mac_pkey_type,
+ int *mac_secret_size, SSL_COMP **comp)
+{
+ int i;
+ const SSL_CIPHER *c;
+
+ c = s->cipher;
+ if (c == NULL)
+ return (0);
+ if (comp != NULL) {
+ SSL_COMP ctmp;
+#ifndef OPENSSL_NO_COMP
+ load_builtin_compressions();
+#endif
+
+ *comp = NULL;
+ ctmp.id = s->compress_meth;
+ if (ssl_comp_methods != NULL) {
+ i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
+ if (i >= 0)
+ *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
+ else
+ *comp = NULL;
+ }
+ }
+
+ if ((enc == NULL) || (md == NULL))
+ return (0);
+
+ switch (c->algorithm_enc) {
+ case SSL_DES:
+ i = SSL_ENC_DES_IDX;
+ break;
+ case SSL_3DES:
+ i = SSL_ENC_3DES_IDX;
+ break;
+ case SSL_RC4:
+ i = SSL_ENC_RC4_IDX;
+ break;
+ case SSL_RC2:
+ i = SSL_ENC_RC2_IDX;
+ break;
+ case SSL_IDEA:
+ i = SSL_ENC_IDEA_IDX;
+ break;
+ case SSL_eNULL:
+ i = SSL_ENC_NULL_IDX;
+ break;
+ case SSL_AES128:
+ i = SSL_ENC_AES128_IDX;
+ break;
+ case SSL_AES256:
+ i = SSL_ENC_AES256_IDX;
+ break;
+ case SSL_CAMELLIA128:
+ i = SSL_ENC_CAMELLIA128_IDX;
+ break;
+ case SSL_CAMELLIA256:
+ i = SSL_ENC_CAMELLIA256_IDX;
+ break;
+ case SSL_eGOST2814789CNT:
+ i = SSL_ENC_GOST89_IDX;
+ break;
+ case SSL_SEED:
+ i = SSL_ENC_SEED_IDX;
+ break;
+ case SSL_AES128GCM:
+ i = SSL_ENC_AES128GCM_IDX;
+ break;
+ case SSL_AES256GCM:
+ i = SSL_ENC_AES256GCM_IDX;
+ break;
+ default:
+ i = -1;
+ break;
+ }
+
+ if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
+ *enc = NULL;
+ else {
+ if (i == SSL_ENC_NULL_IDX)
+ *enc = EVP_enc_null();
+ else
+ *enc = ssl_cipher_methods[i];
+ }
+
+ switch (c->algorithm_mac) {
+ case SSL_MD5:
+ i = SSL_MD_MD5_IDX;
+ break;
+ case SSL_SHA1:
+ i = SSL_MD_SHA1_IDX;
+ break;
+ case SSL_SHA256:
+ i = SSL_MD_SHA256_IDX;
+ break;
+ case SSL_SHA384:
+ i = SSL_MD_SHA384_IDX;
+ break;
+ case SSL_GOST94:
+ i = SSL_MD_GOST94_IDX;
+ break;
+ case SSL_GOST89MAC:
+ i = SSL_MD_GOST89MAC_IDX;
+ break;
+ default:
+ i = -1;
+ break;
+ }
+ if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
+ *md = NULL;
+ if (mac_pkey_type != NULL)
+ *mac_pkey_type = NID_undef;
+ if (mac_secret_size != NULL)
+ *mac_secret_size = 0;
+ if (c->algorithm_mac == SSL_AEAD)
+ mac_pkey_type = NULL;
+ } else {
+ *md = ssl_digest_methods[i];
+ if (mac_pkey_type != NULL)
+ *mac_pkey_type = ssl_mac_pkey_id[i];
+ if (mac_secret_size != NULL)
+ *mac_secret_size = ssl_mac_secret_size[i];
+ }
+
+ if ((*enc != NULL) &&
+ (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))
+ && (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
+ const EVP_CIPHER *evp;
+
+ if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
+ s->ssl_version < TLS1_VERSION)
+ return 1;
+
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return 1;
+#endif
+
+ if (c->algorithm_enc == SSL_RC4 &&
+ c->algorithm_mac == SSL_MD5 &&
+ (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES128 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES256 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
+ return (1);
+ } else
+ return (0);
+}
+
+int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
+{
+ if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
+ return 0;
+ }
+ *mask = ssl_handshake_digest_flag[idx];
+ if (*mask)
+ *md = ssl_digest_methods[idx];
+ else
+ *md = NULL;
+ return 1;
+}
+
+#define ITEM_SEP(a) \
+ (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
+
+static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+ CIPHER_ORDER **tail)
+{
+ if (curr == *tail)
+ return;
+ if (curr == *head)
+ *head = curr->next;
+ if (curr->prev != NULL)
+ curr->prev->next = curr->next;
+ if (curr->next != NULL)
+ curr->next->prev = curr->prev;
+ (*tail)->next = curr;
+ curr->prev = *tail;
+ curr->next = NULL;
+ *tail = curr;
+}
+
+static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+ CIPHER_ORDER **tail)
+{
+ if (curr == *head)
+ return;
+ if (curr == *tail)
+ *tail = curr->prev;
+ if (curr->next != NULL)
+ curr->next->prev = curr->prev;
+ if (curr->prev != NULL)
+ curr->prev->next = curr->next;
+ (*head)->prev = curr;
+ curr->next = *head;
+ curr->prev = NULL;
+ *head = curr;
+}
+
+static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
+ unsigned long *enc, unsigned long *mac,
+ unsigned long *ssl)
+{
+ *mkey = 0;
+ *auth = 0;
+ *enc = 0;
+ *mac = 0;
+ *ssl = 0;
+
+#ifdef OPENSSL_NO_RSA
+ *mkey |= SSL_kRSA;
+ *auth |= SSL_aRSA;
+#endif
+#ifdef OPENSSL_NO_DSA
+ *auth |= SSL_aDSS;
+#endif
+ *mkey |= SSL_kDHr | SSL_kDHd; /* no such ciphersuites supported! */
+ *auth |= SSL_aDH;
+#ifdef OPENSSL_NO_DH
+ *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH;
+ *auth |= SSL_aDH;
+#endif
+#ifdef OPENSSL_NO_KRB5
+ *mkey |= SSL_kKRB5;
+ *auth |= SSL_aKRB5;
+#endif
+#ifdef OPENSSL_NO_ECDSA
+ *auth |= SSL_aECDSA;
+#endif
+#ifdef OPENSSL_NO_ECDH
+ *mkey |= SSL_kECDHe | SSL_kECDHr;
+ *auth |= SSL_aECDH;
+#endif
+#ifdef OPENSSL_NO_PSK
+ *mkey |= SSL_kPSK;
+ *auth |= SSL_aPSK;
+#endif
+#ifdef OPENSSL_NO_SRP
+ *mkey |= SSL_kSRP;
+#endif
+ /*
+ * Check for presence of GOST 34.10 algorithms, and if they do not
+ * present, disable appropriate auth and key exchange
+ */
+ if (!get_optional_pkey_id("gost94")) {
+ *auth |= SSL_aGOST94;
+ }
+ if (!get_optional_pkey_id("gost2001")) {
+ *auth |= SSL_aGOST01;
+ }
+ /*
+ * Disable GOST key exchange if no GOST signature algs are available *
+ */
+ if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) {
+ *mkey |= SSL_kGOST;
+ }
+#ifdef SSL_FORBID_ENULL
+ *enc |= SSL_eNULL;
+#endif
+
+ *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
+ NULL) ? SSL_AES128GCM : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
+ NULL) ? SSL_AES256GCM : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] ==
+ NULL) ? SSL_CAMELLIA128 : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] ==
+ NULL) ? SSL_CAMELLIA256 : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_GOST89_IDX] ==
+ NULL) ? SSL_eGOST2814789CNT : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0;
+
+ *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL
+ || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] ==
+ NID_undef) ? SSL_GOST89MAC : 0;
+
+}
+
+static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
+ int num_of_ciphers,
+ unsigned long disabled_mkey,
+ unsigned long disabled_auth,
+ unsigned long disabled_enc,
+ unsigned long disabled_mac,
+ unsigned long disabled_ssl,
+ CIPHER_ORDER *co_list,
+ CIPHER_ORDER **head_p,
+ CIPHER_ORDER **tail_p)
+{
+ int i, co_list_num;
+ const SSL_CIPHER *c;
+
+ /*
+ * We have num_of_ciphers descriptions compiled in, depending on the
+ * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
+ * These will later be sorted in a linked list with at most num
+ * entries.
+ */
+
+ /* Get the initial list of ciphers */
+ co_list_num = 0; /* actual count of ciphers */
+ for (i = 0; i < num_of_ciphers; i++) {
+ c = ssl_method->get_cipher(i);
+ /* drop those that use any of that is not available */
+ if ((c != NULL) && c->valid &&
+#ifdef OPENSSL_FIPS
+ (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
+#endif
+ !(c->algorithm_mkey & disabled_mkey) &&
+ !(c->algorithm_auth & disabled_auth) &&
+ !(c->algorithm_enc & disabled_enc) &&
+ !(c->algorithm_mac & disabled_mac) &&
+ !(c->algorithm_ssl & disabled_ssl)) {
+ co_list[co_list_num].cipher = c;
+ co_list[co_list_num].next = NULL;
+ co_list[co_list_num].prev = NULL;
+ co_list[co_list_num].active = 0;
+ co_list_num++;
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id,
+ c->algorithm_mkey, c->algorithm_auth);
+#endif /* KSSL_DEBUG */
+ /*
+ * if (!sk_push(ca_list,(char *)c)) goto err;
+ */
+ }
+ }
+
+ /*
+ * Prepare linked list from list entries
+ */
+ if (co_list_num > 0) {
+ co_list[0].prev = NULL;
+
+ if (co_list_num > 1) {
+ co_list[0].next = &co_list[1];
+
+ for (i = 1; i < co_list_num - 1; i++) {
+ co_list[i].prev = &co_list[i - 1];
+ co_list[i].next = &co_list[i + 1];
+ }
+
+ co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
+ }
+
+ co_list[co_list_num - 1].next = NULL;
+
+ *head_p = &co_list[0];
+ *tail_p = &co_list[co_list_num - 1];
+ }
+}
+
+static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
+ int num_of_group_aliases,
+ unsigned long disabled_mkey,
+ unsigned long disabled_auth,
+ unsigned long disabled_enc,
+ unsigned long disabled_mac,
+ unsigned long disabled_ssl,
+ CIPHER_ORDER *head)
+{
+ CIPHER_ORDER *ciph_curr;
+ const SSL_CIPHER **ca_curr;
+ int i;
+ unsigned long mask_mkey = ~disabled_mkey;
+ unsigned long mask_auth = ~disabled_auth;
+ unsigned long mask_enc = ~disabled_enc;
+ unsigned long mask_mac = ~disabled_mac;
+ unsigned long mask_ssl = ~disabled_ssl;
+
+ /*
+ * First, add the real ciphers as already collected
+ */
+ ciph_curr = head;
+ ca_curr = ca_list;
+ while (ciph_curr != NULL) {
+ *ca_curr = ciph_curr->cipher;
+ ca_curr++;
+ ciph_curr = ciph_curr->next;
+ }
+
+ /*
+ * Now we add the available ones from the cipher_aliases[] table.
+ * They represent either one or more algorithms, some of which
+ * in any affected category must be supported (set in enabled_mask),
+ * or represent a cipher strength value (will be added in any case because algorithms=0).
+ */
+ for (i = 0; i < num_of_group_aliases; i++) {
+ unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
+ unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
+ unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
+ unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
+ unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
+
+ if (algorithm_mkey)
+ if ((algorithm_mkey & mask_mkey) == 0)
+ continue;
+
+ if (algorithm_auth)
+ if ((algorithm_auth & mask_auth) == 0)
+ continue;
+
+ if (algorithm_enc)
+ if ((algorithm_enc & mask_enc) == 0)
+ continue;
+
+ if (algorithm_mac)
+ if ((algorithm_mac & mask_mac) == 0)
+ continue;
+
+ if (algorithm_ssl)
+ if ((algorithm_ssl & mask_ssl) == 0)
+ continue;
+
+ *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
+ ca_curr++;
+ }
+
+ *ca_curr = NULL; /* end of list */
+}
+
+static void ssl_cipher_apply_rule(unsigned long cipher_id,
+ unsigned long alg_mkey,
+ unsigned long alg_auth,
+ unsigned long alg_enc,
+ unsigned long alg_mac,
+ unsigned long alg_ssl,
+ unsigned long algo_strength, int rule,
+ int strength_bits, CIPHER_ORDER **head_p,
+ CIPHER_ORDER **tail_p)
+{
+ CIPHER_ORDER *head, *tail, *curr, *next, *last;
+ const SSL_CIPHER *cp;
+ int reverse = 0;
+
+#ifdef CIPHER_DEBUG
+ fprintf(stderr,
+ "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
+ rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
+ algo_strength, strength_bits);
+#endif
+
+ if (rule == CIPHER_DEL)
+ reverse = 1; /* needed to maintain sorting between
+ * currently deleted ciphers */
+
+ head = *head_p;
+ tail = *tail_p;
+
+ if (reverse) {
+ next = tail;
+ last = head;
+ } else {
+ next = head;
+ last = tail;
+ }
+
+ curr = NULL;
+ for (;;) {
+ if (curr == last)
+ break;
+
+ curr = next;
+
+ if (curr == NULL)
+ break;
+
+ next = reverse ? curr->prev : curr->next;
+
+ cp = curr->cipher;
+
+ /*
+ * Selection criteria is either the value of strength_bits
+ * or the algorithms used.
+ */
+ if (strength_bits >= 0) {
+ if (strength_bits != cp->strength_bits)
+ continue;
+ } else {
+#ifdef CIPHER_DEBUG
+ fprintf(stderr,
+ "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n",
+ cp->name, cp->algorithm_mkey, cp->algorithm_auth,
+ cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl,
+ cp->algo_strength);
+#endif
+ if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
+ continue;
+ if (alg_auth && !(alg_auth & cp->algorithm_auth))
+ continue;
+ if (alg_enc && !(alg_enc & cp->algorithm_enc))
+ continue;
+ if (alg_mac && !(alg_mac & cp->algorithm_mac))
+ continue;
+ if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
+ continue;
+ if ((algo_strength & SSL_EXP_MASK)
+ && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
+ continue;
+ if ((algo_strength & SSL_STRONG_MASK)
+ && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
+ continue;
+ if ((algo_strength & SSL_NOT_DEFAULT)
+ && !(cp->algo_strength & SSL_NOT_DEFAULT))
+ continue;
+ }
+
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "Action = %d\n", rule);
+#endif
+
+ /* add the cipher if it has not been added yet. */
+ if (rule == CIPHER_ADD) {
+ /* reverse == 0 */
+ if (!curr->active) {
+ ll_append_tail(&head, curr, &tail);
+ curr->active = 1;
+ }
+ }
+ /* Move the added cipher to this location */
+ else if (rule == CIPHER_ORD) {
+ /* reverse == 0 */
+ if (curr->active) {
+ ll_append_tail(&head, curr, &tail);
+ }
+ } else if (rule == CIPHER_DEL) {
+ /* reverse == 1 */
+ if (curr->active) {
+ /*
+ * most recently deleted ciphersuites get best positions for
+ * any future CIPHER_ADD (note that the CIPHER_DEL loop works
+ * in reverse to maintain the order)
+ */
+ ll_append_head(&head, curr, &tail);
+ curr->active = 0;
+ }
+ } else if (rule == CIPHER_KILL) {
+ /* reverse == 0 */
+ if (head == curr)
+ head = curr->next;
+ else
+ curr->prev->next = curr->next;
+ if (tail == curr)
+ tail = curr->prev;
+ curr->active = 0;
+ if (curr->next != NULL)
+ curr->next->prev = curr->prev;
+ if (curr->prev != NULL)
+ curr->prev->next = curr->next;
+ curr->next = NULL;
+ curr->prev = NULL;
+ }
+ }
+
+ *head_p = head;
+ *tail_p = tail;
+}
+
+static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
+ CIPHER_ORDER **tail_p)
+{
+ int max_strength_bits, i, *number_uses;
+ CIPHER_ORDER *curr;
+
+ /*
+ * This routine sorts the ciphers with descending strength. The sorting
+ * must keep the pre-sorted sequence, so we apply the normal sorting
+ * routine as '+' movement to the end of the list.
+ */
+ max_strength_bits = 0;
+ curr = *head_p;
+ while (curr != NULL) {
+ if (curr->active && (curr->cipher->strength_bits > max_strength_bits))
+ max_strength_bits = curr->cipher->strength_bits;
+ curr = curr->next;
+ }
+
+ number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
+ if (!number_uses) {
+ SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
+
+ /*
+ * Now find the strength_bits values actually used
+ */
+ curr = *head_p;
+ while (curr != NULL) {
+ if (curr->active)
+ number_uses[curr->cipher->strength_bits]++;
+ curr = curr->next;
+ }
+ /*
+ * Go through the list of used strength_bits values in descending
+ * order.
+ */
+ for (i = max_strength_bits; i >= 0; i--)
+ if (number_uses[i] > 0)
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p,
+ tail_p);
+
+ OPENSSL_free(number_uses);
+ return (1);
+}
+
+static int ssl_cipher_process_rulestr(const char *rule_str,
+ CIPHER_ORDER **head_p,
+ CIPHER_ORDER **tail_p,
+ const SSL_CIPHER **ca_list)
+{
+ unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
+ algo_strength;
+ const char *l, *buf;
+ int j, multi, found, rule, retval, ok, buflen;
+ unsigned long cipher_id = 0;
+ char ch;
+
+ retval = 1;
+ l = rule_str;
+ for (;;) {
+ ch = *l;
+
+ if (ch == '\0')
+ break; /* done */
+ if (ch == '-') {
+ rule = CIPHER_DEL;
+ l++;
+ } else if (ch == '+') {
+ rule = CIPHER_ORD;
+ l++;
+ } else if (ch == '!') {
+ rule = CIPHER_KILL;
+ l++;
+ } else if (ch == '@') {
+ rule = CIPHER_SPECIAL;
+ l++;
+ } else {
+ rule = CIPHER_ADD;
+ }
+
+ if (ITEM_SEP(ch)) {
+ l++;
+ continue;
+ }
+
+ alg_mkey = 0;
+ alg_auth = 0;
+ alg_enc = 0;
+ alg_mac = 0;
+ alg_ssl = 0;
+ algo_strength = 0;
+
+ for (;;) {
+ ch = *l;
+ buf = l;
+ buflen = 0;
+#ifndef CHARSET_EBCDIC
+ while (((ch >= 'A') && (ch <= 'Z')) ||
+ ((ch >= '0') && (ch <= '9')) ||
+ ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.'))
+#else
+ while (isalnum(ch) || (ch == '-') || (ch == '.'))
+#endif
+ {
+ ch = *(++l);
+ buflen++;
+ }
+
+ if (buflen == 0) {
+ /*
+ * We hit something we cannot deal with,
+ * it is no command or separator nor
+ * alphanumeric, so we call this an error.
+ */
+ SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+ SSL_R_INVALID_COMMAND);
+ retval = found = 0;
+ l++;
+ break;
+ }
+
+ if (rule == CIPHER_SPECIAL) {
+ found = 0; /* unused -- avoid compiler warning */
+ break; /* special treatment */
+ }
+
+ /* check for multi-part specification */
+ if (ch == '+') {
+ multi = 1;
+ l++;
+ } else
+ multi = 0;
+
+ /*
+ * Now search for the cipher alias in the ca_list. Be careful
+ * with the strncmp, because the "buflen" limitation
+ * will make the rule "ADH:SOME" and the cipher
+ * "ADH-MY-CIPHER" look like a match for buflen=3.
+ * So additionally check whether the cipher name found
+ * has the correct length. We can save a strlen() call:
+ * just checking for the '\0' at the right place is
+ * sufficient, we have to strncmp() anyway. (We cannot
+ * use strcmp(), because buf is not '\0' terminated.)
+ */
+ j = found = 0;
+ cipher_id = 0;
+ while (ca_list[j]) {
+ if (!strncmp(buf, ca_list[j]->name, buflen) &&
+ (ca_list[j]->name[buflen] == '\0')) {
+ found = 1;
+ break;
+ } else
+ j++;
+ }
+
+ if (!found)
+ break; /* ignore this entry */
+
+ if (ca_list[j]->algorithm_mkey) {
+ if (alg_mkey) {
+ alg_mkey &= ca_list[j]->algorithm_mkey;
+ if (!alg_mkey) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_mkey = ca_list[j]->algorithm_mkey;
+ }
+
+ if (ca_list[j]->algorithm_auth) {
+ if (alg_auth) {
+ alg_auth &= ca_list[j]->algorithm_auth;
+ if (!alg_auth) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_auth = ca_list[j]->algorithm_auth;
+ }
+
+ if (ca_list[j]->algorithm_enc) {
+ if (alg_enc) {
+ alg_enc &= ca_list[j]->algorithm_enc;
+ if (!alg_enc) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_enc = ca_list[j]->algorithm_enc;
+ }
+
+ if (ca_list[j]->algorithm_mac) {
+ if (alg_mac) {
+ alg_mac &= ca_list[j]->algorithm_mac;
+ if (!alg_mac) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_mac = ca_list[j]->algorithm_mac;
+ }
+
+ if (ca_list[j]->algo_strength & SSL_EXP_MASK) {
+ if (algo_strength & SSL_EXP_MASK) {
+ algo_strength &=
+ (ca_list[j]->algo_strength & SSL_EXP_MASK) |
+ ~SSL_EXP_MASK;
+ if (!(algo_strength & SSL_EXP_MASK)) {
+ found = 0;
+ break;
+ }
+ } else
+ algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
+ }
+
+ if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
+ if (algo_strength & SSL_STRONG_MASK) {
+ algo_strength &=
+ (ca_list[j]->algo_strength & SSL_STRONG_MASK) |
+ ~SSL_STRONG_MASK;
+ if (!(algo_strength & SSL_STRONG_MASK)) {
+ found = 0;
+ break;
+ }
+ } else
+ algo_strength |=
+ ca_list[j]->algo_strength & SSL_STRONG_MASK;
+ }
+
+ if (ca_list[j]->algo_strength & SSL_NOT_DEFAULT) {
+ algo_strength |= SSL_NOT_DEFAULT;
+ }
+
+ if (ca_list[j]->valid) {
+ /*
+ * explicit ciphersuite found; its protocol version does not
+ * become part of the search pattern!
+ */
+
+ cipher_id = ca_list[j]->id;
+ } else {
+ /*
+ * not an explicit ciphersuite; only in this case, the
+ * protocol version is considered part of the search pattern
+ */
+
+ if (ca_list[j]->algorithm_ssl) {
+ if (alg_ssl) {
+ alg_ssl &= ca_list[j]->algorithm_ssl;
+ if (!alg_ssl) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_ssl = ca_list[j]->algorithm_ssl;
+ }
+ }
+
+ if (!multi)
+ break;
+ }
+
+ /*
+ * Ok, we have the rule, now apply it
+ */
+ if (rule == CIPHER_SPECIAL) { /* special command */
+ ok = 0;
+ if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
+ ok = ssl_cipher_strength_sort(head_p, tail_p);
+ else
+ SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+ SSL_R_INVALID_COMMAND);
+ if (ok == 0)
+ retval = 0;
+ /*
+ * We do not support any "multi" options
+ * together with "@", so throw away the
+ * rest of the command, if any left, until
+ * end or ':' is found.
+ */
+ while ((*l != '\0') && !ITEM_SEP(*l))
+ l++;
+ } else if (found) {
+ ssl_cipher_apply_rule(cipher_id,
+ alg_mkey, alg_auth, alg_enc, alg_mac,
+ alg_ssl, algo_strength, rule, -1, head_p,
+ tail_p);
+ } else {
+ while ((*l != '\0') && !ITEM_SEP(*l))
+ l++;
+ }
+ if (*l == '\0')
+ break; /* done */
+ }
+
+ return (retval);
+}
+
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER)
+ **cipher_list, STACK_OF(SSL_CIPHER)
+ **cipher_list_by_id,
+ const char *rule_str)
+{
+ int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
+ unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac,
+ disabled_ssl;
+ STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
+ const char *rule_p;
+ CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
+ const SSL_CIPHER **ca_list = NULL;
+
+ /*
+ * Return with error if nothing to do.
+ */
+ if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
+ return NULL;
+
+ /*
+ * To reduce the work to do we only want to process the compiled
+ * in algorithms, so we first get the mask of disabled ciphers.
+ */
+ ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc,
+ &disabled_mac, &disabled_ssl);
+
+ /*
+ * Now we have to collect the available ciphers from the compiled
+ * in ciphers. We cannot get more than the number compiled in, so
+ * it is used for allocation.
+ */
+ num_of_ciphers = ssl_method->num_ciphers();
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
+ num_of_ciphers);
+#endif /* KSSL_DEBUG */
+ co_list =
+ (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
+ if (co_list == NULL) {
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ return (NULL); /* Failure */
+ }
+
+ ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
+ disabled_mkey, disabled_auth, disabled_enc,
+ disabled_mac, disabled_ssl, co_list, &head,
+ &tail);
+
+ /* Now arrange all ciphers by preference: */
+
+ /*
+ * Everything else being equal, prefer ephemeral ECDH over other key
+ * exchange mechanisms
+ */
+ ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head,
+ &tail);
+ ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
+ &tail);
+
+ /* AES is our preferred symmetric cipher */
+ ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
+ &tail);
+
+ /* Temporarily enable everything else for sorting */
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+
+ /* Low priority for MD5 */
+ ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /*
+ * Move anonymous ciphers to the end. Usually, these will remain
+ * disabled. (For applications that allow them, they aren't too bad, but
+ * we prefer authenticated ciphers.)
+ */
+ ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /* Move ciphers without forward secrecy to the end */
+ ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+ /*
+ * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1,
+ * &head, &tail);
+ */
+ ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+ ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+ ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /* RC4 is sort-of broken -- move the the end */
+ ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /*
+ * Now sort by symmetric encryption strength. The above ordering remains
+ * in force within each class
+ */
+ if (!ssl_cipher_strength_sort(&head, &tail)) {
+ OPENSSL_free(co_list);
+ return NULL;
+ }
+
+ /* Now disable everything (maintaining the ordering!) */
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
+
+ /*
+ * We also need cipher aliases for selecting based on the rule_str.
+ * There might be two types of entries in the rule_str: 1) names
+ * of ciphers themselves 2) aliases for groups of ciphers.
+ * For 1) we need the available ciphers and for 2) the cipher
+ * groups of cipher_aliases added together in one list (otherwise
+ * we would be happy with just the cipher_aliases table).
+ */
+ num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
+ num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
+ ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
+ if (ca_list == NULL) {
+ OPENSSL_free(co_list);
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ return (NULL); /* Failure */
+ }
+ ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
+ disabled_mkey, disabled_auth, disabled_enc,
+ disabled_mac, disabled_ssl, head);
+
+ /*
+ * If the rule_string begins with DEFAULT, apply the default rule
+ * before using the (possibly available) additional rules.
+ */
+ ok = 1;
+ rule_p = rule_str;
+ if (strncmp(rule_str, "DEFAULT", 7) == 0) {
+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
+ &head, &tail, ca_list);
+ rule_p += 7;
+ if (*rule_p == ':')
+ rule_p++;
+ }
+
+ if (ok && (strlen(rule_p) > 0))
+ ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
+
+ OPENSSL_free((void *)ca_list); /* Not needed anymore */
+
+ if (!ok) { /* Rule processing failure */
+ OPENSSL_free(co_list);
+ return (NULL);
+ }
+
+ /*
+ * Allocate new "cipherstack" for the result, return with error
+ * if we cannot get one.
+ */
+ if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
+ OPENSSL_free(co_list);
+ return (NULL);
+ }
+
+ /*
+ * The cipher selection for the list is done. The ciphers are added
+ * to the resulting precedence to the STACK_OF(SSL_CIPHER).
+ */
+ for (curr = head; curr != NULL; curr = curr->next) {
+#ifdef OPENSSL_FIPS
+ if (curr->active
+ && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
+#else
+ if (curr->active)
+#endif
+ {
+ sk_SSL_CIPHER_push(cipherstack, curr->cipher);
+#ifdef CIPHER_DEBUG
+ fprintf(stderr, "<%s>\n", curr->cipher->name);
+#endif
+ }
+ }
+ OPENSSL_free(co_list); /* Not needed any longer */
+
+ tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
+ if (tmp_cipher_list == NULL) {
+ sk_SSL_CIPHER_free(cipherstack);
+ return NULL;
+ }
+ if (*cipher_list != NULL)
+ sk_SSL_CIPHER_free(*cipher_list);
+ *cipher_list = cipherstack;
+ if (*cipher_list_by_id != NULL)
+ sk_SSL_CIPHER_free(*cipher_list_by_id);
+ *cipher_list_by_id = tmp_cipher_list;
+ (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
+ ssl_cipher_ptr_id_cmp);
+
+ sk_SSL_CIPHER_sort(*cipher_list_by_id);
+ return (cipherstack);
+}
+
+char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
+{
+ int is_export, pkl, kl;
+ const char *ver, *exp_str;
+ const char *kx, *au, *enc, *mac;
+ unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
+#ifdef KSSL_DEBUG
+ static const char *format =
+ "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
+#else
+ static const char *format =
+ "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+#endif /* KSSL_DEBUG */
+
+ alg_mkey = cipher->algorithm_mkey;
+ alg_auth = cipher->algorithm_auth;
+ alg_enc = cipher->algorithm_enc;
+ alg_mac = cipher->algorithm_mac;
+ alg_ssl = cipher->algorithm_ssl;
+
+ alg2 = cipher->algorithm2;
+
+ is_export = SSL_C_IS_EXPORT(cipher);
+ pkl = SSL_C_EXPORT_PKEYLENGTH(cipher);
+ kl = SSL_C_EXPORT_KEYLENGTH(cipher);
+ exp_str = is_export ? " export" : "";
+
+ if (alg_ssl & SSL_SSLV2)
+ ver = "SSLv2";
+ else if (alg_ssl & SSL_SSLV3)
+ ver = "SSLv3";
+ else if (alg_ssl & SSL_TLSV1_2)
+ ver = "TLSv1.2";
+ else
+ ver = "unknown";
+
+ switch (alg_mkey) {
+ case SSL_kRSA:
+ kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA";
+ break;
+ case SSL_kDHr:
+ kx = "DH/RSA";
+ break;
+ case SSL_kDHd:
+ kx = "DH/DSS";
+ break;
+ case SSL_kKRB5:
+ kx = "KRB5";
+ break;
+ case SSL_kEDH:
+ kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH";
+ break;
+ case SSL_kECDHr:
+ kx = "ECDH/RSA";
+ break;
+ case SSL_kECDHe:
+ kx = "ECDH/ECDSA";
+ break;
+ case SSL_kEECDH:
+ kx = "ECDH";
+ break;
+ case SSL_kPSK:
+ kx = "PSK";
+ break;
+ case SSL_kSRP:
+ kx = "SRP";
+ break;
+ case SSL_kGOST:
+ kx = "GOST";
+ break;
+ default:
+ kx = "unknown";
+ }
+
+ switch (alg_auth) {
+ case SSL_aRSA:
+ au = "RSA";
+ break;
+ case SSL_aDSS:
+ au = "DSS";
+ break;
+ case SSL_aDH:
+ au = "DH";
+ break;
+ case SSL_aKRB5:
+ au = "KRB5";
+ break;
+ case SSL_aECDH:
+ au = "ECDH";
+ break;
+ case SSL_aNULL:
+ au = "None";
+ break;
+ case SSL_aECDSA:
+ au = "ECDSA";
+ break;
+ case SSL_aPSK:
+ au = "PSK";
+ break;
+ case SSL_aSRP:
+ au = "SRP";
+ break;
+ case SSL_aGOST94:
+ au = "GOST94";
+ break;
+ case SSL_aGOST01:
+ au = "GOST01";
+ break;
+ default:
+ au = "unknown";
+ break;
+ }
+
+ switch (alg_enc) {
+ case SSL_DES:
+ enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)";
+ break;
+ case SSL_3DES:
+ enc = "3DES(168)";
+ break;
+ case SSL_RC4:
+ enc = is_export ? (kl == 5 ? "RC4(40)" : "RC4(56)")
+ : ((alg2 & SSL2_CF_8_BYTE_ENC) ? "RC4(64)" : "RC4(128)");
+ break;
+ case SSL_RC2:
+ enc = is_export ? (kl == 5 ? "RC2(40)" : "RC2(56)") : "RC2(128)";
+ break;
+ case SSL_IDEA:
+ enc = "IDEA(128)";
+ break;
+ case SSL_eNULL:
+ enc = "None";
+ break;
+ case SSL_AES128:
+ enc = "AES(128)";
+ break;
+ case SSL_AES256:
+ enc = "AES(256)";
+ break;
+ case SSL_AES128GCM:
+ enc = "AESGCM(128)";
+ break;
+ case SSL_AES256GCM:
+ enc = "AESGCM(256)";
+ break;
+ case SSL_CAMELLIA128:
+ enc = "Camellia(128)";
+ break;
+ case SSL_CAMELLIA256:
+ enc = "Camellia(256)";
+ break;
+ case SSL_SEED:
+ enc = "SEED(128)";
+ break;
+ case SSL_eGOST2814789CNT:
+ enc = "GOST89(256)";
+ break;
+ default:
+ enc = "unknown";
+ break;
+ }
+
+ switch (alg_mac) {
+ case SSL_MD5:
+ mac = "MD5";
+ break;
+ case SSL_SHA1:
+ mac = "SHA1";
+ break;
+ case SSL_SHA256:
+ mac = "SHA256";
+ break;
+ case SSL_SHA384:
+ mac = "SHA384";
+ break;
+ case SSL_AEAD:
+ mac = "AEAD";
+ break;
+ case SSL_GOST89MAC:
+ mac = "GOST89";
+ break;
+ case SSL_GOST94:
+ mac = "GOST94";
+ break;
+ default:
+ mac = "unknown";
+ break;
+ }
+
+ if (buf == NULL) {
+ len = 128;
+ buf = OPENSSL_malloc(len);
+ if (buf == NULL)
+ return ("OPENSSL_malloc Error");
+ } else if (len < 128)
+ return ("Buffer too small");
+
+#ifdef KSSL_DEBUG
+ BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
+ exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl);
+#else
+ BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
+ exp_str);
+#endif /* KSSL_DEBUG */
+ return (buf);
+}
+
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
+{
+ int i;
+
+ if (c == NULL)
+ return ("(NONE)");
+ i = (int)(c->id >> 24L);
+ if (i == 3)
+ return ("TLSv1/SSLv3");
+ else if (i == 2)
+ return ("SSLv2");
+ else
+ return ("unknown");
+}
+
+/* return the actual cipher being used */
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
+{
+ if (c != NULL)
+ return (c->name);
+ return ("(NONE)");
+}
+
+/* number of bits for symmetric cipher */
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
+{
+ int ret = 0;
+
+ if (c != NULL) {
+ if (alg_bits != NULL)
+ *alg_bits = c->alg_bits;
+ ret = c->strength_bits;
+ }
+ return (ret);
+}
+
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
+{
+ return c->id;
+}
+
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
+{
+ SSL_COMP *ctmp;
+ int i, nn;
+
+ if ((n == 0) || (sk == NULL))
+ return (NULL);
+ nn = sk_SSL_COMP_num(sk);
+ for (i = 0; i < nn; i++) {
+ ctmp = sk_SSL_COMP_value(sk, i);
+ if (ctmp->id == n)
+ return (ctmp);
+ }
+ return (NULL);
+}
+
+#ifdef OPENSSL_NO_COMP
+void *SSL_COMP_get_compression_methods(void)
+{
+ return NULL;
+}
+
+int SSL_COMP_add_compression_method(int id, void *cm)
+{
+ return 1;
+}
+
+const char *SSL_COMP_get_name(const void *comp)
+{
+ return NULL;
+}
+#else
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
+{
+ load_builtin_compressions();
+ return (ssl_comp_methods);
+}
+
+int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
+{
+ SSL_COMP *comp;
+
+ if (cm == NULL || cm->type == NID_undef)
+ return 1;
+
+ /*-
+ * According to draft-ietf-tls-compression-04.txt, the
+ * compression number ranges should be the following:
+ *
+ * 0 to 63: methods defined by the IETF
+ * 64 to 192: external party methods assigned by IANA
+ * 193 to 255: reserved for private use
+ */
+ if (id < 193 || id > 255) {
+ SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
+ SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
+ return 0;
+ }
+
+ MemCheck_off();
+ comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+ comp->id = id;
+ comp->method = cm;
+ load_builtin_compressions();
+ if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
+ OPENSSL_free(comp);
+ MemCheck_on();
+ SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
+ SSL_R_DUPLICATE_COMPRESSION_ID);
+ return (1);
+ } else if ((ssl_comp_methods == NULL)
+ || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
+ OPENSSL_free(comp);
+ MemCheck_on();
+ SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
+ return (1);
+ } else {
+ MemCheck_on();
+ return (0);
+ }
+}
+
+const char *SSL_COMP_get_name(const COMP_METHOD *comp)
+{
+ if (comp)
+ return comp->name;
+ return NULL;
+}
+
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/ssl_err.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,797 +0,0 @@
-/* ssl/ssl_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
-
-static ERR_STRING_DATA SSL_str_functs[] = {
- {ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
- {ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
- {ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
- {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
- {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "DO_DTLS1_WRITE"},
- {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
- {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "DTLS1_ACCEPT"},
- {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
- {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
- {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "DTLS1_CHECK_TIMEOUT_NUM"},
- {ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "DTLS1_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_DTLS1_CONNECT), "DTLS1_CONNECT"},
- {ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
- {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
- {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE), "DTLS1_GET_MESSAGE"},
- {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT),
- "DTLS1_GET_MESSAGE_FRAGMENT"},
- {ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
- {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "DTLS1_HANDLE_TIMEOUT"},
- {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "DTLS1_HEARTBEAT"},
- {ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
- {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
- {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
- "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
- {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
- {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "DTLS1_READ_BYTES"},
- {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "DTLS1_READ_FAILED"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),
- "DTLS1_SEND_CERTIFICATE_REQUEST"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE),
- "DTLS1_SEND_CLIENT_CERTIFICATE"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE),
- "DTLS1_SEND_CLIENT_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY), "DTLS1_SEND_CLIENT_VERIFY"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
- "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE),
- "DTLS1_SEND_SERVER_CERTIFICATE"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "DTLS1_SEND_SERVER_HELLO"},
- {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),
- "DTLS1_SEND_SERVER_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
- "DTLS1_WRITE_APP_DATA_BYTES"},
- {ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
- {ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
- {ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
- {ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
- {ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
- {ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
- {ERR_FUNC(SSL_F_READ_N), "READ_N"},
- {ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
- {ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
- {ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
- {ERR_FUNC(SSL_F_SSL23_ACCEPT), "SSL23_ACCEPT"},
- {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_SSL23_CONNECT), "SSL23_CONNECT"},
- {ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
- {ERR_FUNC(SSL_F_SSL23_PEEK), "SSL23_PEEK"},
- {ERR_FUNC(SSL_F_SSL23_READ), "SSL23_READ"},
- {ERR_FUNC(SSL_F_SSL23_WRITE), "SSL23_WRITE"},
- {ERR_FUNC(SSL_F_SSL2_ACCEPT), "SSL2_ACCEPT"},
- {ERR_FUNC(SSL_F_SSL2_CONNECT), "SSL2_CONNECT"},
- {ERR_FUNC(SSL_F_SSL2_ENC_INIT), "SSL2_ENC_INIT"},
- {ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),
- "SSL2_GENERATE_KEY_MATERIAL"},
- {ERR_FUNC(SSL_F_SSL2_PEEK), "SSL2_PEEK"},
- {ERR_FUNC(SSL_F_SSL2_READ), "SSL2_READ"},
- {ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
- {ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "SSL2_SET_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SSL2_WRITE), "SSL2_WRITE"},
- {ERR_FUNC(SSL_F_SSL3_ACCEPT), "SSL3_ACCEPT"},
- {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
- {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "SSL3_CALLBACK_CTRL"},
- {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "SSL3_CHANGE_CIPHER_STATE"},
- {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
- "SSL3_CHECK_CERT_AND_ALGORITHM"},
- {ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "SSL3_CHECK_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "SSL3_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
- {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
- {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
- {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
- "SSL3_DIGEST_CACHED_RECORDS"},
- {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
- "SSL3_DO_CHANGE_CIPHER_SPEC"},
- {ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
- {ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
- {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
- {ERR_FUNC(SSL_F_SSL3_GENERATE_MASTER_SECRET),
- "ssl3_generate_master_secret"},
- {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),
- "SSL3_GET_CERTIFICATE_REQUEST"},
- {ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS), "SSL3_GET_CERT_STATUS"},
- {ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "SSL3_GET_CERT_VERIFY"},
- {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),
- "SSL3_GET_CLIENT_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "SSL3_GET_CLIENT_HELLO"},
- {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),
- "SSL3_GET_CLIENT_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "SSL3_GET_FINISHED"},
- {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
- {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),
- "SSL3_GET_NEW_SESSION_TICKET"},
- {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"},
- {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
- {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),
- "SSL3_GET_SERVER_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
- {ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
- {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
- {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
- {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "SSL3_OUTPUT_CERT_CHAIN"},
- {ERR_FUNC(SSL_F_SSL3_PEEK), "SSL3_PEEK"},
- {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "SSL3_READ_BYTES"},
- {ERR_FUNC(SSL_F_SSL3_READ_N), "SSL3_READ_N"},
- {ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST),
- "SSL3_SEND_CERTIFICATE_REQUEST"},
- {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),
- "SSL3_SEND_CLIENT_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),
- "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "SSL3_SEND_CLIENT_VERIFY"},
- {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),
- "SSL3_SEND_SERVER_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "SSL3_SEND_SERVER_HELLO"},
- {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),
- "SSL3_SEND_SERVER_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
- {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "SSL3_SETUP_READ_BUFFER"},
- {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "SSL3_SETUP_WRITE_BUFFER"},
- {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
- {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
- {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
- "SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
- {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
- "SSL_ADD_CLIENTHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
- "SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
- {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
- "SSL_add_dir_cert_subjects_to_stack"},
- {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),
- "SSL_add_file_cert_subjects_to_stack"},
- {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
- "SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
- {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
- "SSL_ADD_SERVERHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
- "SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
- {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
- {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
- {ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
- {ERR_FUNC(SSL_F_SSL_CERT_INST), "SSL_CERT_INST"},
- {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
- {ERR_FUNC(SSL_F_SSL_CERT_NEW), "SSL_CERT_NEW"},
- {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
- {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),
- "SSL_CHECK_SERVERHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
- "SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
- {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
- "SSL_CIPHER_PROCESS_RULESTR"},
- {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
- {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
- {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
- "SSL_COMP_add_compression_method"},
- {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
- {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
- {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
- {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
- {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
- {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
- {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),
- "SSL_CTX_set_client_cert_engine"},
- {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
- {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
- "SSL_CTX_set_session_id_context"},
- {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
- {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
- "SSL_CTX_use_certificate_ASN1"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),
- "SSL_CTX_use_certificate_chain_file"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),
- "SSL_CTX_use_certificate_file"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),
- "SSL_CTX_use_PrivateKey_ASN1"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),
- "SSL_CTX_use_PrivateKey_file"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),
- "SSL_CTX_use_psk_identity_hint"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),
- "SSL_CTX_use_RSAPrivateKey_ASN1"},
- {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),
- "SSL_CTX_use_RSAPrivateKey_file"},
- {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
- {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "SSL_GET_NEW_SESSION"},
- {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "SSL_GET_PREV_SESSION"},
- {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
- {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "SSL_GET_SERVER_SEND_PKEY"},
- {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"},
- {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"},
- {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
- {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
- {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),
- "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
- {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),
- "SSL_PARSE_CLIENTHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),
- "SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
- {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),
- "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
- {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),
- "SSL_PARSE_SERVERHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
- "SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
- {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
- {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
- "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),
- "SSL_PREPARE_SERVERHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
- {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
- {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
- {ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
- {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
- {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
- {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
- "SSL_SESSION_set1_id_context"},
- {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
- {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
- {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
- {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
- {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
- {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
- {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
- {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
- {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
- "SSL_set_session_id_context"},
- {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
- "SSL_set_session_ticket_ext"},
- {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
- {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
- {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
- {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
- {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
- "SSL_UNDEFINED_CONST_FUNCTION"},
- {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
- {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
- "SSL_UNDEFINED_VOID_FUNCTION"},
- {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
- {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
- {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
- {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
- {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
- {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
- {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
- {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
- {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
- "SSL_use_RSAPrivateKey_ASN1"},
- {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
- "SSL_use_RSAPrivateKey_file"},
- {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
- {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
- {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
- {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
- {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
- "TLS1_CHECK_SERVERHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
- {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
- "TLS1_EXPORT_KEYING_MATERIAL"},
- {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "SSL_F_TLS1_HEARTBEAT"},
- {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
- "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
- "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
- {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
- {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"},
- {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA SSL_str_reasons[] = {
- {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE), "app data in handshake"},
- {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
- "attempt to reuse session in different context"},
- {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
- {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
- {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
- {ERR_REASON(SSL_R_BAD_CHECKSUM), "bad checksum"},
- {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
- "bad data returned by callback"},
- {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
- {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
- {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
- {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
- {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
- {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
- {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
- {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
- {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
- {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
- {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
- {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
- {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
- {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
- {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
- {ERR_REASON(SSL_R_BAD_MAC_DECODE), "bad mac decode"},
- {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
- {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
- {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
- {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
- "bad protocol version number"},
- {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
- "bad psk identity hint length"},
- {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT), "bad response argument"},
- {ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
- {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
- {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH), "bad rsa e length"},
- {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
- {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
- {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
- {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
- {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
- {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
- {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
- {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
- {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
- {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
- {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
- "bad srtp protection profile list"},
- {ERR_REASON(SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
- {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),
- "bad ssl session id length"},
- {ERR_REASON(SSL_R_BAD_STATE), "bad state"},
- {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
- {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
- {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
- "block cipher pad is wrong"},
- {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
- {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
- {ERR_REASON(SSL_R_CA_DN_TOO_LONG), "ca dn too long"},
- {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
- {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
- "certificate verify failed"},
- {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
- {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
- {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
- {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),
- "cipher or hash unavailable"},
- {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
- {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
- {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),
- "compressed length too long"},
- {ERR_REASON(SSL_R_COMPRESSION_DISABLED), "compression disabled"},
- {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
- {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
- "compression id not within private range"},
- {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
- "compression library error"},
- {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),
- "connection id is different"},
- {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
- {ERR_REASON(SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
- {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
- "data between ccs and finished"},
- {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG), "data length too long"},
- {ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
- {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
- "decryption failed or bad record mac"},
- {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
- {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
- "dh public value length is wrong"},
- {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
- {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
- {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
- {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
- "ecc cert not for key agreement"},
- {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
- {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
- "ecc cert should have rsa signature"},
- {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
- "ecc cert should have sha1 signature"},
- {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
- "ecgroup too large for cipher"},
- {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
- "empty srtp protection profile list"},
- {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
- "encrypted length too long"},
- {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),
- "error generating tmp rsa key"},
- {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
- "error in received cipher list"},
- {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
- {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
- {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
- {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
- "got next proto before a ccs"},
- {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
- "got next proto without seeing extension"},
- {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
- {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
- {ERR_REASON(SSL_R_ILLEGAL_PADDING), "illegal padding"},
- {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
- {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
- {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
- {ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"},
- {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),
- "invalid compression algorithm"},
- {ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
- {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
- {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
- {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
- "invalid ticket keys length"},
- {ERR_REASON(SSL_R_INVALID_TRUST), "invalid trust"},
- {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG), "key arg too long"},
- {ERR_REASON(SSL_R_KRB5), "krb5"},
- {ERR_REASON(SSL_R_KRB5_C_CC_PRINC), "krb5 client cc principal (no tkt?)"},
- {ERR_REASON(SSL_R_KRB5_C_GET_CRED), "krb5 client get cred"},
- {ERR_REASON(SSL_R_KRB5_C_INIT), "krb5 client init"},
- {ERR_REASON(SSL_R_KRB5_C_MK_REQ), "krb5 client mk_req (expired tkt?)"},
- {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET), "krb5 server bad ticket"},
- {ERR_REASON(SSL_R_KRB5_S_INIT), "krb5 server init"},
- {ERR_REASON(SSL_R_KRB5_S_RD_REQ), "krb5 server rd_req (keytab perms?)"},
- {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED), "krb5 server tkt expired"},
- {ERR_REASON(SSL_R_KRB5_S_TKT_NYV), "krb5 server tkt not yet valid"},
- {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW), "krb5 server tkt skew"},
- {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
- {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
- {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
- {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
- {ERR_REASON(SSL_R_MESSAGE_TOO_LONG), "message too long"},
- {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT), "missing dh dsa cert"},
- {ERR_REASON(SSL_R_MISSING_DH_KEY), "missing dh key"},
- {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT), "missing dh rsa cert"},
- {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
- {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),
- "missing export tmp dh key"},
- {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),
- "missing export tmp rsa key"},
- {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
- {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),
- "missing rsa encrypting cert"},
- {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
- {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
- {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
- {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
- {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY), "missing tmp rsa key"},
- {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY), "missing tmp rsa pkey"},
- {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
- {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS), "multiple sgc restarts"},
- {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
- {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
- {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
- {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
- {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
- {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
- {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
- {ERR_REASON(SSL_R_NO_CIPHERS_PASSED), "no ciphers passed"},
- {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
- {ERR_REASON(SSL_R_NO_CIPHER_LIST), "no cipher list"},
- {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
- {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
- {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
- {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
- {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
- "Peer haven't sent GOST certificate, required for selected ciphersuite"},
- {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED), "no method specified"},
- {ERR_REASON(SSL_R_NO_PRIVATEKEY), "no privatekey"},
- {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
- {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
- {ERR_REASON(SSL_R_NO_PUBLICKEY), "no publickey"},
- {ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
- {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST),
- "digest requred for handshake isn't computed"},
- {ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
- {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
- {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
- {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
- {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
- {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
- "old session cipher not returned"},
- {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
- "old session compression algorithm not returned"},
- {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),
- "only tls allowed in fips mode"},
- {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),
- "opaque PRF input too long"},
- {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
- {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
- {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
- {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),
- "peer did not return a certificate"},
- {ERR_REASON(SSL_R_PEER_ERROR), "peer error"},
- {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
- {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),
- "peer error no certificate"},
- {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER), "peer error no cipher"},
- {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),
- "peer error unsupported certificate type"},
- {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
- {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),
- "problems mapping cipher functions"},
- {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
- {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
- {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
- {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
- {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
- {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA), "public key is not rsa"},
- {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
- {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
- {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
- {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
- {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
- {ERR_REASON(SSL_R_RECORD_TOO_LARGE), "record too large"},
- {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
- {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
- {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
- "renegotiation encoding err"},
- {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
- {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
- {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),
- "required compresssion algorithm missing"},
- {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),
- "reuse cert length not zero"},
- {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
- {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),
- "reuse cipher list not zero"},
- {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
- "scsv received when renegotiating"},
- {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
- {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
- "session id context uninitialized"},
- {ERR_REASON(SSL_R_SHORT_READ), "short read"},
- {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
- "signature algorithms error"},
- {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
- "signature for non signing certificate"},
- {ERR_REASON(SSL_R_SRP_A_CALC), "error with the srp params"},
- {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
- "srtp could not allocate profiles"},
- {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
- "srtp protection profile list too long"},
- {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
- "srtp unknown protection profile"},
- {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),
- "ssl23 doing session id reuse"},
- {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),
- "ssl2 connection id too long"},
- {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
- "ssl3 ext invalid ecpointformat"},
- {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
- "ssl3 ext invalid servername"},
- {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
- "ssl3 ext invalid servername type"},
- {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
- {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),
- "ssl3 session id too short"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),
- "sslv3 alert bad certificate"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),
- "sslv3 alert bad record mac"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),
- "sslv3 alert certificate expired"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),
- "sslv3 alert certificate revoked"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),
- "sslv3 alert certificate unknown"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),
- "sslv3 alert decompression failure"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),
- "sslv3 alert handshake failure"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),
- "sslv3 alert illegal parameter"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),
- "sslv3 alert no certificate"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),
- "sslv3 alert unexpected message"},
- {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),
- "sslv3 alert unsupported certificate"},
- {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
- "ssl ctx has no default ssl version"},
- {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE), "ssl handshake failure"},
- {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),
- "ssl library has no ciphers"},
- {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),
- "ssl session id callback failed"},
- {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
- {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),
- "ssl session id context too long"},
- {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
- "ssl session id has bad length"},
- {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),
- "ssl session id is different"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),
- "tlsv1 alert access denied"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),
- "tlsv1 alert decryption failed"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),
- "tlsv1 alert decrypt error"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),
- "tlsv1 alert export restriction"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),
- "tlsv1 alert inappropriate fallback"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),
- "tlsv1 alert insufficient security"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
- "tlsv1 alert internal error"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
- "tlsv1 alert no renegotiation"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
- "tlsv1 alert protocol version"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),
- "tlsv1 alert record overflow"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
- {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),
- "tlsv1 alert user cancelled"},
- {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),
- "tlsv1 bad certificate hash value"},
- {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),
- "tlsv1 bad certificate status response"},
- {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),
- "tlsv1 certificate unobtainable"},
- {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
- {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),
- "tlsv1 unsupported extension"},
- {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
- "tls client cert req with anon cipher"},
- {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
- "peer does not accept heartbeats"},
- {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
- "heartbeat request already pending"},
- {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
- "tls illegal exporter label"},
- {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
- "tls invalid ecpointformat list"},
- {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
- "tls peer did not respond with certificate list"},
- {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
- "tls rsa encrypted value length is wrong"},
- {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),
- "tried to use unsupported cipher"},
- {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),
- "unable to decode dh certs"},
- {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),
- "unable to decode ecdh certs"},
- {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),
- "unable to extract public key"},
- {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),
- "unable to find dh parameters"},
- {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
- "unable to find ecdh parameters"},
- {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
- "unable to find public key parameters"},
- {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),
- "unable to find ssl method"},
- {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),
- "unable to load ssl2 md5 routines"},
- {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
- "unable to load ssl3 md5 routines"},
- {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
- "unable to load ssl3 sha1 routines"},
- {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
- {ERR_REASON(SSL_R_UNEXPECTED_RECORD), "unexpected record"},
- {ERR_REASON(SSL_R_UNINITIALIZED), "uninitialized"},
- {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
- {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
- {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
- {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
- {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
- {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
- "unknown key exchange type"},
- {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
- {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
- {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),
- "unknown remote error type"},
- {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
- {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
- {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
- "unsafe legacy renegotiation disabled"},
- {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
- {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
- "unsupported compression algorithm"},
- {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
- {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
- "unsupported elliptic curve"},
- {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
- {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
- {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
- {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
- {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET), "write bio not set"},
- {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
- {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
- {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
- {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
- {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
- {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
- {ERR_REASON(SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
- {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER), "wrong version number"},
- {ERR_REASON(SSL_R_X509_LIB), "x509 lib"},
- {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),
- "x509 verification setup problems"},
- {0, NULL}
-};
-
-#endif
-
-void ERR_load_SSL_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
- if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
- ERR_load_strings(0, SSL_str_functs);
- ERR_load_strings(0, SSL_str_reasons);
- }
-#endif
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c (from rev 11605, vendor-crypto/openssl/dist/ssl/ssl_err.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_err.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,799 @@
+/* ssl/ssl_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
+
+static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
+ {ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
+ {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
+ {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "DO_DTLS1_WRITE"},
+ {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
+ {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "DTLS1_ACCEPT"},
+ {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
+ {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
+ {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "DTLS1_CHECK_TIMEOUT_NUM"},
+ {ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "DTLS1_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_DTLS1_CONNECT), "DTLS1_CONNECT"},
+ {ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
+ {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
+ {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE), "DTLS1_GET_MESSAGE"},
+ {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT),
+ "DTLS1_GET_MESSAGE_FRAGMENT"},
+ {ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
+ {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "DTLS1_HANDLE_TIMEOUT"},
+ {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "DTLS1_HEARTBEAT"},
+ {ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
+ {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
+ {ERR_FUNC(SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS),
+ "DTLS1_PROCESS_BUFFERED_RECORDS"},
+ {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
+ "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
+ {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
+ {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "DTLS1_READ_BYTES"},
+ {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "DTLS1_READ_FAILED"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),
+ "DTLS1_SEND_CERTIFICATE_REQUEST"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE),
+ "DTLS1_SEND_CLIENT_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE),
+ "DTLS1_SEND_CLIENT_KEY_EXCHANGE"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY), "DTLS1_SEND_CLIENT_VERIFY"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
+ "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE),
+ "DTLS1_SEND_SERVER_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "DTLS1_SEND_SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),
+ "DTLS1_SEND_SERVER_KEY_EXCHANGE"},
+ {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
+ "DTLS1_WRITE_APP_DATA_BYTES"},
+ {ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
+ {ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
+ {ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
+ {ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
+ {ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
+ {ERR_FUNC(SSL_F_READ_N), "READ_N"},
+ {ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
+ {ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
+ {ERR_FUNC(SSL_F_SSL23_ACCEPT), "SSL23_ACCEPT"},
+ {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL23_CONNECT), "SSL23_CONNECT"},
+ {ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_SSL23_PEEK), "SSL23_PEEK"},
+ {ERR_FUNC(SSL_F_SSL23_READ), "SSL23_READ"},
+ {ERR_FUNC(SSL_F_SSL23_WRITE), "SSL23_WRITE"},
+ {ERR_FUNC(SSL_F_SSL2_ACCEPT), "SSL2_ACCEPT"},
+ {ERR_FUNC(SSL_F_SSL2_CONNECT), "SSL2_CONNECT"},
+ {ERR_FUNC(SSL_F_SSL2_ENC_INIT), "SSL2_ENC_INIT"},
+ {ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),
+ "SSL2_GENERATE_KEY_MATERIAL"},
+ {ERR_FUNC(SSL_F_SSL2_PEEK), "SSL2_PEEK"},
+ {ERR_FUNC(SSL_F_SSL2_READ), "SSL2_READ"},
+ {ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
+ {ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "SSL2_SET_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_SSL2_WRITE), "SSL2_WRITE"},
+ {ERR_FUNC(SSL_F_SSL3_ACCEPT), "SSL3_ACCEPT"},
+ {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
+ {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "SSL3_CALLBACK_CTRL"},
+ {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "SSL3_CHANGE_CIPHER_STATE"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
+ "SSL3_CHECK_CERT_AND_ALGORITHM"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "SSL3_CHECK_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "SSL3_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
+ {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
+ {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
+ {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
+ "SSL3_DIGEST_CACHED_RECORDS"},
+ {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
+ "SSL3_DO_CHANGE_CIPHER_SPEC"},
+ {ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
+ {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
+ {ERR_FUNC(SSL_F_SSL3_GENERATE_MASTER_SECRET),
+ "ssl3_generate_master_secret"},
+ {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),
+ "SSL3_GET_CERTIFICATE_REQUEST"},
+ {ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS), "SSL3_GET_CERT_STATUS"},
+ {ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "SSL3_GET_CERT_VERIFY"},
+ {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),
+ "SSL3_GET_CLIENT_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "SSL3_GET_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),
+ "SSL3_GET_CLIENT_KEY_EXCHANGE"},
+ {ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "SSL3_GET_FINISHED"},
+ {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
+ {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
+ {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),
+ "SSL3_GET_NEW_SESSION_TICKET"},
+ {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"},
+ {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
+ {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),
+ "SSL3_GET_SERVER_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
+ {ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
+ {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
+ {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "SSL3_OUTPUT_CERT_CHAIN"},
+ {ERR_FUNC(SSL_F_SSL3_PEEK), "SSL3_PEEK"},
+ {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "SSL3_READ_BYTES"},
+ {ERR_FUNC(SSL_F_SSL3_READ_N), "SSL3_READ_N"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST),
+ "SSL3_SEND_CERTIFICATE_REQUEST"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),
+ "SSL3_SEND_CLIENT_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),
+ "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "SSL3_SEND_CLIENT_VERIFY"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),
+ "SSL3_SEND_SERVER_CERTIFICATE"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "SSL3_SEND_SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),
+ "SSL3_SEND_SERVER_KEY_EXCHANGE"},
+ {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
+ {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "SSL3_SETUP_READ_BUFFER"},
+ {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "SSL3_SETUP_WRITE_BUFFER"},
+ {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
+ {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
+ "SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
+ "SSL_ADD_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
+ "SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
+ "SSL_add_dir_cert_subjects_to_stack"},
+ {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),
+ "SSL_add_file_cert_subjects_to_stack"},
+ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
+ "SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
+ "SSL_ADD_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
+ "SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
+ {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
+ {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
+ {ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
+ {ERR_FUNC(SSL_F_SSL_CERT_INST), "SSL_CERT_INST"},
+ {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
+ {ERR_FUNC(SSL_F_SSL_CERT_NEW), "SSL_CERT_NEW"},
+ {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
+ {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),
+ "SSL_CHECK_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
+ "SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
+ {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
+ "SSL_CIPHER_PROCESS_RULESTR"},
+ {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
+ {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
+ {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
+ "SSL_COMP_add_compression_method"},
+ {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
+ {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
+ {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
+ {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
+ {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),
+ "SSL_CTX_set_client_cert_engine"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
+ "SSL_CTX_set_session_id_context"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
+ "SSL_CTX_use_certificate_ASN1"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),
+ "SSL_CTX_use_certificate_chain_file"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),
+ "SSL_CTX_use_certificate_file"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),
+ "SSL_CTX_use_PrivateKey_ASN1"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),
+ "SSL_CTX_use_PrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),
+ "SSL_CTX_use_psk_identity_hint"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),
+ "SSL_CTX_use_RSAPrivateKey_ASN1"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),
+ "SSL_CTX_use_RSAPrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
+ {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "SSL_GET_NEW_SESSION"},
+ {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "SSL_GET_PREV_SESSION"},
+ {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
+ {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "SSL_GET_SERVER_SEND_PKEY"},
+ {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"},
+ {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"},
+ {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
+ {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),
+ "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),
+ "SSL_PARSE_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),
+ "SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),
+ "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),
+ "SSL_PARSE_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
+ "SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
+ {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
+ {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
+ "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),
+ "SSL_PREPARE_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
+ {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
+ {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
+ {ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
+ {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
+ {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
+ {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
+ "SSL_SESSION_set1_id_context"},
+ {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
+ {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
+ {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
+ {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
+ {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
+ {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
+ {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
+ {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
+ {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
+ "SSL_set_session_id_context"},
+ {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
+ "SSL_set_session_ticket_ext"},
+ {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
+ {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
+ {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
+ {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
+ {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
+ "SSL_UNDEFINED_CONST_FUNCTION"},
+ {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
+ {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
+ "SSL_UNDEFINED_VOID_FUNCTION"},
+ {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
+ {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
+ {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
+ {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
+ {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
+ {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
+ {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
+ {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
+ "SSL_use_RSAPrivateKey_ASN1"},
+ {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
+ "SSL_use_RSAPrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
+ {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
+ {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
+ {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
+ {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
+ "TLS1_CHECK_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
+ {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
+ "TLS1_EXPORT_KEYING_MATERIAL"},
+ {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "SSL_F_TLS1_HEARTBEAT"},
+ {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
+ "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
+ "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
+ {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"},
+ {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
+ {0, NULL}
+};
+
+static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE), "app data in handshake"},
+ {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
+ "attempt to reuse session in different context"},
+ {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
+ {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
+ {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
+ {ERR_REASON(SSL_R_BAD_CHECKSUM), "bad checksum"},
+ {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
+ "bad data returned by callback"},
+ {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
+ {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
+ {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
+ {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
+ {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
+ {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
+ {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
+ {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
+ {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
+ {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
+ {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
+ {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
+ {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
+ {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
+ {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
+ {ERR_REASON(SSL_R_BAD_MAC_DECODE), "bad mac decode"},
+ {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
+ {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
+ {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
+ {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
+ "bad protocol version number"},
+ {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
+ "bad psk identity hint length"},
+ {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT), "bad response argument"},
+ {ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
+ {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
+ {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH), "bad rsa e length"},
+ {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
+ {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
+ {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
+ {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
+ {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
+ {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
+ {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
+ {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
+ {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
+ {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
+ {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
+ "bad srtp protection profile list"},
+ {ERR_REASON(SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
+ {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),
+ "bad ssl session id length"},
+ {ERR_REASON(SSL_R_BAD_STATE), "bad state"},
+ {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
+ {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
+ {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
+ "block cipher pad is wrong"},
+ {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
+ {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
+ {ERR_REASON(SSL_R_CA_DN_TOO_LONG), "ca dn too long"},
+ {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
+ {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
+ "certificate verify failed"},
+ {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
+ {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
+ {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
+ {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),
+ "cipher or hash unavailable"},
+ {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
+ {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
+ {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),
+ "compressed length too long"},
+ {ERR_REASON(SSL_R_COMPRESSION_DISABLED), "compression disabled"},
+ {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
+ {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
+ "compression id not within private range"},
+ {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
+ "compression library error"},
+ {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),
+ "connection id is different"},
+ {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
+ {ERR_REASON(SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
+ {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
+ "data between ccs and finished"},
+ {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG), "data length too long"},
+ {ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
+ {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
+ "decryption failed or bad record mac"},
+ {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
+ {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
+ "dh public value length is wrong"},
+ {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
+ {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
+ {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
+ {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
+ "ecc cert not for key agreement"},
+ {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
+ {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
+ "ecc cert should have rsa signature"},
+ {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
+ "ecc cert should have sha1 signature"},
+ {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
+ "ecgroup too large for cipher"},
+ {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
+ "empty srtp protection profile list"},
+ {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
+ "encrypted length too long"},
+ {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),
+ "error generating tmp rsa key"},
+ {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
+ "error in received cipher list"},
+ {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
+ {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
+ {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
+ {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
+ "got next proto before a ccs"},
+ {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
+ "got next proto without seeing extension"},
+ {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
+ {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
+ {ERR_REASON(SSL_R_ILLEGAL_PADDING), "illegal padding"},
+ {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
+ {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
+ {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
+ {ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"},
+ {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),
+ "invalid compression algorithm"},
+ {ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
+ {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
+ {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
+ {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
+ "invalid ticket keys length"},
+ {ERR_REASON(SSL_R_INVALID_TRUST), "invalid trust"},
+ {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG), "key arg too long"},
+ {ERR_REASON(SSL_R_KRB5), "krb5"},
+ {ERR_REASON(SSL_R_KRB5_C_CC_PRINC), "krb5 client cc principal (no tkt?)"},
+ {ERR_REASON(SSL_R_KRB5_C_GET_CRED), "krb5 client get cred"},
+ {ERR_REASON(SSL_R_KRB5_C_INIT), "krb5 client init"},
+ {ERR_REASON(SSL_R_KRB5_C_MK_REQ), "krb5 client mk_req (expired tkt?)"},
+ {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET), "krb5 server bad ticket"},
+ {ERR_REASON(SSL_R_KRB5_S_INIT), "krb5 server init"},
+ {ERR_REASON(SSL_R_KRB5_S_RD_REQ), "krb5 server rd_req (keytab perms?)"},
+ {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED), "krb5 server tkt expired"},
+ {ERR_REASON(SSL_R_KRB5_S_TKT_NYV), "krb5 server tkt not yet valid"},
+ {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW), "krb5 server tkt skew"},
+ {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
+ {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
+ {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
+ {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
+ {ERR_REASON(SSL_R_MESSAGE_TOO_LONG), "message too long"},
+ {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT), "missing dh dsa cert"},
+ {ERR_REASON(SSL_R_MISSING_DH_KEY), "missing dh key"},
+ {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT), "missing dh rsa cert"},
+ {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
+ {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),
+ "missing export tmp dh key"},
+ {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),
+ "missing export tmp rsa key"},
+ {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
+ {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),
+ "missing rsa encrypting cert"},
+ {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
+ {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
+ {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
+ {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
+ {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY), "missing tmp rsa key"},
+ {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY), "missing tmp rsa pkey"},
+ {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
+ {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS), "multiple sgc restarts"},
+ {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
+ {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
+ {ERR_REASON(SSL_R_NO_CIPHERS_PASSED), "no ciphers passed"},
+ {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
+ {ERR_REASON(SSL_R_NO_CIPHER_LIST), "no cipher list"},
+ {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
+ {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
+ {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
+ {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
+ {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
+ "Peer haven't sent GOST certificate, required for selected ciphersuite"},
+ {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED), "no method specified"},
+ {ERR_REASON(SSL_R_NO_PRIVATEKEY), "no privatekey"},
+ {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
+ {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
+ {ERR_REASON(SSL_R_NO_PUBLICKEY), "no publickey"},
+ {ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
+ {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST),
+ "digest requred for handshake isn't computed"},
+ {ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
+ {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
+ {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
+ {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
+ {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
+ {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
+ "old session cipher not returned"},
+ {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
+ "old session compression algorithm not returned"},
+ {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),
+ "only tls allowed in fips mode"},
+ {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),
+ "opaque PRF input too long"},
+ {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
+ {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
+ {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
+ {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),
+ "peer did not return a certificate"},
+ {ERR_REASON(SSL_R_PEER_ERROR), "peer error"},
+ {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
+ {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),
+ "peer error no certificate"},
+ {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER), "peer error no cipher"},
+ {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),
+ "peer error unsupported certificate type"},
+ {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
+ {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),
+ "problems mapping cipher functions"},
+ {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
+ {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
+ {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
+ {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
+ {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
+ {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA), "public key is not rsa"},
+ {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
+ {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
+ {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
+ {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
+ {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
+ {ERR_REASON(SSL_R_RECORD_TOO_LARGE), "record too large"},
+ {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
+ {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
+ {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
+ "renegotiation encoding err"},
+ {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
+ {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
+ {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),
+ "required compresssion algorithm missing"},
+ {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),
+ "reuse cert length not zero"},
+ {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
+ {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),
+ "reuse cipher list not zero"},
+ {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
+ "scsv received when renegotiating"},
+ {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
+ {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
+ "session id context uninitialized"},
+ {ERR_REASON(SSL_R_SHORT_READ), "short read"},
+ {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
+ "signature algorithms error"},
+ {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
+ "signature for non signing certificate"},
+ {ERR_REASON(SSL_R_SRP_A_CALC), "error with the srp params"},
+ {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
+ "srtp could not allocate profiles"},
+ {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
+ "srtp protection profile list too long"},
+ {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
+ "srtp unknown protection profile"},
+ {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),
+ "ssl23 doing session id reuse"},
+ {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),
+ "ssl2 connection id too long"},
+ {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
+ "ssl3 ext invalid ecpointformat"},
+ {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
+ "ssl3 ext invalid servername"},
+ {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
+ "ssl3 ext invalid servername type"},
+ {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
+ {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),
+ "ssl3 session id too short"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),
+ "sslv3 alert bad certificate"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),
+ "sslv3 alert bad record mac"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),
+ "sslv3 alert certificate expired"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),
+ "sslv3 alert certificate revoked"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),
+ "sslv3 alert certificate unknown"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),
+ "sslv3 alert decompression failure"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),
+ "sslv3 alert handshake failure"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),
+ "sslv3 alert illegal parameter"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),
+ "sslv3 alert no certificate"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),
+ "sslv3 alert unexpected message"},
+ {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),
+ "sslv3 alert unsupported certificate"},
+ {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
+ "ssl ctx has no default ssl version"},
+ {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE), "ssl handshake failure"},
+ {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),
+ "ssl library has no ciphers"},
+ {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),
+ "ssl session id callback failed"},
+ {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
+ {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),
+ "ssl session id context too long"},
+ {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
+ "ssl session id has bad length"},
+ {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),
+ "ssl session id is different"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),
+ "tlsv1 alert access denied"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),
+ "tlsv1 alert decryption failed"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),
+ "tlsv1 alert decrypt error"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),
+ "tlsv1 alert export restriction"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),
+ "tlsv1 alert inappropriate fallback"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),
+ "tlsv1 alert insufficient security"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
+ "tlsv1 alert internal error"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
+ "tlsv1 alert no renegotiation"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
+ "tlsv1 alert protocol version"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),
+ "tlsv1 alert record overflow"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
+ {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),
+ "tlsv1 alert user cancelled"},
+ {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),
+ "tlsv1 bad certificate hash value"},
+ {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),
+ "tlsv1 bad certificate status response"},
+ {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),
+ "tlsv1 certificate unobtainable"},
+ {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
+ {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),
+ "tlsv1 unsupported extension"},
+ {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
+ "tls client cert req with anon cipher"},
+ {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
+ "peer does not accept heartbeats"},
+ {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
+ "heartbeat request already pending"},
+ {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
+ "tls illegal exporter label"},
+ {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
+ "tls invalid ecpointformat list"},
+ {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
+ "tls peer did not respond with certificate list"},
+ {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
+ "tls rsa encrypted value length is wrong"},
+ {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),
+ "tried to use unsupported cipher"},
+ {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),
+ "unable to decode dh certs"},
+ {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),
+ "unable to decode ecdh certs"},
+ {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),
+ "unable to extract public key"},
+ {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),
+ "unable to find dh parameters"},
+ {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
+ "unable to find ecdh parameters"},
+ {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
+ "unable to find public key parameters"},
+ {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),
+ "unable to find ssl method"},
+ {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),
+ "unable to load ssl2 md5 routines"},
+ {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
+ "unable to load ssl3 md5 routines"},
+ {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
+ "unable to load ssl3 sha1 routines"},
+ {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
+ {ERR_REASON(SSL_R_UNEXPECTED_RECORD), "unexpected record"},
+ {ERR_REASON(SSL_R_UNINITIALIZED), "uninitialized"},
+ {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
+ {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
+ {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
+ {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
+ {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
+ {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
+ "unknown key exchange type"},
+ {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
+ {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
+ {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),
+ "unknown remote error type"},
+ {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
+ {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
+ {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
+ "unsafe legacy renegotiation disabled"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
+ "unsupported compression algorithm"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
+ "unsupported elliptic curve"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
+ {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
+ {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET), "write bio not set"},
+ {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
+ {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
+ {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
+ {ERR_REASON(SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
+ {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER), "wrong version number"},
+ {ERR_REASON(SSL_R_X509_LIB), "x509 lib"},
+ {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),
+ "x509 verification setup problems"},
+ {0, NULL}
+};
+
+#endif
+
+void ERR_load_SSL_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+ if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
+ ERR_load_strings(0, SSL_str_functs);
+ ERR_load_strings(0, SSL_str_reasons);
+ }
+#endif
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/ssl_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,3318 +0,0 @@
-/*
- * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifdef REF_CHECK
-# include <assert.h>
-#endif
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include <openssl/x509v3.h>
-#include <openssl/rand.h>
-#include <openssl/ocsp.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-const char *SSL_version_str = OPENSSL_VERSION_TEXT;
-
-SSL3_ENC_METHOD ssl3_undef_enc_method = {
- /*
- * evil casts, but these functions are only called if there's a library
- * bug
- */
- (int (*)(SSL *, int))ssl_undefined_function,
- (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
- ssl_undefined_function,
- (int (*)(SSL *, unsigned char *, unsigned char *, int))
- ssl_undefined_function,
- (int (*)(SSL *, int))ssl_undefined_function,
- (int (*)(SSL *, const char *, int, unsigned char *))
- ssl_undefined_function,
- 0, /* finish_mac_length */
- (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
- NULL, /* client_finished_label */
- 0, /* client_finished_label_len */
- NULL, /* server_finished_label */
- 0, /* server_finished_label_len */
- (int (*)(int))ssl_undefined_function,
- (int (*)(SSL *, unsigned char *, size_t, const char *,
- size_t, const unsigned char *, size_t,
- int use_context))ssl_undefined_function,
-};
-
-int SSL_clear(SSL *s)
-{
-
- if (s->method == NULL) {
- SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
- return (0);
- }
-
- if (ssl_clear_bad_session(s)) {
- SSL_SESSION_free(s->session);
- s->session = NULL;
- }
-
- s->error = 0;
- s->hit = 0;
- s->shutdown = 0;
-
-#if 0
- /*
- * Disabled since version 1.10 of this file (early return not
- * needed because SSL_clear is not called when doing renegotiation)
- */
- /*
- * This is set if we are doing dynamic renegotiation so keep
- * the old cipher. It is sort of a SSL_clear_lite :-)
- */
- if (s->renegotiate)
- return (1);
-#else
- if (s->renegotiate) {
- SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
- return 0;
- }
-#endif
-
- s->type = 0;
-
- s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
-
- s->version = s->method->version;
- s->client_version = s->version;
- s->rwstate = SSL_NOTHING;
- s->rstate = SSL_ST_READ_HEADER;
-#if 0
- s->read_ahead = s->ctx->read_ahead;
-#endif
-
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
-
- ssl_clear_cipher_ctx(s);
- ssl_clear_hash_ctx(&s->read_hash);
- ssl_clear_hash_ctx(&s->write_hash);
-
- s->first_packet = 0;
-
-#if 1
- /*
- * Check to see if we were changed into a different method, if so, revert
- * back if we are not doing session-id reuse.
- */
- if (!s->in_handshake && (s->session == NULL)
- && (s->method != s->ctx->method)) {
- s->method->ssl_free(s);
- s->method = s->ctx->method;
- if (!s->method->ssl_new(s))
- return (0);
- } else
-#endif
- s->method->ssl_clear(s);
- return (1);
-}
-
-/** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
-{
- STACK_OF(SSL_CIPHER) *sk;
-
- ctx->method = meth;
-
- sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
- &(ctx->cipher_list_by_id),
- meth->version ==
- SSL2_VERSION ? "SSLv2" :
- SSL_DEFAULT_CIPHER_LIST);
- if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
- SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
- SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
- return (0);
- }
- return (1);
-}
-
-SSL *SSL_new(SSL_CTX *ctx)
-{
- SSL *s;
-
- if (ctx == NULL) {
- SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
- return (NULL);
- }
- if (ctx->method == NULL) {
- SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
- return (NULL);
- }
-
- s = (SSL *)OPENSSL_malloc(sizeof(SSL));
- if (s == NULL)
- goto err;
- memset(s, 0, sizeof(SSL));
-
-#ifndef OPENSSL_NO_KRB5
- s->kssl_ctx = kssl_ctx_new();
-#endif /* OPENSSL_NO_KRB5 */
-
- s->options = ctx->options;
- s->mode = ctx->mode;
- s->max_cert_list = ctx->max_cert_list;
- s->references = 1;
-
- if (ctx->cert != NULL) {
- /*
- * Earlier library versions used to copy the pointer to the CERT, not
- * its contents; only when setting new parameters for the per-SSL
- * copy, ssl_cert_new would be called (and the direct reference to
- * the per-SSL_CTX settings would be lost, but those still were
- * indirectly accessed for various purposes, and for that reason they
- * used to be known as s->ctx->default_cert). Now we don't look at the
- * SSL_CTX's CERT after having duplicated it once.
- */
-
- s->cert = ssl_cert_dup(ctx->cert);
- if (s->cert == NULL)
- goto err;
- } else
- s->cert = NULL; /* Cannot really happen (see SSL_CTX_new) */
-
- s->read_ahead = ctx->read_ahead;
- s->msg_callback = ctx->msg_callback;
- s->msg_callback_arg = ctx->msg_callback_arg;
- s->verify_mode = ctx->verify_mode;
-#if 0
- s->verify_depth = ctx->verify_depth;
-#endif
- s->sid_ctx_length = ctx->sid_ctx_length;
- OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
- memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
- s->verify_callback = ctx->default_verify_callback;
- s->generate_session_id = ctx->generate_session_id;
-
- s->param = X509_VERIFY_PARAM_new();
- if (!s->param)
- goto err;
- X509_VERIFY_PARAM_inherit(s->param, ctx->param);
-#if 0
- s->purpose = ctx->purpose;
- s->trust = ctx->trust;
-#endif
- s->quiet_shutdown = ctx->quiet_shutdown;
- s->max_send_fragment = ctx->max_send_fragment;
-
- CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
- s->ctx = ctx;
-#ifndef OPENSSL_NO_TLSEXT
- s->tlsext_debug_cb = 0;
- s->tlsext_debug_arg = NULL;
- s->tlsext_ticket_expected = 0;
- s->tlsext_status_type = -1;
- s->tlsext_status_expected = 0;
- s->tlsext_ocsp_ids = NULL;
- s->tlsext_ocsp_exts = NULL;
- s->tlsext_ocsp_resp = NULL;
- s->tlsext_ocsp_resplen = -1;
- CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
- s->initial_ctx = ctx;
-# ifndef OPENSSL_NO_NEXTPROTONEG
- s->next_proto_negotiated = NULL;
-# endif
-#endif
-
- s->verify_result = X509_V_OK;
-
- s->method = ctx->method;
-
- if (!s->method->ssl_new(s))
- goto err;
-
- s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
-
- SSL_clear(s);
-
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-#ifndef OPENSSL_NO_PSK
- s->psk_client_callback = ctx->psk_client_callback;
- s->psk_server_callback = ctx->psk_server_callback;
-#endif
-
- return (s);
- err:
- if (s != NULL)
- SSL_free(s);
- SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
- return (NULL);
-}
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len)
-{
- if (sid_ctx_len > sizeof ctx->sid_ctx) {
- SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
- SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
- return 0;
- }
- ctx->sid_ctx_length = sid_ctx_len;
- memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
-
- return 1;
-}
-
-int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len)
-{
- if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
- SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
- SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
- return 0;
- }
- ssl->sid_ctx_length = sid_ctx_len;
- memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
-
- return 1;
-}
-
-int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
-{
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- ctx->generate_session_id = cb;
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- return 1;
-}
-
-int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
-{
- CRYPTO_w_lock(CRYPTO_LOCK_SSL);
- ssl->generate_session_id = cb;
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
- return 1;
-}
-
-int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
- unsigned int id_len)
-{
- /*
- * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
- * we can "construct" a session to give us the desired check - ie. to
- * find if there's a session in the hash table that would conflict with
- * any new session built out of this id/id_len and the ssl_version in use
- * by this SSL.
- */
- SSL_SESSION r, *p;
-
- if (id_len > sizeof r.session_id)
- return 0;
-
- r.ssl_version = ssl->version;
- r.session_id_length = id_len;
- memcpy(r.session_id, id, id_len);
- /*
- * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
- * callback is calling us to check the uniqueness of a shorter ID, it
- * must be compared as a padded-out ID because that is what it will be
- * converted to when the callback has finished choosing it.
- */
- if ((r.ssl_version == SSL2_VERSION) &&
- (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
- memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
- r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- }
-
- CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
- return (p != NULL);
-}
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
-{
- return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
-}
-
-int SSL_set_purpose(SSL *s, int purpose)
-{
- return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
-}
-
-int SSL_CTX_set_trust(SSL_CTX *s, int trust)
-{
- return X509_VERIFY_PARAM_set_trust(s->param, trust);
-}
-
-int SSL_set_trust(SSL *s, int trust)
-{
- return X509_VERIFY_PARAM_set_trust(s->param, trust);
-}
-
-int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
-{
- return X509_VERIFY_PARAM_set1(ctx->param, vpm);
-}
-
-int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
-{
- return X509_VERIFY_PARAM_set1(ssl->param, vpm);
-}
-
-void SSL_free(SSL *s)
-{
- int i;
-
- if (s == NULL)
- return;
-
- i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
-#ifdef REF_PRINT
- REF_PRINT("SSL", s);
-#endif
- if (i > 0)
- return;
-#ifdef REF_CHECK
- if (i < 0) {
- fprintf(stderr, "SSL_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
- if (s->param)
- X509_VERIFY_PARAM_free(s->param);
-
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
- if (s->bbio != NULL) {
- /* If the buffering BIO is in place, pop it off */
- if (s->bbio == s->wbio) {
- s->wbio = BIO_pop(s->wbio);
- }
- BIO_free(s->bbio);
- s->bbio = NULL;
- }
- if (s->rbio != NULL)
- BIO_free_all(s->rbio);
- if ((s->wbio != NULL) && (s->wbio != s->rbio))
- BIO_free_all(s->wbio);
-
- if (s->init_buf != NULL)
- BUF_MEM_free(s->init_buf);
-
- /* add extra stuff */
- if (s->cipher_list != NULL)
- sk_SSL_CIPHER_free(s->cipher_list);
- if (s->cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
- /* Make the next call work :-) */
- if (s->session != NULL) {
- ssl_clear_bad_session(s);
- SSL_SESSION_free(s->session);
- }
-
- ssl_clear_cipher_ctx(s);
- ssl_clear_hash_ctx(&s->read_hash);
- ssl_clear_hash_ctx(&s->write_hash);
-
- if (s->cert != NULL)
- ssl_cert_free(s->cert);
- /* Free up if allocated */
-
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_hostname)
- OPENSSL_free(s->tlsext_hostname);
- if (s->initial_ctx)
- SSL_CTX_free(s->initial_ctx);
-# ifndef OPENSSL_NO_EC
- if (s->tlsext_ecpointformatlist)
- OPENSSL_free(s->tlsext_ecpointformatlist);
- if (s->tlsext_ellipticcurvelist)
- OPENSSL_free(s->tlsext_ellipticcurvelist);
-# endif /* OPENSSL_NO_EC */
- if (s->tlsext_opaque_prf_input)
- OPENSSL_free(s->tlsext_opaque_prf_input);
- if (s->tlsext_ocsp_exts)
- sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
- if (s->tlsext_ocsp_ids)
- sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
-#endif
-
- if (s->client_CA != NULL)
- sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
-
- if (s->method != NULL)
- s->method->ssl_free(s);
-
- if (s->ctx)
- SSL_CTX_free(s->ctx);
-
-#ifndef OPENSSL_NO_KRB5
- if (s->kssl_ctx != NULL)
- kssl_ctx_free(s->kssl_ctx);
-#endif /* OPENSSL_NO_KRB5 */
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- if (s->next_proto_negotiated)
- OPENSSL_free(s->next_proto_negotiated);
-#endif
-
-#ifndef OPENSSL_NO_SRTP
- if (s->srtp_profiles)
- sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
-#endif
-
- OPENSSL_free(s);
-}
-
-void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
-{
- /*
- * If the output buffering BIO is still in place, remove it
- */
- if (s->bbio != NULL) {
- if (s->wbio == s->bbio) {
- s->wbio = s->wbio->next_bio;
- s->bbio->next_bio = NULL;
- }
- }
- if ((s->rbio != NULL) && (s->rbio != rbio))
- BIO_free_all(s->rbio);
- if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
- BIO_free_all(s->wbio);
- s->rbio = rbio;
- s->wbio = wbio;
-}
-
-BIO *SSL_get_rbio(const SSL *s)
-{
- return (s->rbio);
-}
-
-BIO *SSL_get_wbio(const SSL *s)
-{
- return (s->wbio);
-}
-
-int SSL_get_fd(const SSL *s)
-{
- return (SSL_get_rfd(s));
-}
-
-int SSL_get_rfd(const SSL *s)
-{
- int ret = -1;
- BIO *b, *r;
-
- b = SSL_get_rbio(s);
- r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
- if (r != NULL)
- BIO_get_fd(r, &ret);
- return (ret);
-}
-
-int SSL_get_wfd(const SSL *s)
-{
- int ret = -1;
- BIO *b, *r;
-
- b = SSL_get_wbio(s);
- r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
- if (r != NULL)
- BIO_get_fd(r, &ret);
- return (ret);
-}
-
-#ifndef OPENSSL_NO_SOCK
-int SSL_set_fd(SSL *s, int fd)
-{
- int ret = 0;
- BIO *bio = NULL;
-
- bio = BIO_new(BIO_s_socket());
-
- if (bio == NULL) {
- SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- goto err;
- }
- BIO_set_fd(bio, fd, BIO_NOCLOSE);
- SSL_set_bio(s, bio, bio);
- ret = 1;
- err:
- return (ret);
-}
-
-int SSL_set_wfd(SSL *s, int fd)
-{
- int ret = 0;
- BIO *bio = NULL;
-
- if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
- || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
- bio = BIO_new(BIO_s_socket());
-
- if (bio == NULL) {
- SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
- goto err;
- }
- BIO_set_fd(bio, fd, BIO_NOCLOSE);
- SSL_set_bio(s, SSL_get_rbio(s), bio);
- } else
- SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
- ret = 1;
- err:
- return (ret);
-}
-
-int SSL_set_rfd(SSL *s, int fd)
-{
- int ret = 0;
- BIO *bio = NULL;
-
- if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
- || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
- bio = BIO_new(BIO_s_socket());
-
- if (bio == NULL) {
- SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
- goto err;
- }
- BIO_set_fd(bio, fd, BIO_NOCLOSE);
- SSL_set_bio(s, bio, SSL_get_wbio(s));
- } else
- SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
- ret = 1;
- err:
- return (ret);
-}
-#endif
-
-/* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
-{
- size_t ret = 0;
-
- if (s->s3 != NULL) {
- ret = s->s3->tmp.finish_md_len;
- if (count > ret)
- count = ret;
- memcpy(buf, s->s3->tmp.finish_md, count);
- }
- return ret;
-}
-
-/* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
-{
- size_t ret = 0;
-
- if (s->s3 != NULL) {
- ret = s->s3->tmp.peer_finish_md_len;
- if (count > ret)
- count = ret;
- memcpy(buf, s->s3->tmp.peer_finish_md, count);
- }
- return ret;
-}
-
-int SSL_get_verify_mode(const SSL *s)
-{
- return (s->verify_mode);
-}
-
-int SSL_get_verify_depth(const SSL *s)
-{
- return X509_VERIFY_PARAM_get_depth(s->param);
-}
-
-int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
- return (s->verify_callback);
-}
-
-int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
-{
- return (ctx->verify_mode);
-}
-
-int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
-{
- return X509_VERIFY_PARAM_get_depth(ctx->param);
-}
-
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
- return (ctx->default_verify_callback);
-}
-
-void SSL_set_verify(SSL *s, int mode,
- int (*callback) (int ok, X509_STORE_CTX *ctx))
-{
- s->verify_mode = mode;
- if (callback != NULL)
- s->verify_callback = callback;
-}
-
-void SSL_set_verify_depth(SSL *s, int depth)
-{
- X509_VERIFY_PARAM_set_depth(s->param, depth);
-}
-
-void SSL_set_read_ahead(SSL *s, int yes)
-{
- s->read_ahead = yes;
-}
-
-int SSL_get_read_ahead(const SSL *s)
-{
- return (s->read_ahead);
-}
-
-int SSL_pending(const SSL *s)
-{
- /*
- * SSL_pending cannot work properly if read-ahead is enabled
- * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
- * impossible to fix since SSL_pending cannot report errors that may be
- * observed while scanning the new data. (Note that SSL_pending() is
- * often used as a boolean value, so we'd better not return -1.)
- */
- return (s->method->ssl_pending(s));
-}
-
-X509 *SSL_get_peer_certificate(const SSL *s)
-{
- X509 *r;
-
- if ((s == NULL) || (s->session == NULL))
- r = NULL;
- else
- r = s->session->peer;
-
- if (r == NULL)
- return (r);
-
- CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
-
- return (r);
-}
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
-{
- STACK_OF(X509) *r;
-
- if ((s == NULL) || (s->session == NULL)
- || (s->session->sess_cert == NULL))
- r = NULL;
- else
- r = s->session->sess_cert->cert_chain;
-
- /*
- * If we are a client, cert_chain includes the peer's own certificate; if
- * we are a server, it does not.
- */
-
- return (r);
-}
-
-/*
- * Now in theory, since the calling process own 't' it should be safe to
- * modify. We need to be able to read f without being hassled
- */
-void SSL_copy_session_id(SSL *t, const SSL *f)
-{
- CERT *tmp;
-
- /* Do we need to to SSL locking? */
- SSL_set_session(t, SSL_get_session(f));
-
- /*
- * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
- */
- if (t->method != f->method) {
- t->method->ssl_free(t); /* cleanup current */
- t->method = f->method; /* change method */
- t->method->ssl_new(t); /* setup new */
- }
-
- tmp = t->cert;
- if (f->cert != NULL) {
- CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
- t->cert = f->cert;
- } else
- t->cert = NULL;
- if (tmp != NULL)
- ssl_cert_free(tmp);
- SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
-}
-
-/* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(const SSL_CTX *ctx)
-{
- if ((ctx == NULL) ||
- (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
- SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
- SSL_R_NO_CERTIFICATE_ASSIGNED);
- return (0);
- }
- if (ctx->cert->key->privatekey == NULL) {
- SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
- SSL_R_NO_PRIVATE_KEY_ASSIGNED);
- return (0);
- }
- return (X509_check_private_key
- (ctx->cert->key->x509, ctx->cert->key->privatekey));
-}
-
-/* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(const SSL *ssl)
-{
- if (ssl == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
- return (0);
- }
- if (ssl->cert == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
- return 0;
- }
- if (ssl->cert->key->x509 == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
- return (0);
- }
- if (ssl->cert->key->privatekey == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
- return (0);
- }
- return (X509_check_private_key(ssl->cert->key->x509,
- ssl->cert->key->privatekey));
-}
-
-int SSL_accept(SSL *s)
-{
- if (s->handshake_func == 0)
- /* Not properly initialized yet */
- SSL_set_accept_state(s);
-
- return (s->method->ssl_accept(s));
-}
-
-int SSL_connect(SSL *s)
-{
- if (s->handshake_func == 0)
- /* Not properly initialized yet */
- SSL_set_connect_state(s);
-
- return (s->method->ssl_connect(s));
-}
-
-long SSL_get_default_timeout(const SSL *s)
-{
- return (s->method->get_timeout());
-}
-
-int SSL_read(SSL *s, void *buf, int num)
-{
- if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
- s->rwstate = SSL_NOTHING;
- return (0);
- }
- return (s->method->ssl_read(s, buf, num));
-}
-
-int SSL_peek(SSL *s, void *buf, int num)
-{
- if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
- return (0);
- }
- return (s->method->ssl_peek(s, buf, num));
-}
-
-int SSL_write(SSL *s, const void *buf, int num)
-{
- if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if (s->shutdown & SSL_SENT_SHUTDOWN) {
- s->rwstate = SSL_NOTHING;
- SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
- return (-1);
- }
- return (s->method->ssl_write(s, buf, num));
-}
-
-int SSL_shutdown(SSL *s)
-{
- /*
- * Note that this function behaves differently from what one might
- * expect. Return values are 0 for no success (yet), 1 for success; but
- * calling it once is usually not enough, even if blocking I/O is used
- * (see ssl3_shutdown).
- */
-
- if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if ((s != NULL) && !SSL_in_init(s))
- return (s->method->ssl_shutdown(s));
- else
- return (1);
-}
-
-int SSL_renegotiate(SSL *s)
-{
- if (s->renegotiate == 0)
- s->renegotiate = 1;
-
- s->new_session = 1;
-
- return (s->method->ssl_renegotiate(s));
-}
-
-int SSL_renegotiate_abbreviated(SSL *s)
-{
- if (s->renegotiate == 0)
- s->renegotiate = 1;
-
- s->new_session = 0;
-
- return (s->method->ssl_renegotiate(s));
-}
-
-int SSL_renegotiate_pending(SSL *s)
-{
- /*
- * becomes true when negotiation is requested; false again once a
- * handshake has finished
- */
- return (s->renegotiate != 0);
-}
-
-long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
- long l;
-
- switch (cmd) {
- case SSL_CTRL_GET_READ_AHEAD:
- return (s->read_ahead);
- case SSL_CTRL_SET_READ_AHEAD:
- l = s->read_ahead;
- s->read_ahead = larg;
- return (l);
-
- case SSL_CTRL_SET_MSG_CALLBACK_ARG:
- s->msg_callback_arg = parg;
- return 1;
-
- case SSL_CTRL_OPTIONS:
- return (s->options |= larg);
- case SSL_CTRL_CLEAR_OPTIONS:
- return (s->options &= ~larg);
- case SSL_CTRL_MODE:
- return (s->mode |= larg);
- case SSL_CTRL_CLEAR_MODE:
- return (s->mode &= ~larg);
- case SSL_CTRL_GET_MAX_CERT_LIST:
- return (s->max_cert_list);
- case SSL_CTRL_SET_MAX_CERT_LIST:
- l = s->max_cert_list;
- s->max_cert_list = larg;
- return (l);
- case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
- if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
- return 0;
- s->max_send_fragment = larg;
- return 1;
- case SSL_CTRL_GET_RI_SUPPORT:
- if (s->s3)
- return s->s3->send_connection_binding;
- else
- return 0;
- default:
- return (s->method->ssl_ctrl(s, cmd, larg, parg));
- }
-}
-
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
-{
- switch (cmd) {
- case SSL_CTRL_SET_MSG_CALLBACK:
- s->msg_callback = (void (*)
- (int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl,
- void *arg))(fp);
- return 1;
-
- default:
- return (s->method->ssl_callback_ctrl(s, cmd, fp));
- }
-}
-
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
-{
- return ctx->sessions;
-}
-
-long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
- long l;
-
- switch (cmd) {
- case SSL_CTRL_GET_READ_AHEAD:
- return (ctx->read_ahead);
- case SSL_CTRL_SET_READ_AHEAD:
- l = ctx->read_ahead;
- ctx->read_ahead = larg;
- return (l);
-
- case SSL_CTRL_SET_MSG_CALLBACK_ARG:
- ctx->msg_callback_arg = parg;
- return 1;
-
- case SSL_CTRL_GET_MAX_CERT_LIST:
- return (ctx->max_cert_list);
- case SSL_CTRL_SET_MAX_CERT_LIST:
- l = ctx->max_cert_list;
- ctx->max_cert_list = larg;
- return (l);
-
- case SSL_CTRL_SET_SESS_CACHE_SIZE:
- l = ctx->session_cache_size;
- ctx->session_cache_size = larg;
- return (l);
- case SSL_CTRL_GET_SESS_CACHE_SIZE:
- return (ctx->session_cache_size);
- case SSL_CTRL_SET_SESS_CACHE_MODE:
- l = ctx->session_cache_mode;
- ctx->session_cache_mode = larg;
- return (l);
- case SSL_CTRL_GET_SESS_CACHE_MODE:
- return (ctx->session_cache_mode);
-
- case SSL_CTRL_SESS_NUMBER:
- return (lh_SSL_SESSION_num_items(ctx->sessions));
- case SSL_CTRL_SESS_CONNECT:
- return (ctx->stats.sess_connect);
- case SSL_CTRL_SESS_CONNECT_GOOD:
- return (ctx->stats.sess_connect_good);
- case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
- return (ctx->stats.sess_connect_renegotiate);
- case SSL_CTRL_SESS_ACCEPT:
- return (ctx->stats.sess_accept);
- case SSL_CTRL_SESS_ACCEPT_GOOD:
- return (ctx->stats.sess_accept_good);
- case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
- return (ctx->stats.sess_accept_renegotiate);
- case SSL_CTRL_SESS_HIT:
- return (ctx->stats.sess_hit);
- case SSL_CTRL_SESS_CB_HIT:
- return (ctx->stats.sess_cb_hit);
- case SSL_CTRL_SESS_MISSES:
- return (ctx->stats.sess_miss);
- case SSL_CTRL_SESS_TIMEOUTS:
- return (ctx->stats.sess_timeout);
- case SSL_CTRL_SESS_CACHE_FULL:
- return (ctx->stats.sess_cache_full);
- case SSL_CTRL_OPTIONS:
- return (ctx->options |= larg);
- case SSL_CTRL_CLEAR_OPTIONS:
- return (ctx->options &= ~larg);
- case SSL_CTRL_MODE:
- return (ctx->mode |= larg);
- case SSL_CTRL_CLEAR_MODE:
- return (ctx->mode &= ~larg);
- case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
- if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
- return 0;
- ctx->max_send_fragment = larg;
- return 1;
- default:
- return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
- }
-}
-
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
-{
- switch (cmd) {
- case SSL_CTRL_SET_MSG_CALLBACK:
- ctx->msg_callback = (void (*)
- (int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl,
- void *arg))(fp);
- return 1;
-
- default:
- return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
- }
-}
-
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
-{
- long l;
-
- l = a->id - b->id;
- if (l == 0L)
- return (0);
- else
- return ((l > 0) ? 1 : -1);
-}
-
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
- const SSL_CIPHER *const *bp)
-{
- long l;
-
- l = (*ap)->id - (*bp)->id;
- if (l == 0L)
- return (0);
- else
- return ((l > 0) ? 1 : -1);
-}
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
-{
- if (s != NULL) {
- if (s->cipher_list != NULL) {
- return (s->cipher_list);
- } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
- return (s->ctx->cipher_list);
- }
- }
- return (NULL);
-}
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * algorithm id */
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
-{
- if (s != NULL) {
- if (s->cipher_list_by_id != NULL) {
- return (s->cipher_list_by_id);
- } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
- return (s->ctx->cipher_list_by_id);
- }
- }
- return (NULL);
-}
-
-/** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(const SSL *s, int n)
-{
- SSL_CIPHER *c;
- STACK_OF(SSL_CIPHER) *sk;
-
- if (s == NULL)
- return (NULL);
- sk = SSL_get_ciphers(s);
- if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
- return (NULL);
- c = sk_SSL_CIPHER_value(sk, n);
- if (c == NULL)
- return (NULL);
- return (c->name);
-}
-
-/** specify the ciphers to be used by default by the SSL_CTX */
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
-{
- STACK_OF(SSL_CIPHER) *sk;
-
- sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
- &ctx->cipher_list_by_id, str);
- /*
- * ssl_create_cipher_list may return an empty stack if it was unable to
- * find a cipher matching the given rule string (for example if the rule
- * string specifies a cipher which has been disabled). This is not an
- * error as far as ssl_create_cipher_list is concerned, and hence
- * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
- */
- if (sk == NULL)
- return 0;
- else if (sk_SSL_CIPHER_num(sk) == 0) {
- SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
- return 0;
- }
- return 1;
-}
-
-/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_list(SSL *s, const char *str)
-{
- STACK_OF(SSL_CIPHER) *sk;
-
- sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
- &s->cipher_list_by_id, str);
- /* see comment in SSL_CTX_set_cipher_list */
- if (sk == NULL)
- return 0;
- else if (sk_SSL_CIPHER_num(sk) == 0) {
- SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
- return 0;
- }
- return 1;
-}
-
-/* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
-{
- char *p;
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *c;
- int i;
-
- if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
- return (NULL);
-
- p = buf;
- sk = s->session->ciphers;
-
- if (sk_SSL_CIPHER_num(sk) == 0)
- return NULL;
-
- for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
- int n;
-
- c = sk_SSL_CIPHER_value(sk, i);
- n = strlen(c->name);
- if (n + 1 > len) {
- if (p != buf)
- --p;
- *p = '\0';
- return buf;
- }
- strcpy(p, c->name);
- p += n;
- *(p++) = ':';
- len -= n + 1;
- }
- p[-1] = '\0';
- return (buf);
-}
-
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
- unsigned char *p,
- int (*put_cb) (const SSL_CIPHER *,
- unsigned char *))
-{
- int i, j = 0;
- SSL_CIPHER *c;
- unsigned char *q;
-#ifndef OPENSSL_NO_KRB5
- int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
-#endif /* OPENSSL_NO_KRB5 */
-
- if (sk == NULL)
- return (0);
- q = p;
- if (put_cb == NULL)
- put_cb = s->method->put_cipher_by_char;
-
- for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
- c = sk_SSL_CIPHER_value(sk, i);
- /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
- if ((c->algorithm_ssl & SSL_TLSV1_2) &&
- (TLS1_get_client_version(s) < TLS1_2_VERSION))
- continue;
-#ifndef OPENSSL_NO_KRB5
- if (((c->algorithm_mkey & SSL_kKRB5)
- || (c->algorithm_auth & SSL_aKRB5)) && nokrb5)
- continue;
-#endif /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_PSK
- /* with PSK there must be client callback set */
- if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK))
- && s->psk_client_callback == NULL)
- continue;
-#endif /* OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
- if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP))
- && !(s->srp_ctx.srp_Mask & SSL_kSRP))
- continue;
-#endif /* OPENSSL_NO_SRP */
- j = put_cb(c, p);
- p += j;
- }
- /*
- * If p == q, no ciphers; caller indicates an error. Otherwise, add
- * applicable SCSVs.
- */
- if (p != q) {
- if (!s->renegotiate) {
- static SSL_CIPHER scsv = {
- 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
- };
- j = put_cb(&scsv, p);
- p += j;
-#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr,
- "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
-#endif
- }
-
- if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
- static SSL_CIPHER scsv = {
- 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
- };
- j = put_cb(&scsv, p);
- p += j;
- }
- }
-
- return (p - q);
-}
-
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
- int num,
- STACK_OF(SSL_CIPHER) **skp)
-{
- const SSL_CIPHER *c;
- STACK_OF(SSL_CIPHER) *sk;
- int i, n;
-
- if (s->s3)
- s->s3->send_connection_binding = 0;
-
- n = ssl_put_cipher_by_char(s, NULL, NULL);
- if (n == 0 || (num % n) != 0) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
- SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
- return (NULL);
- }
- if ((skp == NULL) || (*skp == NULL)) {
- sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
- if(sk == NULL) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- } else {
- sk = *skp;
- sk_SSL_CIPHER_zero(sk);
- }
-
- for (i = 0; i < num; i += n) {
- /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
- if (s->s3 && (n != 3 || !p[0]) &&
- (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
- (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
- /* SCSV fatal if renegotiating */
- if (s->renegotiate) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
- SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- goto err;
- }
- s->s3->send_connection_binding = 1;
- p += n;
-#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "SCSV received by server\n");
-#endif
- continue;
- }
-
- /* Check for TLS_FALLBACK_SCSV */
- if ((n != 3 || !p[0]) &&
- (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
- (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
- /*
- * The SCSV indicates that the client previously tried a higher
- * version. Fail if the current version is an unexpected
- * downgrade.
- */
- if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
- SSL_R_INAPPROPRIATE_FALLBACK);
- if (s->s3)
- ssl3_send_alert(s, SSL3_AL_FATAL,
- SSL_AD_INAPPROPRIATE_FALLBACK);
- goto err;
- }
- p += n;
- continue;
- }
-
- c = ssl_get_cipher_by_char(s, p);
- p += n;
- if (c != NULL) {
- if (!sk_SSL_CIPHER_push(sk, c)) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- }
-
- if (skp != NULL)
- *skp = sk;
- return (sk);
- err:
- if ((skp == NULL) || (*skp == NULL))
- sk_SSL_CIPHER_free(sk);
- return (NULL);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-/** return a servername extension value if provided in Client Hello, or NULL.
- * So far, only host_name types are defined (RFC 3546).
- */
-
-const char *SSL_get_servername(const SSL *s, const int type)
-{
- if (type != TLSEXT_NAMETYPE_host_name)
- return NULL;
-
- return s->session && !s->tlsext_hostname ?
- s->session->tlsext_hostname : s->tlsext_hostname;
-}
-
-int SSL_get_servername_type(const SSL *s)
-{
- if (s->session
- && (!s->tlsext_hostname ? s->session->
- tlsext_hostname : s->tlsext_hostname))
- return TLSEXT_NAMETYPE_host_name;
- return -1;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * SSL_select_next_proto implements the standard protocol selection. It is
- * expected that this function is called from the callback set by
- * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
- * vector of 8-bit, length prefixed byte strings. The length byte itself is
- * not included in the length. A byte string of length 0 is invalid. No byte
- * string may be truncated. The current, but experimental algorithm for
- * selecting the protocol is: 1) If the server doesn't support NPN then this
- * is indicated to the callback. In this case, the client application has to
- * abort the connection or have a default application level protocol. 2) If
- * the server supports NPN, but advertises an empty list then the client
- * selects the first protcol in its list, but indicates via the API that this
- * fallback case was enacted. 3) Otherwise, the client finds the first
- * protocol in the server's list that it supports and selects this protocol.
- * This is because it's assumed that the server has better information about
- * which protocol a client should use. 4) If the client doesn't support any
- * of the server's advertised protocols, then this is treated the same as
- * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
- * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
- */
-int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
- const unsigned char *server,
- unsigned int server_len,
- const unsigned char *client,
- unsigned int client_len)
-{
- unsigned int i, j;
- const unsigned char *result;
- int status = OPENSSL_NPN_UNSUPPORTED;
-
- /*
- * For each protocol in server preference order, see if we support it.
- */
- for (i = 0; i < server_len;) {
- for (j = 0; j < client_len;) {
- if (server[i] == client[j] &&
- memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
- /* We found a match */
- result = &server[i];
- status = OPENSSL_NPN_NEGOTIATED;
- goto found;
- }
- j += client[j];
- j++;
- }
- i += server[i];
- i++;
- }
-
- /* There's no overlap between our protocols and the server's list. */
- result = client;
- status = OPENSSL_NPN_NO_OVERLAP;
-
- found:
- *out = (unsigned char *)result + 1;
- *outlen = result[0];
- return status;
-}
-
-/*
- * SSL_get0_next_proto_negotiated sets *data and *len to point to the
- * client's requested protocol for this connection and returns 0. If the
- * client didn't request any protocol, then *data is set to NULL. Note that
- * the client can request any protocol it chooses. The value returned from
- * this function need not be a member of the list of supported protocols
- * provided by the callback.
- */
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
- unsigned *len)
-{
- *data = s->next_proto_negotiated;
- if (!*data) {
- *len = 0;
- } else {
- *len = s->next_proto_negotiated_len;
- }
-}
-
-/*
- * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
- * a TLS server needs a list of supported protocols for Next Protocol
- * Negotiation. The returned list must be in wire format. The list is
- * returned by setting |out| to point to it and |outlen| to its length. This
- * memory will not be modified, but one should assume that the SSL* keeps a
- * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
- * wishes to advertise. Otherwise, no such extension will be included in the
- * ServerHello.
- */
-void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
- const unsigned char
- **out,
- unsigned int *outlen,
- void *arg), void *arg)
-{
- ctx->next_protos_advertised_cb = cb;
- ctx->next_protos_advertised_cb_arg = arg;
-}
-
-/*
- * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
- * client needs to select a protocol from the server's provided list. |out|
- * must be set to point to the selected protocol (which may be within |in|).
- * The length of the protocol name must be written into |outlen|. The
- * server's advertised protocols are provided in |in| and |inlen|. The
- * callback can assume that |in| is syntactically valid. The client must
- * select a protocol. It is fatal to the connection if this callback returns
- * a value other than SSL_TLSEXT_ERR_OK.
- */
-void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
- int (*cb) (SSL *s, unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg), void *arg)
-{
- ctx->next_proto_select_cb = cb;
- ctx->next_proto_select_cb_arg = arg;
-}
-# endif
-#endif
-
-int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
- const char *label, size_t llen,
- const unsigned char *p, size_t plen,
- int use_context)
-{
- if (s->version < TLS1_VERSION)
- return -1;
-
- return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
- llen, p, plen,
- use_context);
-}
-
-static unsigned long ssl_session_hash(const SSL_SESSION *a)
-{
- unsigned long l;
-
- l = (unsigned long)
- ((unsigned int)a->session_id[0]) |
- ((unsigned int)a->session_id[1] << 8L) |
- ((unsigned long)a->session_id[2] << 16L) |
- ((unsigned long)a->session_id[3] << 24L);
- return (l);
-}
-
-/*
- * NB: If this function (or indeed the hash function which uses a sort of
- * coarser function than this one) is changed, ensure
- * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
- * being able to construct an SSL_SESSION that will collide with any existing
- * session with a matching session ID.
- */
-static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
-{
- if (a->ssl_version != b->ssl_version)
- return (1);
- if (a->session_id_length != b->session_id_length)
- return (1);
- return (memcmp(a->session_id, b->session_id, a->session_id_length));
-}
-
-/*
- * These wrapper functions should remain rather than redeclaring
- * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
- * variable. The reason is that the functions aren't static, they're exposed
- * via ssl.h.
- */
-static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
-static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
-
-SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
-{
- SSL_CTX *ret = NULL;
-
- if (meth == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
- return (NULL);
- }
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
- return NULL;
- }
-#endif
-
- if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
- goto err;
- }
- ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
- if (ret == NULL)
- goto err;
-
- memset(ret, 0, sizeof(SSL_CTX));
-
- ret->method = meth;
-
- ret->cert_store = NULL;
- ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
- ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
- ret->session_cache_head = NULL;
- ret->session_cache_tail = NULL;
-
- /* We take the system default */
- ret->session_timeout = meth->get_timeout();
-
- ret->new_session_cb = 0;
- ret->remove_session_cb = 0;
- ret->get_session_cb = 0;
- ret->generate_session_id = 0;
-
- memset((char *)&ret->stats, 0, sizeof(ret->stats));
-
- ret->references = 1;
- ret->quiet_shutdown = 0;
-
-/* ret->cipher=NULL;*/
-/*-
- ret->s2->challenge=NULL;
- ret->master_key=NULL;
- ret->key_arg=NULL;
- ret->s2->conn_id=NULL; */
-
- ret->info_callback = NULL;
-
- ret->app_verify_callback = 0;
- ret->app_verify_arg = NULL;
-
- ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
- ret->read_ahead = 0;
- ret->msg_callback = 0;
- ret->msg_callback_arg = NULL;
- ret->verify_mode = SSL_VERIFY_NONE;
-#if 0
- ret->verify_depth = -1; /* Don't impose a limit (but x509_lu.c does) */
-#endif
- ret->sid_ctx_length = 0;
- ret->default_verify_callback = NULL;
- if ((ret->cert = ssl_cert_new()) == NULL)
- goto err;
-
- ret->default_passwd_callback = 0;
- ret->default_passwd_callback_userdata = NULL;
- ret->client_cert_cb = 0;
- ret->app_gen_cookie_cb = 0;
- ret->app_verify_cookie_cb = 0;
-
- ret->sessions = lh_SSL_SESSION_new();
- if (ret->sessions == NULL)
- goto err;
- ret->cert_store = X509_STORE_new();
- if (ret->cert_store == NULL)
- goto err;
-
- ssl_create_cipher_list(ret->method,
- &ret->cipher_list, &ret->cipher_list_by_id,
- meth->version ==
- SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
- if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
- goto err2;
- }
-
- ret->param = X509_VERIFY_PARAM_new();
- if (!ret->param)
- goto err;
-
- if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
- goto err2;
- }
- if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
- goto err2;
- }
- if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
- goto err2;
- }
-
- if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
- goto err;
-
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
-
- ret->extra_certs = NULL;
- /* No compression for DTLS */
- if (meth->version != DTLS1_VERSION)
- ret->comp_methods = SSL_COMP_get_compression_methods();
-
- ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
-
-#ifndef OPENSSL_NO_TLSEXT
- ret->tlsext_servername_callback = 0;
- ret->tlsext_servername_arg = NULL;
- /* Setup RFC4507 ticket keys */
- if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
- || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
- || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
- ret->options |= SSL_OP_NO_TICKET;
-
- ret->tlsext_status_cb = 0;
- ret->tlsext_status_arg = NULL;
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
- ret->next_protos_advertised_cb = 0;
- ret->next_proto_select_cb = 0;
-# endif
-#endif
-#ifndef OPENSSL_NO_PSK
- ret->psk_identity_hint = NULL;
- ret->psk_client_callback = NULL;
- ret->psk_server_callback = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
- SSL_CTX_SRP_CTX_init(ret);
-#endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
- ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
- ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
- if (!ret->rbuf_freelist)
- goto err;
- ret->rbuf_freelist->chunklen = 0;
- ret->rbuf_freelist->len = 0;
- ret->rbuf_freelist->head = NULL;
- ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
- if (!ret->wbuf_freelist) {
- OPENSSL_free(ret->rbuf_freelist);
- goto err;
- }
- ret->wbuf_freelist->chunklen = 0;
- ret->wbuf_freelist->len = 0;
- ret->wbuf_freelist->head = NULL;
-#endif
-#ifndef OPENSSL_NO_ENGINE
- ret->client_cert_engine = NULL;
-# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
-# define eng_strx(x) #x
-# define eng_str(x) eng_strx(x)
- /* Use specific client engine automatically... ignore errors */
- {
- ENGINE *eng;
- eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
- if (!eng) {
- ERR_clear_error();
- ENGINE_load_builtin_engines();
- eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
- }
- if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
- ERR_clear_error();
- }
-# endif
-#endif
- /*
- * Default is to connect to non-RI servers. When RI is more widely
- * deployed might change this.
- */
- ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
-
- return (ret);
- err:
- SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
- err2:
- if (ret != NULL)
- SSL_CTX_free(ret);
- return (NULL);
-}
-
-#if 0
-static void SSL_COMP_free(SSL_COMP *comp)
-{
- OPENSSL_free(comp);
-}
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
-{
- SSL3_BUF_FREELIST_ENTRY *ent, *next;
- for (ent = list->head; ent; ent = next) {
- next = ent->next;
- OPENSSL_free(ent);
- }
- OPENSSL_free(list);
-}
-#endif
-
-void SSL_CTX_free(SSL_CTX *a)
-{
- int i;
-
- if (a == NULL)
- return;
-
- i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
-#ifdef REF_PRINT
- REF_PRINT("SSL_CTX", a);
-#endif
- if (i > 0)
- return;
-#ifdef REF_CHECK
- if (i < 0) {
- fprintf(stderr, "SSL_CTX_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
- if (a->param)
- X509_VERIFY_PARAM_free(a->param);
-
- /*
- * Free internal session cache. However: the remove_cb() may reference
- * the ex_data of SSL_CTX, thus the ex_data store can only be removed
- * after the sessions were flushed.
- * As the ex_data handling routines might also touch the session cache,
- * the most secure solution seems to be: empty (flush) the cache, then
- * free ex_data, then finally free the cache.
- * (See ticket [openssl.org #212].)
- */
- if (a->sessions != NULL)
- SSL_CTX_flush_sessions(a, 0);
-
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
-
- if (a->sessions != NULL)
- lh_SSL_SESSION_free(a->sessions);
-
- if (a->cert_store != NULL)
- X509_STORE_free(a->cert_store);
- if (a->cipher_list != NULL)
- sk_SSL_CIPHER_free(a->cipher_list);
- if (a->cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(a->cipher_list_by_id);
- if (a->cert != NULL)
- ssl_cert_free(a->cert);
- if (a->client_CA != NULL)
- sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
- if (a->extra_certs != NULL)
- sk_X509_pop_free(a->extra_certs, X509_free);
-#if 0 /* This should never be done, since it
- * removes a global database */
- if (a->comp_methods != NULL)
- sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
-#else
- a->comp_methods = NULL;
-#endif
-
-#ifndef OPENSSL_NO_SRTP
- if (a->srtp_profiles)
- sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
-#endif
-
-#ifndef OPENSSL_NO_PSK
- if (a->psk_identity_hint)
- OPENSSL_free(a->psk_identity_hint);
-#endif
-#ifndef OPENSSL_NO_SRP
- SSL_CTX_SRP_CTX_free(a);
-#endif
-#ifndef OPENSSL_NO_ENGINE
- if (a->client_cert_engine)
- ENGINE_finish(a->client_cert_engine);
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
- if (a->wbuf_freelist)
- ssl_buf_freelist_free(a->wbuf_freelist);
- if (a->rbuf_freelist)
- ssl_buf_freelist_free(a->rbuf_freelist);
-#endif
-
- OPENSSL_free(a);
-}
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
-{
- ctx->default_passwd_callback = cb;
-}
-
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
-{
- ctx->default_passwd_callback_userdata = u;
-}
-
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
- int (*cb) (X509_STORE_CTX *, void *),
- void *arg)
-{
- ctx->app_verify_callback = cb;
- ctx->app_verify_arg = arg;
-}
-
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
- int (*cb) (int, X509_STORE_CTX *))
-{
- ctx->verify_mode = mode;
- ctx->default_verify_callback = cb;
-}
-
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
-{
- X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-}
-
-void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
-{
- CERT_PKEY *cpk;
- int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
- int rsa_enc_export, dh_rsa_export, dh_dsa_export;
- int rsa_tmp_export, dh_tmp_export, kl;
- unsigned long mask_k, mask_a, emask_k, emask_a;
-#ifndef OPENSSL_NO_ECDSA
- int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
-#endif
-#ifndef OPENSSL_NO_ECDH
- int have_ecdh_tmp, ecdh_ok;
-#endif
-#ifndef OPENSSL_NO_EC
- X509 *x = NULL;
- EVP_PKEY *ecc_pkey = NULL;
- int signature_nid = 0, pk_nid = 0, md_nid = 0;
-#endif
- if (c == NULL)
- return;
-
- kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
-
-#ifndef OPENSSL_NO_RSA
- rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
- rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
- (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
-#else
- rsa_tmp = rsa_tmp_export = 0;
-#endif
-#ifndef OPENSSL_NO_DH
- dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
- dh_tmp_export = (c->dh_tmp_cb != NULL ||
- (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
-#else
- dh_tmp = dh_tmp_export = 0;
-#endif
-
-#ifndef OPENSSL_NO_ECDH
- have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
-#endif
- cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
- rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
- rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
- cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
- rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
- cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
- dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
- cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
- dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
- dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
- cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
-/* FIX THIS EAY EAY EAY */
- dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
- dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
- cpk = &(c->pkeys[SSL_PKEY_ECC]);
-#ifndef OPENSSL_NO_EC
- have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
-#endif
- mask_k = 0;
- mask_a = 0;
- emask_k = 0;
- emask_a = 0;
-
-#ifdef CIPHER_DEBUG
- fprintf(stderr,
- "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
- rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
- rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
-#endif
-
- cpk = &(c->pkeys[SSL_PKEY_GOST01]);
- if (cpk->x509 != NULL && cpk->privatekey != NULL) {
- mask_k |= SSL_kGOST;
- mask_a |= SSL_aGOST01;
- }
- cpk = &(c->pkeys[SSL_PKEY_GOST94]);
- if (cpk->x509 != NULL && cpk->privatekey != NULL) {
- mask_k |= SSL_kGOST;
- mask_a |= SSL_aGOST94;
- }
-
- if (rsa_enc || (rsa_tmp && rsa_sign))
- mask_k |= SSL_kRSA;
- if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
- emask_k |= SSL_kRSA;
-
-#if 0
- /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
- if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
- mask_k |= SSL_kEDH;
- if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
- (rsa_enc || rsa_sign || dsa_sign))
- emask_k |= SSL_kEDH;
-#endif
-
- if (dh_tmp_export)
- emask_k |= SSL_kEDH;
-
- if (dh_tmp)
- mask_k |= SSL_kEDH;
-
- if (dh_rsa)
- mask_k |= SSL_kDHr;
- if (dh_rsa_export)
- emask_k |= SSL_kDHr;
-
- if (dh_dsa)
- mask_k |= SSL_kDHd;
- if (dh_dsa_export)
- emask_k |= SSL_kDHd;
-
- if (rsa_enc || rsa_sign) {
- mask_a |= SSL_aRSA;
- emask_a |= SSL_aRSA;
- }
-
- if (dsa_sign) {
- mask_a |= SSL_aDSS;
- emask_a |= SSL_aDSS;
- }
-
- mask_a |= SSL_aNULL;
- emask_a |= SSL_aNULL;
-
-#ifndef OPENSSL_NO_KRB5
- mask_k |= SSL_kKRB5;
- mask_a |= SSL_aKRB5;
- emask_k |= SSL_kKRB5;
- emask_a |= SSL_aKRB5;
-#endif
-
- /*
- * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
- * depending on the key usage extension.
- */
-#ifndef OPENSSL_NO_EC
- if (have_ecc_cert) {
- /* This call populates extension flags (ex_flags) */
- x = (c->pkeys[SSL_PKEY_ECC]).x509;
- X509_check_purpose(x, -1, 0);
- ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
- (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
- ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
- (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
- ecc_pkey = X509_get_pubkey(x);
- ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
- EVP_PKEY_free(ecc_pkey);
- if ((x->sig_alg) && (x->sig_alg->algorithm)) {
- signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
- OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
- }
-#ifndef OPENSSL_NO_ECDH
- if (ecdh_ok) {
-
- if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
- mask_k |= SSL_kECDHr;
- mask_a |= SSL_aECDH;
- if (ecc_pkey_size <= 163) {
- emask_k |= SSL_kECDHr;
- emask_a |= SSL_aECDH;
- }
- }
-
- if (pk_nid == NID_X9_62_id_ecPublicKey) {
- mask_k |= SSL_kECDHe;
- mask_a |= SSL_aECDH;
- if (ecc_pkey_size <= 163) {
- emask_k |= SSL_kECDHe;
- emask_a |= SSL_aECDH;
- }
- }
- }
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (ecdsa_ok) {
- mask_a |= SSL_aECDSA;
- emask_a |= SSL_aECDSA;
- }
-#endif
- }
-#endif
-#ifndef OPENSSL_NO_ECDH
- if (have_ecdh_tmp) {
- mask_k |= SSL_kEECDH;
- emask_k |= SSL_kEECDH;
- }
-#endif
-
-#ifndef OPENSSL_NO_PSK
- mask_k |= SSL_kPSK;
- mask_a |= SSL_aPSK;
- emask_k |= SSL_kPSK;
- emask_a |= SSL_aPSK;
-#endif
-
- c->mask_k = mask_k;
- c->mask_a = mask_a;
- c->export_mask_k = emask_k;
- c->export_mask_a = emask_a;
- c->valid = 1;
-}
-
-/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
-#define ku_reject(x, usage) \
- (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-
-#ifndef OPENSSL_NO_EC
-
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
-{
- unsigned long alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- int keysize = 0;
- int signature_nid = 0, md_nid = 0, pk_nid = 0;
- const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
-
- alg_k = cs->algorithm_mkey;
- alg_a = cs->algorithm_auth;
-
- if (SSL_C_IS_EXPORT(cs)) {
- /* ECDH key length in export ciphers must be <= 163 bits */
- pkey = X509_get_pubkey(x);
- if (pkey == NULL)
- return 0;
- keysize = EVP_PKEY_bits(pkey);
- EVP_PKEY_free(pkey);
- if (keysize > 163)
- return 0;
- }
-
- /* This call populates the ex_flags field correctly */
- X509_check_purpose(x, -1, 0);
- if ((x->sig_alg) && (x->sig_alg->algorithm)) {
- signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
- OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
- }
- if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
- /* key usage, if present, must allow key agreement */
- if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
- SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
- return 0;
- }
- if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
- /* signature alg must be ECDSA */
- if (pk_nid != NID_X9_62_id_ecPublicKey) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
- SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
- return 0;
- }
- }
- if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
- /* signature alg must be RSA */
-
- if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
- SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
- return 0;
- }
- }
- }
- if (alg_a & SSL_aECDSA) {
- /* key usage, if present, must allow signing */
- if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
- SSL_R_ECC_CERT_NOT_FOR_SIGNING);
- return 0;
- }
- }
-
- return 1; /* all checks are ok */
-}
-
-#endif
-
-/* THIS NEEDS CLEANING UP */
-CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
-{
- unsigned long alg_k, alg_a;
- CERT *c;
- int i;
-
- c = s->cert;
- ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
-
- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
- alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
- if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
- /*
- * we don't need to look at SSL_kEECDH since no certificate is needed
- * for anon ECDH and for authenticated EECDH, the check for the auth
- * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC
- * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the
- * checks for SSL_kECDH before RSA checks ensures the correct cert is
- * chosen.
- */
- i = SSL_PKEY_ECC;
- } else if (alg_a & SSL_aECDSA) {
- i = SSL_PKEY_ECC;
- } else if (alg_k & SSL_kDHr)
- i = SSL_PKEY_DH_RSA;
- else if (alg_k & SSL_kDHd)
- i = SSL_PKEY_DH_DSA;
- else if (alg_a & SSL_aDSS)
- i = SSL_PKEY_DSA_SIGN;
- else if (alg_a & SSL_aRSA) {
- if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
- i = SSL_PKEY_RSA_SIGN;
- else
- i = SSL_PKEY_RSA_ENC;
- } else if (alg_a & SSL_aKRB5) {
- /* VRS something else here? */
- return (NULL);
- } else if (alg_a & SSL_aGOST94)
- i = SSL_PKEY_GOST94;
- else if (alg_a & SSL_aGOST01)
- i = SSL_PKEY_GOST01;
- else { /* if (alg_a & SSL_aNULL) */
-
- SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
- return (NULL);
- }
-
- return c->pkeys + i;
-}
-
-X509 *ssl_get_server_send_cert(const SSL *s)
-{
- CERT_PKEY *cpk;
- cpk = ssl_get_server_send_pkey(s);
- if (!cpk)
- return NULL;
- return cpk->x509;
-}
-
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
- const EVP_MD **pmd)
-{
- unsigned long alg_a;
- CERT *c;
- int idx = -1;
-
- alg_a = cipher->algorithm_auth;
- c = s->cert;
-
- if ((alg_a & SSL_aDSS) &&
- (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
- idx = SSL_PKEY_DSA_SIGN;
- else if (alg_a & SSL_aRSA) {
- if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
- idx = SSL_PKEY_RSA_SIGN;
- else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
- idx = SSL_PKEY_RSA_ENC;
- } else if ((alg_a & SSL_aECDSA) &&
- (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
- idx = SSL_PKEY_ECC;
- if (idx == -1) {
- SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
- return (NULL);
- }
- if (pmd)
- *pmd = c->pkeys[idx].digest;
- return c->pkeys[idx].privatekey;
-}
-
-void ssl_update_cache(SSL *s, int mode)
-{
- int i;
-
- /*
- * If the session_id_length is 0, we are not supposed to cache it, and it
- * would be rather hard to do anyway :-)
- */
- if (s->session->session_id_length == 0)
- return;
-
- i = s->session_ctx->session_cache_mode;
- if ((i & mode) && (!s->hit)
- && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
- || SSL_CTX_add_session(s->session_ctx, s->session))
- && (s->session_ctx->new_session_cb != NULL)) {
- CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
- if (!s->session_ctx->new_session_cb(s, s->session))
- SSL_SESSION_free(s->session);
- }
-
- /* auto flush every 255 connections */
- if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
- if ((((mode & SSL_SESS_CACHE_CLIENT)
- ? s->session_ctx->stats.sess_connect_good
- : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
- SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
- }
- }
-}
-
-const SSL_METHOD *SSL_get_ssl_method(SSL *s)
-{
- return (s->method);
-}
-
-int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
-{
- int conn = -1;
- int ret = 1;
-
- if (s->method != meth) {
- if (s->handshake_func != NULL)
- conn = (s->handshake_func == s->method->ssl_connect);
-
- if (s->method->version == meth->version)
- s->method = meth;
- else {
- s->method->ssl_free(s);
- s->method = meth;
- ret = s->method->ssl_new(s);
- }
-
- if (conn == 1)
- s->handshake_func = meth->ssl_connect;
- else if (conn == 0)
- s->handshake_func = meth->ssl_accept;
- }
- return (ret);
-}
-
-int SSL_get_error(const SSL *s, int i)
-{
- int reason;
- unsigned long l;
- BIO *bio;
-
- if (i > 0)
- return (SSL_ERROR_NONE);
-
- /*
- * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
- * where we do encode the error
- */
- if ((l = ERR_peek_error()) != 0) {
- if (ERR_GET_LIB(l) == ERR_LIB_SYS)
- return (SSL_ERROR_SYSCALL);
- else
- return (SSL_ERROR_SSL);
- }
-
- if ((i < 0) && SSL_want_read(s)) {
- bio = SSL_get_rbio(s);
- if (BIO_should_read(bio))
- return (SSL_ERROR_WANT_READ);
- else if (BIO_should_write(bio))
- /*
- * This one doesn't make too much sense ... We never try to write
- * to the rbio, and an application program where rbio and wbio
- * are separate couldn't even know what it should wait for.
- * However if we ever set s->rwstate incorrectly (so that we have
- * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
- * wbio *are* the same, this test works around that bug; so it
- * might be safer to keep it.
- */
- return (SSL_ERROR_WANT_WRITE);
- else if (BIO_should_io_special(bio)) {
- reason = BIO_get_retry_reason(bio);
- if (reason == BIO_RR_CONNECT)
- return (SSL_ERROR_WANT_CONNECT);
- else if (reason == BIO_RR_ACCEPT)
- return (SSL_ERROR_WANT_ACCEPT);
- else
- return (SSL_ERROR_SYSCALL); /* unknown */
- }
- }
-
- if ((i < 0) && SSL_want_write(s)) {
- bio = SSL_get_wbio(s);
- if (BIO_should_write(bio))
- return (SSL_ERROR_WANT_WRITE);
- else if (BIO_should_read(bio))
- /*
- * See above (SSL_want_read(s) with BIO_should_write(bio))
- */
- return (SSL_ERROR_WANT_READ);
- else if (BIO_should_io_special(bio)) {
- reason = BIO_get_retry_reason(bio);
- if (reason == BIO_RR_CONNECT)
- return (SSL_ERROR_WANT_CONNECT);
- else if (reason == BIO_RR_ACCEPT)
- return (SSL_ERROR_WANT_ACCEPT);
- else
- return (SSL_ERROR_SYSCALL);
- }
- }
- if ((i < 0) && SSL_want_x509_lookup(s)) {
- return (SSL_ERROR_WANT_X509_LOOKUP);
- }
-
- if (i == 0) {
- if (s->version == SSL2_VERSION) {
- /* assume it is the socket being closed */
- return (SSL_ERROR_ZERO_RETURN);
- } else {
- if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
- (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
- return (SSL_ERROR_ZERO_RETURN);
- }
- }
- return (SSL_ERROR_SYSCALL);
-}
-
-int SSL_do_handshake(SSL *s)
-{
- int ret = 1;
-
- if (s->handshake_func == NULL) {
- SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
- return (-1);
- }
-
- s->method->ssl_renegotiate_check(s);
-
- if (SSL_in_init(s) || SSL_in_before(s)) {
- ret = s->handshake_func(s);
- }
- return (ret);
-}
-
-/*
- * For the next 2 functions, SSL_clear() sets shutdown and so one of these
- * calls will reset it
- */
-void SSL_set_accept_state(SSL *s)
-{
- s->server = 1;
- s->shutdown = 0;
- s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
- s->handshake_func = s->method->ssl_accept;
- /* clear the current cipher */
- ssl_clear_cipher_ctx(s);
- ssl_clear_hash_ctx(&s->read_hash);
- ssl_clear_hash_ctx(&s->write_hash);
-}
-
-void SSL_set_connect_state(SSL *s)
-{
- s->server = 0;
- s->shutdown = 0;
- s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
- s->handshake_func = s->method->ssl_connect;
- /* clear the current cipher */
- ssl_clear_cipher_ctx(s);
- ssl_clear_hash_ctx(&s->read_hash);
- ssl_clear_hash_ctx(&s->write_hash);
-}
-
-int ssl_undefined_function(SSL *s)
-{
- SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
-}
-
-int ssl_undefined_void_function(void)
-{
- SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
-}
-
-int ssl_undefined_const_function(const SSL *s)
-{
- SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
-}
-
-SSL_METHOD *ssl_bad_method(int ver)
-{
- SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (NULL);
-}
-
-const char *SSL_get_version(const SSL *s)
-{
- if (s->version == TLS1_2_VERSION)
- return ("TLSv1.2");
- else if (s->version == TLS1_1_VERSION)
- return ("TLSv1.1");
- else if (s->version == TLS1_VERSION)
- return ("TLSv1");
- else if (s->version == SSL3_VERSION)
- return ("SSLv3");
- else if (s->version == SSL2_VERSION)
- return ("SSLv2");
- else
- return ("unknown");
-}
-
-SSL *SSL_dup(SSL *s)
-{
- STACK_OF(X509_NAME) *sk;
- X509_NAME *xn;
- SSL *ret;
- int i;
-
- if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
- return (NULL);
-
- ret->version = s->version;
- ret->type = s->type;
- ret->method = s->method;
-
- if (s->session != NULL) {
- /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
- SSL_copy_session_id(ret, s);
- } else {
- /*
- * No session has been established yet, so we have to expect that
- * s->cert or ret->cert will be changed later -- they should not both
- * point to the same object, and thus we can't use
- * SSL_copy_session_id.
- */
-
- ret->method->ssl_free(ret);
- ret->method = s->method;
- ret->method->ssl_new(ret);
-
- if (s->cert != NULL) {
- if (ret->cert != NULL) {
- ssl_cert_free(ret->cert);
- }
- ret->cert = ssl_cert_dup(s->cert);
- if (ret->cert == NULL)
- goto err;
- }
-
- SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
- }
-
- ret->options = s->options;
- ret->mode = s->mode;
- SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
- SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
- ret->msg_callback = s->msg_callback;
- ret->msg_callback_arg = s->msg_callback_arg;
- SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
- SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
- ret->generate_session_id = s->generate_session_id;
-
- SSL_set_info_callback(ret, SSL_get_info_callback(s));
-
- ret->debug = s->debug;
-
- /* copy app data, a little dangerous perhaps */
- if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
- goto err;
-
- /* setup rbio, and wbio */
- if (s->rbio != NULL) {
- if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
- goto err;
- }
- if (s->wbio != NULL) {
- if (s->wbio != s->rbio) {
- if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
- goto err;
- } else
- ret->wbio = ret->rbio;
- }
- ret->rwstate = s->rwstate;
- ret->in_handshake = s->in_handshake;
- ret->handshake_func = s->handshake_func;
- ret->server = s->server;
- ret->renegotiate = s->renegotiate;
- ret->new_session = s->new_session;
- ret->quiet_shutdown = s->quiet_shutdown;
- ret->shutdown = s->shutdown;
- ret->state = s->state; /* SSL_dup does not really work at any state,
- * though */
- ret->rstate = s->rstate;
- ret->init_num = 0; /* would have to copy ret->init_buf,
- * ret->init_msg, ret->init_num,
- * ret->init_off */
- ret->hit = s->hit;
-
- X509_VERIFY_PARAM_inherit(ret->param, s->param);
-
- /* dup the cipher_list and cipher_list_by_id stacks */
- if (s->cipher_list != NULL) {
- if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
- goto err;
- }
- if (s->cipher_list_by_id != NULL)
- if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
- == NULL)
- goto err;
-
- /* Dup the client_CA list */
- if (s->client_CA != NULL) {
- if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
- goto err;
- ret->client_CA = sk;
- for (i = 0; i < sk_X509_NAME_num(sk); i++) {
- xn = sk_X509_NAME_value(sk, i);
- if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
- X509_NAME_free(xn);
- goto err;
- }
- }
- }
-
- if (0) {
- err:
- if (ret != NULL)
- SSL_free(ret);
- ret = NULL;
- }
- return (ret);
-}
-
-void ssl_clear_cipher_ctx(SSL *s)
-{
- if (s->enc_read_ctx != NULL) {
- EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
- OPENSSL_free(s->enc_read_ctx);
- s->enc_read_ctx = NULL;
- }
- if (s->enc_write_ctx != NULL) {
- EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
- OPENSSL_free(s->enc_write_ctx);
- s->enc_write_ctx = NULL;
- }
-#ifndef OPENSSL_NO_COMP
- if (s->expand != NULL) {
- COMP_CTX_free(s->expand);
- s->expand = NULL;
- }
- if (s->compress != NULL) {
- COMP_CTX_free(s->compress);
- s->compress = NULL;
- }
-#endif
-}
-
-/* Fix this function so that it takes an optional type parameter */
-X509 *SSL_get_certificate(const SSL *s)
-{
- if (s->cert != NULL)
- return (s->cert->key->x509);
- else
- return (NULL);
-}
-
-/* Fix this function so that it takes an optional type parameter */
-EVP_PKEY *SSL_get_privatekey(SSL *s)
-{
- if (s->cert != NULL)
- return (s->cert->key->privatekey);
- else
- return (NULL);
-}
-
-const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
-{
- if ((s->session != NULL) && (s->session->cipher != NULL))
- return (s->session->cipher);
- return (NULL);
-}
-
-#ifdef OPENSSL_NO_COMP
-const void *SSL_get_current_compression(SSL *s)
-{
- return NULL;
-}
-
-const void *SSL_get_current_expansion(SSL *s)
-{
- return NULL;
-}
-#else
-
-const COMP_METHOD *SSL_get_current_compression(SSL *s)
-{
- if (s->compress != NULL)
- return (s->compress->meth);
- return (NULL);
-}
-
-const COMP_METHOD *SSL_get_current_expansion(SSL *s)
-{
- if (s->expand != NULL)
- return (s->expand->meth);
- return (NULL);
-}
-#endif
-
-int ssl_init_wbio_buffer(SSL *s, int push)
-{
- BIO *bbio;
-
- if (s->bbio == NULL) {
- bbio = BIO_new(BIO_f_buffer());
- if (bbio == NULL)
- return (0);
- s->bbio = bbio;
- } else {
- bbio = s->bbio;
- if (s->bbio == s->wbio)
- s->wbio = BIO_pop(s->wbio);
- }
- (void)BIO_reset(bbio);
-/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
- if (!BIO_set_read_buffer_size(bbio, 1)) {
- SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
- return (0);
- }
- if (push) {
- if (s->wbio != bbio)
- s->wbio = BIO_push(bbio, s->wbio);
- } else {
- if (s->wbio == bbio)
- s->wbio = BIO_pop(bbio);
- }
- return (1);
-}
-
-void ssl_free_wbio_buffer(SSL *s)
-{
- if (s->bbio == NULL)
- return;
-
- if (s->bbio == s->wbio) {
- /* remove buffering */
- s->wbio = BIO_pop(s->wbio);
-#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids
- * adding one more preprocessor symbol */
- assert(s->wbio != NULL);
-#endif
- }
- BIO_free(s->bbio);
- s->bbio = NULL;
-}
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
-{
- ctx->quiet_shutdown = mode;
-}
-
-int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
-{
- return (ctx->quiet_shutdown);
-}
-
-void SSL_set_quiet_shutdown(SSL *s, int mode)
-{
- s->quiet_shutdown = mode;
-}
-
-int SSL_get_quiet_shutdown(const SSL *s)
-{
- return (s->quiet_shutdown);
-}
-
-void SSL_set_shutdown(SSL *s, int mode)
-{
- s->shutdown = mode;
-}
-
-int SSL_get_shutdown(const SSL *s)
-{
- return (s->shutdown);
-}
-
-int SSL_version(const SSL *s)
-{
- return (s->version);
-}
-
-SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
-{
- return (ssl->ctx);
-}
-
-SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
-{
- CERT *ocert = ssl->cert;
- if (ssl->ctx == ctx)
- return ssl->ctx;
-#ifndef OPENSSL_NO_TLSEXT
- if (ctx == NULL)
- ctx = ssl->initial_ctx;
-#endif
- ssl->cert = ssl_cert_dup(ctx->cert);
- if (ocert != NULL) {
- int i;
- /* Copy negotiated digests from original */
- for (i = 0; i < SSL_PKEY_NUM; i++) {
- CERT_PKEY *cpk = ocert->pkeys + i;
- CERT_PKEY *rpk = ssl->cert->pkeys + i;
- rpk->digest = cpk->digest;
- }
- ssl_cert_free(ocert);
- }
-
- /*
- * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
- * so setter APIs must prevent invalid lengths from entering the system.
- */
- OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
-
- /*
- * If the session ID context matches that of the parent SSL_CTX,
- * inherit it from the new SSL_CTX as well. If however the context does
- * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
- * leave it unchanged.
- */
- if ((ssl->ctx != NULL) &&
- (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
- (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
- ssl->sid_ctx_length = ctx->sid_ctx_length;
- memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
- }
-
- CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
- if (ssl->ctx != NULL)
- SSL_CTX_free(ssl->ctx); /* decrement reference count */
- ssl->ctx = ctx;
-
- return (ssl->ctx);
-}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
-{
- return (X509_STORE_set_default_paths(ctx->cert_store));
-}
-
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
- const char *CApath)
-{
- return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
-}
-#endif
-
-void SSL_set_info_callback(SSL *ssl,
- void (*cb) (const SSL *ssl, int type, int val))
-{
- ssl->info_callback = cb;
-}
-
-/*
- * One compiler (Diab DCC) doesn't like argument names in returned function
- * pointer.
- */
-void (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
- int /* type */ ,
- int /* val */ ) {
- return ssl->info_callback;
-}
-
-int SSL_state(const SSL *ssl)
-{
- return (ssl->state);
-}
-
-void SSL_set_state(SSL *ssl, int state)
-{
- ssl->state = state;
-}
-
-void SSL_set_verify_result(SSL *ssl, long arg)
-{
- ssl->verify_result = arg;
-}
-
-long SSL_get_verify_result(const SSL *ssl)
-{
- return (ssl->verify_result);
-}
-
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int SSL_set_ex_data(SSL *s, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *SSL_get_ex_data(const SSL *s, int idx)
-{
- return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
-{
- return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-int ssl_ok(SSL *s)
-{
- return (1);
-}
-
-X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
-{
- return (ctx->cert_store);
-}
-
-void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
-{
- if (ctx->cert_store != NULL)
- X509_STORE_free(ctx->cert_store);
- ctx->cert_store = store;
-}
-
-int SSL_want(const SSL *s)
-{
- return (s->rwstate);
-}
-
-/**
- * \brief Set the callback for generating temporary RSA keys.
- * \param ctx the SSL context.
- * \param cb the callback
- */
-
-#ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
- int is_export,
- int keylength))
-{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
-}
-
-void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
- int is_export,
- int keylength))
-{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
-}
-#endif
-
-#ifdef DOXYGEN
-/**
- * \brief The RSA temporary key callback function.
- * \param ssl the SSL session.
- * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
- * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
- * of the required key in bits.
- * \return the temporary RSA key.
- * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
- */
-
-RSA *cb(SSL *ssl, int is_export, int keylength)
-{
-}
-#endif
-
-/**
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-
-void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
- EC_KEY *(*ecdh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
- (void (*)(void))ecdh);
-}
-
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
- EC_KEY *(*ecdh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
-}
-#endif
-
-#ifndef OPENSSL_NO_PSK
-int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
-{
- if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
- SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
- SSL_R_DATA_LENGTH_TOO_LONG);
- return 0;
- }
- if (ctx->psk_identity_hint != NULL)
- OPENSSL_free(ctx->psk_identity_hint);
- if (identity_hint != NULL) {
- ctx->psk_identity_hint = BUF_strdup(identity_hint);
- if (ctx->psk_identity_hint == NULL)
- return 0;
- } else
- ctx->psk_identity_hint = NULL;
- return 1;
-}
-
-int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
-{
- if (s == NULL)
- return 0;
-
- if (s->session == NULL)
- return 1; /* session not created yet, ignored */
-
- if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
- SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
- return 0;
- }
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
- if (identity_hint != NULL) {
- s->session->psk_identity_hint = BUF_strdup(identity_hint);
- if (s->session->psk_identity_hint == NULL)
- return 0;
- } else
- s->session->psk_identity_hint = NULL;
- return 1;
-}
-
-const char *SSL_get_psk_identity_hint(const SSL *s)
-{
- if (s == NULL || s->session == NULL)
- return NULL;
- return (s->session->psk_identity_hint);
-}
-
-const char *SSL_get_psk_identity(const SSL *s)
-{
- if (s == NULL || s->session == NULL)
- return NULL;
- return (s->session->psk_identity);
-}
-
-void SSL_set_psk_client_callback(SSL *s,
- unsigned int (*cb) (SSL *ssl,
- const char *hint,
- char *identity,
- unsigned int
- max_identity_len,
- unsigned char *psk,
- unsigned int
- max_psk_len))
-{
- s->psk_client_callback = cb;
-}
-
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
- unsigned int (*cb) (SSL *ssl,
- const char *hint,
- char *identity,
- unsigned int
- max_identity_len,
- unsigned char *psk,
- unsigned int
- max_psk_len))
-{
- ctx->psk_client_callback = cb;
-}
-
-void SSL_set_psk_server_callback(SSL *s,
- unsigned int (*cb) (SSL *ssl,
- const char *identity,
- unsigned char *psk,
- unsigned int
- max_psk_len))
-{
- s->psk_server_callback = cb;
-}
-
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
- unsigned int (*cb) (SSL *ssl,
- const char *identity,
- unsigned char *psk,
- unsigned int
- max_psk_len))
-{
- ctx->psk_server_callback = cb;
-}
-#endif
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
- void (*cb) (int write_p, int version,
- int content_type, const void *buf,
- size_t len, SSL *ssl, void *arg))
-{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
-}
-
-void SSL_set_msg_callback(SSL *ssl,
- void (*cb) (int write_p, int version,
- int content_type, const void *buf,
- size_t len, SSL *ssl, void *arg))
-{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
-}
-
-/*
- * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
- * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
- * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
- * allocated ctx;
- */
-
-EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
-{
- ssl_clear_hash_ctx(hash);
- *hash = EVP_MD_CTX_create();
- if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
- EVP_MD_CTX_destroy(*hash);
- *hash = NULL;
- return NULL;
- }
- return *hash;
-}
-
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
-{
-
- if (*hash)
- EVP_MD_CTX_destroy(*hash);
- *hash = NULL;
-}
-
-void SSL_set_debug(SSL *s, int debug)
-{
- s->debug = debug;
-}
-
-int SSL_cache_hit(SSL *s)
-{
- return s->hit;
-}
-
-#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
-# include "../crypto/bio/bss_file.c"
-#endif
-
-IMPLEMENT_STACK_OF(SSL_CIPHER)
-IMPLEMENT_STACK_OF(SSL_COMP)
-IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
Copied: vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c (from rev 11605, vendor-crypto/openssl/dist/ssl/ssl_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,3325 @@
+/*
+ * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifdef REF_CHECK
+# include <assert.h>
+#endif
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/objects.h>
+#include <openssl/lhash.h>
+#include <openssl/x509v3.h>
+#include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+const char *SSL_version_str = OPENSSL_VERSION_TEXT;
+
+SSL3_ENC_METHOD ssl3_undef_enc_method = {
+ /*
+ * evil casts, but these functions are only called if there's a library
+ * bug
+ */
+ (int (*)(SSL *, int))ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
+ ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, unsigned char *, int))
+ ssl_undefined_function,
+ (int (*)(SSL *, int))ssl_undefined_function,
+ (int (*)(SSL *, const char *, int, unsigned char *))
+ ssl_undefined_function,
+ 0, /* finish_mac_length */
+ (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
+ NULL, /* client_finished_label */
+ 0, /* client_finished_label_len */
+ NULL, /* server_finished_label */
+ 0, /* server_finished_label_len */
+ (int (*)(int))ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
+ int use_context))ssl_undefined_function,
+};
+
+int SSL_clear(SSL *s)
+{
+
+ if (s->method == NULL) {
+ SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
+ return (0);
+ }
+
+ if (ssl_clear_bad_session(s)) {
+ SSL_SESSION_free(s->session);
+ s->session = NULL;
+ }
+
+ s->error = 0;
+ s->hit = 0;
+ s->shutdown = 0;
+
+#if 0
+ /*
+ * Disabled since version 1.10 of this file (early return not
+ * needed because SSL_clear is not called when doing renegotiation)
+ */
+ /*
+ * This is set if we are doing dynamic renegotiation so keep
+ * the old cipher. It is sort of a SSL_clear_lite :-)
+ */
+ if (s->renegotiate)
+ return (1);
+#else
+ if (s->renegotiate) {
+ SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+#endif
+
+ s->type = 0;
+
+ s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
+
+ s->version = s->method->version;
+ s->client_version = s->version;
+ s->rwstate = SSL_NOTHING;
+ s->rstate = SSL_ST_READ_HEADER;
+#if 0
+ s->read_ahead = s->ctx->read_ahead;
+#endif
+
+ if (s->init_buf != NULL) {
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
+ }
+
+ ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
+
+ s->first_packet = 0;
+
+#if 1
+ /*
+ * Check to see if we were changed into a different method, if so, revert
+ * back if we are not doing session-id reuse.
+ */
+ if (!s->in_handshake && (s->session == NULL)
+ && (s->method != s->ctx->method)) {
+ s->method->ssl_free(s);
+ s->method = s->ctx->method;
+ if (!s->method->ssl_new(s))
+ return (0);
+ } else
+#endif
+ s->method->ssl_clear(s);
+ return (1);
+}
+
+/** Used to change an SSL_CTXs default SSL method type */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
+{
+ STACK_OF(SSL_CIPHER) *sk;
+
+ ctx->method = meth;
+
+ sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
+ &(ctx->cipher_list_by_id),
+ meth->version ==
+ SSL2_VERSION ? "SSLv2" :
+ SSL_DEFAULT_CIPHER_LIST);
+ if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
+ SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
+ SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+ return (0);
+ }
+ return (1);
+}
+
+SSL *SSL_new(SSL_CTX *ctx)
+{
+ SSL *s;
+
+ if (ctx == NULL) {
+ SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
+ return (NULL);
+ }
+ if (ctx->method == NULL) {
+ SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+ return (NULL);
+ }
+
+ s = (SSL *)OPENSSL_malloc(sizeof(SSL));
+ if (s == NULL)
+ goto err;
+ memset(s, 0, sizeof(SSL));
+
+#ifndef OPENSSL_NO_KRB5
+ s->kssl_ctx = kssl_ctx_new();
+#endif /* OPENSSL_NO_KRB5 */
+
+ s->options = ctx->options;
+ s->mode = ctx->mode;
+ s->max_cert_list = ctx->max_cert_list;
+ s->references = 1;
+
+ if (ctx->cert != NULL) {
+ /*
+ * Earlier library versions used to copy the pointer to the CERT, not
+ * its contents; only when setting new parameters for the per-SSL
+ * copy, ssl_cert_new would be called (and the direct reference to
+ * the per-SSL_CTX settings would be lost, but those still were
+ * indirectly accessed for various purposes, and for that reason they
+ * used to be known as s->ctx->default_cert). Now we don't look at the
+ * SSL_CTX's CERT after having duplicated it once.
+ */
+
+ s->cert = ssl_cert_dup(ctx->cert);
+ if (s->cert == NULL)
+ goto err;
+ } else
+ s->cert = NULL; /* Cannot really happen (see SSL_CTX_new) */
+
+ s->read_ahead = ctx->read_ahead;
+ s->msg_callback = ctx->msg_callback;
+ s->msg_callback_arg = ctx->msg_callback_arg;
+ s->verify_mode = ctx->verify_mode;
+#if 0
+ s->verify_depth = ctx->verify_depth;
+#endif
+ s->sid_ctx_length = ctx->sid_ctx_length;
+ OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
+ memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
+ s->verify_callback = ctx->default_verify_callback;
+ s->generate_session_id = ctx->generate_session_id;
+
+ s->param = X509_VERIFY_PARAM_new();
+ if (!s->param)
+ goto err;
+ X509_VERIFY_PARAM_inherit(s->param, ctx->param);
+#if 0
+ s->purpose = ctx->purpose;
+ s->trust = ctx->trust;
+#endif
+ s->quiet_shutdown = ctx->quiet_shutdown;
+ s->max_send_fragment = ctx->max_send_fragment;
+
+ CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
+ s->ctx = ctx;
+#ifndef OPENSSL_NO_TLSEXT
+ s->tlsext_debug_cb = 0;
+ s->tlsext_debug_arg = NULL;
+ s->tlsext_ticket_expected = 0;
+ s->tlsext_status_type = -1;
+ s->tlsext_status_expected = 0;
+ s->tlsext_ocsp_ids = NULL;
+ s->tlsext_ocsp_exts = NULL;
+ s->tlsext_ocsp_resp = NULL;
+ s->tlsext_ocsp_resplen = -1;
+ CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
+ s->initial_ctx = ctx;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ s->next_proto_negotiated = NULL;
+# endif
+#endif
+
+ s->verify_result = X509_V_OK;
+
+ s->method = ctx->method;
+
+ if (!s->method->ssl_new(s))
+ goto err;
+
+ s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
+
+ SSL_clear(s);
+
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+
+#ifndef OPENSSL_NO_PSK
+ s->psk_client_callback = ctx->psk_client_callback;
+ s->psk_server_callback = ctx->psk_server_callback;
+#endif
+
+ return (s);
+ err:
+ if (s != NULL)
+ SSL_free(s);
+ SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+}
+
+int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len)
+{
+ if (sid_ctx_len > sizeof ctx->sid_ctx) {
+ SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
+ SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ return 0;
+ }
+ ctx->sid_ctx_length = sid_ctx_len;
+ memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
+
+ return 1;
+}
+
+int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len)
+{
+ if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+ SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
+ SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ return 0;
+ }
+ ssl->sid_ctx_length = sid_ctx_len;
+ memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
+
+ return 1;
+}
+
+int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
+{
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ ctx->generate_session_id = cb;
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ return 1;
+}
+
+int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
+{
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+ ssl->generate_session_id = cb;
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+ return 1;
+}
+
+int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+ unsigned int id_len)
+{
+ /*
+ * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
+ * we can "construct" a session to give us the desired check - ie. to
+ * find if there's a session in the hash table that would conflict with
+ * any new session built out of this id/id_len and the ssl_version in use
+ * by this SSL.
+ */
+ SSL_SESSION r, *p;
+
+ if (id_len > sizeof r.session_id)
+ return 0;
+
+ r.ssl_version = ssl->version;
+ r.session_id_length = id_len;
+ memcpy(r.session_id, id, id_len);
+ /*
+ * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
+ * callback is calling us to check the uniqueness of a shorter ID, it
+ * must be compared as a padded-out ID because that is what it will be
+ * converted to when the callback has finished choosing it.
+ */
+ if ((r.ssl_version == SSL2_VERSION) &&
+ (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
+ memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
+ r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+ }
+
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ return (p != NULL);
+}
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
+{
+ return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
+}
+
+int SSL_set_purpose(SSL *s, int purpose)
+{
+ return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
+}
+
+int SSL_CTX_set_trust(SSL_CTX *s, int trust)
+{
+ return X509_VERIFY_PARAM_set_trust(s->param, trust);
+}
+
+int SSL_set_trust(SSL *s, int trust)
+{
+ return X509_VERIFY_PARAM_set_trust(s->param, trust);
+}
+
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+{
+ return X509_VERIFY_PARAM_set1(ctx->param, vpm);
+}
+
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
+{
+ return X509_VERIFY_PARAM_set1(ssl->param, vpm);
+}
+
+void SSL_free(SSL *s)
+{
+ int i;
+
+ if (s == NULL)
+ return;
+
+ i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
+#ifdef REF_PRINT
+ REF_PRINT("SSL", s);
+#endif
+ if (i > 0)
+ return;
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "SSL_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ if (s->param)
+ X509_VERIFY_PARAM_free(s->param);
+
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+
+ if (s->bbio != NULL) {
+ /* If the buffering BIO is in place, pop it off */
+ if (s->bbio == s->wbio) {
+ s->wbio = BIO_pop(s->wbio);
+ }
+ BIO_free(s->bbio);
+ s->bbio = NULL;
+ }
+ if (s->rbio != NULL)
+ BIO_free_all(s->rbio);
+ if ((s->wbio != NULL) && (s->wbio != s->rbio))
+ BIO_free_all(s->wbio);
+
+ if (s->init_buf != NULL)
+ BUF_MEM_free(s->init_buf);
+
+ /* add extra stuff */
+ if (s->cipher_list != NULL)
+ sk_SSL_CIPHER_free(s->cipher_list);
+ if (s->cipher_list_by_id != NULL)
+ sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+ /* Make the next call work :-) */
+ if (s->session != NULL) {
+ ssl_clear_bad_session(s);
+ SSL_SESSION_free(s->session);
+ }
+
+ ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
+
+ if (s->cert != NULL)
+ ssl_cert_free(s->cert);
+ /* Free up if allocated */
+
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_hostname)
+ OPENSSL_free(s->tlsext_hostname);
+ if (s->initial_ctx)
+ SSL_CTX_free(s->initial_ctx);
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist)
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ if (s->tlsext_ellipticcurvelist)
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
+# endif /* OPENSSL_NO_EC */
+ if (s->tlsext_opaque_prf_input)
+ OPENSSL_free(s->tlsext_opaque_prf_input);
+ if (s->tlsext_ocsp_exts)
+ sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
+ if (s->tlsext_ocsp_ids)
+ sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
+ if (s->tlsext_ocsp_resp)
+ OPENSSL_free(s->tlsext_ocsp_resp);
+#endif
+
+ if (s->client_CA != NULL)
+ sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
+
+ if (s->method != NULL)
+ s->method->ssl_free(s);
+
+ if (s->ctx)
+ SSL_CTX_free(s->ctx);
+
+#ifndef OPENSSL_NO_KRB5
+ if (s->kssl_ctx != NULL)
+ kssl_ctx_free(s->kssl_ctx);
+#endif /* OPENSSL_NO_KRB5 */
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (s->next_proto_negotiated)
+ OPENSSL_free(s->next_proto_negotiated);
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+ if (s->srtp_profiles)
+ sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+#endif
+
+ OPENSSL_free(s);
+}
+
+void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
+{
+ /*
+ * If the output buffering BIO is still in place, remove it
+ */
+ if (s->bbio != NULL) {
+ if (s->wbio == s->bbio) {
+ s->wbio = s->wbio->next_bio;
+ s->bbio->next_bio = NULL;
+ }
+ }
+ if ((s->rbio != NULL) && (s->rbio != rbio))
+ BIO_free_all(s->rbio);
+ if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
+ BIO_free_all(s->wbio);
+ s->rbio = rbio;
+ s->wbio = wbio;
+}
+
+BIO *SSL_get_rbio(const SSL *s)
+{
+ return (s->rbio);
+}
+
+BIO *SSL_get_wbio(const SSL *s)
+{
+ return (s->wbio);
+}
+
+int SSL_get_fd(const SSL *s)
+{
+ return (SSL_get_rfd(s));
+}
+
+int SSL_get_rfd(const SSL *s)
+{
+ int ret = -1;
+ BIO *b, *r;
+
+ b = SSL_get_rbio(s);
+ r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
+ if (r != NULL)
+ BIO_get_fd(r, &ret);
+ return (ret);
+}
+
+int SSL_get_wfd(const SSL *s)
+{
+ int ret = -1;
+ BIO *b, *r;
+
+ b = SSL_get_wbio(s);
+ r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
+ if (r != NULL)
+ BIO_get_fd(r, &ret);
+ return (ret);
+}
+
+#ifndef OPENSSL_NO_SOCK
+int SSL_set_fd(SSL *s, int fd)
+{
+ int ret = 0;
+ BIO *bio = NULL;
+
+ bio = BIO_new(BIO_s_socket());
+
+ if (bio == NULL) {
+ SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
+ SSL_set_bio(s, bio, bio);
+ ret = 1;
+ err:
+ return (ret);
+}
+
+int SSL_set_wfd(SSL *s, int fd)
+{
+ int ret = 0;
+ BIO *bio = NULL;
+
+ if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
+ || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
+ bio = BIO_new(BIO_s_socket());
+
+ if (bio == NULL) {
+ SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
+ SSL_set_bio(s, SSL_get_rbio(s), bio);
+ } else
+ SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
+ ret = 1;
+ err:
+ return (ret);
+}
+
+int SSL_set_rfd(SSL *s, int fd)
+{
+ int ret = 0;
+ BIO *bio = NULL;
+
+ if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
+ || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
+ bio = BIO_new(BIO_s_socket());
+
+ if (bio == NULL) {
+ SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
+ SSL_set_bio(s, bio, SSL_get_wbio(s));
+ } else
+ SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
+ ret = 1;
+ err:
+ return (ret);
+}
+#endif
+
+/* return length of latest Finished message we sent, copy to 'buf' */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
+{
+ size_t ret = 0;
+
+ if (s->s3 != NULL) {
+ ret = s->s3->tmp.finish_md_len;
+ if (count > ret)
+ count = ret;
+ memcpy(buf, s->s3->tmp.finish_md, count);
+ }
+ return ret;
+}
+
+/* return length of latest Finished message we expected, copy to 'buf' */
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
+{
+ size_t ret = 0;
+
+ if (s->s3 != NULL) {
+ ret = s->s3->tmp.peer_finish_md_len;
+ if (count > ret)
+ count = ret;
+ memcpy(buf, s->s3->tmp.peer_finish_md, count);
+ }
+ return ret;
+}
+
+int SSL_get_verify_mode(const SSL *s)
+{
+ return (s->verify_mode);
+}
+
+int SSL_get_verify_depth(const SSL *s)
+{
+ return X509_VERIFY_PARAM_get_depth(s->param);
+}
+
+int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
+ return (s->verify_callback);
+}
+
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
+{
+ return (ctx->verify_mode);
+}
+
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
+{
+ return X509_VERIFY_PARAM_get_depth(ctx->param);
+}
+
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
+ return (ctx->default_verify_callback);
+}
+
+void SSL_set_verify(SSL *s, int mode,
+ int (*callback) (int ok, X509_STORE_CTX *ctx))
+{
+ s->verify_mode = mode;
+ if (callback != NULL)
+ s->verify_callback = callback;
+}
+
+void SSL_set_verify_depth(SSL *s, int depth)
+{
+ X509_VERIFY_PARAM_set_depth(s->param, depth);
+}
+
+void SSL_set_read_ahead(SSL *s, int yes)
+{
+ s->read_ahead = yes;
+}
+
+int SSL_get_read_ahead(const SSL *s)
+{
+ return (s->read_ahead);
+}
+
+int SSL_pending(const SSL *s)
+{
+ /*
+ * SSL_pending cannot work properly if read-ahead is enabled
+ * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
+ * impossible to fix since SSL_pending cannot report errors that may be
+ * observed while scanning the new data. (Note that SSL_pending() is
+ * often used as a boolean value, so we'd better not return -1.)
+ */
+ return (s->method->ssl_pending(s));
+}
+
+X509 *SSL_get_peer_certificate(const SSL *s)
+{
+ X509 *r;
+
+ if ((s == NULL) || (s->session == NULL))
+ r = NULL;
+ else
+ r = s->session->peer;
+
+ if (r == NULL)
+ return (r);
+
+ CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
+
+ return (r);
+}
+
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
+{
+ STACK_OF(X509) *r;
+
+ if ((s == NULL) || (s->session == NULL)
+ || (s->session->sess_cert == NULL))
+ r = NULL;
+ else
+ r = s->session->sess_cert->cert_chain;
+
+ /*
+ * If we are a client, cert_chain includes the peer's own certificate; if
+ * we are a server, it does not.
+ */
+
+ return (r);
+}
+
+/*
+ * Now in theory, since the calling process own 't' it should be safe to
+ * modify. We need to be able to read f without being hassled
+ */
+void SSL_copy_session_id(SSL *t, const SSL *f)
+{
+ CERT *tmp;
+
+ /* Do we need to to SSL locking? */
+ SSL_set_session(t, SSL_get_session(f));
+
+ /*
+ * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
+ */
+ if (t->method != f->method) {
+ t->method->ssl_free(t); /* cleanup current */
+ t->method = f->method; /* change method */
+ t->method->ssl_new(t); /* setup new */
+ }
+
+ tmp = t->cert;
+ if (f->cert != NULL) {
+ CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
+ t->cert = f->cert;
+ } else
+ t->cert = NULL;
+ if (tmp != NULL)
+ ssl_cert_free(tmp);
+ SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
+}
+
+/* Fix this so it checks all the valid key/cert options */
+int SSL_CTX_check_private_key(const SSL_CTX *ctx)
+{
+ if ((ctx == NULL) ||
+ (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+ SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return (0);
+ }
+ if (ctx->cert->key->privatekey == NULL) {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+ SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ return (0);
+ }
+ return (X509_check_private_key
+ (ctx->cert->key->x509, ctx->cert->key->privatekey));
+}
+
+/* Fix this function so that it takes an optional type parameter */
+int SSL_check_private_key(const SSL *ssl)
+{
+ if (ssl == NULL) {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (ssl->cert == NULL) {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return 0;
+ }
+ if (ssl->cert->key->x509 == NULL) {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return (0);
+ }
+ if (ssl->cert->key->privatekey == NULL) {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ return (0);
+ }
+ return (X509_check_private_key(ssl->cert->key->x509,
+ ssl->cert->key->privatekey));
+}
+
+int SSL_accept(SSL *s)
+{
+ if (s->handshake_func == 0)
+ /* Not properly initialized yet */
+ SSL_set_accept_state(s);
+
+ return (s->method->ssl_accept(s));
+}
+
+int SSL_connect(SSL *s)
+{
+ if (s->handshake_func == 0)
+ /* Not properly initialized yet */
+ SSL_set_connect_state(s);
+
+ return (s->method->ssl_connect(s));
+}
+
+long SSL_get_default_timeout(const SSL *s)
+{
+ return (s->method->get_timeout());
+}
+
+int SSL_read(SSL *s, void *buf, int num)
+{
+ if (s->handshake_func == 0) {
+ SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+ return -1;
+ }
+
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+ s->rwstate = SSL_NOTHING;
+ return (0);
+ }
+ return (s->method->ssl_read(s, buf, num));
+}
+
+int SSL_peek(SSL *s, void *buf, int num)
+{
+ if (s->handshake_func == 0) {
+ SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
+ return -1;
+ }
+
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+ return (0);
+ }
+ return (s->method->ssl_peek(s, buf, num));
+}
+
+int SSL_write(SSL *s, const void *buf, int num)
+{
+ if (s->handshake_func == 0) {
+ SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
+ return -1;
+ }
+
+ if (s->shutdown & SSL_SENT_SHUTDOWN) {
+ s->rwstate = SSL_NOTHING;
+ SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
+ return (-1);
+ }
+ return (s->method->ssl_write(s, buf, num));
+}
+
+int SSL_shutdown(SSL *s)
+{
+ /*
+ * Note that this function behaves differently from what one might
+ * expect. Return values are 0 for no success (yet), 1 for success; but
+ * calling it once is usually not enough, even if blocking I/O is used
+ * (see ssl3_shutdown).
+ */
+
+ if (s->handshake_func == 0) {
+ SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
+ return -1;
+ }
+
+ if ((s != NULL) && !SSL_in_init(s))
+ return (s->method->ssl_shutdown(s));
+ else
+ return (1);
+}
+
+int SSL_renegotiate(SSL *s)
+{
+ if (s->renegotiate == 0)
+ s->renegotiate = 1;
+
+ s->new_session = 1;
+
+ return (s->method->ssl_renegotiate(s));
+}
+
+int SSL_renegotiate_abbreviated(SSL *s)
+{
+ if (s->renegotiate == 0)
+ s->renegotiate = 1;
+
+ s->new_session = 0;
+
+ return (s->method->ssl_renegotiate(s));
+}
+
+int SSL_renegotiate_pending(SSL *s)
+{
+ /*
+ * becomes true when negotiation is requested; false again once a
+ * handshake has finished
+ */
+ return (s->renegotiate != 0);
+}
+
+long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+ long l;
+
+ switch (cmd) {
+ case SSL_CTRL_GET_READ_AHEAD:
+ return (s->read_ahead);
+ case SSL_CTRL_SET_READ_AHEAD:
+ l = s->read_ahead;
+ s->read_ahead = larg;
+ return (l);
+
+ case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+ s->msg_callback_arg = parg;
+ return 1;
+
+ case SSL_CTRL_OPTIONS:
+ return (s->options |= larg);
+ case SSL_CTRL_CLEAR_OPTIONS:
+ return (s->options &= ~larg);
+ case SSL_CTRL_MODE:
+ return (s->mode |= larg);
+ case SSL_CTRL_CLEAR_MODE:
+ return (s->mode &= ~larg);
+ case SSL_CTRL_GET_MAX_CERT_LIST:
+ return (s->max_cert_list);
+ case SSL_CTRL_SET_MAX_CERT_LIST:
+ l = s->max_cert_list;
+ s->max_cert_list = larg;
+ return (l);
+ case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+ if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0;
+ s->max_send_fragment = larg;
+ return 1;
+ case SSL_CTRL_GET_RI_SUPPORT:
+ if (s->s3)
+ return s->s3->send_connection_binding;
+ else
+ return 0;
+ default:
+ return (s->method->ssl_ctrl(s, cmd, larg, parg));
+ }
+}
+
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+{
+ switch (cmd) {
+ case SSL_CTRL_SET_MSG_CALLBACK:
+ s->msg_callback = (void (*)
+ (int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl,
+ void *arg))(fp);
+ return 1;
+
+ default:
+ return (s->method->ssl_callback_ctrl(s, cmd, fp));
+ }
+}
+
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
+{
+ return ctx->sessions;
+}
+
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
+ long l;
+
+ switch (cmd) {
+ case SSL_CTRL_GET_READ_AHEAD:
+ return (ctx->read_ahead);
+ case SSL_CTRL_SET_READ_AHEAD:
+ l = ctx->read_ahead;
+ ctx->read_ahead = larg;
+ return (l);
+
+ case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+ ctx->msg_callback_arg = parg;
+ return 1;
+
+ case SSL_CTRL_GET_MAX_CERT_LIST:
+ return (ctx->max_cert_list);
+ case SSL_CTRL_SET_MAX_CERT_LIST:
+ l = ctx->max_cert_list;
+ ctx->max_cert_list = larg;
+ return (l);
+
+ case SSL_CTRL_SET_SESS_CACHE_SIZE:
+ l = ctx->session_cache_size;
+ ctx->session_cache_size = larg;
+ return (l);
+ case SSL_CTRL_GET_SESS_CACHE_SIZE:
+ return (ctx->session_cache_size);
+ case SSL_CTRL_SET_SESS_CACHE_MODE:
+ l = ctx->session_cache_mode;
+ ctx->session_cache_mode = larg;
+ return (l);
+ case SSL_CTRL_GET_SESS_CACHE_MODE:
+ return (ctx->session_cache_mode);
+
+ case SSL_CTRL_SESS_NUMBER:
+ return (lh_SSL_SESSION_num_items(ctx->sessions));
+ case SSL_CTRL_SESS_CONNECT:
+ return (ctx->stats.sess_connect);
+ case SSL_CTRL_SESS_CONNECT_GOOD:
+ return (ctx->stats.sess_connect_good);
+ case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
+ return (ctx->stats.sess_connect_renegotiate);
+ case SSL_CTRL_SESS_ACCEPT:
+ return (ctx->stats.sess_accept);
+ case SSL_CTRL_SESS_ACCEPT_GOOD:
+ return (ctx->stats.sess_accept_good);
+ case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
+ return (ctx->stats.sess_accept_renegotiate);
+ case SSL_CTRL_SESS_HIT:
+ return (ctx->stats.sess_hit);
+ case SSL_CTRL_SESS_CB_HIT:
+ return (ctx->stats.sess_cb_hit);
+ case SSL_CTRL_SESS_MISSES:
+ return (ctx->stats.sess_miss);
+ case SSL_CTRL_SESS_TIMEOUTS:
+ return (ctx->stats.sess_timeout);
+ case SSL_CTRL_SESS_CACHE_FULL:
+ return (ctx->stats.sess_cache_full);
+ case SSL_CTRL_OPTIONS:
+ return (ctx->options |= larg);
+ case SSL_CTRL_CLEAR_OPTIONS:
+ return (ctx->options &= ~larg);
+ case SSL_CTRL_MODE:
+ return (ctx->mode |= larg);
+ case SSL_CTRL_CLEAR_MODE:
+ return (ctx->mode &= ~larg);
+ case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+ if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0;
+ ctx->max_send_fragment = larg;
+ return 1;
+ default:
+ return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
+ }
+}
+
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+{
+ switch (cmd) {
+ case SSL_CTRL_SET_MSG_CALLBACK:
+ ctx->msg_callback = (void (*)
+ (int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl,
+ void *arg))(fp);
+ return 1;
+
+ default:
+ return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
+ }
+}
+
+int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
+{
+ long l;
+
+ l = a->id - b->id;
+ if (l == 0L)
+ return (0);
+ else
+ return ((l > 0) ? 1 : -1);
+}
+
+int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
+ const SSL_CIPHER *const *bp)
+{
+ long l;
+
+ l = (*ap)->id - (*bp)->id;
+ if (l == 0L)
+ return (0);
+ else
+ return ((l > 0) ? 1 : -1);
+}
+
+/** return a STACK of the ciphers available for the SSL and in order of
+ * preference */
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
+{
+ if (s != NULL) {
+ if (s->cipher_list != NULL) {
+ return (s->cipher_list);
+ } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
+ return (s->ctx->cipher_list);
+ }
+ }
+ return (NULL);
+}
+
+/** return a STACK of the ciphers available for the SSL and in order of
+ * algorithm id */
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
+{
+ if (s != NULL) {
+ if (s->cipher_list_by_id != NULL) {
+ return (s->cipher_list_by_id);
+ } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
+ return (s->ctx->cipher_list_by_id);
+ }
+ }
+ return (NULL);
+}
+
+/** The old interface to get the same thing as SSL_get_ciphers() */
+const char *SSL_get_cipher_list(const SSL *s, int n)
+{
+ SSL_CIPHER *c;
+ STACK_OF(SSL_CIPHER) *sk;
+
+ if (s == NULL)
+ return (NULL);
+ sk = SSL_get_ciphers(s);
+ if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
+ return (NULL);
+ c = sk_SSL_CIPHER_value(sk, n);
+ if (c == NULL)
+ return (NULL);
+ return (c->name);
+}
+
+/** specify the ciphers to be used by default by the SSL_CTX */
+int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
+{
+ STACK_OF(SSL_CIPHER) *sk;
+
+ sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
+ &ctx->cipher_list_by_id, str);
+ /*
+ * ssl_create_cipher_list may return an empty stack if it was unable to
+ * find a cipher matching the given rule string (for example if the rule
+ * string specifies a cipher which has been disabled). This is not an
+ * error as far as ssl_create_cipher_list is concerned, and hence
+ * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
+ */
+ if (sk == NULL)
+ return 0;
+ else if (sk_SSL_CIPHER_num(sk) == 0) {
+ SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ return 0;
+ }
+ return 1;
+}
+
+/** specify the ciphers to be used by the SSL */
+int SSL_set_cipher_list(SSL *s, const char *str)
+{
+ STACK_OF(SSL_CIPHER) *sk;
+
+ sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
+ &s->cipher_list_by_id, str);
+ /* see comment in SSL_CTX_set_cipher_list */
+ if (sk == NULL)
+ return 0;
+ else if (sk_SSL_CIPHER_num(sk) == 0) {
+ SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ return 0;
+ }
+ return 1;
+}
+
+/* works well for SSLv2, not so good for SSLv3 */
+char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
+{
+ char *p;
+ STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *c;
+ int i;
+
+ if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
+ return (NULL);
+
+ p = buf;
+ sk = s->session->ciphers;
+
+ if (sk_SSL_CIPHER_num(sk) == 0)
+ return NULL;
+
+ for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+ int n;
+
+ c = sk_SSL_CIPHER_value(sk, i);
+ n = strlen(c->name);
+ if (n + 1 > len) {
+ if (p != buf)
+ --p;
+ *p = '\0';
+ return buf;
+ }
+ strcpy(p, c->name);
+ p += n;
+ *(p++) = ':';
+ len -= n + 1;
+ }
+ p[-1] = '\0';
+ return (buf);
+}
+
+int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
+ unsigned char *p,
+ int (*put_cb) (const SSL_CIPHER *,
+ unsigned char *))
+{
+ int i, j = 0;
+ SSL_CIPHER *c;
+ unsigned char *q;
+#ifndef OPENSSL_NO_KRB5
+ int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
+#endif /* OPENSSL_NO_KRB5 */
+
+ if (sk == NULL)
+ return (0);
+ q = p;
+ if (put_cb == NULL)
+ put_cb = s->method->put_cipher_by_char;
+
+ for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+ c = sk_SSL_CIPHER_value(sk, i);
+ /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_client_version(s) < TLS1_2_VERSION))
+ continue;
+#ifndef OPENSSL_NO_KRB5
+ if (((c->algorithm_mkey & SSL_kKRB5)
+ || (c->algorithm_auth & SSL_aKRB5)) && nokrb5)
+ continue;
+#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+ /* with PSK there must be client callback set */
+ if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK))
+ && s->psk_client_callback == NULL)
+ continue;
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP))
+ && !(s->srp_ctx.srp_Mask & SSL_kSRP))
+ continue;
+#endif /* OPENSSL_NO_SRP */
+ j = put_cb(c, p);
+ p += j;
+ }
+ /*
+ * If p == q, no ciphers; caller indicates an error. Otherwise, add
+ * applicable SCSVs.
+ */
+ if (p != q) {
+ if (!s->renegotiate) {
+ static SSL_CIPHER scsv = {
+ 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ };
+ j = put_cb(&scsv, p);
+ p += j;
+#ifdef OPENSSL_RI_DEBUG
+ fprintf(stderr,
+ "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
+#endif
+ }
+
+ if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
+ static SSL_CIPHER scsv = {
+ 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ };
+ j = put_cb(&scsv, p);
+ p += j;
+ }
+ }
+
+ return (p - q);
+}
+
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
+ int num,
+ STACK_OF(SSL_CIPHER) **skp)
+{
+ const SSL_CIPHER *c;
+ STACK_OF(SSL_CIPHER) *sk;
+ int i, n;
+
+ if (s->s3)
+ s->s3->send_connection_binding = 0;
+
+ n = ssl_put_cipher_by_char(s, NULL, NULL);
+ if (n == 0 || (num % n) != 0) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+ SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+ return (NULL);
+ }
+ if ((skp == NULL) || (*skp == NULL)) {
+ sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
+ if(sk == NULL) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ } else {
+ sk = *skp;
+ sk_SSL_CIPHER_zero(sk);
+ }
+
+ for (i = 0; i < num; i += n) {
+ /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
+ if (s->s3 && (n != 3 || !p[0]) &&
+ (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
+ (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
+ /* SCSV fatal if renegotiating */
+ if (s->renegotiate) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+ SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ goto err;
+ }
+ s->s3->send_connection_binding = 1;
+ p += n;
+#ifdef OPENSSL_RI_DEBUG
+ fprintf(stderr, "SCSV received by server\n");
+#endif
+ continue;
+ }
+
+ /* Check for TLS_FALLBACK_SCSV */
+ if ((n != 3 || !p[0]) &&
+ (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
+ (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
+ /*
+ * The SCSV indicates that the client previously tried a higher
+ * version. Fail if the current version is an unexpected
+ * downgrade.
+ */
+ if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+ SSL_R_INAPPROPRIATE_FALLBACK);
+ if (s->s3)
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_INAPPROPRIATE_FALLBACK);
+ goto err;
+ }
+ p += n;
+ continue;
+ }
+
+ c = ssl_get_cipher_by_char(s, p);
+ p += n;
+ if (c != NULL) {
+ if (!sk_SSL_CIPHER_push(sk, c)) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ }
+
+ if (skp != NULL)
+ *skp = sk;
+ return (sk);
+ err:
+ if ((skp == NULL) || (*skp == NULL))
+ sk_SSL_CIPHER_free(sk);
+ return (NULL);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+/** return a servername extension value if provided in Client Hello, or NULL.
+ * So far, only host_name types are defined (RFC 3546).
+ */
+
+const char *SSL_get_servername(const SSL *s, const int type)
+{
+ if (type != TLSEXT_NAMETYPE_host_name)
+ return NULL;
+
+ return s->session && !s->tlsext_hostname ?
+ s->session->tlsext_hostname : s->tlsext_hostname;
+}
+
+int SSL_get_servername_type(const SSL *s)
+{
+ if (s->session
+ && (!s->tlsext_hostname ? s->session->
+ tlsext_hostname : s->tlsext_hostname))
+ return TLSEXT_NAMETYPE_host_name;
+ return -1;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * SSL_select_next_proto implements the standard protocol selection. It is
+ * expected that this function is called from the callback set by
+ * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
+ * vector of 8-bit, length prefixed byte strings. The length byte itself is
+ * not included in the length. A byte string of length 0 is invalid. No byte
+ * string may be truncated. The current, but experimental algorithm for
+ * selecting the protocol is: 1) If the server doesn't support NPN then this
+ * is indicated to the callback. In this case, the client application has to
+ * abort the connection or have a default application level protocol. 2) If
+ * the server supports NPN, but advertises an empty list then the client
+ * selects the first protcol in its list, but indicates via the API that this
+ * fallback case was enacted. 3) Otherwise, the client finds the first
+ * protocol in the server's list that it supports and selects this protocol.
+ * This is because it's assumed that the server has better information about
+ * which protocol a client should use. 4) If the client doesn't support any
+ * of the server's advertised protocols, then this is treated the same as
+ * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
+ * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
+ */
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *server,
+ unsigned int server_len,
+ const unsigned char *client,
+ unsigned int client_len)
+{
+ unsigned int i, j;
+ const unsigned char *result;
+ int status = OPENSSL_NPN_UNSUPPORTED;
+
+ /*
+ * For each protocol in server preference order, see if we support it.
+ */
+ for (i = 0; i < server_len;) {
+ for (j = 0; j < client_len;) {
+ if (server[i] == client[j] &&
+ memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+ /* We found a match */
+ result = &server[i];
+ status = OPENSSL_NPN_NEGOTIATED;
+ goto found;
+ }
+ j += client[j];
+ j++;
+ }
+ i += server[i];
+ i++;
+ }
+
+ /* There's no overlap between our protocols and the server's list. */
+ result = client;
+ status = OPENSSL_NPN_NO_OVERLAP;
+
+ found:
+ *out = (unsigned char *)result + 1;
+ *outlen = result[0];
+ return status;
+}
+
+/*
+ * SSL_get0_next_proto_negotiated sets *data and *len to point to the
+ * client's requested protocol for this connection and returns 0. If the
+ * client didn't request any protocol, then *data is set to NULL. Note that
+ * the client can request any protocol it chooses. The value returned from
+ * this function need not be a member of the list of supported protocols
+ * provided by the callback.
+ */
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len)
+{
+ *data = s->next_proto_negotiated;
+ if (!*data) {
+ *len = 0;
+ } else {
+ *len = s->next_proto_negotiated_len;
+ }
+}
+
+/*
+ * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
+ * a TLS server needs a list of supported protocols for Next Protocol
+ * Negotiation. The returned list must be in wire format. The list is
+ * returned by setting |out| to point to it and |outlen| to its length. This
+ * memory will not be modified, but one should assume that the SSL* keeps a
+ * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
+ * wishes to advertise. Otherwise, no such extension will be included in the
+ * ServerHello.
+ */
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl,
+ const unsigned char
+ **out,
+ unsigned int *outlen,
+ void *arg), void *arg)
+{
+ ctx->next_protos_advertised_cb = cb;
+ ctx->next_protos_advertised_cb_arg = arg;
+}
+
+/*
+ * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
+ * client needs to select a protocol from the server's provided list. |out|
+ * must be set to point to the selected protocol (which may be within |in|).
+ * The length of the protocol name must be written into |outlen|. The
+ * server's advertised protocols are provided in |in| and |inlen|. The
+ * callback can assume that |in| is syntactically valid. The client must
+ * select a protocol. It is fatal to the connection if this callback returns
+ * a value other than SSL_TLSEXT_ERR_OK.
+ */
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *s, unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg)
+{
+ ctx->next_proto_select_cb = cb;
+ ctx->next_proto_select_cb_arg = arg;
+}
+# endif
+#endif
+
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen,
+ int use_context)
+{
+ if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
+ return -1;
+
+ return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
+ llen, p, plen,
+ use_context);
+}
+
+static unsigned long ssl_session_hash(const SSL_SESSION *a)
+{
+ unsigned long l;
+
+ l = (unsigned long)
+ ((unsigned int)a->session_id[0]) |
+ ((unsigned int)a->session_id[1] << 8L) |
+ ((unsigned long)a->session_id[2] << 16L) |
+ ((unsigned long)a->session_id[3] << 24L);
+ return (l);
+}
+
+/*
+ * NB: If this function (or indeed the hash function which uses a sort of
+ * coarser function than this one) is changed, ensure
+ * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
+ * being able to construct an SSL_SESSION that will collide with any existing
+ * session with a matching session ID.
+ */
+static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
+{
+ if (a->ssl_version != b->ssl_version)
+ return (1);
+ if (a->session_id_length != b->session_id_length)
+ return (1);
+ return (memcmp(a->session_id, b->session_id, a->session_id_length));
+}
+
+/*
+ * These wrapper functions should remain rather than redeclaring
+ * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
+ * variable. The reason is that the functions aren't static, they're exposed
+ * via ssl.h.
+ */
+static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
+static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
+
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
+{
+ SSL_CTX *ret = NULL;
+
+ if (meth == NULL) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
+ return (NULL);
+ }
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ return NULL;
+ }
+#endif
+
+ if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
+ goto err;
+ }
+ ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
+ if (ret == NULL)
+ goto err;
+
+ memset(ret, 0, sizeof(SSL_CTX));
+
+ ret->method = meth;
+
+ ret->cert_store = NULL;
+ ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
+ ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
+ ret->session_cache_head = NULL;
+ ret->session_cache_tail = NULL;
+
+ /* We take the system default */
+ ret->session_timeout = meth->get_timeout();
+
+ ret->new_session_cb = 0;
+ ret->remove_session_cb = 0;
+ ret->get_session_cb = 0;
+ ret->generate_session_id = 0;
+
+ memset((char *)&ret->stats, 0, sizeof(ret->stats));
+
+ ret->references = 1;
+ ret->quiet_shutdown = 0;
+
+/* ret->cipher=NULL;*/
+/*-
+ ret->s2->challenge=NULL;
+ ret->master_key=NULL;
+ ret->key_arg=NULL;
+ ret->s2->conn_id=NULL; */
+
+ ret->info_callback = NULL;
+
+ ret->app_verify_callback = 0;
+ ret->app_verify_arg = NULL;
+
+ ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
+ ret->read_ahead = 0;
+ ret->msg_callback = 0;
+ ret->msg_callback_arg = NULL;
+ ret->verify_mode = SSL_VERIFY_NONE;
+#if 0
+ ret->verify_depth = -1; /* Don't impose a limit (but x509_lu.c does) */
+#endif
+ ret->sid_ctx_length = 0;
+ ret->default_verify_callback = NULL;
+ if ((ret->cert = ssl_cert_new()) == NULL)
+ goto err;
+
+ ret->default_passwd_callback = 0;
+ ret->default_passwd_callback_userdata = NULL;
+ ret->client_cert_cb = 0;
+ ret->app_gen_cookie_cb = 0;
+ ret->app_verify_cookie_cb = 0;
+
+ ret->sessions = lh_SSL_SESSION_new();
+ if (ret->sessions == NULL)
+ goto err;
+ ret->cert_store = X509_STORE_new();
+ if (ret->cert_store == NULL)
+ goto err;
+
+ ssl_create_cipher_list(ret->method,
+ &ret->cipher_list, &ret->cipher_list_by_id,
+ meth->version ==
+ SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
+ if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
+ goto err2;
+ }
+
+ ret->param = X509_VERIFY_PARAM_new();
+ if (!ret->param)
+ goto err;
+
+ if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
+ goto err2;
+ }
+ if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+ goto err2;
+ }
+ if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+ goto err2;
+ }
+
+ if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
+ goto err;
+
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
+
+ ret->extra_certs = NULL;
+ /* No compression for DTLS */
+ if (meth->version != DTLS1_VERSION)
+ ret->comp_methods = SSL_COMP_get_compression_methods();
+
+ ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
+
+#ifndef OPENSSL_NO_TLSEXT
+ ret->tlsext_servername_callback = 0;
+ ret->tlsext_servername_arg = NULL;
+ /* Setup RFC4507 ticket keys */
+ if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
+ || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
+ || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
+ ret->options |= SSL_OP_NO_TICKET;
+
+ ret->tlsext_status_cb = 0;
+ ret->tlsext_status_arg = NULL;
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ ret->next_protos_advertised_cb = 0;
+ ret->next_proto_select_cb = 0;
+# endif
+#endif
+#ifndef OPENSSL_NO_PSK
+ ret->psk_identity_hint = NULL;
+ ret->psk_client_callback = NULL;
+ ret->psk_server_callback = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_init(ret);
+#endif
+#ifndef OPENSSL_NO_BUF_FREELISTS
+ ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
+ ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+ if (!ret->rbuf_freelist)
+ goto err;
+ ret->rbuf_freelist->chunklen = 0;
+ ret->rbuf_freelist->len = 0;
+ ret->rbuf_freelist->head = NULL;
+ ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+ if (!ret->wbuf_freelist) {
+ OPENSSL_free(ret->rbuf_freelist);
+ goto err;
+ }
+ ret->wbuf_freelist->chunklen = 0;
+ ret->wbuf_freelist->len = 0;
+ ret->wbuf_freelist->head = NULL;
+#endif
+#ifndef OPENSSL_NO_ENGINE
+ ret->client_cert_engine = NULL;
+# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
+# define eng_strx(x) #x
+# define eng_str(x) eng_strx(x)
+ /* Use specific client engine automatically... ignore errors */
+ {
+ ENGINE *eng;
+ eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+ if (!eng) {
+ ERR_clear_error();
+ ENGINE_load_builtin_engines();
+ eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+ }
+ if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
+ ERR_clear_error();
+ }
+# endif
+#endif
+ /*
+ * Default is to connect to non-RI servers. When RI is more widely
+ * deployed might change this.
+ */
+ ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
+
+ /*
+ * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
+ * explicitly clear this option via either of SSL_CTX_clear_options() or
+ * SSL_clear_options().
+ */
+ ret->options |= SSL_OP_NO_SSLv2;
+
+ return (ret);
+ err:
+ SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ err2:
+ if (ret != NULL)
+ SSL_CTX_free(ret);
+ return (NULL);
+}
+
+#if 0
+static void SSL_COMP_free(SSL_COMP *comp)
+{
+ OPENSSL_free(comp);
+}
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
+{
+ SSL3_BUF_FREELIST_ENTRY *ent, *next;
+ for (ent = list->head; ent; ent = next) {
+ next = ent->next;
+ OPENSSL_free(ent);
+ }
+ OPENSSL_free(list);
+}
+#endif
+
+void SSL_CTX_free(SSL_CTX *a)
+{
+ int i;
+
+ if (a == NULL)
+ return;
+
+ i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
+#ifdef REF_PRINT
+ REF_PRINT("SSL_CTX", a);
+#endif
+ if (i > 0)
+ return;
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "SSL_CTX_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ if (a->param)
+ X509_VERIFY_PARAM_free(a->param);
+
+ /*
+ * Free internal session cache. However: the remove_cb() may reference
+ * the ex_data of SSL_CTX, thus the ex_data store can only be removed
+ * after the sessions were flushed.
+ * As the ex_data handling routines might also touch the session cache,
+ * the most secure solution seems to be: empty (flush) the cache, then
+ * free ex_data, then finally free the cache.
+ * (See ticket [openssl.org #212].)
+ */
+ if (a->sessions != NULL)
+ SSL_CTX_flush_sessions(a, 0);
+
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
+
+ if (a->sessions != NULL)
+ lh_SSL_SESSION_free(a->sessions);
+
+ if (a->cert_store != NULL)
+ X509_STORE_free(a->cert_store);
+ if (a->cipher_list != NULL)
+ sk_SSL_CIPHER_free(a->cipher_list);
+ if (a->cipher_list_by_id != NULL)
+ sk_SSL_CIPHER_free(a->cipher_list_by_id);
+ if (a->cert != NULL)
+ ssl_cert_free(a->cert);
+ if (a->client_CA != NULL)
+ sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
+ if (a->extra_certs != NULL)
+ sk_X509_pop_free(a->extra_certs, X509_free);
+#if 0 /* This should never be done, since it
+ * removes a global database */
+ if (a->comp_methods != NULL)
+ sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
+#else
+ a->comp_methods = NULL;
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+ if (a->srtp_profiles)
+ sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ if (a->psk_identity_hint)
+ OPENSSL_free(a->psk_identity_hint);
+#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_free(a);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+ if (a->client_cert_engine)
+ ENGINE_finish(a->client_cert_engine);
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+ if (a->wbuf_freelist)
+ ssl_buf_freelist_free(a->wbuf_freelist);
+ if (a->rbuf_freelist)
+ ssl_buf_freelist_free(a->rbuf_freelist);
+#endif
+
+ OPENSSL_free(a);
+}
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
+{
+ ctx->default_passwd_callback = cb;
+}
+
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
+{
+ ctx->default_passwd_callback_userdata = u;
+}
+
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+ int (*cb) (X509_STORE_CTX *, void *),
+ void *arg)
+{
+ ctx->app_verify_callback = cb;
+ ctx->app_verify_arg = arg;
+}
+
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
+ int (*cb) (int, X509_STORE_CTX *))
+{
+ ctx->verify_mode = mode;
+ ctx->default_verify_callback = cb;
+}
+
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
+{
+ X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+}
+
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
+{
+ CERT_PKEY *cpk;
+ int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
+ int rsa_enc_export, dh_rsa_export, dh_dsa_export;
+ int rsa_tmp_export, dh_tmp_export, kl;
+ unsigned long mask_k, mask_a, emask_k, emask_a;
+#ifndef OPENSSL_NO_ECDSA
+ int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ int have_ecdh_tmp, ecdh_ok;
+#endif
+#ifndef OPENSSL_NO_EC
+ X509 *x = NULL;
+ EVP_PKEY *ecc_pkey = NULL;
+ int signature_nid = 0, pk_nid = 0, md_nid = 0;
+#endif
+ if (c == NULL)
+ return;
+
+ kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
+
+#ifndef OPENSSL_NO_RSA
+ rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
+ rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
+ (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
+#else
+ rsa_tmp = rsa_tmp_export = 0;
+#endif
+#ifndef OPENSSL_NO_DH
+ dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
+ dh_tmp_export = (c->dh_tmp_cb != NULL ||
+ (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
+#else
+ dh_tmp = dh_tmp_export = 0;
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
+#endif
+ cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
+ rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
+ rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
+ cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
+ rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
+ cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
+ dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
+ cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
+ dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
+ dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
+ cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
+/* FIX THIS EAY EAY EAY */
+ dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
+ dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
+ cpk = &(c->pkeys[SSL_PKEY_ECC]);
+#ifndef OPENSSL_NO_EC
+ have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
+#endif
+ mask_k = 0;
+ mask_a = 0;
+ emask_k = 0;
+ emask_a = 0;
+
+#ifdef CIPHER_DEBUG
+ fprintf(stderr,
+ "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+ rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
+ rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
+#endif
+
+ cpk = &(c->pkeys[SSL_PKEY_GOST01]);
+ if (cpk->x509 != NULL && cpk->privatekey != NULL) {
+ mask_k |= SSL_kGOST;
+ mask_a |= SSL_aGOST01;
+ }
+ cpk = &(c->pkeys[SSL_PKEY_GOST94]);
+ if (cpk->x509 != NULL && cpk->privatekey != NULL) {
+ mask_k |= SSL_kGOST;
+ mask_a |= SSL_aGOST94;
+ }
+
+ if (rsa_enc || (rsa_tmp && rsa_sign))
+ mask_k |= SSL_kRSA;
+ if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
+ emask_k |= SSL_kRSA;
+
+#if 0
+ /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+ if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
+ mask_k |= SSL_kEDH;
+ if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
+ (rsa_enc || rsa_sign || dsa_sign))
+ emask_k |= SSL_kEDH;
+#endif
+
+ if (dh_tmp_export)
+ emask_k |= SSL_kEDH;
+
+ if (dh_tmp)
+ mask_k |= SSL_kEDH;
+
+ if (dh_rsa)
+ mask_k |= SSL_kDHr;
+ if (dh_rsa_export)
+ emask_k |= SSL_kDHr;
+
+ if (dh_dsa)
+ mask_k |= SSL_kDHd;
+ if (dh_dsa_export)
+ emask_k |= SSL_kDHd;
+
+ if (rsa_enc || rsa_sign) {
+ mask_a |= SSL_aRSA;
+ emask_a |= SSL_aRSA;
+ }
+
+ if (dsa_sign) {
+ mask_a |= SSL_aDSS;
+ emask_a |= SSL_aDSS;
+ }
+
+ mask_a |= SSL_aNULL;
+ emask_a |= SSL_aNULL;
+
+#ifndef OPENSSL_NO_KRB5
+ mask_k |= SSL_kKRB5;
+ mask_a |= SSL_aKRB5;
+ emask_k |= SSL_kKRB5;
+ emask_a |= SSL_aKRB5;
+#endif
+
+ /*
+ * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
+ * depending on the key usage extension.
+ */
+#ifndef OPENSSL_NO_EC
+ if (have_ecc_cert) {
+ /* This call populates extension flags (ex_flags) */
+ x = (c->pkeys[SSL_PKEY_ECC]).x509;
+ X509_check_purpose(x, -1, 0);
+ ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+ (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
+ ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+ (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
+ ecc_pkey = X509_get_pubkey(x);
+ ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
+ EVP_PKEY_free(ecc_pkey);
+ if ((x->sig_alg) && (x->sig_alg->algorithm)) {
+ signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+ OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
+ }
+#ifndef OPENSSL_NO_ECDH
+ if (ecdh_ok) {
+
+ if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
+ mask_k |= SSL_kECDHr;
+ mask_a |= SSL_aECDH;
+ if (ecc_pkey_size <= 163) {
+ emask_k |= SSL_kECDHr;
+ emask_a |= SSL_aECDH;
+ }
+ }
+
+ if (pk_nid == NID_X9_62_id_ecPublicKey) {
+ mask_k |= SSL_kECDHe;
+ mask_a |= SSL_aECDH;
+ if (ecc_pkey_size <= 163) {
+ emask_k |= SSL_kECDHe;
+ emask_a |= SSL_aECDH;
+ }
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (ecdsa_ok) {
+ mask_a |= SSL_aECDSA;
+ emask_a |= SSL_aECDSA;
+ }
+#endif
+ }
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (have_ecdh_tmp) {
+ mask_k |= SSL_kEECDH;
+ emask_k |= SSL_kEECDH;
+ }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ mask_k |= SSL_kPSK;
+ mask_a |= SSL_aPSK;
+ emask_k |= SSL_kPSK;
+ emask_a |= SSL_aPSK;
+#endif
+
+ c->mask_k = mask_k;
+ c->mask_a = mask_a;
+ c->export_mask_k = emask_k;
+ c->export_mask_a = emask_a;
+ c->valid = 1;
+}
+
+/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
+#define ku_reject(x, usage) \
+ (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
+
+#ifndef OPENSSL_NO_EC
+
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
+{
+ unsigned long alg_k, alg_a;
+ EVP_PKEY *pkey = NULL;
+ int keysize = 0;
+ int signature_nid = 0, md_nid = 0, pk_nid = 0;
+ const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
+
+ alg_k = cs->algorithm_mkey;
+ alg_a = cs->algorithm_auth;
+
+ if (SSL_C_IS_EXPORT(cs)) {
+ /* ECDH key length in export ciphers must be <= 163 bits */
+ pkey = X509_get_pubkey(x);
+ if (pkey == NULL)
+ return 0;
+ keysize = EVP_PKEY_bits(pkey);
+ EVP_PKEY_free(pkey);
+ if (keysize > 163)
+ return 0;
+ }
+
+ /* This call populates the ex_flags field correctly */
+ X509_check_purpose(x, -1, 0);
+ if ((x->sig_alg) && (x->sig_alg->algorithm)) {
+ signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+ OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
+ }
+ if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
+ /* key usage, if present, must allow key agreement */
+ if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
+ return 0;
+ }
+ if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
+ /* signature alg must be ECDSA */
+ if (pk_nid != NID_X9_62_id_ecPublicKey) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
+ return 0;
+ }
+ }
+ if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
+ /* signature alg must be RSA */
+
+ if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
+ return 0;
+ }
+ }
+ }
+ if (alg_a & SSL_aECDSA) {
+ /* key usage, if present, must allow signing */
+ if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_NOT_FOR_SIGNING);
+ return 0;
+ }
+ }
+
+ return 1; /* all checks are ok */
+}
+
+#endif
+
+/* THIS NEEDS CLEANING UP */
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
+{
+ unsigned long alg_k, alg_a;
+ CERT *c;
+ int i;
+
+ c = s->cert;
+ ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
+ if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
+ /*
+ * we don't need to look at SSL_kEECDH since no certificate is needed
+ * for anon ECDH and for authenticated EECDH, the check for the auth
+ * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC
+ * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the
+ * checks for SSL_kECDH before RSA checks ensures the correct cert is
+ * chosen.
+ */
+ i = SSL_PKEY_ECC;
+ } else if (alg_a & SSL_aECDSA) {
+ i = SSL_PKEY_ECC;
+ } else if (alg_k & SSL_kDHr)
+ i = SSL_PKEY_DH_RSA;
+ else if (alg_k & SSL_kDHd)
+ i = SSL_PKEY_DH_DSA;
+ else if (alg_a & SSL_aDSS)
+ i = SSL_PKEY_DSA_SIGN;
+ else if (alg_a & SSL_aRSA) {
+ if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
+ i = SSL_PKEY_RSA_SIGN;
+ else
+ i = SSL_PKEY_RSA_ENC;
+ } else if (alg_a & SSL_aKRB5) {
+ /* VRS something else here? */
+ return (NULL);
+ } else if (alg_a & SSL_aGOST94)
+ i = SSL_PKEY_GOST94;
+ else if (alg_a & SSL_aGOST01)
+ i = SSL_PKEY_GOST01;
+ else { /* if (alg_a & SSL_aNULL) */
+
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
+ return (NULL);
+ }
+
+ return c->pkeys + i;
+}
+
+X509 *ssl_get_server_send_cert(const SSL *s)
+{
+ CERT_PKEY *cpk;
+ cpk = ssl_get_server_send_pkey(s);
+ if (!cpk)
+ return NULL;
+ return cpk->x509;
+}
+
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
+ const EVP_MD **pmd)
+{
+ unsigned long alg_a;
+ CERT *c;
+ int idx = -1;
+
+ alg_a = cipher->algorithm_auth;
+ c = s->cert;
+
+ if ((alg_a & SSL_aDSS) &&
+ (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+ idx = SSL_PKEY_DSA_SIGN;
+ else if (alg_a & SSL_aRSA) {
+ if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
+ idx = SSL_PKEY_RSA_SIGN;
+ else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
+ idx = SSL_PKEY_RSA_ENC;
+ } else if ((alg_a & SSL_aECDSA) &&
+ (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
+ idx = SSL_PKEY_ECC;
+ if (idx == -1) {
+ SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
+ return (NULL);
+ }
+ if (pmd)
+ *pmd = c->pkeys[idx].digest;
+ return c->pkeys[idx].privatekey;
+}
+
+void ssl_update_cache(SSL *s, int mode)
+{
+ int i;
+
+ /*
+ * If the session_id_length is 0, we are not supposed to cache it, and it
+ * would be rather hard to do anyway :-)
+ */
+ if (s->session->session_id_length == 0)
+ return;
+
+ i = s->session_ctx->session_cache_mode;
+ if ((i & mode) && (!s->hit)
+ && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
+ || SSL_CTX_add_session(s->session_ctx, s->session))
+ && (s->session_ctx->new_session_cb != NULL)) {
+ CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
+ if (!s->session_ctx->new_session_cb(s, s->session))
+ SSL_SESSION_free(s->session);
+ }
+
+ /* auto flush every 255 connections */
+ if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
+ if ((((mode & SSL_SESS_CACHE_CLIENT)
+ ? s->session_ctx->stats.sess_connect_good
+ : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
+ SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
+ }
+ }
+}
+
+const SSL_METHOD *SSL_get_ssl_method(SSL *s)
+{
+ return (s->method);
+}
+
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
+{
+ int conn = -1;
+ int ret = 1;
+
+ if (s->method != meth) {
+ if (s->handshake_func != NULL)
+ conn = (s->handshake_func == s->method->ssl_connect);
+
+ if (s->method->version == meth->version)
+ s->method = meth;
+ else {
+ s->method->ssl_free(s);
+ s->method = meth;
+ ret = s->method->ssl_new(s);
+ }
+
+ if (conn == 1)
+ s->handshake_func = meth->ssl_connect;
+ else if (conn == 0)
+ s->handshake_func = meth->ssl_accept;
+ }
+ return (ret);
+}
+
+int SSL_get_error(const SSL *s, int i)
+{
+ int reason;
+ unsigned long l;
+ BIO *bio;
+
+ if (i > 0)
+ return (SSL_ERROR_NONE);
+
+ /*
+ * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
+ * where we do encode the error
+ */
+ if ((l = ERR_peek_error()) != 0) {
+ if (ERR_GET_LIB(l) == ERR_LIB_SYS)
+ return (SSL_ERROR_SYSCALL);
+ else
+ return (SSL_ERROR_SSL);
+ }
+
+ if ((i < 0) && SSL_want_read(s)) {
+ bio = SSL_get_rbio(s);
+ if (BIO_should_read(bio))
+ return (SSL_ERROR_WANT_READ);
+ else if (BIO_should_write(bio))
+ /*
+ * This one doesn't make too much sense ... We never try to write
+ * to the rbio, and an application program where rbio and wbio
+ * are separate couldn't even know what it should wait for.
+ * However if we ever set s->rwstate incorrectly (so that we have
+ * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
+ * wbio *are* the same, this test works around that bug; so it
+ * might be safer to keep it.
+ */
+ return (SSL_ERROR_WANT_WRITE);
+ else if (BIO_should_io_special(bio)) {
+ reason = BIO_get_retry_reason(bio);
+ if (reason == BIO_RR_CONNECT)
+ return (SSL_ERROR_WANT_CONNECT);
+ else if (reason == BIO_RR_ACCEPT)
+ return (SSL_ERROR_WANT_ACCEPT);
+ else
+ return (SSL_ERROR_SYSCALL); /* unknown */
+ }
+ }
+
+ if ((i < 0) && SSL_want_write(s)) {
+ bio = SSL_get_wbio(s);
+ if (BIO_should_write(bio))
+ return (SSL_ERROR_WANT_WRITE);
+ else if (BIO_should_read(bio))
+ /*
+ * See above (SSL_want_read(s) with BIO_should_write(bio))
+ */
+ return (SSL_ERROR_WANT_READ);
+ else if (BIO_should_io_special(bio)) {
+ reason = BIO_get_retry_reason(bio);
+ if (reason == BIO_RR_CONNECT)
+ return (SSL_ERROR_WANT_CONNECT);
+ else if (reason == BIO_RR_ACCEPT)
+ return (SSL_ERROR_WANT_ACCEPT);
+ else
+ return (SSL_ERROR_SYSCALL);
+ }
+ }
+ if ((i < 0) && SSL_want_x509_lookup(s)) {
+ return (SSL_ERROR_WANT_X509_LOOKUP);
+ }
+
+ if (i == 0) {
+ if (s->version == SSL2_VERSION) {
+ /* assume it is the socket being closed */
+ return (SSL_ERROR_ZERO_RETURN);
+ } else {
+ if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+ (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+ return (SSL_ERROR_ZERO_RETURN);
+ }
+ }
+ return (SSL_ERROR_SYSCALL);
+}
+
+int SSL_do_handshake(SSL *s)
+{
+ int ret = 1;
+
+ if (s->handshake_func == NULL) {
+ SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
+ return (-1);
+ }
+
+ s->method->ssl_renegotiate_check(s);
+
+ if (SSL_in_init(s) || SSL_in_before(s)) {
+ ret = s->handshake_func(s);
+ }
+ return (ret);
+}
+
+/*
+ * For the next 2 functions, SSL_clear() sets shutdown and so one of these
+ * calls will reset it
+ */
+void SSL_set_accept_state(SSL *s)
+{
+ s->server = 1;
+ s->shutdown = 0;
+ s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
+ s->handshake_func = s->method->ssl_accept;
+ /* clear the current cipher */
+ ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
+}
+
+void SSL_set_connect_state(SSL *s)
+{
+ s->server = 0;
+ s->shutdown = 0;
+ s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
+ s->handshake_func = s->method->ssl_connect;
+ /* clear the current cipher */
+ ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
+}
+
+int ssl_undefined_function(SSL *s)
+{
+ SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
+}
+
+int ssl_undefined_void_function(void)
+{
+ SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
+}
+
+int ssl_undefined_const_function(const SSL *s)
+{
+ SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
+}
+
+SSL_METHOD *ssl_bad_method(int ver)
+{
+ SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (NULL);
+}
+
+const char *SSL_get_version(const SSL *s)
+{
+ if (s->version == TLS1_2_VERSION)
+ return ("TLSv1.2");
+ else if (s->version == TLS1_1_VERSION)
+ return ("TLSv1.1");
+ else if (s->version == TLS1_VERSION)
+ return ("TLSv1");
+ else if (s->version == SSL3_VERSION)
+ return ("SSLv3");
+ else if (s->version == SSL2_VERSION)
+ return ("SSLv2");
+ else
+ return ("unknown");
+}
+
+SSL *SSL_dup(SSL *s)
+{
+ STACK_OF(X509_NAME) *sk;
+ X509_NAME *xn;
+ SSL *ret;
+ int i;
+
+ if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
+ return (NULL);
+
+ ret->version = s->version;
+ ret->type = s->type;
+ ret->method = s->method;
+
+ if (s->session != NULL) {
+ /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
+ SSL_copy_session_id(ret, s);
+ } else {
+ /*
+ * No session has been established yet, so we have to expect that
+ * s->cert or ret->cert will be changed later -- they should not both
+ * point to the same object, and thus we can't use
+ * SSL_copy_session_id.
+ */
+
+ ret->method->ssl_free(ret);
+ ret->method = s->method;
+ ret->method->ssl_new(ret);
+
+ if (s->cert != NULL) {
+ if (ret->cert != NULL) {
+ ssl_cert_free(ret->cert);
+ }
+ ret->cert = ssl_cert_dup(s->cert);
+ if (ret->cert == NULL)
+ goto err;
+ }
+
+ SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
+ }
+
+ ret->options = s->options;
+ ret->mode = s->mode;
+ SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
+ SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
+ ret->msg_callback = s->msg_callback;
+ ret->msg_callback_arg = s->msg_callback_arg;
+ SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
+ SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
+ ret->generate_session_id = s->generate_session_id;
+
+ SSL_set_info_callback(ret, SSL_get_info_callback(s));
+
+ ret->debug = s->debug;
+
+ /* copy app data, a little dangerous perhaps */
+ if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
+ goto err;
+
+ /* setup rbio, and wbio */
+ if (s->rbio != NULL) {
+ if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
+ goto err;
+ }
+ if (s->wbio != NULL) {
+ if (s->wbio != s->rbio) {
+ if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
+ goto err;
+ } else
+ ret->wbio = ret->rbio;
+ }
+ ret->rwstate = s->rwstate;
+ ret->in_handshake = s->in_handshake;
+ ret->handshake_func = s->handshake_func;
+ ret->server = s->server;
+ ret->renegotiate = s->renegotiate;
+ ret->new_session = s->new_session;
+ ret->quiet_shutdown = s->quiet_shutdown;
+ ret->shutdown = s->shutdown;
+ ret->state = s->state; /* SSL_dup does not really work at any state,
+ * though */
+ ret->rstate = s->rstate;
+ ret->init_num = 0; /* would have to copy ret->init_buf,
+ * ret->init_msg, ret->init_num,
+ * ret->init_off */
+ ret->hit = s->hit;
+
+ X509_VERIFY_PARAM_inherit(ret->param, s->param);
+
+ /* dup the cipher_list and cipher_list_by_id stacks */
+ if (s->cipher_list != NULL) {
+ if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
+ goto err;
+ }
+ if (s->cipher_list_by_id != NULL)
+ if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
+ == NULL)
+ goto err;
+
+ /* Dup the client_CA list */
+ if (s->client_CA != NULL) {
+ if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
+ goto err;
+ ret->client_CA = sk;
+ for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+ xn = sk_X509_NAME_value(sk, i);
+ if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
+ X509_NAME_free(xn);
+ goto err;
+ }
+ }
+ }
+
+ if (0) {
+ err:
+ if (ret != NULL)
+ SSL_free(ret);
+ ret = NULL;
+ }
+ return (ret);
+}
+
+void ssl_clear_cipher_ctx(SSL *s)
+{
+ if (s->enc_read_ctx != NULL) {
+ EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
+ OPENSSL_free(s->enc_read_ctx);
+ s->enc_read_ctx = NULL;
+ }
+ if (s->enc_write_ctx != NULL) {
+ EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
+ OPENSSL_free(s->enc_write_ctx);
+ s->enc_write_ctx = NULL;
+ }
+#ifndef OPENSSL_NO_COMP
+ if (s->expand != NULL) {
+ COMP_CTX_free(s->expand);
+ s->expand = NULL;
+ }
+ if (s->compress != NULL) {
+ COMP_CTX_free(s->compress);
+ s->compress = NULL;
+ }
+#endif
+}
+
+/* Fix this function so that it takes an optional type parameter */
+X509 *SSL_get_certificate(const SSL *s)
+{
+ if (s->cert != NULL)
+ return (s->cert->key->x509);
+ else
+ return (NULL);
+}
+
+/* Fix this function so that it takes an optional type parameter */
+EVP_PKEY *SSL_get_privatekey(SSL *s)
+{
+ if (s->cert != NULL)
+ return (s->cert->key->privatekey);
+ else
+ return (NULL);
+}
+
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
+{
+ if ((s->session != NULL) && (s->session->cipher != NULL))
+ return (s->session->cipher);
+ return (NULL);
+}
+
+#ifdef OPENSSL_NO_COMP
+const void *SSL_get_current_compression(SSL *s)
+{
+ return NULL;
+}
+
+const void *SSL_get_current_expansion(SSL *s)
+{
+ return NULL;
+}
+#else
+
+const COMP_METHOD *SSL_get_current_compression(SSL *s)
+{
+ if (s->compress != NULL)
+ return (s->compress->meth);
+ return (NULL);
+}
+
+const COMP_METHOD *SSL_get_current_expansion(SSL *s)
+{
+ if (s->expand != NULL)
+ return (s->expand->meth);
+ return (NULL);
+}
+#endif
+
+int ssl_init_wbio_buffer(SSL *s, int push)
+{
+ BIO *bbio;
+
+ if (s->bbio == NULL) {
+ bbio = BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+ return (0);
+ s->bbio = bbio;
+ } else {
+ bbio = s->bbio;
+ if (s->bbio == s->wbio)
+ s->wbio = BIO_pop(s->wbio);
+ }
+ (void)BIO_reset(bbio);
+/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
+ if (!BIO_set_read_buffer_size(bbio, 1)) {
+ SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
+ return (0);
+ }
+ if (push) {
+ if (s->wbio != bbio)
+ s->wbio = BIO_push(bbio, s->wbio);
+ } else {
+ if (s->wbio == bbio)
+ s->wbio = BIO_pop(bbio);
+ }
+ return (1);
+}
+
+void ssl_free_wbio_buffer(SSL *s)
+{
+ if (s->bbio == NULL)
+ return;
+
+ if (s->bbio == s->wbio) {
+ /* remove buffering */
+ s->wbio = BIO_pop(s->wbio);
+#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids
+ * adding one more preprocessor symbol */
+ assert(s->wbio != NULL);
+#endif
+ }
+ BIO_free(s->bbio);
+ s->bbio = NULL;
+}
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
+{
+ ctx->quiet_shutdown = mode;
+}
+
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
+{
+ return (ctx->quiet_shutdown);
+}
+
+void SSL_set_quiet_shutdown(SSL *s, int mode)
+{
+ s->quiet_shutdown = mode;
+}
+
+int SSL_get_quiet_shutdown(const SSL *s)
+{
+ return (s->quiet_shutdown);
+}
+
+void SSL_set_shutdown(SSL *s, int mode)
+{
+ s->shutdown = mode;
+}
+
+int SSL_get_shutdown(const SSL *s)
+{
+ return (s->shutdown);
+}
+
+int SSL_version(const SSL *s)
+{
+ return (s->version);
+}
+
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
+{
+ return (ssl->ctx);
+}
+
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
+{
+ CERT *ocert = ssl->cert;
+ if (ssl->ctx == ctx)
+ return ssl->ctx;
+#ifndef OPENSSL_NO_TLSEXT
+ if (ctx == NULL)
+ ctx = ssl->initial_ctx;
+#endif
+ ssl->cert = ssl_cert_dup(ctx->cert);
+ if (ocert != NULL) {
+ int i;
+ /* Copy negotiated digests from original */
+ for (i = 0; i < SSL_PKEY_NUM; i++) {
+ CERT_PKEY *cpk = ocert->pkeys + i;
+ CERT_PKEY *rpk = ssl->cert->pkeys + i;
+ rpk->digest = cpk->digest;
+ }
+ ssl_cert_free(ocert);
+ }
+
+ /*
+ * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
+ * so setter APIs must prevent invalid lengths from entering the system.
+ */
+ OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
+
+ /*
+ * If the session ID context matches that of the parent SSL_CTX,
+ * inherit it from the new SSL_CTX as well. If however the context does
+ * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
+ * leave it unchanged.
+ */
+ if ((ssl->ctx != NULL) &&
+ (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
+ (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
+ ssl->sid_ctx_length = ctx->sid_ctx_length;
+ memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
+ }
+
+ CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
+ if (ssl->ctx != NULL)
+ SSL_CTX_free(ssl->ctx); /* decrement reference count */
+ ssl->ctx = ctx;
+
+ return (ssl->ctx);
+}
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
+{
+ return (X509_STORE_set_default_paths(ctx->cert_store));
+}
+
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+ const char *CApath)
+{
+ return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
+}
+#endif
+
+void SSL_set_info_callback(SSL *ssl,
+ void (*cb) (const SSL *ssl, int type, int val))
+{
+ ssl->info_callback = cb;
+}
+
+/*
+ * One compiler (Diab DCC) doesn't like argument names in returned function
+ * pointer.
+ */
+void (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
+ int /* type */ ,
+ int /* val */ ) {
+ return ssl->info_callback;
+}
+
+int SSL_state(const SSL *ssl)
+{
+ return (ssl->state);
+}
+
+void SSL_set_state(SSL *ssl, int state)
+{
+ ssl->state = state;
+}
+
+void SSL_set_verify_result(SSL *ssl, long arg)
+{
+ ssl->verify_result = arg;
+}
+
+long SSL_get_verify_result(const SSL *ssl)
+{
+ return (ssl->verify_result);
+}
+
+int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int SSL_set_ex_data(SSL *s, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
+}
+
+void *SSL_get_ex_data(const SSL *s, int idx)
+{
+ return (CRYPTO_get_ex_data(&s->ex_data, idx));
+}
+
+int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
+}
+
+void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
+{
+ return (CRYPTO_get_ex_data(&s->ex_data, idx));
+}
+
+int ssl_ok(SSL *s)
+{
+ return (1);
+}
+
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
+{
+ return (ctx->cert_store);
+}
+
+void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
+{
+ if (ctx->cert_store != NULL)
+ X509_STORE_free(ctx->cert_store);
+ ctx->cert_store = store;
+}
+
+int SSL_want(const SSL *s)
+{
+ return (s->rwstate);
+}
+
+/**
+ * \brief Set the callback for generating temporary RSA keys.
+ * \param ctx the SSL context.
+ * \param cb the callback
+ */
+
+#ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
+ int is_export,
+ int keylength))
+{
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
+}
+
+void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
+ int is_export,
+ int keylength))
+{
+ SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
+}
+#endif
+
+#ifdef DOXYGEN
+/**
+ * \brief The RSA temporary key callback function.
+ * \param ssl the SSL session.
+ * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
+ * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
+ * of the required key in bits.
+ * \return the temporary RSA key.
+ * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
+ */
+
+RSA *cb(SSL *ssl, int is_export, int keylength)
+{
+}
+#endif
+
+/**
+ * \brief Set the callback for generating temporary DH keys.
+ * \param ctx the SSL context.
+ * \param dh the callback
+ */
+
+#ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength))
+{
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
+}
+
+void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
+ int keylength))
+{
+ SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
+}
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
+ EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+ int keylength))
+{
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
+ (void (*)(void))ecdh);
+}
+
+void SSL_set_tmp_ecdh_callback(SSL *ssl,
+ EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+ int keylength))
+{
+ SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
+}
+#endif
+
+#ifndef OPENSSL_NO_PSK
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
+{
+ if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ return 0;
+ }
+ if (ctx->psk_identity_hint != NULL)
+ OPENSSL_free(ctx->psk_identity_hint);
+ if (identity_hint != NULL) {
+ ctx->psk_identity_hint = BUF_strdup(identity_hint);
+ if (ctx->psk_identity_hint == NULL)
+ return 0;
+ } else
+ ctx->psk_identity_hint = NULL;
+ return 1;
+}
+
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
+{
+ if (s == NULL)
+ return 0;
+
+ if (s->session == NULL)
+ return 1; /* session not created yet, ignored */
+
+ if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+ return 0;
+ }
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ if (identity_hint != NULL) {
+ s->session->psk_identity_hint = BUF_strdup(identity_hint);
+ if (s->session->psk_identity_hint == NULL)
+ return 0;
+ } else
+ s->session->psk_identity_hint = NULL;
+ return 1;
+}
+
+const char *SSL_get_psk_identity_hint(const SSL *s)
+{
+ if (s == NULL || s->session == NULL)
+ return NULL;
+ return (s->session->psk_identity_hint);
+}
+
+const char *SSL_get_psk_identity(const SSL *s)
+{
+ if (s == NULL || s->session == NULL)
+ return NULL;
+ return (s->session->psk_identity);
+}
+
+void SSL_set_psk_client_callback(SSL *s,
+ unsigned int (*cb) (SSL *ssl,
+ const char *hint,
+ char *identity,
+ unsigned int
+ max_identity_len,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ s->psk_client_callback = cb;
+}
+
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+ unsigned int (*cb) (SSL *ssl,
+ const char *hint,
+ char *identity,
+ unsigned int
+ max_identity_len,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ ctx->psk_client_callback = cb;
+}
+
+void SSL_set_psk_server_callback(SSL *s,
+ unsigned int (*cb) (SSL *ssl,
+ const char *identity,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ s->psk_server_callback = cb;
+}
+
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+ unsigned int (*cb) (SSL *ssl,
+ const char *identity,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ ctx->psk_server_callback = cb;
+}
+#endif
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg))
+{
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
+}
+
+void SSL_set_msg_callback(SSL *ssl,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg))
+{
+ SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
+}
+
+/*
+ * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
+ * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
+ * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
+ * allocated ctx;
+ */
+
+EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
+{
+ ssl_clear_hash_ctx(hash);
+ *hash = EVP_MD_CTX_create();
+ if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
+ EVP_MD_CTX_destroy(*hash);
+ *hash = NULL;
+ return NULL;
+ }
+ return *hash;
+}
+
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
+{
+
+ if (*hash)
+ EVP_MD_CTX_destroy(*hash);
+ *hash = NULL;
+}
+
+void SSL_set_debug(SSL *s, int debug)
+{
+ s->debug = debug;
+}
+
+int SSL_cache_hit(SSL *s)
+{
+ return s->hit;
+}
+
+#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
+# include "../crypto/bio/bss_file.c"
+#endif
+
+IMPLEMENT_STACK_OF(SSL_CIPHER)
+IMPLEMENT_STACK_OF(SSL_COMP)
+IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
Deleted: vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h
===================================================================
--- vendor-crypto/openssl/dist/ssl/ssl_locl.h 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1245 +0,0 @@
-/* ssl/ssl_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_LOCL_H
-# define HEADER_SSL_LOCL_H
-# include <stdlib.h>
-# include <time.h>
-# include <string.h>
-# include <errno.h>
-
-# include "e_os.h"
-
-# include <openssl/buffer.h>
-# ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-# endif
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
-# include <openssl/err.h>
-# include <openssl/ssl.h>
-# include <openssl/symhacks.h>
-
-# ifdef OPENSSL_BUILD_SHLIBSSL
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-# undef PKCS1_CHECK
-
-# define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24))
-
-/* NOTE - c is not incremented as per c2l */
-# define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-# define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff))
-
-# define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
- l|=((unsigned long)(*((c)++)))<<16, \
- l|=((unsigned long)(*((c)++)))<< 8, \
- l|=((unsigned long)(*((c)++))))
-
-# define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-# define l2n6(l,c) (*((c)++)=(unsigned char)(((l)>>40)&0xff), \
- *((c)++)=(unsigned char)(((l)>>32)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-# define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
- *((c)++)=(unsigned char)(((l)>>48)&0xff), \
- *((c)++)=(unsigned char)(((l)>>40)&0xff), \
- *((c)++)=(unsigned char)(((l)>>32)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-# define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \
- l|=((BN_ULLONG)(*((c)++)))<<32, \
- l|=((BN_ULLONG)(*((c)++)))<<24, \
- l|=((BN_ULLONG)(*((c)++)))<<16, \
- l|=((BN_ULLONG)(*((c)++)))<< 8, \
- l|=((BN_ULLONG)(*((c)++))))
-
-/* NOTE - c is not incremented as per l2c */
-# define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-# define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
- (((unsigned int)(c[1])) )),c+=2)
-# define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
- c[1]=(unsigned char)(((s) )&0xff)),c+=2)
-
-# define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
- (((unsigned long)(c[1]))<< 8)| \
- (((unsigned long)(c[2])) )),c+=3)
-
-# define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
- c[1]=(unsigned char)(((l)>> 8)&0xff), \
- c[2]=(unsigned char)(((l) )&0xff)),c+=3)
-
-/* LOCAL STUFF */
-
-# define SSL_DECRYPT 0
-# define SSL_ENCRYPT 1
-
-# define TWO_BYTE_BIT 0x80
-# define SEC_ESC_BIT 0x40
-# define TWO_BYTE_MASK 0x7fff
-# define THREE_BYTE_MASK 0x3fff
-
-# define INC32(a) ((a)=((a)+1)&0xffffffffL)
-# define DEC32(a) ((a)=((a)-1)&0xffffffffL)
-# define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
-
-/*
- * Define the Bitmasks for SSL_CIPHER.algorithms.
- * This bits are used packed as dense as possible. If new methods/ciphers
- * etc will be added, the bits a likely to change, so this information
- * is for internal library use only, even though SSL_CIPHER.algorithms
- * can be publicly accessed.
- * Use the according functions for cipher management instead.
- *
- * The bit mask handling in the selection and sorting scheme in
- * ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusive:
- * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
- */
-
-/* Bits for algorithm_mkey (key exchange algorithm) */
-/* RSA key exchange */
-# define SSL_kRSA 0x00000001L
-/* DH cert, RSA CA cert */
-/* no such ciphersuites supported! */
-# define SSL_kDHr 0x00000002L
-/* DH cert, DSA CA cert */
-/* no such ciphersuite supported! */
-# define SSL_kDHd 0x00000004L
-/* tmp DH key no DH cert */
-# define SSL_kEDH 0x00000008L
-/* Kerberos5 key exchange */
-# define SSL_kKRB5 0x00000010L
-/* ECDH cert, RSA CA cert */
-# define SSL_kECDHr 0x00000020L
-/* ECDH cert, ECDSA CA cert */
-# define SSL_kECDHe 0x00000040L
-/* ephemeral ECDH */
-# define SSL_kEECDH 0x00000080L
-/* PSK */
-# define SSL_kPSK 0x00000100L
-/* GOST key exchange */
-# define SSL_kGOST 0x00000200L
-/* SRP */
-# define SSL_kSRP 0x00000400L
-
-/* Bits for algorithm_auth (server authentication) */
-/* RSA auth */
-# define SSL_aRSA 0x00000001L
-/* DSS auth */
-# define SSL_aDSS 0x00000002L
-/* no auth (i.e. use ADH or AECDH) */
-# define SSL_aNULL 0x00000004L
-/* Fixed DH auth (kDHd or kDHr) */
-/* no such ciphersuites supported! */
-# define SSL_aDH 0x00000008L
-/* Fixed ECDH auth (kECDHe or kECDHr) */
-# define SSL_aECDH 0x00000010L
-/* KRB5 auth */
-# define SSL_aKRB5 0x00000020L
-/* ECDSA auth*/
-# define SSL_aECDSA 0x00000040L
-/* PSK auth */
-# define SSL_aPSK 0x00000080L
-/* GOST R 34.10-94 signature auth */
-# define SSL_aGOST94 0x00000100L
-/* GOST R 34.10-2001 signature auth */
-# define SSL_aGOST01 0x00000200L
-/* SRP auth */
-# define SSL_aSRP 0x00000400L
-
-/* Bits for algorithm_enc (symmetric encryption) */
-# define SSL_DES 0x00000001L
-# define SSL_3DES 0x00000002L
-# define SSL_RC4 0x00000004L
-# define SSL_RC2 0x00000008L
-# define SSL_IDEA 0x00000010L
-# define SSL_eNULL 0x00000020L
-# define SSL_AES128 0x00000040L
-# define SSL_AES256 0x00000080L
-# define SSL_CAMELLIA128 0x00000100L
-# define SSL_CAMELLIA256 0x00000200L
-# define SSL_eGOST2814789CNT 0x00000400L
-# define SSL_SEED 0x00000800L
-# define SSL_AES128GCM 0x00001000L
-# define SSL_AES256GCM 0x00002000L
-
-# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
-# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
-
-/* Bits for algorithm_mac (symmetric authentication) */
-
-# define SSL_MD5 0x00000001L
-# define SSL_SHA1 0x00000002L
-# define SSL_GOST94 0x00000004L
-# define SSL_GOST89MAC 0x00000008L
-# define SSL_SHA256 0x00000010L
-# define SSL_SHA384 0x00000020L
-/* Not a real MAC, just an indication it is part of cipher */
-# define SSL_AEAD 0x00000040L
-
-/* Bits for algorithm_ssl (protocol version) */
-# define SSL_SSLV2 0x00000001UL
-# define SSL_SSLV3 0x00000002UL
-# define SSL_TLSV1 SSL_SSLV3/* for now */
-# define SSL_TLSV1_2 0x00000004UL
-
-/* Bits for algorithm2 (handshake digests and other extra flags) */
-
-# define SSL_HANDSHAKE_MAC_MD5 0x10
-# define SSL_HANDSHAKE_MAC_SHA 0x20
-# define SSL_HANDSHAKE_MAC_GOST94 0x40
-# define SSL_HANDSHAKE_MAC_SHA256 0x80
-# define SSL_HANDSHAKE_MAC_SHA384 0x100
-# define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
-
-/*
- * When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX make
- * sure to update this constant too
- */
-# define SSL_MAX_DIGEST 6
-
-# define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
-
-# define TLS1_PRF_DGST_SHIFT 10
-# define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
-
-/*
- * Stream MAC for GOST ciphersuites from cryptopro draft (currently this also
- * goes into algorithm2)
- */
-# define TLS1_STREAM_MAC 0x04
-
-/*
- * Export and cipher strength information. For each cipher we have to decide
- * whether it is exportable or not. This information is likely to change
- * over time, since the export control rules are no static technical issue.
- *
- * Independent of the export flag the cipher strength is sorted into classes.
- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
- * since SSL_EXP64 could be similar to SSL_LOW.
- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
- * be possible.
- */
-# define SSL_EXP_MASK 0x00000003L
-# define SSL_STRONG_MASK 0x000001fcL
-
-# define SSL_NOT_EXP 0x00000001L
-# define SSL_EXPORT 0x00000002L
-
-# define SSL_STRONG_NONE 0x00000004L
-# define SSL_EXP40 0x00000008L
-# define SSL_MICRO (SSL_EXP40)
-# define SSL_EXP56 0x00000010L
-# define SSL_MINI (SSL_EXP56)
-# define SSL_LOW 0x00000020L
-# define SSL_MEDIUM 0x00000040L
-# define SSL_HIGH 0x00000080L
-# define SSL_FIPS 0x00000100L
-
-/* we have used 000001ff - 23 bits left to go */
-
-/*-
- * Macros to check the export status and cipher strength for export ciphers.
- * Even though the macros for EXPORT and EXPORT40/56 have similar names,
- * their meaning is different:
- * *_EXPORT macros check the 'exportable' status.
- * *_EXPORT40/56 macros are used to check whether a certain cipher strength
- * is given.
- * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
- * algorithm structure element to be passed (algorithms, algo_strength) and no
- * typechecking can be done as they are all of type unsigned long, their
- * direct usage is discouraged.
- * Use the SSL_C_* macros instead.
- */
-# define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
-# define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
-# define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
-# define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
-# define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
-# define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
-
-# define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
- (a) == SSL_DES ? 8 : 7)
-# define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-# define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
- (c)->algo_strength)
-# define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-
-/* Mostly for SSLv3 */
-# define SSL_PKEY_RSA_ENC 0
-# define SSL_PKEY_RSA_SIGN 1
-# define SSL_PKEY_DSA_SIGN 2
-# define SSL_PKEY_DH_RSA 3
-# define SSL_PKEY_DH_DSA 4
-# define SSL_PKEY_ECC 5
-# define SSL_PKEY_GOST94 6
-# define SSL_PKEY_GOST01 7
-# define SSL_PKEY_NUM 8
-
-/*-
- * SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
- * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
- * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
- * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
- * SSL_aRSA <- RSA_ENC | RSA_SIGN
- * SSL_aDSS <- DSA_SIGN
- */
-
-/*-
-#define CERT_INVALID 0
-#define CERT_PUBLIC_KEY 1
-#define CERT_PRIVATE_KEY 2
-*/
-
-# ifndef OPENSSL_NO_EC
-/*
- * From ECC-TLS draft, used in encoding the curve type in ECParameters
- */
-# define EXPLICIT_PRIME_CURVE_TYPE 1
-# define EXPLICIT_CHAR2_CURVE_TYPE 2
-# define NAMED_CURVE_TYPE 3
-# endif /* OPENSSL_NO_EC */
-
-typedef struct cert_pkey_st {
- X509 *x509;
- EVP_PKEY *privatekey;
- /* Digest to use when signing */
- const EVP_MD *digest;
-} CERT_PKEY;
-
-typedef struct cert_st {
- /* Current active set */
- /*
- * ALWAYS points to an element of the pkeys array
- * Probably it would make more sense to store
- * an index, not a pointer.
- */
- CERT_PKEY *key;
- /*
- * The following masks are for the key and auth algorithms that are
- * supported by the certs below
- */
- int valid;
- unsigned long mask_k;
- unsigned long mask_a;
- unsigned long export_mask_k;
- unsigned long export_mask_a;
-# ifndef OPENSSL_NO_RSA
- RSA *rsa_tmp;
- RSA *(*rsa_tmp_cb) (SSL *ssl, int is_export, int keysize);
-# endif
-# ifndef OPENSSL_NO_DH
- DH *dh_tmp;
- DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize);
-# endif
-# ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh_tmp;
- /* Callback for generating ephemeral ECDH keys */
- EC_KEY *(*ecdh_tmp_cb) (SSL *ssl, int is_export, int keysize);
-# endif
- CERT_PKEY pkeys[SSL_PKEY_NUM];
- int references; /* >1 only if SSL_copy_session_id is used */
-} CERT;
-
-typedef struct sess_cert_st {
- STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
- /* The 'peer_...' members are used only by clients. */
- int peer_cert_type;
- CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never
- * NULL!) */
- CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
- /*
- * Obviously we don't have the private keys of these, so maybe we
- * shouldn't even use the CERT_PKEY type here.
- */
-# ifndef OPENSSL_NO_RSA
- RSA *peer_rsa_tmp; /* not used for SSL 2 */
-# endif
-# ifndef OPENSSL_NO_DH
- DH *peer_dh_tmp; /* not used for SSL 2 */
-# endif
-# ifndef OPENSSL_NO_ECDH
- EC_KEY *peer_ecdh_tmp;
-# endif
- int references; /* actually always 1 at the moment */
-} SESS_CERT;
-
-/*
- * #define MAC_DEBUG
- */
-
-/*
- * #define ERR_DEBUG
- */
-/*
- * #define ABORT_DEBUG
- */
-/*
- * #define PKT_DEBUG 1
- */
-/*
- * #define DES_DEBUG
- */
-/*
- * #define DES_OFB_DEBUG
- */
-/*
- * #define SSL_DEBUG
- */
-/*
- * #define RSA_DEBUG
- */
-/*
- * #define IDEA_DEBUG
- */
-
-# define FP_ICC (int (*)(const void *,const void *))
-# define ssl_put_cipher_by_char(ssl,ciph,ptr) \
- ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
-# define ssl_get_cipher_by_char(ssl,ptr) \
- ((ssl)->method->get_cipher_by_char(ptr))
-
-/*
- * This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff It is a bit
- * of a mess of functions, but hell, think of it as an opaque structure :-)
- */
-typedef struct ssl3_enc_method {
- int (*enc) (SSL *, int);
- int (*mac) (SSL *, unsigned char *, int);
- int (*setup_key_block) (SSL *);
- int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *,
- int);
- int (*change_cipher_state) (SSL *, int);
- int (*final_finish_mac) (SSL *, const char *, int, unsigned char *);
- int finish_mac_length;
- int (*cert_verify_mac) (SSL *, int, unsigned char *);
- const char *client_finished_label;
- int client_finished_label_len;
- const char *server_finished_label;
- int server_finished_label_len;
- int (*alert_value) (int);
- int (*export_keying_material) (SSL *, unsigned char *, size_t,
- const char *, size_t,
- const unsigned char *, size_t,
- int use_context);
-} SSL3_ENC_METHOD;
-
-# ifndef OPENSSL_NO_COMP
-/* Used for holding the relevant compression methods loaded into SSL_CTX */
-typedef struct ssl3_comp_st {
- int comp_id; /* The identifier byte for this compression
- * type */
- char *name; /* Text name used for the compression type */
- COMP_METHOD *method; /* The method :-) */
-} SSL3_COMP;
-# endif
-
-# ifndef OPENSSL_NO_BUF_FREELISTS
-typedef struct ssl3_buf_freelist_st {
- size_t chunklen;
- unsigned int len;
- struct ssl3_buf_freelist_entry_st *head;
-} SSL3_BUF_FREELIST;
-
-typedef struct ssl3_buf_freelist_entry_st {
- struct ssl3_buf_freelist_entry_st *next;
-} SSL3_BUF_FREELIST_ENTRY;
-# endif
-
-extern SSL3_ENC_METHOD ssl3_undef_enc_method;
-OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
-OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
-
-SSL_METHOD *ssl_bad_method(int ver);
-
-extern SSL3_ENC_METHOD TLSv1_enc_data;
-extern SSL3_ENC_METHOD SSLv3_enc_data;
-extern SSL3_ENC_METHOD DTLSv1_enc_data;
-
-# define SSL_IS_DTLS(s) (s->method->version == DTLS1_VERSION)
-
-# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
- s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- version, \
- tls1_new, \
- tls1_clear, \
- tls1_free, \
- s_accept, \
- s_connect, \
- ssl3_read, \
- ssl3_peek, \
- ssl3_write, \
- ssl3_shutdown, \
- ssl3_renegotiate, \
- ssl3_renegotiate_check, \
- ssl3_get_message, \
- ssl3_read_bytes, \
- ssl3_write_bytes, \
- ssl3_dispatch_alert, \
- ssl3_ctrl, \
- ssl3_ctx_ctrl, \
- ssl3_get_cipher_by_char, \
- ssl3_put_cipher_by_char, \
- ssl3_pending, \
- ssl3_num_ciphers, \
- ssl3_get_cipher, \
- s_get_meth, \
- tls1_default_timeout, \
- &TLSv1_enc_data, \
- ssl_undefined_void_function, \
- ssl3_callback_ctrl, \
- ssl3_ctx_callback_ctrl, \
- }; \
- return &func_name##_data; \
- }
-
-# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- SSL3_VERSION, \
- ssl3_new, \
- ssl3_clear, \
- ssl3_free, \
- s_accept, \
- s_connect, \
- ssl3_read, \
- ssl3_peek, \
- ssl3_write, \
- ssl3_shutdown, \
- ssl3_renegotiate, \
- ssl3_renegotiate_check, \
- ssl3_get_message, \
- ssl3_read_bytes, \
- ssl3_write_bytes, \
- ssl3_dispatch_alert, \
- ssl3_ctrl, \
- ssl3_ctx_ctrl, \
- ssl3_get_cipher_by_char, \
- ssl3_put_cipher_by_char, \
- ssl3_pending, \
- ssl3_num_ciphers, \
- ssl3_get_cipher, \
- s_get_meth, \
- ssl3_default_timeout, \
- &SSLv3_enc_data, \
- ssl_undefined_void_function, \
- ssl3_callback_ctrl, \
- ssl3_ctx_callback_ctrl, \
- }; \
- return &func_name##_data; \
- }
-
-# define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- TLS1_2_VERSION, \
- tls1_new, \
- tls1_clear, \
- tls1_free, \
- s_accept, \
- s_connect, \
- ssl23_read, \
- ssl23_peek, \
- ssl23_write, \
- ssl_undefined_function, \
- ssl_undefined_function, \
- ssl_ok, \
- ssl3_get_message, \
- ssl3_read_bytes, \
- ssl3_write_bytes, \
- ssl3_dispatch_alert, \
- ssl3_ctrl, \
- ssl3_ctx_ctrl, \
- ssl23_get_cipher_by_char, \
- ssl23_put_cipher_by_char, \
- ssl_undefined_const_function, \
- ssl23_num_ciphers, \
- ssl23_get_cipher, \
- s_get_meth, \
- ssl23_default_timeout, \
- &ssl3_undef_enc_method, \
- ssl_undefined_void_function, \
- ssl3_callback_ctrl, \
- ssl3_ctx_callback_ctrl, \
- }; \
- return &func_name##_data; \
- }
-
-# define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- SSL2_VERSION, \
- ssl2_new, /* local */ \
- ssl2_clear, /* local */ \
- ssl2_free, /* local */ \
- s_accept, \
- s_connect, \
- ssl2_read, \
- ssl2_peek, \
- ssl2_write, \
- ssl2_shutdown, \
- ssl_ok, /* NULL - renegotiate */ \
- ssl_ok, /* NULL - check renegotiate */ \
- NULL, /* NULL - ssl_get_message */ \
- NULL, /* NULL - ssl_get_record */ \
- NULL, /* NULL - ssl_write_bytes */ \
- NULL, /* NULL - dispatch_alert */ \
- ssl2_ctrl, /* local */ \
- ssl2_ctx_ctrl, /* local */ \
- ssl2_get_cipher_by_char, \
- ssl2_put_cipher_by_char, \
- ssl2_pending, \
- ssl2_num_ciphers, \
- ssl2_get_cipher, \
- s_get_meth, \
- ssl2_default_timeout, \
- &ssl3_undef_enc_method, \
- ssl_undefined_void_function, \
- ssl2_callback_ctrl, /* local */ \
- ssl2_ctx_callback_ctrl, /* local */ \
- }; \
- return &func_name##_data; \
- }
-
-# define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- DTLS1_VERSION, \
- dtls1_new, \
- dtls1_clear, \
- dtls1_free, \
- s_accept, \
- s_connect, \
- ssl3_read, \
- ssl3_peek, \
- ssl3_write, \
- dtls1_shutdown, \
- ssl3_renegotiate, \
- ssl3_renegotiate_check, \
- dtls1_get_message, \
- dtls1_read_bytes, \
- dtls1_write_app_data_bytes, \
- dtls1_dispatch_alert, \
- dtls1_ctrl, \
- ssl3_ctx_ctrl, \
- ssl3_get_cipher_by_char, \
- ssl3_put_cipher_by_char, \
- ssl3_pending, \
- ssl3_num_ciphers, \
- dtls1_get_cipher, \
- s_get_meth, \
- dtls1_default_timeout, \
- &DTLSv1_enc_data, \
- ssl_undefined_void_function, \
- ssl3_callback_ctrl, \
- ssl3_ctx_callback_ctrl, \
- }; \
- return &func_name##_data; \
- }
-
-struct openssl_ssl_test_functions {
- int (*p_ssl_init_wbio_buffer) (SSL *s, int push);
- int (*p_ssl3_setup_buffers) (SSL *s);
- int (*p_tls1_process_heartbeat) (SSL *s);
- int (*p_dtls1_process_heartbeat) (SSL *s);
-};
-
-# ifndef OPENSSL_UNIT_TEST
-
-void ssl_clear_cipher_ctx(SSL *s);
-int ssl_clear_bad_session(SSL *s);
-CERT *ssl_cert_new(void);
-CERT *ssl_cert_dup(CERT *cert);
-int ssl_cert_inst(CERT **o);
-void ssl_cert_free(CERT *c);
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
-int ssl_set_peer_cert_type(SESS_CERT *c, int type);
-int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
- const unsigned char *limit);
-SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket);
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
-DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
- const SSL_CIPHER *const *bp);
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
- int num,
- STACK_OF(SSL_CIPHER) **skp);
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
- unsigned char *p,
- int (*put_cb) (const SSL_CIPHER *,
- unsigned char *));
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
- STACK_OF(SSL_CIPHER) **pref,
- STACK_OF(SSL_CIPHER) **sorted,
- const char *rule_str);
-void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, int *mac_pkey_type,
- int *mac_secret_size, SSL_COMP **comp);
-int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
-int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
-int ssl_undefined_function(SSL *s);
-int ssl_undefined_void_function(void);
-int ssl_undefined_const_function(const SSL *s);
-CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
-X509 *ssl_get_server_send_cert(const SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
-int ssl_verify_alarm_type(long type);
-void ssl_load_ciphers(void);
-int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
-
-int ssl2_enc_init(SSL *s, int client);
-int ssl2_generate_key_material(SSL *s);
-int ssl2_enc(SSL *s, int send_data);
-void ssl2_mac(SSL *s, unsigned char *mac, int send_data);
-const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-int ssl2_part_read(SSL *s, unsigned long f, int i);
-int ssl2_do_write(SSL *s);
-int ssl2_set_certificate(SSL *s, int type, int len,
- const unsigned char *data);
-void ssl2_return_error(SSL *s, int reason);
-void ssl2_write_error(SSL *s);
-int ssl2_num_ciphers(void);
-const SSL_CIPHER *ssl2_get_cipher(unsigned int u);
-int ssl2_new(SSL *s);
-void ssl2_free(SSL *s);
-int ssl2_accept(SSL *s);
-int ssl2_connect(SSL *s);
-int ssl2_read(SSL *s, void *buf, int len);
-int ssl2_peek(SSL *s, void *buf, int len);
-int ssl2_write(SSL *s, const void *buf, int len);
-int ssl2_shutdown(SSL *s);
-void ssl2_clear(SSL *s);
-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg);
-long ssl2_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-long ssl2_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
-int ssl2_pending(const SSL *s);
-long ssl2_default_timeout(void);
-
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-void ssl3_init_finished_mac(SSL *s);
-int ssl3_send_server_certificate(SSL *s);
-int ssl3_send_newsession_ticket(SSL *s);
-int ssl3_send_cert_status(SSL *s);
-int ssl3_get_finished(SSL *s, int state_a, int state_b);
-int ssl3_setup_key_block(SSL *s);
-int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-int ssl3_change_cipher_state(SSL *s, int which);
-void ssl3_cleanup_key_block(SSL *s);
-int ssl3_do_write(SSL *s, int type);
-int ssl3_send_alert(SSL *s, int level, int desc);
-int ssl3_generate_master_secret(SSL *s, unsigned char *out,
- unsigned char *p, int len);
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
-int ssl3_num_ciphers(void);
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-int ssl3_renegotiate(SSL *ssl);
-int ssl3_renegotiate_check(SSL *ssl);
-int ssl3_dispatch_alert(SSL *s);
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
- unsigned char *p);
-int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
-int ssl3_enc(SSL *s, int send_data);
-int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
-void ssl3_free_digest_list(SSL *s);
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
- STACK_OF(SSL_CIPHER) *srvr);
-int ssl3_setup_buffers(SSL *s);
-int ssl3_setup_read_buffer(SSL *s);
-int ssl3_setup_write_buffer(SSL *s);
-int ssl3_release_read_buffer(SSL *s);
-int ssl3_release_write_buffer(SSL *s);
-int ssl3_digest_cached_records(SSL *s);
-int ssl3_new(SSL *s);
-void ssl3_free(SSL *s);
-int ssl3_accept(SSL *s);
-int ssl3_connect(SSL *s);
-int ssl3_read(SSL *s, void *buf, int len);
-int ssl3_peek(SSL *s, void *buf, int len);
-int ssl3_write(SSL *s, const void *buf, int len);
-int ssl3_shutdown(SSL *s);
-void ssl3_clear(SSL *s);
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
-long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
-int ssl3_pending(const SSL *s);
-
-void ssl3_record_sequence_update(unsigned char *seq);
-int ssl3_do_change_cipher_spec(SSL *ssl);
-long ssl3_default_timeout(void);
-
-int ssl23_num_ciphers(void);
-const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
-int ssl23_read(SSL *s, void *buf, int len);
-int ssl23_peek(SSL *s, void *buf, int len);
-int ssl23_write(SSL *s, const void *buf, int len);
-int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-long ssl23_default_timeout(void);
-
-long tls1_default_timeout(void);
-int dtls1_do_write(SSL *s, int type);
-int ssl3_read_n(SSL *s, int n, int max, int extend);
-int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_do_compress(SSL *ssl);
-int ssl3_do_uncompress(SSL *ssl);
-int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
- unsigned int len);
-unsigned char *dtls1_set_message_header(SSL *s,
- unsigned char *p, unsigned char mt,
- unsigned long len,
- unsigned long frag_off,
- unsigned long frag_len);
-
-int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
-int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
-
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
-int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
-int dtls1_read_failed(SSL *s, int code);
-int dtls1_buffer_message(SSL *s, int ccs);
-int dtls1_retransmit_message(SSL *s, unsigned short seq,
- unsigned long frag_off, int *found);
-int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
-int dtls1_retransmit_buffered_messages(SSL *s);
-void dtls1_clear_record_buffer(SSL *s);
-void dtls1_get_message_header(unsigned char *data,
- struct hm_header_st *msg_hdr);
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
-void dtls1_reset_seq_numbers(SSL *s, int rw);
-long dtls1_default_timeout(void);
-struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft);
-int dtls1_check_timeout_num(SSL *s);
-int dtls1_handle_timeout(SSL *s);
-const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
-void dtls1_start_timer(SSL *s);
-void dtls1_stop_timer(SSL *s);
-int dtls1_is_timer_expired(SSL *s);
-void dtls1_double_timeout(SSL *s);
-int dtls1_send_newsession_ticket(SSL *s);
-unsigned int dtls1_min_mtu(SSL *s);
-unsigned int dtls1_link_min_mtu(void);
-void dtls1_hm_fragment_free(hm_fragment *frag);
-
-/* some client-only functions */
-int ssl3_client_hello(SSL *s);
-int ssl3_get_server_hello(SSL *s);
-int ssl3_get_certificate_request(SSL *s);
-int ssl3_get_new_session_ticket(SSL *s);
-int ssl3_get_cert_status(SSL *s);
-int ssl3_get_server_done(SSL *s);
-int ssl3_send_client_verify(SSL *s);
-int ssl3_send_client_certificate(SSL *s);
-int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
-int ssl3_send_client_key_exchange(SSL *s);
-int ssl3_get_key_exchange(SSL *s);
-int ssl3_get_server_certificate(SSL *s);
-int ssl3_check_cert_and_algorithm(SSL *s);
-# ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_NEXTPROTONEG
-int ssl3_send_next_proto(SSL *s);
-# endif
-# endif
-
-int dtls1_client_hello(SSL *s);
-int dtls1_send_client_certificate(SSL *s);
-int dtls1_send_client_key_exchange(SSL *s);
-int dtls1_send_client_verify(SSL *s);
-
-/* some server-only functions */
-int ssl3_get_client_hello(SSL *s);
-int ssl3_send_server_hello(SSL *s);
-int ssl3_send_hello_request(SSL *s);
-int ssl3_send_server_key_exchange(SSL *s);
-int ssl3_send_certificate_request(SSL *s);
-int ssl3_send_server_done(SSL *s);
-int ssl3_check_client_hello(SSL *s);
-int ssl3_get_client_certificate(SSL *s);
-int ssl3_get_client_key_exchange(SSL *s);
-int ssl3_get_cert_verify(SSL *s);
-# ifndef OPENSSL_NO_NEXTPROTONEG
-int ssl3_get_next_proto(SSL *s);
-# endif
-
-int dtls1_send_hello_request(SSL *s);
-int dtls1_send_server_hello(SSL *s);
-int dtls1_send_server_certificate(SSL *s);
-int dtls1_send_server_key_exchange(SSL *s);
-int dtls1_send_certificate_request(SSL *s);
-int dtls1_send_server_done(SSL *s);
-
-int ssl23_accept(SSL *s);
-int ssl23_connect(SSL *s);
-int ssl23_read_bytes(SSL *s, int n);
-int ssl23_write_bytes(SSL *s);
-
-int tls1_new(SSL *s);
-void tls1_free(SSL *s);
-void tls1_clear(SSL *s);
-long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-long tls1_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-
-int dtls1_new(SSL *s);
-int dtls1_accept(SSL *s);
-int dtls1_connect(SSL *s);
-void dtls1_free(SSL *s);
-void dtls1_clear(SSL *s);
-long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-int dtls1_shutdown(SSL *s);
-
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int dtls1_get_record(SSL *s);
-int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
- unsigned int len, int create_empty_fragement);
-int dtls1_dispatch_alert(SSL *s);
-int dtls1_enc(SSL *s, int snd);
-
-int ssl_init_wbio_buffer(SSL *s, int push);
-void ssl_free_wbio_buffer(SSL *s);
-
-int tls1_change_cipher_state(SSL *s, int which);
-int tls1_setup_key_block(SSL *s);
-int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s,
- const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
-int tls1_mac(SSL *ssl, unsigned char *md, int snd);
-int tls1_generate_master_secret(SSL *s, unsigned char *out,
- unsigned char *p, int len);
-int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
- const char *label, size_t llen,
- const unsigned char *p, size_t plen,
- int use_context);
-int tls1_alert_code(int code);
-int ssl3_alert_code(int code);
-int ssl_ok(SSL *s);
-
-# ifndef OPENSSL_NO_ECDH
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
-# endif
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
-
-# ifndef OPENSSL_NO_EC
-int tls1_ec_curve_id2nid(int curve_id);
-int tls1_ec_nid2curve_id(int nid);
-# endif /* OPENSSL_NO_EC */
-
-# ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
- unsigned char *limit);
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
- unsigned char *limit);
-int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
- unsigned char *limit, int *al);
-int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
- unsigned char *d, int n, int *al);
-int ssl_prepare_clienthello_tlsext(SSL *s);
-int ssl_prepare_serverhello_tlsext(SSL *s);
-int ssl_check_clienthello_tlsext_early(SSL *s);
-int ssl_check_clienthello_tlsext_late(SSL *s);
-int ssl_check_serverhello_tlsext(SSL *s);
-
-# ifndef OPENSSL_NO_HEARTBEATS
-int tls1_heartbeat(SSL *s);
-int dtls1_heartbeat(SSL *s);
-int tls1_process_heartbeat(SSL *s);
-int dtls1_process_heartbeat(SSL *s);
-# endif
-
-# ifdef OPENSSL_NO_SHA256
-# define tlsext_tick_md EVP_sha1
-# else
-# define tlsext_tick_md EVP_sha256
-# endif
-int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
- const unsigned char *limit, SSL_SESSION **ret);
-
-int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
- const EVP_MD *md);
-int tls12_get_sigid(const EVP_PKEY *pk);
-const EVP_MD *tls12_get_hash(unsigned char hash_alg);
-
-# endif
-EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
-int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
- int maxlen);
-int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
- int *al);
-int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
- int maxlen);
-int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
- int *al);
-long ssl_get_algorithm2(SSL *s);
-int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
-int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
-
-int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
- int maxlen);
-int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
- int *al);
-int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
- int maxlen);
-int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
- int *al);
-
-/* s3_cbc.c */
-void ssl3_cbc_copy_mac(unsigned char *out,
- const SSL3_RECORD *rec,
- unsigned md_size, unsigned orig_len);
-int ssl3_cbc_remove_padding(const SSL *s,
- SSL3_RECORD *rec,
- unsigned block_size, unsigned mac_size);
-int tls1_cbc_remove_padding(const SSL *s,
- SSL3_RECORD *rec,
- unsigned block_size, unsigned mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
-int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
- unsigned char *md_out,
- size_t *md_out_size,
- const unsigned char header[13],
- const unsigned char *data,
- size_t data_plus_mac_size,
- size_t data_plus_mac_plus_padding_size,
- const unsigned char *mac_secret,
- unsigned mac_secret_length, char is_sslv3);
-
-void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
- EVP_MD_CTX *mac_ctx, const unsigned char *data,
- size_t data_len, size_t orig_len);
-
-int srp_verify_server_param(SSL *s, int *al);
-
-# else
-
-# define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
-# define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
-# define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
-# define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
-
-# endif
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h (from rev 11605, vendor-crypto/openssl/dist/ssl/ssl_locl.h)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_locl.h 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1247 @@
+/* ssl/ssl_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_SSL_LOCL_H
+# define HEADER_SSL_LOCL_H
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include <errno.h>
+
+# include "e_os.h"
+
+# include <openssl/buffer.h>
+# ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+# endif
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
+# ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/ssl.h>
+# include <openssl/symhacks.h>
+
+# ifdef OPENSSL_BUILD_SHLIBSSL
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+# undef PKCS1_CHECK
+
+# define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+/* NOTE - c is not incremented as per c2l */
+# define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+# define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+# define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
+ l|=((unsigned long)(*((c)++)))<<16, \
+ l|=((unsigned long)(*((c)++)))<< 8, \
+ l|=((unsigned long)(*((c)++))))
+
+# define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+# define l2n6(l,c) (*((c)++)=(unsigned char)(((l)>>40)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>32)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+# define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>48)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>40)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>32)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+# define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \
+ l|=((BN_ULLONG)(*((c)++)))<<32, \
+ l|=((BN_ULLONG)(*((c)++)))<<24, \
+ l|=((BN_ULLONG)(*((c)++)))<<16, \
+ l|=((BN_ULLONG)(*((c)++)))<< 8, \
+ l|=((BN_ULLONG)(*((c)++))))
+
+/* NOTE - c is not incremented as per l2c */
+# define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+# define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
+ (((unsigned int)(c[1])) )),c+=2)
+# define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
+ c[1]=(unsigned char)(((s) )&0xff)),c+=2)
+
+# define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
+ (((unsigned long)(c[1]))<< 8)| \
+ (((unsigned long)(c[2])) )),c+=3)
+
+# define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
+ c[1]=(unsigned char)(((l)>> 8)&0xff), \
+ c[2]=(unsigned char)(((l) )&0xff)),c+=3)
+
+/* LOCAL STUFF */
+
+# define SSL_DECRYPT 0
+# define SSL_ENCRYPT 1
+
+# define TWO_BYTE_BIT 0x80
+# define SEC_ESC_BIT 0x40
+# define TWO_BYTE_MASK 0x7fff
+# define THREE_BYTE_MASK 0x3fff
+
+# define INC32(a) ((a)=((a)+1)&0xffffffffL)
+# define DEC32(a) ((a)=((a)-1)&0xffffffffL)
+# define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
+
+/*
+ * Define the Bitmasks for SSL_CIPHER.algorithms.
+ * This bits are used packed as dense as possible. If new methods/ciphers
+ * etc will be added, the bits a likely to change, so this information
+ * is for internal library use only, even though SSL_CIPHER.algorithms
+ * can be publicly accessed.
+ * Use the according functions for cipher management instead.
+ *
+ * The bit mask handling in the selection and sorting scheme in
+ * ssl_create_cipher_list() has only limited capabilities, reflecting
+ * that the different entities within are mutually exclusive:
+ * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
+ */
+
+/* Bits for algorithm_mkey (key exchange algorithm) */
+/* RSA key exchange */
+# define SSL_kRSA 0x00000001L
+/* DH cert, RSA CA cert */
+/* no such ciphersuites supported! */
+# define SSL_kDHr 0x00000002L
+/* DH cert, DSA CA cert */
+/* no such ciphersuite supported! */
+# define SSL_kDHd 0x00000004L
+/* tmp DH key no DH cert */
+# define SSL_kEDH 0x00000008L
+/* Kerberos5 key exchange */
+# define SSL_kKRB5 0x00000010L
+/* ECDH cert, RSA CA cert */
+# define SSL_kECDHr 0x00000020L
+/* ECDH cert, ECDSA CA cert */
+# define SSL_kECDHe 0x00000040L
+/* ephemeral ECDH */
+# define SSL_kEECDH 0x00000080L
+/* PSK */
+# define SSL_kPSK 0x00000100L
+/* GOST key exchange */
+# define SSL_kGOST 0x00000200L
+/* SRP */
+# define SSL_kSRP 0x00000400L
+
+/* Bits for algorithm_auth (server authentication) */
+/* RSA auth */
+# define SSL_aRSA 0x00000001L
+/* DSS auth */
+# define SSL_aDSS 0x00000002L
+/* no auth (i.e. use ADH or AECDH) */
+# define SSL_aNULL 0x00000004L
+/* Fixed DH auth (kDHd or kDHr) */
+/* no such ciphersuites supported! */
+# define SSL_aDH 0x00000008L
+/* Fixed ECDH auth (kECDHe or kECDHr) */
+# define SSL_aECDH 0x00000010L
+/* KRB5 auth */
+# define SSL_aKRB5 0x00000020L
+/* ECDSA auth*/
+# define SSL_aECDSA 0x00000040L
+/* PSK auth */
+# define SSL_aPSK 0x00000080L
+/* GOST R 34.10-94 signature auth */
+# define SSL_aGOST94 0x00000100L
+/* GOST R 34.10-2001 signature auth */
+# define SSL_aGOST01 0x00000200L
+/* SRP auth */
+# define SSL_aSRP 0x00000400L
+
+/* Bits for algorithm_enc (symmetric encryption) */
+# define SSL_DES 0x00000001L
+# define SSL_3DES 0x00000002L
+# define SSL_RC4 0x00000004L
+# define SSL_RC2 0x00000008L
+# define SSL_IDEA 0x00000010L
+# define SSL_eNULL 0x00000020L
+# define SSL_AES128 0x00000040L
+# define SSL_AES256 0x00000080L
+# define SSL_CAMELLIA128 0x00000100L
+# define SSL_CAMELLIA256 0x00000200L
+# define SSL_eGOST2814789CNT 0x00000400L
+# define SSL_SEED 0x00000800L
+# define SSL_AES128GCM 0x00001000L
+# define SSL_AES256GCM 0x00002000L
+
+# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
+# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
+
+/* Bits for algorithm_mac (symmetric authentication) */
+
+# define SSL_MD5 0x00000001L
+# define SSL_SHA1 0x00000002L
+# define SSL_GOST94 0x00000004L
+# define SSL_GOST89MAC 0x00000008L
+# define SSL_SHA256 0x00000010L
+# define SSL_SHA384 0x00000020L
+/* Not a real MAC, just an indication it is part of cipher */
+# define SSL_AEAD 0x00000040L
+
+/* Bits for algorithm_ssl (protocol version) */
+# define SSL_SSLV2 0x00000001UL
+# define SSL_SSLV3 0x00000002UL
+# define SSL_TLSV1 SSL_SSLV3/* for now */
+# define SSL_TLSV1_2 0x00000004UL
+
+/* Bits for algorithm2 (handshake digests and other extra flags) */
+
+# define SSL_HANDSHAKE_MAC_MD5 0x10
+# define SSL_HANDSHAKE_MAC_SHA 0x20
+# define SSL_HANDSHAKE_MAC_GOST94 0x40
+# define SSL_HANDSHAKE_MAC_SHA256 0x80
+# define SSL_HANDSHAKE_MAC_SHA384 0x100
+# define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
+
+/*
+ * When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX make
+ * sure to update this constant too
+ */
+# define SSL_MAX_DIGEST 6
+
+# define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
+
+# define TLS1_PRF_DGST_SHIFT 10
+# define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
+
+/*
+ * Stream MAC for GOST ciphersuites from cryptopro draft (currently this also
+ * goes into algorithm2)
+ */
+# define TLS1_STREAM_MAC 0x04
+
+/*
+ * Export and cipher strength information. For each cipher we have to decide
+ * whether it is exportable or not. This information is likely to change
+ * over time, since the export control rules are no static technical issue.
+ *
+ * Independent of the export flag the cipher strength is sorted into classes.
+ * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
+ * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
+ * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
+ * since SSL_EXP64 could be similar to SSL_LOW.
+ * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
+ * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
+ * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
+ * be possible.
+ */
+# define SSL_EXP_MASK 0x00000003L
+# define SSL_STRONG_MASK 0x000001fcL
+
+# define SSL_NOT_EXP 0x00000001L
+# define SSL_EXPORT 0x00000002L
+
+# define SSL_STRONG_NONE 0x00000004L
+# define SSL_EXP40 0x00000008L
+# define SSL_MICRO (SSL_EXP40)
+# define SSL_EXP56 0x00000010L
+# define SSL_MINI (SSL_EXP56)
+# define SSL_LOW 0x00000020L
+# define SSL_MEDIUM 0x00000040L
+# define SSL_HIGH 0x00000080L
+# define SSL_FIPS 0x00000100L
+# define SSL_NOT_DEFAULT 0x00000200L
+
+/* we have used 000003ff - 22 bits left to go */
+
+/*-
+ * Macros to check the export status and cipher strength for export ciphers.
+ * Even though the macros for EXPORT and EXPORT40/56 have similar names,
+ * their meaning is different:
+ * *_EXPORT macros check the 'exportable' status.
+ * *_EXPORT40/56 macros are used to check whether a certain cipher strength
+ * is given.
+ * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
+ * algorithm structure element to be passed (algorithms, algo_strength) and no
+ * typechecking can be done as they are all of type unsigned long, their
+ * direct usage is discouraged.
+ * Use the SSL_C_* macros instead.
+ */
+# define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
+# define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
+# define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
+# define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
+# define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
+# define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
+
+# define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
+ (a) == SSL_DES ? 8 : 7)
+# define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
+# define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
+ (c)->algo_strength)
+# define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
+
+/* Mostly for SSLv3 */
+# define SSL_PKEY_RSA_ENC 0
+# define SSL_PKEY_RSA_SIGN 1
+# define SSL_PKEY_DSA_SIGN 2
+# define SSL_PKEY_DH_RSA 3
+# define SSL_PKEY_DH_DSA 4
+# define SSL_PKEY_ECC 5
+# define SSL_PKEY_GOST94 6
+# define SSL_PKEY_GOST01 7
+# define SSL_PKEY_NUM 8
+
+/*-
+ * SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
+ * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
+ * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+ * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
+ * SSL_aRSA <- RSA_ENC | RSA_SIGN
+ * SSL_aDSS <- DSA_SIGN
+ */
+
+/*-
+#define CERT_INVALID 0
+#define CERT_PUBLIC_KEY 1
+#define CERT_PRIVATE_KEY 2
+*/
+
+# ifndef OPENSSL_NO_EC
+/*
+ * From ECC-TLS draft, used in encoding the curve type in ECParameters
+ */
+# define EXPLICIT_PRIME_CURVE_TYPE 1
+# define EXPLICIT_CHAR2_CURVE_TYPE 2
+# define NAMED_CURVE_TYPE 3
+# endif /* OPENSSL_NO_EC */
+
+typedef struct cert_pkey_st {
+ X509 *x509;
+ EVP_PKEY *privatekey;
+ /* Digest to use when signing */
+ const EVP_MD *digest;
+} CERT_PKEY;
+
+typedef struct cert_st {
+ /* Current active set */
+ /*
+ * ALWAYS points to an element of the pkeys array
+ * Probably it would make more sense to store
+ * an index, not a pointer.
+ */
+ CERT_PKEY *key;
+ /*
+ * The following masks are for the key and auth algorithms that are
+ * supported by the certs below
+ */
+ int valid;
+ unsigned long mask_k;
+ unsigned long mask_a;
+ unsigned long export_mask_k;
+ unsigned long export_mask_a;
+# ifndef OPENSSL_NO_RSA
+ RSA *rsa_tmp;
+ RSA *(*rsa_tmp_cb) (SSL *ssl, int is_export, int keysize);
+# endif
+# ifndef OPENSSL_NO_DH
+ DH *dh_tmp;
+ DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize);
+# endif
+# ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh_tmp;
+ /* Callback for generating ephemeral ECDH keys */
+ EC_KEY *(*ecdh_tmp_cb) (SSL *ssl, int is_export, int keysize);
+# endif
+ CERT_PKEY pkeys[SSL_PKEY_NUM];
+ int references; /* >1 only if SSL_copy_session_id is used */
+} CERT;
+
+typedef struct sess_cert_st {
+ STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
+ /* The 'peer_...' members are used only by clients. */
+ int peer_cert_type;
+ CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never
+ * NULL!) */
+ CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
+ /*
+ * Obviously we don't have the private keys of these, so maybe we
+ * shouldn't even use the CERT_PKEY type here.
+ */
+# ifndef OPENSSL_NO_RSA
+ RSA *peer_rsa_tmp; /* not used for SSL 2 */
+# endif
+# ifndef OPENSSL_NO_DH
+ DH *peer_dh_tmp; /* not used for SSL 2 */
+# endif
+# ifndef OPENSSL_NO_ECDH
+ EC_KEY *peer_ecdh_tmp;
+# endif
+ int references; /* actually always 1 at the moment */
+} SESS_CERT;
+
+/*
+ * #define MAC_DEBUG
+ */
+
+/*
+ * #define ERR_DEBUG
+ */
+/*
+ * #define ABORT_DEBUG
+ */
+/*
+ * #define PKT_DEBUG 1
+ */
+/*
+ * #define DES_DEBUG
+ */
+/*
+ * #define DES_OFB_DEBUG
+ */
+/*
+ * #define SSL_DEBUG
+ */
+/*
+ * #define RSA_DEBUG
+ */
+/*
+ * #define IDEA_DEBUG
+ */
+
+# define FP_ICC (int (*)(const void *,const void *))
+# define ssl_put_cipher_by_char(ssl,ciph,ptr) \
+ ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
+# define ssl_get_cipher_by_char(ssl,ptr) \
+ ((ssl)->method->get_cipher_by_char(ptr))
+
+/*
+ * This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff It is a bit
+ * of a mess of functions, but hell, think of it as an opaque structure :-)
+ */
+typedef struct ssl3_enc_method {
+ int (*enc) (SSL *, int);
+ int (*mac) (SSL *, unsigned char *, int);
+ int (*setup_key_block) (SSL *);
+ int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *,
+ int);
+ int (*change_cipher_state) (SSL *, int);
+ int (*final_finish_mac) (SSL *, const char *, int, unsigned char *);
+ int finish_mac_length;
+ int (*cert_verify_mac) (SSL *, int, unsigned char *);
+ const char *client_finished_label;
+ int client_finished_label_len;
+ const char *server_finished_label;
+ int server_finished_label_len;
+ int (*alert_value) (int);
+ int (*export_keying_material) (SSL *, unsigned char *, size_t,
+ const char *, size_t,
+ const unsigned char *, size_t,
+ int use_context);
+} SSL3_ENC_METHOD;
+
+# ifndef OPENSSL_NO_COMP
+/* Used for holding the relevant compression methods loaded into SSL_CTX */
+typedef struct ssl3_comp_st {
+ int comp_id; /* The identifier byte for this compression
+ * type */
+ char *name; /* Text name used for the compression type */
+ COMP_METHOD *method; /* The method :-) */
+} SSL3_COMP;
+# endif
+
+# ifndef OPENSSL_NO_BUF_FREELISTS
+typedef struct ssl3_buf_freelist_st {
+ size_t chunklen;
+ unsigned int len;
+ struct ssl3_buf_freelist_entry_st *head;
+} SSL3_BUF_FREELIST;
+
+typedef struct ssl3_buf_freelist_entry_st {
+ struct ssl3_buf_freelist_entry_st *next;
+} SSL3_BUF_FREELIST_ENTRY;
+# endif
+
+extern SSL3_ENC_METHOD ssl3_undef_enc_method;
+OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
+OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
+
+SSL_METHOD *ssl_bad_method(int ver);
+
+extern SSL3_ENC_METHOD TLSv1_enc_data;
+extern SSL3_ENC_METHOD SSLv3_enc_data;
+extern SSL3_ENC_METHOD DTLSv1_enc_data;
+
+# define SSL_IS_DTLS(s) (s->method->version == DTLS1_VERSION)
+
+# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
+ s_get_meth) \
+const SSL_METHOD *func_name(void) \
+ { \
+ static const SSL_METHOD func_name##_data= { \
+ version, \
+ tls1_new, \
+ tls1_clear, \
+ tls1_free, \
+ s_accept, \
+ s_connect, \
+ ssl3_read, \
+ ssl3_peek, \
+ ssl3_write, \
+ ssl3_shutdown, \
+ ssl3_renegotiate, \
+ ssl3_renegotiate_check, \
+ ssl3_get_message, \
+ ssl3_read_bytes, \
+ ssl3_write_bytes, \
+ ssl3_dispatch_alert, \
+ ssl3_ctrl, \
+ ssl3_ctx_ctrl, \
+ ssl3_get_cipher_by_char, \
+ ssl3_put_cipher_by_char, \
+ ssl3_pending, \
+ ssl3_num_ciphers, \
+ ssl3_get_cipher, \
+ s_get_meth, \
+ tls1_default_timeout, \
+ &TLSv1_enc_data, \
+ ssl_undefined_void_function, \
+ ssl3_callback_ctrl, \
+ ssl3_ctx_callback_ctrl, \
+ }; \
+ return &func_name##_data; \
+ }
+
+# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void) \
+ { \
+ static const SSL_METHOD func_name##_data= { \
+ SSL3_VERSION, \
+ ssl3_new, \
+ ssl3_clear, \
+ ssl3_free, \
+ s_accept, \
+ s_connect, \
+ ssl3_read, \
+ ssl3_peek, \
+ ssl3_write, \
+ ssl3_shutdown, \
+ ssl3_renegotiate, \
+ ssl3_renegotiate_check, \
+ ssl3_get_message, \
+ ssl3_read_bytes, \
+ ssl3_write_bytes, \
+ ssl3_dispatch_alert, \
+ ssl3_ctrl, \
+ ssl3_ctx_ctrl, \
+ ssl3_get_cipher_by_char, \
+ ssl3_put_cipher_by_char, \
+ ssl3_pending, \
+ ssl3_num_ciphers, \
+ ssl3_get_cipher, \
+ s_get_meth, \
+ ssl3_default_timeout, \
+ &SSLv3_enc_data, \
+ ssl_undefined_void_function, \
+ ssl3_callback_ctrl, \
+ ssl3_ctx_callback_ctrl, \
+ }; \
+ return &func_name##_data; \
+ }
+
+# define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void) \
+ { \
+ static const SSL_METHOD func_name##_data= { \
+ TLS1_2_VERSION, \
+ tls1_new, \
+ tls1_clear, \
+ tls1_free, \
+ s_accept, \
+ s_connect, \
+ ssl23_read, \
+ ssl23_peek, \
+ ssl23_write, \
+ ssl_undefined_function, \
+ ssl_undefined_function, \
+ ssl_ok, \
+ ssl3_get_message, \
+ ssl3_read_bytes, \
+ ssl3_write_bytes, \
+ ssl3_dispatch_alert, \
+ ssl3_ctrl, \
+ ssl3_ctx_ctrl, \
+ ssl23_get_cipher_by_char, \
+ ssl23_put_cipher_by_char, \
+ ssl_undefined_const_function, \
+ ssl23_num_ciphers, \
+ ssl23_get_cipher, \
+ s_get_meth, \
+ ssl23_default_timeout, \
+ &ssl3_undef_enc_method, \
+ ssl_undefined_void_function, \
+ ssl3_callback_ctrl, \
+ ssl3_ctx_callback_ctrl, \
+ }; \
+ return &func_name##_data; \
+ }
+
+# define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void) \
+ { \
+ static const SSL_METHOD func_name##_data= { \
+ SSL2_VERSION, \
+ ssl2_new, /* local */ \
+ ssl2_clear, /* local */ \
+ ssl2_free, /* local */ \
+ s_accept, \
+ s_connect, \
+ ssl2_read, \
+ ssl2_peek, \
+ ssl2_write, \
+ ssl2_shutdown, \
+ ssl_ok, /* NULL - renegotiate */ \
+ ssl_ok, /* NULL - check renegotiate */ \
+ NULL, /* NULL - ssl_get_message */ \
+ NULL, /* NULL - ssl_get_record */ \
+ NULL, /* NULL - ssl_write_bytes */ \
+ NULL, /* NULL - dispatch_alert */ \
+ ssl2_ctrl, /* local */ \
+ ssl2_ctx_ctrl, /* local */ \
+ ssl2_get_cipher_by_char, \
+ ssl2_put_cipher_by_char, \
+ ssl2_pending, \
+ ssl2_num_ciphers, \
+ ssl2_get_cipher, \
+ s_get_meth, \
+ ssl2_default_timeout, \
+ &ssl3_undef_enc_method, \
+ ssl_undefined_void_function, \
+ ssl2_callback_ctrl, /* local */ \
+ ssl2_ctx_callback_ctrl, /* local */ \
+ }; \
+ return &func_name##_data; \
+ }
+
+# define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void) \
+ { \
+ static const SSL_METHOD func_name##_data= { \
+ DTLS1_VERSION, \
+ dtls1_new, \
+ dtls1_clear, \
+ dtls1_free, \
+ s_accept, \
+ s_connect, \
+ ssl3_read, \
+ ssl3_peek, \
+ ssl3_write, \
+ dtls1_shutdown, \
+ ssl3_renegotiate, \
+ ssl3_renegotiate_check, \
+ dtls1_get_message, \
+ dtls1_read_bytes, \
+ dtls1_write_app_data_bytes, \
+ dtls1_dispatch_alert, \
+ dtls1_ctrl, \
+ ssl3_ctx_ctrl, \
+ ssl3_get_cipher_by_char, \
+ ssl3_put_cipher_by_char, \
+ ssl3_pending, \
+ ssl3_num_ciphers, \
+ dtls1_get_cipher, \
+ s_get_meth, \
+ dtls1_default_timeout, \
+ &DTLSv1_enc_data, \
+ ssl_undefined_void_function, \
+ ssl3_callback_ctrl, \
+ ssl3_ctx_callback_ctrl, \
+ }; \
+ return &func_name##_data; \
+ }
+
+struct openssl_ssl_test_functions {
+ int (*p_ssl_init_wbio_buffer) (SSL *s, int push);
+ int (*p_ssl3_setup_buffers) (SSL *s);
+ int (*p_tls1_process_heartbeat) (SSL *s);
+ int (*p_dtls1_process_heartbeat) (SSL *s);
+};
+
+# ifndef OPENSSL_UNIT_TEST
+
+void ssl_clear_cipher_ctx(SSL *s);
+int ssl_clear_bad_session(SSL *s);
+CERT *ssl_cert_new(void);
+CERT *ssl_cert_dup(CERT *cert);
+int ssl_cert_inst(CERT **o);
+void ssl_cert_free(CERT *c);
+SESS_CERT *ssl_sess_cert_new(void);
+void ssl_sess_cert_free(SESS_CERT *sc);
+int ssl_set_peer_cert_type(SESS_CERT *c, int type);
+int ssl_get_new_session(SSL *s, int session);
+int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
+ const unsigned char *limit);
+SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket);
+int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
+DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
+int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
+ const SSL_CIPHER *const *bp);
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
+ int num,
+ STACK_OF(SSL_CIPHER) **skp);
+int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
+ unsigned char *p,
+ int (*put_cb) (const SSL_CIPHER *,
+ unsigned char *));
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
+ STACK_OF(SSL_CIPHER) **pref,
+ STACK_OF(SSL_CIPHER) **sorted,
+ const char *rule_str);
+void ssl_update_cache(SSL *s, int mode);
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+ const EVP_MD **md, int *mac_pkey_type,
+ int *mac_secret_size, SSL_COMP **comp);
+int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
+int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
+int ssl_undefined_function(SSL *s);
+int ssl_undefined_void_function(void);
+int ssl_undefined_const_function(const SSL *s);
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
+X509 *ssl_get_server_send_cert(const SSL *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
+int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
+int ssl_verify_alarm_type(long type);
+void ssl_load_ciphers(void);
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
+
+int ssl2_enc_init(SSL *s, int client);
+int ssl2_generate_key_material(SSL *s);
+int ssl2_enc(SSL *s, int send_data);
+void ssl2_mac(SSL *s, unsigned char *mac, int send_data);
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
+int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+int ssl2_part_read(SSL *s, unsigned long f, int i);
+int ssl2_do_write(SSL *s);
+int ssl2_set_certificate(SSL *s, int type, int len,
+ const unsigned char *data);
+void ssl2_return_error(SSL *s, int reason);
+void ssl2_write_error(SSL *s);
+int ssl2_num_ciphers(void);
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+int ssl2_new(SSL *s);
+void ssl2_free(SSL *s);
+int ssl2_accept(SSL *s);
+int ssl2_connect(SSL *s);
+int ssl2_read(SSL *s, void *buf, int len);
+int ssl2_peek(SSL *s, void *buf, int len);
+int ssl2_write(SSL *s, const void *buf, int len);
+int ssl2_shutdown(SSL *s);
+void ssl2_clear(SSL *s);
+long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg);
+long ssl2_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
+long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
+long ssl2_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
+int ssl2_pending(const SSL *s);
+long ssl2_default_timeout(void);
+
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
+int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+void ssl3_init_finished_mac(SSL *s);
+int ssl3_send_server_certificate(SSL *s);
+int ssl3_send_newsession_ticket(SSL *s);
+int ssl3_send_cert_status(SSL *s);
+int ssl3_get_finished(SSL *s, int state_a, int state_b);
+int ssl3_setup_key_block(SSL *s);
+int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
+int ssl3_change_cipher_state(SSL *s, int which);
+void ssl3_cleanup_key_block(SSL *s);
+int ssl3_do_write(SSL *s, int type);
+int ssl3_send_alert(SSL *s, int level, int desc);
+int ssl3_generate_master_secret(SSL *s, unsigned char *out,
+ unsigned char *p, int len);
+int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
+int ssl3_num_ciphers(void);
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+int ssl3_renegotiate(SSL *ssl);
+int ssl3_renegotiate_check(SSL *ssl);
+int ssl3_dispatch_alert(SSL *s);
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
+int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
+ unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
+void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
+int ssl3_enc(SSL *s, int send_data);
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+void ssl3_free_digest_list(SSL *s);
+unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
+ STACK_OF(SSL_CIPHER) *srvr);
+int ssl3_setup_buffers(SSL *s);
+int ssl3_setup_read_buffer(SSL *s);
+int ssl3_setup_write_buffer(SSL *s);
+int ssl3_release_read_buffer(SSL *s);
+int ssl3_release_write_buffer(SSL *s);
+int ssl3_digest_cached_records(SSL *s);
+int ssl3_new(SSL *s);
+void ssl3_free(SSL *s);
+int ssl3_accept(SSL *s);
+int ssl3_connect(SSL *s);
+int ssl3_read(SSL *s, void *buf, int len);
+int ssl3_peek(SSL *s, void *buf, int len);
+int ssl3_write(SSL *s, const void *buf, int len);
+int ssl3_shutdown(SSL *s);
+void ssl3_clear(SSL *s);
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
+long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
+long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
+int ssl3_pending(const SSL *s);
+
+void ssl3_record_sequence_update(unsigned char *seq);
+int ssl3_do_change_cipher_spec(SSL *ssl);
+long ssl3_default_timeout(void);
+
+int ssl23_num_ciphers(void);
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+int ssl23_read(SSL *s, void *buf, int len);
+int ssl23_peek(SSL *s, void *buf, int len);
+int ssl23_write(SSL *s, const void *buf, int len);
+int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
+long ssl23_default_timeout(void);
+
+long tls1_default_timeout(void);
+int dtls1_do_write(SSL *s, int type);
+int ssl3_read_n(SSL *s, int n, int max, int extend);
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_do_compress(SSL *ssl);
+int ssl3_do_uncompress(SSL *ssl);
+int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+ unsigned int len);
+unsigned char *dtls1_set_message_header(SSL *s,
+ unsigned char *p, unsigned char mt,
+ unsigned long len,
+ unsigned long frag_off,
+ unsigned long frag_len);
+
+int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
+
+int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
+int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
+unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
+int dtls1_read_failed(SSL *s, int code);
+int dtls1_buffer_message(SSL *s, int ccs);
+int dtls1_retransmit_message(SSL *s, unsigned short seq,
+ unsigned long frag_off, int *found);
+int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
+int dtls1_retransmit_buffered_messages(SSL *s);
+void dtls1_clear_received_buffer(SSL *s);
+void dtls1_clear_sent_buffer(SSL *s);
+void dtls1_get_message_header(unsigned char *data,
+ struct hm_header_st *msg_hdr);
+void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
+void dtls1_reset_seq_numbers(SSL *s, int rw);
+long dtls1_default_timeout(void);
+struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft);
+int dtls1_check_timeout_num(SSL *s);
+int dtls1_handle_timeout(SSL *s);
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
+void dtls1_start_timer(SSL *s);
+void dtls1_stop_timer(SSL *s);
+int dtls1_is_timer_expired(SSL *s);
+void dtls1_double_timeout(SSL *s);
+int dtls1_send_newsession_ticket(SSL *s);
+unsigned int dtls1_min_mtu(SSL *s);
+unsigned int dtls1_link_min_mtu(void);
+void dtls1_hm_fragment_free(hm_fragment *frag);
+
+/* some client-only functions */
+int ssl3_client_hello(SSL *s);
+int ssl3_get_server_hello(SSL *s);
+int ssl3_get_certificate_request(SSL *s);
+int ssl3_get_new_session_ticket(SSL *s);
+int ssl3_get_cert_status(SSL *s);
+int ssl3_get_server_done(SSL *s);
+int ssl3_send_client_verify(SSL *s);
+int ssl3_send_client_certificate(SSL *s);
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
+int ssl3_send_client_key_exchange(SSL *s);
+int ssl3_get_key_exchange(SSL *s);
+int ssl3_get_server_certificate(SSL *s);
+int ssl3_check_cert_and_algorithm(SSL *s);
+# ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_send_next_proto(SSL *s);
+# endif
+# endif
+
+int dtls1_client_hello(SSL *s);
+int dtls1_send_client_certificate(SSL *s);
+int dtls1_send_client_key_exchange(SSL *s);
+int dtls1_send_client_verify(SSL *s);
+
+/* some server-only functions */
+int ssl3_get_client_hello(SSL *s);
+int ssl3_send_server_hello(SSL *s);
+int ssl3_send_hello_request(SSL *s);
+int ssl3_send_server_key_exchange(SSL *s);
+int ssl3_send_certificate_request(SSL *s);
+int ssl3_send_server_done(SSL *s);
+int ssl3_check_client_hello(SSL *s);
+int ssl3_get_client_certificate(SSL *s);
+int ssl3_get_client_key_exchange(SSL *s);
+int ssl3_get_cert_verify(SSL *s);
+# ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_get_next_proto(SSL *s);
+# endif
+
+int dtls1_send_hello_request(SSL *s);
+int dtls1_send_server_hello(SSL *s);
+int dtls1_send_server_certificate(SSL *s);
+int dtls1_send_server_key_exchange(SSL *s);
+int dtls1_send_certificate_request(SSL *s);
+int dtls1_send_server_done(SSL *s);
+
+int ssl23_accept(SSL *s);
+int ssl23_connect(SSL *s);
+int ssl23_read_bytes(SSL *s, int n);
+int ssl23_write_bytes(SSL *s);
+
+int tls1_new(SSL *s);
+void tls1_free(SSL *s);
+void tls1_clear(SSL *s);
+long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
+long tls1_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
+
+int dtls1_new(SSL *s);
+int dtls1_accept(SSL *s);
+int dtls1_connect(SSL *s);
+void dtls1_free(SSL *s);
+void dtls1_clear(SSL *s);
+long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
+int dtls1_shutdown(SSL *s);
+
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int dtls1_get_record(SSL *s);
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
+ unsigned int len, int create_empty_fragement);
+int dtls1_dispatch_alert(SSL *s);
+int dtls1_enc(SSL *s, int snd);
+
+int ssl_init_wbio_buffer(SSL *s, int push);
+void ssl_free_wbio_buffer(SSL *s);
+
+int tls1_change_cipher_state(SSL *s, int which);
+int tls1_setup_key_block(SSL *s);
+int tls1_enc(SSL *s, int snd);
+int tls1_final_finish_mac(SSL *s,
+ const char *str, int slen, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
+int tls1_mac(SSL *ssl, unsigned char *md, int snd);
+int tls1_generate_master_secret(SSL *s, unsigned char *out,
+ unsigned char *p, int len);
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen,
+ int use_context);
+int tls1_alert_code(int code);
+int ssl3_alert_code(int code);
+int ssl_ok(SSL *s);
+
+# ifndef OPENSSL_NO_ECDH
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
+# endif
+
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
+
+# ifndef OPENSSL_NO_EC
+int tls1_ec_curve_id2nid(int curve_id);
+int tls1_ec_nid2curve_id(int nid);
+# endif /* OPENSSL_NO_EC */
+
+# ifndef OPENSSL_NO_TLSEXT
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+ unsigned char *limit);
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
+ unsigned char *limit);
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
+ unsigned char *limit, int *al);
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
+ unsigned char *d, int n, int *al);
+int ssl_prepare_clienthello_tlsext(SSL *s);
+int ssl_prepare_serverhello_tlsext(SSL *s);
+int ssl_check_clienthello_tlsext_early(SSL *s);
+int ssl_check_clienthello_tlsext_late(SSL *s);
+int ssl_check_serverhello_tlsext(SSL *s);
+
+# ifndef OPENSSL_NO_HEARTBEATS
+int tls1_heartbeat(SSL *s);
+int dtls1_heartbeat(SSL *s);
+int tls1_process_heartbeat(SSL *s);
+int dtls1_process_heartbeat(SSL *s);
+# endif
+
+# ifdef OPENSSL_NO_SHA256
+# define tlsext_tick_md EVP_sha1
+# else
+# define tlsext_tick_md EVP_sha256
+# endif
+int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+ const unsigned char *limit, SSL_SESSION **ret);
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+ const EVP_MD *md);
+int tls12_get_sigid(const EVP_PKEY *pk);
+const EVP_MD *tls12_get_hash(unsigned char hash_alg);
+
+# endif
+EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
+int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen);
+int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+ int *al);
+int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen);
+int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+ int *al);
+long ssl_get_algorithm2(SSL *s);
+int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
+int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
+
+int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen);
+int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+ int *al);
+int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen);
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+ int *al);
+
+/* s3_cbc.c */
+void ssl3_cbc_copy_mac(unsigned char *out,
+ const SSL3_RECORD *rec,
+ unsigned md_size, unsigned orig_len);
+int ssl3_cbc_remove_padding(const SSL *s,
+ SSL3_RECORD *rec,
+ unsigned block_size, unsigned mac_size);
+int tls1_cbc_remove_padding(const SSL *s,
+ SSL3_RECORD *rec,
+ unsigned block_size, unsigned mac_size);
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
+ unsigned char *md_out,
+ size_t *md_out_size,
+ const unsigned char header[13],
+ const unsigned char *data,
+ size_t data_plus_mac_size,
+ size_t data_plus_mac_plus_padding_size,
+ const unsigned char *mac_secret,
+ unsigned mac_secret_length, char is_sslv3);
+
+void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
+ EVP_MD_CTX *mac_ctx, const unsigned char *data,
+ size_t data_len, size_t orig_len);
+
+int srp_verify_server_param(SSL *s, int *al);
+
+# else
+
+# define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
+# define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
+# define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
+# define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
+
+# endif
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/ssl_sess.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1305 +0,0 @@
-/* ssl/ssl_sess.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/lhash.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include "ssl_locl.h"
-
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
-
-SSL_SESSION *SSL_get_session(const SSL *ssl)
-/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
-{
- return (ssl->session);
-}
-
-SSL_SESSION *SSL_get1_session(SSL *ssl)
-/* variant of SSL_get_session: caller really gets something */
-{
- SSL_SESSION *sess;
- /*
- * Need to lock this all up rather than just use CRYPTO_add so that
- * somebody doesn't free ssl->session between when we check it's non-null
- * and when we up the reference count.
- */
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
- sess = ssl->session;
- if (sess)
- sess->references++;
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
- return (sess);
-}
-
-int SSL_SESSION_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
-{
- return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-SSL_SESSION *SSL_SESSION_new(void)
-{
- SSL_SESSION *ss;
-
- ss = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
- if (ss == NULL) {
- SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- memset(ss, 0, sizeof(SSL_SESSION));
-
- ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
- ss->references = 1;
- ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */
- ss->time = (unsigned long)time(NULL);
- ss->prev = NULL;
- ss->next = NULL;
- ss->compress_meth = 0;
-#ifndef OPENSSL_NO_TLSEXT
- ss->tlsext_hostname = NULL;
-# ifndef OPENSSL_NO_EC
- ss->tlsext_ecpointformatlist_length = 0;
- ss->tlsext_ecpointformatlist = NULL;
- ss->tlsext_ellipticcurvelist_length = 0;
- ss->tlsext_ellipticcurvelist = NULL;
-# endif
-#endif
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-#ifndef OPENSSL_NO_PSK
- ss->psk_identity_hint = NULL;
- ss->psk_identity = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
- ss->srp_username = NULL;
-#endif
- return (ss);
-}
-
-/*
- * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
- * ticket == 0 then no ticket information is duplicated, otherwise it is.
- */
-SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
-{
- SSL_SESSION *dest;
-
- dest = OPENSSL_malloc(sizeof(*src));
- if (dest == NULL) {
- goto err;
- }
- memcpy(dest, src, sizeof(*dest));
-
- /*
- * Set the various pointers to NULL so that we can call SSL_SESSION_free in
- * the case of an error whilst halfway through constructing dest
- */
-#ifndef OPENSSL_NO_PSK
- dest->psk_identity_hint = NULL;
- dest->psk_identity = NULL;
-#endif
- dest->ciphers = NULL;
-#ifndef OPENSSL_NO_TLSEXT
- dest->tlsext_hostname = NULL;
-# ifndef OPENSSL_NO_EC
- dest->tlsext_ecpointformatlist = NULL;
- dest->tlsext_ellipticcurvelist = NULL;
-# endif
- dest->tlsext_tick = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
- dest->srp_username = NULL;
-#endif
- memset(&dest->ex_data, 0, sizeof(dest->ex_data));
-
- /* We deliberately don't copy the prev and next pointers */
- dest->prev = NULL;
- dest->next = NULL;
-
- dest->references = 1;
-
- if (src->sess_cert != NULL)
- CRYPTO_add(&src->sess_cert->references, 1, CRYPTO_LOCK_SSL_SESS_CERT);
-
- if (src->peer != NULL)
- CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
-
-#ifndef OPENSSL_NO_PSK
- if (src->psk_identity_hint) {
- dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);
- if (dest->psk_identity_hint == NULL) {
- goto err;
- }
- }
- if (src->psk_identity) {
- dest->psk_identity = BUF_strdup(src->psk_identity);
- if (dest->psk_identity == NULL) {
- goto err;
- }
- }
-#endif
-
- if(src->ciphers != NULL) {
- dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
- if (dest->ciphers == NULL)
- goto err;
- }
-
- if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
- &dest->ex_data, &src->ex_data)) {
- goto err;
- }
-
-#ifndef OPENSSL_NO_TLSEXT
- if (src->tlsext_hostname) {
- dest->tlsext_hostname = BUF_strdup(src->tlsext_hostname);
- if (dest->tlsext_hostname == NULL) {
- goto err;
- }
- }
-# ifndef OPENSSL_NO_EC
- if (src->tlsext_ecpointformatlist) {
- dest->tlsext_ecpointformatlist =
- BUF_memdup(src->tlsext_ecpointformatlist,
- src->tlsext_ecpointformatlist_length);
- if (dest->tlsext_ecpointformatlist == NULL)
- goto err;
- }
- if (src->tlsext_ellipticcurvelist) {
- dest->tlsext_ellipticcurvelist =
- BUF_memdup(src->tlsext_ellipticcurvelist,
- src->tlsext_ellipticcurvelist_length);
- if (dest->tlsext_ellipticcurvelist == NULL)
- goto err;
- }
-# endif
-
- if (ticket != 0) {
- dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
- if(dest->tlsext_tick == NULL)
- goto err;
- } else {
- dest->tlsext_tick_lifetime_hint = 0;
- dest->tlsext_ticklen = 0;
- }
-#endif
-
-#ifndef OPENSSL_NO_SRP
- if (src->srp_username) {
- dest->srp_username = BUF_strdup(src->srp_username);
- if (dest->srp_username == NULL) {
- goto err;
- }
- }
-#endif
-
- return dest;
-err:
- SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
- SSL_SESSION_free(dest);
- return NULL;
-}
-
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
- unsigned int *len)
-{
- if (len)
- *len = s->session_id_length;
- return s->session_id;
-}
-
-unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
-{
- return s->compress_meth;
-}
-
-/*
- * Even with SSLv2, we have 16 bytes (128 bits) of session ID space.
- * SSLv3/TLSv1 has 32 bytes (256 bits). As such, filling the ID with random
- * gunk repeatedly until we have no conflict is going to complete in one
- * iteration pretty much "most" of the time (btw: understatement). So, if it
- * takes us 10 iterations and we still can't avoid a conflict - well that's a
- * reasonable point to call it quits. Either the RAND code is broken or
- * someone is trying to open roughly very close to 2^128 (or 2^256) SSL
- * sessions to our server. How you might store that many sessions is perhaps
- * a more interesting question ...
- */
-
-#define MAX_SESS_ID_ATTEMPTS 10
-static int def_generate_session_id(const SSL *ssl, unsigned char *id,
- unsigned int *id_len)
-{
- unsigned int retry = 0;
- do
- if (RAND_pseudo_bytes(id, *id_len) <= 0)
- return 0;
- while (SSL_has_matching_session_id(ssl, id, *id_len) &&
- (++retry < MAX_SESS_ID_ATTEMPTS)) ;
- if (retry < MAX_SESS_ID_ATTEMPTS)
- return 1;
- /* else - woops a session_id match */
- /*
- * XXX We should also check the external cache -- but the probability of
- * a collision is negligible, and we could not prevent the concurrent
- * creation of sessions with identical IDs since we currently don't have
- * means to atomically check whether a session ID already exists and make
- * a reservation for it if it does not (this problem applies to the
- * internal cache as well).
- */
- return 0;
-}
-
-int ssl_get_new_session(SSL *s, int session)
-{
- /* This gets used by clients and servers. */
-
- unsigned int tmp;
- SSL_SESSION *ss = NULL;
- GEN_SESSION_CB cb = def_generate_session_id;
-
- if ((ss = SSL_SESSION_new()) == NULL)
- return (0);
-
- /* If the context has a default timeout, use it */
- if (s->session_ctx->session_timeout == 0)
- ss->timeout = SSL_get_default_timeout(s);
- else
- ss->timeout = s->session_ctx->session_timeout;
-
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- s->session = NULL;
- }
-
- if (session) {
- if (s->version == SSL2_VERSION) {
- ss->ssl_version = SSL2_VERSION;
- ss->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- } else if (s->version == SSL3_VERSION) {
- ss->ssl_version = SSL3_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_VERSION) {
- ss->ssl_version = TLS1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_1_VERSION) {
- ss->ssl_version = TLS1_1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_2_VERSION) {
- ss->ssl_version = TLS1_2_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == DTLS1_BAD_VER) {
- ss->ssl_version = DTLS1_BAD_VER;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == DTLS1_VERSION) {
- ss->ssl_version = DTLS1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
- SSL_SESSION_free(ss);
- return (0);
- }
-#ifndef OPENSSL_NO_TLSEXT
- /*-
- * If RFC5077 ticket, use empty session ID (as server).
- * Note that:
- * (a) ssl_get_prev_session() does lookahead into the
- * ClientHello extensions to find the session ticket.
- * When ssl_get_prev_session() fails, s3_srvr.c calls
- * ssl_get_new_session() in ssl3_get_client_hello().
- * At that point, it has not yet parsed the extensions,
- * however, because of the lookahead, it already knows
- * whether a ticket is expected or not.
- *
- * (b) s3_clnt.c calls ssl_get_new_session() before parsing
- * ServerHello extensions, and before recording the session
- * ID received from the server, so this block is a noop.
- */
- if (s->tlsext_ticket_expected) {
- ss->session_id_length = 0;
- goto sess_id_done;
- }
-#endif
- /* Choose which callback will set the session ID */
- CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- if (s->generate_session_id)
- cb = s->generate_session_id;
- else if (s->session_ctx->generate_session_id)
- cb = s->session_ctx->generate_session_id;
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
- /* Choose a session ID */
- tmp = ss->session_id_length;
- if (!cb(s, ss->session_id, &tmp)) {
- /* The callback failed */
- SSLerr(SSL_F_SSL_GET_NEW_SESSION,
- SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
- SSL_SESSION_free(ss);
- return (0);
- }
- /*
- * Don't allow the callback to set the session length to zero. nor
- * set it higher than it was.
- */
- if (!tmp || (tmp > ss->session_id_length)) {
- /* The callback set an illegal length */
- SSLerr(SSL_F_SSL_GET_NEW_SESSION,
- SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
- SSL_SESSION_free(ss);
- return (0);
- }
- /* If the session length was shrunk and we're SSLv2, pad it */
- if ((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
- memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
- else
- ss->session_id_length = tmp;
- /* Finally, check for a conflict */
- if (SSL_has_matching_session_id(s, ss->session_id,
- ss->session_id_length)) {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT);
- SSL_SESSION_free(ss);
- return (0);
- }
-#ifndef OPENSSL_NO_TLSEXT
- sess_id_done:
- if (s->tlsext_hostname) {
- ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
- if (ss->tlsext_hostname == NULL) {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
- SSL_SESSION_free(ss);
- return 0;
- }
- }
-# ifndef OPENSSL_NO_EC
- if (s->tlsext_ecpointformatlist) {
- if (ss->tlsext_ecpointformatlist != NULL)
- OPENSSL_free(ss->tlsext_ecpointformatlist);
- if ((ss->tlsext_ecpointformatlist =
- OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) ==
- NULL) {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
- SSL_SESSION_free(ss);
- return 0;
- }
- ss->tlsext_ecpointformatlist_length =
- s->tlsext_ecpointformatlist_length;
- memcpy(ss->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist,
- s->tlsext_ecpointformatlist_length);
- }
- if (s->tlsext_ellipticcurvelist) {
- if (ss->tlsext_ellipticcurvelist != NULL)
- OPENSSL_free(ss->tlsext_ellipticcurvelist);
- if ((ss->tlsext_ellipticcurvelist =
- OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) ==
- NULL) {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
- SSL_SESSION_free(ss);
- return 0;
- }
- ss->tlsext_ellipticcurvelist_length =
- s->tlsext_ellipticcurvelist_length;
- memcpy(ss->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist,
- s->tlsext_ellipticcurvelist_length);
- }
-# endif
-#endif
- } else {
- ss->session_id_length = 0;
- }
-
- if (s->sid_ctx_length > sizeof ss->sid_ctx) {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
- SSL_SESSION_free(ss);
- return 0;
- }
- memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
- ss->sid_ctx_length = s->sid_ctx_length;
- s->session = ss;
- ss->ssl_version = s->version;
- ss->verify_result = X509_V_OK;
-
- return (1);
-}
-
-/*-
- * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
- * connection. It is only called by servers.
- *
- * session_id: points at the session ID in the ClientHello. This code will
- * read past the end of this in order to parse out the session ticket
- * extension, if any.
- * len: the length of the session ID.
- * limit: a pointer to the first byte after the ClientHello.
- *
- * Returns:
- * -1: error
- * 0: a session may have been found.
- *
- * Side effects:
- * - If a session is found then s->session is pointed at it (after freeing an
- * existing session if need be) and s->verify_result is set from the session.
- * - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
- * if the server should issue a new session ticket (to 0 otherwise).
- */
-int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
- const unsigned char *limit)
-{
- /* This is used only by servers. */
-
- SSL_SESSION *ret = NULL;
- int fatal = 0;
- int try_session_cache = 1;
-#ifndef OPENSSL_NO_TLSEXT
- int r;
-#endif
-
- if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH)
- goto err;
-
- if (session_id + len > limit) {
- fatal = 1;
- goto err;
- }
-
- if (len == 0)
- try_session_cache = 0;
-
-#ifndef OPENSSL_NO_TLSEXT
- /* sets s->tlsext_ticket_expected */
- r = tls1_process_ticket(s, session_id, len, limit, &ret);
- switch (r) {
- case -1: /* Error during processing */
- fatal = 1;
- goto err;
- case 0: /* No ticket found */
- case 1: /* Zero length ticket found */
- break; /* Ok to carry on processing session id. */
- case 2: /* Ticket found but not decrypted. */
- case 3: /* Ticket decrypted, *ret has been set. */
- try_session_cache = 0;
- break;
- default:
- abort();
- }
-#endif
-
- if (try_session_cache &&
- ret == NULL &&
- !(s->session_ctx->session_cache_mode &
- SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
- SSL_SESSION data;
- data.ssl_version = s->version;
- data.session_id_length = len;
- if (len == 0)
- return 0;
- memcpy(data.session_id, session_id, len);
- CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
- if (ret != NULL) {
- /* don't allow other threads to steal it: */
- CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
- }
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
- if (ret == NULL)
- s->session_ctx->stats.sess_miss++;
- }
-
- if (try_session_cache &&
- ret == NULL && s->session_ctx->get_session_cb != NULL) {
- int copy = 1;
-
- if ((ret = s->session_ctx->get_session_cb(s, session_id, len, ©))) {
- s->session_ctx->stats.sess_cb_hit++;
-
- /*
- * Increment reference count now if the session callback asks us
- * to do so (note that if the session structures returned by the
- * callback are shared between threads, it must handle the
- * reference count itself [i.e. copy == 0], or things won't be
- * thread-safe).
- */
- if (copy)
- CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
-
- /*
- * Add the externally cached session to the internal cache as
- * well if and only if we are supposed to.
- */
- if (!
- (s->session_ctx->session_cache_mode &
- SSL_SESS_CACHE_NO_INTERNAL_STORE))
- /*
- * The following should not return 1, otherwise, things are
- * very strange
- */
- SSL_CTX_add_session(s->session_ctx, ret);
- }
- }
-
- if (ret == NULL)
- goto err;
-
- /* Now ret is non-NULL and we own one of its reference counts. */
-
- if (ret->sid_ctx_length != s->sid_ctx_length
- || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
- /*
- * We have the session requested by the client, but we don't want to
- * use it in this context.
- */
- goto err; /* treat like cache miss */
- }
-
- if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
- /*
- * We can't be sure if this session is being used out of context,
- * which is especially important for SSL_VERIFY_PEER. The application
- * should have used SSL[_CTX]_set_session_id_context. For this error
- * case, we generate an error instead of treating the event like a
- * cache miss (otherwise it would be easy for applications to
- * effectively disable the session cache by accident without anyone
- * noticing).
- */
-
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,
- SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
- fatal = 1;
- goto err;
- }
-
- if (ret->cipher == NULL) {
- unsigned char buf[5], *p;
- unsigned long l;
-
- p = buf;
- l = ret->cipher_id;
- l2n(l, p);
- if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
- ret->cipher = ssl_get_cipher_by_char(s, &(buf[2]));
- else
- ret->cipher = ssl_get_cipher_by_char(s, &(buf[1]));
- if (ret->cipher == NULL)
- goto err;
- }
-
- if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
- s->session_ctx->stats.sess_timeout++;
- if (try_session_cache) {
- /* session was from the cache, so remove it */
- SSL_CTX_remove_session(s->session_ctx, ret);
- }
- goto err;
- }
-
- s->session_ctx->stats.sess_hit++;
-
- if (s->session != NULL)
- SSL_SESSION_free(s->session);
- s->session = ret;
- s->verify_result = s->session->verify_result;
- return 1;
-
- err:
- if (ret != NULL) {
- SSL_SESSION_free(ret);
-#ifndef OPENSSL_NO_TLSEXT
- if (!try_session_cache) {
- /*
- * The session was from a ticket, so we should issue a ticket for
- * the new session
- */
- s->tlsext_ticket_expected = 1;
- }
-#endif
- }
- if (fatal)
- return -1;
- else
- return 0;
-}
-
-int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
- int ret = 0;
- SSL_SESSION *s;
-
- /*
- * add just 1 reference count for the SSL_CTX's session cache even though
- * it has two ways of access: each session is in a doubly linked list and
- * an lhash
- */
- CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
- /*
- * if session c is in already in cache, we take back the increment later
- */
-
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- s = lh_SSL_SESSION_insert(ctx->sessions, c);
-
- /*
- * s != NULL iff we already had a session with the given PID. In this
- * case, s == c should hold (then we did not really modify
- * ctx->sessions), or we're in trouble.
- */
- if (s != NULL && s != c) {
- /* We *are* in trouble ... */
- SSL_SESSION_list_remove(ctx, s);
- SSL_SESSION_free(s);
- /*
- * ... so pretend the other session did not exist in cache (we cannot
- * handle two SSL_SESSION structures with identical session ID in the
- * same cache, which could happen e.g. when two threads concurrently
- * obtain the same session from an external cache)
- */
- s = NULL;
- }
-
- /* Put at the head of the queue unless it is already in the cache */
- if (s == NULL)
- SSL_SESSION_list_add(ctx, c);
-
- if (s != NULL) {
- /*
- * existing cache entry -- decrement previously incremented reference
- * count because it already takes into account the cache
- */
-
- SSL_SESSION_free(s); /* s == c */
- ret = 0;
- } else {
- /*
- * new cache entry -- remove old ones if cache has become too large
- */
-
- ret = 1;
-
- if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
- while (SSL_CTX_sess_number(ctx) >
- SSL_CTX_sess_get_cache_size(ctx)) {
- if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
- break;
- else
- ctx->stats.sess_cache_full++;
- }
- }
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- return (ret);
-}
-
-int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
- return remove_session_lock(ctx, c, 1);
-}
-
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
-{
- SSL_SESSION *r;
- int ret = 0;
-
- if ((c != NULL) && (c->session_id_length != 0)) {
- if (lck)
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
- ret = 1;
- r = lh_SSL_SESSION_delete(ctx->sessions, c);
- SSL_SESSION_list_remove(ctx, c);
- }
-
- if (lck)
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-
- if (ret) {
- r->not_resumable = 1;
- if (ctx->remove_session_cb != NULL)
- ctx->remove_session_cb(ctx, r);
- SSL_SESSION_free(r);
- }
- } else
- ret = 0;
- return (ret);
-}
-
-void SSL_SESSION_free(SSL_SESSION *ss)
-{
- int i;
-
- if (ss == NULL)
- return;
-
- i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
-#ifdef REF_PRINT
- REF_PRINT("SSL_SESSION", ss);
-#endif
- if (i > 0)
- return;
-#ifdef REF_CHECK
- if (i < 0) {
- fprintf(stderr, "SSL_SESSION_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-
- OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg);
- OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
- OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
- if (ss->sess_cert != NULL)
- ssl_sess_cert_free(ss->sess_cert);
- if (ss->peer != NULL)
- X509_free(ss->peer);
- if (ss->ciphers != NULL)
- sk_SSL_CIPHER_free(ss->ciphers);
-#ifndef OPENSSL_NO_TLSEXT
- if (ss->tlsext_hostname != NULL)
- OPENSSL_free(ss->tlsext_hostname);
- if (ss->tlsext_tick != NULL)
- OPENSSL_free(ss->tlsext_tick);
-# ifndef OPENSSL_NO_EC
- ss->tlsext_ecpointformatlist_length = 0;
- if (ss->tlsext_ecpointformatlist != NULL)
- OPENSSL_free(ss->tlsext_ecpointformatlist);
- ss->tlsext_ellipticcurvelist_length = 0;
- if (ss->tlsext_ellipticcurvelist != NULL)
- OPENSSL_free(ss->tlsext_ellipticcurvelist);
-# endif /* OPENSSL_NO_EC */
-#endif
-#ifndef OPENSSL_NO_PSK
- if (ss->psk_identity_hint != NULL)
- OPENSSL_free(ss->psk_identity_hint);
- if (ss->psk_identity != NULL)
- OPENSSL_free(ss->psk_identity);
-#endif
-#ifndef OPENSSL_NO_SRP
- if (ss->srp_username != NULL)
- OPENSSL_free(ss->srp_username);
-#endif
- OPENSSL_cleanse(ss, sizeof(*ss));
- OPENSSL_free(ss);
-}
-
-int SSL_set_session(SSL *s, SSL_SESSION *session)
-{
- int ret = 0;
- const SSL_METHOD *meth;
-
- if (session != NULL) {
- meth = s->ctx->method->get_ssl_method(session->ssl_version);
- if (meth == NULL)
- meth = s->method->get_ssl_method(session->ssl_version);
- if (meth == NULL) {
- SSLerr(SSL_F_SSL_SET_SESSION, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
- return (0);
- }
-
- if (meth != s->method) {
- if (!SSL_set_ssl_method(s, meth))
- return (0);
- }
-#ifndef OPENSSL_NO_KRB5
- if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
- session->krb5_client_princ_len > 0) {
- s->kssl_ctx->client_princ =
- (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
- memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ,
- session->krb5_client_princ_len);
- s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
- }
-#endif /* OPENSSL_NO_KRB5 */
-
- /* CRYPTO_w_lock(CRYPTO_LOCK_SSL); */
- CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
- if (s->session != NULL)
- SSL_SESSION_free(s->session);
- s->session = session;
- s->verify_result = s->session->verify_result;
- /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL); */
- ret = 1;
- } else {
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- s->session = NULL;
- }
-
- meth = s->ctx->method;
- if (meth != s->method) {
- if (!SSL_set_ssl_method(s, meth))
- return (0);
- }
- ret = 1;
- }
- return (ret);
-}
-
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
-{
- if (s == NULL)
- return (0);
- s->timeout = t;
- return (1);
-}
-
-long SSL_SESSION_get_timeout(const SSL_SESSION *s)
-{
- if (s == NULL)
- return (0);
- return (s->timeout);
-}
-
-long SSL_SESSION_get_time(const SSL_SESSION *s)
-{
- if (s == NULL)
- return (0);
- return (s->time);
-}
-
-long SSL_SESSION_set_time(SSL_SESSION *s, long t)
-{
- if (s == NULL)
- return (0);
- s->time = t;
- return (t);
-}
-
-X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
-{
- return s->peer;
-}
-
-int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len)
-{
- if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
- SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
- SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
- return 0;
- }
- s->sid_ctx_length = sid_ctx_len;
- memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
-
- return 1;
-}
-
-long SSL_CTX_set_timeout(SSL_CTX *s, long t)
-{
- long l;
- if (s == NULL)
- return (0);
- l = s->session_timeout;
- s->session_timeout = t;
- return (l);
-}
-
-long SSL_CTX_get_timeout(const SSL_CTX *s)
-{
- if (s == NULL)
- return (0);
- return (s->session_timeout);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-int SSL_set_session_secret_cb(SSL *s,
- int (*tls_session_secret_cb) (SSL *s,
- void *secret,
- int *secret_len,
- STACK_OF(SSL_CIPHER)
- *peer_ciphers,
- SSL_CIPHER
- **cipher,
- void *arg),
- void *arg)
-{
- if (s == NULL)
- return (0);
- s->tls_session_secret_cb = tls_session_secret_cb;
- s->tls_session_secret_cb_arg = arg;
- return (1);
-}
-
-int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
- void *arg)
-{
- if (s == NULL)
- return (0);
- s->tls_session_ticket_ext_cb = cb;
- s->tls_session_ticket_ext_cb_arg = arg;
- return (1);
-}
-
-int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
-{
- if (s->version >= TLS1_VERSION) {
- if (s->tlsext_session_ticket) {
- OPENSSL_free(s->tlsext_session_ticket);
- s->tlsext_session_ticket = NULL;
- }
-
- s->tlsext_session_ticket =
- OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
- if (!s->tlsext_session_ticket) {
- SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- if (ext_data) {
- s->tlsext_session_ticket->length = ext_len;
- s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
- memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
- } else {
- s->tlsext_session_ticket->length = 0;
- s->tlsext_session_ticket->data = NULL;
- }
-
- return 1;
- }
-
- return 0;
-}
-#endif /* OPENSSL_NO_TLSEXT */
-
-typedef struct timeout_param_st {
- SSL_CTX *ctx;
- long time;
- LHASH_OF(SSL_SESSION) *cache;
-} TIMEOUT_PARAM;
-
-static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
-{
- if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
- /*
- * The reason we don't call SSL_CTX_remove_session() is to save on
- * locking overhead
- */
- (void)lh_SSL_SESSION_delete(p->cache, s);
- SSL_SESSION_list_remove(p->ctx, s);
- s->not_resumable = 1;
- if (p->ctx->remove_session_cb != NULL)
- p->ctx->remove_session_cb(p->ctx, s);
- SSL_SESSION_free(s);
- }
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
-
-void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
-{
- unsigned long i;
- TIMEOUT_PARAM tp;
-
- tp.ctx = s;
- tp.cache = s->sessions;
- if (tp.cache == NULL)
- return;
- tp.time = t;
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
- CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
- lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
- TIMEOUT_PARAM, &tp);
- CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-}
-
-int ssl_clear_bad_session(SSL *s)
-{
- if ((s->session != NULL) &&
- !(s->shutdown & SSL_SENT_SHUTDOWN) &&
- !(SSL_in_init(s) || SSL_in_before(s))) {
- SSL_CTX_remove_session(s->ctx, s->session);
- return (1);
- } else
- return (0);
-}
-
-/* locked by SSL_CTX in the calling function */
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
-{
- if ((s->next == NULL) || (s->prev == NULL))
- return;
-
- if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
- /* last element in list */
- if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
- /* only one element in list */
- ctx->session_cache_head = NULL;
- ctx->session_cache_tail = NULL;
- } else {
- ctx->session_cache_tail = s->prev;
- s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
- }
- } else {
- if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
- /* first element in list */
- ctx->session_cache_head = s->next;
- s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
- } else {
- /* middle of list */
- s->next->prev = s->prev;
- s->prev->next = s->next;
- }
- }
- s->prev = s->next = NULL;
-}
-
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
-{
- if ((s->next != NULL) && (s->prev != NULL))
- SSL_SESSION_list_remove(ctx, s);
-
- if (ctx->session_cache_head == NULL) {
- ctx->session_cache_head = s;
- ctx->session_cache_tail = s;
- s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
- s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
- } else {
- s->next = ctx->session_cache_head;
- s->next->prev = s;
- s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
- ctx->session_cache_head = s;
- }
-}
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
- int (*cb) (struct ssl_st *ssl,
- SSL_SESSION *sess))
-{
- ctx->new_session_cb = cb;
-}
-
-int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
- return ctx->new_session_cb;
-}
-
-void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
- void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
-{
- ctx->remove_session_cb = cb;
-}
-
-void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
- SSL_SESSION *sess) {
- return ctx->remove_session_cb;
-}
-
-void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
- SSL_SESSION *(*cb) (struct ssl_st *ssl,
- unsigned char *data, int len,
- int *copy))
-{
- ctx->get_session_cb = cb;
-}
-
-SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
- unsigned char *data,
- int len, int *copy) {
- return ctx->get_session_cb;
-}
-
-void SSL_CTX_set_info_callback(SSL_CTX *ctx,
- void (*cb) (const SSL *ssl, int type, int val))
-{
- ctx->info_callback = cb;
-}
-
-void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
- int val) {
- return ctx->info_callback;
-}
-
-void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl, X509 **x509,
- EVP_PKEY **pkey))
-{
- ctx->client_cert_cb = cb;
-}
-
-int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
- EVP_PKEY **pkey) {
- return ctx->client_cert_cb;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
-{
- if (!ENGINE_init(e)) {
- SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
- return 0;
- }
- if (!ENGINE_get_ssl_client_cert_function(e)) {
- SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
- SSL_R_NO_CLIENT_CERT_METHOD);
- ENGINE_finish(e);
- return 0;
- }
- ctx->client_cert_engine = e;
- return 1;
-}
-#endif
-
-void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
- unsigned char *cookie,
- unsigned int *cookie_len))
-{
- ctx->app_gen_cookie_cb = cb;
-}
-
-void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl, unsigned char *cookie,
- unsigned int cookie_len))
-{
- ctx->app_verify_cookie_cb = cb;
-}
-
-IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION,
- SSL_SESSION)
Copied: vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c (from rev 11605, vendor-crypto/openssl/dist/ssl/ssl_sess.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/ssl_sess.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1302 @@
+/* ssl/ssl_sess.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/lhash.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "ssl_locl.h"
+
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
+static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
+static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
+
+SSL_SESSION *SSL_get_session(const SSL *ssl)
+/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
+{
+ return (ssl->session);
+}
+
+SSL_SESSION *SSL_get1_session(SSL *ssl)
+/* variant of SSL_get_session: caller really gets something */
+{
+ SSL_SESSION *sess;
+ /*
+ * Need to lock this all up rather than just use CRYPTO_add so that
+ * somebody doesn't free ssl->session between when we check it's non-null
+ * and when we up the reference count.
+ */
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
+ sess = ssl->session;
+ if (sess)
+ sess->references++;
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
+ return (sess);
+}
+
+int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
+ new_func, dup_func, free_func);
+}
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
+}
+
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
+{
+ return (CRYPTO_get_ex_data(&s->ex_data, idx));
+}
+
+SSL_SESSION *SSL_SESSION_new(void)
+{
+ SSL_SESSION *ss;
+
+ ss = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
+ if (ss == NULL) {
+ SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ memset(ss, 0, sizeof(SSL_SESSION));
+
+ ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
+ ss->references = 1;
+ ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */
+ ss->time = (unsigned long)time(NULL);
+ ss->prev = NULL;
+ ss->next = NULL;
+ ss->compress_meth = 0;
+#ifndef OPENSSL_NO_TLSEXT
+ ss->tlsext_hostname = NULL;
+# ifndef OPENSSL_NO_EC
+ ss->tlsext_ecpointformatlist_length = 0;
+ ss->tlsext_ecpointformatlist = NULL;
+ ss->tlsext_ellipticcurvelist_length = 0;
+ ss->tlsext_ellipticcurvelist = NULL;
+# endif
+#endif
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+#ifndef OPENSSL_NO_PSK
+ ss->psk_identity_hint = NULL;
+ ss->psk_identity = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ ss->srp_username = NULL;
+#endif
+ return (ss);
+}
+
+/*
+ * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
+ * ticket == 0 then no ticket information is duplicated, otherwise it is.
+ */
+SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
+{
+ SSL_SESSION *dest;
+
+ dest = OPENSSL_malloc(sizeof(*src));
+ if (dest == NULL) {
+ goto err;
+ }
+ memcpy(dest, src, sizeof(*dest));
+
+ /*
+ * Set the various pointers to NULL so that we can call SSL_SESSION_free in
+ * the case of an error whilst halfway through constructing dest
+ */
+#ifndef OPENSSL_NO_PSK
+ dest->psk_identity_hint = NULL;
+ dest->psk_identity = NULL;
+#endif
+ dest->ciphers = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+ dest->tlsext_hostname = NULL;
+# ifndef OPENSSL_NO_EC
+ dest->tlsext_ecpointformatlist = NULL;
+ dest->tlsext_ellipticcurvelist = NULL;
+# endif
+ dest->tlsext_tick = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ dest->srp_username = NULL;
+#endif
+ memset(&dest->ex_data, 0, sizeof(dest->ex_data));
+
+ /* We deliberately don't copy the prev and next pointers */
+ dest->prev = NULL;
+ dest->next = NULL;
+
+ dest->references = 1;
+
+ if (src->sess_cert != NULL)
+ CRYPTO_add(&src->sess_cert->references, 1, CRYPTO_LOCK_SSL_SESS_CERT);
+
+ if (src->peer != NULL)
+ CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
+
+#ifndef OPENSSL_NO_PSK
+ if (src->psk_identity_hint) {
+ dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);
+ if (dest->psk_identity_hint == NULL) {
+ goto err;
+ }
+ }
+ if (src->psk_identity) {
+ dest->psk_identity = BUF_strdup(src->psk_identity);
+ if (dest->psk_identity == NULL) {
+ goto err;
+ }
+ }
+#endif
+
+ if(src->ciphers != NULL) {
+ dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
+ if (dest->ciphers == NULL)
+ goto err;
+ }
+
+ if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
+ &dest->ex_data, &src->ex_data)) {
+ goto err;
+ }
+
+#ifndef OPENSSL_NO_TLSEXT
+ if (src->tlsext_hostname) {
+ dest->tlsext_hostname = BUF_strdup(src->tlsext_hostname);
+ if (dest->tlsext_hostname == NULL) {
+ goto err;
+ }
+ }
+# ifndef OPENSSL_NO_EC
+ if (src->tlsext_ecpointformatlist) {
+ dest->tlsext_ecpointformatlist =
+ BUF_memdup(src->tlsext_ecpointformatlist,
+ src->tlsext_ecpointformatlist_length);
+ if (dest->tlsext_ecpointformatlist == NULL)
+ goto err;
+ }
+ if (src->tlsext_ellipticcurvelist) {
+ dest->tlsext_ellipticcurvelist =
+ BUF_memdup(src->tlsext_ellipticcurvelist,
+ src->tlsext_ellipticcurvelist_length);
+ if (dest->tlsext_ellipticcurvelist == NULL)
+ goto err;
+ }
+# endif
+
+ if (ticket != 0) {
+ dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
+ if(dest->tlsext_tick == NULL)
+ goto err;
+ } else {
+ dest->tlsext_tick_lifetime_hint = 0;
+ dest->tlsext_ticklen = 0;
+ }
+#endif
+
+#ifndef OPENSSL_NO_SRP
+ if (src->srp_username) {
+ dest->srp_username = BUF_strdup(src->srp_username);
+ if (dest->srp_username == NULL) {
+ goto err;
+ }
+ }
+#endif
+
+ return dest;
+err:
+ SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
+ SSL_SESSION_free(dest);
+ return NULL;
+}
+
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+ unsigned int *len)
+{
+ if (len)
+ *len = s->session_id_length;
+ return s->session_id;
+}
+
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
+{
+ return s->compress_meth;
+}
+
+/*
+ * Even with SSLv2, we have 16 bytes (128 bits) of session ID space.
+ * SSLv3/TLSv1 has 32 bytes (256 bits). As such, filling the ID with random
+ * gunk repeatedly until we have no conflict is going to complete in one
+ * iteration pretty much "most" of the time (btw: understatement). So, if it
+ * takes us 10 iterations and we still can't avoid a conflict - well that's a
+ * reasonable point to call it quits. Either the RAND code is broken or
+ * someone is trying to open roughly very close to 2^128 (or 2^256) SSL
+ * sessions to our server. How you might store that many sessions is perhaps
+ * a more interesting question ...
+ */
+
+#define MAX_SESS_ID_ATTEMPTS 10
+static int def_generate_session_id(const SSL *ssl, unsigned char *id,
+ unsigned int *id_len)
+{
+ unsigned int retry = 0;
+ do
+ if (RAND_bytes(id, *id_len) <= 0)
+ return 0;
+ while (SSL_has_matching_session_id(ssl, id, *id_len) &&
+ (++retry < MAX_SESS_ID_ATTEMPTS)) ;
+ if (retry < MAX_SESS_ID_ATTEMPTS)
+ return 1;
+ /* else - woops a session_id match */
+ /*
+ * XXX We should also check the external cache -- but the probability of
+ * a collision is negligible, and we could not prevent the concurrent
+ * creation of sessions with identical IDs since we currently don't have
+ * means to atomically check whether a session ID already exists and make
+ * a reservation for it if it does not (this problem applies to the
+ * internal cache as well).
+ */
+ return 0;
+}
+
+int ssl_get_new_session(SSL *s, int session)
+{
+ /* This gets used by clients and servers. */
+
+ unsigned int tmp;
+ SSL_SESSION *ss = NULL;
+ GEN_SESSION_CB cb = def_generate_session_id;
+
+ if ((ss = SSL_SESSION_new()) == NULL)
+ return (0);
+
+ /* If the context has a default timeout, use it */
+ if (s->session_ctx->session_timeout == 0)
+ ss->timeout = SSL_get_default_timeout(s);
+ else
+ ss->timeout = s->session_ctx->session_timeout;
+
+ if (s->session != NULL) {
+ SSL_SESSION_free(s->session);
+ s->session = NULL;
+ }
+
+ if (session) {
+ if (s->version == SSL2_VERSION) {
+ ss->ssl_version = SSL2_VERSION;
+ ss->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == SSL3_VERSION) {
+ ss->ssl_version = SSL3_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == TLS1_VERSION) {
+ ss->ssl_version = TLS1_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == TLS1_1_VERSION) {
+ ss->ssl_version = TLS1_1_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == TLS1_2_VERSION) {
+ ss->ssl_version = TLS1_2_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == DTLS1_BAD_VER) {
+ ss->ssl_version = DTLS1_BAD_VER;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == DTLS1_VERSION) {
+ ss->ssl_version = DTLS1_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
+ SSL_SESSION_free(ss);
+ return (0);
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ /*-
+ * If RFC5077 ticket, use empty session ID (as server).
+ * Note that:
+ * (a) ssl_get_prev_session() does lookahead into the
+ * ClientHello extensions to find the session ticket.
+ * When ssl_get_prev_session() fails, s3_srvr.c calls
+ * ssl_get_new_session() in ssl3_get_client_hello().
+ * At that point, it has not yet parsed the extensions,
+ * however, because of the lookahead, it already knows
+ * whether a ticket is expected or not.
+ *
+ * (b) s3_clnt.c calls ssl_get_new_session() before parsing
+ * ServerHello extensions, and before recording the session
+ * ID received from the server, so this block is a noop.
+ */
+ if (s->tlsext_ticket_expected) {
+ ss->session_id_length = 0;
+ goto sess_id_done;
+ }
+#endif
+ /* Choose which callback will set the session ID */
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ if (s->generate_session_id)
+ cb = s->generate_session_id;
+ else if (s->session_ctx->generate_session_id)
+ cb = s->session_ctx->generate_session_id;
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ /* Choose a session ID */
+ tmp = ss->session_id_length;
+ if (!cb(s, ss->session_id, &tmp)) {
+ /* The callback failed */
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+ SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
+ SSL_SESSION_free(ss);
+ return (0);
+ }
+ /*
+ * Don't allow the callback to set the session length to zero. nor
+ * set it higher than it was.
+ */
+ if (!tmp || (tmp > ss->session_id_length)) {
+ /* The callback set an illegal length */
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+ SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
+ SSL_SESSION_free(ss);
+ return (0);
+ }
+ /* If the session length was shrunk and we're SSLv2, pad it */
+ if ((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
+ memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
+ else
+ ss->session_id_length = tmp;
+ /* Finally, check for a conflict */
+ if (SSL_has_matching_session_id(s, ss->session_id,
+ ss->session_id_length)) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT);
+ SSL_SESSION_free(ss);
+ return (0);
+ }
+#ifndef OPENSSL_NO_TLSEXT
+ sess_id_done:
+ if (s->tlsext_hostname) {
+ ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+ if (ss->tlsext_hostname == NULL) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+ SSL_SESSION_free(ss);
+ return 0;
+ }
+ }
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist) {
+ if (ss->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(ss->tlsext_ecpointformatlist);
+ if ((ss->tlsext_ecpointformatlist =
+ OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
+ SSL_SESSION_free(ss);
+ return 0;
+ }
+ ss->tlsext_ecpointformatlist_length =
+ s->tlsext_ecpointformatlist_length;
+ memcpy(ss->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist,
+ s->tlsext_ecpointformatlist_length);
+ }
+ if (s->tlsext_ellipticcurvelist) {
+ if (ss->tlsext_ellipticcurvelist != NULL)
+ OPENSSL_free(ss->tlsext_ellipticcurvelist);
+ if ((ss->tlsext_ellipticcurvelist =
+ OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
+ SSL_SESSION_free(ss);
+ return 0;
+ }
+ ss->tlsext_ellipticcurvelist_length =
+ s->tlsext_ellipticcurvelist_length;
+ memcpy(ss->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist,
+ s->tlsext_ellipticcurvelist_length);
+ }
+# endif
+#endif
+ } else {
+ ss->session_id_length = 0;
+ }
+
+ if (s->sid_ctx_length > sizeof ss->sid_ctx) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+ SSL_SESSION_free(ss);
+ return 0;
+ }
+ memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
+ ss->sid_ctx_length = s->sid_ctx_length;
+ s->session = ss;
+ ss->ssl_version = s->version;
+ ss->verify_result = X509_V_OK;
+
+ return (1);
+}
+
+/*-
+ * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
+ * connection. It is only called by servers.
+ *
+ * session_id: points at the session ID in the ClientHello. This code will
+ * read past the end of this in order to parse out the session ticket
+ * extension, if any.
+ * len: the length of the session ID.
+ * limit: a pointer to the first byte after the ClientHello.
+ *
+ * Returns:
+ * -1: error
+ * 0: a session may have been found.
+ *
+ * Side effects:
+ * - If a session is found then s->session is pointed at it (after freeing an
+ * existing session if need be) and s->verify_result is set from the session.
+ * - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
+ * if the server should issue a new session ticket (to 0 otherwise).
+ */
+int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
+ const unsigned char *limit)
+{
+ /* This is used only by servers. */
+
+ SSL_SESSION *ret = NULL;
+ int fatal = 0;
+ int try_session_cache = 1;
+#ifndef OPENSSL_NO_TLSEXT
+ int r;
+#endif
+
+ if (limit - session_id < len) {
+ fatal = 1;
+ goto err;
+ }
+
+ if (len == 0)
+ try_session_cache = 0;
+
+#ifndef OPENSSL_NO_TLSEXT
+ /* sets s->tlsext_ticket_expected */
+ r = tls1_process_ticket(s, session_id, len, limit, &ret);
+ switch (r) {
+ case -1: /* Error during processing */
+ fatal = 1;
+ goto err;
+ case 0: /* No ticket found */
+ case 1: /* Zero length ticket found */
+ break; /* Ok to carry on processing session id. */
+ case 2: /* Ticket found but not decrypted. */
+ case 3: /* Ticket decrypted, *ret has been set. */
+ try_session_cache = 0;
+ break;
+ default:
+ abort();
+ }
+#endif
+
+ if (try_session_cache &&
+ ret == NULL &&
+ !(s->session_ctx->session_cache_mode &
+ SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
+ SSL_SESSION data;
+ data.ssl_version = s->version;
+ data.session_id_length = len;
+ if (len == 0)
+ return 0;
+ memcpy(data.session_id, session_id, len);
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
+ if (ret != NULL) {
+ /* don't allow other threads to steal it: */
+ CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
+ }
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (ret == NULL)
+ s->session_ctx->stats.sess_miss++;
+ }
+
+ if (try_session_cache &&
+ ret == NULL && s->session_ctx->get_session_cb != NULL) {
+ int copy = 1;
+
+ if ((ret = s->session_ctx->get_session_cb(s, session_id, len, ©))) {
+ s->session_ctx->stats.sess_cb_hit++;
+
+ /*
+ * Increment reference count now if the session callback asks us
+ * to do so (note that if the session structures returned by the
+ * callback are shared between threads, it must handle the
+ * reference count itself [i.e. copy == 0], or things won't be
+ * thread-safe).
+ */
+ if (copy)
+ CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
+
+ /*
+ * Add the externally cached session to the internal cache as
+ * well if and only if we are supposed to.
+ */
+ if (!
+ (s->session_ctx->session_cache_mode &
+ SSL_SESS_CACHE_NO_INTERNAL_STORE))
+ /*
+ * The following should not return 1, otherwise, things are
+ * very strange
+ */
+ SSL_CTX_add_session(s->session_ctx, ret);
+ }
+ }
+
+ if (ret == NULL)
+ goto err;
+
+ /* Now ret is non-NULL and we own one of its reference counts. */
+
+ if (ret->sid_ctx_length != s->sid_ctx_length
+ || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
+ /*
+ * We have the session requested by the client, but we don't want to
+ * use it in this context.
+ */
+ goto err; /* treat like cache miss */
+ }
+
+ if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
+ /*
+ * We can't be sure if this session is being used out of context,
+ * which is especially important for SSL_VERIFY_PEER. The application
+ * should have used SSL[_CTX]_set_session_id_context. For this error
+ * case, we generate an error instead of treating the event like a
+ * cache miss (otherwise it would be easy for applications to
+ * effectively disable the session cache by accident without anyone
+ * noticing).
+ */
+
+ SSLerr(SSL_F_SSL_GET_PREV_SESSION,
+ SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+ fatal = 1;
+ goto err;
+ }
+
+ if (ret->cipher == NULL) {
+ unsigned char buf[5], *p;
+ unsigned long l;
+
+ p = buf;
+ l = ret->cipher_id;
+ l2n(l, p);
+ if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
+ ret->cipher = ssl_get_cipher_by_char(s, &(buf[2]));
+ else
+ ret->cipher = ssl_get_cipher_by_char(s, &(buf[1]));
+ if (ret->cipher == NULL)
+ goto err;
+ }
+
+ if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
+ s->session_ctx->stats.sess_timeout++;
+ if (try_session_cache) {
+ /* session was from the cache, so remove it */
+ SSL_CTX_remove_session(s->session_ctx, ret);
+ }
+ goto err;
+ }
+
+ s->session_ctx->stats.sess_hit++;
+
+ if (s->session != NULL)
+ SSL_SESSION_free(s->session);
+ s->session = ret;
+ s->verify_result = s->session->verify_result;
+ return 1;
+
+ err:
+ if (ret != NULL) {
+ SSL_SESSION_free(ret);
+#ifndef OPENSSL_NO_TLSEXT
+ if (!try_session_cache) {
+ /*
+ * The session was from a ticket, so we should issue a ticket for
+ * the new session
+ */
+ s->tlsext_ticket_expected = 1;
+ }
+#endif
+ }
+ if (fatal)
+ return -1;
+ else
+ return 0;
+}
+
+int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
+{
+ int ret = 0;
+ SSL_SESSION *s;
+
+ /*
+ * add just 1 reference count for the SSL_CTX's session cache even though
+ * it has two ways of access: each session is in a doubly linked list and
+ * an lhash
+ */
+ CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
+ /*
+ * if session c is in already in cache, we take back the increment later
+ */
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ s = lh_SSL_SESSION_insert(ctx->sessions, c);
+
+ /*
+ * s != NULL iff we already had a session with the given PID. In this
+ * case, s == c should hold (then we did not really modify
+ * ctx->sessions), or we're in trouble.
+ */
+ if (s != NULL && s != c) {
+ /* We *are* in trouble ... */
+ SSL_SESSION_list_remove(ctx, s);
+ SSL_SESSION_free(s);
+ /*
+ * ... so pretend the other session did not exist in cache (we cannot
+ * handle two SSL_SESSION structures with identical session ID in the
+ * same cache, which could happen e.g. when two threads concurrently
+ * obtain the same session from an external cache)
+ */
+ s = NULL;
+ }
+
+ /* Put at the head of the queue unless it is already in the cache */
+ if (s == NULL)
+ SSL_SESSION_list_add(ctx, c);
+
+ if (s != NULL) {
+ /*
+ * existing cache entry -- decrement previously incremented reference
+ * count because it already takes into account the cache
+ */
+
+ SSL_SESSION_free(s); /* s == c */
+ ret = 0;
+ } else {
+ /*
+ * new cache entry -- remove old ones if cache has become too large
+ */
+
+ ret = 1;
+
+ if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
+ while (SSL_CTX_sess_number(ctx) >
+ SSL_CTX_sess_get_cache_size(ctx)) {
+ if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
+ break;
+ else
+ ctx->stats.sess_cache_full++;
+ }
+ }
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ return (ret);
+}
+
+int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
+{
+ return remove_session_lock(ctx, c, 1);
+}
+
+static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
+{
+ SSL_SESSION *r;
+ int ret = 0;
+
+ if ((c != NULL) && (c->session_id_length != 0)) {
+ if (lck)
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
+ ret = 1;
+ r = lh_SSL_SESSION_delete(ctx->sessions, c);
+ SSL_SESSION_list_remove(ctx, c);
+ }
+
+ if (lck)
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+
+ if (ret) {
+ r->not_resumable = 1;
+ if (ctx->remove_session_cb != NULL)
+ ctx->remove_session_cb(ctx, r);
+ SSL_SESSION_free(r);
+ }
+ } else
+ ret = 0;
+ return (ret);
+}
+
+void SSL_SESSION_free(SSL_SESSION *ss)
+{
+ int i;
+
+ if (ss == NULL)
+ return;
+
+ i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
+#ifdef REF_PRINT
+ REF_PRINT("SSL_SESSION", ss);
+#endif
+ if (i > 0)
+ return;
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "SSL_SESSION_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+
+ OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg);
+ OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
+ OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
+ if (ss->sess_cert != NULL)
+ ssl_sess_cert_free(ss->sess_cert);
+ if (ss->peer != NULL)
+ X509_free(ss->peer);
+ if (ss->ciphers != NULL)
+ sk_SSL_CIPHER_free(ss->ciphers);
+#ifndef OPENSSL_NO_TLSEXT
+ if (ss->tlsext_hostname != NULL)
+ OPENSSL_free(ss->tlsext_hostname);
+ if (ss->tlsext_tick != NULL)
+ OPENSSL_free(ss->tlsext_tick);
+# ifndef OPENSSL_NO_EC
+ ss->tlsext_ecpointformatlist_length = 0;
+ if (ss->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(ss->tlsext_ecpointformatlist);
+ ss->tlsext_ellipticcurvelist_length = 0;
+ if (ss->tlsext_ellipticcurvelist != NULL)
+ OPENSSL_free(ss->tlsext_ellipticcurvelist);
+# endif /* OPENSSL_NO_EC */
+#endif
+#ifndef OPENSSL_NO_PSK
+ if (ss->psk_identity_hint != NULL)
+ OPENSSL_free(ss->psk_identity_hint);
+ if (ss->psk_identity != NULL)
+ OPENSSL_free(ss->psk_identity);
+#endif
+#ifndef OPENSSL_NO_SRP
+ if (ss->srp_username != NULL)
+ OPENSSL_free(ss->srp_username);
+#endif
+ OPENSSL_cleanse(ss, sizeof(*ss));
+ OPENSSL_free(ss);
+}
+
+int SSL_set_session(SSL *s, SSL_SESSION *session)
+{
+ int ret = 0;
+ const SSL_METHOD *meth;
+
+ if (session != NULL) {
+ meth = s->ctx->method->get_ssl_method(session->ssl_version);
+ if (meth == NULL)
+ meth = s->method->get_ssl_method(session->ssl_version);
+ if (meth == NULL) {
+ SSLerr(SSL_F_SSL_SET_SESSION, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+ return (0);
+ }
+
+ if (meth != s->method) {
+ if (!SSL_set_ssl_method(s, meth))
+ return (0);
+ }
+#ifndef OPENSSL_NO_KRB5
+ if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
+ session->krb5_client_princ_len > 0) {
+ s->kssl_ctx->client_princ =
+ (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
+ memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ,
+ session->krb5_client_princ_len);
+ s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
+ }
+#endif /* OPENSSL_NO_KRB5 */
+
+ /* CRYPTO_w_lock(CRYPTO_LOCK_SSL); */
+ CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
+ if (s->session != NULL)
+ SSL_SESSION_free(s->session);
+ s->session = session;
+ s->verify_result = s->session->verify_result;
+ /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL); */
+ ret = 1;
+ } else {
+ if (s->session != NULL) {
+ SSL_SESSION_free(s->session);
+ s->session = NULL;
+ }
+
+ meth = s->ctx->method;
+ if (meth != s->method) {
+ if (!SSL_set_ssl_method(s, meth))
+ return (0);
+ }
+ ret = 1;
+ }
+ return (ret);
+}
+
+long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
+{
+ if (s == NULL)
+ return (0);
+ s->timeout = t;
+ return (1);
+}
+
+long SSL_SESSION_get_timeout(const SSL_SESSION *s)
+{
+ if (s == NULL)
+ return (0);
+ return (s->timeout);
+}
+
+long SSL_SESSION_get_time(const SSL_SESSION *s)
+{
+ if (s == NULL)
+ return (0);
+ return (s->time);
+}
+
+long SSL_SESSION_set_time(SSL_SESSION *s, long t)
+{
+ if (s == NULL)
+ return (0);
+ s->time = t;
+ return (t);
+}
+
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
+{
+ return s->peer;
+}
+
+int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len)
+{
+ if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+ SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
+ SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ return 0;
+ }
+ s->sid_ctx_length = sid_ctx_len;
+ memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
+
+ return 1;
+}
+
+long SSL_CTX_set_timeout(SSL_CTX *s, long t)
+{
+ long l;
+ if (s == NULL)
+ return (0);
+ l = s->session_timeout;
+ s->session_timeout = t;
+ return (l);
+}
+
+long SSL_CTX_get_timeout(const SSL_CTX *s)
+{
+ if (s == NULL)
+ return (0);
+ return (s->session_timeout);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+int SSL_set_session_secret_cb(SSL *s,
+ int (*tls_session_secret_cb) (SSL *s,
+ void *secret,
+ int *secret_len,
+ STACK_OF(SSL_CIPHER)
+ *peer_ciphers,
+ SSL_CIPHER
+ **cipher,
+ void *arg),
+ void *arg)
+{
+ if (s == NULL)
+ return (0);
+ s->tls_session_secret_cb = tls_session_secret_cb;
+ s->tls_session_secret_cb_arg = arg;
+ return (1);
+}
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+ void *arg)
+{
+ if (s == NULL)
+ return (0);
+ s->tls_session_ticket_ext_cb = cb;
+ s->tls_session_ticket_ext_cb_arg = arg;
+ return (1);
+}
+
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
+{
+ if (s->version >= TLS1_VERSION) {
+ if (s->tlsext_session_ticket) {
+ OPENSSL_free(s->tlsext_session_ticket);
+ s->tlsext_session_ticket = NULL;
+ }
+
+ s->tlsext_session_ticket =
+ OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
+ if (!s->tlsext_session_ticket) {
+ SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (ext_data) {
+ s->tlsext_session_ticket->length = ext_len;
+ s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
+ memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
+ } else {
+ s->tlsext_session_ticket->length = 0;
+ s->tlsext_session_ticket->data = NULL;
+ }
+
+ return 1;
+ }
+
+ return 0;
+}
+#endif /* OPENSSL_NO_TLSEXT */
+
+typedef struct timeout_param_st {
+ SSL_CTX *ctx;
+ long time;
+ LHASH_OF(SSL_SESSION) *cache;
+} TIMEOUT_PARAM;
+
+static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
+{
+ if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
+ /*
+ * The reason we don't call SSL_CTX_remove_session() is to save on
+ * locking overhead
+ */
+ (void)lh_SSL_SESSION_delete(p->cache, s);
+ SSL_SESSION_list_remove(p->ctx, s);
+ s->not_resumable = 1;
+ if (p->ctx->remove_session_cb != NULL)
+ p->ctx->remove_session_cb(p->ctx, s);
+ SSL_SESSION_free(s);
+ }
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
+
+void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
+{
+ unsigned long i;
+ TIMEOUT_PARAM tp;
+
+ tp.ctx = s;
+ tp.cache = s->sessions;
+ if (tp.cache == NULL)
+ return;
+ tp.time = t;
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
+ CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
+ lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
+ TIMEOUT_PARAM, &tp);
+ CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+}
+
+int ssl_clear_bad_session(SSL *s)
+{
+ if ((s->session != NULL) &&
+ !(s->shutdown & SSL_SENT_SHUTDOWN) &&
+ !(SSL_in_init(s) || SSL_in_before(s))) {
+ SSL_CTX_remove_session(s->ctx, s->session);
+ return (1);
+ } else
+ return (0);
+}
+
+/* locked by SSL_CTX in the calling function */
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
+{
+ if ((s->next == NULL) || (s->prev == NULL))
+ return;
+
+ if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
+ /* last element in list */
+ if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
+ /* only one element in list */
+ ctx->session_cache_head = NULL;
+ ctx->session_cache_tail = NULL;
+ } else {
+ ctx->session_cache_tail = s->prev;
+ s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
+ }
+ } else {
+ if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
+ /* first element in list */
+ ctx->session_cache_head = s->next;
+ s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+ } else {
+ /* middle of list */
+ s->next->prev = s->prev;
+ s->prev->next = s->next;
+ }
+ }
+ s->prev = s->next = NULL;
+}
+
+static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
+{
+ if ((s->next != NULL) && (s->prev != NULL))
+ SSL_SESSION_list_remove(ctx, s);
+
+ if (ctx->session_cache_head == NULL) {
+ ctx->session_cache_head = s;
+ ctx->session_cache_tail = s;
+ s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+ s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
+ } else {
+ s->next = ctx->session_cache_head;
+ s->next->prev = s;
+ s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+ ctx->session_cache_head = s;
+ }
+}
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+ int (*cb) (struct ssl_st *ssl,
+ SSL_SESSION *sess))
+{
+ ctx->new_session_cb = cb;
+}
+
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
+ return ctx->new_session_cb;
+}
+
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+ void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
+{
+ ctx->remove_session_cb = cb;
+}
+
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
+ SSL_SESSION *sess) {
+ return ctx->remove_session_cb;
+}
+
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+ SSL_SESSION *(*cb) (struct ssl_st *ssl,
+ unsigned char *data, int len,
+ int *copy))
+{
+ ctx->get_session_cb = cb;
+}
+
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
+ unsigned char *data,
+ int len, int *copy) {
+ return ctx->get_session_cb;
+}
+
+void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+ void (*cb) (const SSL *ssl, int type, int val))
+{
+ ctx->info_callback = cb;
+}
+
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
+ int val) {
+ return ctx->info_callback;
+}
+
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey))
+{
+ ctx->client_cert_cb = cb;
+}
+
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey) {
+ return ctx->client_cert_cb;
+}
+
+#ifndef OPENSSL_NO_ENGINE
+int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
+{
+ if (!ENGINE_init(e)) {
+ SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
+ return 0;
+ }
+ if (!ENGINE_get_ssl_client_cert_function(e)) {
+ SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
+ SSL_R_NO_CLIENT_CERT_METHOD);
+ ENGINE_finish(e);
+ return 0;
+ }
+ ctx->client_cert_engine = e;
+ return 1;
+}
+#endif
+
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl,
+ unsigned char *cookie,
+ unsigned int *cookie_len))
+{
+ ctx->app_gen_cookie_cb = cb;
+}
+
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl, unsigned char *cookie,
+ unsigned int cookie_len))
+{
+ ctx->app_verify_cookie_cb = cb;
+}
+
+IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION,
+ SSL_SESSION)
Deleted: vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/t1_enc.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1343 +0,0 @@
-/* ssl/t1_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-#include <openssl/rand.h>
-#ifdef KSSL_DEBUG
-# include <openssl/des.h>
-#endif
-
-/* seed1 through seed5 are virtually concatenated */
-static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
- int sec_len,
- const void *seed1, int seed1_len,
- const void *seed2, int seed2_len,
- const void *seed3, int seed3_len,
- const void *seed4, int seed4_len,
- const void *seed5, int seed5_len,
- unsigned char *out, int olen)
-{
- int chunk;
- size_t j;
- EVP_MD_CTX ctx, ctx_tmp;
- EVP_PKEY *mac_key;
- unsigned char A1[EVP_MAX_MD_SIZE];
- size_t A1_len;
- int ret = 0;
-
- chunk = EVP_MD_size(md);
- OPENSSL_assert(chunk >= 0);
-
- EVP_MD_CTX_init(&ctx);
- EVP_MD_CTX_init(&ctx_tmp);
- EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_MD_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
- if (!mac_key)
- goto err;
- if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
- goto err;
- if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
- goto err;
- if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
- goto err;
- if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
- goto err;
- if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
- goto err;
- if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
- goto err;
- if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
- goto err;
- if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
- goto err;
-
- for (;;) {
- /* Reinit mac contexts */
- if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
- goto err;
- if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
- goto err;
- if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
- goto err;
- if (!EVP_DigestSignUpdate(&ctx_tmp, A1, A1_len))
- goto err;
- if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
- goto err;
- if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
- goto err;
- if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
- goto err;
- if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
- goto err;
- if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
- goto err;
-
- if (olen > chunk) {
- if (!EVP_DigestSignFinal(&ctx, out, &j))
- goto err;
- out += j;
- olen -= j;
- /* calc the next A1 value */
- if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
- goto err;
- } else { /* last one */
-
- if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
- goto err;
- memcpy(out, A1, olen);
- break;
- }
- }
- ret = 1;
- err:
- EVP_PKEY_free(mac_key);
- EVP_MD_CTX_cleanup(&ctx);
- EVP_MD_CTX_cleanup(&ctx_tmp);
- OPENSSL_cleanse(A1, sizeof(A1));
- return ret;
-}
-
-/* seed1 through seed5 are virtually concatenated */
-static int tls1_PRF(long digest_mask,
- const void *seed1, int seed1_len,
- const void *seed2, int seed2_len,
- const void *seed3, int seed3_len,
- const void *seed4, int seed4_len,
- const void *seed5, int seed5_len,
- const unsigned char *sec, int slen,
- unsigned char *out1, unsigned char *out2, int olen)
-{
- int len, i, idx, count;
- const unsigned char *S1;
- long m;
- const EVP_MD *md;
- int ret = 0;
-
- /* Count number of digests and partition sec evenly */
- count = 0;
- for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
- if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
- count++;
- }
- if (!count) {
- /* Should never happen */
- SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- len = slen / count;
- if (count == 1)
- slen = 0;
- S1 = sec;
- memset(out1, 0, olen);
- for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
- if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
- if (!md) {
- SSLerr(SSL_F_TLS1_PRF, SSL_R_UNSUPPORTED_DIGEST_TYPE);
- goto err;
- }
- if (!tls1_P_hash(md, S1, len + (slen & 1),
- seed1, seed1_len, seed2, seed2_len, seed3,
- seed3_len, seed4, seed4_len, seed5, seed5_len,
- out2, olen))
- goto err;
- S1 += len;
- for (i = 0; i < olen; i++) {
- out1[i] ^= out2[i];
- }
- }
- }
- ret = 1;
- err:
- return ret;
-}
-
-static int tls1_generate_key_block(SSL *s, unsigned char *km,
- unsigned char *tmp, int num)
-{
- int ret;
- ret = tls1_PRF(ssl_get_algorithm2(s),
- TLS_MD_KEY_EXPANSION_CONST,
- TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3->server_random,
- SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE,
- NULL, 0, NULL, 0, s->session->master_key,
- s->session->master_key_length, km, tmp, num);
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_generate_key_block() ==> %d byte master_key =\n\t",
- s->session->master_key_length);
- {
- int i;
- for (i = 0; i < s->session->master_key_length; i++) {
- fprintf(stderr, "%02X", s->session->master_key[i]);
- }
- fprintf(stderr, "\n");
- }
-#endif /* KSSL_DEBUG */
- return ret;
-}
-
-int tls1_change_cipher_state(SSL *s, int which)
-{
- static const unsigned char empty[] = "";
- unsigned char *p, *mac_secret;
- unsigned char *exp_label;
- unsigned char tmp1[EVP_MAX_KEY_LENGTH];
- unsigned char tmp2[EVP_MAX_KEY_LENGTH];
- unsigned char iv1[EVP_MAX_IV_LENGTH * 2];
- unsigned char iv2[EVP_MAX_IV_LENGTH * 2];
- unsigned char *ms, *key, *iv;
- int client_write;
- EVP_CIPHER_CTX *dd;
- const EVP_CIPHER *c;
-#ifndef OPENSSL_NO_COMP
- const SSL_COMP *comp;
-#endif
- const EVP_MD *m;
- int mac_type;
- int *mac_secret_size;
- EVP_MD_CTX *mac_ctx;
- EVP_PKEY *mac_key;
- int is_export, n, i, j, k, exp_label_len, cl;
- int reuse_dd = 0;
-
- is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
- c = s->s3->tmp.new_sym_enc;
- m = s->s3->tmp.new_hash;
- mac_type = s->s3->tmp.new_mac_pkey_type;
-#ifndef OPENSSL_NO_COMP
- comp = s->s3->tmp.new_compression;
-#endif
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_change_cipher_state(which= %d) w/\n", which);
- fprintf(stderr, "\talg= %ld/%ld, comp= %p\n",
- s->s3->tmp.new_cipher->algorithm_mkey,
- s->s3->tmp.new_cipher->algorithm_auth, comp);
- fprintf(stderr, "\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
- fprintf(stderr, "\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
- c->nid, c->block_size, c->key_len, c->iv_len);
- fprintf(stderr, "\tkey_block: len= %d, data= ",
- s->s3->tmp.key_block_length);
- {
- int i;
- for (i = 0; i < s->s3->tmp.key_block_length; i++)
- fprintf(stderr, "%02x", s->s3->tmp.key_block[i]);
- fprintf(stderr, "\n");
- }
-#endif /* KSSL_DEBUG */
-
- if (which & SSL3_CC_READ) {
- if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
- if (s->enc_read_ctx != NULL)
- reuse_dd = 1;
- else if ((s->enc_read_ctx =
- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
- goto err;
- else
- /*
- * make sure it's intialized in case we exit later with an error
- */
- EVP_CIPHER_CTX_init(s->enc_read_ctx);
- dd = s->enc_read_ctx;
- mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
- if (mac_ctx == NULL)
- goto err;
-#ifndef OPENSSL_NO_COMP
- if (s->expand != NULL) {
- COMP_CTX_free(s->expand);
- s->expand = NULL;
- }
- if (comp != NULL) {
- s->expand = COMP_CTX_new(comp->method);
- if (s->expand == NULL) {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
- SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err2;
- }
- if (s->s3->rrec.comp == NULL)
- s->s3->rrec.comp = (unsigned char *)
- OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
- if (s->s3->rrec.comp == NULL)
- goto err;
- }
-#endif
- /*
- * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
- */
- if (s->version != DTLS1_VERSION)
- memset(&(s->s3->read_sequence[0]), 0, 8);
- mac_secret = &(s->s3->read_mac_secret[0]);
- mac_secret_size = &(s->s3->read_mac_secret_size);
- } else {
- if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
- if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))
- reuse_dd = 1;
- else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)
- goto err;
- dd = s->enc_write_ctx;
- if (SSL_IS_DTLS(s)) {
- mac_ctx = EVP_MD_CTX_create();
- if (mac_ctx == NULL)
- goto err;
- s->write_hash = mac_ctx;
- } else {
- mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
- if (mac_ctx == NULL)
- goto err;
- }
-#ifndef OPENSSL_NO_COMP
- if (s->compress != NULL) {
- COMP_CTX_free(s->compress);
- s->compress = NULL;
- }
- if (comp != NULL) {
- s->compress = COMP_CTX_new(comp->method);
- if (s->compress == NULL) {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
- SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err2;
- }
- }
-#endif
- /*
- * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
- */
- if (s->version != DTLS1_VERSION)
- memset(&(s->s3->write_sequence[0]), 0, 8);
- mac_secret = &(s->s3->write_mac_secret[0]);
- mac_secret_size = &(s->s3->write_mac_secret_size);
- }
-
- if (reuse_dd)
- EVP_CIPHER_CTX_cleanup(dd);
-
- p = s->s3->tmp.key_block;
- i = *mac_secret_size = s->s3->tmp.new_mac_secret_size;
-
- cl = EVP_CIPHER_key_length(c);
- j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
- cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
- /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
- /* If GCM mode only part of IV comes from PRF */
- if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
- k = EVP_GCM_TLS_FIXED_IV_LEN;
- else
- k = EVP_CIPHER_iv_length(c);
- if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
- (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
- ms = &(p[0]);
- n = i + i;
- key = &(p[n]);
- n += j + j;
- iv = &(p[n]);
- n += k + k;
- exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
- exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
- client_write = 1;
- } else {
- n = i;
- ms = &(p[n]);
- n += i + j;
- key = &(p[n]);
- n += j + k;
- iv = &(p[n]);
- n += k;
- exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
- exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
- client_write = 0;
- }
-
- if (n > s->s3->tmp.key_block_length) {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
- }
-
- memcpy(mac_secret, ms, i);
-
- if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
- mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
- mac_secret, *mac_secret_size);
- if (mac_key == NULL
- || EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {
- EVP_PKEY_free(mac_key);
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
- }
- EVP_PKEY_free(mac_key);
- }
-#ifdef TLS_DEBUG
- printf("which = %04X\nmac key=", which);
- {
- int z;
- for (z = 0; z < i; z++)
- printf("%02X%c", ms[z], ((z + 1) % 16) ? ' ' : '\n');
- }
-#endif
- if (is_export) {
- /*
- * In here I set both the read and write key/iv to the same value
- * since only the correct one will be used :-).
- */
- if (!tls1_PRF(ssl_get_algorithm2(s),
- exp_label, exp_label_len,
- s->s3->client_random, SSL3_RANDOM_SIZE,
- s->s3->server_random, SSL3_RANDOM_SIZE,
- NULL, 0, NULL, 0,
- key, j, tmp1, tmp2, EVP_CIPHER_key_length(c)))
- goto err2;
- key = tmp1;
-
- if (k > 0) {
- if (!tls1_PRF(ssl_get_algorithm2(s),
- TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
- s->s3->client_random, SSL3_RANDOM_SIZE,
- s->s3->server_random, SSL3_RANDOM_SIZE,
- NULL, 0, NULL, 0, empty, 0, iv1, iv2, k * 2))
- goto err2;
- if (client_write)
- iv = iv1;
- else
- iv = &(iv1[k]);
- }
- }
-
- s->session->key_arg_length = 0;
-#ifdef KSSL_DEBUG
- {
- int i;
- fprintf(stderr, "EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
- fprintf(stderr, "\tkey= ");
- for (i = 0; i < c->key_len; i++)
- fprintf(stderr, "%02x", key[i]);
- fprintf(stderr, "\n");
- fprintf(stderr, "\t iv= ");
- for (i = 0; i < c->iv_len; i++)
- fprintf(stderr, "%02x", iv[i]);
- fprintf(stderr, "\n");
- }
-#endif /* KSSL_DEBUG */
-
- if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
- if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE))
- || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv)) {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
- }
- } else {
- if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
- }
- }
- /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
- if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size
- && !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
- *mac_secret_size, mac_secret)) {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
- }
-
-#ifdef TLS_DEBUG
- printf("which = %04X\nkey=", which);
- {
- int z;
- for (z = 0; z < EVP_CIPHER_key_length(c); z++)
- printf("%02X%c", key[z], ((z + 1) % 16) ? ' ' : '\n');
- }
- printf("\niv=");
- {
- int z;
- for (z = 0; z < k; z++)
- printf("%02X%c", iv[z], ((z + 1) % 16) ? ' ' : '\n');
- }
- printf("\n");
-#endif
-
- OPENSSL_cleanse(tmp1, sizeof(tmp1));
- OPENSSL_cleanse(tmp2, sizeof(tmp1));
- OPENSSL_cleanse(iv1, sizeof(iv1));
- OPENSSL_cleanse(iv2, sizeof(iv2));
- return (1);
- err:
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
- err2:
- return (0);
-}
-
-int tls1_setup_key_block(SSL *s)
-{
- unsigned char *p1, *p2 = NULL;
- const EVP_CIPHER *c;
- const EVP_MD *hash;
- int num;
- SSL_COMP *comp;
- int mac_type = NID_undef, mac_secret_size = 0;
- int ret = 0;
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_setup_key_block()\n");
-#endif /* KSSL_DEBUG */
-
- if (s->s3->tmp.key_block_length != 0)
- return (1);
-
- if (!ssl_cipher_get_evp
- (s->session, &c, &hash, &mac_type, &mac_secret_size, &comp)) {
- SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
- return (0);
- }
-
- s->s3->tmp.new_sym_enc = c;
- s->s3->tmp.new_hash = hash;
- s->s3->tmp.new_mac_pkey_type = mac_type;
- s->s3->tmp.new_mac_secret_size = mac_secret_size;
- num =
- EVP_CIPHER_key_length(c) + mac_secret_size + EVP_CIPHER_iv_length(c);
- num *= 2;
-
- ssl3_cleanup_key_block(s);
-
- if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
- SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- s->s3->tmp.key_block_length = num;
- s->s3->tmp.key_block = p1;
-
- if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
- SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(p1);
- goto err;
- }
-#ifdef TLS_DEBUG
- printf("client random\n");
- {
- int z;
- for (z = 0; z < SSL3_RANDOM_SIZE; z++)
- printf("%02X%c", s->s3->client_random[z],
- ((z + 1) % 16) ? ' ' : '\n');
- }
- printf("server random\n");
- {
- int z;
- for (z = 0; z < SSL3_RANDOM_SIZE; z++)
- printf("%02X%c", s->s3->server_random[z],
- ((z + 1) % 16) ? ' ' : '\n');
- }
- printf("pre-master\n");
- {
- int z;
- for (z = 0; z < s->session->master_key_length; z++)
- printf("%02X%c", s->session->master_key[z],
- ((z + 1) % 16) ? ' ' : '\n');
- }
-#endif
- if (!tls1_generate_key_block(s, p1, p2, num))
- goto err;
-#ifdef TLS_DEBUG
- printf("\nkey block\n");
- {
- int z;
- for (z = 0; z < num; z++)
- printf("%02X%c", p1[z], ((z + 1) % 16) ? ' ' : '\n');
- }
-#endif
-
- if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
- && s->method->version <= TLS1_VERSION) {
- /*
- * enable vulnerability countermeasure for CBC ciphers with known-IV
- * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
- */
- s->s3->need_empty_fragments = 1;
-
- if (s->session->cipher != NULL) {
- if (s->session->cipher->algorithm_enc == SSL_eNULL)
- s->s3->need_empty_fragments = 0;
-
-#ifndef OPENSSL_NO_RC4
- if (s->session->cipher->algorithm_enc == SSL_RC4)
- s->s3->need_empty_fragments = 0;
-#endif
- }
- }
-
- ret = 1;
- err:
- if (p2) {
- OPENSSL_cleanse(p2, num);
- OPENSSL_free(p2);
- }
- return (ret);
-}
-
-/*-
- * tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
- *
- * Returns:
- * 0: (in non-constant time) if the record is publically invalid (i.e. too
- * short etc).
- * 1: if the record's padding is valid / the encryption was successful.
- * -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
- * an internal error occured.
- */
-int tls1_enc(SSL *s, int send)
-{
- SSL3_RECORD *rec;
- EVP_CIPHER_CTX *ds;
- unsigned long l;
- int bs, i, j, k, pad = 0, ret, mac_size = 0;
- const EVP_CIPHER *enc;
-
- if (send) {
- if (EVP_MD_CTX_md(s->write_hash)) {
- int n = EVP_MD_CTX_size(s->write_hash);
- OPENSSL_assert(n >= 0);
- }
- ds = s->enc_write_ctx;
- rec = &(s->s3->wrec);
- if (s->enc_write_ctx == NULL)
- enc = NULL;
- else {
- int ivlen;
- enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
- /* For TLSv1.1 and later explicit IV */
- if (s->version >= TLS1_1_VERSION
- && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
- ivlen = EVP_CIPHER_iv_length(enc);
- else
- ivlen = 0;
- if (ivlen > 1) {
- if (rec->data != rec->input)
- /*
- * we can't write into the input stream: Can this ever
- * happen?? (steve)
- */
- fprintf(stderr,
- "%s:%d: rec->data != rec->input\n",
- __FILE__, __LINE__);
- else if (RAND_bytes(rec->input, ivlen) <= 0)
- return -1;
- }
- }
- } else {
- if (EVP_MD_CTX_md(s->read_hash)) {
- int n = EVP_MD_CTX_size(s->read_hash);
- OPENSSL_assert(n >= 0);
- }
- ds = s->enc_read_ctx;
- rec = &(s->s3->rrec);
- if (s->enc_read_ctx == NULL)
- enc = NULL;
- else
- enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
- }
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_enc(%d)\n", send);
-#endif /* KSSL_DEBUG */
-
- if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
- memmove(rec->data, rec->input, rec->length);
- rec->input = rec->data;
- ret = 1;
- } else {
- l = rec->length;
- bs = EVP_CIPHER_block_size(ds->cipher);
-
- if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
- unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq;
-
- seq = send ? s->s3->write_sequence : s->s3->read_sequence;
-
- if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
- unsigned char dtlsseq[9], *p = dtlsseq;
-
- s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
- memcpy(p, &seq[2], 6);
- memcpy(buf, dtlsseq, 8);
- } else {
- memcpy(buf, seq, 8);
- for (i = 7; i >= 0; i--) { /* increment */
- ++seq[i];
- if (seq[i] != 0)
- break;
- }
- }
-
- buf[8] = rec->type;
- buf[9] = (unsigned char)(s->version >> 8);
- buf[10] = (unsigned char)(s->version);
- buf[11] = rec->length >> 8;
- buf[12] = rec->length & 0xff;
- pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD,
- EVP_AEAD_TLS1_AAD_LEN, buf);
- if (pad <= 0)
- return -1;
- if (send) {
- l += pad;
- rec->length += pad;
- }
- } else if ((bs != 1) && send) {
- i = bs - ((int)l % bs);
-
- /* Add weird padding of upto 256 bytes */
-
- /* we need to add 'i' padding bytes of value j */
- j = i - 1;
- if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) {
- if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
- j++;
- }
- for (k = (int)l; k < (int)(l + i); k++)
- rec->input[k] = j;
- l += i;
- rec->length += i;
- }
-#ifdef KSSL_DEBUG
- {
- unsigned long ui;
- fprintf(stderr,
- "EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
- ds, rec->data, rec->input, l);
- fprintf(stderr,
- "\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n",
- ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
- DES_SCHEDULE_SZ, ds->cipher->iv_len);
- fprintf(stderr, "\t\tIV: ");
- for (i = 0; i < ds->cipher->iv_len; i++)
- fprintf(stderr, "%02X", ds->iv[i]);
- fprintf(stderr, "\n");
- fprintf(stderr, "\trec->input=");
- for (ui = 0; ui < l; ui++)
- fprintf(stderr, " %02x", rec->input[ui]);
- fprintf(stderr, "\n");
- }
-#endif /* KSSL_DEBUG */
-
- if (!send) {
- if (l == 0 || l % bs != 0)
- return 0;
- }
-
- i = EVP_Cipher(ds, rec->data, rec->input, l);
- if ((EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_CUSTOM_CIPHER)
- ? (i < 0)
- : (i == 0))
- return -1; /* AEAD can fail to verify MAC */
- if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) {
- rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
- rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
- rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
- }
-#ifdef KSSL_DEBUG
- {
- unsigned long i;
- fprintf(stderr, "\trec->data=");
- for (i = 0; i < l; i++)
- fprintf(stderr, " %02x", rec->data[i]);
- fprintf(stderr, "\n");
- }
-#endif /* KSSL_DEBUG */
-
- ret = 1;
- if (EVP_MD_CTX_md(s->read_hash) != NULL)
- mac_size = EVP_MD_CTX_size(s->read_hash);
- if ((bs != 1) && !send)
- ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
- if (pad && !send)
- rec->length -= pad;
- }
- return ret;
-}
-
-int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
-{
- unsigned int ret;
- EVP_MD_CTX ctx, *d = NULL;
- int i;
-
- if (s->s3->handshake_buffer)
- if (!ssl3_digest_cached_records(s))
- return 0;
-
- for (i = 0; i < SSL_MAX_DIGEST; i++) {
- if (s->s3->handshake_dgst[i]
- && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
- d = s->s3->handshake_dgst[i];
- break;
- }
- }
- if (!d) {
- SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
- return 0;
- }
-
- EVP_MD_CTX_init(&ctx);
- if (EVP_MD_CTX_copy_ex(&ctx, d) <=0
- || EVP_DigestFinal_ex(&ctx, out, &ret) <= 0)
- ret = 0;
- EVP_MD_CTX_cleanup(&ctx);
- return ((int)ret);
-}
-
-int tls1_final_finish_mac(SSL *s,
- const char *str, int slen, unsigned char *out)
-{
- unsigned int i;
- EVP_MD_CTX ctx;
- unsigned char buf[2 * EVP_MAX_MD_SIZE];
- unsigned char *q, buf2[12];
- int idx;
- long mask;
- int err = 0;
- const EVP_MD *md;
-
- q = buf;
-
- if (s->s3->handshake_buffer)
- if (!ssl3_digest_cached_records(s))
- return 0;
-
- EVP_MD_CTX_init(&ctx);
-
- for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
- if (mask & ssl_get_algorithm2(s)) {
- int hashsize = EVP_MD_size(md);
- EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
- if (!hdgst || hashsize < 0
- || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
- /*
- * internal error: 'buf' is too small for this cipersuite!
- */
- err = 1;
- } else {
- if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
- !EVP_DigestFinal_ex(&ctx, q, &i) ||
- (i != (unsigned int)hashsize))
- err = 1;
- q += hashsize;
- }
- }
- }
-
- if (!tls1_PRF(ssl_get_algorithm2(s),
- str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
- s->session->master_key, s->session->master_key_length,
- out, buf2, sizeof buf2))
- err = 1;
- EVP_MD_CTX_cleanup(&ctx);
-
- OPENSSL_cleanse(buf, (int)(q - buf));
- OPENSSL_cleanse(buf2, sizeof(buf2));
- if (err)
- return 0;
- else
- return sizeof buf2;
-}
-
-int tls1_mac(SSL *ssl, unsigned char *md, int send)
-{
- SSL3_RECORD *rec;
- unsigned char *seq;
- EVP_MD_CTX *hash;
- size_t md_size, orig_len;
- int i;
- EVP_MD_CTX hmac, *mac_ctx;
- unsigned char header[13];
- int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
- : (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
- int t;
-
- if (send) {
- rec = &(ssl->s3->wrec);
- seq = &(ssl->s3->write_sequence[0]);
- hash = ssl->write_hash;
- } else {
- rec = &(ssl->s3->rrec);
- seq = &(ssl->s3->read_sequence[0]);
- hash = ssl->read_hash;
- }
-
- t = EVP_MD_CTX_size(hash);
- OPENSSL_assert(t >= 0);
- md_size = t;
-
- /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
- if (stream_mac) {
- mac_ctx = hash;
- } else {
- if (!EVP_MD_CTX_copy(&hmac, hash))
- return -1;
- mac_ctx = &hmac;
- }
-
- if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER) {
- unsigned char dtlsseq[8], *p = dtlsseq;
-
- s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
- memcpy(p, &seq[2], 6);
-
- memcpy(header, dtlsseq, 8);
- } else
- memcpy(header, seq, 8);
-
- /*
- * kludge: tls1_cbc_remove_padding passes padding length in rec->type
- */
- orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
- rec->type &= 0xff;
-
- header[8] = rec->type;
- header[9] = (unsigned char)(ssl->version >> 8);
- header[10] = (unsigned char)(ssl->version);
- header[11] = (rec->length) >> 8;
- header[12] = (rec->length) & 0xff;
-
- if (!send &&
- EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
- ssl3_cbc_record_digest_supported(mac_ctx)) {
- /*
- * This is a CBC-encrypted record. We must avoid leaking any
- * timing-side channel information about how many blocks of data we
- * are hashing because that gives an attacker a timing-oracle.
- */
- /* Final param == not SSLv3 */
- if (ssl3_cbc_digest_record(mac_ctx,
- md, &md_size,
- header, rec->input,
- rec->length + md_size, orig_len,
- ssl->s3->read_mac_secret,
- ssl->s3->read_mac_secret_size, 0) <= 0) {
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
- return -1;
- }
- } else {
- if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
- || EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
- || EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
- return -1;
- }
-#ifdef OPENSSL_FIPS
- if (!send && FIPS_mode())
- tls_fips_digest_extra(ssl->enc_read_ctx,
- mac_ctx, rec->input, rec->length, orig_len);
-#endif
- }
-
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
-#ifdef TLS_DEBUG
- fprintf(stderr, "seq=");
- {
- int z;
- for (z = 0; z < 8; z++)
- fprintf(stderr, "%02X ", seq[z]);
- fprintf(stderr, "\n");
- }
- fprintf(stderr, "rec=");
- {
- unsigned int z;
- for (z = 0; z < rec->length; z++)
- fprintf(stderr, "%02X ", rec->data[z]);
- fprintf(stderr, "\n");
- }
-#endif
-
- if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {
- for (i = 7; i >= 0; i--) {
- ++seq[i];
- if (seq[i] != 0)
- break;
- }
- }
-#ifdef TLS_DEBUG
- {
- unsigned int z;
- for (z = 0; z < md_size; z++)
- fprintf(stderr, "%02X ", md[z]);
- fprintf(stderr, "\n");
- }
-#endif
- return (md_size);
-}
-
-int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
- int len)
-{
- unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
- const void *co = NULL, *so = NULL;
- int col = 0, sol = 0;
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p,
- len);
-#endif /* KSSL_DEBUG */
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL
- && s->s3->server_opaque_prf_input != NULL
- && s->s3->client_opaque_prf_input_len > 0
- && s->s3->client_opaque_prf_input_len ==
- s->s3->server_opaque_prf_input_len) {
- co = s->s3->client_opaque_prf_input;
- col = s->s3->server_opaque_prf_input_len;
- so = s->s3->server_opaque_prf_input;
- /*
- * must be same as col (see
- * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1)
- */
- sol = s->s3->client_opaque_prf_input_len;
- }
-#endif
-
- tls1_PRF(ssl_get_algorithm2(s),
- TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
- s->s3->client_random, SSL3_RANDOM_SIZE,
- co, col,
- s->s3->server_random, SSL3_RANDOM_SIZE,
- so, sol, p, len, s->session->master_key, buff, sizeof buff);
- OPENSSL_cleanse(buff, sizeof buff);
-#ifdef SSL_DEBUG
- fprintf(stderr, "Premaster Secret:\n");
- BIO_dump_fp(stderr, (char *)p, len);
- fprintf(stderr, "Client Random:\n");
- BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
- fprintf(stderr, "Server Random:\n");
- BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
- fprintf(stderr, "Master Secret:\n");
- BIO_dump_fp(stderr, (char *)s->session->master_key,
- SSL3_MASTER_SECRET_SIZE);
-#endif
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_generate_master_secret() complete\n");
-#endif /* KSSL_DEBUG */
- return (SSL3_MASTER_SECRET_SIZE);
-}
-
-int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
- const char *label, size_t llen,
- const unsigned char *context,
- size_t contextlen, int use_context)
-{
- unsigned char *buff;
- unsigned char *val = NULL;
- size_t vallen, currentvalpos;
- int rv;
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n",
- s, out, olen, label, llen, context, contextlen);
-#endif /* KSSL_DEBUG */
-
- buff = OPENSSL_malloc(olen);
- if (buff == NULL)
- goto err2;
-
- /*
- * construct PRF arguments we construct the PRF argument ourself rather
- * than passing separate values into the TLS PRF to ensure that the
- * concatenation of values does not create a prohibited label.
- */
- vallen = llen + SSL3_RANDOM_SIZE * 2;
- if (use_context) {
- vallen += 2 + contextlen;
- }
-
- val = OPENSSL_malloc(vallen);
- if (val == NULL)
- goto err2;
- currentvalpos = 0;
- memcpy(val + currentvalpos, (unsigned char *)label, llen);
- currentvalpos += llen;
- memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
- currentvalpos += SSL3_RANDOM_SIZE;
- memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
- currentvalpos += SSL3_RANDOM_SIZE;
-
- if (use_context) {
- val[currentvalpos] = (contextlen >> 8) & 0xff;
- currentvalpos++;
- val[currentvalpos] = contextlen & 0xff;
- currentvalpos++;
- if ((contextlen > 0) || (context != NULL)) {
- memcpy(val + currentvalpos, context, contextlen);
- }
- }
-
- /*
- * disallow prohibited labels note that SSL3_RANDOM_SIZE > max(prohibited
- * label len) = 15, so size of val > max(prohibited label len) = 15 and
- * the comparisons won't have buffer overflow
- */
- if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
- TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0)
- goto err1;
- if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
- TLS_MD_SERVER_FINISH_CONST_SIZE) == 0)
- goto err1;
- if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
- TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
- goto err1;
- if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
- TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
- goto err1;
-
- rv = tls1_PRF(ssl_get_algorithm2(s),
- val, vallen,
- NULL, 0,
- NULL, 0,
- NULL, 0,
- NULL, 0,
- s->session->master_key, s->session->master_key_length,
- out, buff, olen);
- OPENSSL_cleanse(val, vallen);
- OPENSSL_cleanse(buff, olen);
-
-#ifdef KSSL_DEBUG
- fprintf(stderr, "tls1_export_keying_material() complete\n");
-#endif /* KSSL_DEBUG */
- goto ret;
- err1:
- SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
- SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
- rv = 0;
- goto ret;
- err2:
- SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
- rv = 0;
- ret:
- if (buff != NULL)
- OPENSSL_free(buff);
- if (val != NULL)
- OPENSSL_free(val);
- return (rv);
-}
-
-int tls1_alert_code(int code)
-{
- switch (code) {
- case SSL_AD_CLOSE_NOTIFY:
- return (SSL3_AD_CLOSE_NOTIFY);
- case SSL_AD_UNEXPECTED_MESSAGE:
- return (SSL3_AD_UNEXPECTED_MESSAGE);
- case SSL_AD_BAD_RECORD_MAC:
- return (SSL3_AD_BAD_RECORD_MAC);
- case SSL_AD_DECRYPTION_FAILED:
- return (TLS1_AD_DECRYPTION_FAILED);
- case SSL_AD_RECORD_OVERFLOW:
- return (TLS1_AD_RECORD_OVERFLOW);
- case SSL_AD_DECOMPRESSION_FAILURE:
- return (SSL3_AD_DECOMPRESSION_FAILURE);
- case SSL_AD_HANDSHAKE_FAILURE:
- return (SSL3_AD_HANDSHAKE_FAILURE);
- case SSL_AD_NO_CERTIFICATE:
- return (-1);
- case SSL_AD_BAD_CERTIFICATE:
- return (SSL3_AD_BAD_CERTIFICATE);
- case SSL_AD_UNSUPPORTED_CERTIFICATE:
- return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
- case SSL_AD_CERTIFICATE_REVOKED:
- return (SSL3_AD_CERTIFICATE_REVOKED);
- case SSL_AD_CERTIFICATE_EXPIRED:
- return (SSL3_AD_CERTIFICATE_EXPIRED);
- case SSL_AD_CERTIFICATE_UNKNOWN:
- return (SSL3_AD_CERTIFICATE_UNKNOWN);
- case SSL_AD_ILLEGAL_PARAMETER:
- return (SSL3_AD_ILLEGAL_PARAMETER);
- case SSL_AD_UNKNOWN_CA:
- return (TLS1_AD_UNKNOWN_CA);
- case SSL_AD_ACCESS_DENIED:
- return (TLS1_AD_ACCESS_DENIED);
- case SSL_AD_DECODE_ERROR:
- return (TLS1_AD_DECODE_ERROR);
- case SSL_AD_DECRYPT_ERROR:
- return (TLS1_AD_DECRYPT_ERROR);
- case SSL_AD_EXPORT_RESTRICTION:
- return (TLS1_AD_EXPORT_RESTRICTION);
- case SSL_AD_PROTOCOL_VERSION:
- return (TLS1_AD_PROTOCOL_VERSION);
- case SSL_AD_INSUFFICIENT_SECURITY:
- return (TLS1_AD_INSUFFICIENT_SECURITY);
- case SSL_AD_INTERNAL_ERROR:
- return (TLS1_AD_INTERNAL_ERROR);
- case SSL_AD_USER_CANCELLED:
- return (TLS1_AD_USER_CANCELLED);
- case SSL_AD_NO_RENEGOTIATION:
- return (TLS1_AD_NO_RENEGOTIATION);
- case SSL_AD_UNSUPPORTED_EXTENSION:
- return (TLS1_AD_UNSUPPORTED_EXTENSION);
- case SSL_AD_CERTIFICATE_UNOBTAINABLE:
- return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
- case SSL_AD_UNRECOGNIZED_NAME:
- return (TLS1_AD_UNRECOGNIZED_NAME);
- case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
- return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
- case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
- return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
- case SSL_AD_UNKNOWN_PSK_IDENTITY:
- return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
- case SSL_AD_INAPPROPRIATE_FALLBACK:
- return (TLS1_AD_INAPPROPRIATE_FALLBACK);
-#if 0
- /* not appropriate for TLS, not used for DTLS */
- case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE:
- return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
-#endif
- default:
- return (-1);
- }
-}
Copied: vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c (from rev 11605, vendor-crypto/openssl/dist/ssl/t1_enc.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/t1_enc.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1343 @@
+/* ssl/t1_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/md5.h>
+#include <openssl/rand.h>
+#ifdef KSSL_DEBUG
+# include <openssl/des.h>
+#endif
+
+/* seed1 through seed5 are virtually concatenated */
+static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
+ int sec_len,
+ const void *seed1, int seed1_len,
+ const void *seed2, int seed2_len,
+ const void *seed3, int seed3_len,
+ const void *seed4, int seed4_len,
+ const void *seed5, int seed5_len,
+ unsigned char *out, int olen)
+{
+ int chunk;
+ size_t j;
+ EVP_MD_CTX ctx, ctx_tmp;
+ EVP_PKEY *mac_key;
+ unsigned char A1[EVP_MAX_MD_SIZE];
+ size_t A1_len;
+ int ret = 0;
+
+ chunk = EVP_MD_size(md);
+ OPENSSL_assert(chunk >= 0);
+
+ EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_init(&ctx_tmp);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ EVP_MD_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
+ if (!mac_key)
+ goto err;
+ if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
+ goto err;
+ if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
+ goto err;
+ if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+ goto err;
+ if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+ goto err;
+ if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+ goto err;
+ if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+ goto err;
+ if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+ goto err;
+ if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+ goto err;
+
+ for (;;) {
+ /* Reinit mac contexts */
+ if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
+ goto err;
+ if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
+ goto err;
+ if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
+ goto err;
+ if (!EVP_DigestSignUpdate(&ctx_tmp, A1, A1_len))
+ goto err;
+ if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+ goto err;
+ if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+ goto err;
+ if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+ goto err;
+ if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+ goto err;
+ if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+ goto err;
+
+ if (olen > chunk) {
+ if (!EVP_DigestSignFinal(&ctx, out, &j))
+ goto err;
+ out += j;
+ olen -= j;
+ /* calc the next A1 value */
+ if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
+ goto err;
+ } else { /* last one */
+
+ if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+ goto err;
+ memcpy(out, A1, olen);
+ break;
+ }
+ }
+ ret = 1;
+ err:
+ EVP_PKEY_free(mac_key);
+ EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_cleanup(&ctx_tmp);
+ OPENSSL_cleanse(A1, sizeof(A1));
+ return ret;
+}
+
+/* seed1 through seed5 are virtually concatenated */
+static int tls1_PRF(long digest_mask,
+ const void *seed1, int seed1_len,
+ const void *seed2, int seed2_len,
+ const void *seed3, int seed3_len,
+ const void *seed4, int seed4_len,
+ const void *seed5, int seed5_len,
+ const unsigned char *sec, int slen,
+ unsigned char *out1, unsigned char *out2, int olen)
+{
+ int len, i, idx, count;
+ const unsigned char *S1;
+ long m;
+ const EVP_MD *md;
+ int ret = 0;
+
+ /* Count number of digests and partition sec evenly */
+ count = 0;
+ for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
+ if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
+ count++;
+ }
+ if (!count) {
+ /* Should never happen */
+ SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ len = slen / count;
+ if (count == 1)
+ slen = 0;
+ S1 = sec;
+ memset(out1, 0, olen);
+ for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
+ if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
+ if (!md) {
+ SSLerr(SSL_F_TLS1_PRF, SSL_R_UNSUPPORTED_DIGEST_TYPE);
+ goto err;
+ }
+ if (!tls1_P_hash(md, S1, len + (slen & 1),
+ seed1, seed1_len, seed2, seed2_len, seed3,
+ seed3_len, seed4, seed4_len, seed5, seed5_len,
+ out2, olen))
+ goto err;
+ S1 += len;
+ for (i = 0; i < olen; i++) {
+ out1[i] ^= out2[i];
+ }
+ }
+ }
+ ret = 1;
+ err:
+ return ret;
+}
+
+static int tls1_generate_key_block(SSL *s, unsigned char *km,
+ unsigned char *tmp, int num)
+{
+ int ret;
+ ret = tls1_PRF(ssl_get_algorithm2(s),
+ TLS_MD_KEY_EXPANSION_CONST,
+ TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3->server_random,
+ SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE,
+ NULL, 0, NULL, 0, s->session->master_key,
+ s->session->master_key_length, km, tmp, num);
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_generate_key_block() ==> %d byte master_key =\n\t",
+ s->session->master_key_length);
+ {
+ int i;
+ for (i = 0; i < s->session->master_key_length; i++) {
+ fprintf(stderr, "%02X", s->session->master_key[i]);
+ }
+ fprintf(stderr, "\n");
+ }
+#endif /* KSSL_DEBUG */
+ return ret;
+}
+
+int tls1_change_cipher_state(SSL *s, int which)
+{
+ static const unsigned char empty[] = "";
+ unsigned char *p, *mac_secret;
+ unsigned char *exp_label;
+ unsigned char tmp1[EVP_MAX_KEY_LENGTH];
+ unsigned char tmp2[EVP_MAX_KEY_LENGTH];
+ unsigned char iv1[EVP_MAX_IV_LENGTH * 2];
+ unsigned char iv2[EVP_MAX_IV_LENGTH * 2];
+ unsigned char *ms, *key, *iv;
+ int client_write;
+ EVP_CIPHER_CTX *dd;
+ const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
+ const SSL_COMP *comp;
+#endif
+ const EVP_MD *m;
+ int mac_type;
+ int *mac_secret_size;
+ EVP_MD_CTX *mac_ctx;
+ EVP_PKEY *mac_key;
+ int is_export, n, i, j, k, exp_label_len, cl;
+ int reuse_dd = 0;
+
+ is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
+ c = s->s3->tmp.new_sym_enc;
+ m = s->s3->tmp.new_hash;
+ mac_type = s->s3->tmp.new_mac_pkey_type;
+#ifndef OPENSSL_NO_COMP
+ comp = s->s3->tmp.new_compression;
+#endif
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_change_cipher_state(which= %d) w/\n", which);
+ fprintf(stderr, "\talg= %ld/%ld, comp= %p\n",
+ s->s3->tmp.new_cipher->algorithm_mkey,
+ s->s3->tmp.new_cipher->algorithm_auth, comp);
+ fprintf(stderr, "\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
+ fprintf(stderr, "\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
+ c->nid, c->block_size, c->key_len, c->iv_len);
+ fprintf(stderr, "\tkey_block: len= %d, data= ",
+ s->s3->tmp.key_block_length);
+ {
+ int i;
+ for (i = 0; i < s->s3->tmp.key_block_length; i++)
+ fprintf(stderr, "%02x", s->s3->tmp.key_block[i]);
+ fprintf(stderr, "\n");
+ }
+#endif /* KSSL_DEBUG */
+
+ if (which & SSL3_CC_READ) {
+ if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+ s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
+
+ if (s->enc_read_ctx != NULL)
+ reuse_dd = 1;
+ else if ((s->enc_read_ctx =
+ OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+ goto err;
+ else
+ /*
+ * make sure it's intialized in case we exit later with an error
+ */
+ EVP_CIPHER_CTX_init(s->enc_read_ctx);
+ dd = s->enc_read_ctx;
+ mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
+ if (mac_ctx == NULL)
+ goto err;
+#ifndef OPENSSL_NO_COMP
+ if (s->expand != NULL) {
+ COMP_CTX_free(s->expand);
+ s->expand = NULL;
+ }
+ if (comp != NULL) {
+ s->expand = COMP_CTX_new(comp->method);
+ if (s->expand == NULL) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+ SSL_R_COMPRESSION_LIBRARY_ERROR);
+ goto err2;
+ }
+ if (s->s3->rrec.comp == NULL)
+ s->s3->rrec.comp = (unsigned char *)
+ OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
+ if (s->s3->rrec.comp == NULL)
+ goto err;
+ }
+#endif
+ /*
+ * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+ */
+ if (s->version != DTLS1_VERSION)
+ memset(&(s->s3->read_sequence[0]), 0, 8);
+ mac_secret = &(s->s3->read_mac_secret[0]);
+ mac_secret_size = &(s->s3->read_mac_secret_size);
+ } else {
+ if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+ s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
+ if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))
+ reuse_dd = 1;
+ else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)
+ goto err;
+ dd = s->enc_write_ctx;
+ if (SSL_IS_DTLS(s)) {
+ mac_ctx = EVP_MD_CTX_create();
+ if (mac_ctx == NULL)
+ goto err;
+ s->write_hash = mac_ctx;
+ } else {
+ mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
+ if (mac_ctx == NULL)
+ goto err;
+ }
+#ifndef OPENSSL_NO_COMP
+ if (s->compress != NULL) {
+ COMP_CTX_free(s->compress);
+ s->compress = NULL;
+ }
+ if (comp != NULL) {
+ s->compress = COMP_CTX_new(comp->method);
+ if (s->compress == NULL) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+ SSL_R_COMPRESSION_LIBRARY_ERROR);
+ goto err2;
+ }
+ }
+#endif
+ /*
+ * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+ */
+ if (s->version != DTLS1_VERSION)
+ memset(&(s->s3->write_sequence[0]), 0, 8);
+ mac_secret = &(s->s3->write_mac_secret[0]);
+ mac_secret_size = &(s->s3->write_mac_secret_size);
+ }
+
+ if (reuse_dd)
+ EVP_CIPHER_CTX_cleanup(dd);
+
+ p = s->s3->tmp.key_block;
+ i = *mac_secret_size = s->s3->tmp.new_mac_secret_size;
+
+ cl = EVP_CIPHER_key_length(c);
+ j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
+ cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
+ /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
+ /* If GCM mode only part of IV comes from PRF */
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+ k = EVP_GCM_TLS_FIXED_IV_LEN;
+ else
+ k = EVP_CIPHER_iv_length(c);
+ if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+ (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
+ ms = &(p[0]);
+ n = i + i;
+ key = &(p[n]);
+ n += j + j;
+ iv = &(p[n]);
+ n += k + k;
+ exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
+ exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
+ client_write = 1;
+ } else {
+ n = i;
+ ms = &(p[n]);
+ n += i + j;
+ key = &(p[n]);
+ n += j + k;
+ iv = &(p[n]);
+ n += k;
+ exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
+ exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
+ client_write = 0;
+ }
+
+ if (n > s->s3->tmp.key_block_length) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+
+ memcpy(mac_secret, ms, i);
+
+ if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
+ mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
+ mac_secret, *mac_secret_size);
+ if (mac_key == NULL
+ || EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {
+ EVP_PKEY_free(mac_key);
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+ EVP_PKEY_free(mac_key);
+ }
+#ifdef TLS_DEBUG
+ printf("which = %04X\nmac key=", which);
+ {
+ int z;
+ for (z = 0; z < i; z++)
+ printf("%02X%c", ms[z], ((z + 1) % 16) ? ' ' : '\n');
+ }
+#endif
+ if (is_export) {
+ /*
+ * In here I set both the read and write key/iv to the same value
+ * since only the correct one will be used :-).
+ */
+ if (!tls1_PRF(ssl_get_algorithm2(s),
+ exp_label, exp_label_len,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ NULL, 0, NULL, 0,
+ key, j, tmp1, tmp2, EVP_CIPHER_key_length(c)))
+ goto err2;
+ key = tmp1;
+
+ if (k > 0) {
+ if (!tls1_PRF(ssl_get_algorithm2(s),
+ TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ NULL, 0, NULL, 0, empty, 0, iv1, iv2, k * 2))
+ goto err2;
+ if (client_write)
+ iv = iv1;
+ else
+ iv = &(iv1[k]);
+ }
+ }
+
+ s->session->key_arg_length = 0;
+#ifdef KSSL_DEBUG
+ {
+ int i;
+ fprintf(stderr, "EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
+ fprintf(stderr, "\tkey= ");
+ for (i = 0; i < c->key_len; i++)
+ fprintf(stderr, "%02x", key[i]);
+ fprintf(stderr, "\n");
+ fprintf(stderr, "\t iv= ");
+ for (i = 0; i < c->iv_len; i++)
+ fprintf(stderr, "%02x", iv[i]);
+ fprintf(stderr, "\n");
+ }
+#endif /* KSSL_DEBUG */
+
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE))
+ || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv)) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+ } else {
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+ }
+ /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
+ if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size
+ && !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
+ *mac_secret_size, mac_secret)) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+
+#ifdef TLS_DEBUG
+ printf("which = %04X\nkey=", which);
+ {
+ int z;
+ for (z = 0; z < EVP_CIPHER_key_length(c); z++)
+ printf("%02X%c", key[z], ((z + 1) % 16) ? ' ' : '\n');
+ }
+ printf("\niv=");
+ {
+ int z;
+ for (z = 0; z < k; z++)
+ printf("%02X%c", iv[z], ((z + 1) % 16) ? ' ' : '\n');
+ }
+ printf("\n");
+#endif
+
+ OPENSSL_cleanse(tmp1, sizeof(tmp1));
+ OPENSSL_cleanse(tmp2, sizeof(tmp1));
+ OPENSSL_cleanse(iv1, sizeof(iv1));
+ OPENSSL_cleanse(iv2, sizeof(iv2));
+ return (1);
+ err:
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
+ err2:
+ return (0);
+}
+
+int tls1_setup_key_block(SSL *s)
+{
+ unsigned char *p1, *p2 = NULL;
+ const EVP_CIPHER *c;
+ const EVP_MD *hash;
+ int num;
+ SSL_COMP *comp;
+ int mac_type = NID_undef, mac_secret_size = 0;
+ int ret = 0;
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_setup_key_block()\n");
+#endif /* KSSL_DEBUG */
+
+ if (s->s3->tmp.key_block_length != 0)
+ return (1);
+
+ if (!ssl_cipher_get_evp
+ (s->session, &c, &hash, &mac_type, &mac_secret_size, &comp)) {
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return (0);
+ }
+
+ s->s3->tmp.new_sym_enc = c;
+ s->s3->tmp.new_hash = hash;
+ s->s3->tmp.new_mac_pkey_type = mac_type;
+ s->s3->tmp.new_mac_secret_size = mac_secret_size;
+ num =
+ EVP_CIPHER_key_length(c) + mac_secret_size + EVP_CIPHER_iv_length(c);
+ num *= 2;
+
+ ssl3_cleanup_key_block(s);
+
+ if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ s->s3->tmp.key_block_length = num;
+ s->s3->tmp.key_block = p1;
+
+ if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(p1);
+ goto err;
+ }
+#ifdef TLS_DEBUG
+ printf("client random\n");
+ {
+ int z;
+ for (z = 0; z < SSL3_RANDOM_SIZE; z++)
+ printf("%02X%c", s->s3->client_random[z],
+ ((z + 1) % 16) ? ' ' : '\n');
+ }
+ printf("server random\n");
+ {
+ int z;
+ for (z = 0; z < SSL3_RANDOM_SIZE; z++)
+ printf("%02X%c", s->s3->server_random[z],
+ ((z + 1) % 16) ? ' ' : '\n');
+ }
+ printf("pre-master\n");
+ {
+ int z;
+ for (z = 0; z < s->session->master_key_length; z++)
+ printf("%02X%c", s->session->master_key[z],
+ ((z + 1) % 16) ? ' ' : '\n');
+ }
+#endif
+ if (!tls1_generate_key_block(s, p1, p2, num))
+ goto err;
+#ifdef TLS_DEBUG
+ printf("\nkey block\n");
+ {
+ int z;
+ for (z = 0; z < num; z++)
+ printf("%02X%c", p1[z], ((z + 1) % 16) ? ' ' : '\n');
+ }
+#endif
+
+ if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+ && s->method->version <= TLS1_VERSION) {
+ /*
+ * enable vulnerability countermeasure for CBC ciphers with known-IV
+ * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
+ */
+ s->s3->need_empty_fragments = 1;
+
+ if (s->session->cipher != NULL) {
+ if (s->session->cipher->algorithm_enc == SSL_eNULL)
+ s->s3->need_empty_fragments = 0;
+
+#ifndef OPENSSL_NO_RC4
+ if (s->session->cipher->algorithm_enc == SSL_RC4)
+ s->s3->need_empty_fragments = 0;
+#endif
+ }
+ }
+
+ ret = 1;
+ err:
+ if (p2) {
+ OPENSSL_cleanse(p2, num);
+ OPENSSL_free(p2);
+ }
+ return (ret);
+}
+
+/*-
+ * tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * short etc).
+ * 1: if the record's padding is valid / the encryption was successful.
+ * -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
+ * an internal error occured.
+ */
+int tls1_enc(SSL *s, int send)
+{
+ SSL3_RECORD *rec;
+ EVP_CIPHER_CTX *ds;
+ unsigned long l;
+ int bs, i, j, k, pad = 0, ret, mac_size = 0;
+ const EVP_CIPHER *enc;
+
+ if (send) {
+ if (EVP_MD_CTX_md(s->write_hash)) {
+ int n = EVP_MD_CTX_size(s->write_hash);
+ OPENSSL_assert(n >= 0);
+ }
+ ds = s->enc_write_ctx;
+ rec = &(s->s3->wrec);
+ if (s->enc_write_ctx == NULL)
+ enc = NULL;
+ else {
+ int ivlen;
+ enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+ /* For TLSv1.1 and later explicit IV */
+ if (s->version >= TLS1_1_VERSION
+ && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
+ ivlen = EVP_CIPHER_iv_length(enc);
+ else
+ ivlen = 0;
+ if (ivlen > 1) {
+ if (rec->data != rec->input)
+ /*
+ * we can't write into the input stream: Can this ever
+ * happen?? (steve)
+ */
+ fprintf(stderr,
+ "%s:%d: rec->data != rec->input\n",
+ __FILE__, __LINE__);
+ else if (RAND_bytes(rec->input, ivlen) <= 0)
+ return -1;
+ }
+ }
+ } else {
+ if (EVP_MD_CTX_md(s->read_hash)) {
+ int n = EVP_MD_CTX_size(s->read_hash);
+ OPENSSL_assert(n >= 0);
+ }
+ ds = s->enc_read_ctx;
+ rec = &(s->s3->rrec);
+ if (s->enc_read_ctx == NULL)
+ enc = NULL;
+ else
+ enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+ }
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_enc(%d)\n", send);
+#endif /* KSSL_DEBUG */
+
+ if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
+ memmove(rec->data, rec->input, rec->length);
+ rec->input = rec->data;
+ ret = 1;
+ } else {
+ l = rec->length;
+ bs = EVP_CIPHER_block_size(ds->cipher);
+
+ if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+ unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq;
+
+ seq = send ? s->s3->write_sequence : s->s3->read_sequence;
+
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+ unsigned char dtlsseq[9], *p = dtlsseq;
+
+ s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
+ memcpy(p, &seq[2], 6);
+ memcpy(buf, dtlsseq, 8);
+ } else {
+ memcpy(buf, seq, 8);
+ for (i = 7; i >= 0; i--) { /* increment */
+ ++seq[i];
+ if (seq[i] != 0)
+ break;
+ }
+ }
+
+ buf[8] = rec->type;
+ buf[9] = (unsigned char)(s->version >> 8);
+ buf[10] = (unsigned char)(s->version);
+ buf[11] = rec->length >> 8;
+ buf[12] = rec->length & 0xff;
+ pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD,
+ EVP_AEAD_TLS1_AAD_LEN, buf);
+ if (pad <= 0)
+ return -1;
+ if (send) {
+ l += pad;
+ rec->length += pad;
+ }
+ } else if ((bs != 1) && send) {
+ i = bs - ((int)l % bs);
+
+ /* Add weird padding of upto 256 bytes */
+
+ /* we need to add 'i' padding bytes of value j */
+ j = i - 1;
+ if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) {
+ if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+ j++;
+ }
+ for (k = (int)l; k < (int)(l + i); k++)
+ rec->input[k] = j;
+ l += i;
+ rec->length += i;
+ }
+#ifdef KSSL_DEBUG
+ {
+ unsigned long ui;
+ fprintf(stderr,
+ "EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
+ ds, rec->data, rec->input, l);
+ fprintf(stderr,
+ "\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n",
+ ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
+ DES_SCHEDULE_SZ, ds->cipher->iv_len);
+ fprintf(stderr, "\t\tIV: ");
+ for (i = 0; i < ds->cipher->iv_len; i++)
+ fprintf(stderr, "%02X", ds->iv[i]);
+ fprintf(stderr, "\n");
+ fprintf(stderr, "\trec->input=");
+ for (ui = 0; ui < l; ui++)
+ fprintf(stderr, " %02x", rec->input[ui]);
+ fprintf(stderr, "\n");
+ }
+#endif /* KSSL_DEBUG */
+
+ if (!send) {
+ if (l == 0 || l % bs != 0)
+ return 0;
+ }
+
+ i = EVP_Cipher(ds, rec->data, rec->input, l);
+ if ((EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ ? (i < 0)
+ : (i == 0))
+ return -1; /* AEAD can fail to verify MAC */
+ if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) {
+ rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ }
+#ifdef KSSL_DEBUG
+ {
+ unsigned long i;
+ fprintf(stderr, "\trec->data=");
+ for (i = 0; i < l; i++)
+ fprintf(stderr, " %02x", rec->data[i]);
+ fprintf(stderr, "\n");
+ }
+#endif /* KSSL_DEBUG */
+
+ ret = 1;
+ if (EVP_MD_CTX_md(s->read_hash) != NULL)
+ mac_size = EVP_MD_CTX_size(s->read_hash);
+ if ((bs != 1) && !send)
+ ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
+ if (pad && !send)
+ rec->length -= pad;
+ }
+ return ret;
+}
+
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
+{
+ unsigned int ret;
+ EVP_MD_CTX ctx, *d = NULL;
+ int i;
+
+ if (s->s3->handshake_buffer)
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
+ for (i = 0; i < SSL_MAX_DIGEST; i++) {
+ if (s->s3->handshake_dgst[i]
+ && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
+ d = s->s3->handshake_dgst[i];
+ break;
+ }
+ }
+ if (!d) {
+ SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
+ return 0;
+ }
+
+ EVP_MD_CTX_init(&ctx);
+ if (EVP_MD_CTX_copy_ex(&ctx, d) <=0
+ || EVP_DigestFinal_ex(&ctx, out, &ret) <= 0)
+ ret = 0;
+ EVP_MD_CTX_cleanup(&ctx);
+ return ((int)ret);
+}
+
+int tls1_final_finish_mac(SSL *s,
+ const char *str, int slen, unsigned char *out)
+{
+ unsigned int i;
+ EVP_MD_CTX ctx;
+ unsigned char buf[2 * EVP_MAX_MD_SIZE];
+ unsigned char *q, buf2[12];
+ int idx;
+ long mask;
+ int err = 0;
+ const EVP_MD *md;
+
+ q = buf;
+
+ if (s->s3->handshake_buffer)
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
+ EVP_MD_CTX_init(&ctx);
+
+ for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
+ if (mask & ssl_get_algorithm2(s)) {
+ int hashsize = EVP_MD_size(md);
+ EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
+ if (!hdgst || hashsize < 0
+ || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
+ /*
+ * internal error: 'buf' is too small for this cipersuite!
+ */
+ err = 1;
+ } else {
+ if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
+ !EVP_DigestFinal_ex(&ctx, q, &i) ||
+ (i != (unsigned int)hashsize))
+ err = 1;
+ q += hashsize;
+ }
+ }
+ }
+
+ if (!tls1_PRF(ssl_get_algorithm2(s),
+ str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
+ s->session->master_key, s->session->master_key_length,
+ out, buf2, sizeof buf2))
+ err = 1;
+ EVP_MD_CTX_cleanup(&ctx);
+
+ OPENSSL_cleanse(buf, (int)(q - buf));
+ OPENSSL_cleanse(buf2, sizeof(buf2));
+ if (err)
+ return 0;
+ else
+ return sizeof buf2;
+}
+
+int tls1_mac(SSL *ssl, unsigned char *md, int send)
+{
+ SSL3_RECORD *rec;
+ unsigned char *seq;
+ EVP_MD_CTX *hash;
+ size_t md_size, orig_len;
+ int i;
+ EVP_MD_CTX hmac, *mac_ctx;
+ unsigned char header[13];
+ int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
+ : (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
+ int t;
+
+ if (send) {
+ rec = &(ssl->s3->wrec);
+ seq = &(ssl->s3->write_sequence[0]);
+ hash = ssl->write_hash;
+ } else {
+ rec = &(ssl->s3->rrec);
+ seq = &(ssl->s3->read_sequence[0]);
+ hash = ssl->read_hash;
+ }
+
+ t = EVP_MD_CTX_size(hash);
+ OPENSSL_assert(t >= 0);
+ md_size = t;
+
+ /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
+ if (stream_mac) {
+ mac_ctx = hash;
+ } else {
+ if (!EVP_MD_CTX_copy(&hmac, hash))
+ return -1;
+ mac_ctx = &hmac;
+ }
+
+ if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER) {
+ unsigned char dtlsseq[8], *p = dtlsseq;
+
+ s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
+ memcpy(p, &seq[2], 6);
+
+ memcpy(header, dtlsseq, 8);
+ } else
+ memcpy(header, seq, 8);
+
+ /*
+ * kludge: tls1_cbc_remove_padding passes padding length in rec->type
+ */
+ orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
+ rec->type &= 0xff;
+
+ header[8] = rec->type;
+ header[9] = (unsigned char)(ssl->version >> 8);
+ header[10] = (unsigned char)(ssl->version);
+ header[11] = (rec->length) >> 8;
+ header[12] = (rec->length) & 0xff;
+
+ if (!send &&
+ EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+ ssl3_cbc_record_digest_supported(mac_ctx)) {
+ /*
+ * This is a CBC-encrypted record. We must avoid leaking any
+ * timing-side channel information about how many blocks of data we
+ * are hashing because that gives an attacker a timing-oracle.
+ */
+ /* Final param == not SSLv3 */
+ if (ssl3_cbc_digest_record(mac_ctx,
+ md, &md_size,
+ header, rec->input,
+ rec->length + md_size, orig_len,
+ ssl->s3->read_mac_secret,
+ ssl->s3->read_mac_secret_size, 0) <= 0) {
+ if (!stream_mac)
+ EVP_MD_CTX_cleanup(&hmac);
+ return -1;
+ }
+ } else {
+ if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
+ || EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
+ || EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
+ if (!stream_mac)
+ EVP_MD_CTX_cleanup(&hmac);
+ return -1;
+ }
+#ifdef OPENSSL_FIPS
+ if (!send && FIPS_mode())
+ tls_fips_digest_extra(ssl->enc_read_ctx,
+ mac_ctx, rec->input, rec->length, orig_len);
+#endif
+ }
+
+ if (!stream_mac)
+ EVP_MD_CTX_cleanup(&hmac);
+#ifdef TLS_DEBUG
+ fprintf(stderr, "seq=");
+ {
+ int z;
+ for (z = 0; z < 8; z++)
+ fprintf(stderr, "%02X ", seq[z]);
+ fprintf(stderr, "\n");
+ }
+ fprintf(stderr, "rec=");
+ {
+ unsigned int z;
+ for (z = 0; z < rec->length; z++)
+ fprintf(stderr, "%02X ", rec->data[z]);
+ fprintf(stderr, "\n");
+ }
+#endif
+
+ if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {
+ for (i = 7; i >= 0; i--) {
+ ++seq[i];
+ if (seq[i] != 0)
+ break;
+ }
+ }
+#ifdef TLS_DEBUG
+ {
+ unsigned int z;
+ for (z = 0; z < md_size; z++)
+ fprintf(stderr, "%02X ", md[z]);
+ fprintf(stderr, "\n");
+ }
+#endif
+ return (md_size);
+}
+
+int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
+ int len)
+{
+ unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+ const void *co = NULL, *so = NULL;
+ int col = 0, sol = 0;
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p,
+ len);
+#endif /* KSSL_DEBUG */
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL
+ && s->s3->server_opaque_prf_input != NULL
+ && s->s3->client_opaque_prf_input_len > 0
+ && s->s3->client_opaque_prf_input_len ==
+ s->s3->server_opaque_prf_input_len) {
+ co = s->s3->client_opaque_prf_input;
+ col = s->s3->server_opaque_prf_input_len;
+ so = s->s3->server_opaque_prf_input;
+ /*
+ * must be same as col (see
+ * draft-rescorla-tls-opaque-prf-input-00.txt, section 3.1)
+ */
+ sol = s->s3->client_opaque_prf_input_len;
+ }
+#endif
+
+ tls1_PRF(ssl_get_algorithm2(s),
+ TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ co, col,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ so, sol, p, len, s->session->master_key, buff, sizeof buff);
+ OPENSSL_cleanse(buff, sizeof buff);
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Premaster Secret:\n");
+ BIO_dump_fp(stderr, (char *)p, len);
+ fprintf(stderr, "Client Random:\n");
+ BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
+ fprintf(stderr, "Server Random:\n");
+ BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
+ fprintf(stderr, "Master Secret:\n");
+ BIO_dump_fp(stderr, (char *)s->session->master_key,
+ SSL3_MASTER_SECRET_SIZE);
+#endif
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_generate_master_secret() complete\n");
+#endif /* KSSL_DEBUG */
+ return (SSL3_MASTER_SECRET_SIZE);
+}
+
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *context,
+ size_t contextlen, int use_context)
+{
+ unsigned char *buff;
+ unsigned char *val = NULL;
+ size_t vallen, currentvalpos;
+ int rv;
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n",
+ s, out, olen, label, llen, context, contextlen);
+#endif /* KSSL_DEBUG */
+
+ buff = OPENSSL_malloc(olen);
+ if (buff == NULL)
+ goto err2;
+
+ /*
+ * construct PRF arguments we construct the PRF argument ourself rather
+ * than passing separate values into the TLS PRF to ensure that the
+ * concatenation of values does not create a prohibited label.
+ */
+ vallen = llen + SSL3_RANDOM_SIZE * 2;
+ if (use_context) {
+ vallen += 2 + contextlen;
+ }
+
+ val = OPENSSL_malloc(vallen);
+ if (val == NULL)
+ goto err2;
+ currentvalpos = 0;
+ memcpy(val + currentvalpos, (unsigned char *)label, llen);
+ currentvalpos += llen;
+ memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
+ currentvalpos += SSL3_RANDOM_SIZE;
+ memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
+ currentvalpos += SSL3_RANDOM_SIZE;
+
+ if (use_context) {
+ val[currentvalpos] = (contextlen >> 8) & 0xff;
+ currentvalpos++;
+ val[currentvalpos] = contextlen & 0xff;
+ currentvalpos++;
+ if ((contextlen > 0) || (context != NULL)) {
+ memcpy(val + currentvalpos, context, contextlen);
+ }
+ }
+
+ /*
+ * disallow prohibited labels note that SSL3_RANDOM_SIZE > max(prohibited
+ * label len) = 15, so size of val > max(prohibited label len) = 15 and
+ * the comparisons won't have buffer overflow
+ */
+ if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
+ TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0)
+ goto err1;
+ if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
+ TLS_MD_SERVER_FINISH_CONST_SIZE) == 0)
+ goto err1;
+ if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
+ TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
+ goto err1;
+ if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
+ TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
+ goto err1;
+
+ rv = tls1_PRF(ssl_get_algorithm2(s),
+ val, vallen,
+ NULL, 0,
+ NULL, 0,
+ NULL, 0,
+ NULL, 0,
+ s->session->master_key, s->session->master_key_length,
+ out, buff, olen);
+ OPENSSL_cleanse(val, vallen);
+ OPENSSL_cleanse(buff, olen);
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_export_keying_material() complete\n");
+#endif /* KSSL_DEBUG */
+ goto ret;
+ err1:
+ SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
+ SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
+ rv = 0;
+ goto ret;
+ err2:
+ SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
+ rv = 0;
+ ret:
+ if (buff != NULL)
+ OPENSSL_free(buff);
+ if (val != NULL)
+ OPENSSL_free(val);
+ return (rv);
+}
+
+int tls1_alert_code(int code)
+{
+ switch (code) {
+ case SSL_AD_CLOSE_NOTIFY:
+ return (SSL3_AD_CLOSE_NOTIFY);
+ case SSL_AD_UNEXPECTED_MESSAGE:
+ return (SSL3_AD_UNEXPECTED_MESSAGE);
+ case SSL_AD_BAD_RECORD_MAC:
+ return (SSL3_AD_BAD_RECORD_MAC);
+ case SSL_AD_DECRYPTION_FAILED:
+ return (TLS1_AD_DECRYPTION_FAILED);
+ case SSL_AD_RECORD_OVERFLOW:
+ return (TLS1_AD_RECORD_OVERFLOW);
+ case SSL_AD_DECOMPRESSION_FAILURE:
+ return (SSL3_AD_DECOMPRESSION_FAILURE);
+ case SSL_AD_HANDSHAKE_FAILURE:
+ return (SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_NO_CERTIFICATE:
+ return (-1);
+ case SSL_AD_BAD_CERTIFICATE:
+ return (SSL3_AD_BAD_CERTIFICATE);
+ case SSL_AD_UNSUPPORTED_CERTIFICATE:
+ return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
+ case SSL_AD_CERTIFICATE_REVOKED:
+ return (SSL3_AD_CERTIFICATE_REVOKED);
+ case SSL_AD_CERTIFICATE_EXPIRED:
+ return (SSL3_AD_CERTIFICATE_EXPIRED);
+ case SSL_AD_CERTIFICATE_UNKNOWN:
+ return (SSL3_AD_CERTIFICATE_UNKNOWN);
+ case SSL_AD_ILLEGAL_PARAMETER:
+ return (SSL3_AD_ILLEGAL_PARAMETER);
+ case SSL_AD_UNKNOWN_CA:
+ return (TLS1_AD_UNKNOWN_CA);
+ case SSL_AD_ACCESS_DENIED:
+ return (TLS1_AD_ACCESS_DENIED);
+ case SSL_AD_DECODE_ERROR:
+ return (TLS1_AD_DECODE_ERROR);
+ case SSL_AD_DECRYPT_ERROR:
+ return (TLS1_AD_DECRYPT_ERROR);
+ case SSL_AD_EXPORT_RESTRICTION:
+ return (TLS1_AD_EXPORT_RESTRICTION);
+ case SSL_AD_PROTOCOL_VERSION:
+ return (TLS1_AD_PROTOCOL_VERSION);
+ case SSL_AD_INSUFFICIENT_SECURITY:
+ return (TLS1_AD_INSUFFICIENT_SECURITY);
+ case SSL_AD_INTERNAL_ERROR:
+ return (TLS1_AD_INTERNAL_ERROR);
+ case SSL_AD_USER_CANCELLED:
+ return (TLS1_AD_USER_CANCELLED);
+ case SSL_AD_NO_RENEGOTIATION:
+ return (TLS1_AD_NO_RENEGOTIATION);
+ case SSL_AD_UNSUPPORTED_EXTENSION:
+ return (TLS1_AD_UNSUPPORTED_EXTENSION);
+ case SSL_AD_CERTIFICATE_UNOBTAINABLE:
+ return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
+ case SSL_AD_UNRECOGNIZED_NAME:
+ return (TLS1_AD_UNRECOGNIZED_NAME);
+ case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+ return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
+ case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
+ return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
+ case SSL_AD_UNKNOWN_PSK_IDENTITY:
+ return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
+ case SSL_AD_INAPPROPRIATE_FALLBACK:
+ return (TLS1_AD_INAPPROPRIATE_FALLBACK);
+#if 0
+ /* not appropriate for TLS, not used for DTLS */
+ case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE:
+ return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
+ default:
+ return (-1);
+ }
+}
Deleted: vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c
===================================================================
--- vendor-crypto/openssl/dist/ssl/t1_lib.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,2704 +0,0 @@
-/* ssl/t1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/ocsp.h>
-#include <openssl/rand.h>
-#include "ssl_locl.h"
-
-const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
-
-#ifndef OPENSSL_NO_TLSEXT
-static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
- const unsigned char *sess_id, int sesslen,
- SSL_SESSION **psess);
-#endif
-
-SSL3_ENC_METHOD TLSv1_enc_data = {
- tls1_enc,
- tls1_mac,
- tls1_setup_key_block,
- tls1_generate_master_secret,
- tls1_change_cipher_state,
- tls1_final_finish_mac,
- TLS1_FINISH_MAC_LENGTH,
- tls1_cert_verify_mac,
- TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
- TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
- tls1_alert_code,
- tls1_export_keying_material,
-};
-
-long tls1_default_timeout(void)
-{
- /*
- * 2 hours, the 24 hours mentioned in the TLSv1 spec is way too long for
- * http, the cache would over fill
- */
- return (60 * 60 * 2);
-}
-
-int tls1_new(SSL *s)
-{
- if (!ssl3_new(s))
- return (0);
- s->method->ssl_clear(s);
- return (1);
-}
-
-void tls1_free(SSL *s)
-{
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_session_ticket) {
- OPENSSL_free(s->tlsext_session_ticket);
- }
-#endif /* OPENSSL_NO_TLSEXT */
- ssl3_free(s);
-}
-
-void tls1_clear(SSL *s)
-{
- ssl3_clear(s);
- s->version = s->method->version;
-}
-
-#ifndef OPENSSL_NO_EC
-
-static int nid_list[] = {
- NID_sect163k1, /* sect163k1 (1) */
- NID_sect163r1, /* sect163r1 (2) */
- NID_sect163r2, /* sect163r2 (3) */
- NID_sect193r1, /* sect193r1 (4) */
- NID_sect193r2, /* sect193r2 (5) */
- NID_sect233k1, /* sect233k1 (6) */
- NID_sect233r1, /* sect233r1 (7) */
- NID_sect239k1, /* sect239k1 (8) */
- NID_sect283k1, /* sect283k1 (9) */
- NID_sect283r1, /* sect283r1 (10) */
- NID_sect409k1, /* sect409k1 (11) */
- NID_sect409r1, /* sect409r1 (12) */
- NID_sect571k1, /* sect571k1 (13) */
- NID_sect571r1, /* sect571r1 (14) */
- NID_secp160k1, /* secp160k1 (15) */
- NID_secp160r1, /* secp160r1 (16) */
- NID_secp160r2, /* secp160r2 (17) */
- NID_secp192k1, /* secp192k1 (18) */
- NID_X9_62_prime192v1, /* secp192r1 (19) */
- NID_secp224k1, /* secp224k1 (20) */
- NID_secp224r1, /* secp224r1 (21) */
- NID_secp256k1, /* secp256k1 (22) */
- NID_X9_62_prime256v1, /* secp256r1 (23) */
- NID_secp384r1, /* secp384r1 (24) */
- NID_secp521r1 /* secp521r1 (25) */
-};
-
-static int pref_list[] = {
-# ifndef OPENSSL_NO_EC2M
- NID_sect571r1, /* sect571r1 (14) */
- NID_sect571k1, /* sect571k1 (13) */
-# endif
- NID_secp521r1, /* secp521r1 (25) */
-# ifndef OPENSSL_NO_EC2M
- NID_sect409k1, /* sect409k1 (11) */
- NID_sect409r1, /* sect409r1 (12) */
-# endif
- NID_secp384r1, /* secp384r1 (24) */
-# ifndef OPENSSL_NO_EC2M
- NID_sect283k1, /* sect283k1 (9) */
- NID_sect283r1, /* sect283r1 (10) */
-# endif
- NID_secp256k1, /* secp256k1 (22) */
- NID_X9_62_prime256v1, /* secp256r1 (23) */
-# ifndef OPENSSL_NO_EC2M
- NID_sect239k1, /* sect239k1 (8) */
- NID_sect233k1, /* sect233k1 (6) */
- NID_sect233r1, /* sect233r1 (7) */
-# endif
- NID_secp224k1, /* secp224k1 (20) */
- NID_secp224r1, /* secp224r1 (21) */
-# ifndef OPENSSL_NO_EC2M
- NID_sect193r1, /* sect193r1 (4) */
- NID_sect193r2, /* sect193r2 (5) */
-# endif
- NID_secp192k1, /* secp192k1 (18) */
- NID_X9_62_prime192v1, /* secp192r1 (19) */
-# ifndef OPENSSL_NO_EC2M
- NID_sect163k1, /* sect163k1 (1) */
- NID_sect163r1, /* sect163r1 (2) */
- NID_sect163r2, /* sect163r2 (3) */
-# endif
- NID_secp160k1, /* secp160k1 (15) */
- NID_secp160r1, /* secp160r1 (16) */
- NID_secp160r2, /* secp160r2 (17) */
-};
-
-int tls1_ec_curve_id2nid(int curve_id)
-{
- /* ECC curves from RFC 4492 */
- if ((curve_id < 1) || ((unsigned int)curve_id >
- sizeof(nid_list) / sizeof(nid_list[0])))
- return 0;
- return nid_list[curve_id - 1];
-}
-
-int tls1_ec_nid2curve_id(int nid)
-{
- /* ECC curves from RFC 4492 */
- switch (nid) {
- case NID_sect163k1: /* sect163k1 (1) */
- return 1;
- case NID_sect163r1: /* sect163r1 (2) */
- return 2;
- case NID_sect163r2: /* sect163r2 (3) */
- return 3;
- case NID_sect193r1: /* sect193r1 (4) */
- return 4;
- case NID_sect193r2: /* sect193r2 (5) */
- return 5;
- case NID_sect233k1: /* sect233k1 (6) */
- return 6;
- case NID_sect233r1: /* sect233r1 (7) */
- return 7;
- case NID_sect239k1: /* sect239k1 (8) */
- return 8;
- case NID_sect283k1: /* sect283k1 (9) */
- return 9;
- case NID_sect283r1: /* sect283r1 (10) */
- return 10;
- case NID_sect409k1: /* sect409k1 (11) */
- return 11;
- case NID_sect409r1: /* sect409r1 (12) */
- return 12;
- case NID_sect571k1: /* sect571k1 (13) */
- return 13;
- case NID_sect571r1: /* sect571r1 (14) */
- return 14;
- case NID_secp160k1: /* secp160k1 (15) */
- return 15;
- case NID_secp160r1: /* secp160r1 (16) */
- return 16;
- case NID_secp160r2: /* secp160r2 (17) */
- return 17;
- case NID_secp192k1: /* secp192k1 (18) */
- return 18;
- case NID_X9_62_prime192v1: /* secp192r1 (19) */
- return 19;
- case NID_secp224k1: /* secp224k1 (20) */
- return 20;
- case NID_secp224r1: /* secp224r1 (21) */
- return 21;
- case NID_secp256k1: /* secp256k1 (22) */
- return 22;
- case NID_X9_62_prime256v1: /* secp256r1 (23) */
- return 23;
- case NID_secp384r1: /* secp384r1 (24) */
- return 24;
- case NID_secp521r1: /* secp521r1 (25) */
- return 25;
- default:
- return 0;
- }
-}
-#endif /* OPENSSL_NO_EC */
-
-#ifndef OPENSSL_NO_TLSEXT
-
-/*
- * List of supported signature algorithms and hashes. Should make this
- * customisable at some point, for now include everything we support.
- */
-
-# ifdef OPENSSL_NO_RSA
-# define tlsext_sigalg_rsa(md) /* */
-# else
-# define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
-# endif
-
-# ifdef OPENSSL_NO_DSA
-# define tlsext_sigalg_dsa(md) /* */
-# else
-# define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
-# endif
-
-# ifdef OPENSSL_NO_ECDSA
-# define tlsext_sigalg_ecdsa(md)
- /* */
-# else
-# define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_ecdsa,
-# endif
-
-# define tlsext_sigalg(md) \
- tlsext_sigalg_rsa(md) \
- tlsext_sigalg_dsa(md) \
- tlsext_sigalg_ecdsa(md)
-
-static unsigned char tls12_sigalgs[] = {
-# ifndef OPENSSL_NO_SHA512
- tlsext_sigalg(TLSEXT_hash_sha512)
- tlsext_sigalg(TLSEXT_hash_sha384)
-# endif
-# ifndef OPENSSL_NO_SHA256
- tlsext_sigalg(TLSEXT_hash_sha256)
- tlsext_sigalg(TLSEXT_hash_sha224)
-# endif
-# ifndef OPENSSL_NO_SHA
- tlsext_sigalg(TLSEXT_hash_sha1)
-# endif
-};
-
-int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
-{
- size_t slen = sizeof(tls12_sigalgs);
- if (p)
- memcpy(p, tls12_sigalgs, slen);
- return (int)slen;
-}
-
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
- unsigned char *limit)
-{
- int extdatalen = 0;
- unsigned char *orig = buf;
- unsigned char *ret = buf;
-
- /* don't add extensions for SSLv3 unless doing secure renegotiation */
- if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding)
- return orig;
-
- ret += 2;
-
- if (ret >= limit)
- return NULL; /* this really never occurs, but ... */
-
- if (s->tlsext_hostname != NULL) {
- /* Add TLS extension servername to the Client Hello message */
- unsigned long size_str;
- long lenmax;
-
- /*-
- * check for enough space.
- * 4 for the servername type and entension length
- * 2 for servernamelist length
- * 1 for the hostname type
- * 2 for hostname length
- * + hostname length
- */
-
- if ((lenmax = limit - ret - 9) < 0
- || (size_str =
- strlen(s->tlsext_hostname)) > (unsigned long)lenmax)
- return NULL;
-
- /* extension type and length */
- s2n(TLSEXT_TYPE_server_name, ret);
- s2n(size_str + 5, ret);
-
- /* length of servername list */
- s2n(size_str + 3, ret);
-
- /* hostname type, length and hostname */
- *(ret++) = (unsigned char)TLSEXT_NAMETYPE_host_name;
- s2n(size_str, ret);
- memcpy(ret, s->tlsext_hostname, size_str);
- ret += size_str;
- }
-
- /* Add RI if renegotiating */
- if (s->renegotiate) {
- int el;
-
- if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
- SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- if ((limit - ret - 4 - el) < 0)
- return NULL;
-
- s2n(TLSEXT_TYPE_renegotiate, ret);
- s2n(el, ret);
-
- if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) {
- SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- ret += el;
- }
-# ifndef OPENSSL_NO_SRP
- /* Add SRP username if there is one */
- if (s->srp_ctx.login != NULL) { /* Add TLS extension SRP username to the
- * Client Hello message */
-
- int login_len = strlen(s->srp_ctx.login);
- if (login_len > 255 || login_len == 0) {
- SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- /*-
- * check for enough space.
- * 4 for the srp type type and entension length
- * 1 for the srp user identity
- * + srp user identity length
- */
- if ((limit - ret - 5 - login_len) < 0)
- return NULL;
-
- /* fill in the extension */
- s2n(TLSEXT_TYPE_srp, ret);
- s2n(login_len + 1, ret);
- (*ret++) = (unsigned char)login_len;
- memcpy(ret, s->srp_ctx.login, login_len);
- ret += login_len;
- }
-# endif
-
-# ifndef OPENSSL_NO_EC
- if (s->tlsext_ecpointformatlist != NULL) {
- /*
- * Add TLS extension ECPointFormats to the ClientHello message
- */
- long lenmax;
-
- if ((lenmax = limit - ret - 5) < 0)
- return NULL;
- if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax)
- return NULL;
- if (s->tlsext_ecpointformatlist_length > 255) {
- SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- s2n(TLSEXT_TYPE_ec_point_formats, ret);
- s2n(s->tlsext_ecpointformatlist_length + 1, ret);
- *(ret++) = (unsigned char)s->tlsext_ecpointformatlist_length;
- memcpy(ret, s->tlsext_ecpointformatlist,
- s->tlsext_ecpointformatlist_length);
- ret += s->tlsext_ecpointformatlist_length;
- }
- if (s->tlsext_ellipticcurvelist != NULL) {
- /*
- * Add TLS extension EllipticCurves to the ClientHello message
- */
- long lenmax;
-
- if ((lenmax = limit - ret - 6) < 0)
- return NULL;
- if (s->tlsext_ellipticcurvelist_length > (unsigned long)lenmax)
- return NULL;
- if (s->tlsext_ellipticcurvelist_length > 65532) {
- SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- s2n(TLSEXT_TYPE_elliptic_curves, ret);
- s2n(s->tlsext_ellipticcurvelist_length + 2, ret);
-
- s2n(s->tlsext_ellipticcurvelist_length, ret);
- memcpy(ret, s->tlsext_ellipticcurvelist,
- s->tlsext_ellipticcurvelist_length);
- ret += s->tlsext_ellipticcurvelist_length;
- }
-# endif /* OPENSSL_NO_EC */
-
- if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
- int ticklen;
- if (!s->new_session && s->session && s->session->tlsext_tick)
- ticklen = s->session->tlsext_ticklen;
- else if (s->session && s->tlsext_session_ticket &&
- s->tlsext_session_ticket->data) {
- ticklen = s->tlsext_session_ticket->length;
- s->session->tlsext_tick = OPENSSL_malloc(ticklen);
- if (!s->session->tlsext_tick)
- return NULL;
- memcpy(s->session->tlsext_tick,
- s->tlsext_session_ticket->data, ticklen);
- s->session->tlsext_ticklen = ticklen;
- } else
- ticklen = 0;
- if (ticklen == 0 && s->tlsext_session_ticket &&
- s->tlsext_session_ticket->data == NULL)
- goto skip_ext;
- /*
- * Check for enough room 2 for extension type, 2 for len rest for
- * ticket
- */
- if ((long)(limit - ret - 4 - ticklen) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_session_ticket, ret);
- s2n(ticklen, ret);
- if (ticklen) {
- memcpy(ret, s->session->tlsext_tick, ticklen);
- ret += ticklen;
- }
- }
- skip_ext:
-
- if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
- if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
- return NULL;
- s2n(TLSEXT_TYPE_signature_algorithms, ret);
- s2n(sizeof(tls12_sigalgs) + 2, ret);
- s2n(sizeof(tls12_sigalgs), ret);
- memcpy(ret, tls12_sigalgs, sizeof(tls12_sigalgs));
- ret += sizeof(tls12_sigalgs);
- }
-# ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL && s->version != DTLS1_VERSION) {
- size_t col = s->s3->client_opaque_prf_input_len;
-
- if ((long)(limit - ret - 6 - col < 0))
- return NULL;
- if (col > 0xFFFD) /* can't happen */
- return NULL;
-
- s2n(TLSEXT_TYPE_opaque_prf_input, ret);
- s2n(col + 2, ret);
- s2n(col, ret);
- memcpy(ret, s->s3->client_opaque_prf_input, col);
- ret += col;
- }
-# endif
-
- if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
- s->version != DTLS1_VERSION) {
- int i;
- long extlen, idlen, itmp;
- OCSP_RESPID *id;
-
- idlen = 0;
- for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
- id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
- itmp = i2d_OCSP_RESPID(id, NULL);
- if (itmp <= 0)
- return NULL;
- idlen += itmp + 2;
- }
-
- if (s->tlsext_ocsp_exts) {
- extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
- if (extlen < 0)
- return NULL;
- } else
- extlen = 0;
-
- if ((long)(limit - ret - 7 - extlen - idlen) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_status_request, ret);
- if (extlen + idlen > 0xFFF0)
- return NULL;
- s2n(extlen + idlen + 5, ret);
- *(ret++) = TLSEXT_STATUSTYPE_ocsp;
- s2n(idlen, ret);
- for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
- /* save position of id len */
- unsigned char *q = ret;
- id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
- /* skip over id len */
- ret += 2;
- itmp = i2d_OCSP_RESPID(id, &ret);
- /* write id len */
- s2n(itmp, q);
- }
- s2n(extlen, ret);
- if (extlen > 0)
- i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
- }
-# ifndef OPENSSL_NO_HEARTBEATS
- /* Add Heartbeat extension */
- if ((limit - ret - 4 - 1) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_heartbeat, ret);
- s2n(1, ret);
- /*-
- * Set mode:
- * 1: peer may send requests
- * 2: peer not allowed to send requests
- */
- if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
- *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
- else
- *(ret++) = SSL_TLSEXT_HB_ENABLED;
-# endif
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
- if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
- /*
- * The client advertises an emtpy extension to indicate its support
- * for Next Protocol Negotiation
- */
- if (limit - ret - 4 < 0)
- return NULL;
- s2n(TLSEXT_TYPE_next_proto_neg, ret);
- s2n(0, ret);
- }
-# endif
-
-# ifndef OPENSSL_NO_SRTP
- if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
- int el;
-
- ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
-
- if ((limit - ret - 4 - el) < 0)
- return NULL;
-
- s2n(TLSEXT_TYPE_use_srtp, ret);
- s2n(el, ret);
-
- if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
- SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
- ret += el;
- }
-# endif
- /*
- * Add padding to workaround bugs in F5 terminators. See
- * https://tools.ietf.org/html/draft-agl-tls-padding-03 NB: because this
- * code works out the length of all existing extensions it MUST always
- * appear last.
- */
- if (s->options & SSL_OP_TLSEXT_PADDING) {
- int hlen = ret - (unsigned char *)s->init_buf->data;
- /*
- * The code in s23_clnt.c to build ClientHello messages includes the
- * 5-byte record header in the buffer, while the code in s3_clnt.c
- * does not.
- */
- if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
- hlen -= 5;
- if (hlen > 0xff && hlen < 0x200) {
- hlen = 0x200 - hlen;
- if (hlen >= 4)
- hlen -= 4;
- else
- hlen = 0;
-
- s2n(TLSEXT_TYPE_padding, ret);
- s2n(hlen, ret);
- memset(ret, 0, hlen);
- ret += hlen;
- }
- }
-
- if ((extdatalen = ret - orig - 2) == 0)
- return orig;
-
- s2n(extdatalen, orig);
- return ret;
-}
-
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
- unsigned char *limit)
-{
- int extdatalen = 0;
- unsigned char *orig = buf;
- unsigned char *ret = buf;
-# ifndef OPENSSL_NO_NEXTPROTONEG
- int next_proto_neg_seen;
-# endif
-
- /*
- * don't add extensions for SSLv3, unless doing secure renegotiation
- */
- if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
- return orig;
-
- ret += 2;
- if (ret >= limit)
- return NULL; /* this really never occurs, but ... */
-
- if (!s->hit && s->servername_done == 1
- && s->session->tlsext_hostname != NULL) {
- if ((long)(limit - ret - 4) < 0)
- return NULL;
-
- s2n(TLSEXT_TYPE_server_name, ret);
- s2n(0, ret);
- }
-
- if (s->s3->send_connection_binding) {
- int el;
-
- if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) {
- SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- if ((limit - ret - 4 - el) < 0)
- return NULL;
-
- s2n(TLSEXT_TYPE_renegotiate, ret);
- s2n(el, ret);
-
- if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) {
- SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- ret += el;
- }
-# ifndef OPENSSL_NO_EC
- if (s->tlsext_ecpointformatlist != NULL) {
- /*
- * Add TLS extension ECPointFormats to the ServerHello message
- */
- long lenmax;
-
- if ((lenmax = limit - ret - 5) < 0)
- return NULL;
- if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax)
- return NULL;
- if (s->tlsext_ecpointformatlist_length > 255) {
- SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
-
- s2n(TLSEXT_TYPE_ec_point_formats, ret);
- s2n(s->tlsext_ecpointformatlist_length + 1, ret);
- *(ret++) = (unsigned char)s->tlsext_ecpointformatlist_length;
- memcpy(ret, s->tlsext_ecpointformatlist,
- s->tlsext_ecpointformatlist_length);
- ret += s->tlsext_ecpointformatlist_length;
-
- }
- /*
- * Currently the server should not respond with a SupportedCurves
- * extension
- */
-# endif /* OPENSSL_NO_EC */
-
- if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
- if ((long)(limit - ret - 4) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_session_ticket, ret);
- s2n(0, ret);
- }
-
- if (s->tlsext_status_expected) {
- if ((long)(limit - ret - 4) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_status_request, ret);
- s2n(0, ret);
- }
-# ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input != NULL && s->version != DTLS1_VERSION) {
- size_t sol = s->s3->server_opaque_prf_input_len;
-
- if ((long)(limit - ret - 6 - sol) < 0)
- return NULL;
- if (sol > 0xFFFD) /* can't happen */
- return NULL;
-
- s2n(TLSEXT_TYPE_opaque_prf_input, ret);
- s2n(sol + 2, ret);
- s2n(sol, ret);
- memcpy(ret, s->s3->server_opaque_prf_input, sol);
- ret += sol;
- }
-# endif
-
-# ifndef OPENSSL_NO_SRTP
- if (SSL_IS_DTLS(s) && s->srtp_profile) {
- int el;
-
- ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
-
- if ((limit - ret - 4 - el) < 0)
- return NULL;
-
- s2n(TLSEXT_TYPE_use_srtp, ret);
- s2n(el, ret);
-
- if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
- SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
- return NULL;
- }
- ret += el;
- }
-# endif
-
- if (((s->s3->tmp.new_cipher->id & 0xFFFF) == 0x80
- || (s->s3->tmp.new_cipher->id & 0xFFFF) == 0x81)
- && (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
- const unsigned char cryptopro_ext[36] = {
- 0xfd, 0xe8, /* 65000 */
- 0x00, 0x20, /* 32 bytes length */
- 0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
- 0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
- 0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
- 0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
- };
- if (limit - ret < 36)
- return NULL;
- memcpy(ret, cryptopro_ext, 36);
- ret += 36;
-
- }
-# ifndef OPENSSL_NO_HEARTBEATS
- /* Add Heartbeat extension if we've received one */
- if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) {
- if ((limit - ret - 4 - 1) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_heartbeat, ret);
- s2n(1, ret);
- /*-
- * Set mode:
- * 1: peer may send requests
- * 2: peer not allowed to send requests
- */
- if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
- *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
- else
- *(ret++) = SSL_TLSEXT_HB_ENABLED;
-
- }
-# endif
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
- next_proto_neg_seen = s->s3->next_proto_neg_seen;
- s->s3->next_proto_neg_seen = 0;
- if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) {
- const unsigned char *npa;
- unsigned int npalen;
- int r;
-
- r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
- s->
- ctx->next_protos_advertised_cb_arg);
- if (r == SSL_TLSEXT_ERR_OK) {
- if ((long)(limit - ret - 4 - npalen) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_next_proto_neg, ret);
- s2n(npalen, ret);
- memcpy(ret, npa, npalen);
- ret += npalen;
- s->s3->next_proto_neg_seen = 1;
- }
- }
-# endif
-
- if ((extdatalen = ret - orig - 2) == 0)
- return orig;
-
- s2n(extdatalen, orig);
- return ret;
-}
-
-# ifndef OPENSSL_NO_EC
-/*-
- * ssl_check_for_safari attempts to fingerprint Safari using OS X
- * SecureTransport using the TLS extension block in |d|, of length |n|.
- * Safari, since 10.6, sends exactly these extensions, in this order:
- * SNI,
- * elliptic_curves
- * ec_point_formats
- *
- * We wish to fingerprint Safari because they broke ECDHE-ECDSA support in 10.8,
- * but they advertise support. So enabling ECDHE-ECDSA ciphers breaks them.
- * Sadly we cannot differentiate 10.6, 10.7 and 10.8.4 (which work), from
- * 10.8..10.8.3 (which don't work).
- */
-static void ssl_check_for_safari(SSL *s, const unsigned char *data,
- const unsigned char *limit)
-{
- unsigned short type, size;
- static const unsigned char kSafariExtensionsBlock[] = {
- 0x00, 0x0a, /* elliptic_curves extension */
- 0x00, 0x08, /* 8 bytes */
- 0x00, 0x06, /* 6 bytes of curve ids */
- 0x00, 0x17, /* P-256 */
- 0x00, 0x18, /* P-384 */
- 0x00, 0x19, /* P-521 */
-
- 0x00, 0x0b, /* ec_point_formats */
- 0x00, 0x02, /* 2 bytes */
- 0x01, /* 1 point format */
- 0x00, /* uncompressed */
- };
-
- /* The following is only present in TLS 1.2 */
- static const unsigned char kSafariTLS12ExtensionsBlock[] = {
- 0x00, 0x0d, /* signature_algorithms */
- 0x00, 0x0c, /* 12 bytes */
- 0x00, 0x0a, /* 10 bytes */
- 0x05, 0x01, /* SHA-384/RSA */
- 0x04, 0x01, /* SHA-256/RSA */
- 0x02, 0x01, /* SHA-1/RSA */
- 0x04, 0x03, /* SHA-256/ECDSA */
- 0x02, 0x03, /* SHA-1/ECDSA */
- };
-
- if (data >= (limit - 2))
- return;
- data += 2;
-
- if (data > (limit - 4))
- return;
- n2s(data, type);
- n2s(data, size);
-
- if (type != TLSEXT_TYPE_server_name)
- return;
-
- if (data + size > limit)
- return;
- data += size;
-
- if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
- const size_t len1 = sizeof(kSafariExtensionsBlock);
- const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
-
- if (data + len1 + len2 != limit)
- return;
- if (memcmp(data, kSafariExtensionsBlock, len1) != 0)
- return;
- if (memcmp(data + len1, kSafariTLS12ExtensionsBlock, len2) != 0)
- return;
- } else {
- const size_t len = sizeof(kSafariExtensionsBlock);
-
- if (data + len != limit)
- return;
- if (memcmp(data, kSafariExtensionsBlock, len) != 0)
- return;
- }
-
- s->s3->is_probably_safari = 1;
-}
-# endif /* !OPENSSL_NO_EC */
-
-int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p,
- unsigned char *limit, int *al)
-{
- unsigned short type;
- unsigned short size;
- unsigned short len;
- unsigned char *data = *p;
- int renegotiate_seen = 0;
- int sigalg_seen = 0;
-
- s->servername_done = 0;
- s->tlsext_status_type = -1;
-# ifndef OPENSSL_NO_NEXTPROTONEG
- s->s3->next_proto_neg_seen = 0;
-# endif
-
-# ifndef OPENSSL_NO_HEARTBEATS
- s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
- SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
-# endif
-
-# ifndef OPENSSL_NO_EC
- if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
- ssl_check_for_safari(s, data, limit);
-# endif /* !OPENSSL_NO_EC */
-
-# ifndef OPENSSL_NO_SRP
- if (s->srp_ctx.login != NULL) {
- OPENSSL_free(s->srp_ctx.login);
- s->srp_ctx.login = NULL;
- }
-# endif
-
- s->srtp_profile = NULL;
-
- if (data == limit)
- goto ri_check;
-
- if (data > (limit - 2))
- goto err;
-
- n2s(data, len);
-
- if (data + len != limit)
- goto err;
-
- while (data <= (limit - 4)) {
- n2s(data, type);
- n2s(data, size);
-
- if (data + size > (limit))
- goto err;
-# if 0
- fprintf(stderr, "Received extension type %d size %d\n", type, size);
-# endif
- if (s->tlsext_debug_cb)
- s->tlsext_debug_cb(s, 0, type, data, size, s->tlsext_debug_arg);
-/*-
- * The servername extension is treated as follows:
- *
- * - Only the hostname type is supported with a maximum length of 255.
- * - The servername is rejected if too long or if it contains zeros,
- * in which case an fatal alert is generated.
- * - The servername field is maintained together with the session cache.
- * - When a session is resumed, the servername call back invoked in order
- * to allow the application to position itself to the right context.
- * - The servername is acknowledged if it is new for a session or when
- * it is identical to a previously used for the same session.
- * Applications can control the behaviour. They can at any time
- * set a 'desirable' servername for a new SSL object. This can be the
- * case for example with HTTPS when a Host: header field is received and
- * a renegotiation is requested. In this case, a possible servername
- * presented in the new client hello is only acknowledged if it matches
- * the value of the Host: field.
- * - Applications must use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
- * if they provide for changing an explicit servername context for the
- * session, i.e. when the session has been established with a servername
- * extension.
- * - On session reconnect, the servername extension may be absent.
- *
- */
-
- if (type == TLSEXT_TYPE_server_name) {
- unsigned char *sdata;
- int servname_type;
- int dsize;
-
- if (size < 2)
- goto err;
- n2s(data, dsize);
- size -= 2;
- if (dsize > size)
- goto err;
-
- sdata = data;
- while (dsize > 3) {
- servname_type = *(sdata++);
- n2s(sdata, len);
- dsize -= 3;
-
- if (len > dsize)
- goto err;
-
- if (s->servername_done == 0)
- switch (servname_type) {
- case TLSEXT_NAMETYPE_host_name:
- if (!s->hit) {
- if (s->session->tlsext_hostname)
- goto err;
-
- if (len > TLSEXT_MAXLEN_host_name) {
- *al = TLS1_AD_UNRECOGNIZED_NAME;
- return 0;
- }
- if ((s->session->tlsext_hostname =
- OPENSSL_malloc(len + 1)) == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- memcpy(s->session->tlsext_hostname, sdata, len);
- s->session->tlsext_hostname[len] = '\0';
- if (strlen(s->session->tlsext_hostname) != len) {
- OPENSSL_free(s->session->tlsext_hostname);
- s->session->tlsext_hostname = NULL;
- *al = TLS1_AD_UNRECOGNIZED_NAME;
- return 0;
- }
- s->servername_done = 1;
-
- } else
- s->servername_done = s->session->tlsext_hostname
- && strlen(s->session->tlsext_hostname) == len
- && strncmp(s->session->tlsext_hostname,
- (char *)sdata, len) == 0;
-
- break;
-
- default:
- break;
- }
-
- dsize -= len;
- }
- if (dsize != 0)
- goto err;
-
- }
-# ifndef OPENSSL_NO_SRP
- else if (type == TLSEXT_TYPE_srp) {
- if (size == 0 || ((len = data[0])) != (size - 1))
- goto err;
- if (s->srp_ctx.login != NULL)
- goto err;
- if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL)
- return -1;
- memcpy(s->srp_ctx.login, &data[1], len);
- s->srp_ctx.login[len] = '\0';
-
- if (strlen(s->srp_ctx.login) != len)
- goto err;
- }
-# endif
-
-# ifndef OPENSSL_NO_EC
- else if (type == TLSEXT_TYPE_ec_point_formats) {
- unsigned char *sdata = data;
- int ecpointformatlist_length = *(sdata++);
-
- if (ecpointformatlist_length != size - 1)
- goto err;
- if (!s->hit) {
- if (s->session->tlsext_ecpointformatlist) {
- OPENSSL_free(s->session->tlsext_ecpointformatlist);
- s->session->tlsext_ecpointformatlist = NULL;
- }
- s->session->tlsext_ecpointformatlist_length = 0;
- if ((s->session->tlsext_ecpointformatlist =
- OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- s->session->tlsext_ecpointformatlist_length =
- ecpointformatlist_length;
- memcpy(s->session->tlsext_ecpointformatlist, sdata,
- ecpointformatlist_length);
- }
-# if 0
- fprintf(stderr,
- "ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ",
- s->session->tlsext_ecpointformatlist_length);
- sdata = s->session->tlsext_ecpointformatlist;
- for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
- fprintf(stderr, "%i ", *(sdata++));
- fprintf(stderr, "\n");
-# endif
- } else if (type == TLSEXT_TYPE_elliptic_curves) {
- unsigned char *sdata = data;
- int ellipticcurvelist_length = (*(sdata++) << 8);
- ellipticcurvelist_length += (*(sdata++));
-
- if (ellipticcurvelist_length != size - 2 ||
- ellipticcurvelist_length < 1 ||
- /* Each NamedCurve is 2 bytes. */
- ellipticcurvelist_length & 1)
- goto err;
-
- if (!s->hit) {
- if (s->session->tlsext_ellipticcurvelist)
- goto err;
-
- s->session->tlsext_ellipticcurvelist_length = 0;
- if ((s->session->tlsext_ellipticcurvelist =
- OPENSSL_malloc(ellipticcurvelist_length)) == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- s->session->tlsext_ellipticcurvelist_length =
- ellipticcurvelist_length;
- memcpy(s->session->tlsext_ellipticcurvelist, sdata,
- ellipticcurvelist_length);
- }
-# if 0
- fprintf(stderr,
- "ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ",
- s->session->tlsext_ellipticcurvelist_length);
- sdata = s->session->tlsext_ellipticcurvelist;
- for (i = 0; i < s->session->tlsext_ellipticcurvelist_length; i++)
- fprintf(stderr, "%i ", *(sdata++));
- fprintf(stderr, "\n");
-# endif
- }
-# endif /* OPENSSL_NO_EC */
-# ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION) {
- unsigned char *sdata = data;
-
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- n2s(sdata, s->s3->client_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input_len != size - 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- if (s->s3->client_opaque_prf_input != NULL) {
- /* shouldn't really happen */
- OPENSSL_free(s->s3->client_opaque_prf_input);
- }
-
- /* dummy byte just to get non-NULL */
- if (s->s3->client_opaque_prf_input_len == 0)
- s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
- else
- s->s3->client_opaque_prf_input =
- BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- }
-# endif
- else if (type == TLSEXT_TYPE_session_ticket) {
- if (s->tls_session_ticket_ext_cb &&
- !s->tls_session_ticket_ext_cb(s, data, size,
- s->tls_session_ticket_ext_cb_arg))
- {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- } else if (type == TLSEXT_TYPE_renegotiate) {
- if (!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
- return 0;
- renegotiate_seen = 1;
- } else if (type == TLSEXT_TYPE_signature_algorithms) {
- int dsize;
- if (sigalg_seen || size < 2)
- goto err;
- sigalg_seen = 1;
- n2s(data, dsize);
- size -= 2;
- if (dsize != size || dsize & 1)
- goto err;
- if (!tls1_process_sigalgs(s, data, dsize))
- goto err;
- } else if (type == TLSEXT_TYPE_status_request &&
- s->version != DTLS1_VERSION) {
-
- if (size < 5)
- goto err;
-
- s->tlsext_status_type = *data++;
- size--;
- if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
- const unsigned char *sdata;
- int dsize;
- /* Read in responder_id_list */
- n2s(data, dsize);
- size -= 2;
- if (dsize > size)
- goto err;
- while (dsize > 0) {
- OCSP_RESPID *id;
- int idsize;
- if (dsize < 4)
- goto err;
- n2s(data, idsize);
- dsize -= 2 + idsize;
- size -= 2 + idsize;
- if (dsize < 0)
- goto err;
- sdata = data;
- data += idsize;
- id = d2i_OCSP_RESPID(NULL, &sdata, idsize);
- if (!id)
- goto err;
- if (data != sdata) {
- OCSP_RESPID_free(id);
- goto err;
- }
- if (!s->tlsext_ocsp_ids
- && !(s->tlsext_ocsp_ids =
- sk_OCSP_RESPID_new_null())) {
- OCSP_RESPID_free(id);
- *al = SSL_AD_INTERNAL_ERROR;
- return 0;
- }
- if (!sk_OCSP_RESPID_push(s->tlsext_ocsp_ids, id)) {
- OCSP_RESPID_free(id);
- *al = SSL_AD_INTERNAL_ERROR;
- return 0;
- }
- }
-
- /* Read in request_extensions */
- if (size < 2)
- goto err;
- n2s(data, dsize);
- size -= 2;
- if (dsize != size)
- goto err;
- sdata = data;
- if (dsize > 0) {
- if (s->tlsext_ocsp_exts) {
- sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
- X509_EXTENSION_free);
- }
-
- s->tlsext_ocsp_exts =
- d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
- if (!s->tlsext_ocsp_exts || (data + dsize != sdata))
- goto err;
- }
- }
- /*
- * We don't know what to do with any other type * so ignore it.
- */
- else
- s->tlsext_status_type = -1;
- }
-# ifndef OPENSSL_NO_HEARTBEATS
- else if (type == TLSEXT_TYPE_heartbeat) {
- switch (data[0]) {
- case 0x01: /* Client allows us to send HB requests */
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
- break;
- case 0x02: /* Client doesn't accept HB requests */
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
- break;
- default:
- *al = SSL_AD_ILLEGAL_PARAMETER;
- return 0;
- }
- }
-# endif
-# ifndef OPENSSL_NO_NEXTPROTONEG
- else if (type == TLSEXT_TYPE_next_proto_neg &&
- s->s3->tmp.finish_md_len == 0) {
- /*-
- * We shouldn't accept this extension on a
- * renegotiation.
- *
- * s->new_session will be set on renegotiation, but we
- * probably shouldn't rely that it couldn't be set on
- * the initial renegotation too in certain cases (when
- * there's some other reason to disallow resuming an
- * earlier session -- the current code won't be doing
- * anything like that, but this might change).
- *
- * A valid sign that there's been a previous handshake
- * in this connection is if s->s3->tmp.finish_md_len >
- * 0. (We are talking about a check that will happen
- * in the Hello protocol round, well before a new
- * Finished message could have been computed.)
- */
- s->s3->next_proto_neg_seen = 1;
- }
-# endif
-
- /* session ticket processed earlier */
-# ifndef OPENSSL_NO_SRTP
- else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)
- && type == TLSEXT_TYPE_use_srtp) {
- if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
- return 0;
- }
-# endif
-
- data += size;
- }
-
- /* Spurious data on the end */
- if (data != limit)
- goto err;
-
- *p = data;
-
- ri_check:
-
- /* Need RI if renegotiating */
-
- if (!renegotiate_seen && s->renegotiate &&
- !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
- *al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
- SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
- return 0;
- }
-
- return 1;
-err:
- *al = SSL_AD_DECODE_ERROR;
- return 0;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
- * elements of zero length are allowed and the set of elements must exactly
- * fill the length of the block.
- */
-static char ssl_next_proto_validate(unsigned char *d, unsigned len)
-{
- unsigned int off = 0;
-
- while (off < len) {
- if (d[off] == 0)
- return 0;
- off += d[off];
- off++;
- }
-
- return off == len;
-}
-# endif
-
-int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
- int n, int *al)
-{
- unsigned short length;
- unsigned short type;
- unsigned short size;
- unsigned char *data = *p;
- int tlsext_servername = 0;
- int renegotiate_seen = 0;
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
- s->s3->next_proto_neg_seen = 0;
-# endif
- s->tlsext_ticket_expected = 0;
-
-# ifndef OPENSSL_NO_HEARTBEATS
- s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
- SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
-# endif
-
- if (data >= (d + n - 2))
- goto ri_check;
-
- n2s(data, length);
- if (data + length != d + n) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- while (data <= (d + n - 4)) {
- n2s(data, type);
- n2s(data, size);
-
- if (data + size > (d + n))
- goto ri_check;
-
- if (s->tlsext_debug_cb)
- s->tlsext_debug_cb(s, 1, type, data, size, s->tlsext_debug_arg);
-
- if (type == TLSEXT_TYPE_server_name) {
- if (s->tlsext_hostname == NULL || size > 0) {
- *al = TLS1_AD_UNRECOGNIZED_NAME;
- return 0;
- }
- tlsext_servername = 1;
- }
-# ifndef OPENSSL_NO_EC
- else if (type == TLSEXT_TYPE_ec_point_formats) {
- unsigned char *sdata = data;
- int ecpointformatlist_length = *(sdata++);
-
- if (ecpointformatlist_length != size - 1 ||
- ecpointformatlist_length < 1) {
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
- }
- if (!s->hit) {
- s->session->tlsext_ecpointformatlist_length = 0;
- if (s->session->tlsext_ecpointformatlist != NULL)
- OPENSSL_free(s->session->tlsext_ecpointformatlist);
- if ((s->session->tlsext_ecpointformatlist =
- OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- s->session->tlsext_ecpointformatlist_length =
- ecpointformatlist_length;
- memcpy(s->session->tlsext_ecpointformatlist, sdata,
- ecpointformatlist_length);
- }
-# if 0
- fprintf(stderr,
- "ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
- sdata = s->session->tlsext_ecpointformatlist;
- for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
- fprintf(stderr, "%i ", *(sdata++));
- fprintf(stderr, "\n");
-# endif
- }
-# endif /* OPENSSL_NO_EC */
-
- else if (type == TLSEXT_TYPE_session_ticket) {
- if (s->tls_session_ticket_ext_cb &&
- !s->tls_session_ticket_ext_cb(s, data, size,
- s->tls_session_ticket_ext_cb_arg))
- {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- if ((SSL_get_options(s) & SSL_OP_NO_TICKET)
- || (size > 0)) {
- *al = TLS1_AD_UNSUPPORTED_EXTENSION;
- return 0;
- }
- s->tlsext_ticket_expected = 1;
- }
-# ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION) {
- unsigned char *sdata = data;
-
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- n2s(sdata, s->s3->server_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input_len != size - 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- if (s->s3->server_opaque_prf_input != NULL) {
- /* shouldn't really happen */
- OPENSSL_free(s->s3->server_opaque_prf_input);
- }
- if (s->s3->server_opaque_prf_input_len == 0) {
- /* dummy byte just to get non-NULL */
- s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
- } else {
- s->s3->server_opaque_prf_input =
- BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
- }
-
- if (s->s3->server_opaque_prf_input == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- }
-# endif
- else if (type == TLSEXT_TYPE_status_request &&
- s->version != DTLS1_VERSION) {
- /*
- * MUST be empty and only sent if we've requested a status
- * request message.
- */
- if ((s->tlsext_status_type == -1) || (size > 0)) {
- *al = TLS1_AD_UNSUPPORTED_EXTENSION;
- return 0;
- }
- /* Set flag to expect CertificateStatus message */
- s->tlsext_status_expected = 1;
- }
-# ifndef OPENSSL_NO_NEXTPROTONEG
- else if (type == TLSEXT_TYPE_next_proto_neg &&
- s->s3->tmp.finish_md_len == 0) {
- unsigned char *selected;
- unsigned char selected_len;
-
- /* We must have requested it. */
- if (s->ctx->next_proto_select_cb == NULL) {
- *al = TLS1_AD_UNSUPPORTED_EXTENSION;
- return 0;
- }
- /* The data must be valid */
- if (!ssl_next_proto_validate(data, size)) {
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
- }
- if (s->
- ctx->next_proto_select_cb(s, &selected, &selected_len, data,
- size,
- s->ctx->next_proto_select_cb_arg) !=
- SSL_TLSEXT_ERR_OK) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- s->next_proto_negotiated = OPENSSL_malloc(selected_len);
- if (!s->next_proto_negotiated) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- memcpy(s->next_proto_negotiated, selected, selected_len);
- s->next_proto_negotiated_len = selected_len;
- s->s3->next_proto_neg_seen = 1;
- }
-# endif
- else if (type == TLSEXT_TYPE_renegotiate) {
- if (!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
- return 0;
- renegotiate_seen = 1;
- }
-# ifndef OPENSSL_NO_HEARTBEATS
- else if (type == TLSEXT_TYPE_heartbeat) {
- switch (data[0]) {
- case 0x01: /* Server allows us to send HB requests */
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
- break;
- case 0x02: /* Server doesn't accept HB requests */
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
- s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
- break;
- default:
- *al = SSL_AD_ILLEGAL_PARAMETER;
- return 0;
- }
- }
-# endif
-# ifndef OPENSSL_NO_SRTP
- else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
- if (ssl_parse_serverhello_use_srtp_ext(s, data, size, al))
- return 0;
- }
-# endif
-
- data += size;
- }
-
- if (data != d + n) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- if (!s->hit && tlsext_servername == 1) {
- if (s->tlsext_hostname) {
- if (s->session->tlsext_hostname == NULL) {
- s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
- if (!s->session->tlsext_hostname) {
- *al = SSL_AD_UNRECOGNIZED_NAME;
- return 0;
- }
- } else {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- }
- }
-
- *p = data;
-
- ri_check:
-
- /*
- * Determine if we need to see RI. Strictly speaking if we want to avoid
- * an attack we should *always* see RI even on initial server hello
- * because the client doesn't see any renegotiation during an attack.
- * However this would mean we could not connect to any server which
- * doesn't support RI so for the immediate future tolerate RI absence on
- * initial connect only.
- */
- if (!renegotiate_seen && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)
- && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
- *al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT,
- SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
- return 0;
- }
-
- return 1;
-}
-
-int ssl_prepare_clienthello_tlsext(SSL *s)
-{
-# ifndef OPENSSL_NO_EC
- /*
- * If we are client and using an elliptic curve cryptography cipher
- * suite, send the point formats and elliptic curves we support.
- */
- int using_ecc = 0;
- int i;
- unsigned char *j;
- unsigned long alg_k, alg_a;
- STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
-
- for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
- SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
-
- alg_k = c->algorithm_mkey;
- alg_a = c->algorithm_auth;
- if ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)
- || (alg_a & SSL_aECDSA))) {
- using_ecc = 1;
- break;
- }
- }
- using_ecc = using_ecc && (s->version >= TLS1_VERSION);
- if (using_ecc) {
- if (s->tlsext_ecpointformatlist != NULL)
- OPENSSL_free(s->tlsext_ecpointformatlist);
- if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) {
- SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- s->tlsext_ecpointformatlist_length = 3;
- s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
- s->tlsext_ecpointformatlist[1] =
- TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
- s->tlsext_ecpointformatlist[2] =
- TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
-
- /* we support all named elliptic curves in RFC 4492 */
- if (s->tlsext_ellipticcurvelist != NULL)
- OPENSSL_free(s->tlsext_ellipticcurvelist);
- s->tlsext_ellipticcurvelist_length =
- sizeof(pref_list) / sizeof(pref_list[0]) * 2;
- if ((s->tlsext_ellipticcurvelist =
- OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) {
- s->tlsext_ellipticcurvelist_length = 0;
- SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
- sizeof(pref_list) / sizeof(pref_list[0]); i++) {
- int id = tls1_ec_nid2curve_id(pref_list[i]);
- s2n(id, j);
- }
- }
-# endif /* OPENSSL_NO_EC */
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
- {
- int r = 1;
-
- if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
- r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
- s->
- ctx->tlsext_opaque_prf_input_callback_arg);
- if (!r)
- return -1;
- }
-
- if (s->tlsext_opaque_prf_input != NULL) {
- if (s->s3->client_opaque_prf_input != NULL) {
- /* shouldn't really happen */
- OPENSSL_free(s->s3->client_opaque_prf_input);
- }
-
- if (s->tlsext_opaque_prf_input_len == 0) {
- /* dummy byte just to get non-NULL */
- s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
- } else {
- s->s3->client_opaque_prf_input =
- BUF_memdup(s->tlsext_opaque_prf_input,
- s->tlsext_opaque_prf_input_len);
- }
- if (s->s3->client_opaque_prf_input == NULL) {
- SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- s->s3->client_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
-
- if (r == 2)
- /*
- * at callback's request, insist on receiving an appropriate
- * server opaque PRF input
- */
- s->s3->server_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
-# endif
-
- return 1;
-}
-
-int ssl_prepare_serverhello_tlsext(SSL *s)
-{
-# ifndef OPENSSL_NO_EC
- /*
- * If we are server and using an ECC cipher suite, send the point formats
- * we support if the client sent us an ECPointsFormat extension. Note
- * that the server is not supposed to send an EllipticCurves extension.
- */
-
- unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
- unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
- int using_ecc = (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
- || (alg_a & SSL_aECDSA);
- using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
-
- if (using_ecc) {
- if (s->tlsext_ecpointformatlist != NULL)
- OPENSSL_free(s->tlsext_ecpointformatlist);
- if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) {
- SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- s->tlsext_ecpointformatlist_length = 3;
- s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
- s->tlsext_ecpointformatlist[1] =
- TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
- s->tlsext_ecpointformatlist[2] =
- TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
- }
-# endif /* OPENSSL_NO_EC */
-
- return 1;
-}
-
-int ssl_check_clienthello_tlsext_early(SSL *s)
-{
- int ret = SSL_TLSEXT_ERR_NOACK;
- int al = SSL_AD_UNRECOGNIZED_NAME;
-
-# ifndef OPENSSL_NO_EC
- /*
- * The handling of the ECPointFormats extension is done elsewhere, namely
- * in ssl3_choose_cipher in s3_lib.c.
- */
- /*
- * The handling of the EllipticCurves extension is done elsewhere, namely
- * in ssl3_choose_cipher in s3_lib.c.
- */
-# endif
-
- if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
- ret =
- s->ctx->tlsext_servername_callback(s, &al,
- s->ctx->tlsext_servername_arg);
- else if (s->initial_ctx != NULL
- && s->initial_ctx->tlsext_servername_callback != 0)
- ret =
- s->initial_ctx->tlsext_servername_callback(s, &al,
- s->
- initial_ctx->tlsext_servername_arg);
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
- {
- /*
- * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we
- * might be sending an alert in response to the client hello, so this
- * has to happen here in ssl_check_clienthello_tlsext_early().
- */
-
- int r = 1;
-
- if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
- r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
- s->
- ctx->tlsext_opaque_prf_input_callback_arg);
- if (!r) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- }
-
- if (s->s3->server_opaque_prf_input != NULL) {
- /* shouldn't really happen */
- OPENSSL_free(s->s3->server_opaque_prf_input);
- }
- s->s3->server_opaque_prf_input = NULL;
-
- if (s->tlsext_opaque_prf_input != NULL) {
- if (s->s3->client_opaque_prf_input != NULL &&
- s->s3->client_opaque_prf_input_len ==
- s->tlsext_opaque_prf_input_len) {
- /*
- * can only use this extension if we have a server opaque PRF
- * input of the same length as the client opaque PRF input!
- */
-
- if (s->tlsext_opaque_prf_input_len == 0) {
- /* dummy byte just to get non-NULL */
- s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
- } else {
- s->s3->server_opaque_prf_input =
- BUF_memdup(s->tlsext_opaque_prf_input,
- s->tlsext_opaque_prf_input_len);
- }
- if (s->s3->server_opaque_prf_input == NULL) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- s->s3->server_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
- }
-
- if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
- /*
- * The callback wants to enforce use of the extension, but we
- * can't do that with the client opaque PRF input; abort the
- * handshake.
- */
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_HANDSHAKE_FAILURE;
- }
- }
-
- err:
-# endif
- switch (ret) {
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- return -1;
-
- case SSL_TLSEXT_ERR_ALERT_WARNING:
- ssl3_send_alert(s, SSL3_AL_WARNING, al);
- return 1;
-
- case SSL_TLSEXT_ERR_NOACK:
- s->servername_done = 0;
- default:
- return 1;
- }
-}
-
-int ssl_check_clienthello_tlsext_late(SSL *s)
-{
- int ret = SSL_TLSEXT_ERR_OK;
- int al;
-
- /*
- * If status request then ask callback what to do. Note: this must be
- * called after servername callbacks in case the certificate has
- * changed, and must be called after the cipher has been chosen because
- * this may influence which certificate is sent
- */
- if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb) {
- int r;
- CERT_PKEY *certpkey;
- certpkey = ssl_get_server_send_pkey(s);
- /* If no certificate can't return certificate status */
- if (certpkey == NULL) {
- s->tlsext_status_expected = 0;
- return 1;
- }
- /*
- * Set current certificate to one we will use so SSL_get_certificate
- * et al can pick it up.
- */
- s->cert->key = certpkey;
- r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
- switch (r) {
- /* We don't want to send a status request response */
- case SSL_TLSEXT_ERR_NOACK:
- s->tlsext_status_expected = 0;
- break;
- /* status request response should be sent */
- case SSL_TLSEXT_ERR_OK:
- if (s->tlsext_ocsp_resp)
- s->tlsext_status_expected = 1;
- else
- s->tlsext_status_expected = 0;
- break;
- /* something bad happened */
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- } else
- s->tlsext_status_expected = 0;
-
- err:
- switch (ret) {
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- return -1;
-
- case SSL_TLSEXT_ERR_ALERT_WARNING:
- ssl3_send_alert(s, SSL3_AL_WARNING, al);
- return 1;
-
- default:
- return 1;
- }
-}
-
-int ssl_check_serverhello_tlsext(SSL *s)
-{
- int ret = SSL_TLSEXT_ERR_NOACK;
- int al = SSL_AD_UNRECOGNIZED_NAME;
-
-# ifndef OPENSSL_NO_EC
- /*
- * If we are client and using an elliptic curve cryptography cipher
- * suite, then if server returns an EC point formats lists extension it
- * must contain uncompressed.
- */
- unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
- unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
- if ((s->tlsext_ecpointformatlist != NULL)
- && (s->tlsext_ecpointformatlist_length > 0)
- && (s->session->tlsext_ecpointformatlist != NULL)
- && (s->session->tlsext_ecpointformatlist_length > 0)
- && ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
- || (alg_a & SSL_aECDSA))) {
- /* we are using an ECC cipher */
- size_t i;
- unsigned char *list;
- int found_uncompressed = 0;
- list = s->session->tlsext_ecpointformatlist;
- for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
- if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed) {
- found_uncompressed = 1;
- break;
- }
- }
- if (!found_uncompressed) {
- SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,
- SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
- return -1;
- }
- }
- ret = SSL_TLSEXT_ERR_OK;
-# endif /* OPENSSL_NO_EC */
-
- if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
- ret =
- s->ctx->tlsext_servername_callback(s, &al,
- s->ctx->tlsext_servername_arg);
- else if (s->initial_ctx != NULL
- && s->initial_ctx->tlsext_servername_callback != 0)
- ret =
- s->initial_ctx->tlsext_servername_callback(s, &al,
- s->
- initial_ctx->tlsext_servername_arg);
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input_len > 0) {
- /*
- * This case may indicate that we, as a client, want to insist on
- * using opaque PRF inputs. So first verify that we really have a
- * value from the server too.
- */
-
- if (s->s3->server_opaque_prf_input == NULL) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_HANDSHAKE_FAILURE;
- }
-
- /*
- * Anytime the server *has* sent an opaque PRF input, we need to
- * check that we have a client opaque PRF input of the same size.
- */
- if (s->s3->client_opaque_prf_input == NULL ||
- s->s3->client_opaque_prf_input_len !=
- s->s3->server_opaque_prf_input_len) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_ILLEGAL_PARAMETER;
- }
- }
-# endif
-
- /*
- * If we've requested certificate status and we wont get one tell the
- * callback
- */
- if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
- && s->ctx && s->ctx->tlsext_status_cb) {
- int r;
- /*
- * Set resp to NULL, resplen to -1 so callback knows there is no
- * response.
- */
- if (s->tlsext_ocsp_resp) {
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = NULL;
- }
- s->tlsext_ocsp_resplen = -1;
- r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
- if (r == 0) {
- al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- }
- if (r < 0) {
- al = SSL_AD_INTERNAL_ERROR;
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- }
- }
-
- switch (ret) {
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- return -1;
-
- case SSL_TLSEXT_ERR_ALERT_WARNING:
- ssl3_send_alert(s, SSL3_AL_WARNING, al);
- return 1;
-
- case SSL_TLSEXT_ERR_NOACK:
- s->servername_done = 0;
- default:
- return 1;
- }
-}
-
-/*-
- * Since the server cache lookup is done early on in the processing of the
- * ClientHello, and other operations depend on the result, we need to handle
- * any TLS session ticket extension at the same time.
- *
- * session_id: points at the session ID in the ClientHello. This code will
- * read past the end of this in order to parse out the session ticket
- * extension, if any.
- * len: the length of the session ID.
- * limit: a pointer to the first byte after the ClientHello.
- * ret: (output) on return, if a ticket was decrypted, then this is set to
- * point to the resulting session.
- *
- * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
- * ciphersuite, in which case we have no use for session tickets and one will
- * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
- *
- * Returns:
- * -1: fatal error, either from parsing or decrypting the ticket.
- * 0: no ticket was found (or was ignored, based on settings).
- * 1: a zero length extension was found, indicating that the client supports
- * session tickets but doesn't currently have one to offer.
- * 2: either s->tls_session_secret_cb was set, or a ticket was offered but
- * couldn't be decrypted because of a non-fatal error.
- * 3: a ticket was successfully decrypted and *ret was set.
- *
- * Side effects:
- * Sets s->tlsext_ticket_expected to 1 if the server will have to issue
- * a new session ticket to the client because the client indicated support
- * (and s->tls_session_secret_cb is NULL) but the client either doesn't have
- * a session ticket or we couldn't use the one it gave us, or if
- * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
- * Otherwise, s->tlsext_ticket_expected is set to 0.
- */
-int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
- const unsigned char *limit, SSL_SESSION **ret)
-{
- /* Point after session ID in client hello */
- const unsigned char *p = session_id + len;
- unsigned short i;
-
- *ret = NULL;
- s->tlsext_ticket_expected = 0;
-
- /*
- * If tickets disabled behave as if no ticket present to permit stateful
- * resumption.
- */
- if (SSL_get_options(s) & SSL_OP_NO_TICKET)
- return 0;
- if ((s->version <= SSL3_VERSION) || !limit)
- return 0;
- if (p >= limit)
- return -1;
- /* Skip past DTLS cookie */
- if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
- i = *(p++);
- p += i;
- if (p >= limit)
- return -1;
- }
- /* Skip past cipher list */
- n2s(p, i);
- p += i;
- if (p >= limit)
- return -1;
- /* Skip past compression algorithm list */
- i = *(p++);
- p += i;
- if (p > limit)
- return -1;
- /* Now at start of extensions */
- if ((p + 2) >= limit)
- return 0;
- n2s(p, i);
- while ((p + 4) <= limit) {
- unsigned short type, size;
- n2s(p, type);
- n2s(p, size);
- if (p + size > limit)
- return 0;
- if (type == TLSEXT_TYPE_session_ticket) {
- int r;
- if (size == 0) {
- /*
- * The client will accept a ticket but doesn't currently have
- * one.
- */
- s->tlsext_ticket_expected = 1;
- return 1;
- }
- if (s->tls_session_secret_cb) {
- /*
- * Indicate that the ticket couldn't be decrypted rather than
- * generating the session from ticket now, trigger
- * abbreviated handshake based on external mechanism to
- * calculate the master secret later.
- */
- return 2;
- }
- r = tls_decrypt_ticket(s, p, size, session_id, len, ret);
- switch (r) {
- case 2: /* ticket couldn't be decrypted */
- s->tlsext_ticket_expected = 1;
- return 2;
- case 3: /* ticket was decrypted */
- return r;
- case 4: /* ticket decrypted but need to renew */
- s->tlsext_ticket_expected = 1;
- return 3;
- default: /* fatal error */
- return -1;
- }
- }
- p += size;
- }
- return 0;
-}
-
-/*-
- * tls_decrypt_ticket attempts to decrypt a session ticket.
- *
- * etick: points to the body of the session ticket extension.
- * eticklen: the length of the session tickets extenion.
- * sess_id: points at the session ID.
- * sesslen: the length of the session ID.
- * psess: (output) on return, if a ticket was decrypted, then this is set to
- * point to the resulting session.
- *
- * Returns:
- * -1: fatal error, either from parsing or decrypting the ticket.
- * 2: the ticket couldn't be decrypted.
- * 3: a ticket was successfully decrypted and *psess was set.
- * 4: same as 3, but the ticket needs to be renewed.
- */
-static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
- int eticklen, const unsigned char *sess_id,
- int sesslen, SSL_SESSION **psess)
-{
- SSL_SESSION *sess;
- unsigned char *sdec;
- const unsigned char *p;
- int slen, mlen, renew_ticket = 0;
- unsigned char tick_hmac[EVP_MAX_MD_SIZE];
- HMAC_CTX hctx;
- EVP_CIPHER_CTX ctx;
- SSL_CTX *tctx = s->initial_ctx;
- /* Need at least keyname + iv + some encrypted data */
- if (eticklen < 48)
- return 2;
- /* Initialize session ticket encryption and HMAC contexts */
- HMAC_CTX_init(&hctx);
- EVP_CIPHER_CTX_init(&ctx);
- if (tctx->tlsext_ticket_key_cb) {
- unsigned char *nctick = (unsigned char *)etick;
- int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
- &ctx, &hctx, 0);
- if (rv < 0)
- return -1;
- if (rv == 0)
- return 2;
- if (rv == 2)
- renew_ticket = 1;
- } else {
- /* Check key name matches */
- if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
- return 2;
- if (HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
- tlsext_tick_md(), NULL) <= 0
- || EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
- tctx->tlsext_tick_aes_key,
- etick + 16) <= 0) {
- goto err;
- }
- }
- /*
- * Attempt to process session ticket, first conduct sanity and integrity
- * checks on ticket.
- */
- mlen = HMAC_size(&hctx);
- if (mlen < 0) {
- goto err;
- }
- eticklen -= mlen;
- /* Check HMAC of encrypted ticket */
- if (HMAC_Update(&hctx, etick, eticklen) <= 0
- || HMAC_Final(&hctx, tick_hmac, NULL) <= 0) {
- goto err;
- }
- HMAC_CTX_cleanup(&hctx);
- if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) {
- EVP_CIPHER_CTX_cleanup(&ctx);
- return 2;
- }
- /* Attempt to decrypt session data */
- /* Move p after IV to start of encrypted ticket, update length */
- p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
- eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
- sdec = OPENSSL_malloc(eticklen);
- if (!sdec || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
- EVP_CIPHER_CTX_cleanup(&ctx);
- return -1;
- }
- if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
- EVP_CIPHER_CTX_cleanup(&ctx);
- OPENSSL_free(sdec);
- return 2;
- }
- slen += mlen;
- EVP_CIPHER_CTX_cleanup(&ctx);
- p = sdec;
-
- sess = d2i_SSL_SESSION(NULL, &p, slen);
- OPENSSL_free(sdec);
- if (sess) {
- /*
- * The session ID, if non-empty, is used by some clients to detect
- * that the ticket has been accepted. So we copy it to the session
- * structure. If it is empty set length to zero as required by
- * standard.
- */
- if (sesslen)
- memcpy(sess->session_id, sess_id, sesslen);
- sess->session_id_length = sesslen;
- *psess = sess;
- if (renew_ticket)
- return 4;
- else
- return 3;
- }
- ERR_clear_error();
- /*
- * For session parse failure, indicate that we need to send a new ticket.
- */
- return 2;
-err:
- EVP_CIPHER_CTX_cleanup(&ctx);
- HMAC_CTX_cleanup(&hctx);
- return -1;
-}
-
-/* Tables to translate from NIDs to TLS v1.2 ids */
-
-typedef struct {
- int nid;
- int id;
-} tls12_lookup;
-
-static tls12_lookup tls12_md[] = {
-# ifndef OPENSSL_NO_MD5
- {NID_md5, TLSEXT_hash_md5},
-# endif
-# ifndef OPENSSL_NO_SHA
- {NID_sha1, TLSEXT_hash_sha1},
-# endif
-# ifndef OPENSSL_NO_SHA256
- {NID_sha224, TLSEXT_hash_sha224},
- {NID_sha256, TLSEXT_hash_sha256},
-# endif
-# ifndef OPENSSL_NO_SHA512
- {NID_sha384, TLSEXT_hash_sha384},
- {NID_sha512, TLSEXT_hash_sha512}
-# endif
-};
-
-static tls12_lookup tls12_sig[] = {
-# ifndef OPENSSL_NO_RSA
- {EVP_PKEY_RSA, TLSEXT_signature_rsa},
-# endif
-# ifndef OPENSSL_NO_DSA
- {EVP_PKEY_DSA, TLSEXT_signature_dsa},
-# endif
-# ifndef OPENSSL_NO_ECDSA
- {EVP_PKEY_EC, TLSEXT_signature_ecdsa}
-# endif
-};
-
-static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
-{
- size_t i;
- for (i = 0; i < tlen; i++) {
- if (table[i].nid == nid)
- return table[i].id;
- }
- return -1;
-}
-
-# if 0
-static int tls12_find_nid(int id, tls12_lookup *table, size_t tlen)
-{
- size_t i;
- for (i = 0; i < tlen; i++) {
- if (table[i].id == id)
- return table[i].nid;
- }
- return -1;
-}
-# endif
-
-int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
- const EVP_MD *md)
-{
- int sig_id, md_id;
- if (!md)
- return 0;
- md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
- sizeof(tls12_md) / sizeof(tls12_lookup));
- if (md_id == -1)
- return 0;
- sig_id = tls12_get_sigid(pk);
- if (sig_id == -1)
- return 0;
- p[0] = (unsigned char)md_id;
- p[1] = (unsigned char)sig_id;
- return 1;
-}
-
-int tls12_get_sigid(const EVP_PKEY *pk)
-{
- return tls12_find_id(pk->type, tls12_sig,
- sizeof(tls12_sig) / sizeof(tls12_lookup));
-}
-
-const EVP_MD *tls12_get_hash(unsigned char hash_alg)
-{
- switch (hash_alg) {
-# ifndef OPENSSL_NO_SHA
- case TLSEXT_hash_sha1:
- return EVP_sha1();
-# endif
-# ifndef OPENSSL_NO_SHA256
- case TLSEXT_hash_sha224:
- return EVP_sha224();
-
- case TLSEXT_hash_sha256:
- return EVP_sha256();
-# endif
-# ifndef OPENSSL_NO_SHA512
- case TLSEXT_hash_sha384:
- return EVP_sha384();
-
- case TLSEXT_hash_sha512:
- return EVP_sha512();
-# endif
- default:
- return NULL;
-
- }
-}
-
-/* Set preferred digest for each key type */
-
-int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
-{
- int i, idx;
- const EVP_MD *md;
- CERT *c = s->cert;
- /* Extension ignored for TLS versions below 1.2 */
- if (TLS1_get_version(s) < TLS1_2_VERSION)
- return 1;
- /* Should never happen */
- if (!c)
- return 0;
-
- c->pkeys[SSL_PKEY_DSA_SIGN].digest = NULL;
- c->pkeys[SSL_PKEY_RSA_SIGN].digest = NULL;
- c->pkeys[SSL_PKEY_RSA_ENC].digest = NULL;
- c->pkeys[SSL_PKEY_ECC].digest = NULL;
-
- for (i = 0; i < dsize; i += 2) {
- unsigned char hash_alg = data[i], sig_alg = data[i + 1];
-
- switch (sig_alg) {
-# ifndef OPENSSL_NO_RSA
- case TLSEXT_signature_rsa:
- idx = SSL_PKEY_RSA_SIGN;
- break;
-# endif
-# ifndef OPENSSL_NO_DSA
- case TLSEXT_signature_dsa:
- idx = SSL_PKEY_DSA_SIGN;
- break;
-# endif
-# ifndef OPENSSL_NO_ECDSA
- case TLSEXT_signature_ecdsa:
- idx = SSL_PKEY_ECC;
- break;
-# endif
- default:
- continue;
- }
-
- if (c->pkeys[idx].digest == NULL) {
- md = tls12_get_hash(hash_alg);
- if (md) {
- c->pkeys[idx].digest = md;
- if (idx == SSL_PKEY_RSA_SIGN)
- c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
- }
- }
-
- }
-
- /*
- * Set any remaining keys to default values. NOTE: if alg is not
- * supported it stays as NULL.
- */
-# ifndef OPENSSL_NO_DSA
- if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
- c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
-# endif
-# ifndef OPENSSL_NO_RSA
- if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {
- c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
- c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
- }
-# endif
-# ifndef OPENSSL_NO_ECDSA
- if (!c->pkeys[SSL_PKEY_ECC].digest)
- c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
-# endif
- return 1;
-}
-
-#endif
-
-#ifndef OPENSSL_NO_HEARTBEATS
-int tls1_process_heartbeat(SSL *s)
-{
- unsigned char *p = &s->s3->rrec.data[0], *pl;
- unsigned short hbtype;
- unsigned int payload;
- unsigned int padding = 16; /* Use minimum padding */
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
- &s->s3->rrec.data[0], s->s3->rrec.length,
- s, s->msg_callback_arg);
-
- /* Read type and payload length first */
- if (1 + 2 + 16 > s->s3->rrec.length)
- return 0; /* silently discard */
- hbtype = *p++;
- n2s(p, payload);
- if (1 + 2 + payload + 16 > s->s3->rrec.length)
- return 0; /* silently discard per RFC 6520 sec. 4 */
- pl = p;
-
- if (hbtype == TLS1_HB_REQUEST) {
- unsigned char *buffer, *bp;
- int r;
-
- /*
- * Allocate memory for the response, size is 1 bytes message type,
- * plus 2 bytes payload length, plus payload, plus padding
- */
- buffer = OPENSSL_malloc(1 + 2 + payload + padding);
- bp = buffer;
-
- /* Enter response type, length and copy payload */
- *bp++ = TLS1_HB_RESPONSE;
- s2n(payload, bp);
- memcpy(bp, pl, payload);
- bp += payload;
- /* Random padding */
- if (RAND_pseudo_bytes(bp, padding) < 0) {
- OPENSSL_free(buffer);
- return -1;
- }
-
- r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
- 3 + payload + padding);
-
- if (r >= 0 && s->msg_callback)
- s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
- buffer, 3 + payload + padding,
- s, s->msg_callback_arg);
-
- OPENSSL_free(buffer);
-
- if (r < 0)
- return r;
- } else if (hbtype == TLS1_HB_RESPONSE) {
- unsigned int seq;
-
- /*
- * We only send sequence numbers (2 bytes unsigned int), and 16
- * random bytes, so we just try to read the sequence number
- */
- n2s(pl, seq);
-
- if (payload == 18 && seq == s->tlsext_hb_seq) {
- s->tlsext_hb_seq++;
- s->tlsext_hb_pending = 0;
- }
- }
-
- return 0;
-}
-
-int tls1_heartbeat(SSL *s)
-{
- unsigned char *buf, *p;
- int ret = -1;
- unsigned int payload = 18; /* Sequence number + random bytes */
- unsigned int padding = 16; /* Use minimum padding */
-
- /* Only send if peer supports and accepts HB requests... */
- if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
- s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
- SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
- return -1;
- }
-
- /* ...and there is none in flight yet... */
- if (s->tlsext_hb_pending) {
- SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
- return -1;
- }
-
- /* ...and no handshake in progress. */
- if (SSL_in_init(s) || s->in_handshake) {
- SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
- return -1;
- }
-
- /*
- * Check if padding is too long, payload and padding must not exceed 2^14
- * - 3 = 16381 bytes in total.
- */
- OPENSSL_assert(payload + padding <= 16381);
-
- /*-
- * Create HeartBeat message, we just use a sequence number
- * as payload to distuingish different messages and add
- * some random stuff.
- * - Message Type, 1 byte
- * - Payload Length, 2 bytes (unsigned int)
- * - Payload, the sequence number (2 bytes uint)
- * - Payload, random bytes (16 bytes uint)
- * - Padding
- */
- buf = OPENSSL_malloc(1 + 2 + payload + padding);
- p = buf;
- /* Message Type */
- *p++ = TLS1_HB_REQUEST;
- /* Payload length (18 bytes here) */
- s2n(payload, p);
- /* Sequence number */
- s2n(s->tlsext_hb_seq, p);
- /* 16 random bytes */
- if (RAND_pseudo_bytes(p, 16) < 0) {
- SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- p += 16;
- /* Random padding */
- if (RAND_pseudo_bytes(p, padding) < 0) {
- SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
- if (ret >= 0) {
- if (s->msg_callback)
- s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
- buf, 3 + payload + padding,
- s, s->msg_callback_arg);
-
- s->tlsext_hb_pending = 1;
- }
-
-err:
- OPENSSL_free(buf);
-
- return ret;
-}
-#endif
Copied: vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c (from rev 11605, vendor-crypto/openssl/dist/ssl/t1_lib.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/ssl/t1_lib.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,2725 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/ocsp.h>
+#include <openssl/rand.h>
+#include "ssl_locl.h"
+
+const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
+
+#ifndef OPENSSL_NO_TLSEXT
+static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
+ const unsigned char *sess_id, int sesslen,
+ SSL_SESSION **psess);
+#endif
+
+SSL3_ENC_METHOD TLSv1_enc_data = {
+ tls1_enc,
+ tls1_mac,
+ tls1_setup_key_block,
+ tls1_generate_master_secret,
+ tls1_change_cipher_state,
+ tls1_final_finish_mac,
+ TLS1_FINISH_MAC_LENGTH,
+ tls1_cert_verify_mac,
+ TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+ TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+ tls1_alert_code,
+ tls1_export_keying_material,
+};
+
+long tls1_default_timeout(void)
+{
+ /*
+ * 2 hours, the 24 hours mentioned in the TLSv1 spec is way too long for
+ * http, the cache would over fill
+ */
+ return (60 * 60 * 2);
+}
+
+int tls1_new(SSL *s)
+{
+ if (!ssl3_new(s))
+ return (0);
+ s->method->ssl_clear(s);
+ return (1);
+}
+
+void tls1_free(SSL *s)
+{
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_session_ticket) {
+ OPENSSL_free(s->tlsext_session_ticket);
+ }
+#endif /* OPENSSL_NO_TLSEXT */
+ ssl3_free(s);
+}
+
+void tls1_clear(SSL *s)
+{
+ ssl3_clear(s);
+ s->version = s->method->version;
+}
+
+#ifndef OPENSSL_NO_EC
+
+static int nid_list[] = {
+ NID_sect163k1, /* sect163k1 (1) */
+ NID_sect163r1, /* sect163r1 (2) */
+ NID_sect163r2, /* sect163r2 (3) */
+ NID_sect193r1, /* sect193r1 (4) */
+ NID_sect193r2, /* sect193r2 (5) */
+ NID_sect233k1, /* sect233k1 (6) */
+ NID_sect233r1, /* sect233r1 (7) */
+ NID_sect239k1, /* sect239k1 (8) */
+ NID_sect283k1, /* sect283k1 (9) */
+ NID_sect283r1, /* sect283r1 (10) */
+ NID_sect409k1, /* sect409k1 (11) */
+ NID_sect409r1, /* sect409r1 (12) */
+ NID_sect571k1, /* sect571k1 (13) */
+ NID_sect571r1, /* sect571r1 (14) */
+ NID_secp160k1, /* secp160k1 (15) */
+ NID_secp160r1, /* secp160r1 (16) */
+ NID_secp160r2, /* secp160r2 (17) */
+ NID_secp192k1, /* secp192k1 (18) */
+ NID_X9_62_prime192v1, /* secp192r1 (19) */
+ NID_secp224k1, /* secp224k1 (20) */
+ NID_secp224r1, /* secp224r1 (21) */
+ NID_secp256k1, /* secp256k1 (22) */
+ NID_X9_62_prime256v1, /* secp256r1 (23) */
+ NID_secp384r1, /* secp384r1 (24) */
+ NID_secp521r1 /* secp521r1 (25) */
+};
+
+static int pref_list[] = {
+# ifndef OPENSSL_NO_EC2M
+ NID_sect571r1, /* sect571r1 (14) */
+ NID_sect571k1, /* sect571k1 (13) */
+# endif
+ NID_secp521r1, /* secp521r1 (25) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect409k1, /* sect409k1 (11) */
+ NID_sect409r1, /* sect409r1 (12) */
+# endif
+ NID_secp384r1, /* secp384r1 (24) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect283k1, /* sect283k1 (9) */
+ NID_sect283r1, /* sect283r1 (10) */
+# endif
+ NID_secp256k1, /* secp256k1 (22) */
+ NID_X9_62_prime256v1, /* secp256r1 (23) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect239k1, /* sect239k1 (8) */
+ NID_sect233k1, /* sect233k1 (6) */
+ NID_sect233r1, /* sect233r1 (7) */
+# endif
+ NID_secp224k1, /* secp224k1 (20) */
+ NID_secp224r1, /* secp224r1 (21) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect193r1, /* sect193r1 (4) */
+ NID_sect193r2, /* sect193r2 (5) */
+# endif
+ NID_secp192k1, /* secp192k1 (18) */
+ NID_X9_62_prime192v1, /* secp192r1 (19) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect163k1, /* sect163k1 (1) */
+ NID_sect163r1, /* sect163r1 (2) */
+ NID_sect163r2, /* sect163r2 (3) */
+# endif
+ NID_secp160k1, /* secp160k1 (15) */
+ NID_secp160r1, /* secp160r1 (16) */
+ NID_secp160r2, /* secp160r2 (17) */
+};
+
+int tls1_ec_curve_id2nid(int curve_id)
+{
+ /* ECC curves from RFC 4492 */
+ if ((curve_id < 1) || ((unsigned int)curve_id >
+ sizeof(nid_list) / sizeof(nid_list[0])))
+ return 0;
+ return nid_list[curve_id - 1];
+}
+
+int tls1_ec_nid2curve_id(int nid)
+{
+ /* ECC curves from RFC 4492 */
+ switch (nid) {
+ case NID_sect163k1: /* sect163k1 (1) */
+ return 1;
+ case NID_sect163r1: /* sect163r1 (2) */
+ return 2;
+ case NID_sect163r2: /* sect163r2 (3) */
+ return 3;
+ case NID_sect193r1: /* sect193r1 (4) */
+ return 4;
+ case NID_sect193r2: /* sect193r2 (5) */
+ return 5;
+ case NID_sect233k1: /* sect233k1 (6) */
+ return 6;
+ case NID_sect233r1: /* sect233r1 (7) */
+ return 7;
+ case NID_sect239k1: /* sect239k1 (8) */
+ return 8;
+ case NID_sect283k1: /* sect283k1 (9) */
+ return 9;
+ case NID_sect283r1: /* sect283r1 (10) */
+ return 10;
+ case NID_sect409k1: /* sect409k1 (11) */
+ return 11;
+ case NID_sect409r1: /* sect409r1 (12) */
+ return 12;
+ case NID_sect571k1: /* sect571k1 (13) */
+ return 13;
+ case NID_sect571r1: /* sect571r1 (14) */
+ return 14;
+ case NID_secp160k1: /* secp160k1 (15) */
+ return 15;
+ case NID_secp160r1: /* secp160r1 (16) */
+ return 16;
+ case NID_secp160r2: /* secp160r2 (17) */
+ return 17;
+ case NID_secp192k1: /* secp192k1 (18) */
+ return 18;
+ case NID_X9_62_prime192v1: /* secp192r1 (19) */
+ return 19;
+ case NID_secp224k1: /* secp224k1 (20) */
+ return 20;
+ case NID_secp224r1: /* secp224r1 (21) */
+ return 21;
+ case NID_secp256k1: /* secp256k1 (22) */
+ return 22;
+ case NID_X9_62_prime256v1: /* secp256r1 (23) */
+ return 23;
+ case NID_secp384r1: /* secp384r1 (24) */
+ return 24;
+ case NID_secp521r1: /* secp521r1 (25) */
+ return 25;
+ default:
+ return 0;
+ }
+}
+#endif /* OPENSSL_NO_EC */
+
+#ifndef OPENSSL_NO_TLSEXT
+
+/*
+ * List of supported signature algorithms and hashes. Should make this
+ * customisable at some point, for now include everything we support.
+ */
+
+# ifdef OPENSSL_NO_RSA
+# define tlsext_sigalg_rsa(md) /* */
+# else
+# define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
+# endif
+
+# ifdef OPENSSL_NO_DSA
+# define tlsext_sigalg_dsa(md) /* */
+# else
+# define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
+# endif
+
+# ifdef OPENSSL_NO_ECDSA
+# define tlsext_sigalg_ecdsa(md)
+ /* */
+# else
+# define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_ecdsa,
+# endif
+
+# define tlsext_sigalg(md) \
+ tlsext_sigalg_rsa(md) \
+ tlsext_sigalg_dsa(md) \
+ tlsext_sigalg_ecdsa(md)
+
+static unsigned char tls12_sigalgs[] = {
+# ifndef OPENSSL_NO_SHA512
+ tlsext_sigalg(TLSEXT_hash_sha512)
+ tlsext_sigalg(TLSEXT_hash_sha384)
+# endif
+# ifndef OPENSSL_NO_SHA256
+ tlsext_sigalg(TLSEXT_hash_sha256)
+ tlsext_sigalg(TLSEXT_hash_sha224)
+# endif
+# ifndef OPENSSL_NO_SHA
+ tlsext_sigalg(TLSEXT_hash_sha1)
+# endif
+};
+
+int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
+{
+ size_t slen = sizeof(tls12_sigalgs);
+ if (p)
+ memcpy(p, tls12_sigalgs, slen);
+ return (int)slen;
+}
+
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+ unsigned char *limit)
+{
+ int extdatalen = 0;
+ unsigned char *orig = buf;
+ unsigned char *ret = buf;
+
+ /* don't add extensions for SSLv3 unless doing secure renegotiation */
+ if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding)
+ return orig;
+
+ ret += 2;
+
+ if (ret >= limit)
+ return NULL; /* this really never occurs, but ... */
+
+ if (s->tlsext_hostname != NULL) {
+ /* Add TLS extension servername to the Client Hello message */
+ unsigned long size_str;
+ long lenmax;
+
+ /*-
+ * check for enough space.
+ * 4 for the servername type and entension length
+ * 2 for servernamelist length
+ * 1 for the hostname type
+ * 2 for hostname length
+ * + hostname length
+ */
+
+ if ((lenmax = limit - ret - 9) < 0
+ || (size_str =
+ strlen(s->tlsext_hostname)) > (unsigned long)lenmax)
+ return NULL;
+
+ /* extension type and length */
+ s2n(TLSEXT_TYPE_server_name, ret);
+ s2n(size_str + 5, ret);
+
+ /* length of servername list */
+ s2n(size_str + 3, ret);
+
+ /* hostname type, length and hostname */
+ *(ret++) = (unsigned char)TLSEXT_NAMETYPE_host_name;
+ s2n(size_str, ret);
+ memcpy(ret, s->tlsext_hostname, size_str);
+ ret += size_str;
+ }
+
+ /* Add RI if renegotiating */
+ if (s->renegotiate) {
+ int el;
+
+ if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ if ((limit - ret - 4 - el) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_renegotiate, ret);
+ s2n(el, ret);
+
+ if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ ret += el;
+ }
+# ifndef OPENSSL_NO_SRP
+ /* Add SRP username if there is one */
+ if (s->srp_ctx.login != NULL) { /* Add TLS extension SRP username to the
+ * Client Hello message */
+
+ int login_len = strlen(s->srp_ctx.login);
+ if (login_len > 255 || login_len == 0) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ /*-
+ * check for enough space.
+ * 4 for the srp type type and entension length
+ * 1 for the srp user identity
+ * + srp user identity length
+ */
+ if ((limit - ret - 5 - login_len) < 0)
+ return NULL;
+
+ /* fill in the extension */
+ s2n(TLSEXT_TYPE_srp, ret);
+ s2n(login_len + 1, ret);
+ (*ret++) = (unsigned char)login_len;
+ memcpy(ret, s->srp_ctx.login, login_len);
+ ret += login_len;
+ }
+# endif
+
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist != NULL) {
+ /*
+ * Add TLS extension ECPointFormats to the ClientHello message
+ */
+ long lenmax;
+
+ if ((lenmax = limit - ret - 5) < 0)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > 255) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ s2n(TLSEXT_TYPE_ec_point_formats, ret);
+ s2n(s->tlsext_ecpointformatlist_length + 1, ret);
+ *(ret++) = (unsigned char)s->tlsext_ecpointformatlist_length;
+ memcpy(ret, s->tlsext_ecpointformatlist,
+ s->tlsext_ecpointformatlist_length);
+ ret += s->tlsext_ecpointformatlist_length;
+ }
+ if (s->tlsext_ellipticcurvelist != NULL) {
+ /*
+ * Add TLS extension EllipticCurves to the ClientHello message
+ */
+ long lenmax;
+
+ if ((lenmax = limit - ret - 6) < 0)
+ return NULL;
+ if (s->tlsext_ellipticcurvelist_length > (unsigned long)lenmax)
+ return NULL;
+ if (s->tlsext_ellipticcurvelist_length > 65532) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ s2n(TLSEXT_TYPE_elliptic_curves, ret);
+ s2n(s->tlsext_ellipticcurvelist_length + 2, ret);
+
+ s2n(s->tlsext_ellipticcurvelist_length, ret);
+ memcpy(ret, s->tlsext_ellipticcurvelist,
+ s->tlsext_ellipticcurvelist_length);
+ ret += s->tlsext_ellipticcurvelist_length;
+ }
+# endif /* OPENSSL_NO_EC */
+
+ if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
+ int ticklen;
+ if (!s->new_session && s->session && s->session->tlsext_tick)
+ ticklen = s->session->tlsext_ticklen;
+ else if (s->session && s->tlsext_session_ticket &&
+ s->tlsext_session_ticket->data) {
+ ticklen = s->tlsext_session_ticket->length;
+ s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+ if (!s->session->tlsext_tick)
+ return NULL;
+ memcpy(s->session->tlsext_tick,
+ s->tlsext_session_ticket->data, ticklen);
+ s->session->tlsext_ticklen = ticklen;
+ } else
+ ticklen = 0;
+ if (ticklen == 0 && s->tlsext_session_ticket &&
+ s->tlsext_session_ticket->data == NULL)
+ goto skip_ext;
+ /*
+ * Check for enough room 2 for extension type, 2 for len rest for
+ * ticket
+ */
+ if ((long)(limit - ret - 4 - ticklen) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_session_ticket, ret);
+ s2n(ticklen, ret);
+ if (ticklen) {
+ memcpy(ret, s->session->tlsext_tick, ticklen);
+ ret += ticklen;
+ }
+ }
+ skip_ext:
+
+ if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
+ if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
+ return NULL;
+ s2n(TLSEXT_TYPE_signature_algorithms, ret);
+ s2n(sizeof(tls12_sigalgs) + 2, ret);
+ s2n(sizeof(tls12_sigalgs), ret);
+ memcpy(ret, tls12_sigalgs, sizeof(tls12_sigalgs));
+ ret += sizeof(tls12_sigalgs);
+ }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL && s->version != DTLS1_VERSION) {
+ size_t col = s->s3->client_opaque_prf_input_len;
+
+ if ((long)(limit - ret - 6 - col < 0))
+ return NULL;
+ if (col > 0xFFFD) /* can't happen */
+ return NULL;
+
+ s2n(TLSEXT_TYPE_opaque_prf_input, ret);
+ s2n(col + 2, ret);
+ s2n(col, ret);
+ memcpy(ret, s->s3->client_opaque_prf_input, col);
+ ret += col;
+ }
+# endif
+
+ if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
+ s->version != DTLS1_VERSION) {
+ int i;
+ long extlen, idlen, itmp;
+ OCSP_RESPID *id;
+
+ idlen = 0;
+ for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
+ id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+ itmp = i2d_OCSP_RESPID(id, NULL);
+ if (itmp <= 0)
+ return NULL;
+ idlen += itmp + 2;
+ }
+
+ if (s->tlsext_ocsp_exts) {
+ extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
+ if (extlen < 0)
+ return NULL;
+ } else
+ extlen = 0;
+
+ if ((long)(limit - ret - 7 - extlen - idlen) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_status_request, ret);
+ if (extlen + idlen > 0xFFF0)
+ return NULL;
+ s2n(extlen + idlen + 5, ret);
+ *(ret++) = TLSEXT_STATUSTYPE_ocsp;
+ s2n(idlen, ret);
+ for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
+ /* save position of id len */
+ unsigned char *q = ret;
+ id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+ /* skip over id len */
+ ret += 2;
+ itmp = i2d_OCSP_RESPID(id, &ret);
+ /* write id len */
+ s2n(itmp, q);
+ }
+ s2n(extlen, ret);
+ if (extlen > 0)
+ i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
+ }
+# ifndef OPENSSL_NO_HEARTBEATS
+ /* Add Heartbeat extension */
+ if ((limit - ret - 4 - 1) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_heartbeat, ret);
+ s2n(1, ret);
+ /*-
+ * Set mode:
+ * 1: peer may send requests
+ * 2: peer not allowed to send requests
+ */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+ *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ else
+ *(ret++) = SSL_TLSEXT_HB_ENABLED;
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
+ /*
+ * The client advertises an emtpy extension to indicate its support
+ * for Next Protocol Negotiation
+ */
+ if (limit - ret - 4 < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_next_proto_neg, ret);
+ s2n(0, ret);
+ }
+# endif
+
+# ifndef OPENSSL_NO_SRTP
+ if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
+ int el;
+
+ ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
+
+ if ((limit - ret - 4 - el) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_use_srtp, ret);
+ s2n(el, ret);
+
+ if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ ret += el;
+ }
+# endif
+ /*
+ * Add padding to workaround bugs in F5 terminators. See
+ * https://tools.ietf.org/html/draft-agl-tls-padding-03 NB: because this
+ * code works out the length of all existing extensions it MUST always
+ * appear last.
+ */
+ if (s->options & SSL_OP_TLSEXT_PADDING) {
+ int hlen = ret - (unsigned char *)s->init_buf->data;
+ /*
+ * The code in s23_clnt.c to build ClientHello messages includes the
+ * 5-byte record header in the buffer, while the code in s3_clnt.c
+ * does not.
+ */
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+ hlen -= 5;
+ if (hlen > 0xff && hlen < 0x200) {
+ hlen = 0x200 - hlen;
+ if (hlen >= 4)
+ hlen -= 4;
+ else
+ hlen = 0;
+
+ s2n(TLSEXT_TYPE_padding, ret);
+ s2n(hlen, ret);
+ memset(ret, 0, hlen);
+ ret += hlen;
+ }
+ }
+
+ if ((extdatalen = ret - orig - 2) == 0)
+ return orig;
+
+ s2n(extdatalen, orig);
+ return ret;
+}
+
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
+ unsigned char *limit)
+{
+ int extdatalen = 0;
+ unsigned char *orig = buf;
+ unsigned char *ret = buf;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ int next_proto_neg_seen;
+# endif
+
+ /*
+ * don't add extensions for SSLv3, unless doing secure renegotiation
+ */
+ if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
+ return orig;
+
+ ret += 2;
+ if (ret >= limit)
+ return NULL; /* this really never occurs, but ... */
+
+ if (!s->hit && s->servername_done == 1
+ && s->session->tlsext_hostname != NULL) {
+ if ((long)(limit - ret - 4) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_server_name, ret);
+ s2n(0, ret);
+ }
+
+ if (s->s3->send_connection_binding) {
+ int el;
+
+ if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ if ((limit - ret - 4 - el) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_renegotiate, ret);
+ s2n(el, ret);
+
+ if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ ret += el;
+ }
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist != NULL) {
+ /*
+ * Add TLS extension ECPointFormats to the ServerHello message
+ */
+ long lenmax;
+
+ if ((lenmax = limit - ret - 5) < 0)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > 255) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ s2n(TLSEXT_TYPE_ec_point_formats, ret);
+ s2n(s->tlsext_ecpointformatlist_length + 1, ret);
+ *(ret++) = (unsigned char)s->tlsext_ecpointformatlist_length;
+ memcpy(ret, s->tlsext_ecpointformatlist,
+ s->tlsext_ecpointformatlist_length);
+ ret += s->tlsext_ecpointformatlist_length;
+
+ }
+ /*
+ * Currently the server should not respond with a SupportedCurves
+ * extension
+ */
+# endif /* OPENSSL_NO_EC */
+
+ if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
+ if ((long)(limit - ret - 4) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_session_ticket, ret);
+ s2n(0, ret);
+ }
+
+ if (s->tlsext_status_expected) {
+ if ((long)(limit - ret - 4) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_status_request, ret);
+ s2n(0, ret);
+ }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->server_opaque_prf_input != NULL && s->version != DTLS1_VERSION) {
+ size_t sol = s->s3->server_opaque_prf_input_len;
+
+ if ((long)(limit - ret - 6 - sol) < 0)
+ return NULL;
+ if (sol > 0xFFFD) /* can't happen */
+ return NULL;
+
+ s2n(TLSEXT_TYPE_opaque_prf_input, ret);
+ s2n(sol + 2, ret);
+ s2n(sol, ret);
+ memcpy(ret, s->s3->server_opaque_prf_input, sol);
+ ret += sol;
+ }
+# endif
+
+# ifndef OPENSSL_NO_SRTP
+ if (SSL_IS_DTLS(s) && s->srtp_profile) {
+ int el;
+
+ ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
+
+ if ((limit - ret - 4 - el) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_use_srtp, ret);
+ s2n(el, ret);
+
+ if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ ret += el;
+ }
+# endif
+
+ if (((s->s3->tmp.new_cipher->id & 0xFFFF) == 0x80
+ || (s->s3->tmp.new_cipher->id & 0xFFFF) == 0x81)
+ && (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
+ const unsigned char cryptopro_ext[36] = {
+ 0xfd, 0xe8, /* 65000 */
+ 0x00, 0x20, /* 32 bytes length */
+ 0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
+ 0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
+ 0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
+ };
+ if (limit - ret < 36)
+ return NULL;
+ memcpy(ret, cryptopro_ext, 36);
+ ret += 36;
+
+ }
+# ifndef OPENSSL_NO_HEARTBEATS
+ /* Add Heartbeat extension if we've received one */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) {
+ if ((limit - ret - 4 - 1) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_heartbeat, ret);
+ s2n(1, ret);
+ /*-
+ * Set mode:
+ * 1: peer may send requests
+ * 2: peer not allowed to send requests
+ */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+ *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ else
+ *(ret++) = SSL_TLSEXT_HB_ENABLED;
+
+ }
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ next_proto_neg_seen = s->s3->next_proto_neg_seen;
+ s->s3->next_proto_neg_seen = 0;
+ if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) {
+ const unsigned char *npa;
+ unsigned int npalen;
+ int r;
+
+ r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
+ s->
+ ctx->next_protos_advertised_cb_arg);
+ if (r == SSL_TLSEXT_ERR_OK) {
+ if ((long)(limit - ret - 4 - npalen) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_next_proto_neg, ret);
+ s2n(npalen, ret);
+ memcpy(ret, npa, npalen);
+ ret += npalen;
+ s->s3->next_proto_neg_seen = 1;
+ }
+ }
+# endif
+
+ if ((extdatalen = ret - orig - 2) == 0)
+ return orig;
+
+ s2n(extdatalen, orig);
+ return ret;
+}
+
+# ifndef OPENSSL_NO_EC
+/*-
+ * ssl_check_for_safari attempts to fingerprint Safari using OS X
+ * SecureTransport using the TLS extension block in |d|, of length |n|.
+ * Safari, since 10.6, sends exactly these extensions, in this order:
+ * SNI,
+ * elliptic_curves
+ * ec_point_formats
+ *
+ * We wish to fingerprint Safari because they broke ECDHE-ECDSA support in 10.8,
+ * but they advertise support. So enabling ECDHE-ECDSA ciphers breaks them.
+ * Sadly we cannot differentiate 10.6, 10.7 and 10.8.4 (which work), from
+ * 10.8..10.8.3 (which don't work).
+ */
+static void ssl_check_for_safari(SSL *s, const unsigned char *data,
+ const unsigned char *limit)
+{
+ unsigned short type, size;
+ static const unsigned char kSafariExtensionsBlock[] = {
+ 0x00, 0x0a, /* elliptic_curves extension */
+ 0x00, 0x08, /* 8 bytes */
+ 0x00, 0x06, /* 6 bytes of curve ids */
+ 0x00, 0x17, /* P-256 */
+ 0x00, 0x18, /* P-384 */
+ 0x00, 0x19, /* P-521 */
+
+ 0x00, 0x0b, /* ec_point_formats */
+ 0x00, 0x02, /* 2 bytes */
+ 0x01, /* 1 point format */
+ 0x00, /* uncompressed */
+ };
+
+ /* The following is only present in TLS 1.2 */
+ static const unsigned char kSafariTLS12ExtensionsBlock[] = {
+ 0x00, 0x0d, /* signature_algorithms */
+ 0x00, 0x0c, /* 12 bytes */
+ 0x00, 0x0a, /* 10 bytes */
+ 0x05, 0x01, /* SHA-384/RSA */
+ 0x04, 0x01, /* SHA-256/RSA */
+ 0x02, 0x01, /* SHA-1/RSA */
+ 0x04, 0x03, /* SHA-256/ECDSA */
+ 0x02, 0x03, /* SHA-1/ECDSA */
+ };
+
+ if (limit - data <= 2)
+ return;
+ data += 2;
+
+ if (limit - data < 4)
+ return;
+ n2s(data, type);
+ n2s(data, size);
+
+ if (type != TLSEXT_TYPE_server_name)
+ return;
+
+ if (limit - data < size)
+ return;
+ data += size;
+
+ if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
+ const size_t len1 = sizeof(kSafariExtensionsBlock);
+ const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
+
+ if (limit - data != (int)(len1 + len2))
+ return;
+ if (memcmp(data, kSafariExtensionsBlock, len1) != 0)
+ return;
+ if (memcmp(data + len1, kSafariTLS12ExtensionsBlock, len2) != 0)
+ return;
+ } else {
+ const size_t len = sizeof(kSafariExtensionsBlock);
+
+ if (limit - data != (int)(len))
+ return;
+ if (memcmp(data, kSafariExtensionsBlock, len) != 0)
+ return;
+ }
+
+ s->s3->is_probably_safari = 1;
+}
+# endif /* !OPENSSL_NO_EC */
+
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p,
+ unsigned char *limit, int *al)
+{
+ unsigned short type;
+ unsigned short size;
+ unsigned short len;
+ unsigned char *data = *p;
+ int renegotiate_seen = 0;
+ int sigalg_seen = 0;
+
+ s->servername_done = 0;
+ s->tlsext_status_type = -1;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ s->s3->next_proto_neg_seen = 0;
+# endif
+
+# ifndef OPENSSL_NO_HEARTBEATS
+ s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+# endif
+
+# ifndef OPENSSL_NO_EC
+ if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
+ ssl_check_for_safari(s, data, limit);
+# endif /* !OPENSSL_NO_EC */
+
+# ifndef OPENSSL_NO_SRP
+ if (s->srp_ctx.login != NULL) {
+ OPENSSL_free(s->srp_ctx.login);
+ s->srp_ctx.login = NULL;
+ }
+# endif
+
+ s->srtp_profile = NULL;
+
+ if (data == limit)
+ goto ri_check;
+
+ if (limit - data < 2)
+ goto err;
+
+ n2s(data, len);
+
+ if (limit - data != len)
+ goto err;
+
+ while (limit - data >= 4) {
+ n2s(data, type);
+ n2s(data, size);
+
+ if (limit - data < size)
+ goto err;
+# if 0
+ fprintf(stderr, "Received extension type %d size %d\n", type, size);
+# endif
+ if (s->tlsext_debug_cb)
+ s->tlsext_debug_cb(s, 0, type, data, size, s->tlsext_debug_arg);
+/*-
+ * The servername extension is treated as follows:
+ *
+ * - Only the hostname type is supported with a maximum length of 255.
+ * - The servername is rejected if too long or if it contains zeros,
+ * in which case an fatal alert is generated.
+ * - The servername field is maintained together with the session cache.
+ * - When a session is resumed, the servername call back invoked in order
+ * to allow the application to position itself to the right context.
+ * - The servername is acknowledged if it is new for a session or when
+ * it is identical to a previously used for the same session.
+ * Applications can control the behaviour. They can at any time
+ * set a 'desirable' servername for a new SSL object. This can be the
+ * case for example with HTTPS when a Host: header field is received and
+ * a renegotiation is requested. In this case, a possible servername
+ * presented in the new client hello is only acknowledged if it matches
+ * the value of the Host: field.
+ * - Applications must use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+ * if they provide for changing an explicit servername context for the
+ * session, i.e. when the session has been established with a servername
+ * extension.
+ * - On session reconnect, the servername extension may be absent.
+ *
+ */
+
+ if (type == TLSEXT_TYPE_server_name) {
+ unsigned char *sdata;
+ int servname_type;
+ int dsize;
+
+ if (size < 2)
+ goto err;
+ n2s(data, dsize);
+ size -= 2;
+ if (dsize > size)
+ goto err;
+
+ sdata = data;
+ while (dsize > 3) {
+ servname_type = *(sdata++);
+ n2s(sdata, len);
+ dsize -= 3;
+
+ if (len > dsize)
+ goto err;
+
+ if (s->servername_done == 0)
+ switch (servname_type) {
+ case TLSEXT_NAMETYPE_host_name:
+ if (!s->hit) {
+ if (s->session->tlsext_hostname)
+ goto err;
+
+ if (len > TLSEXT_MAXLEN_host_name) {
+ *al = TLS1_AD_UNRECOGNIZED_NAME;
+ return 0;
+ }
+ if ((s->session->tlsext_hostname =
+ OPENSSL_malloc(len + 1)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ memcpy(s->session->tlsext_hostname, sdata, len);
+ s->session->tlsext_hostname[len] = '\0';
+ if (strlen(s->session->tlsext_hostname) != len) {
+ OPENSSL_free(s->session->tlsext_hostname);
+ s->session->tlsext_hostname = NULL;
+ *al = TLS1_AD_UNRECOGNIZED_NAME;
+ return 0;
+ }
+ s->servername_done = 1;
+
+ } else
+ s->servername_done = s->session->tlsext_hostname
+ && strlen(s->session->tlsext_hostname) == len
+ && strncmp(s->session->tlsext_hostname,
+ (char *)sdata, len) == 0;
+
+ break;
+
+ default:
+ break;
+ }
+
+ dsize -= len;
+ }
+ if (dsize != 0)
+ goto err;
+
+ }
+# ifndef OPENSSL_NO_SRP
+ else if (type == TLSEXT_TYPE_srp) {
+ if (size == 0 || ((len = data[0])) != (size - 1))
+ goto err;
+ if (s->srp_ctx.login != NULL)
+ goto err;
+ if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL)
+ return -1;
+ memcpy(s->srp_ctx.login, &data[1], len);
+ s->srp_ctx.login[len] = '\0';
+
+ if (strlen(s->srp_ctx.login) != len)
+ goto err;
+ }
+# endif
+
+# ifndef OPENSSL_NO_EC
+ else if (type == TLSEXT_TYPE_ec_point_formats) {
+ unsigned char *sdata = data;
+ int ecpointformatlist_length = *(sdata++);
+
+ if (ecpointformatlist_length != size - 1)
+ goto err;
+ if (!s->hit) {
+ if (s->session->tlsext_ecpointformatlist) {
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ s->session->tlsext_ecpointformatlist = NULL;
+ }
+ s->session->tlsext_ecpointformatlist_length = 0;
+ if ((s->session->tlsext_ecpointformatlist =
+ OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->session->tlsext_ecpointformatlist_length =
+ ecpointformatlist_length;
+ memcpy(s->session->tlsext_ecpointformatlist, sdata,
+ ecpointformatlist_length);
+ }
+# if 0
+ fprintf(stderr,
+ "ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ",
+ s->session->tlsext_ecpointformatlist_length);
+ sdata = s->session->tlsext_ecpointformatlist;
+ for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+ fprintf(stderr, "%i ", *(sdata++));
+ fprintf(stderr, "\n");
+# endif
+ } else if (type == TLSEXT_TYPE_elliptic_curves) {
+ unsigned char *sdata = data;
+ int ellipticcurvelist_length = (*(sdata++) << 8);
+ ellipticcurvelist_length += (*(sdata++));
+
+ if (ellipticcurvelist_length != size - 2 ||
+ ellipticcurvelist_length < 1 ||
+ /* Each NamedCurve is 2 bytes. */
+ ellipticcurvelist_length & 1)
+ goto err;
+
+ if (!s->hit) {
+ if (s->session->tlsext_ellipticcurvelist)
+ goto err;
+
+ s->session->tlsext_ellipticcurvelist_length = 0;
+ if ((s->session->tlsext_ellipticcurvelist =
+ OPENSSL_malloc(ellipticcurvelist_length)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->session->tlsext_ellipticcurvelist_length =
+ ellipticcurvelist_length;
+ memcpy(s->session->tlsext_ellipticcurvelist, sdata,
+ ellipticcurvelist_length);
+ }
+# if 0
+ fprintf(stderr,
+ "ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ",
+ s->session->tlsext_ellipticcurvelist_length);
+ sdata = s->session->tlsext_ellipticcurvelist;
+ for (i = 0; i < s->session->tlsext_ellipticcurvelist_length; i++)
+ fprintf(stderr, "%i ", *(sdata++));
+ fprintf(stderr, "\n");
+# endif
+ }
+# endif /* OPENSSL_NO_EC */
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
+ s->version != DTLS1_VERSION) {
+ unsigned char *sdata = data;
+
+ if (size < 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ n2s(sdata, s->s3->client_opaque_prf_input_len);
+ if (s->s3->client_opaque_prf_input_len != size - 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+
+ if (s->s3->client_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ }
+
+ /* dummy byte just to get non-NULL */
+ if (s->s3->client_opaque_prf_input_len == 0)
+ s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+ else
+ s->s3->client_opaque_prf_input =
+ BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
+ if (s->s3->client_opaque_prf_input == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ }
+# endif
+ else if (type == TLSEXT_TYPE_session_ticket) {
+ if (s->tls_session_ticket_ext_cb &&
+ !s->tls_session_ticket_ext_cb(s, data, size,
+ s->tls_session_ticket_ext_cb_arg))
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ } else if (type == TLSEXT_TYPE_renegotiate) {
+ if (!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
+ return 0;
+ renegotiate_seen = 1;
+ } else if (type == TLSEXT_TYPE_signature_algorithms) {
+ int dsize;
+ if (sigalg_seen || size < 2)
+ goto err;
+ sigalg_seen = 1;
+ n2s(data, dsize);
+ size -= 2;
+ if (dsize != size || dsize & 1)
+ goto err;
+ if (!tls1_process_sigalgs(s, data, dsize))
+ goto err;
+ } else if (type == TLSEXT_TYPE_status_request &&
+ s->version != DTLS1_VERSION) {
+
+ if (size < 5)
+ goto err;
+
+ s->tlsext_status_type = *data++;
+ size--;
+ if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
+ const unsigned char *sdata;
+ int dsize;
+ /* Read in responder_id_list */
+ n2s(data, dsize);
+ size -= 2;
+ if (dsize > size)
+ goto err;
+
+ /*
+ * We remove any OCSP_RESPIDs from a previous handshake
+ * to prevent unbounded memory growth - CVE-2016-6304
+ */
+ sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids,
+ OCSP_RESPID_free);
+ if (dsize > 0) {
+ s->tlsext_ocsp_ids = sk_OCSP_RESPID_new_null();
+ if (s->tlsext_ocsp_ids == NULL) {
+ *al = SSL_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ } else {
+ s->tlsext_ocsp_ids = NULL;
+ }
+
+ while (dsize > 0) {
+ OCSP_RESPID *id;
+ int idsize;
+ if (dsize < 4)
+ goto err;
+ n2s(data, idsize);
+ dsize -= 2 + idsize;
+ size -= 2 + idsize;
+ if (dsize < 0)
+ goto err;
+ sdata = data;
+ data += idsize;
+ id = d2i_OCSP_RESPID(NULL, &sdata, idsize);
+ if (!id)
+ goto err;
+ if (data != sdata) {
+ OCSP_RESPID_free(id);
+ goto err;
+ }
+ if (!sk_OCSP_RESPID_push(s->tlsext_ocsp_ids, id)) {
+ OCSP_RESPID_free(id);
+ *al = SSL_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ }
+
+ /* Read in request_extensions */
+ if (size < 2)
+ goto err;
+ n2s(data, dsize);
+ size -= 2;
+ if (dsize != size)
+ goto err;
+ sdata = data;
+ if (dsize > 0) {
+ if (s->tlsext_ocsp_exts) {
+ sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
+ X509_EXTENSION_free);
+ }
+
+ s->tlsext_ocsp_exts =
+ d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
+ if (!s->tlsext_ocsp_exts || (data + dsize != sdata))
+ goto err;
+ }
+ }
+ /*
+ * We don't know what to do with any other type * so ignore it.
+ */
+ else
+ s->tlsext_status_type = -1;
+ }
+# ifndef OPENSSL_NO_HEARTBEATS
+ else if (type == TLSEXT_TYPE_heartbeat) {
+ switch (data[0]) {
+ case 0x01: /* Client allows us to send HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ break;
+ case 0x02: /* Client doesn't accept HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ break;
+ default:
+ *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (type == TLSEXT_TYPE_next_proto_neg &&
+ s->s3->tmp.finish_md_len == 0) {
+ /*-
+ * We shouldn't accept this extension on a
+ * renegotiation.
+ *
+ * s->new_session will be set on renegotiation, but we
+ * probably shouldn't rely that it couldn't be set on
+ * the initial renegotation too in certain cases (when
+ * there's some other reason to disallow resuming an
+ * earlier session -- the current code won't be doing
+ * anything like that, but this might change).
+ *
+ * A valid sign that there's been a previous handshake
+ * in this connection is if s->s3->tmp.finish_md_len >
+ * 0. (We are talking about a check that will happen
+ * in the Hello protocol round, well before a new
+ * Finished message could have been computed.)
+ */
+ s->s3->next_proto_neg_seen = 1;
+ }
+# endif
+
+ /* session ticket processed earlier */
+# ifndef OPENSSL_NO_SRTP
+ else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)
+ && type == TLSEXT_TYPE_use_srtp) {
+ if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
+ return 0;
+ }
+# endif
+
+ data += size;
+ }
+
+ /* Spurious data on the end */
+ if (data != limit)
+ goto err;
+
+ *p = data;
+
+ ri_check:
+
+ /* Need RI if renegotiating */
+
+ if (!renegotiate_seen && s->renegotiate &&
+ !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+ *al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+ return 0;
+ }
+
+ return 1;
+err:
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
+ * elements of zero length are allowed and the set of elements must exactly
+ * fill the length of the block.
+ */
+static char ssl_next_proto_validate(unsigned char *d, unsigned len)
+{
+ unsigned int off = 0;
+
+ while (off < len) {
+ if (d[off] == 0)
+ return 0;
+ off += d[off];
+ off++;
+ }
+
+ return off == len;
+}
+# endif
+
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
+ int n, int *al)
+{
+ unsigned short length;
+ unsigned short type;
+ unsigned short size;
+ unsigned char *data = *p;
+ int tlsext_servername = 0;
+ int renegotiate_seen = 0;
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ s->s3->next_proto_neg_seen = 0;
+# endif
+ s->tlsext_ticket_expected = 0;
+
+# ifndef OPENSSL_NO_HEARTBEATS
+ s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+# endif
+
+ if ((d + n) - data <= 2)
+ goto ri_check;
+
+ n2s(data, length);
+ if ((d + n) - data != length) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+
+ while ((d + n) - data >= 4) {
+ n2s(data, type);
+ n2s(data, size);
+
+ if ((d + n) - data < size)
+ goto ri_check;
+
+ if (s->tlsext_debug_cb)
+ s->tlsext_debug_cb(s, 1, type, data, size, s->tlsext_debug_arg);
+
+ if (type == TLSEXT_TYPE_server_name) {
+ if (s->tlsext_hostname == NULL || size > 0) {
+ *al = TLS1_AD_UNRECOGNIZED_NAME;
+ return 0;
+ }
+ tlsext_servername = 1;
+ }
+# ifndef OPENSSL_NO_EC
+ else if (type == TLSEXT_TYPE_ec_point_formats) {
+ unsigned char *sdata = data;
+ int ecpointformatlist_length = *(sdata++);
+
+ if (ecpointformatlist_length != size - 1 ||
+ ecpointformatlist_length < 1) {
+ *al = TLS1_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (!s->hit) {
+ s->session->tlsext_ecpointformatlist_length = 0;
+ if (s->session->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ if ((s->session->tlsext_ecpointformatlist =
+ OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->session->tlsext_ecpointformatlist_length =
+ ecpointformatlist_length;
+ memcpy(s->session->tlsext_ecpointformatlist, sdata,
+ ecpointformatlist_length);
+ }
+# if 0
+ fprintf(stderr,
+ "ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
+ sdata = s->session->tlsext_ecpointformatlist;
+ for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+ fprintf(stderr, "%i ", *(sdata++));
+ fprintf(stderr, "\n");
+# endif
+ }
+# endif /* OPENSSL_NO_EC */
+
+ else if (type == TLSEXT_TYPE_session_ticket) {
+ if (s->tls_session_ticket_ext_cb &&
+ !s->tls_session_ticket_ext_cb(s, data, size,
+ s->tls_session_ticket_ext_cb_arg))
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ if ((SSL_get_options(s) & SSL_OP_NO_TICKET)
+ || (size > 0)) {
+ *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+ return 0;
+ }
+ s->tlsext_ticket_expected = 1;
+ }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
+ s->version != DTLS1_VERSION) {
+ unsigned char *sdata = data;
+
+ if (size < 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ n2s(sdata, s->s3->server_opaque_prf_input_len);
+ if (s->s3->server_opaque_prf_input_len != size - 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+
+ if (s->s3->server_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+ }
+ if (s->s3->server_opaque_prf_input_len == 0) {
+ /* dummy byte just to get non-NULL */
+ s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+ } else {
+ s->s3->server_opaque_prf_input =
+ BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
+ }
+
+ if (s->s3->server_opaque_prf_input == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ }
+# endif
+ else if (type == TLSEXT_TYPE_status_request &&
+ s->version != DTLS1_VERSION) {
+ /*
+ * MUST be empty and only sent if we've requested a status
+ * request message.
+ */
+ if ((s->tlsext_status_type == -1) || (size > 0)) {
+ *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+ return 0;
+ }
+ /* Set flag to expect CertificateStatus message */
+ s->tlsext_status_expected = 1;
+ }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (type == TLSEXT_TYPE_next_proto_neg &&
+ s->s3->tmp.finish_md_len == 0) {
+ unsigned char *selected;
+ unsigned char selected_len;
+
+ /* We must have requested it. */
+ if (s->ctx->next_proto_select_cb == NULL) {
+ *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+ return 0;
+ }
+ /* The data must be valid */
+ if (!ssl_next_proto_validate(data, size)) {
+ *al = TLS1_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (s->
+ ctx->next_proto_select_cb(s, &selected, &selected_len, data,
+ size,
+ s->ctx->next_proto_select_cb_arg) !=
+ SSL_TLSEXT_ERR_OK) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->next_proto_negotiated = OPENSSL_malloc(selected_len);
+ if (!s->next_proto_negotiated) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ memcpy(s->next_proto_negotiated, selected, selected_len);
+ s->next_proto_negotiated_len = selected_len;
+ s->s3->next_proto_neg_seen = 1;
+ }
+# endif
+ else if (type == TLSEXT_TYPE_renegotiate) {
+ if (!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
+ return 0;
+ renegotiate_seen = 1;
+ }
+# ifndef OPENSSL_NO_HEARTBEATS
+ else if (type == TLSEXT_TYPE_heartbeat) {
+ switch (data[0]) {
+ case 0x01: /* Server allows us to send HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ break;
+ case 0x02: /* Server doesn't accept HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ break;
+ default:
+ *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_SRTP
+ else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
+ if (ssl_parse_serverhello_use_srtp_ext(s, data, size, al))
+ return 0;
+ }
+# endif
+
+ data += size;
+ }
+
+ if (data != d + n) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+
+ if (!s->hit && tlsext_servername == 1) {
+ if (s->tlsext_hostname) {
+ if (s->session->tlsext_hostname == NULL) {
+ s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+ if (!s->session->tlsext_hostname) {
+ *al = SSL_AD_UNRECOGNIZED_NAME;
+ return 0;
+ }
+ } else {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ }
+ }
+
+ *p = data;
+
+ ri_check:
+
+ /*
+ * Determine if we need to see RI. Strictly speaking if we want to avoid
+ * an attack we should *always* see RI even on initial server hello
+ * because the client doesn't see any renegotiation during an attack.
+ * However this would mean we could not connect to any server which
+ * doesn't support RI so for the immediate future tolerate RI absence on
+ * initial connect only.
+ */
+ if (!renegotiate_seen && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)
+ && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+ *al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT,
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+ return 0;
+ }
+
+ return 1;
+}
+
+int ssl_prepare_clienthello_tlsext(SSL *s)
+{
+# ifndef OPENSSL_NO_EC
+ /*
+ * If we are client and using an elliptic curve cryptography cipher
+ * suite, send the point formats and elliptic curves we support.
+ */
+ int using_ecc = 0;
+ int i;
+ unsigned char *j;
+ unsigned long alg_k, alg_a;
+ STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
+
+ for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
+ SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
+
+ alg_k = c->algorithm_mkey;
+ alg_a = c->algorithm_auth;
+ if ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)
+ || (alg_a & SSL_aECDSA))) {
+ using_ecc = 1;
+ break;
+ }
+ }
+ using_ecc = using_ecc && (s->version >= TLS1_VERSION);
+ if (using_ecc) {
+ if (s->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) {
+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ s->tlsext_ecpointformatlist_length = 3;
+ s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
+ s->tlsext_ecpointformatlist[1] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+ s->tlsext_ecpointformatlist[2] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+
+ /* we support all named elliptic curves in RFC 4492 */
+ if (s->tlsext_ellipticcurvelist != NULL)
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
+ s->tlsext_ellipticcurvelist_length =
+ sizeof(pref_list) / sizeof(pref_list[0]) * 2;
+ if ((s->tlsext_ellipticcurvelist =
+ OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) {
+ s->tlsext_ellipticcurvelist_length = 0;
+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
+ sizeof(pref_list) / sizeof(pref_list[0]); i++) {
+ int id = tls1_ec_nid2curve_id(pref_list[i]);
+ s2n(id, j);
+ }
+ }
+# endif /* OPENSSL_NO_EC */
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ {
+ int r = 1;
+
+ if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
+ r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
+ s->
+ ctx->tlsext_opaque_prf_input_callback_arg);
+ if (!r)
+ return -1;
+ }
+
+ if (s->tlsext_opaque_prf_input != NULL) {
+ if (s->s3->client_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ }
+
+ if (s->tlsext_opaque_prf_input_len == 0) {
+ /* dummy byte just to get non-NULL */
+ s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+ } else {
+ s->s3->client_opaque_prf_input =
+ BUF_memdup(s->tlsext_opaque_prf_input,
+ s->tlsext_opaque_prf_input_len);
+ }
+ if (s->s3->client_opaque_prf_input == NULL) {
+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ s->s3->client_opaque_prf_input_len =
+ s->tlsext_opaque_prf_input_len;
+ }
+
+ if (r == 2)
+ /*
+ * at callback's request, insist on receiving an appropriate
+ * server opaque PRF input
+ */
+ s->s3->server_opaque_prf_input_len =
+ s->tlsext_opaque_prf_input_len;
+ }
+# endif
+
+ return 1;
+}
+
+int ssl_prepare_serverhello_tlsext(SSL *s)
+{
+# ifndef OPENSSL_NO_EC
+ /*
+ * If we are server and using an ECC cipher suite, send the point formats
+ * we support if the client sent us an ECPointsFormat extension. Note
+ * that the server is not supposed to send an EllipticCurves extension.
+ */
+
+ unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ int using_ecc = (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
+ || (alg_a & SSL_aECDSA);
+ using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
+
+ if (using_ecc) {
+ if (s->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) {
+ SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ s->tlsext_ecpointformatlist_length = 3;
+ s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
+ s->tlsext_ecpointformatlist[1] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+ s->tlsext_ecpointformatlist[2] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+ }
+# endif /* OPENSSL_NO_EC */
+
+ return 1;
+}
+
+int ssl_check_clienthello_tlsext_early(SSL *s)
+{
+ int ret = SSL_TLSEXT_ERR_NOACK;
+ int al = SSL_AD_UNRECOGNIZED_NAME;
+
+# ifndef OPENSSL_NO_EC
+ /*
+ * The handling of the ECPointFormats extension is done elsewhere, namely
+ * in ssl3_choose_cipher in s3_lib.c.
+ */
+ /*
+ * The handling of the EllipticCurves extension is done elsewhere, namely
+ * in ssl3_choose_cipher in s3_lib.c.
+ */
+# endif
+
+ if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
+ ret =
+ s->ctx->tlsext_servername_callback(s, &al,
+ s->ctx->tlsext_servername_arg);
+ else if (s->initial_ctx != NULL
+ && s->initial_ctx->tlsext_servername_callback != 0)
+ ret =
+ s->initial_ctx->tlsext_servername_callback(s, &al,
+ s->
+ initial_ctx->tlsext_servername_arg);
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ {
+ /*
+ * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we
+ * might be sending an alert in response to the client hello, so this
+ * has to happen here in ssl_check_clienthello_tlsext_early().
+ */
+
+ int r = 1;
+
+ if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
+ r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
+ s->
+ ctx->tlsext_opaque_prf_input_callback_arg);
+ if (!r) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ }
+
+ if (s->s3->server_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+ }
+ s->s3->server_opaque_prf_input = NULL;
+
+ if (s->tlsext_opaque_prf_input != NULL) {
+ if (s->s3->client_opaque_prf_input != NULL &&
+ s->s3->client_opaque_prf_input_len ==
+ s->tlsext_opaque_prf_input_len) {
+ /*
+ * can only use this extension if we have a server opaque PRF
+ * input of the same length as the client opaque PRF input!
+ */
+
+ if (s->tlsext_opaque_prf_input_len == 0) {
+ /* dummy byte just to get non-NULL */
+ s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+ } else {
+ s->s3->server_opaque_prf_input =
+ BUF_memdup(s->tlsext_opaque_prf_input,
+ s->tlsext_opaque_prf_input_len);
+ }
+ if (s->s3->server_opaque_prf_input == NULL) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ s->s3->server_opaque_prf_input_len =
+ s->tlsext_opaque_prf_input_len;
+ }
+ }
+
+ if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
+ /*
+ * The callback wants to enforce use of the extension, but we
+ * can't do that with the client opaque PRF input; abort the
+ * handshake.
+ */
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ }
+ }
+
+ err:
+# endif
+ switch (ret) {
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ return -1;
+
+ case SSL_TLSEXT_ERR_ALERT_WARNING:
+ ssl3_send_alert(s, SSL3_AL_WARNING, al);
+ return 1;
+
+ case SSL_TLSEXT_ERR_NOACK:
+ s->servername_done = 0;
+ default:
+ return 1;
+ }
+}
+
+int ssl_check_clienthello_tlsext_late(SSL *s)
+{
+ int ret = SSL_TLSEXT_ERR_OK;
+ int al;
+
+ /*
+ * If status request then ask callback what to do. Note: this must be
+ * called after servername callbacks in case the certificate has
+ * changed, and must be called after the cipher has been chosen because
+ * this may influence which certificate is sent
+ */
+ if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb) {
+ int r;
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ /* If no certificate can't return certificate status */
+ if (certpkey == NULL) {
+ s->tlsext_status_expected = 0;
+ return 1;
+ }
+ /*
+ * Set current certificate to one we will use so SSL_get_certificate
+ * et al can pick it up.
+ */
+ s->cert->key = certpkey;
+ r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ switch (r) {
+ /* We don't want to send a status request response */
+ case SSL_TLSEXT_ERR_NOACK:
+ s->tlsext_status_expected = 0;
+ break;
+ /* status request response should be sent */
+ case SSL_TLSEXT_ERR_OK:
+ if (s->tlsext_ocsp_resp)
+ s->tlsext_status_expected = 1;
+ else
+ s->tlsext_status_expected = 0;
+ break;
+ /* something bad happened */
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ } else
+ s->tlsext_status_expected = 0;
+
+ err:
+ switch (ret) {
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ return -1;
+
+ case SSL_TLSEXT_ERR_ALERT_WARNING:
+ ssl3_send_alert(s, SSL3_AL_WARNING, al);
+ return 1;
+
+ default:
+ return 1;
+ }
+}
+
+int ssl_check_serverhello_tlsext(SSL *s)
+{
+ int ret = SSL_TLSEXT_ERR_NOACK;
+ int al = SSL_AD_UNRECOGNIZED_NAME;
+
+# ifndef OPENSSL_NO_EC
+ /*
+ * If we are client and using an elliptic curve cryptography cipher
+ * suite, then if server returns an EC point formats lists extension it
+ * must contain uncompressed.
+ */
+ unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ if ((s->tlsext_ecpointformatlist != NULL)
+ && (s->tlsext_ecpointformatlist_length > 0)
+ && (s->session->tlsext_ecpointformatlist != NULL)
+ && (s->session->tlsext_ecpointformatlist_length > 0)
+ && ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
+ || (alg_a & SSL_aECDSA))) {
+ /* we are using an ECC cipher */
+ size_t i;
+ unsigned char *list;
+ int found_uncompressed = 0;
+ list = s->session->tlsext_ecpointformatlist;
+ for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
+ if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed) {
+ found_uncompressed = 1;
+ break;
+ }
+ }
+ if (!found_uncompressed) {
+ SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,
+ SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
+ return -1;
+ }
+ }
+ ret = SSL_TLSEXT_ERR_OK;
+# endif /* OPENSSL_NO_EC */
+
+ if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
+ ret =
+ s->ctx->tlsext_servername_callback(s, &al,
+ s->ctx->tlsext_servername_arg);
+ else if (s->initial_ctx != NULL
+ && s->initial_ctx->tlsext_servername_callback != 0)
+ ret =
+ s->initial_ctx->tlsext_servername_callback(s, &al,
+ s->
+ initial_ctx->tlsext_servername_arg);
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->server_opaque_prf_input_len > 0) {
+ /*
+ * This case may indicate that we, as a client, want to insist on
+ * using opaque PRF inputs. So first verify that we really have a
+ * value from the server too.
+ */
+
+ if (s->s3->server_opaque_prf_input == NULL) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ }
+
+ /*
+ * Anytime the server *has* sent an opaque PRF input, we need to
+ * check that we have a client opaque PRF input of the same size.
+ */
+ if (s->s3->client_opaque_prf_input == NULL ||
+ s->s3->client_opaque_prf_input_len !=
+ s->s3->server_opaque_prf_input_len) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ }
+ }
+# endif
+
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ s->tlsext_ocsp_resp = NULL;
+ s->tlsext_ocsp_resplen = -1;
+ /*
+ * If we've requested certificate status and we wont get one tell the
+ * callback
+ */
+ if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
+ && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) {
+ int r;
+ /*
+ * Call callback with resp == NULL and resplen == -1 so callback
+ * knows there is no response
+ */
+ r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ if (r == 0) {
+ al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+ if (r < 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+ }
+
+ switch (ret) {
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ return -1;
+
+ case SSL_TLSEXT_ERR_ALERT_WARNING:
+ ssl3_send_alert(s, SSL3_AL_WARNING, al);
+ return 1;
+
+ case SSL_TLSEXT_ERR_NOACK:
+ s->servername_done = 0;
+ default:
+ return 1;
+ }
+}
+
+/*-
+ * Since the server cache lookup is done early on in the processing of the
+ * ClientHello, and other operations depend on the result, we need to handle
+ * any TLS session ticket extension at the same time.
+ *
+ * session_id: points at the session ID in the ClientHello. This code will
+ * read past the end of this in order to parse out the session ticket
+ * extension, if any.
+ * len: the length of the session ID.
+ * limit: a pointer to the first byte after the ClientHello.
+ * ret: (output) on return, if a ticket was decrypted, then this is set to
+ * point to the resulting session.
+ *
+ * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
+ * ciphersuite, in which case we have no use for session tickets and one will
+ * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
+ *
+ * Returns:
+ * -1: fatal error, either from parsing or decrypting the ticket.
+ * 0: no ticket was found (or was ignored, based on settings).
+ * 1: a zero length extension was found, indicating that the client supports
+ * session tickets but doesn't currently have one to offer.
+ * 2: either s->tls_session_secret_cb was set, or a ticket was offered but
+ * couldn't be decrypted because of a non-fatal error.
+ * 3: a ticket was successfully decrypted and *ret was set.
+ *
+ * Side effects:
+ * Sets s->tlsext_ticket_expected to 1 if the server will have to issue
+ * a new session ticket to the client because the client indicated support
+ * (and s->tls_session_secret_cb is NULL) but the client either doesn't have
+ * a session ticket or we couldn't use the one it gave us, or if
+ * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
+ * Otherwise, s->tlsext_ticket_expected is set to 0.
+ */
+int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+ const unsigned char *limit, SSL_SESSION **ret)
+{
+ /* Point after session ID in client hello */
+ const unsigned char *p = session_id + len;
+ unsigned short i;
+
+ *ret = NULL;
+ s->tlsext_ticket_expected = 0;
+
+ /*
+ * If tickets disabled behave as if no ticket present to permit stateful
+ * resumption.
+ */
+ if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+ return 0;
+ if ((s->version <= SSL3_VERSION) || !limit)
+ return 0;
+ if (p >= limit)
+ return -1;
+ /* Skip past DTLS cookie */
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+ i = *(p++);
+
+ if (limit - p <= i)
+ return -1;
+
+ p += i;
+ }
+ /* Skip past cipher list */
+ n2s(p, i);
+ if (limit - p <= i)
+ return -1;
+ p += i;
+
+ /* Skip past compression algorithm list */
+ i = *(p++);
+ if (limit - p < i)
+ return -1;
+ p += i;
+
+ /* Now at start of extensions */
+ if (limit - p <= 2)
+ return 0;
+ n2s(p, i);
+ while (limit - p >= 4) {
+ unsigned short type, size;
+ n2s(p, type);
+ n2s(p, size);
+ if (limit - p < size)
+ return 0;
+ if (type == TLSEXT_TYPE_session_ticket) {
+ int r;
+ if (size == 0) {
+ /*
+ * The client will accept a ticket but doesn't currently have
+ * one.
+ */
+ s->tlsext_ticket_expected = 1;
+ return 1;
+ }
+ if (s->tls_session_secret_cb) {
+ /*
+ * Indicate that the ticket couldn't be decrypted rather than
+ * generating the session from ticket now, trigger
+ * abbreviated handshake based on external mechanism to
+ * calculate the master secret later.
+ */
+ return 2;
+ }
+ r = tls_decrypt_ticket(s, p, size, session_id, len, ret);
+ switch (r) {
+ case 2: /* ticket couldn't be decrypted */
+ s->tlsext_ticket_expected = 1;
+ return 2;
+ case 3: /* ticket was decrypted */
+ return r;
+ case 4: /* ticket decrypted but need to renew */
+ s->tlsext_ticket_expected = 1;
+ return 3;
+ default: /* fatal error */
+ return -1;
+ }
+ }
+ p += size;
+ }
+ return 0;
+}
+
+/*-
+ * tls_decrypt_ticket attempts to decrypt a session ticket.
+ *
+ * etick: points to the body of the session ticket extension.
+ * eticklen: the length of the session tickets extenion.
+ * sess_id: points at the session ID.
+ * sesslen: the length of the session ID.
+ * psess: (output) on return, if a ticket was decrypted, then this is set to
+ * point to the resulting session.
+ *
+ * Returns:
+ * -1: fatal error, either from parsing or decrypting the ticket.
+ * 2: the ticket couldn't be decrypted.
+ * 3: a ticket was successfully decrypted and *psess was set.
+ * 4: same as 3, but the ticket needs to be renewed.
+ */
+static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
+ int eticklen, const unsigned char *sess_id,
+ int sesslen, SSL_SESSION **psess)
+{
+ SSL_SESSION *sess;
+ unsigned char *sdec;
+ const unsigned char *p;
+ int slen, mlen, renew_ticket = 0;
+ unsigned char tick_hmac[EVP_MAX_MD_SIZE];
+ HMAC_CTX hctx;
+ EVP_CIPHER_CTX ctx;
+ SSL_CTX *tctx = s->initial_ctx;
+
+ /* Initialize session ticket encryption and HMAC contexts */
+ HMAC_CTX_init(&hctx);
+ EVP_CIPHER_CTX_init(&ctx);
+ if (tctx->tlsext_ticket_key_cb) {
+ unsigned char *nctick = (unsigned char *)etick;
+ int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
+ &ctx, &hctx, 0);
+ if (rv < 0)
+ return -1;
+ if (rv == 0)
+ return 2;
+ if (rv == 2)
+ renew_ticket = 1;
+ } else {
+ /* Check key name matches */
+ if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
+ return 2;
+ if (HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+ tlsext_tick_md(), NULL) <= 0
+ || EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+ tctx->tlsext_tick_aes_key,
+ etick + 16) <= 0) {
+ goto err;
+ }
+ }
+ /*
+ * Attempt to process session ticket, first conduct sanity and integrity
+ * checks on ticket.
+ */
+ mlen = HMAC_size(&hctx);
+ if (mlen < 0) {
+ goto err;
+ }
+ /* Sanity check ticket length: must exceed keyname + IV + HMAC */
+ if (eticklen <= 16 + EVP_CIPHER_CTX_iv_length(&ctx) + mlen) {
+ HMAC_CTX_cleanup(&hctx);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ return 2;
+ }
+
+ eticklen -= mlen;
+ /* Check HMAC of encrypted ticket */
+ if (HMAC_Update(&hctx, etick, eticklen) <= 0
+ || HMAC_Final(&hctx, tick_hmac, NULL) <= 0) {
+ goto err;
+ }
+ HMAC_CTX_cleanup(&hctx);
+ if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) {
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ return 2;
+ }
+ /* Attempt to decrypt session data */
+ /* Move p after IV to start of encrypted ticket, update length */
+ p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
+ eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
+ sdec = OPENSSL_malloc(eticklen);
+ if (sdec == NULL
+ || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ OPENSSL_free(sdec);
+ return -1;
+ }
+ if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ OPENSSL_free(sdec);
+ return 2;
+ }
+ slen += mlen;
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ p = sdec;
+
+ sess = d2i_SSL_SESSION(NULL, &p, slen);
+ OPENSSL_free(sdec);
+ if (sess) {
+ /*
+ * The session ID, if non-empty, is used by some clients to detect
+ * that the ticket has been accepted. So we copy it to the session
+ * structure. If it is empty set length to zero as required by
+ * standard.
+ */
+ if (sesslen)
+ memcpy(sess->session_id, sess_id, sesslen);
+ sess->session_id_length = sesslen;
+ *psess = sess;
+ if (renew_ticket)
+ return 4;
+ else
+ return 3;
+ }
+ ERR_clear_error();
+ /*
+ * For session parse failure, indicate that we need to send a new ticket.
+ */
+ return 2;
+err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ HMAC_CTX_cleanup(&hctx);
+ return -1;
+}
+
+/* Tables to translate from NIDs to TLS v1.2 ids */
+
+typedef struct {
+ int nid;
+ int id;
+} tls12_lookup;
+
+static tls12_lookup tls12_md[] = {
+# ifndef OPENSSL_NO_MD5
+ {NID_md5, TLSEXT_hash_md5},
+# endif
+# ifndef OPENSSL_NO_SHA
+ {NID_sha1, TLSEXT_hash_sha1},
+# endif
+# ifndef OPENSSL_NO_SHA256
+ {NID_sha224, TLSEXT_hash_sha224},
+ {NID_sha256, TLSEXT_hash_sha256},
+# endif
+# ifndef OPENSSL_NO_SHA512
+ {NID_sha384, TLSEXT_hash_sha384},
+ {NID_sha512, TLSEXT_hash_sha512}
+# endif
+};
+
+static tls12_lookup tls12_sig[] = {
+# ifndef OPENSSL_NO_RSA
+ {EVP_PKEY_RSA, TLSEXT_signature_rsa},
+# endif
+# ifndef OPENSSL_NO_DSA
+ {EVP_PKEY_DSA, TLSEXT_signature_dsa},
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ {EVP_PKEY_EC, TLSEXT_signature_ecdsa}
+# endif
+};
+
+static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
+{
+ size_t i;
+ for (i = 0; i < tlen; i++) {
+ if (table[i].nid == nid)
+ return table[i].id;
+ }
+ return -1;
+}
+
+# if 0
+static int tls12_find_nid(int id, tls12_lookup *table, size_t tlen)
+{
+ size_t i;
+ for (i = 0; i < tlen; i++) {
+ if (table[i].id == id)
+ return table[i].nid;
+ }
+ return -1;
+}
+# endif
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+ const EVP_MD *md)
+{
+ int sig_id, md_id;
+ if (!md)
+ return 0;
+ md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
+ sizeof(tls12_md) / sizeof(tls12_lookup));
+ if (md_id == -1)
+ return 0;
+ sig_id = tls12_get_sigid(pk);
+ if (sig_id == -1)
+ return 0;
+ p[0] = (unsigned char)md_id;
+ p[1] = (unsigned char)sig_id;
+ return 1;
+}
+
+int tls12_get_sigid(const EVP_PKEY *pk)
+{
+ return tls12_find_id(pk->type, tls12_sig,
+ sizeof(tls12_sig) / sizeof(tls12_lookup));
+}
+
+const EVP_MD *tls12_get_hash(unsigned char hash_alg)
+{
+ switch (hash_alg) {
+# ifndef OPENSSL_NO_SHA
+ case TLSEXT_hash_sha1:
+ return EVP_sha1();
+# endif
+# ifndef OPENSSL_NO_SHA256
+ case TLSEXT_hash_sha224:
+ return EVP_sha224();
+
+ case TLSEXT_hash_sha256:
+ return EVP_sha256();
+# endif
+# ifndef OPENSSL_NO_SHA512
+ case TLSEXT_hash_sha384:
+ return EVP_sha384();
+
+ case TLSEXT_hash_sha512:
+ return EVP_sha512();
+# endif
+ default:
+ return NULL;
+
+ }
+}
+
+/* Set preferred digest for each key type */
+
+int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
+{
+ int i, idx;
+ const EVP_MD *md;
+ CERT *c = s->cert;
+ /* Extension ignored for TLS versions below 1.2 */
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
+ return 1;
+ /* Should never happen */
+ if (!c)
+ return 0;
+
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = NULL;
+ c->pkeys[SSL_PKEY_RSA_SIGN].digest = NULL;
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = NULL;
+ c->pkeys[SSL_PKEY_ECC].digest = NULL;
+
+ for (i = 0; i < dsize; i += 2) {
+ unsigned char hash_alg = data[i], sig_alg = data[i + 1];
+
+ switch (sig_alg) {
+# ifndef OPENSSL_NO_RSA
+ case TLSEXT_signature_rsa:
+ idx = SSL_PKEY_RSA_SIGN;
+ break;
+# endif
+# ifndef OPENSSL_NO_DSA
+ case TLSEXT_signature_dsa:
+ idx = SSL_PKEY_DSA_SIGN;
+ break;
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ case TLSEXT_signature_ecdsa:
+ idx = SSL_PKEY_ECC;
+ break;
+# endif
+ default:
+ continue;
+ }
+
+ if (c->pkeys[idx].digest == NULL) {
+ md = tls12_get_hash(hash_alg);
+ if (md) {
+ c->pkeys[idx].digest = md;
+ if (idx == SSL_PKEY_RSA_SIGN)
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
+ }
+ }
+
+ }
+
+ /*
+ * Set any remaining keys to default values. NOTE: if alg is not
+ * supported it stays as NULL.
+ */
+# ifndef OPENSSL_NO_DSA
+ if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+# endif
+# ifndef OPENSSL_NO_RSA
+ if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {
+ c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+ }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ if (!c->pkeys[SSL_PKEY_ECC].digest)
+ c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+# endif
+ return 1;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int tls1_process_heartbeat(SSL *s)
+{
+ unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned short hbtype;
+ unsigned int payload;
+ unsigned int padding = 16; /* Use minimum padding */
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
+
+ /* Read type and payload length first */
+ if (1 + 2 + 16 > s->s3->rrec.length)
+ return 0; /* silently discard */
+ hbtype = *p++;
+ n2s(p, payload);
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+ pl = p;
+
+ if (hbtype == TLS1_HB_REQUEST) {
+ unsigned char *buffer, *bp;
+ int r;
+
+ /*
+ * Allocate memory for the response, size is 1 bytes message type,
+ * plus 2 bytes payload length, plus payload, plus padding
+ */
+ buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+ if (buffer == NULL)
+ return -1;
+ bp = buffer;
+
+ /* Enter response type, length and copy payload */
+ *bp++ = TLS1_HB_RESPONSE;
+ s2n(payload, bp);
+ memcpy(bp, pl, payload);
+ bp += payload;
+ /* Random padding */
+ if (RAND_bytes(bp, padding) <= 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
+
+ r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
+ 3 + payload + padding);
+
+ if (r >= 0 && s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buffer, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ OPENSSL_free(buffer);
+
+ if (r < 0)
+ return r;
+ } else if (hbtype == TLS1_HB_RESPONSE) {
+ unsigned int seq;
+
+ /*
+ * We only send sequence numbers (2 bytes unsigned int), and 16
+ * random bytes, so we just try to read the sequence number
+ */
+ n2s(pl, seq);
+
+ if (payload == 18 && seq == s->tlsext_hb_seq) {
+ s->tlsext_hb_seq++;
+ s->tlsext_hb_pending = 0;
+ }
+ }
+
+ return 0;
+}
+
+int tls1_heartbeat(SSL *s)
+{
+ unsigned char *buf, *p;
+ int ret = -1;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ return -1;
+ }
+
+ /* ...and there is none in flight yet... */
+ if (s->tlsext_hb_pending) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
+ return -1;
+ }
+
+ /* ...and no handshake in progress. */
+ if (SSL_in_init(s) || s->in_handshake) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ /*
+ * Check if padding is too long, payload and padding must not exceed 2^14
+ * - 3 = 16381 bytes in total.
+ */
+ OPENSSL_assert(payload + padding <= 16381);
+
+ /*-
+ * Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+ * - Message Type, 1 byte
+ * - Payload Length, 2 bytes (unsigned int)
+ * - Payload, the sequence number (2 bytes uint)
+ * - Payload, random bytes (16 bytes uint)
+ * - Padding
+ */
+ buf = OPENSSL_malloc(1 + 2 + payload + padding);
+ p = buf;
+ /* Message Type */
+ *p++ = TLS1_HB_REQUEST;
+ /* Payload length (18 bytes here) */
+ s2n(payload, p);
+ /* Sequence number */
+ s2n(s->tlsext_hb_seq, p);
+ /* 16 random bytes */
+ if (RAND_bytes(p, 16) <= 0) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ p += 16;
+ /* Random padding */
+ if (RAND_bytes(p, padding) <= 0) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+ if (ret >= 0) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ s->tlsext_hb_pending = 1;
+ }
+
+err:
+ OPENSSL_free(buf);
+
+ return ret;
+}
+#endif
Deleted: vendor-crypto/openssl/1.0.1u/test/bftest.c
===================================================================
--- vendor-crypto/openssl/dist/test/bftest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/bftest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/bf/bftest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/bntest.c
===================================================================
--- vendor-crypto/openssl/dist/test/bntest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/bntest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/bn/bntest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/casttest.c
===================================================================
--- vendor-crypto/openssl/dist/test/casttest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/casttest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/cast/casttest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/clienthellotest.c
===================================================================
--- vendor-crypto/openssl/dist/test/clienthellotest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/clienthellotest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../ssl/clienthellotest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/constant_time_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/constant_time_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/constant_time_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/constant_time_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/destest.c
===================================================================
--- vendor-crypto/openssl/dist/test/destest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/destest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/des/destest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/dhtest.c
===================================================================
--- vendor-crypto/openssl/dist/test/dhtest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/dhtest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/dh/dhtest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/dsatest.c
===================================================================
--- vendor-crypto/openssl/dist/test/dsatest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/dsatest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/dsa/dsatest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/ecdhtest.c
===================================================================
--- vendor-crypto/openssl/dist/test/ecdhtest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/ecdhtest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/ecdh/ecdhtest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/ecdsatest.c
===================================================================
--- vendor-crypto/openssl/dist/test/ecdsatest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/ecdsatest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/ecdsa/ecdsatest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/ectest.c
===================================================================
--- vendor-crypto/openssl/dist/test/ectest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/ectest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/ec/ectest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/enginetest.c
===================================================================
--- vendor-crypto/openssl/dist/test/enginetest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/enginetest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/engine/enginetest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/evp_extra_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/evp_extra_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/evp_extra_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/evp/evp_extra_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/evp_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/evp_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/evp_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/evp/evp_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/exptest.c
===================================================================
--- vendor-crypto/openssl/dist/test/exptest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/exptest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/bn/exptest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/heartbeat_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/heartbeat_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/heartbeat_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../ssl/heartbeat_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/hmactest.c
===================================================================
--- vendor-crypto/openssl/dist/test/hmactest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/hmactest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/hmac/hmactest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/ideatest.c
===================================================================
--- vendor-crypto/openssl/dist/test/ideatest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/ideatest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/idea/ideatest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/igetest.c
===================================================================
--- vendor-crypto/openssl/dist/test/igetest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/igetest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,484 +0,0 @@
-/* test/igetest.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/rand.h>
-#include <stdio.h>
-#include <string.h>
-#include <assert.h>
-
-#define TEST_SIZE 128
-#define BIG_TEST_SIZE 10240
-
-static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
-{
- int n = 0;
-
- fprintf(f, "%s", title);
- for (; n < l; ++n) {
- if ((n % 16) == 0)
- fprintf(f, "\n%04x", n);
- fprintf(f, " %02x", s[n]);
- }
- fprintf(f, "\n");
-}
-
-#define MAX_VECTOR_SIZE 64
-
-struct ige_test {
- const unsigned char key[16];
- const unsigned char iv[32];
- const unsigned char in[MAX_VECTOR_SIZE];
- const unsigned char out[MAX_VECTOR_SIZE];
- const size_t length;
- const int encrypt;
-};
-
-static struct ige_test const ige_test_vectors[] = {
- {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key */
- {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* iv */
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
- {0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
- 0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
- 0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
- 0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb}, /* out */
- 32, AES_ENCRYPT}, /* test vector 0 */
-
- {{0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
- 0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65}, /* key */
- {0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
- 0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
- 0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
- 0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53}, /* iv */
- {0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
- 0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
- 0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
- 0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a}, /* in */
- {0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
- 0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
- 0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
- 0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b}, /* out */
- 32, AES_DECRYPT}, /* test vector 1 */
-};
-
-struct bi_ige_test {
- const unsigned char key1[32];
- const unsigned char key2[32];
- const unsigned char iv[64];
- const unsigned char in[MAX_VECTOR_SIZE];
- const unsigned char out[MAX_VECTOR_SIZE];
- const size_t keysize;
- const size_t length;
- const int encrypt;
-};
-
-static struct bi_ige_test const bi_ige_test_vectors[] = {
- {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key1 */
- {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* key2 */
- {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
- 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
- 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
- 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
- 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f}, /* iv */
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
- {0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
- 0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
- 0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
- 0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12}, /* out */
- 16, 32, AES_ENCRYPT}, /* test vector 0 */
- {{0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
- 0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
- 0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
- 0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37}, /* key1 */
- {0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
- 0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
- 0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
- 0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4}, /* key2 */
- {0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
- 0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
- 0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
- 0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
- 0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
- 0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
- 0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
- 0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3}, /* iv */
- {0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
- 0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
- 0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
- 0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
- 0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
- 0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
- 0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
- 0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
- {0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
- 0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
- 0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
- 0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
- 0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
- 0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
- 0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
- 0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
- 32, 64, AES_ENCRYPT}, /* test vector 1 */
-
-};
-
-static int run_test_vectors(void)
-{
- unsigned int n;
- int errs = 0;
-
- for (n = 0; n < sizeof(ige_test_vectors) / sizeof(ige_test_vectors[0]);
- ++n) {
- const struct ige_test *const v = &ige_test_vectors[n];
- AES_KEY key;
- unsigned char buf[MAX_VECTOR_SIZE];
- unsigned char iv[AES_BLOCK_SIZE * 2];
-
- assert(v->length <= MAX_VECTOR_SIZE);
-
- if (v->encrypt == AES_ENCRYPT)
- AES_set_encrypt_key(v->key, 8 * sizeof v->key, &key);
- else
- AES_set_decrypt_key(v->key, 8 * sizeof v->key, &key);
- memcpy(iv, v->iv, sizeof iv);
- AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
-
- if (memcmp(v->out, buf, v->length)) {
- printf("IGE test vector %d failed\n", n);
- hexdump(stdout, "key", v->key, sizeof v->key);
- hexdump(stdout, "iv", v->iv, sizeof v->iv);
- hexdump(stdout, "in", v->in, v->length);
- hexdump(stdout, "expected", v->out, v->length);
- hexdump(stdout, "got", buf, v->length);
-
- ++errs;
- }
-
- /* try with in == out */
- memcpy(iv, v->iv, sizeof iv);
- memcpy(buf, v->in, v->length);
- AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
-
- if (memcmp(v->out, buf, v->length)) {
- printf("IGE test vector %d failed (with in == out)\n", n);
- hexdump(stdout, "key", v->key, sizeof v->key);
- hexdump(stdout, "iv", v->iv, sizeof v->iv);
- hexdump(stdout, "in", v->in, v->length);
- hexdump(stdout, "expected", v->out, v->length);
- hexdump(stdout, "got", buf, v->length);
-
- ++errs;
- }
- }
-
- for (n = 0;
- n < sizeof(bi_ige_test_vectors) / sizeof(bi_ige_test_vectors[0]);
- ++n) {
- const struct bi_ige_test *const v = &bi_ige_test_vectors[n];
- AES_KEY key1;
- AES_KEY key2;
- unsigned char buf[MAX_VECTOR_SIZE];
-
- assert(v->length <= MAX_VECTOR_SIZE);
-
- if (v->encrypt == AES_ENCRYPT) {
- AES_set_encrypt_key(v->key1, 8 * v->keysize, &key1);
- AES_set_encrypt_key(v->key2, 8 * v->keysize, &key2);
- } else {
- AES_set_decrypt_key(v->key1, 8 * v->keysize, &key1);
- AES_set_decrypt_key(v->key2, 8 * v->keysize, &key2);
- }
-
- AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
- v->encrypt);
-
- if (memcmp(v->out, buf, v->length)) {
- printf("Bidirectional IGE test vector %d failed\n", n);
- hexdump(stdout, "key 1", v->key1, sizeof v->key1);
- hexdump(stdout, "key 2", v->key2, sizeof v->key2);
- hexdump(stdout, "iv", v->iv, sizeof v->iv);
- hexdump(stdout, "in", v->in, v->length);
- hexdump(stdout, "expected", v->out, v->length);
- hexdump(stdout, "got", buf, v->length);
-
- ++errs;
- }
- }
-
- return errs;
-}
-
-int main(int argc, char **argv)
-{
- unsigned char rkey[16];
- unsigned char rkey2[16];
- AES_KEY key;
- AES_KEY key2;
- unsigned char plaintext[BIG_TEST_SIZE];
- unsigned char ciphertext[BIG_TEST_SIZE];
- unsigned char checktext[BIG_TEST_SIZE];
- unsigned char iv[AES_BLOCK_SIZE * 4];
- unsigned char saved_iv[AES_BLOCK_SIZE * 4];
- int err = 0;
- unsigned int n;
- unsigned matches;
-
- assert(BIG_TEST_SIZE >= TEST_SIZE);
-
- RAND_pseudo_bytes(rkey, sizeof rkey);
- RAND_pseudo_bytes(plaintext, sizeof plaintext);
- RAND_pseudo_bytes(iv, sizeof iv);
- memcpy(saved_iv, iv, sizeof saved_iv);
-
- /* Forward IGE only... */
-
- /* Straight encrypt/decrypt */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv, AES_ENCRYPT);
-
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
-
- if (memcmp(checktext, plaintext, TEST_SIZE)) {
- printf("Encrypt+decrypt doesn't match\n");
- hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
- hexdump(stdout, "Checktext", checktext, TEST_SIZE);
- ++err;
- }
-
- /* Now check encrypt chaining works */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
- AES_ENCRYPT);
- AES_ige_encrypt(plaintext + TEST_SIZE / 2,
- ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
- &key, iv, AES_ENCRYPT);
-
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
-
- if (memcmp(checktext, plaintext, TEST_SIZE)) {
- printf("Chained encrypt+decrypt doesn't match\n");
- hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
- hexdump(stdout, "Checktext", checktext, TEST_SIZE);
- ++err;
- }
-
- /* And check decrypt chaining */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
- AES_ENCRYPT);
- AES_ige_encrypt(plaintext + TEST_SIZE / 2,
- ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
- &key, iv, AES_ENCRYPT);
-
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(ciphertext, checktext, TEST_SIZE / 2, &key, iv,
- AES_DECRYPT);
- AES_ige_encrypt(ciphertext + TEST_SIZE / 2,
- checktext + TEST_SIZE / 2, TEST_SIZE / 2, &key, iv,
- AES_DECRYPT);
-
- if (memcmp(checktext, plaintext, TEST_SIZE)) {
- printf("Chained encrypt+chained decrypt doesn't match\n");
- hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
- hexdump(stdout, "Checktext", checktext, TEST_SIZE);
- ++err;
- }
-
- /* make sure garble extends forwards only */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
- AES_ENCRYPT);
-
- /* corrupt halfway through */
- ++ciphertext[sizeof ciphertext / 2];
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- memcpy(iv, saved_iv, sizeof iv);
- AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
- AES_DECRYPT);
-
- matches = 0;
- for (n = 0; n < sizeof checktext; ++n)
- if (checktext[n] == plaintext[n])
- ++matches;
-
- if (matches > sizeof checktext / 2 + sizeof checktext / 100) {
- printf("More than 51%% matches after garbling\n");
- ++err;
- }
-
- if (matches < sizeof checktext / 2) {
- printf("Garble extends backwards!\n");
- ++err;
- }
-
- /* Bi-directional IGE */
-
- /*
- * Note that we don't have to recover the IV, because chaining isn't
- */
- /* possible with biIGE, so the IV is not updated. */
-
- RAND_pseudo_bytes(rkey2, sizeof rkey2);
-
- /* Straight encrypt/decrypt */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
- AES_ENCRYPT);
-
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
- AES_DECRYPT);
-
- if (memcmp(checktext, plaintext, TEST_SIZE)) {
- printf("Encrypt+decrypt doesn't match\n");
- hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
- hexdump(stdout, "Checktext", checktext, TEST_SIZE);
- ++err;
- }
-
- /* make sure garble extends both ways */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
- AES_ENCRYPT);
-
- /* corrupt halfway through */
- ++ciphertext[sizeof ciphertext / 2];
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
- AES_DECRYPT);
-
- matches = 0;
- for (n = 0; n < sizeof checktext; ++n)
- if (checktext[n] == plaintext[n])
- ++matches;
-
- if (matches > sizeof checktext / 100) {
- printf("More than 1%% matches after bidirectional garbling\n");
- ++err;
- }
-
- /* make sure garble extends both ways (2) */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
- AES_ENCRYPT);
-
- /* corrupt right at the end */
- ++ciphertext[sizeof ciphertext - 1];
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
- AES_DECRYPT);
-
- matches = 0;
- for (n = 0; n < sizeof checktext; ++n)
- if (checktext[n] == plaintext[n])
- ++matches;
-
- if (matches > sizeof checktext / 100) {
- printf("More than 1%% matches after bidirectional garbling (2)\n");
- ++err;
- }
-
- /* make sure garble extends both ways (3) */
- AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
- AES_ENCRYPT);
-
- /* corrupt right at the start */
- ++ciphertext[0];
- AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
- AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
- AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
- AES_DECRYPT);
-
- matches = 0;
- for (n = 0; n < sizeof checktext; ++n)
- if (checktext[n] == plaintext[n])
- ++matches;
-
- if (matches > sizeof checktext / 100) {
- printf("More than 1%% matches after bidirectional garbling (3)\n");
- ++err;
- }
-
- err += run_test_vectors();
-
- return err;
-}
Copied: vendor-crypto/openssl/1.0.1u/test/igetest.c (from rev 11605, vendor-crypto/openssl/dist/test/igetest.c)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/igetest.c (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/igetest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,484 @@
+/* test/igetest.c */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#define TEST_SIZE 128
+#define BIG_TEST_SIZE 10240
+
+static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
+{
+ int n = 0;
+
+ fprintf(f, "%s", title);
+ for (; n < l; ++n) {
+ if ((n % 16) == 0)
+ fprintf(f, "\n%04x", n);
+ fprintf(f, " %02x", s[n]);
+ }
+ fprintf(f, "\n");
+}
+
+#define MAX_VECTOR_SIZE 64
+
+struct ige_test {
+ const unsigned char key[16];
+ const unsigned char iv[32];
+ const unsigned char in[MAX_VECTOR_SIZE];
+ const unsigned char out[MAX_VECTOR_SIZE];
+ const size_t length;
+ const int encrypt;
+};
+
+static struct ige_test const ige_test_vectors[] = {
+ {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* iv */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
+ {0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
+ 0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
+ 0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
+ 0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb}, /* out */
+ 32, AES_ENCRYPT}, /* test vector 0 */
+
+ {{0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
+ 0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65}, /* key */
+ {0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
+ 0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
+ 0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
+ 0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53}, /* iv */
+ {0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
+ 0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
+ 0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
+ 0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a}, /* in */
+ {0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
+ 0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
+ 0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
+ 0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b}, /* out */
+ 32, AES_DECRYPT}, /* test vector 1 */
+};
+
+struct bi_ige_test {
+ const unsigned char key1[32];
+ const unsigned char key2[32];
+ const unsigned char iv[64];
+ const unsigned char in[MAX_VECTOR_SIZE];
+ const unsigned char out[MAX_VECTOR_SIZE];
+ const size_t keysize;
+ const size_t length;
+ const int encrypt;
+};
+
+static struct bi_ige_test const bi_ige_test_vectors[] = {
+ {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key1 */
+ {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* key2 */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+ 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f}, /* iv */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
+ {0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
+ 0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
+ 0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
+ 0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12}, /* out */
+ 16, 32, AES_ENCRYPT}, /* test vector 0 */
+ {{0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
+ 0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
+ 0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
+ 0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37}, /* key1 */
+ {0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
+ 0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
+ 0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
+ 0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4}, /* key2 */
+ {0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
+ 0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
+ 0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
+ 0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
+ 0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
+ 0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
+ 0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
+ 0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3}, /* iv */
+ {0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
+ 0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
+ 0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
+ 0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
+ 0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
+ 0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
+ 0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
+ 0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
+ {0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
+ 0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
+ 0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
+ 0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
+ 0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
+ 0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
+ 0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
+ 0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
+ 32, 64, AES_ENCRYPT}, /* test vector 1 */
+
+};
+
+static int run_test_vectors(void)
+{
+ unsigned int n;
+ int errs = 0;
+
+ for (n = 0; n < sizeof(ige_test_vectors) / sizeof(ige_test_vectors[0]);
+ ++n) {
+ const struct ige_test *const v = &ige_test_vectors[n];
+ AES_KEY key;
+ unsigned char buf[MAX_VECTOR_SIZE];
+ unsigned char iv[AES_BLOCK_SIZE * 2];
+
+ assert(v->length <= MAX_VECTOR_SIZE);
+
+ if (v->encrypt == AES_ENCRYPT)
+ AES_set_encrypt_key(v->key, 8 * sizeof v->key, &key);
+ else
+ AES_set_decrypt_key(v->key, 8 * sizeof v->key, &key);
+ memcpy(iv, v->iv, sizeof iv);
+ AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
+
+ if (memcmp(v->out, buf, v->length)) {
+ printf("IGE test vector %d failed\n", n);
+ hexdump(stdout, "key", v->key, sizeof v->key);
+ hexdump(stdout, "iv", v->iv, sizeof v->iv);
+ hexdump(stdout, "in", v->in, v->length);
+ hexdump(stdout, "expected", v->out, v->length);
+ hexdump(stdout, "got", buf, v->length);
+
+ ++errs;
+ }
+
+ /* try with in == out */
+ memcpy(iv, v->iv, sizeof iv);
+ memcpy(buf, v->in, v->length);
+ AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
+
+ if (memcmp(v->out, buf, v->length)) {
+ printf("IGE test vector %d failed (with in == out)\n", n);
+ hexdump(stdout, "key", v->key, sizeof v->key);
+ hexdump(stdout, "iv", v->iv, sizeof v->iv);
+ hexdump(stdout, "in", v->in, v->length);
+ hexdump(stdout, "expected", v->out, v->length);
+ hexdump(stdout, "got", buf, v->length);
+
+ ++errs;
+ }
+ }
+
+ for (n = 0;
+ n < sizeof(bi_ige_test_vectors) / sizeof(bi_ige_test_vectors[0]);
+ ++n) {
+ const struct bi_ige_test *const v = &bi_ige_test_vectors[n];
+ AES_KEY key1;
+ AES_KEY key2;
+ unsigned char buf[MAX_VECTOR_SIZE];
+
+ assert(v->length <= MAX_VECTOR_SIZE);
+
+ if (v->encrypt == AES_ENCRYPT) {
+ AES_set_encrypt_key(v->key1, 8 * v->keysize, &key1);
+ AES_set_encrypt_key(v->key2, 8 * v->keysize, &key2);
+ } else {
+ AES_set_decrypt_key(v->key1, 8 * v->keysize, &key1);
+ AES_set_decrypt_key(v->key2, 8 * v->keysize, &key2);
+ }
+
+ AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
+ v->encrypt);
+
+ if (memcmp(v->out, buf, v->length)) {
+ printf("Bidirectional IGE test vector %d failed\n", n);
+ hexdump(stdout, "key 1", v->key1, sizeof v->key1);
+ hexdump(stdout, "key 2", v->key2, sizeof v->key2);
+ hexdump(stdout, "iv", v->iv, sizeof v->iv);
+ hexdump(stdout, "in", v->in, v->length);
+ hexdump(stdout, "expected", v->out, v->length);
+ hexdump(stdout, "got", buf, v->length);
+
+ ++errs;
+ }
+ }
+
+ return errs;
+}
+
+int main(int argc, char **argv)
+{
+ unsigned char rkey[16];
+ unsigned char rkey2[16];
+ AES_KEY key;
+ AES_KEY key2;
+ unsigned char plaintext[BIG_TEST_SIZE];
+ unsigned char ciphertext[BIG_TEST_SIZE];
+ unsigned char checktext[BIG_TEST_SIZE];
+ unsigned char iv[AES_BLOCK_SIZE * 4];
+ unsigned char saved_iv[AES_BLOCK_SIZE * 4];
+ int err = 0;
+ unsigned int n;
+ unsigned matches;
+
+ assert(BIG_TEST_SIZE >= TEST_SIZE);
+
+ RAND_pseudo_bytes(rkey, sizeof rkey);
+ RAND_pseudo_bytes(plaintext, sizeof plaintext);
+ RAND_pseudo_bytes(iv, sizeof iv);
+ memcpy(saved_iv, iv, sizeof saved_iv);
+
+ /* Forward IGE only... */
+
+ /* Straight encrypt/decrypt */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv, AES_ENCRYPT);
+
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
+
+ if (memcmp(checktext, plaintext, TEST_SIZE)) {
+ printf("Encrypt+decrypt doesn't match\n");
+ hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+ hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+ ++err;
+ }
+
+ /* Now check encrypt chaining works */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
+ AES_ENCRYPT);
+ AES_ige_encrypt(plaintext + TEST_SIZE / 2,
+ ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
+ &key, iv, AES_ENCRYPT);
+
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
+
+ if (memcmp(checktext, plaintext, TEST_SIZE)) {
+ printf("Chained encrypt+decrypt doesn't match\n");
+ hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+ hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+ ++err;
+ }
+
+ /* And check decrypt chaining */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
+ AES_ENCRYPT);
+ AES_ige_encrypt(plaintext + TEST_SIZE / 2,
+ ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
+ &key, iv, AES_ENCRYPT);
+
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(ciphertext, checktext, TEST_SIZE / 2, &key, iv,
+ AES_DECRYPT);
+ AES_ige_encrypt(ciphertext + TEST_SIZE / 2,
+ checktext + TEST_SIZE / 2, TEST_SIZE / 2, &key, iv,
+ AES_DECRYPT);
+
+ if (memcmp(checktext, plaintext, TEST_SIZE)) {
+ printf("Chained encrypt+chained decrypt doesn't match\n");
+ hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+ hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+ ++err;
+ }
+
+ /* make sure garble extends forwards only */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+ AES_ENCRYPT);
+
+ /* corrupt halfway through */
+ ++ciphertext[sizeof ciphertext / 2];
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ memcpy(iv, saved_iv, sizeof iv);
+ AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+ AES_DECRYPT);
+
+ matches = 0;
+ for (n = 0; n < sizeof checktext; ++n)
+ if (checktext[n] == plaintext[n])
+ ++matches;
+
+ if (matches > sizeof checktext / 2 + sizeof checktext / 100) {
+ printf("More than 51%% matches after garbling\n");
+ ++err;
+ }
+
+ if (matches < sizeof checktext / 2) {
+ printf("Garble extends backwards!\n");
+ ++err;
+ }
+
+ /* Bi-directional IGE */
+
+ /*
+ * Note that we don't have to recover the IV, because chaining isn't
+ */
+ /* possible with biIGE, so the IV is not updated. */
+
+ RAND_pseudo_bytes(rkey2, sizeof rkey2);
+
+ /* Straight encrypt/decrypt */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
+ AES_ENCRYPT);
+
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
+ AES_DECRYPT);
+
+ if (memcmp(checktext, plaintext, TEST_SIZE)) {
+ printf("Encrypt+decrypt doesn't match\n");
+ hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+ hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+ ++err;
+ }
+
+ /* make sure garble extends both ways */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+ AES_ENCRYPT);
+
+ /* corrupt halfway through */
+ ++ciphertext[sizeof ciphertext / 2];
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+ AES_DECRYPT);
+
+ matches = 0;
+ for (n = 0; n < sizeof checktext; ++n)
+ if (checktext[n] == plaintext[n])
+ ++matches;
+
+ if (matches > sizeof checktext / 100) {
+ printf("More than 1%% matches after bidirectional garbling\n");
+ ++err;
+ }
+
+ /* make sure garble extends both ways (2) */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+ AES_ENCRYPT);
+
+ /* corrupt right at the end */
+ ++ciphertext[sizeof ciphertext - 1];
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+ AES_DECRYPT);
+
+ matches = 0;
+ for (n = 0; n < sizeof checktext; ++n)
+ if (checktext[n] == plaintext[n])
+ ++matches;
+
+ if (matches > sizeof checktext / 100) {
+ printf("More than 1%% matches after bidirectional garbling (2)\n");
+ ++err;
+ }
+
+ /* make sure garble extends both ways (3) */
+ AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+ AES_ENCRYPT);
+
+ /* corrupt right at the start */
+ ++ciphertext[0];
+ AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+ AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+ AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+ AES_DECRYPT);
+
+ matches = 0;
+ for (n = 0; n < sizeof checktext; ++n)
+ if (checktext[n] == plaintext[n])
+ ++matches;
+
+ if (matches > sizeof checktext / 100) {
+ printf("More than 1%% matches after bidirectional garbling (3)\n");
+ ++err;
+ }
+
+ err += run_test_vectors();
+
+ return err;
+}
Deleted: vendor-crypto/openssl/1.0.1u/test/jpaketest.c
===================================================================
--- vendor-crypto/openssl/dist/test/jpaketest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/jpaketest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/dummytest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/md2test.c
===================================================================
--- vendor-crypto/openssl/dist/test/md2test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/md2test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/dummytest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/md4test.c
===================================================================
--- vendor-crypto/openssl/dist/test/md4test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/md4test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/md4/md4test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/md5test.c
===================================================================
--- vendor-crypto/openssl/dist/test/md5test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/md5test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/md5/md5test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/mdc2test.c
===================================================================
--- vendor-crypto/openssl/dist/test/mdc2test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/mdc2test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/mdc2/mdc2test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/randtest.c
===================================================================
--- vendor-crypto/openssl/dist/test/randtest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/randtest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/rand/randtest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/rc2test.c
===================================================================
--- vendor-crypto/openssl/dist/test/rc2test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/rc2test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/rc2/rc2test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/rc4test.c
===================================================================
--- vendor-crypto/openssl/dist/test/rc4test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/rc4test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/rc4/rc4test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/rc5test.c
===================================================================
--- vendor-crypto/openssl/dist/test/rc5test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/rc5test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/dummytest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/rmdtest.c
===================================================================
--- vendor-crypto/openssl/dist/test/rmdtest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/rmdtest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/ripemd/rmdtest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/rsa_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/rsa_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/rsa_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/rsa/rsa_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/sha1test.c
===================================================================
--- vendor-crypto/openssl/dist/test/sha1test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/sha1test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/sha/sha1test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/sha256t.c
===================================================================
--- vendor-crypto/openssl/dist/test/sha256t.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/sha256t.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/sha/sha256t.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/sha512t.c
===================================================================
--- vendor-crypto/openssl/dist/test/sha512t.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/sha512t.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/sha/sha512t.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/shatest.c
===================================================================
--- vendor-crypto/openssl/dist/test/shatest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/shatest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/sha/shatest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smdsa1.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGATQlPPF+OeU8nu3rsdXGDiZdJzOkuCce3KQfTABA9C+Dk4CVcvBdd
-YRLGpnykumkNTO1sTO+4/Gphsuje1ujK9td4UEhdYqylCe5QjEMrszDlJtelDQF9
-C0yhdjKGTP0kxofLhsGckcuQvcKEKffT2pDDKJIy4vWQO0UyJl1vjLcCFG2uiGGx
-9fMUZq1v0ePD4Wo0Xkxo
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsWMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBN
-CU88X455Tye7eux1cYOJl0nM6S4Jx7cpB9MAED0L4OTgJVy8F11hEsamfKS6aQ1M
-7WxM77j8amGy6N7W6Mr213hQSF1irKUJ7lCMQyuzMOUm16UNAX0LTKF2MoZM/STG
-h8uGwZyRy5C9woQp99PakMMokjLi9ZA7RTImXW+Mt6OBgzCBgDAdBgNVHQ4EFgQU
-4Qfbhpi5yqXaXuCLXj427mR25MkwHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
-aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
-c21pbWVkc2ExQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFrdUzKK1pWO
-kd02S423KUBc4GWWyiGlVoEO7WxVhHLJ8sm67X7OtJOwe0UGt+Nc5qLtyJYSirw8
-phjiTdNpQCTJ8+Kc56tWkJ6H7NAI4vTJtPL5BM/EmeYrVSU9JI9xhqpyKw9IBD+n
-hRJ79W9FaiJRvaAOX+TkyTukJrxAWRyv
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smdsa1.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa1.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
+TQMsxQQjAiEAkolGvb/76X3vm5Ov09ezqyBYt9cdj/FLH7DyMkxO7X0=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIJANk5lu6mSyBDMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJB8
+uU116E+dOsYgyHDiuTS65rqTWcIbfNzJ9eWLXsF0HaTQcE9pMDdrdkd863UDDLRS
+7TBneB0+v3PQjriGclcgai7MhqdnudhEiYe1fkkwVtd7LGjU7B3ZmzegST2dBShS
+wzG+ZgL+CE8vlnHWk/FwcI7DNbGgbjJkyOKZc5zX9bvO8r/j+D8LP18i0PfN1zJ1
++Az+ErT8J5hDbXF+Gp/iaMq/2mWcJxaBOgYj7sfxUrzQwVuQ7ZApHPe8/X9OMro9
+Gb2wR4HlvXT5K8a/aPbD4ILR9cvizqfs+0GWb9vDDzEvX8DPyTB6NRwgjUNzy43D
+AhLAZvBoYG+XsgembbUCIQCuh1mL6cIpl1MvwiAKNfefQO6E9GRVA+PP8HpXB4tb
+0wKCAQB+KaRQ3CewYWnuYozMkqEehCQwHWonPIgeMPND8nXGN+gXqLbtp/DX9Ypu
+g0Pl6x5mGWEDZM7lkkHqcbEM4T2VVDFhWaX75xCPp+geHVNUkCAaXiZa695b9HP4
+0SGkrjNV4Sx8ytuQHKk8HLLHMXVnj23nrzF0ij57yMsjwWMR1c4hSDh6EHc1jpIv
+yvignj2P+wlZ8dwOhYf8sr1loEXw2l+Ul7cXjRLxEO8zyPYcL7LZDhDIqTUNcaIf
+7vJAsZbOvczveQLdQGecfSEfFvshIMJPt0LD+UfWcJtUUE4zQBIjbpJKwVJdCu8P
+aSvJFxNnQqTLKGGg84NalT5NAyzFA4IBBQACggEAGXSQADbuRIZBjiQ6NikwZl+x
+EDEffIE0RWbvwf1tfWxw4ZvanO/djyz5FePO0AIJDBCLUjr9D32nkmIG1Hu3dWgV
+86knQsM6uFiMSzY9nkJGZOlH3w4NHLE78pk75xR1sg1MEZr4x/t+a/ea9Y4AXklE
+DCcaHtpMGeAx3ZAqSKec+zQOOA73JWP1/gYHGdYyTQpQtwRTsh0Gi5mOOdpoJ0vp
+O83xYbFCZ+ZZKX1RWOjJe2OQBRtw739q1nRga1VMLAT/LFSQsSE3IOp8hiWbjnit
+1SE6q3II2a/aHZH/x4OzszfmtQfmerty3eQSq3bgajfxCsccnRjSbLeNiazRSKNg
+MF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFNHQYTOO
+xaZ/N68OpxqjHKuatw6sMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZs
+MA0GCSqGSIb3DQEBBQUAA4IBAQAAiLociMMXcLkO/uKjAjCIQMrsghrOrxn4ZGBx
+d/mCTeqPxhcrX2UorwxVCKI2+Dmz5dTC2xKprtvkiIadJamJmxYYzeF1pgRriFN3
+MkmMMkTbe/ekSvSeMtHQ2nHDCAJIaA/k9akWfA0+26Ec25/JKMrl3LttllsJMK1z
+Xj7TcQpAIWORKWSNxY/ezM34+9ABHDZB2waubFqS+irlZsn38aZRuUI0K67fuuIt
+17vMUBqQpe2hfNAjpZ8dIpEdAGjQ6izV2uwP1lXbiaK9U4dvUqmwyCIPniX7Hpaf
+0VnX0mEViXMT6vWZTjLBUv0oKmO7xBkWHIaaX6oyF32pK5AO
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smdsa2.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGBAIPmO8BtJ+Yac58trrPwq9b/6VW3jQTWzTLWSH84/QQdqQa+Pz3v
-It/+hHM0daNF5uls8ICsPL1aLXmRx0pHvIyb0aAzYae4T4Jv/COPDMTdKbA1uitJ
-VbkGZrm+LIrs7I9lOkb4T0vI6kL/XdOCXY1469zsqCgJ/O2ibn6mq0nWAhR716o2
-Nf8SimTZYB0/CKje6M5ufA==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpTCCAw6gAwIBAgIJAMtotfHYdEsXMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhQACgYEA
-g+Y7wG0n5hpzny2us/Cr1v/pVbeNBNbNMtZIfzj9BB2pBr4/Pe8i3/6EczR1o0Xm
-6WzwgKw8vVoteZHHSke8jJvRoDNhp7hPgm/8I48MxN0psDW6K0lVuQZmub4siuzs
-j2U6RvhPS8jqQv9d04JdjXjr3OyoKAn87aJufqarSdajgYMwgYAwHQYDVR0OBBYE
-FHsAGNfVltSYUq4hC+YVYwsYtA+dMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcXdsab
-rWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMCAGA1UdEQQZMBeB
-FXNtaW1lZHNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQCx9BtCbaYF
-FXjLClkuKXbESaDZA1biPgY25i00FsUzARuhCpqD2v+0tu5c33ZzIhL6xlvBRU5l
-6Atw/xpZhae+hdBEtxPJoGekLLrHOau7Md3XwDjV4lFgcEJkWZoaSOOIK+4D5jF0
-jZWtHjnwEzuLYlo7ScHSsbcQfjH0M1TP5A==
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smdsa2.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa2.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
+TQMsxQQiAiAdCUJ5n2Q9hIynN8BMpnRcdfH696BKejGx+2Mr2kfnnA==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIJANk5lu6mSyBEMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJB8
+uU116E+dOsYgyHDiuTS65rqTWcIbfNzJ9eWLXsF0HaTQcE9pMDdrdkd863UDDLRS
+7TBneB0+v3PQjriGclcgai7MhqdnudhEiYe1fkkwVtd7LGjU7B3ZmzegST2dBShS
+wzG+ZgL+CE8vlnHWk/FwcI7DNbGgbjJkyOKZc5zX9bvO8r/j+D8LP18i0PfN1zJ1
++Az+ErT8J5hDbXF+Gp/iaMq/2mWcJxaBOgYj7sfxUrzQwVuQ7ZApHPe8/X9OMro9
+Gb2wR4HlvXT5K8a/aPbD4ILR9cvizqfs+0GWb9vDDzEvX8DPyTB6NRwgjUNzy43D
+AhLAZvBoYG+XsgembbUCIQCuh1mL6cIpl1MvwiAKNfefQO6E9GRVA+PP8HpXB4tb
+0wKCAQB+KaRQ3CewYWnuYozMkqEehCQwHWonPIgeMPND8nXGN+gXqLbtp/DX9Ypu
+g0Pl6x5mGWEDZM7lkkHqcbEM4T2VVDFhWaX75xCPp+geHVNUkCAaXiZa695b9HP4
+0SGkrjNV4Sx8ytuQHKk8HLLHMXVnj23nrzF0ij57yMsjwWMR1c4hSDh6EHc1jpIv
+yvignj2P+wlZ8dwOhYf8sr1loEXw2l+Ul7cXjRLxEO8zyPYcL7LZDhDIqTUNcaIf
+7vJAsZbOvczveQLdQGecfSEfFvshIMJPt0LD+UfWcJtUUE4zQBIjbpJKwVJdCu8P
+aSvJFxNnQqTLKGGg84NalT5NAyzFA4IBBQACggEAItQlFu0t7Mw1HHROuuwKLS+E
+h2WNNZP96MLQTygOVlqgaJY+1mJLzvl/51LLH6YezX0t89Z2Dm/3SOJEdNrdbIEt
+tbu5rzymXxFhc8uaIYZFhST38oQwJOjM8wFitAQESe6/9HZjkexMqSqx/r5aEKTa
+LBinqA1BJRI72So1/1dv8P99FavPADdj8V7fAccReKEQKnfnwA7mrnD+OlIqFKFn
+3wCGk8Sw7tSJ9g6jgCI+zFwrKn2w+w+iot/Ogxl9yMAtKmAd689IAZr5GPPvV2y0
+KOogCiUYgSTSawZhr+rjyFavfI5dBWzMq4tKx/zAi6MJ+6hGJjJ8jHoT9JAPmaNg
+MF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFGaxw04k
+qpufeGZC+TTBq8oMnXyrMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZs
+MA0GCSqGSIb3DQEBBQUAA4IBAQCk2Xob1ICsdHYx/YsBzY6E1eEwcI4RZbZ3hEXp
+VA72/Mbz60gjv1OwE5Ay4j+xG7IpTio6y2A9ZNepGpzidYcsL/Lx9Sv1LlN0Ukzb
+uk6Czd2sZJp+PFMTTrgCd5rXKnZs/0D84Vci611vGMA1hnUnbAnBBmgLXe9pDNRV
+6mhmCLLjJ4GOr5Wxt/hhknr7V2e1VMx3Q47GZhc0o/gExfhxXA8+gicM0nEYNakD
+2A1F0qDhQGakjuofANHhjdUDqKJ1sxurAy80fqb0ddzJt2el89iXKN+aXx/zEX96
+GI5ON7z/bkVwIi549lUOpWb2Mved61NBzCLKVP7HSuEIsC/I
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smdsa3.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGAYzOpPmh8Je1IDauEXhgaLz14wqYUHHcrj2VWVJ6fRm8GhdQFJSI7
-GUk08pgKZSKic2lNqxuzW7/vFxKQ/nvzfytY16b+2i+BR4Q6yvMzCebE1hHVg0Ju
-TwfUMwoFEOhYP6ZwHSUiQl9IBMH9TNJCMwYMxfY+VOrURFsjGTRUgpwCFQCIGt5g
-Y+XZd0Sv69CatDIRYWvaIA==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsYMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBj
-M6k+aHwl7UgNq4ReGBovPXjCphQcdyuPZVZUnp9GbwaF1AUlIjsZSTTymAplIqJz
-aU2rG7Nbv+8XEpD+e/N/K1jXpv7aL4FHhDrK8zMJ5sTWEdWDQm5PB9QzCgUQ6Fg/
-pnAdJSJCX0gEwf1M0kIzBgzF9j5U6tREWyMZNFSCnKOBgzCBgDAdBgNVHQ4EFgQU
-VhpVXqQ/EzUMdxLvP7o9EhJ8h70wHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
-aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
-c21pbWVkc2EzQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBACM9e75EQa8m
-k/AZkH/tROqf3yeqijULl9x8FjFatqoY+29OM6oMGM425IqSkKd2ipz7OxO0SShu
-rE0O3edS7DvYBwvhWPviRaYBMyZ4iFJVup+fOzoYK/j/bASxS3BHQBwb2r4rhe25
-OlTyyFEk7DJyW18YFOG97S1P52oQ5f5x
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smdsa3.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smdsa3.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
+TQMsxQQjAiEArJr6p2zTbhRppQurHGTdmdYHqrDdZH4MCsD9tQCw1xY=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIJANk5lu6mSyBFMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJB8
+uU116E+dOsYgyHDiuTS65rqTWcIbfNzJ9eWLXsF0HaTQcE9pMDdrdkd863UDDLRS
+7TBneB0+v3PQjriGclcgai7MhqdnudhEiYe1fkkwVtd7LGjU7B3ZmzegST2dBShS
+wzG+ZgL+CE8vlnHWk/FwcI7DNbGgbjJkyOKZc5zX9bvO8r/j+D8LP18i0PfN1zJ1
++Az+ErT8J5hDbXF+Gp/iaMq/2mWcJxaBOgYj7sfxUrzQwVuQ7ZApHPe8/X9OMro9
+Gb2wR4HlvXT5K8a/aPbD4ILR9cvizqfs+0GWb9vDDzEvX8DPyTB6NRwgjUNzy43D
+AhLAZvBoYG+XsgembbUCIQCuh1mL6cIpl1MvwiAKNfefQO6E9GRVA+PP8HpXB4tb
+0wKCAQB+KaRQ3CewYWnuYozMkqEehCQwHWonPIgeMPND8nXGN+gXqLbtp/DX9Ypu
+g0Pl6x5mGWEDZM7lkkHqcbEM4T2VVDFhWaX75xCPp+geHVNUkCAaXiZa695b9HP4
+0SGkrjNV4Sx8ytuQHKk8HLLHMXVnj23nrzF0ij57yMsjwWMR1c4hSDh6EHc1jpIv
+yvignj2P+wlZ8dwOhYf8sr1loEXw2l+Ul7cXjRLxEO8zyPYcL7LZDhDIqTUNcaIf
+7vJAsZbOvczveQLdQGecfSEfFvshIMJPt0LD+UfWcJtUUE4zQBIjbpJKwVJdCu8P
+aSvJFxNnQqTLKGGg84NalT5NAyzFA4IBBQACggEAcXvtfiJfIZ0wgGpN72ZeGrJ9
+msUXOxow7w3fDbP8r8nfVkBNbfha8rx0eY6fURFVZzIOd8EHGKypcH1gS6eZNucf
+zgsH1g5r5cRahMZmgGXBEBsWrh2IaDG7VSKt+9ghz27EKgjAQCzyHQL5FCJgR2p7
+cv0V4SRqgiAGYlJ191k2WtLOsVd8kX//jj1l8TUgE7TqpuSEpaSyQ4nzJROpZWZp
+N1RwFmCURReykABU/Nzin/+rZnvZrp8WoXSXEqxeB4mShRSaH57xFnJCpRwKJ4qS
+2uhATzJaKH7vu63k3DjftbSBVh+32YXwtHc+BGjs8S2aDtCW3FtDA7Z6J8BIxaNg
+MF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFMJxatDE
+FCEFGl4uoiQQ1050Ju9RMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZs
+MA0GCSqGSIb3DQEBBQUAA4IBAQBGZD1JnMep39KMOhD0iBTmyjhtcnRemckvRask
+pS/CqPwo+M+lPNdxpLU2w9b0QhPnj0yAS/BS1yBjsLGY4DP156k4Q3QOhwsrTmrK
+YOxg0w7DOpkv5g11YLJpHsjSOwg5uIMoefL8mjQK6XOFOmQXHJrUtGulu+fs6FlM
+khGJcW4xYVPK0x/mHvTT8tQaTTkgTdVHObHF5Dyx/F9NMpB3RFguQPk2kT4lJc4i
+Up8T9mLzaxz6xc4wwh8h70Zw81lkGYhX+LRk3sfd/REq9x4QXQNP9t9qU1CgrBzv
+4orzt9cda4r+rleSg2XjWnXzMydE6DuwPVPZlqnLbSYUy660
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smroot.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,30 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDBV1Z/Q5gPF7lojc8pKUdyz5+Jf2B3vs4he6egekugWnoJduki
-9Lnae/JchB/soIX0co3nLc11NuFFlnAWJNMDJr08l5AHAJLYNHevF5l/f9oDQwvZ
-speKh1xpIAJNqCTzVeQ/ZLx6/GccIXV/xDuKIiovqJTPgR5WPkYKaw++lQIDAQAB
-AoGALXnUj5SflJU4+B2652ydMKUjWl0KnL/VjkyejgGV/j6py8Ybaixz9q8Gv7oY
-JDlRqMC1HfZJCFQDQrHy5VJ+CywA/H9WrqKo/Ch9U4tJAZtkig1Cmay/BAYixVu0
-xBeim10aKF6hxHH4Chg9We+OCuzWBWJhqveNjuDedL/i7JUCQQDlejovcwBUCbhJ
-U12qKOwlaboolWbl7yF3XdckTJZg7+1UqQHZH5jYZlLZyZxiaC92SNV0SyTLJZnS
-Jh5CO+VDAkEA16/pPcuVtMMz/R6SSPpRSIAa1stLs0mFSs3NpR4pdm0n42mu05pO
-1tJEt3a1g7zkreQBf53+Dwb+lA841EkjRwJBAIFmt0DifKDnCkBu/jZh9SfzwsH3
-3Zpzik+hXxxdA7+ODCrdUul449vDd5zQD5t+XKU61QNLDGhxv5e9XvrCg7kCQH/a
-3ldsVF0oDaxxL+QkxoREtCQ5tLEd1u7F2q6Tl56FDE0pe6Ih6bQ8RtG+g9EI60IN
-U7oTrOO5kLWx5E0q4ccCQAZVgoenn9MhRU1agKOCuM6LT2DxReTu4XztJzynej+8
-0J93n3ebanB1MlRpn1XJwhQ7gAC8ImaQKLJK5jdJzFc=
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICaTCCAdKgAwIBAgIJAP6VN47boiXRMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDdaFw0xNjA1MTExMzUzMDdaMEQx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRU
-ZXN0IFMvTUlNRSBSU0EgUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-wVdWf0OYDxe5aI3PKSlHcs+fiX9gd77OIXunoHpLoFp6CXbpIvS52nvyXIQf7KCF
-9HKN5y3NdTbhRZZwFiTTAya9PJeQBwCS2DR3rxeZf3/aA0ML2bKXiodcaSACTagk
-81XkP2S8evxnHCF1f8Q7iiIqL6iUz4EeVj5GCmsPvpUCAwEAAaNjMGEwHQYDVR0O
-BBYEFBPPS6e7iS6zOFcXdsabrWhb5e0XMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcX
-dsabrWhb5e0XMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-SIb3DQEBBQUAA4GBAIECprq5viDvnDbkyOaiSr9ubMUmWqvycfAJMdPZRKcOZczS
-l+L9R9lF3JSqbt3knOe9u6bGDBOTY2285PdCCuHRVMk2Af1f6El1fqAlRUwNqipp
-r68sWFuRqrcRNtk6QQvXfkOhrqQBuDa7te/OVQLa2lGN9Dr2mQsD8ijctatG
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smroot.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smroot.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCyyQXED5HyVWwq
+nXyzmY317yMUJrIfsKvREG2C691dJNHgNg+oq5sjt/fzkyS84AvdOiicAsao4cYL
+DulthaLpbC7msEBhvwAil0FNb5g3ERupe1KuTdUV1UuD/i6S2VoaNXUBBn1rD9Wc
+BBc0lnx/4Wt92eQTI6925pt7ZHPQw2Olp7TQDElyi5qPxCem4uT0g3zbZsWqmmsI
+MXbu+K3dEprzqA1ucKXbxUmZNkMwVs2XCmlLxrRUj8C3/zENtH17HWCznhR/IVcV
+kgIuklkeiDsEhbWvUQumVXR7oPh/CPZAbjGqq5mVueHSHrp7brBVZKHZvoUka28Q
+LWitq1W5AgMBAAECggEASkRnOMKfBeOmQy2Yl6K57eeg0sYgSDnDpd0FINWJ5x9c
+b58FcjOXBodtYKlHIY6QXx3BsM0WaSEge4d+QBi7S+u8r+eXVwNYswXSArDQsk9R
+Bl5MQkvisGciL3pvLmFLpIeASyS/BLJXMbAhU58PqK+jT2wr6idwxBuXivJ3ichu
+ISdT1s2aMmnD86ulCD2DruZ4g0mmk5ffV+Cdj+WWkyvEaJW2GRYov2qdaqwSOxV4
+Yve9qStvEIWAf2cISQjbnw2Ww6Z5ebrqlOz9etkmwIly6DTbrIneBnoqJlFFWGlF
+ghuzc5RE2w1GbcKSOt0qXH44MTf/j0r86dlu7UIxgQKBgQDq0pEaiZuXHi9OQAOp
+PsDEIznCU1bcTDJewANHag5DPEnMKLltTNyLaBRulMypI+CrDbou0nDr29VOzfXx
+mNvi/c7RttOBOx7kXKvu0JUFKe2oIWRsg0KsyMX7UFMVaHFgrW+8DhQc7HK7URiw
+nitOnA7YwIHRF9BMmcWcLFEYBQKBgQDC6LPbXV8COKO0YCfGXPnE7EZGD/p0Q92Z
+8CoSefphEScSdO1IpxFXG7fOZ4x2GQb9q7D3IvaeKAqNjUjkuyxdB30lIWDBwSWw
+fFgsa2SZwD5P60G/ar50YJr6LiF333aUMDVmC9swFfZERAEmGUz2NTrPWQdIx/lu
+PyDtUR75JQKBgHaoCCJ8vl5SJl1IA5GV4Bo8IoeLTSzsY9d09zMy6BoZcMD1Ix2T
+5S2cXhayoegl9PT6bsYSGHVWFCdJ86ktMI826TcXRzDaCvYhzc9THroJQcnfdbtP
+aHWezkv7fsAmkoPjn75K7ubeo+r7Q5qbkg6a1PW58N8TRXIvkackzaVxAoGBALAq
+qh3U+AHG9dgbrPeyo6KkuCOtX39ks8/mbfCDRZYkbb9V5f5r2tVz3R93IlK/7jyr
+yWimtmde46Lrl33922w+T5OW5qBZllo9GWkUrDn3s5qClcuQjJIdmxYTSfbSCJiK
+NkmE39lHkG5FVRB9f71tgTlWS6ox7TYDYxx83NTtAoGAUJPAkGt4yGAN4Pdebv53
+bSEpAAULBHntiqDEOu3lVColHuZIucml/gbTpQDruE4ww4wE7dOhY8Q4wEBVYbRI
+vHkSiWpJUvZCuKG8Foh5pm9hU0qb+rbQV7NhLJ02qn1AMGO3F/WKrHPPY8/b9YhQ
+KfvPCYimQwBjVrEnSntLPR0=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbjCCAlagAwIBAgIJAMc+8VKBJ/S9MA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MjlaFw0yMzA3MTUxNzI4MjlaMEQx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRU
+ZXN0IFMvTUlNRSBSU0EgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALLJBcQPkfJVbCqdfLOZjfXvIxQmsh+wq9EQbYLr3V0k0eA2D6irmyO39/OT
+JLzgC906KJwCxqjhxgsO6W2FoulsLuawQGG/ACKXQU1vmDcRG6l7Uq5N1RXVS4P+
+LpLZWho1dQEGfWsP1ZwEFzSWfH/ha33Z5BMjr3bmm3tkc9DDY6WntNAMSXKLmo/E
+J6bi5PSDfNtmxaqaawgxdu74rd0SmvOoDW5wpdvFSZk2QzBWzZcKaUvGtFSPwLf/
+MQ20fXsdYLOeFH8hVxWSAi6SWR6IOwSFta9RC6ZVdHug+H8I9kBuMaqrmZW54dIe
+untusFVkodm+hSRrbxAtaK2rVbkCAwEAAaNjMGEwHQYDVR0OBBYEFMmRUwpjexZb
+i71E8HaIqSTm5bZsMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IB
+AQAwpIVWQey2u/XoQSMSu0jd0EZvU+lhLaFrDy/AHQeG3yX1+SAOM6f6w+efPvyb
+Op1NPI9UkMPb4PCg9YC7jgYokBkvAcI7J4FcuDKMVhyCD3cljp0ouuKruvEf4FBl
+zyQ9pLqA97TuG8g1hLTl8G90NzTRcmKpmhs18BmCxiqHcTfoIpb3QvPkDX8R7LVt
+9BUGgPY+8ELCgw868TuHh/Cnc67gBtRjBp0sCYVzGZmKsO5f1XdHrAZKYN5mEp0C
+7/OqcDoFqORTquLeycg1At/9GqhDEgxNrqA+YEsPbLGAfsNuXUsXs2ubpGsOZxKt
+Emsny2ah6fU2z7PztrUy/A80
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smrsa1.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQC6A978j4pmPgUtUQqF+bjh6vdhwGOGZSD7xXgFTMjm88twfv+E
-ixkq2KXSDjD0ZXoQbdOaSbvGRQrIJpG2NGiKAFdYNrP025kCCdh5wF/aEI7KLEm7
-JlHwXpQsuj4wkMgmkFjL3Ty4Z55aNH+2pPQIa0k+ENJXm2gDuhqgBmduAwIDAQAB
-AoGBAJMuYu51aO2THyeHGwt81uOytcCbqGP7eoib62ZOJhxPRGYjpmuqX+R9/V5i
-KiwGavm63JYUx0WO9YP+uIZxm1BUATzkgkS74u5LP6ajhkZh6/Bck1oIYYkbVOXl
-JVrdENuH6U7nupznsyYgONByo+ykFPVUGmutgiaC7NMVo/MxAkEA6KLejWXdCIEn
-xr7hGph9NlvY9xuRIMexRV/WrddcFfCdjI1PciIupgrIkR65M9yr7atm1iU6/aRf
-KOr8rLZsSQJBAMyyXN71NsDNx4BP6rtJ/LJMP0BylznWkA7zWfGCbAYn9VhZVlSY
-Eu9Gyr7quD1ix7G3kInKVYOEEOpockBLz+sCQQCedyMmKjcQLfpMVYW8uhbAynvW
-h36qV5yXZxszO7nMcCTBsxhk5IfmLv5EbCs3+p9avCDGyoGOeUMg+kC33WORAkAg
-oUIarH4o5+SoeJTTfCzTA0KF9H5U0vYt2+73h7HOnWoHxl3zqDZEfEVvf50U8/0f
-QELDJETTbScBJtsnkq43AkEA38etvoZ2i4FJvvo7R/9gWBHVEcrGzcsCBYrNnIR1
-SZLRwHEGaiOK1wxMsWzqp7PJwL9z/M8A8DyOFBx3GPOniA==
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsTMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALoD3vyPimY+BS1RCoX5uOHq92HAY4ZlIPvFeAVMyObzy3B+/4SLGSrYpdIOMPRl
-ehBt05pJu8ZFCsgmkbY0aIoAV1g2s/TbmQIJ2HnAX9oQjsosSbsmUfBelCy6PjCQ
-yCaQWMvdPLhnnlo0f7ak9AhrST4Q0lebaAO6GqAGZ24DAgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFE2vMvKz5jrC7Lbdg68XwZ95iL/QMB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhMUBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQAi
-O3GOkUl646oLnOimc36i9wxZ1tejsqs8vMjJ0Pym6Uq9FE2JoGzJ6OhB1GOsEVmj
-9cQ5UNQcRYL3cqOFtl6f4Dpu/lhzfbaqgmLjv29G1mS0uuTZrixhlyCXjwcbOkNC
-I/+wvHHENYIK5+T/79M9LaZ2Qk4F9MNE1VMljdz9Qw==
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smrsa1.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa1.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDXr9uzB/20QXKC
+xhkfNnJvl2xl1hzdOcrQmAqo+AAAcA/D49ImuJDVQRaK2bcj54XB26i1kXuOrxID
+3/etUb8yudfx8OAVwh8G0xVA4zhr8uXW85W2tBr4v0Lt+W6lSd6Hmfrk4GmE9LTU
+/vzl9HUPW6SZShN1G0nY6oeUXvLi0vasEUKv3a51T6JFYg4c7qt5RCk/w8kwrQ0D
+orQwCdkOPEIiC4b+nPStF12SVm5bx8rbYzioxuY/PdSebvt0APeqgRxSpCxqYnHs
+CoNeHzSrGXcP0COzFeUOz2tdrhmH09JLbGZs4nbojPxMkjpJSv3/ekDG2CHYxXSH
+XxpJstxZAgMBAAECggEASY4xsJaTEPwY3zxLqPdag2/yibBBW7ivz/9p80HQTlXp
+KnbxXj8nNXLjCytAZ8A3P2t316PrrTdLP4ML5lGwkM4MNPhek00GY79syhozTa0i
+cPHVJt+5Kwee/aVI9JmCiGAczh0yHyOM3+6ttIZvvXMVaSl4BUHvJ0ikQBc5YdzL
+s6VM2gCOR6K6n+39QHDI/T7WwO9FFSNnpWFOCHwAWtyBMlleVj+xeZX8OZ/aT+35
+27yjsGNBftWKku29VDineiQC+o+fZGJs6w4JZHoBSP8TfxP8fRCFVNA281G78Xak
+cEnKXwZ54bpoSa3ThKl+56J6NHkkfRGb8Rgt/ipJYQKBgQD5DKb82mLw85iReqsT
+8bkp408nPOBGz7KYnQsZqAVNGfehM02+dcN5z+w0jOj6GMPLPg5whlEo/O+rt9ze
+j6c2+8/+B4Bt5oqCKoOCIndH68jl65+oUxFkcHYxa3zYKGC9Uvb+x2BtBmYgvDRG
+ew6I2Q3Zyd2ThZhJygUZpsjsbQKBgQDdtNiGTkgWOm+WuqBI1LT5cQfoPfgI7/da
+ZA+37NBUQRe0cM7ddEcNqx7E3uUa1JJOoOYv65VyGI33Ul+evI8h5WE5bupcCEFk
+LolzbMc4YQUlsySY9eUXM8jQtfVtaWhuQaABt97l+9oADkrhA+YNdEu2yiz3T6W+
+msI5AnvkHQKBgDEjuPMdF/aY6dqSjJzjzfgg3KZOUaZHJuML4XvPdjRPUlfhKo7Q
+55/qUZ3Qy8tFBaTderXjGrJurc+A+LiFOaYUq2ZhDosguOWUA9yydjyfnkUXZ6or
+sbvSoM+BeOGhnezdKNT+e90nLRF6cQoTD7war6vwM6L+8hxlGvqDuRNFAoGAD4K8
+d0D4yB1Uez4ZQp8m/iCLRhM3zCBFtNw1QU/fD1Xye5w8zL96zRkAsRNLAgKHLdsR
+355iuTXAkOIBcJCOjveGQsdgvAmT0Zdz5FBi663V91o+IDlryqDD1t40CnCKbtRG
+hng/ruVczg4x7OYh7SUKuwIP/UlkNh6LogNreX0CgYBQF9troLex6X94VTi1V5hu
+iCwzDT6AJj63cS3VRO2ait3ZiLdpKdSNNW2WrlZs8FZr/mVutGEcWho8BugGMWST
+1iZkYwly9Xfjnpd0I00ZIlr2/B3+ZsK8w5cOW5Lpb7frol6+BkDnBjbNZI5kQndn
+zQpuMJliRlrq/5JkIbH6SA==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAlSgAwIBAgIJANk5lu6mSyBAMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzBaFw0yMzA1MjYxNzI4MzBaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDXr9uzB/20QXKCxhkfNnJvl2xl1hzdOcrQmAqo+AAAcA/D49ImuJDVQRaK
+2bcj54XB26i1kXuOrxID3/etUb8yudfx8OAVwh8G0xVA4zhr8uXW85W2tBr4v0Lt
++W6lSd6Hmfrk4GmE9LTU/vzl9HUPW6SZShN1G0nY6oeUXvLi0vasEUKv3a51T6JF
+Yg4c7qt5RCk/w8kwrQ0DorQwCdkOPEIiC4b+nPStF12SVm5bx8rbYzioxuY/PdSe
+bvt0APeqgRxSpCxqYnHsCoNeHzSrGXcP0COzFeUOz2tdrhmH09JLbGZs4nbojPxM
+kjpJSv3/ekDG2CHYxXSHXxpJstxZAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgXgMB0GA1UdDgQWBBTmjc+lrTQuYx/VBOBGjMvufajvhDAfBgNV
+HSMEGDAWgBTJkVMKY3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEA
+dr2IRXcFtlF16kKWs1VTaFIHHNQrfSVHBkhKblPX3f/0s/i3eXgwKUu7Hnb6T3/o
+E8L+e4ioQNhahTLt9ruJNHWA/QDwOfkqM3tshCs2xOD1Cpy7Bd3Dn0YBrHKyNXRK
+WelGp+HetSXJGW4IZJP7iES7Um0DGktLabhZbe25EnthRDBjNnaAmcofHECWESZp
+lEHczGZfS9tRbzOCofxvgLbF64H7wYSyjAe6R8aain0VRbIusiD4tCHX/lOMh9xT
+GNBW8zTL+tV9H1unjPMORLnT0YQ3oAyEND0jCu0ACA1qGl+rzxhF6bQcTUNEbRMu
+9Hjq6s316fk4Ne0EUF3PbA==
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smrsa2.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCwBfryW4Vu5U9wNIDKspJO/N9YF4CcTlrCUyzVlKgb+8urHlSe
-59i5verR9IOCCXkemjOzZ/3nALTGqYZlnEvHp0Rjk+KdKXnKBIB+SRPpeu3LcXMT
-WPgsThPa0UQxedNKG0g6aG+kLhsDlFBCoxd09jJtSpb9jmroJOq0ZYEHLwIDAQAB
-AoGAKa/w4677Je1W5+r3SYoLDnvi5TkDs4D3C6ipKJgBTEdQz+DqB4w/DpZE4551
-+rkFn1LDxcxuHGRVa+tAMhZW97fwq9YUbjVZEyOz79qrX+BMyl/NbHkf1lIKDo3q
-dWalzQvop7nbzeLC+VmmviwZfLQUbA61AQl3jm4dswT4XykCQQDloDadEv/28NTx
-bvvywvyGuvJkCkEIycm4JrIInvwsd76h/chZ3oymrqzc7hkEtK6kThqlS5y+WXl6
-QzPruTKTAkEAxD2ro/VUoN+scIVaLmn0RBmZ67+9Pdn6pNSfjlK3s0T0EM6/iUWS
-M06l6L9wFS3/ceu1tIifsh9BeqOGTa+udQJARIFnybTBaIqw/NZ/lA1YCVn8tpvY
-iyaoZ6gjtS65TQrsdKeh/i3HCHNUXxUpoZ3F/H7QtD+6o49ODou+EbVOwQJAVmex
-A2gp8wuJKaINqxIL81AybZLnCCzKJ3lXJ5tUNyLNM/lUbGStktm2Q1zHRQwTxV07
-jFn7trn8YrtNjzcjYQJAUKIJRt38A8Jw3HoPT+D0WS2IgxjVL0eYGsZX1lyeammG
-6rfnQ3u5uP7mEK2EH2o8mDUpAE0gclWBU9UkKxJsGA==
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsUMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALAF+vJbhW7lT3A0gMqykk7831gXgJxOWsJTLNWUqBv7y6seVJ7n2Lm96tH0g4IJ
-eR6aM7Nn/ecAtMaphmWcS8enRGOT4p0pecoEgH5JE+l67ctxcxNY+CxOE9rRRDF5
-00obSDpob6QuGwOUUEKjF3T2Mm1Klv2Oaugk6rRlgQcvAgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFIL/u+mEvaw7RuKLRuElfVkxSQjYMB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQC2
-rXR5bm/9RtOMQPleNpd3y6uUX3oy+0CafK5Yl3PMnItjjnKJ0l1/DbLbDj2twehe
-ewaB8CROcBCA3AMLSmGvPKgUCFMGtWam3328M4fBHzon5ka7qDXzM+imkAly/Yx2
-YNdR/aNOug+5sXygHmTSKqiCpQjOIClzXoPVVeEVHw==
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smrsa2.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa2.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcYC4tS2Uvn1Z2
+iDgtfkJA5tAqgbN6X4yK02RtVH5xekV9+6+eTt/9S+iFAzAnwqR/UB1R67ETrsWq
+V8u9xLg5fHIwIkmu9/6P31UU9cghO7J1lcrhHvooHaFpcXepPWQacpuBq2VvcKRD
+lDfVmdM5z6eS3dSZPTOMMP/xk4nhZB8mcw27qiccPieS0PZ9EZB63T1gmwaK1Rd5
+U94Pl0+zpDqhViuXmBfiIDWjjz0BzHnHSz5Rg4S3oXF1NcojhptIWyI0r7dgn5J3
+NxC4kgKdjzysxo6iWd0nLgz7h0jUdj79EOis4fg9G4f0EFWyQf7iDxGaA93Y9ePB
+Jv5iFZVZAgMBAAECggEBAILIPX856EHb0KclbhlpfY4grFcdg9LS04grrcTISQW1
+J3p9nBpZ+snKe6I8Yx6lf5PiipPsSLlCliHiWpIzJZVQCkAQiSPiHttpEYgP2IYI
+dH8dtznkdVbLRthZs0bnnPmpHCpW+iqpcYJ9eqkz0cvUNUGOjjWmwWmoRqwp/8CW
+3S1qbkQiCh0Mk2fQeGar76R06kXQ9MKDEj14zyS3rJX+cokjEoMSlH8Sbmdh2mJz
+XlNZcvqmeGJZwQWgbVVHOMUuZaKJiFa+lqvOdppbqSx0AsCRq6vjmjEYQEoOefYK
+3IJM9IvqW5UNx0Cy4kQdjhZFFwMO/ALD3QyF21iP4gECgYEA+isQiaWdaY4UYxwK
+Dg+pnSCKD7UGZUaCUIv9ds3CbntMOONFe0FxPsgcc4jRYQYj1rpQiFB8F11+qXGa
+P/IHcnjr2+mTrNY4I9Bt1Lg+pHSS8QCgzeueFybYMLaSsXUo7tGwpvw6UUb6/YWI
+LNCzZbrCLg1KZjGODhhxtvN45ZkCgYEA4YNSe+GMZlxgsvxbLs86WOm6DzJUPvxN
+bWmni0+Oe0cbevgGEUjDVc895uMFnpvlgO49/C0AYJ+VVbStjIMgAeMnWj6OZoSX
+q49rI8KmKUxKgORZiiaMqGWQ7Rxv68+4S8WANsjFxoUrE6dNV3uYDIUsiSLbZeI8
+38KVTcLohcECgYEAiOdyWHGq0G4xl/9rPUCzCMsa4velNV09yYiiwBZgVgfhsawm
+hQpOSBZJA60XMGqkyEkT81VgY4UF4QLLcD0qeCnWoXWVHFvrQyY4RNZDacpl87/t
+QGO2E2NtolL3umesa+2TJ/8Whw46Iu2llSjtVDm9NGiPk5eA7xPPf1iEi9kCgYAb
+0EmVE91wJoaarLtGS7LDkpgrFacEWbPnAbfzW62UENIX2Y1OBm5pH/Vfi7J+vHWS
+8E9e0eIRCL2vY2hgQy/oa67H151SkZnvQ/IP6Ar8Xvd1bDSK8HQ6tMQqKm63Y9g0
+KDjHCP4znOsSMnk8h/bZ3HcAtvbeWwftBR/LBnYNQQKBgA1leIXLLHRoX0VtS/7e
+y7Xmn7gepj+gDbSuCs5wGtgw0RB/1z/S3QoS2TCbZzKPBo20+ivoRP7gcuFhduFR
+hT8V87esr/QzLVpjLedQDW8Xb7GiO3BsU/gVC9VcngenbL7JObl3NgvdreIYo6+n
+yrLyf+8hjm6H6zkjqiOkHAl+
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAlSgAwIBAgIJANk5lu6mSyBBMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzBaFw0yMzA1MjYxNzI4MzBaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDcYC4tS2Uvn1Z2iDgtfkJA5tAqgbN6X4yK02RtVH5xekV9+6+eTt/9S+iF
+AzAnwqR/UB1R67ETrsWqV8u9xLg5fHIwIkmu9/6P31UU9cghO7J1lcrhHvooHaFp
+cXepPWQacpuBq2VvcKRDlDfVmdM5z6eS3dSZPTOMMP/xk4nhZB8mcw27qiccPieS
+0PZ9EZB63T1gmwaK1Rd5U94Pl0+zpDqhViuXmBfiIDWjjz0BzHnHSz5Rg4S3oXF1
+NcojhptIWyI0r7dgn5J3NxC4kgKdjzysxo6iWd0nLgz7h0jUdj79EOis4fg9G4f0
+EFWyQf7iDxGaA93Y9ePBJv5iFZVZAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgXgMB0GA1UdDgQWBBT0arpyYMHXDPVL7MvzE+lx71L7sjAfBgNV
+HSMEGDAWgBTJkVMKY3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEA
+I8nM42am3aImkZyrw8iGkaGhKyi/dfajSWx6B9izBUh+3FleBnUxxOA+mn7M8C47
+Ne18iaaWK8vEux9KYTIY8BzXQZL1AuZ896cXEc6bGKsME37JSsocfuB5BIGWlYLv
+/ON5/SJ0iVFj4fAp8z7Vn5qxRJj9BhZDxaO1Raa6cz6pm0imJy9v8y01TI6HsK8c
+XJQLs7/U4Qb91K+IDNX/lgW3hzWjifNpIpT5JyY3DUgbkD595LFV5DDMZd0UOqcv
+6cyN42zkX8a0TWr3i5wu7pw4k1oD19RbUyljyleEp0DBauIct4GARdBGgi5y1H2i
+NzYzLAPBkHCMY0Is3KKIBw==
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem
===================================================================
--- vendor-crypto/openssl/dist/test/smime-certs/smrsa3.pem 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC6syTZtZNe1hRScFc4PUVyVLsr7+C1HDIZnOHmwFoLayX6RHwy
-ep/TkdwiPHnemVLuwvpSjLMLZkXy/J764kSHJrNeVl3UvmCVCOm40hAtK1+F39pM
-h8phkbPPD7i+hwq4/Vs79o46nzwbVKmzgoZBJhZ+codujUSYM3LjJ4aq+wIDAQAB
-AoGAE1Zixrnr3bLGwBMqtYSDIOhtyos59whImCaLr17U9MHQWS+mvYO98if1aQZi
-iQ/QazJ+wvYXxWJ+dEB+JvYwqrGeuAU6He/rAb4OShG4FPVU2D19gzRnaButWMeT
-/1lgXV08hegGBL7RQNaN7b0viFYMcKnSghleMP0/q+Y/oaECQQDkXEwDYJW13X9p
-ijS20ykWdY5lLknjkHRhhOYux0rlhOqsyMZjoUmwI2m0qj9yrIysKhrk4MZaM/uC
-hy0xp3hdAkEA0Uv/UY0Kwsgc+W6YxeypECtg1qCE6FBib8n4iFy/6VcWqhvE5xrs
-OdhKv9/p6aLjLneGd1sU+F8eS9LGyKIbNwJBAJPgbNzXA7uUZriqZb5qeTXxBDfj
-RLfXSHYKAKEULxz3+JvRHB9SR4yHMiFrCdExiZrHXUkPgYLSHLGG5a4824UCQD6T
-9XvhquUARkGCAuWy0/3Eqoihp/t6BWSdQ9Upviu7YUhtUxsyXo0REZB7F4pGrJx5
-GlhXgFaewgUzuUHFzlMCQCzJMMWslWpoLntnR6sMhBMhBFHSw+Y5CbxBmFrdtSkd
-VdtNO1VuDCTxjjW7W3Khj7LX4KZ1ye/5jfAgnnnXisc=
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALqzJNm1k17WFFJwVzg9RXJUuyvv4LUcMhmc4ebAWgtrJfpEfDJ6n9OR3CI8ed6Z
-Uu7C+lKMswtmRfL8nvriRIcms15WXdS+YJUI6bjSEC0rX4Xf2kyHymGRs88PuL6H
-Crj9Wzv2jjqfPBtUqbOChkEmFn5yh26NRJgzcuMnhqr7AgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFDsSFjNtYZzd0tTHafNS7tneQQj6MB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhM0BvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQBE
-tUDB+1Dqigu4p1xtdq7JRK6S+gfA7RWmhz0j2scb2zhpS12h37JLHsidGeKAzZYq
-jUjOrH/j3xcV5AnuJoqImJaN23nzzxtR4qGGX2mrq6EtObzdEGgCUaizsGM+0slJ
-PYxcy8KeY/63B1BpYhj2RjGkL6HrvuAaxVORa3acoA==
------END CERTIFICATE-----
Copied: vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem (from rev 11605, vendor-crypto/openssl/dist/test/smime-certs/smrsa3.pem)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/smime-certs/smrsa3.pem 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCyK+BTAOJKJjji
+OhY60NeZjzGGZxEBfCm62n0mwkzusW/V/e63uwj6uOVCFoVBz5doMf3M6QIS2jL3
+Aw6Qs5+vcuLA0gHrqIwjYQz1UZ5ETLKLKbQw6YOIVfsFSTxytUVpfcByrubWiLKX
+63theG1/IVokDK/9/k52Kyt+wcCjuRb7AJQFj2OLDRuWm/gavozkK103gQ+dUq4H
+XamZMtTq1EhQOfc0IUeCOEL6xz4jzlHHfzLdkvb7Enhav2sXDfOmZp/DYf9IqS7l
+vFkkINPVbYFBTexaPZlFwmpGRjkmoyH/w+Jlcpzs+w6p1diWRpaSn62bbkRN49j6
+L2dVb+DfAgMBAAECggEAciwDl6zdVT6g/PbT/+SMA+7qgYHSN+1koEQaJpgjzGEP
+lUUfj8TewCtzXaIoyj9IepBuXryBg6snNXpT/w3bqgYon/7zFBvxkUpDj4A5tvKf
+BuY2fZFlpBvUu1Ju1eKrFCptBBBoA9mc+BUB/ze4ktrAdJFcxZoMlVScjqGB3GdR
+OHw2x9BdWGCJBhiu9VHhAAb/LVWi6xgDumYSWZwN2yovg+7J91t5bsENeBRHycK+
+i5dNFh1umIK9N0SH6bpHPnLHrCRchrQ6ZRRxL4ZBKA9jFRDeI7OOsJuCvhGyJ1se
+snsLjr/Ahg00aiHCcC1SPQ6pmXAVBCG7hf4AX82V4QKBgQDaFDE+Fcpv84mFo4s9
+wn4CZ8ymoNIaf5zPl/gpH7MGots4NT5+Ns+6zzJQ6TEpDjTPx+vDaabP7QGXwVZn
+8NAHYvCQK37b+u9HrOt256YYRDOmnJFSbsJdmqzMEzpTNmQ8GuI37cZCS9CmSMv+
+ab/plcwuv0cJRSC83NN2AFyu1QKBgQDRJzKIBQlpprF9rA0D5ZjLVW4OH18A0Mmm
+oanw7qVutBaM4taFN4M851WnNIROyYIlkk2fNgW57Y4M8LER4zLrjU5HY4lB0BMX
+LQWDbyz4Y7L4lVnnEKfQxWFt9avNZwiCxCxEKy/n/icmVCzc91j9uwKcupdzrN6E
+yzPd1s5y4wKBgQCkJvzmAdsOp9/Fg1RFWcgmIWHvrzBXl+U+ceLveZf1j9K5nYJ7
+2OBGer4iH1XM1I+2M4No5XcWHg3L4FEdDixY0wXHT6Y/CcThS+015Kqmq3fBmyrc
+RNjzQoF9X5/QkSmkAIx1kvpgXtcgw70htRIrToGSUpKzDKDW6NYXhbA+PQKBgDJK
+KH5IJ8E9kYPUMLT1Kc4KVpISvPcnPLVSPdhuqVx69MkfadFSTb4BKbkwiXegQCjk
+isFzbeEM25EE9q6EYKP+sAm+RyyJ6W0zKBY4TynSXyAiWSGUAaXTL+AOqCaVVZiL
+rtEdSUGQ/LzclIT0/HLV2oTw4KWxtTdc3LXEhpNdAoGBAM3LckiHENqtoeK2gVNw
+IPeEuruEqoN4n+XltbEEv6Ymhxrs6T6HSKsEsLhqsUiIvIzH43KMm45SNYTn5eZh
+yzYMXLmervN7c1jJe2Y2MYv6hE+Ypj1xGW4w7s8WNKmVzLv97beisD9AZrS7sXfF
+RvOAi5wVkYylDxV4238MAZIq
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAlSgAwIBAgIJANk5lu6mSyBCMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzBaFw0yMzA1MjYxNzI4MzBaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCyK+BTAOJKJjjiOhY60NeZjzGGZxEBfCm62n0mwkzusW/V/e63uwj6uOVC
+FoVBz5doMf3M6QIS2jL3Aw6Qs5+vcuLA0gHrqIwjYQz1UZ5ETLKLKbQw6YOIVfsF
+STxytUVpfcByrubWiLKX63theG1/IVokDK/9/k52Kyt+wcCjuRb7AJQFj2OLDRuW
+m/gavozkK103gQ+dUq4HXamZMtTq1EhQOfc0IUeCOEL6xz4jzlHHfzLdkvb7Enha
+v2sXDfOmZp/DYf9IqS7lvFkkINPVbYFBTexaPZlFwmpGRjkmoyH/w+Jlcpzs+w6p
+1diWRpaSn62bbkRN49j6L2dVb+DfAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgXgMB0GA1UdDgQWBBQ6CkW5sa6HrBsWvuPOvMjyL5AnsDAfBgNV
+HSMEGDAWgBTJkVMKY3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEA
+JhcrD7AKafVzlncA3cZ6epAruj1xwcfiE+EbuAaeWEGjoSltmevcjgoIxvijRVcp
+sCbNmHJZ/siQlqzWjjf3yoERvLDqngJZZpQeocMIbLRQf4wgLAuiBcvT52wTE+sa
+VexeETDy5J1OW3wE4A3rkdBp6hLaymlijFNnd5z/bP6w3AcIMWm45yPm0skM8RVr
+O3UstEFYD/iy+p+Y/YZDoxYQSW5Vl+NkpGmc5bzet8gQz4JeXtH3z5zUGoDM4XK7
+tXP3yUi2eecCbyjh/wgaQiVdylr1Kv3mxXcTl+cFO22asDkh0R/y72nTCu5fSILY
+CscFo2Z2pYROGtZDmYqhRw==
+-----END CERTIFICATE-----
Deleted: vendor-crypto/openssl/1.0.1u/test/srptest.c
===================================================================
--- vendor-crypto/openssl/dist/test/srptest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/srptest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/srp/srptest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/ssltest.c
===================================================================
--- vendor-crypto/openssl/dist/test/ssltest.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/ssltest.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../ssl/ssltest.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/testfipsssl
===================================================================
--- vendor-crypto/openssl/dist/test/testfipsssl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/testfipsssl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,113 +0,0 @@
-#!/bin/sh
-
-if [ "$1" = "" ]; then
- key=../apps/server.pem
-else
- key="$1"
-fi
-if [ "$2" = "" ]; then
- cert=../apps/server.pem
-else
- cert="$2"
-fi
-
-ciphers="DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA"
-
-ssltest="../util/shlib_wrap.sh ./ssltest -F -key $key -cert $cert -c_key $key -c_cert $cert -cipher $ciphers"
-
-if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
- dsa_cert=YES
-else
- dsa_cert=NO
-fi
-
-if [ "$3" = "" ]; then
- CA="-CApath ../certs"
-else
- CA="-CAfile $3"
-fi
-
-if [ "$4" = "" ]; then
- extra=""
-else
- extra="$4"
-fi
-
-#############################################################################
-
-echo test ssl3 is forbidden in FIPS mode
-$ssltest -ssl3 $extra && exit 1
-
-echo test ssl2 is forbidden in FIPS mode
-$ssltest -ssl2 $extra && exit 1
-
-echo test tls1
-$ssltest -tls1 $extra || exit 1
-
-echo test tls1 with server authentication
-$ssltest -tls1 -server_auth $CA $extra || exit 1
-
-echo test tls1 with client authentication
-$ssltest -tls1 -client_auth $CA $extra || exit 1
-
-echo test tls1 with both client and server authentication
-$ssltest -tls1 -server_auth -client_auth $CA $extra || exit 1
-
-echo test tls1 via BIO pair
-$ssltest -bio_pair -tls1 $extra || exit 1
-
-echo test tls1 with server authentication via BIO pair
-$ssltest -bio_pair -tls1 -server_auth $CA $extra || exit 1
-
-echo test tls1 with client authentication via BIO pair
-$ssltest -bio_pair -tls1 -client_auth $CA $extra || exit 1
-
-echo test tls1 with both client and server authentication via BIO pair
-$ssltest -bio_pair -tls1 -server_auth -client_auth $CA $extra || exit 1
-
-# note that all the below actually choose TLS...
-
-if [ $dsa_cert = NO ]; then
- echo test sslv2/sslv3 w/o DHE via BIO pair
- $ssltest -bio_pair -no_dhe $extra || exit 1
-fi
-
-echo test sslv2/sslv3 with 1024bit DHE via BIO pair
-$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -bio_pair -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
-$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-
-#############################################################################
-
-if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
- echo skipping anonymous DH tests
-else
- echo test tls1 with 1024bit anonymous DH, multiple handshakes
- $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
-fi
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
- echo skipping RSA tests
-else
- echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
- ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
-
- if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
- echo skipping RSA+DHE tests
- else
- echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
- ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
- fi
-fi
-
-exit 0
Copied: vendor-crypto/openssl/1.0.1u/test/testfipsssl (from rev 11605, vendor-crypto/openssl/dist/test/testfipsssl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/test/testfipsssl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/test/testfipsssl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,117 @@
+#!/bin/sh
+
+if [ "$1" = "" ]; then
+ key=../apps/server.pem
+else
+ key="$1"
+fi
+if [ "$2" = "" ]; then
+ cert=../apps/server.pem
+else
+ cert="$2"
+fi
+
+ciphers="DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA"
+
+ssltest="../util/shlib_wrap.sh ./ssltest -F -key $key -cert $cert -c_key $key -c_cert $cert -cipher $ciphers"
+
+if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+ dsa_cert=YES
+else
+ dsa_cert=NO
+fi
+
+if [ "$3" = "" ]; then
+ CA="-CApath ../certs"
+else
+ CA="-CAfile $3"
+fi
+
+if [ "$4" = "" ]; then
+ extra=""
+else
+ extra="$4"
+fi
+
+#############################################################################
+
+echo test ssl3 is forbidden in FIPS mode
+$ssltest -ssl3 $extra && exit 1
+
+if ../util/shlib_wrap.sh ../apps/openssl ciphers SSLv2 >/dev/null 2>&1; then
+ echo test ssl2 is forbidden in FIPS mode
+ $ssltest -ssl2 $extra && exit 1
+else
+ echo ssl2 disabled: skipping test
+fi
+
+echo test tls1
+$ssltest -tls1 $extra || exit 1
+
+echo test tls1 with server authentication
+$ssltest -tls1 -server_auth $CA $extra || exit 1
+
+echo test tls1 with client authentication
+$ssltest -tls1 -client_auth $CA $extra || exit 1
+
+echo test tls1 with both client and server authentication
+$ssltest -tls1 -server_auth -client_auth $CA $extra || exit 1
+
+echo test tls1 via BIO pair
+$ssltest -bio_pair -tls1 $extra || exit 1
+
+echo test tls1 with server authentication via BIO pair
+$ssltest -bio_pair -tls1 -server_auth $CA $extra || exit 1
+
+echo test tls1 with client authentication via BIO pair
+$ssltest -bio_pair -tls1 -client_auth $CA $extra || exit 1
+
+echo test tls1 with both client and server authentication via BIO pair
+$ssltest -bio_pair -tls1 -server_auth -client_auth $CA $extra || exit 1
+
+# note that all the below actually choose TLS...
+
+if [ $dsa_cert = NO ]; then
+ echo test sslv2/sslv3 w/o DHE via BIO pair
+ $ssltest -bio_pair -no_dhe $extra || exit 1
+fi
+
+echo test sslv2/sslv3 with 1024bit DHE via BIO pair
+$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -bio_pair -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+
+#############################################################################
+
+if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+ echo skipping anonymous DH tests
+else
+ echo test tls1 with 1024bit anonymous DH, multiple handshakes
+ $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
+fi
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+ echo skipping RSA tests
+else
+ echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
+ ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+
+ if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+ echo skipping RSA+DHE tests
+ else
+ echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
+ ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+ fi
+fi
+
+exit 0
Deleted: vendor-crypto/openssl/1.0.1u/test/verify_extra_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/verify_extra_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/verify_extra_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/x509/verify_extra_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/test/wp_test.c
===================================================================
--- vendor-crypto/openssl/dist/test/wp_test.c 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/test/wp_test.c 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1 +0,0 @@
-link openssl-1.0.1q/../crypto/whrlpool/wp_test.c
\ No newline at end of file
Deleted: vendor-crypto/openssl/1.0.1u/util/libeay.num
===================================================================
--- vendor-crypto/openssl/dist/util/libeay.num 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/libeay.num 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,4316 +0,0 @@
-SSLeay 1 EXIST::FUNCTION:
-SSLeay_version 2 EXIST::FUNCTION:
-ASN1_BIT_STRING_asn1_meth 3 NOEXIST::FUNCTION:
-ASN1_HEADER_free 4 NOEXIST::FUNCTION:
-ASN1_HEADER_new 5 NOEXIST::FUNCTION:
-ASN1_IA5STRING_asn1_meth 6 NOEXIST::FUNCTION:
-ASN1_INTEGER_get 7 EXIST::FUNCTION:
-ASN1_INTEGER_set 8 EXIST::FUNCTION:
-ASN1_INTEGER_to_BN 9 EXIST::FUNCTION:
-ASN1_OBJECT_create 10 EXIST::FUNCTION:
-ASN1_OBJECT_free 11 EXIST::FUNCTION:
-ASN1_OBJECT_new 12 EXIST::FUNCTION:
-ASN1_PRINTABLE_type 13 EXIST::FUNCTION:
-ASN1_STRING_cmp 14 EXIST::FUNCTION:
-ASN1_STRING_dup 15 EXIST::FUNCTION:
-ASN1_STRING_free 16 EXIST::FUNCTION:
-ASN1_STRING_new 17 EXIST::FUNCTION:
-ASN1_STRING_print 18 EXIST::FUNCTION:BIO
-ASN1_STRING_set 19 EXIST::FUNCTION:
-ASN1_STRING_type_new 20 EXIST::FUNCTION:
-ASN1_TYPE_free 21 EXIST::FUNCTION:
-ASN1_TYPE_new 22 EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_to_string 23 EXIST::FUNCTION:
-ASN1_UTCTIME_check 24 EXIST::FUNCTION:
-ASN1_UTCTIME_print 25 EXIST::FUNCTION:BIO
-ASN1_UTCTIME_set 26 EXIST::FUNCTION:
-ASN1_check_infinite_end 27 EXIST::FUNCTION:
-ASN1_d2i_bio 28 EXIST::FUNCTION:BIO
-ASN1_d2i_fp 29 EXIST::FUNCTION:FP_API
-ASN1_digest 30 EXIST::FUNCTION:EVP
-ASN1_dup 31 EXIST::FUNCTION:
-ASN1_get_object 32 EXIST::FUNCTION:
-ASN1_i2d_bio 33 EXIST::FUNCTION:BIO
-ASN1_i2d_fp 34 EXIST::FUNCTION:FP_API
-ASN1_object_size 35 EXIST::FUNCTION:
-ASN1_parse 36 EXIST::FUNCTION:BIO
-ASN1_put_object 37 EXIST::FUNCTION:
-ASN1_sign 38 EXIST::FUNCTION:EVP
-ASN1_verify 39 EXIST::FUNCTION:EVP
-BF_cbc_encrypt 40 EXIST::FUNCTION:BF
-BF_cfb64_encrypt 41 EXIST::FUNCTION:BF
-BF_ecb_encrypt 42 EXIST::FUNCTION:BF
-BF_encrypt 43 EXIST::FUNCTION:BF
-BF_ofb64_encrypt 44 EXIST::FUNCTION:BF
-BF_options 45 EXIST::FUNCTION:BF
-BF_set_key 46 EXIST::FUNCTION:BF
-BIO_CONNECT_free 47 NOEXIST::FUNCTION:
-BIO_CONNECT_new 48 NOEXIST::FUNCTION:
-BIO_accept 51 EXIST::FUNCTION:
-BIO_ctrl 52 EXIST::FUNCTION:
-BIO_int_ctrl 53 EXIST::FUNCTION:
-BIO_debug_callback 54 EXIST::FUNCTION:
-BIO_dump 55 EXIST::FUNCTION:
-BIO_dup_chain 56 EXIST::FUNCTION:
-BIO_f_base64 57 EXIST::FUNCTION:BIO
-BIO_f_buffer 58 EXIST::FUNCTION:
-BIO_f_cipher 59 EXIST::FUNCTION:BIO
-BIO_f_md 60 EXIST::FUNCTION:BIO
-BIO_f_null 61 EXIST::FUNCTION:
-BIO_f_proxy_server 62 NOEXIST::FUNCTION:
-BIO_fd_non_fatal_error 63 EXIST::FUNCTION:
-BIO_fd_should_retry 64 EXIST::FUNCTION:
-BIO_find_type 65 EXIST::FUNCTION:
-BIO_free 66 EXIST::FUNCTION:
-BIO_free_all 67 EXIST::FUNCTION:
-BIO_get_accept_socket 69 EXIST::FUNCTION:
-BIO_get_filter_bio 70 NOEXIST::FUNCTION:
-BIO_get_host_ip 71 EXIST::FUNCTION:
-BIO_get_port 72 EXIST::FUNCTION:
-BIO_get_retry_BIO 73 EXIST::FUNCTION:
-BIO_get_retry_reason 74 EXIST::FUNCTION:
-BIO_gethostbyname 75 EXIST::FUNCTION:
-BIO_gets 76 EXIST::FUNCTION:
-BIO_new 78 EXIST::FUNCTION:
-BIO_new_accept 79 EXIST::FUNCTION:
-BIO_new_connect 80 EXIST::FUNCTION:
-BIO_new_fd 81 EXIST::FUNCTION:
-BIO_new_file 82 EXIST::FUNCTION:FP_API
-BIO_new_fp 83 EXIST::FUNCTION:FP_API
-BIO_new_socket 84 EXIST::FUNCTION:
-BIO_pop 85 EXIST::FUNCTION:
-BIO_printf 86 EXIST::FUNCTION:
-BIO_push 87 EXIST::FUNCTION:
-BIO_puts 88 EXIST::FUNCTION:
-BIO_read 89 EXIST::FUNCTION:
-BIO_s_accept 90 EXIST::FUNCTION:
-BIO_s_connect 91 EXIST::FUNCTION:
-BIO_s_fd 92 EXIST::FUNCTION:
-BIO_s_file 93 EXIST::FUNCTION:FP_API
-BIO_s_mem 95 EXIST::FUNCTION:
-BIO_s_null 96 EXIST::FUNCTION:
-BIO_s_proxy_client 97 NOEXIST::FUNCTION:
-BIO_s_socket 98 EXIST::FUNCTION:
-BIO_set 100 EXIST::FUNCTION:
-BIO_set_cipher 101 EXIST::FUNCTION:BIO
-BIO_set_tcp_ndelay 102 EXIST::FUNCTION:
-BIO_sock_cleanup 103 EXIST::FUNCTION:
-BIO_sock_error 104 EXIST::FUNCTION:
-BIO_sock_init 105 EXIST::FUNCTION:
-BIO_sock_non_fatal_error 106 EXIST::FUNCTION:
-BIO_sock_should_retry 107 EXIST::FUNCTION:
-BIO_socket_ioctl 108 EXIST::FUNCTION:
-BIO_write 109 EXIST::FUNCTION:
-BN_CTX_free 110 EXIST::FUNCTION:
-BN_CTX_new 111 EXIST::FUNCTION:
-BN_MONT_CTX_free 112 EXIST::FUNCTION:
-BN_MONT_CTX_new 113 EXIST::FUNCTION:
-BN_MONT_CTX_set 114 EXIST::FUNCTION:
-BN_add 115 EXIST::FUNCTION:
-BN_add_word 116 EXIST::FUNCTION:
-BN_hex2bn 117 EXIST::FUNCTION:
-BN_bin2bn 118 EXIST::FUNCTION:
-BN_bn2hex 119 EXIST::FUNCTION:
-BN_bn2bin 120 EXIST::FUNCTION:
-BN_clear 121 EXIST::FUNCTION:
-BN_clear_bit 122 EXIST::FUNCTION:
-BN_clear_free 123 EXIST::FUNCTION:
-BN_cmp 124 EXIST::FUNCTION:
-BN_copy 125 EXIST::FUNCTION:
-BN_div 126 EXIST::FUNCTION:
-BN_div_word 127 EXIST::FUNCTION:
-BN_dup 128 EXIST::FUNCTION:
-BN_free 129 EXIST::FUNCTION:
-BN_from_montgomery 130 EXIST::FUNCTION:
-BN_gcd 131 EXIST::FUNCTION:
-BN_generate_prime 132 EXIST::FUNCTION:DEPRECATED
-BN_get_word 133 EXIST::FUNCTION:
-BN_is_bit_set 134 EXIST::FUNCTION:
-BN_is_prime 135 EXIST::FUNCTION:DEPRECATED
-BN_lshift 136 EXIST::FUNCTION:
-BN_lshift1 137 EXIST::FUNCTION:
-BN_mask_bits 138 EXIST::FUNCTION:
-BN_mod 139 NOEXIST::FUNCTION:
-BN_mod_exp 140 EXIST::FUNCTION:
-BN_mod_exp_mont 141 EXIST::FUNCTION:
-BN_mod_exp_simple 143 EXIST::FUNCTION:
-BN_mod_inverse 144 EXIST::FUNCTION:
-BN_mod_mul 145 EXIST::FUNCTION:
-BN_mod_mul_montgomery 146 EXIST::FUNCTION:
-BN_mod_word 148 EXIST::FUNCTION:
-BN_mul 149 EXIST::FUNCTION:
-BN_new 150 EXIST::FUNCTION:
-BN_num_bits 151 EXIST::FUNCTION:
-BN_num_bits_word 152 EXIST::FUNCTION:
-BN_options 153 EXIST::FUNCTION:
-BN_print 154 EXIST::FUNCTION:
-BN_print_fp 155 EXIST::FUNCTION:FP_API
-BN_rand 156 EXIST::FUNCTION:
-BN_reciprocal 157 EXIST::FUNCTION:
-BN_rshift 158 EXIST::FUNCTION:
-BN_rshift1 159 EXIST::FUNCTION:
-BN_set_bit 160 EXIST::FUNCTION:
-BN_set_word 161 EXIST::FUNCTION:
-BN_sqr 162 EXIST::FUNCTION:
-BN_sub 163 EXIST::FUNCTION:
-BN_to_ASN1_INTEGER 164 EXIST::FUNCTION:
-BN_ucmp 165 EXIST::FUNCTION:
-BN_value_one 166 EXIST::FUNCTION:
-BUF_MEM_free 167 EXIST::FUNCTION:
-BUF_MEM_grow 168 EXIST::FUNCTION:
-BUF_MEM_new 169 EXIST::FUNCTION:
-BUF_strdup 170 EXIST::FUNCTION:
-CONF_free 171 EXIST::FUNCTION:
-CONF_get_number 172 EXIST::FUNCTION:
-CONF_get_section 173 EXIST::FUNCTION:
-CONF_get_string 174 EXIST::FUNCTION:
-CONF_load 175 EXIST::FUNCTION:
-CRYPTO_add_lock 176 EXIST::FUNCTION:
-CRYPTO_dbg_free 177 EXIST::FUNCTION:
-CRYPTO_dbg_malloc 178 EXIST::FUNCTION:
-CRYPTO_dbg_realloc 179 EXIST::FUNCTION:
-CRYPTO_dbg_remalloc 180 NOEXIST::FUNCTION:
-CRYPTO_free 181 EXIST::FUNCTION:
-CRYPTO_get_add_lock_callback 182 EXIST::FUNCTION:
-CRYPTO_get_id_callback 183 EXIST::FUNCTION:DEPRECATED
-CRYPTO_get_lock_name 184 EXIST::FUNCTION:
-CRYPTO_get_locking_callback 185 EXIST::FUNCTION:
-CRYPTO_get_mem_functions 186 EXIST::FUNCTION:
-CRYPTO_lock 187 EXIST::FUNCTION:
-CRYPTO_malloc 188 EXIST::FUNCTION:
-CRYPTO_mem_ctrl 189 EXIST::FUNCTION:
-CRYPTO_mem_leaks 190 EXIST::FUNCTION:
-CRYPTO_mem_leaks_cb 191 EXIST::FUNCTION:
-CRYPTO_mem_leaks_fp 192 EXIST::FUNCTION:FP_API
-CRYPTO_realloc 193 EXIST::FUNCTION:
-CRYPTO_remalloc 194 EXIST::FUNCTION:
-CRYPTO_set_add_lock_callback 195 EXIST::FUNCTION:
-CRYPTO_set_id_callback 196 EXIST::FUNCTION:DEPRECATED
-CRYPTO_set_locking_callback 197 EXIST::FUNCTION:
-CRYPTO_set_mem_functions 198 EXIST::FUNCTION:
-CRYPTO_thread_id 199 EXIST::FUNCTION:DEPRECATED
-DH_check 200 EXIST::FUNCTION:DH
-DH_compute_key 201 EXIST::FUNCTION:DH
-DH_free 202 EXIST::FUNCTION:DH
-DH_generate_key 203 EXIST::FUNCTION:DH
-DH_generate_parameters 204 EXIST::FUNCTION:DEPRECATED,DH
-DH_new 205 EXIST::FUNCTION:DH
-DH_size 206 EXIST::FUNCTION:DH
-DHparams_print 207 EXIST::FUNCTION:BIO,DH
-DHparams_print_fp 208 EXIST::FUNCTION:DH,FP_API
-DSA_free 209 EXIST::FUNCTION:DSA
-DSA_generate_key 210 EXIST::FUNCTION:DSA
-DSA_generate_parameters 211 EXIST::FUNCTION:DEPRECATED,DSA
-DSA_is_prime 212 NOEXIST::FUNCTION:
-DSA_new 213 EXIST::FUNCTION:DSA
-DSA_print 214 EXIST::FUNCTION:BIO,DSA
-DSA_print_fp 215 EXIST::FUNCTION:DSA,FP_API
-DSA_sign 216 EXIST::FUNCTION:DSA
-DSA_sign_setup 217 EXIST::FUNCTION:DSA
-DSA_size 218 EXIST::FUNCTION:DSA
-DSA_verify 219 EXIST::FUNCTION:DSA
-DSAparams_print 220 EXIST::FUNCTION:BIO,DSA
-DSAparams_print_fp 221 EXIST::FUNCTION:DSA,FP_API
-ERR_clear_error 222 EXIST::FUNCTION:
-ERR_error_string 223 EXIST::FUNCTION:
-ERR_free_strings 224 EXIST::FUNCTION:
-ERR_func_error_string 225 EXIST::FUNCTION:
-ERR_get_err_state_table 226 EXIST::FUNCTION:LHASH
-ERR_get_error 227 EXIST::FUNCTION:
-ERR_get_error_line 228 EXIST::FUNCTION:
-ERR_get_state 229 EXIST::FUNCTION:
-ERR_get_string_table 230 EXIST::FUNCTION:LHASH
-ERR_lib_error_string 231 EXIST::FUNCTION:
-ERR_load_ASN1_strings 232 EXIST::FUNCTION:
-ERR_load_BIO_strings 233 EXIST::FUNCTION:
-ERR_load_BN_strings 234 EXIST::FUNCTION:
-ERR_load_BUF_strings 235 EXIST::FUNCTION:
-ERR_load_CONF_strings 236 EXIST::FUNCTION:
-ERR_load_DH_strings 237 EXIST::FUNCTION:DH
-ERR_load_DSA_strings 238 EXIST::FUNCTION:DSA
-ERR_load_ERR_strings 239 EXIST::FUNCTION:
-ERR_load_EVP_strings 240 EXIST::FUNCTION:
-ERR_load_OBJ_strings 241 EXIST::FUNCTION:
-ERR_load_PEM_strings 242 EXIST::FUNCTION:
-ERR_load_PROXY_strings 243 NOEXIST::FUNCTION:
-ERR_load_RSA_strings 244 EXIST::FUNCTION:RSA
-ERR_load_X509_strings 245 EXIST::FUNCTION:
-ERR_load_crypto_strings 246 EXIST::FUNCTION:
-ERR_load_strings 247 EXIST::FUNCTION:
-ERR_peek_error 248 EXIST::FUNCTION:
-ERR_peek_error_line 249 EXIST::FUNCTION:
-ERR_print_errors 250 EXIST::FUNCTION:BIO
-ERR_print_errors_fp 251 EXIST::FUNCTION:FP_API
-ERR_put_error 252 EXIST::FUNCTION:
-ERR_reason_error_string 253 EXIST::FUNCTION:
-ERR_remove_state 254 EXIST::FUNCTION:DEPRECATED
-EVP_BytesToKey 255 EXIST::FUNCTION:
-EVP_CIPHER_CTX_cleanup 256 EXIST::FUNCTION:
-EVP_CipherFinal 257 EXIST::FUNCTION:
-EVP_CipherInit 258 EXIST::FUNCTION:
-EVP_CipherUpdate 259 EXIST::FUNCTION:
-EVP_DecodeBlock 260 EXIST::FUNCTION:
-EVP_DecodeFinal 261 EXIST::FUNCTION:
-EVP_DecodeInit 262 EXIST::FUNCTION:
-EVP_DecodeUpdate 263 EXIST::FUNCTION:
-EVP_DecryptFinal 264 EXIST::FUNCTION:
-EVP_DecryptInit 265 EXIST::FUNCTION:
-EVP_DecryptUpdate 266 EXIST::FUNCTION:
-EVP_DigestFinal 267 EXIST::FUNCTION:
-EVP_DigestInit 268 EXIST::FUNCTION:
-EVP_DigestUpdate 269 EXIST::FUNCTION:
-EVP_EncodeBlock 270 EXIST::FUNCTION:
-EVP_EncodeFinal 271 EXIST::FUNCTION:
-EVP_EncodeInit 272 EXIST::FUNCTION:
-EVP_EncodeUpdate 273 EXIST::FUNCTION:
-EVP_EncryptFinal 274 EXIST::FUNCTION:
-EVP_EncryptInit 275 EXIST::FUNCTION:
-EVP_EncryptUpdate 276 EXIST::FUNCTION:
-EVP_OpenFinal 277 EXIST::FUNCTION:RSA
-EVP_OpenInit 278 EXIST::FUNCTION:RSA
-EVP_PKEY_assign 279 EXIST::FUNCTION:
-EVP_PKEY_copy_parameters 280 EXIST::FUNCTION:
-EVP_PKEY_free 281 EXIST::FUNCTION:
-EVP_PKEY_missing_parameters 282 EXIST::FUNCTION:
-EVP_PKEY_new 283 EXIST::FUNCTION:
-EVP_PKEY_save_parameters 284 EXIST::FUNCTION:
-EVP_PKEY_size 285 EXIST::FUNCTION:
-EVP_PKEY_type 286 EXIST::FUNCTION:
-EVP_SealFinal 287 EXIST::FUNCTION:RSA
-EVP_SealInit 288 EXIST::FUNCTION:RSA
-EVP_SignFinal 289 EXIST::FUNCTION:
-EVP_VerifyFinal 290 EXIST::FUNCTION:
-EVP_add_alias 291 NOEXIST::FUNCTION:
-EVP_add_cipher 292 EXIST::FUNCTION:
-EVP_add_digest 293 EXIST::FUNCTION:
-EVP_bf_cbc 294 EXIST::FUNCTION:BF
-EVP_bf_cfb64 295 EXIST::FUNCTION:BF
-EVP_bf_ecb 296 EXIST::FUNCTION:BF
-EVP_bf_ofb 297 EXIST::FUNCTION:BF
-EVP_cleanup 298 EXIST::FUNCTION:
-EVP_des_cbc 299 EXIST::FUNCTION:DES
-EVP_des_cfb64 300 EXIST::FUNCTION:DES
-EVP_des_ecb 301 EXIST::FUNCTION:DES
-EVP_des_ede 302 EXIST::FUNCTION:DES
-EVP_des_ede3 303 EXIST::FUNCTION:DES
-EVP_des_ede3_cbc 304 EXIST::FUNCTION:DES
-EVP_des_ede3_cfb64 305 EXIST::FUNCTION:DES
-EVP_des_ede3_ofb 306 EXIST::FUNCTION:DES
-EVP_des_ede_cbc 307 EXIST::FUNCTION:DES
-EVP_des_ede_cfb64 308 EXIST::FUNCTION:DES
-EVP_des_ede_ofb 309 EXIST::FUNCTION:DES
-EVP_des_ofb 310 EXIST::FUNCTION:DES
-EVP_desx_cbc 311 EXIST::FUNCTION:DES
-EVP_dss 312 EXIST::FUNCTION:DSA,SHA
-EVP_dss1 313 EXIST::FUNCTION:DSA,SHA
-EVP_enc_null 314 EXIST::FUNCTION:
-EVP_get_cipherbyname 315 EXIST::FUNCTION:
-EVP_get_digestbyname 316 EXIST::FUNCTION:
-EVP_get_pw_prompt 317 EXIST::FUNCTION:
-EVP_idea_cbc 318 EXIST::FUNCTION:IDEA
-EVP_idea_cfb64 319 EXIST::FUNCTION:IDEA
-EVP_idea_ecb 320 EXIST::FUNCTION:IDEA
-EVP_idea_ofb 321 EXIST::FUNCTION:IDEA
-EVP_md2 322 EXIST::FUNCTION:MD2
-EVP_md5 323 EXIST::FUNCTION:MD5
-EVP_md_null 324 EXIST::FUNCTION:
-EVP_rc2_cbc 325 EXIST::FUNCTION:RC2
-EVP_rc2_cfb64 326 EXIST::FUNCTION:RC2
-EVP_rc2_ecb 327 EXIST::FUNCTION:RC2
-EVP_rc2_ofb 328 EXIST::FUNCTION:RC2
-EVP_rc4 329 EXIST::FUNCTION:RC4
-EVP_read_pw_string 330 EXIST::FUNCTION:
-EVP_set_pw_prompt 331 EXIST::FUNCTION:
-EVP_sha 332 EXIST::FUNCTION:SHA
-EVP_sha1 333 EXIST::FUNCTION:SHA
-MD2 334 EXIST::FUNCTION:MD2
-MD2_Final 335 EXIST::FUNCTION:MD2
-MD2_Init 336 EXIST::FUNCTION:MD2
-MD2_Update 337 EXIST::FUNCTION:MD2
-MD2_options 338 EXIST::FUNCTION:MD2
-MD5 339 EXIST::FUNCTION:MD5
-MD5_Final 340 EXIST::FUNCTION:MD5
-MD5_Init 341 EXIST::FUNCTION:MD5
-MD5_Update 342 EXIST::FUNCTION:MD5
-MDC2 343 EXIST::FUNCTION:MDC2
-MDC2_Final 344 EXIST::FUNCTION:MDC2
-MDC2_Init 345 EXIST::FUNCTION:MDC2
-MDC2_Update 346 EXIST::FUNCTION:MDC2
-NETSCAPE_SPKAC_free 347 EXIST::FUNCTION:
-NETSCAPE_SPKAC_new 348 EXIST::FUNCTION:
-NETSCAPE_SPKI_free 349 EXIST::FUNCTION:
-NETSCAPE_SPKI_new 350 EXIST::FUNCTION:
-NETSCAPE_SPKI_sign 351 EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_verify 352 EXIST::FUNCTION:EVP
-OBJ_add_object 353 EXIST::FUNCTION:
-OBJ_bsearch 354 NOEXIST::FUNCTION:
-OBJ_cleanup 355 EXIST::FUNCTION:
-OBJ_cmp 356 EXIST::FUNCTION:
-OBJ_create 357 EXIST::FUNCTION:
-OBJ_dup 358 EXIST::FUNCTION:
-OBJ_ln2nid 359 EXIST::FUNCTION:
-OBJ_new_nid 360 EXIST::FUNCTION:
-OBJ_nid2ln 361 EXIST::FUNCTION:
-OBJ_nid2obj 362 EXIST::FUNCTION:
-OBJ_nid2sn 363 EXIST::FUNCTION:
-OBJ_obj2nid 364 EXIST::FUNCTION:
-OBJ_sn2nid 365 EXIST::FUNCTION:
-OBJ_txt2nid 366 EXIST::FUNCTION:
-PEM_ASN1_read 367 EXIST::FUNCTION:
-PEM_ASN1_read_bio 368 EXIST::FUNCTION:BIO
-PEM_ASN1_write 369 EXIST::FUNCTION:
-PEM_ASN1_write_bio 370 EXIST::FUNCTION:BIO
-PEM_SealFinal 371 EXIST::FUNCTION:RSA
-PEM_SealInit 372 EXIST::FUNCTION:RSA
-PEM_SealUpdate 373 EXIST::FUNCTION:RSA
-PEM_SignFinal 374 EXIST::FUNCTION:
-PEM_SignInit 375 EXIST::FUNCTION:
-PEM_SignUpdate 376 EXIST::FUNCTION:
-PEM_X509_INFO_read 377 EXIST::FUNCTION:
-PEM_X509_INFO_read_bio 378 EXIST::FUNCTION:BIO
-PEM_X509_INFO_write_bio 379 EXIST::FUNCTION:BIO
-PEM_dek_info 380 EXIST::FUNCTION:
-PEM_do_header 381 EXIST::FUNCTION:
-PEM_get_EVP_CIPHER_INFO 382 EXIST::FUNCTION:
-PEM_proc_type 383 EXIST::FUNCTION:
-PEM_read 384 EXIST::FUNCTION:
-PEM_read_DHparams 385 EXIST:!WIN16:FUNCTION:DH
-PEM_read_DSAPrivateKey 386 EXIST:!WIN16:FUNCTION:DSA
-PEM_read_DSAparams 387 EXIST:!WIN16:FUNCTION:DSA
-PEM_read_PKCS7 388 EXIST:!WIN16:FUNCTION:
-PEM_read_PrivateKey 389 EXIST:!WIN16:FUNCTION:
-PEM_read_RSAPrivateKey 390 EXIST:!WIN16:FUNCTION:RSA
-PEM_read_X509 391 EXIST:!WIN16:FUNCTION:
-PEM_read_X509_CRL 392 EXIST:!WIN16:FUNCTION:
-PEM_read_X509_REQ 393 EXIST:!WIN16:FUNCTION:
-PEM_read_bio 394 EXIST::FUNCTION:BIO
-PEM_read_bio_DHparams 395 EXIST::FUNCTION:DH
-PEM_read_bio_DSAPrivateKey 396 EXIST::FUNCTION:DSA
-PEM_read_bio_DSAparams 397 EXIST::FUNCTION:DSA
-PEM_read_bio_PKCS7 398 EXIST::FUNCTION:
-PEM_read_bio_PrivateKey 399 EXIST::FUNCTION:
-PEM_read_bio_RSAPrivateKey 400 EXIST::FUNCTION:RSA
-PEM_read_bio_X509 401 EXIST::FUNCTION:
-PEM_read_bio_X509_CRL 402 EXIST::FUNCTION:
-PEM_read_bio_X509_REQ 403 EXIST::FUNCTION:
-PEM_write 404 EXIST::FUNCTION:
-PEM_write_DHparams 405 EXIST:!WIN16:FUNCTION:DH
-PEM_write_DSAPrivateKey 406 EXIST:!WIN16:FUNCTION:DSA
-PEM_write_DSAparams 407 EXIST:!WIN16:FUNCTION:DSA
-PEM_write_PKCS7 408 EXIST:!WIN16:FUNCTION:
-PEM_write_PrivateKey 409 EXIST:!WIN16:FUNCTION:
-PEM_write_RSAPrivateKey 410 EXIST:!WIN16:FUNCTION:RSA
-PEM_write_X509 411 EXIST:!WIN16:FUNCTION:
-PEM_write_X509_CRL 412 EXIST:!WIN16:FUNCTION:
-PEM_write_X509_REQ 413 EXIST:!WIN16:FUNCTION:
-PEM_write_bio 414 EXIST::FUNCTION:BIO
-PEM_write_bio_DHparams 415 EXIST::FUNCTION:DH
-PEM_write_bio_DSAPrivateKey 416 EXIST::FUNCTION:DSA
-PEM_write_bio_DSAparams 417 EXIST::FUNCTION:DSA
-PEM_write_bio_PKCS7 418 EXIST::FUNCTION:
-PEM_write_bio_PrivateKey 419 EXIST::FUNCTION:
-PEM_write_bio_RSAPrivateKey 420 EXIST::FUNCTION:RSA
-PEM_write_bio_X509 421 EXIST::FUNCTION:
-PEM_write_bio_X509_CRL 422 EXIST::FUNCTION:
-PEM_write_bio_X509_REQ 423 EXIST::FUNCTION:
-PKCS7_DIGEST_free 424 EXIST::FUNCTION:
-PKCS7_DIGEST_new 425 EXIST::FUNCTION:
-PKCS7_ENCRYPT_free 426 EXIST::FUNCTION:
-PKCS7_ENCRYPT_new 427 EXIST::FUNCTION:
-PKCS7_ENC_CONTENT_free 428 EXIST::FUNCTION:
-PKCS7_ENC_CONTENT_new 429 EXIST::FUNCTION:
-PKCS7_ENVELOPE_free 430 EXIST::FUNCTION:
-PKCS7_ENVELOPE_new 431 EXIST::FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_digest 432 EXIST::FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_free 433 EXIST::FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_new 434 EXIST::FUNCTION:
-PKCS7_RECIP_INFO_free 435 EXIST::FUNCTION:
-PKCS7_RECIP_INFO_new 436 EXIST::FUNCTION:
-PKCS7_SIGNED_free 437 EXIST::FUNCTION:
-PKCS7_SIGNED_new 438 EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_free 439 EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_new 440 EXIST::FUNCTION:
-PKCS7_SIGN_ENVELOPE_free 441 EXIST::FUNCTION:
-PKCS7_SIGN_ENVELOPE_new 442 EXIST::FUNCTION:
-PKCS7_dup 443 EXIST::FUNCTION:
-PKCS7_free 444 EXIST::FUNCTION:
-PKCS7_new 445 EXIST::FUNCTION:
-PROXY_ENTRY_add_noproxy 446 NOEXIST::FUNCTION:
-PROXY_ENTRY_clear_noproxy 447 NOEXIST::FUNCTION:
-PROXY_ENTRY_free 448 NOEXIST::FUNCTION:
-PROXY_ENTRY_get_noproxy 449 NOEXIST::FUNCTION:
-PROXY_ENTRY_new 450 NOEXIST::FUNCTION:
-PROXY_ENTRY_set_server 451 NOEXIST::FUNCTION:
-PROXY_add_noproxy 452 NOEXIST::FUNCTION:
-PROXY_add_server 453 NOEXIST::FUNCTION:
-PROXY_check_by_host 454 NOEXIST::FUNCTION:
-PROXY_check_url 455 NOEXIST::FUNCTION:
-PROXY_clear_noproxy 456 NOEXIST::FUNCTION:
-PROXY_free 457 NOEXIST::FUNCTION:
-PROXY_get_noproxy 458 NOEXIST::FUNCTION:
-PROXY_get_proxies 459 NOEXIST::FUNCTION:
-PROXY_get_proxy_entry 460 NOEXIST::FUNCTION:
-PROXY_load_conf 461 NOEXIST::FUNCTION:
-PROXY_new 462 NOEXIST::FUNCTION:
-PROXY_print 463 NOEXIST::FUNCTION:
-RAND_bytes 464 EXIST::FUNCTION:
-RAND_cleanup 465 EXIST::FUNCTION:
-RAND_file_name 466 EXIST::FUNCTION:
-RAND_load_file 467 EXIST::FUNCTION:
-RAND_screen 468 EXIST:WIN32:FUNCTION:
-RAND_seed 469 EXIST::FUNCTION:
-RAND_write_file 470 EXIST::FUNCTION:
-RC2_cbc_encrypt 471 EXIST::FUNCTION:RC2
-RC2_cfb64_encrypt 472 EXIST::FUNCTION:RC2
-RC2_ecb_encrypt 473 EXIST::FUNCTION:RC2
-RC2_encrypt 474 EXIST::FUNCTION:RC2
-RC2_ofb64_encrypt 475 EXIST::FUNCTION:RC2
-RC2_set_key 476 EXIST::FUNCTION:RC2
-RC4 477 EXIST::FUNCTION:RC4
-RC4_options 478 EXIST::FUNCTION:RC4
-RC4_set_key 479 EXIST::FUNCTION:RC4
-RSAPrivateKey_asn1_meth 480 NOEXIST::FUNCTION:
-RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA
-RSAPublicKey_dup 482 EXIST::FUNCTION:RSA
-RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA
-RSA_free 484 EXIST::FUNCTION:RSA
-RSA_generate_key 485 EXIST::FUNCTION:DEPRECATED,RSA
-RSA_new 486 EXIST::FUNCTION:RSA
-RSA_new_method 487 EXIST::FUNCTION:RSA
-RSA_print 488 EXIST::FUNCTION:BIO,RSA
-RSA_print_fp 489 EXIST::FUNCTION:FP_API,RSA
-RSA_private_decrypt 490 EXIST::FUNCTION:RSA
-RSA_private_encrypt 491 EXIST::FUNCTION:RSA
-RSA_public_decrypt 492 EXIST::FUNCTION:RSA
-RSA_public_encrypt 493 EXIST::FUNCTION:RSA
-RSA_set_default_method 494 EXIST::FUNCTION:RSA
-RSA_sign 495 EXIST::FUNCTION:RSA
-RSA_sign_ASN1_OCTET_STRING 496 EXIST::FUNCTION:RSA
-RSA_size 497 EXIST::FUNCTION:RSA
-RSA_verify 498 EXIST::FUNCTION:RSA
-RSA_verify_ASN1_OCTET_STRING 499 EXIST::FUNCTION:RSA
-SHA 500 EXIST::FUNCTION:SHA,SHA0
-SHA1 501 EXIST::FUNCTION:SHA,SHA1
-SHA1_Final 502 EXIST::FUNCTION:SHA,SHA1
-SHA1_Init 503 EXIST::FUNCTION:SHA,SHA1
-SHA1_Update 504 EXIST::FUNCTION:SHA,SHA1
-SHA_Final 505 EXIST::FUNCTION:SHA,SHA0
-SHA_Init 506 EXIST::FUNCTION:SHA,SHA0
-SHA_Update 507 EXIST::FUNCTION:SHA,SHA0
-OpenSSL_add_all_algorithms 508 NOEXIST::FUNCTION:
-OpenSSL_add_all_ciphers 509 EXIST::FUNCTION:
-OpenSSL_add_all_digests 510 EXIST::FUNCTION:
-TXT_DB_create_index 511 EXIST::FUNCTION:
-TXT_DB_free 512 EXIST::FUNCTION:
-TXT_DB_get_by_index 513 EXIST::FUNCTION:
-TXT_DB_insert 514 EXIST::FUNCTION:
-TXT_DB_read 515 EXIST::FUNCTION:BIO
-TXT_DB_write 516 EXIST::FUNCTION:BIO
-X509_ALGOR_free 517 EXIST::FUNCTION:
-X509_ALGOR_new 518 EXIST::FUNCTION:
-X509_ATTRIBUTE_free 519 EXIST::FUNCTION:
-X509_ATTRIBUTE_new 520 EXIST::FUNCTION:
-X509_CINF_free 521 EXIST::FUNCTION:
-X509_CINF_new 522 EXIST::FUNCTION:
-X509_CRL_INFO_free 523 EXIST::FUNCTION:
-X509_CRL_INFO_new 524 EXIST::FUNCTION:
-X509_CRL_add_ext 525 EXIST::FUNCTION:
-X509_CRL_cmp 526 EXIST::FUNCTION:
-X509_CRL_delete_ext 527 EXIST::FUNCTION:
-X509_CRL_dup 528 EXIST::FUNCTION:
-X509_CRL_free 529 EXIST::FUNCTION:
-X509_CRL_get_ext 530 EXIST::FUNCTION:
-X509_CRL_get_ext_by_NID 531 EXIST::FUNCTION:
-X509_CRL_get_ext_by_OBJ 532 EXIST::FUNCTION:
-X509_CRL_get_ext_by_critical 533 EXIST::FUNCTION:
-X509_CRL_get_ext_count 534 EXIST::FUNCTION:
-X509_CRL_new 535 EXIST::FUNCTION:
-X509_CRL_sign 536 EXIST::FUNCTION:EVP
-X509_CRL_verify 537 EXIST::FUNCTION:EVP
-X509_EXTENSION_create_by_NID 538 EXIST::FUNCTION:
-X509_EXTENSION_create_by_OBJ 539 EXIST::FUNCTION:
-X509_EXTENSION_dup 540 EXIST::FUNCTION:
-X509_EXTENSION_free 541 EXIST::FUNCTION:
-X509_EXTENSION_get_critical 542 EXIST::FUNCTION:
-X509_EXTENSION_get_data 543 EXIST::FUNCTION:
-X509_EXTENSION_get_object 544 EXIST::FUNCTION:
-X509_EXTENSION_new 545 EXIST::FUNCTION:
-X509_EXTENSION_set_critical 546 EXIST::FUNCTION:
-X509_EXTENSION_set_data 547 EXIST::FUNCTION:
-X509_EXTENSION_set_object 548 EXIST::FUNCTION:
-X509_INFO_free 549 EXIST::FUNCTION:EVP
-X509_INFO_new 550 EXIST::FUNCTION:EVP
-X509_LOOKUP_by_alias 551 EXIST::FUNCTION:
-X509_LOOKUP_by_fingerprint 552 EXIST::FUNCTION:
-X509_LOOKUP_by_issuer_serial 553 EXIST::FUNCTION:
-X509_LOOKUP_by_subject 554 EXIST::FUNCTION:
-X509_LOOKUP_ctrl 555 EXIST::FUNCTION:
-X509_LOOKUP_file 556 EXIST::FUNCTION:
-X509_LOOKUP_free 557 EXIST::FUNCTION:
-X509_LOOKUP_hash_dir 558 EXIST::FUNCTION:
-X509_LOOKUP_init 559 EXIST::FUNCTION:
-X509_LOOKUP_new 560 EXIST::FUNCTION:
-X509_LOOKUP_shutdown 561 EXIST::FUNCTION:
-X509_NAME_ENTRY_create_by_NID 562 EXIST::FUNCTION:
-X509_NAME_ENTRY_create_by_OBJ 563 EXIST::FUNCTION:
-X509_NAME_ENTRY_dup 564 EXIST::FUNCTION:
-X509_NAME_ENTRY_free 565 EXIST::FUNCTION:
-X509_NAME_ENTRY_get_data 566 EXIST::FUNCTION:
-X509_NAME_ENTRY_get_object 567 EXIST::FUNCTION:
-X509_NAME_ENTRY_new 568 EXIST::FUNCTION:
-X509_NAME_ENTRY_set_data 569 EXIST::FUNCTION:
-X509_NAME_ENTRY_set_object 570 EXIST::FUNCTION:
-X509_NAME_add_entry 571 EXIST::FUNCTION:
-X509_NAME_cmp 572 EXIST::FUNCTION:
-X509_NAME_delete_entry 573 EXIST::FUNCTION:
-X509_NAME_digest 574 EXIST::FUNCTION:EVP
-X509_NAME_dup 575 EXIST::FUNCTION:
-X509_NAME_entry_count 576 EXIST::FUNCTION:
-X509_NAME_free 577 EXIST::FUNCTION:
-X509_NAME_get_entry 578 EXIST::FUNCTION:
-X509_NAME_get_index_by_NID 579 EXIST::FUNCTION:
-X509_NAME_get_index_by_OBJ 580 EXIST::FUNCTION:
-X509_NAME_get_text_by_NID 581 EXIST::FUNCTION:
-X509_NAME_get_text_by_OBJ 582 EXIST::FUNCTION:
-X509_NAME_hash 583 EXIST::FUNCTION:
-X509_NAME_new 584 EXIST::FUNCTION:
-X509_NAME_oneline 585 EXIST::FUNCTION:EVP
-X509_NAME_print 586 EXIST::FUNCTION:BIO
-X509_NAME_set 587 EXIST::FUNCTION:
-X509_OBJECT_free_contents 588 EXIST::FUNCTION:
-X509_OBJECT_retrieve_by_subject 589 EXIST::FUNCTION:
-X509_OBJECT_up_ref_count 590 EXIST::FUNCTION:
-X509_PKEY_free 591 EXIST::FUNCTION:
-X509_PKEY_new 592 EXIST::FUNCTION:
-X509_PUBKEY_free 593 EXIST::FUNCTION:
-X509_PUBKEY_get 594 EXIST::FUNCTION:
-X509_PUBKEY_new 595 EXIST::FUNCTION:
-X509_PUBKEY_set 596 EXIST::FUNCTION:
-X509_REQ_INFO_free 597 EXIST::FUNCTION:
-X509_REQ_INFO_new 598 EXIST::FUNCTION:
-X509_REQ_dup 599 EXIST::FUNCTION:
-X509_REQ_free 600 EXIST::FUNCTION:
-X509_REQ_get_pubkey 601 EXIST::FUNCTION:
-X509_REQ_new 602 EXIST::FUNCTION:
-X509_REQ_print 603 EXIST::FUNCTION:BIO
-X509_REQ_print_fp 604 EXIST::FUNCTION:FP_API
-X509_REQ_set_pubkey 605 EXIST::FUNCTION:
-X509_REQ_set_subject_name 606 EXIST::FUNCTION:
-X509_REQ_set_version 607 EXIST::FUNCTION:
-X509_REQ_sign 608 EXIST::FUNCTION:EVP
-X509_REQ_to_X509 609 EXIST::FUNCTION:
-X509_REQ_verify 610 EXIST::FUNCTION:EVP
-X509_REVOKED_add_ext 611 EXIST::FUNCTION:
-X509_REVOKED_delete_ext 612 EXIST::FUNCTION:
-X509_REVOKED_free 613 EXIST::FUNCTION:
-X509_REVOKED_get_ext 614 EXIST::FUNCTION:
-X509_REVOKED_get_ext_by_NID 615 EXIST::FUNCTION:
-X509_REVOKED_get_ext_by_OBJ 616 EXIST::FUNCTION:
-X509_REVOKED_get_ext_by_critical 617 EXIST:!VMS:FUNCTION:
-X509_REVOKED_get_ext_by_critic 617 EXIST:VMS:FUNCTION:
-X509_REVOKED_get_ext_count 618 EXIST::FUNCTION:
-X509_REVOKED_new 619 EXIST::FUNCTION:
-X509_SIG_free 620 EXIST::FUNCTION:
-X509_SIG_new 621 EXIST::FUNCTION:
-X509_STORE_CTX_cleanup 622 EXIST::FUNCTION:
-X509_STORE_CTX_init 623 EXIST::FUNCTION:
-X509_STORE_add_cert 624 EXIST::FUNCTION:
-X509_STORE_add_lookup 625 EXIST::FUNCTION:
-X509_STORE_free 626 EXIST::FUNCTION:
-X509_STORE_get_by_subject 627 EXIST::FUNCTION:
-X509_STORE_load_locations 628 EXIST::FUNCTION:STDIO
-X509_STORE_new 629 EXIST::FUNCTION:
-X509_STORE_set_default_paths 630 EXIST::FUNCTION:STDIO
-X509_VAL_free 631 EXIST::FUNCTION:
-X509_VAL_new 632 EXIST::FUNCTION:
-X509_add_ext 633 EXIST::FUNCTION:
-X509_asn1_meth 634 NOEXIST::FUNCTION:
-X509_certificate_type 635 EXIST::FUNCTION:
-X509_check_private_key 636 EXIST::FUNCTION:
-X509_cmp_current_time 637 EXIST::FUNCTION:
-X509_delete_ext 638 EXIST::FUNCTION:
-X509_digest 639 EXIST::FUNCTION:EVP
-X509_dup 640 EXIST::FUNCTION:
-X509_free 641 EXIST::FUNCTION:
-X509_get_default_cert_area 642 EXIST::FUNCTION:
-X509_get_default_cert_dir 643 EXIST::FUNCTION:
-X509_get_default_cert_dir_env 644 EXIST::FUNCTION:
-X509_get_default_cert_file 645 EXIST::FUNCTION:
-X509_get_default_cert_file_env 646 EXIST::FUNCTION:
-X509_get_default_private_dir 647 EXIST::FUNCTION:
-X509_get_ext 648 EXIST::FUNCTION:
-X509_get_ext_by_NID 649 EXIST::FUNCTION:
-X509_get_ext_by_OBJ 650 EXIST::FUNCTION:
-X509_get_ext_by_critical 651 EXIST::FUNCTION:
-X509_get_ext_count 652 EXIST::FUNCTION:
-X509_get_issuer_name 653 EXIST::FUNCTION:
-X509_get_pubkey 654 EXIST::FUNCTION:
-X509_get_pubkey_parameters 655 EXIST::FUNCTION:
-X509_get_serialNumber 656 EXIST::FUNCTION:
-X509_get_subject_name 657 EXIST::FUNCTION:
-X509_gmtime_adj 658 EXIST::FUNCTION:
-X509_issuer_and_serial_cmp 659 EXIST::FUNCTION:
-X509_issuer_and_serial_hash 660 EXIST::FUNCTION:
-X509_issuer_name_cmp 661 EXIST::FUNCTION:
-X509_issuer_name_hash 662 EXIST::FUNCTION:
-X509_load_cert_file 663 EXIST::FUNCTION:STDIO
-X509_new 664 EXIST::FUNCTION:
-X509_print 665 EXIST::FUNCTION:BIO
-X509_print_fp 666 EXIST::FUNCTION:FP_API
-X509_set_issuer_name 667 EXIST::FUNCTION:
-X509_set_notAfter 668 EXIST::FUNCTION:
-X509_set_notBefore 669 EXIST::FUNCTION:
-X509_set_pubkey 670 EXIST::FUNCTION:
-X509_set_serialNumber 671 EXIST::FUNCTION:
-X509_set_subject_name 672 EXIST::FUNCTION:
-X509_set_version 673 EXIST::FUNCTION:
-X509_sign 674 EXIST::FUNCTION:EVP
-X509_subject_name_cmp 675 EXIST::FUNCTION:
-X509_subject_name_hash 676 EXIST::FUNCTION:
-X509_to_X509_REQ 677 EXIST::FUNCTION:
-X509_verify 678 EXIST::FUNCTION:EVP
-X509_verify_cert 679 EXIST::FUNCTION:
-X509_verify_cert_error_string 680 EXIST::FUNCTION:
-X509v3_add_ext 681 EXIST::FUNCTION:
-X509v3_add_extension 682 NOEXIST::FUNCTION:
-X509v3_add_netscape_extensions 683 NOEXIST::FUNCTION:
-X509v3_add_standard_extensions 684 NOEXIST::FUNCTION:
-X509v3_cleanup_extensions 685 NOEXIST::FUNCTION:
-X509v3_data_type_by_NID 686 NOEXIST::FUNCTION:
-X509v3_data_type_by_OBJ 687 NOEXIST::FUNCTION:
-X509v3_delete_ext 688 EXIST::FUNCTION:
-X509v3_get_ext 689 EXIST::FUNCTION:
-X509v3_get_ext_by_NID 690 EXIST::FUNCTION:
-X509v3_get_ext_by_OBJ 691 EXIST::FUNCTION:
-X509v3_get_ext_by_critical 692 EXIST::FUNCTION:
-X509v3_get_ext_count 693 EXIST::FUNCTION:
-X509v3_pack_string 694 NOEXIST::FUNCTION:
-X509v3_pack_type_by_NID 695 NOEXIST::FUNCTION:
-X509v3_pack_type_by_OBJ 696 NOEXIST::FUNCTION:
-X509v3_unpack_string 697 NOEXIST::FUNCTION:
-_des_crypt 698 NOEXIST::FUNCTION:
-a2d_ASN1_OBJECT 699 EXIST::FUNCTION:
-a2i_ASN1_INTEGER 700 EXIST::FUNCTION:BIO
-a2i_ASN1_STRING 701 EXIST::FUNCTION:BIO
-asn1_Finish 702 EXIST::FUNCTION:
-asn1_GetSequence 703 EXIST::FUNCTION:
-bn_div_words 704 EXIST::FUNCTION:
-bn_expand2 705 EXIST::FUNCTION:
-bn_mul_add_words 706 EXIST::FUNCTION:
-bn_mul_words 707 EXIST::FUNCTION:
-BN_uadd 708 EXIST::FUNCTION:
-BN_usub 709 EXIST::FUNCTION:
-bn_sqr_words 710 EXIST::FUNCTION:
-_ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES
-d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION:
-d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION:
-d2i_ASN1_HEADER 714 NOEXIST::FUNCTION:
-d2i_ASN1_IA5STRING 715 EXIST::FUNCTION:
-d2i_ASN1_INTEGER 716 EXIST::FUNCTION:
-d2i_ASN1_OBJECT 717 EXIST::FUNCTION:
-d2i_ASN1_OCTET_STRING 718 EXIST::FUNCTION:
-d2i_ASN1_PRINTABLE 719 EXIST::FUNCTION:
-d2i_ASN1_PRINTABLESTRING 720 EXIST::FUNCTION:
-d2i_ASN1_SET 721 EXIST::FUNCTION:
-d2i_ASN1_T61STRING 722 EXIST::FUNCTION:
-d2i_ASN1_TYPE 723 EXIST::FUNCTION:
-d2i_ASN1_UTCTIME 724 EXIST::FUNCTION:
-d2i_ASN1_bytes 725 EXIST::FUNCTION:
-d2i_ASN1_type_bytes 726 EXIST::FUNCTION:
-d2i_DHparams 727 EXIST::FUNCTION:DH
-d2i_DSAPrivateKey 728 EXIST::FUNCTION:DSA
-d2i_DSAPrivateKey_bio 729 EXIST::FUNCTION:BIO,DSA
-d2i_DSAPrivateKey_fp 730 EXIST::FUNCTION:DSA,FP_API
-d2i_DSAPublicKey 731 EXIST::FUNCTION:DSA
-d2i_DSAparams 732 EXIST::FUNCTION:DSA
-d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION:
-d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION:
-d2i_Netscape_RSA 735 EXIST::FUNCTION:RC4,RSA
-d2i_PKCS7 736 EXIST::FUNCTION:
-d2i_PKCS7_DIGEST 737 EXIST::FUNCTION:
-d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION:
-d2i_PKCS7_ENC_CONTENT 739 EXIST::FUNCTION:
-d2i_PKCS7_ENVELOPE 740 EXIST::FUNCTION:
-d2i_PKCS7_ISSUER_AND_SERIAL 741 EXIST::FUNCTION:
-d2i_PKCS7_RECIP_INFO 742 EXIST::FUNCTION:
-d2i_PKCS7_SIGNED 743 EXIST::FUNCTION:
-d2i_PKCS7_SIGNER_INFO 744 EXIST::FUNCTION:
-d2i_PKCS7_SIGN_ENVELOPE 745 EXIST::FUNCTION:
-d2i_PKCS7_bio 746 EXIST::FUNCTION:
-d2i_PKCS7_fp 747 EXIST::FUNCTION:FP_API
-d2i_PrivateKey 748 EXIST::FUNCTION:
-d2i_PublicKey 749 EXIST::FUNCTION:
-d2i_RSAPrivateKey 750 EXIST::FUNCTION:RSA
-d2i_RSAPrivateKey_bio 751 EXIST::FUNCTION:BIO,RSA
-d2i_RSAPrivateKey_fp 752 EXIST::FUNCTION:FP_API,RSA
-d2i_RSAPublicKey 753 EXIST::FUNCTION:RSA
-d2i_X509 754 EXIST::FUNCTION:
-d2i_X509_ALGOR 755 EXIST::FUNCTION:
-d2i_X509_ATTRIBUTE 756 EXIST::FUNCTION:
-d2i_X509_CINF 757 EXIST::FUNCTION:
-d2i_X509_CRL 758 EXIST::FUNCTION:
-d2i_X509_CRL_INFO 759 EXIST::FUNCTION:
-d2i_X509_CRL_bio 760 EXIST::FUNCTION:BIO
-d2i_X509_CRL_fp 761 EXIST::FUNCTION:FP_API
-d2i_X509_EXTENSION 762 EXIST::FUNCTION:
-d2i_X509_NAME 763 EXIST::FUNCTION:
-d2i_X509_NAME_ENTRY 764 EXIST::FUNCTION:
-d2i_X509_PKEY 765 EXIST::FUNCTION:
-d2i_X509_PUBKEY 766 EXIST::FUNCTION:
-d2i_X509_REQ 767 EXIST::FUNCTION:
-d2i_X509_REQ_INFO 768 EXIST::FUNCTION:
-d2i_X509_REQ_bio 769 EXIST::FUNCTION:BIO
-d2i_X509_REQ_fp 770 EXIST::FUNCTION:FP_API
-d2i_X509_REVOKED 771 EXIST::FUNCTION:
-d2i_X509_SIG 772 EXIST::FUNCTION:
-d2i_X509_VAL 773 EXIST::FUNCTION:
-d2i_X509_bio 774 EXIST::FUNCTION:BIO
-d2i_X509_fp 775 EXIST::FUNCTION:FP_API
-DES_cbc_cksum 777 EXIST::FUNCTION:DES
-DES_cbc_encrypt 778 EXIST::FUNCTION:DES
-DES_cblock_print_file 779 NOEXIST::FUNCTION:
-DES_cfb64_encrypt 780 EXIST::FUNCTION:DES
-DES_cfb_encrypt 781 EXIST::FUNCTION:DES
-DES_decrypt3 782 EXIST::FUNCTION:DES
-DES_ecb3_encrypt 783 EXIST::FUNCTION:DES
-DES_ecb_encrypt 784 EXIST::FUNCTION:DES
-DES_ede3_cbc_encrypt 785 EXIST::FUNCTION:DES
-DES_ede3_cfb64_encrypt 786 EXIST::FUNCTION:DES
-DES_ede3_ofb64_encrypt 787 EXIST::FUNCTION:DES
-DES_enc_read 788 EXIST::FUNCTION:DES
-DES_enc_write 789 EXIST::FUNCTION:DES
-DES_encrypt1 790 EXIST::FUNCTION:DES
-DES_encrypt2 791 EXIST::FUNCTION:DES
-DES_encrypt3 792 EXIST::FUNCTION:DES
-DES_fcrypt 793 EXIST::FUNCTION:DES
-DES_is_weak_key 794 EXIST::FUNCTION:DES
-DES_key_sched 795 EXIST::FUNCTION:DES
-DES_ncbc_encrypt 796 EXIST::FUNCTION:DES
-DES_ofb64_encrypt 797 EXIST::FUNCTION:DES
-DES_ofb_encrypt 798 EXIST::FUNCTION:DES
-DES_options 799 EXIST::FUNCTION:DES
-DES_pcbc_encrypt 800 EXIST::FUNCTION:DES
-DES_quad_cksum 801 EXIST::FUNCTION:DES
-DES_random_key 802 EXIST::FUNCTION:DES
-_ossl_old_des_random_seed 803 EXIST::FUNCTION:DES
-_ossl_old_des_read_2passwords 804 EXIST::FUNCTION:DES
-_ossl_old_des_read_password 805 EXIST::FUNCTION:DES
-_ossl_old_des_read_pw 806 EXIST::FUNCTION:
-_ossl_old_des_read_pw_string 807 EXIST::FUNCTION:
-DES_set_key 808 EXIST::FUNCTION:DES
-DES_set_odd_parity 809 EXIST::FUNCTION:DES
-DES_string_to_2keys 810 EXIST::FUNCTION:DES
-DES_string_to_key 811 EXIST::FUNCTION:DES
-DES_xcbc_encrypt 812 EXIST::FUNCTION:DES
-DES_xwhite_in2out 813 NOEXIST::FUNCTION:
-fcrypt_body 814 NOEXIST::FUNCTION:
-i2a_ASN1_INTEGER 815 EXIST::FUNCTION:BIO
-i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO
-i2a_ASN1_STRING 817 EXIST::FUNCTION:BIO
-i2d_ASN1_BIT_STRING 818 EXIST::FUNCTION:
-i2d_ASN1_BOOLEAN 819 EXIST::FUNCTION:
-i2d_ASN1_HEADER 820 NOEXIST::FUNCTION:
-i2d_ASN1_IA5STRING 821 EXIST::FUNCTION:
-i2d_ASN1_INTEGER 822 EXIST::FUNCTION:
-i2d_ASN1_OBJECT 823 EXIST::FUNCTION:
-i2d_ASN1_OCTET_STRING 824 EXIST::FUNCTION:
-i2d_ASN1_PRINTABLE 825 EXIST::FUNCTION:
-i2d_ASN1_SET 826 EXIST::FUNCTION:
-i2d_ASN1_TYPE 827 EXIST::FUNCTION:
-i2d_ASN1_UTCTIME 828 EXIST::FUNCTION:
-i2d_ASN1_bytes 829 EXIST::FUNCTION:
-i2d_DHparams 830 EXIST::FUNCTION:DH
-i2d_DSAPrivateKey 831 EXIST::FUNCTION:DSA
-i2d_DSAPrivateKey_bio 832 EXIST::FUNCTION:BIO,DSA
-i2d_DSAPrivateKey_fp 833 EXIST::FUNCTION:DSA,FP_API
-i2d_DSAPublicKey 834 EXIST::FUNCTION:DSA
-i2d_DSAparams 835 EXIST::FUNCTION:DSA
-i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION:
-i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION:
-i2d_Netscape_RSA 838 EXIST::FUNCTION:RC4,RSA
-i2d_PKCS7 839 EXIST::FUNCTION:
-i2d_PKCS7_DIGEST 840 EXIST::FUNCTION:
-i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION:
-i2d_PKCS7_ENC_CONTENT 842 EXIST::FUNCTION:
-i2d_PKCS7_ENVELOPE 843 EXIST::FUNCTION:
-i2d_PKCS7_ISSUER_AND_SERIAL 844 EXIST::FUNCTION:
-i2d_PKCS7_RECIP_INFO 845 EXIST::FUNCTION:
-i2d_PKCS7_SIGNED 846 EXIST::FUNCTION:
-i2d_PKCS7_SIGNER_INFO 847 EXIST::FUNCTION:
-i2d_PKCS7_SIGN_ENVELOPE 848 EXIST::FUNCTION:
-i2d_PKCS7_bio 849 EXIST::FUNCTION:
-i2d_PKCS7_fp 850 EXIST::FUNCTION:FP_API
-i2d_PrivateKey 851 EXIST::FUNCTION:
-i2d_PublicKey 852 EXIST::FUNCTION:
-i2d_RSAPrivateKey 853 EXIST::FUNCTION:RSA
-i2d_RSAPrivateKey_bio 854 EXIST::FUNCTION:BIO,RSA
-i2d_RSAPrivateKey_fp 855 EXIST::FUNCTION:FP_API,RSA
-i2d_RSAPublicKey 856 EXIST::FUNCTION:RSA
-i2d_X509 857 EXIST::FUNCTION:
-i2d_X509_ALGOR 858 EXIST::FUNCTION:
-i2d_X509_ATTRIBUTE 859 EXIST::FUNCTION:
-i2d_X509_CINF 860 EXIST::FUNCTION:
-i2d_X509_CRL 861 EXIST::FUNCTION:
-i2d_X509_CRL_INFO 862 EXIST::FUNCTION:
-i2d_X509_CRL_bio 863 EXIST::FUNCTION:BIO
-i2d_X509_CRL_fp 864 EXIST::FUNCTION:FP_API
-i2d_X509_EXTENSION 865 EXIST::FUNCTION:
-i2d_X509_NAME 866 EXIST::FUNCTION:
-i2d_X509_NAME_ENTRY 867 EXIST::FUNCTION:
-i2d_X509_PKEY 868 EXIST::FUNCTION:
-i2d_X509_PUBKEY 869 EXIST::FUNCTION:
-i2d_X509_REQ 870 EXIST::FUNCTION:
-i2d_X509_REQ_INFO 871 EXIST::FUNCTION:
-i2d_X509_REQ_bio 872 EXIST::FUNCTION:BIO
-i2d_X509_REQ_fp 873 EXIST::FUNCTION:FP_API
-i2d_X509_REVOKED 874 EXIST::FUNCTION:
-i2d_X509_SIG 875 EXIST::FUNCTION:
-i2d_X509_VAL 876 EXIST::FUNCTION:
-i2d_X509_bio 877 EXIST::FUNCTION:BIO
-i2d_X509_fp 878 EXIST::FUNCTION:FP_API
-idea_cbc_encrypt 879 EXIST::FUNCTION:IDEA
-idea_cfb64_encrypt 880 EXIST::FUNCTION:IDEA
-idea_ecb_encrypt 881 EXIST::FUNCTION:IDEA
-idea_encrypt 882 EXIST::FUNCTION:IDEA
-idea_ofb64_encrypt 883 EXIST::FUNCTION:IDEA
-idea_options 884 EXIST::FUNCTION:IDEA
-idea_set_decrypt_key 885 EXIST::FUNCTION:IDEA
-idea_set_encrypt_key 886 EXIST::FUNCTION:IDEA
-lh_delete 887 EXIST::FUNCTION:
-lh_doall 888 EXIST::FUNCTION:
-lh_doall_arg 889 EXIST::FUNCTION:
-lh_free 890 EXIST::FUNCTION:
-lh_insert 891 EXIST::FUNCTION:
-lh_new 892 EXIST::FUNCTION:
-lh_node_stats 893 EXIST::FUNCTION:FP_API
-lh_node_stats_bio 894 EXIST::FUNCTION:BIO
-lh_node_usage_stats 895 EXIST::FUNCTION:FP_API
-lh_node_usage_stats_bio 896 EXIST::FUNCTION:BIO
-lh_retrieve 897 EXIST::FUNCTION:
-lh_stats 898 EXIST::FUNCTION:FP_API
-lh_stats_bio 899 EXIST::FUNCTION:BIO
-lh_strhash 900 EXIST::FUNCTION:
-sk_delete 901 EXIST::FUNCTION:
-sk_delete_ptr 902 EXIST::FUNCTION:
-sk_dup 903 EXIST::FUNCTION:
-sk_find 904 EXIST::FUNCTION:
-sk_free 905 EXIST::FUNCTION:
-sk_insert 906 EXIST::FUNCTION:
-sk_new 907 EXIST::FUNCTION:
-sk_pop 908 EXIST::FUNCTION:
-sk_pop_free 909 EXIST::FUNCTION:
-sk_push 910 EXIST::FUNCTION:
-sk_set_cmp_func 911 EXIST::FUNCTION:
-sk_shift 912 EXIST::FUNCTION:
-sk_unshift 913 EXIST::FUNCTION:
-sk_zero 914 EXIST::FUNCTION:
-BIO_f_nbio_test 915 EXIST::FUNCTION:
-ASN1_TYPE_get 916 EXIST::FUNCTION:
-ASN1_TYPE_set 917 EXIST::FUNCTION:
-PKCS7_content_free 918 NOEXIST::FUNCTION:
-ERR_load_PKCS7_strings 919 EXIST::FUNCTION:
-X509_find_by_issuer_and_serial 920 EXIST::FUNCTION:
-X509_find_by_subject 921 EXIST::FUNCTION:
-PKCS7_ctrl 927 EXIST::FUNCTION:
-PKCS7_set_type 928 EXIST::FUNCTION:
-PKCS7_set_content 929 EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_set 930 EXIST::FUNCTION:
-PKCS7_add_signer 931 EXIST::FUNCTION:
-PKCS7_add_certificate 932 EXIST::FUNCTION:
-PKCS7_add_crl 933 EXIST::FUNCTION:
-PKCS7_content_new 934 EXIST::FUNCTION:
-PKCS7_dataSign 935 NOEXIST::FUNCTION:
-PKCS7_dataVerify 936 EXIST::FUNCTION:
-PKCS7_dataInit 937 EXIST::FUNCTION:
-PKCS7_add_signature 938 EXIST::FUNCTION:
-PKCS7_cert_from_signer_info 939 EXIST::FUNCTION:
-PKCS7_get_signer_info 940 EXIST::FUNCTION:
-EVP_delete_alias 941 NOEXIST::FUNCTION:
-EVP_mdc2 942 EXIST::FUNCTION:MDC2
-PEM_read_bio_RSAPublicKey 943 EXIST::FUNCTION:RSA
-PEM_write_bio_RSAPublicKey 944 EXIST::FUNCTION:RSA
-d2i_RSAPublicKey_bio 945 EXIST::FUNCTION:BIO,RSA
-i2d_RSAPublicKey_bio 946 EXIST::FUNCTION:BIO,RSA
-PEM_read_RSAPublicKey 947 EXIST:!WIN16:FUNCTION:RSA
-PEM_write_RSAPublicKey 949 EXIST:!WIN16:FUNCTION:RSA
-d2i_RSAPublicKey_fp 952 EXIST::FUNCTION:FP_API,RSA
-i2d_RSAPublicKey_fp 954 EXIST::FUNCTION:FP_API,RSA
-BIO_copy_next_retry 955 EXIST::FUNCTION:
-RSA_flags 956 EXIST::FUNCTION:RSA
-X509_STORE_add_crl 957 EXIST::FUNCTION:
-X509_load_crl_file 958 EXIST::FUNCTION:STDIO
-EVP_rc2_40_cbc 959 EXIST::FUNCTION:RC2
-EVP_rc4_40 960 EXIST::FUNCTION:RC4
-EVP_CIPHER_CTX_init 961 EXIST::FUNCTION:
-HMAC 962 EXIST::FUNCTION:HMAC
-HMAC_Init 963 EXIST::FUNCTION:HMAC
-HMAC_Update 964 EXIST::FUNCTION:HMAC
-HMAC_Final 965 EXIST::FUNCTION:HMAC
-ERR_get_next_error_library 966 EXIST::FUNCTION:
-EVP_PKEY_cmp_parameters 967 EXIST::FUNCTION:
-HMAC_cleanup 968 NOEXIST::FUNCTION:
-BIO_ptr_ctrl 969 EXIST::FUNCTION:
-BIO_new_file_internal 970 NOEXIST::FUNCTION:
-BIO_new_fp_internal 971 NOEXIST::FUNCTION:
-BIO_s_file_internal 972 NOEXIST::FUNCTION:
-BN_BLINDING_convert 973 EXIST::FUNCTION:
-BN_BLINDING_invert 974 EXIST::FUNCTION:
-BN_BLINDING_update 975 EXIST::FUNCTION:
-RSA_blinding_on 977 EXIST::FUNCTION:RSA
-RSA_blinding_off 978 EXIST::FUNCTION:RSA
-i2t_ASN1_OBJECT 979 EXIST::FUNCTION:
-BN_BLINDING_new 980 EXIST::FUNCTION:
-BN_BLINDING_free 981 EXIST::FUNCTION:
-EVP_cast5_cbc 983 EXIST::FUNCTION:CAST
-EVP_cast5_cfb64 984 EXIST::FUNCTION:CAST
-EVP_cast5_ecb 985 EXIST::FUNCTION:CAST
-EVP_cast5_ofb 986 EXIST::FUNCTION:CAST
-BF_decrypt 987 EXIST::FUNCTION:BF
-CAST_set_key 988 EXIST::FUNCTION:CAST
-CAST_encrypt 989 EXIST::FUNCTION:CAST
-CAST_decrypt 990 EXIST::FUNCTION:CAST
-CAST_ecb_encrypt 991 EXIST::FUNCTION:CAST
-CAST_cbc_encrypt 992 EXIST::FUNCTION:CAST
-CAST_cfb64_encrypt 993 EXIST::FUNCTION:CAST
-CAST_ofb64_encrypt 994 EXIST::FUNCTION:CAST
-RC2_decrypt 995 EXIST::FUNCTION:RC2
-OBJ_create_objects 997 EXIST::FUNCTION:
-BN_exp 998 EXIST::FUNCTION:
-BN_mul_word 999 EXIST::FUNCTION:
-BN_sub_word 1000 EXIST::FUNCTION:
-BN_dec2bn 1001 EXIST::FUNCTION:
-BN_bn2dec 1002 EXIST::FUNCTION:
-BIO_ghbn_ctrl 1003 NOEXIST::FUNCTION:
-CRYPTO_free_ex_data 1004 EXIST::FUNCTION:
-CRYPTO_get_ex_data 1005 EXIST::FUNCTION:
-CRYPTO_set_ex_data 1007 EXIST::FUNCTION:
-ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS:FUNCTION:
-ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS:FUNCTION:
-EVP_PKEY_bits 1010 EXIST::FUNCTION:
-MD5_Transform 1011 EXIST::FUNCTION:MD5
-SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1
-SHA_Transform 1013 EXIST::FUNCTION:SHA,SHA0
-X509_STORE_CTX_get_chain 1014 EXIST::FUNCTION:
-X509_STORE_CTX_get_current_cert 1015 EXIST::FUNCTION:
-X509_STORE_CTX_get_error 1016 EXIST::FUNCTION:
-X509_STORE_CTX_get_error_depth 1017 EXIST::FUNCTION:
-X509_STORE_CTX_get_ex_data 1018 EXIST::FUNCTION:
-X509_STORE_CTX_set_cert 1020 EXIST::FUNCTION:
-X509_STORE_CTX_set_chain 1021 EXIST::FUNCTION:
-X509_STORE_CTX_set_error 1022 EXIST::FUNCTION:
-X509_STORE_CTX_set_ex_data 1023 EXIST::FUNCTION:
-CRYPTO_dup_ex_data 1025 EXIST::FUNCTION:
-CRYPTO_get_new_lockid 1026 EXIST::FUNCTION:
-CRYPTO_new_ex_data 1027 EXIST::FUNCTION:
-RSA_set_ex_data 1028 EXIST::FUNCTION:RSA
-RSA_get_ex_data 1029 EXIST::FUNCTION:RSA
-RSA_get_ex_new_index 1030 EXIST::FUNCTION:RSA
-RSA_padding_add_PKCS1_type_1 1031 EXIST::FUNCTION:RSA
-RSA_padding_add_PKCS1_type_2 1032 EXIST::FUNCTION:RSA
-RSA_padding_add_SSLv23 1033 EXIST::FUNCTION:RSA
-RSA_padding_add_none 1034 EXIST::FUNCTION:RSA
-RSA_padding_check_PKCS1_type_1 1035 EXIST::FUNCTION:RSA
-RSA_padding_check_PKCS1_type_2 1036 EXIST::FUNCTION:RSA
-RSA_padding_check_SSLv23 1037 EXIST::FUNCTION:RSA
-RSA_padding_check_none 1038 EXIST::FUNCTION:RSA
-bn_add_words 1039 EXIST::FUNCTION:
-d2i_Netscape_RSA_2 1040 NOEXIST::FUNCTION:
-CRYPTO_get_ex_new_index 1041 EXIST::FUNCTION:
-RIPEMD160_Init 1042 EXIST::FUNCTION:RIPEMD
-RIPEMD160_Update 1043 EXIST::FUNCTION:RIPEMD
-RIPEMD160_Final 1044 EXIST::FUNCTION:RIPEMD
-RIPEMD160 1045 EXIST::FUNCTION:RIPEMD
-RIPEMD160_Transform 1046 EXIST::FUNCTION:RIPEMD
-RC5_32_set_key 1047 EXIST::FUNCTION:RC5
-RC5_32_ecb_encrypt 1048 EXIST::FUNCTION:RC5
-RC5_32_encrypt 1049 EXIST::FUNCTION:RC5
-RC5_32_decrypt 1050 EXIST::FUNCTION:RC5
-RC5_32_cbc_encrypt 1051 EXIST::FUNCTION:RC5
-RC5_32_cfb64_encrypt 1052 EXIST::FUNCTION:RC5
-RC5_32_ofb64_encrypt 1053 EXIST::FUNCTION:RC5
-BN_bn2mpi 1058 EXIST::FUNCTION:
-BN_mpi2bn 1059 EXIST::FUNCTION:
-ASN1_BIT_STRING_get_bit 1060 EXIST::FUNCTION:
-ASN1_BIT_STRING_set_bit 1061 EXIST::FUNCTION:
-BIO_get_ex_data 1062 EXIST::FUNCTION:
-BIO_get_ex_new_index 1063 EXIST::FUNCTION:
-BIO_set_ex_data 1064 EXIST::FUNCTION:
-X509v3_get_key_usage 1066 NOEXIST::FUNCTION:
-X509v3_set_key_usage 1067 NOEXIST::FUNCTION:
-a2i_X509v3_key_usage 1068 NOEXIST::FUNCTION:
-i2a_X509v3_key_usage 1069 NOEXIST::FUNCTION:
-EVP_PKEY_decrypt 1070 EXIST::FUNCTION:
-EVP_PKEY_encrypt 1071 EXIST::FUNCTION:
-PKCS7_RECIP_INFO_set 1072 EXIST::FUNCTION:
-PKCS7_add_recipient 1073 EXIST::FUNCTION:
-PKCS7_add_recipient_info 1074 EXIST::FUNCTION:
-PKCS7_set_cipher 1075 EXIST::FUNCTION:
-ASN1_TYPE_get_int_octetstring 1076 EXIST::FUNCTION:
-ASN1_TYPE_get_octetstring 1077 EXIST::FUNCTION:
-ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION:
-ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION:
-ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION:
-ERR_add_error_data 1081 EXIST::FUNCTION:
-ERR_set_error_data 1082 EXIST::FUNCTION:
-EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION:
-EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION:
-EVP_CIPHER_get_asn1_iv 1085 EXIST::FUNCTION:
-EVP_CIPHER_set_asn1_iv 1086 EXIST::FUNCTION:
-EVP_rc5_32_12_16_cbc 1087 EXIST::FUNCTION:RC5
-EVP_rc5_32_12_16_cfb64 1088 EXIST::FUNCTION:RC5
-EVP_rc5_32_12_16_ecb 1089 EXIST::FUNCTION:RC5
-EVP_rc5_32_12_16_ofb 1090 EXIST::FUNCTION:RC5
-asn1_add_error 1091 EXIST::FUNCTION:
-d2i_ASN1_BMPSTRING 1092 EXIST::FUNCTION:
-i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION:
-BIO_f_ber 1094 NOEXIST::FUNCTION:
-BN_init 1095 EXIST::FUNCTION:
-COMP_CTX_new 1096 EXIST::FUNCTION:
-COMP_CTX_free 1097 EXIST::FUNCTION:
-COMP_CTX_compress_block 1098 NOEXIST::FUNCTION:
-COMP_CTX_expand_block 1099 NOEXIST::FUNCTION:
-X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION:
-OBJ_NAME_add 1101 EXIST::FUNCTION:
-BIO_socket_nbio 1102 EXIST::FUNCTION:
-EVP_rc2_64_cbc 1103 EXIST::FUNCTION:RC2
-OBJ_NAME_cleanup 1104 EXIST::FUNCTION:
-OBJ_NAME_get 1105 EXIST::FUNCTION:
-OBJ_NAME_init 1106 EXIST::FUNCTION:
-OBJ_NAME_new_index 1107 EXIST::FUNCTION:
-OBJ_NAME_remove 1108 EXIST::FUNCTION:
-BN_MONT_CTX_copy 1109 EXIST::FUNCTION:
-BIO_new_socks4a_connect 1110 NOEXIST::FUNCTION:
-BIO_s_socks4a_connect 1111 NOEXIST::FUNCTION:
-PROXY_set_connect_mode 1112 NOEXIST::FUNCTION:
-RAND_SSLeay 1113 EXIST::FUNCTION:
-RAND_set_rand_method 1114 EXIST::FUNCTION:
-RSA_memory_lock 1115 EXIST::FUNCTION:RSA
-bn_sub_words 1116 EXIST::FUNCTION:
-bn_mul_normal 1117 NOEXIST::FUNCTION:
-bn_mul_comba8 1118 NOEXIST::FUNCTION:
-bn_mul_comba4 1119 NOEXIST::FUNCTION:
-bn_sqr_normal 1120 NOEXIST::FUNCTION:
-bn_sqr_comba8 1121 NOEXIST::FUNCTION:
-bn_sqr_comba4 1122 NOEXIST::FUNCTION:
-bn_cmp_words 1123 NOEXIST::FUNCTION:
-bn_mul_recursive 1124 NOEXIST::FUNCTION:
-bn_mul_part_recursive 1125 NOEXIST::FUNCTION:
-bn_sqr_recursive 1126 NOEXIST::FUNCTION:
-bn_mul_low_normal 1127 NOEXIST::FUNCTION:
-BN_RECP_CTX_init 1128 EXIST::FUNCTION:
-BN_RECP_CTX_new 1129 EXIST::FUNCTION:
-BN_RECP_CTX_free 1130 EXIST::FUNCTION:
-BN_RECP_CTX_set 1131 EXIST::FUNCTION:
-BN_mod_mul_reciprocal 1132 EXIST::FUNCTION:
-BN_mod_exp_recp 1133 EXIST::FUNCTION:
-BN_div_recp 1134 EXIST::FUNCTION:
-BN_CTX_init 1135 EXIST::FUNCTION:DEPRECATED
-BN_MONT_CTX_init 1136 EXIST::FUNCTION:
-RAND_get_rand_method 1137 EXIST::FUNCTION:
-PKCS7_add_attribute 1138 EXIST::FUNCTION:
-PKCS7_add_signed_attribute 1139 EXIST::FUNCTION:
-PKCS7_digest_from_attributes 1140 EXIST::FUNCTION:
-PKCS7_get_attribute 1141 EXIST::FUNCTION:
-PKCS7_get_issuer_and_serial 1142 EXIST::FUNCTION:
-PKCS7_get_signed_attribute 1143 EXIST::FUNCTION:
-COMP_compress_block 1144 EXIST::FUNCTION:
-COMP_expand_block 1145 EXIST::FUNCTION:
-COMP_rle 1146 EXIST::FUNCTION:
-COMP_zlib 1147 EXIST::FUNCTION:
-ms_time_diff 1148 NOEXIST::FUNCTION:
-ms_time_new 1149 NOEXIST::FUNCTION:
-ms_time_free 1150 NOEXIST::FUNCTION:
-ms_time_cmp 1151 NOEXIST::FUNCTION:
-ms_time_get 1152 NOEXIST::FUNCTION:
-PKCS7_set_attributes 1153 EXIST::FUNCTION:
-PKCS7_set_signed_attributes 1154 EXIST::FUNCTION:
-X509_ATTRIBUTE_create 1155 EXIST::FUNCTION:
-X509_ATTRIBUTE_dup 1156 EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_check 1157 EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_print 1158 EXIST::FUNCTION:BIO
-ASN1_GENERALIZEDTIME_set 1159 EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_set_string 1160 EXIST::FUNCTION:
-ASN1_TIME_print 1161 EXIST::FUNCTION:BIO
-BASIC_CONSTRAINTS_free 1162 EXIST::FUNCTION:
-BASIC_CONSTRAINTS_new 1163 EXIST::FUNCTION:
-ERR_load_X509V3_strings 1164 EXIST::FUNCTION:
-NETSCAPE_CERT_SEQUENCE_free 1165 EXIST::FUNCTION:
-NETSCAPE_CERT_SEQUENCE_new 1166 EXIST::FUNCTION:
-OBJ_txt2obj 1167 EXIST::FUNCTION:
-PEM_read_NETSCAPE_CERT_SEQUENCE 1168 EXIST:!VMS,!WIN16:FUNCTION:
-PEM_read_NS_CERT_SEQ 1168 EXIST:VMS:FUNCTION:
-PEM_read_bio_NETSCAPE_CERT_SEQUENCE 1169 EXIST:!VMS:FUNCTION:
-PEM_read_bio_NS_CERT_SEQ 1169 EXIST:VMS:FUNCTION:
-PEM_write_NETSCAPE_CERT_SEQUENCE 1170 EXIST:!VMS,!WIN16:FUNCTION:
-PEM_write_NS_CERT_SEQ 1170 EXIST:VMS:FUNCTION:
-PEM_write_bio_NETSCAPE_CERT_SEQUENCE 1171 EXIST:!VMS:FUNCTION:
-PEM_write_bio_NS_CERT_SEQ 1171 EXIST:VMS:FUNCTION:
-X509V3_EXT_add 1172 EXIST::FUNCTION:
-X509V3_EXT_add_alias 1173 EXIST::FUNCTION:
-X509V3_EXT_add_conf 1174 EXIST::FUNCTION:
-X509V3_EXT_cleanup 1175 EXIST::FUNCTION:
-X509V3_EXT_conf 1176 EXIST::FUNCTION:
-X509V3_EXT_conf_nid 1177 EXIST::FUNCTION:
-X509V3_EXT_get 1178 EXIST::FUNCTION:
-X509V3_EXT_get_nid 1179 EXIST::FUNCTION:
-X509V3_EXT_print 1180 EXIST::FUNCTION:
-X509V3_EXT_print_fp 1181 EXIST::FUNCTION:
-X509V3_add_standard_extensions 1182 EXIST::FUNCTION:
-X509V3_add_value 1183 EXIST::FUNCTION:
-X509V3_add_value_bool 1184 EXIST::FUNCTION:
-X509V3_add_value_int 1185 EXIST::FUNCTION:
-X509V3_conf_free 1186 EXIST::FUNCTION:
-X509V3_get_value_bool 1187 EXIST::FUNCTION:
-X509V3_get_value_int 1188 EXIST::FUNCTION:
-X509V3_parse_list 1189 EXIST::FUNCTION:
-d2i_ASN1_GENERALIZEDTIME 1190 EXIST::FUNCTION:
-d2i_ASN1_TIME 1191 EXIST::FUNCTION:
-d2i_BASIC_CONSTRAINTS 1192 EXIST::FUNCTION:
-d2i_NETSCAPE_CERT_SEQUENCE 1193 EXIST::FUNCTION:
-d2i_ext_ku 1194 NOEXIST::FUNCTION:
-ext_ku_free 1195 NOEXIST::FUNCTION:
-ext_ku_new 1196 NOEXIST::FUNCTION:
-i2d_ASN1_GENERALIZEDTIME 1197 EXIST::FUNCTION:
-i2d_ASN1_TIME 1198 EXIST::FUNCTION:
-i2d_BASIC_CONSTRAINTS 1199 EXIST::FUNCTION:
-i2d_NETSCAPE_CERT_SEQUENCE 1200 EXIST::FUNCTION:
-i2d_ext_ku 1201 NOEXIST::FUNCTION:
-EVP_MD_CTX_copy 1202 EXIST::FUNCTION:
-i2d_ASN1_ENUMERATED 1203 EXIST::FUNCTION:
-d2i_ASN1_ENUMERATED 1204 EXIST::FUNCTION:
-ASN1_ENUMERATED_set 1205 EXIST::FUNCTION:
-ASN1_ENUMERATED_get 1206 EXIST::FUNCTION:
-BN_to_ASN1_ENUMERATED 1207 EXIST::FUNCTION:
-ASN1_ENUMERATED_to_BN 1208 EXIST::FUNCTION:
-i2a_ASN1_ENUMERATED 1209 EXIST::FUNCTION:BIO
-a2i_ASN1_ENUMERATED 1210 EXIST::FUNCTION:BIO
-i2d_GENERAL_NAME 1211 EXIST::FUNCTION:
-d2i_GENERAL_NAME 1212 EXIST::FUNCTION:
-GENERAL_NAME_new 1213 EXIST::FUNCTION:
-GENERAL_NAME_free 1214 EXIST::FUNCTION:
-GENERAL_NAMES_new 1215 EXIST::FUNCTION:
-GENERAL_NAMES_free 1216 EXIST::FUNCTION:
-d2i_GENERAL_NAMES 1217 EXIST::FUNCTION:
-i2d_GENERAL_NAMES 1218 EXIST::FUNCTION:
-i2v_GENERAL_NAMES 1219 EXIST::FUNCTION:
-i2s_ASN1_OCTET_STRING 1220 EXIST::FUNCTION:
-s2i_ASN1_OCTET_STRING 1221 EXIST::FUNCTION:
-X509V3_EXT_check_conf 1222 NOEXIST::FUNCTION:
-hex_to_string 1223 EXIST::FUNCTION:
-string_to_hex 1224 EXIST::FUNCTION:
-DES_ede3_cbcm_encrypt 1225 EXIST::FUNCTION:DES
-RSA_padding_add_PKCS1_OAEP 1226 EXIST::FUNCTION:RSA
-RSA_padding_check_PKCS1_OAEP 1227 EXIST::FUNCTION:RSA
-X509_CRL_print_fp 1228 EXIST::FUNCTION:FP_API
-X509_CRL_print 1229 EXIST::FUNCTION:BIO
-i2v_GENERAL_NAME 1230 EXIST::FUNCTION:
-v2i_GENERAL_NAME 1231 EXIST::FUNCTION:
-i2d_PKEY_USAGE_PERIOD 1232 EXIST::FUNCTION:
-d2i_PKEY_USAGE_PERIOD 1233 EXIST::FUNCTION:
-PKEY_USAGE_PERIOD_new 1234 EXIST::FUNCTION:
-PKEY_USAGE_PERIOD_free 1235 EXIST::FUNCTION:
-v2i_GENERAL_NAMES 1236 EXIST::FUNCTION:
-i2s_ASN1_INTEGER 1237 EXIST::FUNCTION:
-X509V3_EXT_d2i 1238 EXIST::FUNCTION:
-name_cmp 1239 EXIST::FUNCTION:
-str_dup 1240 NOEXIST::FUNCTION:
-i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION:
-i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION:
-BIO_s_log 1243 EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION:
-BIO_f_reliable 1244 EXIST::FUNCTION:BIO
-PKCS7_dataFinal 1245 EXIST::FUNCTION:
-PKCS7_dataDecode 1246 EXIST::FUNCTION:
-X509V3_EXT_CRL_add_conf 1247 EXIST::FUNCTION:
-BN_set_params 1248 EXIST::FUNCTION:DEPRECATED
-BN_get_params 1249 EXIST::FUNCTION:DEPRECATED
-BIO_get_ex_num 1250 NOEXIST::FUNCTION:
-BIO_set_ex_free_func 1251 NOEXIST::FUNCTION:
-EVP_ripemd160 1252 EXIST::FUNCTION:RIPEMD
-ASN1_TIME_set 1253 EXIST::FUNCTION:
-i2d_AUTHORITY_KEYID 1254 EXIST::FUNCTION:
-d2i_AUTHORITY_KEYID 1255 EXIST::FUNCTION:
-AUTHORITY_KEYID_new 1256 EXIST::FUNCTION:
-AUTHORITY_KEYID_free 1257 EXIST::FUNCTION:
-ASN1_seq_unpack 1258 EXIST::FUNCTION:
-ASN1_seq_pack 1259 EXIST::FUNCTION:
-ASN1_unpack_string 1260 EXIST::FUNCTION:
-ASN1_pack_string 1261 EXIST::FUNCTION:
-PKCS12_pack_safebag 1262 NOEXIST::FUNCTION:
-PKCS12_MAKE_KEYBAG 1263 EXIST::FUNCTION:
-PKCS8_encrypt 1264 EXIST::FUNCTION:
-PKCS12_MAKE_SHKEYBAG 1265 EXIST::FUNCTION:
-PKCS12_pack_p7data 1266 EXIST::FUNCTION:
-PKCS12_pack_p7encdata 1267 EXIST::FUNCTION:
-PKCS12_add_localkeyid 1268 EXIST::FUNCTION:
-PKCS12_add_friendlyname_asc 1269 EXIST::FUNCTION:
-PKCS12_add_friendlyname_uni 1270 EXIST::FUNCTION:
-PKCS12_get_friendlyname 1271 EXIST::FUNCTION:
-PKCS12_pbe_crypt 1272 EXIST::FUNCTION:
-PKCS12_decrypt_d2i 1273 NOEXIST::FUNCTION:
-PKCS12_i2d_encrypt 1274 NOEXIST::FUNCTION:
-PKCS12_init 1275 EXIST::FUNCTION:
-PKCS12_key_gen_asc 1276 EXIST::FUNCTION:
-PKCS12_key_gen_uni 1277 EXIST::FUNCTION:
-PKCS12_gen_mac 1278 EXIST::FUNCTION:
-PKCS12_verify_mac 1279 EXIST::FUNCTION:
-PKCS12_set_mac 1280 EXIST::FUNCTION:
-PKCS12_setup_mac 1281 EXIST::FUNCTION:
-OPENSSL_asc2uni 1282 EXIST::FUNCTION:
-OPENSSL_uni2asc 1283 EXIST::FUNCTION:
-i2d_PKCS12_BAGS 1284 EXIST::FUNCTION:
-PKCS12_BAGS_new 1285 EXIST::FUNCTION:
-d2i_PKCS12_BAGS 1286 EXIST::FUNCTION:
-PKCS12_BAGS_free 1287 EXIST::FUNCTION:
-i2d_PKCS12 1288 EXIST::FUNCTION:
-d2i_PKCS12 1289 EXIST::FUNCTION:
-PKCS12_new 1290 EXIST::FUNCTION:
-PKCS12_free 1291 EXIST::FUNCTION:
-i2d_PKCS12_MAC_DATA 1292 EXIST::FUNCTION:
-PKCS12_MAC_DATA_new 1293 EXIST::FUNCTION:
-d2i_PKCS12_MAC_DATA 1294 EXIST::FUNCTION:
-PKCS12_MAC_DATA_free 1295 EXIST::FUNCTION:
-i2d_PKCS12_SAFEBAG 1296 EXIST::FUNCTION:
-PKCS12_SAFEBAG_new 1297 EXIST::FUNCTION:
-d2i_PKCS12_SAFEBAG 1298 EXIST::FUNCTION:
-PKCS12_SAFEBAG_free 1299 EXIST::FUNCTION:
-ERR_load_PKCS12_strings 1300 EXIST::FUNCTION:
-PKCS12_PBE_add 1301 EXIST::FUNCTION:
-PKCS8_add_keyusage 1302 EXIST::FUNCTION:
-PKCS12_get_attr_gen 1303 EXIST::FUNCTION:
-PKCS12_parse 1304 EXIST::FUNCTION:
-PKCS12_create 1305 EXIST::FUNCTION:
-i2d_PKCS12_bio 1306 EXIST::FUNCTION:
-i2d_PKCS12_fp 1307 EXIST::FUNCTION:
-d2i_PKCS12_bio 1308 EXIST::FUNCTION:
-d2i_PKCS12_fp 1309 EXIST::FUNCTION:
-i2d_PBEPARAM 1310 EXIST::FUNCTION:
-PBEPARAM_new 1311 EXIST::FUNCTION:
-d2i_PBEPARAM 1312 EXIST::FUNCTION:
-PBEPARAM_free 1313 EXIST::FUNCTION:
-i2d_PKCS8_PRIV_KEY_INFO 1314 EXIST::FUNCTION:
-PKCS8_PRIV_KEY_INFO_new 1315 EXIST::FUNCTION:
-d2i_PKCS8_PRIV_KEY_INFO 1316 EXIST::FUNCTION:
-PKCS8_PRIV_KEY_INFO_free 1317 EXIST::FUNCTION:
-EVP_PKCS82PKEY 1318 EXIST::FUNCTION:
-EVP_PKEY2PKCS8 1319 EXIST::FUNCTION:
-PKCS8_set_broken 1320 EXIST::FUNCTION:
-EVP_PBE_ALGOR_CipherInit 1321 NOEXIST::FUNCTION:
-EVP_PBE_alg_add 1322 EXIST::FUNCTION:
-PKCS5_pbe_set 1323 EXIST::FUNCTION:
-EVP_PBE_cleanup 1324 EXIST::FUNCTION:
-i2d_SXNET 1325 EXIST::FUNCTION:
-d2i_SXNET 1326 EXIST::FUNCTION:
-SXNET_new 1327 EXIST::FUNCTION:
-SXNET_free 1328 EXIST::FUNCTION:
-i2d_SXNETID 1329 EXIST::FUNCTION:
-d2i_SXNETID 1330 EXIST::FUNCTION:
-SXNETID_new 1331 EXIST::FUNCTION:
-SXNETID_free 1332 EXIST::FUNCTION:
-DSA_SIG_new 1333 EXIST::FUNCTION:DSA
-DSA_SIG_free 1334 EXIST::FUNCTION:DSA
-DSA_do_sign 1335 EXIST::FUNCTION:DSA
-DSA_do_verify 1336 EXIST::FUNCTION:DSA
-d2i_DSA_SIG 1337 EXIST::FUNCTION:DSA
-i2d_DSA_SIG 1338 EXIST::FUNCTION:DSA
-i2d_ASN1_VISIBLESTRING 1339 EXIST::FUNCTION:
-d2i_ASN1_VISIBLESTRING 1340 EXIST::FUNCTION:
-i2d_ASN1_UTF8STRING 1341 EXIST::FUNCTION:
-d2i_ASN1_UTF8STRING 1342 EXIST::FUNCTION:
-i2d_DIRECTORYSTRING 1343 EXIST::FUNCTION:
-d2i_DIRECTORYSTRING 1344 EXIST::FUNCTION:
-i2d_DISPLAYTEXT 1345 EXIST::FUNCTION:
-d2i_DISPLAYTEXT 1346 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509 1379 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509 1380 NOEXIST::FUNCTION:
-i2d_PBKDF2PARAM 1397 EXIST::FUNCTION:
-PBKDF2PARAM_new 1398 EXIST::FUNCTION:
-d2i_PBKDF2PARAM 1399 EXIST::FUNCTION:
-PBKDF2PARAM_free 1400 EXIST::FUNCTION:
-i2d_PBE2PARAM 1401 EXIST::FUNCTION:
-PBE2PARAM_new 1402 EXIST::FUNCTION:
-d2i_PBE2PARAM 1403 EXIST::FUNCTION:
-PBE2PARAM_free 1404 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_GENERAL_NAME 1421 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_GENERAL_NAME 1422 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_SXNETID 1439 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_SXNETID 1440 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_POLICYQUALINFO 1457 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_POLICYQUALINFO 1458 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_POLICYINFO 1475 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_POLICYINFO 1476 NOEXIST::FUNCTION:
-SXNET_add_id_asc 1477 EXIST::FUNCTION:
-SXNET_add_id_ulong 1478 EXIST::FUNCTION:
-SXNET_add_id_INTEGER 1479 EXIST::FUNCTION:
-SXNET_get_id_asc 1480 EXIST::FUNCTION:
-SXNET_get_id_ulong 1481 EXIST::FUNCTION:
-SXNET_get_id_INTEGER 1482 EXIST::FUNCTION:
-X509V3_set_conf_lhash 1483 EXIST::FUNCTION:
-i2d_CERTIFICATEPOLICIES 1484 EXIST::FUNCTION:
-CERTIFICATEPOLICIES_new 1485 EXIST::FUNCTION:
-CERTIFICATEPOLICIES_free 1486 EXIST::FUNCTION:
-d2i_CERTIFICATEPOLICIES 1487 EXIST::FUNCTION:
-i2d_POLICYINFO 1488 EXIST::FUNCTION:
-POLICYINFO_new 1489 EXIST::FUNCTION:
-d2i_POLICYINFO 1490 EXIST::FUNCTION:
-POLICYINFO_free 1491 EXIST::FUNCTION:
-i2d_POLICYQUALINFO 1492 EXIST::FUNCTION:
-POLICYQUALINFO_new 1493 EXIST::FUNCTION:
-d2i_POLICYQUALINFO 1494 EXIST::FUNCTION:
-POLICYQUALINFO_free 1495 EXIST::FUNCTION:
-i2d_USERNOTICE 1496 EXIST::FUNCTION:
-USERNOTICE_new 1497 EXIST::FUNCTION:
-d2i_USERNOTICE 1498 EXIST::FUNCTION:
-USERNOTICE_free 1499 EXIST::FUNCTION:
-i2d_NOTICEREF 1500 EXIST::FUNCTION:
-NOTICEREF_new 1501 EXIST::FUNCTION:
-d2i_NOTICEREF 1502 EXIST::FUNCTION:
-NOTICEREF_free 1503 EXIST::FUNCTION:
-X509V3_get_string 1504 EXIST::FUNCTION:
-X509V3_get_section 1505 EXIST::FUNCTION:
-X509V3_string_free 1506 EXIST::FUNCTION:
-X509V3_section_free 1507 EXIST::FUNCTION:
-X509V3_set_ctx 1508 EXIST::FUNCTION:
-s2i_ASN1_INTEGER 1509 EXIST::FUNCTION:
-CRYPTO_set_locked_mem_functions 1510 EXIST::FUNCTION:
-CRYPTO_get_locked_mem_functions 1511 EXIST::FUNCTION:
-CRYPTO_malloc_locked 1512 EXIST::FUNCTION:
-CRYPTO_free_locked 1513 EXIST::FUNCTION:
-BN_mod_exp2_mont 1514 EXIST::FUNCTION:
-ERR_get_error_line_data 1515 EXIST::FUNCTION:
-ERR_peek_error_line_data 1516 EXIST::FUNCTION:
-PKCS12_PBE_keyivgen 1517 EXIST::FUNCTION:
-X509_ALGOR_dup 1518 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_DIST_POINT 1535 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_DIST_POINT 1536 NOEXIST::FUNCTION:
-i2d_CRL_DIST_POINTS 1537 EXIST::FUNCTION:
-CRL_DIST_POINTS_new 1538 EXIST::FUNCTION:
-CRL_DIST_POINTS_free 1539 EXIST::FUNCTION:
-d2i_CRL_DIST_POINTS 1540 EXIST::FUNCTION:
-i2d_DIST_POINT 1541 EXIST::FUNCTION:
-DIST_POINT_new 1542 EXIST::FUNCTION:
-d2i_DIST_POINT 1543 EXIST::FUNCTION:
-DIST_POINT_free 1544 EXIST::FUNCTION:
-i2d_DIST_POINT_NAME 1545 EXIST::FUNCTION:
-DIST_POINT_NAME_new 1546 EXIST::FUNCTION:
-DIST_POINT_NAME_free 1547 EXIST::FUNCTION:
-d2i_DIST_POINT_NAME 1548 EXIST::FUNCTION:
-X509V3_add_value_uchar 1549 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_ATTRIBUTE 1555 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_ASN1_TYPE 1560 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_EXTENSION 1567 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_NAME_ENTRY 1574 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_ASN1_TYPE 1589 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_ATTRIBUTE 1615 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_EXTENSION 1624 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_NAME_ENTRY 1633 NOEXIST::FUNCTION:
-X509V3_EXT_i2d 1646 EXIST::FUNCTION:
-X509V3_EXT_val_prn 1647 EXIST::FUNCTION:
-X509V3_EXT_add_list 1648 EXIST::FUNCTION:
-EVP_CIPHER_type 1649 EXIST::FUNCTION:
-EVP_PBE_CipherInit 1650 EXIST::FUNCTION:
-X509V3_add_value_bool_nf 1651 EXIST::FUNCTION:
-d2i_ASN1_UINTEGER 1652 EXIST::FUNCTION:
-sk_value 1653 EXIST::FUNCTION:
-sk_num 1654 EXIST::FUNCTION:
-sk_set 1655 EXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_REVOKED 1661 NOEXIST::FUNCTION:
-sk_sort 1671 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_REVOKED 1674 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_ALGOR 1682 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_CRL 1685 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_ALGOR 1696 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_CRL 1702 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO 1723 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS7_RECIP_INFO 1738 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO 1748 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS7_RECIP_INFO 1753 NOEXIST::FUNCTION:
-PKCS5_PBE_add 1775 EXIST::FUNCTION:
-PEM_write_bio_PKCS8 1776 EXIST::FUNCTION:
-i2d_PKCS8_fp 1777 EXIST::FUNCTION:FP_API
-PEM_read_bio_PKCS8_PRIV_KEY_INFO 1778 EXIST:!VMS:FUNCTION:
-PEM_read_bio_P8_PRIV_KEY_INFO 1778 EXIST:VMS:FUNCTION:
-d2i_PKCS8_bio 1779 EXIST::FUNCTION:BIO
-d2i_PKCS8_PRIV_KEY_INFO_fp 1780 EXIST::FUNCTION:FP_API
-PEM_write_bio_PKCS8_PRIV_KEY_INFO 1781 EXIST:!VMS:FUNCTION:
-PEM_write_bio_P8_PRIV_KEY_INFO 1781 EXIST:VMS:FUNCTION:
-PEM_read_PKCS8 1782 EXIST:!WIN16:FUNCTION:
-d2i_PKCS8_PRIV_KEY_INFO_bio 1783 EXIST::FUNCTION:BIO
-d2i_PKCS8_fp 1784 EXIST::FUNCTION:FP_API
-PEM_write_PKCS8 1785 EXIST:!WIN16:FUNCTION:
-PEM_read_PKCS8_PRIV_KEY_INFO 1786 EXIST:!VMS,!WIN16:FUNCTION:
-PEM_read_P8_PRIV_KEY_INFO 1786 EXIST:VMS:FUNCTION:
-PEM_read_bio_PKCS8 1787 EXIST::FUNCTION:
-PEM_write_PKCS8_PRIV_KEY_INFO 1788 EXIST:!VMS,!WIN16:FUNCTION:
-PEM_write_P8_PRIV_KEY_INFO 1788 EXIST:VMS:FUNCTION:
-PKCS5_PBE_keyivgen 1789 EXIST::FUNCTION:
-i2d_PKCS8_bio 1790 EXIST::FUNCTION:BIO
-i2d_PKCS8_PRIV_KEY_INFO_fp 1791 EXIST::FUNCTION:FP_API
-i2d_PKCS8_PRIV_KEY_INFO_bio 1792 EXIST::FUNCTION:BIO
-BIO_s_bio 1793 EXIST::FUNCTION:
-PKCS5_pbe2_set 1794 EXIST::FUNCTION:
-PKCS5_PBKDF2_HMAC_SHA1 1795 EXIST::FUNCTION:
-PKCS5_v2_PBE_keyivgen 1796 EXIST::FUNCTION:
-PEM_write_bio_PKCS8PrivateKey 1797 EXIST::FUNCTION:
-PEM_write_PKCS8PrivateKey 1798 EXIST::FUNCTION:
-BIO_ctrl_get_read_request 1799 EXIST::FUNCTION:
-BIO_ctrl_pending 1800 EXIST::FUNCTION:
-BIO_ctrl_wpending 1801 EXIST::FUNCTION:
-BIO_new_bio_pair 1802 EXIST::FUNCTION:
-BIO_ctrl_get_write_guarantee 1803 EXIST::FUNCTION:
-CRYPTO_num_locks 1804 EXIST::FUNCTION:
-CONF_load_bio 1805 EXIST::FUNCTION:
-CONF_load_fp 1806 EXIST::FUNCTION:FP_API
-i2d_ASN1_SET_OF_ASN1_OBJECT 1837 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_ASN1_OBJECT 1844 NOEXIST::FUNCTION:
-PKCS7_signatureVerify 1845 EXIST::FUNCTION:
-RSA_set_method 1846 EXIST::FUNCTION:RSA
-RSA_get_method 1847 EXIST::FUNCTION:RSA
-RSA_get_default_method 1848 EXIST::FUNCTION:RSA
-RSA_check_key 1869 EXIST::FUNCTION:RSA
-OBJ_obj2txt 1870 EXIST::FUNCTION:
-DSA_dup_DH 1871 EXIST::FUNCTION:DH,DSA
-X509_REQ_get_extensions 1872 EXIST::FUNCTION:
-X509_REQ_set_extension_nids 1873 EXIST::FUNCTION:
-BIO_nwrite 1874 EXIST::FUNCTION:
-X509_REQ_extension_nid 1875 EXIST::FUNCTION:
-BIO_nread 1876 EXIST::FUNCTION:
-X509_REQ_get_extension_nids 1877 EXIST::FUNCTION:
-BIO_nwrite0 1878 EXIST::FUNCTION:
-X509_REQ_add_extensions_nid 1879 EXIST::FUNCTION:
-BIO_nread0 1880 EXIST::FUNCTION:
-X509_REQ_add_extensions 1881 EXIST::FUNCTION:
-BIO_new_mem_buf 1882 EXIST::FUNCTION:
-DH_set_ex_data 1883 EXIST::FUNCTION:DH
-DH_set_method 1884 EXIST::FUNCTION:DH
-DSA_OpenSSL 1885 EXIST::FUNCTION:DSA
-DH_get_ex_data 1886 EXIST::FUNCTION:DH
-DH_get_ex_new_index 1887 EXIST::FUNCTION:DH
-DSA_new_method 1888 EXIST::FUNCTION:DSA
-DH_new_method 1889 EXIST::FUNCTION:DH
-DH_OpenSSL 1890 EXIST::FUNCTION:DH
-DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA
-DH_get_default_method 1892 EXIST::FUNCTION:DH
-DSA_set_ex_data 1893 EXIST::FUNCTION:DSA
-DH_set_default_method 1894 EXIST::FUNCTION:DH
-DSA_get_ex_data 1895 EXIST::FUNCTION:DSA
-X509V3_EXT_REQ_add_conf 1896 EXIST::FUNCTION:
-NETSCAPE_SPKI_print 1897 EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_set_pubkey 1898 EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_b64_encode 1899 EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_get_pubkey 1900 EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_b64_decode 1901 EXIST::FUNCTION:EVP
-UTF8_putc 1902 EXIST::FUNCTION:
-UTF8_getc 1903 EXIST::FUNCTION:
-RSA_null_method 1904 EXIST::FUNCTION:RSA
-ASN1_tag2str 1905 EXIST::FUNCTION:
-BIO_ctrl_reset_read_request 1906 EXIST::FUNCTION:
-DISPLAYTEXT_new 1907 EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_free 1908 EXIST::FUNCTION:
-X509_REVOKED_get_ext_d2i 1909 EXIST::FUNCTION:
-X509_set_ex_data 1910 EXIST::FUNCTION:
-X509_reject_set_bit_asc 1911 NOEXIST::FUNCTION:
-X509_NAME_add_entry_by_txt 1912 EXIST::FUNCTION:
-X509_NAME_add_entry_by_NID 1914 EXIST::FUNCTION:
-X509_PURPOSE_get0 1915 EXIST::FUNCTION:
-PEM_read_X509_AUX 1917 EXIST:!WIN16:FUNCTION:
-d2i_AUTHORITY_INFO_ACCESS 1918 EXIST::FUNCTION:
-PEM_write_PUBKEY 1921 EXIST:!WIN16:FUNCTION:
-ACCESS_DESCRIPTION_new 1925 EXIST::FUNCTION:
-X509_CERT_AUX_free 1926 EXIST::FUNCTION:
-d2i_ACCESS_DESCRIPTION 1927 EXIST::FUNCTION:
-X509_trust_clear 1928 EXIST::FUNCTION:
-X509_TRUST_add 1931 EXIST::FUNCTION:
-ASN1_VISIBLESTRING_new 1932 EXIST::FUNCTION:
-X509_alias_set1 1933 EXIST::FUNCTION:
-ASN1_PRINTABLESTRING_free 1934 EXIST::FUNCTION:
-EVP_PKEY_get1_DSA 1935 EXIST::FUNCTION:DSA
-ASN1_BMPSTRING_new 1936 EXIST::FUNCTION:
-ASN1_mbstring_copy 1937 EXIST::FUNCTION:
-ASN1_UTF8STRING_new 1938 EXIST::FUNCTION:
-DSA_get_default_method 1941 EXIST::FUNCTION:DSA
-i2d_ASN1_SET_OF_ACCESS_DESCRIPTION 1945 NOEXIST::FUNCTION:
-ASN1_T61STRING_free 1946 EXIST::FUNCTION:
-DSA_set_method 1949 EXIST::FUNCTION:DSA
-X509_get_ex_data 1950 EXIST::FUNCTION:
-ASN1_STRING_type 1951 EXIST::FUNCTION:
-X509_PURPOSE_get_by_sname 1952 EXIST::FUNCTION:
-ASN1_TIME_free 1954 EXIST::FUNCTION:
-ASN1_OCTET_STRING_cmp 1955 EXIST::FUNCTION:
-ASN1_BIT_STRING_new 1957 EXIST::FUNCTION:
-X509_get_ext_d2i 1958 EXIST::FUNCTION:
-PEM_read_bio_X509_AUX 1959 EXIST::FUNCTION:
-ASN1_STRING_set_default_mask_asc 1960 EXIST:!VMS:FUNCTION:
-ASN1_STRING_set_def_mask_asc 1960 EXIST:VMS:FUNCTION:
-PEM_write_bio_RSA_PUBKEY 1961 EXIST::FUNCTION:RSA
-ASN1_INTEGER_cmp 1963 EXIST::FUNCTION:
-d2i_RSA_PUBKEY_fp 1964 EXIST::FUNCTION:FP_API,RSA
-X509_trust_set_bit_asc 1967 NOEXIST::FUNCTION:
-PEM_write_bio_DSA_PUBKEY 1968 EXIST::FUNCTION:DSA
-X509_STORE_CTX_free 1969 EXIST::FUNCTION:
-EVP_PKEY_set1_DSA 1970 EXIST::FUNCTION:DSA
-i2d_DSA_PUBKEY_fp 1971 EXIST::FUNCTION:DSA,FP_API
-X509_load_cert_crl_file 1972 EXIST::FUNCTION:STDIO
-ASN1_TIME_new 1973 EXIST::FUNCTION:
-i2d_RSA_PUBKEY 1974 EXIST::FUNCTION:RSA
-X509_STORE_CTX_purpose_inherit 1976 EXIST::FUNCTION:
-PEM_read_RSA_PUBKEY 1977 EXIST:!WIN16:FUNCTION:RSA
-d2i_X509_AUX 1980 EXIST::FUNCTION:
-i2d_DSA_PUBKEY 1981 EXIST::FUNCTION:DSA
-X509_CERT_AUX_print 1982 EXIST::FUNCTION:BIO
-PEM_read_DSA_PUBKEY 1984 EXIST:!WIN16:FUNCTION:DSA
-i2d_RSA_PUBKEY_bio 1985 EXIST::FUNCTION:BIO,RSA
-ASN1_BIT_STRING_num_asc 1986 EXIST::FUNCTION:
-i2d_PUBKEY 1987 EXIST::FUNCTION:
-ASN1_UTCTIME_free 1988 EXIST::FUNCTION:
-DSA_set_default_method 1989 EXIST::FUNCTION:DSA
-X509_PURPOSE_get_by_id 1990 EXIST::FUNCTION:
-ACCESS_DESCRIPTION_free 1994 EXIST::FUNCTION:
-PEM_read_bio_PUBKEY 1995 EXIST::FUNCTION:
-ASN1_STRING_set_by_NID 1996 EXIST::FUNCTION:
-X509_PURPOSE_get_id 1997 EXIST::FUNCTION:
-DISPLAYTEXT_free 1998 EXIST::FUNCTION:
-OTHERNAME_new 1999 EXIST::FUNCTION:
-X509_CERT_AUX_new 2001 EXIST::FUNCTION:
-X509_TRUST_cleanup 2007 EXIST::FUNCTION:
-X509_NAME_add_entry_by_OBJ 2008 EXIST::FUNCTION:
-X509_CRL_get_ext_d2i 2009 EXIST::FUNCTION:
-X509_PURPOSE_get0_name 2011 EXIST::FUNCTION:
-PEM_read_PUBKEY 2012 EXIST:!WIN16:FUNCTION:
-i2d_DSA_PUBKEY_bio 2014 EXIST::FUNCTION:BIO,DSA
-i2d_OTHERNAME 2015 EXIST::FUNCTION:
-ASN1_OCTET_STRING_free 2016 EXIST::FUNCTION:
-ASN1_BIT_STRING_set_asc 2017 EXIST::FUNCTION:
-X509_get_ex_new_index 2019 EXIST::FUNCTION:
-ASN1_STRING_TABLE_cleanup 2020 EXIST::FUNCTION:
-X509_TRUST_get_by_id 2021 EXIST::FUNCTION:
-X509_PURPOSE_get_trust 2022 EXIST::FUNCTION:
-ASN1_STRING_length 2023 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_ACCESS_DESCRIPTION 2024 NOEXIST::FUNCTION:
-ASN1_PRINTABLESTRING_new 2025 EXIST::FUNCTION:
-X509V3_get_d2i 2026 EXIST::FUNCTION:
-ASN1_ENUMERATED_free 2027 EXIST::FUNCTION:
-i2d_X509_CERT_AUX 2028 EXIST::FUNCTION:
-X509_STORE_CTX_set_trust 2030 EXIST::FUNCTION:
-ASN1_STRING_set_default_mask 2032 EXIST::FUNCTION:
-X509_STORE_CTX_new 2033 EXIST::FUNCTION:
-EVP_PKEY_get1_RSA 2034 EXIST::FUNCTION:RSA
-DIRECTORYSTRING_free 2038 EXIST::FUNCTION:
-PEM_write_X509_AUX 2039 EXIST:!WIN16:FUNCTION:
-ASN1_OCTET_STRING_set 2040 EXIST::FUNCTION:
-d2i_DSA_PUBKEY_fp 2041 EXIST::FUNCTION:DSA,FP_API
-d2i_RSA_PUBKEY 2044 EXIST::FUNCTION:RSA
-X509_TRUST_get0_name 2046 EXIST::FUNCTION:
-X509_TRUST_get0 2047 EXIST::FUNCTION:
-AUTHORITY_INFO_ACCESS_free 2048 EXIST::FUNCTION:
-ASN1_IA5STRING_new 2049 EXIST::FUNCTION:
-d2i_DSA_PUBKEY 2050 EXIST::FUNCTION:DSA
-X509_check_purpose 2051 EXIST::FUNCTION:
-ASN1_ENUMERATED_new 2052 EXIST::FUNCTION:
-d2i_RSA_PUBKEY_bio 2053 EXIST::FUNCTION:BIO,RSA
-d2i_PUBKEY 2054 EXIST::FUNCTION:
-X509_TRUST_get_trust 2055 EXIST::FUNCTION:
-X509_TRUST_get_flags 2056 EXIST::FUNCTION:
-ASN1_BMPSTRING_free 2057 EXIST::FUNCTION:
-ASN1_T61STRING_new 2058 EXIST::FUNCTION:
-ASN1_UTCTIME_new 2060 EXIST::FUNCTION:
-i2d_AUTHORITY_INFO_ACCESS 2062 EXIST::FUNCTION:
-EVP_PKEY_set1_RSA 2063 EXIST::FUNCTION:RSA
-X509_STORE_CTX_set_purpose 2064 EXIST::FUNCTION:
-ASN1_IA5STRING_free 2065 EXIST::FUNCTION:
-PEM_write_bio_X509_AUX 2066 EXIST::FUNCTION:
-X509_PURPOSE_get_count 2067 EXIST::FUNCTION:
-CRYPTO_add_info 2068 NOEXIST::FUNCTION:
-X509_NAME_ENTRY_create_by_txt 2071 EXIST::FUNCTION:
-ASN1_STRING_get_default_mask 2072 EXIST::FUNCTION:
-X509_alias_get0 2074 EXIST::FUNCTION:
-ASN1_STRING_data 2075 EXIST::FUNCTION:
-i2d_ACCESS_DESCRIPTION 2077 EXIST::FUNCTION:
-X509_trust_set_bit 2078 NOEXIST::FUNCTION:
-ASN1_BIT_STRING_free 2080 EXIST::FUNCTION:
-PEM_read_bio_RSA_PUBKEY 2081 EXIST::FUNCTION:RSA
-X509_add1_reject_object 2082 EXIST::FUNCTION:
-X509_check_trust 2083 EXIST::FUNCTION:
-PEM_read_bio_DSA_PUBKEY 2088 EXIST::FUNCTION:DSA
-X509_PURPOSE_add 2090 EXIST::FUNCTION:
-ASN1_STRING_TABLE_get 2091 EXIST::FUNCTION:
-ASN1_UTF8STRING_free 2092 EXIST::FUNCTION:
-d2i_DSA_PUBKEY_bio 2093 EXIST::FUNCTION:BIO,DSA
-PEM_write_RSA_PUBKEY 2095 EXIST:!WIN16:FUNCTION:RSA
-d2i_OTHERNAME 2096 EXIST::FUNCTION:
-X509_reject_set_bit 2098 NOEXIST::FUNCTION:
-PEM_write_DSA_PUBKEY 2101 EXIST:!WIN16:FUNCTION:DSA
-X509_PURPOSE_get0_sname 2105 EXIST::FUNCTION:
-EVP_PKEY_set1_DH 2107 EXIST::FUNCTION:DH
-ASN1_OCTET_STRING_dup 2108 EXIST::FUNCTION:
-ASN1_BIT_STRING_set 2109 EXIST::FUNCTION:
-X509_TRUST_get_count 2110 EXIST::FUNCTION:
-ASN1_INTEGER_free 2111 EXIST::FUNCTION:
-OTHERNAME_free 2112 EXIST::FUNCTION:
-i2d_RSA_PUBKEY_fp 2113 EXIST::FUNCTION:FP_API,RSA
-ASN1_INTEGER_dup 2114 EXIST::FUNCTION:
-d2i_X509_CERT_AUX 2115 EXIST::FUNCTION:
-PEM_write_bio_PUBKEY 2117 EXIST::FUNCTION:
-ASN1_VISIBLESTRING_free 2118 EXIST::FUNCTION:
-X509_PURPOSE_cleanup 2119 EXIST::FUNCTION:
-ASN1_mbstring_ncopy 2123 EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_new 2126 EXIST::FUNCTION:
-EVP_PKEY_get1_DH 2128 EXIST::FUNCTION:DH
-ASN1_OCTET_STRING_new 2130 EXIST::FUNCTION:
-ASN1_INTEGER_new 2131 EXIST::FUNCTION:
-i2d_X509_AUX 2132 EXIST::FUNCTION:
-ASN1_BIT_STRING_name_print 2134 EXIST::FUNCTION:BIO
-X509_cmp 2135 EXIST::FUNCTION:
-ASN1_STRING_length_set 2136 EXIST::FUNCTION:
-DIRECTORYSTRING_new 2137 EXIST::FUNCTION:
-X509_add1_trust_object 2140 EXIST::FUNCTION:
-PKCS12_newpass 2141 EXIST::FUNCTION:
-SMIME_write_PKCS7 2142 EXIST::FUNCTION:
-SMIME_read_PKCS7 2143 EXIST::FUNCTION:
-DES_set_key_checked 2144 EXIST::FUNCTION:DES
-PKCS7_verify 2145 EXIST::FUNCTION:
-PKCS7_encrypt 2146 EXIST::FUNCTION:
-DES_set_key_unchecked 2147 EXIST::FUNCTION:DES
-SMIME_crlf_copy 2148 EXIST::FUNCTION:
-i2d_ASN1_PRINTABLESTRING 2149 EXIST::FUNCTION:
-PKCS7_get0_signers 2150 EXIST::FUNCTION:
-PKCS7_decrypt 2151 EXIST::FUNCTION:
-SMIME_text 2152 EXIST::FUNCTION:
-PKCS7_simple_smimecap 2153 EXIST::FUNCTION:
-PKCS7_get_smimecap 2154 EXIST::FUNCTION:
-PKCS7_sign 2155 EXIST::FUNCTION:
-PKCS7_add_attrib_smimecap 2156 EXIST::FUNCTION:
-CRYPTO_dbg_set_options 2157 EXIST::FUNCTION:
-CRYPTO_remove_all_info 2158 EXIST::FUNCTION:
-CRYPTO_get_mem_debug_functions 2159 EXIST::FUNCTION:
-CRYPTO_is_mem_check_on 2160 EXIST::FUNCTION:
-CRYPTO_set_mem_debug_functions 2161 EXIST::FUNCTION:
-CRYPTO_pop_info 2162 EXIST::FUNCTION:
-CRYPTO_push_info_ 2163 EXIST::FUNCTION:
-CRYPTO_set_mem_debug_options 2164 EXIST::FUNCTION:
-PEM_write_PKCS8PrivateKey_nid 2165 EXIST::FUNCTION:
-PEM_write_bio_PKCS8PrivateKey_nid 2166 EXIST:!VMS:FUNCTION:
-PEM_write_bio_PKCS8PrivKey_nid 2166 EXIST:VMS:FUNCTION:
-d2i_PKCS8PrivateKey_bio 2167 EXIST::FUNCTION:
-ASN1_NULL_free 2168 EXIST::FUNCTION:
-d2i_ASN1_NULL 2169 EXIST::FUNCTION:
-ASN1_NULL_new 2170 EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_bio 2171 EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_fp 2172 EXIST::FUNCTION:
-i2d_ASN1_NULL 2173 EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_nid_fp 2174 EXIST::FUNCTION:
-d2i_PKCS8PrivateKey_fp 2175 EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_nid_bio 2176 EXIST::FUNCTION:
-i2d_PKCS8PrivateKeyInfo_fp 2177 EXIST::FUNCTION:FP_API
-i2d_PKCS8PrivateKeyInfo_bio 2178 EXIST::FUNCTION:BIO
-PEM_cb 2179 NOEXIST::FUNCTION:
-i2d_PrivateKey_fp 2180 EXIST::FUNCTION:FP_API
-d2i_PrivateKey_bio 2181 EXIST::FUNCTION:BIO
-d2i_PrivateKey_fp 2182 EXIST::FUNCTION:FP_API
-i2d_PrivateKey_bio 2183 EXIST::FUNCTION:BIO
-X509_reject_clear 2184 EXIST::FUNCTION:
-X509_TRUST_set_default 2185 EXIST::FUNCTION:
-d2i_AutoPrivateKey 2186 EXIST::FUNCTION:
-X509_ATTRIBUTE_get0_type 2187 EXIST::FUNCTION:
-X509_ATTRIBUTE_set1_data 2188 EXIST::FUNCTION:
-X509at_get_attr 2189 EXIST::FUNCTION:
-X509at_get_attr_count 2190 EXIST::FUNCTION:
-X509_ATTRIBUTE_create_by_NID 2191 EXIST::FUNCTION:
-X509_ATTRIBUTE_set1_object 2192 EXIST::FUNCTION:
-X509_ATTRIBUTE_count 2193 EXIST::FUNCTION:
-X509_ATTRIBUTE_create_by_OBJ 2194 EXIST::FUNCTION:
-X509_ATTRIBUTE_get0_object 2195 EXIST::FUNCTION:
-X509at_get_attr_by_NID 2196 EXIST::FUNCTION:
-X509at_add1_attr 2197 EXIST::FUNCTION:
-X509_ATTRIBUTE_get0_data 2198 EXIST::FUNCTION:
-X509at_delete_attr 2199 EXIST::FUNCTION:
-X509at_get_attr_by_OBJ 2200 EXIST::FUNCTION:
-RAND_add 2201 EXIST::FUNCTION:
-BIO_number_written 2202 EXIST::FUNCTION:
-BIO_number_read 2203 EXIST::FUNCTION:
-X509_STORE_CTX_get1_chain 2204 EXIST::FUNCTION:
-ERR_load_RAND_strings 2205 EXIST::FUNCTION:
-RAND_pseudo_bytes 2206 EXIST::FUNCTION:
-X509_REQ_get_attr_by_NID 2207 EXIST::FUNCTION:
-X509_REQ_get_attr 2208 EXIST::FUNCTION:
-X509_REQ_add1_attr_by_NID 2209 EXIST::FUNCTION:
-X509_REQ_get_attr_by_OBJ 2210 EXIST::FUNCTION:
-X509at_add1_attr_by_NID 2211 EXIST::FUNCTION:
-X509_REQ_add1_attr_by_OBJ 2212 EXIST::FUNCTION:
-X509_REQ_get_attr_count 2213 EXIST::FUNCTION:
-X509_REQ_add1_attr 2214 EXIST::FUNCTION:
-X509_REQ_delete_attr 2215 EXIST::FUNCTION:
-X509at_add1_attr_by_OBJ 2216 EXIST::FUNCTION:
-X509_REQ_add1_attr_by_txt 2217 EXIST::FUNCTION:
-X509_ATTRIBUTE_create_by_txt 2218 EXIST::FUNCTION:
-X509at_add1_attr_by_txt 2219 EXIST::FUNCTION:
-BN_pseudo_rand 2239 EXIST::FUNCTION:
-BN_is_prime_fasttest 2240 EXIST::FUNCTION:DEPRECATED
-BN_CTX_end 2241 EXIST::FUNCTION:
-BN_CTX_start 2242 EXIST::FUNCTION:
-BN_CTX_get 2243 EXIST::FUNCTION:
-EVP_PKEY2PKCS8_broken 2244 EXIST::FUNCTION:
-ASN1_STRING_TABLE_add 2245 EXIST::FUNCTION:
-CRYPTO_dbg_get_options 2246 EXIST::FUNCTION:
-AUTHORITY_INFO_ACCESS_new 2247 EXIST::FUNCTION:
-CRYPTO_get_mem_debug_options 2248 EXIST::FUNCTION:
-DES_crypt 2249 EXIST::FUNCTION:DES
-PEM_write_bio_X509_REQ_NEW 2250 EXIST::FUNCTION:
-PEM_write_X509_REQ_NEW 2251 EXIST:!WIN16:FUNCTION:
-BIO_callback_ctrl 2252 EXIST::FUNCTION:
-RAND_egd 2253 EXIST::FUNCTION:
-RAND_status 2254 EXIST::FUNCTION:
-bn_dump1 2255 NOEXIST::FUNCTION:
-DES_check_key_parity 2256 EXIST::FUNCTION:DES
-lh_num_items 2257 EXIST::FUNCTION:
-RAND_event 2258 EXIST:WIN32:FUNCTION:
-DSO_new 2259 EXIST::FUNCTION:
-DSO_new_method 2260 EXIST::FUNCTION:
-DSO_free 2261 EXIST::FUNCTION:
-DSO_flags 2262 EXIST::FUNCTION:
-DSO_up 2263 NOEXIST::FUNCTION:
-DSO_set_default_method 2264 EXIST::FUNCTION:
-DSO_get_default_method 2265 EXIST::FUNCTION:
-DSO_get_method 2266 EXIST::FUNCTION:
-DSO_set_method 2267 EXIST::FUNCTION:
-DSO_load 2268 EXIST::FUNCTION:
-DSO_bind_var 2269 EXIST::FUNCTION:
-DSO_METHOD_null 2270 EXIST::FUNCTION:
-DSO_METHOD_openssl 2271 EXIST::FUNCTION:
-DSO_METHOD_dlfcn 2272 EXIST::FUNCTION:
-DSO_METHOD_win32 2273 EXIST::FUNCTION:
-ERR_load_DSO_strings 2274 EXIST::FUNCTION:
-DSO_METHOD_dl 2275 EXIST::FUNCTION:
-NCONF_load 2276 EXIST::FUNCTION:
-NCONF_load_fp 2278 EXIST::FUNCTION:FP_API
-NCONF_new 2279 EXIST::FUNCTION:
-NCONF_get_string 2280 EXIST::FUNCTION:
-NCONF_free 2281 EXIST::FUNCTION:
-NCONF_get_number 2282 NOEXIST::FUNCTION:
-CONF_dump_fp 2283 EXIST::FUNCTION:
-NCONF_load_bio 2284 EXIST::FUNCTION:
-NCONF_dump_fp 2285 EXIST::FUNCTION:
-NCONF_get_section 2286 EXIST::FUNCTION:
-NCONF_dump_bio 2287 EXIST::FUNCTION:
-CONF_dump_bio 2288 EXIST::FUNCTION:
-NCONF_free_data 2289 EXIST::FUNCTION:
-CONF_set_default_method 2290 EXIST::FUNCTION:
-ERR_error_string_n 2291 EXIST::FUNCTION:
-BIO_snprintf 2292 EXIST::FUNCTION:
-DSO_ctrl 2293 EXIST::FUNCTION:
-i2d_ASN1_SET_OF_ASN1_INTEGER 2317 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS12_SAFEBAG 2320 NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS7 2328 NOEXIST::FUNCTION:
-BIO_vfree 2334 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_ASN1_INTEGER 2339 NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS12_SAFEBAG 2341 NOEXIST::FUNCTION:
-ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION:
-X509_REQ_digest 2362 EXIST::FUNCTION:EVP
-X509_CRL_digest 2391 EXIST::FUNCTION:EVP
-ASN1_STRING_clear_free 2392 EXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION:
-X509_ALGOR_cmp 2398 EXIST::FUNCTION:
-EVP_CIPHER_CTX_set_key_length 2399 EXIST::FUNCTION:
-EVP_CIPHER_CTX_ctrl 2400 EXIST::FUNCTION:
-BN_mod_exp_mont_word 2401 EXIST::FUNCTION:
-RAND_egd_bytes 2402 EXIST::FUNCTION:
-X509_REQ_get1_email 2403 EXIST::FUNCTION:
-X509_get1_email 2404 EXIST::FUNCTION:
-X509_email_free 2405 EXIST::FUNCTION:
-i2d_RSA_NET 2406 EXIST::FUNCTION:RC4,RSA
-d2i_RSA_NET_2 2407 NOEXIST::FUNCTION:
-d2i_RSA_NET 2408 EXIST::FUNCTION:RC4,RSA
-DSO_bind_func 2409 EXIST::FUNCTION:
-CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION:
-sk_new_null 2411 EXIST::FUNCTION:
-CRYPTO_set_dynlock_destroy_callback 2412 EXIST:!VMS:FUNCTION:
-CRYPTO_set_dynlock_destroy_cb 2412 EXIST:VMS:FUNCTION:
-CRYPTO_destroy_dynlockid 2413 EXIST::FUNCTION:
-CRYPTO_set_dynlock_size 2414 NOEXIST::FUNCTION:
-CRYPTO_set_dynlock_create_callback 2415 EXIST:!VMS:FUNCTION:
-CRYPTO_set_dynlock_create_cb 2415 EXIST:VMS:FUNCTION:
-CRYPTO_set_dynlock_lock_callback 2416 EXIST:!VMS:FUNCTION:
-CRYPTO_set_dynlock_lock_cb 2416 EXIST:VMS:FUNCTION:
-CRYPTO_get_dynlock_lock_callback 2417 EXIST:!VMS:FUNCTION:
-CRYPTO_get_dynlock_lock_cb 2417 EXIST:VMS:FUNCTION:
-CRYPTO_get_dynlock_destroy_callback 2418 EXIST:!VMS:FUNCTION:
-CRYPTO_get_dynlock_destroy_cb 2418 EXIST:VMS:FUNCTION:
-CRYPTO_get_dynlock_value 2419 EXIST::FUNCTION:
-CRYPTO_get_dynlock_create_callback 2420 EXIST:!VMS:FUNCTION:
-CRYPTO_get_dynlock_create_cb 2420 EXIST:VMS:FUNCTION:
-c2i_ASN1_BIT_STRING 2421 EXIST::FUNCTION:
-i2c_ASN1_BIT_STRING 2422 EXIST::FUNCTION:
-RAND_poll 2423 EXIST::FUNCTION:
-c2i_ASN1_INTEGER 2424 EXIST::FUNCTION:
-i2c_ASN1_INTEGER 2425 EXIST::FUNCTION:
-BIO_dump_indent 2426 EXIST::FUNCTION:
-ASN1_parse_dump 2427 EXIST::FUNCTION:BIO
-c2i_ASN1_OBJECT 2428 EXIST::FUNCTION:
-X509_NAME_print_ex_fp 2429 EXIST::FUNCTION:FP_API
-ASN1_STRING_print_ex_fp 2430 EXIST::FUNCTION:FP_API
-X509_NAME_print_ex 2431 EXIST::FUNCTION:BIO
-ASN1_STRING_print_ex 2432 EXIST::FUNCTION:BIO
-MD4 2433 EXIST::FUNCTION:MD4
-MD4_Transform 2434 EXIST::FUNCTION:MD4
-MD4_Final 2435 EXIST::FUNCTION:MD4
-MD4_Update 2436 EXIST::FUNCTION:MD4
-MD4_Init 2437 EXIST::FUNCTION:MD4
-EVP_md4 2438 EXIST::FUNCTION:MD4
-i2d_PUBKEY_bio 2439 EXIST::FUNCTION:BIO
-i2d_PUBKEY_fp 2440 EXIST::FUNCTION:FP_API
-d2i_PUBKEY_bio 2441 EXIST::FUNCTION:BIO
-ASN1_STRING_to_UTF8 2442 EXIST::FUNCTION:
-BIO_vprintf 2443 EXIST::FUNCTION:
-BIO_vsnprintf 2444 EXIST::FUNCTION:
-d2i_PUBKEY_fp 2445 EXIST::FUNCTION:FP_API
-X509_cmp_time 2446 EXIST::FUNCTION:
-X509_STORE_CTX_set_time 2447 EXIST::FUNCTION:
-X509_STORE_CTX_get1_issuer 2448 EXIST::FUNCTION:
-X509_OBJECT_retrieve_match 2449 EXIST::FUNCTION:
-X509_OBJECT_idx_by_subject 2450 EXIST::FUNCTION:
-X509_STORE_CTX_set_flags 2451 EXIST::FUNCTION:
-X509_STORE_CTX_trusted_stack 2452 EXIST::FUNCTION:
-X509_time_adj 2453 EXIST::FUNCTION:
-X509_check_issued 2454 EXIST::FUNCTION:
-ASN1_UTCTIME_cmp_time_t 2455 EXIST::FUNCTION:
-DES_set_weak_key_flag 2456 NOEXIST::FUNCTION:
-DES_check_key 2457 NOEXIST::FUNCTION:
-DES_rw_mode 2458 NOEXIST::FUNCTION:
-RSA_PKCS1_RSAref 2459 NOEXIST::FUNCTION:
-X509_keyid_set1 2460 EXIST::FUNCTION:
-BIO_next 2461 EXIST::FUNCTION:
-DSO_METHOD_vms 2462 EXIST::FUNCTION:
-BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION:
-BN_bntest_rand 2464 EXIST::FUNCTION:
-OPENSSL_issetugid 2465 EXIST::FUNCTION:
-BN_rand_range 2466 EXIST::FUNCTION:
-ERR_load_ENGINE_strings 2467 EXIST::FUNCTION:ENGINE
-ENGINE_set_DSA 2468 EXIST::FUNCTION:ENGINE
-ENGINE_get_finish_function 2469 EXIST::FUNCTION:ENGINE
-ENGINE_get_default_RSA 2470 EXIST::FUNCTION:ENGINE
-ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION:
-DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION:
-ENGINE_set_DH 2473 EXIST::FUNCTION:ENGINE
-ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION:
-ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION:
-ENGINE_init 2475 EXIST::FUNCTION:ENGINE
-DH_get_default_openssl_method 2476 NOEXIST::FUNCTION:
-RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION:
-ENGINE_finish 2478 EXIST::FUNCTION:ENGINE
-ENGINE_load_public_key 2479 EXIST::FUNCTION:ENGINE
-ENGINE_get_DH 2480 EXIST::FUNCTION:ENGINE
-ENGINE_ctrl 2481 EXIST::FUNCTION:ENGINE
-ENGINE_get_init_function 2482 EXIST::FUNCTION:ENGINE
-ENGINE_set_init_function 2483 EXIST::FUNCTION:ENGINE
-ENGINE_set_default_DSA 2484 EXIST::FUNCTION:ENGINE
-ENGINE_get_name 2485 EXIST::FUNCTION:ENGINE
-ENGINE_get_last 2486 EXIST::FUNCTION:ENGINE
-ENGINE_get_prev 2487 EXIST::FUNCTION:ENGINE
-ENGINE_get_default_DH 2488 EXIST::FUNCTION:ENGINE
-ENGINE_get_RSA 2489 EXIST::FUNCTION:ENGINE
-ENGINE_set_default 2490 EXIST::FUNCTION:ENGINE
-ENGINE_get_RAND 2491 EXIST::FUNCTION:ENGINE
-ENGINE_get_first 2492 EXIST::FUNCTION:ENGINE
-ENGINE_by_id 2493 EXIST::FUNCTION:ENGINE
-ENGINE_set_finish_function 2494 EXIST::FUNCTION:ENGINE
-ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION:
-ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION:
-RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION:
-ENGINE_set_RSA 2497 EXIST::FUNCTION:ENGINE
-ENGINE_load_private_key 2498 EXIST::FUNCTION:ENGINE
-ENGINE_set_default_RAND 2499 EXIST::FUNCTION:ENGINE
-ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION:
-ENGINE_remove 2501 EXIST::FUNCTION:ENGINE
-ENGINE_free 2502 EXIST::FUNCTION:ENGINE
-ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION:
-ENGINE_get_next 2504 EXIST::FUNCTION:ENGINE
-ENGINE_set_name 2505 EXIST::FUNCTION:ENGINE
-ENGINE_get_default_DSA 2506 EXIST::FUNCTION:ENGINE
-ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION:
-ENGINE_set_default_RSA 2508 EXIST::FUNCTION:ENGINE
-ENGINE_get_default_RAND 2509 EXIST::FUNCTION:ENGINE
-ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION:
-ENGINE_set_RAND 2511 EXIST::FUNCTION:ENGINE
-ENGINE_set_id 2512 EXIST::FUNCTION:ENGINE
-ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION:
-ENGINE_set_default_DH 2514 EXIST::FUNCTION:ENGINE
-ENGINE_new 2515 EXIST::FUNCTION:ENGINE
-ENGINE_get_id 2516 EXIST::FUNCTION:ENGINE
-DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION:
-ENGINE_add 2518 EXIST::FUNCTION:ENGINE
-DH_set_default_openssl_method 2519 NOEXIST::FUNCTION:
-ENGINE_get_DSA 2520 EXIST::FUNCTION:ENGINE
-ENGINE_get_ctrl_function 2521 EXIST::FUNCTION:ENGINE
-ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE
-BN_pseudo_rand_range 2523 EXIST::FUNCTION:
-X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION:
-ERR_load_COMP_strings 2525 EXIST::FUNCTION:
-PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION:
-ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_unregister_ciphers 2528 EXIST::FUNCTION:ENGINE
-ENGINE_get_ciphers 2529 EXIST::FUNCTION:ENGINE
-d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION:
-KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_POINT_add 2532 EXIST::FUNCTION:EC
-ASN1_item_ex_i2d 2533 EXIST::FUNCTION:
-OCSP_CERTID_it 2534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_CERTID_it 2534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_RESPBYTES 2535 EXIST::FUNCTION:
-X509V3_add1_i2d 2536 EXIST::FUNCTION:
-PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_add_input_boolean 2538 EXIST::FUNCTION:
-ENGINE_unregister_RSA 2539 EXIST::FUNCTION:ENGINE
-X509V3_EXT_nconf 2540 EXIST::FUNCTION:
-ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION:
-d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION:
-X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION:
-X509_print_ex 2544 EXIST::FUNCTION:BIO
-OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION:
-ENGINE_register_all_RAND 2546 EXIST::FUNCTION:ENGINE
-ENGINE_load_dynamic 2547 EXIST::FUNCTION:ENGINE
-PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION:
-EC_GROUP_clear_free 2550 EXIST::FUNCTION:EC
-OCSP_sendreq_bio 2551 EXIST::FUNCTION:
-ASN1_item_digest 2552 EXIST::FUNCTION:EVP
-OCSP_BASICRESP_delete_ext 2553 EXIST::FUNCTION:
-OCSP_SIGNATURE_it 2554 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_SIGNATURE_it 2554 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CRL_it 2555 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CRL_it 2555 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_BASICRESP_add_ext 2556 EXIST::FUNCTION:
-KRB5_ENCKEY_it 2557 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_ENCKEY_it 2557 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_method_set_closer 2558 EXIST::FUNCTION:
-X509_STORE_set_purpose 2559 EXIST::FUNCTION:
-i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION:
-OCSP_response_status 2561 EXIST::FUNCTION:
-i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION:
-ENGINE_get_digest_engine 2563 EXIST::FUNCTION:ENGINE
-EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC
-OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION:
-_ossl_old_des_random_key 2566 EXIST::FUNCTION:DES
-ASN1_T61STRING_it 2567 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_T61STRING_it 2567 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_method_of 2568 EXIST::FUNCTION:EC
-i2d_KRB5_APREQ 2569 EXIST::FUNCTION:
-_ossl_old_des_encrypt 2570 EXIST::FUNCTION:DES
-ASN1_PRINTABLE_new 2571 EXIST::FUNCTION:
-HMAC_Init_ex 2572 EXIST::FUNCTION:HMAC
-d2i_KRB5_AUTHENT 2573 EXIST::FUNCTION:
-OCSP_archive_cutoff_new 2574 EXIST::FUNCTION:
-EC_POINT_set_Jprojective_coordinates_GFp 2575 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_Jproj_coords_GFp 2575 EXIST:VMS:FUNCTION:EC
-_ossl_old_des_is_weak_key 2576 EXIST::FUNCTION:DES
-OCSP_BASICRESP_get_ext_by_OBJ 2577 EXIST::FUNCTION:
-EC_POINT_oct2point 2578 EXIST::FUNCTION:EC
-OCSP_SINGLERESP_get_ext_count 2579 EXIST::FUNCTION:
-UI_ctrl 2580 EXIST::FUNCTION:
-_shadow_DES_rw_mode 2581 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
-_shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
-asn1_do_adb 2582 EXIST::FUNCTION:
-ASN1_template_i2d 2583 EXIST::FUNCTION:
-ENGINE_register_DH 2584 EXIST::FUNCTION:ENGINE
-UI_construct_prompt 2585 EXIST::FUNCTION:
-X509_STORE_set_trust 2586 EXIST::FUNCTION:
-UI_dup_input_string 2587 EXIST::FUNCTION:
-d2i_KRB5_APREQ 2588 EXIST::FUNCTION:
-EVP_MD_CTX_copy_ex 2589 EXIST::FUNCTION:
-OCSP_request_is_signed 2590 EXIST::FUNCTION:
-i2d_OCSP_REQINFO 2591 EXIST::FUNCTION:
-KRB5_ENCKEY_free 2592 EXIST::FUNCTION:
-OCSP_resp_get0 2593 EXIST::FUNCTION:
-GENERAL_NAME_it 2594 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_NAME_it 2594 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_GENERALIZEDTIME_it 2595 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_GENERALIZEDTIME_it 2595 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_STORE_set_flags 2596 EXIST::FUNCTION:
-EC_POINT_set_compressed_coordinates_GFp 2597 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GFp 2597 EXIST:VMS:FUNCTION:EC
-OCSP_response_status_str 2598 EXIST::FUNCTION:
-d2i_OCSP_REVOKEDINFO 2599 EXIST::FUNCTION:
-OCSP_basic_add1_cert 2600 EXIST::FUNCTION:
-ERR_get_implementation 2601 EXIST::FUNCTION:
-EVP_CipherFinal_ex 2602 EXIST::FUNCTION:
-OCSP_CERTSTATUS_new 2603 EXIST::FUNCTION:
-CRYPTO_cleanup_all_ex_data 2604 EXIST::FUNCTION:
-OCSP_resp_find 2605 EXIST::FUNCTION:
-BN_nnmod 2606 EXIST::FUNCTION:
-X509_CRL_sort 2607 EXIST::FUNCTION:
-X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION:
-ENGINE_register_RAND 2609 EXIST::FUNCTION:ENGINE
-OCSP_SERVICELOC_new 2610 EXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC
-_ossl_old_des_options 2612 EXIST::FUNCTION:DES
-SXNET_it 2613 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-SXNET_it 2613 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_dup_input_boolean 2614 EXIST::FUNCTION:
-PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION:
-EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC
-ENGINE_load_cryptodev 2617 EXIST::FUNCTION:ENGINE
-DSO_convert_filename 2618 EXIST::FUNCTION:
-POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_register_ciphers 2620 EXIST::FUNCTION:ENGINE
-BN_mod_lshift_quick 2621 EXIST::FUNCTION:
-DSO_set_filename 2622 EXIST::FUNCTION:
-ASN1_item_free 2623 EXIST::FUNCTION:
-KRB5_TKTBODY_free 2624 EXIST::FUNCTION:
-AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_APREQBODY_new 2626 EXIST::FUNCTION:
-X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION:
-ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION:ENGINE
-i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION:
-EVP_MD_CTX_init 2630 EXIST::FUNCTION:
-EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION:
-PKCS7_ATTR_SIGN_it 2632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_add_error_string 2633 EXIST::FUNCTION:
-KRB5_CHECKSUM_free 2634 EXIST::FUNCTION:
-OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION:
-ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE
-PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS12_unpack_authsafes 2639 EXIST::FUNCTION:
-ASN1_item_unpack 2640 EXIST::FUNCTION:
-NETSCAPE_SPKAC_it 2641 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_SPKAC_it 2641 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_STRING_encode 2643 NOEXIST::FUNCTION:
-EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES
-KRB5_AUTHENT_free 2645 EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION:
-OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION:
-OCSP_cert_status_str 2647 EXIST::FUNCTION:
-d2i_OCSP_REQUEST 2648 EXIST::FUNCTION:
-UI_dup_info_string 2649 EXIST::FUNCTION:
-_ossl_old_des_xwhite_in2out 2650 NOEXIST::FUNCTION:
-PKCS12_it 2651 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_it 2651 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_SINGLERESP_get_ext_by_critical 2652 EXIST:!VMS:FUNCTION:
-OCSP_SINGLERESP_get_ext_by_crit 2652 EXIST:VMS:FUNCTION:
-OCSP_CERTSTATUS_free 2653 EXIST::FUNCTION:
-_ossl_old_des_crypt 2654 EXIST::FUNCTION:DES
-ASN1_item_i2d 2655 EXIST::FUNCTION:
-EVP_DecryptFinal_ex 2656 EXIST::FUNCTION:
-ENGINE_load_openssl 2657 EXIST::FUNCTION:ENGINE
-ENGINE_get_cmd_defns 2658 EXIST::FUNCTION:ENGINE
-ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION:ENGINE
-EVP_EncryptFinal_ex 2660 EXIST::FUNCTION:
-ENGINE_set_default_digests 2661 EXIST::FUNCTION:ENGINE
-X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION:
-asn1_ex_i2c 2663 EXIST::FUNCTION:
-ENGINE_register_RSA 2664 EXIST::FUNCTION:ENGINE
-ENGINE_unregister_DSA 2665 EXIST::FUNCTION:ENGINE
-_ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES
-X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_KRB5_AUTHENT 2668 EXIST::FUNCTION:
-SXNETID_it 2669 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-SXNETID_it 2669 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_SINGLERESP 2670 EXIST::FUNCTION:
-EDIPARTYNAME_new 2671 EXIST::FUNCTION:
-PKCS12_certbag2x509 2672 EXIST::FUNCTION:
-_ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES
-d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION:
-ERR_print_errors_cb 2675 EXIST::FUNCTION:
-ENGINE_set_ciphers 2676 EXIST::FUNCTION:ENGINE
-d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION:
-UI_method_get_flusher 2678 EXIST::FUNCTION:
-X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_PUBKEY_it 2679 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_enc_read 2680 EXIST::FUNCTION:DES
-PKCS7_ENCRYPT_it 2681 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ENCRYPT_it 2681 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_OCSP_RESPONSE 2682 EXIST::FUNCTION:
-EC_GROUP_get_cofactor 2683 EXIST::FUNCTION:EC
-PKCS12_unpack_p7data 2684 EXIST::FUNCTION:
-d2i_KRB5_AUTHDATA 2685 EXIST::FUNCTION:
-OCSP_copy_nonce 2686 EXIST::FUNCTION:
-KRB5_AUTHDATA_new 2687 EXIST::FUNCTION:
-OCSP_RESPDATA_new 2688 EXIST::FUNCTION:
-EC_GFp_mont_method 2689 EXIST::FUNCTION:EC
-OCSP_REVOKEDINFO_free 2690 EXIST::FUNCTION:
-UI_get_ex_data 2691 EXIST::FUNCTION:
-KRB5_APREQBODY_free 2692 EXIST::FUNCTION:
-EC_GROUP_get0_generator 2693 EXIST::FUNCTION:EC
-UI_get_default_method 2694 EXIST::FUNCTION:
-X509V3_set_nconf 2695 EXIST::FUNCTION:
-PKCS12_item_i2d_encrypt 2696 EXIST::FUNCTION:
-X509_add1_ext_i2d 2697 EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_it 2698 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_SIGNER_INFO_it 2698 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_PRINCNAME_new 2699 EXIST::FUNCTION:
-PKCS12_SAFEBAG_it 2700 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_SAFEBAG_it 2700 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_get_order 2701 EXIST::FUNCTION:EC
-d2i_OCSP_RESPID 2702 EXIST::FUNCTION:
-OCSP_request_verify 2703 EXIST::FUNCTION:
-NCONF_get_number_e 2704 EXIST::FUNCTION:
-_ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES
-X509_signature_print 2706 EXIST::FUNCTION:EVP
-OCSP_SINGLERESP_free 2707 EXIST::FUNCTION:
-ENGINE_load_builtin_engines 2708 EXIST::FUNCTION:ENGINE
-i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION:
-OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION:
-OCSP_RESPBYTES_new 2711 EXIST::FUNCTION:
-EVP_MD_CTX_create 2712 EXIST::FUNCTION:
-OCSP_resp_find_status 2713 EXIST::FUNCTION:
-X509_ALGOR_it 2714 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_ALGOR_it 2714 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_TIME_it 2715 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_TIME_it 2715 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_request_set1_name 2716 EXIST::FUNCTION:
-OCSP_ONEREQ_get_ext_count 2717 EXIST::FUNCTION:
-UI_get0_result 2718 EXIST::FUNCTION:
-PKCS12_AUTHSAFES_it 2719 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_AUTHSAFES_it 2719 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_aes_256_ecb 2720 EXIST::FUNCTION:AES
-PKCS12_pack_authsafes 2721 EXIST::FUNCTION:
-ASN1_IA5STRING_it 2722 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_IA5STRING_it 2722 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_get_input_flags 2723 EXIST::FUNCTION:
-EC_GROUP_set_generator 2724 EXIST::FUNCTION:EC
-_ossl_old_des_string_to_2keys 2725 EXIST::FUNCTION:DES
-OCSP_CERTID_free 2726 EXIST::FUNCTION:
-X509_CERT_AUX_it 2727 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CERT_AUX_it 2727 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES
-RAND_set_rand_engine 2730 EXIST::FUNCTION:ENGINE
-DSO_get_loaded_filename 2731 EXIST::FUNCTION:
-X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_ONEREQ_get_ext_by_NID 2733 EXIST::FUNCTION:
-PKCS12_decrypt_skey 2734 EXIST::FUNCTION:
-KRB5_AUTHENT_it 2735 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_AUTHENT_it 2735 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_dup_error_string 2736 EXIST::FUNCTION:
-RSAPublicKey_it 2737 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
-RSAPublicKey_it 2737 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
-i2d_OCSP_REQUEST 2738 EXIST::FUNCTION:
-PKCS12_x509crl2certbag 2739 EXIST::FUNCTION:
-OCSP_SERVICELOC_it 2740 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_SERVICELOC_it 2740 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_item_sign 2741 EXIST::FUNCTION:EVP
-X509_CRL_set_issuer_name 2742 EXIST::FUNCTION:
-OBJ_NAME_do_all_sorted 2743 EXIST::FUNCTION:
-i2d_OCSP_BASICRESP 2744 EXIST::FUNCTION:
-i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION:
-PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION:
-HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC
-ENGINE_get_digest 2748 EXIST::FUNCTION:ENGINE
-OCSP_RESPONSE_print 2749 EXIST::FUNCTION:
-KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ACCESS_DESCRIPTION_it 2751 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ACCESS_DESCRIPTION_it 2751 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_it 2752 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ISSUER_AND_SERIAL_it 2752 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PBE2PARAM_it 2753 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PBE2PARAM_it 2753 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS12_certbag2x509crl 2754 EXIST::FUNCTION:
-PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_cipher 2756 EXIST::FUNCTION:ENGINE
-i2d_OCSP_CRLID 2757 EXIST::FUNCTION:
-OCSP_SINGLERESP_new 2758 EXIST::FUNCTION:
-ENGINE_cmd_is_executable 2759 EXIST::FUNCTION:ENGINE
-RSA_up_ref 2760 EXIST::FUNCTION:RSA
-ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_register_DSA 2762 EXIST::FUNCTION:ENGINE
-X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION:
-ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION:ENGINE
-PKCS8_decrypt 2765 EXIST::FUNCTION:
-PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO
-DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DIRECTORYSTRING_it 2767 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_CRLID 2768 EXIST::FUNCTION:
-EC_POINT_is_on_curve 2769 EXIST::FUNCTION:EC
-CRYPTO_set_locked_mem_ex_functions 2770 EXIST:!VMS:FUNCTION:
-CRYPTO_set_locked_mem_ex_funcs 2770 EXIST:VMS:FUNCTION:
-d2i_KRB5_CHECKSUM 2771 EXIST::FUNCTION:
-ASN1_item_dup 2772 EXIST::FUNCTION:
-X509_it 2773 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_it 2773 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-BN_mod_add 2774 EXIST::FUNCTION:
-KRB5_AUTHDATA_free 2775 EXIST::FUNCTION:
-_ossl_old_des_cbc_cksum 2776 EXIST::FUNCTION:DES
-ASN1_item_verify 2777 EXIST::FUNCTION:EVP
-CRYPTO_set_mem_ex_functions 2778 EXIST::FUNCTION:
-EC_POINT_get_Jprojective_coordinates_GFp 2779 EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_Jproj_coords_GFp 2779 EXIST:VMS:FUNCTION:EC
-ZLONG_it 2780 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ZLONG_it 2780 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-CRYPTO_get_locked_mem_ex_functions 2781 EXIST:!VMS:FUNCTION:
-CRYPTO_get_locked_mem_ex_funcs 2781 EXIST:VMS:FUNCTION:
-ASN1_TIME_check 2782 EXIST::FUNCTION:
-UI_get0_user_data 2783 EXIST::FUNCTION:
-HMAC_CTX_cleanup 2784 EXIST::FUNCTION:HMAC
-DSA_up_ref 2785 EXIST::FUNCTION:DSA
-_ossl_old_des_ede3_cfb64_encrypt 2786 EXIST:!VMS:FUNCTION:DES
-_ossl_odes_ede3_cfb64_encrypt 2786 EXIST:VMS:FUNCTION:DES
-ASN1_BMPSTRING_it 2787 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_BMPSTRING_it 2787 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_tag2bit 2788 EXIST::FUNCTION:
-UI_method_set_flusher 2789 EXIST::FUNCTION:
-X509_ocspid_print 2790 EXIST::FUNCTION:BIO
-KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION:ENGINE
-UI_add_user_data 2793 EXIST::FUNCTION:
-OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION:
-UI_get_method 2795 EXIST::FUNCTION:
-OCSP_ONEREQ_free 2796 EXIST::FUNCTION:
-ASN1_PRINTABLESTRING_it 2797 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_PRINTABLESTRING_it 2797 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CRL_set_nextUpdate 2798 EXIST::FUNCTION:
-OCSP_REQUEST_it 2799 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_REQUEST_it 2799 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_BASICRESP_it 2800 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_BASICRESP_it 2800 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AES_ecb_encrypt 2801 EXIST::FUNCTION:AES
-BN_mod_sqr 2802 EXIST::FUNCTION:
-NETSCAPE_CERT_SEQUENCE_it 2803 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_CERT_SEQUENCE_it 2803 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_NAMES_it 2804 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_NAMES_it 2804 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AUTHORITY_INFO_ACCESS_it 2805 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-AUTHORITY_INFO_ACCESS_it 2805 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_FBOOLEAN_it 2806 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_set_ex_data 2807 EXIST::FUNCTION:
-_ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES
-ENGINE_register_all_RSA 2809 EXIST::FUNCTION:ENGINE
-d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION:
-OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_unregister_digests 2813 EXIST::FUNCTION:ENGINE
-d2i_EDIPARTYNAME 2814 EXIST::FUNCTION:
-d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION:
-ENGINE_get_digests 2816 EXIST::FUNCTION:ENGINE
-_ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES
-OCSP_RESPDATA_free 2818 EXIST::FUNCTION:
-d2i_KRB5_TICKET 2819 EXIST::FUNCTION:
-OTHERNAME_it 2820 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OTHERNAME_it 2820 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_MD_CTX_cleanup 2821 EXIST::FUNCTION:
-d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION:
-X509_CRL_set_version 2823 EXIST::FUNCTION:
-BN_mod_sub 2824 EXIST::FUNCTION:
-OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION:
-ENGINE_get_ex_new_index 2826 EXIST::FUNCTION:ENGINE
-OCSP_REQUEST_free 2827 EXIST::FUNCTION:
-OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION:
-X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_VAL_it 2829 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_POINTs_make_affine 2830 EXIST::FUNCTION:EC
-EC_POINT_mul 2831 EXIST::FUNCTION:EC
-X509V3_EXT_add_nconf 2832 EXIST::FUNCTION:
-X509_TRUST_set 2833 EXIST::FUNCTION:
-X509_CRL_add1_ext_i2d 2834 EXIST::FUNCTION:
-_ossl_old_des_fcrypt 2835 EXIST::FUNCTION:DES
-DISPLAYTEXT_it 2836 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DISPLAYTEXT_it 2836 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CRL_set_lastUpdate 2837 EXIST::FUNCTION:
-OCSP_BASICRESP_free 2838 EXIST::FUNCTION:
-OCSP_BASICRESP_add1_ext_i2d 2839 EXIST::FUNCTION:
-d2i_KRB5_AUTHENTBODY 2840 EXIST::FUNCTION:
-CRYPTO_set_ex_data_implementation 2841 EXIST:!VMS:FUNCTION:
-CRYPTO_set_ex_data_impl 2841 EXIST:VMS:FUNCTION:
-KRB5_ENCDATA_new 2842 EXIST::FUNCTION:
-DSO_up_ref 2843 EXIST::FUNCTION:
-OCSP_crl_reason_str 2844 EXIST::FUNCTION:
-UI_get0_result_string 2845 EXIST::FUNCTION:
-ASN1_GENERALSTRING_new 2846 EXIST::FUNCTION:
-X509_SIG_it 2847 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_SIG_it 2847 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ERR_set_implementation 2848 EXIST::FUNCTION:
-ERR_load_EC_strings 2849 EXIST::FUNCTION:EC
-UI_get0_action_string 2850 EXIST::FUNCTION:
-OCSP_ONEREQ_get_ext 2851 EXIST::FUNCTION:
-EC_POINT_method_of 2852 EXIST::FUNCTION:EC
-i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION:
-_ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES
-CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION:
-ENGINE_get_ex_data 2856 EXIST::FUNCTION:ENGINE
-UI_destroy_method 2857 EXIST::FUNCTION:
-ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO
-OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION:
-ASN1_primitive_new 2860 EXIST::FUNCTION:
-ASN1_PRINTABLE_it 2861 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_PRINTABLE_it 2861 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_aes_192_ecb 2862 EXIST::FUNCTION:AES
-OCSP_SIGNATURE_new 2863 EXIST::FUNCTION:
-LONG_it 2864 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-LONG_it 2864 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_VISIBLESTRING_it 2865 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_VISIBLESTRING_it 2865 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_SINGLERESP_add1_ext_i2d 2866 EXIST::FUNCTION:
-d2i_OCSP_CERTID 2867 EXIST::FUNCTION:
-ASN1_item_d2i_fp 2868 EXIST::FUNCTION:FP_API
-CRL_DIST_POINTS_it 2869 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-CRL_DIST_POINTS_it 2869 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_NAME_print 2870 EXIST::FUNCTION:
-OCSP_SINGLERESP_delete_ext 2871 EXIST::FUNCTION:
-PKCS12_SAFEBAGS_it 2872 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION:
-OCSP_request_add1_nonce 2874 EXIST::FUNCTION:
-ENGINE_set_cmd_defns 2875 EXIST::FUNCTION:ENGINE
-OCSP_SERVICELOC_free 2876 EXIST::FUNCTION:
-EC_GROUP_free 2877 EXIST::FUNCTION:EC
-ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_BIT_STRING_it 2878 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_REQ_it 2879 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_REQ_it 2879 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_cbc_encrypt 2880 EXIST::FUNCTION:DES
-ERR_unload_strings 2881 EXIST::FUNCTION:
-PKCS7_SIGN_ENVELOPE_it 2882 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_SIGN_ENVELOPE_it 2882 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EDIPARTYNAME_free 2883 EXIST::FUNCTION:
-OCSP_REQINFO_free 2884 EXIST::FUNCTION:
-EC_GROUP_new_curve_GFp 2885 EXIST::FUNCTION:EC
-OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION:
-PKCS12_item_pack_safebag 2887 EXIST::FUNCTION:
-asn1_ex_c2i 2888 EXIST::FUNCTION:
-ENGINE_register_digests 2889 EXIST::FUNCTION:ENGINE
-i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION:
-asn1_enc_restore 2891 EXIST::FUNCTION:
-UI_free 2892 EXIST::FUNCTION:
-UI_new_method 2893 EXIST::FUNCTION:
-EVP_EncryptInit_ex 2894 EXIST::FUNCTION:
-X509_pubkey_digest 2895 EXIST::FUNCTION:EVP
-EC_POINT_invert 2896 EXIST::FUNCTION:EC
-OCSP_basic_sign 2897 EXIST::FUNCTION:
-i2d_OCSP_RESPID 2898 EXIST::FUNCTION:
-OCSP_check_nonce 2899 EXIST::FUNCTION:
-ENGINE_ctrl_cmd 2900 EXIST::FUNCTION:ENGINE
-d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION:
-OCSP_parse_url 2902 EXIST::FUNCTION:
-OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION:
-OCSP_CRLID_free 2904 EXIST::FUNCTION:
-OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION:
-RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
-RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
-ENGINE_register_all_DH 2907 EXIST::FUNCTION:ENGINE
-i2d_EDIPARTYNAME 2908 EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC
-OCSP_CRLID_new 2910 EXIST::FUNCTION:
-ENGINE_get_flags 2911 EXIST::FUNCTION:ENGINE
-OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_process 2913 EXIST::FUNCTION:
-ASN1_INTEGER_it 2914 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_CipherInit_ex 2915 EXIST::FUNCTION:
-UI_get_string_type 2916 EXIST::FUNCTION:
-ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE
-ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE
-OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION:
-bn_dup_expand 2920 EXIST::FUNCTION:DEPRECATED
-OCSP_cert_id_new 2921 EXIST::FUNCTION:
-BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-BN_mod_add_quick 2923 EXIST::FUNCTION:
-EC_POINT_new 2924 EXIST::FUNCTION:EC
-EVP_MD_CTX_destroy 2925 EXIST::FUNCTION:
-OCSP_RESPBYTES_free 2926 EXIST::FUNCTION:
-EVP_aes_128_cbc 2927 EXIST::FUNCTION:AES
-OCSP_SINGLERESP_get1_ext_d2i 2928 EXIST::FUNCTION:
-EC_POINT_free 2929 EXIST::FUNCTION:EC
-DH_up_ref 2930 EXIST::FUNCTION:DH
-X509_NAME_ENTRY_it 2931 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_NAME_ENTRY_it 2931 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_get_ex_new_index 2932 EXIST::FUNCTION:
-BN_mod_sub_quick 2933 EXIST::FUNCTION:
-OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION:
-OCSP_request_sign 2935 EXIST::FUNCTION:
-EVP_DigestFinal_ex 2936 EXIST::FUNCTION:
-ENGINE_set_digests 2937 EXIST::FUNCTION:ENGINE
-OCSP_id_issuer_cmp 2938 EXIST::FUNCTION:
-OBJ_NAME_do_all 2939 EXIST::FUNCTION:
-EC_POINTs_mul 2940 EXIST::FUNCTION:EC
-ENGINE_register_complete 2941 EXIST::FUNCTION:ENGINE
-X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION:
-ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_set_default_method 2944 EXIST::FUNCTION:
-RAND_query_egd_bytes 2945 EXIST::FUNCTION:
-UI_method_get_writer 2946 EXIST::FUNCTION:
-UI_OpenSSL 2947 EXIST::FUNCTION:
-PEM_def_callback 2948 EXIST::FUNCTION:
-ENGINE_cleanup 2949 EXIST::FUNCTION:ENGINE
-DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_SINGLERESP_it 2951 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_KRB5_TKTBODY 2952 EXIST::FUNCTION:
-EC_POINT_cmp 2953 EXIST::FUNCTION:EC
-OCSP_REVOKEDINFO_new 2954 EXIST::FUNCTION:
-i2d_OCSP_CERTSTATUS 2955 EXIST::FUNCTION:
-OCSP_basic_add1_nonce 2956 EXIST::FUNCTION:
-ASN1_item_ex_d2i 2957 EXIST::FUNCTION:
-BN_mod_lshift1_quick 2958 EXIST::FUNCTION:
-UI_set_method 2959 EXIST::FUNCTION:
-OCSP_id_get0_info 2960 EXIST::FUNCTION:
-BN_mod_sqrt 2961 EXIST::FUNCTION:
-EC_GROUP_copy 2962 EXIST::FUNCTION:EC
-KRB5_ENCDATA_free 2963 EXIST::FUNCTION:
-_ossl_old_des_cfb_encrypt 2964 EXIST::FUNCTION:DES
-OCSP_SINGLERESP_get_ext_by_OBJ 2965 EXIST::FUNCTION:
-OCSP_cert_to_id 2966 EXIST::FUNCTION:
-OCSP_RESPID_new 2967 EXIST::FUNCTION:
-OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION:
-ENGINE_register_all_complete 2970 EXIST::FUNCTION:ENGINE
-OCSP_check_validity 2971 EXIST::FUNCTION:
-PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_url_svcloc_new 2973 EXIST::FUNCTION:
-ASN1_template_free 2974 EXIST::FUNCTION:
-OCSP_SINGLERESP_add_ext 2975 EXIST::FUNCTION:
-KRB5_AUTHENTBODY_it 2976 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_AUTHENTBODY_it 2976 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_supported_extension 2977 EXIST::FUNCTION:
-i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION:
-UI_method_get_opener 2979 EXIST::FUNCTION:
-ENGINE_set_ex_data 2980 EXIST::FUNCTION:ENGINE
-OCSP_REQUEST_print 2981 EXIST::FUNCTION:
-CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_TICKET_new 2983 EXIST::FUNCTION:
-KRB5_APREQ_new 2984 EXIST::FUNCTION:
-EC_GROUP_get_curve_GFp 2985 EXIST::FUNCTION:EC
-KRB5_ENCKEY_new 2986 EXIST::FUNCTION:
-ASN1_template_d2i 2987 EXIST::FUNCTION:
-_ossl_old_des_quad_cksum 2988 EXIST::FUNCTION:DES
-OCSP_single_get0_status 2989 EXIST::FUNCTION:
-BN_swap 2990 EXIST::FUNCTION:
-POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_set_destroy_function 2992 EXIST::FUNCTION:ENGINE
-asn1_enc_free 2993 EXIST::FUNCTION:
-OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_new 2995 EXIST::FUNCTION:EC
-EVP_aes_256_cbc 2996 EXIST::FUNCTION:AES
-i2d_KRB5_PRINCNAME 2997 EXIST::FUNCTION:
-_ossl_old_des_encrypt2 2998 EXIST::FUNCTION:DES
-_ossl_old_des_encrypt3 2999 EXIST::FUNCTION:DES
-PKCS8_PRIV_KEY_INFO_it 3000 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS8_PRIV_KEY_INFO_it 3000 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_REQINFO_it 3001 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_REQINFO_it 3001 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PBEPARAM_it 3002 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PBEPARAM_it 3002 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_AUTHENTBODY_new 3003 EXIST::FUNCTION:
-X509_CRL_add0_revoked 3004 EXIST::FUNCTION:
-EDIPARTYNAME_it 3005 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-EDIPARTYNAME_it 3005 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_get0_test_string 3007 EXIST::FUNCTION:
-ENGINE_get_cipher_engine 3008 EXIST::FUNCTION:ENGINE
-ENGINE_register_all_ciphers 3009 EXIST::FUNCTION:ENGINE
-EC_POINT_copy 3010 EXIST::FUNCTION:EC
-BN_kronecker 3011 EXIST::FUNCTION:
-_ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES
-_ossl_odes_ede3_ofb64_encrypt 3012 EXIST:VMS:FUNCTION:DES
-UI_method_get_reader 3013 EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext_count 3014 EXIST::FUNCTION:
-ASN1_ENUMERATED_it 3015 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_ENUMERATED_it 3015 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_set_result 3016 EXIST::FUNCTION:
-i2d_KRB5_TICKET 3017 EXIST::FUNCTION:
-X509_print_ex_fp 3018 EXIST::FUNCTION:FP_API
-EVP_CIPHER_CTX_set_padding 3019 EXIST::FUNCTION:
-d2i_OCSP_RESPONSE 3020 EXIST::FUNCTION:
-ASN1_UTCTIME_it 3021 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_UTCTIME_it 3021 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_enc_write 3022 EXIST::FUNCTION:DES
-OCSP_RESPONSE_new 3023 EXIST::FUNCTION:
-AES_set_encrypt_key 3024 EXIST::FUNCTION:AES
-OCSP_resp_count 3025 EXIST::FUNCTION:
-KRB5_CHECKSUM_new 3026 EXIST::FUNCTION:
-ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-OCSP_onereq_get0_id 3028 EXIST::FUNCTION:
-ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE
-NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION:
-OCSP_REVOKEDINFO_it 3032 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_REVOKEDINFO_it 3032 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AES_encrypt 3033 EXIST::FUNCTION:AES
-OCSP_REQUEST_new 3034 EXIST::FUNCTION:
-ASN1_ANY_it 3035 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_ANY_it 3035 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-CRYPTO_ex_data_new_class 3036 EXIST::FUNCTION:
-_ossl_old_des_ncbc_encrypt 3037 EXIST::FUNCTION:DES
-i2d_KRB5_TKTBODY 3038 EXIST::FUNCTION:
-EC_POINT_clear_free 3039 EXIST::FUNCTION:EC
-AES_decrypt 3040 EXIST::FUNCTION:AES
-asn1_enc_init 3041 EXIST::FUNCTION:
-UI_get_result_maxsize 3042 EXIST::FUNCTION:
-OCSP_CERTID_new 3043 EXIST::FUNCTION:
-ENGINE_unregister_RAND 3044 EXIST::FUNCTION:ENGINE
-UI_method_get_closer 3045 EXIST::FUNCTION:
-d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION:
-OCSP_request_onereq_count 3047 EXIST::FUNCTION:
-OCSP_basic_verify 3048 EXIST::FUNCTION:
-KRB5_AUTHENTBODY_free 3049 EXIST::FUNCTION:
-ASN1_item_d2i 3050 EXIST::FUNCTION:
-ASN1_primitive_free 3051 EXIST::FUNCTION:
-i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION:
-i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION:
-asn1_enc_save 3054 EXIST::FUNCTION:
-ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-_ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES
-PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_accept_responses_new 3058 EXIST::FUNCTION:
-asn1_do_lock 3059 EXIST::FUNCTION:
-PKCS7_ATTR_VERIFY_it 3060 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ATTR_VERIFY_it 3060 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_APREQBODY_it 3061 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_APREQBODY_it 3061 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_OCSP_SINGLERESP 3062 EXIST::FUNCTION:
-ASN1_item_ex_new 3063 EXIST::FUNCTION:
-UI_add_verify_string 3064 EXIST::FUNCTION:
-_ossl_old_des_set_key 3065 EXIST::FUNCTION:DES
-KRB5_PRINCNAME_it 3066 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_PRINCNAME_it 3066 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_DecryptInit_ex 3067 EXIST::FUNCTION:
-i2d_OCSP_CERTID 3068 EXIST::FUNCTION:
-ASN1_item_d2i_bio 3069 EXIST::FUNCTION:BIO
-EC_POINT_dbl 3070 EXIST::FUNCTION:EC
-asn1_get_choice_selector 3071 EXIST::FUNCTION:
-i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION:
-ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE
-AES_options 3074 EXIST::FUNCTION:AES
-ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-OCSP_id_cmp 3076 EXIST::FUNCTION:
-OCSP_BASICRESP_new 3077 EXIST::FUNCTION:
-OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION:
-KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_destroy_function 3080 EXIST::FUNCTION:ENGINE
-CONF_set_nconf 3081 EXIST::FUNCTION:
-ASN1_PRINTABLE_free 3082 EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION:
-DIST_POINT_NAME_it 3084 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DIST_POINT_NAME_it 3084 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509V3_extensions_print 3085 EXIST::FUNCTION:
-_ossl_old_des_cfb64_encrypt 3086 EXIST::FUNCTION:DES
-X509_REVOKED_add1_ext_i2d 3087 EXIST::FUNCTION:
-_ossl_old_des_ofb_encrypt 3088 EXIST::FUNCTION:DES
-KRB5_TKTBODY_new 3089 EXIST::FUNCTION:
-ASN1_OCTET_STRING_it 3090 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OCTET_STRING_it 3090 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ERR_load_UI_strings 3091 EXIST::FUNCTION:
-i2d_KRB5_ENCKEY 3092 EXIST::FUNCTION:
-ASN1_template_new 3093 EXIST::FUNCTION:
-OCSP_SIGNATURE_free 3094 EXIST::FUNCTION:
-ASN1_item_i2d_fp 3095 EXIST::FUNCTION:FP_API
-KRB5_PRINCNAME_free 3096 EXIST::FUNCTION:
-PKCS7_RECIP_INFO_it 3097 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_RECIP_INFO_it 3097 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EXTENDED_KEY_USAGE_it 3098 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-EXTENDED_KEY_USAGE_it 3098 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GFp_simple_method 3099 EXIST::FUNCTION:EC
-EC_GROUP_precompute_mult 3100 EXIST::FUNCTION:EC
-OCSP_request_onereq_get0 3101 EXIST::FUNCTION:
-UI_method_set_writer 3102 EXIST::FUNCTION:
-KRB5_AUTHENT_new 3103 EXIST::FUNCTION:
-X509_CRL_INFO_it 3104 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CRL_INFO_it 3104 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-DSO_set_name_converter 3105 EXIST::FUNCTION:
-AES_set_decrypt_key 3106 EXIST::FUNCTION:AES
-PKCS7_DIGEST_it 3107 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_DIGEST_it 3107 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS12_x5092certbag 3108 EXIST::FUNCTION:
-EVP_DigestInit_ex 3109 EXIST::FUNCTION:
-i2a_ACCESS_DESCRIPTION 3110 EXIST::FUNCTION:
-OCSP_RESPONSE_it 3111 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPONSE_it 3111 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS7_ENC_CONTENT_it 3112 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ENC_CONTENT_it 3112 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_request_add0_id 3113 EXIST::FUNCTION:
-EC_POINT_make_affine 3114 EXIST::FUNCTION:EC
-DSO_get_filename 3115 EXIST::FUNCTION:
-OCSP_CERTSTATUS_it 3116 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_CERTSTATUS_it 3116 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_request_add1_cert 3117 EXIST::FUNCTION:
-UI_get0_output_string 3118 EXIST::FUNCTION:
-UI_dup_verify_string 3119 EXIST::FUNCTION:
-BN_mod_lshift 3120 EXIST::FUNCTION:
-KRB5_AUTHDATA_it 3121 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_AUTHDATA_it 3121 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-asn1_set_choice_selector 3122 EXIST::FUNCTION:
-OCSP_basic_add1_status 3123 EXIST::FUNCTION:
-OCSP_RESPID_free 3124 EXIST::FUNCTION:
-asn1_get_field_ptr 3125 EXIST::FUNCTION:
-UI_add_input_string 3126 EXIST::FUNCTION:
-OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION:
-OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION:
-ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-USERNOTICE_it 3132 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_REQINFO_new 3133 EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext 3134 EXIST::FUNCTION:
-CRYPTO_get_ex_data_implementation 3135 EXIST:!VMS:FUNCTION:
-CRYPTO_get_ex_data_impl 3135 EXIST:VMS:FUNCTION:
-ASN1_item_pack 3136 EXIST::FUNCTION:
-i2d_KRB5_ENCDATA 3137 EXIST::FUNCTION:
-X509_PURPOSE_set 3138 EXIST::FUNCTION:
-X509_REQ_INFO_it 3139 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_REQ_INFO_it 3139 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_method_set_opener 3140 EXIST::FUNCTION:
-ASN1_item_ex_free 3141 EXIST::FUNCTION:
-ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_table_flags 3143 EXIST::FUNCTION:ENGINE
-UI_create_method 3144 EXIST::FUNCTION:
-OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION:
-_shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
-_shadow_DES_check_key 3146 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
-d2i_OCSP_REQINFO 3147 EXIST::FUNCTION:
-UI_add_info_string 3148 EXIST::FUNCTION:
-UI_get_result_minsize 3149 EXIST::FUNCTION:
-ASN1_NULL_it 3150 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_NULL_it 3150 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-BN_mod_lshift1 3151 EXIST::FUNCTION:
-d2i_OCSP_ONEREQ 3152 EXIST::FUNCTION:
-OCSP_ONEREQ_new 3153 EXIST::FUNCTION:
-KRB5_TICKET_it 3154 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_TICKET_it 3154 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_aes_192_cbc 3155 EXIST::FUNCTION:AES
-KRB5_TICKET_free 3156 EXIST::FUNCTION:
-UI_new 3157 EXIST::FUNCTION:
-OCSP_response_create 3158 EXIST::FUNCTION:
-_ossl_old_des_xcbc_encrypt 3159 EXIST::FUNCTION:DES
-PKCS7_it 3160 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION:
-OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION:
-ENGINE_set_flags 3162 EXIST::FUNCTION:ENGINE
-_ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES
-OCSP_response_get1_basic 3164 EXIST::FUNCTION:
-EVP_Digest 3165 EXIST::FUNCTION:
-OCSP_ONEREQ_delete_ext 3166 EXIST::FUNCTION:
-ASN1_TBOOLEAN_it 3167 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_TBOOLEAN_it 3167 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_item_new 3168 EXIST::FUNCTION:
-ASN1_TIME_to_generalizedtime 3169 EXIST::FUNCTION:
-BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AES_cbc_encrypt 3171 EXIST::FUNCTION:AES
-ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION:ENGINE
-OCSP_RESPONSE_free 3173 EXIST::FUNCTION:
-UI_method_set_reader 3174 EXIST::FUNCTION:
-i2d_ASN1_T61STRING 3175 EXIST::FUNCTION:
-EC_POINT_set_to_infinity 3176 EXIST::FUNCTION:EC
-ERR_load_OCSP_strings 3177 EXIST::FUNCTION:
-EC_POINT_point2oct 3178 EXIST::FUNCTION:EC
-KRB5_APREQ_free 3179 EXIST::FUNCTION:
-ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_crlID_new 3181 EXIST:!OS2,!VMS:FUNCTION:
-OCSP_crlID2_new 3181 EXIST:OS2,VMS:FUNCTION:
-CONF_modules_load_file 3182 EXIST::FUNCTION:
-CONF_imodule_set_usr_data 3183 EXIST::FUNCTION:
-ENGINE_set_default_string 3184 EXIST::FUNCTION:ENGINE
-CONF_module_get_usr_data 3185 EXIST::FUNCTION:
-ASN1_add_oid_module 3186 EXIST::FUNCTION:
-CONF_modules_finish 3187 EXIST::FUNCTION:
-OPENSSL_config 3188 EXIST::FUNCTION:
-CONF_modules_unload 3189 EXIST::FUNCTION:
-CONF_imodule_get_value 3190 EXIST::FUNCTION:
-CONF_module_set_usr_data 3191 EXIST::FUNCTION:
-CONF_parse_list 3192 EXIST::FUNCTION:
-CONF_module_add 3193 EXIST::FUNCTION:
-CONF_get1_default_config_file 3194 EXIST::FUNCTION:
-CONF_imodule_get_flags 3195 EXIST::FUNCTION:
-CONF_imodule_get_module 3196 EXIST::FUNCTION:
-CONF_modules_load 3197 EXIST::FUNCTION:
-CONF_imodule_get_name 3198 EXIST::FUNCTION:
-ERR_peek_top_error 3199 NOEXIST::FUNCTION:
-CONF_imodule_get_usr_data 3200 EXIST::FUNCTION:
-CONF_imodule_set_flags 3201 EXIST::FUNCTION:
-ENGINE_add_conf_module 3202 EXIST::FUNCTION:ENGINE
-ERR_peek_last_error_line 3203 EXIST::FUNCTION:
-ERR_peek_last_error_line_data 3204 EXIST::FUNCTION:
-ERR_peek_last_error 3205 EXIST::FUNCTION:
-DES_read_2passwords 3206 EXIST::FUNCTION:DES
-DES_read_password 3207 EXIST::FUNCTION:DES
-UI_UTIL_read_pw 3208 EXIST::FUNCTION:
-UI_UTIL_read_pw_string 3209 EXIST::FUNCTION:
-ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION:
-OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION:
-OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION:
-OPENSSL_add_all_algo_conf 3213 EXIST:VMS:FUNCTION:
-OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION:
-AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES
-AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES
-AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES
-ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES
-EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES
-EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES
-EVP_aes_128_cfb128 3222 EXIST::FUNCTION:AES
-EVP_aes_256_cfb128 3223 EXIST::FUNCTION:AES
-EVP_aes_128_ofb 3224 EXIST::FUNCTION:AES
-EVP_aes_192_cfb128 3225 EXIST::FUNCTION:AES
-CONF_modules_free 3226 EXIST::FUNCTION:
-NCONF_default 3227 EXIST::FUNCTION:
-OPENSSL_no_config 3228 EXIST::FUNCTION:
-NCONF_WIN32 3229 EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_new 3230 EXIST::FUNCTION:
-EVP_des_ede_ecb 3231 EXIST::FUNCTION:DES
-i2d_ASN1_UNIVERSALSTRING 3232 EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_free 3233 EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_it 3234 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_UNIVERSALSTRING_it 3234 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION:
-EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES
-X509_REQ_print_ex 3237 EXIST::FUNCTION:BIO
-ENGINE_up_ref 3238 EXIST::FUNCTION:ENGINE
-BUF_MEM_grow_clean 3239 EXIST::FUNCTION:
-CRYPTO_realloc_clean 3240 EXIST::FUNCTION:
-BUF_strlcat 3241 EXIST::FUNCTION:
-BIO_indent 3242 EXIST::FUNCTION:
-BUF_strlcpy 3243 EXIST::FUNCTION:
-OpenSSLDie 3244 EXIST::FUNCTION:
-OPENSSL_cleanse 3245 EXIST::FUNCTION:
-ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE
-ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH
-EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES
-FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
-FIPS_selftest_des 3250 NOEXIST::FUNCTION:
-EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
-EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
-FIPS_mode_set 3253 EXIST::FUNCTION:
-FIPS_selftest_dsa 3254 NOEXIST::FUNCTION:
-EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
-FIPS_allow_md5 3256 NOEXIST::FUNCTION:
-DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
-EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
-FIPS_rand_seeded 3259 NOEXIST::FUNCTION:
-AES_cfbr_encrypt_block 3260 NOEXIST::FUNCTION:
-AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES
-FIPS_rand_seed 3262 NOEXIST::FUNCTION:
-FIPS_corrupt_des 3263 NOEXIST::FUNCTION:
-EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES
-FIPS_selftest_aes 3265 NOEXIST::FUNCTION:
-FIPS_set_prng_key 3266 NOEXIST::FUNCTION:
-EVP_des_cfb8 3267 EXIST::FUNCTION:DES
-FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION:
-FIPS_test_mode 3269 NOEXIST::FUNCTION:
-FIPS_rand_method 3270 NOEXIST::FUNCTION:
-EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES
-ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION:
-FIPS_corrupt_aes 3273 NOEXIST::FUNCTION:
-FIPS_selftest_sha1 3274 NOEXIST::FUNCTION:
-FIPS_selftest_rsa 3275 NOEXIST::FUNCTION:
-FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION:
-EVP_des_cfb1 3277 EXIST::FUNCTION:DES
-FIPS_dsa_check 3278 NOEXIST::FUNCTION:
-AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
-EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
-FIPS_rand_check 3281 NOEXIST::FUNCTION:
-FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
-FIPS_mode 3283 EXIST::FUNCTION:
-FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
-sk_is_sorted 3285 EXIST::FUNCTION:
-X509_check_ca 3286 EXIST::FUNCTION:
-private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA
-HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC
-private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
-private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST
-private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
-private_RC5_32_set_key 3292 NOEXIST::FUNCTION:
-private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5
-private_RC4_set_key 3294 EXIST::FUNCTION:RC4
-private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2
-private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2
-private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4
-private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF
-private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2
-d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION:
-PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_PROXY_POLICY 3302 EXIST::FUNCTION:
-i2d_PROXY_CERT_INFO_EXTENSION 3303 EXIST::FUNCTION:
-d2i_PROXY_POLICY 3304 EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_new 3305 EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_free 3306 EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PROXY_POLICY_free 3308 EXIST::FUNCTION:
-PROXY_POLICY_new 3309 EXIST::FUNCTION:
-BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION:
-FIPS_selftest_rng 3311 NOEXIST::FUNCTION:
-EVP_sha384 3312 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-EVP_sha512 3313 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256
-EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256
-FIPS_selftest_hmac 3316 NOEXIST::FUNCTION:
-FIPS_corrupt_rng 3317 NOEXIST::FUNCTION:
-BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION:
-RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA
-RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA
-RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
-RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
-RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
-PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
-BN_X931_generate_Xpq 3325 EXIST::FUNCTION:
-RSA_X931_generate_key 3326 NOEXIST::FUNCTION:
-BN_X931_derive_prime 3327 NOEXIST::FUNCTION:
-BN_X931_generate_prime 3328 NOEXIST::FUNCTION:
-RSA_X931_derive 3329 NOEXIST::FUNCTION:
-BIO_new_dgram 3330 EXIST::FUNCTION:
-BN_get0_nist_prime_384 3331 EXIST::FUNCTION:
-ERR_set_mark 3332 EXIST::FUNCTION:
-X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION:
-ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE
-ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE
-STORE_meth_set_list_start_fn 3336 NOEXIST::FUNCTION:
-STORE_method_set_list_start_function 3336 NOEXIST::FUNCTION:
-BN_BLINDING_invert_ex 3337 EXIST::FUNCTION:
-NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION:
-STORE_ATTR_INFO_set_number 3339 NOEXIST::FUNCTION:
-BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION:DEPRECATED
-X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION:
-POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_parse_attrs_start 3343 NOEXIST::FUNCTION:
-POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION:
-EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION:
-BN_nist_mod_192 3346 EXIST::FUNCTION:
-EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC,EC2M
-STORE_set_method 3348 NOEXIST::FUNCTION:
-GENERAL_SUBTREE_free 3349 EXIST::FUNCTION:
-NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH
-PKCS12_add_safe 3352 EXIST::FUNCTION:
-EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC
-STORE_meth_get_update_store_fn 3354 NOEXIST::FUNCTION:
-STORE_method_get_update_store_function 3354 NOEXIST::FUNCTION:
-ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE
-SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC
-BN_get0_nist_prime_192 3358 EXIST::FUNCTION:
-STORE_modify_certificate 3359 NOEXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC,EC2M
-EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC,EC2M
-BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:EC2M
-STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION:
-X509_keyid_get0 3363 EXIST::FUNCTION:
-ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
-pitem_new 3365 EXIST::FUNCTION:
-BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:EC2M
-STORE_list_public_key_endp 3367 NOEXIST::FUNCTION:
-o2i_ECPublicKey 3368 EXIST::FUNCTION:EC
-EC_KEY_copy 3369 EXIST::FUNCTION:EC
-BIO_dump_fp 3370 EXIST::FUNCTION:FP_API
-X509_policy_node_get0_parent 3371 EXIST::FUNCTION:
-EC_GROUP_check_discriminant 3372 EXIST::FUNCTION:EC
-i2o_ECPublicKey 3373 EXIST::FUNCTION:EC
-EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC
-a2i_IPADDRESS 3375 EXIST::FUNCTION:
-STORE_meth_set_initialise_fn 3376 NOEXIST::FUNCTION:
-STORE_method_set_initialise_function 3376 NOEXIST::FUNCTION:
-X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION:
-X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION:
-EC_POINT_point2bn 3379 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION:
-X509_policy_tree_get0_policies 3381 EXIST::FUNCTION:
-EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC,EC2M
-STORE_destroy_method 3383 NOEXIST::FUNCTION:
-ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE
-EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_get0_number 3386 NOEXIST::FUNCTION:
-ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE
-EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC
-ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_delete_public_key 3390 NOEXIST::FUNCTION:
-STORE_get_public_key 3391 NOEXIST::FUNCTION:
-STORE_modify_arbitrary 3392 NOEXIST::FUNCTION:
-ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE
-pqueue_iterator 3394 EXIST::FUNCTION:
-ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA
-OPENSSL_DIR_end 3396 EXIST::FUNCTION:
-BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:EC2M
-EC_POINT_bn2point 3398 EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION:
-EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC
-STORE_get_method 3401 NOEXIST::FUNCTION:
-EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC
-ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA
-STORE_parse_attrs_end 3404 NOEXIST::FUNCTION:
-EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC
-EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC
-STORE_method_set_store_function 3406 NOEXIST::FUNCTION:
-STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION:
-PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC
-EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC,EC2M
-EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION:
-BN_BLINDING_set_flags 3411 EXIST::FUNCTION:
-X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION:
-X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION:
-X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION:
-STORE_get_number 3415 NOEXIST::FUNCTION:
-ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA
-BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:EC2M
-EC_KEY_up_ref 3418 EXIST::FUNCTION:EC
-POLICY_MAPPING_free 3419 EXIST::FUNCTION:
-BN_GF2m_mod_div 3420 EXIST::FUNCTION:EC2M
-X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION:
-EC_KEY_free 3422 EXIST::FUNCTION:EC
-STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION:
-STORE_method_set_list_next_function 3423 NOEXIST::FUNCTION:
-PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC
-d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC
-STORE_meth_get_generate_fn 3426 NOEXIST::FUNCTION:
-STORE_method_get_generate_function 3426 NOEXIST::FUNCTION:
-STORE_meth_set_list_end_fn 3427 NOEXIST::FUNCTION:
-STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION:
-pqueue_print 3428 EXIST::FUNCTION:
-EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC
-EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API
-BN_GF2m_mod_arr 3431 EXIST::FUNCTION:EC2M
-PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION:
-EVP_PKEY_cmp 3433 EXIST::FUNCTION:
-X509_policy_level_node_count 3434 EXIST::FUNCTION:
-STORE_new_engine 3435 NOEXIST::FUNCTION:
-STORE_list_public_key_start 3436 NOEXIST::FUNCTION:
-X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION:
-ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH
-EVP_PKEY_get_attr 3439 EXIST::FUNCTION:
-ECDSA_do_sign 3440 EXIST::FUNCTION:ECDSA
-ENGINE_unregister_ECDH 3441 EXIST::FUNCTION:ENGINE
-ECDH_OpenSSL 3442 EXIST::FUNCTION:ECDH
-EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC
-EC_POINT_dup 3444 EXIST::FUNCTION:EC
-GENERAL_SUBTREE_new 3445 EXIST::FUNCTION:
-STORE_list_crl_endp 3446 NOEXIST::FUNCTION:
-EC_get_builtin_curves 3447 EXIST::FUNCTION:EC
-X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION:
-X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION:
-STORE_list_crl_end 3449 NOEXIST::FUNCTION:
-EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC
-BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:EC2M
-i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC
-ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API
-pqueue_find 3454 EXIST::FUNCTION:
-ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA
-PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC
-STORE_method_set_ctrl_function 3457 NOEXIST::FUNCTION:
-STORE_list_public_key_end 3458 NOEXIST::FUNCTION:
-EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC
-pqueue_peek 3460 EXIST::FUNCTION:
-STORE_get_arbitrary 3461 NOEXIST::FUNCTION:
-STORE_store_crl 3462 NOEXIST::FUNCTION:
-X509_policy_node_get0_policy 3463 EXIST::FUNCTION:
-PKCS12_add_safes 3464 EXIST::FUNCTION:
-BN_BLINDING_convert_ex 3465 EXIST::FUNCTION:
-X509_policy_tree_free 3466 EXIST::FUNCTION:
-OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION:
-BN_GF2m_poly2arr 3468 EXIST::FUNCTION:EC2M
-STORE_ctrl 3469 NOEXIST::FUNCTION:
-STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION:
-BN_get0_nist_prime_224 3471 EXIST::FUNCTION:
-i2d_ECParameters 3472 EXIST::FUNCTION:EC
-i2d_ECPKParameters 3473 EXIST::FUNCTION:EC
-BN_GENCB_call 3474 EXIST::FUNCTION:
-d2i_ECPKParameters 3475 EXIST::FUNCTION:EC
-STORE_meth_set_generate_fn 3476 NOEXIST::FUNCTION:
-STORE_method_set_generate_function 3476 NOEXIST::FUNCTION:
-ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE
-NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION:
-SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256
-EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC
-PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_cstr 3482 NOEXIST::FUNCTION:
-STORE_list_crl_next 3483 NOEXIST::FUNCTION:
-STORE_ATTR_INFO_in_range 3484 NOEXIST::FUNCTION:
-ECParameters_print 3485 EXIST::FUNCTION:BIO,EC
-STORE_meth_set_delete_fn 3486 NOEXIST::FUNCTION:
-STORE_method_set_delete_function 3486 NOEXIST::FUNCTION:
-STORE_list_certificate_next 3487 NOEXIST::FUNCTION:
-ASN1_generate_nconf 3488 EXIST::FUNCTION:
-BUF_memdup 3489 EXIST::FUNCTION:
-BN_GF2m_mod_mul 3490 EXIST::FUNCTION:EC2M
-STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION:
-STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION:
-STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION:
-STORE_list_private_key_next 3493 NOEXIST::FUNCTION:
-EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION:
-STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION:
-STORE_get_private_key 3497 NOEXIST::FUNCTION:
-EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION:
-STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION:
-EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC,EC2M
-STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION:
-STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION:
-STORE_store_number 3502 NOEXIST::FUNCTION:
-BN_is_prime_ex 3503 EXIST::FUNCTION:
-STORE_revoke_public_key 3504 NOEXIST::FUNCTION:
-X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION:
-STORE_delete_arbitrary 3506 NOEXIST::FUNCTION:
-PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION:
-X509_STORE_set_depth 3508 EXIST::FUNCTION:
-ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA
-SHA224 3510 EXIST::FUNCTION:SHA,SHA256
-BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API
-EC_KEY_set_group 3512 EXIST::FUNCTION:EC
-BUF_strndup 3513 EXIST::FUNCTION:
-STORE_list_certificate_start 3514 NOEXIST::FUNCTION:
-BN_GF2m_mod 3515 EXIST::FUNCTION:EC2M
-X509_REQ_check_private_key 3516 EXIST::FUNCTION:
-EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC
-ERR_load_STORE_strings 3518 NOEXIST::FUNCTION:
-PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC
-STORE_list_private_key_end 3520 NOEXIST::FUNCTION:
-i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC
-ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA
-ASN1_put_eoc 3523 EXIST::FUNCTION:
-X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION:
-X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION:
-X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION:
-STORE_modify_private_key 3526 NOEXIST::FUNCTION:
-X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION:
-EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC
-EC_GFp_nist_method 3529 EXIST::FUNCTION:EC
-STORE_meth_set_modify_fn 3530 NOEXIST::FUNCTION:
-STORE_method_set_modify_function 3530 NOEXIST::FUNCTION:
-STORE_parse_attrs_next 3531 NOEXIST::FUNCTION:
-ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC
-X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_meth_get_revoke_fn 3535 NOEXIST::FUNCTION:
-STORE_method_get_revoke_function 3535 NOEXIST::FUNCTION:
-STORE_method_set_get_function 3536 NOEXIST::FUNCTION:
-STORE_modify_number 3537 NOEXIST::FUNCTION:
-STORE_method_get_store_function 3538 NOEXIST::FUNCTION:
-STORE_store_private_key 3539 NOEXIST::FUNCTION:
-BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:EC2M
-RSA_setup_blinding 3541 EXIST::FUNCTION:RSA
-BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM
-STORE_Memory 3543 NOEXIST::FUNCTION:
-sk_find_ex 3544 EXIST::FUNCTION:
-EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC,EC2M
-ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE
-POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION:
-BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:EC2M
-ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH
-EC_KEY_generate_key 3550 EXIST::FUNCTION:EC
-SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-BN_GF2m_arr2poly 3552 EXIST::FUNCTION:EC2M
-STORE_method_get_get_function 3553 NOEXIST::FUNCTION:
-STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION:
-STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION:
-EC_GROUP_check 3555 EXIST::FUNCTION:EC
-d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC
-EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC
-STORE_meth_get_lock_store_fn 3558 NOEXIST::FUNCTION:
-STORE_method_get_lock_store_function 3558 NOEXIST::FUNCTION:
-X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION:
-SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256
-STORE_meth_set_update_store_fn 3561 NOEXIST::FUNCTION:
-STORE_method_set_update_store_function 3561 NOEXIST::FUNCTION:
-SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256
-d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC
-ASN1_item_ndef_i2d 3564 EXIST::FUNCTION:
-STORE_delete_private_key 3565 NOEXIST::FUNCTION:
-ERR_pop_to_mark 3566 EXIST::FUNCTION:
-ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE
-X509_policy_level_get0_node 3568 EXIST::FUNCTION:
-i2d_PKCS7_NDEF 3569 EXIST::FUNCTION:
-EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC
-ASN1_generate_v3 3571 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION:
-X509_policy_tree_level_count 3573 EXIST::FUNCTION:
-BN_GF2m_add 3574 EXIST::FUNCTION:EC2M
-EC_KEY_get0_group 3575 EXIST::FUNCTION:EC
-STORE_generate_crl 3576 NOEXIST::FUNCTION:
-STORE_store_public_key 3577 NOEXIST::FUNCTION:
-X509_CERT_PAIR_free 3578 EXIST::FUNCTION:
-STORE_revoke_private_key 3579 NOEXIST::FUNCTION:
-BN_nist_mod_224 3580 EXIST::FUNCTION:
-SHA512_Final 3581 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-STORE_ATTR_INFO_modify_dn 3582 NOEXIST::FUNCTION:
-STORE_meth_get_initialise_fn 3583 NOEXIST::FUNCTION:
-STORE_method_get_initialise_function 3583 NOEXIST::FUNCTION:
-STORE_delete_number 3584 NOEXIST::FUNCTION:
-i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC
-BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION:
-EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_in_ex 3588 NOEXIST::FUNCTION:
-STORE_list_crl_start 3589 NOEXIST::FUNCTION:
-ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH
-STORE_meth_get_modify_fn 3591 NOEXIST::FUNCTION:
-STORE_method_get_modify_function 3591 NOEXIST::FUNCTION:
-v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION:
-STORE_store_certificate 3593 NOEXIST::FUNCTION:
-OBJ_bsearch_ex 3594 NOEXIST::FUNCTION:
-X509_STORE_CTX_set_default 3595 EXIST::FUNCTION:
-STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION:
-BN_GF2m_mod_inv 3597 EXIST::FUNCTION:EC2M
-BN_GF2m_mod_exp 3598 EXIST::FUNCTION:EC2M
-STORE_modify_public_key 3599 NOEXIST::FUNCTION:
-STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION:
-STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION:
-EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC
-STORE_store_arbitrary 3602 NOEXIST::FUNCTION:
-STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION:
-STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION:
-BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:EC2M
-ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE
-STORE_create_method 3606 NOEXIST::FUNCTION:
-ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC
-EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC
-PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC
-X509_VERIFY_PARAM_set1 3610 EXIST::FUNCTION:
-ECDH_set_method 3611 EXIST::FUNCTION:ECDH
-v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION:
-ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH
-STORE_generate_key 3614 NOEXIST::FUNCTION:
-BN_nist_mod_521 3615 EXIST::FUNCTION:
-X509_policy_tree_get0_level 3616 EXIST::FUNCTION:
-EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC
-EC_GROUP_set_point_conv_form 3617 EXIST:VMS:FUNCTION:EC
-PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC
-i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA
-ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA
-STORE_delete_crl 3621 NOEXIST::FUNCTION:
-EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC
-ASN1_const_check_infinite_end 3623 EXIST::FUNCTION:
-EVP_PKEY_delete_attr 3624 EXIST::FUNCTION:
-ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA
-EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC,EC2M
-EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC,EC2M
-EC_GROUP_cmp 3627 EXIST::FUNCTION:EC
-STORE_revoke_certificate 3628 NOEXIST::FUNCTION:
-BN_get0_nist_prime_256 3629 EXIST::FUNCTION:
-STORE_meth_get_delete_fn 3630 NOEXIST::FUNCTION:
-STORE_method_get_delete_function 3630 NOEXIST::FUNCTION:
-SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256
-PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC
-SHA512_Init 3633 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-STORE_parse_attrs_endp 3634 NOEXIST::FUNCTION:
-BN_set_negative 3635 EXIST::FUNCTION:
-ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA
-EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC
-STORE_list_public_key_next 3638 NOEXIST::FUNCTION:
-i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION:
-STORE_OBJECT_free 3640 NOEXIST::FUNCTION:
-BN_nist_mod_384 3641 EXIST::FUNCTION:
-i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION:
-PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC
-ECDH_compute_key 3644 EXIST::FUNCTION:ECDH
-STORE_ATTR_INFO_get0_sha1str 3645 NOEXIST::FUNCTION:
-ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE
-pqueue_pop 3647 EXIST::FUNCTION:
-STORE_ATTR_INFO_get0_cstr 3648 NOEXIST::FUNCTION:
-POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_get_ex_new_index 3650 NOEXIST::FUNCTION:
-EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION:
-X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION:
-BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:EC2M
-SHA256 3654 EXIST::FUNCTION:SHA,SHA256
-i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API
-X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION:
-X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION:
-OPENSSL_DIR_read 3657 EXIST::FUNCTION:
-ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE
-X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC,EC2M
-EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC,EC2M
-EC_GROUP_dup 3661 EXIST::FUNCTION:EC
-ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE
-EC_KEY_new 3663 EXIST::FUNCTION:EC
-SHA256_Transform 3664 EXIST::FUNCTION:SHA,SHA256
-EC_KEY_set_enc_flags 3665 EXIST::FUNCTION:EC
-ECDSA_verify 3666 EXIST::FUNCTION:ECDSA
-EC_POINT_point2hex 3667 EXIST::FUNCTION:EC
-ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE
-SHA512 3669 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-STORE_get_certificate 3670 NOEXIST::FUNCTION:
-ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA
-ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA
-d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API
-STORE_delete_certificate 3674 NOEXIST::FUNCTION:
-SHA512_Transform 3675 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-X509_STORE_set1_param 3676 EXIST::FUNCTION:
-STORE_method_get_ctrl_function 3677 NOEXIST::FUNCTION:
-STORE_free 3678 NOEXIST::FUNCTION:
-PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC
-STORE_meth_get_unlock_store_fn 3680 NOEXIST::FUNCTION:
-STORE_method_get_unlock_store_function 3680 NOEXIST::FUNCTION:
-STORE_get_ex_data 3681 NOEXIST::FUNCTION:
-EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC
-PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC
-X509_CERT_PAIR_new 3684 EXIST::FUNCTION:
-ENGINE_register_STORE 3685 EXIST::FUNCTION:ENGINE
-RSA_generate_key_ex 3686 EXIST::FUNCTION:RSA
-DSA_generate_parameters_ex 3687 EXIST::FUNCTION:DSA
-ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API
-X509V3_NAME_from_section 3689 EXIST::FUNCTION:
-EVP_PKEY_add1_attr 3690 EXIST::FUNCTION:
-STORE_modify_crl 3691 NOEXIST::FUNCTION:
-STORE_list_private_key_start 3692 NOEXIST::FUNCTION:
-POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_SUBTREE_it 3694 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_get_curve_name 3695 EXIST::FUNCTION:EC
-PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION:
-BIO_dump_indent_cb 3697 EXIST::FUNCTION:
-d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION:
-STORE_list_private_key_endp 3699 NOEXIST::FUNCTION:
-asn1_const_Finish 3700 EXIST::FUNCTION:
-i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API
-BN_nist_mod_256 3702 EXIST::FUNCTION:
-X509_VERIFY_PARAM_add0_table 3703 EXIST::FUNCTION:
-pqueue_free 3704 EXIST::FUNCTION:
-BN_BLINDING_create_param 3705 EXIST::FUNCTION:
-ECDSA_size 3706 EXIST::FUNCTION:ECDSA
-d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC
-BN_get0_nist_prime_521 3708 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_sha1str 3709 NOEXIST::FUNCTION:
-BN_generate_prime_ex 3710 EXIST::FUNCTION:
-EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC
-SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256
-DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH
-PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC
-STORE_meth_get_cleanup_fn 3715 NOEXIST::FUNCTION:
-STORE_method_get_cleanup_function 3715 NOEXIST::FUNCTION:
-ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE
-d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA
-BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION:
-ECDSA_sign 3719 EXIST::FUNCTION:ECDSA
-X509_policy_check 3720 EXIST::FUNCTION:
-EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION:
-STORE_set_ex_data 3722 NOEXIST::FUNCTION:
-ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE
-EVP_ecdsa 3724 EXIST::FUNCTION:SHA
-BN_BLINDING_get_flags 3725 EXIST::FUNCTION:
-PKCS12_add_cert 3726 EXIST::FUNCTION:
-STORE_OBJECT_new 3727 NOEXIST::FUNCTION:
-ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH
-EC_KEY_dup 3729 EXIST::FUNCTION:EC
-EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION:
-ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA
-a2i_IPADDRESS_NC 3732 EXIST::FUNCTION:
-d2i_ECParameters 3733 EXIST::FUNCTION:EC
-STORE_list_certificate_end 3734 NOEXIST::FUNCTION:
-STORE_get_crl 3735 NOEXIST::FUNCTION:
-X509_POLICY_NODE_print 3736 EXIST::FUNCTION:
-SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC,EC2M
-ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA
-SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-PKCS7_set_digest 3741 EXIST::FUNCTION:
-EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC
-STORE_meth_set_lock_store_fn 3743 NOEXIST::FUNCTION:
-STORE_method_set_lock_store_function 3743 NOEXIST::FUNCTION:
-ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA
-SHA384 3745 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-POLICY_MAPPING_new 3746 EXIST::FUNCTION:
-STORE_list_certificate_endp 3747 NOEXIST::FUNCTION:
-X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION:
-EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC
-EC_KEY_check_key 3750 EXIST::FUNCTION:EC
-d2i_EC_PUBKEY_fp 3751 EXIST::FUNCTION:EC,FP_API
-PKCS7_set0_type_other 3752 EXIST::FUNCTION:
-PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION:
-pqueue_next 3754 EXIST::FUNCTION:
-STORE_meth_get_list_end_fn 3755 NOEXIST::FUNCTION:
-STORE_method_get_list_end_function 3755 NOEXIST::FUNCTION:
-EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION:
-X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION:
-pqueue_new 3758 EXIST::FUNCTION:
-ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE
-STORE_new_method 3760 NOEXIST::FUNCTION:
-PKCS12_add_key 3761 EXIST::FUNCTION:
-DSO_merge 3762 EXIST::FUNCTION:
-EC_POINT_hex2point 3763 EXIST::FUNCTION:EC
-BIO_dump_cb 3764 EXIST::FUNCTION:
-SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256
-pqueue_insert 3766 EXIST::FUNCTION:
-pitem_free 3767 EXIST::FUNCTION:
-BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:EC2M
-ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE
-BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED
-get_rfc3526_prime_8192 3771 EXIST::FUNCTION:
-X509_VERIFY_PARAM_clear_flags 3772 EXIST::FUNCTION:
-get_rfc2409_prime_1024 3773 EXIST::FUNCTION:
-DH_check_pub_key 3774 EXIST::FUNCTION:DH
-get_rfc3526_prime_2048 3775 EXIST::FUNCTION:
-get_rfc3526_prime_6144 3776 EXIST::FUNCTION:
-get_rfc3526_prime_1536 3777 EXIST::FUNCTION:
-get_rfc3526_prime_3072 3778 EXIST::FUNCTION:
-get_rfc3526_prime_4096 3779 EXIST::FUNCTION:
-get_rfc2409_prime_768 3780 EXIST::FUNCTION:
-X509_VERIFY_PARAM_get_flags 3781 EXIST::FUNCTION:
-EVP_CIPHER_CTX_new 3782 EXIST::FUNCTION:
-EVP_CIPHER_CTX_free 3783 EXIST::FUNCTION:
-Camellia_cbc_encrypt 3784 EXIST::FUNCTION:CAMELLIA
-Camellia_cfb128_encrypt 3785 EXIST::FUNCTION:CAMELLIA
-Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA
-Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA
-Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA
-Camellia_cfbr_encrypt_block 3789 NOEXIST::FUNCTION:
-Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA
-Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA
-Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA
-Camellia_ofb128_encrypt 3793 EXIST::FUNCTION:CAMELLIA
-Camellia_set_key 3794 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_128_cbc 3795 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_128_cfb128 3796 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_128_cfb1 3797 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_128_cfb8 3798 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_128_ecb 3799 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_128_ofb 3800 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_192_cbc 3801 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_192_cfb128 3802 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_192_cfb1 3803 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_192_cfb8 3804 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_192_ecb 3805 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_192_ofb 3806 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_256_cbc 3807 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_256_cfb128 3808 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_256_cfb1 3809 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_256_cfb8 3810 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_256_ecb 3811 EXIST::FUNCTION:CAMELLIA
-EVP_camellia_256_ofb 3812 EXIST::FUNCTION:CAMELLIA
-a2i_ipadd 3813 EXIST::FUNCTION:
-ASIdentifiers_free 3814 EXIST::FUNCTION:RFC3779
-i2d_ASIdOrRange 3815 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_block_size 3816 EXIST::FUNCTION:
-v3_asid_is_canonical 3817 EXIST::FUNCTION:RFC3779
-IPAddressChoice_free 3818 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_CTX_set_app_data 3819 EXIST::FUNCTION:
-BIO_set_callback_arg 3820 EXIST::FUNCTION:
-v3_addr_add_prefix 3821 EXIST::FUNCTION:RFC3779
-IPAddressOrRange_it 3822 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-IPAddressOrRange_it 3822 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-BIO_set_flags 3823 EXIST::FUNCTION:
-ASIdentifiers_it 3824 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-ASIdentifiers_it 3824 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-v3_addr_get_range 3825 EXIST::FUNCTION:RFC3779
-BIO_method_type 3826 EXIST::FUNCTION:
-v3_addr_inherits 3827 EXIST::FUNCTION:RFC3779
-IPAddressChoice_it 3828 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-IPAddressChoice_it 3828 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-AES_ige_encrypt 3829 EXIST::FUNCTION:AES
-v3_addr_add_range 3830 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_CTX_nid 3831 EXIST::FUNCTION:
-d2i_ASRange 3832 EXIST::FUNCTION:RFC3779
-v3_addr_add_inherit 3833 EXIST::FUNCTION:RFC3779
-v3_asid_add_id_or_range 3834 EXIST::FUNCTION:RFC3779
-v3_addr_validate_resource_set 3835 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_iv_length 3836 EXIST::FUNCTION:
-EVP_MD_type 3837 EXIST::FUNCTION:
-v3_asid_canonize 3838 EXIST::FUNCTION:RFC3779
-IPAddressRange_free 3839 EXIST::FUNCTION:RFC3779
-v3_asid_add_inherit 3840 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_CTX_key_length 3841 EXIST::FUNCTION:
-IPAddressRange_new 3842 EXIST::FUNCTION:RFC3779
-ASIdOrRange_new 3843 EXIST::FUNCTION:RFC3779
-EVP_MD_size 3844 EXIST::FUNCTION:
-EVP_MD_CTX_test_flags 3845 EXIST::FUNCTION:
-BIO_clear_flags 3846 EXIST::FUNCTION:
-i2d_ASRange 3847 EXIST::FUNCTION:RFC3779
-IPAddressRange_it 3848 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-IPAddressRange_it 3848 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-IPAddressChoice_new 3849 EXIST::FUNCTION:RFC3779
-ASIdentifierChoice_new 3850 EXIST::FUNCTION:RFC3779
-ASRange_free 3851 EXIST::FUNCTION:RFC3779
-EVP_MD_pkey_type 3852 EXIST::FUNCTION:
-EVP_MD_CTX_clear_flags 3853 EXIST::FUNCTION:
-IPAddressFamily_free 3854 EXIST::FUNCTION:RFC3779
-i2d_IPAddressFamily 3855 EXIST::FUNCTION:RFC3779
-IPAddressOrRange_new 3856 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_flags 3857 EXIST::FUNCTION:
-v3_asid_validate_resource_set 3858 EXIST::FUNCTION:RFC3779
-d2i_IPAddressRange 3859 EXIST::FUNCTION:RFC3779
-AES_bi_ige_encrypt 3860 EXIST::FUNCTION:AES
-BIO_get_callback 3861 EXIST::FUNCTION:
-IPAddressOrRange_free 3862 EXIST::FUNCTION:RFC3779
-v3_addr_subset 3863 EXIST::FUNCTION:RFC3779
-d2i_IPAddressFamily 3864 EXIST::FUNCTION:RFC3779
-v3_asid_subset 3865 EXIST::FUNCTION:RFC3779
-BIO_test_flags 3866 EXIST::FUNCTION:
-i2d_ASIdentifierChoice 3867 EXIST::FUNCTION:RFC3779
-ASRange_it 3868 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-ASRange_it 3868 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-d2i_ASIdentifiers 3869 EXIST::FUNCTION:RFC3779
-ASRange_new 3870 EXIST::FUNCTION:RFC3779
-d2i_IPAddressChoice 3871 EXIST::FUNCTION:RFC3779
-v3_addr_get_afi 3872 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_key_length 3873 EXIST::FUNCTION:
-EVP_Cipher 3874 EXIST::FUNCTION:
-i2d_IPAddressOrRange 3875 EXIST::FUNCTION:RFC3779
-ASIdOrRange_it 3876 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-ASIdOrRange_it 3876 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-EVP_CIPHER_nid 3877 EXIST::FUNCTION:
-i2d_IPAddressChoice 3878 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_CTX_block_size 3879 EXIST::FUNCTION:
-ASIdentifiers_new 3880 EXIST::FUNCTION:RFC3779
-v3_addr_validate_path 3881 EXIST::FUNCTION:RFC3779
-IPAddressFamily_new 3882 EXIST::FUNCTION:RFC3779
-EVP_MD_CTX_set_flags 3883 EXIST::FUNCTION:
-v3_addr_is_canonical 3884 EXIST::FUNCTION:RFC3779
-i2d_IPAddressRange 3885 EXIST::FUNCTION:RFC3779
-IPAddressFamily_it 3886 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-IPAddressFamily_it 3886 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-v3_asid_inherits 3887 EXIST::FUNCTION:RFC3779
-EVP_CIPHER_CTX_cipher 3888 EXIST::FUNCTION:
-EVP_CIPHER_CTX_get_app_data 3889 EXIST::FUNCTION:
-EVP_MD_block_size 3890 EXIST::FUNCTION:
-EVP_CIPHER_CTX_flags 3891 EXIST::FUNCTION:
-v3_asid_validate_path 3892 EXIST::FUNCTION:RFC3779
-d2i_IPAddressOrRange 3893 EXIST::FUNCTION:RFC3779
-v3_addr_canonize 3894 EXIST::FUNCTION:RFC3779
-ASIdentifierChoice_it 3895 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
-ASIdentifierChoice_it 3895 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
-EVP_MD_CTX_md 3896 EXIST::FUNCTION:
-d2i_ASIdentifierChoice 3897 EXIST::FUNCTION:RFC3779
-BIO_method_name 3898 EXIST::FUNCTION:
-EVP_CIPHER_CTX_iv_length 3899 EXIST::FUNCTION:
-ASIdOrRange_free 3900 EXIST::FUNCTION:RFC3779
-ASIdentifierChoice_free 3901 EXIST::FUNCTION:RFC3779
-BIO_get_callback_arg 3902 EXIST::FUNCTION:
-BIO_set_callback 3903 EXIST::FUNCTION:
-d2i_ASIdOrRange 3904 EXIST::FUNCTION:RFC3779
-i2d_ASIdentifiers 3905 EXIST::FUNCTION:RFC3779
-CRYPTO_memcmp 3906 EXIST::FUNCTION:
-BN_consttime_swap 3907 EXIST::FUNCTION:
-SEED_decrypt 3908 EXIST::FUNCTION:SEED
-SEED_encrypt 3909 EXIST::FUNCTION:SEED
-SEED_cbc_encrypt 3910 EXIST::FUNCTION:SEED
-EVP_seed_ofb 3911 EXIST::FUNCTION:SEED
-SEED_cfb128_encrypt 3912 EXIST::FUNCTION:SEED
-SEED_ofb128_encrypt 3913 EXIST::FUNCTION:SEED
-EVP_seed_cbc 3914 EXIST::FUNCTION:SEED
-SEED_ecb_encrypt 3915 EXIST::FUNCTION:SEED
-EVP_seed_ecb 3916 EXIST::FUNCTION:SEED
-SEED_set_key 3917 EXIST::FUNCTION:SEED
-EVP_seed_cfb128 3918 EXIST::FUNCTION:SEED
-X509_EXTENSIONS_it 3919 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_EXTENSIONS_it 3919 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_get1_ocsp 3920 EXIST::FUNCTION:
-OCSP_REQ_CTX_free 3921 EXIST::FUNCTION:
-i2d_X509_EXTENSIONS 3922 EXIST::FUNCTION:
-OCSP_sendreq_nbio 3923 EXIST::FUNCTION:
-OCSP_sendreq_new 3924 EXIST::FUNCTION:
-d2i_X509_EXTENSIONS 3925 EXIST::FUNCTION:
-X509_ALGORS_it 3926 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_ALGORS_it 3926 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_ALGOR_get0 3927 EXIST::FUNCTION:
-X509_ALGOR_set0 3928 EXIST::FUNCTION:
-AES_unwrap_key 3929 EXIST::FUNCTION:AES
-AES_wrap_key 3930 EXIST::FUNCTION:AES
-X509at_get0_data_by_OBJ 3931 EXIST::FUNCTION:
-ASN1_TYPE_set1 3932 EXIST::FUNCTION:
-ASN1_STRING_set0 3933 EXIST::FUNCTION:
-i2d_X509_ALGORS 3934 EXIST::FUNCTION:
-BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:
-COMP_zlib_cleanup 3936 EXIST::FUNCTION:
-d2i_X509_ALGORS 3937 EXIST::FUNCTION:
-CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS
-PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS
-CMS_add0_CertificateChoices 3940 EXIST::FUNCTION:CMS
-CMS_unsigned_add1_attr_by_OBJ 3941 EXIST::FUNCTION:CMS
-ERR_load_CMS_strings 3942 EXIST::FUNCTION:CMS
-CMS_sign_receipt 3943 EXIST::FUNCTION:CMS
-i2d_CMS_ContentInfo 3944 EXIST::FUNCTION:CMS
-CMS_signed_delete_attr 3945 EXIST::FUNCTION:CMS
-d2i_CMS_bio 3946 EXIST::FUNCTION:CMS
-CMS_unsigned_get_attr_by_NID 3947 EXIST::FUNCTION:CMS
-CMS_verify 3948 EXIST::FUNCTION:CMS
-SMIME_read_CMS 3949 EXIST::FUNCTION:CMS
-CMS_decrypt_set1_key 3950 EXIST::FUNCTION:CMS
-CMS_SignerInfo_get0_algs 3951 EXIST::FUNCTION:CMS
-CMS_add1_cert 3952 EXIST::FUNCTION:CMS
-CMS_set_detached 3953 EXIST::FUNCTION:CMS
-CMS_encrypt 3954 EXIST::FUNCTION:CMS
-CMS_EnvelopedData_create 3955 EXIST::FUNCTION:CMS
-CMS_uncompress 3956 EXIST::FUNCTION:CMS
-CMS_add0_crl 3957 EXIST::FUNCTION:CMS
-CMS_SignerInfo_verify_content 3958 EXIST::FUNCTION:CMS
-CMS_unsigned_get0_data_by_OBJ 3959 EXIST::FUNCTION:CMS
-PEM_write_bio_CMS 3960 EXIST::FUNCTION:CMS
-CMS_unsigned_get_attr 3961 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_ktri_cert_cmp 3962 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_ktri_get0_algs 3963 EXIST:!VMS:FUNCTION:CMS
-CMS_RecipInfo_ktri_get0_algs 3963 EXIST:VMS:FUNCTION:CMS
-CMS_ContentInfo_free 3964 EXIST::FUNCTION:CMS
-CMS_final 3965 EXIST::FUNCTION:CMS
-CMS_add_simple_smimecap 3966 EXIST::FUNCTION:CMS
-CMS_SignerInfo_verify 3967 EXIST::FUNCTION:CMS
-CMS_data 3968 EXIST::FUNCTION:CMS
-CMS_ContentInfo_it 3969 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
-CMS_ContentInfo_it 3969 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
-d2i_CMS_ReceiptRequest 3970 EXIST::FUNCTION:CMS
-CMS_compress 3971 EXIST::FUNCTION:CMS
-CMS_digest_create 3972 EXIST::FUNCTION:CMS
-CMS_SignerInfo_cert_cmp 3973 EXIST::FUNCTION:CMS
-CMS_SignerInfo_sign 3974 EXIST::FUNCTION:CMS
-CMS_data_create 3975 EXIST::FUNCTION:CMS
-i2d_CMS_bio 3976 EXIST::FUNCTION:CMS
-CMS_EncryptedData_set1_key 3977 EXIST::FUNCTION:CMS
-CMS_decrypt 3978 EXIST::FUNCTION:CMS
-int_smime_write_ASN1 3979 NOEXIST::FUNCTION:
-CMS_unsigned_delete_attr 3980 EXIST::FUNCTION:CMS
-CMS_unsigned_get_attr_count 3981 EXIST::FUNCTION:CMS
-CMS_add_smimecap 3982 EXIST::FUNCTION:CMS
-PEM_read_CMS 3983 EXIST:!WIN16:FUNCTION:CMS
-CMS_signed_get_attr_by_OBJ 3984 EXIST::FUNCTION:CMS
-d2i_CMS_ContentInfo 3985 EXIST::FUNCTION:CMS
-CMS_add_standard_smimecap 3986 EXIST::FUNCTION:CMS
-CMS_ContentInfo_new 3987 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_type 3988 EXIST::FUNCTION:CMS
-CMS_get0_type 3989 EXIST::FUNCTION:CMS
-CMS_is_detached 3990 EXIST::FUNCTION:CMS
-CMS_sign 3991 EXIST::FUNCTION:CMS
-CMS_signed_add1_attr 3992 EXIST::FUNCTION:CMS
-CMS_unsigned_get_attr_by_OBJ 3993 EXIST::FUNCTION:CMS
-SMIME_write_CMS 3994 EXIST::FUNCTION:CMS
-CMS_EncryptedData_decrypt 3995 EXIST::FUNCTION:CMS
-CMS_get0_RecipientInfos 3996 EXIST::FUNCTION:CMS
-CMS_add0_RevocationInfoChoice 3997 EXIST::FUNCTION:CMS
-CMS_decrypt_set1_pkey 3998 EXIST::FUNCTION:CMS
-CMS_SignerInfo_set1_signer_cert 3999 EXIST::FUNCTION:CMS
-CMS_get0_signers 4000 EXIST::FUNCTION:CMS
-CMS_ReceiptRequest_get0_values 4001 EXIST::FUNCTION:CMS
-CMS_signed_get0_data_by_OBJ 4002 EXIST::FUNCTION:CMS
-CMS_get0_SignerInfos 4003 EXIST::FUNCTION:CMS
-CMS_add0_cert 4004 EXIST::FUNCTION:CMS
-CMS_EncryptedData_encrypt 4005 EXIST::FUNCTION:CMS
-CMS_digest_verify 4006 EXIST::FUNCTION:CMS
-CMS_set1_signers_certs 4007 EXIST::FUNCTION:CMS
-CMS_signed_get_attr 4008 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_set0_key 4009 EXIST::FUNCTION:CMS
-CMS_SignedData_init 4010 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_kekri_get0_id 4011 EXIST::FUNCTION:CMS
-CMS_verify_receipt 4012 EXIST::FUNCTION:CMS
-CMS_ReceiptRequest_it 4013 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
-CMS_ReceiptRequest_it 4013 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
-PEM_read_bio_CMS 4014 EXIST::FUNCTION:CMS
-CMS_get1_crls 4015 EXIST::FUNCTION:CMS
-CMS_add0_recipient_key 4016 EXIST::FUNCTION:CMS
-SMIME_read_ASN1 4017 EXIST::FUNCTION:
-CMS_ReceiptRequest_new 4018 EXIST::FUNCTION:CMS
-CMS_get0_content 4019 EXIST::FUNCTION:CMS
-CMS_get1_ReceiptRequest 4020 EXIST::FUNCTION:CMS
-CMS_signed_add1_attr_by_OBJ 4021 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_kekri_id_cmp 4022 EXIST::FUNCTION:CMS
-CMS_add1_ReceiptRequest 4023 EXIST::FUNCTION:CMS
-CMS_SignerInfo_get0_signer_id 4024 EXIST::FUNCTION:CMS
-CMS_unsigned_add1_attr_by_NID 4025 EXIST::FUNCTION:CMS
-CMS_unsigned_add1_attr 4026 EXIST::FUNCTION:CMS
-CMS_signed_get_attr_by_NID 4027 EXIST::FUNCTION:CMS
-CMS_get1_certs 4028 EXIST::FUNCTION:CMS
-CMS_signed_add1_attr_by_NID 4029 EXIST::FUNCTION:CMS
-CMS_unsigned_add1_attr_by_txt 4030 EXIST::FUNCTION:CMS
-CMS_dataFinal 4031 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_ktri_get0_signer_id 4032 EXIST:!VMS:FUNCTION:CMS
-CMS_RecipInfo_ktri_get0_sigr_id 4032 EXIST:VMS:FUNCTION:CMS
-i2d_CMS_ReceiptRequest 4033 EXIST::FUNCTION:CMS
-CMS_add1_recipient_cert 4034 EXIST::FUNCTION:CMS
-CMS_dataInit 4035 EXIST::FUNCTION:CMS
-CMS_signed_add1_attr_by_txt 4036 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_decrypt 4037 EXIST::FUNCTION:CMS
-CMS_signed_get_attr_count 4038 EXIST::FUNCTION:CMS
-CMS_get0_eContentType 4039 EXIST::FUNCTION:CMS
-CMS_set1_eContentType 4040 EXIST::FUNCTION:CMS
-CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS
-CMS_add1_signer 4042 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS
-ENGINE_set_load_ssl_client_cert_function 4044 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_set_ld_ssl_clnt_cert_fn 4044 EXIST:VMS:FUNCTION:ENGINE
-ENGINE_get_ssl_client_cert_function 4045 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_get_ssl_client_cert_fn 4045 EXIST:VMS:FUNCTION:ENGINE
-ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE
-ENGINE_load_capi 4047 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-OPENSSL_isservice 4048 EXIST::FUNCTION:
-FIPS_dsa_sig_decode 4049 NOEXIST::FUNCTION:
-EVP_CIPHER_CTX_clear_flags 4050 EXIST::FUNCTION:
-FIPS_rand_status 4051 NOEXIST::FUNCTION:
-FIPS_rand_set_key 4052 NOEXIST::FUNCTION:
-CRYPTO_set_mem_info_functions 4053 NOEXIST::FUNCTION:
-RSA_X931_generate_key_ex 4054 NOEXIST::FUNCTION:
-int_ERR_set_state_func 4055 NOEXIST::FUNCTION:
-int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION:
-int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION:
-FIPS_rng_stick 4058 NOEXIST::FUNCTION:
-EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION:
-BN_X931_generate_prime_ex 4060 EXIST::FUNCTION:
-FIPS_selftest_check 4061 NOEXIST::FUNCTION:
-FIPS_rand_set_dt 4062 NOEXIST::FUNCTION:
-CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION:
-FIPS_dsa_free 4064 NOEXIST::FUNCTION:
-RSA_X931_derive_ex 4065 NOEXIST::FUNCTION:
-FIPS_rsa_new 4066 NOEXIST::FUNCTION:
-FIPS_rand_bytes 4067 NOEXIST::FUNCTION:
-fips_cipher_test 4068 NOEXIST::FUNCTION:
-EVP_CIPHER_CTX_test_flags 4069 EXIST::FUNCTION:
-CRYPTO_malloc_debug_init 4070 NOEXIST::FUNCTION:
-CRYPTO_dbg_push_info 4071 NOEXIST::FUNCTION:
-FIPS_corrupt_rsa_keygen 4072 NOEXIST::FUNCTION:
-FIPS_dh_new 4073 NOEXIST::FUNCTION:
-FIPS_corrupt_dsa_keygen 4074 NOEXIST::FUNCTION:
-FIPS_dh_free 4075 NOEXIST::FUNCTION:
-fips_pkey_signature_test 4076 NOEXIST::FUNCTION:
-EVP_add_alg_module 4077 EXIST::FUNCTION:
-int_RAND_init_engine_callbacks 4078 NOEXIST::FUNCTION:
-int_EVP_CIPHER_set_engine_callbacks 4079 NOEXIST::FUNCTION:
-int_EVP_MD_init_engine_callbacks 4080 NOEXIST::FUNCTION:
-FIPS_rand_test_mode 4081 NOEXIST::FUNCTION:
-FIPS_rand_reset 4082 NOEXIST::FUNCTION:
-FIPS_dsa_new 4083 NOEXIST::FUNCTION:
-int_RAND_set_callbacks 4084 NOEXIST::FUNCTION:
-BN_X931_derive_prime_ex 4085 EXIST::FUNCTION:
-int_ERR_lib_init 4086 NOEXIST::FUNCTION:
-int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION:
-FIPS_rsa_free 4088 NOEXIST::FUNCTION:
-FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION:
-CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION:
-OPENSSL_init 4091 EXIST::FUNCTION:
-private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
-CRYPTO_strdup 4093 EXIST::FUNCTION:
-JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE
-JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE
-JPAKE_get_shared_key 4096 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3B_init 4097 EXIST::FUNCTION:JPAKE
-JPAKE_STEP1_generate 4098 EXIST::FUNCTION:JPAKE
-JPAKE_STEP1_init 4099 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3B_process 4100 EXIST::FUNCTION:JPAKE
-JPAKE_STEP2_generate 4101 EXIST::FUNCTION:JPAKE
-JPAKE_CTX_new 4102 EXIST::FUNCTION:JPAKE
-JPAKE_CTX_free 4103 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3B_release 4104 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3A_release 4105 EXIST::FUNCTION:JPAKE
-JPAKE_STEP2_process 4106 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3B_generate 4107 EXIST::FUNCTION:JPAKE
-JPAKE_STEP1_process 4108 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3A_generate 4109 EXIST::FUNCTION:JPAKE
-JPAKE_STEP2_release 4110 EXIST::FUNCTION:JPAKE
-JPAKE_STEP3A_init 4111 EXIST::FUNCTION:JPAKE
-ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE
-JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE
-pqueue_size 4114 EXIST::FUNCTION:
-i2d_TS_ACCURACY 4115 EXIST::FUNCTION:
-i2d_TS_MSG_IMPRINT_fp 4116 EXIST::FUNCTION:
-i2d_TS_MSG_IMPRINT 4117 EXIST::FUNCTION:
-EVP_PKEY_print_public 4118 EXIST::FUNCTION:
-EVP_PKEY_CTX_new 4119 EXIST::FUNCTION:
-i2d_TS_TST_INFO 4120 EXIST::FUNCTION:
-EVP_PKEY_asn1_find 4121 EXIST::FUNCTION:
-DSO_METHOD_beos 4122 EXIST::FUNCTION:
-TS_CONF_load_cert 4123 EXIST::FUNCTION:
-TS_REQ_get_ext 4124 EXIST::FUNCTION:
-EVP_PKEY_sign_init 4125 EXIST::FUNCTION:
-ASN1_item_print 4126 EXIST::FUNCTION:
-TS_TST_INFO_set_nonce 4127 EXIST::FUNCTION:
-TS_RESP_dup 4128 EXIST::FUNCTION:
-ENGINE_register_pkey_meths 4129 EXIST::FUNCTION:ENGINE
-EVP_PKEY_asn1_add0 4130 EXIST::FUNCTION:
-PKCS7_add0_attrib_signing_time 4131 EXIST::FUNCTION:
-i2d_TS_TST_INFO_fp 4132 EXIST::FUNCTION:
-BIO_asn1_get_prefix 4133 EXIST::FUNCTION:
-TS_TST_INFO_set_time 4134 EXIST::FUNCTION:
-EVP_PKEY_meth_set_decrypt 4135 EXIST::FUNCTION:
-EVP_PKEY_set_type_str 4136 EXIST::FUNCTION:
-EVP_PKEY_CTX_get_keygen_info 4137 EXIST::FUNCTION:
-TS_REQ_set_policy_id 4138 EXIST::FUNCTION:
-d2i_TS_RESP_fp 4139 EXIST::FUNCTION:
-ENGINE_get_pkey_asn1_meth_engine 4140 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_get_pkey_asn1_meth_eng 4140 EXIST:VMS:FUNCTION:ENGINE
-WHIRLPOOL_Init 4141 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
-TS_RESP_set_status_info 4142 EXIST::FUNCTION:
-EVP_PKEY_keygen 4143 EXIST::FUNCTION:
-EVP_DigestSignInit 4144 EXIST::FUNCTION:
-TS_ACCURACY_set_millis 4145 EXIST::FUNCTION:
-TS_REQ_dup 4146 EXIST::FUNCTION:
-GENERAL_NAME_dup 4147 EXIST::FUNCTION:
-ASN1_SEQUENCE_ANY_it 4148 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_SEQUENCE_ANY_it 4148 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-WHIRLPOOL 4149 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
-X509_STORE_get1_crls 4150 EXIST::FUNCTION:
-ENGINE_get_pkey_asn1_meth 4151 EXIST::FUNCTION:ENGINE
-EVP_PKEY_asn1_new 4152 EXIST::FUNCTION:
-BIO_new_NDEF 4153 EXIST::FUNCTION:
-ENGINE_get_pkey_meth 4154 EXIST::FUNCTION:ENGINE
-TS_MSG_IMPRINT_set_algo 4155 EXIST::FUNCTION:
-i2d_TS_TST_INFO_bio 4156 EXIST::FUNCTION:
-TS_TST_INFO_set_ordering 4157 EXIST::FUNCTION:
-TS_TST_INFO_get_ext_by_OBJ 4158 EXIST::FUNCTION:
-CRYPTO_THREADID_set_pointer 4159 EXIST::FUNCTION:
-TS_CONF_get_tsa_section 4160 EXIST::FUNCTION:
-SMIME_write_ASN1 4161 EXIST::FUNCTION:
-TS_RESP_CTX_set_signer_key 4162 EXIST::FUNCTION:
-EVP_PKEY_encrypt_old 4163 EXIST::FUNCTION:
-EVP_PKEY_encrypt_init 4164 EXIST::FUNCTION:
-CRYPTO_THREADID_cpy 4165 EXIST::FUNCTION:
-ASN1_PCTX_get_cert_flags 4166 EXIST::FUNCTION:
-i2d_ESS_SIGNING_CERT 4167 EXIST::FUNCTION:
-TS_CONF_load_key 4168 EXIST::FUNCTION:
-i2d_ASN1_SEQUENCE_ANY 4169 EXIST::FUNCTION:
-d2i_TS_MSG_IMPRINT_bio 4170 EXIST::FUNCTION:
-EVP_PKEY_asn1_set_public 4171 EXIST::FUNCTION:
-b2i_PublicKey_bio 4172 EXIST::FUNCTION:
-BIO_asn1_set_prefix 4173 EXIST::FUNCTION:
-EVP_PKEY_new_mac_key 4174 EXIST::FUNCTION:
-BIO_new_CMS 4175 EXIST::FUNCTION:CMS
-CRYPTO_THREADID_cmp 4176 EXIST::FUNCTION:
-TS_REQ_ext_free 4177 EXIST::FUNCTION:
-EVP_PKEY_asn1_set_free 4178 EXIST::FUNCTION:
-EVP_PKEY_get0_asn1 4179 EXIST::FUNCTION:
-d2i_NETSCAPE_X509 4180 EXIST::FUNCTION:
-EVP_PKEY_verify_recover_init 4181 EXIST::FUNCTION:
-EVP_PKEY_CTX_set_data 4182 EXIST::FUNCTION:
-EVP_PKEY_keygen_init 4183 EXIST::FUNCTION:
-TS_RESP_CTX_set_status_info 4184 EXIST::FUNCTION:
-TS_MSG_IMPRINT_get_algo 4185 EXIST::FUNCTION:
-TS_REQ_print_bio 4186 EXIST::FUNCTION:
-EVP_PKEY_CTX_ctrl_str 4187 EXIST::FUNCTION:
-EVP_PKEY_get_default_digest_nid 4188 EXIST::FUNCTION:
-PEM_write_bio_PKCS7_stream 4189 EXIST::FUNCTION:
-TS_MSG_IMPRINT_print_bio 4190 EXIST::FUNCTION:
-BN_asc2bn 4191 EXIST::FUNCTION:
-TS_REQ_get_policy_id 4192 EXIST::FUNCTION:
-ENGINE_set_default_pkey_asn1_meths 4193 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_set_def_pkey_asn1_meths 4193 EXIST:VMS:FUNCTION:ENGINE
-d2i_TS_ACCURACY 4194 EXIST::FUNCTION:
-DSO_global_lookup 4195 EXIST::FUNCTION:
-TS_CONF_set_tsa_name 4196 EXIST::FUNCTION:
-i2d_ASN1_SET_ANY 4197 EXIST::FUNCTION:
-ENGINE_load_gost 4198 EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE
-WHIRLPOOL_BitUpdate 4199 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
-ASN1_PCTX_get_flags 4200 EXIST::FUNCTION:
-TS_TST_INFO_get_ext_by_NID 4201 EXIST::FUNCTION:
-TS_RESP_new 4202 EXIST::FUNCTION:
-ESS_CERT_ID_dup 4203 EXIST::FUNCTION:
-TS_STATUS_INFO_dup 4204 EXIST::FUNCTION:
-TS_REQ_delete_ext 4205 EXIST::FUNCTION:
-EVP_DigestVerifyFinal 4206 EXIST::FUNCTION:
-EVP_PKEY_print_params 4207 EXIST::FUNCTION:
-i2d_CMS_bio_stream 4208 EXIST::FUNCTION:CMS
-TS_REQ_get_msg_imprint 4209 EXIST::FUNCTION:
-OBJ_find_sigid_by_algs 4210 EXIST::FUNCTION:
-TS_TST_INFO_get_serial 4211 EXIST::FUNCTION:
-TS_REQ_get_nonce 4212 EXIST::FUNCTION:
-X509_PUBKEY_set0_param 4213 EXIST::FUNCTION:
-EVP_PKEY_CTX_set0_keygen_info 4214 EXIST::FUNCTION:
-DIST_POINT_set_dpname 4215 EXIST::FUNCTION:
-i2d_ISSUING_DIST_POINT 4216 EXIST::FUNCTION:
-ASN1_SET_ANY_it 4217 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_SET_ANY_it 4217 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_PKEY_CTX_get_data 4218 EXIST::FUNCTION:
-TS_STATUS_INFO_print_bio 4219 EXIST::FUNCTION:
-EVP_PKEY_derive_init 4220 EXIST::FUNCTION:
-d2i_TS_TST_INFO 4221 EXIST::FUNCTION:
-EVP_PKEY_asn1_add_alias 4222 EXIST::FUNCTION:
-d2i_TS_RESP_bio 4223 EXIST::FUNCTION:
-OTHERNAME_cmp 4224 EXIST::FUNCTION:
-GENERAL_NAME_set0_value 4225 EXIST::FUNCTION:
-PKCS7_RECIP_INFO_get0_alg 4226 EXIST::FUNCTION:
-TS_RESP_CTX_new 4227 EXIST::FUNCTION:
-TS_RESP_set_tst_info 4228 EXIST::FUNCTION:
-PKCS7_final 4229 EXIST::FUNCTION:
-EVP_PKEY_base_id 4230 EXIST::FUNCTION:
-TS_RESP_CTX_set_signer_cert 4231 EXIST::FUNCTION:
-TS_REQ_set_msg_imprint 4232 EXIST::FUNCTION:
-EVP_PKEY_CTX_ctrl 4233 EXIST::FUNCTION:
-TS_CONF_set_digests 4234 EXIST::FUNCTION:
-d2i_TS_MSG_IMPRINT 4235 EXIST::FUNCTION:
-EVP_PKEY_meth_set_ctrl 4236 EXIST::FUNCTION:
-TS_REQ_get_ext_by_NID 4237 EXIST::FUNCTION:
-PKCS5_pbe_set0_algor 4238 EXIST::FUNCTION:
-BN_BLINDING_thread_id 4239 EXIST::FUNCTION:
-TS_ACCURACY_new 4240 EXIST::FUNCTION:
-X509_CRL_METHOD_free 4241 EXIST::FUNCTION:
-ASN1_PCTX_get_nm_flags 4242 EXIST::FUNCTION:
-EVP_PKEY_meth_set_sign 4243 EXIST::FUNCTION:
-CRYPTO_THREADID_current 4244 EXIST::FUNCTION:
-EVP_PKEY_decrypt_init 4245 EXIST::FUNCTION:
-NETSCAPE_X509_free 4246 EXIST::FUNCTION:
-i2b_PVK_bio 4247 EXIST::FUNCTION:RC4
-EVP_PKEY_print_private 4248 EXIST::FUNCTION:
-GENERAL_NAME_get0_value 4249 EXIST::FUNCTION:
-b2i_PVK_bio 4250 EXIST::FUNCTION:RC4
-ASN1_UTCTIME_adj 4251 EXIST::FUNCTION:
-TS_TST_INFO_new 4252 EXIST::FUNCTION:
-EVP_MD_do_all_sorted 4253 EXIST::FUNCTION:
-TS_CONF_set_default_engine 4254 EXIST::FUNCTION:
-TS_ACCURACY_set_seconds 4255 EXIST::FUNCTION:
-TS_TST_INFO_get_time 4256 EXIST::FUNCTION:
-PKCS8_pkey_get0 4257 EXIST::FUNCTION:
-EVP_PKEY_asn1_get0 4258 EXIST::FUNCTION:
-OBJ_add_sigid 4259 EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_sign 4260 EXIST::FUNCTION:
-EVP_PKEY_paramgen_init 4261 EXIST::FUNCTION:
-EVP_PKEY_sign 4262 EXIST::FUNCTION:
-OBJ_sigid_free 4263 EXIST::FUNCTION:
-EVP_PKEY_meth_set_init 4264 EXIST::FUNCTION:
-d2i_ESS_ISSUER_SERIAL 4265 EXIST::FUNCTION:
-ISSUING_DIST_POINT_new 4266 EXIST::FUNCTION:
-ASN1_TIME_adj 4267 EXIST::FUNCTION:
-TS_OBJ_print_bio 4268 EXIST::FUNCTION:
-EVP_PKEY_meth_set_verify_recover 4269 EXIST:!VMS:FUNCTION:
-EVP_PKEY_meth_set_vrfy_recover 4269 EXIST:VMS:FUNCTION:
-TS_RESP_get_status_info 4270 EXIST::FUNCTION:
-CMS_stream 4271 EXIST::FUNCTION:CMS
-EVP_PKEY_CTX_set_cb 4272 EXIST::FUNCTION:
-PKCS7_to_TS_TST_INFO 4273 EXIST::FUNCTION:
-ASN1_PCTX_get_oid_flags 4274 EXIST::FUNCTION:
-TS_TST_INFO_add_ext 4275 EXIST::FUNCTION:
-EVP_PKEY_meth_set_derive 4276 EXIST::FUNCTION:
-i2d_TS_RESP_fp 4277 EXIST::FUNCTION:
-i2d_TS_MSG_IMPRINT_bio 4278 EXIST::FUNCTION:
-TS_RESP_CTX_set_accuracy 4279 EXIST::FUNCTION:
-TS_REQ_set_nonce 4280 EXIST::FUNCTION:
-ESS_CERT_ID_new 4281 EXIST::FUNCTION:
-ENGINE_pkey_asn1_find_str 4282 EXIST::FUNCTION:ENGINE
-TS_REQ_get_ext_count 4283 EXIST::FUNCTION:
-BUF_reverse 4284 EXIST::FUNCTION:
-TS_TST_INFO_print_bio 4285 EXIST::FUNCTION:
-d2i_ISSUING_DIST_POINT 4286 EXIST::FUNCTION:
-ENGINE_get_pkey_meths 4287 EXIST::FUNCTION:ENGINE
-i2b_PrivateKey_bio 4288 EXIST::FUNCTION:
-i2d_TS_RESP 4289 EXIST::FUNCTION:
-b2i_PublicKey 4290 EXIST::FUNCTION:
-TS_VERIFY_CTX_cleanup 4291 EXIST::FUNCTION:
-TS_STATUS_INFO_free 4292 EXIST::FUNCTION:
-TS_RESP_verify_token 4293 EXIST::FUNCTION:
-OBJ_bsearch_ex_ 4294 EXIST::FUNCTION:
-ASN1_bn_print 4295 EXIST::FUNCTION:BIO
-EVP_PKEY_asn1_get_count 4296 EXIST::FUNCTION:
-ENGINE_register_pkey_asn1_meths 4297 EXIST::FUNCTION:ENGINE
-ASN1_PCTX_set_nm_flags 4298 EXIST::FUNCTION:
-EVP_DigestVerifyInit 4299 EXIST::FUNCTION:
-ENGINE_set_default_pkey_meths 4300 EXIST::FUNCTION:ENGINE
-TS_TST_INFO_get_policy_id 4301 EXIST::FUNCTION:
-TS_REQ_get_cert_req 4302 EXIST::FUNCTION:
-X509_CRL_set_meth_data 4303 EXIST::FUNCTION:
-PKCS8_pkey_set0 4304 EXIST::FUNCTION:
-ASN1_STRING_copy 4305 EXIST::FUNCTION:
-d2i_TS_TST_INFO_fp 4306 EXIST::FUNCTION:
-X509_CRL_match 4307 EXIST::FUNCTION:
-EVP_PKEY_asn1_set_private 4308 EXIST::FUNCTION:
-TS_TST_INFO_get_ext_d2i 4309 EXIST::FUNCTION:
-TS_RESP_CTX_add_policy 4310 EXIST::FUNCTION:
-d2i_TS_RESP 4311 EXIST::FUNCTION:
-TS_CONF_load_certs 4312 EXIST::FUNCTION:
-TS_TST_INFO_get_msg_imprint 4313 EXIST::FUNCTION:
-ERR_load_TS_strings 4314 EXIST::FUNCTION:
-TS_TST_INFO_get_version 4315 EXIST::FUNCTION:
-EVP_PKEY_CTX_dup 4316 EXIST::FUNCTION:
-EVP_PKEY_meth_set_verify 4317 EXIST::FUNCTION:
-i2b_PublicKey_bio 4318 EXIST::FUNCTION:
-TS_CONF_set_certs 4319 EXIST::FUNCTION:
-EVP_PKEY_asn1_get0_info 4320 EXIST::FUNCTION:
-TS_VERIFY_CTX_free 4321 EXIST::FUNCTION:
-TS_REQ_get_ext_by_critical 4322 EXIST::FUNCTION:
-TS_RESP_CTX_set_serial_cb 4323 EXIST::FUNCTION:
-X509_CRL_get_meth_data 4324 EXIST::FUNCTION:
-TS_RESP_CTX_set_time_cb 4325 EXIST::FUNCTION:
-TS_MSG_IMPRINT_get_msg 4326 EXIST::FUNCTION:
-TS_TST_INFO_ext_free 4327 EXIST::FUNCTION:
-TS_REQ_get_version 4328 EXIST::FUNCTION:
-TS_REQ_add_ext 4329 EXIST::FUNCTION:
-EVP_PKEY_CTX_set_app_data 4330 EXIST::FUNCTION:
-OBJ_bsearch_ 4331 EXIST::FUNCTION:
-EVP_PKEY_meth_set_verifyctx 4332 EXIST::FUNCTION:
-i2d_PKCS7_bio_stream 4333 EXIST::FUNCTION:
-CRYPTO_THREADID_set_numeric 4334 EXIST::FUNCTION:
-PKCS7_sign_add_signer 4335 EXIST::FUNCTION:
-d2i_TS_TST_INFO_bio 4336 EXIST::FUNCTION:
-TS_TST_INFO_get_ordering 4337 EXIST::FUNCTION:
-TS_RESP_print_bio 4338 EXIST::FUNCTION:
-TS_TST_INFO_get_exts 4339 EXIST::FUNCTION:
-HMAC_CTX_copy 4340 EXIST::FUNCTION:HMAC
-PKCS5_pbe2_set_iv 4341 EXIST::FUNCTION:
-ENGINE_get_pkey_asn1_meths 4342 EXIST::FUNCTION:ENGINE
-b2i_PrivateKey 4343 EXIST::FUNCTION:
-EVP_PKEY_CTX_get_app_data 4344 EXIST::FUNCTION:
-TS_REQ_set_cert_req 4345 EXIST::FUNCTION:
-CRYPTO_THREADID_set_callback 4346 EXIST::FUNCTION:
-TS_CONF_set_serial 4347 EXIST::FUNCTION:
-TS_TST_INFO_free 4348 EXIST::FUNCTION:
-d2i_TS_REQ_fp 4349 EXIST::FUNCTION:
-TS_RESP_verify_response 4350 EXIST::FUNCTION:
-i2d_ESS_ISSUER_SERIAL 4351 EXIST::FUNCTION:
-TS_ACCURACY_get_seconds 4352 EXIST::FUNCTION:
-EVP_CIPHER_do_all 4353 EXIST::FUNCTION:
-b2i_PrivateKey_bio 4354 EXIST::FUNCTION:
-OCSP_CERTID_dup 4355 EXIST::FUNCTION:
-X509_PUBKEY_get0_param 4356 EXIST::FUNCTION:
-TS_MSG_IMPRINT_dup 4357 EXIST::FUNCTION:
-PKCS7_print_ctx 4358 EXIST::FUNCTION:
-i2d_TS_REQ_bio 4359 EXIST::FUNCTION:
-EVP_whirlpool 4360 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
-EVP_PKEY_asn1_set_param 4361 EXIST::FUNCTION:
-EVP_PKEY_meth_set_encrypt 4362 EXIST::FUNCTION:
-ASN1_PCTX_set_flags 4363 EXIST::FUNCTION:
-i2d_ESS_CERT_ID 4364 EXIST::FUNCTION:
-TS_VERIFY_CTX_new 4365 EXIST::FUNCTION:
-TS_RESP_CTX_set_extension_cb 4366 EXIST::FUNCTION:
-ENGINE_register_all_pkey_meths 4367 EXIST::FUNCTION:ENGINE
-TS_RESP_CTX_set_status_info_cond 4368 EXIST:!VMS:FUNCTION:
-TS_RESP_CTX_set_stat_info_cond 4368 EXIST:VMS:FUNCTION:
-EVP_PKEY_verify 4369 EXIST::FUNCTION:
-WHIRLPOOL_Final 4370 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
-X509_CRL_METHOD_new 4371 EXIST::FUNCTION:
-EVP_DigestSignFinal 4372 EXIST::FUNCTION:
-TS_RESP_CTX_set_def_policy 4373 EXIST::FUNCTION:
-NETSCAPE_X509_it 4374 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_X509_it 4374 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-TS_RESP_create_response 4375 EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_get0_algs 4376 EXIST::FUNCTION:
-TS_TST_INFO_get_nonce 4377 EXIST::FUNCTION:
-EVP_PKEY_decrypt_old 4378 EXIST::FUNCTION:
-TS_TST_INFO_set_policy_id 4379 EXIST::FUNCTION:
-TS_CONF_set_ess_cert_id_chain 4380 EXIST::FUNCTION:
-EVP_PKEY_CTX_get0_pkey 4381 EXIST::FUNCTION:
-d2i_TS_REQ 4382 EXIST::FUNCTION:
-EVP_PKEY_asn1_find_str 4383 EXIST::FUNCTION:
-BIO_f_asn1 4384 EXIST::FUNCTION:
-ESS_SIGNING_CERT_new 4385 EXIST::FUNCTION:
-EVP_PBE_find 4386 EXIST::FUNCTION:
-X509_CRL_get0_by_cert 4387 EXIST::FUNCTION:
-EVP_PKEY_derive 4388 EXIST::FUNCTION:
-i2d_TS_REQ 4389 EXIST::FUNCTION:
-TS_TST_INFO_delete_ext 4390 EXIST::FUNCTION:
-ESS_ISSUER_SERIAL_free 4391 EXIST::FUNCTION:
-ASN1_PCTX_set_str_flags 4392 EXIST::FUNCTION:
-ENGINE_get_pkey_asn1_meth_str 4393 EXIST::FUNCTION:ENGINE
-TS_CONF_set_signer_key 4394 EXIST::FUNCTION:
-TS_ACCURACY_get_millis 4395 EXIST::FUNCTION:
-TS_RESP_get_token 4396 EXIST::FUNCTION:
-TS_ACCURACY_dup 4397 EXIST::FUNCTION:
-ENGINE_register_all_pkey_asn1_meths 4398 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_reg_all_pkey_asn1_meths 4398 EXIST:VMS:FUNCTION:ENGINE
-X509_CRL_set_default_method 4399 EXIST::FUNCTION:
-CRYPTO_THREADID_hash 4400 EXIST::FUNCTION:
-CMS_ContentInfo_print_ctx 4401 EXIST::FUNCTION:CMS
-TS_RESP_free 4402 EXIST::FUNCTION:
-ISSUING_DIST_POINT_free 4403 EXIST::FUNCTION:
-ESS_ISSUER_SERIAL_new 4404 EXIST::FUNCTION:
-CMS_add1_crl 4405 EXIST::FUNCTION:CMS
-PKCS7_add1_attrib_digest 4406 EXIST::FUNCTION:
-TS_RESP_CTX_add_md 4407 EXIST::FUNCTION:
-TS_TST_INFO_dup 4408 EXIST::FUNCTION:
-ENGINE_set_pkey_asn1_meths 4409 EXIST::FUNCTION:ENGINE
-PEM_write_bio_Parameters 4410 EXIST::FUNCTION:
-TS_TST_INFO_get_accuracy 4411 EXIST::FUNCTION:
-X509_CRL_get0_by_serial 4412 EXIST::FUNCTION:
-TS_TST_INFO_set_version 4413 EXIST::FUNCTION:
-TS_RESP_CTX_get_tst_info 4414 EXIST::FUNCTION:
-TS_RESP_verify_signature 4415 EXIST::FUNCTION:
-CRYPTO_THREADID_get_callback 4416 EXIST::FUNCTION:
-TS_TST_INFO_get_tsa 4417 EXIST::FUNCTION:
-TS_STATUS_INFO_new 4418 EXIST::FUNCTION:
-EVP_PKEY_CTX_get_cb 4419 EXIST::FUNCTION:
-TS_REQ_get_ext_d2i 4420 EXIST::FUNCTION:
-GENERAL_NAME_set0_othername 4421 EXIST::FUNCTION:
-TS_TST_INFO_get_ext_count 4422 EXIST::FUNCTION:
-TS_RESP_CTX_get_request 4423 EXIST::FUNCTION:
-i2d_NETSCAPE_X509 4424 EXIST::FUNCTION:
-ENGINE_get_pkey_meth_engine 4425 EXIST::FUNCTION:ENGINE
-EVP_PKEY_meth_set_signctx 4426 EXIST::FUNCTION:
-EVP_PKEY_asn1_copy 4427 EXIST::FUNCTION:
-ASN1_TYPE_cmp 4428 EXIST::FUNCTION:
-EVP_CIPHER_do_all_sorted 4429 EXIST::FUNCTION:
-EVP_PKEY_CTX_free 4430 EXIST::FUNCTION:
-ISSUING_DIST_POINT_it 4431 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ISSUING_DIST_POINT_it 4431 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_TS_MSG_IMPRINT_fp 4432 EXIST::FUNCTION:
-X509_STORE_get1_certs 4433 EXIST::FUNCTION:
-EVP_PKEY_CTX_get_operation 4434 EXIST::FUNCTION:
-d2i_ESS_SIGNING_CERT 4435 EXIST::FUNCTION:
-TS_CONF_set_ordering 4436 EXIST::FUNCTION:
-EVP_PBE_alg_add_type 4437 EXIST::FUNCTION:
-TS_REQ_set_version 4438 EXIST::FUNCTION:
-EVP_PKEY_get0 4439 EXIST::FUNCTION:
-BIO_asn1_set_suffix 4440 EXIST::FUNCTION:
-i2d_TS_STATUS_INFO 4441 EXIST::FUNCTION:
-EVP_MD_do_all 4442 EXIST::FUNCTION:
-TS_TST_INFO_set_accuracy 4443 EXIST::FUNCTION:
-PKCS7_add_attrib_content_type 4444 EXIST::FUNCTION:
-ERR_remove_thread_state 4445 EXIST::FUNCTION:
-EVP_PKEY_meth_add0 4446 EXIST::FUNCTION:
-TS_TST_INFO_set_tsa 4447 EXIST::FUNCTION:
-EVP_PKEY_meth_new 4448 EXIST::FUNCTION:
-WHIRLPOOL_Update 4449 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
-TS_CONF_set_accuracy 4450 EXIST::FUNCTION:
-ASN1_PCTX_set_oid_flags 4451 EXIST::FUNCTION:
-ESS_SIGNING_CERT_dup 4452 EXIST::FUNCTION:
-d2i_TS_REQ_bio 4453 EXIST::FUNCTION:
-X509_time_adj_ex 4454 EXIST::FUNCTION:
-TS_RESP_CTX_add_flags 4455 EXIST::FUNCTION:
-d2i_TS_STATUS_INFO 4456 EXIST::FUNCTION:
-TS_MSG_IMPRINT_set_msg 4457 EXIST::FUNCTION:
-BIO_asn1_get_suffix 4458 EXIST::FUNCTION:
-TS_REQ_free 4459 EXIST::FUNCTION:
-EVP_PKEY_meth_free 4460 EXIST::FUNCTION:
-TS_REQ_get_exts 4461 EXIST::FUNCTION:
-TS_RESP_CTX_set_clock_precision_digits 4462 EXIST:!VMS:FUNCTION:
-TS_RESP_CTX_set_clk_prec_digits 4462 EXIST:VMS:FUNCTION:
-TS_RESP_CTX_add_failure_info 4463 EXIST::FUNCTION:
-i2d_TS_RESP_bio 4464 EXIST::FUNCTION:
-EVP_PKEY_CTX_get0_peerkey 4465 EXIST::FUNCTION:
-PEM_write_bio_CMS_stream 4466 EXIST::FUNCTION:CMS
-TS_REQ_new 4467 EXIST::FUNCTION:
-TS_MSG_IMPRINT_new 4468 EXIST::FUNCTION:
-EVP_PKEY_meth_find 4469 EXIST::FUNCTION:
-EVP_PKEY_id 4470 EXIST::FUNCTION:
-TS_TST_INFO_set_serial 4471 EXIST::FUNCTION:
-a2i_GENERAL_NAME 4472 EXIST::FUNCTION:
-TS_CONF_set_crypto_device 4473 EXIST::FUNCTION:
-EVP_PKEY_verify_init 4474 EXIST::FUNCTION:
-TS_CONF_set_policies 4475 EXIST::FUNCTION:
-ASN1_PCTX_new 4476 EXIST::FUNCTION:
-ESS_CERT_ID_free 4477 EXIST::FUNCTION:
-ENGINE_unregister_pkey_meths 4478 EXIST::FUNCTION:ENGINE
-TS_MSG_IMPRINT_free 4479 EXIST::FUNCTION:
-TS_VERIFY_CTX_init 4480 EXIST::FUNCTION:
-PKCS7_stream 4481 EXIST::FUNCTION:
-TS_RESP_CTX_set_certs 4482 EXIST::FUNCTION:
-TS_CONF_set_def_policy 4483 EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_adj 4484 EXIST::FUNCTION:
-NETSCAPE_X509_new 4485 EXIST::FUNCTION:
-TS_ACCURACY_free 4486 EXIST::FUNCTION:
-TS_RESP_get_tst_info 4487 EXIST::FUNCTION:
-EVP_PKEY_derive_set_peer 4488 EXIST::FUNCTION:
-PEM_read_bio_Parameters 4489 EXIST::FUNCTION:
-TS_CONF_set_clock_precision_digits 4490 EXIST:!VMS:FUNCTION:
-TS_CONF_set_clk_prec_digits 4490 EXIST:VMS:FUNCTION:
-ESS_ISSUER_SERIAL_dup 4491 EXIST::FUNCTION:
-TS_ACCURACY_get_micros 4492 EXIST::FUNCTION:
-ASN1_PCTX_get_str_flags 4493 EXIST::FUNCTION:
-NAME_CONSTRAINTS_check 4494 EXIST::FUNCTION:
-ASN1_BIT_STRING_check 4495 EXIST::FUNCTION:
-X509_check_akid 4496 EXIST::FUNCTION:
-ENGINE_unregister_pkey_asn1_meths 4497 EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_unreg_pkey_asn1_meths 4497 EXIST:VMS:FUNCTION:ENGINE
-ASN1_PCTX_free 4498 EXIST::FUNCTION:
-PEM_write_bio_ASN1_stream 4499 EXIST::FUNCTION:
-i2d_ASN1_bio_stream 4500 EXIST::FUNCTION:
-TS_X509_ALGOR_print_bio 4501 EXIST::FUNCTION:
-EVP_PKEY_meth_set_cleanup 4502 EXIST::FUNCTION:
-EVP_PKEY_asn1_free 4503 EXIST::FUNCTION:
-ESS_SIGNING_CERT_free 4504 EXIST::FUNCTION:
-TS_TST_INFO_set_msg_imprint 4505 EXIST::FUNCTION:
-GENERAL_NAME_cmp 4506 EXIST::FUNCTION:
-d2i_ASN1_SET_ANY 4507 EXIST::FUNCTION:
-ENGINE_set_pkey_meths 4508 EXIST::FUNCTION:ENGINE
-i2d_TS_REQ_fp 4509 EXIST::FUNCTION:
-d2i_ASN1_SEQUENCE_ANY 4510 EXIST::FUNCTION:
-GENERAL_NAME_get0_otherName 4511 EXIST::FUNCTION:
-d2i_ESS_CERT_ID 4512 EXIST::FUNCTION:
-OBJ_find_sigid_algs 4513 EXIST::FUNCTION:
-EVP_PKEY_meth_set_keygen 4514 EXIST::FUNCTION:
-PKCS5_PBKDF2_HMAC 4515 EXIST::FUNCTION:
-EVP_PKEY_paramgen 4516 EXIST::FUNCTION:
-EVP_PKEY_meth_set_paramgen 4517 EXIST::FUNCTION:
-BIO_new_PKCS7 4518 EXIST::FUNCTION:
-EVP_PKEY_verify_recover 4519 EXIST::FUNCTION:
-TS_ext_print_bio 4520 EXIST::FUNCTION:
-TS_ASN1_INTEGER_print_bio 4521 EXIST::FUNCTION:
-check_defer 4522 EXIST::FUNCTION:
-DSO_pathbyaddr 4523 EXIST::FUNCTION:
-EVP_PKEY_set_type 4524 EXIST::FUNCTION:
-TS_ACCURACY_set_micros 4525 EXIST::FUNCTION:
-TS_REQ_to_TS_VERIFY_CTX 4526 EXIST::FUNCTION:
-EVP_PKEY_meth_set_copy 4527 EXIST::FUNCTION:
-ASN1_PCTX_set_cert_flags 4528 EXIST::FUNCTION:
-TS_TST_INFO_get_ext 4529 EXIST::FUNCTION:
-EVP_PKEY_asn1_set_ctrl 4530 EXIST::FUNCTION:
-TS_TST_INFO_get_ext_by_critical 4531 EXIST::FUNCTION:
-EVP_PKEY_CTX_new_id 4532 EXIST::FUNCTION:
-TS_REQ_get_ext_by_OBJ 4533 EXIST::FUNCTION:
-TS_CONF_set_signer_cert 4534 EXIST::FUNCTION:
-X509_NAME_hash_old 4535 EXIST::FUNCTION:
-ASN1_TIME_set_string 4536 EXIST::FUNCTION:
-EVP_MD_flags 4537 EXIST::FUNCTION:
-TS_RESP_CTX_free 4538 EXIST::FUNCTION:
-DSAparams_dup 4539 EXIST::FUNCTION:DSA
-DHparams_dup 4540 EXIST::FUNCTION:DH
-OCSP_REQ_CTX_add1_header 4541 EXIST::FUNCTION:
-OCSP_REQ_CTX_set1_req 4542 EXIST::FUNCTION:
-X509_STORE_set_verify_cb 4543 EXIST::FUNCTION:
-X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION:
-X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION:
-X509_STORE_CTX_get0_current_issuer 4546 EXIST:!VMS:FUNCTION:
-X509_STORE_CTX_get0_cur_issuer 4546 EXIST:VMS:FUNCTION:
-X509_issuer_name_hash_old 4547 EXIST::FUNCTION:MD5
-X509_subject_name_hash_old 4548 EXIST::FUNCTION:MD5
-EVP_CIPHER_CTX_copy 4549 EXIST::FUNCTION:
-UI_method_get_prompt_constructor 4550 EXIST:!VMS:FUNCTION:
-UI_method_get_prompt_constructr 4550 EXIST:VMS:FUNCTION:
-UI_method_set_prompt_constructor 4551 EXIST:!VMS:FUNCTION:
-UI_method_set_prompt_constructr 4551 EXIST:VMS:FUNCTION:
-EVP_read_pw_string_min 4552 EXIST::FUNCTION:
-CRYPTO_cts128_encrypt 4553 EXIST::FUNCTION:
-CRYPTO_cts128_decrypt_block 4554 EXIST::FUNCTION:
-CRYPTO_cfb128_1_encrypt 4555 EXIST::FUNCTION:
-CRYPTO_cbc128_encrypt 4556 EXIST::FUNCTION:
-CRYPTO_ctr128_encrypt 4557 EXIST::FUNCTION:
-CRYPTO_ofb128_encrypt 4558 EXIST::FUNCTION:
-CRYPTO_cts128_decrypt 4559 EXIST::FUNCTION:
-CRYPTO_cts128_encrypt_block 4560 EXIST::FUNCTION:
-CRYPTO_cbc128_decrypt 4561 EXIST::FUNCTION:
-CRYPTO_cfb128_encrypt 4562 EXIST::FUNCTION:
-CRYPTO_cfb128_8_encrypt 4563 EXIST::FUNCTION:
-OPENSSL_strcasecmp 4564 EXIST::FUNCTION:
-OPENSSL_memcmp 4565 EXIST::FUNCTION:
-OPENSSL_strncasecmp 4566 EXIST::FUNCTION:
-OPENSSL_gmtime 4567 EXIST::FUNCTION:
-OPENSSL_gmtime_adj 4568 EXIST::FUNCTION:
-SRP_VBASE_get_by_user 4569 EXIST::FUNCTION:SRP
-SRP_Calc_server_key 4570 EXIST::FUNCTION:SRP
-SRP_create_verifier 4571 EXIST::FUNCTION:SRP
-SRP_create_verifier_BN 4572 EXIST::FUNCTION:SRP
-SRP_Calc_u 4573 EXIST::FUNCTION:SRP
-SRP_VBASE_free 4574 EXIST::FUNCTION:SRP
-SRP_Calc_client_key 4575 EXIST::FUNCTION:SRP
-SRP_get_default_gN 4576 EXIST::FUNCTION:SRP
-SRP_Calc_x 4577 EXIST::FUNCTION:SRP
-SRP_Calc_B 4578 EXIST::FUNCTION:SRP
-SRP_VBASE_new 4579 EXIST::FUNCTION:SRP
-SRP_check_known_gN_param 4580 EXIST::FUNCTION:SRP
-SRP_Calc_A 4581 EXIST::FUNCTION:SRP
-SRP_Verify_A_mod_N 4582 EXIST::FUNCTION:SRP
-SRP_VBASE_init 4583 EXIST::FUNCTION:SRP
-SRP_Verify_B_mod_N 4584 EXIST::FUNCTION:SRP
-EC_KEY_set_public_key_affine_coordinates 4585 EXIST:!VMS:FUNCTION:EC
-EC_KEY_set_pub_key_aff_coords 4585 EXIST:VMS:FUNCTION:EC
-EVP_aes_192_ctr 4586 EXIST::FUNCTION:AES
-EVP_PKEY_meth_get0_info 4587 EXIST::FUNCTION:
-EVP_PKEY_meth_copy 4588 EXIST::FUNCTION:
-ERR_add_error_vdata 4589 EXIST::FUNCTION:
-EVP_aes_128_ctr 4590 EXIST::FUNCTION:AES
-EVP_aes_256_ctr 4591 EXIST::FUNCTION:AES
-EC_GFp_nistp224_method 4592 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
-EC_KEY_get_flags 4593 EXIST::FUNCTION:EC
-RSA_padding_add_PKCS1_PSS_mgf1 4594 EXIST::FUNCTION:RSA
-EVP_aes_128_xts 4595 EXIST::FUNCTION:AES
-private_SHA224_Init 4596 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-private_AES_set_decrypt_key 4597 EXIST::FUNCTION:AES
-private_WHIRLPOOL_Init 4598 EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL
-EVP_aes_256_xts 4599 EXIST::FUNCTION:AES
-private_SHA512_Init 4600 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-EVP_aes_128_gcm 4601 EXIST::FUNCTION:AES
-EC_KEY_clear_flags 4602 EXIST::FUNCTION:EC
-EC_KEY_set_flags 4603 EXIST::FUNCTION:EC
-private_DES_set_key_unchecked 4604 EXIST:OPENSSL_FIPS:FUNCTION:DES
-EVP_aes_256_ccm 4605 EXIST::FUNCTION:AES
-private_AES_set_encrypt_key 4606 EXIST::FUNCTION:AES
-RSA_verify_PKCS1_PSS_mgf1 4607 EXIST::FUNCTION:RSA
-private_SHA1_Init 4608 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1
-EVP_aes_128_ccm 4609 EXIST::FUNCTION:AES
-private_SEED_set_key 4610 EXIST:OPENSSL_FIPS:FUNCTION:SEED
-EVP_aes_192_gcm 4611 EXIST::FUNCTION:AES
-X509_ALGOR_set_md 4612 EXIST::FUNCTION:
-private_SHA256_Init 4613 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-RAND_init_fips 4614 EXIST:OPENSSL_FIPS:FUNCTION:
-EVP_aes_256_gcm 4615 EXIST::FUNCTION:AES
-private_SHA384_Init 4616 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-EVP_aes_192_ccm 4617 EXIST::FUNCTION:AES
-CMAC_CTX_copy 4618 EXIST::FUNCTION:
-CMAC_CTX_free 4619 EXIST::FUNCTION:
-CMAC_CTX_get0_cipher_ctx 4620 EXIST::FUNCTION:
-CMAC_CTX_cleanup 4621 EXIST::FUNCTION:
-CMAC_Init 4622 EXIST::FUNCTION:
-CMAC_Update 4623 EXIST::FUNCTION:
-CMAC_resume 4624 EXIST::FUNCTION:
-CMAC_CTX_new 4625 EXIST::FUNCTION:
-CMAC_Final 4626 EXIST::FUNCTION:
-CRYPTO_ctr128_encrypt_ctr32 4627 EXIST::FUNCTION:
-CRYPTO_gcm128_release 4628 EXIST::FUNCTION:
-CRYPTO_ccm128_decrypt_ccm64 4629 EXIST::FUNCTION:
-CRYPTO_ccm128_encrypt 4630 EXIST::FUNCTION:
-CRYPTO_gcm128_encrypt 4631 EXIST::FUNCTION:
-CRYPTO_xts128_encrypt 4632 EXIST::FUNCTION:
-EVP_rc4_hmac_md5 4633 EXIST::FUNCTION:MD5,RC4
-CRYPTO_nistcts128_decrypt_block 4634 EXIST::FUNCTION:
-CRYPTO_gcm128_setiv 4635 EXIST::FUNCTION:
-CRYPTO_nistcts128_encrypt 4636 EXIST::FUNCTION:
-EVP_aes_128_cbc_hmac_sha1 4637 EXIST::FUNCTION:AES,SHA,SHA1
-CRYPTO_gcm128_tag 4638 EXIST::FUNCTION:
-CRYPTO_ccm128_encrypt_ccm64 4639 EXIST::FUNCTION:
-ENGINE_load_rdrand 4640 EXIST::FUNCTION:ENGINE
-CRYPTO_ccm128_setiv 4641 EXIST::FUNCTION:
-CRYPTO_nistcts128_encrypt_block 4642 EXIST::FUNCTION:
-CRYPTO_gcm128_aad 4643 EXIST::FUNCTION:
-CRYPTO_ccm128_init 4644 EXIST::FUNCTION:
-CRYPTO_nistcts128_decrypt 4645 EXIST::FUNCTION:
-CRYPTO_gcm128_new 4646 EXIST::FUNCTION:
-CRYPTO_ccm128_tag 4647 EXIST::FUNCTION:
-CRYPTO_ccm128_decrypt 4648 EXIST::FUNCTION:
-CRYPTO_ccm128_aad 4649 EXIST::FUNCTION:
-CRYPTO_gcm128_init 4650 EXIST::FUNCTION:
-CRYPTO_gcm128_decrypt 4651 EXIST::FUNCTION:
-ENGINE_load_rsax 4652 EXIST::FUNCTION:ENGINE
-CRYPTO_gcm128_decrypt_ctr32 4653 EXIST::FUNCTION:
-CRYPTO_gcm128_encrypt_ctr32 4654 EXIST::FUNCTION:
-CRYPTO_gcm128_finish 4655 EXIST::FUNCTION:
-EVP_aes_256_cbc_hmac_sha1 4656 EXIST::FUNCTION:AES,SHA,SHA1
-PKCS5_pbkdf2_set 4657 EXIST::FUNCTION:
-CMS_add0_recipient_password 4658 EXIST::FUNCTION:CMS
-CMS_decrypt_set1_password 4659 EXIST::FUNCTION:CMS
-CMS_RecipientInfo_set0_password 4660 EXIST::FUNCTION:CMS
-RAND_set_fips_drbg_type 4661 EXIST:OPENSSL_FIPS:FUNCTION:
-X509_REQ_sign_ctx 4662 EXIST::FUNCTION:EVP
-RSA_PSS_PARAMS_new 4663 EXIST::FUNCTION:RSA
-X509_CRL_sign_ctx 4664 EXIST::FUNCTION:EVP
-X509_signature_dump 4665 EXIST::FUNCTION:EVP
-d2i_RSA_PSS_PARAMS 4666 EXIST::FUNCTION:RSA
-RSA_PSS_PARAMS_it 4667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
-RSA_PSS_PARAMS_it 4667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
-RSA_PSS_PARAMS_free 4668 EXIST::FUNCTION:RSA
-X509_sign_ctx 4669 EXIST::FUNCTION:EVP
-i2d_RSA_PSS_PARAMS 4670 EXIST::FUNCTION:RSA
-ASN1_item_sign_ctx 4671 EXIST::FUNCTION:EVP
-EC_GFp_nistp521_method 4672 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
-EC_GFp_nistp256_method 4673 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
-OPENSSL_stderr 4674 EXIST::FUNCTION:
-OPENSSL_cpuid_setup 4675 EXIST::FUNCTION:
-OPENSSL_showfatal 4676 EXIST::FUNCTION:
-BIO_new_dgram_sctp 4677 EXIST::FUNCTION:SCTP
-BIO_dgram_sctp_msg_waiting 4678 EXIST::FUNCTION:SCTP
-BIO_dgram_sctp_wait_for_dry 4679 EXIST::FUNCTION:SCTP
-BIO_s_datagram_sctp 4680 EXIST::FUNCTION:DGRAM,SCTP
-BIO_dgram_is_sctp 4681 EXIST::FUNCTION:SCTP
-BIO_dgram_sctp_notification_cb 4682 EXIST::FUNCTION:SCTP
Copied: vendor-crypto/openssl/1.0.1u/util/libeay.num (from rev 11605, vendor-crypto/openssl/dist/util/libeay.num)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/libeay.num (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/libeay.num 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,4318 @@
+SSLeay 1 EXIST::FUNCTION:
+SSLeay_version 2 EXIST::FUNCTION:
+ASN1_BIT_STRING_asn1_meth 3 NOEXIST::FUNCTION:
+ASN1_HEADER_free 4 NOEXIST::FUNCTION:
+ASN1_HEADER_new 5 NOEXIST::FUNCTION:
+ASN1_IA5STRING_asn1_meth 6 NOEXIST::FUNCTION:
+ASN1_INTEGER_get 7 EXIST::FUNCTION:
+ASN1_INTEGER_set 8 EXIST::FUNCTION:
+ASN1_INTEGER_to_BN 9 EXIST::FUNCTION:
+ASN1_OBJECT_create 10 EXIST::FUNCTION:
+ASN1_OBJECT_free 11 EXIST::FUNCTION:
+ASN1_OBJECT_new 12 EXIST::FUNCTION:
+ASN1_PRINTABLE_type 13 EXIST::FUNCTION:
+ASN1_STRING_cmp 14 EXIST::FUNCTION:
+ASN1_STRING_dup 15 EXIST::FUNCTION:
+ASN1_STRING_free 16 EXIST::FUNCTION:
+ASN1_STRING_new 17 EXIST::FUNCTION:
+ASN1_STRING_print 18 EXIST::FUNCTION:BIO
+ASN1_STRING_set 19 EXIST::FUNCTION:
+ASN1_STRING_type_new 20 EXIST::FUNCTION:
+ASN1_TYPE_free 21 EXIST::FUNCTION:
+ASN1_TYPE_new 22 EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_to_string 23 EXIST::FUNCTION:
+ASN1_UTCTIME_check 24 EXIST::FUNCTION:
+ASN1_UTCTIME_print 25 EXIST::FUNCTION:BIO
+ASN1_UTCTIME_set 26 EXIST::FUNCTION:
+ASN1_check_infinite_end 27 EXIST::FUNCTION:
+ASN1_d2i_bio 28 EXIST::FUNCTION:BIO
+ASN1_d2i_fp 29 EXIST::FUNCTION:FP_API
+ASN1_digest 30 EXIST::FUNCTION:EVP
+ASN1_dup 31 EXIST::FUNCTION:
+ASN1_get_object 32 EXIST::FUNCTION:
+ASN1_i2d_bio 33 EXIST::FUNCTION:BIO
+ASN1_i2d_fp 34 EXIST::FUNCTION:FP_API
+ASN1_object_size 35 EXIST::FUNCTION:
+ASN1_parse 36 EXIST::FUNCTION:BIO
+ASN1_put_object 37 EXIST::FUNCTION:
+ASN1_sign 38 EXIST::FUNCTION:EVP
+ASN1_verify 39 EXIST::FUNCTION:EVP
+BF_cbc_encrypt 40 EXIST::FUNCTION:BF
+BF_cfb64_encrypt 41 EXIST::FUNCTION:BF
+BF_ecb_encrypt 42 EXIST::FUNCTION:BF
+BF_encrypt 43 EXIST::FUNCTION:BF
+BF_ofb64_encrypt 44 EXIST::FUNCTION:BF
+BF_options 45 EXIST::FUNCTION:BF
+BF_set_key 46 EXIST::FUNCTION:BF
+BIO_CONNECT_free 47 NOEXIST::FUNCTION:
+BIO_CONNECT_new 48 NOEXIST::FUNCTION:
+BIO_accept 51 EXIST::FUNCTION:
+BIO_ctrl 52 EXIST::FUNCTION:
+BIO_int_ctrl 53 EXIST::FUNCTION:
+BIO_debug_callback 54 EXIST::FUNCTION:
+BIO_dump 55 EXIST::FUNCTION:
+BIO_dup_chain 56 EXIST::FUNCTION:
+BIO_f_base64 57 EXIST::FUNCTION:BIO
+BIO_f_buffer 58 EXIST::FUNCTION:
+BIO_f_cipher 59 EXIST::FUNCTION:BIO
+BIO_f_md 60 EXIST::FUNCTION:BIO
+BIO_f_null 61 EXIST::FUNCTION:
+BIO_f_proxy_server 62 NOEXIST::FUNCTION:
+BIO_fd_non_fatal_error 63 EXIST::FUNCTION:
+BIO_fd_should_retry 64 EXIST::FUNCTION:
+BIO_find_type 65 EXIST::FUNCTION:
+BIO_free 66 EXIST::FUNCTION:
+BIO_free_all 67 EXIST::FUNCTION:
+BIO_get_accept_socket 69 EXIST::FUNCTION:
+BIO_get_filter_bio 70 NOEXIST::FUNCTION:
+BIO_get_host_ip 71 EXIST::FUNCTION:
+BIO_get_port 72 EXIST::FUNCTION:
+BIO_get_retry_BIO 73 EXIST::FUNCTION:
+BIO_get_retry_reason 74 EXIST::FUNCTION:
+BIO_gethostbyname 75 EXIST::FUNCTION:
+BIO_gets 76 EXIST::FUNCTION:
+BIO_new 78 EXIST::FUNCTION:
+BIO_new_accept 79 EXIST::FUNCTION:
+BIO_new_connect 80 EXIST::FUNCTION:
+BIO_new_fd 81 EXIST::FUNCTION:
+BIO_new_file 82 EXIST::FUNCTION:FP_API
+BIO_new_fp 83 EXIST::FUNCTION:FP_API
+BIO_new_socket 84 EXIST::FUNCTION:
+BIO_pop 85 EXIST::FUNCTION:
+BIO_printf 86 EXIST::FUNCTION:
+BIO_push 87 EXIST::FUNCTION:
+BIO_puts 88 EXIST::FUNCTION:
+BIO_read 89 EXIST::FUNCTION:
+BIO_s_accept 90 EXIST::FUNCTION:
+BIO_s_connect 91 EXIST::FUNCTION:
+BIO_s_fd 92 EXIST::FUNCTION:
+BIO_s_file 93 EXIST::FUNCTION:FP_API
+BIO_s_mem 95 EXIST::FUNCTION:
+BIO_s_null 96 EXIST::FUNCTION:
+BIO_s_proxy_client 97 NOEXIST::FUNCTION:
+BIO_s_socket 98 EXIST::FUNCTION:
+BIO_set 100 EXIST::FUNCTION:
+BIO_set_cipher 101 EXIST::FUNCTION:BIO
+BIO_set_tcp_ndelay 102 EXIST::FUNCTION:
+BIO_sock_cleanup 103 EXIST::FUNCTION:
+BIO_sock_error 104 EXIST::FUNCTION:
+BIO_sock_init 105 EXIST::FUNCTION:
+BIO_sock_non_fatal_error 106 EXIST::FUNCTION:
+BIO_sock_should_retry 107 EXIST::FUNCTION:
+BIO_socket_ioctl 108 EXIST::FUNCTION:
+BIO_write 109 EXIST::FUNCTION:
+BN_CTX_free 110 EXIST::FUNCTION:
+BN_CTX_new 111 EXIST::FUNCTION:
+BN_MONT_CTX_free 112 EXIST::FUNCTION:
+BN_MONT_CTX_new 113 EXIST::FUNCTION:
+BN_MONT_CTX_set 114 EXIST::FUNCTION:
+BN_add 115 EXIST::FUNCTION:
+BN_add_word 116 EXIST::FUNCTION:
+BN_hex2bn 117 EXIST::FUNCTION:
+BN_bin2bn 118 EXIST::FUNCTION:
+BN_bn2hex 119 EXIST::FUNCTION:
+BN_bn2bin 120 EXIST::FUNCTION:
+BN_clear 121 EXIST::FUNCTION:
+BN_clear_bit 122 EXIST::FUNCTION:
+BN_clear_free 123 EXIST::FUNCTION:
+BN_cmp 124 EXIST::FUNCTION:
+BN_copy 125 EXIST::FUNCTION:
+BN_div 126 EXIST::FUNCTION:
+BN_div_word 127 EXIST::FUNCTION:
+BN_dup 128 EXIST::FUNCTION:
+BN_free 129 EXIST::FUNCTION:
+BN_from_montgomery 130 EXIST::FUNCTION:
+BN_gcd 131 EXIST::FUNCTION:
+BN_generate_prime 132 EXIST::FUNCTION:DEPRECATED
+BN_get_word 133 EXIST::FUNCTION:
+BN_is_bit_set 134 EXIST::FUNCTION:
+BN_is_prime 135 EXIST::FUNCTION:DEPRECATED
+BN_lshift 136 EXIST::FUNCTION:
+BN_lshift1 137 EXIST::FUNCTION:
+BN_mask_bits 138 EXIST::FUNCTION:
+BN_mod 139 NOEXIST::FUNCTION:
+BN_mod_exp 140 EXIST::FUNCTION:
+BN_mod_exp_mont 141 EXIST::FUNCTION:
+BN_mod_exp_simple 143 EXIST::FUNCTION:
+BN_mod_inverse 144 EXIST::FUNCTION:
+BN_mod_mul 145 EXIST::FUNCTION:
+BN_mod_mul_montgomery 146 EXIST::FUNCTION:
+BN_mod_word 148 EXIST::FUNCTION:
+BN_mul 149 EXIST::FUNCTION:
+BN_new 150 EXIST::FUNCTION:
+BN_num_bits 151 EXIST::FUNCTION:
+BN_num_bits_word 152 EXIST::FUNCTION:
+BN_options 153 EXIST::FUNCTION:
+BN_print 154 EXIST::FUNCTION:
+BN_print_fp 155 EXIST::FUNCTION:FP_API
+BN_rand 156 EXIST::FUNCTION:
+BN_reciprocal 157 EXIST::FUNCTION:
+BN_rshift 158 EXIST::FUNCTION:
+BN_rshift1 159 EXIST::FUNCTION:
+BN_set_bit 160 EXIST::FUNCTION:
+BN_set_word 161 EXIST::FUNCTION:
+BN_sqr 162 EXIST::FUNCTION:
+BN_sub 163 EXIST::FUNCTION:
+BN_to_ASN1_INTEGER 164 EXIST::FUNCTION:
+BN_ucmp 165 EXIST::FUNCTION:
+BN_value_one 166 EXIST::FUNCTION:
+BUF_MEM_free 167 EXIST::FUNCTION:
+BUF_MEM_grow 168 EXIST::FUNCTION:
+BUF_MEM_new 169 EXIST::FUNCTION:
+BUF_strdup 170 EXIST::FUNCTION:
+CONF_free 171 EXIST::FUNCTION:
+CONF_get_number 172 EXIST::FUNCTION:
+CONF_get_section 173 EXIST::FUNCTION:
+CONF_get_string 174 EXIST::FUNCTION:
+CONF_load 175 EXIST::FUNCTION:
+CRYPTO_add_lock 176 EXIST::FUNCTION:
+CRYPTO_dbg_free 177 EXIST::FUNCTION:
+CRYPTO_dbg_malloc 178 EXIST::FUNCTION:
+CRYPTO_dbg_realloc 179 EXIST::FUNCTION:
+CRYPTO_dbg_remalloc 180 NOEXIST::FUNCTION:
+CRYPTO_free 181 EXIST::FUNCTION:
+CRYPTO_get_add_lock_callback 182 EXIST::FUNCTION:
+CRYPTO_get_id_callback 183 EXIST::FUNCTION:DEPRECATED
+CRYPTO_get_lock_name 184 EXIST::FUNCTION:
+CRYPTO_get_locking_callback 185 EXIST::FUNCTION:
+CRYPTO_get_mem_functions 186 EXIST::FUNCTION:
+CRYPTO_lock 187 EXIST::FUNCTION:
+CRYPTO_malloc 188 EXIST::FUNCTION:
+CRYPTO_mem_ctrl 189 EXIST::FUNCTION:
+CRYPTO_mem_leaks 190 EXIST::FUNCTION:
+CRYPTO_mem_leaks_cb 191 EXIST::FUNCTION:
+CRYPTO_mem_leaks_fp 192 EXIST::FUNCTION:FP_API
+CRYPTO_realloc 193 EXIST::FUNCTION:
+CRYPTO_remalloc 194 EXIST::FUNCTION:
+CRYPTO_set_add_lock_callback 195 EXIST::FUNCTION:
+CRYPTO_set_id_callback 196 EXIST::FUNCTION:DEPRECATED
+CRYPTO_set_locking_callback 197 EXIST::FUNCTION:
+CRYPTO_set_mem_functions 198 EXIST::FUNCTION:
+CRYPTO_thread_id 199 EXIST::FUNCTION:DEPRECATED
+DH_check 200 EXIST::FUNCTION:DH
+DH_compute_key 201 EXIST::FUNCTION:DH
+DH_free 202 EXIST::FUNCTION:DH
+DH_generate_key 203 EXIST::FUNCTION:DH
+DH_generate_parameters 204 EXIST::FUNCTION:DEPRECATED,DH
+DH_new 205 EXIST::FUNCTION:DH
+DH_size 206 EXIST::FUNCTION:DH
+DHparams_print 207 EXIST::FUNCTION:BIO,DH
+DHparams_print_fp 208 EXIST::FUNCTION:DH,FP_API
+DSA_free 209 EXIST::FUNCTION:DSA
+DSA_generate_key 210 EXIST::FUNCTION:DSA
+DSA_generate_parameters 211 EXIST::FUNCTION:DEPRECATED,DSA
+DSA_is_prime 212 NOEXIST::FUNCTION:
+DSA_new 213 EXIST::FUNCTION:DSA
+DSA_print 214 EXIST::FUNCTION:BIO,DSA
+DSA_print_fp 215 EXIST::FUNCTION:DSA,FP_API
+DSA_sign 216 EXIST::FUNCTION:DSA
+DSA_sign_setup 217 EXIST::FUNCTION:DSA
+DSA_size 218 EXIST::FUNCTION:DSA
+DSA_verify 219 EXIST::FUNCTION:DSA
+DSAparams_print 220 EXIST::FUNCTION:BIO,DSA
+DSAparams_print_fp 221 EXIST::FUNCTION:DSA,FP_API
+ERR_clear_error 222 EXIST::FUNCTION:
+ERR_error_string 223 EXIST::FUNCTION:
+ERR_free_strings 224 EXIST::FUNCTION:
+ERR_func_error_string 225 EXIST::FUNCTION:
+ERR_get_err_state_table 226 EXIST::FUNCTION:LHASH
+ERR_get_error 227 EXIST::FUNCTION:
+ERR_get_error_line 228 EXIST::FUNCTION:
+ERR_get_state 229 EXIST::FUNCTION:
+ERR_get_string_table 230 EXIST::FUNCTION:LHASH
+ERR_lib_error_string 231 EXIST::FUNCTION:
+ERR_load_ASN1_strings 232 EXIST::FUNCTION:
+ERR_load_BIO_strings 233 EXIST::FUNCTION:
+ERR_load_BN_strings 234 EXIST::FUNCTION:
+ERR_load_BUF_strings 235 EXIST::FUNCTION:
+ERR_load_CONF_strings 236 EXIST::FUNCTION:
+ERR_load_DH_strings 237 EXIST::FUNCTION:DH
+ERR_load_DSA_strings 238 EXIST::FUNCTION:DSA
+ERR_load_ERR_strings 239 EXIST::FUNCTION:
+ERR_load_EVP_strings 240 EXIST::FUNCTION:
+ERR_load_OBJ_strings 241 EXIST::FUNCTION:
+ERR_load_PEM_strings 242 EXIST::FUNCTION:
+ERR_load_PROXY_strings 243 NOEXIST::FUNCTION:
+ERR_load_RSA_strings 244 EXIST::FUNCTION:RSA
+ERR_load_X509_strings 245 EXIST::FUNCTION:
+ERR_load_crypto_strings 246 EXIST::FUNCTION:
+ERR_load_strings 247 EXIST::FUNCTION:
+ERR_peek_error 248 EXIST::FUNCTION:
+ERR_peek_error_line 249 EXIST::FUNCTION:
+ERR_print_errors 250 EXIST::FUNCTION:BIO
+ERR_print_errors_fp 251 EXIST::FUNCTION:FP_API
+ERR_put_error 252 EXIST::FUNCTION:
+ERR_reason_error_string 253 EXIST::FUNCTION:
+ERR_remove_state 254 EXIST::FUNCTION:DEPRECATED
+EVP_BytesToKey 255 EXIST::FUNCTION:
+EVP_CIPHER_CTX_cleanup 256 EXIST::FUNCTION:
+EVP_CipherFinal 257 EXIST::FUNCTION:
+EVP_CipherInit 258 EXIST::FUNCTION:
+EVP_CipherUpdate 259 EXIST::FUNCTION:
+EVP_DecodeBlock 260 EXIST::FUNCTION:
+EVP_DecodeFinal 261 EXIST::FUNCTION:
+EVP_DecodeInit 262 EXIST::FUNCTION:
+EVP_DecodeUpdate 263 EXIST::FUNCTION:
+EVP_DecryptFinal 264 EXIST::FUNCTION:
+EVP_DecryptInit 265 EXIST::FUNCTION:
+EVP_DecryptUpdate 266 EXIST::FUNCTION:
+EVP_DigestFinal 267 EXIST::FUNCTION:
+EVP_DigestInit 268 EXIST::FUNCTION:
+EVP_DigestUpdate 269 EXIST::FUNCTION:
+EVP_EncodeBlock 270 EXIST::FUNCTION:
+EVP_EncodeFinal 271 EXIST::FUNCTION:
+EVP_EncodeInit 272 EXIST::FUNCTION:
+EVP_EncodeUpdate 273 EXIST::FUNCTION:
+EVP_EncryptFinal 274 EXIST::FUNCTION:
+EVP_EncryptInit 275 EXIST::FUNCTION:
+EVP_EncryptUpdate 276 EXIST::FUNCTION:
+EVP_OpenFinal 277 EXIST::FUNCTION:RSA
+EVP_OpenInit 278 EXIST::FUNCTION:RSA
+EVP_PKEY_assign 279 EXIST::FUNCTION:
+EVP_PKEY_copy_parameters 280 EXIST::FUNCTION:
+EVP_PKEY_free 281 EXIST::FUNCTION:
+EVP_PKEY_missing_parameters 282 EXIST::FUNCTION:
+EVP_PKEY_new 283 EXIST::FUNCTION:
+EVP_PKEY_save_parameters 284 EXIST::FUNCTION:
+EVP_PKEY_size 285 EXIST::FUNCTION:
+EVP_PKEY_type 286 EXIST::FUNCTION:
+EVP_SealFinal 287 EXIST::FUNCTION:RSA
+EVP_SealInit 288 EXIST::FUNCTION:RSA
+EVP_SignFinal 289 EXIST::FUNCTION:
+EVP_VerifyFinal 290 EXIST::FUNCTION:
+EVP_add_alias 291 NOEXIST::FUNCTION:
+EVP_add_cipher 292 EXIST::FUNCTION:
+EVP_add_digest 293 EXIST::FUNCTION:
+EVP_bf_cbc 294 EXIST::FUNCTION:BF
+EVP_bf_cfb64 295 EXIST::FUNCTION:BF
+EVP_bf_ecb 296 EXIST::FUNCTION:BF
+EVP_bf_ofb 297 EXIST::FUNCTION:BF
+EVP_cleanup 298 EXIST::FUNCTION:
+EVP_des_cbc 299 EXIST::FUNCTION:DES
+EVP_des_cfb64 300 EXIST::FUNCTION:DES
+EVP_des_ecb 301 EXIST::FUNCTION:DES
+EVP_des_ede 302 EXIST::FUNCTION:DES
+EVP_des_ede3 303 EXIST::FUNCTION:DES
+EVP_des_ede3_cbc 304 EXIST::FUNCTION:DES
+EVP_des_ede3_cfb64 305 EXIST::FUNCTION:DES
+EVP_des_ede3_ofb 306 EXIST::FUNCTION:DES
+EVP_des_ede_cbc 307 EXIST::FUNCTION:DES
+EVP_des_ede_cfb64 308 EXIST::FUNCTION:DES
+EVP_des_ede_ofb 309 EXIST::FUNCTION:DES
+EVP_des_ofb 310 EXIST::FUNCTION:DES
+EVP_desx_cbc 311 EXIST::FUNCTION:DES
+EVP_dss 312 EXIST::FUNCTION:DSA,SHA
+EVP_dss1 313 EXIST::FUNCTION:DSA,SHA
+EVP_enc_null 314 EXIST::FUNCTION:
+EVP_get_cipherbyname 315 EXIST::FUNCTION:
+EVP_get_digestbyname 316 EXIST::FUNCTION:
+EVP_get_pw_prompt 317 EXIST::FUNCTION:
+EVP_idea_cbc 318 EXIST::FUNCTION:IDEA
+EVP_idea_cfb64 319 EXIST::FUNCTION:IDEA
+EVP_idea_ecb 320 EXIST::FUNCTION:IDEA
+EVP_idea_ofb 321 EXIST::FUNCTION:IDEA
+EVP_md2 322 EXIST::FUNCTION:MD2
+EVP_md5 323 EXIST::FUNCTION:MD5
+EVP_md_null 324 EXIST::FUNCTION:
+EVP_rc2_cbc 325 EXIST::FUNCTION:RC2
+EVP_rc2_cfb64 326 EXIST::FUNCTION:RC2
+EVP_rc2_ecb 327 EXIST::FUNCTION:RC2
+EVP_rc2_ofb 328 EXIST::FUNCTION:RC2
+EVP_rc4 329 EXIST::FUNCTION:RC4
+EVP_read_pw_string 330 EXIST::FUNCTION:
+EVP_set_pw_prompt 331 EXIST::FUNCTION:
+EVP_sha 332 EXIST::FUNCTION:SHA
+EVP_sha1 333 EXIST::FUNCTION:SHA
+MD2 334 EXIST::FUNCTION:MD2
+MD2_Final 335 EXIST::FUNCTION:MD2
+MD2_Init 336 EXIST::FUNCTION:MD2
+MD2_Update 337 EXIST::FUNCTION:MD2
+MD2_options 338 EXIST::FUNCTION:MD2
+MD5 339 EXIST::FUNCTION:MD5
+MD5_Final 340 EXIST::FUNCTION:MD5
+MD5_Init 341 EXIST::FUNCTION:MD5
+MD5_Update 342 EXIST::FUNCTION:MD5
+MDC2 343 EXIST::FUNCTION:MDC2
+MDC2_Final 344 EXIST::FUNCTION:MDC2
+MDC2_Init 345 EXIST::FUNCTION:MDC2
+MDC2_Update 346 EXIST::FUNCTION:MDC2
+NETSCAPE_SPKAC_free 347 EXIST::FUNCTION:
+NETSCAPE_SPKAC_new 348 EXIST::FUNCTION:
+NETSCAPE_SPKI_free 349 EXIST::FUNCTION:
+NETSCAPE_SPKI_new 350 EXIST::FUNCTION:
+NETSCAPE_SPKI_sign 351 EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_verify 352 EXIST::FUNCTION:EVP
+OBJ_add_object 353 EXIST::FUNCTION:
+OBJ_bsearch 354 NOEXIST::FUNCTION:
+OBJ_cleanup 355 EXIST::FUNCTION:
+OBJ_cmp 356 EXIST::FUNCTION:
+OBJ_create 357 EXIST::FUNCTION:
+OBJ_dup 358 EXIST::FUNCTION:
+OBJ_ln2nid 359 EXIST::FUNCTION:
+OBJ_new_nid 360 EXIST::FUNCTION:
+OBJ_nid2ln 361 EXIST::FUNCTION:
+OBJ_nid2obj 362 EXIST::FUNCTION:
+OBJ_nid2sn 363 EXIST::FUNCTION:
+OBJ_obj2nid 364 EXIST::FUNCTION:
+OBJ_sn2nid 365 EXIST::FUNCTION:
+OBJ_txt2nid 366 EXIST::FUNCTION:
+PEM_ASN1_read 367 EXIST::FUNCTION:
+PEM_ASN1_read_bio 368 EXIST::FUNCTION:BIO
+PEM_ASN1_write 369 EXIST::FUNCTION:
+PEM_ASN1_write_bio 370 EXIST::FUNCTION:BIO
+PEM_SealFinal 371 EXIST::FUNCTION:RSA
+PEM_SealInit 372 EXIST::FUNCTION:RSA
+PEM_SealUpdate 373 EXIST::FUNCTION:RSA
+PEM_SignFinal 374 EXIST::FUNCTION:
+PEM_SignInit 375 EXIST::FUNCTION:
+PEM_SignUpdate 376 EXIST::FUNCTION:
+PEM_X509_INFO_read 377 EXIST::FUNCTION:
+PEM_X509_INFO_read_bio 378 EXIST::FUNCTION:BIO
+PEM_X509_INFO_write_bio 379 EXIST::FUNCTION:BIO
+PEM_dek_info 380 EXIST::FUNCTION:
+PEM_do_header 381 EXIST::FUNCTION:
+PEM_get_EVP_CIPHER_INFO 382 EXIST::FUNCTION:
+PEM_proc_type 383 EXIST::FUNCTION:
+PEM_read 384 EXIST::FUNCTION:
+PEM_read_DHparams 385 EXIST:!WIN16:FUNCTION:DH
+PEM_read_DSAPrivateKey 386 EXIST:!WIN16:FUNCTION:DSA
+PEM_read_DSAparams 387 EXIST:!WIN16:FUNCTION:DSA
+PEM_read_PKCS7 388 EXIST:!WIN16:FUNCTION:
+PEM_read_PrivateKey 389 EXIST:!WIN16:FUNCTION:
+PEM_read_RSAPrivateKey 390 EXIST:!WIN16:FUNCTION:RSA
+PEM_read_X509 391 EXIST:!WIN16:FUNCTION:
+PEM_read_X509_CRL 392 EXIST:!WIN16:FUNCTION:
+PEM_read_X509_REQ 393 EXIST:!WIN16:FUNCTION:
+PEM_read_bio 394 EXIST::FUNCTION:BIO
+PEM_read_bio_DHparams 395 EXIST::FUNCTION:DH
+PEM_read_bio_DSAPrivateKey 396 EXIST::FUNCTION:DSA
+PEM_read_bio_DSAparams 397 EXIST::FUNCTION:DSA
+PEM_read_bio_PKCS7 398 EXIST::FUNCTION:
+PEM_read_bio_PrivateKey 399 EXIST::FUNCTION:
+PEM_read_bio_RSAPrivateKey 400 EXIST::FUNCTION:RSA
+PEM_read_bio_X509 401 EXIST::FUNCTION:
+PEM_read_bio_X509_CRL 402 EXIST::FUNCTION:
+PEM_read_bio_X509_REQ 403 EXIST::FUNCTION:
+PEM_write 404 EXIST::FUNCTION:
+PEM_write_DHparams 405 EXIST:!WIN16:FUNCTION:DH
+PEM_write_DSAPrivateKey 406 EXIST:!WIN16:FUNCTION:DSA
+PEM_write_DSAparams 407 EXIST:!WIN16:FUNCTION:DSA
+PEM_write_PKCS7 408 EXIST:!WIN16:FUNCTION:
+PEM_write_PrivateKey 409 EXIST:!WIN16:FUNCTION:
+PEM_write_RSAPrivateKey 410 EXIST:!WIN16:FUNCTION:RSA
+PEM_write_X509 411 EXIST:!WIN16:FUNCTION:
+PEM_write_X509_CRL 412 EXIST:!WIN16:FUNCTION:
+PEM_write_X509_REQ 413 EXIST:!WIN16:FUNCTION:
+PEM_write_bio 414 EXIST::FUNCTION:BIO
+PEM_write_bio_DHparams 415 EXIST::FUNCTION:DH
+PEM_write_bio_DSAPrivateKey 416 EXIST::FUNCTION:DSA
+PEM_write_bio_DSAparams 417 EXIST::FUNCTION:DSA
+PEM_write_bio_PKCS7 418 EXIST::FUNCTION:
+PEM_write_bio_PrivateKey 419 EXIST::FUNCTION:
+PEM_write_bio_RSAPrivateKey 420 EXIST::FUNCTION:RSA
+PEM_write_bio_X509 421 EXIST::FUNCTION:
+PEM_write_bio_X509_CRL 422 EXIST::FUNCTION:
+PEM_write_bio_X509_REQ 423 EXIST::FUNCTION:
+PKCS7_DIGEST_free 424 EXIST::FUNCTION:
+PKCS7_DIGEST_new 425 EXIST::FUNCTION:
+PKCS7_ENCRYPT_free 426 EXIST::FUNCTION:
+PKCS7_ENCRYPT_new 427 EXIST::FUNCTION:
+PKCS7_ENC_CONTENT_free 428 EXIST::FUNCTION:
+PKCS7_ENC_CONTENT_new 429 EXIST::FUNCTION:
+PKCS7_ENVELOPE_free 430 EXIST::FUNCTION:
+PKCS7_ENVELOPE_new 431 EXIST::FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_digest 432 EXIST::FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_free 433 EXIST::FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_new 434 EXIST::FUNCTION:
+PKCS7_RECIP_INFO_free 435 EXIST::FUNCTION:
+PKCS7_RECIP_INFO_new 436 EXIST::FUNCTION:
+PKCS7_SIGNED_free 437 EXIST::FUNCTION:
+PKCS7_SIGNED_new 438 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_free 439 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_new 440 EXIST::FUNCTION:
+PKCS7_SIGN_ENVELOPE_free 441 EXIST::FUNCTION:
+PKCS7_SIGN_ENVELOPE_new 442 EXIST::FUNCTION:
+PKCS7_dup 443 EXIST::FUNCTION:
+PKCS7_free 444 EXIST::FUNCTION:
+PKCS7_new 445 EXIST::FUNCTION:
+PROXY_ENTRY_add_noproxy 446 NOEXIST::FUNCTION:
+PROXY_ENTRY_clear_noproxy 447 NOEXIST::FUNCTION:
+PROXY_ENTRY_free 448 NOEXIST::FUNCTION:
+PROXY_ENTRY_get_noproxy 449 NOEXIST::FUNCTION:
+PROXY_ENTRY_new 450 NOEXIST::FUNCTION:
+PROXY_ENTRY_set_server 451 NOEXIST::FUNCTION:
+PROXY_add_noproxy 452 NOEXIST::FUNCTION:
+PROXY_add_server 453 NOEXIST::FUNCTION:
+PROXY_check_by_host 454 NOEXIST::FUNCTION:
+PROXY_check_url 455 NOEXIST::FUNCTION:
+PROXY_clear_noproxy 456 NOEXIST::FUNCTION:
+PROXY_free 457 NOEXIST::FUNCTION:
+PROXY_get_noproxy 458 NOEXIST::FUNCTION:
+PROXY_get_proxies 459 NOEXIST::FUNCTION:
+PROXY_get_proxy_entry 460 NOEXIST::FUNCTION:
+PROXY_load_conf 461 NOEXIST::FUNCTION:
+PROXY_new 462 NOEXIST::FUNCTION:
+PROXY_print 463 NOEXIST::FUNCTION:
+RAND_bytes 464 EXIST::FUNCTION:
+RAND_cleanup 465 EXIST::FUNCTION:
+RAND_file_name 466 EXIST::FUNCTION:
+RAND_load_file 467 EXIST::FUNCTION:
+RAND_screen 468 EXIST:WIN32:FUNCTION:
+RAND_seed 469 EXIST::FUNCTION:
+RAND_write_file 470 EXIST::FUNCTION:
+RC2_cbc_encrypt 471 EXIST::FUNCTION:RC2
+RC2_cfb64_encrypt 472 EXIST::FUNCTION:RC2
+RC2_ecb_encrypt 473 EXIST::FUNCTION:RC2
+RC2_encrypt 474 EXIST::FUNCTION:RC2
+RC2_ofb64_encrypt 475 EXIST::FUNCTION:RC2
+RC2_set_key 476 EXIST::FUNCTION:RC2
+RC4 477 EXIST::FUNCTION:RC4
+RC4_options 478 EXIST::FUNCTION:RC4
+RC4_set_key 479 EXIST::FUNCTION:RC4
+RSAPrivateKey_asn1_meth 480 NOEXIST::FUNCTION:
+RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA
+RSAPublicKey_dup 482 EXIST::FUNCTION:RSA
+RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA
+RSA_free 484 EXIST::FUNCTION:RSA
+RSA_generate_key 485 EXIST::FUNCTION:DEPRECATED,RSA
+RSA_new 486 EXIST::FUNCTION:RSA
+RSA_new_method 487 EXIST::FUNCTION:RSA
+RSA_print 488 EXIST::FUNCTION:BIO,RSA
+RSA_print_fp 489 EXIST::FUNCTION:FP_API,RSA
+RSA_private_decrypt 490 EXIST::FUNCTION:RSA
+RSA_private_encrypt 491 EXIST::FUNCTION:RSA
+RSA_public_decrypt 492 EXIST::FUNCTION:RSA
+RSA_public_encrypt 493 EXIST::FUNCTION:RSA
+RSA_set_default_method 494 EXIST::FUNCTION:RSA
+RSA_sign 495 EXIST::FUNCTION:RSA
+RSA_sign_ASN1_OCTET_STRING 496 EXIST::FUNCTION:RSA
+RSA_size 497 EXIST::FUNCTION:RSA
+RSA_verify 498 EXIST::FUNCTION:RSA
+RSA_verify_ASN1_OCTET_STRING 499 EXIST::FUNCTION:RSA
+SHA 500 EXIST::FUNCTION:SHA,SHA0
+SHA1 501 EXIST::FUNCTION:SHA,SHA1
+SHA1_Final 502 EXIST::FUNCTION:SHA,SHA1
+SHA1_Init 503 EXIST::FUNCTION:SHA,SHA1
+SHA1_Update 504 EXIST::FUNCTION:SHA,SHA1
+SHA_Final 505 EXIST::FUNCTION:SHA,SHA0
+SHA_Init 506 EXIST::FUNCTION:SHA,SHA0
+SHA_Update 507 EXIST::FUNCTION:SHA,SHA0
+OpenSSL_add_all_algorithms 508 NOEXIST::FUNCTION:
+OpenSSL_add_all_ciphers 509 EXIST::FUNCTION:
+OpenSSL_add_all_digests 510 EXIST::FUNCTION:
+TXT_DB_create_index 511 EXIST::FUNCTION:
+TXT_DB_free 512 EXIST::FUNCTION:
+TXT_DB_get_by_index 513 EXIST::FUNCTION:
+TXT_DB_insert 514 EXIST::FUNCTION:
+TXT_DB_read 515 EXIST::FUNCTION:BIO
+TXT_DB_write 516 EXIST::FUNCTION:BIO
+X509_ALGOR_free 517 EXIST::FUNCTION:
+X509_ALGOR_new 518 EXIST::FUNCTION:
+X509_ATTRIBUTE_free 519 EXIST::FUNCTION:
+X509_ATTRIBUTE_new 520 EXIST::FUNCTION:
+X509_CINF_free 521 EXIST::FUNCTION:
+X509_CINF_new 522 EXIST::FUNCTION:
+X509_CRL_INFO_free 523 EXIST::FUNCTION:
+X509_CRL_INFO_new 524 EXIST::FUNCTION:
+X509_CRL_add_ext 525 EXIST::FUNCTION:
+X509_CRL_cmp 526 EXIST::FUNCTION:
+X509_CRL_delete_ext 527 EXIST::FUNCTION:
+X509_CRL_dup 528 EXIST::FUNCTION:
+X509_CRL_free 529 EXIST::FUNCTION:
+X509_CRL_get_ext 530 EXIST::FUNCTION:
+X509_CRL_get_ext_by_NID 531 EXIST::FUNCTION:
+X509_CRL_get_ext_by_OBJ 532 EXIST::FUNCTION:
+X509_CRL_get_ext_by_critical 533 EXIST::FUNCTION:
+X509_CRL_get_ext_count 534 EXIST::FUNCTION:
+X509_CRL_new 535 EXIST::FUNCTION:
+X509_CRL_sign 536 EXIST::FUNCTION:EVP
+X509_CRL_verify 537 EXIST::FUNCTION:EVP
+X509_EXTENSION_create_by_NID 538 EXIST::FUNCTION:
+X509_EXTENSION_create_by_OBJ 539 EXIST::FUNCTION:
+X509_EXTENSION_dup 540 EXIST::FUNCTION:
+X509_EXTENSION_free 541 EXIST::FUNCTION:
+X509_EXTENSION_get_critical 542 EXIST::FUNCTION:
+X509_EXTENSION_get_data 543 EXIST::FUNCTION:
+X509_EXTENSION_get_object 544 EXIST::FUNCTION:
+X509_EXTENSION_new 545 EXIST::FUNCTION:
+X509_EXTENSION_set_critical 546 EXIST::FUNCTION:
+X509_EXTENSION_set_data 547 EXIST::FUNCTION:
+X509_EXTENSION_set_object 548 EXIST::FUNCTION:
+X509_INFO_free 549 EXIST::FUNCTION:EVP
+X509_INFO_new 550 EXIST::FUNCTION:EVP
+X509_LOOKUP_by_alias 551 EXIST::FUNCTION:
+X509_LOOKUP_by_fingerprint 552 EXIST::FUNCTION:
+X509_LOOKUP_by_issuer_serial 553 EXIST::FUNCTION:
+X509_LOOKUP_by_subject 554 EXIST::FUNCTION:
+X509_LOOKUP_ctrl 555 EXIST::FUNCTION:
+X509_LOOKUP_file 556 EXIST::FUNCTION:
+X509_LOOKUP_free 557 EXIST::FUNCTION:
+X509_LOOKUP_hash_dir 558 EXIST::FUNCTION:
+X509_LOOKUP_init 559 EXIST::FUNCTION:
+X509_LOOKUP_new 560 EXIST::FUNCTION:
+X509_LOOKUP_shutdown 561 EXIST::FUNCTION:
+X509_NAME_ENTRY_create_by_NID 562 EXIST::FUNCTION:
+X509_NAME_ENTRY_create_by_OBJ 563 EXIST::FUNCTION:
+X509_NAME_ENTRY_dup 564 EXIST::FUNCTION:
+X509_NAME_ENTRY_free 565 EXIST::FUNCTION:
+X509_NAME_ENTRY_get_data 566 EXIST::FUNCTION:
+X509_NAME_ENTRY_get_object 567 EXIST::FUNCTION:
+X509_NAME_ENTRY_new 568 EXIST::FUNCTION:
+X509_NAME_ENTRY_set_data 569 EXIST::FUNCTION:
+X509_NAME_ENTRY_set_object 570 EXIST::FUNCTION:
+X509_NAME_add_entry 571 EXIST::FUNCTION:
+X509_NAME_cmp 572 EXIST::FUNCTION:
+X509_NAME_delete_entry 573 EXIST::FUNCTION:
+X509_NAME_digest 574 EXIST::FUNCTION:EVP
+X509_NAME_dup 575 EXIST::FUNCTION:
+X509_NAME_entry_count 576 EXIST::FUNCTION:
+X509_NAME_free 577 EXIST::FUNCTION:
+X509_NAME_get_entry 578 EXIST::FUNCTION:
+X509_NAME_get_index_by_NID 579 EXIST::FUNCTION:
+X509_NAME_get_index_by_OBJ 580 EXIST::FUNCTION:
+X509_NAME_get_text_by_NID 581 EXIST::FUNCTION:
+X509_NAME_get_text_by_OBJ 582 EXIST::FUNCTION:
+X509_NAME_hash 583 EXIST::FUNCTION:
+X509_NAME_new 584 EXIST::FUNCTION:
+X509_NAME_oneline 585 EXIST::FUNCTION:EVP
+X509_NAME_print 586 EXIST::FUNCTION:BIO
+X509_NAME_set 587 EXIST::FUNCTION:
+X509_OBJECT_free_contents 588 EXIST::FUNCTION:
+X509_OBJECT_retrieve_by_subject 589 EXIST::FUNCTION:
+X509_OBJECT_up_ref_count 590 EXIST::FUNCTION:
+X509_PKEY_free 591 EXIST::FUNCTION:
+X509_PKEY_new 592 EXIST::FUNCTION:
+X509_PUBKEY_free 593 EXIST::FUNCTION:
+X509_PUBKEY_get 594 EXIST::FUNCTION:
+X509_PUBKEY_new 595 EXIST::FUNCTION:
+X509_PUBKEY_set 596 EXIST::FUNCTION:
+X509_REQ_INFO_free 597 EXIST::FUNCTION:
+X509_REQ_INFO_new 598 EXIST::FUNCTION:
+X509_REQ_dup 599 EXIST::FUNCTION:
+X509_REQ_free 600 EXIST::FUNCTION:
+X509_REQ_get_pubkey 601 EXIST::FUNCTION:
+X509_REQ_new 602 EXIST::FUNCTION:
+X509_REQ_print 603 EXIST::FUNCTION:BIO
+X509_REQ_print_fp 604 EXIST::FUNCTION:FP_API
+X509_REQ_set_pubkey 605 EXIST::FUNCTION:
+X509_REQ_set_subject_name 606 EXIST::FUNCTION:
+X509_REQ_set_version 607 EXIST::FUNCTION:
+X509_REQ_sign 608 EXIST::FUNCTION:EVP
+X509_REQ_to_X509 609 EXIST::FUNCTION:
+X509_REQ_verify 610 EXIST::FUNCTION:EVP
+X509_REVOKED_add_ext 611 EXIST::FUNCTION:
+X509_REVOKED_delete_ext 612 EXIST::FUNCTION:
+X509_REVOKED_free 613 EXIST::FUNCTION:
+X509_REVOKED_get_ext 614 EXIST::FUNCTION:
+X509_REVOKED_get_ext_by_NID 615 EXIST::FUNCTION:
+X509_REVOKED_get_ext_by_OBJ 616 EXIST::FUNCTION:
+X509_REVOKED_get_ext_by_critical 617 EXIST:!VMS:FUNCTION:
+X509_REVOKED_get_ext_by_critic 617 EXIST:VMS:FUNCTION:
+X509_REVOKED_get_ext_count 618 EXIST::FUNCTION:
+X509_REVOKED_new 619 EXIST::FUNCTION:
+X509_SIG_free 620 EXIST::FUNCTION:
+X509_SIG_new 621 EXIST::FUNCTION:
+X509_STORE_CTX_cleanup 622 EXIST::FUNCTION:
+X509_STORE_CTX_init 623 EXIST::FUNCTION:
+X509_STORE_add_cert 624 EXIST::FUNCTION:
+X509_STORE_add_lookup 625 EXIST::FUNCTION:
+X509_STORE_free 626 EXIST::FUNCTION:
+X509_STORE_get_by_subject 627 EXIST::FUNCTION:
+X509_STORE_load_locations 628 EXIST::FUNCTION:STDIO
+X509_STORE_new 629 EXIST::FUNCTION:
+X509_STORE_set_default_paths 630 EXIST::FUNCTION:STDIO
+X509_VAL_free 631 EXIST::FUNCTION:
+X509_VAL_new 632 EXIST::FUNCTION:
+X509_add_ext 633 EXIST::FUNCTION:
+X509_asn1_meth 634 NOEXIST::FUNCTION:
+X509_certificate_type 635 EXIST::FUNCTION:
+X509_check_private_key 636 EXIST::FUNCTION:
+X509_cmp_current_time 637 EXIST::FUNCTION:
+X509_delete_ext 638 EXIST::FUNCTION:
+X509_digest 639 EXIST::FUNCTION:EVP
+X509_dup 640 EXIST::FUNCTION:
+X509_free 641 EXIST::FUNCTION:
+X509_get_default_cert_area 642 EXIST::FUNCTION:
+X509_get_default_cert_dir 643 EXIST::FUNCTION:
+X509_get_default_cert_dir_env 644 EXIST::FUNCTION:
+X509_get_default_cert_file 645 EXIST::FUNCTION:
+X509_get_default_cert_file_env 646 EXIST::FUNCTION:
+X509_get_default_private_dir 647 EXIST::FUNCTION:
+X509_get_ext 648 EXIST::FUNCTION:
+X509_get_ext_by_NID 649 EXIST::FUNCTION:
+X509_get_ext_by_OBJ 650 EXIST::FUNCTION:
+X509_get_ext_by_critical 651 EXIST::FUNCTION:
+X509_get_ext_count 652 EXIST::FUNCTION:
+X509_get_issuer_name 653 EXIST::FUNCTION:
+X509_get_pubkey 654 EXIST::FUNCTION:
+X509_get_pubkey_parameters 655 EXIST::FUNCTION:
+X509_get_serialNumber 656 EXIST::FUNCTION:
+X509_get_subject_name 657 EXIST::FUNCTION:
+X509_gmtime_adj 658 EXIST::FUNCTION:
+X509_issuer_and_serial_cmp 659 EXIST::FUNCTION:
+X509_issuer_and_serial_hash 660 EXIST::FUNCTION:
+X509_issuer_name_cmp 661 EXIST::FUNCTION:
+X509_issuer_name_hash 662 EXIST::FUNCTION:
+X509_load_cert_file 663 EXIST::FUNCTION:STDIO
+X509_new 664 EXIST::FUNCTION:
+X509_print 665 EXIST::FUNCTION:BIO
+X509_print_fp 666 EXIST::FUNCTION:FP_API
+X509_set_issuer_name 667 EXIST::FUNCTION:
+X509_set_notAfter 668 EXIST::FUNCTION:
+X509_set_notBefore 669 EXIST::FUNCTION:
+X509_set_pubkey 670 EXIST::FUNCTION:
+X509_set_serialNumber 671 EXIST::FUNCTION:
+X509_set_subject_name 672 EXIST::FUNCTION:
+X509_set_version 673 EXIST::FUNCTION:
+X509_sign 674 EXIST::FUNCTION:EVP
+X509_subject_name_cmp 675 EXIST::FUNCTION:
+X509_subject_name_hash 676 EXIST::FUNCTION:
+X509_to_X509_REQ 677 EXIST::FUNCTION:
+X509_verify 678 EXIST::FUNCTION:EVP
+X509_verify_cert 679 EXIST::FUNCTION:
+X509_verify_cert_error_string 680 EXIST::FUNCTION:
+X509v3_add_ext 681 EXIST::FUNCTION:
+X509v3_add_extension 682 NOEXIST::FUNCTION:
+X509v3_add_netscape_extensions 683 NOEXIST::FUNCTION:
+X509v3_add_standard_extensions 684 NOEXIST::FUNCTION:
+X509v3_cleanup_extensions 685 NOEXIST::FUNCTION:
+X509v3_data_type_by_NID 686 NOEXIST::FUNCTION:
+X509v3_data_type_by_OBJ 687 NOEXIST::FUNCTION:
+X509v3_delete_ext 688 EXIST::FUNCTION:
+X509v3_get_ext 689 EXIST::FUNCTION:
+X509v3_get_ext_by_NID 690 EXIST::FUNCTION:
+X509v3_get_ext_by_OBJ 691 EXIST::FUNCTION:
+X509v3_get_ext_by_critical 692 EXIST::FUNCTION:
+X509v3_get_ext_count 693 EXIST::FUNCTION:
+X509v3_pack_string 694 NOEXIST::FUNCTION:
+X509v3_pack_type_by_NID 695 NOEXIST::FUNCTION:
+X509v3_pack_type_by_OBJ 696 NOEXIST::FUNCTION:
+X509v3_unpack_string 697 NOEXIST::FUNCTION:
+_des_crypt 698 NOEXIST::FUNCTION:
+a2d_ASN1_OBJECT 699 EXIST::FUNCTION:
+a2i_ASN1_INTEGER 700 EXIST::FUNCTION:BIO
+a2i_ASN1_STRING 701 EXIST::FUNCTION:BIO
+asn1_Finish 702 EXIST::FUNCTION:
+asn1_GetSequence 703 EXIST::FUNCTION:
+bn_div_words 704 EXIST::FUNCTION:
+bn_expand2 705 EXIST::FUNCTION:
+bn_mul_add_words 706 EXIST::FUNCTION:
+bn_mul_words 707 EXIST::FUNCTION:
+BN_uadd 708 EXIST::FUNCTION:
+BN_usub 709 EXIST::FUNCTION:
+bn_sqr_words 710 EXIST::FUNCTION:
+_ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES
+d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION:
+d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION:
+d2i_ASN1_HEADER 714 NOEXIST::FUNCTION:
+d2i_ASN1_IA5STRING 715 EXIST::FUNCTION:
+d2i_ASN1_INTEGER 716 EXIST::FUNCTION:
+d2i_ASN1_OBJECT 717 EXIST::FUNCTION:
+d2i_ASN1_OCTET_STRING 718 EXIST::FUNCTION:
+d2i_ASN1_PRINTABLE 719 EXIST::FUNCTION:
+d2i_ASN1_PRINTABLESTRING 720 EXIST::FUNCTION:
+d2i_ASN1_SET 721 EXIST::FUNCTION:
+d2i_ASN1_T61STRING 722 EXIST::FUNCTION:
+d2i_ASN1_TYPE 723 EXIST::FUNCTION:
+d2i_ASN1_UTCTIME 724 EXIST::FUNCTION:
+d2i_ASN1_bytes 725 EXIST::FUNCTION:
+d2i_ASN1_type_bytes 726 EXIST::FUNCTION:
+d2i_DHparams 727 EXIST::FUNCTION:DH
+d2i_DSAPrivateKey 728 EXIST::FUNCTION:DSA
+d2i_DSAPrivateKey_bio 729 EXIST::FUNCTION:BIO,DSA
+d2i_DSAPrivateKey_fp 730 EXIST::FUNCTION:DSA,FP_API
+d2i_DSAPublicKey 731 EXIST::FUNCTION:DSA
+d2i_DSAparams 732 EXIST::FUNCTION:DSA
+d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION:
+d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION:
+d2i_Netscape_RSA 735 EXIST::FUNCTION:RC4,RSA
+d2i_PKCS7 736 EXIST::FUNCTION:
+d2i_PKCS7_DIGEST 737 EXIST::FUNCTION:
+d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION:
+d2i_PKCS7_ENC_CONTENT 739 EXIST::FUNCTION:
+d2i_PKCS7_ENVELOPE 740 EXIST::FUNCTION:
+d2i_PKCS7_ISSUER_AND_SERIAL 741 EXIST::FUNCTION:
+d2i_PKCS7_RECIP_INFO 742 EXIST::FUNCTION:
+d2i_PKCS7_SIGNED 743 EXIST::FUNCTION:
+d2i_PKCS7_SIGNER_INFO 744 EXIST::FUNCTION:
+d2i_PKCS7_SIGN_ENVELOPE 745 EXIST::FUNCTION:
+d2i_PKCS7_bio 746 EXIST::FUNCTION:
+d2i_PKCS7_fp 747 EXIST::FUNCTION:FP_API
+d2i_PrivateKey 748 EXIST::FUNCTION:
+d2i_PublicKey 749 EXIST::FUNCTION:
+d2i_RSAPrivateKey 750 EXIST::FUNCTION:RSA
+d2i_RSAPrivateKey_bio 751 EXIST::FUNCTION:BIO,RSA
+d2i_RSAPrivateKey_fp 752 EXIST::FUNCTION:FP_API,RSA
+d2i_RSAPublicKey 753 EXIST::FUNCTION:RSA
+d2i_X509 754 EXIST::FUNCTION:
+d2i_X509_ALGOR 755 EXIST::FUNCTION:
+d2i_X509_ATTRIBUTE 756 EXIST::FUNCTION:
+d2i_X509_CINF 757 EXIST::FUNCTION:
+d2i_X509_CRL 758 EXIST::FUNCTION:
+d2i_X509_CRL_INFO 759 EXIST::FUNCTION:
+d2i_X509_CRL_bio 760 EXIST::FUNCTION:BIO
+d2i_X509_CRL_fp 761 EXIST::FUNCTION:FP_API
+d2i_X509_EXTENSION 762 EXIST::FUNCTION:
+d2i_X509_NAME 763 EXIST::FUNCTION:
+d2i_X509_NAME_ENTRY 764 EXIST::FUNCTION:
+d2i_X509_PKEY 765 EXIST::FUNCTION:
+d2i_X509_PUBKEY 766 EXIST::FUNCTION:
+d2i_X509_REQ 767 EXIST::FUNCTION:
+d2i_X509_REQ_INFO 768 EXIST::FUNCTION:
+d2i_X509_REQ_bio 769 EXIST::FUNCTION:BIO
+d2i_X509_REQ_fp 770 EXIST::FUNCTION:FP_API
+d2i_X509_REVOKED 771 EXIST::FUNCTION:
+d2i_X509_SIG 772 EXIST::FUNCTION:
+d2i_X509_VAL 773 EXIST::FUNCTION:
+d2i_X509_bio 774 EXIST::FUNCTION:BIO
+d2i_X509_fp 775 EXIST::FUNCTION:FP_API
+DES_cbc_cksum 777 EXIST::FUNCTION:DES
+DES_cbc_encrypt 778 EXIST::FUNCTION:DES
+DES_cblock_print_file 779 NOEXIST::FUNCTION:
+DES_cfb64_encrypt 780 EXIST::FUNCTION:DES
+DES_cfb_encrypt 781 EXIST::FUNCTION:DES
+DES_decrypt3 782 EXIST::FUNCTION:DES
+DES_ecb3_encrypt 783 EXIST::FUNCTION:DES
+DES_ecb_encrypt 784 EXIST::FUNCTION:DES
+DES_ede3_cbc_encrypt 785 EXIST::FUNCTION:DES
+DES_ede3_cfb64_encrypt 786 EXIST::FUNCTION:DES
+DES_ede3_ofb64_encrypt 787 EXIST::FUNCTION:DES
+DES_enc_read 788 EXIST::FUNCTION:DES
+DES_enc_write 789 EXIST::FUNCTION:DES
+DES_encrypt1 790 EXIST::FUNCTION:DES
+DES_encrypt2 791 EXIST::FUNCTION:DES
+DES_encrypt3 792 EXIST::FUNCTION:DES
+DES_fcrypt 793 EXIST::FUNCTION:DES
+DES_is_weak_key 794 EXIST::FUNCTION:DES
+DES_key_sched 795 EXIST::FUNCTION:DES
+DES_ncbc_encrypt 796 EXIST::FUNCTION:DES
+DES_ofb64_encrypt 797 EXIST::FUNCTION:DES
+DES_ofb_encrypt 798 EXIST::FUNCTION:DES
+DES_options 799 EXIST::FUNCTION:DES
+DES_pcbc_encrypt 800 EXIST::FUNCTION:DES
+DES_quad_cksum 801 EXIST::FUNCTION:DES
+DES_random_key 802 EXIST::FUNCTION:DES
+_ossl_old_des_random_seed 803 EXIST::FUNCTION:DES
+_ossl_old_des_read_2passwords 804 EXIST::FUNCTION:DES
+_ossl_old_des_read_password 805 EXIST::FUNCTION:DES
+_ossl_old_des_read_pw 806 EXIST::FUNCTION:
+_ossl_old_des_read_pw_string 807 EXIST::FUNCTION:
+DES_set_key 808 EXIST::FUNCTION:DES
+DES_set_odd_parity 809 EXIST::FUNCTION:DES
+DES_string_to_2keys 810 EXIST::FUNCTION:DES
+DES_string_to_key 811 EXIST::FUNCTION:DES
+DES_xcbc_encrypt 812 EXIST::FUNCTION:DES
+DES_xwhite_in2out 813 NOEXIST::FUNCTION:
+fcrypt_body 814 NOEXIST::FUNCTION:
+i2a_ASN1_INTEGER 815 EXIST::FUNCTION:BIO
+i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO
+i2a_ASN1_STRING 817 EXIST::FUNCTION:BIO
+i2d_ASN1_BIT_STRING 818 EXIST::FUNCTION:
+i2d_ASN1_BOOLEAN 819 EXIST::FUNCTION:
+i2d_ASN1_HEADER 820 NOEXIST::FUNCTION:
+i2d_ASN1_IA5STRING 821 EXIST::FUNCTION:
+i2d_ASN1_INTEGER 822 EXIST::FUNCTION:
+i2d_ASN1_OBJECT 823 EXIST::FUNCTION:
+i2d_ASN1_OCTET_STRING 824 EXIST::FUNCTION:
+i2d_ASN1_PRINTABLE 825 EXIST::FUNCTION:
+i2d_ASN1_SET 826 EXIST::FUNCTION:
+i2d_ASN1_TYPE 827 EXIST::FUNCTION:
+i2d_ASN1_UTCTIME 828 EXIST::FUNCTION:
+i2d_ASN1_bytes 829 EXIST::FUNCTION:
+i2d_DHparams 830 EXIST::FUNCTION:DH
+i2d_DSAPrivateKey 831 EXIST::FUNCTION:DSA
+i2d_DSAPrivateKey_bio 832 EXIST::FUNCTION:BIO,DSA
+i2d_DSAPrivateKey_fp 833 EXIST::FUNCTION:DSA,FP_API
+i2d_DSAPublicKey 834 EXIST::FUNCTION:DSA
+i2d_DSAparams 835 EXIST::FUNCTION:DSA
+i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION:
+i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION:
+i2d_Netscape_RSA 838 EXIST::FUNCTION:RC4,RSA
+i2d_PKCS7 839 EXIST::FUNCTION:
+i2d_PKCS7_DIGEST 840 EXIST::FUNCTION:
+i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION:
+i2d_PKCS7_ENC_CONTENT 842 EXIST::FUNCTION:
+i2d_PKCS7_ENVELOPE 843 EXIST::FUNCTION:
+i2d_PKCS7_ISSUER_AND_SERIAL 844 EXIST::FUNCTION:
+i2d_PKCS7_RECIP_INFO 845 EXIST::FUNCTION:
+i2d_PKCS7_SIGNED 846 EXIST::FUNCTION:
+i2d_PKCS7_SIGNER_INFO 847 EXIST::FUNCTION:
+i2d_PKCS7_SIGN_ENVELOPE 848 EXIST::FUNCTION:
+i2d_PKCS7_bio 849 EXIST::FUNCTION:
+i2d_PKCS7_fp 850 EXIST::FUNCTION:FP_API
+i2d_PrivateKey 851 EXIST::FUNCTION:
+i2d_PublicKey 852 EXIST::FUNCTION:
+i2d_RSAPrivateKey 853 EXIST::FUNCTION:RSA
+i2d_RSAPrivateKey_bio 854 EXIST::FUNCTION:BIO,RSA
+i2d_RSAPrivateKey_fp 855 EXIST::FUNCTION:FP_API,RSA
+i2d_RSAPublicKey 856 EXIST::FUNCTION:RSA
+i2d_X509 857 EXIST::FUNCTION:
+i2d_X509_ALGOR 858 EXIST::FUNCTION:
+i2d_X509_ATTRIBUTE 859 EXIST::FUNCTION:
+i2d_X509_CINF 860 EXIST::FUNCTION:
+i2d_X509_CRL 861 EXIST::FUNCTION:
+i2d_X509_CRL_INFO 862 EXIST::FUNCTION:
+i2d_X509_CRL_bio 863 EXIST::FUNCTION:BIO
+i2d_X509_CRL_fp 864 EXIST::FUNCTION:FP_API
+i2d_X509_EXTENSION 865 EXIST::FUNCTION:
+i2d_X509_NAME 866 EXIST::FUNCTION:
+i2d_X509_NAME_ENTRY 867 EXIST::FUNCTION:
+i2d_X509_PKEY 868 EXIST::FUNCTION:
+i2d_X509_PUBKEY 869 EXIST::FUNCTION:
+i2d_X509_REQ 870 EXIST::FUNCTION:
+i2d_X509_REQ_INFO 871 EXIST::FUNCTION:
+i2d_X509_REQ_bio 872 EXIST::FUNCTION:BIO
+i2d_X509_REQ_fp 873 EXIST::FUNCTION:FP_API
+i2d_X509_REVOKED 874 EXIST::FUNCTION:
+i2d_X509_SIG 875 EXIST::FUNCTION:
+i2d_X509_VAL 876 EXIST::FUNCTION:
+i2d_X509_bio 877 EXIST::FUNCTION:BIO
+i2d_X509_fp 878 EXIST::FUNCTION:FP_API
+idea_cbc_encrypt 879 EXIST::FUNCTION:IDEA
+idea_cfb64_encrypt 880 EXIST::FUNCTION:IDEA
+idea_ecb_encrypt 881 EXIST::FUNCTION:IDEA
+idea_encrypt 882 EXIST::FUNCTION:IDEA
+idea_ofb64_encrypt 883 EXIST::FUNCTION:IDEA
+idea_options 884 EXIST::FUNCTION:IDEA
+idea_set_decrypt_key 885 EXIST::FUNCTION:IDEA
+idea_set_encrypt_key 886 EXIST::FUNCTION:IDEA
+lh_delete 887 EXIST::FUNCTION:
+lh_doall 888 EXIST::FUNCTION:
+lh_doall_arg 889 EXIST::FUNCTION:
+lh_free 890 EXIST::FUNCTION:
+lh_insert 891 EXIST::FUNCTION:
+lh_new 892 EXIST::FUNCTION:
+lh_node_stats 893 EXIST::FUNCTION:FP_API
+lh_node_stats_bio 894 EXIST::FUNCTION:BIO
+lh_node_usage_stats 895 EXIST::FUNCTION:FP_API
+lh_node_usage_stats_bio 896 EXIST::FUNCTION:BIO
+lh_retrieve 897 EXIST::FUNCTION:
+lh_stats 898 EXIST::FUNCTION:FP_API
+lh_stats_bio 899 EXIST::FUNCTION:BIO
+lh_strhash 900 EXIST::FUNCTION:
+sk_delete 901 EXIST::FUNCTION:
+sk_delete_ptr 902 EXIST::FUNCTION:
+sk_dup 903 EXIST::FUNCTION:
+sk_find 904 EXIST::FUNCTION:
+sk_free 905 EXIST::FUNCTION:
+sk_insert 906 EXIST::FUNCTION:
+sk_new 907 EXIST::FUNCTION:
+sk_pop 908 EXIST::FUNCTION:
+sk_pop_free 909 EXIST::FUNCTION:
+sk_push 910 EXIST::FUNCTION:
+sk_set_cmp_func 911 EXIST::FUNCTION:
+sk_shift 912 EXIST::FUNCTION:
+sk_unshift 913 EXIST::FUNCTION:
+sk_zero 914 EXIST::FUNCTION:
+BIO_f_nbio_test 915 EXIST::FUNCTION:
+ASN1_TYPE_get 916 EXIST::FUNCTION:
+ASN1_TYPE_set 917 EXIST::FUNCTION:
+PKCS7_content_free 918 NOEXIST::FUNCTION:
+ERR_load_PKCS7_strings 919 EXIST::FUNCTION:
+X509_find_by_issuer_and_serial 920 EXIST::FUNCTION:
+X509_find_by_subject 921 EXIST::FUNCTION:
+PKCS7_ctrl 927 EXIST::FUNCTION:
+PKCS7_set_type 928 EXIST::FUNCTION:
+PKCS7_set_content 929 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_set 930 EXIST::FUNCTION:
+PKCS7_add_signer 931 EXIST::FUNCTION:
+PKCS7_add_certificate 932 EXIST::FUNCTION:
+PKCS7_add_crl 933 EXIST::FUNCTION:
+PKCS7_content_new 934 EXIST::FUNCTION:
+PKCS7_dataSign 935 NOEXIST::FUNCTION:
+PKCS7_dataVerify 936 EXIST::FUNCTION:
+PKCS7_dataInit 937 EXIST::FUNCTION:
+PKCS7_add_signature 938 EXIST::FUNCTION:
+PKCS7_cert_from_signer_info 939 EXIST::FUNCTION:
+PKCS7_get_signer_info 940 EXIST::FUNCTION:
+EVP_delete_alias 941 NOEXIST::FUNCTION:
+EVP_mdc2 942 EXIST::FUNCTION:MDC2
+PEM_read_bio_RSAPublicKey 943 EXIST::FUNCTION:RSA
+PEM_write_bio_RSAPublicKey 944 EXIST::FUNCTION:RSA
+d2i_RSAPublicKey_bio 945 EXIST::FUNCTION:BIO,RSA
+i2d_RSAPublicKey_bio 946 EXIST::FUNCTION:BIO,RSA
+PEM_read_RSAPublicKey 947 EXIST:!WIN16:FUNCTION:RSA
+PEM_write_RSAPublicKey 949 EXIST:!WIN16:FUNCTION:RSA
+d2i_RSAPublicKey_fp 952 EXIST::FUNCTION:FP_API,RSA
+i2d_RSAPublicKey_fp 954 EXIST::FUNCTION:FP_API,RSA
+BIO_copy_next_retry 955 EXIST::FUNCTION:
+RSA_flags 956 EXIST::FUNCTION:RSA
+X509_STORE_add_crl 957 EXIST::FUNCTION:
+X509_load_crl_file 958 EXIST::FUNCTION:STDIO
+EVP_rc2_40_cbc 959 EXIST::FUNCTION:RC2
+EVP_rc4_40 960 EXIST::FUNCTION:RC4
+EVP_CIPHER_CTX_init 961 EXIST::FUNCTION:
+HMAC 962 EXIST::FUNCTION:HMAC
+HMAC_Init 963 EXIST::FUNCTION:HMAC
+HMAC_Update 964 EXIST::FUNCTION:HMAC
+HMAC_Final 965 EXIST::FUNCTION:HMAC
+ERR_get_next_error_library 966 EXIST::FUNCTION:
+EVP_PKEY_cmp_parameters 967 EXIST::FUNCTION:
+HMAC_cleanup 968 NOEXIST::FUNCTION:
+BIO_ptr_ctrl 969 EXIST::FUNCTION:
+BIO_new_file_internal 970 NOEXIST::FUNCTION:
+BIO_new_fp_internal 971 NOEXIST::FUNCTION:
+BIO_s_file_internal 972 NOEXIST::FUNCTION:
+BN_BLINDING_convert 973 EXIST::FUNCTION:
+BN_BLINDING_invert 974 EXIST::FUNCTION:
+BN_BLINDING_update 975 EXIST::FUNCTION:
+RSA_blinding_on 977 EXIST::FUNCTION:RSA
+RSA_blinding_off 978 EXIST::FUNCTION:RSA
+i2t_ASN1_OBJECT 979 EXIST::FUNCTION:
+BN_BLINDING_new 980 EXIST::FUNCTION:
+BN_BLINDING_free 981 EXIST::FUNCTION:
+EVP_cast5_cbc 983 EXIST::FUNCTION:CAST
+EVP_cast5_cfb64 984 EXIST::FUNCTION:CAST
+EVP_cast5_ecb 985 EXIST::FUNCTION:CAST
+EVP_cast5_ofb 986 EXIST::FUNCTION:CAST
+BF_decrypt 987 EXIST::FUNCTION:BF
+CAST_set_key 988 EXIST::FUNCTION:CAST
+CAST_encrypt 989 EXIST::FUNCTION:CAST
+CAST_decrypt 990 EXIST::FUNCTION:CAST
+CAST_ecb_encrypt 991 EXIST::FUNCTION:CAST
+CAST_cbc_encrypt 992 EXIST::FUNCTION:CAST
+CAST_cfb64_encrypt 993 EXIST::FUNCTION:CAST
+CAST_ofb64_encrypt 994 EXIST::FUNCTION:CAST
+RC2_decrypt 995 EXIST::FUNCTION:RC2
+OBJ_create_objects 997 EXIST::FUNCTION:
+BN_exp 998 EXIST::FUNCTION:
+BN_mul_word 999 EXIST::FUNCTION:
+BN_sub_word 1000 EXIST::FUNCTION:
+BN_dec2bn 1001 EXIST::FUNCTION:
+BN_bn2dec 1002 EXIST::FUNCTION:
+BIO_ghbn_ctrl 1003 NOEXIST::FUNCTION:
+CRYPTO_free_ex_data 1004 EXIST::FUNCTION:
+CRYPTO_get_ex_data 1005 EXIST::FUNCTION:
+CRYPTO_set_ex_data 1007 EXIST::FUNCTION:
+ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS:FUNCTION:
+ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS:FUNCTION:
+EVP_PKEY_bits 1010 EXIST::FUNCTION:
+MD5_Transform 1011 EXIST::FUNCTION:MD5
+SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1
+SHA_Transform 1013 EXIST::FUNCTION:SHA,SHA0
+X509_STORE_CTX_get_chain 1014 EXIST::FUNCTION:
+X509_STORE_CTX_get_current_cert 1015 EXIST::FUNCTION:
+X509_STORE_CTX_get_error 1016 EXIST::FUNCTION:
+X509_STORE_CTX_get_error_depth 1017 EXIST::FUNCTION:
+X509_STORE_CTX_get_ex_data 1018 EXIST::FUNCTION:
+X509_STORE_CTX_set_cert 1020 EXIST::FUNCTION:
+X509_STORE_CTX_set_chain 1021 EXIST::FUNCTION:
+X509_STORE_CTX_set_error 1022 EXIST::FUNCTION:
+X509_STORE_CTX_set_ex_data 1023 EXIST::FUNCTION:
+CRYPTO_dup_ex_data 1025 EXIST::FUNCTION:
+CRYPTO_get_new_lockid 1026 EXIST::FUNCTION:
+CRYPTO_new_ex_data 1027 EXIST::FUNCTION:
+RSA_set_ex_data 1028 EXIST::FUNCTION:RSA
+RSA_get_ex_data 1029 EXIST::FUNCTION:RSA
+RSA_get_ex_new_index 1030 EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_type_1 1031 EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_type_2 1032 EXIST::FUNCTION:RSA
+RSA_padding_add_SSLv23 1033 EXIST::FUNCTION:RSA
+RSA_padding_add_none 1034 EXIST::FUNCTION:RSA
+RSA_padding_check_PKCS1_type_1 1035 EXIST::FUNCTION:RSA
+RSA_padding_check_PKCS1_type_2 1036 EXIST::FUNCTION:RSA
+RSA_padding_check_SSLv23 1037 EXIST::FUNCTION:RSA
+RSA_padding_check_none 1038 EXIST::FUNCTION:RSA
+bn_add_words 1039 EXIST::FUNCTION:
+d2i_Netscape_RSA_2 1040 NOEXIST::FUNCTION:
+CRYPTO_get_ex_new_index 1041 EXIST::FUNCTION:
+RIPEMD160_Init 1042 EXIST::FUNCTION:RIPEMD
+RIPEMD160_Update 1043 EXIST::FUNCTION:RIPEMD
+RIPEMD160_Final 1044 EXIST::FUNCTION:RIPEMD
+RIPEMD160 1045 EXIST::FUNCTION:RIPEMD
+RIPEMD160_Transform 1046 EXIST::FUNCTION:RIPEMD
+RC5_32_set_key 1047 EXIST::FUNCTION:RC5
+RC5_32_ecb_encrypt 1048 EXIST::FUNCTION:RC5
+RC5_32_encrypt 1049 EXIST::FUNCTION:RC5
+RC5_32_decrypt 1050 EXIST::FUNCTION:RC5
+RC5_32_cbc_encrypt 1051 EXIST::FUNCTION:RC5
+RC5_32_cfb64_encrypt 1052 EXIST::FUNCTION:RC5
+RC5_32_ofb64_encrypt 1053 EXIST::FUNCTION:RC5
+BN_bn2mpi 1058 EXIST::FUNCTION:
+BN_mpi2bn 1059 EXIST::FUNCTION:
+ASN1_BIT_STRING_get_bit 1060 EXIST::FUNCTION:
+ASN1_BIT_STRING_set_bit 1061 EXIST::FUNCTION:
+BIO_get_ex_data 1062 EXIST::FUNCTION:
+BIO_get_ex_new_index 1063 EXIST::FUNCTION:
+BIO_set_ex_data 1064 EXIST::FUNCTION:
+X509v3_get_key_usage 1066 NOEXIST::FUNCTION:
+X509v3_set_key_usage 1067 NOEXIST::FUNCTION:
+a2i_X509v3_key_usage 1068 NOEXIST::FUNCTION:
+i2a_X509v3_key_usage 1069 NOEXIST::FUNCTION:
+EVP_PKEY_decrypt 1070 EXIST::FUNCTION:
+EVP_PKEY_encrypt 1071 EXIST::FUNCTION:
+PKCS7_RECIP_INFO_set 1072 EXIST::FUNCTION:
+PKCS7_add_recipient 1073 EXIST::FUNCTION:
+PKCS7_add_recipient_info 1074 EXIST::FUNCTION:
+PKCS7_set_cipher 1075 EXIST::FUNCTION:
+ASN1_TYPE_get_int_octetstring 1076 EXIST::FUNCTION:
+ASN1_TYPE_get_octetstring 1077 EXIST::FUNCTION:
+ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION:
+ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION:
+ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION:
+ERR_add_error_data 1081 EXIST::FUNCTION:
+ERR_set_error_data 1082 EXIST::FUNCTION:
+EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION:
+EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION:
+EVP_CIPHER_get_asn1_iv 1085 EXIST::FUNCTION:
+EVP_CIPHER_set_asn1_iv 1086 EXIST::FUNCTION:
+EVP_rc5_32_12_16_cbc 1087 EXIST::FUNCTION:RC5
+EVP_rc5_32_12_16_cfb64 1088 EXIST::FUNCTION:RC5
+EVP_rc5_32_12_16_ecb 1089 EXIST::FUNCTION:RC5
+EVP_rc5_32_12_16_ofb 1090 EXIST::FUNCTION:RC5
+asn1_add_error 1091 EXIST::FUNCTION:
+d2i_ASN1_BMPSTRING 1092 EXIST::FUNCTION:
+i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION:
+BIO_f_ber 1094 NOEXIST::FUNCTION:
+BN_init 1095 EXIST::FUNCTION:
+COMP_CTX_new 1096 EXIST::FUNCTION:COMP
+COMP_CTX_free 1097 EXIST::FUNCTION:COMP
+COMP_CTX_compress_block 1098 NOEXIST::FUNCTION:
+COMP_CTX_expand_block 1099 NOEXIST::FUNCTION:
+X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION:
+OBJ_NAME_add 1101 EXIST::FUNCTION:
+BIO_socket_nbio 1102 EXIST::FUNCTION:
+EVP_rc2_64_cbc 1103 EXIST::FUNCTION:RC2
+OBJ_NAME_cleanup 1104 EXIST::FUNCTION:
+OBJ_NAME_get 1105 EXIST::FUNCTION:
+OBJ_NAME_init 1106 EXIST::FUNCTION:
+OBJ_NAME_new_index 1107 EXIST::FUNCTION:
+OBJ_NAME_remove 1108 EXIST::FUNCTION:
+BN_MONT_CTX_copy 1109 EXIST::FUNCTION:
+BIO_new_socks4a_connect 1110 NOEXIST::FUNCTION:
+BIO_s_socks4a_connect 1111 NOEXIST::FUNCTION:
+PROXY_set_connect_mode 1112 NOEXIST::FUNCTION:
+RAND_SSLeay 1113 EXIST::FUNCTION:
+RAND_set_rand_method 1114 EXIST::FUNCTION:
+RSA_memory_lock 1115 EXIST::FUNCTION:RSA
+bn_sub_words 1116 EXIST::FUNCTION:
+bn_mul_normal 1117 NOEXIST::FUNCTION:
+bn_mul_comba8 1118 NOEXIST::FUNCTION:
+bn_mul_comba4 1119 NOEXIST::FUNCTION:
+bn_sqr_normal 1120 NOEXIST::FUNCTION:
+bn_sqr_comba8 1121 NOEXIST::FUNCTION:
+bn_sqr_comba4 1122 NOEXIST::FUNCTION:
+bn_cmp_words 1123 NOEXIST::FUNCTION:
+bn_mul_recursive 1124 NOEXIST::FUNCTION:
+bn_mul_part_recursive 1125 NOEXIST::FUNCTION:
+bn_sqr_recursive 1126 NOEXIST::FUNCTION:
+bn_mul_low_normal 1127 NOEXIST::FUNCTION:
+BN_RECP_CTX_init 1128 EXIST::FUNCTION:
+BN_RECP_CTX_new 1129 EXIST::FUNCTION:
+BN_RECP_CTX_free 1130 EXIST::FUNCTION:
+BN_RECP_CTX_set 1131 EXIST::FUNCTION:
+BN_mod_mul_reciprocal 1132 EXIST::FUNCTION:
+BN_mod_exp_recp 1133 EXIST::FUNCTION:
+BN_div_recp 1134 EXIST::FUNCTION:
+BN_CTX_init 1135 EXIST::FUNCTION:DEPRECATED
+BN_MONT_CTX_init 1136 EXIST::FUNCTION:
+RAND_get_rand_method 1137 EXIST::FUNCTION:
+PKCS7_add_attribute 1138 EXIST::FUNCTION:
+PKCS7_add_signed_attribute 1139 EXIST::FUNCTION:
+PKCS7_digest_from_attributes 1140 EXIST::FUNCTION:
+PKCS7_get_attribute 1141 EXIST::FUNCTION:
+PKCS7_get_issuer_and_serial 1142 EXIST::FUNCTION:
+PKCS7_get_signed_attribute 1143 EXIST::FUNCTION:
+COMP_compress_block 1144 EXIST::FUNCTION:COMP
+COMP_expand_block 1145 EXIST::FUNCTION:COMP
+COMP_rle 1146 EXIST::FUNCTION:COMP
+COMP_zlib 1147 EXIST::FUNCTION:COMP
+ms_time_diff 1148 NOEXIST::FUNCTION:
+ms_time_new 1149 NOEXIST::FUNCTION:
+ms_time_free 1150 NOEXIST::FUNCTION:
+ms_time_cmp 1151 NOEXIST::FUNCTION:
+ms_time_get 1152 NOEXIST::FUNCTION:
+PKCS7_set_attributes 1153 EXIST::FUNCTION:
+PKCS7_set_signed_attributes 1154 EXIST::FUNCTION:
+X509_ATTRIBUTE_create 1155 EXIST::FUNCTION:
+X509_ATTRIBUTE_dup 1156 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_check 1157 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_print 1158 EXIST::FUNCTION:BIO
+ASN1_GENERALIZEDTIME_set 1159 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_set_string 1160 EXIST::FUNCTION:
+ASN1_TIME_print 1161 EXIST::FUNCTION:BIO
+BASIC_CONSTRAINTS_free 1162 EXIST::FUNCTION:
+BASIC_CONSTRAINTS_new 1163 EXIST::FUNCTION:
+ERR_load_X509V3_strings 1164 EXIST::FUNCTION:
+NETSCAPE_CERT_SEQUENCE_free 1165 EXIST::FUNCTION:
+NETSCAPE_CERT_SEQUENCE_new 1166 EXIST::FUNCTION:
+OBJ_txt2obj 1167 EXIST::FUNCTION:
+PEM_read_NETSCAPE_CERT_SEQUENCE 1168 EXIST:!VMS,!WIN16:FUNCTION:
+PEM_read_NS_CERT_SEQ 1168 EXIST:VMS:FUNCTION:
+PEM_read_bio_NETSCAPE_CERT_SEQUENCE 1169 EXIST:!VMS:FUNCTION:
+PEM_read_bio_NS_CERT_SEQ 1169 EXIST:VMS:FUNCTION:
+PEM_write_NETSCAPE_CERT_SEQUENCE 1170 EXIST:!VMS,!WIN16:FUNCTION:
+PEM_write_NS_CERT_SEQ 1170 EXIST:VMS:FUNCTION:
+PEM_write_bio_NETSCAPE_CERT_SEQUENCE 1171 EXIST:!VMS:FUNCTION:
+PEM_write_bio_NS_CERT_SEQ 1171 EXIST:VMS:FUNCTION:
+X509V3_EXT_add 1172 EXIST::FUNCTION:
+X509V3_EXT_add_alias 1173 EXIST::FUNCTION:
+X509V3_EXT_add_conf 1174 EXIST::FUNCTION:
+X509V3_EXT_cleanup 1175 EXIST::FUNCTION:
+X509V3_EXT_conf 1176 EXIST::FUNCTION:
+X509V3_EXT_conf_nid 1177 EXIST::FUNCTION:
+X509V3_EXT_get 1178 EXIST::FUNCTION:
+X509V3_EXT_get_nid 1179 EXIST::FUNCTION:
+X509V3_EXT_print 1180 EXIST::FUNCTION:
+X509V3_EXT_print_fp 1181 EXIST::FUNCTION:
+X509V3_add_standard_extensions 1182 EXIST::FUNCTION:
+X509V3_add_value 1183 EXIST::FUNCTION:
+X509V3_add_value_bool 1184 EXIST::FUNCTION:
+X509V3_add_value_int 1185 EXIST::FUNCTION:
+X509V3_conf_free 1186 EXIST::FUNCTION:
+X509V3_get_value_bool 1187 EXIST::FUNCTION:
+X509V3_get_value_int 1188 EXIST::FUNCTION:
+X509V3_parse_list 1189 EXIST::FUNCTION:
+d2i_ASN1_GENERALIZEDTIME 1190 EXIST::FUNCTION:
+d2i_ASN1_TIME 1191 EXIST::FUNCTION:
+d2i_BASIC_CONSTRAINTS 1192 EXIST::FUNCTION:
+d2i_NETSCAPE_CERT_SEQUENCE 1193 EXIST::FUNCTION:
+d2i_ext_ku 1194 NOEXIST::FUNCTION:
+ext_ku_free 1195 NOEXIST::FUNCTION:
+ext_ku_new 1196 NOEXIST::FUNCTION:
+i2d_ASN1_GENERALIZEDTIME 1197 EXIST::FUNCTION:
+i2d_ASN1_TIME 1198 EXIST::FUNCTION:
+i2d_BASIC_CONSTRAINTS 1199 EXIST::FUNCTION:
+i2d_NETSCAPE_CERT_SEQUENCE 1200 EXIST::FUNCTION:
+i2d_ext_ku 1201 NOEXIST::FUNCTION:
+EVP_MD_CTX_copy 1202 EXIST::FUNCTION:
+i2d_ASN1_ENUMERATED 1203 EXIST::FUNCTION:
+d2i_ASN1_ENUMERATED 1204 EXIST::FUNCTION:
+ASN1_ENUMERATED_set 1205 EXIST::FUNCTION:
+ASN1_ENUMERATED_get 1206 EXIST::FUNCTION:
+BN_to_ASN1_ENUMERATED 1207 EXIST::FUNCTION:
+ASN1_ENUMERATED_to_BN 1208 EXIST::FUNCTION:
+i2a_ASN1_ENUMERATED 1209 EXIST::FUNCTION:BIO
+a2i_ASN1_ENUMERATED 1210 EXIST::FUNCTION:BIO
+i2d_GENERAL_NAME 1211 EXIST::FUNCTION:
+d2i_GENERAL_NAME 1212 EXIST::FUNCTION:
+GENERAL_NAME_new 1213 EXIST::FUNCTION:
+GENERAL_NAME_free 1214 EXIST::FUNCTION:
+GENERAL_NAMES_new 1215 EXIST::FUNCTION:
+GENERAL_NAMES_free 1216 EXIST::FUNCTION:
+d2i_GENERAL_NAMES 1217 EXIST::FUNCTION:
+i2d_GENERAL_NAMES 1218 EXIST::FUNCTION:
+i2v_GENERAL_NAMES 1219 EXIST::FUNCTION:
+i2s_ASN1_OCTET_STRING 1220 EXIST::FUNCTION:
+s2i_ASN1_OCTET_STRING 1221 EXIST::FUNCTION:
+X509V3_EXT_check_conf 1222 NOEXIST::FUNCTION:
+hex_to_string 1223 EXIST::FUNCTION:
+string_to_hex 1224 EXIST::FUNCTION:
+DES_ede3_cbcm_encrypt 1225 EXIST::FUNCTION:DES
+RSA_padding_add_PKCS1_OAEP 1226 EXIST::FUNCTION:RSA
+RSA_padding_check_PKCS1_OAEP 1227 EXIST::FUNCTION:RSA
+X509_CRL_print_fp 1228 EXIST::FUNCTION:FP_API
+X509_CRL_print 1229 EXIST::FUNCTION:BIO
+i2v_GENERAL_NAME 1230 EXIST::FUNCTION:
+v2i_GENERAL_NAME 1231 EXIST::FUNCTION:
+i2d_PKEY_USAGE_PERIOD 1232 EXIST::FUNCTION:
+d2i_PKEY_USAGE_PERIOD 1233 EXIST::FUNCTION:
+PKEY_USAGE_PERIOD_new 1234 EXIST::FUNCTION:
+PKEY_USAGE_PERIOD_free 1235 EXIST::FUNCTION:
+v2i_GENERAL_NAMES 1236 EXIST::FUNCTION:
+i2s_ASN1_INTEGER 1237 EXIST::FUNCTION:
+X509V3_EXT_d2i 1238 EXIST::FUNCTION:
+name_cmp 1239 EXIST::FUNCTION:
+str_dup 1240 NOEXIST::FUNCTION:
+i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION:
+i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION:
+BIO_s_log 1243 EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION:
+BIO_f_reliable 1244 EXIST::FUNCTION:BIO
+PKCS7_dataFinal 1245 EXIST::FUNCTION:
+PKCS7_dataDecode 1246 EXIST::FUNCTION:
+X509V3_EXT_CRL_add_conf 1247 EXIST::FUNCTION:
+BN_set_params 1248 EXIST::FUNCTION:DEPRECATED
+BN_get_params 1249 EXIST::FUNCTION:DEPRECATED
+BIO_get_ex_num 1250 NOEXIST::FUNCTION:
+BIO_set_ex_free_func 1251 NOEXIST::FUNCTION:
+EVP_ripemd160 1252 EXIST::FUNCTION:RIPEMD
+ASN1_TIME_set 1253 EXIST::FUNCTION:
+i2d_AUTHORITY_KEYID 1254 EXIST::FUNCTION:
+d2i_AUTHORITY_KEYID 1255 EXIST::FUNCTION:
+AUTHORITY_KEYID_new 1256 EXIST::FUNCTION:
+AUTHORITY_KEYID_free 1257 EXIST::FUNCTION:
+ASN1_seq_unpack 1258 EXIST::FUNCTION:
+ASN1_seq_pack 1259 EXIST::FUNCTION:
+ASN1_unpack_string 1260 EXIST::FUNCTION:
+ASN1_pack_string 1261 EXIST::FUNCTION:
+PKCS12_pack_safebag 1262 NOEXIST::FUNCTION:
+PKCS12_MAKE_KEYBAG 1263 EXIST::FUNCTION:
+PKCS8_encrypt 1264 EXIST::FUNCTION:
+PKCS12_MAKE_SHKEYBAG 1265 EXIST::FUNCTION:
+PKCS12_pack_p7data 1266 EXIST::FUNCTION:
+PKCS12_pack_p7encdata 1267 EXIST::FUNCTION:
+PKCS12_add_localkeyid 1268 EXIST::FUNCTION:
+PKCS12_add_friendlyname_asc 1269 EXIST::FUNCTION:
+PKCS12_add_friendlyname_uni 1270 EXIST::FUNCTION:
+PKCS12_get_friendlyname 1271 EXIST::FUNCTION:
+PKCS12_pbe_crypt 1272 EXIST::FUNCTION:
+PKCS12_decrypt_d2i 1273 NOEXIST::FUNCTION:
+PKCS12_i2d_encrypt 1274 NOEXIST::FUNCTION:
+PKCS12_init 1275 EXIST::FUNCTION:
+PKCS12_key_gen_asc 1276 EXIST::FUNCTION:
+PKCS12_key_gen_uni 1277 EXIST::FUNCTION:
+PKCS12_gen_mac 1278 EXIST::FUNCTION:
+PKCS12_verify_mac 1279 EXIST::FUNCTION:
+PKCS12_set_mac 1280 EXIST::FUNCTION:
+PKCS12_setup_mac 1281 EXIST::FUNCTION:
+OPENSSL_asc2uni 1282 EXIST::FUNCTION:
+OPENSSL_uni2asc 1283 EXIST::FUNCTION:
+i2d_PKCS12_BAGS 1284 EXIST::FUNCTION:
+PKCS12_BAGS_new 1285 EXIST::FUNCTION:
+d2i_PKCS12_BAGS 1286 EXIST::FUNCTION:
+PKCS12_BAGS_free 1287 EXIST::FUNCTION:
+i2d_PKCS12 1288 EXIST::FUNCTION:
+d2i_PKCS12 1289 EXIST::FUNCTION:
+PKCS12_new 1290 EXIST::FUNCTION:
+PKCS12_free 1291 EXIST::FUNCTION:
+i2d_PKCS12_MAC_DATA 1292 EXIST::FUNCTION:
+PKCS12_MAC_DATA_new 1293 EXIST::FUNCTION:
+d2i_PKCS12_MAC_DATA 1294 EXIST::FUNCTION:
+PKCS12_MAC_DATA_free 1295 EXIST::FUNCTION:
+i2d_PKCS12_SAFEBAG 1296 EXIST::FUNCTION:
+PKCS12_SAFEBAG_new 1297 EXIST::FUNCTION:
+d2i_PKCS12_SAFEBAG 1298 EXIST::FUNCTION:
+PKCS12_SAFEBAG_free 1299 EXIST::FUNCTION:
+ERR_load_PKCS12_strings 1300 EXIST::FUNCTION:
+PKCS12_PBE_add 1301 EXIST::FUNCTION:
+PKCS8_add_keyusage 1302 EXIST::FUNCTION:
+PKCS12_get_attr_gen 1303 EXIST::FUNCTION:
+PKCS12_parse 1304 EXIST::FUNCTION:
+PKCS12_create 1305 EXIST::FUNCTION:
+i2d_PKCS12_bio 1306 EXIST::FUNCTION:
+i2d_PKCS12_fp 1307 EXIST::FUNCTION:
+d2i_PKCS12_bio 1308 EXIST::FUNCTION:
+d2i_PKCS12_fp 1309 EXIST::FUNCTION:
+i2d_PBEPARAM 1310 EXIST::FUNCTION:
+PBEPARAM_new 1311 EXIST::FUNCTION:
+d2i_PBEPARAM 1312 EXIST::FUNCTION:
+PBEPARAM_free 1313 EXIST::FUNCTION:
+i2d_PKCS8_PRIV_KEY_INFO 1314 EXIST::FUNCTION:
+PKCS8_PRIV_KEY_INFO_new 1315 EXIST::FUNCTION:
+d2i_PKCS8_PRIV_KEY_INFO 1316 EXIST::FUNCTION:
+PKCS8_PRIV_KEY_INFO_free 1317 EXIST::FUNCTION:
+EVP_PKCS82PKEY 1318 EXIST::FUNCTION:
+EVP_PKEY2PKCS8 1319 EXIST::FUNCTION:
+PKCS8_set_broken 1320 EXIST::FUNCTION:
+EVP_PBE_ALGOR_CipherInit 1321 NOEXIST::FUNCTION:
+EVP_PBE_alg_add 1322 EXIST::FUNCTION:
+PKCS5_pbe_set 1323 EXIST::FUNCTION:
+EVP_PBE_cleanup 1324 EXIST::FUNCTION:
+i2d_SXNET 1325 EXIST::FUNCTION:
+d2i_SXNET 1326 EXIST::FUNCTION:
+SXNET_new 1327 EXIST::FUNCTION:
+SXNET_free 1328 EXIST::FUNCTION:
+i2d_SXNETID 1329 EXIST::FUNCTION:
+d2i_SXNETID 1330 EXIST::FUNCTION:
+SXNETID_new 1331 EXIST::FUNCTION:
+SXNETID_free 1332 EXIST::FUNCTION:
+DSA_SIG_new 1333 EXIST::FUNCTION:DSA
+DSA_SIG_free 1334 EXIST::FUNCTION:DSA
+DSA_do_sign 1335 EXIST::FUNCTION:DSA
+DSA_do_verify 1336 EXIST::FUNCTION:DSA
+d2i_DSA_SIG 1337 EXIST::FUNCTION:DSA
+i2d_DSA_SIG 1338 EXIST::FUNCTION:DSA
+i2d_ASN1_VISIBLESTRING 1339 EXIST::FUNCTION:
+d2i_ASN1_VISIBLESTRING 1340 EXIST::FUNCTION:
+i2d_ASN1_UTF8STRING 1341 EXIST::FUNCTION:
+d2i_ASN1_UTF8STRING 1342 EXIST::FUNCTION:
+i2d_DIRECTORYSTRING 1343 EXIST::FUNCTION:
+d2i_DIRECTORYSTRING 1344 EXIST::FUNCTION:
+i2d_DISPLAYTEXT 1345 EXIST::FUNCTION:
+d2i_DISPLAYTEXT 1346 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509 1379 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509 1380 NOEXIST::FUNCTION:
+i2d_PBKDF2PARAM 1397 EXIST::FUNCTION:
+PBKDF2PARAM_new 1398 EXIST::FUNCTION:
+d2i_PBKDF2PARAM 1399 EXIST::FUNCTION:
+PBKDF2PARAM_free 1400 EXIST::FUNCTION:
+i2d_PBE2PARAM 1401 EXIST::FUNCTION:
+PBE2PARAM_new 1402 EXIST::FUNCTION:
+d2i_PBE2PARAM 1403 EXIST::FUNCTION:
+PBE2PARAM_free 1404 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_GENERAL_NAME 1421 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_GENERAL_NAME 1422 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_SXNETID 1439 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_SXNETID 1440 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_POLICYQUALINFO 1457 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_POLICYQUALINFO 1458 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_POLICYINFO 1475 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_POLICYINFO 1476 NOEXIST::FUNCTION:
+SXNET_add_id_asc 1477 EXIST::FUNCTION:
+SXNET_add_id_ulong 1478 EXIST::FUNCTION:
+SXNET_add_id_INTEGER 1479 EXIST::FUNCTION:
+SXNET_get_id_asc 1480 EXIST::FUNCTION:
+SXNET_get_id_ulong 1481 EXIST::FUNCTION:
+SXNET_get_id_INTEGER 1482 EXIST::FUNCTION:
+X509V3_set_conf_lhash 1483 EXIST::FUNCTION:
+i2d_CERTIFICATEPOLICIES 1484 EXIST::FUNCTION:
+CERTIFICATEPOLICIES_new 1485 EXIST::FUNCTION:
+CERTIFICATEPOLICIES_free 1486 EXIST::FUNCTION:
+d2i_CERTIFICATEPOLICIES 1487 EXIST::FUNCTION:
+i2d_POLICYINFO 1488 EXIST::FUNCTION:
+POLICYINFO_new 1489 EXIST::FUNCTION:
+d2i_POLICYINFO 1490 EXIST::FUNCTION:
+POLICYINFO_free 1491 EXIST::FUNCTION:
+i2d_POLICYQUALINFO 1492 EXIST::FUNCTION:
+POLICYQUALINFO_new 1493 EXIST::FUNCTION:
+d2i_POLICYQUALINFO 1494 EXIST::FUNCTION:
+POLICYQUALINFO_free 1495 EXIST::FUNCTION:
+i2d_USERNOTICE 1496 EXIST::FUNCTION:
+USERNOTICE_new 1497 EXIST::FUNCTION:
+d2i_USERNOTICE 1498 EXIST::FUNCTION:
+USERNOTICE_free 1499 EXIST::FUNCTION:
+i2d_NOTICEREF 1500 EXIST::FUNCTION:
+NOTICEREF_new 1501 EXIST::FUNCTION:
+d2i_NOTICEREF 1502 EXIST::FUNCTION:
+NOTICEREF_free 1503 EXIST::FUNCTION:
+X509V3_get_string 1504 EXIST::FUNCTION:
+X509V3_get_section 1505 EXIST::FUNCTION:
+X509V3_string_free 1506 EXIST::FUNCTION:
+X509V3_section_free 1507 EXIST::FUNCTION:
+X509V3_set_ctx 1508 EXIST::FUNCTION:
+s2i_ASN1_INTEGER 1509 EXIST::FUNCTION:
+CRYPTO_set_locked_mem_functions 1510 EXIST::FUNCTION:
+CRYPTO_get_locked_mem_functions 1511 EXIST::FUNCTION:
+CRYPTO_malloc_locked 1512 EXIST::FUNCTION:
+CRYPTO_free_locked 1513 EXIST::FUNCTION:
+BN_mod_exp2_mont 1514 EXIST::FUNCTION:
+ERR_get_error_line_data 1515 EXIST::FUNCTION:
+ERR_peek_error_line_data 1516 EXIST::FUNCTION:
+PKCS12_PBE_keyivgen 1517 EXIST::FUNCTION:
+X509_ALGOR_dup 1518 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_DIST_POINT 1535 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_DIST_POINT 1536 NOEXIST::FUNCTION:
+i2d_CRL_DIST_POINTS 1537 EXIST::FUNCTION:
+CRL_DIST_POINTS_new 1538 EXIST::FUNCTION:
+CRL_DIST_POINTS_free 1539 EXIST::FUNCTION:
+d2i_CRL_DIST_POINTS 1540 EXIST::FUNCTION:
+i2d_DIST_POINT 1541 EXIST::FUNCTION:
+DIST_POINT_new 1542 EXIST::FUNCTION:
+d2i_DIST_POINT 1543 EXIST::FUNCTION:
+DIST_POINT_free 1544 EXIST::FUNCTION:
+i2d_DIST_POINT_NAME 1545 EXIST::FUNCTION:
+DIST_POINT_NAME_new 1546 EXIST::FUNCTION:
+DIST_POINT_NAME_free 1547 EXIST::FUNCTION:
+d2i_DIST_POINT_NAME 1548 EXIST::FUNCTION:
+X509V3_add_value_uchar 1549 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_ATTRIBUTE 1555 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_ASN1_TYPE 1560 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_EXTENSION 1567 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_NAME_ENTRY 1574 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_ASN1_TYPE 1589 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_ATTRIBUTE 1615 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_EXTENSION 1624 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_NAME_ENTRY 1633 NOEXIST::FUNCTION:
+X509V3_EXT_i2d 1646 EXIST::FUNCTION:
+X509V3_EXT_val_prn 1647 EXIST::FUNCTION:
+X509V3_EXT_add_list 1648 EXIST::FUNCTION:
+EVP_CIPHER_type 1649 EXIST::FUNCTION:
+EVP_PBE_CipherInit 1650 EXIST::FUNCTION:
+X509V3_add_value_bool_nf 1651 EXIST::FUNCTION:
+d2i_ASN1_UINTEGER 1652 EXIST::FUNCTION:
+sk_value 1653 EXIST::FUNCTION:
+sk_num 1654 EXIST::FUNCTION:
+sk_set 1655 EXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_REVOKED 1661 NOEXIST::FUNCTION:
+sk_sort 1671 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_REVOKED 1674 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_ALGOR 1682 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_CRL 1685 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_ALGOR 1696 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_CRL 1702 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO 1723 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS7_RECIP_INFO 1738 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO 1748 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_PKCS7_RECIP_INFO 1753 NOEXIST::FUNCTION:
+PKCS5_PBE_add 1775 EXIST::FUNCTION:
+PEM_write_bio_PKCS8 1776 EXIST::FUNCTION:
+i2d_PKCS8_fp 1777 EXIST::FUNCTION:FP_API
+PEM_read_bio_PKCS8_PRIV_KEY_INFO 1778 EXIST:!VMS:FUNCTION:
+PEM_read_bio_P8_PRIV_KEY_INFO 1778 EXIST:VMS:FUNCTION:
+d2i_PKCS8_bio 1779 EXIST::FUNCTION:BIO
+d2i_PKCS8_PRIV_KEY_INFO_fp 1780 EXIST::FUNCTION:FP_API
+PEM_write_bio_PKCS8_PRIV_KEY_INFO 1781 EXIST:!VMS:FUNCTION:
+PEM_write_bio_P8_PRIV_KEY_INFO 1781 EXIST:VMS:FUNCTION:
+PEM_read_PKCS8 1782 EXIST:!WIN16:FUNCTION:
+d2i_PKCS8_PRIV_KEY_INFO_bio 1783 EXIST::FUNCTION:BIO
+d2i_PKCS8_fp 1784 EXIST::FUNCTION:FP_API
+PEM_write_PKCS8 1785 EXIST:!WIN16:FUNCTION:
+PEM_read_PKCS8_PRIV_KEY_INFO 1786 EXIST:!VMS,!WIN16:FUNCTION:
+PEM_read_P8_PRIV_KEY_INFO 1786 EXIST:VMS:FUNCTION:
+PEM_read_bio_PKCS8 1787 EXIST::FUNCTION:
+PEM_write_PKCS8_PRIV_KEY_INFO 1788 EXIST:!VMS,!WIN16:FUNCTION:
+PEM_write_P8_PRIV_KEY_INFO 1788 EXIST:VMS:FUNCTION:
+PKCS5_PBE_keyivgen 1789 EXIST::FUNCTION:
+i2d_PKCS8_bio 1790 EXIST::FUNCTION:BIO
+i2d_PKCS8_PRIV_KEY_INFO_fp 1791 EXIST::FUNCTION:FP_API
+i2d_PKCS8_PRIV_KEY_INFO_bio 1792 EXIST::FUNCTION:BIO
+BIO_s_bio 1793 EXIST::FUNCTION:
+PKCS5_pbe2_set 1794 EXIST::FUNCTION:
+PKCS5_PBKDF2_HMAC_SHA1 1795 EXIST::FUNCTION:
+PKCS5_v2_PBE_keyivgen 1796 EXIST::FUNCTION:
+PEM_write_bio_PKCS8PrivateKey 1797 EXIST::FUNCTION:
+PEM_write_PKCS8PrivateKey 1798 EXIST::FUNCTION:
+BIO_ctrl_get_read_request 1799 EXIST::FUNCTION:
+BIO_ctrl_pending 1800 EXIST::FUNCTION:
+BIO_ctrl_wpending 1801 EXIST::FUNCTION:
+BIO_new_bio_pair 1802 EXIST::FUNCTION:
+BIO_ctrl_get_write_guarantee 1803 EXIST::FUNCTION:
+CRYPTO_num_locks 1804 EXIST::FUNCTION:
+CONF_load_bio 1805 EXIST::FUNCTION:
+CONF_load_fp 1806 EXIST::FUNCTION:FP_API
+i2d_ASN1_SET_OF_ASN1_OBJECT 1837 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_ASN1_OBJECT 1844 NOEXIST::FUNCTION:
+PKCS7_signatureVerify 1845 EXIST::FUNCTION:
+RSA_set_method 1846 EXIST::FUNCTION:RSA
+RSA_get_method 1847 EXIST::FUNCTION:RSA
+RSA_get_default_method 1848 EXIST::FUNCTION:RSA
+RSA_check_key 1869 EXIST::FUNCTION:RSA
+OBJ_obj2txt 1870 EXIST::FUNCTION:
+DSA_dup_DH 1871 EXIST::FUNCTION:DH,DSA
+X509_REQ_get_extensions 1872 EXIST::FUNCTION:
+X509_REQ_set_extension_nids 1873 EXIST::FUNCTION:
+BIO_nwrite 1874 EXIST::FUNCTION:
+X509_REQ_extension_nid 1875 EXIST::FUNCTION:
+BIO_nread 1876 EXIST::FUNCTION:
+X509_REQ_get_extension_nids 1877 EXIST::FUNCTION:
+BIO_nwrite0 1878 EXIST::FUNCTION:
+X509_REQ_add_extensions_nid 1879 EXIST::FUNCTION:
+BIO_nread0 1880 EXIST::FUNCTION:
+X509_REQ_add_extensions 1881 EXIST::FUNCTION:
+BIO_new_mem_buf 1882 EXIST::FUNCTION:
+DH_set_ex_data 1883 EXIST::FUNCTION:DH
+DH_set_method 1884 EXIST::FUNCTION:DH
+DSA_OpenSSL 1885 EXIST::FUNCTION:DSA
+DH_get_ex_data 1886 EXIST::FUNCTION:DH
+DH_get_ex_new_index 1887 EXIST::FUNCTION:DH
+DSA_new_method 1888 EXIST::FUNCTION:DSA
+DH_new_method 1889 EXIST::FUNCTION:DH
+DH_OpenSSL 1890 EXIST::FUNCTION:DH
+DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA
+DH_get_default_method 1892 EXIST::FUNCTION:DH
+DSA_set_ex_data 1893 EXIST::FUNCTION:DSA
+DH_set_default_method 1894 EXIST::FUNCTION:DH
+DSA_get_ex_data 1895 EXIST::FUNCTION:DSA
+X509V3_EXT_REQ_add_conf 1896 EXIST::FUNCTION:
+NETSCAPE_SPKI_print 1897 EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_set_pubkey 1898 EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_b64_encode 1899 EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_get_pubkey 1900 EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_b64_decode 1901 EXIST::FUNCTION:EVP
+UTF8_putc 1902 EXIST::FUNCTION:
+UTF8_getc 1903 EXIST::FUNCTION:
+RSA_null_method 1904 EXIST::FUNCTION:RSA
+ASN1_tag2str 1905 EXIST::FUNCTION:
+BIO_ctrl_reset_read_request 1906 EXIST::FUNCTION:
+DISPLAYTEXT_new 1907 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_free 1908 EXIST::FUNCTION:
+X509_REVOKED_get_ext_d2i 1909 EXIST::FUNCTION:
+X509_set_ex_data 1910 EXIST::FUNCTION:
+X509_reject_set_bit_asc 1911 NOEXIST::FUNCTION:
+X509_NAME_add_entry_by_txt 1912 EXIST::FUNCTION:
+X509_NAME_add_entry_by_NID 1914 EXIST::FUNCTION:
+X509_PURPOSE_get0 1915 EXIST::FUNCTION:
+PEM_read_X509_AUX 1917 EXIST:!WIN16:FUNCTION:
+d2i_AUTHORITY_INFO_ACCESS 1918 EXIST::FUNCTION:
+PEM_write_PUBKEY 1921 EXIST:!WIN16:FUNCTION:
+ACCESS_DESCRIPTION_new 1925 EXIST::FUNCTION:
+X509_CERT_AUX_free 1926 EXIST::FUNCTION:
+d2i_ACCESS_DESCRIPTION 1927 EXIST::FUNCTION:
+X509_trust_clear 1928 EXIST::FUNCTION:
+X509_TRUST_add 1931 EXIST::FUNCTION:
+ASN1_VISIBLESTRING_new 1932 EXIST::FUNCTION:
+X509_alias_set1 1933 EXIST::FUNCTION:
+ASN1_PRINTABLESTRING_free 1934 EXIST::FUNCTION:
+EVP_PKEY_get1_DSA 1935 EXIST::FUNCTION:DSA
+ASN1_BMPSTRING_new 1936 EXIST::FUNCTION:
+ASN1_mbstring_copy 1937 EXIST::FUNCTION:
+ASN1_UTF8STRING_new 1938 EXIST::FUNCTION:
+DSA_get_default_method 1941 EXIST::FUNCTION:DSA
+i2d_ASN1_SET_OF_ACCESS_DESCRIPTION 1945 NOEXIST::FUNCTION:
+ASN1_T61STRING_free 1946 EXIST::FUNCTION:
+DSA_set_method 1949 EXIST::FUNCTION:DSA
+X509_get_ex_data 1950 EXIST::FUNCTION:
+ASN1_STRING_type 1951 EXIST::FUNCTION:
+X509_PURPOSE_get_by_sname 1952 EXIST::FUNCTION:
+ASN1_TIME_free 1954 EXIST::FUNCTION:
+ASN1_OCTET_STRING_cmp 1955 EXIST::FUNCTION:
+ASN1_BIT_STRING_new 1957 EXIST::FUNCTION:
+X509_get_ext_d2i 1958 EXIST::FUNCTION:
+PEM_read_bio_X509_AUX 1959 EXIST::FUNCTION:
+ASN1_STRING_set_default_mask_asc 1960 EXIST:!VMS:FUNCTION:
+ASN1_STRING_set_def_mask_asc 1960 EXIST:VMS:FUNCTION:
+PEM_write_bio_RSA_PUBKEY 1961 EXIST::FUNCTION:RSA
+ASN1_INTEGER_cmp 1963 EXIST::FUNCTION:
+d2i_RSA_PUBKEY_fp 1964 EXIST::FUNCTION:FP_API,RSA
+X509_trust_set_bit_asc 1967 NOEXIST::FUNCTION:
+PEM_write_bio_DSA_PUBKEY 1968 EXIST::FUNCTION:DSA
+X509_STORE_CTX_free 1969 EXIST::FUNCTION:
+EVP_PKEY_set1_DSA 1970 EXIST::FUNCTION:DSA
+i2d_DSA_PUBKEY_fp 1971 EXIST::FUNCTION:DSA,FP_API
+X509_load_cert_crl_file 1972 EXIST::FUNCTION:STDIO
+ASN1_TIME_new 1973 EXIST::FUNCTION:
+i2d_RSA_PUBKEY 1974 EXIST::FUNCTION:RSA
+X509_STORE_CTX_purpose_inherit 1976 EXIST::FUNCTION:
+PEM_read_RSA_PUBKEY 1977 EXIST:!WIN16:FUNCTION:RSA
+d2i_X509_AUX 1980 EXIST::FUNCTION:
+i2d_DSA_PUBKEY 1981 EXIST::FUNCTION:DSA
+X509_CERT_AUX_print 1982 EXIST::FUNCTION:BIO
+PEM_read_DSA_PUBKEY 1984 EXIST:!WIN16:FUNCTION:DSA
+i2d_RSA_PUBKEY_bio 1985 EXIST::FUNCTION:BIO,RSA
+ASN1_BIT_STRING_num_asc 1986 EXIST::FUNCTION:
+i2d_PUBKEY 1987 EXIST::FUNCTION:
+ASN1_UTCTIME_free 1988 EXIST::FUNCTION:
+DSA_set_default_method 1989 EXIST::FUNCTION:DSA
+X509_PURPOSE_get_by_id 1990 EXIST::FUNCTION:
+ACCESS_DESCRIPTION_free 1994 EXIST::FUNCTION:
+PEM_read_bio_PUBKEY 1995 EXIST::FUNCTION:
+ASN1_STRING_set_by_NID 1996 EXIST::FUNCTION:
+X509_PURPOSE_get_id 1997 EXIST::FUNCTION:
+DISPLAYTEXT_free 1998 EXIST::FUNCTION:
+OTHERNAME_new 1999 EXIST::FUNCTION:
+X509_CERT_AUX_new 2001 EXIST::FUNCTION:
+X509_TRUST_cleanup 2007 EXIST::FUNCTION:
+X509_NAME_add_entry_by_OBJ 2008 EXIST::FUNCTION:
+X509_CRL_get_ext_d2i 2009 EXIST::FUNCTION:
+X509_PURPOSE_get0_name 2011 EXIST::FUNCTION:
+PEM_read_PUBKEY 2012 EXIST:!WIN16:FUNCTION:
+i2d_DSA_PUBKEY_bio 2014 EXIST::FUNCTION:BIO,DSA
+i2d_OTHERNAME 2015 EXIST::FUNCTION:
+ASN1_OCTET_STRING_free 2016 EXIST::FUNCTION:
+ASN1_BIT_STRING_set_asc 2017 EXIST::FUNCTION:
+X509_get_ex_new_index 2019 EXIST::FUNCTION:
+ASN1_STRING_TABLE_cleanup 2020 EXIST::FUNCTION:
+X509_TRUST_get_by_id 2021 EXIST::FUNCTION:
+X509_PURPOSE_get_trust 2022 EXIST::FUNCTION:
+ASN1_STRING_length 2023 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_ACCESS_DESCRIPTION 2024 NOEXIST::FUNCTION:
+ASN1_PRINTABLESTRING_new 2025 EXIST::FUNCTION:
+X509V3_get_d2i 2026 EXIST::FUNCTION:
+ASN1_ENUMERATED_free 2027 EXIST::FUNCTION:
+i2d_X509_CERT_AUX 2028 EXIST::FUNCTION:
+X509_STORE_CTX_set_trust 2030 EXIST::FUNCTION:
+ASN1_STRING_set_default_mask 2032 EXIST::FUNCTION:
+X509_STORE_CTX_new 2033 EXIST::FUNCTION:
+EVP_PKEY_get1_RSA 2034 EXIST::FUNCTION:RSA
+DIRECTORYSTRING_free 2038 EXIST::FUNCTION:
+PEM_write_X509_AUX 2039 EXIST:!WIN16:FUNCTION:
+ASN1_OCTET_STRING_set 2040 EXIST::FUNCTION:
+d2i_DSA_PUBKEY_fp 2041 EXIST::FUNCTION:DSA,FP_API
+d2i_RSA_PUBKEY 2044 EXIST::FUNCTION:RSA
+X509_TRUST_get0_name 2046 EXIST::FUNCTION:
+X509_TRUST_get0 2047 EXIST::FUNCTION:
+AUTHORITY_INFO_ACCESS_free 2048 EXIST::FUNCTION:
+ASN1_IA5STRING_new 2049 EXIST::FUNCTION:
+d2i_DSA_PUBKEY 2050 EXIST::FUNCTION:DSA
+X509_check_purpose 2051 EXIST::FUNCTION:
+ASN1_ENUMERATED_new 2052 EXIST::FUNCTION:
+d2i_RSA_PUBKEY_bio 2053 EXIST::FUNCTION:BIO,RSA
+d2i_PUBKEY 2054 EXIST::FUNCTION:
+X509_TRUST_get_trust 2055 EXIST::FUNCTION:
+X509_TRUST_get_flags 2056 EXIST::FUNCTION:
+ASN1_BMPSTRING_free 2057 EXIST::FUNCTION:
+ASN1_T61STRING_new 2058 EXIST::FUNCTION:
+ASN1_UTCTIME_new 2060 EXIST::FUNCTION:
+i2d_AUTHORITY_INFO_ACCESS 2062 EXIST::FUNCTION:
+EVP_PKEY_set1_RSA 2063 EXIST::FUNCTION:RSA
+X509_STORE_CTX_set_purpose 2064 EXIST::FUNCTION:
+ASN1_IA5STRING_free 2065 EXIST::FUNCTION:
+PEM_write_bio_X509_AUX 2066 EXIST::FUNCTION:
+X509_PURPOSE_get_count 2067 EXIST::FUNCTION:
+CRYPTO_add_info 2068 NOEXIST::FUNCTION:
+X509_NAME_ENTRY_create_by_txt 2071 EXIST::FUNCTION:
+ASN1_STRING_get_default_mask 2072 EXIST::FUNCTION:
+X509_alias_get0 2074 EXIST::FUNCTION:
+ASN1_STRING_data 2075 EXIST::FUNCTION:
+i2d_ACCESS_DESCRIPTION 2077 EXIST::FUNCTION:
+X509_trust_set_bit 2078 NOEXIST::FUNCTION:
+ASN1_BIT_STRING_free 2080 EXIST::FUNCTION:
+PEM_read_bio_RSA_PUBKEY 2081 EXIST::FUNCTION:RSA
+X509_add1_reject_object 2082 EXIST::FUNCTION:
+X509_check_trust 2083 EXIST::FUNCTION:
+PEM_read_bio_DSA_PUBKEY 2088 EXIST::FUNCTION:DSA
+X509_PURPOSE_add 2090 EXIST::FUNCTION:
+ASN1_STRING_TABLE_get 2091 EXIST::FUNCTION:
+ASN1_UTF8STRING_free 2092 EXIST::FUNCTION:
+d2i_DSA_PUBKEY_bio 2093 EXIST::FUNCTION:BIO,DSA
+PEM_write_RSA_PUBKEY 2095 EXIST:!WIN16:FUNCTION:RSA
+d2i_OTHERNAME 2096 EXIST::FUNCTION:
+X509_reject_set_bit 2098 NOEXIST::FUNCTION:
+PEM_write_DSA_PUBKEY 2101 EXIST:!WIN16:FUNCTION:DSA
+X509_PURPOSE_get0_sname 2105 EXIST::FUNCTION:
+EVP_PKEY_set1_DH 2107 EXIST::FUNCTION:DH
+ASN1_OCTET_STRING_dup 2108 EXIST::FUNCTION:
+ASN1_BIT_STRING_set 2109 EXIST::FUNCTION:
+X509_TRUST_get_count 2110 EXIST::FUNCTION:
+ASN1_INTEGER_free 2111 EXIST::FUNCTION:
+OTHERNAME_free 2112 EXIST::FUNCTION:
+i2d_RSA_PUBKEY_fp 2113 EXIST::FUNCTION:FP_API,RSA
+ASN1_INTEGER_dup 2114 EXIST::FUNCTION:
+d2i_X509_CERT_AUX 2115 EXIST::FUNCTION:
+PEM_write_bio_PUBKEY 2117 EXIST::FUNCTION:
+ASN1_VISIBLESTRING_free 2118 EXIST::FUNCTION:
+X509_PURPOSE_cleanup 2119 EXIST::FUNCTION:
+ASN1_mbstring_ncopy 2123 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_new 2126 EXIST::FUNCTION:
+EVP_PKEY_get1_DH 2128 EXIST::FUNCTION:DH
+ASN1_OCTET_STRING_new 2130 EXIST::FUNCTION:
+ASN1_INTEGER_new 2131 EXIST::FUNCTION:
+i2d_X509_AUX 2132 EXIST::FUNCTION:
+ASN1_BIT_STRING_name_print 2134 EXIST::FUNCTION:BIO
+X509_cmp 2135 EXIST::FUNCTION:
+ASN1_STRING_length_set 2136 EXIST::FUNCTION:
+DIRECTORYSTRING_new 2137 EXIST::FUNCTION:
+X509_add1_trust_object 2140 EXIST::FUNCTION:
+PKCS12_newpass 2141 EXIST::FUNCTION:
+SMIME_write_PKCS7 2142 EXIST::FUNCTION:
+SMIME_read_PKCS7 2143 EXIST::FUNCTION:
+DES_set_key_checked 2144 EXIST::FUNCTION:DES
+PKCS7_verify 2145 EXIST::FUNCTION:
+PKCS7_encrypt 2146 EXIST::FUNCTION:
+DES_set_key_unchecked 2147 EXIST::FUNCTION:DES
+SMIME_crlf_copy 2148 EXIST::FUNCTION:
+i2d_ASN1_PRINTABLESTRING 2149 EXIST::FUNCTION:
+PKCS7_get0_signers 2150 EXIST::FUNCTION:
+PKCS7_decrypt 2151 EXIST::FUNCTION:
+SMIME_text 2152 EXIST::FUNCTION:
+PKCS7_simple_smimecap 2153 EXIST::FUNCTION:
+PKCS7_get_smimecap 2154 EXIST::FUNCTION:
+PKCS7_sign 2155 EXIST::FUNCTION:
+PKCS7_add_attrib_smimecap 2156 EXIST::FUNCTION:
+CRYPTO_dbg_set_options 2157 EXIST::FUNCTION:
+CRYPTO_remove_all_info 2158 EXIST::FUNCTION:
+CRYPTO_get_mem_debug_functions 2159 EXIST::FUNCTION:
+CRYPTO_is_mem_check_on 2160 EXIST::FUNCTION:
+CRYPTO_set_mem_debug_functions 2161 EXIST::FUNCTION:
+CRYPTO_pop_info 2162 EXIST::FUNCTION:
+CRYPTO_push_info_ 2163 EXIST::FUNCTION:
+CRYPTO_set_mem_debug_options 2164 EXIST::FUNCTION:
+PEM_write_PKCS8PrivateKey_nid 2165 EXIST::FUNCTION:
+PEM_write_bio_PKCS8PrivateKey_nid 2166 EXIST:!VMS:FUNCTION:
+PEM_write_bio_PKCS8PrivKey_nid 2166 EXIST:VMS:FUNCTION:
+d2i_PKCS8PrivateKey_bio 2167 EXIST::FUNCTION:
+ASN1_NULL_free 2168 EXIST::FUNCTION:
+d2i_ASN1_NULL 2169 EXIST::FUNCTION:
+ASN1_NULL_new 2170 EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_bio 2171 EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_fp 2172 EXIST::FUNCTION:
+i2d_ASN1_NULL 2173 EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_nid_fp 2174 EXIST::FUNCTION:
+d2i_PKCS8PrivateKey_fp 2175 EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_nid_bio 2176 EXIST::FUNCTION:
+i2d_PKCS8PrivateKeyInfo_fp 2177 EXIST::FUNCTION:FP_API
+i2d_PKCS8PrivateKeyInfo_bio 2178 EXIST::FUNCTION:BIO
+PEM_cb 2179 NOEXIST::FUNCTION:
+i2d_PrivateKey_fp 2180 EXIST::FUNCTION:FP_API
+d2i_PrivateKey_bio 2181 EXIST::FUNCTION:BIO
+d2i_PrivateKey_fp 2182 EXIST::FUNCTION:FP_API
+i2d_PrivateKey_bio 2183 EXIST::FUNCTION:BIO
+X509_reject_clear 2184 EXIST::FUNCTION:
+X509_TRUST_set_default 2185 EXIST::FUNCTION:
+d2i_AutoPrivateKey 2186 EXIST::FUNCTION:
+X509_ATTRIBUTE_get0_type 2187 EXIST::FUNCTION:
+X509_ATTRIBUTE_set1_data 2188 EXIST::FUNCTION:
+X509at_get_attr 2189 EXIST::FUNCTION:
+X509at_get_attr_count 2190 EXIST::FUNCTION:
+X509_ATTRIBUTE_create_by_NID 2191 EXIST::FUNCTION:
+X509_ATTRIBUTE_set1_object 2192 EXIST::FUNCTION:
+X509_ATTRIBUTE_count 2193 EXIST::FUNCTION:
+X509_ATTRIBUTE_create_by_OBJ 2194 EXIST::FUNCTION:
+X509_ATTRIBUTE_get0_object 2195 EXIST::FUNCTION:
+X509at_get_attr_by_NID 2196 EXIST::FUNCTION:
+X509at_add1_attr 2197 EXIST::FUNCTION:
+X509_ATTRIBUTE_get0_data 2198 EXIST::FUNCTION:
+X509at_delete_attr 2199 EXIST::FUNCTION:
+X509at_get_attr_by_OBJ 2200 EXIST::FUNCTION:
+RAND_add 2201 EXIST::FUNCTION:
+BIO_number_written 2202 EXIST::FUNCTION:
+BIO_number_read 2203 EXIST::FUNCTION:
+X509_STORE_CTX_get1_chain 2204 EXIST::FUNCTION:
+ERR_load_RAND_strings 2205 EXIST::FUNCTION:
+RAND_pseudo_bytes 2206 EXIST::FUNCTION:
+X509_REQ_get_attr_by_NID 2207 EXIST::FUNCTION:
+X509_REQ_get_attr 2208 EXIST::FUNCTION:
+X509_REQ_add1_attr_by_NID 2209 EXIST::FUNCTION:
+X509_REQ_get_attr_by_OBJ 2210 EXIST::FUNCTION:
+X509at_add1_attr_by_NID 2211 EXIST::FUNCTION:
+X509_REQ_add1_attr_by_OBJ 2212 EXIST::FUNCTION:
+X509_REQ_get_attr_count 2213 EXIST::FUNCTION:
+X509_REQ_add1_attr 2214 EXIST::FUNCTION:
+X509_REQ_delete_attr 2215 EXIST::FUNCTION:
+X509at_add1_attr_by_OBJ 2216 EXIST::FUNCTION:
+X509_REQ_add1_attr_by_txt 2217 EXIST::FUNCTION:
+X509_ATTRIBUTE_create_by_txt 2218 EXIST::FUNCTION:
+X509at_add1_attr_by_txt 2219 EXIST::FUNCTION:
+BN_pseudo_rand 2239 EXIST::FUNCTION:
+BN_is_prime_fasttest 2240 EXIST::FUNCTION:DEPRECATED
+BN_CTX_end 2241 EXIST::FUNCTION:
+BN_CTX_start 2242 EXIST::FUNCTION:
+BN_CTX_get 2243 EXIST::FUNCTION:
+EVP_PKEY2PKCS8_broken 2244 EXIST::FUNCTION:
+ASN1_STRING_TABLE_add 2245 EXIST::FUNCTION:
+CRYPTO_dbg_get_options 2246 EXIST::FUNCTION:
+AUTHORITY_INFO_ACCESS_new 2247 EXIST::FUNCTION:
+CRYPTO_get_mem_debug_options 2248 EXIST::FUNCTION:
+DES_crypt 2249 EXIST::FUNCTION:DES
+PEM_write_bio_X509_REQ_NEW 2250 EXIST::FUNCTION:
+PEM_write_X509_REQ_NEW 2251 EXIST:!WIN16:FUNCTION:
+BIO_callback_ctrl 2252 EXIST::FUNCTION:
+RAND_egd 2253 EXIST::FUNCTION:
+RAND_status 2254 EXIST::FUNCTION:
+bn_dump1 2255 NOEXIST::FUNCTION:
+DES_check_key_parity 2256 EXIST::FUNCTION:DES
+lh_num_items 2257 EXIST::FUNCTION:
+RAND_event 2258 EXIST:WIN32:FUNCTION:
+DSO_new 2259 EXIST::FUNCTION:
+DSO_new_method 2260 EXIST::FUNCTION:
+DSO_free 2261 EXIST::FUNCTION:
+DSO_flags 2262 EXIST::FUNCTION:
+DSO_up 2263 NOEXIST::FUNCTION:
+DSO_set_default_method 2264 EXIST::FUNCTION:
+DSO_get_default_method 2265 EXIST::FUNCTION:
+DSO_get_method 2266 EXIST::FUNCTION:
+DSO_set_method 2267 EXIST::FUNCTION:
+DSO_load 2268 EXIST::FUNCTION:
+DSO_bind_var 2269 EXIST::FUNCTION:
+DSO_METHOD_null 2270 EXIST::FUNCTION:
+DSO_METHOD_openssl 2271 EXIST::FUNCTION:
+DSO_METHOD_dlfcn 2272 EXIST::FUNCTION:
+DSO_METHOD_win32 2273 EXIST::FUNCTION:
+ERR_load_DSO_strings 2274 EXIST::FUNCTION:
+DSO_METHOD_dl 2275 EXIST::FUNCTION:
+NCONF_load 2276 EXIST::FUNCTION:
+NCONF_load_fp 2278 EXIST::FUNCTION:FP_API
+NCONF_new 2279 EXIST::FUNCTION:
+NCONF_get_string 2280 EXIST::FUNCTION:
+NCONF_free 2281 EXIST::FUNCTION:
+NCONF_get_number 2282 NOEXIST::FUNCTION:
+CONF_dump_fp 2283 EXIST::FUNCTION:
+NCONF_load_bio 2284 EXIST::FUNCTION:
+NCONF_dump_fp 2285 EXIST::FUNCTION:
+NCONF_get_section 2286 EXIST::FUNCTION:
+NCONF_dump_bio 2287 EXIST::FUNCTION:
+CONF_dump_bio 2288 EXIST::FUNCTION:
+NCONF_free_data 2289 EXIST::FUNCTION:
+CONF_set_default_method 2290 EXIST::FUNCTION:
+ERR_error_string_n 2291 EXIST::FUNCTION:
+BIO_snprintf 2292 EXIST::FUNCTION:
+DSO_ctrl 2293 EXIST::FUNCTION:
+i2d_ASN1_SET_OF_ASN1_INTEGER 2317 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS12_SAFEBAG 2320 NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS7 2328 NOEXIST::FUNCTION:
+BIO_vfree 2334 EXIST::FUNCTION:
+d2i_ASN1_SET_OF_ASN1_INTEGER 2339 NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_PKCS12_SAFEBAG 2341 NOEXIST::FUNCTION:
+ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION:
+X509_REQ_digest 2362 EXIST::FUNCTION:EVP
+X509_CRL_digest 2391 EXIST::FUNCTION:EVP
+ASN1_STRING_clear_free 2392 EXIST::FUNCTION:
+SRP_VBASE_get1_by_user 2393 EXIST::FUNCTION:SRP
+SRP_user_pwd_free 2394 EXIST::FUNCTION:SRP
+d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION:
+X509_ALGOR_cmp 2398 EXIST::FUNCTION:
+EVP_CIPHER_CTX_set_key_length 2399 EXIST::FUNCTION:
+EVP_CIPHER_CTX_ctrl 2400 EXIST::FUNCTION:
+BN_mod_exp_mont_word 2401 EXIST::FUNCTION:
+RAND_egd_bytes 2402 EXIST::FUNCTION:
+X509_REQ_get1_email 2403 EXIST::FUNCTION:
+X509_get1_email 2404 EXIST::FUNCTION:
+X509_email_free 2405 EXIST::FUNCTION:
+i2d_RSA_NET 2406 EXIST::FUNCTION:RC4,RSA
+d2i_RSA_NET_2 2407 NOEXIST::FUNCTION:
+d2i_RSA_NET 2408 EXIST::FUNCTION:RC4,RSA
+DSO_bind_func 2409 EXIST::FUNCTION:
+CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION:
+sk_new_null 2411 EXIST::FUNCTION:
+CRYPTO_set_dynlock_destroy_callback 2412 EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_destroy_cb 2412 EXIST:VMS:FUNCTION:
+CRYPTO_destroy_dynlockid 2413 EXIST::FUNCTION:
+CRYPTO_set_dynlock_size 2414 NOEXIST::FUNCTION:
+CRYPTO_set_dynlock_create_callback 2415 EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_create_cb 2415 EXIST:VMS:FUNCTION:
+CRYPTO_set_dynlock_lock_callback 2416 EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_lock_cb 2416 EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_lock_callback 2417 EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_lock_cb 2417 EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_destroy_callback 2418 EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_destroy_cb 2418 EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_value 2419 EXIST::FUNCTION:
+CRYPTO_get_dynlock_create_callback 2420 EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_create_cb 2420 EXIST:VMS:FUNCTION:
+c2i_ASN1_BIT_STRING 2421 EXIST::FUNCTION:
+i2c_ASN1_BIT_STRING 2422 EXIST::FUNCTION:
+RAND_poll 2423 EXIST::FUNCTION:
+c2i_ASN1_INTEGER 2424 EXIST::FUNCTION:
+i2c_ASN1_INTEGER 2425 EXIST::FUNCTION:
+BIO_dump_indent 2426 EXIST::FUNCTION:
+ASN1_parse_dump 2427 EXIST::FUNCTION:BIO
+c2i_ASN1_OBJECT 2428 EXIST::FUNCTION:
+X509_NAME_print_ex_fp 2429 EXIST::FUNCTION:FP_API
+ASN1_STRING_print_ex_fp 2430 EXIST::FUNCTION:FP_API
+X509_NAME_print_ex 2431 EXIST::FUNCTION:BIO
+ASN1_STRING_print_ex 2432 EXIST::FUNCTION:BIO
+MD4 2433 EXIST::FUNCTION:MD4
+MD4_Transform 2434 EXIST::FUNCTION:MD4
+MD4_Final 2435 EXIST::FUNCTION:MD4
+MD4_Update 2436 EXIST::FUNCTION:MD4
+MD4_Init 2437 EXIST::FUNCTION:MD4
+EVP_md4 2438 EXIST::FUNCTION:MD4
+i2d_PUBKEY_bio 2439 EXIST::FUNCTION:BIO
+i2d_PUBKEY_fp 2440 EXIST::FUNCTION:FP_API
+d2i_PUBKEY_bio 2441 EXIST::FUNCTION:BIO
+ASN1_STRING_to_UTF8 2442 EXIST::FUNCTION:
+BIO_vprintf 2443 EXIST::FUNCTION:
+BIO_vsnprintf 2444 EXIST::FUNCTION:
+d2i_PUBKEY_fp 2445 EXIST::FUNCTION:FP_API
+X509_cmp_time 2446 EXIST::FUNCTION:
+X509_STORE_CTX_set_time 2447 EXIST::FUNCTION:
+X509_STORE_CTX_get1_issuer 2448 EXIST::FUNCTION:
+X509_OBJECT_retrieve_match 2449 EXIST::FUNCTION:
+X509_OBJECT_idx_by_subject 2450 EXIST::FUNCTION:
+X509_STORE_CTX_set_flags 2451 EXIST::FUNCTION:
+X509_STORE_CTX_trusted_stack 2452 EXIST::FUNCTION:
+X509_time_adj 2453 EXIST::FUNCTION:
+X509_check_issued 2454 EXIST::FUNCTION:
+ASN1_UTCTIME_cmp_time_t 2455 EXIST::FUNCTION:
+DES_set_weak_key_flag 2456 NOEXIST::FUNCTION:
+DES_check_key 2457 NOEXIST::FUNCTION:
+DES_rw_mode 2458 NOEXIST::FUNCTION:
+RSA_PKCS1_RSAref 2459 NOEXIST::FUNCTION:
+X509_keyid_set1 2460 EXIST::FUNCTION:
+BIO_next 2461 EXIST::FUNCTION:
+DSO_METHOD_vms 2462 EXIST::FUNCTION:
+BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION:
+BN_bntest_rand 2464 EXIST::FUNCTION:
+OPENSSL_issetugid 2465 EXIST::FUNCTION:
+BN_rand_range 2466 EXIST::FUNCTION:
+ERR_load_ENGINE_strings 2467 EXIST::FUNCTION:ENGINE
+ENGINE_set_DSA 2468 EXIST::FUNCTION:ENGINE
+ENGINE_get_finish_function 2469 EXIST::FUNCTION:ENGINE
+ENGINE_get_default_RSA 2470 EXIST::FUNCTION:ENGINE
+ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION:
+DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION:
+ENGINE_set_DH 2473 EXIST::FUNCTION:ENGINE
+ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION:
+ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION:
+ENGINE_init 2475 EXIST::FUNCTION:ENGINE
+DH_get_default_openssl_method 2476 NOEXIST::FUNCTION:
+RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION:
+ENGINE_finish 2478 EXIST::FUNCTION:ENGINE
+ENGINE_load_public_key 2479 EXIST::FUNCTION:ENGINE
+ENGINE_get_DH 2480 EXIST::FUNCTION:ENGINE
+ENGINE_ctrl 2481 EXIST::FUNCTION:ENGINE
+ENGINE_get_init_function 2482 EXIST::FUNCTION:ENGINE
+ENGINE_set_init_function 2483 EXIST::FUNCTION:ENGINE
+ENGINE_set_default_DSA 2484 EXIST::FUNCTION:ENGINE
+ENGINE_get_name 2485 EXIST::FUNCTION:ENGINE
+ENGINE_get_last 2486 EXIST::FUNCTION:ENGINE
+ENGINE_get_prev 2487 EXIST::FUNCTION:ENGINE
+ENGINE_get_default_DH 2488 EXIST::FUNCTION:ENGINE
+ENGINE_get_RSA 2489 EXIST::FUNCTION:ENGINE
+ENGINE_set_default 2490 EXIST::FUNCTION:ENGINE
+ENGINE_get_RAND 2491 EXIST::FUNCTION:ENGINE
+ENGINE_get_first 2492 EXIST::FUNCTION:ENGINE
+ENGINE_by_id 2493 EXIST::FUNCTION:ENGINE
+ENGINE_set_finish_function 2494 EXIST::FUNCTION:ENGINE
+ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION:
+ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION:
+RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION:
+ENGINE_set_RSA 2497 EXIST::FUNCTION:ENGINE
+ENGINE_load_private_key 2498 EXIST::FUNCTION:ENGINE
+ENGINE_set_default_RAND 2499 EXIST::FUNCTION:ENGINE
+ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION:
+ENGINE_remove 2501 EXIST::FUNCTION:ENGINE
+ENGINE_free 2502 EXIST::FUNCTION:ENGINE
+ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION:
+ENGINE_get_next 2504 EXIST::FUNCTION:ENGINE
+ENGINE_set_name 2505 EXIST::FUNCTION:ENGINE
+ENGINE_get_default_DSA 2506 EXIST::FUNCTION:ENGINE
+ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION:
+ENGINE_set_default_RSA 2508 EXIST::FUNCTION:ENGINE
+ENGINE_get_default_RAND 2509 EXIST::FUNCTION:ENGINE
+ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION:
+ENGINE_set_RAND 2511 EXIST::FUNCTION:ENGINE
+ENGINE_set_id 2512 EXIST::FUNCTION:ENGINE
+ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION:
+ENGINE_set_default_DH 2514 EXIST::FUNCTION:ENGINE
+ENGINE_new 2515 EXIST::FUNCTION:ENGINE
+ENGINE_get_id 2516 EXIST::FUNCTION:ENGINE
+DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION:
+ENGINE_add 2518 EXIST::FUNCTION:ENGINE
+DH_set_default_openssl_method 2519 NOEXIST::FUNCTION:
+ENGINE_get_DSA 2520 EXIST::FUNCTION:ENGINE
+ENGINE_get_ctrl_function 2521 EXIST::FUNCTION:ENGINE
+ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE
+BN_pseudo_rand_range 2523 EXIST::FUNCTION:
+X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION:
+ERR_load_COMP_strings 2525 EXIST::FUNCTION:COMP
+PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION:
+ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_unregister_ciphers 2528 EXIST::FUNCTION:ENGINE
+ENGINE_get_ciphers 2529 EXIST::FUNCTION:ENGINE
+d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION:
+KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_POINT_add 2532 EXIST::FUNCTION:EC
+ASN1_item_ex_i2d 2533 EXIST::FUNCTION:
+OCSP_CERTID_it 2534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_CERTID_it 2534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_RESPBYTES 2535 EXIST::FUNCTION:
+X509V3_add1_i2d 2536 EXIST::FUNCTION:
+PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_add_input_boolean 2538 EXIST::FUNCTION:
+ENGINE_unregister_RSA 2539 EXIST::FUNCTION:ENGINE
+X509V3_EXT_nconf 2540 EXIST::FUNCTION:
+ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION:
+d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION:
+X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION:
+X509_print_ex 2544 EXIST::FUNCTION:BIO
+OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION:
+ENGINE_register_all_RAND 2546 EXIST::FUNCTION:ENGINE
+ENGINE_load_dynamic 2547 EXIST::FUNCTION:ENGINE
+PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION:
+EC_GROUP_clear_free 2550 EXIST::FUNCTION:EC
+OCSP_sendreq_bio 2551 EXIST::FUNCTION:
+ASN1_item_digest 2552 EXIST::FUNCTION:EVP
+OCSP_BASICRESP_delete_ext 2553 EXIST::FUNCTION:
+OCSP_SIGNATURE_it 2554 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_SIGNATURE_it 2554 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CRL_it 2555 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CRL_it 2555 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_BASICRESP_add_ext 2556 EXIST::FUNCTION:
+KRB5_ENCKEY_it 2557 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_ENCKEY_it 2557 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_method_set_closer 2558 EXIST::FUNCTION:
+X509_STORE_set_purpose 2559 EXIST::FUNCTION:
+i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION:
+OCSP_response_status 2561 EXIST::FUNCTION:
+i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION:
+ENGINE_get_digest_engine 2563 EXIST::FUNCTION:ENGINE
+EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC
+OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION:
+_ossl_old_des_random_key 2566 EXIST::FUNCTION:DES
+ASN1_T61STRING_it 2567 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_T61STRING_it 2567 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_method_of 2568 EXIST::FUNCTION:EC
+i2d_KRB5_APREQ 2569 EXIST::FUNCTION:
+_ossl_old_des_encrypt 2570 EXIST::FUNCTION:DES
+ASN1_PRINTABLE_new 2571 EXIST::FUNCTION:
+HMAC_Init_ex 2572 EXIST::FUNCTION:HMAC
+d2i_KRB5_AUTHENT 2573 EXIST::FUNCTION:
+OCSP_archive_cutoff_new 2574 EXIST::FUNCTION:
+EC_POINT_set_Jprojective_coordinates_GFp 2575 EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_Jproj_coords_GFp 2575 EXIST:VMS:FUNCTION:EC
+_ossl_old_des_is_weak_key 2576 EXIST::FUNCTION:DES
+OCSP_BASICRESP_get_ext_by_OBJ 2577 EXIST::FUNCTION:
+EC_POINT_oct2point 2578 EXIST::FUNCTION:EC
+OCSP_SINGLERESP_get_ext_count 2579 EXIST::FUNCTION:
+UI_ctrl 2580 EXIST::FUNCTION:
+_shadow_DES_rw_mode 2581 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
+_shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
+asn1_do_adb 2582 EXIST::FUNCTION:
+ASN1_template_i2d 2583 EXIST::FUNCTION:
+ENGINE_register_DH 2584 EXIST::FUNCTION:ENGINE
+UI_construct_prompt 2585 EXIST::FUNCTION:
+X509_STORE_set_trust 2586 EXIST::FUNCTION:
+UI_dup_input_string 2587 EXIST::FUNCTION:
+d2i_KRB5_APREQ 2588 EXIST::FUNCTION:
+EVP_MD_CTX_copy_ex 2589 EXIST::FUNCTION:
+OCSP_request_is_signed 2590 EXIST::FUNCTION:
+i2d_OCSP_REQINFO 2591 EXIST::FUNCTION:
+KRB5_ENCKEY_free 2592 EXIST::FUNCTION:
+OCSP_resp_get0 2593 EXIST::FUNCTION:
+GENERAL_NAME_it 2594 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_NAME_it 2594 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_GENERALIZEDTIME_it 2595 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_GENERALIZEDTIME_it 2595 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_STORE_set_flags 2596 EXIST::FUNCTION:
+EC_POINT_set_compressed_coordinates_GFp 2597 EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_compr_coords_GFp 2597 EXIST:VMS:FUNCTION:EC
+OCSP_response_status_str 2598 EXIST::FUNCTION:
+d2i_OCSP_REVOKEDINFO 2599 EXIST::FUNCTION:
+OCSP_basic_add1_cert 2600 EXIST::FUNCTION:
+ERR_get_implementation 2601 EXIST::FUNCTION:
+EVP_CipherFinal_ex 2602 EXIST::FUNCTION:
+OCSP_CERTSTATUS_new 2603 EXIST::FUNCTION:
+CRYPTO_cleanup_all_ex_data 2604 EXIST::FUNCTION:
+OCSP_resp_find 2605 EXIST::FUNCTION:
+BN_nnmod 2606 EXIST::FUNCTION:
+X509_CRL_sort 2607 EXIST::FUNCTION:
+X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION:
+ENGINE_register_RAND 2609 EXIST::FUNCTION:ENGINE
+OCSP_SERVICELOC_new 2610 EXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC
+_ossl_old_des_options 2612 EXIST::FUNCTION:DES
+SXNET_it 2613 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+SXNET_it 2613 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_dup_input_boolean 2614 EXIST::FUNCTION:
+PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION:
+EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC
+ENGINE_load_cryptodev 2617 EXIST::FUNCTION:ENGINE
+DSO_convert_filename 2618 EXIST::FUNCTION:
+POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_register_ciphers 2620 EXIST::FUNCTION:ENGINE
+BN_mod_lshift_quick 2621 EXIST::FUNCTION:
+DSO_set_filename 2622 EXIST::FUNCTION:
+ASN1_item_free 2623 EXIST::FUNCTION:
+KRB5_TKTBODY_free 2624 EXIST::FUNCTION:
+AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_APREQBODY_new 2626 EXIST::FUNCTION:
+X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION:
+ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION:ENGINE
+i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION:
+EVP_MD_CTX_init 2630 EXIST::FUNCTION:
+EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION:
+PKCS7_ATTR_SIGN_it 2632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_add_error_string 2633 EXIST::FUNCTION:
+KRB5_CHECKSUM_free 2634 EXIST::FUNCTION:
+OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION:
+ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE
+PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS12_unpack_authsafes 2639 EXIST::FUNCTION:
+ASN1_item_unpack 2640 EXIST::FUNCTION:
+NETSCAPE_SPKAC_it 2641 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_SPKAC_it 2641 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_STRING_encode 2643 NOEXIST::FUNCTION:
+EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES
+KRB5_AUTHENT_free 2645 EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION:
+OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION:
+OCSP_cert_status_str 2647 EXIST::FUNCTION:
+d2i_OCSP_REQUEST 2648 EXIST::FUNCTION:
+UI_dup_info_string 2649 EXIST::FUNCTION:
+_ossl_old_des_xwhite_in2out 2650 NOEXIST::FUNCTION:
+PKCS12_it 2651 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_it 2651 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_SINGLERESP_get_ext_by_critical 2652 EXIST:!VMS:FUNCTION:
+OCSP_SINGLERESP_get_ext_by_crit 2652 EXIST:VMS:FUNCTION:
+OCSP_CERTSTATUS_free 2653 EXIST::FUNCTION:
+_ossl_old_des_crypt 2654 EXIST::FUNCTION:DES
+ASN1_item_i2d 2655 EXIST::FUNCTION:
+EVP_DecryptFinal_ex 2656 EXIST::FUNCTION:
+ENGINE_load_openssl 2657 EXIST::FUNCTION:ENGINE
+ENGINE_get_cmd_defns 2658 EXIST::FUNCTION:ENGINE
+ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION:ENGINE
+EVP_EncryptFinal_ex 2660 EXIST::FUNCTION:
+ENGINE_set_default_digests 2661 EXIST::FUNCTION:ENGINE
+X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION:
+asn1_ex_i2c 2663 EXIST::FUNCTION:
+ENGINE_register_RSA 2664 EXIST::FUNCTION:ENGINE
+ENGINE_unregister_DSA 2665 EXIST::FUNCTION:ENGINE
+_ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES
+X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_KRB5_AUTHENT 2668 EXIST::FUNCTION:
+SXNETID_it 2669 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+SXNETID_it 2669 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_SINGLERESP 2670 EXIST::FUNCTION:
+EDIPARTYNAME_new 2671 EXIST::FUNCTION:
+PKCS12_certbag2x509 2672 EXIST::FUNCTION:
+_ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES
+d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION:
+ERR_print_errors_cb 2675 EXIST::FUNCTION:
+ENGINE_set_ciphers 2676 EXIST::FUNCTION:ENGINE
+d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION:
+UI_method_get_flusher 2678 EXIST::FUNCTION:
+X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_PUBKEY_it 2679 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_enc_read 2680 EXIST::FUNCTION:DES
+PKCS7_ENCRYPT_it 2681 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ENCRYPT_it 2681 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_OCSP_RESPONSE 2682 EXIST::FUNCTION:
+EC_GROUP_get_cofactor 2683 EXIST::FUNCTION:EC
+PKCS12_unpack_p7data 2684 EXIST::FUNCTION:
+d2i_KRB5_AUTHDATA 2685 EXIST::FUNCTION:
+OCSP_copy_nonce 2686 EXIST::FUNCTION:
+KRB5_AUTHDATA_new 2687 EXIST::FUNCTION:
+OCSP_RESPDATA_new 2688 EXIST::FUNCTION:
+EC_GFp_mont_method 2689 EXIST::FUNCTION:EC
+OCSP_REVOKEDINFO_free 2690 EXIST::FUNCTION:
+UI_get_ex_data 2691 EXIST::FUNCTION:
+KRB5_APREQBODY_free 2692 EXIST::FUNCTION:
+EC_GROUP_get0_generator 2693 EXIST::FUNCTION:EC
+UI_get_default_method 2694 EXIST::FUNCTION:
+X509V3_set_nconf 2695 EXIST::FUNCTION:
+PKCS12_item_i2d_encrypt 2696 EXIST::FUNCTION:
+X509_add1_ext_i2d 2697 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_it 2698 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_SIGNER_INFO_it 2698 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_PRINCNAME_new 2699 EXIST::FUNCTION:
+PKCS12_SAFEBAG_it 2700 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_SAFEBAG_it 2700 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_get_order 2701 EXIST::FUNCTION:EC
+d2i_OCSP_RESPID 2702 EXIST::FUNCTION:
+OCSP_request_verify 2703 EXIST::FUNCTION:
+NCONF_get_number_e 2704 EXIST::FUNCTION:
+_ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES
+X509_signature_print 2706 EXIST::FUNCTION:EVP
+OCSP_SINGLERESP_free 2707 EXIST::FUNCTION:
+ENGINE_load_builtin_engines 2708 EXIST::FUNCTION:ENGINE
+i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION:
+OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION:
+OCSP_RESPBYTES_new 2711 EXIST::FUNCTION:
+EVP_MD_CTX_create 2712 EXIST::FUNCTION:
+OCSP_resp_find_status 2713 EXIST::FUNCTION:
+X509_ALGOR_it 2714 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ALGOR_it 2714 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_TIME_it 2715 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_TIME_it 2715 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_request_set1_name 2716 EXIST::FUNCTION:
+OCSP_ONEREQ_get_ext_count 2717 EXIST::FUNCTION:
+UI_get0_result 2718 EXIST::FUNCTION:
+PKCS12_AUTHSAFES_it 2719 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_AUTHSAFES_it 2719 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_aes_256_ecb 2720 EXIST::FUNCTION:AES
+PKCS12_pack_authsafes 2721 EXIST::FUNCTION:
+ASN1_IA5STRING_it 2722 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_IA5STRING_it 2722 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_get_input_flags 2723 EXIST::FUNCTION:
+EC_GROUP_set_generator 2724 EXIST::FUNCTION:EC
+_ossl_old_des_string_to_2keys 2725 EXIST::FUNCTION:DES
+OCSP_CERTID_free 2726 EXIST::FUNCTION:
+X509_CERT_AUX_it 2727 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CERT_AUX_it 2727 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES
+RAND_set_rand_engine 2730 EXIST::FUNCTION:ENGINE
+DSO_get_loaded_filename 2731 EXIST::FUNCTION:
+X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_ONEREQ_get_ext_by_NID 2733 EXIST::FUNCTION:
+PKCS12_decrypt_skey 2734 EXIST::FUNCTION:
+KRB5_AUTHENT_it 2735 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_AUTHENT_it 2735 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_dup_error_string 2736 EXIST::FUNCTION:
+RSAPublicKey_it 2737 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSAPublicKey_it 2737 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+i2d_OCSP_REQUEST 2738 EXIST::FUNCTION:
+PKCS12_x509crl2certbag 2739 EXIST::FUNCTION:
+OCSP_SERVICELOC_it 2740 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_SERVICELOC_it 2740 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_item_sign 2741 EXIST::FUNCTION:EVP
+X509_CRL_set_issuer_name 2742 EXIST::FUNCTION:
+OBJ_NAME_do_all_sorted 2743 EXIST::FUNCTION:
+i2d_OCSP_BASICRESP 2744 EXIST::FUNCTION:
+i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION:
+PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION:
+HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC
+ENGINE_get_digest 2748 EXIST::FUNCTION:ENGINE
+OCSP_RESPONSE_print 2749 EXIST::FUNCTION:
+KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ACCESS_DESCRIPTION_it 2751 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ACCESS_DESCRIPTION_it 2751 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_it 2752 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ISSUER_AND_SERIAL_it 2752 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PBE2PARAM_it 2753 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PBE2PARAM_it 2753 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS12_certbag2x509crl 2754 EXIST::FUNCTION:
+PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_cipher 2756 EXIST::FUNCTION:ENGINE
+i2d_OCSP_CRLID 2757 EXIST::FUNCTION:
+OCSP_SINGLERESP_new 2758 EXIST::FUNCTION:
+ENGINE_cmd_is_executable 2759 EXIST::FUNCTION:ENGINE
+RSA_up_ref 2760 EXIST::FUNCTION:RSA
+ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_register_DSA 2762 EXIST::FUNCTION:ENGINE
+X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION:
+ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION:ENGINE
+PKCS8_decrypt 2765 EXIST::FUNCTION:
+PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO
+DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DIRECTORYSTRING_it 2767 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_CRLID 2768 EXIST::FUNCTION:
+EC_POINT_is_on_curve 2769 EXIST::FUNCTION:EC
+CRYPTO_set_locked_mem_ex_functions 2770 EXIST:!VMS:FUNCTION:
+CRYPTO_set_locked_mem_ex_funcs 2770 EXIST:VMS:FUNCTION:
+d2i_KRB5_CHECKSUM 2771 EXIST::FUNCTION:
+ASN1_item_dup 2772 EXIST::FUNCTION:
+X509_it 2773 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_it 2773 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+BN_mod_add 2774 EXIST::FUNCTION:
+KRB5_AUTHDATA_free 2775 EXIST::FUNCTION:
+_ossl_old_des_cbc_cksum 2776 EXIST::FUNCTION:DES
+ASN1_item_verify 2777 EXIST::FUNCTION:EVP
+CRYPTO_set_mem_ex_functions 2778 EXIST::FUNCTION:
+EC_POINT_get_Jprojective_coordinates_GFp 2779 EXIST:!VMS:FUNCTION:EC
+EC_POINT_get_Jproj_coords_GFp 2779 EXIST:VMS:FUNCTION:EC
+ZLONG_it 2780 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ZLONG_it 2780 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CRYPTO_get_locked_mem_ex_functions 2781 EXIST:!VMS:FUNCTION:
+CRYPTO_get_locked_mem_ex_funcs 2781 EXIST:VMS:FUNCTION:
+ASN1_TIME_check 2782 EXIST::FUNCTION:
+UI_get0_user_data 2783 EXIST::FUNCTION:
+HMAC_CTX_cleanup 2784 EXIST::FUNCTION:HMAC
+DSA_up_ref 2785 EXIST::FUNCTION:DSA
+_ossl_old_des_ede3_cfb64_encrypt 2786 EXIST:!VMS:FUNCTION:DES
+_ossl_odes_ede3_cfb64_encrypt 2786 EXIST:VMS:FUNCTION:DES
+ASN1_BMPSTRING_it 2787 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_BMPSTRING_it 2787 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_tag2bit 2788 EXIST::FUNCTION:
+UI_method_set_flusher 2789 EXIST::FUNCTION:
+X509_ocspid_print 2790 EXIST::FUNCTION:BIO
+KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION:ENGINE
+UI_add_user_data 2793 EXIST::FUNCTION:
+OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION:
+UI_get_method 2795 EXIST::FUNCTION:
+OCSP_ONEREQ_free 2796 EXIST::FUNCTION:
+ASN1_PRINTABLESTRING_it 2797 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_PRINTABLESTRING_it 2797 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CRL_set_nextUpdate 2798 EXIST::FUNCTION:
+OCSP_REQUEST_it 2799 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_REQUEST_it 2799 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_BASICRESP_it 2800 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_BASICRESP_it 2800 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AES_ecb_encrypt 2801 EXIST::FUNCTION:AES
+BN_mod_sqr 2802 EXIST::FUNCTION:
+NETSCAPE_CERT_SEQUENCE_it 2803 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_CERT_SEQUENCE_it 2803 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_NAMES_it 2804 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_NAMES_it 2804 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AUTHORITY_INFO_ACCESS_it 2805 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+AUTHORITY_INFO_ACCESS_it 2805 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_FBOOLEAN_it 2806 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_set_ex_data 2807 EXIST::FUNCTION:
+_ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES
+ENGINE_register_all_RSA 2809 EXIST::FUNCTION:ENGINE
+d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION:
+OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_unregister_digests 2813 EXIST::FUNCTION:ENGINE
+d2i_EDIPARTYNAME 2814 EXIST::FUNCTION:
+d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION:
+ENGINE_get_digests 2816 EXIST::FUNCTION:ENGINE
+_ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES
+OCSP_RESPDATA_free 2818 EXIST::FUNCTION:
+d2i_KRB5_TICKET 2819 EXIST::FUNCTION:
+OTHERNAME_it 2820 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OTHERNAME_it 2820 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_MD_CTX_cleanup 2821 EXIST::FUNCTION:
+d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION:
+X509_CRL_set_version 2823 EXIST::FUNCTION:
+BN_mod_sub 2824 EXIST::FUNCTION:
+OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION:
+ENGINE_get_ex_new_index 2826 EXIST::FUNCTION:ENGINE
+OCSP_REQUEST_free 2827 EXIST::FUNCTION:
+OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION:
+X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_VAL_it 2829 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_POINTs_make_affine 2830 EXIST::FUNCTION:EC
+EC_POINT_mul 2831 EXIST::FUNCTION:EC
+X509V3_EXT_add_nconf 2832 EXIST::FUNCTION:
+X509_TRUST_set 2833 EXIST::FUNCTION:
+X509_CRL_add1_ext_i2d 2834 EXIST::FUNCTION:
+_ossl_old_des_fcrypt 2835 EXIST::FUNCTION:DES
+DISPLAYTEXT_it 2836 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DISPLAYTEXT_it 2836 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CRL_set_lastUpdate 2837 EXIST::FUNCTION:
+OCSP_BASICRESP_free 2838 EXIST::FUNCTION:
+OCSP_BASICRESP_add1_ext_i2d 2839 EXIST::FUNCTION:
+d2i_KRB5_AUTHENTBODY 2840 EXIST::FUNCTION:
+CRYPTO_set_ex_data_implementation 2841 EXIST:!VMS:FUNCTION:
+CRYPTO_set_ex_data_impl 2841 EXIST:VMS:FUNCTION:
+KRB5_ENCDATA_new 2842 EXIST::FUNCTION:
+DSO_up_ref 2843 EXIST::FUNCTION:
+OCSP_crl_reason_str 2844 EXIST::FUNCTION:
+UI_get0_result_string 2845 EXIST::FUNCTION:
+ASN1_GENERALSTRING_new 2846 EXIST::FUNCTION:
+X509_SIG_it 2847 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_SIG_it 2847 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ERR_set_implementation 2848 EXIST::FUNCTION:
+ERR_load_EC_strings 2849 EXIST::FUNCTION:EC
+UI_get0_action_string 2850 EXIST::FUNCTION:
+OCSP_ONEREQ_get_ext 2851 EXIST::FUNCTION:
+EC_POINT_method_of 2852 EXIST::FUNCTION:EC
+i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION:
+_ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES
+CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION:
+ENGINE_get_ex_data 2856 EXIST::FUNCTION:ENGINE
+UI_destroy_method 2857 EXIST::FUNCTION:
+ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO
+OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION:
+ASN1_primitive_new 2860 EXIST::FUNCTION:
+ASN1_PRINTABLE_it 2861 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_PRINTABLE_it 2861 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_aes_192_ecb 2862 EXIST::FUNCTION:AES
+OCSP_SIGNATURE_new 2863 EXIST::FUNCTION:
+LONG_it 2864 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+LONG_it 2864 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_VISIBLESTRING_it 2865 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_VISIBLESTRING_it 2865 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_SINGLERESP_add1_ext_i2d 2866 EXIST::FUNCTION:
+d2i_OCSP_CERTID 2867 EXIST::FUNCTION:
+ASN1_item_d2i_fp 2868 EXIST::FUNCTION:FP_API
+CRL_DIST_POINTS_it 2869 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+CRL_DIST_POINTS_it 2869 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_NAME_print 2870 EXIST::FUNCTION:
+OCSP_SINGLERESP_delete_ext 2871 EXIST::FUNCTION:
+PKCS12_SAFEBAGS_it 2872 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION:
+OCSP_request_add1_nonce 2874 EXIST::FUNCTION:
+ENGINE_set_cmd_defns 2875 EXIST::FUNCTION:ENGINE
+OCSP_SERVICELOC_free 2876 EXIST::FUNCTION:
+EC_GROUP_free 2877 EXIST::FUNCTION:EC
+ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_BIT_STRING_it 2878 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_REQ_it 2879 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_REQ_it 2879 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_cbc_encrypt 2880 EXIST::FUNCTION:DES
+ERR_unload_strings 2881 EXIST::FUNCTION:
+PKCS7_SIGN_ENVELOPE_it 2882 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_SIGN_ENVELOPE_it 2882 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EDIPARTYNAME_free 2883 EXIST::FUNCTION:
+OCSP_REQINFO_free 2884 EXIST::FUNCTION:
+EC_GROUP_new_curve_GFp 2885 EXIST::FUNCTION:EC
+OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION:
+PKCS12_item_pack_safebag 2887 EXIST::FUNCTION:
+asn1_ex_c2i 2888 EXIST::FUNCTION:
+ENGINE_register_digests 2889 EXIST::FUNCTION:ENGINE
+i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION:
+asn1_enc_restore 2891 EXIST::FUNCTION:
+UI_free 2892 EXIST::FUNCTION:
+UI_new_method 2893 EXIST::FUNCTION:
+EVP_EncryptInit_ex 2894 EXIST::FUNCTION:
+X509_pubkey_digest 2895 EXIST::FUNCTION:EVP
+EC_POINT_invert 2896 EXIST::FUNCTION:EC
+OCSP_basic_sign 2897 EXIST::FUNCTION:
+i2d_OCSP_RESPID 2898 EXIST::FUNCTION:
+OCSP_check_nonce 2899 EXIST::FUNCTION:
+ENGINE_ctrl_cmd 2900 EXIST::FUNCTION:ENGINE
+d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION:
+OCSP_parse_url 2902 EXIST::FUNCTION:
+OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION:
+OCSP_CRLID_free 2904 EXIST::FUNCTION:
+OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION:
+RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+ENGINE_register_all_DH 2907 EXIST::FUNCTION:ENGINE
+i2d_EDIPARTYNAME 2908 EXIST::FUNCTION:
+EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC
+EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC
+OCSP_CRLID_new 2910 EXIST::FUNCTION:
+ENGINE_get_flags 2911 EXIST::FUNCTION:ENGINE
+OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_process 2913 EXIST::FUNCTION:
+ASN1_INTEGER_it 2914 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_CipherInit_ex 2915 EXIST::FUNCTION:
+UI_get_string_type 2916 EXIST::FUNCTION:
+ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE
+ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE
+OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION:
+bn_dup_expand 2920 EXIST::FUNCTION:DEPRECATED
+OCSP_cert_id_new 2921 EXIST::FUNCTION:
+BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+BN_mod_add_quick 2923 EXIST::FUNCTION:
+EC_POINT_new 2924 EXIST::FUNCTION:EC
+EVP_MD_CTX_destroy 2925 EXIST::FUNCTION:
+OCSP_RESPBYTES_free 2926 EXIST::FUNCTION:
+EVP_aes_128_cbc 2927 EXIST::FUNCTION:AES
+OCSP_SINGLERESP_get1_ext_d2i 2928 EXIST::FUNCTION:
+EC_POINT_free 2929 EXIST::FUNCTION:EC
+DH_up_ref 2930 EXIST::FUNCTION:DH
+X509_NAME_ENTRY_it 2931 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_NAME_ENTRY_it 2931 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_get_ex_new_index 2932 EXIST::FUNCTION:
+BN_mod_sub_quick 2933 EXIST::FUNCTION:
+OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION:
+OCSP_request_sign 2935 EXIST::FUNCTION:
+EVP_DigestFinal_ex 2936 EXIST::FUNCTION:
+ENGINE_set_digests 2937 EXIST::FUNCTION:ENGINE
+OCSP_id_issuer_cmp 2938 EXIST::FUNCTION:
+OBJ_NAME_do_all 2939 EXIST::FUNCTION:
+EC_POINTs_mul 2940 EXIST::FUNCTION:EC
+ENGINE_register_complete 2941 EXIST::FUNCTION:ENGINE
+X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION:
+ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_set_default_method 2944 EXIST::FUNCTION:
+RAND_query_egd_bytes 2945 EXIST::FUNCTION:
+UI_method_get_writer 2946 EXIST::FUNCTION:
+UI_OpenSSL 2947 EXIST::FUNCTION:
+PEM_def_callback 2948 EXIST::FUNCTION:
+ENGINE_cleanup 2949 EXIST::FUNCTION:ENGINE
+DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_SINGLERESP_it 2951 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_KRB5_TKTBODY 2952 EXIST::FUNCTION:
+EC_POINT_cmp 2953 EXIST::FUNCTION:EC
+OCSP_REVOKEDINFO_new 2954 EXIST::FUNCTION:
+i2d_OCSP_CERTSTATUS 2955 EXIST::FUNCTION:
+OCSP_basic_add1_nonce 2956 EXIST::FUNCTION:
+ASN1_item_ex_d2i 2957 EXIST::FUNCTION:
+BN_mod_lshift1_quick 2958 EXIST::FUNCTION:
+UI_set_method 2959 EXIST::FUNCTION:
+OCSP_id_get0_info 2960 EXIST::FUNCTION:
+BN_mod_sqrt 2961 EXIST::FUNCTION:
+EC_GROUP_copy 2962 EXIST::FUNCTION:EC
+KRB5_ENCDATA_free 2963 EXIST::FUNCTION:
+_ossl_old_des_cfb_encrypt 2964 EXIST::FUNCTION:DES
+OCSP_SINGLERESP_get_ext_by_OBJ 2965 EXIST::FUNCTION:
+OCSP_cert_to_id 2966 EXIST::FUNCTION:
+OCSP_RESPID_new 2967 EXIST::FUNCTION:
+OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION:
+ENGINE_register_all_complete 2970 EXIST::FUNCTION:ENGINE
+OCSP_check_validity 2971 EXIST::FUNCTION:
+PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_url_svcloc_new 2973 EXIST::FUNCTION:
+ASN1_template_free 2974 EXIST::FUNCTION:
+OCSP_SINGLERESP_add_ext 2975 EXIST::FUNCTION:
+KRB5_AUTHENTBODY_it 2976 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_AUTHENTBODY_it 2976 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_supported_extension 2977 EXIST::FUNCTION:
+i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION:
+UI_method_get_opener 2979 EXIST::FUNCTION:
+ENGINE_set_ex_data 2980 EXIST::FUNCTION:ENGINE
+OCSP_REQUEST_print 2981 EXIST::FUNCTION:
+CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_TICKET_new 2983 EXIST::FUNCTION:
+KRB5_APREQ_new 2984 EXIST::FUNCTION:
+EC_GROUP_get_curve_GFp 2985 EXIST::FUNCTION:EC
+KRB5_ENCKEY_new 2986 EXIST::FUNCTION:
+ASN1_template_d2i 2987 EXIST::FUNCTION:
+_ossl_old_des_quad_cksum 2988 EXIST::FUNCTION:DES
+OCSP_single_get0_status 2989 EXIST::FUNCTION:
+BN_swap 2990 EXIST::FUNCTION:
+POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_set_destroy_function 2992 EXIST::FUNCTION:ENGINE
+asn1_enc_free 2993 EXIST::FUNCTION:
+OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_new 2995 EXIST::FUNCTION:EC
+EVP_aes_256_cbc 2996 EXIST::FUNCTION:AES
+i2d_KRB5_PRINCNAME 2997 EXIST::FUNCTION:
+_ossl_old_des_encrypt2 2998 EXIST::FUNCTION:DES
+_ossl_old_des_encrypt3 2999 EXIST::FUNCTION:DES
+PKCS8_PRIV_KEY_INFO_it 3000 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS8_PRIV_KEY_INFO_it 3000 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_REQINFO_it 3001 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_REQINFO_it 3001 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PBEPARAM_it 3002 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PBEPARAM_it 3002 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_AUTHENTBODY_new 3003 EXIST::FUNCTION:
+X509_CRL_add0_revoked 3004 EXIST::FUNCTION:
+EDIPARTYNAME_it 3005 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+EDIPARTYNAME_it 3005 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_get0_test_string 3007 EXIST::FUNCTION:
+ENGINE_get_cipher_engine 3008 EXIST::FUNCTION:ENGINE
+ENGINE_register_all_ciphers 3009 EXIST::FUNCTION:ENGINE
+EC_POINT_copy 3010 EXIST::FUNCTION:EC
+BN_kronecker 3011 EXIST::FUNCTION:
+_ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES
+_ossl_odes_ede3_ofb64_encrypt 3012 EXIST:VMS:FUNCTION:DES
+UI_method_get_reader 3013 EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext_count 3014 EXIST::FUNCTION:
+ASN1_ENUMERATED_it 3015 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_ENUMERATED_it 3015 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_set_result 3016 EXIST::FUNCTION:
+i2d_KRB5_TICKET 3017 EXIST::FUNCTION:
+X509_print_ex_fp 3018 EXIST::FUNCTION:FP_API
+EVP_CIPHER_CTX_set_padding 3019 EXIST::FUNCTION:
+d2i_OCSP_RESPONSE 3020 EXIST::FUNCTION:
+ASN1_UTCTIME_it 3021 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_UTCTIME_it 3021 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_enc_write 3022 EXIST::FUNCTION:DES
+OCSP_RESPONSE_new 3023 EXIST::FUNCTION:
+AES_set_encrypt_key 3024 EXIST::FUNCTION:AES
+OCSP_resp_count 3025 EXIST::FUNCTION:
+KRB5_CHECKSUM_new 3026 EXIST::FUNCTION:
+ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OCSP_onereq_get0_id 3028 EXIST::FUNCTION:
+ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE
+NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION:
+OCSP_REVOKEDINFO_it 3032 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_REVOKEDINFO_it 3032 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AES_encrypt 3033 EXIST::FUNCTION:AES
+OCSP_REQUEST_new 3034 EXIST::FUNCTION:
+ASN1_ANY_it 3035 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_ANY_it 3035 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CRYPTO_ex_data_new_class 3036 EXIST::FUNCTION:
+_ossl_old_des_ncbc_encrypt 3037 EXIST::FUNCTION:DES
+i2d_KRB5_TKTBODY 3038 EXIST::FUNCTION:
+EC_POINT_clear_free 3039 EXIST::FUNCTION:EC
+AES_decrypt 3040 EXIST::FUNCTION:AES
+asn1_enc_init 3041 EXIST::FUNCTION:
+UI_get_result_maxsize 3042 EXIST::FUNCTION:
+OCSP_CERTID_new 3043 EXIST::FUNCTION:
+ENGINE_unregister_RAND 3044 EXIST::FUNCTION:ENGINE
+UI_method_get_closer 3045 EXIST::FUNCTION:
+d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION:
+OCSP_request_onereq_count 3047 EXIST::FUNCTION:
+OCSP_basic_verify 3048 EXIST::FUNCTION:
+KRB5_AUTHENTBODY_free 3049 EXIST::FUNCTION:
+ASN1_item_d2i 3050 EXIST::FUNCTION:
+ASN1_primitive_free 3051 EXIST::FUNCTION:
+i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION:
+i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION:
+asn1_enc_save 3054 EXIST::FUNCTION:
+ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+_ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES
+PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_accept_responses_new 3058 EXIST::FUNCTION:
+asn1_do_lock 3059 EXIST::FUNCTION:
+PKCS7_ATTR_VERIFY_it 3060 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ATTR_VERIFY_it 3060 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_APREQBODY_it 3061 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_APREQBODY_it 3061 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_OCSP_SINGLERESP 3062 EXIST::FUNCTION:
+ASN1_item_ex_new 3063 EXIST::FUNCTION:
+UI_add_verify_string 3064 EXIST::FUNCTION:
+_ossl_old_des_set_key 3065 EXIST::FUNCTION:DES
+KRB5_PRINCNAME_it 3066 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_PRINCNAME_it 3066 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_DecryptInit_ex 3067 EXIST::FUNCTION:
+i2d_OCSP_CERTID 3068 EXIST::FUNCTION:
+ASN1_item_d2i_bio 3069 EXIST::FUNCTION:BIO
+EC_POINT_dbl 3070 EXIST::FUNCTION:EC
+asn1_get_choice_selector 3071 EXIST::FUNCTION:
+i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION:
+ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE
+AES_options 3074 EXIST::FUNCTION:AES
+ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OCSP_id_cmp 3076 EXIST::FUNCTION:
+OCSP_BASICRESP_new 3077 EXIST::FUNCTION:
+OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION:
+KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_destroy_function 3080 EXIST::FUNCTION:ENGINE
+CONF_set_nconf 3081 EXIST::FUNCTION:
+ASN1_PRINTABLE_free 3082 EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION:
+DIST_POINT_NAME_it 3084 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DIST_POINT_NAME_it 3084 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509V3_extensions_print 3085 EXIST::FUNCTION:
+_ossl_old_des_cfb64_encrypt 3086 EXIST::FUNCTION:DES
+X509_REVOKED_add1_ext_i2d 3087 EXIST::FUNCTION:
+_ossl_old_des_ofb_encrypt 3088 EXIST::FUNCTION:DES
+KRB5_TKTBODY_new 3089 EXIST::FUNCTION:
+ASN1_OCTET_STRING_it 3090 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OCTET_STRING_it 3090 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ERR_load_UI_strings 3091 EXIST::FUNCTION:
+i2d_KRB5_ENCKEY 3092 EXIST::FUNCTION:
+ASN1_template_new 3093 EXIST::FUNCTION:
+OCSP_SIGNATURE_free 3094 EXIST::FUNCTION:
+ASN1_item_i2d_fp 3095 EXIST::FUNCTION:FP_API
+KRB5_PRINCNAME_free 3096 EXIST::FUNCTION:
+PKCS7_RECIP_INFO_it 3097 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_RECIP_INFO_it 3097 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EXTENDED_KEY_USAGE_it 3098 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+EXTENDED_KEY_USAGE_it 3098 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GFp_simple_method 3099 EXIST::FUNCTION:EC
+EC_GROUP_precompute_mult 3100 EXIST::FUNCTION:EC
+OCSP_request_onereq_get0 3101 EXIST::FUNCTION:
+UI_method_set_writer 3102 EXIST::FUNCTION:
+KRB5_AUTHENT_new 3103 EXIST::FUNCTION:
+X509_CRL_INFO_it 3104 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CRL_INFO_it 3104 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+DSO_set_name_converter 3105 EXIST::FUNCTION:
+AES_set_decrypt_key 3106 EXIST::FUNCTION:AES
+PKCS7_DIGEST_it 3107 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_DIGEST_it 3107 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS12_x5092certbag 3108 EXIST::FUNCTION:
+EVP_DigestInit_ex 3109 EXIST::FUNCTION:
+i2a_ACCESS_DESCRIPTION 3110 EXIST::FUNCTION:
+OCSP_RESPONSE_it 3111 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPONSE_it 3111 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS7_ENC_CONTENT_it 3112 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ENC_CONTENT_it 3112 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_request_add0_id 3113 EXIST::FUNCTION:
+EC_POINT_make_affine 3114 EXIST::FUNCTION:EC
+DSO_get_filename 3115 EXIST::FUNCTION:
+OCSP_CERTSTATUS_it 3116 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_CERTSTATUS_it 3116 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_request_add1_cert 3117 EXIST::FUNCTION:
+UI_get0_output_string 3118 EXIST::FUNCTION:
+UI_dup_verify_string 3119 EXIST::FUNCTION:
+BN_mod_lshift 3120 EXIST::FUNCTION:
+KRB5_AUTHDATA_it 3121 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_AUTHDATA_it 3121 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+asn1_set_choice_selector 3122 EXIST::FUNCTION:
+OCSP_basic_add1_status 3123 EXIST::FUNCTION:
+OCSP_RESPID_free 3124 EXIST::FUNCTION:
+asn1_get_field_ptr 3125 EXIST::FUNCTION:
+UI_add_input_string 3126 EXIST::FUNCTION:
+OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION:
+OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION:
+ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+USERNOTICE_it 3132 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_REQINFO_new 3133 EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext 3134 EXIST::FUNCTION:
+CRYPTO_get_ex_data_implementation 3135 EXIST:!VMS:FUNCTION:
+CRYPTO_get_ex_data_impl 3135 EXIST:VMS:FUNCTION:
+ASN1_item_pack 3136 EXIST::FUNCTION:
+i2d_KRB5_ENCDATA 3137 EXIST::FUNCTION:
+X509_PURPOSE_set 3138 EXIST::FUNCTION:
+X509_REQ_INFO_it 3139 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_REQ_INFO_it 3139 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_method_set_opener 3140 EXIST::FUNCTION:
+ASN1_item_ex_free 3141 EXIST::FUNCTION:
+ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_table_flags 3143 EXIST::FUNCTION:ENGINE
+UI_create_method 3144 EXIST::FUNCTION:
+OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION:
+_shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
+_shadow_DES_check_key 3146 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
+d2i_OCSP_REQINFO 3147 EXIST::FUNCTION:
+UI_add_info_string 3148 EXIST::FUNCTION:
+UI_get_result_minsize 3149 EXIST::FUNCTION:
+ASN1_NULL_it 3150 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_NULL_it 3150 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+BN_mod_lshift1 3151 EXIST::FUNCTION:
+d2i_OCSP_ONEREQ 3152 EXIST::FUNCTION:
+OCSP_ONEREQ_new 3153 EXIST::FUNCTION:
+KRB5_TICKET_it 3154 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_TICKET_it 3154 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_aes_192_cbc 3155 EXIST::FUNCTION:AES
+KRB5_TICKET_free 3156 EXIST::FUNCTION:
+UI_new 3157 EXIST::FUNCTION:
+OCSP_response_create 3158 EXIST::FUNCTION:
+_ossl_old_des_xcbc_encrypt 3159 EXIST::FUNCTION:DES
+PKCS7_it 3160 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION:
+OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION:
+ENGINE_set_flags 3162 EXIST::FUNCTION:ENGINE
+_ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES
+OCSP_response_get1_basic 3164 EXIST::FUNCTION:
+EVP_Digest 3165 EXIST::FUNCTION:
+OCSP_ONEREQ_delete_ext 3166 EXIST::FUNCTION:
+ASN1_TBOOLEAN_it 3167 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_TBOOLEAN_it 3167 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_item_new 3168 EXIST::FUNCTION:
+ASN1_TIME_to_generalizedtime 3169 EXIST::FUNCTION:
+BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AES_cbc_encrypt 3171 EXIST::FUNCTION:AES
+ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION:ENGINE
+OCSP_RESPONSE_free 3173 EXIST::FUNCTION:
+UI_method_set_reader 3174 EXIST::FUNCTION:
+i2d_ASN1_T61STRING 3175 EXIST::FUNCTION:
+EC_POINT_set_to_infinity 3176 EXIST::FUNCTION:EC
+ERR_load_OCSP_strings 3177 EXIST::FUNCTION:
+EC_POINT_point2oct 3178 EXIST::FUNCTION:EC
+KRB5_APREQ_free 3179 EXIST::FUNCTION:
+ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_crlID_new 3181 EXIST:!OS2,!VMS:FUNCTION:
+OCSP_crlID2_new 3181 EXIST:OS2,VMS:FUNCTION:
+CONF_modules_load_file 3182 EXIST::FUNCTION:
+CONF_imodule_set_usr_data 3183 EXIST::FUNCTION:
+ENGINE_set_default_string 3184 EXIST::FUNCTION:ENGINE
+CONF_module_get_usr_data 3185 EXIST::FUNCTION:
+ASN1_add_oid_module 3186 EXIST::FUNCTION:
+CONF_modules_finish 3187 EXIST::FUNCTION:
+OPENSSL_config 3188 EXIST::FUNCTION:
+CONF_modules_unload 3189 EXIST::FUNCTION:
+CONF_imodule_get_value 3190 EXIST::FUNCTION:
+CONF_module_set_usr_data 3191 EXIST::FUNCTION:
+CONF_parse_list 3192 EXIST::FUNCTION:
+CONF_module_add 3193 EXIST::FUNCTION:
+CONF_get1_default_config_file 3194 EXIST::FUNCTION:
+CONF_imodule_get_flags 3195 EXIST::FUNCTION:
+CONF_imodule_get_module 3196 EXIST::FUNCTION:
+CONF_modules_load 3197 EXIST::FUNCTION:
+CONF_imodule_get_name 3198 EXIST::FUNCTION:
+ERR_peek_top_error 3199 NOEXIST::FUNCTION:
+CONF_imodule_get_usr_data 3200 EXIST::FUNCTION:
+CONF_imodule_set_flags 3201 EXIST::FUNCTION:
+ENGINE_add_conf_module 3202 EXIST::FUNCTION:ENGINE
+ERR_peek_last_error_line 3203 EXIST::FUNCTION:
+ERR_peek_last_error_line_data 3204 EXIST::FUNCTION:
+ERR_peek_last_error 3205 EXIST::FUNCTION:
+DES_read_2passwords 3206 EXIST::FUNCTION:DES
+DES_read_password 3207 EXIST::FUNCTION:DES
+UI_UTIL_read_pw 3208 EXIST::FUNCTION:
+UI_UTIL_read_pw_string 3209 EXIST::FUNCTION:
+ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION:
+OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION:
+OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION:
+OPENSSL_add_all_algo_conf 3213 EXIST:VMS:FUNCTION:
+OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION:
+AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES
+AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES
+AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES
+ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES
+EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES
+EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES
+EVP_aes_128_cfb128 3222 EXIST::FUNCTION:AES
+EVP_aes_256_cfb128 3223 EXIST::FUNCTION:AES
+EVP_aes_128_ofb 3224 EXIST::FUNCTION:AES
+EVP_aes_192_cfb128 3225 EXIST::FUNCTION:AES
+CONF_modules_free 3226 EXIST::FUNCTION:
+NCONF_default 3227 EXIST::FUNCTION:
+OPENSSL_no_config 3228 EXIST::FUNCTION:
+NCONF_WIN32 3229 EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_new 3230 EXIST::FUNCTION:
+EVP_des_ede_ecb 3231 EXIST::FUNCTION:DES
+i2d_ASN1_UNIVERSALSTRING 3232 EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_free 3233 EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_it 3234 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_UNIVERSALSTRING_it 3234 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION:
+EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES
+X509_REQ_print_ex 3237 EXIST::FUNCTION:BIO
+ENGINE_up_ref 3238 EXIST::FUNCTION:ENGINE
+BUF_MEM_grow_clean 3239 EXIST::FUNCTION:
+CRYPTO_realloc_clean 3240 EXIST::FUNCTION:
+BUF_strlcat 3241 EXIST::FUNCTION:
+BIO_indent 3242 EXIST::FUNCTION:
+BUF_strlcpy 3243 EXIST::FUNCTION:
+OpenSSLDie 3244 EXIST::FUNCTION:
+OPENSSL_cleanse 3245 EXIST::FUNCTION:
+ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE
+ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH
+EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES
+FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
+FIPS_selftest_des 3250 NOEXIST::FUNCTION:
+EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
+EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
+FIPS_mode_set 3253 EXIST::FUNCTION:
+FIPS_selftest_dsa 3254 NOEXIST::FUNCTION:
+EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
+FIPS_allow_md5 3256 NOEXIST::FUNCTION:
+DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
+EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
+FIPS_rand_seeded 3259 NOEXIST::FUNCTION:
+AES_cfbr_encrypt_block 3260 NOEXIST::FUNCTION:
+AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES
+FIPS_rand_seed 3262 NOEXIST::FUNCTION:
+FIPS_corrupt_des 3263 NOEXIST::FUNCTION:
+EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES
+FIPS_selftest_aes 3265 NOEXIST::FUNCTION:
+FIPS_set_prng_key 3266 NOEXIST::FUNCTION:
+EVP_des_cfb8 3267 EXIST::FUNCTION:DES
+FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION:
+FIPS_test_mode 3269 NOEXIST::FUNCTION:
+FIPS_rand_method 3270 NOEXIST::FUNCTION:
+EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES
+ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION:
+FIPS_corrupt_aes 3273 NOEXIST::FUNCTION:
+FIPS_selftest_sha1 3274 NOEXIST::FUNCTION:
+FIPS_selftest_rsa 3275 NOEXIST::FUNCTION:
+FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION:
+EVP_des_cfb1 3277 EXIST::FUNCTION:DES
+FIPS_dsa_check 3278 NOEXIST::FUNCTION:
+AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
+EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
+FIPS_rand_check 3281 NOEXIST::FUNCTION:
+FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
+FIPS_mode 3283 EXIST::FUNCTION:
+FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
+sk_is_sorted 3285 EXIST::FUNCTION:
+X509_check_ca 3286 EXIST::FUNCTION:
+private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA
+HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC
+private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
+private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST
+private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
+private_RC5_32_set_key 3292 NOEXIST::FUNCTION:
+private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5
+private_RC4_set_key 3294 EXIST::FUNCTION:RC4
+private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2
+private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2
+private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4
+private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF
+private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2
+d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION:
+PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_PROXY_POLICY 3302 EXIST::FUNCTION:
+i2d_PROXY_CERT_INFO_EXTENSION 3303 EXIST::FUNCTION:
+d2i_PROXY_POLICY 3304 EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_new 3305 EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_free 3306 EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PROXY_POLICY_free 3308 EXIST::FUNCTION:
+PROXY_POLICY_new 3309 EXIST::FUNCTION:
+BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION:
+FIPS_selftest_rng 3311 NOEXIST::FUNCTION:
+EVP_sha384 3312 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EVP_sha512 3313 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256
+EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256
+FIPS_selftest_hmac 3316 NOEXIST::FUNCTION:
+FIPS_corrupt_rng 3317 NOEXIST::FUNCTION:
+BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION:
+RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA
+RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA
+RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
+RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
+PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
+BN_X931_generate_Xpq 3325 EXIST::FUNCTION:
+RSA_X931_generate_key 3326 NOEXIST::FUNCTION:
+BN_X931_derive_prime 3327 NOEXIST::FUNCTION:
+BN_X931_generate_prime 3328 NOEXIST::FUNCTION:
+RSA_X931_derive 3329 NOEXIST::FUNCTION:
+BIO_new_dgram 3330 EXIST::FUNCTION:
+BN_get0_nist_prime_384 3331 EXIST::FUNCTION:
+ERR_set_mark 3332 EXIST::FUNCTION:
+X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION:
+ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE
+ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE
+STORE_meth_set_list_start_fn 3336 NOEXIST::FUNCTION:
+STORE_method_set_list_start_function 3336 NOEXIST::FUNCTION:
+BN_BLINDING_invert_ex 3337 EXIST::FUNCTION:
+NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_number 3339 NOEXIST::FUNCTION:
+BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION:DEPRECATED
+X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION:
+POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_parse_attrs_start 3343 NOEXIST::FUNCTION:
+POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION:
+EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION:
+BN_nist_mod_192 3346 EXIST::FUNCTION:
+EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC,EC2M
+STORE_set_method 3348 NOEXIST::FUNCTION:
+GENERAL_SUBTREE_free 3349 EXIST::FUNCTION:
+NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH
+PKCS12_add_safe 3352 EXIST::FUNCTION:
+EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC
+STORE_meth_get_update_store_fn 3354 NOEXIST::FUNCTION:
+STORE_method_get_update_store_function 3354 NOEXIST::FUNCTION:
+ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE
+SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC
+BN_get0_nist_prime_192 3358 EXIST::FUNCTION:
+STORE_modify_certificate 3359 NOEXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC,EC2M
+BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:EC2M
+STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION:
+X509_keyid_get0 3363 EXIST::FUNCTION:
+ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
+pitem_new 3365 EXIST::FUNCTION:
+BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:EC2M
+STORE_list_public_key_endp 3367 NOEXIST::FUNCTION:
+o2i_ECPublicKey 3368 EXIST::FUNCTION:EC
+EC_KEY_copy 3369 EXIST::FUNCTION:EC
+BIO_dump_fp 3370 EXIST::FUNCTION:FP_API
+X509_policy_node_get0_parent 3371 EXIST::FUNCTION:
+EC_GROUP_check_discriminant 3372 EXIST::FUNCTION:EC
+i2o_ECPublicKey 3373 EXIST::FUNCTION:EC
+EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC
+a2i_IPADDRESS 3375 EXIST::FUNCTION:
+STORE_meth_set_initialise_fn 3376 NOEXIST::FUNCTION:
+STORE_method_set_initialise_function 3376 NOEXIST::FUNCTION:
+X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION:
+X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION:
+EC_POINT_point2bn 3379 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION:
+X509_policy_tree_get0_policies 3381 EXIST::FUNCTION:
+EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC,EC2M
+STORE_destroy_method 3383 NOEXIST::FUNCTION:
+ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE
+EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_get0_number 3386 NOEXIST::FUNCTION:
+ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE
+EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC
+ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_delete_public_key 3390 NOEXIST::FUNCTION:
+STORE_get_public_key 3391 NOEXIST::FUNCTION:
+STORE_modify_arbitrary 3392 NOEXIST::FUNCTION:
+ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE
+pqueue_iterator 3394 EXIST::FUNCTION:
+ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA
+OPENSSL_DIR_end 3396 EXIST::FUNCTION:
+BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:EC2M
+EC_POINT_bn2point 3398 EXIST::FUNCTION:EC
+X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION:
+EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC
+STORE_get_method 3401 NOEXIST::FUNCTION:
+EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC
+ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA
+STORE_parse_attrs_end 3404 NOEXIST::FUNCTION:
+EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC
+EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC
+STORE_method_set_store_function 3406 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION:
+PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC,EC2M
+EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION:
+BN_BLINDING_set_flags 3411 EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION:
+STORE_get_number 3415 NOEXIST::FUNCTION:
+ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA
+BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:EC2M
+EC_KEY_up_ref 3418 EXIST::FUNCTION:EC
+POLICY_MAPPING_free 3419 EXIST::FUNCTION:
+BN_GF2m_mod_div 3420 EXIST::FUNCTION:EC2M
+X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION:
+EC_KEY_free 3422 EXIST::FUNCTION:EC
+STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION:
+STORE_method_set_list_next_function 3423 NOEXIST::FUNCTION:
+PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC
+d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC
+STORE_meth_get_generate_fn 3426 NOEXIST::FUNCTION:
+STORE_method_get_generate_function 3426 NOEXIST::FUNCTION:
+STORE_meth_set_list_end_fn 3427 NOEXIST::FUNCTION:
+STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION:
+pqueue_print 3428 EXIST::FUNCTION:
+EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC
+EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API
+BN_GF2m_mod_arr 3431 EXIST::FUNCTION:EC2M
+PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION:
+EVP_PKEY_cmp 3433 EXIST::FUNCTION:
+X509_policy_level_node_count 3434 EXIST::FUNCTION:
+STORE_new_engine 3435 NOEXIST::FUNCTION:
+STORE_list_public_key_start 3436 NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION:
+ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH
+EVP_PKEY_get_attr 3439 EXIST::FUNCTION:
+ECDSA_do_sign 3440 EXIST::FUNCTION:ECDSA
+ENGINE_unregister_ECDH 3441 EXIST::FUNCTION:ENGINE
+ECDH_OpenSSL 3442 EXIST::FUNCTION:ECDH
+EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC
+EC_POINT_dup 3444 EXIST::FUNCTION:EC
+GENERAL_SUBTREE_new 3445 EXIST::FUNCTION:
+STORE_list_crl_endp 3446 NOEXIST::FUNCTION:
+EC_get_builtin_curves 3447 EXIST::FUNCTION:EC
+X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION:
+X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION:
+STORE_list_crl_end 3449 NOEXIST::FUNCTION:
+EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC
+BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:EC2M
+i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC
+ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API
+pqueue_find 3454 EXIST::FUNCTION:
+ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA
+PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC
+STORE_method_set_ctrl_function 3457 NOEXIST::FUNCTION:
+STORE_list_public_key_end 3458 NOEXIST::FUNCTION:
+EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC
+pqueue_peek 3460 EXIST::FUNCTION:
+STORE_get_arbitrary 3461 NOEXIST::FUNCTION:
+STORE_store_crl 3462 NOEXIST::FUNCTION:
+X509_policy_node_get0_policy 3463 EXIST::FUNCTION:
+PKCS12_add_safes 3464 EXIST::FUNCTION:
+BN_BLINDING_convert_ex 3465 EXIST::FUNCTION:
+X509_policy_tree_free 3466 EXIST::FUNCTION:
+OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION:
+BN_GF2m_poly2arr 3468 EXIST::FUNCTION:EC2M
+STORE_ctrl 3469 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION:
+BN_get0_nist_prime_224 3471 EXIST::FUNCTION:
+i2d_ECParameters 3472 EXIST::FUNCTION:EC
+i2d_ECPKParameters 3473 EXIST::FUNCTION:EC
+BN_GENCB_call 3474 EXIST::FUNCTION:
+d2i_ECPKParameters 3475 EXIST::FUNCTION:EC
+STORE_meth_set_generate_fn 3476 NOEXIST::FUNCTION:
+STORE_method_set_generate_function 3476 NOEXIST::FUNCTION:
+ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE
+NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION:
+SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256
+EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC
+PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_cstr 3482 NOEXIST::FUNCTION:
+STORE_list_crl_next 3483 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in_range 3484 NOEXIST::FUNCTION:
+ECParameters_print 3485 EXIST::FUNCTION:BIO,EC
+STORE_meth_set_delete_fn 3486 NOEXIST::FUNCTION:
+STORE_method_set_delete_function 3486 NOEXIST::FUNCTION:
+STORE_list_certificate_next 3487 NOEXIST::FUNCTION:
+ASN1_generate_nconf 3488 EXIST::FUNCTION:
+BUF_memdup 3489 EXIST::FUNCTION:
+BN_GF2m_mod_mul 3490 EXIST::FUNCTION:EC2M
+STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION:
+STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION:
+STORE_list_private_key_next 3493 NOEXIST::FUNCTION:
+EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC
+X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION:
+STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION:
+STORE_get_private_key 3497 NOEXIST::FUNCTION:
+EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION:
+STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION:
+EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC,EC2M
+STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION:
+STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION:
+STORE_store_number 3502 NOEXIST::FUNCTION:
+BN_is_prime_ex 3503 EXIST::FUNCTION:
+STORE_revoke_public_key 3504 NOEXIST::FUNCTION:
+X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION:
+STORE_delete_arbitrary 3506 NOEXIST::FUNCTION:
+PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION:
+X509_STORE_set_depth 3508 EXIST::FUNCTION:
+ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA
+SHA224 3510 EXIST::FUNCTION:SHA,SHA256
+BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API
+EC_KEY_set_group 3512 EXIST::FUNCTION:EC
+BUF_strndup 3513 EXIST::FUNCTION:
+STORE_list_certificate_start 3514 NOEXIST::FUNCTION:
+BN_GF2m_mod 3515 EXIST::FUNCTION:EC2M
+X509_REQ_check_private_key 3516 EXIST::FUNCTION:
+EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC
+ERR_load_STORE_strings 3518 NOEXIST::FUNCTION:
+PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC
+STORE_list_private_key_end 3520 NOEXIST::FUNCTION:
+i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC
+ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA
+ASN1_put_eoc 3523 EXIST::FUNCTION:
+X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION:
+X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION:
+STORE_modify_private_key 3526 NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION:
+EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC
+EC_GFp_nist_method 3529 EXIST::FUNCTION:EC
+STORE_meth_set_modify_fn 3530 NOEXIST::FUNCTION:
+STORE_method_set_modify_function 3530 NOEXIST::FUNCTION:
+STORE_parse_attrs_next 3531 NOEXIST::FUNCTION:
+ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC
+X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_meth_get_revoke_fn 3535 NOEXIST::FUNCTION:
+STORE_method_get_revoke_function 3535 NOEXIST::FUNCTION:
+STORE_method_set_get_function 3536 NOEXIST::FUNCTION:
+STORE_modify_number 3537 NOEXIST::FUNCTION:
+STORE_method_get_store_function 3538 NOEXIST::FUNCTION:
+STORE_store_private_key 3539 NOEXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:EC2M
+RSA_setup_blinding 3541 EXIST::FUNCTION:RSA
+BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM
+STORE_Memory 3543 NOEXIST::FUNCTION:
+sk_find_ex 3544 EXIST::FUNCTION:
+EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC,EC2M
+ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE
+POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:EC2M
+ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH
+EC_KEY_generate_key 3550 EXIST::FUNCTION:EC
+SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+BN_GF2m_arr2poly 3552 EXIST::FUNCTION:EC2M
+STORE_method_get_get_function 3553 NOEXIST::FUNCTION:
+STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION:
+STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION:
+EC_GROUP_check 3555 EXIST::FUNCTION:EC
+d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC
+EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC
+STORE_meth_get_lock_store_fn 3558 NOEXIST::FUNCTION:
+STORE_method_get_lock_store_function 3558 NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION:
+SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256
+STORE_meth_set_update_store_fn 3561 NOEXIST::FUNCTION:
+STORE_method_set_update_store_function 3561 NOEXIST::FUNCTION:
+SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256
+d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC
+ASN1_item_ndef_i2d 3564 EXIST::FUNCTION:
+STORE_delete_private_key 3565 NOEXIST::FUNCTION:
+ERR_pop_to_mark 3566 EXIST::FUNCTION:
+ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE
+X509_policy_level_get0_node 3568 EXIST::FUNCTION:
+i2d_PKCS7_NDEF 3569 EXIST::FUNCTION:
+EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC
+ASN1_generate_v3 3571 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION:
+X509_policy_tree_level_count 3573 EXIST::FUNCTION:
+BN_GF2m_add 3574 EXIST::FUNCTION:EC2M
+EC_KEY_get0_group 3575 EXIST::FUNCTION:EC
+STORE_generate_crl 3576 NOEXIST::FUNCTION:
+STORE_store_public_key 3577 NOEXIST::FUNCTION:
+X509_CERT_PAIR_free 3578 EXIST::FUNCTION:
+STORE_revoke_private_key 3579 NOEXIST::FUNCTION:
+BN_nist_mod_224 3580 EXIST::FUNCTION:
+SHA512_Final 3581 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_ATTR_INFO_modify_dn 3582 NOEXIST::FUNCTION:
+STORE_meth_get_initialise_fn 3583 NOEXIST::FUNCTION:
+STORE_method_get_initialise_function 3583 NOEXIST::FUNCTION:
+STORE_delete_number 3584 NOEXIST::FUNCTION:
+i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC
+BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION:
+EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC
+STORE_ATTR_INFO_in_ex 3588 NOEXIST::FUNCTION:
+STORE_list_crl_start 3589 NOEXIST::FUNCTION:
+ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH
+STORE_meth_get_modify_fn 3591 NOEXIST::FUNCTION:
+STORE_method_get_modify_function 3591 NOEXIST::FUNCTION:
+v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION:
+STORE_store_certificate 3593 NOEXIST::FUNCTION:
+OBJ_bsearch_ex 3594 NOEXIST::FUNCTION:
+X509_STORE_CTX_set_default 3595 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION:
+BN_GF2m_mod_inv 3597 EXIST::FUNCTION:EC2M
+BN_GF2m_mod_exp 3598 EXIST::FUNCTION:EC2M
+STORE_modify_public_key 3599 NOEXIST::FUNCTION:
+STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION:
+STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION:
+EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC
+STORE_store_arbitrary 3602 NOEXIST::FUNCTION:
+STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION:
+STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION:
+BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:EC2M
+ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE
+STORE_create_method 3606 NOEXIST::FUNCTION:
+ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC
+EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC
+PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC
+X509_VERIFY_PARAM_set1 3610 EXIST::FUNCTION:
+ECDH_set_method 3611 EXIST::FUNCTION:ECDH
+v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION:
+ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH
+STORE_generate_key 3614 NOEXIST::FUNCTION:
+BN_nist_mod_521 3615 EXIST::FUNCTION:
+X509_policy_tree_get0_level 3616 EXIST::FUNCTION:
+EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC
+EC_GROUP_set_point_conv_form 3617 EXIST:VMS:FUNCTION:EC
+PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC
+i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA
+ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA
+STORE_delete_crl 3621 NOEXIST::FUNCTION:
+EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC
+ASN1_const_check_infinite_end 3623 EXIST::FUNCTION:
+EVP_PKEY_delete_attr 3624 EXIST::FUNCTION:
+ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA
+EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC,EC2M
+EC_GROUP_cmp 3627 EXIST::FUNCTION:EC
+STORE_revoke_certificate 3628 NOEXIST::FUNCTION:
+BN_get0_nist_prime_256 3629 EXIST::FUNCTION:
+STORE_meth_get_delete_fn 3630 NOEXIST::FUNCTION:
+STORE_method_get_delete_function 3630 NOEXIST::FUNCTION:
+SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256
+PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC
+SHA512_Init 3633 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_parse_attrs_endp 3634 NOEXIST::FUNCTION:
+BN_set_negative 3635 EXIST::FUNCTION:
+ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA
+EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC
+STORE_list_public_key_next 3638 NOEXIST::FUNCTION:
+i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION:
+STORE_OBJECT_free 3640 NOEXIST::FUNCTION:
+BN_nist_mod_384 3641 EXIST::FUNCTION:
+i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION:
+PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC
+ECDH_compute_key 3644 EXIST::FUNCTION:ECDH
+STORE_ATTR_INFO_get0_sha1str 3645 NOEXIST::FUNCTION:
+ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE
+pqueue_pop 3647 EXIST::FUNCTION:
+STORE_ATTR_INFO_get0_cstr 3648 NOEXIST::FUNCTION:
+POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_get_ex_new_index 3650 NOEXIST::FUNCTION:
+EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION:
+X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:EC2M
+SHA256 3654 EXIST::FUNCTION:SHA,SHA256
+i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API
+X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION:
+X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION:
+OPENSSL_DIR_read 3657 EXIST::FUNCTION:
+ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE
+X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION:
+EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC,EC2M
+EC_GROUP_dup 3661 EXIST::FUNCTION:EC
+ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE
+EC_KEY_new 3663 EXIST::FUNCTION:EC
+SHA256_Transform 3664 EXIST::FUNCTION:SHA,SHA256
+EC_KEY_set_enc_flags 3665 EXIST::FUNCTION:EC
+ECDSA_verify 3666 EXIST::FUNCTION:ECDSA
+EC_POINT_point2hex 3667 EXIST::FUNCTION:EC
+ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE
+SHA512 3669 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_get_certificate 3670 NOEXIST::FUNCTION:
+ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA
+ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA
+d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API
+STORE_delete_certificate 3674 NOEXIST::FUNCTION:
+SHA512_Transform 3675 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+X509_STORE_set1_param 3676 EXIST::FUNCTION:
+STORE_method_get_ctrl_function 3677 NOEXIST::FUNCTION:
+STORE_free 3678 NOEXIST::FUNCTION:
+PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC
+STORE_meth_get_unlock_store_fn 3680 NOEXIST::FUNCTION:
+STORE_method_get_unlock_store_function 3680 NOEXIST::FUNCTION:
+STORE_get_ex_data 3681 NOEXIST::FUNCTION:
+EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC
+PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC
+X509_CERT_PAIR_new 3684 EXIST::FUNCTION:
+ENGINE_register_STORE 3685 EXIST::FUNCTION:ENGINE
+RSA_generate_key_ex 3686 EXIST::FUNCTION:RSA
+DSA_generate_parameters_ex 3687 EXIST::FUNCTION:DSA
+ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API
+X509V3_NAME_from_section 3689 EXIST::FUNCTION:
+EVP_PKEY_add1_attr 3690 EXIST::FUNCTION:
+STORE_modify_crl 3691 NOEXIST::FUNCTION:
+STORE_list_private_key_start 3692 NOEXIST::FUNCTION:
+POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_SUBTREE_it 3694 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_get_curve_name 3695 EXIST::FUNCTION:EC
+PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION:
+BIO_dump_indent_cb 3697 EXIST::FUNCTION:
+d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION:
+STORE_list_private_key_endp 3699 NOEXIST::FUNCTION:
+asn1_const_Finish 3700 EXIST::FUNCTION:
+i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API
+BN_nist_mod_256 3702 EXIST::FUNCTION:
+X509_VERIFY_PARAM_add0_table 3703 EXIST::FUNCTION:
+pqueue_free 3704 EXIST::FUNCTION:
+BN_BLINDING_create_param 3705 EXIST::FUNCTION:
+ECDSA_size 3706 EXIST::FUNCTION:ECDSA
+d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC
+BN_get0_nist_prime_521 3708 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_sha1str 3709 NOEXIST::FUNCTION:
+BN_generate_prime_ex 3710 EXIST::FUNCTION:
+EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC
+SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256
+DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH
+PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC
+STORE_meth_get_cleanup_fn 3715 NOEXIST::FUNCTION:
+STORE_method_get_cleanup_function 3715 NOEXIST::FUNCTION:
+ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE
+d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA
+BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION:
+ECDSA_sign 3719 EXIST::FUNCTION:ECDSA
+X509_policy_check 3720 EXIST::FUNCTION:
+EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION:
+STORE_set_ex_data 3722 NOEXIST::FUNCTION:
+ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE
+EVP_ecdsa 3724 EXIST::FUNCTION:SHA
+BN_BLINDING_get_flags 3725 EXIST::FUNCTION:
+PKCS12_add_cert 3726 EXIST::FUNCTION:
+STORE_OBJECT_new 3727 NOEXIST::FUNCTION:
+ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH
+EC_KEY_dup 3729 EXIST::FUNCTION:EC
+EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION:
+ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA
+a2i_IPADDRESS_NC 3732 EXIST::FUNCTION:
+d2i_ECParameters 3733 EXIST::FUNCTION:EC
+STORE_list_certificate_end 3734 NOEXIST::FUNCTION:
+STORE_get_crl 3735 NOEXIST::FUNCTION:
+X509_POLICY_NODE_print 3736 EXIST::FUNCTION:
+SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC,EC2M
+ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA
+SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+PKCS7_set_digest 3741 EXIST::FUNCTION:
+EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC
+STORE_meth_set_lock_store_fn 3743 NOEXIST::FUNCTION:
+STORE_method_set_lock_store_function 3743 NOEXIST::FUNCTION:
+ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA
+SHA384 3745 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+POLICY_MAPPING_new 3746 EXIST::FUNCTION:
+STORE_list_certificate_endp 3747 NOEXIST::FUNCTION:
+X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION:
+EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC
+EC_KEY_check_key 3750 EXIST::FUNCTION:EC
+d2i_EC_PUBKEY_fp 3751 EXIST::FUNCTION:EC,FP_API
+PKCS7_set0_type_other 3752 EXIST::FUNCTION:
+PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION:
+pqueue_next 3754 EXIST::FUNCTION:
+STORE_meth_get_list_end_fn 3755 NOEXIST::FUNCTION:
+STORE_method_get_list_end_function 3755 NOEXIST::FUNCTION:
+EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION:
+pqueue_new 3758 EXIST::FUNCTION:
+ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE
+STORE_new_method 3760 NOEXIST::FUNCTION:
+PKCS12_add_key 3761 EXIST::FUNCTION:
+DSO_merge 3762 EXIST::FUNCTION:
+EC_POINT_hex2point 3763 EXIST::FUNCTION:EC
+BIO_dump_cb 3764 EXIST::FUNCTION:
+SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256
+pqueue_insert 3766 EXIST::FUNCTION:
+pitem_free 3767 EXIST::FUNCTION:
+BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:EC2M
+ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE
+BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED
+get_rfc3526_prime_8192 3771 EXIST::FUNCTION:
+X509_VERIFY_PARAM_clear_flags 3772 EXIST::FUNCTION:
+get_rfc2409_prime_1024 3773 EXIST::FUNCTION:
+DH_check_pub_key 3774 EXIST::FUNCTION:DH
+get_rfc3526_prime_2048 3775 EXIST::FUNCTION:
+get_rfc3526_prime_6144 3776 EXIST::FUNCTION:
+get_rfc3526_prime_1536 3777 EXIST::FUNCTION:
+get_rfc3526_prime_3072 3778 EXIST::FUNCTION:
+get_rfc3526_prime_4096 3779 EXIST::FUNCTION:
+get_rfc2409_prime_768 3780 EXIST::FUNCTION:
+X509_VERIFY_PARAM_get_flags 3781 EXIST::FUNCTION:
+EVP_CIPHER_CTX_new 3782 EXIST::FUNCTION:
+EVP_CIPHER_CTX_free 3783 EXIST::FUNCTION:
+Camellia_cbc_encrypt 3784 EXIST::FUNCTION:CAMELLIA
+Camellia_cfb128_encrypt 3785 EXIST::FUNCTION:CAMELLIA
+Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA
+Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA
+Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA
+Camellia_cfbr_encrypt_block 3789 NOEXIST::FUNCTION:
+Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA
+Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA
+Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA
+Camellia_ofb128_encrypt 3793 EXIST::FUNCTION:CAMELLIA
+Camellia_set_key 3794 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cbc 3795 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb128 3796 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb1 3797 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb8 3798 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_ecb 3799 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_ofb 3800 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cbc 3801 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb128 3802 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb1 3803 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb8 3804 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_ecb 3805 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_ofb 3806 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cbc 3807 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb128 3808 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb1 3809 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb8 3810 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_ecb 3811 EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_ofb 3812 EXIST::FUNCTION:CAMELLIA
+a2i_ipadd 3813 EXIST::FUNCTION:
+ASIdentifiers_free 3814 EXIST::FUNCTION:RFC3779
+i2d_ASIdOrRange 3815 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_block_size 3816 EXIST::FUNCTION:
+v3_asid_is_canonical 3817 EXIST::FUNCTION:RFC3779
+IPAddressChoice_free 3818 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_set_app_data 3819 EXIST::FUNCTION:
+BIO_set_callback_arg 3820 EXIST::FUNCTION:
+v3_addr_add_prefix 3821 EXIST::FUNCTION:RFC3779
+IPAddressOrRange_it 3822 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressOrRange_it 3822 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+BIO_set_flags 3823 EXIST::FUNCTION:
+ASIdentifiers_it 3824 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdentifiers_it 3824 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+v3_addr_get_range 3825 EXIST::FUNCTION:RFC3779
+BIO_method_type 3826 EXIST::FUNCTION:
+v3_addr_inherits 3827 EXIST::FUNCTION:RFC3779
+IPAddressChoice_it 3828 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressChoice_it 3828 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+AES_ige_encrypt 3829 EXIST::FUNCTION:AES
+v3_addr_add_range 3830 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_nid 3831 EXIST::FUNCTION:
+d2i_ASRange 3832 EXIST::FUNCTION:RFC3779
+v3_addr_add_inherit 3833 EXIST::FUNCTION:RFC3779
+v3_asid_add_id_or_range 3834 EXIST::FUNCTION:RFC3779
+v3_addr_validate_resource_set 3835 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_iv_length 3836 EXIST::FUNCTION:
+EVP_MD_type 3837 EXIST::FUNCTION:
+v3_asid_canonize 3838 EXIST::FUNCTION:RFC3779
+IPAddressRange_free 3839 EXIST::FUNCTION:RFC3779
+v3_asid_add_inherit 3840 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_key_length 3841 EXIST::FUNCTION:
+IPAddressRange_new 3842 EXIST::FUNCTION:RFC3779
+ASIdOrRange_new 3843 EXIST::FUNCTION:RFC3779
+EVP_MD_size 3844 EXIST::FUNCTION:
+EVP_MD_CTX_test_flags 3845 EXIST::FUNCTION:
+BIO_clear_flags 3846 EXIST::FUNCTION:
+i2d_ASRange 3847 EXIST::FUNCTION:RFC3779
+IPAddressRange_it 3848 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressRange_it 3848 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+IPAddressChoice_new 3849 EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_new 3850 EXIST::FUNCTION:RFC3779
+ASRange_free 3851 EXIST::FUNCTION:RFC3779
+EVP_MD_pkey_type 3852 EXIST::FUNCTION:
+EVP_MD_CTX_clear_flags 3853 EXIST::FUNCTION:
+IPAddressFamily_free 3854 EXIST::FUNCTION:RFC3779
+i2d_IPAddressFamily 3855 EXIST::FUNCTION:RFC3779
+IPAddressOrRange_new 3856 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_flags 3857 EXIST::FUNCTION:
+v3_asid_validate_resource_set 3858 EXIST::FUNCTION:RFC3779
+d2i_IPAddressRange 3859 EXIST::FUNCTION:RFC3779
+AES_bi_ige_encrypt 3860 EXIST::FUNCTION:AES
+BIO_get_callback 3861 EXIST::FUNCTION:
+IPAddressOrRange_free 3862 EXIST::FUNCTION:RFC3779
+v3_addr_subset 3863 EXIST::FUNCTION:RFC3779
+d2i_IPAddressFamily 3864 EXIST::FUNCTION:RFC3779
+v3_asid_subset 3865 EXIST::FUNCTION:RFC3779
+BIO_test_flags 3866 EXIST::FUNCTION:
+i2d_ASIdentifierChoice 3867 EXIST::FUNCTION:RFC3779
+ASRange_it 3868 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASRange_it 3868 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+d2i_ASIdentifiers 3869 EXIST::FUNCTION:RFC3779
+ASRange_new 3870 EXIST::FUNCTION:RFC3779
+d2i_IPAddressChoice 3871 EXIST::FUNCTION:RFC3779
+v3_addr_get_afi 3872 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_key_length 3873 EXIST::FUNCTION:
+EVP_Cipher 3874 EXIST::FUNCTION:
+i2d_IPAddressOrRange 3875 EXIST::FUNCTION:RFC3779
+ASIdOrRange_it 3876 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdOrRange_it 3876 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+EVP_CIPHER_nid 3877 EXIST::FUNCTION:
+i2d_IPAddressChoice 3878 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_block_size 3879 EXIST::FUNCTION:
+ASIdentifiers_new 3880 EXIST::FUNCTION:RFC3779
+v3_addr_validate_path 3881 EXIST::FUNCTION:RFC3779
+IPAddressFamily_new 3882 EXIST::FUNCTION:RFC3779
+EVP_MD_CTX_set_flags 3883 EXIST::FUNCTION:
+v3_addr_is_canonical 3884 EXIST::FUNCTION:RFC3779
+i2d_IPAddressRange 3885 EXIST::FUNCTION:RFC3779
+IPAddressFamily_it 3886 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressFamily_it 3886 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+v3_asid_inherits 3887 EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_cipher 3888 EXIST::FUNCTION:
+EVP_CIPHER_CTX_get_app_data 3889 EXIST::FUNCTION:
+EVP_MD_block_size 3890 EXIST::FUNCTION:
+EVP_CIPHER_CTX_flags 3891 EXIST::FUNCTION:
+v3_asid_validate_path 3892 EXIST::FUNCTION:RFC3779
+d2i_IPAddressOrRange 3893 EXIST::FUNCTION:RFC3779
+v3_addr_canonize 3894 EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_it 3895 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdentifierChoice_it 3895 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+EVP_MD_CTX_md 3896 EXIST::FUNCTION:
+d2i_ASIdentifierChoice 3897 EXIST::FUNCTION:RFC3779
+BIO_method_name 3898 EXIST::FUNCTION:
+EVP_CIPHER_CTX_iv_length 3899 EXIST::FUNCTION:
+ASIdOrRange_free 3900 EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_free 3901 EXIST::FUNCTION:RFC3779
+BIO_get_callback_arg 3902 EXIST::FUNCTION:
+BIO_set_callback 3903 EXIST::FUNCTION:
+d2i_ASIdOrRange 3904 EXIST::FUNCTION:RFC3779
+i2d_ASIdentifiers 3905 EXIST::FUNCTION:RFC3779
+CRYPTO_memcmp 3906 EXIST::FUNCTION:
+BN_consttime_swap 3907 EXIST::FUNCTION:
+SEED_decrypt 3908 EXIST::FUNCTION:SEED
+SEED_encrypt 3909 EXIST::FUNCTION:SEED
+SEED_cbc_encrypt 3910 EXIST::FUNCTION:SEED
+EVP_seed_ofb 3911 EXIST::FUNCTION:SEED
+SEED_cfb128_encrypt 3912 EXIST::FUNCTION:SEED
+SEED_ofb128_encrypt 3913 EXIST::FUNCTION:SEED
+EVP_seed_cbc 3914 EXIST::FUNCTION:SEED
+SEED_ecb_encrypt 3915 EXIST::FUNCTION:SEED
+EVP_seed_ecb 3916 EXIST::FUNCTION:SEED
+SEED_set_key 3917 EXIST::FUNCTION:SEED
+EVP_seed_cfb128 3918 EXIST::FUNCTION:SEED
+X509_EXTENSIONS_it 3919 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_EXTENSIONS_it 3919 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_get1_ocsp 3920 EXIST::FUNCTION:
+OCSP_REQ_CTX_free 3921 EXIST::FUNCTION:
+i2d_X509_EXTENSIONS 3922 EXIST::FUNCTION:
+OCSP_sendreq_nbio 3923 EXIST::FUNCTION:
+OCSP_sendreq_new 3924 EXIST::FUNCTION:
+d2i_X509_EXTENSIONS 3925 EXIST::FUNCTION:
+X509_ALGORS_it 3926 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ALGORS_it 3926 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_ALGOR_get0 3927 EXIST::FUNCTION:
+X509_ALGOR_set0 3928 EXIST::FUNCTION:
+AES_unwrap_key 3929 EXIST::FUNCTION:AES
+AES_wrap_key 3930 EXIST::FUNCTION:AES
+X509at_get0_data_by_OBJ 3931 EXIST::FUNCTION:
+ASN1_TYPE_set1 3932 EXIST::FUNCTION:
+ASN1_STRING_set0 3933 EXIST::FUNCTION:
+i2d_X509_ALGORS 3934 EXIST::FUNCTION:
+BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:COMP
+COMP_zlib_cleanup 3936 EXIST::FUNCTION:COMP
+d2i_X509_ALGORS 3937 EXIST::FUNCTION:
+CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS
+PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS
+CMS_add0_CertificateChoices 3940 EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_OBJ 3941 EXIST::FUNCTION:CMS
+ERR_load_CMS_strings 3942 EXIST::FUNCTION:CMS
+CMS_sign_receipt 3943 EXIST::FUNCTION:CMS
+i2d_CMS_ContentInfo 3944 EXIST::FUNCTION:CMS
+CMS_signed_delete_attr 3945 EXIST::FUNCTION:CMS
+d2i_CMS_bio 3946 EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_by_NID 3947 EXIST::FUNCTION:CMS
+CMS_verify 3948 EXIST::FUNCTION:CMS
+SMIME_read_CMS 3949 EXIST::FUNCTION:CMS
+CMS_decrypt_set1_key 3950 EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_algs 3951 EXIST::FUNCTION:CMS
+CMS_add1_cert 3952 EXIST::FUNCTION:CMS
+CMS_set_detached 3953 EXIST::FUNCTION:CMS
+CMS_encrypt 3954 EXIST::FUNCTION:CMS
+CMS_EnvelopedData_create 3955 EXIST::FUNCTION:CMS
+CMS_uncompress 3956 EXIST::FUNCTION:CMS
+CMS_add0_crl 3957 EXIST::FUNCTION:CMS
+CMS_SignerInfo_verify_content 3958 EXIST::FUNCTION:CMS
+CMS_unsigned_get0_data_by_OBJ 3959 EXIST::FUNCTION:CMS
+PEM_write_bio_CMS 3960 EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr 3961 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_cert_cmp 3962 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_get0_algs 3963 EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_ktri_get0_algs 3963 EXIST:VMS:FUNCTION:CMS
+CMS_ContentInfo_free 3964 EXIST::FUNCTION:CMS
+CMS_final 3965 EXIST::FUNCTION:CMS
+CMS_add_simple_smimecap 3966 EXIST::FUNCTION:CMS
+CMS_SignerInfo_verify 3967 EXIST::FUNCTION:CMS
+CMS_data 3968 EXIST::FUNCTION:CMS
+CMS_ContentInfo_it 3969 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+CMS_ContentInfo_it 3969 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+d2i_CMS_ReceiptRequest 3970 EXIST::FUNCTION:CMS
+CMS_compress 3971 EXIST::FUNCTION:CMS
+CMS_digest_create 3972 EXIST::FUNCTION:CMS
+CMS_SignerInfo_cert_cmp 3973 EXIST::FUNCTION:CMS
+CMS_SignerInfo_sign 3974 EXIST::FUNCTION:CMS
+CMS_data_create 3975 EXIST::FUNCTION:CMS
+i2d_CMS_bio 3976 EXIST::FUNCTION:CMS
+CMS_EncryptedData_set1_key 3977 EXIST::FUNCTION:CMS
+CMS_decrypt 3978 EXIST::FUNCTION:CMS
+int_smime_write_ASN1 3979 NOEXIST::FUNCTION:
+CMS_unsigned_delete_attr 3980 EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_count 3981 EXIST::FUNCTION:CMS
+CMS_add_smimecap 3982 EXIST::FUNCTION:CMS
+PEM_read_CMS 3983 EXIST:!WIN16:FUNCTION:CMS
+CMS_signed_get_attr_by_OBJ 3984 EXIST::FUNCTION:CMS
+d2i_CMS_ContentInfo 3985 EXIST::FUNCTION:CMS
+CMS_add_standard_smimecap 3986 EXIST::FUNCTION:CMS
+CMS_ContentInfo_new 3987 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_type 3988 EXIST::FUNCTION:CMS
+CMS_get0_type 3989 EXIST::FUNCTION:CMS
+CMS_is_detached 3990 EXIST::FUNCTION:CMS
+CMS_sign 3991 EXIST::FUNCTION:CMS
+CMS_signed_add1_attr 3992 EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_by_OBJ 3993 EXIST::FUNCTION:CMS
+SMIME_write_CMS 3994 EXIST::FUNCTION:CMS
+CMS_EncryptedData_decrypt 3995 EXIST::FUNCTION:CMS
+CMS_get0_RecipientInfos 3996 EXIST::FUNCTION:CMS
+CMS_add0_RevocationInfoChoice 3997 EXIST::FUNCTION:CMS
+CMS_decrypt_set1_pkey 3998 EXIST::FUNCTION:CMS
+CMS_SignerInfo_set1_signer_cert 3999 EXIST::FUNCTION:CMS
+CMS_get0_signers 4000 EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_get0_values 4001 EXIST::FUNCTION:CMS
+CMS_signed_get0_data_by_OBJ 4002 EXIST::FUNCTION:CMS
+CMS_get0_SignerInfos 4003 EXIST::FUNCTION:CMS
+CMS_add0_cert 4004 EXIST::FUNCTION:CMS
+CMS_EncryptedData_encrypt 4005 EXIST::FUNCTION:CMS
+CMS_digest_verify 4006 EXIST::FUNCTION:CMS
+CMS_set1_signers_certs 4007 EXIST::FUNCTION:CMS
+CMS_signed_get_attr 4008 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_key 4009 EXIST::FUNCTION:CMS
+CMS_SignedData_init 4010 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kekri_get0_id 4011 EXIST::FUNCTION:CMS
+CMS_verify_receipt 4012 EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_it 4013 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+CMS_ReceiptRequest_it 4013 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+PEM_read_bio_CMS 4014 EXIST::FUNCTION:CMS
+CMS_get1_crls 4015 EXIST::FUNCTION:CMS
+CMS_add0_recipient_key 4016 EXIST::FUNCTION:CMS
+SMIME_read_ASN1 4017 EXIST::FUNCTION:
+CMS_ReceiptRequest_new 4018 EXIST::FUNCTION:CMS
+CMS_get0_content 4019 EXIST::FUNCTION:CMS
+CMS_get1_ReceiptRequest 4020 EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_OBJ 4021 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kekri_id_cmp 4022 EXIST::FUNCTION:CMS
+CMS_add1_ReceiptRequest 4023 EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_signer_id 4024 EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_NID 4025 EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr 4026 EXIST::FUNCTION:CMS
+CMS_signed_get_attr_by_NID 4027 EXIST::FUNCTION:CMS
+CMS_get1_certs 4028 EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_NID 4029 EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_txt 4030 EXIST::FUNCTION:CMS
+CMS_dataFinal 4031 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_get0_signer_id 4032 EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_ktri_get0_sigr_id 4032 EXIST:VMS:FUNCTION:CMS
+i2d_CMS_ReceiptRequest 4033 EXIST::FUNCTION:CMS
+CMS_add1_recipient_cert 4034 EXIST::FUNCTION:CMS
+CMS_dataInit 4035 EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_txt 4036 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_decrypt 4037 EXIST::FUNCTION:CMS
+CMS_signed_get_attr_count 4038 EXIST::FUNCTION:CMS
+CMS_get0_eContentType 4039 EXIST::FUNCTION:CMS
+CMS_set1_eContentType 4040 EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS
+CMS_add1_signer 4042 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS
+ENGINE_set_load_ssl_client_cert_function 4044 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_ld_ssl_clnt_cert_fn 4044 EXIST:VMS:FUNCTION:ENGINE
+ENGINE_get_ssl_client_cert_function 4045 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_ssl_client_cert_fn 4045 EXIST:VMS:FUNCTION:ENGINE
+ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE
+ENGINE_load_capi 4047 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OPENSSL_isservice 4048 EXIST::FUNCTION:
+FIPS_dsa_sig_decode 4049 NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_clear_flags 4050 EXIST::FUNCTION:
+FIPS_rand_status 4051 NOEXIST::FUNCTION:
+FIPS_rand_set_key 4052 NOEXIST::FUNCTION:
+CRYPTO_set_mem_info_functions 4053 NOEXIST::FUNCTION:
+RSA_X931_generate_key_ex 4054 NOEXIST::FUNCTION:
+int_ERR_set_state_func 4055 NOEXIST::FUNCTION:
+int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION:
+int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION:
+FIPS_rng_stick 4058 NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION:
+BN_X931_generate_prime_ex 4060 EXIST::FUNCTION:
+FIPS_selftest_check 4061 NOEXIST::FUNCTION:
+FIPS_rand_set_dt 4062 NOEXIST::FUNCTION:
+CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION:
+FIPS_dsa_free 4064 NOEXIST::FUNCTION:
+RSA_X931_derive_ex 4065 NOEXIST::FUNCTION:
+FIPS_rsa_new 4066 NOEXIST::FUNCTION:
+FIPS_rand_bytes 4067 NOEXIST::FUNCTION:
+fips_cipher_test 4068 NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_test_flags 4069 EXIST::FUNCTION:
+CRYPTO_malloc_debug_init 4070 NOEXIST::FUNCTION:
+CRYPTO_dbg_push_info 4071 NOEXIST::FUNCTION:
+FIPS_corrupt_rsa_keygen 4072 NOEXIST::FUNCTION:
+FIPS_dh_new 4073 NOEXIST::FUNCTION:
+FIPS_corrupt_dsa_keygen 4074 NOEXIST::FUNCTION:
+FIPS_dh_free 4075 NOEXIST::FUNCTION:
+fips_pkey_signature_test 4076 NOEXIST::FUNCTION:
+EVP_add_alg_module 4077 EXIST::FUNCTION:
+int_RAND_init_engine_callbacks 4078 NOEXIST::FUNCTION:
+int_EVP_CIPHER_set_engine_callbacks 4079 NOEXIST::FUNCTION:
+int_EVP_MD_init_engine_callbacks 4080 NOEXIST::FUNCTION:
+FIPS_rand_test_mode 4081 NOEXIST::FUNCTION:
+FIPS_rand_reset 4082 NOEXIST::FUNCTION:
+FIPS_dsa_new 4083 NOEXIST::FUNCTION:
+int_RAND_set_callbacks 4084 NOEXIST::FUNCTION:
+BN_X931_derive_prime_ex 4085 EXIST::FUNCTION:
+int_ERR_lib_init 4086 NOEXIST::FUNCTION:
+int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION:
+FIPS_rsa_free 4088 NOEXIST::FUNCTION:
+FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION:
+CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION:
+OPENSSL_init 4091 EXIST::FUNCTION:
+private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
+CRYPTO_strdup 4093 EXIST::FUNCTION:
+JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE
+JPAKE_get_shared_key 4096 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_init 4097 EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_generate 4098 EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_init 4099 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_process 4100 EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_generate 4101 EXIST::FUNCTION:JPAKE
+JPAKE_CTX_new 4102 EXIST::FUNCTION:JPAKE
+JPAKE_CTX_free 4103 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_release 4104 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_release 4105 EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_process 4106 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_generate 4107 EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_process 4108 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_generate 4109 EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_release 4110 EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_init 4111 EXIST::FUNCTION:JPAKE
+ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE
+pqueue_size 4114 EXIST::FUNCTION:
+i2d_TS_ACCURACY 4115 EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_fp 4116 EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT 4117 EXIST::FUNCTION:
+EVP_PKEY_print_public 4118 EXIST::FUNCTION:
+EVP_PKEY_CTX_new 4119 EXIST::FUNCTION:
+i2d_TS_TST_INFO 4120 EXIST::FUNCTION:
+EVP_PKEY_asn1_find 4121 EXIST::FUNCTION:
+DSO_METHOD_beos 4122 EXIST::FUNCTION:
+TS_CONF_load_cert 4123 EXIST::FUNCTION:
+TS_REQ_get_ext 4124 EXIST::FUNCTION:
+EVP_PKEY_sign_init 4125 EXIST::FUNCTION:
+ASN1_item_print 4126 EXIST::FUNCTION:
+TS_TST_INFO_set_nonce 4127 EXIST::FUNCTION:
+TS_RESP_dup 4128 EXIST::FUNCTION:
+ENGINE_register_pkey_meths 4129 EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_add0 4130 EXIST::FUNCTION:
+PKCS7_add0_attrib_signing_time 4131 EXIST::FUNCTION:
+i2d_TS_TST_INFO_fp 4132 EXIST::FUNCTION:
+BIO_asn1_get_prefix 4133 EXIST::FUNCTION:
+TS_TST_INFO_set_time 4134 EXIST::FUNCTION:
+EVP_PKEY_meth_set_decrypt 4135 EXIST::FUNCTION:
+EVP_PKEY_set_type_str 4136 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_keygen_info 4137 EXIST::FUNCTION:
+TS_REQ_set_policy_id 4138 EXIST::FUNCTION:
+d2i_TS_RESP_fp 4139 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_engine 4140 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_pkey_asn1_meth_eng 4140 EXIST:VMS:FUNCTION:ENGINE
+WHIRLPOOL_Init 4141 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+TS_RESP_set_status_info 4142 EXIST::FUNCTION:
+EVP_PKEY_keygen 4143 EXIST::FUNCTION:
+EVP_DigestSignInit 4144 EXIST::FUNCTION:
+TS_ACCURACY_set_millis 4145 EXIST::FUNCTION:
+TS_REQ_dup 4146 EXIST::FUNCTION:
+GENERAL_NAME_dup 4147 EXIST::FUNCTION:
+ASN1_SEQUENCE_ANY_it 4148 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SEQUENCE_ANY_it 4148 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+WHIRLPOOL 4149 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+X509_STORE_get1_crls 4150 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth 4151 EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_new 4152 EXIST::FUNCTION:
+BIO_new_NDEF 4153 EXIST::FUNCTION:
+ENGINE_get_pkey_meth 4154 EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_set_algo 4155 EXIST::FUNCTION:
+i2d_TS_TST_INFO_bio 4156 EXIST::FUNCTION:
+TS_TST_INFO_set_ordering 4157 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_OBJ 4158 EXIST::FUNCTION:
+CRYPTO_THREADID_set_pointer 4159 EXIST::FUNCTION:
+TS_CONF_get_tsa_section 4160 EXIST::FUNCTION:
+SMIME_write_ASN1 4161 EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_key 4162 EXIST::FUNCTION:
+EVP_PKEY_encrypt_old 4163 EXIST::FUNCTION:
+EVP_PKEY_encrypt_init 4164 EXIST::FUNCTION:
+CRYPTO_THREADID_cpy 4165 EXIST::FUNCTION:
+ASN1_PCTX_get_cert_flags 4166 EXIST::FUNCTION:
+i2d_ESS_SIGNING_CERT 4167 EXIST::FUNCTION:
+TS_CONF_load_key 4168 EXIST::FUNCTION:
+i2d_ASN1_SEQUENCE_ANY 4169 EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT_bio 4170 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_public 4171 EXIST::FUNCTION:
+b2i_PublicKey_bio 4172 EXIST::FUNCTION:
+BIO_asn1_set_prefix 4173 EXIST::FUNCTION:
+EVP_PKEY_new_mac_key 4174 EXIST::FUNCTION:
+BIO_new_CMS 4175 EXIST::FUNCTION:CMS
+CRYPTO_THREADID_cmp 4176 EXIST::FUNCTION:
+TS_REQ_ext_free 4177 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_free 4178 EXIST::FUNCTION:
+EVP_PKEY_get0_asn1 4179 EXIST::FUNCTION:
+d2i_NETSCAPE_X509 4180 EXIST::FUNCTION:
+EVP_PKEY_verify_recover_init 4181 EXIST::FUNCTION:
+EVP_PKEY_CTX_set_data 4182 EXIST::FUNCTION:
+EVP_PKEY_keygen_init 4183 EXIST::FUNCTION:
+TS_RESP_CTX_set_status_info 4184 EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_algo 4185 EXIST::FUNCTION:
+TS_REQ_print_bio 4186 EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl_str 4187 EXIST::FUNCTION:
+EVP_PKEY_get_default_digest_nid 4188 EXIST::FUNCTION:
+PEM_write_bio_PKCS7_stream 4189 EXIST::FUNCTION:
+TS_MSG_IMPRINT_print_bio 4190 EXIST::FUNCTION:
+BN_asc2bn 4191 EXIST::FUNCTION:
+TS_REQ_get_policy_id 4192 EXIST::FUNCTION:
+ENGINE_set_default_pkey_asn1_meths 4193 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_def_pkey_asn1_meths 4193 EXIST:VMS:FUNCTION:ENGINE
+d2i_TS_ACCURACY 4194 EXIST::FUNCTION:
+DSO_global_lookup 4195 EXIST::FUNCTION:
+TS_CONF_set_tsa_name 4196 EXIST::FUNCTION:
+i2d_ASN1_SET_ANY 4197 EXIST::FUNCTION:
+ENGINE_load_gost 4198 EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE
+WHIRLPOOL_BitUpdate 4199 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+ASN1_PCTX_get_flags 4200 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_NID 4201 EXIST::FUNCTION:
+TS_RESP_new 4202 EXIST::FUNCTION:
+ESS_CERT_ID_dup 4203 EXIST::FUNCTION:
+TS_STATUS_INFO_dup 4204 EXIST::FUNCTION:
+TS_REQ_delete_ext 4205 EXIST::FUNCTION:
+EVP_DigestVerifyFinal 4206 EXIST::FUNCTION:
+EVP_PKEY_print_params 4207 EXIST::FUNCTION:
+i2d_CMS_bio_stream 4208 EXIST::FUNCTION:CMS
+TS_REQ_get_msg_imprint 4209 EXIST::FUNCTION:
+OBJ_find_sigid_by_algs 4210 EXIST::FUNCTION:
+TS_TST_INFO_get_serial 4211 EXIST::FUNCTION:
+TS_REQ_get_nonce 4212 EXIST::FUNCTION:
+X509_PUBKEY_set0_param 4213 EXIST::FUNCTION:
+EVP_PKEY_CTX_set0_keygen_info 4214 EXIST::FUNCTION:
+DIST_POINT_set_dpname 4215 EXIST::FUNCTION:
+i2d_ISSUING_DIST_POINT 4216 EXIST::FUNCTION:
+ASN1_SET_ANY_it 4217 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SET_ANY_it 4217 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_PKEY_CTX_get_data 4218 EXIST::FUNCTION:
+TS_STATUS_INFO_print_bio 4219 EXIST::FUNCTION:
+EVP_PKEY_derive_init 4220 EXIST::FUNCTION:
+d2i_TS_TST_INFO 4221 EXIST::FUNCTION:
+EVP_PKEY_asn1_add_alias 4222 EXIST::FUNCTION:
+d2i_TS_RESP_bio 4223 EXIST::FUNCTION:
+OTHERNAME_cmp 4224 EXIST::FUNCTION:
+GENERAL_NAME_set0_value 4225 EXIST::FUNCTION:
+PKCS7_RECIP_INFO_get0_alg 4226 EXIST::FUNCTION:
+TS_RESP_CTX_new 4227 EXIST::FUNCTION:
+TS_RESP_set_tst_info 4228 EXIST::FUNCTION:
+PKCS7_final 4229 EXIST::FUNCTION:
+EVP_PKEY_base_id 4230 EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_cert 4231 EXIST::FUNCTION:
+TS_REQ_set_msg_imprint 4232 EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl 4233 EXIST::FUNCTION:
+TS_CONF_set_digests 4234 EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT 4235 EXIST::FUNCTION:
+EVP_PKEY_meth_set_ctrl 4236 EXIST::FUNCTION:
+TS_REQ_get_ext_by_NID 4237 EXIST::FUNCTION:
+PKCS5_pbe_set0_algor 4238 EXIST::FUNCTION:
+BN_BLINDING_thread_id 4239 EXIST::FUNCTION:
+TS_ACCURACY_new 4240 EXIST::FUNCTION:
+X509_CRL_METHOD_free 4241 EXIST::FUNCTION:
+ASN1_PCTX_get_nm_flags 4242 EXIST::FUNCTION:
+EVP_PKEY_meth_set_sign 4243 EXIST::FUNCTION:
+CRYPTO_THREADID_current 4244 EXIST::FUNCTION:
+EVP_PKEY_decrypt_init 4245 EXIST::FUNCTION:
+NETSCAPE_X509_free 4246 EXIST::FUNCTION:
+i2b_PVK_bio 4247 EXIST::FUNCTION:RC4
+EVP_PKEY_print_private 4248 EXIST::FUNCTION:
+GENERAL_NAME_get0_value 4249 EXIST::FUNCTION:
+b2i_PVK_bio 4250 EXIST::FUNCTION:RC4
+ASN1_UTCTIME_adj 4251 EXIST::FUNCTION:
+TS_TST_INFO_new 4252 EXIST::FUNCTION:
+EVP_MD_do_all_sorted 4253 EXIST::FUNCTION:
+TS_CONF_set_default_engine 4254 EXIST::FUNCTION:
+TS_ACCURACY_set_seconds 4255 EXIST::FUNCTION:
+TS_TST_INFO_get_time 4256 EXIST::FUNCTION:
+PKCS8_pkey_get0 4257 EXIST::FUNCTION:
+EVP_PKEY_asn1_get0 4258 EXIST::FUNCTION:
+OBJ_add_sigid 4259 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_sign 4260 EXIST::FUNCTION:
+EVP_PKEY_paramgen_init 4261 EXIST::FUNCTION:
+EVP_PKEY_sign 4262 EXIST::FUNCTION:
+OBJ_sigid_free 4263 EXIST::FUNCTION:
+EVP_PKEY_meth_set_init 4264 EXIST::FUNCTION:
+d2i_ESS_ISSUER_SERIAL 4265 EXIST::FUNCTION:
+ISSUING_DIST_POINT_new 4266 EXIST::FUNCTION:
+ASN1_TIME_adj 4267 EXIST::FUNCTION:
+TS_OBJ_print_bio 4268 EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify_recover 4269 EXIST:!VMS:FUNCTION:
+EVP_PKEY_meth_set_vrfy_recover 4269 EXIST:VMS:FUNCTION:
+TS_RESP_get_status_info 4270 EXIST::FUNCTION:
+CMS_stream 4271 EXIST::FUNCTION:CMS
+EVP_PKEY_CTX_set_cb 4272 EXIST::FUNCTION:
+PKCS7_to_TS_TST_INFO 4273 EXIST::FUNCTION:
+ASN1_PCTX_get_oid_flags 4274 EXIST::FUNCTION:
+TS_TST_INFO_add_ext 4275 EXIST::FUNCTION:
+EVP_PKEY_meth_set_derive 4276 EXIST::FUNCTION:
+i2d_TS_RESP_fp 4277 EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_bio 4278 EXIST::FUNCTION:
+TS_RESP_CTX_set_accuracy 4279 EXIST::FUNCTION:
+TS_REQ_set_nonce 4280 EXIST::FUNCTION:
+ESS_CERT_ID_new 4281 EXIST::FUNCTION:
+ENGINE_pkey_asn1_find_str 4282 EXIST::FUNCTION:ENGINE
+TS_REQ_get_ext_count 4283 EXIST::FUNCTION:
+BUF_reverse 4284 EXIST::FUNCTION:
+TS_TST_INFO_print_bio 4285 EXIST::FUNCTION:
+d2i_ISSUING_DIST_POINT 4286 EXIST::FUNCTION:
+ENGINE_get_pkey_meths 4287 EXIST::FUNCTION:ENGINE
+i2b_PrivateKey_bio 4288 EXIST::FUNCTION:
+i2d_TS_RESP 4289 EXIST::FUNCTION:
+b2i_PublicKey 4290 EXIST::FUNCTION:
+TS_VERIFY_CTX_cleanup 4291 EXIST::FUNCTION:
+TS_STATUS_INFO_free 4292 EXIST::FUNCTION:
+TS_RESP_verify_token 4293 EXIST::FUNCTION:
+OBJ_bsearch_ex_ 4294 EXIST::FUNCTION:
+ASN1_bn_print 4295 EXIST::FUNCTION:BIO
+EVP_PKEY_asn1_get_count 4296 EXIST::FUNCTION:
+ENGINE_register_pkey_asn1_meths 4297 EXIST::FUNCTION:ENGINE
+ASN1_PCTX_set_nm_flags 4298 EXIST::FUNCTION:
+EVP_DigestVerifyInit 4299 EXIST::FUNCTION:
+ENGINE_set_default_pkey_meths 4300 EXIST::FUNCTION:ENGINE
+TS_TST_INFO_get_policy_id 4301 EXIST::FUNCTION:
+TS_REQ_get_cert_req 4302 EXIST::FUNCTION:
+X509_CRL_set_meth_data 4303 EXIST::FUNCTION:
+PKCS8_pkey_set0 4304 EXIST::FUNCTION:
+ASN1_STRING_copy 4305 EXIST::FUNCTION:
+d2i_TS_TST_INFO_fp 4306 EXIST::FUNCTION:
+X509_CRL_match 4307 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_private 4308 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_d2i 4309 EXIST::FUNCTION:
+TS_RESP_CTX_add_policy 4310 EXIST::FUNCTION:
+d2i_TS_RESP 4311 EXIST::FUNCTION:
+TS_CONF_load_certs 4312 EXIST::FUNCTION:
+TS_TST_INFO_get_msg_imprint 4313 EXIST::FUNCTION:
+ERR_load_TS_strings 4314 EXIST::FUNCTION:
+TS_TST_INFO_get_version 4315 EXIST::FUNCTION:
+EVP_PKEY_CTX_dup 4316 EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify 4317 EXIST::FUNCTION:
+i2b_PublicKey_bio 4318 EXIST::FUNCTION:
+TS_CONF_set_certs 4319 EXIST::FUNCTION:
+EVP_PKEY_asn1_get0_info 4320 EXIST::FUNCTION:
+TS_VERIFY_CTX_free 4321 EXIST::FUNCTION:
+TS_REQ_get_ext_by_critical 4322 EXIST::FUNCTION:
+TS_RESP_CTX_set_serial_cb 4323 EXIST::FUNCTION:
+X509_CRL_get_meth_data 4324 EXIST::FUNCTION:
+TS_RESP_CTX_set_time_cb 4325 EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_msg 4326 EXIST::FUNCTION:
+TS_TST_INFO_ext_free 4327 EXIST::FUNCTION:
+TS_REQ_get_version 4328 EXIST::FUNCTION:
+TS_REQ_add_ext 4329 EXIST::FUNCTION:
+EVP_PKEY_CTX_set_app_data 4330 EXIST::FUNCTION:
+OBJ_bsearch_ 4331 EXIST::FUNCTION:
+EVP_PKEY_meth_set_verifyctx 4332 EXIST::FUNCTION:
+i2d_PKCS7_bio_stream 4333 EXIST::FUNCTION:
+CRYPTO_THREADID_set_numeric 4334 EXIST::FUNCTION:
+PKCS7_sign_add_signer 4335 EXIST::FUNCTION:
+d2i_TS_TST_INFO_bio 4336 EXIST::FUNCTION:
+TS_TST_INFO_get_ordering 4337 EXIST::FUNCTION:
+TS_RESP_print_bio 4338 EXIST::FUNCTION:
+TS_TST_INFO_get_exts 4339 EXIST::FUNCTION:
+HMAC_CTX_copy 4340 EXIST::FUNCTION:HMAC
+PKCS5_pbe2_set_iv 4341 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meths 4342 EXIST::FUNCTION:ENGINE
+b2i_PrivateKey 4343 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_app_data 4344 EXIST::FUNCTION:
+TS_REQ_set_cert_req 4345 EXIST::FUNCTION:
+CRYPTO_THREADID_set_callback 4346 EXIST::FUNCTION:
+TS_CONF_set_serial 4347 EXIST::FUNCTION:
+TS_TST_INFO_free 4348 EXIST::FUNCTION:
+d2i_TS_REQ_fp 4349 EXIST::FUNCTION:
+TS_RESP_verify_response 4350 EXIST::FUNCTION:
+i2d_ESS_ISSUER_SERIAL 4351 EXIST::FUNCTION:
+TS_ACCURACY_get_seconds 4352 EXIST::FUNCTION:
+EVP_CIPHER_do_all 4353 EXIST::FUNCTION:
+b2i_PrivateKey_bio 4354 EXIST::FUNCTION:
+OCSP_CERTID_dup 4355 EXIST::FUNCTION:
+X509_PUBKEY_get0_param 4356 EXIST::FUNCTION:
+TS_MSG_IMPRINT_dup 4357 EXIST::FUNCTION:
+PKCS7_print_ctx 4358 EXIST::FUNCTION:
+i2d_TS_REQ_bio 4359 EXIST::FUNCTION:
+EVP_whirlpool 4360 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+EVP_PKEY_asn1_set_param 4361 EXIST::FUNCTION:
+EVP_PKEY_meth_set_encrypt 4362 EXIST::FUNCTION:
+ASN1_PCTX_set_flags 4363 EXIST::FUNCTION:
+i2d_ESS_CERT_ID 4364 EXIST::FUNCTION:
+TS_VERIFY_CTX_new 4365 EXIST::FUNCTION:
+TS_RESP_CTX_set_extension_cb 4366 EXIST::FUNCTION:
+ENGINE_register_all_pkey_meths 4367 EXIST::FUNCTION:ENGINE
+TS_RESP_CTX_set_status_info_cond 4368 EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_stat_info_cond 4368 EXIST:VMS:FUNCTION:
+EVP_PKEY_verify 4369 EXIST::FUNCTION:
+WHIRLPOOL_Final 4370 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+X509_CRL_METHOD_new 4371 EXIST::FUNCTION:
+EVP_DigestSignFinal 4372 EXIST::FUNCTION:
+TS_RESP_CTX_set_def_policy 4373 EXIST::FUNCTION:
+NETSCAPE_X509_it 4374 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_X509_it 4374 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+TS_RESP_create_response 4375 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_get0_algs 4376 EXIST::FUNCTION:
+TS_TST_INFO_get_nonce 4377 EXIST::FUNCTION:
+EVP_PKEY_decrypt_old 4378 EXIST::FUNCTION:
+TS_TST_INFO_set_policy_id 4379 EXIST::FUNCTION:
+TS_CONF_set_ess_cert_id_chain 4380 EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_pkey 4381 EXIST::FUNCTION:
+d2i_TS_REQ 4382 EXIST::FUNCTION:
+EVP_PKEY_asn1_find_str 4383 EXIST::FUNCTION:
+BIO_f_asn1 4384 EXIST::FUNCTION:
+ESS_SIGNING_CERT_new 4385 EXIST::FUNCTION:
+EVP_PBE_find 4386 EXIST::FUNCTION:
+X509_CRL_get0_by_cert 4387 EXIST::FUNCTION:
+EVP_PKEY_derive 4388 EXIST::FUNCTION:
+i2d_TS_REQ 4389 EXIST::FUNCTION:
+TS_TST_INFO_delete_ext 4390 EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_free 4391 EXIST::FUNCTION:
+ASN1_PCTX_set_str_flags 4392 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_str 4393 EXIST::FUNCTION:ENGINE
+TS_CONF_set_signer_key 4394 EXIST::FUNCTION:
+TS_ACCURACY_get_millis 4395 EXIST::FUNCTION:
+TS_RESP_get_token 4396 EXIST::FUNCTION:
+TS_ACCURACY_dup 4397 EXIST::FUNCTION:
+ENGINE_register_all_pkey_asn1_meths 4398 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_reg_all_pkey_asn1_meths 4398 EXIST:VMS:FUNCTION:ENGINE
+X509_CRL_set_default_method 4399 EXIST::FUNCTION:
+CRYPTO_THREADID_hash 4400 EXIST::FUNCTION:
+CMS_ContentInfo_print_ctx 4401 EXIST::FUNCTION:CMS
+TS_RESP_free 4402 EXIST::FUNCTION:
+ISSUING_DIST_POINT_free 4403 EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_new 4404 EXIST::FUNCTION:
+CMS_add1_crl 4405 EXIST::FUNCTION:CMS
+PKCS7_add1_attrib_digest 4406 EXIST::FUNCTION:
+TS_RESP_CTX_add_md 4407 EXIST::FUNCTION:
+TS_TST_INFO_dup 4408 EXIST::FUNCTION:
+ENGINE_set_pkey_asn1_meths 4409 EXIST::FUNCTION:ENGINE
+PEM_write_bio_Parameters 4410 EXIST::FUNCTION:
+TS_TST_INFO_get_accuracy 4411 EXIST::FUNCTION:
+X509_CRL_get0_by_serial 4412 EXIST::FUNCTION:
+TS_TST_INFO_set_version 4413 EXIST::FUNCTION:
+TS_RESP_CTX_get_tst_info 4414 EXIST::FUNCTION:
+TS_RESP_verify_signature 4415 EXIST::FUNCTION:
+CRYPTO_THREADID_get_callback 4416 EXIST::FUNCTION:
+TS_TST_INFO_get_tsa 4417 EXIST::FUNCTION:
+TS_STATUS_INFO_new 4418 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_cb 4419 EXIST::FUNCTION:
+TS_REQ_get_ext_d2i 4420 EXIST::FUNCTION:
+GENERAL_NAME_set0_othername 4421 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_count 4422 EXIST::FUNCTION:
+TS_RESP_CTX_get_request 4423 EXIST::FUNCTION:
+i2d_NETSCAPE_X509 4424 EXIST::FUNCTION:
+ENGINE_get_pkey_meth_engine 4425 EXIST::FUNCTION:ENGINE
+EVP_PKEY_meth_set_signctx 4426 EXIST::FUNCTION:
+EVP_PKEY_asn1_copy 4427 EXIST::FUNCTION:
+ASN1_TYPE_cmp 4428 EXIST::FUNCTION:
+EVP_CIPHER_do_all_sorted 4429 EXIST::FUNCTION:
+EVP_PKEY_CTX_free 4430 EXIST::FUNCTION:
+ISSUING_DIST_POINT_it 4431 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ISSUING_DIST_POINT_it 4431 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_TS_MSG_IMPRINT_fp 4432 EXIST::FUNCTION:
+X509_STORE_get1_certs 4433 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_operation 4434 EXIST::FUNCTION:
+d2i_ESS_SIGNING_CERT 4435 EXIST::FUNCTION:
+TS_CONF_set_ordering 4436 EXIST::FUNCTION:
+EVP_PBE_alg_add_type 4437 EXIST::FUNCTION:
+TS_REQ_set_version 4438 EXIST::FUNCTION:
+EVP_PKEY_get0 4439 EXIST::FUNCTION:
+BIO_asn1_set_suffix 4440 EXIST::FUNCTION:
+i2d_TS_STATUS_INFO 4441 EXIST::FUNCTION:
+EVP_MD_do_all 4442 EXIST::FUNCTION:
+TS_TST_INFO_set_accuracy 4443 EXIST::FUNCTION:
+PKCS7_add_attrib_content_type 4444 EXIST::FUNCTION:
+ERR_remove_thread_state 4445 EXIST::FUNCTION:
+EVP_PKEY_meth_add0 4446 EXIST::FUNCTION:
+TS_TST_INFO_set_tsa 4447 EXIST::FUNCTION:
+EVP_PKEY_meth_new 4448 EXIST::FUNCTION:
+WHIRLPOOL_Update 4449 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+TS_CONF_set_accuracy 4450 EXIST::FUNCTION:
+ASN1_PCTX_set_oid_flags 4451 EXIST::FUNCTION:
+ESS_SIGNING_CERT_dup 4452 EXIST::FUNCTION:
+d2i_TS_REQ_bio 4453 EXIST::FUNCTION:
+X509_time_adj_ex 4454 EXIST::FUNCTION:
+TS_RESP_CTX_add_flags 4455 EXIST::FUNCTION:
+d2i_TS_STATUS_INFO 4456 EXIST::FUNCTION:
+TS_MSG_IMPRINT_set_msg 4457 EXIST::FUNCTION:
+BIO_asn1_get_suffix 4458 EXIST::FUNCTION:
+TS_REQ_free 4459 EXIST::FUNCTION:
+EVP_PKEY_meth_free 4460 EXIST::FUNCTION:
+TS_REQ_get_exts 4461 EXIST::FUNCTION:
+TS_RESP_CTX_set_clock_precision_digits 4462 EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_clk_prec_digits 4462 EXIST:VMS:FUNCTION:
+TS_RESP_CTX_add_failure_info 4463 EXIST::FUNCTION:
+i2d_TS_RESP_bio 4464 EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_peerkey 4465 EXIST::FUNCTION:
+PEM_write_bio_CMS_stream 4466 EXIST::FUNCTION:CMS
+TS_REQ_new 4467 EXIST::FUNCTION:
+TS_MSG_IMPRINT_new 4468 EXIST::FUNCTION:
+EVP_PKEY_meth_find 4469 EXIST::FUNCTION:
+EVP_PKEY_id 4470 EXIST::FUNCTION:
+TS_TST_INFO_set_serial 4471 EXIST::FUNCTION:
+a2i_GENERAL_NAME 4472 EXIST::FUNCTION:
+TS_CONF_set_crypto_device 4473 EXIST::FUNCTION:
+EVP_PKEY_verify_init 4474 EXIST::FUNCTION:
+TS_CONF_set_policies 4475 EXIST::FUNCTION:
+ASN1_PCTX_new 4476 EXIST::FUNCTION:
+ESS_CERT_ID_free 4477 EXIST::FUNCTION:
+ENGINE_unregister_pkey_meths 4478 EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_free 4479 EXIST::FUNCTION:
+TS_VERIFY_CTX_init 4480 EXIST::FUNCTION:
+PKCS7_stream 4481 EXIST::FUNCTION:
+TS_RESP_CTX_set_certs 4482 EXIST::FUNCTION:
+TS_CONF_set_def_policy 4483 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_adj 4484 EXIST::FUNCTION:
+NETSCAPE_X509_new 4485 EXIST::FUNCTION:
+TS_ACCURACY_free 4486 EXIST::FUNCTION:
+TS_RESP_get_tst_info 4487 EXIST::FUNCTION:
+EVP_PKEY_derive_set_peer 4488 EXIST::FUNCTION:
+PEM_read_bio_Parameters 4489 EXIST::FUNCTION:
+TS_CONF_set_clock_precision_digits 4490 EXIST:!VMS:FUNCTION:
+TS_CONF_set_clk_prec_digits 4490 EXIST:VMS:FUNCTION:
+ESS_ISSUER_SERIAL_dup 4491 EXIST::FUNCTION:
+TS_ACCURACY_get_micros 4492 EXIST::FUNCTION:
+ASN1_PCTX_get_str_flags 4493 EXIST::FUNCTION:
+NAME_CONSTRAINTS_check 4494 EXIST::FUNCTION:
+ASN1_BIT_STRING_check 4495 EXIST::FUNCTION:
+X509_check_akid 4496 EXIST::FUNCTION:
+ENGINE_unregister_pkey_asn1_meths 4497 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_unreg_pkey_asn1_meths 4497 EXIST:VMS:FUNCTION:ENGINE
+ASN1_PCTX_free 4498 EXIST::FUNCTION:
+PEM_write_bio_ASN1_stream 4499 EXIST::FUNCTION:
+i2d_ASN1_bio_stream 4500 EXIST::FUNCTION:
+TS_X509_ALGOR_print_bio 4501 EXIST::FUNCTION:
+EVP_PKEY_meth_set_cleanup 4502 EXIST::FUNCTION:
+EVP_PKEY_asn1_free 4503 EXIST::FUNCTION:
+ESS_SIGNING_CERT_free 4504 EXIST::FUNCTION:
+TS_TST_INFO_set_msg_imprint 4505 EXIST::FUNCTION:
+GENERAL_NAME_cmp 4506 EXIST::FUNCTION:
+d2i_ASN1_SET_ANY 4507 EXIST::FUNCTION:
+ENGINE_set_pkey_meths 4508 EXIST::FUNCTION:ENGINE
+i2d_TS_REQ_fp 4509 EXIST::FUNCTION:
+d2i_ASN1_SEQUENCE_ANY 4510 EXIST::FUNCTION:
+GENERAL_NAME_get0_otherName 4511 EXIST::FUNCTION:
+d2i_ESS_CERT_ID 4512 EXIST::FUNCTION:
+OBJ_find_sigid_algs 4513 EXIST::FUNCTION:
+EVP_PKEY_meth_set_keygen 4514 EXIST::FUNCTION:
+PKCS5_PBKDF2_HMAC 4515 EXIST::FUNCTION:
+EVP_PKEY_paramgen 4516 EXIST::FUNCTION:
+EVP_PKEY_meth_set_paramgen 4517 EXIST::FUNCTION:
+BIO_new_PKCS7 4518 EXIST::FUNCTION:
+EVP_PKEY_verify_recover 4519 EXIST::FUNCTION:
+TS_ext_print_bio 4520 EXIST::FUNCTION:
+TS_ASN1_INTEGER_print_bio 4521 EXIST::FUNCTION:
+check_defer 4522 EXIST::FUNCTION:
+DSO_pathbyaddr 4523 EXIST::FUNCTION:
+EVP_PKEY_set_type 4524 EXIST::FUNCTION:
+TS_ACCURACY_set_micros 4525 EXIST::FUNCTION:
+TS_REQ_to_TS_VERIFY_CTX 4526 EXIST::FUNCTION:
+EVP_PKEY_meth_set_copy 4527 EXIST::FUNCTION:
+ASN1_PCTX_set_cert_flags 4528 EXIST::FUNCTION:
+TS_TST_INFO_get_ext 4529 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_ctrl 4530 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_critical 4531 EXIST::FUNCTION:
+EVP_PKEY_CTX_new_id 4532 EXIST::FUNCTION:
+TS_REQ_get_ext_by_OBJ 4533 EXIST::FUNCTION:
+TS_CONF_set_signer_cert 4534 EXIST::FUNCTION:
+X509_NAME_hash_old 4535 EXIST::FUNCTION:
+ASN1_TIME_set_string 4536 EXIST::FUNCTION:
+EVP_MD_flags 4537 EXIST::FUNCTION:
+TS_RESP_CTX_free 4538 EXIST::FUNCTION:
+DSAparams_dup 4539 EXIST::FUNCTION:DSA
+DHparams_dup 4540 EXIST::FUNCTION:DH
+OCSP_REQ_CTX_add1_header 4541 EXIST::FUNCTION:
+OCSP_REQ_CTX_set1_req 4542 EXIST::FUNCTION:
+X509_STORE_set_verify_cb 4543 EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION:
+X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_issuer 4546 EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get0_cur_issuer 4546 EXIST:VMS:FUNCTION:
+X509_issuer_name_hash_old 4547 EXIST::FUNCTION:MD5
+X509_subject_name_hash_old 4548 EXIST::FUNCTION:MD5
+EVP_CIPHER_CTX_copy 4549 EXIST::FUNCTION:
+UI_method_get_prompt_constructor 4550 EXIST:!VMS:FUNCTION:
+UI_method_get_prompt_constructr 4550 EXIST:VMS:FUNCTION:
+UI_method_set_prompt_constructor 4551 EXIST:!VMS:FUNCTION:
+UI_method_set_prompt_constructr 4551 EXIST:VMS:FUNCTION:
+EVP_read_pw_string_min 4552 EXIST::FUNCTION:
+CRYPTO_cts128_encrypt 4553 EXIST::FUNCTION:
+CRYPTO_cts128_decrypt_block 4554 EXIST::FUNCTION:
+CRYPTO_cfb128_1_encrypt 4555 EXIST::FUNCTION:
+CRYPTO_cbc128_encrypt 4556 EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt 4557 EXIST::FUNCTION:
+CRYPTO_ofb128_encrypt 4558 EXIST::FUNCTION:
+CRYPTO_cts128_decrypt 4559 EXIST::FUNCTION:
+CRYPTO_cts128_encrypt_block 4560 EXIST::FUNCTION:
+CRYPTO_cbc128_decrypt 4561 EXIST::FUNCTION:
+CRYPTO_cfb128_encrypt 4562 EXIST::FUNCTION:
+CRYPTO_cfb128_8_encrypt 4563 EXIST::FUNCTION:
+OPENSSL_strcasecmp 4564 EXIST::FUNCTION:
+OPENSSL_memcmp 4565 EXIST::FUNCTION:
+OPENSSL_strncasecmp 4566 EXIST::FUNCTION:
+OPENSSL_gmtime 4567 EXIST::FUNCTION:
+OPENSSL_gmtime_adj 4568 EXIST::FUNCTION:
+SRP_VBASE_get_by_user 4569 EXIST::FUNCTION:SRP
+SRP_Calc_server_key 4570 EXIST::FUNCTION:SRP
+SRP_create_verifier 4571 EXIST::FUNCTION:SRP
+SRP_create_verifier_BN 4572 EXIST::FUNCTION:SRP
+SRP_Calc_u 4573 EXIST::FUNCTION:SRP
+SRP_VBASE_free 4574 EXIST::FUNCTION:SRP
+SRP_Calc_client_key 4575 EXIST::FUNCTION:SRP
+SRP_get_default_gN 4576 EXIST::FUNCTION:SRP
+SRP_Calc_x 4577 EXIST::FUNCTION:SRP
+SRP_Calc_B 4578 EXIST::FUNCTION:SRP
+SRP_VBASE_new 4579 EXIST::FUNCTION:SRP
+SRP_check_known_gN_param 4580 EXIST::FUNCTION:SRP
+SRP_Calc_A 4581 EXIST::FUNCTION:SRP
+SRP_Verify_A_mod_N 4582 EXIST::FUNCTION:SRP
+SRP_VBASE_init 4583 EXIST::FUNCTION:SRP
+SRP_Verify_B_mod_N 4584 EXIST::FUNCTION:SRP
+EC_KEY_set_public_key_affine_coordinates 4585 EXIST:!VMS:FUNCTION:EC
+EC_KEY_set_pub_key_aff_coords 4585 EXIST:VMS:FUNCTION:EC
+EVP_aes_192_ctr 4586 EXIST::FUNCTION:AES
+EVP_PKEY_meth_get0_info 4587 EXIST::FUNCTION:
+EVP_PKEY_meth_copy 4588 EXIST::FUNCTION:
+ERR_add_error_vdata 4589 EXIST::FUNCTION:
+EVP_aes_128_ctr 4590 EXIST::FUNCTION:AES
+EVP_aes_256_ctr 4591 EXIST::FUNCTION:AES
+EC_GFp_nistp224_method 4592 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_KEY_get_flags 4593 EXIST::FUNCTION:EC
+RSA_padding_add_PKCS1_PSS_mgf1 4594 EXIST::FUNCTION:RSA
+EVP_aes_128_xts 4595 EXIST::FUNCTION:AES
+private_SHA224_Init 4596 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+private_AES_set_decrypt_key 4597 EXIST::FUNCTION:AES
+private_WHIRLPOOL_Init 4598 EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL
+EVP_aes_256_xts 4599 EXIST::FUNCTION:AES
+private_SHA512_Init 4600 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_128_gcm 4601 EXIST::FUNCTION:AES
+EC_KEY_clear_flags 4602 EXIST::FUNCTION:EC
+EC_KEY_set_flags 4603 EXIST::FUNCTION:EC
+private_DES_set_key_unchecked 4604 EXIST:OPENSSL_FIPS:FUNCTION:DES
+EVP_aes_256_ccm 4605 EXIST::FUNCTION:AES
+private_AES_set_encrypt_key 4606 EXIST::FUNCTION:AES
+RSA_verify_PKCS1_PSS_mgf1 4607 EXIST::FUNCTION:RSA
+private_SHA1_Init 4608 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1
+EVP_aes_128_ccm 4609 EXIST::FUNCTION:AES
+private_SEED_set_key 4610 EXIST:OPENSSL_FIPS:FUNCTION:SEED
+EVP_aes_192_gcm 4611 EXIST::FUNCTION:AES
+X509_ALGOR_set_md 4612 EXIST::FUNCTION:
+private_SHA256_Init 4613 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+RAND_init_fips 4614 EXIST:OPENSSL_FIPS:FUNCTION:
+EVP_aes_256_gcm 4615 EXIST::FUNCTION:AES
+private_SHA384_Init 4616 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_192_ccm 4617 EXIST::FUNCTION:AES
+CMAC_CTX_copy 4618 EXIST::FUNCTION:
+CMAC_CTX_free 4619 EXIST::FUNCTION:
+CMAC_CTX_get0_cipher_ctx 4620 EXIST::FUNCTION:
+CMAC_CTX_cleanup 4621 EXIST::FUNCTION:
+CMAC_Init 4622 EXIST::FUNCTION:
+CMAC_Update 4623 EXIST::FUNCTION:
+CMAC_resume 4624 EXIST::FUNCTION:
+CMAC_CTX_new 4625 EXIST::FUNCTION:
+CMAC_Final 4626 EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt_ctr32 4627 EXIST::FUNCTION:
+CRYPTO_gcm128_release 4628 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt_ccm64 4629 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt 4630 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt 4631 EXIST::FUNCTION:
+CRYPTO_xts128_encrypt 4632 EXIST::FUNCTION:
+EVP_rc4_hmac_md5 4633 EXIST::FUNCTION:MD5,RC4
+CRYPTO_nistcts128_decrypt_block 4634 EXIST::FUNCTION:
+CRYPTO_gcm128_setiv 4635 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt 4636 EXIST::FUNCTION:
+EVP_aes_128_cbc_hmac_sha1 4637 EXIST::FUNCTION:AES,SHA,SHA1
+CRYPTO_gcm128_tag 4638 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt_ccm64 4639 EXIST::FUNCTION:
+ENGINE_load_rdrand 4640 EXIST::FUNCTION:ENGINE
+CRYPTO_ccm128_setiv 4641 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt_block 4642 EXIST::FUNCTION:
+CRYPTO_gcm128_aad 4643 EXIST::FUNCTION:
+CRYPTO_ccm128_init 4644 EXIST::FUNCTION:
+CRYPTO_nistcts128_decrypt 4645 EXIST::FUNCTION:
+CRYPTO_gcm128_new 4646 EXIST::FUNCTION:
+CRYPTO_ccm128_tag 4647 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt 4648 EXIST::FUNCTION:
+CRYPTO_ccm128_aad 4649 EXIST::FUNCTION:
+CRYPTO_gcm128_init 4650 EXIST::FUNCTION:
+CRYPTO_gcm128_decrypt 4651 EXIST::FUNCTION:
+ENGINE_load_rsax 4652 EXIST::FUNCTION:ENGINE
+CRYPTO_gcm128_decrypt_ctr32 4653 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt_ctr32 4654 EXIST::FUNCTION:
+CRYPTO_gcm128_finish 4655 EXIST::FUNCTION:
+EVP_aes_256_cbc_hmac_sha1 4656 EXIST::FUNCTION:AES,SHA,SHA1
+PKCS5_pbkdf2_set 4657 EXIST::FUNCTION:
+CMS_add0_recipient_password 4658 EXIST::FUNCTION:CMS
+CMS_decrypt_set1_password 4659 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_password 4660 EXIST::FUNCTION:CMS
+RAND_set_fips_drbg_type 4661 EXIST:OPENSSL_FIPS:FUNCTION:
+X509_REQ_sign_ctx 4662 EXIST::FUNCTION:EVP
+RSA_PSS_PARAMS_new 4663 EXIST::FUNCTION:RSA
+X509_CRL_sign_ctx 4664 EXIST::FUNCTION:EVP
+X509_signature_dump 4665 EXIST::FUNCTION:EVP
+d2i_RSA_PSS_PARAMS 4666 EXIST::FUNCTION:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+RSA_PSS_PARAMS_free 4668 EXIST::FUNCTION:RSA
+X509_sign_ctx 4669 EXIST::FUNCTION:EVP
+i2d_RSA_PSS_PARAMS 4670 EXIST::FUNCTION:RSA
+ASN1_item_sign_ctx 4671 EXIST::FUNCTION:EVP
+EC_GFp_nistp521_method 4672 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_GFp_nistp256_method 4673 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+OPENSSL_stderr 4674 EXIST::FUNCTION:
+OPENSSL_cpuid_setup 4675 EXIST::FUNCTION:
+OPENSSL_showfatal 4676 EXIST::FUNCTION:
+BIO_new_dgram_sctp 4677 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_msg_waiting 4678 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_wait_for_dry 4679 EXIST::FUNCTION:SCTP
+BIO_s_datagram_sctp 4680 EXIST::FUNCTION:DGRAM,SCTP
+BIO_dgram_is_sctp 4681 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_notification_cb 4682 EXIST::FUNCTION:SCTP
Deleted: vendor-crypto/openssl/1.0.1u/util/mk1mf.pl
===================================================================
--- vendor-crypto/openssl/dist/util/mk1mf.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/mk1mf.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1233 +0,0 @@
-#!/usr/local/bin/perl
-# A bit of an evil hack but it post processes the file ../MINFO which
-# is generated by `make files` in the top directory.
-# This script outputs one mega makefile that has no shell stuff or any
-# funny stuff
-#
-
-$INSTALLTOP="/usr/local/ssl";
-$OPENSSLDIR="/usr/local/ssl";
-$OPTIONS="";
-$ssl_version="";
-$banner="\t\@echo Building OpenSSL";
-
-my $no_static_engine = 1;
-my $engines = "";
-my $otherlibs = "";
-local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
-local $zlib_lib = "";
-local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
-
-my $ex_l_libs = "";
-
-# Options to import from top level Makefile
-
-my %mf_import = (
- VERSION => \$ssl_version,
- OPTIONS => \$OPTIONS,
- INSTALLTOP => \$INSTALLTOP,
- OPENSSLDIR => \$OPENSSLDIR,
- PLATFORM => \$mf_platform,
- CFLAG => \$mf_cflag,
- DEPFLAG => \$mf_depflag,
- CPUID_OBJ => \$mf_cpuid_asm,
- BN_ASM => \$mf_bn_asm,
- DES_ENC => \$mf_des_asm,
- AES_ENC => \$mf_aes_asm,
- BF_ENC => \$mf_bf_asm,
- CAST_ENC => \$mf_cast_asm,
- RC4_ENC => \$mf_rc4_asm,
- RC5_ENC => \$mf_rc5_asm,
- MD5_ASM_OBJ => \$mf_md5_asm,
- SHA1_ASM_OBJ => \$mf_sha_asm,
- RMD160_ASM_OBJ => \$mf_rmd_asm,
- WP_ASM_OBJ => \$mf_wp_asm,
- CMLL_ENC => \$mf_cm_asm,
- BASEADDR => \$baseaddr,
- FIPSDIR => \$fipsdir,
-);
-
-
-open(IN,"<Makefile") || die "unable to open Makefile!\n";
-while(<IN>) {
- my ($mf_opt, $mf_ref);
- while (($mf_opt, $mf_ref) = each %mf_import) {
- if (/^$mf_opt\s*=\s*(.*)$/) {
- $$mf_ref = $1;
- }
- }
-}
-close(IN);
-
-$debug = 1 if $mf_platform =~ /^debug-/;
-
-die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
-
-$infile="MINFO";
-
-%ops=(
- "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X",
- "VC-WIN64I", "Microsoft C/C++ - Win64/IA-64",
- "VC-WIN64A", "Microsoft C/C++ - Win64/x64",
- "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
- "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY",
- "Mingw32", "GNU C++ - Windows NT or 9x",
- "Mingw32-files", "Create files with DOS copy ...",
- "BC-NT", "Borland C++ 4.5 - Windows NT",
- "linux-elf","Linux elf",
- "ultrix-mips","DEC mips ultrix",
- "FreeBSD","FreeBSD distribution",
- "OS2-EMX", "EMX GCC OS/2",
- "netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets",
- "netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets",
- "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
- "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
- "default","cc under unix",
- "auto", "auto detect from top level Makefile"
- );
-
-$platform="";
-my $xcflags="";
-foreach (@ARGV)
- {
- if (!&read_options && !defined($ops{$_}))
- {
- print STDERR "unknown option - $_\n";
- print STDERR "usage: perl mk1mf.pl [options] [system]\n";
- print STDERR "\nwhere [system] can be one of the following\n";
- foreach $i (sort keys %ops)
- { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
- print STDERR <<"EOF";
-and [options] can be one of
- no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest
- no-ripemd
- no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher
- no-bf no-cast no-aes no-camellia no-seed
- no-rsa no-dsa no-dh - Skip this public key cipher
- no-ssl2 no-ssl3 - Skip this version of SSL
- just-ssl - remove all non-ssl keys/digest
- no-asm - No x86 asm
- no-krb5 - No KRB5
- no-srp - No SRP
- no-ec - No EC
- no-ecdsa - No ECDSA
- no-ecdh - No ECDH
- no-engine - No engine
- no-hw - No hw
- nasm - Use NASM for x86 asm
- nw-nasm - Use NASM x86 asm for NetWare
- nw-mwasm - Use Metrowerks x86 asm for NetWare
- gaswin - Use GNU as with Mingw32
- no-socks - No socket code
- no-err - No error strings
- dll/shlib - Build shared libraries (MS)
- debug - Debug build
- profile - Profiling build
- gcc - Use Gcc (unix)
-
-Values that can be set
-TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
-
--L<ex_lib_path> -l<ex_lib> - extra library flags (unix)
--<ex_cc_flags> - extra 'cc' flags,
- added (MS), or replace (unix)
-EOF
- exit(1);
- }
- $platform=$_;
- }
-foreach (grep(!/^$/, split(/ /, $OPTIONS)))
- {
- print STDERR "unknown option - $_\n" if !&read_options;
- }
-
-$no_static_engine = 0 if (!$shlib);
-
-$no_mdc2=1 if ($no_des);
-
-$no_ssl3=1 if ($no_md5 || $no_sha);
-$no_ssl3=1 if ($no_rsa && $no_dh);
-
-$no_ssl2=1 if ($no_md5);
-$no_ssl2=1 if ($no_rsa);
-
-$out_def="out";
-$inc_def="outinc";
-$tmp_def="tmp";
-
-$perl="perl" unless defined $perl;
-$mkdir="-mkdir" unless defined $mkdir;
-
-($ssl,$crypto)=("ssl","crypto");
-$ranlib="echo ranlib";
-
-$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
-$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
-$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
-
-# $bin_dir.=$o causes a core dump on my sparc :-(
-
-
-$NT=0;
-
-push(@INC,"util/pl","pl");
-
-if ($platform eq "auto") {
- $platform = $mf_platform;
- print STDERR "Imported platform $mf_platform\n";
-}
-
-if (($platform =~ /VC-(.+)/))
- {
- $FLAVOR=$1;
- $NT = 1 if $1 eq "NT";
- require 'VC-32.pl';
- }
-elsif ($platform eq "Mingw32")
- {
- require 'Mingw32.pl';
- }
-elsif ($platform eq "Mingw32-files")
- {
- require 'Mingw32f.pl';
- }
-elsif ($platform eq "BC-NT")
- {
- $bc=1;
- require 'BC-32.pl';
- }
-elsif ($platform eq "FreeBSD")
- {
- require 'unix.pl';
- $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
- }
-elsif ($platform eq "linux-elf")
- {
- require "unix.pl";
- require "linux.pl";
- $unix=1;
- }
-elsif ($platform eq "ultrix-mips")
- {
- require "unix.pl";
- require "ultrix.pl";
- $unix=1;
- }
-elsif ($platform eq "OS2-EMX")
- {
- $wc=1;
- require 'OS2-EMX.pl';
- }
-elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") ||
- ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock"))
- {
- $LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock";
- $BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock");
- require 'netware.pl';
- }
-else
- {
- require "unix.pl";
-
- $unix=1;
- $cflags.=' -DTERMIO';
- }
-
-$fipsdir =~ s/\//${o}/g;
-
-$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
-$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
-$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
-
-$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
-
-$cflags= "$xcflags$cflags" if $xcflags ne "";
-
-$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
-$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
-$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia;
-$cflags.=" -DOPENSSL_NO_SEED" if $no_seed;
-$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
-$cflags.=" -DOPENSSL_NO_RC4" if $no_rc4;
-$cflags.=" -DOPENSSL_NO_RC5" if $no_rc5;
-$cflags.=" -DOPENSSL_NO_MD2" if $no_md2;
-$cflags.=" -DOPENSSL_NO_MD4" if $no_md4;
-$cflags.=" -DOPENSSL_NO_MD5" if $no_md5;
-$cflags.=" -DOPENSSL_NO_SHA" if $no_sha;
-$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
-$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd;
-$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
-$cflags.=" -DOPENSSL_NO_BF" if $no_bf;
-$cflags.=" -DOPENSSL_NO_CAST" if $no_cast;
-$cflags.=" -DOPENSSL_NO_DES" if $no_des;
-$cflags.=" -DOPENSSL_NO_RSA" if $no_rsa;
-$cflags.=" -DOPENSSL_NO_DSA" if $no_dsa;
-$cflags.=" -DOPENSSL_NO_DH" if $no_dh;
-$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool;
-$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
-$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
-$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
-$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
-$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
-$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
-$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
-$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
-$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
-$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
-$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
-$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
-$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
-$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
-$cflags.=" -DOPENSSL_FIPS" if $fips;
-$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
-$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
-$cflags.= " -DZLIB" if $zlib_opt;
-$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
-
-if ($no_static_engine)
- {
- $cflags .= " -DOPENSSL_NO_STATIC_ENGINE";
- }
-else
- {
- $cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE";
- }
-
-#$cflags.=" -DRSAref" if $rsaref ne "";
-
-## if ($unix)
-## { $cflags="$c_flags" if ($c_flags ne ""); }
-##else
- { $cflags="$c_flags$cflags" if ($c_flags ne ""); }
-
-$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
-
-
-%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
- "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
-
-if ($msdos)
- {
- $banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n";
- $banner.="\t\@echo top level directory, if you don't have perl, you will\n";
- $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
- $banner.="\t\@echo documentation for details.\n";
- }
-
-# have to do this to allow $(CC) under unix
-$link="$bin_dir$link" if ($link !~ /^\$/);
-
-$INSTALLTOP =~ s|/|$o|g;
-$OPENSSLDIR =~ s|/|$o|g;
-
-#############################################
-# We parse in input file and 'store' info for later printing.
-open(IN,"<$infile") || die "unable to open $infile:$!\n";
-$_=<IN>;
-for (;;)
- {
- s/\s*$//; # was chop, didn't work in mixture of perls for Windows...
-
- ($key,$val)=/^([^=]+)=(.*)/;
- if ($key eq "RELATIVE_DIRECTORY")
- {
- if ($lib ne "")
- {
- $uc=$lib;
- $uc =~ s/^lib(.*)\.a/$1/;
- $uc =~ tr/a-z/A-Z/;
- $lib_nam{$uc}=$uc;
- $lib_obj{$uc}.=$libobj." ";
- }
- last if ($val eq "FINISHED");
- $lib="";
- $libobj="";
- $dir=$val;
- }
-
- if ($key eq "KRB5_INCLUDES")
- { $cflags .= " $val";}
-
- if ($key eq "ZLIB_INCLUDE")
- { $cflags .= " $val" if $val ne "";}
-
- if ($key eq "LIBZLIB")
- { $zlib_lib = "$val" if $val ne "";}
-
- if ($key eq "LIBKRB5")
- { $ex_libs .= " $val" if $val ne "";}
-
- if ($key eq "TEST")
- { $test.=&var_add($dir,$val, 0); }
-
- if (($key eq "PROGS") || ($key eq "E_OBJ"))
- { $e_exe.=&var_add($dir,$val, 0); }
-
- if ($key eq "LIB")
- {
- $lib=$val;
- $lib =~ s/^.*\/([^\/]+)$/$1/;
- }
- if ($key eq "LIBNAME" && $no_static_engine)
- {
- $lib=$val;
- $lib =~ s/^.*\/([^\/]+)$/$1/;
- $otherlibs .= " $lib";
- }
-
- if ($key eq "EXHEADER")
- { $exheader.=&var_add($dir,$val, 1); }
-
- if ($key eq "HEADER")
- { $header.=&var_add($dir,$val, 1); }
-
- if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine))
- { $libobj=&var_add($dir,$val, 0); }
- if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
- { $engines.=$val }
-
- if (!($_=<IN>))
- { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
- }
-close(IN);
-
-if ($shlib)
- {
- $extra_install= <<"EOF";
- \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\"
- \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\"
- \$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\"
- \$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
-EOF
- if ($no_static_engine)
- {
- $extra_install .= <<"EOF"
- \$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
- \$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\"
-EOF
- }
- }
-else
- {
- $extra_install= <<"EOF";
- \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\"
- \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
-EOF
- $ex_libs .= " $zlib_lib" if $zlib_opt == 1;
- if ($fips)
- {
- $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
- $ex_l_libs .= " \$(O_FIPSCANISTER)";
- }
- }
-
-$defs= <<"EOF";
-# This makefile has been automatically generated from the OpenSSL distribution.
-# This single makefile will build the complete OpenSSL distribution and
-# by default leave the 'interesting' output files in .${o}out and the stuff
-# that needs deleting in .${o}tmp.
-# The file was generated by running 'make makefile.one', which
-# does a 'make files', which writes all the environment variables from all
-# the makefiles to the file call MINFO. This file is used by
-# util${o}mk1mf.pl to generate makefile.one.
-# The 'makefile per directory' system suites me when developing this
-# library and also so I can 'distribute' indervidual library sections.
-# The one monster makefile better suits building in non-unix
-# environments.
-
-EOF
-
-$defs .= $preamble if defined $preamble;
-
-$defs.= <<"EOF";
-INSTALLTOP=$INSTALLTOP
-OPENSSLDIR=$OPENSSLDIR
-
-# Set your compiler options
-PLATFORM=$platform
-CC=$bin_dir${cc}
-CFLAG=$cflags
-APP_CFLAG=$app_cflag
-LIB_CFLAG=$lib_cflag
-SHLIB_CFLAG=$shl_cflag
-APP_EX_OBJ=$app_ex_obj
-SHLIB_EX_OBJ=$shlib_ex_obj
-# add extra libraries to this define, for solaris -lsocket -lnsl would
-# be added
-EX_LIBS=$ex_libs
-
-# The OpenSSL directory
-SRC_D=$src_dir
-
-LINK=$link
-LFLAGS=$lflags
-RSC=$rsc
-
-# The output directory for everything intersting
-OUT_D=$out_dir
-# The output directory for all the temporary muck
-TMP_D=$tmp_dir
-# The output directory for the header files
-INC_D=$inc_dir
-INCO_D=$inc_dir${o}openssl
-
-PERL=$perl
-CP=$cp
-RM=$rm
-RANLIB=$ranlib
-MKDIR=$mkdir
-MKLIB=$bin_dir$mklib
-MLFLAGS=$mlflags
-ASM=$bin_dir$asm
-
-# FIPS validated module and support file locations
-
-FIPSDIR=$fipsdir
-BASEADDR=$baseaddr
-FIPSLIB_D=\$(FIPSDIR)${o}lib
-FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
-O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
-FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
-E_PREMAIN_DSO=fips_premain_dso
-PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
-FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
-
-######################################################
-# You should not need to touch anything below this point
-######################################################
-
-E_EXE=openssl
-SSL=$ssl
-CRYPTO=$crypto
-
-# BIN_D - Binary output directory
-# TEST_D - Binary test file output directory
-# LIB_D - library output directory
-# ENG_D - dynamic engine output directory
-# Note: if you change these point to different directories then uncomment out
-# the lines around the 'NB' comment below.
-#
-BIN_D=\$(OUT_D)
-TEST_D=\$(OUT_D)
-LIB_D=\$(OUT_D)
-ENG_D=\$(OUT_D)
-
-# INCL_D - local library directory
-# OBJ_D - temp object file directory
-OBJ_D=\$(TMP_D)
-INCL_D=\$(TMP_D)
-
-O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
-O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
-SO_SSL= $plib\$(SSL)$so_shlibp
-SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
-L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
-L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
-
-L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
-
-######################################################
-# Don't touch anything below this point
-######################################################
-
-INC=-I\$(INC_D) -I\$(INCL_D)
-APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
-LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
-SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
-LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
-
-#############################################
-EOF
-
-$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
-
-banner:
-$banner
-
-\$(TMP_D):
- \$(MKDIR) \"\$(TMP_D)\"
-# NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different
-#\$(BIN_D):
-# \$(MKDIR) \$(BIN_D)
-#
-#\$(TEST_D):
-# \$(MKDIR) \$(TEST_D)
-
-\$(LIB_D):
- \$(MKDIR) \"\$(LIB_D)\"
-
-\$(INCO_D): \$(INC_D)
- \$(MKDIR) \"\$(INCO_D)\"
-
-\$(INC_D):
- \$(MKDIR) \"\$(INC_D)\"
-
-headers: \$(HEADER) \$(EXHEADER)
- @
-
-lib: \$(LIBS_DEP) \$(E_SHLIB)
-
-exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
-
-install: all
- \$(MKDIR) \"\$(INSTALLTOP)\"
- \$(MKDIR) \"\$(INSTALLTOP)${o}bin\"
- \$(MKDIR) \"\$(INSTALLTOP)${o}include\"
- \$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
- \$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
- \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
- \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
- \$(MKDIR) \"\$(OPENSSLDIR)\"
- \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
-$extra_install
-
-
-test: \$(T_EXE)
- cd \$(BIN_D)
- ..${o}ms${o}test
-
-clean:
- \$(RM) \$(TMP_D)$o*.*
-
-vclean:
- \$(RM) \$(TMP_D)$o*.*
- \$(RM) \$(OUT_D)$o*.*
-
-EOF
-
-my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
-$platform_cpp_symbol =~ s/-/_/g;
-if (open(IN,"crypto/buildinf.h"))
- {
- # Remove entry for this platform in existing file buildinf.h.
-
- my $old_buildinf_h = "";
- while (<IN>)
- {
- if (/^\#ifdef $platform_cpp_symbol$/)
- {
- while (<IN>) { last if (/^\#endif/); }
- }
- else
- {
- $old_buildinf_h .= $_;
- }
- }
- close(IN);
-
- open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
- print OUT $old_buildinf_h;
- close(OUT);
- }
-
-open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h";
-printf OUT <<EOF;
-#ifdef $platform_cpp_symbol
- /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
- #define CFLAGS "compiler: $cc $cflags"
- #define PLATFORM "$platform"
-EOF
-printf OUT " #define DATE \"%s\"\n", scalar gmtime();
-printf OUT "#endif\n";
-close(OUT);
-
-# Strip of trailing ' '
-foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
-$test=&clean_up_ws($test);
-$e_exe=&clean_up_ws($e_exe);
-$exheader=&clean_up_ws($exheader);
-$header=&clean_up_ws($header);
-
-# First we strip the exheaders from the headers list
-foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
-foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
-chop($h); $header=$h;
-
-$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
-$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
-
-$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
-$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
-
-$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
-$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
-
-$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
-$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
-
-# Special case rule for fips_premain_dso
-
-if ($fips)
- {
- $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
- "\$(FIPS_PREMAIN_SRC)",
- "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)", "");
- $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
- }
-
-foreach (values %lib_nam)
- {
- $lib_obj=$lib_obj{$_};
- local($slib)=$shlib;
-
- $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
- $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
- $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
- }
-
-# hack to add version info on MSVC
-if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A")
- || ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) {
- $rules.= <<"EOF";
-\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc
- \$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc
-
-\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc
- \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc
-
-EOF
-}
-
-$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
-foreach (split(/\s+/,$test))
- {
- $t=&bname($_);
- $tt="\$(OBJ_D)${o}$t${obj}";
- $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
- }
-
-$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp);
-
-foreach (split(/\s+/,$engines))
- {
- $rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib);
- $rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,"");
- }
-
-
-
-$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-
-if ($fips)
- {
- if ($shlib)
- {
- $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
- "\$(O_CRYPTO)", "$crypto",
- $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
- }
- else
- {
- $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
- "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
- $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
- "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
- }
- }
- else
- {
- $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
- "\$(SO_CRYPTO)");
- }
-
-foreach (split(" ",$otherlibs))
- {
- my $uc = $_;
- $uc =~ tr /a-z/A-Z/;
- $rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, "");
-
- }
-
-$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
-
-print $defs;
-
-if ($platform eq "linux-elf") {
- print <<"EOF";
-# Generate perlasm output files
-%.cpp:
- (cd \$(\@D)/..; PERL=perl make -f Makefile asm/\$(\@F))
-EOF
-}
-print "###################################################################\n";
-print $rules;
-
-###############################################
-# strip off any trailing .[och] and append the relative directory
-# also remembering to do nothing if we are in one of the dropped
-# directories
-sub var_add
- {
- local($dir,$val,$keepext)=@_;
- local(@a,$_,$ret);
-
- return("") if $no_engine && $dir =~ /\/engine/;
- return("") if $no_hw && $dir =~ /\/hw/;
- return("") if $no_idea && $dir =~ /\/idea/;
- return("") if $no_aes && $dir =~ /\/aes/;
- return("") if $no_camellia && $dir =~ /\/camellia/;
- return("") if $no_seed && $dir =~ /\/seed/;
- return("") if $no_rc2 && $dir =~ /\/rc2/;
- return("") if $no_rc4 && $dir =~ /\/rc4/;
- return("") if $no_rc5 && $dir =~ /\/rc5/;
- return("") if $no_rsa && $dir =~ /\/rsa/;
- return("") if $no_rsa && $dir =~ /^rsaref/;
- return("") if $no_dsa && $dir =~ /\/dsa/;
- return("") if $no_dh && $dir =~ /\/dh/;
- return("") if $no_ec && $dir =~ /\/ec/;
- return("") if $no_gost && $dir =~ /\/ccgost/;
- return("") if $no_cms && $dir =~ /\/cms/;
- return("") if $no_jpake && $dir =~ /\/jpake/;
- if ($no_des && $dir =~ /\/des/)
- {
- if ($val =~ /read_pwd/)
- { return("$dir/read_pwd "); }
- else
- { return(""); }
- }
- return("") if $no_mdc2 && $dir =~ /\/mdc2/;
- return("") if $no_sock && $dir =~ /\/proxy/;
- return("") if $no_bf && $dir =~ /\/bf/;
- return("") if $no_cast && $dir =~ /\/cast/;
- return("") if $no_whirlpool && $dir =~ /\/whrlpool/;
-
- $val =~ s/^\s*(.*)\s*$/$1/;
- @a=split(/\s+/,$val);
- grep(s/\.[och]$//, at a) unless $keepext;
-
- @a=grep(!/^e_.*_3d$/, at a) if $no_des;
- @a=grep(!/^e_.*_d$/, at a) if $no_des;
- @a=grep(!/^e_.*_ae$/, at a) if $no_idea;
- @a=grep(!/^e_.*_i$/, at a) if $no_aes;
- @a=grep(!/^e_.*_r2$/, at a) if $no_rc2;
- @a=grep(!/^e_.*_r5$/, at a) if $no_rc5;
- @a=grep(!/^e_.*_bf$/, at a) if $no_bf;
- @a=grep(!/^e_.*_c$/, at a) if $no_cast;
- @a=grep(!/^e_rc4$/, at a) if $no_rc4;
- @a=grep(!/^e_camellia$/, at a) if $no_camellia;
- @a=grep(!/^e_seed$/, at a) if $no_seed;
-
- #@a=grep(!/(^s2_)|(^s23_)/, at a) if $no_ssl2;
- #@a=grep(!/(^s3_)|(^s23_)/, at a) if $no_ssl3;
-
- @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/, at a) if $no_sock;
-
- @a=grep(!/(^md2)|(_md2$)/, at a) if $no_md2;
- @a=grep(!/(^md4)|(_md4$)/, at a) if $no_md4;
- @a=grep(!/(^md5)|(_md5$)/, at a) if $no_md5;
- @a=grep(!/(rmd)|(ripemd)/, at a) if $no_ripemd;
-
- @a=grep(!/(^d2i_r_)|(^i2d_r_)/, at a) if $no_rsa;
- @a=grep(!/(^p_open$)|(^p_seal$)/, at a) if $no_rsa;
- @a=grep(!/(^pem_seal$)/, at a) if $no_rsa;
-
- @a=grep(!/(m_dss$)|(m_dss1$)/, at a) if $no_dsa;
- @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/, at a) if $no_dsa;
-
- @a=grep(!/^n_pkey$/, at a) if $no_rsa || $no_rc4;
-
- @a=grep(!/_dhp$/, at a) if $no_dh;
-
- @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/, at a) if $no_sha;
- @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/, at a) if $no_sha1;
- @a=grep(!/_mdc2$/, at a) if $no_mdc2;
-
- @a=grep(!/(srp)/, at a) if $no_srp;
-
- @a=grep(!/^engine$/, at a) if $no_engine;
- @a=grep(!/^hw$/, at a) if $no_hw;
- @a=grep(!/(^rsa$)|(^genrsa$)/, at a) if $no_rsa;
- @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/, at a) if $no_dsa;
- @a=grep(!/^gendsa$/, at a) if $no_sha1;
- @a=grep(!/(^dh$)|(^gendh$)/, at a) if $no_dh;
-
- @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/, at a) if $no_sha1;
-
- grep($_="$dir/$_", at a);
- @a=grep(!/(^|\/)s_/, at a) if $no_sock;
- @a=grep(!/(^|\/)bio_sock/, at a) if $no_sock;
- $ret=join(' ', at a)." ";
- return($ret);
- }
-
-# change things so that each 'token' is only separated by one space
-sub clean_up_ws
- {
- local($w)=@_;
-
- $w =~ s/^\s*(.*)\s*$/$1/;
- $w =~ s/\s+/ /g;
- return($w);
- }
-
-sub do_defs
- {
- local($var,$files,$location,$postfix)=@_;
- local($_,$ret,$pf);
- local(*OUT,$tmp,$t);
-
- $files =~ s/\//$o/g if $o ne '/';
- $ret="$var=";
- $n=1;
- $Vars{$var}.="";
- foreach (split(/ /,$files))
- {
- $orig=$_;
- $_=&bname($_) unless /^\$/;
- if ($n++ == 2)
- {
- $n=0;
- $ret.="\\\n\t";
- }
- if (($_ =~ /bss_file/) && ($postfix eq ".h"))
- { $pf=".c"; }
- else { $pf=$postfix; }
- if ($_ =~ /BN_ASM/) { $t="$_ "; }
- elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
- elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
- elsif ($_ =~ /DES_ENC/) { $t="$_ "; }
- elsif ($_ =~ /BF_ENC/) { $t="$_ "; }
- elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
- elsif ($_ =~ /RC4_ENC/) { $t="$_ "; }
- elsif ($_ =~ /RC5_ENC/) { $t="$_ "; }
- elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
- elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
- elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
- elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; }
- elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
- else { $t="$location${o}$_$pf "; }
-
- $Vars{$var}.="$t ";
- $ret.=$t;
- }
- # hack to add version info on MSVC
- if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT")))
- {
- if ($var eq "CRYPTOOBJ")
- { $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; }
- elsif ($var eq "SSLOBJ")
- { $ret.="\$(OBJ_D)\\\$(SSL).res "; }
- }
- chomp($ret);
- $ret.="\n\n";
- return($ret);
- }
-
-# return the name with the leading path removed
-sub bname
- {
- local($ret)=@_;
- $ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
- return($ret);
- }
-
-# return the leading path
-sub dname
- {
- my $ret=shift;
- $ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/;
- return($ret);
- }
-
-##############################################################
-# do a rule for each file that says 'compile' to new direcory
-# compile the files in '$files' into $to
-sub do_compile_rule
- {
- local($to,$files,$ex)=@_;
- local($ret,$_,$n,$d,$s);
-
- $files =~ s/\//$o/g if $o ne '/';
- foreach (split(/\s+/,$files))
- {
- $n=&bname($_);
- $d=&dname($_);
- if (-f "${_}.c")
- {
- $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
- }
- elsif (-f ($s="${d}${o}asm${o}${n}.pl") or
- ($s=~s/sha256/sha512/ and -f $s) or
- -f ($s="${d}${o}${n}.pl"))
- {
- $ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n);
- }
- elsif (-f ($s="${d}${o}asm${o}${n}.S") or
- -f ($s="${d}${o}${n}.S"))
- {
- $ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
- }
- else { die "no rule for $_"; }
- }
- return($ret);
- }
-
-##############################################################
-# do a rule for each file that says 'compile' to new direcory
-sub perlasm_compile_target
- {
- my($target,$source,$bname)=@_;
- my($ret);
-
- $bname =~ s/(.*)\.[^\.]$/$1/;
- $ret ="\$(TMP_D)$o$bname.asm: $source\n";
- $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n";
- $ret.="$target: \$(TMP_D)$o$bname.asm\n";
- $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
- return($ret);
- }
-
-sub Sasm_compile_target
- {
- my($target,$source,$bname)=@_;
- my($ret);
-
- $bname =~ s/(.*)\.[^\.]$/$1/;
- $ret ="\$(TMP_D)$o$bname.asm: $source\n";
- $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n";
- $ret.="$target: \$(TMP_D)$o$bname.asm\n";
- $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
- return($ret);
- }
-
-sub cc_compile_target
- {
- local($target,$source,$ex_flags, $srcd)=@_;
- local($ret);
-
- $ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
- $target =~ s/\//$o/g if $o ne "/";
- $source =~ s/\//$o/g if $o ne "/";
- $srcd = "\$(SRC_D)$o" unless defined $srcd;
- $ret ="$target: $srcd$source\n\t";
- $ret.="\$(CC) ${ofile}$target $ex_flags -c $srcd$source\n\n";
- return($ret);
- }
-
-##############################################################
-sub do_asm_rule
- {
- local($target,$src)=@_;
- local($ret, at s, at t,$i);
-
- $target =~ s/\//$o/g if $o ne "/";
- $src =~ s/\//$o/g if $o ne "/";
-
- @t=split(/\s+/,$target);
- @s=split(/\s+/,$src);
-
-
- for ($i=0; $i<=$#s; $i++)
- {
- my $objfile = $t[$i];
- my $srcfile = $s[$i];
-
- if ($perl_asm == 1)
- {
- my $plasm = $objfile;
- $plasm =~ s/${obj}/.pl/;
- $ret.="$srcfile: $plasm\n";
- $ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n";
- }
-
- $ret.="$objfile: $srcfile\n";
- $ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n";
- }
- return($ret);
- }
-
-sub do_shlib_rule
- {
- local($n,$def)=@_;
- local($ret,$nn);
- local($t);
-
- ($nn=$n) =~ tr/a-z/A-Z/;
- $ret.="$n.dll: \$(${nn}OBJ)\n";
- if ($vc && $w32)
- {
- $ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n \$(${nn}OBJ_F)\n<<\n";
- }
- $ret.="\n";
- return($ret);
- }
-
-# do a rule for each file that says 'copy' to new direcory on change
-sub do_copy_rule
- {
- local($to,$files,$p)=@_;
- local($ret,$_,$n,$pp);
-
- $files =~ s/\//$o/g if $o ne '/';
- foreach (split(/\s+/,$files))
- {
- $n=&bname($_);
- if ($n =~ /bss_file/)
- { $pp=".c"; }
- else { $pp=$p; }
- $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
- }
- return($ret);
- }
-
-# Options picked up from the OPTIONS line in the top level Makefile
-# generated by Configure.
-
-sub read_options
- {
- # Many options are handled in a similar way. In particular
- # no-xxx sets zero or more scalars to 1.
- # Process these using the %valid_options hash containing the option
- # name and reference to the scalars to set. In some cases the option
- # needs no special handling and can be ignored: this is done by
- # setting the value to 0.
-
- my %valid_options = (
- "no-rc2" => \$no_rc2,
- "no-rc4" => \$no_rc4,
- "no-rc5" => \$no_rc5,
- "no-idea" => \$no_idea,
- "no-aes" => \$no_aes,
- "no-camellia" => \$no_camellia,
- "no-seed" => \$no_seed,
- "no-des" => \$no_des,
- "no-bf" => \$no_bf,
- "no-cast" => \$no_cast,
- "no-md2" => \$no_md2,
- "no-md4" => \$no_md4,
- "no-md5" => \$no_md5,
- "no-sha" => \$no_sha,
- "no-sha1" => \$no_sha1,
- "no-ripemd" => \$no_ripemd,
- "no-mdc2" => \$no_mdc2,
- "no-whirlpool" => \$no_whirlpool,
- "no-patents" =>
- [\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa],
- "no-rsa" => \$no_rsa,
- "no-dsa" => \$no_dsa,
- "no-dh" => \$no_dh,
- "no-hmac" => \$no_hmac,
- "no-asm" => \$no_asm,
- "nasm" => \$nasm,
- "nw-nasm" => \$nw_nasm,
- "nw-mwasm" => \$nw_mwasm,
- "gaswin" => \$gaswin,
- "no-ssl2" => \$no_ssl2,
- "no-ssl3" => \$no_ssl3,
- "no-ssl3-method" => 0,
- "no-tlsext" => \$no_tlsext,
- "no-srp" => \$no_srp,
- "no-cms" => \$no_cms,
- "no-ec2m" => \$no_ec2m,
- "no-jpake" => \$no_jpake,
- "no-ec_nistp_64_gcc_128" => 0,
- "no-err" => \$no_err,
- "no-sock" => \$no_sock,
- "no-krb5" => \$no_krb5,
- "no-ec" => \$no_ec,
- "no-ecdsa" => \$no_ecdsa,
- "no-ecdh" => \$no_ecdh,
- "no-gost" => \$no_gost,
- "no-engine" => \$no_engine,
- "no-hw" => \$no_hw,
- "no-rsax" => 0,
- "just-ssl" =>
- [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
- \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
- \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
- "rsaref" => 0,
- "gcc" => \$gcc,
- "debug" => \$debug,
- "profile" => \$profile,
- "shlib" => \$shlib,
- "dll" => \$shlib,
- "shared" => 0,
- "no-sctp" => 0,
- "no-srtp" => 0,
- "no-gmp" => 0,
- "no-rfc3779" => 0,
- "no-montasm" => 0,
- "no-shared" => 0,
- "no-store" => 0,
- "no-unit-test" => 0,
- "no-zlib" => 0,
- "no-zlib-dynamic" => 0,
- "fips" => \$fips
- );
-
- if (exists $valid_options{$_})
- {
- my $r = $valid_options{$_};
- if ( ref $r eq "SCALAR")
- { $$r = 1;}
- elsif ( ref $r eq "ARRAY")
- {
- my $r2;
- foreach $r2 (@$r)
- {
- $$r2 = 1;
- }
- }
- }
- elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; }
- elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
- elsif (/^enable-zlib-dynamic$/)
- {
- $zlib_opt = 2;
- }
- elsif (/^no-static-engine/)
- {
- $no_static_engine = 1;
- }
- elsif (/^enable-static-engine/)
- {
- $no_static_engine = 0;
- }
- # There are also enable-xxx options which correspond to
- # the no-xxx. Since the scalars are enabled by default
- # these can be ignored.
- elsif (/^enable-/)
- {
- my $t = $_;
- $t =~ s/^enable/no/;
- if (exists $valid_options{$t})
- {return 1;}
- return 0;
- }
- # experimental-xxx is mostly like enable-xxx, but opensslconf.v
- # will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
- # (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
- elsif (/^experimental-/)
- {
- my $algo, $ALGO;
- ($algo = $_) =~ s/^experimental-//;
- ($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
-
- $xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
-
- }
- elsif (/^--with-krb5-flavor=(.*)$/)
- {
- my $krb5_flavor = $1;
- if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
- {
- $xcflags="-DKRB5_HEIMDAL $xcflags";
- }
- elsif ($krb5_flavor =~ /^MIT/i)
- {
- $xcflags="-DKRB5_MIT $xcflags";
- if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
- {
- $xcflags="-DKRB5_MIT_OLD11 $xcflags"
- }
- }
- }
- elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
- elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
- elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
- { $c_flags.="$_ "; }
- else { return(0); }
- return(1);
- }
Copied: vendor-crypto/openssl/1.0.1u/util/mk1mf.pl (from rev 11605, vendor-crypto/openssl/dist/util/mk1mf.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/mk1mf.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/mk1mf.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1238 @@
+#!/usr/local/bin/perl
+# A bit of an evil hack but it post processes the file ../MINFO which
+# is generated by `make files` in the top directory.
+# This script outputs one mega makefile that has no shell stuff or any
+# funny stuff
+#
+
+$INSTALLTOP="/usr/local/ssl";
+$OPENSSLDIR="/usr/local/ssl";
+$OPTIONS="";
+$ssl_version="";
+$banner="\t\@echo Building OpenSSL";
+
+my $no_static_engine = 1;
+my $engines = "";
+my $otherlibs = "";
+local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
+local $zlib_lib = "";
+local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
+
+my $ex_l_libs = "";
+
+# Options to import from top level Makefile
+
+my %mf_import = (
+ VERSION => \$ssl_version,
+ OPTIONS => \$OPTIONS,
+ INSTALLTOP => \$INSTALLTOP,
+ OPENSSLDIR => \$OPENSSLDIR,
+ PLATFORM => \$mf_platform,
+ CFLAG => \$mf_cflag,
+ DEPFLAG => \$mf_depflag,
+ CPUID_OBJ => \$mf_cpuid_asm,
+ BN_ASM => \$mf_bn_asm,
+ DES_ENC => \$mf_des_asm,
+ AES_ENC => \$mf_aes_asm,
+ BF_ENC => \$mf_bf_asm,
+ CAST_ENC => \$mf_cast_asm,
+ RC4_ENC => \$mf_rc4_asm,
+ RC5_ENC => \$mf_rc5_asm,
+ MD5_ASM_OBJ => \$mf_md5_asm,
+ SHA1_ASM_OBJ => \$mf_sha_asm,
+ RMD160_ASM_OBJ => \$mf_rmd_asm,
+ WP_ASM_OBJ => \$mf_wp_asm,
+ CMLL_ENC => \$mf_cm_asm,
+ BASEADDR => \$baseaddr,
+ FIPSDIR => \$fipsdir,
+);
+
+
+open(IN,"<Makefile") || die "unable to open Makefile!\n";
+while(<IN>) {
+ my ($mf_opt, $mf_ref);
+ while (($mf_opt, $mf_ref) = each %mf_import) {
+ if (/^$mf_opt\s*=\s*(.*)$/) {
+ $$mf_ref = $1;
+ }
+ }
+}
+close(IN);
+
+$debug = 1 if $mf_platform =~ /^debug-/;
+
+die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
+
+$infile="MINFO";
+
+%ops=(
+ "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X",
+ "VC-WIN64I", "Microsoft C/C++ - Win64/IA-64",
+ "VC-WIN64A", "Microsoft C/C++ - Win64/x64",
+ "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
+ "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY",
+ "Mingw32", "GNU C++ - Windows NT or 9x",
+ "Mingw32-files", "Create files with DOS copy ...",
+ "BC-NT", "Borland C++ 4.5 - Windows NT",
+ "linux-elf","Linux elf",
+ "ultrix-mips","DEC mips ultrix",
+ "FreeBSD","FreeBSD distribution",
+ "OS2-EMX", "EMX GCC OS/2",
+ "netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets",
+ "netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets",
+ "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
+ "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
+ "default","cc under unix",
+ "auto", "auto detect from top level Makefile"
+ );
+
+$platform="";
+my $xcflags="";
+foreach (@ARGV)
+ {
+ if (!&read_options && !defined($ops{$_}))
+ {
+ print STDERR "unknown option - $_\n";
+ print STDERR "usage: perl mk1mf.pl [options] [system]\n";
+ print STDERR "\nwhere [system] can be one of the following\n";
+ foreach $i (sort keys %ops)
+ { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
+ print STDERR <<"EOF";
+and [options] can be one of
+ no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest
+ no-ripemd
+ no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher
+ no-bf no-cast no-aes no-camellia no-seed
+ no-rsa no-dsa no-dh - Skip this public key cipher
+ no-ssl2 no-ssl3 - Skip this version of SSL
+ just-ssl - remove all non-ssl keys/digest
+ no-asm - No x86 asm
+ no-krb5 - No KRB5
+ no-srp - No SRP
+ no-ec - No EC
+ no-ecdsa - No ECDSA
+ no-ecdh - No ECDH
+ no-engine - No engine
+ no-hw - No hw
+ nasm - Use NASM for x86 asm
+ nw-nasm - Use NASM x86 asm for NetWare
+ nw-mwasm - Use Metrowerks x86 asm for NetWare
+ gaswin - Use GNU as with Mingw32
+ no-socks - No socket code
+ no-err - No error strings
+ dll/shlib - Build shared libraries (MS)
+ debug - Debug build
+ profile - Profiling build
+ gcc - Use Gcc (unix)
+
+Values that can be set
+TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
+
+-L<ex_lib_path> -l<ex_lib> - extra library flags (unix)
+-<ex_cc_flags> - extra 'cc' flags,
+ added (MS), or replace (unix)
+EOF
+ exit(1);
+ }
+ $platform=$_;
+ }
+foreach (grep(!/^$/, split(/ /, $OPTIONS)))
+ {
+ print STDERR "unknown option - $_\n" if !&read_options;
+ }
+
+$no_static_engine = 0 if (!$shlib);
+
+$no_mdc2=1 if ($no_des);
+
+$no_ssl3=1 if ($no_md5 || $no_sha);
+$no_ssl3=1 if ($no_rsa && $no_dh);
+
+$no_ssl2=1 if ($no_md5);
+$no_ssl2=1 if ($no_rsa);
+
+$out_def="out";
+$inc_def="outinc";
+$tmp_def="tmp";
+
+$perl="perl" unless defined $perl;
+$mkdir="-mkdir" unless defined $mkdir;
+
+($ssl,$crypto)=("ssl","crypto");
+$ranlib="echo ranlib";
+
+$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+
+# $bin_dir.=$o causes a core dump on my sparc :-(
+
+
+$NT=0;
+
+push(@INC,"util/pl","pl");
+
+if ($platform eq "auto") {
+ $platform = $mf_platform;
+ print STDERR "Imported platform $mf_platform\n";
+}
+
+if (($platform =~ /VC-(.+)/))
+ {
+ $FLAVOR=$1;
+ $NT = 1 if $1 eq "NT";
+ require 'VC-32.pl';
+ }
+elsif ($platform eq "Mingw32")
+ {
+ require 'Mingw32.pl';
+ }
+elsif ($platform eq "Mingw32-files")
+ {
+ require 'Mingw32f.pl';
+ }
+elsif ($platform eq "BC-NT")
+ {
+ $bc=1;
+ require 'BC-32.pl';
+ }
+elsif ($platform eq "FreeBSD")
+ {
+ require 'unix.pl';
+ $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
+ }
+elsif ($platform eq "linux-elf")
+ {
+ require "unix.pl";
+ require "linux.pl";
+ $unix=1;
+ }
+elsif ($platform eq "ultrix-mips")
+ {
+ require "unix.pl";
+ require "ultrix.pl";
+ $unix=1;
+ }
+elsif ($platform eq "OS2-EMX")
+ {
+ $wc=1;
+ require 'OS2-EMX.pl';
+ }
+elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") ||
+ ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock"))
+ {
+ $LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock";
+ $BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock");
+ require 'netware.pl';
+ }
+else
+ {
+ require "unix.pl";
+
+ $unix=1;
+ $cflags.=' -DTERMIO';
+ }
+
+$fipsdir =~ s/\//${o}/g;
+
+$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
+$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
+$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
+
+$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
+
+$cflags= "$xcflags$cflags" if $xcflags ne "";
+
+$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
+$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
+$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia;
+$cflags.=" -DOPENSSL_NO_SEED" if $no_seed;
+$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
+$cflags.=" -DOPENSSL_NO_RC4" if $no_rc4;
+$cflags.=" -DOPENSSL_NO_RC5" if $no_rc5;
+$cflags.=" -DOPENSSL_NO_MD2" if $no_md2;
+$cflags.=" -DOPENSSL_NO_MD4" if $no_md4;
+$cflags.=" -DOPENSSL_NO_MD5" if $no_md5;
+$cflags.=" -DOPENSSL_NO_SHA" if $no_sha;
+$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
+$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd;
+$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
+$cflags.=" -DOPENSSL_NO_BF" if $no_bf;
+$cflags.=" -DOPENSSL_NO_CAST" if $no_cast;
+$cflags.=" -DOPENSSL_NO_DES" if $no_des;
+$cflags.=" -DOPENSSL_NO_RSA" if $no_rsa;
+$cflags.=" -DOPENSSL_NO_DSA" if $no_dsa;
+$cflags.=" -DOPENSSL_NO_DH" if $no_dh;
+$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool;
+$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
+$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
+$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
+$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
+$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
+$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
+$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
+$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
+$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
+$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
+$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
+$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
+$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
+$cflags.=" -DOPENSSL_FIPS" if $fips;
+$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
+$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
+$cflags.=" -DOPENSSL_NO_WEAK_SSL_CIPHERS" if $no_weak_ssl;
+$cflags.=" -DZLIB" if $zlib_opt;
+$cflags.=" -DZLIB_SHARED" if $zlib_opt == 2;
+$cflags.=" -DOPENSSL_NO_COMP" if $no_comp;
+
+if ($no_static_engine)
+ {
+ $cflags .= " -DOPENSSL_NO_STATIC_ENGINE";
+ }
+else
+ {
+ $cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE";
+ }
+
+#$cflags.=" -DRSAref" if $rsaref ne "";
+
+## if ($unix)
+## { $cflags="$c_flags" if ($c_flags ne ""); }
+##else
+ { $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+
+$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
+
+
+%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
+ "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
+
+if ($msdos)
+ {
+ $banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n";
+ $banner.="\t\@echo top level directory, if you don't have perl, you will\n";
+ $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
+ $banner.="\t\@echo documentation for details.\n";
+ }
+
+# have to do this to allow $(CC) under unix
+$link="$bin_dir$link" if ($link !~ /^\$/);
+
+$INSTALLTOP =~ s|/|$o|g;
+$OPENSSLDIR =~ s|/|$o|g;
+
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+ {
+ s/\s*$//; # was chop, didn't work in mixture of perls for Windows...
+
+ ($key,$val)=/^([^=]+)=(.*)/;
+ if ($key eq "RELATIVE_DIRECTORY")
+ {
+ if ($lib ne "")
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
+ last if ($val eq "FINISHED");
+ $lib="";
+ $libobj="";
+ $dir=$val;
+ }
+
+ if ($key eq "KRB5_INCLUDES")
+ { $cflags .= " $val";}
+
+ if ($key eq "ZLIB_INCLUDE")
+ { $cflags .= " $val" if $val ne "";}
+
+ if ($key eq "LIBZLIB")
+ { $zlib_lib = "$val" if $val ne "";}
+
+ if ($key eq "LIBKRB5")
+ { $ex_libs .= " $val" if $val ne "";}
+
+ if ($key eq "TEST")
+ { $test.=&var_add($dir,$val, 0); }
+
+ if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ { $e_exe.=&var_add($dir,$val, 0); }
+
+ if ($key eq "LIB")
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ }
+ if ($key eq "LIBNAME" && $no_static_engine)
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ $otherlibs .= " $lib";
+ }
+
+ if ($key eq "EXHEADER")
+ { $exheader.=&var_add($dir,$val, 1); }
+
+ if ($key eq "HEADER")
+ { $header.=&var_add($dir,$val, 1); }
+
+ if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine))
+ { $libobj=&var_add($dir,$val, 0); }
+ if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
+ { $engines.=$val }
+
+ if (!($_=<IN>))
+ { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+ }
+close(IN);
+
+if ($shlib)
+ {
+ $extra_install= <<"EOF";
+ \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\"
+ \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\"
+ \$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\"
+ \$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
+EOF
+ if ($no_static_engine)
+ {
+ $extra_install .= <<"EOF"
+ \$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
+ \$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\"
+EOF
+ }
+ }
+else
+ {
+ $extra_install= <<"EOF";
+ \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\"
+ \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
+EOF
+ $ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+ if ($fips)
+ {
+ $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+ $ex_l_libs .= " \$(O_FIPSCANISTER)";
+ }
+ }
+
+$defs= <<"EOF";
+# This makefile has been automatically generated from the OpenSSL distribution.
+# This single makefile will build the complete OpenSSL distribution and
+# by default leave the 'interesting' output files in .${o}out and the stuff
+# that needs deleting in .${o}tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util${o}mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+EOF
+
+$defs .= $preamble if defined $preamble;
+
+$defs.= <<"EOF";
+INSTALLTOP=$INSTALLTOP
+OPENSSLDIR=$OPENSSLDIR
+
+# Set your compiler options
+PLATFORM=$platform
+CC=$bin_dir${cc}
+CFLAG=$cflags
+APP_CFLAG=$app_cflag
+LIB_CFLAG=$lib_cflag
+SHLIB_CFLAG=$shl_cflag
+APP_EX_OBJ=$app_ex_obj
+SHLIB_EX_OBJ=$shlib_ex_obj
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=$ex_libs
+
+# The OpenSSL directory
+SRC_D=$src_dir
+
+LINK_CMD=$link
+LFLAGS=$lflags
+RSC=$rsc
+
+# The output directory for everything intersting
+OUT_D=$out_dir
+# The output directory for all the temporary muck
+TMP_D=$tmp_dir
+# The output directory for the header files
+INC_D=$inc_dir
+INCO_D=$inc_dir${o}openssl
+
+PERL=$perl
+CP=$cp
+RM=$rm
+RANLIB=$ranlib
+MKDIR=$mkdir
+MKLIB=$bin_dir$mklib
+MLFLAGS=$mlflags
+ASM=$bin_dir$asm
+
+# FIPS validated module and support file locations
+
+FIPSDIR=$fipsdir
+BASEADDR=$baseaddr
+FIPSLIB_D=\$(FIPSDIR)${o}lib
+FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
+O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
+FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
+E_PREMAIN_DSO=fips_premain_dso
+PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
+FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=openssl
+SSL=$ssl
+CRYPTO=$crypto
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+# ENG_D - dynamic engine output directory
+# Note: if you change these point to different directories then uncomment out
+# the lines around the 'NB' comment below.
+#
+BIN_D=\$(OUT_D)
+TEST_D=\$(OUT_D)
+LIB_D=\$(OUT_D)
+ENG_D=\$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=\$(TMP_D)
+INCL_D=\$(TMP_D)
+
+O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
+O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
+SO_SSL= $plib\$(SSL)$so_shlibp
+SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
+L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
+L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
+
+L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-I\$(INC_D) -I\$(INCL_D)
+APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
+LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
+SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
+LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
+
+#############################################
+EOF
+
+$rules=<<"EOF";
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
+
+banner:
+$banner
+
+\$(TMP_D):
+ \$(MKDIR) \"\$(TMP_D)\"
+# NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different
+#\$(BIN_D):
+# \$(MKDIR) \$(BIN_D)
+#
+#\$(TEST_D):
+# \$(MKDIR) \$(TEST_D)
+
+\$(LIB_D):
+ \$(MKDIR) \"\$(LIB_D)\"
+
+\$(INCO_D): \$(INC_D)
+ \$(MKDIR) \"\$(INCO_D)\"
+
+\$(INC_D):
+ \$(MKDIR) \"\$(INC_D)\"
+
+headers: \$(HEADER) \$(EXHEADER)
+ @
+
+lib: \$(LIBS_DEP) \$(E_SHLIB)
+
+exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
+
+install: all
+ \$(MKDIR) \"\$(INSTALLTOP)\"
+ \$(MKDIR) \"\$(INSTALLTOP)${o}bin\"
+ \$(MKDIR) \"\$(INSTALLTOP)${o}include\"
+ \$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
+ \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
+ \$(MKDIR) \"\$(OPENSSLDIR)\"
+ \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
+$extra_install
+
+
+test: \$(T_EXE)
+ cd \$(BIN_D)
+ ..${o}ms${o}test
+
+clean:
+ \$(RM) \$(TMP_D)$o*.*
+
+vclean:
+ \$(RM) \$(TMP_D)$o*.*
+ \$(RM) \$(OUT_D)$o*.*
+
+EOF
+
+my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
+$platform_cpp_symbol =~ s/-/_/g;
+if (open(IN,"crypto/buildinf.h"))
+ {
+ # Remove entry for this platform in existing file buildinf.h.
+
+ my $old_buildinf_h = "";
+ while (<IN>)
+ {
+ if (/^\#ifdef $platform_cpp_symbol$/)
+ {
+ while (<IN>) { last if (/^\#endif/); }
+ }
+ else
+ {
+ $old_buildinf_h .= $_;
+ }
+ }
+ close(IN);
+
+ open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
+ print OUT $old_buildinf_h;
+ close(OUT);
+ }
+
+open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h";
+printf OUT <<EOF;
+#ifdef $platform_cpp_symbol
+ /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
+ #define CFLAGS "compiler: $cc $cflags"
+ #define PLATFORM "$platform"
+EOF
+printf OUT " #define DATE \"%s\"\n", scalar gmtime();
+printf OUT "#endif\n";
+close(OUT);
+
+# Strip of trailing ' '
+foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
+$test=&clean_up_ws($test);
+$e_exe=&clean_up_ws($e_exe);
+$exheader=&clean_up_ws($exheader);
+$header=&clean_up_ws($header);
+
+# First we strip the exheaders from the headers list
+foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
+foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
+chop($h); $header=$h;
+
+$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
+$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
+
+$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
+$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
+
+$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
+
+$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+
+# Special case rule for fips_premain_dso
+
+if ($fips)
+ {
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
+ "\$(FIPS_PREMAIN_SRC)",
+ "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)", "");
+ $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
+ }
+
+foreach (values %lib_nam)
+ {
+ $lib_obj=$lib_obj{$_};
+ local($slib)=$shlib;
+
+ $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
+ $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
+ $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
+ }
+
+# hack to add version info on MSVC
+if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A")
+ || ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) {
+ $rules.= <<"EOF";
+\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc
+ \$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc
+
+\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc
+ \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc
+
+EOF
+}
+
+$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
+foreach (split(/\s+/,$test))
+ {
+ $t=&bname($_);
+ $tt="\$(OBJ_D)${o}$t${obj}";
+ $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+ }
+
+$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp);
+
+foreach (split(/\s+/,$engines))
+ {
+ $rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib);
+ $rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,"");
+ }
+
+
+
+$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
+
+if ($fips)
+ {
+ if ($shlib)
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(O_CRYPTO)", "$crypto",
+ $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
+ "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ }
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
+ "\$(SO_CRYPTO)");
+ }
+
+foreach (split(" ",$otherlibs))
+ {
+ my $uc = $_;
+ $uc =~ tr /a-z/A-Z/;
+ $rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, "");
+
+ }
+
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
+
+print $defs;
+
+if ($platform eq "linux-elf") {
+ print <<"EOF";
+# Generate perlasm output files
+%.cpp:
+ (cd \$(\@D)/..; PERL=perl make -f Makefile asm/\$(\@F))
+EOF
+}
+print "###################################################################\n";
+print $rules;
+
+###############################################
+# strip off any trailing .[och] and append the relative directory
+# also remembering to do nothing if we are in one of the dropped
+# directories
+sub var_add
+ {
+ local($dir,$val,$keepext)=@_;
+ local(@a,$_,$ret);
+
+ return("") if $no_engine && $dir =~ /\/engine/;
+ return("") if $no_hw && $dir =~ /\/hw/;
+ return("") if $no_idea && $dir =~ /\/idea/;
+ return("") if $no_aes && $dir =~ /\/aes/;
+ return("") if $no_camellia && $dir =~ /\/camellia/;
+ return("") if $no_seed && $dir =~ /\/seed/;
+ return("") if $no_rc2 && $dir =~ /\/rc2/;
+ return("") if $no_rc4 && $dir =~ /\/rc4/;
+ return("") if $no_rc5 && $dir =~ /\/rc5/;
+ return("") if $no_rsa && $dir =~ /\/rsa/;
+ return("") if $no_rsa && $dir =~ /^rsaref/;
+ return("") if $no_dsa && $dir =~ /\/dsa/;
+ return("") if $no_dh && $dir =~ /\/dh/;
+ return("") if $no_ec && $dir =~ /\/ec/;
+ return("") if $no_gost && $dir =~ /\/ccgost/;
+ return("") if $no_cms && $dir =~ /\/cms/;
+ return("") if $no_jpake && $dir =~ /\/jpake/;
+ return("") if $no_comp && $dir =~ /\/comp/;
+ if ($no_des && $dir =~ /\/des/)
+ {
+ if ($val =~ /read_pwd/)
+ { return("$dir/read_pwd "); }
+ else
+ { return(""); }
+ }
+ return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+ return("") if $no_sock && $dir =~ /\/proxy/;
+ return("") if $no_bf && $dir =~ /\/bf/;
+ return("") if $no_cast && $dir =~ /\/cast/;
+ return("") if $no_whirlpool && $dir =~ /\/whrlpool/;
+
+ $val =~ s/^\s*(.*)\s*$/$1/;
+ @a=split(/\s+/,$val);
+ grep(s/\.[och]$//, at a) unless $keepext;
+
+ @a=grep(!/^e_.*_3d$/, at a) if $no_des;
+ @a=grep(!/^e_.*_d$/, at a) if $no_des;
+ @a=grep(!/^e_.*_ae$/, at a) if $no_idea;
+ @a=grep(!/^e_.*_i$/, at a) if $no_aes;
+ @a=grep(!/^e_.*_r2$/, at a) if $no_rc2;
+ @a=grep(!/^e_.*_r5$/, at a) if $no_rc5;
+ @a=grep(!/^e_.*_bf$/, at a) if $no_bf;
+ @a=grep(!/^e_.*_c$/, at a) if $no_cast;
+ @a=grep(!/^e_rc4$/, at a) if $no_rc4;
+ @a=grep(!/^e_camellia$/, at a) if $no_camellia;
+ @a=grep(!/^e_seed$/, at a) if $no_seed;
+
+ #@a=grep(!/(^s2_)|(^s23_)/, at a) if $no_ssl2;
+ #@a=grep(!/(^s3_)|(^s23_)/, at a) if $no_ssl3;
+
+ @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/, at a) if $no_sock;
+
+ @a=grep(!/(^md2)|(_md2$)/, at a) if $no_md2;
+ @a=grep(!/(^md4)|(_md4$)/, at a) if $no_md4;
+ @a=grep(!/(^md5)|(_md5$)/, at a) if $no_md5;
+ @a=grep(!/(rmd)|(ripemd)/, at a) if $no_ripemd;
+
+ @a=grep(!/(^d2i_r_)|(^i2d_r_)/, at a) if $no_rsa;
+ @a=grep(!/(^p_open$)|(^p_seal$)/, at a) if $no_rsa;
+ @a=grep(!/(^pem_seal$)/, at a) if $no_rsa;
+
+ @a=grep(!/(m_dss$)|(m_dss1$)/, at a) if $no_dsa;
+ @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/, at a) if $no_dsa;
+
+ @a=grep(!/^n_pkey$/, at a) if $no_rsa || $no_rc4;
+
+ @a=grep(!/_dhp$/, at a) if $no_dh;
+
+ @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/, at a) if $no_sha;
+ @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/, at a) if $no_sha1;
+ @a=grep(!/_mdc2$/, at a) if $no_mdc2;
+
+ @a=grep(!/(srp)/, at a) if $no_srp;
+
+ @a=grep(!/^engine$/, at a) if $no_engine;
+ @a=grep(!/^hw$/, at a) if $no_hw;
+ @a=grep(!/(^rsa$)|(^genrsa$)/, at a) if $no_rsa;
+ @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/, at a) if $no_dsa;
+ @a=grep(!/^gendsa$/, at a) if $no_sha1;
+ @a=grep(!/(^dh$)|(^gendh$)/, at a) if $no_dh;
+
+ @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/, at a) if $no_sha1;
+
+ grep($_="$dir/$_", at a);
+ @a=grep(!/(^|\/)s_/, at a) if $no_sock;
+ @a=grep(!/(^|\/)bio_sock/, at a) if $no_sock;
+ $ret=join(' ', at a)." ";
+ return($ret);
+ }
+
+# change things so that each 'token' is only separated by one space
+sub clean_up_ws
+ {
+ local($w)=@_;
+
+ $w =~ s/^\s*(.*)\s*$/$1/;
+ $w =~ s/\s+/ /g;
+ return($w);
+ }
+
+sub do_defs
+ {
+ local($var,$files,$location,$postfix)=@_;
+ local($_,$ret,$pf);
+ local(*OUT,$tmp,$t);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ $ret="$var=";
+ $n=1;
+ $Vars{$var}.="";
+ foreach (split(/ /,$files))
+ {
+ $orig=$_;
+ $_=&bname($_) unless /^\$/;
+ if ($n++ == 2)
+ {
+ $n=0;
+ $ret.="\\\n\t";
+ }
+ if (($_ =~ /bss_file/) && ($postfix eq ".h"))
+ { $pf=".c"; }
+ else { $pf=$postfix; }
+ if ($_ =~ /BN_ASM/) { $t="$_ "; }
+ elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /DES_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /BF_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
+ elsif ($_ =~ /RC4_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /RC5_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
+ elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
+ else { $t="$location${o}$_$pf "; }
+
+ $Vars{$var}.="$t ";
+ $ret.=$t;
+ }
+ # hack to add version info on MSVC
+ if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT")))
+ {
+ if ($var eq "CRYPTOOBJ")
+ { $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; }
+ elsif ($var eq "SSLOBJ")
+ { $ret.="\$(OBJ_D)\\\$(SSL).res "; }
+ }
+ chomp($ret);
+ $ret.="\n\n";
+ return($ret);
+ }
+
+# return the name with the leading path removed
+sub bname
+ {
+ local($ret)=@_;
+ $ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
+ return($ret);
+ }
+
+# return the leading path
+sub dname
+ {
+ my $ret=shift;
+ $ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/;
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+# compile the files in '$files' into $to
+sub do_compile_rule
+ {
+ local($to,$files,$ex)=@_;
+ local($ret,$_,$n,$d,$s);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ $d=&dname($_);
+ if (-f "${_}.c")
+ {
+ $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+ }
+ elsif (-f ($s="${d}${o}asm${o}${n}.pl") or
+ ($s=~s/sha256/sha512/ and -f $s) or
+ -f ($s="${d}${o}${n}.pl"))
+ {
+ $ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n);
+ }
+ elsif (-f ($s="${d}${o}asm${o}${n}.S") or
+ -f ($s="${d}${o}${n}.S"))
+ {
+ $ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
+ }
+ else { die "no rule for $_"; }
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+sub perlasm_compile_target
+ {
+ my($target,$source,$bname)=@_;
+ my($ret);
+
+ $bname =~ s/(.*)\.[^\.]$/$1/;
+ $ret ="\$(TMP_D)$o$bname.asm: $source\n";
+ $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n";
+ $ret.="$target: \$(TMP_D)$o$bname.asm\n";
+ $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+ return($ret);
+ }
+
+sub Sasm_compile_target
+ {
+ my($target,$source,$bname)=@_;
+ my($ret);
+
+ $bname =~ s/(.*)\.[^\.]$/$1/;
+ $ret ="\$(TMP_D)$o$bname.asm: $source\n";
+ $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n";
+ $ret.="$target: \$(TMP_D)$o$bname.asm\n";
+ $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+ return($ret);
+ }
+
+sub cc_compile_target
+ {
+ local($target,$source,$ex_flags, $srcd)=@_;
+ local($ret);
+
+ $ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
+ $target =~ s/\//$o/g if $o ne "/";
+ $source =~ s/\//$o/g if $o ne "/";
+ $srcd = "\$(SRC_D)$o" unless defined $srcd;
+ $ret ="$target: $srcd$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c $srcd$source\n\n";
+ return($ret);
+ }
+
+##############################################################
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret, at s, at t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @t=split(/\s+/,$target);
+ @s=split(/\s+/,$src);
+
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ my $objfile = $t[$i];
+ my $srcfile = $s[$i];
+
+ if ($perl_asm == 1)
+ {
+ my $plasm = $objfile;
+ $plasm =~ s/${obj}/.pl/;
+ $ret.="$srcfile: $plasm\n";
+ $ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n";
+ }
+
+ $ret.="$objfile: $srcfile\n";
+ $ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n";
+ }
+ return($ret);
+ }
+
+sub do_shlib_rule
+ {
+ local($n,$def)=@_;
+ local($ret,$nn);
+ local($t);
+
+ ($nn=$n) =~ tr/a-z/A-Z/;
+ $ret.="$n.dll: \$(${nn}OBJ)\n";
+ if ($vc && $w32)
+ {
+ $ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n \$(${nn}OBJ_F)\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+# do a rule for each file that says 'copy' to new direcory on change
+sub do_copy_rule
+ {
+ local($to,$files,$p)=@_;
+ local($ret,$_,$n,$pp);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ if ($n =~ /bss_file/)
+ { $pp=".c"; }
+ else { $pp=$p; }
+ $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
+ }
+ return($ret);
+ }
+
+# Options picked up from the OPTIONS line in the top level Makefile
+# generated by Configure.
+
+sub read_options
+ {
+ # Many options are handled in a similar way. In particular
+ # no-xxx sets zero or more scalars to 1.
+ # Process these using the %valid_options hash containing the option
+ # name and reference to the scalars to set. In some cases the option
+ # needs no special handling and can be ignored: this is done by
+ # setting the value to 0.
+
+ my %valid_options = (
+ "no-rc2" => \$no_rc2,
+ "no-rc4" => \$no_rc4,
+ "no-rc5" => \$no_rc5,
+ "no-idea" => \$no_idea,
+ "no-aes" => \$no_aes,
+ "no-camellia" => \$no_camellia,
+ "no-seed" => \$no_seed,
+ "no-des" => \$no_des,
+ "no-bf" => \$no_bf,
+ "no-cast" => \$no_cast,
+ "no-md2" => \$no_md2,
+ "no-md4" => \$no_md4,
+ "no-md5" => \$no_md5,
+ "no-sha" => \$no_sha,
+ "no-sha1" => \$no_sha1,
+ "no-ripemd" => \$no_ripemd,
+ "no-mdc2" => \$no_mdc2,
+ "no-whirlpool" => \$no_whirlpool,
+ "no-patents" =>
+ [\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa],
+ "no-rsa" => \$no_rsa,
+ "no-dsa" => \$no_dsa,
+ "no-dh" => \$no_dh,
+ "no-hmac" => \$no_hmac,
+ "no-asm" => \$no_asm,
+ "nasm" => \$nasm,
+ "nw-nasm" => \$nw_nasm,
+ "nw-mwasm" => \$nw_mwasm,
+ "gaswin" => \$gaswin,
+ "no-ssl2" => \$no_ssl2,
+ "no-ssl2-method" => 0,
+ "no-ssl3" => \$no_ssl3,
+ "no-ssl3-method" => 0,
+ "no-tlsext" => \$no_tlsext,
+ "no-srp" => \$no_srp,
+ "no-cms" => \$no_cms,
+ "no-ec2m" => \$no_ec2m,
+ "no-jpake" => \$no_jpake,
+ "no-ec_nistp_64_gcc_128" => 0,
+ "no-weak-ssl-ciphers" => \$no_weak_ssl,
+ "no-err" => \$no_err,
+ "no-sock" => \$no_sock,
+ "no-krb5" => \$no_krb5,
+ "no-ec" => \$no_ec,
+ "no-ecdsa" => \$no_ecdsa,
+ "no-ecdh" => \$no_ecdh,
+ "no-gost" => \$no_gost,
+ "no-engine" => \$no_engine,
+ "no-hw" => \$no_hw,
+ "no-rsax" => 0,
+ "just-ssl" =>
+ [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
+ \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
+ \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
+ \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
+ "rsaref" => 0,
+ "gcc" => \$gcc,
+ "debug" => \$debug,
+ "profile" => \$profile,
+ "shlib" => \$shlib,
+ "dll" => \$shlib,
+ "shared" => 0,
+ "no-sctp" => 0,
+ "no-srtp" => 0,
+ "no-gmp" => 0,
+ "no-rfc3779" => 0,
+ "no-montasm" => 0,
+ "no-shared" => 0,
+ "no-store" => 0,
+ "no-unit-test" => 0,
+ "no-zlib" => 0,
+ "no-zlib-dynamic" => 0,
+ "no-comp" => \$no_comp,
+ "fips" => \$fips
+ );
+
+ if (exists $valid_options{$_})
+ {
+ my $r = $valid_options{$_};
+ if ( ref $r eq "SCALAR")
+ { $$r = 1;}
+ elsif ( ref $r eq "ARRAY")
+ {
+ my $r2;
+ foreach $r2 (@$r)
+ {
+ $$r2 = 1;
+ }
+ }
+ }
+ elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
+ elsif (/^enable-zlib-dynamic$/)
+ {
+ $zlib_opt = 2;
+ }
+ elsif (/^no-static-engine/)
+ {
+ $no_static_engine = 1;
+ }
+ elsif (/^enable-static-engine/)
+ {
+ $no_static_engine = 0;
+ }
+ # There are also enable-xxx options which correspond to
+ # the no-xxx. Since the scalars are enabled by default
+ # these can be ignored.
+ elsif (/^enable-/)
+ {
+ my $t = $_;
+ $t =~ s/^enable/no/;
+ if (exists $valid_options{$t})
+ {return 1;}
+ return 0;
+ }
+ # experimental-xxx is mostly like enable-xxx, but opensslconf.v
+ # will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
+ # (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
+ elsif (/^experimental-/)
+ {
+ my $algo, $ALGO;
+ ($algo = $_) =~ s/^experimental-//;
+ ($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
+
+ $xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
+
+ }
+ elsif (/^--with-krb5-flavor=(.*)$/)
+ {
+ my $krb5_flavor = $1;
+ if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
+ {
+ $xcflags="-DKRB5_HEIMDAL $xcflags";
+ }
+ elsif ($krb5_flavor =~ /^MIT/i)
+ {
+ $xcflags="-DKRB5_MIT $xcflags";
+ if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
+ {
+ $xcflags="-DKRB5_MIT_OLD11 $xcflags"
+ }
+ }
+ }
+ elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
+ elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
+ elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
+ { $c_flags.="$_ "; }
+ else { return(0); }
+ return(1);
+ }
Deleted: vendor-crypto/openssl/1.0.1u/util/mkdef.pl
===================================================================
--- vendor-crypto/openssl/dist/util/mkdef.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/mkdef.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,1552 +0,0 @@
-#!/usr/local/bin/perl -w
-#
-# generate a .def file
-#
-# It does this by parsing the header files and looking for the
-# prototyped functions: it then prunes the output.
-#
-# Intermediary files are created, call libeay.num and ssleay.num,...
-# Previously, they had the following format:
-#
-# routine-name nnnn
-#
-# But that isn't enough for a number of reasons, the first on being that
-# this format is (needlessly) very Win32-centric, and even then...
-# One of the biggest problems is that there's no information about what
-# routines should actually be used, which varies with what crypto algorithms
-# are disabled. Also, some operating systems (for example VMS with VAX C)
-# need to keep track of the global variables as well as the functions.
-#
-# So, a remake of this script is done so as to include information on the
-# kind of symbol it is (function or variable) and what algorithms they're
-# part of. This will allow easy translating to .def files or the corresponding
-# file in other operating systems (a .opt file for VMS, possibly with a .mar
-# file).
-#
-# The format now becomes:
-#
-# routine-name nnnn info
-#
-# and the "info" part is actually a colon-separated string of fields with
-# the following meaning:
-#
-# existence:platform:kind:algorithms
-#
-# - "existence" can be "EXIST" or "NOEXIST" depending on if the symbol is
-# found somewhere in the source,
-# - "platforms" is empty if it exists on all platforms, otherwise it contains
-# comma-separated list of the platform, just as they are if the symbol exists
-# for those platforms, or prepended with a "!" if not. This helps resolve
-# symbol name variants for platforms where the names are too long for the
-# compiler or linker, or if the systems is case insensitive and there is a
-# clash, or the symbol is implemented differently (see
-# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found
-# in the file crypto/symhacks.h.
-# The semantics for the platforms is that every item is checked against the
-# environment. For the negative items ("!FOO"), if any of them is false
-# (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
-# used. For the positive itms, if all of them are false in the environment,
-# the corresponding symbol can't be used. Any combination of positive and
-# negative items are possible, and of course leave room for some redundancy.
-# - "kind" is "FUNCTION" or "VARIABLE". The meaning of that is obvious.
-# - "algorithms" is a comma-separated list of algorithm names. This helps
-# exclude symbols that are part of an algorithm that some user wants to
-# exclude.
-#
-
-my $debug=0;
-
-my $crypto_num= "util/libeay.num";
-my $ssl_num= "util/ssleay.num";
-my $libname;
-
-my $do_update = 0;
-my $do_rewrite = 1;
-my $do_crypto = 0;
-my $do_ssl = 0;
-my $do_ctest = 0;
-my $do_ctestall = 0;
-my $do_checkexist = 0;
-
-my $VMSVAX=0;
-my $VMSNonVAX=0;
-my $VMS=0;
-my $W32=0;
-my $W16=0;
-my $NT=0;
-my $OS2=0;
-# Set this to make typesafe STACK definitions appear in DEF
-my $safe_stack_def = 0;
-
-my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
-my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
-my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
- "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
- "SHA256", "SHA512", "RIPEMD",
- "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
- "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
- # EC_NISTP_64_GCC_128
- "EC_NISTP_64_GCC_128",
- # Envelope "algorithms"
- "EVP", "X509", "ASN1_TYPEDEFS",
- # Helper "algorithms"
- "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
- "LOCKING",
- # External "algorithms"
- "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM",
- # Engines
- "STATIC_ENGINE", "ENGINE", "HW", "GMP",
- # RFC3779
- "RFC3779",
- # TLS
- "TLSEXT", "PSK", "SRP", "HEARTBEATS",
- # CMS
- "CMS",
- # CryptoAPI Engine
- "CAPIENG",
- # SSL v2
- "SSL2",
- # SSL v3 method
- "SSL3_METHOD",
- # JPAKE
- "JPAKE",
- # NEXTPROTONEG
- "NEXTPROTONEG",
- # Deprecated functions
- "DEPRECATED",
- # Hide SSL internals
- "SSL_INTERN",
- # SCTP
- "SCTP",
- # SRTP
- "SRTP",
- # Unit testing
- "UNIT_TEST");
-
-my $options="";
-open(IN,"<Makefile") || die "unable to open Makefile!\n";
-while(<IN>) {
- $options=$1 if (/^OPTIONS=(.*)$/);
-}
-close(IN);
-
-# The following ciphers may be excluded (by Configure). This means functions
-# defined with ifndef(NO_XXX) are not included in the .def file, and everything
-# in directory xxx is ignored.
-my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
-my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed;
-my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
-my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
-my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
-my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
-my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
-my $no_nextprotoneg; my $no_sctp; my $no_srtp;
-my $no_unit_test; my $no_ssl3_method;
-
-my $fips;
-
-my $zlib;
-
-
-foreach (@ARGV, split(/ /, $options))
- {
- $debug=1 if $_ eq "debug";
- $W32=1 if $_ eq "32";
- $W16=1 if $_ eq "16";
- if($_ eq "NT") {
- $W32 = 1;
- $NT = 1;
- }
- if ($_ eq "VMS-VAX") {
- $VMS=1;
- $VMSVAX=1;
- }
- if ($_ eq "VMS-NonVAX") {
- $VMS=1;
- $VMSNonVAX=1;
- }
- $VMS=1 if $_ eq "VMS";
- $OS2=1 if $_ eq "OS2";
- $fips=1 if /^fips/;
- if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
- || $_ eq "enable-zlib-dynamic") {
- $zlib = 1;
- }
-
- $do_ssl=1 if $_ eq "ssleay";
- if ($_ eq "ssl") {
- $do_ssl=1;
- $libname=$_
- }
- $do_crypto=1 if $_ eq "libeay";
- if ($_ eq "crypto") {
- $do_crypto=1;
- $libname=$_;
- }
- $no_static_engine=1 if $_ eq "no-static-engine";
- $no_static_engine=0 if $_ eq "enable-static-engine";
- $do_update=1 if $_ eq "update";
- $do_rewrite=1 if $_ eq "rewrite";
- $do_ctest=1 if $_ eq "ctest";
- $do_ctestall=1 if $_ eq "ctestall";
- $do_checkexist=1 if $_ eq "exist";
- #$safe_stack_def=1 if $_ eq "-DDEBUG_SAFESTACK";
-
- if (/^no-rc2$/) { $no_rc2=1; }
- elsif (/^no-rc4$/) { $no_rc4=1; }
- elsif (/^no-rc5$/) { $no_rc5=1; }
- elsif (/^no-idea$/) { $no_idea=1; }
- elsif (/^no-des$/) { $no_des=1; $no_mdc2=1; }
- elsif (/^no-bf$/) { $no_bf=1; }
- elsif (/^no-cast$/) { $no_cast=1; }
- elsif (/^no-whirlpool$/) { $no_whirlpool=1; }
- elsif (/^no-md2$/) { $no_md2=1; }
- elsif (/^no-md4$/) { $no_md4=1; }
- elsif (/^no-md5$/) { $no_md5=1; }
- elsif (/^no-sha$/) { $no_sha=1; }
- elsif (/^no-ripemd$/) { $no_ripemd=1; }
- elsif (/^no-mdc2$/) { $no_mdc2=1; }
- elsif (/^no-rsa$/) { $no_rsa=1; }
- elsif (/^no-dsa$/) { $no_dsa=1; }
- elsif (/^no-dh$/) { $no_dh=1; }
- elsif (/^no-ec$/) { $no_ec=1; }
- elsif (/^no-ecdsa$/) { $no_ecdsa=1; }
- elsif (/^no-ecdh$/) { $no_ecdh=1; }
- elsif (/^no-hmac$/) { $no_hmac=1; }
- elsif (/^no-aes$/) { $no_aes=1; }
- elsif (/^no-camellia$/) { $no_camellia=1; }
- elsif (/^no-seed$/) { $no_seed=1; }
- elsif (/^no-evp$/) { $no_evp=1; }
- elsif (/^no-lhash$/) { $no_lhash=1; }
- elsif (/^no-stack$/) { $no_stack=1; }
- elsif (/^no-err$/) { $no_err=1; }
- elsif (/^no-buffer$/) { $no_buffer=1; }
- elsif (/^no-bio$/) { $no_bio=1; }
- #elsif (/^no-locking$/) { $no_locking=1; }
- elsif (/^no-comp$/) { $no_comp=1; }
- elsif (/^no-dso$/) { $no_dso=1; }
- elsif (/^no-krb5$/) { $no_krb5=1; }
- elsif (/^no-engine$/) { $no_engine=1; }
- elsif (/^no-hw$/) { $no_hw=1; }
- elsif (/^no-gmp$/) { $no_gmp=1; }
- elsif (/^no-rfc3779$/) { $no_rfc3779=1; }
- elsif (/^no-tlsext$/) { $no_tlsext=1; }
- elsif (/^no-cms$/) { $no_cms=1; }
- elsif (/^no-ec2m$/) { $no_ec2m=1; }
- elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
- elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
- elsif (/^no-ssl2$/) { $no_ssl2=1; }
- elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
- elsif (/^no-capieng$/) { $no_capieng=1; }
- elsif (/^no-jpake$/) { $no_jpake=1; }
- elsif (/^no-srp$/) { $no_srp=1; }
- elsif (/^no-sctp$/) { $no_sctp=1; }
- elsif (/^no-srtp$/) { $no_srtp=1; }
- elsif (/^no-unit-test$/){ $no_unit_test=1; }
- }
-
-
-if (!$libname) {
- if ($do_ssl) {
- $libname="SSLEAY";
- }
- if ($do_crypto) {
- $libname="LIBEAY";
- }
-}
-
-# If no platform is given, assume WIN32
-if ($W32 + $W16 + $VMS + $OS2 == 0) {
- $W32 = 1;
-}
-
-# Add extra knowledge
-if ($W16) {
- $no_fp_api=1;
-}
-
-if (!$do_ssl && !$do_crypto)
- {
- print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n";
- exit(1);
- }
-
-%ssl_list=&load_numbers($ssl_num);
-$max_ssl = $max_num;
-%crypto_list=&load_numbers($crypto_num);
-$max_crypto = $max_num;
-
-my $ssl="ssl/ssl.h";
-$ssl.=" ssl/kssl.h";
-$ssl.=" ssl/tls1.h";
-$ssl.=" ssl/srtp.h";
-
-my $crypto ="crypto/crypto.h";
-$crypto.=" crypto/cryptlib.h";
-$crypto.=" crypto/o_dir.h";
-$crypto.=" crypto/o_str.h";
-$crypto.=" crypto/o_time.h";
-$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
-$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
-$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
-$crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5;
-$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
-$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
-$crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
-$crypto.=" crypto/whrlpool/whrlpool.h" ;
-$crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
-$crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
-$crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
-$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
-$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
-$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
-$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
-$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
-$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
-
-$crypto.=" crypto/bn/bn.h";
-$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
-$crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa;
-$crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
-$crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
-$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
-$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
-$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
-$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac;
-
-$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
-$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
-$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer;
-$crypto.=" crypto/bio/bio.h" ; # unless $no_bio;
-$crypto.=" crypto/dso/dso.h" ; # unless $no_dso;
-$crypto.=" crypto/lhash/lhash.h" ; # unless $no_lhash;
-$crypto.=" crypto/conf/conf.h";
-$crypto.=" crypto/txt_db/txt_db.h";
-
-$crypto.=" crypto/evp/evp.h" ; # unless $no_evp;
-$crypto.=" crypto/objects/objects.h";
-$crypto.=" crypto/pem/pem.h";
-#$crypto.=" crypto/meth/meth.h";
-$crypto.=" crypto/asn1/asn1.h";
-$crypto.=" crypto/asn1/asn1t.h";
-$crypto.=" crypto/asn1/asn1_mac.h";
-$crypto.=" crypto/err/err.h" ; # unless $no_err;
-$crypto.=" crypto/pkcs7/pkcs7.h";
-$crypto.=" crypto/pkcs12/pkcs12.h";
-$crypto.=" crypto/x509/x509.h";
-$crypto.=" crypto/x509/x509_vfy.h";
-$crypto.=" crypto/x509v3/x509v3.h";
-$crypto.=" crypto/ts/ts.h";
-$crypto.=" crypto/rand/rand.h";
-$crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
-$crypto.=" crypto/ocsp/ocsp.h";
-$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
-$crypto.=" crypto/krb5/krb5_asn.h";
-#$crypto.=" crypto/store/store.h";
-$crypto.=" crypto/pqueue/pqueue.h";
-$crypto.=" crypto/cms/cms.h";
-$crypto.=" crypto/jpake/jpake.h";
-$crypto.=" crypto/modes/modes.h";
-$crypto.=" crypto/srp/srp.h";
-
-my $symhacks="crypto/symhacks.h";
-
-my @ssl_symbols = &do_defs("SSLEAY", $ssl, $symhacks);
-my @crypto_symbols = &do_defs("LIBEAY", $crypto, $symhacks);
-
-if ($do_update) {
-
-if ($do_ssl == 1) {
-
- &maybe_add_info("SSLEAY",*ssl_list, at ssl_symbols);
- if ($do_rewrite == 1) {
- open(OUT, ">$ssl_num");
- &rewrite_numbers(*OUT,"SSLEAY",*ssl_list, at ssl_symbols);
- } else {
- open(OUT, ">>$ssl_num");
- }
- &update_numbers(*OUT,"SSLEAY",*ssl_list,$max_ssl, at ssl_symbols);
- close OUT;
-}
-
-if($do_crypto == 1) {
-
- &maybe_add_info("LIBEAY",*crypto_list, at crypto_symbols);
- if ($do_rewrite == 1) {
- open(OUT, ">$crypto_num");
- &rewrite_numbers(*OUT,"LIBEAY",*crypto_list, at crypto_symbols);
- } else {
- open(OUT, ">>$crypto_num");
- }
- &update_numbers(*OUT,"LIBEAY",*crypto_list,$max_crypto, at crypto_symbols);
- close OUT;
-}
-
-} elsif ($do_checkexist) {
- &check_existing(*ssl_list, @ssl_symbols)
- if $do_ssl == 1;
- &check_existing(*crypto_list, @crypto_symbols)
- if $do_crypto == 1;
-} elsif ($do_ctest || $do_ctestall) {
-
- print <<"EOF";
-
-/* Test file to check all DEF file symbols are present by trying
- * to link to all of them. This is *not* intended to be run!
- */
-
-int main()
-{
-EOF
- &print_test_file(*STDOUT,"SSLEAY",*ssl_list,$do_ctestall, at ssl_symbols)
- if $do_ssl == 1;
-
- &print_test_file(*STDOUT,"LIBEAY",*crypto_list,$do_ctestall, at crypto_symbols)
- if $do_crypto == 1;
-
- print "}\n";
-
-} else {
-
- &print_def_file(*STDOUT,$libname,*ssl_list, at ssl_symbols)
- if $do_ssl == 1;
-
- &print_def_file(*STDOUT,$libname,*crypto_list, at crypto_symbols)
- if $do_crypto == 1;
-
-}
-
-
-sub do_defs
-{
- my($name,$files,$symhacksfile)=@_;
- my $file;
- my @ret;
- my %syms;
- my %platform; # For anything undefined, we assume ""
- my %kind; # For anything undefined, we assume "FUNCTION"
- my %algorithm; # For anything undefined, we assume ""
- my %variant;
- my %variant_cnt; # To be able to allocate "name{n}" if "name"
- # is the same name as the original.
- my $cpp;
- my %unknown_algorithms = ();
-
- foreach $file (split(/\s+/,$symhacksfile." ".$files))
- {
- print STDERR "DEBUG: starting on $file:\n" if $debug;
- open(IN,"<$file") || die "unable to open $file:$!\n";
- my $line = "", my $def= "";
- my %tag = (
- (map { $_ => 0 } @known_platforms),
- (map { "OPENSSL_SYS_".$_ => 0 } @known_ossl_platforms),
- (map { "OPENSSL_NO_".$_ => 0 } @known_algorithms),
- NOPROTO => 0,
- PERL5 => 0,
- _WINDLL => 0,
- CONST_STRICT => 0,
- TRUE => 1,
- );
- my $symhacking = $file eq $symhacksfile;
- my @current_platforms = ();
- my @current_algorithms = ();
-
- # params: symbol, alias, platforms, kind
- # The reason to put this subroutine in a variable is that
- # it will otherwise create it's own, unshared, version of
- # %tag and %variant...
- my $make_variant = sub
- {
- my ($s, $a, $p, $k) = @_;
- my ($a1, $a2);
-
- print STDERR "DEBUG: make_variant: Entered with ",$s,", ",$a,", ",(defined($p)?$p:""),", ",(defined($k)?$k:""),"\n" if $debug;
- if (defined($p))
- {
- $a1 = join(",",$p,
- grep(!/^$/,
- map { $tag{$_} == 1 ? $_ : "" }
- @known_platforms));
- }
- else
- {
- $a1 = join(",",
- grep(!/^$/,
- map { $tag{$_} == 1 ? $_ : "" }
- @known_platforms));
- }
- $a2 = join(",",
- grep(!/^$/,
- map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ : "" }
- @known_ossl_platforms));
- print STDERR "DEBUG: make_variant: a1 = $a1; a2 = $a2\n" if $debug;
- if ($a1 eq "") { $a1 = $a2; }
- elsif ($a1 ne "" && $a2 ne "") { $a1 .= ",".$a2; }
- if ($a eq $s)
- {
- if (!defined($variant_cnt{$s}))
- {
- $variant_cnt{$s} = 0;
- }
- $variant_cnt{$s}++;
- $a .= "{$variant_cnt{$s}}";
- }
- my $toadd = $a.":".$a1.(defined($k)?":".$k:"");
- my $togrep = $s.'(\{[0-9]+\})?:'.$a1.(defined($k)?":".$k:"");
- if (!grep(/^$togrep$/,
- split(/;/, defined($variant{$s})?$variant{$s}:""))) {
- if (defined($variant{$s})) { $variant{$s} .= ";"; }
- $variant{$s} .= $toadd;
- }
- print STDERR "DEBUG: make_variant: Exit with variant of ",$s," = ",$variant{$s},"\n" if $debug;
- };
-
- print STDERR "DEBUG: parsing ----------\n" if $debug;
- while(<IN>) {
- if (/\/\* Error codes for the \w+ functions\. \*\//)
- {
- undef @tag;
- last;
- }
- if ($line ne '') {
- $_ = $line . $_;
- $line = '';
- }
-
- if (/\\$/) {
- chomp; # remove eol
- chop; # remove ending backslash
- $line = $_;
- next;
- }
-
- if(/\/\*/) {
- if (not /\*\//) { # multiline comment...
- $line = $_; # ... just accumulate
- next;
- } else {
- s/\/\*.*?\*\///gs;# wipe it
- }
- }
-
- if ($cpp) {
- $cpp++ if /^#\s*if/;
- $cpp-- if /^#\s*endif/;
- next;
- }
- $cpp = 1 if /^#.*ifdef.*cplusplus/;
-
- s/{[^{}]*}//gs; # ignore {} blocks
- print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne "";
- print STDERR "DEBUG: \$_=\"$_\"\n" if $debug;
- if (/^\#\s*ifndef\s+(.*)/) {
- push(@tag,"-");
- push(@tag,$1);
- $tag{$1}=-1;
- print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
- } elsif (/^\#\s*if\s+!defined\(([^\)]+)\)/) {
- push(@tag,"-");
- if (/^\#\s*if\s+(!defined\(([^\)]+)\)(\s+\&\&\s+!defined\(([^\)]+)\))*)$/) {
- my $tmp_1 = $1;
- my $tmp_;
- foreach $tmp_ (split '\&\&',$tmp_1) {
- $tmp_ =~ /!defined\(([^\)]+)\)/;
- print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
- push(@tag,$1);
- $tag{$1}=-1;
- }
- } else {
- print STDERR "Warning: $file: complicated expression: $_" if $debug; # because it is O...
- print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
- push(@tag,$1);
- $tag{$1}=-1;
- }
- } elsif (/^\#\s*ifdef\s+(\S*)/) {
- push(@tag,"-");
- push(@tag,$1);
- $tag{$1}=1;
- print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
- } elsif (/^\#\s*if\s+defined\(([^\)]+)\)/) {
- push(@tag,"-");
- if (/^\#\s*if\s+(defined\(([^\)]+)\)(\s+\|\|\s+defined\(([^\)]+)\))*)$/) {
- my $tmp_1 = $1;
- my $tmp_;
- foreach $tmp_ (split '\|\|',$tmp_1) {
- $tmp_ =~ /defined\(([^\)]+)\)/;
- print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
- push(@tag,$1);
- $tag{$1}=1;
- }
- } else {
- print STDERR "Warning: $file: complicated expression: $_\n" if $debug; # because it is O...
- print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
- push(@tag,$1);
- $tag{$1}=1;
- }
- } elsif (/^\#\s*error\s+(\w+) is disabled\./) {
- my $tag_i = $#tag;
- while($tag[$tag_i] ne "-") {
- if ($tag[$tag_i] eq "OPENSSL_NO_".$1) {
- $tag{$tag[$tag_i]}=2;
- print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
- }
- $tag_i--;
- }
- } elsif (/^\#\s*endif/) {
- my $tag_i = $#tag;
- while($tag_i > 0 && $tag[$tag_i] ne "-") {
- my $t=$tag[$tag_i];
- print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
- if ($tag{$t}==2) {
- $tag{$t}=-1;
- } else {
- $tag{$t}=0;
- }
- print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
- pop(@tag);
- if ($t =~ /^OPENSSL_NO_([A-Z0-9_]+)$/) {
- $t=$1;
- } else {
- $t="";
- }
- if ($t ne ""
- && !grep(/^$t$/, @known_algorithms)) {
- $unknown_algorithms{$t} = 1;
- #print STDERR "DEBUG: Added as unknown algorithm: $t\n" if $debug;
- }
- $tag_i--;
- }
- pop(@tag);
- } elsif (/^\#\s*else/) {
- my $tag_i = $#tag;
- while($tag[$tag_i] ne "-") {
- my $t=$tag[$tag_i];
- $tag{$t}= -$tag{$t};
- print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
- $tag_i--;
- }
- } elsif (/^\#\s*if\s+1/) {
- push(@tag,"-");
- # Dummy tag
- push(@tag,"TRUE");
- $tag{"TRUE"}=1;
- print STDERR "DEBUG: $file: found 1\n" if $debug;
- } elsif (/^\#\s*if\s+0/) {
- push(@tag,"-");
- # Dummy tag
- push(@tag,"TRUE");
- $tag{"TRUE"}=-1;
- print STDERR "DEBUG: $file: found 0\n" if $debug;
- } elsif (/^\#\s*define\s+(\w+)\s+(\w+)/
- && $symhacking && $tag{'TRUE'} != -1) {
- # This is for aliasing. When we find an alias,
- # we have to invert
- &$make_variant($1,$2);
- print STDERR "DEBUG: $file: defined $1 = $2\n" if $debug;
- }
- if (/^\#/) {
- @current_platforms =
- grep(!/^$/,
- map { $tag{$_} == 1 ? $_ :
- $tag{$_} == -1 ? "!".$_ : "" }
- @known_platforms);
- push @current_platforms
- , grep(!/^$/,
- map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ :
- $tag{"OPENSSL_SYS_".$_} == -1 ? "!".$_ : "" }
- @known_ossl_platforms);
- @current_algorithms =
- grep(!/^$/,
- map { $tag{"OPENSSL_NO_".$_} == -1 ? $_ : "" }
- @known_algorithms);
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- next;
- }
- if ($tag{'TRUE'} != -1) {
- if (/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
- next;
- } elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
- $def .= "int d2i_$3(void);";
- $def .= "int i2d_$3(void);";
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int $2_it;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("$2_it","$2_it",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- next;
- } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_fname\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
- $def .= "int d2i_$3(void);";
- $def .= "int i2d_$3(void);";
- $def .= "int $3_free(void);";
- $def .= "int $3_new(void);";
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int $2_it;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("$2_it","$2_it",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- next;
- } elsif (/^\s*DECLARE_ASN1_FUNCTIONS\s*\(\s*(\w*)\s*\)/ ||
- /^\s*DECLARE_ASN1_FUNCTIONS_const\s*\(\s*(\w*)\s*\)/) {
- $def .= "int d2i_$1(void);";
- $def .= "int i2d_$1(void);";
- $def .= "int $1_free(void);";
- $def .= "int $1_new(void);";
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int $1_it;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("$1_it","$1_it",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- next;
- } elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS_const\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
- $def .= "int d2i_$2(void);";
- $def .= "int i2d_$2(void);";
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int $2_it;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("$2_it","$2_it",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- next;
- } elsif (/^\s*DECLARE_ASN1_ALLOC_FUNCTIONS\s*\(\s*(\w*)\s*\)/) {
- $def .= "int $1_free(void);";
- $def .= "int $1_new(void);";
- next;
- } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
- $def .= "int d2i_$2(void);";
- $def .= "int i2d_$2(void);";
- $def .= "int $2_free(void);";
- $def .= "int $2_new(void);";
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int $2_it;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("$2_it","$2_it",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- next;
- } elsif (/^\s*DECLARE_ASN1_ITEM\s*\(\s*(\w*)\s*\)/) {
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int $1_it;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("$1_it","$1_it",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- next;
- } elsif (/^\s*DECLARE_ASN1_NDEF_FUNCTION\s*\(\s*(\w*)\s*\)/) {
- $def .= "int i2d_$1_NDEF(void);";
- } elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
- next;
- } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION\s*\(\s*(\w*)\s*\)/) {
- $def .= "int $1_print_ctx(void);";
- next;
- } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
- $def .= "int $2_print_ctx(void);";
- next;
- } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) {
- next;
- } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ ||
- /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ||
- /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) {
- # Things not in Win16
- $def .=
- "#INFO:"
- .join(',',"!WIN16", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "int PEM_read_$1(void);";
- $def .= "int PEM_write_$1(void);";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Things that are everywhere
- $def .= "int PEM_read_bio_$1(void);";
- $def .= "int PEM_write_bio_$1(void);";
- next;
- } elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ ||
- /^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) {
- # Things not in Win16
- $def .=
- "#INFO:"
- .join(',',"!WIN16", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "int PEM_write_$1(void);";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Things that are everywhere
- $def .= "int PEM_write_bio_$1(void);";
- next;
- } elsif (/^DECLARE_PEM_read\s*\(\s*(\w*)\s*,/ ||
- /^DECLARE_PEM_read_cb\s*\(\s*(\w*)\s*,/ ) {
- # Things not in Win16
- $def .=
- "#INFO:"
- .join(',',"!WIN16", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "int PEM_read_$1(void);";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Things that are everywhere
- $def .= "int PEM_read_bio_$1(void);";
- next;
- } elsif (/^OPENSSL_DECLARE_GLOBAL\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
- # Variant for platforms that do not
- # have to access globale variables
- # in shared libraries through functions
- $def .=
- "#INFO:"
- .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
- .join(',', at current_algorithms).";";
- $def .= "OPENSSL_EXTERN int _shadow_$2;";
- $def .=
- "#INFO:"
- .join(',', at current_platforms).":"
- .join(',', at current_algorithms).";";
- # Variant for platforms that have to
- # access globale variables in shared
- # libraries through functions
- &$make_variant("_shadow_$2","_shadow_$2",
- "EXPORT_VAR_AS_FUNCTION",
- "FUNCTION");
- } elsif ($tag{'CONST_STRICT'} != 1) {
- if (/\{|\/\*|\([^\)]*$/) {
- $line = $_;
- } else {
- $def .= $_;
- }
- }
- }
- }
- close(IN);
-
- my $algs;
- my $plays;
-
- print STDERR "DEBUG: postprocessing ----------\n" if $debug;
- foreach (split /;/, $def) {
- my $s; my $k = "FUNCTION"; my $p; my $a;
- s/^[\n\s]*//g;
- s/[\n\s]*$//g;
- next if(/\#undef/);
- next if(/typedef\W/);
- next if(/\#define/);
-
- # Reduce argument lists to empty ()
- # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
- while(/\(.*\)/s) {
- s/\([^\(\)]+\)/\{\}/gs;
- s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs; #(*f{}) -> f
- }
- # pretend as we didn't use curly braces: {} -> ()
- s/\{\}/\(\)/gs;
-
- s/STACK_OF\(\)/void/gs;
- s/LHASH_OF\(\)/void/gs;
-
- print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
- if (/^\#INFO:([^:]*):(.*)$/) {
- $plats = $1;
- $algs = $2;
- print STDERR "DEBUG: found info on platforms ($plats) and algorithms ($algs)\n" if $debug;
- next;
- } elsif (/^\s*OPENSSL_EXTERN\s.*?(\w+(\{[0-9]+\})?)(\[[0-9]*\])*\s*$/) {
- $s = $1;
- $k = "VARIABLE";
- print STDERR "DEBUG: found external variable $s\n" if $debug;
- } elsif (/TYPEDEF_\w+_OF/s) {
- next;
- } elsif (/(\w+)\s*\(\).*/s) { # first token prior [first] () is
- $s = $1; # a function name!
- print STDERR "DEBUG: found function $s\n" if $debug;
- } elsif (/\(/ and not (/=/)) {
- print STDERR "File $file: cannot parse: $_;\n";
- next;
- } else {
- next;
- }
-
- $syms{$s} = 1;
- $kind{$s} = $k;
-
- $p = $plats;
- $a = $algs;
- $a .= ",BF" if($s =~ /EVP_bf/);
- $a .= ",CAST" if($s =~ /EVP_cast/);
- $a .= ",DES" if($s =~ /EVP_des/);
- $a .= ",DSA" if($s =~ /EVP_dss/);
- $a .= ",IDEA" if($s =~ /EVP_idea/);
- $a .= ",MD2" if($s =~ /EVP_md2/);
- $a .= ",MD4" if($s =~ /EVP_md4/);
- $a .= ",MD5" if($s =~ /EVP_md5/);
- $a .= ",RC2" if($s =~ /EVP_rc2/);
- $a .= ",RC4" if($s =~ /EVP_rc4/);
- $a .= ",RC5" if($s =~ /EVP_rc5/);
- $a .= ",RIPEMD" if($s =~ /EVP_ripemd/);
- $a .= ",SHA" if($s =~ /EVP_sha/);
- $a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/);
- $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
- $a .= ",RSA" if($s =~ /RSAPrivateKey/);
- $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
-
- $platform{$s} =
- &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
- $algorithm{$s} .= ','.$a;
-
- if (defined($variant{$s})) {
- foreach $v (split /;/,$variant{$s}) {
- (my $r, my $p, my $k) = split(/:/,$v);
- my $ip = join ',',map({ /^!(.*)$/ ? $1 : "!".$_ } split /,/, $p);
- $syms{$r} = 1;
- if (!defined($k)) { $k = $kind{$s}; }
- $kind{$r} = $k."(".$s.")";
- $algorithm{$r} = $algorithm{$s};
- $platform{$r} = &reduce_platforms($platform{$s}.",".$p.",".$p);
- $platform{$s} = &reduce_platforms($platform{$s}.','.$ip.','.$ip);
- print STDERR "DEBUG: \$variant{\"$s\"} = ",$v,"; \$r = $r; \$p = ",$platform{$r},"; \$a = ",$algorithm{$r},"; \$kind = ",$kind{$r},"\n" if $debug;
- }
- }
- print STDERR "DEBUG: \$s = $s; \$p = ",$platform{$s},"; \$a = ",$algorithm{$s},"; \$kind = ",$kind{$s},"\n" if $debug;
- }
- }
-
- # Prune the returned symbols
-
- delete $syms{"bn_dump1"};
- $platform{"BIO_s_log"} .= ",!WIN32,!WIN16,!macintosh";
-
- $platform{"PEM_read_NS_CERT_SEQ"} = "VMS";
- $platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
- $platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
- $platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
- $platform{"EVP_sha384"} = "!VMSVAX";
- $platform{"EVP_sha512"} = "!VMSVAX";
- $platform{"SHA384_Init"} = "!VMSVAX";
- $platform{"SHA384_Transform"} = "!VMSVAX";
- $platform{"SHA384_Update"} = "!VMSVAX";
- $platform{"SHA384_Final"} = "!VMSVAX";
- $platform{"SHA384"} = "!VMSVAX";
- $platform{"SHA512_Init"} = "!VMSVAX";
- $platform{"SHA512_Transform"} = "!VMSVAX";
- $platform{"SHA512_Update"} = "!VMSVAX";
- $platform{"SHA512_Final"} = "!VMSVAX";
- $platform{"SHA512"} = "!VMSVAX";
- $platform{"WHIRLPOOL_Init"} = "!VMSVAX";
- $platform{"WHIRLPOOL"} = "!VMSVAX";
- $platform{"WHIRLPOOL_BitUpdate"} = "!VMSVAX";
- $platform{"EVP_whirlpool"} = "!VMSVAX";
- $platform{"WHIRLPOOL_Final"} = "!VMSVAX";
- $platform{"WHIRLPOOL_Update"} = "!VMSVAX";
-
-
- # Info we know about
-
- push @ret, map { $_."\\".&info_string($_,"EXIST",
- $platform{$_},
- $kind{$_},
- $algorithm{$_}) } keys %syms;
-
- if (keys %unknown_algorithms) {
- print STDERR "WARNING: mkdef.pl doesn't know the following algorithms:\n";
- print STDERR "\t",join("\n\t",keys %unknown_algorithms),"\n";
- }
- return(@ret);
-}
-
-# Param: string of comma-separated platform-specs.
-sub reduce_platforms
-{
- my ($platforms) = @_;
- my $pl = defined($platforms) ? $platforms : "";
- my %p = map { $_ => 0 } split /,/, $pl;
- my $ret;
-
- print STDERR "DEBUG: Entered reduce_platforms with \"$platforms\"\n"
- if $debug;
- # We do this, because if there's code like the following, it really
- # means the function exists in all cases and should therefore be
- # everywhere. By increasing and decreasing, we may attain 0:
- #
- # ifndef WIN16
- # int foo();
- # else
- # int _fat foo();
- # endif
- foreach $platform (split /,/, $pl) {
- if ($platform =~ /^!(.*)$/) {
- $p{$1}--;
- } else {
- $p{$platform}++;
- }
- }
- foreach $platform (keys %p) {
- if ($p{$platform} == 0) { delete $p{$platform}; }
- }
-
- delete $p{""};
-
- $ret = join(',',sort(map { $p{$_} < 0 ? "!".$_ : $_ } keys %p));
- print STDERR "DEBUG: Exiting reduce_platforms with \"$ret\"\n"
- if $debug;
- return $ret;
-}
-
-sub info_string {
- (my $symbol, my $exist, my $platforms, my $kind, my $algorithms) = @_;
-
- my %a = defined($algorithms) ?
- map { $_ => 1 } split /,/, $algorithms : ();
- my $k = defined($kind) ? $kind : "FUNCTION";
- my $ret;
- my $p = &reduce_platforms($platforms);
-
- delete $a{""};
-
- $ret = $exist;
- $ret .= ":".$p;
- $ret .= ":".$k;
- $ret .= ":".join(',',sort keys %a);
- return $ret;
-}
-
-sub maybe_add_info {
- (my $name, *nums, my @symbols) = @_;
- my $sym;
- my $new_info = 0;
- my %syms=();
-
- print STDERR "Updating $name info\n";
- foreach $sym (@symbols) {
- (my $s, my $i) = split /\\/, $sym;
- if (defined($nums{$s})) {
- $i =~ s/^(.*?:.*?:\w+)(\(\w+\))?/$1/;
- (my $n, my $dummy) = split /\\/, $nums{$s};
- if (!defined($dummy) || $i ne $dummy) {
- $nums{$s} = $n."\\".$i;
- $new_info++;
- print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n" if $debug;
- }
- }
- $syms{$s} = 1;
- }
-
- my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums;
- foreach $sym (@s) {
- (my $n, my $i) = split /\\/, $nums{$sym};
- if (!defined($syms{$sym}) && $i !~ /^NOEXIST:/) {
- $new_info++;
- print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n" if $debug;
- }
- }
- if ($new_info) {
- print STDERR "$new_info old symbols got an info update\n";
- if (!$do_rewrite) {
- print STDERR "You should do a rewrite to fix this.\n";
- }
- } else {
- print STDERR "No old symbols needed info update\n";
- }
-}
-
-# Param: string of comma-separated keywords, each possibly prefixed with a "!"
-sub is_valid
-{
- my ($keywords_txt,$platforms) = @_;
- my (@keywords) = split /,/,$keywords_txt;
- my ($falsesum, $truesum) = (0, 1);
-
- # Param: one keyword
- sub recognise
- {
- my ($keyword,$platforms) = @_;
-
- if ($platforms) {
- # platforms
- if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; }
- if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; }
- if ($keyword eq "VMS" && $VMS) { return 1; }
- if ($keyword eq "WIN32" && $W32) { return 1; }
- if ($keyword eq "WIN16" && $W16) { return 1; }
- if ($keyword eq "WINNT" && $NT) { return 1; }
- if ($keyword eq "OS2" && $OS2) { return 1; }
- # Special platforms:
- # EXPORT_VAR_AS_FUNCTION means that global variables
- # will be represented as functions. This currently
- # only happens on VMS-VAX.
- if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
- return 1;
- }
- if ($keyword eq "OPENSSL_FIPS" && $fips) {
- return 1;
- }
- if ($keyword eq "ZLIB" && $zlib) { return 1; }
- return 0;
- } else {
- # algorithms
- if ($keyword eq "RC2" && $no_rc2) { return 0; }
- if ($keyword eq "RC4" && $no_rc4) { return 0; }
- if ($keyword eq "RC5" && $no_rc5) { return 0; }
- if ($keyword eq "IDEA" && $no_idea) { return 0; }
- if ($keyword eq "DES" && $no_des) { return 0; }
- if ($keyword eq "BF" && $no_bf) { return 0; }
- if ($keyword eq "CAST" && $no_cast) { return 0; }
- if ($keyword eq "MD2" && $no_md2) { return 0; }
- if ($keyword eq "MD4" && $no_md4) { return 0; }
- if ($keyword eq "MD5" && $no_md5) { return 0; }
- if ($keyword eq "SHA" && $no_sha) { return 0; }
- if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; }
- if ($keyword eq "MDC2" && $no_mdc2) { return 0; }
- if ($keyword eq "WHIRLPOOL" && $no_whirlpool) { return 0; }
- if ($keyword eq "RSA" && $no_rsa) { return 0; }
- if ($keyword eq "DSA" && $no_dsa) { return 0; }
- if ($keyword eq "DH" && $no_dh) { return 0; }
- if ($keyword eq "EC" && $no_ec) { return 0; }
- if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; }
- if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
- if ($keyword eq "HMAC" && $no_hmac) { return 0; }
- if ($keyword eq "AES" && $no_aes) { return 0; }
- if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
- if ($keyword eq "SEED" && $no_seed) { return 0; }
- if ($keyword eq "EVP" && $no_evp) { return 0; }
- if ($keyword eq "LHASH" && $no_lhash) { return 0; }
- if ($keyword eq "STACK" && $no_stack) { return 0; }
- if ($keyword eq "ERR" && $no_err) { return 0; }
- if ($keyword eq "BUFFER" && $no_buffer) { return 0; }
- if ($keyword eq "BIO" && $no_bio) { return 0; }
- if ($keyword eq "COMP" && $no_comp) { return 0; }
- if ($keyword eq "DSO" && $no_dso) { return 0; }
- if ($keyword eq "KRB5" && $no_krb5) { return 0; }
- if ($keyword eq "ENGINE" && $no_engine) { return 0; }
- if ($keyword eq "HW" && $no_hw) { return 0; }
- if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
- if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }
- if ($keyword eq "GMP" && $no_gmp) { return 0; }
- if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
- if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
- if ($keyword eq "PSK" && $no_psk) { return 0; }
- if ($keyword eq "CMS" && $no_cms) { return 0; }
- if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
- if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
- if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
- { return 0; }
- if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
- if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
- if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
- if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
- if ($keyword eq "SRP" && $no_srp) { return 0; }
- if ($keyword eq "SCTP" && $no_sctp) { return 0; }
- if ($keyword eq "SRTP" && $no_srtp) { return 0; }
- if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
- if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
-
- # Nothing recognise as true
- return 1;
- }
- }
-
- foreach $k (@keywords) {
- if ($k =~ /^!(.*)$/) {
- $falsesum += &recognise($1,$platforms);
- } else {
- $truesum *= &recognise($k,$platforms);
- }
- }
- print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
- return (!$falsesum) && $truesum;
-}
-
-sub print_test_file
-{
- (*OUT,my $name,*nums,my $testall,my @symbols)=@_;
- my $n = 1; my @e; my @r;
- my $sym; my $prev = ""; my $prefSSLeay;
-
- (@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/, at symbols);
- (@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:.*/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/, at symbols);
- @symbols=((sort @e),(sort @r));
-
- foreach $sym (@symbols) {
- (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
- my $v = 0;
- $v = 1 if $i=~ /^.*?:.*?:VARIABLE/;
- my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
- my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
- if (!defined($nums{$s})) {
- print STDERR "Warning: $s does not have a number assigned\n"
- if(!$do_update);
- } elsif (is_valid($p,1) && is_valid($a,0)) {
- my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
- if ($prev eq $s2) {
- print OUT "\t/* The following has already appeared previously */\n";
- print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
- }
- $prev = $s2; # To warn about duplicates...
-
- ($nn,$ni)=($nums{$s2} =~ /^(.*?)\\(.*)$/);
- if ($v) {
- print OUT "\textern int $s2; /* type unknown */ /* $nn $ni */\n";
- } else {
- print OUT "\textern int $s2(); /* type unknown */ /* $nn $ni */\n";
- }
- }
- }
-}
-
-sub get_version {
- local *MF;
- my $v = '?';
- open MF, 'Makefile' or return $v;
- while (<MF>) {
- $v = $1, last if /^VERSION=(.*?)\s*$/;
- }
- close MF;
- return $v;
-}
-
-sub print_def_file
-{
- (*OUT,my $name,*nums,my @symbols)=@_;
- my $n = 1; my @e; my @r; my @v; my $prev="";
- my $liboptions="";
- my $libname = $name;
- my $http_vendor = 'www.openssl.org/';
- my $version = get_version();
- my $what = "OpenSSL: implementation of Secure Socket Layer";
- my $description = "$what $version, $name - http://$http_vendor";
-
- if ($W32)
- { $libname.="32"; }
- elsif ($W16)
- { $libname.="16"; }
- elsif ($OS2)
- { # DLL names should not clash on the whole system.
- # However, they should not have any particular relationship
- # to the name of the static library. Chose descriptive names
- # (must be at most 8 chars).
- my %translate = (ssl => 'open_ssl', crypto => 'cryptssl');
- $libname = $translate{$name} || $name;
- $liboptions = <<EOO;
-INITINSTANCE
-DATA MULTIPLE NONSHARED
-EOO
- # Vendor field can't contain colon, drat; so we omit http://
- $description = "\@#$http_vendor:$version#\@$what; DLL for library $name. Build for EMX -Zmtd";
- }
-
- print OUT <<"EOF";
-;
-; Definition file for the DLL version of the $name library from OpenSSL
-;
-
-LIBRARY $libname $liboptions
-
-EOF
-
- if ($W16) {
- print <<"EOF";
-CODE PRELOAD MOVEABLE
-DATA PRELOAD MOVEABLE SINGLE
-
-EXETYPE WINDOWS
-
-HEAPSIZE 4096
-STACKSIZE 8192
-
-EOF
- }
-
- print "EXPORTS\n";
-
- (@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/, at symbols);
- (@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:FUNCTION/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/, at symbols);
- (@v)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:VARIABLE/, at symbols);
- @symbols=((sort @e),(sort @r), (sort @v));
-
-
- foreach $sym (@symbols) {
- (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
- my $v = 0;
- $v = 1 if $i =~ /^.*?:.*?:VARIABLE/;
- if (!defined($nums{$s})) {
- printf STDERR "Warning: $s does not have a number assigned\n"
- if(!$do_update);
- } else {
- (my $n, my $dummy) = split /\\/, $nums{$s};
- my %pf = ();
- my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
- my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
- if (is_valid($p,1) && is_valid($a,0)) {
- my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
- if ($prev eq $s2) {
- print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
- }
- $prev = $s2; # To warn about duplicates...
- if($v && !$OS2) {
- printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n;
- } else {
- printf OUT " %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n;
- }
- }
- }
- }
- printf OUT "\n";
-}
-
-sub load_numbers
-{
- my($name)=@_;
- my(@a,%ret);
-
- $max_num = 0;
- $num_noinfo = 0;
- $prev = "";
- $prev_cnt = 0;
-
- open(IN,"<$name") || die "unable to open $name:$!\n";
- while (<IN>) {
- chop;
- s/#.*$//;
- next if /^\s*$/;
- @a=split;
- if (defined $ret{$a[0]}) {
- # This is actually perfectly OK
- #print STDERR "Warning: Symbol '",$a[0],"' redefined. old=",$ret{$a[0]},", new=",$a[1],"\n";
- }
- if ($max_num > $a[1]) {
- print STDERR "Warning: Number decreased from ",$max_num," to ",$a[1],"\n";
- }
- elsif ($max_num == $a[1]) {
- # This is actually perfectly OK
- #print STDERR "Warning: Symbol ",$a[0]," has same number as previous ",$prev,": ",$a[1],"\n";
- if ($a[0] eq $prev) {
- $prev_cnt++;
- $a[0] .= "{$prev_cnt}";
- }
- }
- else {
- $prev_cnt = 0;
- }
- if ($#a < 2) {
- # Existence will be proven later, in do_defs
- $ret{$a[0]}=$a[1];
- $num_noinfo++;
- } else {
- $ret{$a[0]}=$a[1]."\\".$a[2]; # \\ is a special marker
- }
- $max_num = $a[1] if $a[1] > $max_num;
- $prev=$a[0];
- }
- if ($num_noinfo) {
- print STDERR "Warning: $num_noinfo symbols were without info.";
- if ($do_rewrite) {
- printf STDERR " The rewrite will fix this.\n";
- } else {
- printf STDERR " You should do a rewrite to fix this.\n";
- }
- }
- close(IN);
- return(%ret);
-}
-
-sub parse_number
-{
- (my $str, my $what) = @_;
- (my $n, my $i) = split(/\\/,$str);
- if ($what eq "n") {
- return $n;
- } else {
- return $i;
- }
-}
-
-sub rewrite_numbers
-{
- (*OUT,$name,*nums, at symbols)=@_;
- my $thing;
-
- print STDERR "Rewriting $name\n";
-
- my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/, at symbols);
- my $r; my %r; my %rsyms;
- foreach $r (@r) {
- (my $s, my $i) = split /\\/, $r;
- my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
- $i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
- $r{$a} = $s."\\".$i;
- $rsyms{$s} = 1;
- }
-
- my %syms = ();
- foreach $_ (@symbols) {
- (my $n, my $i) = split /\\/;
- $syms{$n} = 1;
- }
-
- my @s=sort {
- &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n")
- || $a cmp $b
- } keys %nums;
- foreach $sym (@s) {
- (my $n, my $i) = split /\\/, $nums{$sym};
- next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/;
- next if defined($rsyms{$sym});
- print STDERR "DEBUG: rewrite_numbers for sym = ",$sym,": i = ",$i,", n = ",$n,", rsym{sym} = ",$rsyms{$sym},"syms{sym} = ",$syms{$sym},"\n" if $debug;
- $i="NOEXIST::FUNCTION:"
- if !defined($i) || $i eq "" || !defined($syms{$sym});
- my $s2 = $sym;
- $s2 =~ s/\{[0-9]+\}$//;
- printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
- if (exists $r{$sym}) {
- (my $s, $i) = split /\\/,$r{$sym};
- my $s2 = $s;
- $s2 =~ s/\{[0-9]+\}$//;
- printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
- }
- }
-}
-
-sub update_numbers
-{
- (*OUT,$name,*nums,my $start_num, my @symbols)=@_;
- my $new_syms = 0;
-
- print STDERR "Updating $name numbers\n";
-
- my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/, at symbols);
- my $r; my %r; my %rsyms;
- foreach $r (@r) {
- (my $s, my $i) = split /\\/, $r;
- my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
- $i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
- $r{$a} = $s."\\".$i;
- $rsyms{$s} = 1;
- }
-
- foreach $sym (@symbols) {
- (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
- next if $i =~ /^.*?:.*?:\w+\(\w+\)/;
- next if defined($rsyms{$sym});
- die "ERROR: Symbol $sym had no info attached to it."
- if $i eq "";
- if (!exists $nums{$s}) {
- $new_syms++;
- my $s2 = $s;
- $s2 =~ s/\{[0-9]+\}$//;
- printf OUT "%s%-39s %d\t%s\n","",$s2, ++$start_num,$i;
- if (exists $r{$s}) {
- ($s, $i) = split /\\/,$r{$s};
- $s =~ s/\{[0-9]+\}$//;
- printf OUT "%s%-39s %d\t%s\n","",$s, $start_num,$i;
- }
- }
- }
- if($new_syms) {
- print STDERR "$new_syms New symbols added\n";
- } else {
- print STDERR "No New symbols Added\n";
- }
-}
-
-sub check_existing
-{
- (*nums, my @symbols)=@_;
- my %existing; my @remaining;
- @remaining=();
- foreach $sym (@symbols) {
- (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
- $existing{$s}=1;
- }
- foreach $sym (keys %nums) {
- if (!exists $existing{$sym}) {
- push @remaining, $sym;
- }
- }
- if(@remaining) {
- print STDERR "The following symbols do not seem to exist:\n";
- foreach $sym (@remaining) {
- print STDERR "\t",$sym,"\n";
- }
- }
-}
-
Copied: vendor-crypto/openssl/1.0.1u/util/mkdef.pl (from rev 11605, vendor-crypto/openssl/dist/util/mkdef.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/mkdef.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/mkdef.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,1556 @@
+#!/usr/local/bin/perl -w
+#
+# generate a .def file
+#
+# It does this by parsing the header files and looking for the
+# prototyped functions: it then prunes the output.
+#
+# Intermediary files are created, call libeay.num and ssleay.num,...
+# Previously, they had the following format:
+#
+# routine-name nnnn
+#
+# But that isn't enough for a number of reasons, the first on being that
+# this format is (needlessly) very Win32-centric, and even then...
+# One of the biggest problems is that there's no information about what
+# routines should actually be used, which varies with what crypto algorithms
+# are disabled. Also, some operating systems (for example VMS with VAX C)
+# need to keep track of the global variables as well as the functions.
+#
+# So, a remake of this script is done so as to include information on the
+# kind of symbol it is (function or variable) and what algorithms they're
+# part of. This will allow easy translating to .def files or the corresponding
+# file in other operating systems (a .opt file for VMS, possibly with a .mar
+# file).
+#
+# The format now becomes:
+#
+# routine-name nnnn info
+#
+# and the "info" part is actually a colon-separated string of fields with
+# the following meaning:
+#
+# existence:platform:kind:algorithms
+#
+# - "existence" can be "EXIST" or "NOEXIST" depending on if the symbol is
+# found somewhere in the source,
+# - "platforms" is empty if it exists on all platforms, otherwise it contains
+# comma-separated list of the platform, just as they are if the symbol exists
+# for those platforms, or prepended with a "!" if not. This helps resolve
+# symbol name variants for platforms where the names are too long for the
+# compiler or linker, or if the systems is case insensitive and there is a
+# clash, or the symbol is implemented differently (see
+# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found
+# in the file crypto/symhacks.h.
+# The semantics for the platforms is that every item is checked against the
+# environment. For the negative items ("!FOO"), if any of them is false
+# (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
+# used. For the positive itms, if all of them are false in the environment,
+# the corresponding symbol can't be used. Any combination of positive and
+# negative items are possible, and of course leave room for some redundancy.
+# - "kind" is "FUNCTION" or "VARIABLE". The meaning of that is obvious.
+# - "algorithms" is a comma-separated list of algorithm names. This helps
+# exclude symbols that are part of an algorithm that some user wants to
+# exclude.
+#
+
+my $debug=0;
+
+my $crypto_num= "util/libeay.num";
+my $ssl_num= "util/ssleay.num";
+my $libname;
+
+my $do_update = 0;
+my $do_rewrite = 1;
+my $do_crypto = 0;
+my $do_ssl = 0;
+my $do_ctest = 0;
+my $do_ctestall = 0;
+my $do_checkexist = 0;
+
+my $VMSVAX=0;
+my $VMSNonVAX=0;
+my $VMS=0;
+my $W32=0;
+my $W16=0;
+my $NT=0;
+my $OS2=0;
+# Set this to make typesafe STACK definitions appear in DEF
+my $safe_stack_def = 0;
+
+my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
+my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
+my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
+ "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
+ "SHA256", "SHA512", "RIPEMD",
+ "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
+ "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+ # EC_NISTP_64_GCC_128
+ "EC_NISTP_64_GCC_128",
+ # Envelope "algorithms"
+ "EVP", "X509", "ASN1_TYPEDEFS",
+ # Helper "algorithms"
+ "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
+ "LOCKING",
+ # External "algorithms"
+ "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM",
+ # Engines
+ "STATIC_ENGINE", "ENGINE", "HW", "GMP",
+ # RFC3779
+ "RFC3779",
+ # TLS
+ "TLSEXT", "PSK", "SRP", "HEARTBEATS",
+ # CMS
+ "CMS",
+ # CryptoAPI Engine
+ "CAPIENG",
+ # SSL v2
+ "SSL2",
+ # SSL v2 method
+ "SSL2_METHOD",
+ # SSL v3 method
+ "SSL3_METHOD",
+ # JPAKE
+ "JPAKE",
+ # NEXTPROTONEG
+ "NEXTPROTONEG",
+ # Deprecated functions
+ "DEPRECATED",
+ # Hide SSL internals
+ "SSL_INTERN",
+ # SCTP
+ "SCTP",
+ # SRTP
+ "SRTP",
+ # Unit testing
+ "UNIT_TEST");
+
+my $options="";
+open(IN,"<Makefile") || die "unable to open Makefile!\n";
+while(<IN>) {
+ $options=$1 if (/^OPTIONS=(.*)$/);
+}
+close(IN);
+
+# The following ciphers may be excluded (by Configure). This means functions
+# defined with ifndef(NO_XXX) are not included in the .def file, and everything
+# in directory xxx is ignored.
+my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
+my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed;
+my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
+my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
+my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
+my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
+my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
+my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
+my $no_nextprotoneg; my $no_sctp; my $no_srtp;
+my $no_unit_test; my $no_ssl3_method; my $no_ssl2_method;
+
+my $fips;
+
+my $zlib;
+
+
+foreach (@ARGV, split(/ /, $options))
+ {
+ $debug=1 if $_ eq "debug";
+ $W32=1 if $_ eq "32";
+ $W16=1 if $_ eq "16";
+ if($_ eq "NT") {
+ $W32 = 1;
+ $NT = 1;
+ }
+ if ($_ eq "VMS-VAX") {
+ $VMS=1;
+ $VMSVAX=1;
+ }
+ if ($_ eq "VMS-NonVAX") {
+ $VMS=1;
+ $VMSNonVAX=1;
+ }
+ $VMS=1 if $_ eq "VMS";
+ $OS2=1 if $_ eq "OS2";
+ $fips=1 if /^fips/;
+ if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
+ || $_ eq "enable-zlib-dynamic") {
+ $zlib = 1;
+ }
+
+ $do_ssl=1 if $_ eq "ssleay";
+ if ($_ eq "ssl") {
+ $do_ssl=1;
+ $libname=$_
+ }
+ $do_crypto=1 if $_ eq "libeay";
+ if ($_ eq "crypto") {
+ $do_crypto=1;
+ $libname=$_;
+ }
+ $no_static_engine=1 if $_ eq "no-static-engine";
+ $no_static_engine=0 if $_ eq "enable-static-engine";
+ $do_update=1 if $_ eq "update";
+ $do_rewrite=1 if $_ eq "rewrite";
+ $do_ctest=1 if $_ eq "ctest";
+ $do_ctestall=1 if $_ eq "ctestall";
+ $do_checkexist=1 if $_ eq "exist";
+ #$safe_stack_def=1 if $_ eq "-DDEBUG_SAFESTACK";
+
+ if (/^no-rc2$/) { $no_rc2=1; }
+ elsif (/^no-rc4$/) { $no_rc4=1; }
+ elsif (/^no-rc5$/) { $no_rc5=1; }
+ elsif (/^no-idea$/) { $no_idea=1; }
+ elsif (/^no-des$/) { $no_des=1; $no_mdc2=1; }
+ elsif (/^no-bf$/) { $no_bf=1; }
+ elsif (/^no-cast$/) { $no_cast=1; }
+ elsif (/^no-whirlpool$/) { $no_whirlpool=1; }
+ elsif (/^no-md2$/) { $no_md2=1; }
+ elsif (/^no-md4$/) { $no_md4=1; }
+ elsif (/^no-md5$/) { $no_md5=1; }
+ elsif (/^no-sha$/) { $no_sha=1; }
+ elsif (/^no-ripemd$/) { $no_ripemd=1; }
+ elsif (/^no-mdc2$/) { $no_mdc2=1; }
+ elsif (/^no-rsa$/) { $no_rsa=1; }
+ elsif (/^no-dsa$/) { $no_dsa=1; }
+ elsif (/^no-dh$/) { $no_dh=1; }
+ elsif (/^no-ec$/) { $no_ec=1; }
+ elsif (/^no-ecdsa$/) { $no_ecdsa=1; }
+ elsif (/^no-ecdh$/) { $no_ecdh=1; }
+ elsif (/^no-hmac$/) { $no_hmac=1; }
+ elsif (/^no-aes$/) { $no_aes=1; }
+ elsif (/^no-camellia$/) { $no_camellia=1; }
+ elsif (/^no-seed$/) { $no_seed=1; }
+ elsif (/^no-evp$/) { $no_evp=1; }
+ elsif (/^no-lhash$/) { $no_lhash=1; }
+ elsif (/^no-stack$/) { $no_stack=1; }
+ elsif (/^no-err$/) { $no_err=1; }
+ elsif (/^no-buffer$/) { $no_buffer=1; }
+ elsif (/^no-bio$/) { $no_bio=1; }
+ #elsif (/^no-locking$/) { $no_locking=1; }
+ elsif (/^no-comp$/) { $no_comp=1; }
+ elsif (/^no-dso$/) { $no_dso=1; }
+ elsif (/^no-krb5$/) { $no_krb5=1; }
+ elsif (/^no-engine$/) { $no_engine=1; }
+ elsif (/^no-hw$/) { $no_hw=1; }
+ elsif (/^no-gmp$/) { $no_gmp=1; }
+ elsif (/^no-rfc3779$/) { $no_rfc3779=1; }
+ elsif (/^no-tlsext$/) { $no_tlsext=1; }
+ elsif (/^no-cms$/) { $no_cms=1; }
+ elsif (/^no-ec2m$/) { $no_ec2m=1; }
+ elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
+ elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
+ elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl2-method$/) { $no_ssl2_method=1; }
+ elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
+ elsif (/^no-capieng$/) { $no_capieng=1; }
+ elsif (/^no-jpake$/) { $no_jpake=1; }
+ elsif (/^no-srp$/) { $no_srp=1; }
+ elsif (/^no-sctp$/) { $no_sctp=1; }
+ elsif (/^no-srtp$/) { $no_srtp=1; }
+ elsif (/^no-unit-test$/){ $no_unit_test=1; }
+ }
+
+
+if (!$libname) {
+ if ($do_ssl) {
+ $libname="SSLEAY";
+ }
+ if ($do_crypto) {
+ $libname="LIBEAY";
+ }
+}
+
+# If no platform is given, assume WIN32
+if ($W32 + $W16 + $VMS + $OS2 == 0) {
+ $W32 = 1;
+}
+
+# Add extra knowledge
+if ($W16) {
+ $no_fp_api=1;
+}
+
+if (!$do_ssl && !$do_crypto)
+ {
+ print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n";
+ exit(1);
+ }
+
+%ssl_list=&load_numbers($ssl_num);
+$max_ssl = $max_num;
+%crypto_list=&load_numbers($crypto_num);
+$max_crypto = $max_num;
+
+my $ssl="ssl/ssl.h";
+$ssl.=" ssl/kssl.h";
+$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
+
+my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
+$crypto.=" crypto/o_dir.h";
+$crypto.=" crypto/o_str.h";
+$crypto.=" crypto/o_time.h";
+$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
+$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
+$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
+$crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5;
+$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
+$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
+$crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
+$crypto.=" crypto/whrlpool/whrlpool.h" ;
+$crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
+$crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
+$crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
+$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
+$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
+$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
+$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
+$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
+$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
+
+$crypto.=" crypto/bn/bn.h";
+$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
+$crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa;
+$crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
+$crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
+$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
+$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
+$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
+$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac;
+
+$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
+$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
+$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer;
+$crypto.=" crypto/bio/bio.h" ; # unless $no_bio;
+$crypto.=" crypto/dso/dso.h" ; # unless $no_dso;
+$crypto.=" crypto/lhash/lhash.h" ; # unless $no_lhash;
+$crypto.=" crypto/conf/conf.h";
+$crypto.=" crypto/txt_db/txt_db.h";
+
+$crypto.=" crypto/evp/evp.h" ; # unless $no_evp;
+$crypto.=" crypto/objects/objects.h";
+$crypto.=" crypto/pem/pem.h";
+#$crypto.=" crypto/meth/meth.h";
+$crypto.=" crypto/asn1/asn1.h";
+$crypto.=" crypto/asn1/asn1t.h";
+$crypto.=" crypto/asn1/asn1_mac.h";
+$crypto.=" crypto/err/err.h" ; # unless $no_err;
+$crypto.=" crypto/pkcs7/pkcs7.h";
+$crypto.=" crypto/pkcs12/pkcs12.h";
+$crypto.=" crypto/x509/x509.h";
+$crypto.=" crypto/x509/x509_vfy.h";
+$crypto.=" crypto/x509v3/x509v3.h";
+$crypto.=" crypto/ts/ts.h";
+$crypto.=" crypto/rand/rand.h";
+$crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
+$crypto.=" crypto/ocsp/ocsp.h";
+$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
+$crypto.=" crypto/krb5/krb5_asn.h";
+#$crypto.=" crypto/store/store.h";
+$crypto.=" crypto/pqueue/pqueue.h";
+$crypto.=" crypto/cms/cms.h";
+$crypto.=" crypto/jpake/jpake.h";
+$crypto.=" crypto/modes/modes.h";
+$crypto.=" crypto/srp/srp.h";
+
+my $symhacks="crypto/symhacks.h";
+
+my @ssl_symbols = &do_defs("SSLEAY", $ssl, $symhacks);
+my @crypto_symbols = &do_defs("LIBEAY", $crypto, $symhacks);
+
+if ($do_update) {
+
+if ($do_ssl == 1) {
+
+ &maybe_add_info("SSLEAY",*ssl_list, at ssl_symbols);
+ if ($do_rewrite == 1) {
+ open(OUT, ">$ssl_num");
+ &rewrite_numbers(*OUT,"SSLEAY",*ssl_list, at ssl_symbols);
+ } else {
+ open(OUT, ">>$ssl_num");
+ }
+ &update_numbers(*OUT,"SSLEAY",*ssl_list,$max_ssl, at ssl_symbols);
+ close OUT;
+}
+
+if($do_crypto == 1) {
+
+ &maybe_add_info("LIBEAY",*crypto_list, at crypto_symbols);
+ if ($do_rewrite == 1) {
+ open(OUT, ">$crypto_num");
+ &rewrite_numbers(*OUT,"LIBEAY",*crypto_list, at crypto_symbols);
+ } else {
+ open(OUT, ">>$crypto_num");
+ }
+ &update_numbers(*OUT,"LIBEAY",*crypto_list,$max_crypto, at crypto_symbols);
+ close OUT;
+}
+
+} elsif ($do_checkexist) {
+ &check_existing(*ssl_list, @ssl_symbols)
+ if $do_ssl == 1;
+ &check_existing(*crypto_list, @crypto_symbols)
+ if $do_crypto == 1;
+} elsif ($do_ctest || $do_ctestall) {
+
+ print <<"EOF";
+
+/* Test file to check all DEF file symbols are present by trying
+ * to link to all of them. This is *not* intended to be run!
+ */
+
+int main()
+{
+EOF
+ &print_test_file(*STDOUT,"SSLEAY",*ssl_list,$do_ctestall, at ssl_symbols)
+ if $do_ssl == 1;
+
+ &print_test_file(*STDOUT,"LIBEAY",*crypto_list,$do_ctestall, at crypto_symbols)
+ if $do_crypto == 1;
+
+ print "}\n";
+
+} else {
+
+ &print_def_file(*STDOUT,$libname,*ssl_list, at ssl_symbols)
+ if $do_ssl == 1;
+
+ &print_def_file(*STDOUT,$libname,*crypto_list, at crypto_symbols)
+ if $do_crypto == 1;
+
+}
+
+
+sub do_defs
+{
+ my($name,$files,$symhacksfile)=@_;
+ my $file;
+ my @ret;
+ my %syms;
+ my %platform; # For anything undefined, we assume ""
+ my %kind; # For anything undefined, we assume "FUNCTION"
+ my %algorithm; # For anything undefined, we assume ""
+ my %variant;
+ my %variant_cnt; # To be able to allocate "name{n}" if "name"
+ # is the same name as the original.
+ my $cpp;
+ my %unknown_algorithms = ();
+
+ foreach $file (split(/\s+/,$symhacksfile." ".$files))
+ {
+ print STDERR "DEBUG: starting on $file:\n" if $debug;
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ my $line = "", my $def= "";
+ my %tag = (
+ (map { $_ => 0 } @known_platforms),
+ (map { "OPENSSL_SYS_".$_ => 0 } @known_ossl_platforms),
+ (map { "OPENSSL_NO_".$_ => 0 } @known_algorithms),
+ NOPROTO => 0,
+ PERL5 => 0,
+ _WINDLL => 0,
+ CONST_STRICT => 0,
+ TRUE => 1,
+ );
+ my $symhacking = $file eq $symhacksfile;
+ my @current_platforms = ();
+ my @current_algorithms = ();
+
+ # params: symbol, alias, platforms, kind
+ # The reason to put this subroutine in a variable is that
+ # it will otherwise create it's own, unshared, version of
+ # %tag and %variant...
+ my $make_variant = sub
+ {
+ my ($s, $a, $p, $k) = @_;
+ my ($a1, $a2);
+
+ print STDERR "DEBUG: make_variant: Entered with ",$s,", ",$a,", ",(defined($p)?$p:""),", ",(defined($k)?$k:""),"\n" if $debug;
+ if (defined($p))
+ {
+ $a1 = join(",",$p,
+ grep(!/^$/,
+ map { $tag{$_} == 1 ? $_ : "" }
+ @known_platforms));
+ }
+ else
+ {
+ $a1 = join(",",
+ grep(!/^$/,
+ map { $tag{$_} == 1 ? $_ : "" }
+ @known_platforms));
+ }
+ $a2 = join(",",
+ grep(!/^$/,
+ map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ : "" }
+ @known_ossl_platforms));
+ print STDERR "DEBUG: make_variant: a1 = $a1; a2 = $a2\n" if $debug;
+ if ($a1 eq "") { $a1 = $a2; }
+ elsif ($a1 ne "" && $a2 ne "") { $a1 .= ",".$a2; }
+ if ($a eq $s)
+ {
+ if (!defined($variant_cnt{$s}))
+ {
+ $variant_cnt{$s} = 0;
+ }
+ $variant_cnt{$s}++;
+ $a .= "{$variant_cnt{$s}}";
+ }
+ my $toadd = $a.":".$a1.(defined($k)?":".$k:"");
+ my $togrep = $s.'(\{[0-9]+\})?:'.$a1.(defined($k)?":".$k:"");
+ if (!grep(/^$togrep$/,
+ split(/;/, defined($variant{$s})?$variant{$s}:""))) {
+ if (defined($variant{$s})) { $variant{$s} .= ";"; }
+ $variant{$s} .= $toadd;
+ }
+ print STDERR "DEBUG: make_variant: Exit with variant of ",$s," = ",$variant{$s},"\n" if $debug;
+ };
+
+ print STDERR "DEBUG: parsing ----------\n" if $debug;
+ while(<IN>) {
+ if (/\/\* Error codes for the \w+ functions\. \*\//)
+ {
+ undef @tag;
+ last;
+ }
+ if ($line ne '') {
+ $_ = $line . $_;
+ $line = '';
+ }
+
+ if (/\\$/) {
+ chomp; # remove eol
+ chop; # remove ending backslash
+ $line = $_;
+ next;
+ }
+
+ if(/\/\*/) {
+ if (not /\*\//) { # multiline comment...
+ $line = $_; # ... just accumulate
+ next;
+ } else {
+ s/\/\*.*?\*\///gs;# wipe it
+ }
+ }
+
+ if ($cpp) {
+ $cpp++ if /^#\s*if/;
+ $cpp-- if /^#\s*endif/;
+ next;
+ }
+ $cpp = 1 if /^#.*ifdef.*cplusplus/;
+
+ s/{[^{}]*}//gs; # ignore {} blocks
+ print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne "";
+ print STDERR "DEBUG: \$_=\"$_\"\n" if $debug;
+ if (/^\#\s*ifndef\s+(.*)/) {
+ push(@tag,"-");
+ push(@tag,$1);
+ $tag{$1}=-1;
+ print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
+ } elsif (/^\#\s*if\s+!defined\(([^\)]+)\)/) {
+ push(@tag,"-");
+ if (/^\#\s*if\s+(!defined\(([^\)]+)\)(\s+\&\&\s+!defined\(([^\)]+)\))*)$/) {
+ my $tmp_1 = $1;
+ my $tmp_;
+ foreach $tmp_ (split '\&\&',$tmp_1) {
+ $tmp_ =~ /!defined\(([^\)]+)\)/;
+ print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
+ push(@tag,$1);
+ $tag{$1}=-1;
+ }
+ } else {
+ print STDERR "Warning: $file: complicated expression: $_" if $debug; # because it is O...
+ print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
+ push(@tag,$1);
+ $tag{$1}=-1;
+ }
+ } elsif (/^\#\s*ifdef\s+(\S*)/) {
+ push(@tag,"-");
+ push(@tag,$1);
+ $tag{$1}=1;
+ print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
+ } elsif (/^\#\s*if\s+defined\(([^\)]+)\)/) {
+ push(@tag,"-");
+ if (/^\#\s*if\s+(defined\(([^\)]+)\)(\s+\|\|\s+defined\(([^\)]+)\))*)$/) {
+ my $tmp_1 = $1;
+ my $tmp_;
+ foreach $tmp_ (split '\|\|',$tmp_1) {
+ $tmp_ =~ /defined\(([^\)]+)\)/;
+ print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
+ push(@tag,$1);
+ $tag{$1}=1;
+ }
+ } else {
+ print STDERR "Warning: $file: complicated expression: $_\n" if $debug; # because it is O...
+ print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
+ push(@tag,$1);
+ $tag{$1}=1;
+ }
+ } elsif (/^\#\s*error\s+(\w+) is disabled\./) {
+ my $tag_i = $#tag;
+ while($tag[$tag_i] ne "-") {
+ if ($tag[$tag_i] eq "OPENSSL_NO_".$1) {
+ $tag{$tag[$tag_i]}=2;
+ print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
+ }
+ $tag_i--;
+ }
+ } elsif (/^\#\s*endif/) {
+ my $tag_i = $#tag;
+ while($tag_i > 0 && $tag[$tag_i] ne "-") {
+ my $t=$tag[$tag_i];
+ print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
+ if ($tag{$t}==2) {
+ $tag{$t}=-1;
+ } else {
+ $tag{$t}=0;
+ }
+ print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
+ pop(@tag);
+ if ($t =~ /^OPENSSL_NO_([A-Z0-9_]+)$/) {
+ $t=$1;
+ } else {
+ $t="";
+ }
+ if ($t ne ""
+ && !grep(/^$t$/, @known_algorithms)) {
+ $unknown_algorithms{$t} = 1;
+ #print STDERR "DEBUG: Added as unknown algorithm: $t\n" if $debug;
+ }
+ $tag_i--;
+ }
+ pop(@tag);
+ } elsif (/^\#\s*else/) {
+ my $tag_i = $#tag;
+ while($tag[$tag_i] ne "-") {
+ my $t=$tag[$tag_i];
+ $tag{$t}= -$tag{$t};
+ print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
+ $tag_i--;
+ }
+ } elsif (/^\#\s*if\s+1/) {
+ push(@tag,"-");
+ # Dummy tag
+ push(@tag,"TRUE");
+ $tag{"TRUE"}=1;
+ print STDERR "DEBUG: $file: found 1\n" if $debug;
+ } elsif (/^\#\s*if\s+0/) {
+ push(@tag,"-");
+ # Dummy tag
+ push(@tag,"TRUE");
+ $tag{"TRUE"}=-1;
+ print STDERR "DEBUG: $file: found 0\n" if $debug;
+ } elsif (/^\#\s*define\s+(\w+)\s+(\w+)/
+ && $symhacking && $tag{'TRUE'} != -1) {
+ # This is for aliasing. When we find an alias,
+ # we have to invert
+ &$make_variant($1,$2);
+ print STDERR "DEBUG: $file: defined $1 = $2\n" if $debug;
+ }
+ if (/^\#/) {
+ @current_platforms =
+ grep(!/^$/,
+ map { $tag{$_} == 1 ? $_ :
+ $tag{$_} == -1 ? "!".$_ : "" }
+ @known_platforms);
+ push @current_platforms
+ , grep(!/^$/,
+ map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ :
+ $tag{"OPENSSL_SYS_".$_} == -1 ? "!".$_ : "" }
+ @known_ossl_platforms);
+ @current_algorithms =
+ grep(!/^$/,
+ map { $tag{"OPENSSL_NO_".$_} == -1 ? $_ : "" }
+ @known_algorithms);
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ next;
+ }
+ if ($tag{'TRUE'} != -1) {
+ if (/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
+ next;
+ } elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+ $def .= "int d2i_$3(void);";
+ $def .= "int i2d_$3(void);";
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int $2_it;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("$2_it","$2_it",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ next;
+ } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_fname\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+ $def .= "int d2i_$3(void);";
+ $def .= "int i2d_$3(void);";
+ $def .= "int $3_free(void);";
+ $def .= "int $3_new(void);";
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int $2_it;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("$2_it","$2_it",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ next;
+ } elsif (/^\s*DECLARE_ASN1_FUNCTIONS\s*\(\s*(\w*)\s*\)/ ||
+ /^\s*DECLARE_ASN1_FUNCTIONS_const\s*\(\s*(\w*)\s*\)/) {
+ $def .= "int d2i_$1(void);";
+ $def .= "int i2d_$1(void);";
+ $def .= "int $1_free(void);";
+ $def .= "int $1_new(void);";
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int $1_it;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("$1_it","$1_it",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ next;
+ } elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS_const\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+ $def .= "int d2i_$2(void);";
+ $def .= "int i2d_$2(void);";
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int $2_it;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("$2_it","$2_it",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ next;
+ } elsif (/^\s*DECLARE_ASN1_ALLOC_FUNCTIONS\s*\(\s*(\w*)\s*\)/) {
+ $def .= "int $1_free(void);";
+ $def .= "int $1_new(void);";
+ next;
+ } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+ $def .= "int d2i_$2(void);";
+ $def .= "int i2d_$2(void);";
+ $def .= "int $2_free(void);";
+ $def .= "int $2_new(void);";
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int $2_it;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("$2_it","$2_it",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ next;
+ } elsif (/^\s*DECLARE_ASN1_ITEM\s*\(\s*(\w*)\s*\)/) {
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int $1_it;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("$1_it","$1_it",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ next;
+ } elsif (/^\s*DECLARE_ASN1_NDEF_FUNCTION\s*\(\s*(\w*)\s*\)/) {
+ $def .= "int i2d_$1_NDEF(void);";
+ } elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
+ next;
+ } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION\s*\(\s*(\w*)\s*\)/) {
+ $def .= "int $1_print_ctx(void);";
+ next;
+ } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+ $def .= "int $2_print_ctx(void);";
+ next;
+ } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) {
+ next;
+ } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ ||
+ /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ||
+ /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) {
+ # Things not in Win16
+ $def .=
+ "#INFO:"
+ .join(',',"!WIN16", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "int PEM_read_$1(void);";
+ $def .= "int PEM_write_$1(void);";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Things that are everywhere
+ $def .= "int PEM_read_bio_$1(void);";
+ $def .= "int PEM_write_bio_$1(void);";
+ next;
+ } elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ ||
+ /^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) {
+ # Things not in Win16
+ $def .=
+ "#INFO:"
+ .join(',',"!WIN16", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "int PEM_write_$1(void);";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Things that are everywhere
+ $def .= "int PEM_write_bio_$1(void);";
+ next;
+ } elsif (/^DECLARE_PEM_read\s*\(\s*(\w*)\s*,/ ||
+ /^DECLARE_PEM_read_cb\s*\(\s*(\w*)\s*,/ ) {
+ # Things not in Win16
+ $def .=
+ "#INFO:"
+ .join(',',"!WIN16", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "int PEM_read_$1(void);";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Things that are everywhere
+ $def .= "int PEM_read_bio_$1(void);";
+ next;
+ } elsif (/^OPENSSL_DECLARE_GLOBAL\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+ # Variant for platforms that do not
+ # have to access globale variables
+ # in shared libraries through functions
+ $def .=
+ "#INFO:"
+ .join(',',"!EXPORT_VAR_AS_FUNCTION", at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ $def .= "OPENSSL_EXTERN int _shadow_$2;";
+ $def .=
+ "#INFO:"
+ .join(',', at current_platforms).":"
+ .join(',', at current_algorithms).";";
+ # Variant for platforms that have to
+ # access globale variables in shared
+ # libraries through functions
+ &$make_variant("_shadow_$2","_shadow_$2",
+ "EXPORT_VAR_AS_FUNCTION",
+ "FUNCTION");
+ } elsif ($tag{'CONST_STRICT'} != 1) {
+ if (/\{|\/\*|\([^\)]*$/) {
+ $line = $_;
+ } else {
+ $def .= $_;
+ }
+ }
+ }
+ }
+ close(IN);
+
+ my $algs;
+ my $plays;
+
+ print STDERR "DEBUG: postprocessing ----------\n" if $debug;
+ foreach (split /;/, $def) {
+ my $s; my $k = "FUNCTION"; my $p; my $a;
+ s/^[\n\s]*//g;
+ s/[\n\s]*$//g;
+ next if(/\#undef/);
+ next if(/typedef\W/);
+ next if(/\#define/);
+
+ # Reduce argument lists to empty ()
+ # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
+ while(/\(.*\)/s) {
+ s/\([^\(\)]+\)/\{\}/gs;
+ s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs; #(*f{}) -> f
+ }
+ # pretend as we didn't use curly braces: {} -> ()
+ s/\{\}/\(\)/gs;
+
+ s/STACK_OF\(\)/void/gs;
+ s/LHASH_OF\(\)/void/gs;
+
+ print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
+ if (/^\#INFO:([^:]*):(.*)$/) {
+ $plats = $1;
+ $algs = $2;
+ print STDERR "DEBUG: found info on platforms ($plats) and algorithms ($algs)\n" if $debug;
+ next;
+ } elsif (/^\s*OPENSSL_EXTERN\s.*?(\w+(\{[0-9]+\})?)(\[[0-9]*\])*\s*$/) {
+ $s = $1;
+ $k = "VARIABLE";
+ print STDERR "DEBUG: found external variable $s\n" if $debug;
+ } elsif (/TYPEDEF_\w+_OF/s) {
+ next;
+ } elsif (/(\w+)\s*\(\).*/s) { # first token prior [first] () is
+ $s = $1; # a function name!
+ print STDERR "DEBUG: found function $s\n" if $debug;
+ } elsif (/\(/ and not (/=/)) {
+ print STDERR "File $file: cannot parse: $_;\n";
+ next;
+ } else {
+ next;
+ }
+
+ $syms{$s} = 1;
+ $kind{$s} = $k;
+
+ $p = $plats;
+ $a = $algs;
+ $a .= ",BF" if($s =~ /EVP_bf/);
+ $a .= ",CAST" if($s =~ /EVP_cast/);
+ $a .= ",DES" if($s =~ /EVP_des/);
+ $a .= ",DSA" if($s =~ /EVP_dss/);
+ $a .= ",IDEA" if($s =~ /EVP_idea/);
+ $a .= ",MD2" if($s =~ /EVP_md2/);
+ $a .= ",MD4" if($s =~ /EVP_md4/);
+ $a .= ",MD5" if($s =~ /EVP_md5/);
+ $a .= ",RC2" if($s =~ /EVP_rc2/);
+ $a .= ",RC4" if($s =~ /EVP_rc4/);
+ $a .= ",RC5" if($s =~ /EVP_rc5/);
+ $a .= ",RIPEMD" if($s =~ /EVP_ripemd/);
+ $a .= ",SHA" if($s =~ /EVP_sha/);
+ $a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/);
+ $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
+ $a .= ",RSA" if($s =~ /RSAPrivateKey/);
+ $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
+
+ $platform{$s} =
+ &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
+ $algorithm{$s} .= ','.$a;
+
+ if (defined($variant{$s})) {
+ foreach $v (split /;/,$variant{$s}) {
+ (my $r, my $p, my $k) = split(/:/,$v);
+ my $ip = join ',',map({ /^!(.*)$/ ? $1 : "!".$_ } split /,/, $p);
+ $syms{$r} = 1;
+ if (!defined($k)) { $k = $kind{$s}; }
+ $kind{$r} = $k."(".$s.")";
+ $algorithm{$r} = $algorithm{$s};
+ $platform{$r} = &reduce_platforms($platform{$s}.",".$p.",".$p);
+ $platform{$s} = &reduce_platforms($platform{$s}.','.$ip.','.$ip);
+ print STDERR "DEBUG: \$variant{\"$s\"} = ",$v,"; \$r = $r; \$p = ",$platform{$r},"; \$a = ",$algorithm{$r},"; \$kind = ",$kind{$r},"\n" if $debug;
+ }
+ }
+ print STDERR "DEBUG: \$s = $s; \$p = ",$platform{$s},"; \$a = ",$algorithm{$s},"; \$kind = ",$kind{$s},"\n" if $debug;
+ }
+ }
+
+ # Prune the returned symbols
+
+ delete $syms{"bn_dump1"};
+ $platform{"BIO_s_log"} .= ",!WIN32,!WIN16,!macintosh";
+
+ $platform{"PEM_read_NS_CERT_SEQ"} = "VMS";
+ $platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
+ $platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
+ $platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
+ $platform{"EVP_sha384"} = "!VMSVAX";
+ $platform{"EVP_sha512"} = "!VMSVAX";
+ $platform{"SHA384_Init"} = "!VMSVAX";
+ $platform{"SHA384_Transform"} = "!VMSVAX";
+ $platform{"SHA384_Update"} = "!VMSVAX";
+ $platform{"SHA384_Final"} = "!VMSVAX";
+ $platform{"SHA384"} = "!VMSVAX";
+ $platform{"SHA512_Init"} = "!VMSVAX";
+ $platform{"SHA512_Transform"} = "!VMSVAX";
+ $platform{"SHA512_Update"} = "!VMSVAX";
+ $platform{"SHA512_Final"} = "!VMSVAX";
+ $platform{"SHA512"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_Init"} = "!VMSVAX";
+ $platform{"WHIRLPOOL"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_BitUpdate"} = "!VMSVAX";
+ $platform{"EVP_whirlpool"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_Final"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_Update"} = "!VMSVAX";
+
+
+ # Info we know about
+
+ push @ret, map { $_."\\".&info_string($_,"EXIST",
+ $platform{$_},
+ $kind{$_},
+ $algorithm{$_}) } keys %syms;
+
+ if (keys %unknown_algorithms) {
+ print STDERR "WARNING: mkdef.pl doesn't know the following algorithms:\n";
+ print STDERR "\t",join("\n\t",keys %unknown_algorithms),"\n";
+ }
+ return(@ret);
+}
+
+# Param: string of comma-separated platform-specs.
+sub reduce_platforms
+{
+ my ($platforms) = @_;
+ my $pl = defined($platforms) ? $platforms : "";
+ my %p = map { $_ => 0 } split /,/, $pl;
+ my $ret;
+
+ print STDERR "DEBUG: Entered reduce_platforms with \"$platforms\"\n"
+ if $debug;
+ # We do this, because if there's code like the following, it really
+ # means the function exists in all cases and should therefore be
+ # everywhere. By increasing and decreasing, we may attain 0:
+ #
+ # ifndef WIN16
+ # int foo();
+ # else
+ # int _fat foo();
+ # endif
+ foreach $platform (split /,/, $pl) {
+ if ($platform =~ /^!(.*)$/) {
+ $p{$1}--;
+ } else {
+ $p{$platform}++;
+ }
+ }
+ foreach $platform (keys %p) {
+ if ($p{$platform} == 0) { delete $p{$platform}; }
+ }
+
+ delete $p{""};
+
+ $ret = join(',',sort(map { $p{$_} < 0 ? "!".$_ : $_ } keys %p));
+ print STDERR "DEBUG: Exiting reduce_platforms with \"$ret\"\n"
+ if $debug;
+ return $ret;
+}
+
+sub info_string {
+ (my $symbol, my $exist, my $platforms, my $kind, my $algorithms) = @_;
+
+ my %a = defined($algorithms) ?
+ map { $_ => 1 } split /,/, $algorithms : ();
+ my $k = defined($kind) ? $kind : "FUNCTION";
+ my $ret;
+ my $p = &reduce_platforms($platforms);
+
+ delete $a{""};
+
+ $ret = $exist;
+ $ret .= ":".$p;
+ $ret .= ":".$k;
+ $ret .= ":".join(',',sort keys %a);
+ return $ret;
+}
+
+sub maybe_add_info {
+ (my $name, *nums, my @symbols) = @_;
+ my $sym;
+ my $new_info = 0;
+ my %syms=();
+
+ print STDERR "Updating $name info\n";
+ foreach $sym (@symbols) {
+ (my $s, my $i) = split /\\/, $sym;
+ if (defined($nums{$s})) {
+ $i =~ s/^(.*?:.*?:\w+)(\(\w+\))?/$1/;
+ (my $n, my $dummy) = split /\\/, $nums{$s};
+ if (!defined($dummy) || $i ne $dummy) {
+ $nums{$s} = $n."\\".$i;
+ $new_info++;
+ print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n" if $debug;
+ }
+ }
+ $syms{$s} = 1;
+ }
+
+ my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums;
+ foreach $sym (@s) {
+ (my $n, my $i) = split /\\/, $nums{$sym};
+ if (!defined($syms{$sym}) && $i !~ /^NOEXIST:/) {
+ $new_info++;
+ print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n" if $debug;
+ }
+ }
+ if ($new_info) {
+ print STDERR "$new_info old symbols got an info update\n";
+ if (!$do_rewrite) {
+ print STDERR "You should do a rewrite to fix this.\n";
+ }
+ } else {
+ print STDERR "No old symbols needed info update\n";
+ }
+}
+
+# Param: string of comma-separated keywords, each possibly prefixed with a "!"
+sub is_valid
+{
+ my ($keywords_txt,$platforms) = @_;
+ my (@keywords) = split /,/,$keywords_txt;
+ my ($falsesum, $truesum) = (0, 1);
+
+ # Param: one keyword
+ sub recognise
+ {
+ my ($keyword,$platforms) = @_;
+
+ if ($platforms) {
+ # platforms
+ if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; }
+ if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; }
+ if ($keyword eq "VMS" && $VMS) { return 1; }
+ if ($keyword eq "WIN32" && $W32) { return 1; }
+ if ($keyword eq "WIN16" && $W16) { return 1; }
+ if ($keyword eq "WINNT" && $NT) { return 1; }
+ if ($keyword eq "OS2" && $OS2) { return 1; }
+ # Special platforms:
+ # EXPORT_VAR_AS_FUNCTION means that global variables
+ # will be represented as functions. This currently
+ # only happens on VMS-VAX.
+ if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
+ return 1;
+ }
+ if ($keyword eq "OPENSSL_FIPS" && $fips) {
+ return 1;
+ }
+ if ($keyword eq "ZLIB" && $zlib) { return 1; }
+ return 0;
+ } else {
+ # algorithms
+ if ($keyword eq "RC2" && $no_rc2) { return 0; }
+ if ($keyword eq "RC4" && $no_rc4) { return 0; }
+ if ($keyword eq "RC5" && $no_rc5) { return 0; }
+ if ($keyword eq "IDEA" && $no_idea) { return 0; }
+ if ($keyword eq "DES" && $no_des) { return 0; }
+ if ($keyword eq "BF" && $no_bf) { return 0; }
+ if ($keyword eq "CAST" && $no_cast) { return 0; }
+ if ($keyword eq "MD2" && $no_md2) { return 0; }
+ if ($keyword eq "MD4" && $no_md4) { return 0; }
+ if ($keyword eq "MD5" && $no_md5) { return 0; }
+ if ($keyword eq "SHA" && $no_sha) { return 0; }
+ if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; }
+ if ($keyword eq "MDC2" && $no_mdc2) { return 0; }
+ if ($keyword eq "WHIRLPOOL" && $no_whirlpool) { return 0; }
+ if ($keyword eq "RSA" && $no_rsa) { return 0; }
+ if ($keyword eq "DSA" && $no_dsa) { return 0; }
+ if ($keyword eq "DH" && $no_dh) { return 0; }
+ if ($keyword eq "EC" && $no_ec) { return 0; }
+ if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; }
+ if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
+ if ($keyword eq "HMAC" && $no_hmac) { return 0; }
+ if ($keyword eq "AES" && $no_aes) { return 0; }
+ if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
+ if ($keyword eq "SEED" && $no_seed) { return 0; }
+ if ($keyword eq "EVP" && $no_evp) { return 0; }
+ if ($keyword eq "LHASH" && $no_lhash) { return 0; }
+ if ($keyword eq "STACK" && $no_stack) { return 0; }
+ if ($keyword eq "ERR" && $no_err) { return 0; }
+ if ($keyword eq "BUFFER" && $no_buffer) { return 0; }
+ if ($keyword eq "BIO" && $no_bio) { return 0; }
+ if ($keyword eq "COMP" && $no_comp) { return 0; }
+ if ($keyword eq "DSO" && $no_dso) { return 0; }
+ if ($keyword eq "KRB5" && $no_krb5) { return 0; }
+ if ($keyword eq "ENGINE" && $no_engine) { return 0; }
+ if ($keyword eq "HW" && $no_hw) { return 0; }
+ if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
+ if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }
+ if ($keyword eq "GMP" && $no_gmp) { return 0; }
+ if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
+ if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
+ if ($keyword eq "PSK" && $no_psk) { return 0; }
+ if ($keyword eq "CMS" && $no_cms) { return 0; }
+ if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
+ if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
+ if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+ { return 0; }
+ if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+ if ($keyword eq "SSL2_METHOD" && $no_ssl2_method) { return 0; }
+ if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
+ if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
+ if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+ if ($keyword eq "SRP" && $no_srp) { return 0; }
+ if ($keyword eq "SCTP" && $no_sctp) { return 0; }
+ if ($keyword eq "SRTP" && $no_srtp) { return 0; }
+ if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
+ if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
+
+ # Nothing recognise as true
+ return 1;
+ }
+ }
+
+ foreach $k (@keywords) {
+ if ($k =~ /^!(.*)$/) {
+ $falsesum += &recognise($1,$platforms);
+ } else {
+ $truesum *= &recognise($k,$platforms);
+ }
+ }
+ print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
+ return (!$falsesum) && $truesum;
+}
+
+sub print_test_file
+{
+ (*OUT,my $name,*nums,my $testall,my @symbols)=@_;
+ my $n = 1; my @e; my @r;
+ my $sym; my $prev = ""; my $prefSSLeay;
+
+ (@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/, at symbols);
+ (@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:.*/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/, at symbols);
+ @symbols=((sort @e),(sort @r));
+
+ foreach $sym (@symbols) {
+ (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+ my $v = 0;
+ $v = 1 if $i=~ /^.*?:.*?:VARIABLE/;
+ my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
+ my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
+ if (!defined($nums{$s})) {
+ print STDERR "Warning: $s does not have a number assigned\n"
+ if(!$do_update);
+ } elsif (is_valid($p,1) && is_valid($a,0)) {
+ my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
+ if ($prev eq $s2) {
+ print OUT "\t/* The following has already appeared previously */\n";
+ print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
+ }
+ $prev = $s2; # To warn about duplicates...
+
+ ($nn,$ni)=($nums{$s2} =~ /^(.*?)\\(.*)$/);
+ if ($v) {
+ print OUT "\textern int $s2; /* type unknown */ /* $nn $ni */\n";
+ } else {
+ print OUT "\textern int $s2(); /* type unknown */ /* $nn $ni */\n";
+ }
+ }
+ }
+}
+
+sub get_version {
+ local *MF;
+ my $v = '?';
+ open MF, 'Makefile' or return $v;
+ while (<MF>) {
+ $v = $1, last if /^VERSION=(.*?)\s*$/;
+ }
+ close MF;
+ return $v;
+}
+
+sub print_def_file
+{
+ (*OUT,my $name,*nums,my @symbols)=@_;
+ my $n = 1; my @e; my @r; my @v; my $prev="";
+ my $liboptions="";
+ my $libname = $name;
+ my $http_vendor = 'www.openssl.org/';
+ my $version = get_version();
+ my $what = "OpenSSL: implementation of Secure Socket Layer";
+ my $description = "$what $version, $name - http://$http_vendor";
+
+ if ($W32)
+ { $libname.="32"; }
+ elsif ($W16)
+ { $libname.="16"; }
+ elsif ($OS2)
+ { # DLL names should not clash on the whole system.
+ # However, they should not have any particular relationship
+ # to the name of the static library. Chose descriptive names
+ # (must be at most 8 chars).
+ my %translate = (ssl => 'open_ssl', crypto => 'cryptssl');
+ $libname = $translate{$name} || $name;
+ $liboptions = <<EOO;
+INITINSTANCE
+DATA MULTIPLE NONSHARED
+EOO
+ # Vendor field can't contain colon, drat; so we omit http://
+ $description = "\@#$http_vendor:$version#\@$what; DLL for library $name. Build for EMX -Zmtd";
+ }
+
+ print OUT <<"EOF";
+;
+; Definition file for the DLL version of the $name library from OpenSSL
+;
+
+LIBRARY $libname $liboptions
+
+EOF
+
+ if ($W16) {
+ print <<"EOF";
+CODE PRELOAD MOVEABLE
+DATA PRELOAD MOVEABLE SINGLE
+
+EXETYPE WINDOWS
+
+HEAPSIZE 4096
+STACKSIZE 8192
+
+EOF
+ }
+
+ print "EXPORTS\n";
+
+ (@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/, at symbols);
+ (@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:FUNCTION/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/, at symbols);
+ (@v)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:VARIABLE/, at symbols);
+ @symbols=((sort @e),(sort @r), (sort @v));
+
+
+ foreach $sym (@symbols) {
+ (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+ my $v = 0;
+ $v = 1 if $i =~ /^.*?:.*?:VARIABLE/;
+ if (!defined($nums{$s})) {
+ printf STDERR "Warning: $s does not have a number assigned\n"
+ if(!$do_update);
+ } else {
+ (my $n, my $dummy) = split /\\/, $nums{$s};
+ my %pf = ();
+ my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
+ my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
+ if (is_valid($p,1) && is_valid($a,0)) {
+ my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
+ if ($prev eq $s2) {
+ print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
+ }
+ $prev = $s2; # To warn about duplicates...
+ if($v && !$OS2) {
+ printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n;
+ } else {
+ printf OUT " %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n;
+ }
+ }
+ }
+ }
+ printf OUT "\n";
+}
+
+sub load_numbers
+{
+ my($name)=@_;
+ my(@a,%ret);
+
+ $max_num = 0;
+ $num_noinfo = 0;
+ $prev = "";
+ $prev_cnt = 0;
+
+ open(IN,"<$name") || die "unable to open $name:$!\n";
+ while (<IN>) {
+ chop;
+ s/#.*$//;
+ next if /^\s*$/;
+ @a=split;
+ if (defined $ret{$a[0]}) {
+ # This is actually perfectly OK
+ #print STDERR "Warning: Symbol '",$a[0],"' redefined. old=",$ret{$a[0]},", new=",$a[1],"\n";
+ }
+ if ($max_num > $a[1]) {
+ print STDERR "Warning: Number decreased from ",$max_num," to ",$a[1],"\n";
+ }
+ elsif ($max_num == $a[1]) {
+ # This is actually perfectly OK
+ #print STDERR "Warning: Symbol ",$a[0]," has same number as previous ",$prev,": ",$a[1],"\n";
+ if ($a[0] eq $prev) {
+ $prev_cnt++;
+ $a[0] .= "{$prev_cnt}";
+ }
+ }
+ else {
+ $prev_cnt = 0;
+ }
+ if ($#a < 2) {
+ # Existence will be proven later, in do_defs
+ $ret{$a[0]}=$a[1];
+ $num_noinfo++;
+ } else {
+ $ret{$a[0]}=$a[1]."\\".$a[2]; # \\ is a special marker
+ }
+ $max_num = $a[1] if $a[1] > $max_num;
+ $prev=$a[0];
+ }
+ if ($num_noinfo) {
+ print STDERR "Warning: $num_noinfo symbols were without info.";
+ if ($do_rewrite) {
+ printf STDERR " The rewrite will fix this.\n";
+ } else {
+ printf STDERR " You should do a rewrite to fix this.\n";
+ }
+ }
+ close(IN);
+ return(%ret);
+}
+
+sub parse_number
+{
+ (my $str, my $what) = @_;
+ (my $n, my $i) = split(/\\/,$str);
+ if ($what eq "n") {
+ return $n;
+ } else {
+ return $i;
+ }
+}
+
+sub rewrite_numbers
+{
+ (*OUT,$name,*nums, at symbols)=@_;
+ my $thing;
+
+ print STDERR "Rewriting $name\n";
+
+ my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/, at symbols);
+ my $r; my %r; my %rsyms;
+ foreach $r (@r) {
+ (my $s, my $i) = split /\\/, $r;
+ my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
+ $i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
+ $r{$a} = $s."\\".$i;
+ $rsyms{$s} = 1;
+ }
+
+ my %syms = ();
+ foreach $_ (@symbols) {
+ (my $n, my $i) = split /\\/;
+ $syms{$n} = 1;
+ }
+
+ my @s=sort {
+ &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n")
+ || $a cmp $b
+ } keys %nums;
+ foreach $sym (@s) {
+ (my $n, my $i) = split /\\/, $nums{$sym};
+ next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/;
+ next if defined($rsyms{$sym});
+ print STDERR "DEBUG: rewrite_numbers for sym = ",$sym,": i = ",$i,", n = ",$n,", rsym{sym} = ",$rsyms{$sym},"syms{sym} = ",$syms{$sym},"\n" if $debug;
+ $i="NOEXIST::FUNCTION:"
+ if !defined($i) || $i eq "" || !defined($syms{$sym});
+ my $s2 = $sym;
+ $s2 =~ s/\{[0-9]+\}$//;
+ printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
+ if (exists $r{$sym}) {
+ (my $s, $i) = split /\\/,$r{$sym};
+ my $s2 = $s;
+ $s2 =~ s/\{[0-9]+\}$//;
+ printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
+ }
+ }
+}
+
+sub update_numbers
+{
+ (*OUT,$name,*nums,my $start_num, my @symbols)=@_;
+ my $new_syms = 0;
+
+ print STDERR "Updating $name numbers\n";
+
+ my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/, at symbols);
+ my $r; my %r; my %rsyms;
+ foreach $r (@r) {
+ (my $s, my $i) = split /\\/, $r;
+ my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
+ $i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
+ $r{$a} = $s."\\".$i;
+ $rsyms{$s} = 1;
+ }
+
+ foreach $sym (@symbols) {
+ (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+ next if $i =~ /^.*?:.*?:\w+\(\w+\)/;
+ next if defined($rsyms{$sym});
+ die "ERROR: Symbol $sym had no info attached to it."
+ if $i eq "";
+ if (!exists $nums{$s}) {
+ $new_syms++;
+ my $s2 = $s;
+ $s2 =~ s/\{[0-9]+\}$//;
+ printf OUT "%s%-39s %d\t%s\n","",$s2, ++$start_num,$i;
+ if (exists $r{$s}) {
+ ($s, $i) = split /\\/,$r{$s};
+ $s =~ s/\{[0-9]+\}$//;
+ printf OUT "%s%-39s %d\t%s\n","",$s, $start_num,$i;
+ }
+ }
+ }
+ if($new_syms) {
+ print STDERR "$new_syms New symbols added\n";
+ } else {
+ print STDERR "No New symbols Added\n";
+ }
+}
+
+sub check_existing
+{
+ (*nums, my @symbols)=@_;
+ my %existing; my @remaining;
+ @remaining=();
+ foreach $sym (@symbols) {
+ (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+ $existing{$s}=1;
+ }
+ foreach $sym (keys %nums) {
+ if (!exists $existing{$sym}) {
+ push @remaining, $sym;
+ }
+ }
+ if(@remaining) {
+ print STDERR "The following symbols do not seem to exist:\n";
+ foreach $sym (@remaining) {
+ print STDERR "\t",$sym,"\n";
+ }
+ }
+}
+
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/BC-32.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,139 +0,0 @@
-#!/usr/local/bin/perl
-# Borland C++ builder 3 and 4 -- Janez Jere <jj at void.si>
-#
-
-$ssl= "ssleay32";
-$crypto="libeay32";
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='bcc32';
-$lflags="-ap -Tpe -x -Gn ";
-$mlflags='';
-
-$out_def="out32";
-$tmp_def="tmp32";
-$inc_def="inc32";
-#enable max error messages, disable most common warnings
-$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp -D_timeb=timeb -D_ftime=ftime ";
-if ($debug)
-{
- $cflags.="-Od -y -v -vi- -D_DEBUG";
- $mlflags.=' ';
-}
-else
-{
- $cflags.="-O2 -ff -fp";
-}
-
-$obj='.obj';
-$ofile="-o";
-
-# EXE linking stuff
-$link="ilink32";
-$efile="";
-$exep='.exe';
-if ($no_sock)
- { $ex_libs=""; }
-else { $ex_libs="cw32mt.lib import32.lib crypt32.lib ws2_32.lib"; }
-
-# static library stuff
-$mklib='tlib /P64';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$shlib_ex_obj="";
-$app_ex_obj="c0x32.obj";
-
-$asm=(`nasm -v 2>NUL` ge `nasmw -v 2>NUL`?"nasm":"nasmw")." -f obj -d__omf__";
-$asm.=" -g" if $debug;
-$afile='-o';
-
-$bn_mulw_obj='';
-$bn_mulw_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm)
- {
- $bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
- $bn_mulw_src='crypto\bn\asm\bn_win32.asm';
- $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
- $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
- $bf_enc_obj='crypto\bf\asm\b_win32.obj';
- $bf_enc_src='crypto\bf\asm\b_win32.asm';
- $cast_enc_obj='crypto\cast\asm\c_win32.obj';
- $cast_enc_src='crypto\cast\asm\c_win32.asm';
- $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
- $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
- $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
- $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
- $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
- $md5_asm_src='crypto\md5\asm\m5_win32.asm';
- $sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
- $sha1_asm_src='crypto\sha\asm\s1_win32.asm';
- $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
- $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
- $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
- }
-
-if ($shlib)
- {
- $mlflags.=" $lflags /dll";
-# $cflags =~ s| /MD| /MT|;
- $lib_cflag=" /GD -D_WINDLL -D_DLL";
- $out_def="out32dll";
- $tmp_def="tmp32dll";
- }
-
-sub do_lib_rule
- {
- local($objs,$target,$name,$shlib)=@_;
- local($ret,$Name);
-
- $taget =~ s/\//$o/g if $o ne '/';
- ($Name=$name) =~ tr/a-z/A-Z/;
-
-# $target="\$(LIB_D)$o$target";
- $ret.="$target: $objs\n";
- if (!$shlib)
- {
- $ret.=<<___;
- -\$(RM) $lfile$target
- \$(MKLIB) $lfile$target \@&&!
-+\$(**: = &^
-+)
-!
-___
- }
- else
- {
- local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
- $ex.=' ws2_32.lib gdi32.lib';
- $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
- }
- $ret.="\n";
- return($ret);
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n";
- return($ret);
- }
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/BC-32.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/BC-32.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,139 @@
+#!/usr/local/bin/perl
+# Borland C++ builder 3 and 4 -- Janez Jere <jj at void.si>
+#
+
+$ssl= "ssleay32";
+$crypto="libeay32";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc32';
+$lflags="-ap -Tpe -x -Gn ";
+$mlflags='';
+
+$out_def="out32";
+$tmp_def="tmp32";
+$inc_def="inc32";
+#enable max error messages, disable most common warnings
+$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp -D_timeb=timeb -D_ftime=ftime ";
+if ($debug)
+{
+ $cflags.="-Od -y -v -vi- -D_DEBUG";
+ $mlflags.=' ';
+}
+else
+{
+ $cflags.="-O2 -ff -fp";
+}
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="ilink32";
+$efile="";
+$exep='.exe';
+if ($no_sock)
+ { $ex_libs=""; }
+else { $ex_libs="cw32mt.lib import32.lib crypt32.lib ws2_32.lib"; }
+
+# static library stuff
+$mklib='tlib /P64';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$shlib_ex_obj="";
+$app_ex_obj="c0x32.obj";
+
+$asm=(`nasm -v 2>NUL` ge `nasmw -v 2>NUL`?"nasm":"nasmw")." -f obj -d__omf__";
+$asm.=" -g" if $debug;
+$afile='-o';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ $bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
+ $bn_mulw_src='crypto\bn\asm\bn_win32.asm';
+ $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
+ $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
+ $bf_enc_obj='crypto\bf\asm\b_win32.obj';
+ $bf_enc_src='crypto\bf\asm\b_win32.asm';
+ $cast_enc_obj='crypto\cast\asm\c_win32.obj';
+ $cast_enc_src='crypto\cast\asm\c_win32.asm';
+ $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
+ $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
+ $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
+ $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
+ $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
+ $md5_asm_src='crypto\md5\asm\m5_win32.asm';
+ $sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
+ $sha1_asm_src='crypto\sha\asm\s1_win32.asm';
+ $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
+ $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+ }
+
+if ($shlib)
+ {
+ $mlflags.=" $lflags /dll";
+# $cflags =~ s| /MD| /MT|;
+ $lib_cflag=" /GD -D_WINDLL -D_DLL";
+ $out_def="out32dll";
+ $tmp_def="tmp32dll";
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+# $target="\$(LIB_D)$o$target";
+ $ret.="$target: $objs\n";
+ if (!$shlib)
+ {
+ $ret.=<<___;
+ -\$(RM) $lfile$target
+ \$(MKLIB) $lfile$target \@&&!
++\$(**: = &^
++)
+!
+___
+ }
+ else
+ {
+ local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+ $ex.=' ws2_32.lib gdi32.lib';
+ $ret.="\t\$(LINK_CMD) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK_CMD) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n";
+ return($ret);
+ }
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/Mingw32.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,104 +0,0 @@
-#!/usr/local/bin/perl
-#
-# Mingw32.pl -- Mingw
-#
-
-$o='/';
-$cp='cp';
-$rm='rm -f';
-$mkdir='gmkdir';
-
-$o='\\';
-$cp='copy';
-$rm='del';
-$mkdir='mkdir';
-
-# C compiler stuff
-
-$cc='gcc';
-if ($debug)
- { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
-else
- { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
-
-if ($gaswin and !$no_asm)
- {
- $bn_asm_obj='$(OBJ_D)\bn-win32.o';
- $bn_asm_src='crypto/bn/asm/bn-win32.s';
- $bnco_asm_obj='$(OBJ_D)\co-win32.o';
- $bnco_asm_src='crypto/bn/asm/co-win32.s';
- $des_enc_obj='$(OBJ_D)\d-win32.o $(OBJ_D)\y-win32.o';
- $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
- $bf_enc_obj='$(OBJ_D)\b-win32.o';
- $bf_enc_src='crypto/bf/asm/b-win32.s';
-# $cast_enc_obj='$(OBJ_D)\c-win32.o';
-# $cast_enc_src='crypto/cast/asm/c-win32.s';
- $rc4_enc_obj='$(OBJ_D)\r4-win32.o';
- $rc4_enc_src='crypto/rc4/asm/r4-win32.s';
- $rc5_enc_obj='$(OBJ_D)\r5-win32.o';
- $rc5_enc_src='crypto/rc5/asm/r5-win32.s';
- $md5_asm_obj='$(OBJ_D)\m5-win32.o';
- $md5_asm_src='crypto/md5/asm/m5-win32.s';
- $rmd160_asm_obj='$(OBJ_D)\rm-win32.o';
- $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
- $sha1_asm_obj='$(OBJ_D)\s1-win32.o';
- $sha1_asm_src='crypto/sha/asm/s1-win32.s';
- $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
- }
-
-
-$obj='.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS}';
-$efile='-o ';
-$exep='';
-$ex_libs="-lws2_32 -lgdi32";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib='ranlib';
-$plib='lib';
-$libp=".a";
-$shlibp=".a";
-$lfile='';
-
-$asm='as';
-$afile='-o ';
-#$bn_asm_obj="";
-#$bn_asm_src="";
-#$des_enc_obj="";
-#$des_enc_src="";
-#$bf_enc_obj="";
-#$bf_enc_src="";
-
-sub do_lib_rule
- {
- local($obj,$target,$name,$shlib)=@_;
- local($ret,$_,$Name);
-
- $target =~ s/\//$o/g if $o ne '/';
- $target="$target";
- ($Name=$name) =~ tr/a-z/A-Z/;
-
- $ret.="$target: \$(${Name}OBJ)\n";
- $ret.="\tif exist $target \$(RM) $target\n";
- $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
- $ret.="\t\$(RANLIB) $target\n\n";
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
- return($ret);
- }
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/Mingw32.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/Mingw32.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,104 @@
+#!/usr/local/bin/perl
+#
+# Mingw32.pl -- Mingw
+#
+
+$o='/';
+$cp='cp';
+$rm='rm -f';
+$mkdir='gmkdir';
+
+$o='\\';
+$cp='copy';
+$rm='del';
+$mkdir='mkdir';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+ { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
+else
+ { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
+
+if ($gaswin and !$no_asm)
+ {
+ $bn_asm_obj='$(OBJ_D)\bn-win32.o';
+ $bn_asm_src='crypto/bn/asm/bn-win32.s';
+ $bnco_asm_obj='$(OBJ_D)\co-win32.o';
+ $bnco_asm_src='crypto/bn/asm/co-win32.s';
+ $des_enc_obj='$(OBJ_D)\d-win32.o $(OBJ_D)\y-win32.o';
+ $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
+ $bf_enc_obj='$(OBJ_D)\b-win32.o';
+ $bf_enc_src='crypto/bf/asm/b-win32.s';
+# $cast_enc_obj='$(OBJ_D)\c-win32.o';
+# $cast_enc_src='crypto/cast/asm/c-win32.s';
+ $rc4_enc_obj='$(OBJ_D)\r4-win32.o';
+ $rc4_enc_src='crypto/rc4/asm/r4-win32.s';
+ $rc5_enc_obj='$(OBJ_D)\r5-win32.o';
+ $rc5_enc_src='crypto/rc5/asm/r5-win32.s';
+ $md5_asm_obj='$(OBJ_D)\m5-win32.o';
+ $md5_asm_src='crypto/md5/asm/m5-win32.s';
+ $rmd160_asm_obj='$(OBJ_D)\rm-win32.o';
+ $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
+ $sha1_asm_obj='$(OBJ_D)\s1-win32.o';
+ $sha1_asm_src='crypto/sha/asm/s1-win32.s';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
+ }
+
+
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="-lws2_32 -lgdi32";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib='ranlib';
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+#$bn_asm_obj="";
+#$bn_asm_src="";
+#$des_enc_obj="";
+#$des_enc_src="";
+#$bf_enc_obj="";
+#$bf_enc_src="";
+
+sub do_lib_rule
+ {
+ local($obj,$target,$name,$shlib)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ $target="$target";
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\tif exist $target \$(RM) $target\n";
+ $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+ $ret.="\t\$(RANLIB) $target\n\n";
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK_CMD) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/OS2-EMX.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,120 +0,0 @@
-#!/usr/local/bin/perl
-#
-# OS2-EMX.pl - for EMX GCC on OS/2
-#
-
-$o='/';
-$cp='cp';
-$rm='rm -f';
-
-$preamble = "SHELL=sh\n";
-
-# C compiler stuff
-
-$cc='gcc';
-$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall ";
-$cflags.="-Zomf " if $shlib;
-$shl_cflag="-Zdll";
-
-if ($debug) {
- $cflags.="-g ";
-}
-
-$obj=$shlib ? '.obj' : '.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS} -Zbsd-signals -s';
-$efile='-o ';
-$exep='.exe';
-$ex_libs="-lsocket";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib="ar s";
-$plib='';
-$libp=$shlib ? ".lib" : ".a";
-$shlibp=$shlib ? ".dll" : ".a";
-$lfile='';
-
-$asm=$shlib ? 'as -Zomf' : 'as';
-$afile='-o ';
-$bn_asm_obj="";
-$bn_asm_src="";
-$des_enc_obj="";
-$des_enc_src="";
-$bf_enc_obj="";
-$bf_enc_src="";
-
-if (!$no_asm)
- {
- $bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj";
- $bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm";
- $des_enc_obj="crypto/des/asm/d-os2$obj crypto/des/asm/y-os2$obj";
- $des_enc_src="crypto/des/asm/d-os2.asm crypto/des/asm/y-os2.asm";
- $bf_enc_obj="crypto/bf/asm/b-os2$obj";
- $bf_enc_src="crypto/bf/asm/b-os2.asm";
- $cast_enc_obj="crypto/cast/asm/c-os2$obj";
- $cast_enc_src="crypto/cast/asm/c-os2.asm";
- $rc4_enc_obj="crypto/rc4/asm/r4-os2$obj";
- $rc4_enc_src="crypto/rc4/asm/r4-os2.asm";
- $rc5_enc_obj="crypto/rc5/asm/r5-os2$obj";
- $rc5_enc_src="crypto/rc5/asm/r5-os2.asm";
- $md5_asm_obj="crypto/md5/asm/m5-os2$obj";
- $md5_asm_src="crypto/md5/asm/m5-os2.asm";
- $sha1_asm_obj="crypto/sha/asm/s1-os2$obj";
- $sha1_asm_src="crypto/sha/asm/s1-os2.asm";
- $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
- $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
- $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
- }
-
-if ($shlib)
- {
- $mlflags.=" $lflags -Zdll";
- $lib_cflag=" -D_DLL";
- $out_def="out_dll";
- $tmp_def="tmp_dll";
- }
-
-sub do_lib_rule
- {
- local($obj,$target,$name,$shlib)=@_;
- local($ret,$_,$Name);
-
- $target =~ s/\//$o/g if $o ne '/';
- $target="$target";
- ($Name=$name) =~ tr/a-z/A-Z/;
-
- $ret.="$target: \$(${Name}OBJ)\n";
- if (!$shlib)
- {
- $ret.="\t\$(RM) $target\n";
- $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
- $ret.="\t\$(RANLIB) $target\n\n";
- }
- else
- {
- local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
- $ex.=' -lsocket';
- $ret.="\t\$(LINK) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n";
- $ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n";
- $ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n";
- }
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n";
- return($ret);
- }
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/OS2-EMX.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/OS2-EMX.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,120 @@
+#!/usr/local/bin/perl
+#
+# OS2-EMX.pl - for EMX GCC on OS/2
+#
+
+$o='/';
+$cp='cp';
+$rm='rm -f';
+
+$preamble = "SHELL=sh\n";
+
+# C compiler stuff
+
+$cc='gcc';
+$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall ";
+$cflags.="-Zomf " if $shlib;
+$shl_cflag="-Zdll";
+
+if ($debug) {
+ $cflags.="-g ";
+}
+
+$obj=$shlib ? '.obj' : '.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS} -Zbsd-signals -s';
+$efile='-o ';
+$exep='.exe';
+$ex_libs="-lsocket";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib="ar s";
+$plib='';
+$libp=$shlib ? ".lib" : ".a";
+$shlibp=$shlib ? ".dll" : ".a";
+$lfile='';
+
+$asm=$shlib ? 'as -Zomf' : 'as';
+$afile='-o ';
+$bn_asm_obj="";
+$bn_asm_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+if (!$no_asm)
+ {
+ $bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj";
+ $bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm";
+ $des_enc_obj="crypto/des/asm/d-os2$obj crypto/des/asm/y-os2$obj";
+ $des_enc_src="crypto/des/asm/d-os2.asm crypto/des/asm/y-os2.asm";
+ $bf_enc_obj="crypto/bf/asm/b-os2$obj";
+ $bf_enc_src="crypto/bf/asm/b-os2.asm";
+ $cast_enc_obj="crypto/cast/asm/c-os2$obj";
+ $cast_enc_src="crypto/cast/asm/c-os2.asm";
+ $rc4_enc_obj="crypto/rc4/asm/r4-os2$obj";
+ $rc4_enc_src="crypto/rc4/asm/r4-os2.asm";
+ $rc5_enc_obj="crypto/rc5/asm/r5-os2$obj";
+ $rc5_enc_src="crypto/rc5/asm/r5-os2.asm";
+ $md5_asm_obj="crypto/md5/asm/m5-os2$obj";
+ $md5_asm_src="crypto/md5/asm/m5-os2.asm";
+ $sha1_asm_obj="crypto/sha/asm/s1-os2$obj";
+ $sha1_asm_src="crypto/sha/asm/s1-os2.asm";
+ $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
+ $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
+ }
+
+if ($shlib)
+ {
+ $mlflags.=" $lflags -Zdll";
+ $lib_cflag=" -D_DLL";
+ $out_def="out_dll";
+ $tmp_def="tmp_dll";
+ }
+
+sub do_lib_rule
+ {
+ local($obj,$target,$name,$shlib)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ $target="$target";
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ if (!$shlib)
+ {
+ $ret.="\t\$(RM) $target\n";
+ $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+ $ret.="\t\$(RANLIB) $target\n\n";
+ }
+ else
+ {
+ local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+ $ex.=' -lsocket';
+ $ret.="\t\$(LINK_CMD) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n";
+ $ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n";
+ $ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n";
+ }
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK_CMD) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/VC-32.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,403 +0,0 @@
-#!/usr/local/bin/perl
-# VC-32.pl - unified script for Microsoft Visual C++, covering Win32,
-# Win64 and WinCE [follow $FLAVOR variable to trace the differences].
-#
-
-$ssl= "ssleay32";
-$crypto="libeay32";
-
-if ($fips && !$shlib)
- {
- $crypto="libeayfips32";
- $crypto_compat = "libeaycompat32.lib";
- }
-else
- {
- $crypto="libeay32";
- }
-
-$o='\\';
-$cp='$(PERL) util/copy.pl';
-$mkdir='$(PERL) util/mkdir-p.pl';
-$rm='del /Q';
-
-$zlib_lib="zlib1.lib";
-
-# Santize -L options for ms link
-$l_flags =~ s/-L("\[^"]+")/\/libpath:$1/g;
-$l_flags =~ s/-L(\S+)/\/libpath:$1/g;
-
-my $ff = "";
-
-# C compiler stuff
-$cc='cl';
-if ($FLAVOR =~ /WIN64/)
- {
- # Note that we currently don't have /WX on Win64! There is a lot of
- # warnings, but only of two types:
- #
- # C4344: conversion from '__int64' to 'int/long', possible loss of data
- # C4267: conversion from 'size_t' to 'int/long', possible loss of data
- #
- # Amount of latter type is minimized by aliasing strlen to function of
- # own desing and limiting its return value to 2GB-1 (see e_os.h). As
- # per 0.9.8 release remaining warnings were explicitly examined and
- # considered safe to ignore.
- #
- $base_cflags= " $mf_cflag";
- my $f = $shlib || $fips ?' /MD':' /MT';
- $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
- $opt_cflags=$f.' /Ox';
- $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
- $lflags="/nologo /subsystem:console /opt:ref";
-
- *::perlasm_compile_target = sub {
- my ($target,$source,$bname)=@_;
- my $ret;
-
- $bname =~ s/(.*)\.[^\.]$/$1/;
- $ret=<<___;
-\$(TMP_D)$o$bname.asm: $source
- set ASM=\$(ASM)
- \$(PERL) $source \$\@
-
-$target: \$(TMP_D)$o$bname.asm
- \$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm
-
-___
- }
- }
-elsif ($FLAVOR =~ /CE/)
- {
- # sanity check
- die '%OSVERSION% is not defined' if (!defined($ENV{'OSVERSION'}));
- die '%PLATFORM% is not defined' if (!defined($ENV{'PLATFORM'}));
- die '%TARGETCPU% is not defined' if (!defined($ENV{'TARGETCPU'}));
-
- #
- # Idea behind this is to mimic flags set by eVC++ IDE...
- #
- $wcevers = $ENV{'OSVERSION'}; # WCENNN
- die '%OSVERSION% value is insane' if ($wcevers !~ /^WCE([1-9])([0-9]{2})$/);
- $wcecdefs = "-D_WIN32_WCE=$1$2 -DUNDER_CE=$1$2"; # -D_WIN32_WCE=NNN
- $wcelflag = "/subsystem:windowsce,$1.$2"; # ...,N.NN
-
- $wceplatf = $ENV{'PLATFORM'};
- $wceplatf =~ tr/a-z0-9 /A-Z0-9_/d;
- $wcecdefs .= " -DWCE_PLATFORM_$wceplatf";
-
- $wcetgt = $ENV{'TARGETCPU'}; # just shorter name...
- SWITCH: for($wcetgt) {
- /^X86/ && do { $wcecdefs.=" -Dx86 -D_X86_ -D_i386_ -Di_386_";
- $wcelflag.=" /machine:IX86"; last; };
- /^ARMV4[IT]/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
- $wcecdefs.=" -DTHUMB -D_THUMB_" if($wcetgt=~/T$/);
- $wcecdefs.=" -QRarch4T -QRinterwork-return";
- $wcelflag.=" /machine:THUMB"; last; };
- /^ARM/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
- $wcelflag.=" /machine:ARM"; last; };
- /^MIPSIV/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
- $wcecdefs.=" -D_MIPS64 -QMmips4 -QMn32";
- $wcelflag.=" /machine:MIPSFPU"; last; };
- /^MIPS16/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
- $wcecdefs.=" -DMIPSII -QMmips16";
- $wcelflag.=" /machine:MIPS16"; last; };
- /^MIPSII/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
- $wcecdefs.=" -QMmips2";
- $wcelflag.=" /machine:MIPS"; last; };
- /^R4[0-9]{3}/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000";
- $wcelflag.=" /machine:MIPS"; last; };
- /^SH[0-9]/ && do { $wcecdefs.=" -D$wcetgt -D_$wcetgt_ -DSHx";
- $wcecdefs.=" -Qsh4" if ($wcetgt =~ /^SH4/);
- $wcelflag.=" /machine:$wcetgt"; last; };
- { $wcecdefs.=" -D$wcetgt -D_$wcetgt_";
- $wcelflag.=" /machine:$wcetgt"; last; };
- }
-
- $cc='$(CC)';
- $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
- $base_cflags.=" $wcecdefs";
- $base_cflags.=' -I$(WCECOMPAT)/include' if (defined($ENV{'WCECOMPAT'}));
- $base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include' if (defined($ENV{'PORTSDK_LIBPATH'}));
- $opt_cflags=' /MC /O1i'; # optimize for space, but with intrinsics...
- $dbg_cflags=' /MC /Od -DDEBUG -D_DEBUG';
- $lflags="/nologo /opt:ref $wcelflag";
- }
-else # Win32
- {
- $base_cflags= " $mf_cflag";
- my $f = $shlib || $fips ?' /MD':' /MT';
- $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
- $ff = "/fixed";
- $opt_cflags=$f.' /Ox /O2 /Ob2';
- $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
- $lflags="/nologo /subsystem:console /opt:ref";
- }
-$mlflags='';
-
-$out_def ="out32"; $out_def.="dll" if ($shlib);
- $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
-$tmp_def ="tmp32"; $tmp_def.="dll" if ($shlib);
- $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
-$inc_def="inc32";
-
-if ($debug)
- {
- $cflags=$dbg_cflags.$base_cflags;
- }
-else
- {
- $cflags=$opt_cflags.$base_cflags;
- }
-
-# generate symbols.pdb unconditionally
-$app_cflag.=" /Zi /Fd\$(TMP_D)/app";
-$lib_cflag.=" /Zi /Fd\$(TMP_D)/lib";
-$lflags.=" /debug";
-
-$obj='.obj';
-$asm_suffix='.asm';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$rsc="rc";
-$efile="/out:";
-$exep='.exe';
-if ($no_sock) { $ex_libs=''; }
-elsif ($FLAVOR =~ /CE/) { $ex_libs='winsock.lib'; }
-else { $ex_libs='ws2_32.lib'; }
-
-if ($FLAVOR =~ /CE/)
- {
- $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib' if (defined($ENV{'WCECOMPAT'}));
- $ex_libs.=' $(PORTSDK_LIBPATH)/portlib.lib' if (defined($ENV{'PORTSDK_LIBPATH'}));
- $ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86");
- }
-else
- {
- $ex_libs.=' gdi32.lib advapi32.lib crypt32.lib user32.lib';
- $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/ and `cl 2>&1` =~ /14\.00\.4[0-9]{4}\./);
- # WIN32 UNICODE build gets linked with unicows.lib for
- # backward compatibility with Win9x.
- $ex_libs="unicows.lib $ex_libs" if ($FLAVOR =~ /WIN32/ and $cflags =~ /\-DUNICODE/);
- }
-
-# static library stuff
-$mklib='lib /nologo';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='/out:';
-
-$shlib_ex_obj="";
-$app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/);
-if ($FLAVOR =~ /WIN64A/) {
- if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) {
- $asm='nasm -f win64 -DNEAR -Ox -g';
- $afile='-o ';
- } else {
- $asm='ml64 /c /Cp /Cx /Zi';
- $afile='/Fo';
- }
-} elsif ($FLAVOR =~ /WIN64I/) {
- $asm='ias -d debug';
- $afile="-o ";
-} elsif ($nasm) {
- my $ver=`nasm -v 2>NUL`;
- my $vew=`nasmw -v 2>NUL`;
- # pick newest version
- $asm=($ver ge $vew?"nasm":"nasmw")." -f win32";
- $asmtype="win32n";
- $afile='-o ';
-} else {
- $asm='ml /nologo /Cp /coff /c /Cx /Zi';
- $afile='/Fo';
- $asmtype="win32";
-}
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm)
- {
- win32_import_asm($mf_bn_asm, "bn", \$bn_asm_obj, \$bn_asm_src);
- win32_import_asm($mf_aes_asm, "aes", \$aes_asm_obj, \$aes_asm_src);
- win32_import_asm($mf_des_asm, "des", \$des_enc_obj, \$des_enc_src);
- win32_import_asm($mf_bf_asm, "bf", \$bf_enc_obj, \$bf_enc_src);
- win32_import_asm($mf_cast_asm, "cast", \$cast_enc_obj, \$cast_enc_src);
- win32_import_asm($mf_rc4_asm, "rc4", \$rc4_enc_obj, \$rc4_enc_src);
- win32_import_asm($mf_rc5_asm, "rc5", \$rc5_enc_obj, \$rc5_enc_src);
- win32_import_asm($mf_md5_asm, "md5", \$md5_asm_obj, \$md5_asm_src);
- win32_import_asm($mf_sha_asm, "sha", \$sha1_asm_obj, \$sha1_asm_src);
- win32_import_asm($mf_rmd_asm, "ripemd", \$rmd160_asm_obj, \$rmd160_asm_src);
- win32_import_asm($mf_wp_asm, "whrlpool", \$whirlpool_asm_obj, \$whirlpool_asm_src);
- win32_import_asm($mf_cpuid_asm, "", \$cpuid_asm_obj, \$cpuid_asm_src);
- $perl_asm = 1;
- }
-
-if ($shlib && $FLAVOR !~ /CE/)
- {
- $mlflags.=" $lflags /dll";
- $lib_cflag.=" -D_WINDLL";
- #
- # Engage Applink...
- #
- $app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib";
- $cflags.=" -DOPENSSL_USE_APPLINK -I.";
- # I'm open for better suggestions than overriding $banner...
- $banner=<<'___';
- @echo Building OpenSSL
-
-$(OBJ_D)\applink.obj: ms\applink.c
- $(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c
-$(OBJ_D)\uplink.obj: ms\uplink.c ms\applink.c
- $(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c
-$(INCO_D)\applink.c: ms\applink.c
- $(CP) ms\applink.c $(INCO_D)\applink.c
-
-EXHEADER= $(EXHEADER) $(INCO_D)\applink.c
-
-LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj
-CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ)
-___
- $banner.=<<'___' if ($FLAVOR =~ /WIN64/);
-CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ)
-___
- }
-elsif ($shlib && $FLAVOR =~ /CE/)
- {
- $mlflags.=" $lflags /dll";
- $lflags.=' /entry:mainCRTstartup' if(defined($ENV{'PORTSDK_LIBPATH'}));
- $lib_cflag.=" -D_WINDLL -D_DLL";
- }
-
-sub do_lib_rule
- {
- my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
- local($ret);
-
- $taget =~ s/\//$o/g if $o ne '/';
- my $base_arg;
- if ($base_addr ne "")
- {
- $base_arg= " /base:$base_addr";
- }
- else
- {
- $base_arg = "";
- }
- if ($name ne "")
- {
- $name =~ tr/a-z/A-Z/;
- $name = "/def:ms/${name}.def";
- }
-
-# $target="\$(LIB_D)$o$target";
-# $ret.="$target: $objs\n";
- if (!$shlib)
- {
-# $ret.="\t\$(RM) \$(O_$Name)\n";
- $ret.="$target: $objs\n";
- $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
- }
- else
- {
- local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
- $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
-
- if ($fips && $target =~ /O_CRYPTO/)
- {
- $ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
- $ret.="\n\tSET FIPS_LINK=\$(LINK)\n";
- $ret.="\tSET FIPS_CC=\$(CC)\n";
- $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
- $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
- $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
- $ret.="\tSET FIPS_TARGET=$target\n";
- $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
- $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $ff /map $base_arg $efile$target ";
- $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) ";
- $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
- }
- else
- {
- $ret.="$target: $objs";
- $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
- }
- $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
- }
- $ret.="\n";
- return($ret);
- }
-
-sub do_link_rule
- {
- my($target,$files,$dep_libs,$libs,$standalone)=@_;
- local($ret,$_);
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs";
- if ($standalone == 1)
- {
- $ret.=" \$(OBJ_D)${o}applink.obj\n";
- $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
- $ret.= "\$(EX_LIBS) \$(OBJ_D)${o}applink.obj " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild);
- $ret.="$files $libs\n<<\n";
- }
- elsif ($standalone == 2)
- {
- $ret.="\n";
- $ret.="\tSET FIPS_LINK=\$(LINK)\n";
- $ret.="\tSET FIPS_CC=\$(CC)\n";
- $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
- $ret.="\tSET PREMAIN_DSO_EXE=\n";
- $ret.="\tSET FIPS_TARGET=$target\n";
- $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
- $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
- $ret.="\t\$(FIPSLINK) \$(LFLAGS) $ff /map $efile$target @<<\n";
- $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
- }
- else
- {
- $ret.="\n";
- $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
- $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n";
- }
- $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
- return($ret);
- }
-
-sub win32_import_asm
- {
- my ($mf_var, $asm_name, $oref, $sref) = @_;
- my $asm_dir;
- if ($asm_name eq "")
- {
- $asm_dir = "crypto\\";
- }
- else
- {
- $asm_dir = "crypto\\$asm_name\\asm\\";
- }
-
- $$oref = "";
- $mf_var =~ s/\.o$/.obj/g;
-
- foreach (split(/ /, $mf_var))
- {
- $$oref .= $asm_dir . $_ . " ";
- }
- $$oref =~ s/ $//;
- $$sref = $$oref;
- $$sref =~ s/\.obj/.asm/g;
-
- }
-
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/VC-32.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/VC-32.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,407 @@
+#!/usr/local/bin/perl
+# VC-32.pl - unified script for Microsoft Visual C++, covering Win32,
+# Win64 and WinCE [follow $FLAVOR variable to trace the differences].
+#
+
+$ssl= "ssleay32";
+$crypto="libeay32";
+
+if ($fips && !$shlib)
+ {
+ $crypto="libeayfips32";
+ $crypto_compat = "libeaycompat32.lib";
+ }
+else
+ {
+ $crypto="libeay32";
+ }
+
+$o='\\';
+$cp='$(PERL) util/copy.pl';
+$mkdir='$(PERL) util/mkdir-p.pl';
+$rm='del /Q';
+
+$zlib_lib="zlib1.lib";
+
+# Santize -L options for ms link
+$l_flags =~ s/-L("\[^"]+")/\/libpath:$1/g;
+$l_flags =~ s/-L(\S+)/\/libpath:$1/g;
+
+my $ff = "";
+
+# C compiler stuff
+$cc='cl';
+if ($FLAVOR =~ /WIN64/)
+ {
+ # Note that we currently don't have /WX on Win64! There is a lot of
+ # warnings, but only of two types:
+ #
+ # C4344: conversion from '__int64' to 'int/long', possible loss of data
+ # C4267: conversion from 'size_t' to 'int/long', possible loss of data
+ #
+ # Amount of latter type is minimized by aliasing strlen to function of
+ # own desing and limiting its return value to 2GB-1 (see e_os.h). As
+ # per 0.9.8 release remaining warnings were explicitly examined and
+ # considered safe to ignore.
+ #
+ $base_cflags= " $mf_cflag";
+ my $f = $shlib || $fips ?' /MD':' /MT';
+ $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
+ $opt_cflags=$f.' /Ox';
+ $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
+ $lflags="/nologo /subsystem:console /opt:ref";
+
+ *::perlasm_compile_target = sub {
+ my ($target,$source,$bname)=@_;
+ my $ret;
+
+ $bname =~ s/(.*)\.[^\.]$/$1/;
+ $ret=<<___;
+\$(TMP_D)$o$bname.asm: $source
+ set ASM=\$(ASM)
+ \$(PERL) $source \$\@
+
+$target: \$(TMP_D)$o$bname.asm
+ \$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm
+
+___
+ }
+ }
+elsif ($FLAVOR =~ /CE/)
+ {
+ # sanity check
+ die '%OSVERSION% is not defined' if (!defined($ENV{'OSVERSION'}));
+ die '%PLATFORM% is not defined' if (!defined($ENV{'PLATFORM'}));
+ die '%TARGETCPU% is not defined' if (!defined($ENV{'TARGETCPU'}));
+
+ #
+ # Idea behind this is to mimic flags set by eVC++ IDE...
+ #
+ $wcevers = $ENV{'OSVERSION'}; # WCENNN
+ die '%OSVERSION% value is insane' if ($wcevers !~ /^WCE([1-9])([0-9]{2})$/);
+ $wcecdefs = "-D_WIN32_WCE=$1$2 -DUNDER_CE=$1$2"; # -D_WIN32_WCE=NNN
+ $wcelflag = "/subsystem:windowsce,$1.$2"; # ...,N.NN
+
+ $wceplatf = $ENV{'PLATFORM'};
+ $wceplatf =~ tr/a-z0-9 /A-Z0-9_/d;
+ $wcecdefs .= " -DWCE_PLATFORM_$wceplatf";
+
+ $wcetgt = $ENV{'TARGETCPU'}; # just shorter name...
+ SWITCH: for($wcetgt) {
+ /^X86/ && do { $wcecdefs.=" -Dx86 -D_X86_ -D_i386_ -Di_386_";
+ $wcelflag.=" /machine:IX86"; last; };
+ /^ARMV4[IT]/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
+ $wcecdefs.=" -DTHUMB -D_THUMB_" if($wcetgt=~/T$/);
+ $wcecdefs.=" -QRarch4T -QRinterwork-return";
+ $wcelflag.=" /machine:THUMB"; last; };
+ /^ARM/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
+ $wcelflag.=" /machine:ARM"; last; };
+ /^MIPSIV/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+ $wcecdefs.=" -D_MIPS64 -QMmips4 -QMn32";
+ $wcelflag.=" /machine:MIPSFPU"; last; };
+ /^MIPS16/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+ $wcecdefs.=" -DMIPSII -QMmips16";
+ $wcelflag.=" /machine:MIPS16"; last; };
+ /^MIPSII/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+ $wcecdefs.=" -QMmips2";
+ $wcelflag.=" /machine:MIPS"; last; };
+ /^R4[0-9]{3}/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000";
+ $wcelflag.=" /machine:MIPS"; last; };
+ /^SH[0-9]/ && do { $wcecdefs.=" -D$wcetgt -D_$wcetgt_ -DSHx";
+ $wcecdefs.=" -Qsh4" if ($wcetgt =~ /^SH4/);
+ $wcelflag.=" /machine:$wcetgt"; last; };
+ { $wcecdefs.=" -D$wcetgt -D_$wcetgt_";
+ $wcelflag.=" /machine:$wcetgt"; last; };
+ }
+
+ $cc='$(CC)';
+ $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
+ $base_cflags.=" $wcecdefs";
+ $base_cflags.=' -I$(WCECOMPAT)/include' if (defined($ENV{'WCECOMPAT'}));
+ $base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include' if (defined($ENV{'PORTSDK_LIBPATH'}));
+ $opt_cflags=' /MC /O1i'; # optimize for space, but with intrinsics...
+ $dbg_cflags=' /MC /Od -DDEBUG -D_DEBUG';
+ $lflags="/nologo /opt:ref $wcelflag";
+ }
+else # Win32
+ {
+ $base_cflags= " $mf_cflag";
+ my $f = $shlib || $fips ?' /MD':' /MT';
+ $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
+ $ff = "/fixed";
+ $opt_cflags=$f.' /Ox /O2 /Ob2';
+ $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
+ $lflags="/nologo /subsystem:console /opt:ref";
+ }
+$mlflags='';
+
+$out_def ="out32"; $out_def.="dll" if ($shlib);
+ $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
+$tmp_def ="tmp32"; $tmp_def.="dll" if ($shlib);
+ $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
+$inc_def="inc32";
+
+if ($debug)
+ {
+ $cflags=$dbg_cflags.$base_cflags;
+ }
+else
+ {
+ $cflags=$opt_cflags.$base_cflags;
+ }
+
+# generate symbols.pdb unconditionally
+$app_cflag.=" /Zi /Fd\$(TMP_D)/app";
+$lib_cflag.=" /Zi /Fd\$(TMP_D)/lib";
+$lflags.=" /debug";
+
+$obj='.obj';
+$asm_suffix='.asm';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$rsc="rc";
+$efile="/out:";
+$exep='.exe';
+if ($no_sock) { $ex_libs=''; }
+elsif ($FLAVOR =~ /CE/) { $ex_libs='winsock.lib'; }
+else { $ex_libs='ws2_32.lib'; }
+
+if ($FLAVOR =~ /CE/)
+ {
+ $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib' if (defined($ENV{'WCECOMPAT'}));
+ $ex_libs.=' $(PORTSDK_LIBPATH)/portlib.lib' if (defined($ENV{'PORTSDK_LIBPATH'}));
+ $ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86");
+ }
+else
+ {
+ $ex_libs.=' gdi32.lib advapi32.lib crypt32.lib user32.lib';
+ $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/ and `cl 2>&1` =~ /14\.00\.4[0-9]{4}\./);
+ # WIN32 UNICODE build gets linked with unicows.lib for
+ # backward compatibility with Win9x.
+ $ex_libs="unicows.lib $ex_libs" if ($FLAVOR =~ /WIN32/ and $cflags =~ /\-DUNICODE/);
+ }
+
+# static library stuff
+$mklib='lib /nologo';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='/out:';
+
+$shlib_ex_obj="";
+$app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/);
+if ($FLAVOR =~ /WIN64A/) {
+ if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) {
+ $asm='nasm -f win64 -DNEAR -Ox -g';
+ $afile='-o ';
+ } else {
+ $asm='ml64 /c /Cp /Cx /Zi';
+ $afile='/Fo';
+ }
+} elsif ($FLAVOR =~ /WIN64I/) {
+ $asm='ias -d debug';
+ $afile="-o ";
+} elsif ($nasm) {
+ my $ver=`nasm -v 2>NUL`;
+ my $vew=`nasmw -v 2>NUL`;
+ # pick newest version
+ $asm=($ver ge $vew?"nasm":"nasmw")." -f win32";
+ $asmtype="win32n";
+ $afile='-o ';
+} else {
+ $asm='ml /nologo /Cp /coff /c /Cx /Zi';
+ $afile='/Fo';
+ $asmtype="win32";
+}
+
+$bn_asm_obj='';
+$bn_asm_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ win32_import_asm($mf_bn_asm, "bn", \$bn_asm_obj, \$bn_asm_src);
+ win32_import_asm($mf_aes_asm, "aes", \$aes_asm_obj, \$aes_asm_src);
+ win32_import_asm($mf_des_asm, "des", \$des_enc_obj, \$des_enc_src);
+ win32_import_asm($mf_bf_asm, "bf", \$bf_enc_obj, \$bf_enc_src);
+ win32_import_asm($mf_cast_asm, "cast", \$cast_enc_obj, \$cast_enc_src);
+ win32_import_asm($mf_rc4_asm, "rc4", \$rc4_enc_obj, \$rc4_enc_src);
+ win32_import_asm($mf_rc5_asm, "rc5", \$rc5_enc_obj, \$rc5_enc_src);
+ win32_import_asm($mf_md5_asm, "md5", \$md5_asm_obj, \$md5_asm_src);
+ win32_import_asm($mf_sha_asm, "sha", \$sha1_asm_obj, \$sha1_asm_src);
+ win32_import_asm($mf_rmd_asm, "ripemd", \$rmd160_asm_obj, \$rmd160_asm_src);
+ win32_import_asm($mf_wp_asm, "whrlpool", \$whirlpool_asm_obj, \$whirlpool_asm_src);
+ win32_import_asm($mf_cpuid_asm, "", \$cpuid_asm_obj, \$cpuid_asm_src);
+ $perl_asm = 1;
+ }
+
+if ($shlib && $FLAVOR !~ /CE/)
+ {
+ $mlflags.=" $lflags /dll";
+ $lib_cflag.=" -D_WINDLL";
+ #
+ # Engage Applink...
+ #
+ $app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib";
+ $cflags.=" -DOPENSSL_USE_APPLINK -I.";
+ # I'm open for better suggestions than overriding $banner...
+ $banner=<<'___';
+ @echo Building OpenSSL
+
+$(OBJ_D)\applink.obj: ms\applink.c
+ $(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c
+$(OBJ_D)\uplink.obj: ms\uplink.c ms\applink.c
+ $(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c
+$(INCO_D)\applink.c: ms\applink.c
+ $(CP) ms\applink.c $(INCO_D)\applink.c
+
+EXHEADER= $(EXHEADER) $(INCO_D)\applink.c
+
+LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj
+CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ)
+___
+ $banner.=<<'___' if ($FLAVOR =~ /WIN64/);
+CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ)
+___
+ }
+elsif ($shlib && $FLAVOR =~ /CE/)
+ {
+ $mlflags.=" $lflags /dll";
+ $lflags.=' /entry:mainCRTstartup' if(defined($ENV{'PORTSDK_LIBPATH'}));
+ $lib_cflag.=" -D_WINDLL -D_DLL";
+ }
+
+sub do_lib_rule
+ {
+ my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
+ local($ret);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ my $base_arg;
+ if ($base_addr ne "")
+ {
+ $base_arg= " /base:$base_addr";
+ }
+ else
+ {
+ $base_arg = "";
+ }
+ if ($name ne "")
+ {
+ $name =~ tr/a-z/A-Z/;
+ $name = "/def:ms/${name}.def";
+ }
+
+# $target="\$(LIB_D)$o$target";
+# $ret.="$target: $objs\n";
+ if (!$shlib)
+ {
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+ $ret.="$target: $objs\n";
+ $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
+ $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
+
+ if ($fips && $target =~ /O_CRYPTO/)
+ {
+ $ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
+ $ret.="\n\tSET FIPS_LINK=\$(LINK_CMD)\n";
+ $ret.="\tSET FIPS_CC=\$(CC)\n";
+ $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPS_TARGET=$target\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+ $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $ff /map $base_arg $efile$target ";
+ $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) ";
+ $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
+ }
+ else
+ {
+ $ret.="$target: $objs";
+ $ret.="\n\t\$(LINK_CMD) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+ }
+ $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ my($target,$files,$dep_libs,$libs,$standalone)=@_;
+ local($ret,$_);
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs";
+ if ($standalone == 1)
+ {
+ $ret.=" \$(OBJ_D)${o}applink.obj" if $shlib;
+ $ret.="\n";
+ $ret.=" \$(LINK_CMD) \$(LFLAGS) $efile$target @<<\n\t";
+ if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild) {
+ $ret.= "\$(EX_LIBS) ";
+ $ret.= "\$(OBJ_D)${o}applink.obj " if $shlib;
+ }
+ $ret.="$files $libs\n<<\n";
+ }
+ elsif ($standalone == 2)
+ {
+ $ret.="\n";
+ $ret.="\tSET FIPS_LINK=\$(LINK_CMD)\n";
+ $ret.="\tSET FIPS_CC=\$(CC)\n";
+ $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\n";
+ $ret.="\tSET FIPS_TARGET=$target\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+ $ret.="\t\$(FIPSLINK) \$(LFLAGS) $ff /map $efile$target @<<\n";
+ $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
+ }
+ else
+ {
+ $ret.="\n";
+ $ret.="\t\$(LINK_CMD) \$(LFLAGS) $efile$target @<<\n";
+ $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n";
+ }
+ $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
+ return($ret);
+ }
+
+sub win32_import_asm
+ {
+ my ($mf_var, $asm_name, $oref, $sref) = @_;
+ my $asm_dir;
+ if ($asm_name eq "")
+ {
+ $asm_dir = "crypto\\";
+ }
+ else
+ {
+ $asm_dir = "crypto\\$asm_name\\asm\\";
+ }
+
+ $$oref = "";
+ $mf_var =~ s/\.o$/.obj/g;
+
+ foreach (split(/ /, $mf_var))
+ {
+ $$oref .= $asm_dir . $_ . " ";
+ }
+ $$oref =~ s/ $//;
+ $$sref = $$oref;
+ $$sref =~ s/\.obj/.asm/g;
+
+ }
+
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/linux.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/linux.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/linux.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,104 +0,0 @@
-#!/usr/local/bin/perl
-#
-# linux.pl - the standard unix makefile stuff.
-#
-
-$o='/';
-$cp='/bin/cp';
-$rm='/bin/rm -f';
-
-# C compiler stuff
-
-$cc='gcc';
-if ($debug)
- { $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
-elsif ($profile)
- { $cflags="-pg -O3"; }
-else
- { $cflags="-O3 -fomit-frame-pointer"; }
-
-if (!$no_asm)
- {
- $bn_asm_obj='$(OBJ_D)/bn86-elf.o';
- $bn_asm_src='crypto/bn/asm/bn86unix.cpp';
- $bnco_asm_obj='$(OBJ_D)/co86-elf.o';
- $bnco_asm_src='crypto/bn/asm/co86unix.cpp';
- $des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
- $des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
- $bf_enc_obj='$(OBJ_D)/bx86-elf.o';
- $bf_enc_src='crypto/bf/asm/bx86unix.cpp';
- $cast_enc_obj='$(OBJ_D)/cx86-elf.o';
- $cast_enc_src='crypto/cast/asm/cx86unix.cpp';
- $rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
- $rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
- $rc5_enc_obj='$(OBJ_D)/r586-elf.o';
- $rc5_enc_src='crypto/rc5/asm/r586unix.cpp';
- $md5_asm_obj='$(OBJ_D)/mx86-elf.o';
- $md5_asm_src='crypto/md5/asm/mx86unix.cpp';
- $rmd160_asm_obj='$(OBJ_D)/rm86-elf.o';
- $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp';
- $sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
- $sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
- $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
- }
-
-$cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall";
-
-if ($shlib)
- {
- $shl_cflag=" -DPIC -fpic";
- $shlibp=".so.$ssl_version";
- $so_shlibp=".so";
- }
-
-sub do_shlib_rule
- {
- local($obj,$target,$name,$shlib,$so_name)=@_;
- local($ret,$_,$Name);
-
- $target =~ s/\//$o/g if $o ne '/';
- ($Name=$name) =~ tr/a-z/A-Z/;
-
- $ret.="$target: \$(${Name}OBJ)\n";
- $ret.="\t\$(RM) target\n";
- $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o $target \$(${Name}OBJ)\n";
- ($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
- if ($so_name ne "")
- {
- $ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
- $ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
- }
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
- return($ret);
- }
-
-sub do_asm_rule
- {
- local($target,$src)=@_;
- local($ret, at s, at t,$i);
-
- $target =~ s/\//$o/g if $o ne "/";
- $src =~ s/\//$o/g if $o ne "/";
-
- @s=split(/\s+/,$src);
- @t=split(/\s+/,$target);
-
- for ($i=0; $i<=$#s; $i++)
- {
- $ret.="$t[$i]: $s[$i]\n";
- $ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
- }
- return($ret);
- }
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/linux.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/linux.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/linux.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/linux.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,104 @@
+#!/usr/local/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+ { $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
+elsif ($profile)
+ { $cflags="-pg -O3"; }
+else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+
+if (!$no_asm)
+ {
+ $bn_asm_obj='$(OBJ_D)/bn86-elf.o';
+ $bn_asm_src='crypto/bn/asm/bn86unix.cpp';
+ $bnco_asm_obj='$(OBJ_D)/co86-elf.o';
+ $bnco_asm_src='crypto/bn/asm/co86unix.cpp';
+ $des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
+ $des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
+ $bf_enc_obj='$(OBJ_D)/bx86-elf.o';
+ $bf_enc_src='crypto/bf/asm/bx86unix.cpp';
+ $cast_enc_obj='$(OBJ_D)/cx86-elf.o';
+ $cast_enc_src='crypto/cast/asm/cx86unix.cpp';
+ $rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
+ $rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
+ $rc5_enc_obj='$(OBJ_D)/r586-elf.o';
+ $rc5_enc_src='crypto/rc5/asm/r586unix.cpp';
+ $md5_asm_obj='$(OBJ_D)/mx86-elf.o';
+ $md5_asm_src='crypto/md5/asm/mx86unix.cpp';
+ $rmd160_asm_obj='$(OBJ_D)/rm86-elf.o';
+ $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp';
+ $sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
+ $sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
+ }
+
+$cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall";
+
+if ($shlib)
+ {
+ $shl_cflag=" -DPIC -fpic";
+ $shlibp=".so.$ssl_version";
+ $so_shlibp=".so";
+ }
+
+sub do_shlib_rule
+ {
+ local($obj,$target,$name,$shlib,$so_name)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) target\n";
+ $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o $target \$(${Name}OBJ)\n";
+ ($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
+ if ($so_name ne "")
+ {
+ $ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
+ $ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
+ }
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK_CMD) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret, at s, at t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @s=split(/\s+/,$src);
+ @t=split(/\s+/,$target);
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ $ret.="$t[$i]: $s[$i]\n";
+ $ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
+ }
+ return($ret);
+ }
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/netware.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/netware.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/netware.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,532 +0,0 @@
-# Metrowerks Codewarrior or gcc / nlmconv for NetWare
-#
-
-$version_header = "crypto/opensslv.h";
-open(IN, "$version_header") or die "Couldn't open $version_header: $!";
-while (<IN>) {
- if (/^#define[\s\t]+OPENSSL_VERSION_NUMBER[\s\t]+0x(\d)(\d{2})(\d{2})(\d{2})/)
- {
- # die "OpenSSL version detected: $1.$2.$3.$4\n";
- #$nlmvernum = "$1,$2,$3";
- $nlmvernum = "$1,".($2*10+$3).",".($4*1);
- #$nlmverstr = "$1.".($2*1).".".($3*1).($4?(chr(96+$4)):"");
- break;
- }
-}
-close(IN) or die "Couldn't close $version_header: $!";
-
-$readme_file = "README";
-open(IN, $readme_file) or die "Couldn't open $readme_file: $!";
-while (<IN>) {
- if (/^[\s\t]+OpenSSL[\s\t]+(\d)\.(\d{1,2})\.(\d{1,2})([a-z])(.*)/)
- {
- #$nlmvernum = "$1,$2,$3";
- #$nlmvernum = "$1,".($2*10+$3).",".($4*1);
- $nlmverstr = "$1.$2.$3$4$5";
- }
- elsif (/^[\s\t]+(Copyright \(c\) \d{4}\-\d{4} The OpenSSL Project)$/)
- {
- $nlmcpystr = $1;
- }
- break if ($nlmvernum && $nlmcpystr);
-}
-close(IN) or die "Couldn't close $readme_file: $!";
-
-# Define stacksize here
-$nlmstack = "32768";
-
-# some default settings here in case we failed to find them in README
-$nlmvernum = "1,0,0" if (!$nlmvernum);
-$nlmverstr = "OpenSSL" if (!$nlmverstr);
-$nlmcpystr = "Copyright (c) 1998-now The OpenSSL Project" if (!$nlmcpystr);
-
-# die "OpenSSL copyright: $nlmcpystr\nOpenSSL verstring: $nlmverstr\nOpenSSL vernumber: $nlmvernum\n";
-
-# The import files and other misc imports needed to link
- at misc_imports = ("GetProcessSwitchCount", "RunningProcess",
- "GetSuperHighResolutionTimer");
-if ($LIBC)
-{
- @import_files = ("libc.imp");
- @module_files = ("libc");
- $libarch = "LIBC";
-}
-else
-{
- # clib build
- @import_files = ("clib.imp");
- push(@import_files, "socklib.imp") if ($BSDSOCK);
- @module_files = ("clib");
- # push(@misc_imports, "_rt_modu64%16", "_rt_divu64%16");
- $libarch = "CLIB";
-}
-if ($BSDSOCK)
-{
- $libarch .= "-BSD";
-}
-else
-{
- $libarch .= "-WS2";
- push(@import_files, "ws2nlm.imp");
-}
-
-# The "IMPORTS" environment variable must be set and point to the location
-# where import files (*.imp) can be found.
-# Example: set IMPORTS=c:\ndk\nwsdk\imports
-$import_path = $ENV{"IMPORTS"} || die ("IMPORTS environment variable not set\n");
-
-
-# The "PRELUDE" environment variable must be set and point to the location
-# and name of the prelude source to link with ( nwpre.obj is recommended ).
-# Example: set PRELUDE=c:\codewar\novell support\metrowerks support\libraries\runtime\nwpre.obj
-$prelude = $ENV{"PRELUDE"} || die ("PRELUDE environment variable not set\n");
-
-# The "INCLUDES" environment variable must be set and point to the location
-# where import files (*.imp) can be found.
-$include_path = $ENV{"INCLUDE"} || die ("INCLUDES environment variable not set\n");
-$include_path =~ s/\\/\//g;
-$include_path = join(" -I", split(/;/, $include_path));
-
-# check for gcc compiler
-$gnuc = $ENV{"GNUC"};
-
-#$ssl= "ssleay32";
-#$crypto="libeay32";
-
-if ($gnuc)
-{
- # C compiler
- $cc='gcc';
- # Linker
- $link='nlmconv';
- # librarian
- $mklib='ar';
- $o='/';
- # cp command
- $cp='cp -af';
- # rm command
- $rm='rm -f';
- # mv command
- $mv='mv -f';
- # mkdir command
- $mkdir='gmkdir';
- #$ranlib='ranlib';
-}
-else
-{
- # C compiler
- $cc='mwccnlm';
- # Linker
- $link='mwldnlm';
- # librarian
- $mklib='mwldnlm';
- # Path separator
- $o='\\';
- # cp command
- $cp='copy >nul:';
- # rm command
- $rm='del /f /q';
-}
-
-# assembler
-if ($nw_nasm)
-{
- $asm=(`nasm -v 2>NUL` gt `nasmw -v 2>NUL`?"nasm":"nasmw");
- if ($gnuc)
- {
- $asm.=" -s -f elf";
- }
- else
- {
- $asm.=" -s -f coff -d __coff__";
- }
- $afile="-o ";
- $asm.=" -g" if $debug;
-}
-elsif ($nw_mwasm)
-{
- $asm="mwasmnlm -maxerrors 20";
- $afile="-o ";
- $asm.=" -g" if $debug;
-}
-elsif ($nw_masm)
-{
-# masm assembly settings - it should be possible to use masm but haven't
-# got it working.
-# $asm='ml /Cp /coff /c /Cx';
-# $asm.=" /Zi" if $debug;
-# $afile='/Fo';
- die("Support for masm assembler not yet functional\n");
-}
-else
-{
- $asm="";
- $afile="";
-}
-
-
-
-if ($gnuc)
-{
- # compile flags for GNUC
- # additional flags based upon debug | non-debug
- if ($debug)
- {
- $cflags="-g -DDEBUG";
- }
- else
- {
- $cflags="-O2";
- }
- $cflags.=" -nostdinc -I$include_path \\
- -fno-builtin -fpcc-struct-return -fno-strict-aliasing \\
- -funsigned-char -Wall -Wno-unused -Wno-uninitialized";
-
- # link flags
- $lflags="-T";
-}
-else
-{
- # compile flags for CodeWarrior
- # additional flags based upon debug | non-debug
- if ($debug)
- {
- $cflags="-opt off -g -sym internal -DDEBUG";
- }
- else
- {
- # CodeWarrior compiler has a problem with optimizations for floating
- # points - no optimizations until further investigation
- # $cflags="-opt all";
- }
-
- # NOTES: Several c files in the crypto subdirectory include headers from
- # their local directories. Metrowerks wouldn't find these h files
- # without adding individual include directives as compile flags
- # or modifying the c files. Instead of adding individual include
- # paths for each subdirectory a recursive include directive
- # is used ( -ir crypto ).
- #
- # A similar issue exists for the engines and apps subdirectories.
- #
- # Turned off the "possible" warnings ( -w nopossible ). Metrowerks
- # complained a lot about various stuff. May want to turn back
- # on for further development.
- $cflags.=" -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\
- -msgstyle gcc -align 4 -processor pentium -char unsigned \\
- -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
- -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";
-
- # link flags
- $lflags="-msgstyle gcc -zerobss -nostdlib -sym internal -commandfile";
-}
-
-# common defines
-$cflags.=" -DL_ENDIAN -DOPENSSL_SYSNAME_NETWARE -U_WIN32";
-
-# If LibC build add in NKS_LIBC define and set the entry/exit
-# routines - The default entry/exit routines are for CLib and don't exist
-# in LibC
-if ($LIBC)
-{
- $cflags.=" -DNETWARE_LIBC";
- $nlmstart = "_LibCPrelude";
- $nlmexit = "_LibCPostlude";
- @nlm_flags = ("pseudopreemption", "flag_on 64");
-}
-else
-{
- $cflags.=" -DNETWARE_CLIB";
- $nlmstart = "_Prelude";
- $nlmexit = "_Stop";
-}
-
-# If BSD Socket support is requested, set a define for the compiler
-if ($BSDSOCK)
-{
- $cflags.=" -DNETWARE_BSDSOCK";
- if (!$LIBC)
- {
- $cflags.=" -DNETDB_USE_INTERNET";
- }
-}
-
-
-# linking stuff
-# for the output directories use the mk1mf.pl values with "_nw" appended
-if ($shlib)
-{
- if ($LIBC)
- {
- $out_def.="_nw_libc_nlm";
- $tmp_def.="_nw_libc_nlm";
- $inc_def.="_nw_libc_nlm";
- }
- else # NETWARE_CLIB
- {
- $out_def.="_nw_clib_nlm";
- $tmp_def.="_nw_clib_nlm";
- $inc_def.="_nw_clib_nlm";
- }
-}
-else
-{
- if ($gnuc) # GNUC Tools
- {
- $libp=".a";
- $shlibp=".a";
- $lib_flags="-cr";
- }
- else # CodeWarrior
- {
- $libp=".lib";
- $shlibp=".lib";
- $lib_flags="-nodefaults -type library -o";
- }
- if ($LIBC)
- {
- $out_def.="_nw_libc";
- $tmp_def.="_nw_libc";
- $inc_def.="_nw_libc";
- }
- else # NETWARE_CLIB
- {
- $out_def.="_nw_clib";
- $tmp_def.="_nw_clib";
- $inc_def.="_nw_clib";
- }
-}
-
-# used by mk1mf.pl
-$obj='.o';
-$ofile='-o ';
-$efile='';
-$exep='.nlm';
-$ex_libs='';
-
-if (!$no_asm)
-{
- $bn_asm_obj="\$(OBJ_D)${o}bn-nw${obj}";
- $bn_asm_src="crypto${o}bn${o}asm${o}bn-nw.asm";
- $bnco_asm_obj="\$(OBJ_D)${o}co-nw${obj}";
- $bnco_asm_src="crypto${o}bn${o}asm${o}co-nw.asm";
- $aes_asm_obj="\$(OBJ_D)${o}a-nw${obj}";
- $aes_asm_src="crypto${o}aes${o}asm${o}a-nw.asm";
- $des_enc_obj="\$(OBJ_D)${o}d-nw${obj} \$(OBJ_D)${o}y-nw${obj}";
- $des_enc_src="crypto${o}des${o}asm${o}d-nw.asm crypto${o}des${o}asm${o}y-nw.asm";
- $bf_enc_obj="\$(OBJ_D)${o}b-nw${obj}";
- $bf_enc_src="crypto${o}bf${o}asm${o}b-nw.asm";
- $cast_enc_obj="\$(OBJ_D)${o}c-nw${obj}";
- $cast_enc_src="crypto${o}cast${o}asm${o}c-nw.asm";
- $rc4_enc_obj="\$(OBJ_D)${o}r4-nw${obj}";
- $rc4_enc_src="crypto${o}rc4${o}asm${o}r4-nw.asm";
- $rc5_enc_obj="\$(OBJ_D)${o}r5-nw${obj}";
- $rc5_enc_src="crypto${o}rc5${o}asm${o}r5-nw.asm";
- $md5_asm_obj="\$(OBJ_D)${o}m5-nw${obj}";
- $md5_asm_src="crypto${o}md5${o}asm${o}m5-nw.asm";
- $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj} \$(OBJ_D)${o}sha256-nw${obj} \$(OBJ_D)${o}sha512-nw${obj}";
- $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm crypto${o}sha${o}asm${o}sha256-nw.asm crypto${o}sha${o}asm${o}sha512-nw.asm";
- $rmd160_asm_obj="\$(OBJ_D)${o}rm-nw${obj}";
- $rmd160_asm_src="crypto${o}ripemd${o}asm${o}rm-nw.asm";
- $whirlpool_asm_obj="\$(OBJ_D)${o}wp-nw${obj}";
- $whirlpool_asm_src="crypto${o}whrlpool${o}asm${o}wp-nw.asm";
- $cpuid_asm_obj="\$(OBJ_D)${o}x86cpuid-nw${obj}";
- $cpuid_asm_src="crypto${o}x86cpuid-nw.asm";
- $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DWHIRLPOOL_ASM";
- $cflags.=" -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
- $cflags.=" -DAES_ASM -DRMD160_ASM";
-}
-else
-{
- $bn_asm_obj='';
- $bn_asm_src='';
- $bnco_asm_obj='';
- $bnco_asm_src='';
- $aes_asm_obj='';
- $aes_asm_src='';
- $des_enc_obj='';
- $des_enc_src='';
- $bf_enc_obj='';
- $bf_enc_src='';
- $cast_enc_obj='';
- $cast_enc_src='';
- $rc4_enc_obj='';
- $rc4_enc_src='';
- $rc5_enc_obj='';
- $rc5_enc_src='';
- $md5_asm_obj='';
- $md5_asm_src='';
- $sha1_asm_obj='';
- $sha1_asm_src='';
- $rmd160_asm_obj='';
- $rmd160_asm_src='';
- $whirlpool_asm_obj='';
- $whirlpool_asm_src='';
- $cpuid_asm_obj='';
- $cpuid_asm_src='';
-}
-
-# create the *.def linker command files in \openssl\netware\ directory
-sub do_def_file
-{
- # strip off the leading path
- my($target) = bname(shift);
- my($i);
-
- if ($target =~ /(.*).nlm/)
- {
- $target = $1;
- }
-
- # special case for openssl - the mk1mf.pl defines E_EXE = openssl
- if ($target =~ /E_EXE/)
- {
- $target =~ s/\$\(E_EXE\)/openssl/;
- }
-
- # Note: originally tried to use full path ( \openssl\netware\$target.def )
- # Metrowerks linker choked on this with an assertion failure. bug???
- #
- my($def_file) = "netware${o}$target.def";
-
- open(DEF_OUT, ">$def_file") || die("unable to open file $def_file\n");
-
- print( DEF_OUT "# command file generated by netware.pl for NLM target.\n" );
- print( DEF_OUT "# do not edit this file - all your changes will be lost!!\n" );
- print( DEF_OUT "#\n");
- print( DEF_OUT "DESCRIPTION \"$target ($libarch) - OpenSSL $nlmverstr\"\n");
- print( DEF_OUT "COPYRIGHT \"$nlmcpystr\"\n");
- print( DEF_OUT "VERSION $nlmvernum\n");
- print( DEF_OUT "STACK $nlmstack\n");
- print( DEF_OUT "START $nlmstart\n");
- print( DEF_OUT "EXIT $nlmexit\n");
-
- # special case for openssl
- if ($target eq "openssl")
- {
- print( DEF_OUT "SCREENNAME \"OpenSSL $nlmverstr\"\n");
- }
- else
- {
- print( DEF_OUT "SCREENNAME \"DEFAULT\"\n");
- }
-
- foreach $i (@misc_imports)
- {
- print( DEF_OUT "IMPORT $i\n");
- }
-
- foreach $i (@import_files)
- {
- print( DEF_OUT "IMPORT \@$import_path${o}$i\n");
- }
-
- foreach $i (@module_files)
- {
- print( DEF_OUT "MODULE $i\n");
- }
-
- foreach $i (@nlm_flags)
- {
- print( DEF_OUT "$i\n");
- }
-
- if ($gnuc)
- {
- if ($target =~ /openssl/)
- {
- print( DEF_OUT "INPUT ${tmp_def}${o}openssl${obj}\n");
- print( DEF_OUT "INPUT ${tmp_def}${o}openssl${libp}\n");
- }
- else
- {
- print( DEF_OUT "INPUT ${tmp_def}${o}${target}${obj}\n");
- }
- print( DEF_OUT "INPUT $prelude\n");
- print( DEF_OUT "INPUT ${out_def}${o}${ssl}${libp} ${out_def}${o}${crypto}${libp}\n");
- print( DEF_OUT "OUTPUT $target.nlm\n");
- }
-
- close(DEF_OUT);
- return($def_file);
-}
-
-sub do_lib_rule
-{
- my($objs,$target,$name,$shlib)=@_;
- my($ret);
-
- $ret.="$target: $objs\n";
- if (!$shlib)
- {
- $ret.="\t\@echo Building Lib: $name\n";
- $ret.="\t\$(MKLIB) $lib_flags $target $objs\n";
- $ret.="\t\@echo .\n"
- }
- else
- {
- die( "Building as NLM not currently supported!" );
- }
-
- $ret.="\n";
- return($ret);
-}
-
-sub do_link_rule
-{
- my($target,$files,$dep_libs,$libs)=@_;
- my($ret);
- my($def_file) = do_def_file($target);
-
- $ret.="$target: $files $dep_libs\n";
-
- # NOTE: When building the test nlms no screen name is given
- # which causes the console screen to be used. By using the console
- # screen there is no "<press any key to continue>" message which
- # requires user interaction. The test script ( do_tests.pl ) needs
- # to be able to run the tests without requiring user interaction.
- #
- # However, the sample program "openssl.nlm" is used by the tests and is
- # a interactive sample so a screen is desired when not be run by the
- # tests. To solve the problem, two versions of the program are built:
- # openssl2 - no screen used by tests
- # openssl - default screen - use for normal interactive modes
- #
-
- # special case for openssl - the mk1mf.pl defines E_EXE = openssl
- if ($target =~ /E_EXE/)
- {
- my($target2) = $target;
-
- $target2 =~ s/\(E_EXE\)/\(E_EXE\)2/;
-
- # openssl2
- my($def_file2) = do_def_file($target2);
-
- if ($gnuc)
- {
- $ret.="\t\$(MKLIB) $lib_flags \$(TMP_D)${o}\$(E_EXE).a \$(filter-out \$(TMP_D)${o}\$(E_EXE)${obj},$files)\n";
- $ret.="\t\$(LINK) \$(LFLAGS) $def_file2\n";
- $ret.="\t\@$mv \$(E_EXE)2.nlm \$(TEST_D)\n";
- }
- else
- {
- $ret.="\t\$(LINK) \$(LFLAGS) $def_file2 $files \"$prelude\" $libs -o $target2\n";
- }
- }
- if ($gnuc)
- {
- $ret.="\t\$(LINK) \$(LFLAGS) $def_file\n";
- $ret.="\t\@$mv \$(\@F) \$(TEST_D)\n";
- }
- else
- {
- $ret.="\t\$(LINK) \$(LFLAGS) $def_file $files \"$prelude\" $libs -o $target\n";
- }
-
- $ret.="\n";
- return($ret);
-
-}
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/netware.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/netware.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/netware.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/netware.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,532 @@
+# Metrowerks Codewarrior or gcc / nlmconv for NetWare
+#
+
+$version_header = "crypto/opensslv.h";
+open(IN, "$version_header") or die "Couldn't open $version_header: $!";
+while (<IN>) {
+ if (/^#define[\s\t]+OPENSSL_VERSION_NUMBER[\s\t]+0x(\d)(\d{2})(\d{2})(\d{2})/)
+ {
+ # die "OpenSSL version detected: $1.$2.$3.$4\n";
+ #$nlmvernum = "$1,$2,$3";
+ $nlmvernum = "$1,".($2*10+$3).",".($4*1);
+ #$nlmverstr = "$1.".($2*1).".".($3*1).($4?(chr(96+$4)):"");
+ break;
+ }
+}
+close(IN) or die "Couldn't close $version_header: $!";
+
+$readme_file = "README";
+open(IN, $readme_file) or die "Couldn't open $readme_file: $!";
+while (<IN>) {
+ if (/^[\s\t]+OpenSSL[\s\t]+(\d)\.(\d{1,2})\.(\d{1,2})([a-z])(.*)/)
+ {
+ #$nlmvernum = "$1,$2,$3";
+ #$nlmvernum = "$1,".($2*10+$3).",".($4*1);
+ $nlmverstr = "$1.$2.$3$4$5";
+ }
+ elsif (/^[\s\t]+(Copyright \(c\) \d{4}\-\d{4} The OpenSSL Project)$/)
+ {
+ $nlmcpystr = $1;
+ }
+ break if ($nlmvernum && $nlmcpystr);
+}
+close(IN) or die "Couldn't close $readme_file: $!";
+
+# Define stacksize here
+$nlmstack = "32768";
+
+# some default settings here in case we failed to find them in README
+$nlmvernum = "1,0,0" if (!$nlmvernum);
+$nlmverstr = "OpenSSL" if (!$nlmverstr);
+$nlmcpystr = "Copyright (c) 1998-now The OpenSSL Project" if (!$nlmcpystr);
+
+# die "OpenSSL copyright: $nlmcpystr\nOpenSSL verstring: $nlmverstr\nOpenSSL vernumber: $nlmvernum\n";
+
+# The import files and other misc imports needed to link
+ at misc_imports = ("GetProcessSwitchCount", "RunningProcess",
+ "GetSuperHighResolutionTimer");
+if ($LIBC)
+{
+ @import_files = ("libc.imp");
+ @module_files = ("libc");
+ $libarch = "LIBC";
+}
+else
+{
+ # clib build
+ @import_files = ("clib.imp");
+ push(@import_files, "socklib.imp") if ($BSDSOCK);
+ @module_files = ("clib");
+ # push(@misc_imports, "_rt_modu64%16", "_rt_divu64%16");
+ $libarch = "CLIB";
+}
+if ($BSDSOCK)
+{
+ $libarch .= "-BSD";
+}
+else
+{
+ $libarch .= "-WS2";
+ push(@import_files, "ws2nlm.imp");
+}
+
+# The "IMPORTS" environment variable must be set and point to the location
+# where import files (*.imp) can be found.
+# Example: set IMPORTS=c:\ndk\nwsdk\imports
+$import_path = $ENV{"IMPORTS"} || die ("IMPORTS environment variable not set\n");
+
+
+# The "PRELUDE" environment variable must be set and point to the location
+# and name of the prelude source to link with ( nwpre.obj is recommended ).
+# Example: set PRELUDE=c:\codewar\novell support\metrowerks support\libraries\runtime\nwpre.obj
+$prelude = $ENV{"PRELUDE"} || die ("PRELUDE environment variable not set\n");
+
+# The "INCLUDES" environment variable must be set and point to the location
+# where import files (*.imp) can be found.
+$include_path = $ENV{"INCLUDE"} || die ("INCLUDES environment variable not set\n");
+$include_path =~ s/\\/\//g;
+$include_path = join(" -I", split(/;/, $include_path));
+
+# check for gcc compiler
+$gnuc = $ENV{"GNUC"};
+
+#$ssl= "ssleay32";
+#$crypto="libeay32";
+
+if ($gnuc)
+{
+ # C compiler
+ $cc='gcc';
+ # Linker
+ $link='nlmconv';
+ # librarian
+ $mklib='ar';
+ $o='/';
+ # cp command
+ $cp='cp -af';
+ # rm command
+ $rm='rm -f';
+ # mv command
+ $mv='mv -f';
+ # mkdir command
+ $mkdir='gmkdir';
+ #$ranlib='ranlib';
+}
+else
+{
+ # C compiler
+ $cc='mwccnlm';
+ # Linker
+ $link='mwldnlm';
+ # librarian
+ $mklib='mwldnlm';
+ # Path separator
+ $o='\\';
+ # cp command
+ $cp='copy >nul:';
+ # rm command
+ $rm='del /f /q';
+}
+
+# assembler
+if ($nw_nasm)
+{
+ $asm=(`nasm -v 2>NUL` gt `nasmw -v 2>NUL`?"nasm":"nasmw");
+ if ($gnuc)
+ {
+ $asm.=" -s -f elf";
+ }
+ else
+ {
+ $asm.=" -s -f coff -d __coff__";
+ }
+ $afile="-o ";
+ $asm.=" -g" if $debug;
+}
+elsif ($nw_mwasm)
+{
+ $asm="mwasmnlm -maxerrors 20";
+ $afile="-o ";
+ $asm.=" -g" if $debug;
+}
+elsif ($nw_masm)
+{
+# masm assembly settings - it should be possible to use masm but haven't
+# got it working.
+# $asm='ml /Cp /coff /c /Cx';
+# $asm.=" /Zi" if $debug;
+# $afile='/Fo';
+ die("Support for masm assembler not yet functional\n");
+}
+else
+{
+ $asm="";
+ $afile="";
+}
+
+
+
+if ($gnuc)
+{
+ # compile flags for GNUC
+ # additional flags based upon debug | non-debug
+ if ($debug)
+ {
+ $cflags="-g -DDEBUG";
+ }
+ else
+ {
+ $cflags="-O2";
+ }
+ $cflags.=" -nostdinc -I$include_path \\
+ -fno-builtin -fpcc-struct-return -fno-strict-aliasing \\
+ -funsigned-char -Wall -Wno-unused -Wno-uninitialized";
+
+ # link flags
+ $lflags="-T";
+}
+else
+{
+ # compile flags for CodeWarrior
+ # additional flags based upon debug | non-debug
+ if ($debug)
+ {
+ $cflags="-opt off -g -sym internal -DDEBUG";
+ }
+ else
+ {
+ # CodeWarrior compiler has a problem with optimizations for floating
+ # points - no optimizations until further investigation
+ # $cflags="-opt all";
+ }
+
+ # NOTES: Several c files in the crypto subdirectory include headers from
+ # their local directories. Metrowerks wouldn't find these h files
+ # without adding individual include directives as compile flags
+ # or modifying the c files. Instead of adding individual include
+ # paths for each subdirectory a recursive include directive
+ # is used ( -ir crypto ).
+ #
+ # A similar issue exists for the engines and apps subdirectories.
+ #
+ # Turned off the "possible" warnings ( -w nopossible ). Metrowerks
+ # complained a lot about various stuff. May want to turn back
+ # on for further development.
+ $cflags.=" -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\
+ -msgstyle gcc -align 4 -processor pentium -char unsigned \\
+ -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
+ -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";
+
+ # link flags
+ $lflags="-msgstyle gcc -zerobss -nostdlib -sym internal -commandfile";
+}
+
+# common defines
+$cflags.=" -DL_ENDIAN -DOPENSSL_SYSNAME_NETWARE -U_WIN32";
+
+# If LibC build add in NKS_LIBC define and set the entry/exit
+# routines - The default entry/exit routines are for CLib and don't exist
+# in LibC
+if ($LIBC)
+{
+ $cflags.=" -DNETWARE_LIBC";
+ $nlmstart = "_LibCPrelude";
+ $nlmexit = "_LibCPostlude";
+ @nlm_flags = ("pseudopreemption", "flag_on 64");
+}
+else
+{
+ $cflags.=" -DNETWARE_CLIB";
+ $nlmstart = "_Prelude";
+ $nlmexit = "_Stop";
+}
+
+# If BSD Socket support is requested, set a define for the compiler
+if ($BSDSOCK)
+{
+ $cflags.=" -DNETWARE_BSDSOCK";
+ if (!$LIBC)
+ {
+ $cflags.=" -DNETDB_USE_INTERNET";
+ }
+}
+
+
+# linking stuff
+# for the output directories use the mk1mf.pl values with "_nw" appended
+if ($shlib)
+{
+ if ($LIBC)
+ {
+ $out_def.="_nw_libc_nlm";
+ $tmp_def.="_nw_libc_nlm";
+ $inc_def.="_nw_libc_nlm";
+ }
+ else # NETWARE_CLIB
+ {
+ $out_def.="_nw_clib_nlm";
+ $tmp_def.="_nw_clib_nlm";
+ $inc_def.="_nw_clib_nlm";
+ }
+}
+else
+{
+ if ($gnuc) # GNUC Tools
+ {
+ $libp=".a";
+ $shlibp=".a";
+ $lib_flags="-cr";
+ }
+ else # CodeWarrior
+ {
+ $libp=".lib";
+ $shlibp=".lib";
+ $lib_flags="-nodefaults -type library -o";
+ }
+ if ($LIBC)
+ {
+ $out_def.="_nw_libc";
+ $tmp_def.="_nw_libc";
+ $inc_def.="_nw_libc";
+ }
+ else # NETWARE_CLIB
+ {
+ $out_def.="_nw_clib";
+ $tmp_def.="_nw_clib";
+ $inc_def.="_nw_clib";
+ }
+}
+
+# used by mk1mf.pl
+$obj='.o';
+$ofile='-o ';
+$efile='';
+$exep='.nlm';
+$ex_libs='';
+
+if (!$no_asm)
+{
+ $bn_asm_obj="\$(OBJ_D)${o}bn-nw${obj}";
+ $bn_asm_src="crypto${o}bn${o}asm${o}bn-nw.asm";
+ $bnco_asm_obj="\$(OBJ_D)${o}co-nw${obj}";
+ $bnco_asm_src="crypto${o}bn${o}asm${o}co-nw.asm";
+ $aes_asm_obj="\$(OBJ_D)${o}a-nw${obj}";
+ $aes_asm_src="crypto${o}aes${o}asm${o}a-nw.asm";
+ $des_enc_obj="\$(OBJ_D)${o}d-nw${obj} \$(OBJ_D)${o}y-nw${obj}";
+ $des_enc_src="crypto${o}des${o}asm${o}d-nw.asm crypto${o}des${o}asm${o}y-nw.asm";
+ $bf_enc_obj="\$(OBJ_D)${o}b-nw${obj}";
+ $bf_enc_src="crypto${o}bf${o}asm${o}b-nw.asm";
+ $cast_enc_obj="\$(OBJ_D)${o}c-nw${obj}";
+ $cast_enc_src="crypto${o}cast${o}asm${o}c-nw.asm";
+ $rc4_enc_obj="\$(OBJ_D)${o}r4-nw${obj}";
+ $rc4_enc_src="crypto${o}rc4${o}asm${o}r4-nw.asm";
+ $rc5_enc_obj="\$(OBJ_D)${o}r5-nw${obj}";
+ $rc5_enc_src="crypto${o}rc5${o}asm${o}r5-nw.asm";
+ $md5_asm_obj="\$(OBJ_D)${o}m5-nw${obj}";
+ $md5_asm_src="crypto${o}md5${o}asm${o}m5-nw.asm";
+ $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj} \$(OBJ_D)${o}sha256-nw${obj} \$(OBJ_D)${o}sha512-nw${obj}";
+ $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm crypto${o}sha${o}asm${o}sha256-nw.asm crypto${o}sha${o}asm${o}sha512-nw.asm";
+ $rmd160_asm_obj="\$(OBJ_D)${o}rm-nw${obj}";
+ $rmd160_asm_src="crypto${o}ripemd${o}asm${o}rm-nw.asm";
+ $whirlpool_asm_obj="\$(OBJ_D)${o}wp-nw${obj}";
+ $whirlpool_asm_src="crypto${o}whrlpool${o}asm${o}wp-nw.asm";
+ $cpuid_asm_obj="\$(OBJ_D)${o}x86cpuid-nw${obj}";
+ $cpuid_asm_src="crypto${o}x86cpuid-nw.asm";
+ $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DWHIRLPOOL_ASM";
+ $cflags.=" -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
+ $cflags.=" -DAES_ASM -DRMD160_ASM";
+}
+else
+{
+ $bn_asm_obj='';
+ $bn_asm_src='';
+ $bnco_asm_obj='';
+ $bnco_asm_src='';
+ $aes_asm_obj='';
+ $aes_asm_src='';
+ $des_enc_obj='';
+ $des_enc_src='';
+ $bf_enc_obj='';
+ $bf_enc_src='';
+ $cast_enc_obj='';
+ $cast_enc_src='';
+ $rc4_enc_obj='';
+ $rc4_enc_src='';
+ $rc5_enc_obj='';
+ $rc5_enc_src='';
+ $md5_asm_obj='';
+ $md5_asm_src='';
+ $sha1_asm_obj='';
+ $sha1_asm_src='';
+ $rmd160_asm_obj='';
+ $rmd160_asm_src='';
+ $whirlpool_asm_obj='';
+ $whirlpool_asm_src='';
+ $cpuid_asm_obj='';
+ $cpuid_asm_src='';
+}
+
+# create the *.def linker command files in \openssl\netware\ directory
+sub do_def_file
+{
+ # strip off the leading path
+ my($target) = bname(shift);
+ my($i);
+
+ if ($target =~ /(.*).nlm/)
+ {
+ $target = $1;
+ }
+
+ # special case for openssl - the mk1mf.pl defines E_EXE = openssl
+ if ($target =~ /E_EXE/)
+ {
+ $target =~ s/\$\(E_EXE\)/openssl/;
+ }
+
+ # Note: originally tried to use full path ( \openssl\netware\$target.def )
+ # Metrowerks linker choked on this with an assertion failure. bug???
+ #
+ my($def_file) = "netware${o}$target.def";
+
+ open(DEF_OUT, ">$def_file") || die("unable to open file $def_file\n");
+
+ print( DEF_OUT "# command file generated by netware.pl for NLM target.\n" );
+ print( DEF_OUT "# do not edit this file - all your changes will be lost!!\n" );
+ print( DEF_OUT "#\n");
+ print( DEF_OUT "DESCRIPTION \"$target ($libarch) - OpenSSL $nlmverstr\"\n");
+ print( DEF_OUT "COPYRIGHT \"$nlmcpystr\"\n");
+ print( DEF_OUT "VERSION $nlmvernum\n");
+ print( DEF_OUT "STACK $nlmstack\n");
+ print( DEF_OUT "START $nlmstart\n");
+ print( DEF_OUT "EXIT $nlmexit\n");
+
+ # special case for openssl
+ if ($target eq "openssl")
+ {
+ print( DEF_OUT "SCREENNAME \"OpenSSL $nlmverstr\"\n");
+ }
+ else
+ {
+ print( DEF_OUT "SCREENNAME \"DEFAULT\"\n");
+ }
+
+ foreach $i (@misc_imports)
+ {
+ print( DEF_OUT "IMPORT $i\n");
+ }
+
+ foreach $i (@import_files)
+ {
+ print( DEF_OUT "IMPORT \@$import_path${o}$i\n");
+ }
+
+ foreach $i (@module_files)
+ {
+ print( DEF_OUT "MODULE $i\n");
+ }
+
+ foreach $i (@nlm_flags)
+ {
+ print( DEF_OUT "$i\n");
+ }
+
+ if ($gnuc)
+ {
+ if ($target =~ /openssl/)
+ {
+ print( DEF_OUT "INPUT ${tmp_def}${o}openssl${obj}\n");
+ print( DEF_OUT "INPUT ${tmp_def}${o}openssl${libp}\n");
+ }
+ else
+ {
+ print( DEF_OUT "INPUT ${tmp_def}${o}${target}${obj}\n");
+ }
+ print( DEF_OUT "INPUT $prelude\n");
+ print( DEF_OUT "INPUT ${out_def}${o}${ssl}${libp} ${out_def}${o}${crypto}${libp}\n");
+ print( DEF_OUT "OUTPUT $target.nlm\n");
+ }
+
+ close(DEF_OUT);
+ return($def_file);
+}
+
+sub do_lib_rule
+{
+ my($objs,$target,$name,$shlib)=@_;
+ my($ret);
+
+ $ret.="$target: $objs\n";
+ if (!$shlib)
+ {
+ $ret.="\t\@echo Building Lib: $name\n";
+ $ret.="\t\$(MKLIB) $lib_flags $target $objs\n";
+ $ret.="\t\@echo .\n"
+ }
+ else
+ {
+ die( "Building as NLM not currently supported!" );
+ }
+
+ $ret.="\n";
+ return($ret);
+}
+
+sub do_link_rule
+{
+ my($target,$files,$dep_libs,$libs)=@_;
+ my($ret);
+ my($def_file) = do_def_file($target);
+
+ $ret.="$target: $files $dep_libs\n";
+
+ # NOTE: When building the test nlms no screen name is given
+ # which causes the console screen to be used. By using the console
+ # screen there is no "<press any key to continue>" message which
+ # requires user interaction. The test script ( do_tests.pl ) needs
+ # to be able to run the tests without requiring user interaction.
+ #
+ # However, the sample program "openssl.nlm" is used by the tests and is
+ # a interactive sample so a screen is desired when not be run by the
+ # tests. To solve the problem, two versions of the program are built:
+ # openssl2 - no screen used by tests
+ # openssl - default screen - use for normal interactive modes
+ #
+
+ # special case for openssl - the mk1mf.pl defines E_EXE = openssl
+ if ($target =~ /E_EXE/)
+ {
+ my($target2) = $target;
+
+ $target2 =~ s/\(E_EXE\)/\(E_EXE\)2/;
+
+ # openssl2
+ my($def_file2) = do_def_file($target2);
+
+ if ($gnuc)
+ {
+ $ret.="\t\$(MKLIB) $lib_flags \$(TMP_D)${o}\$(E_EXE).a \$(filter-out \$(TMP_D)${o}\$(E_EXE)${obj},$files)\n";
+ $ret.="\t\$(LINK_CMD) \$(LFLAGS) $def_file2\n";
+ $ret.="\t\@$mv \$(E_EXE)2.nlm \$(TEST_D)\n";
+ }
+ else
+ {
+ $ret.="\t\$(LINK_CMD) \$(LFLAGS) $def_file2 $files \"$prelude\" $libs -o $target2\n";
+ }
+ }
+ if ($gnuc)
+ {
+ $ret.="\t\$(LINK_CMD) \$(LFLAGS) $def_file\n";
+ $ret.="\t\@$mv \$(\@F) \$(TEST_D)\n";
+ }
+ else
+ {
+ $ret.="\t\$(LINK_CMD) \$(LFLAGS) $def_file $files \"$prelude\" $libs -o $target\n";
+ }
+
+ $ret.="\n";
+ return($ret);
+
+}
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/ultrix.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,38 +0,0 @@
-#!/usr/local/bin/perl
-#
-# linux.pl - the standard unix makefile stuff.
-#
-
-$o='/';
-$cp='/bin/cp';
-$rm='/bin/rm -f';
-
-# C compiler stuff
-
-$cc='cc';
-if ($debug)
- { $cflags="-g -DREF_CHECK -DCRYPTO_MDEBUG"; }
-else
- { $cflags="-O2"; }
-
-$cflags.=" -std1 -DL_ENDIAN";
-
-if (!$no_asm)
- {
- $bn_asm_obj='$(OBJ_D)/mips1.o';
- $bn_asm_src='crypto/bn/asm/mips1.s';
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
- return($ret);
- }
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/ultrix.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/ultrix.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,38 @@
+#!/usr/local/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='cc';
+if ($debug)
+ { $cflags="-g -DREF_CHECK -DCRYPTO_MDEBUG"; }
+else
+ { $cflags="-O2"; }
+
+$cflags.=" -std1 -DL_ENDIAN";
+
+if (!$no_asm)
+ {
+ $bn_asm_obj='$(OBJ_D)/mips1.o';
+ $bn_asm_src='crypto/bn/asm/mips1.s';
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK_CMD) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/pl/unix.pl
===================================================================
--- vendor-crypto/openssl/dist/util/pl/unix.pl 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/pl/unix.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,96 +0,0 @@
-#!/usr/local/bin/perl
-#
-# unix.pl - the standard unix makefile stuff.
-#
-
-$o='/';
-$cp='/bin/cp';
-$rm='/bin/rm -f';
-
-# C compiler stuff
-
-if ($gcc)
- {
- $cc='gcc';
- if ($debug)
- { $cflags="-g2 -ggdb"; }
- else
- { $cflags="-O3 -fomit-frame-pointer"; }
- }
-else
- {
- $cc='cc';
- if ($debug)
- { $cflags="-g"; }
- else
- { $cflags="-O"; }
- }
-$obj='.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS}';
-$efile='-o ';
-$exep='';
-$ex_libs="";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib=&which("ranlib") or $ranlib="true";
-$plib='lib';
-$libp=".a";
-$shlibp=".a";
-$lfile='';
-
-$asm='as';
-$afile='-o ';
-$bn_asm_obj="";
-$bn_asm_src="";
-$des_enc_obj="";
-$des_enc_src="";
-$bf_enc_obj="";
-$bf_enc_src="";
-
-sub do_lib_rule
- {
- local($obj,$target,$name,$shlib)=@_;
- local($ret,$_,$Name);
-
- $target =~ s/\//$o/g if $o ne '/';
- $target="$target";
- ($Name=$name) =~ tr/a-z/A-Z/;
-
- $ret.="$target: \$(${Name}OBJ)\n";
- $ret.="\t\$(RM) $target\n";
- $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
- $ret.="\t\$(RANLIB) $target\n\n";
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
- return($ret);
- }
-
-sub which
- {
- my ($name)=@_;
- my $path;
- foreach $path (split /:/, $ENV{PATH})
- {
- if (-x "$path/$name")
- {
- return "$path/$name";
- }
- }
- }
-
-1;
Copied: vendor-crypto/openssl/1.0.1u/util/pl/unix.pl (from rev 11605, vendor-crypto/openssl/dist/util/pl/unix.pl)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/pl/unix.pl (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/pl/unix.pl 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,96 @@
+#!/usr/local/bin/perl
+#
+# unix.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+if ($gcc)
+ {
+ $cc='gcc';
+ if ($debug)
+ { $cflags="-g2 -ggdb"; }
+ else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+ }
+else
+ {
+ $cc='cc';
+ if ($debug)
+ { $cflags="-g"; }
+ else
+ { $cflags="-O"; }
+ }
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib=&which("ranlib") or $ranlib="true";
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_asm_obj="";
+$bn_asm_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+sub do_lib_rule
+ {
+ local($obj,$target,$name,$shlib)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ $target="$target";
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) $target\n";
+ $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+ $ret.="\t\$(RANLIB) $target\n\n";
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK_CMD) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+sub which
+ {
+ my ($name)=@_;
+ my $path;
+ foreach $path (split /:/, $ENV{PATH})
+ {
+ if (-x "$path/$name")
+ {
+ return "$path/$name";
+ }
+ }
+ }
+
+1;
Deleted: vendor-crypto/openssl/1.0.1u/util/ssleay.num
===================================================================
--- vendor-crypto/openssl/dist/util/ssleay.num 2018-07-08 16:09:31 UTC (rev 11604)
+++ vendor-crypto/openssl/1.0.1u/util/ssleay.num 2018-07-08 16:17:13 UTC (rev 11606)
@@ -1,323 +0,0 @@
-ERR_load_SSL_strings 1 EXIST::FUNCTION:
-SSL_CIPHER_description 2 EXIST::FUNCTION:
-SSL_CTX_add_client_CA 3 EXIST::FUNCTION:
-SSL_CTX_add_session 4 EXIST::FUNCTION:
-SSL_CTX_check_private_key 5 EXIST::FUNCTION:
-SSL_CTX_ctrl 6 EXIST::FUNCTION:
-SSL_CTX_flush_sessions 7 EXIST::FUNCTION:
-SSL_CTX_free 8 EXIST::FUNCTION:
-SSL_CTX_get_client_CA_list 9 EXIST::FUNCTION:
-SSL_CTX_get_verify_callback 10 EXIST::FUNCTION:
-SSL_CTX_get_verify_mode 11 EXIST::FUNCTION:
-SSL_CTX_new 12 EXIST::FUNCTION:
-SSL_CTX_remove_session 13 EXIST::FUNCTION:
-SSL_CTX_set_cipher_list 15 EXIST::FUNCTION:
-SSL_CTX_set_client_CA_list 16 EXIST::FUNCTION:
-SSL_CTX_set_default_passwd_cb 17 EXIST::FUNCTION:
-SSL_CTX_set_ssl_version 19 EXIST::FUNCTION:
-SSL_CTX_set_verify 21 EXIST::FUNCTION:
-SSL_CTX_use_PrivateKey 22 EXIST::FUNCTION:
-SSL_CTX_use_PrivateKey_ASN1 23 EXIST::FUNCTION:
-SSL_CTX_use_PrivateKey_file 24 EXIST::FUNCTION:STDIO
-SSL_CTX_use_RSAPrivateKey 25 EXIST::FUNCTION:RSA
-SSL_CTX_use_RSAPrivateKey_ASN1 26 EXIST::FUNCTION:RSA
-SSL_CTX_use_RSAPrivateKey_file 27 EXIST::FUNCTION:RSA,STDIO
-SSL_CTX_use_certificate 28 EXIST::FUNCTION:
-SSL_CTX_use_certificate_ASN1 29 EXIST::FUNCTION:
-SSL_CTX_use_certificate_file 30 EXIST::FUNCTION:STDIO
-SSL_SESSION_free 31 EXIST::FUNCTION:
-SSL_SESSION_new 32 EXIST::FUNCTION:
-SSL_SESSION_print 33 EXIST::FUNCTION:BIO
-SSL_SESSION_print_fp 34 EXIST::FUNCTION:FP_API
-SSL_accept 35 EXIST::FUNCTION:
-SSL_add_client_CA 36 EXIST::FUNCTION:
-SSL_alert_desc_string 37 EXIST::FUNCTION:
-SSL_alert_desc_string_long 38 EXIST::FUNCTION:
-SSL_alert_type_string 39 EXIST::FUNCTION:
-SSL_alert_type_string_long 40 EXIST::FUNCTION:
-SSL_check_private_key 41 EXIST::FUNCTION:
-SSL_clear 42 EXIST::FUNCTION:
-SSL_connect 43 EXIST::FUNCTION:
-SSL_copy_session_id 44 EXIST::FUNCTION:
-SSL_ctrl 45 EXIST::FUNCTION:
-SSL_dup 46 EXIST::FUNCTION:
-SSL_dup_CA_list 47 EXIST::FUNCTION:
-SSL_free 48 EXIST::FUNCTION:
-SSL_get_certificate 49 EXIST::FUNCTION:
-SSL_get_cipher_list 52 EXIST::FUNCTION:
-SSL_get_ciphers 55 EXIST::FUNCTION:
-SSL_get_client_CA_list 56 EXIST::FUNCTION:
-SSL_get_default_timeout 57 EXIST::FUNCTION:
-SSL_get_error 58 EXIST::FUNCTION:
-SSL_get_fd 59 EXIST::FUNCTION:
-SSL_get_peer_cert_chain 60 EXIST::FUNCTION:
-SSL_get_peer_certificate 61 EXIST::FUNCTION:
-SSL_get_rbio 63 EXIST::FUNCTION:BIO
-SSL_get_read_ahead 64 EXIST::FUNCTION:
-SSL_get_shared_ciphers 65 EXIST::FUNCTION:
-SSL_get_ssl_method 66 EXIST::FUNCTION:
-SSL_get_verify_callback 69 EXIST::FUNCTION:
-SSL_get_verify_mode 70 EXIST::FUNCTION:
-SSL_get_version 71 EXIST::FUNCTION:
-SSL_get_wbio 72 EXIST::FUNCTION:BIO
-SSL_load_client_CA_file 73 EXIST::FUNCTION:STDIO
-SSL_load_error_strings 74 EXIST::FUNCTION:
-SSL_new 75 EXIST::FUNCTION:
-SSL_peek 76 EXIST::FUNCTION:
-SSL_pending 77 EXIST::FUNCTION:
-SSL_read 78 EXIST::FUNCTION:
-SSL_renegotiate 79 EXIST::FUNCTION:
-SSL_rstate_string 80 EXIST::FUNCTION:
-SSL_rstate_string_long 81 EXIST::FUNCTION:
-SSL_set_accept_state 82 EXIST::FUNCTION:
-SSL_set_bio 83 EXIST::FUNCTION:BIO
-SSL_set_cipher_list 84 EXIST::FUNCTION:
-SSL_set_client_CA_list 85 EXIST::FUNCTION:
-SSL_set_connect_state 86 EXIST::FUNCTION:
-SSL_set_fd 87 EXIST::FUNCTION:SOCK
-SSL_set_read_ahead 88 EXIST::FUNCTION:
-SSL_set_rfd 89 EXIST::FUNCTION:SOCK
-SSL_set_session 90 EXIST::FUNCTION:
-SSL_set_ssl_method 91 EXIST::FUNCTION:
-SSL_set_verify 94 EXIST::FUNCTION:
-SSL_set_wfd 95 EXIST::FUNCTION:SOCK
-SSL_shutdown 96 EXIST::FUNCTION:
-SSL_state_string 97 EXIST::FUNCTION:
-SSL_state_string_long 98 EXIST::FUNCTION:
-SSL_use_PrivateKey 99 EXIST::FUNCTION:
-SSL_use_PrivateKey_ASN1 100 EXIST::FUNCTION:
-SSL_use_PrivateKey_file 101 EXIST::FUNCTION:STDIO
-SSL_use_RSAPrivateKey 102 EXIST::FUNCTION:RSA
-SSL_use_RSAPrivateKey_ASN1 103 EXIST::FUNCTION:RSA
-SSL_use_RSAPrivateKey_file 104 EXIST::FUNCTION:RSA,STDIO
-SSL_use_certificate 105 EXIST::FUNCTION:
-SSL_use_certificate_ASN1 106 EXIST::FUNCTION:
-SSL_use_certificate_file 107 EXIST::FUNCTION:STDIO
-SSL_write 108 EXIST::FUNCTION:
-SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION:
-SSLv23_client_method 110 EXIST::FUNCTION:RSA
-SSLv23_method 111 EXIST::FUNCTION:RSA
-SSLv23_server_method 112 EXIST::FUNCTION:RSA
-SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2
-SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2
-SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2
-SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD
-SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD
-SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD
-d2i_SSL_SESSION 119 EXIST::FUNCTION:
-i2d_SSL_SESSION 120 EXIST::FUNCTION:
-BIO_f_ssl 121 EXIST::FUNCTION:BIO
-BIO_new_ssl 122 EXIST::FUNCTION:BIO
-BIO_proxy_ssl_copy_session_id 123 NOEXIST::FUNCTION:
-BIO_ssl_copy_session_id 124 EXIST::FUNCTION:BIO
-SSL_do_handshake 125 EXIST::FUNCTION:
-SSL_get_privatekey 126 EXIST::FUNCTION:
-SSL_get_current_cipher 127 EXIST::FUNCTION:
-SSL_CIPHER_get_bits 128 EXIST::FUNCTION:
-SSL_CIPHER_get_version 129 EXIST::FUNCTION:
-SSL_CIPHER_get_name 130 EXIST::FUNCTION:
-BIO_ssl_shutdown 131 EXIST::FUNCTION:BIO
-SSL_SESSION_cmp 132 NOEXIST::FUNCTION:
-SSL_SESSION_hash 133 NOEXIST::FUNCTION:
-SSL_SESSION_get_time 134 EXIST::FUNCTION:
-SSL_SESSION_set_time 135 EXIST::FUNCTION:
-SSL_SESSION_get_timeout 136 EXIST::FUNCTION:
-SSL_SESSION_set_timeout 137 EXIST::FUNCTION:
-SSL_CTX_get_ex_data 138 EXIST::FUNCTION:
-SSL_CTX_get_quiet_shutdown 140 EXIST::FUNCTION:
-SSL_CTX_load_verify_locations 141 EXIST::FUNCTION:
-SSL_CTX_set_default_verify_paths 142 EXIST:!VMS:FUNCTION:
-SSL_CTX_set_def_verify_paths 142 EXIST:VMS:FUNCTION:
-SSL_CTX_set_ex_data 143 EXIST::FUNCTION:
-SSL_CTX_set_quiet_shutdown 145 EXIST::FUNCTION:
-SSL_SESSION_get_ex_data 146 EXIST::FUNCTION:
-SSL_SESSION_set_ex_data 148 EXIST::FUNCTION:
-SSL_get_SSL_CTX 150 EXIST::FUNCTION:
-SSL_get_ex_data 151 EXIST::FUNCTION:
-SSL_get_quiet_shutdown 153 EXIST::FUNCTION:
-SSL_get_session 154 EXIST::FUNCTION:
-SSL_get_shutdown 155 EXIST::FUNCTION:
-SSL_get_verify_result 157 EXIST::FUNCTION:
-SSL_set_ex_data 158 EXIST::FUNCTION:
-SSL_set_info_callback 160 EXIST::FUNCTION:
-SSL_set_quiet_shutdown 161 EXIST::FUNCTION:
-SSL_set_shutdown 162 EXIST::FUNCTION:
-SSL_set_verify_result 163 EXIST::FUNCTION:
-SSL_version 164 EXIST::FUNCTION:
-SSL_get_info_callback 165 EXIST::FUNCTION:
-SSL_state 166 EXIST::FUNCTION:
-SSL_CTX_get_ex_new_index 167 EXIST::FUNCTION:
-SSL_SESSION_get_ex_new_index 168 EXIST::FUNCTION:
-SSL_get_ex_new_index 169 EXIST::FUNCTION:
-TLSv1_method 170 EXIST::FUNCTION:
-TLSv1_server_method 171 EXIST::FUNCTION:
-TLSv1_client_method 172 EXIST::FUNCTION:
-BIO_new_buffer_ssl_connect 173 EXIST::FUNCTION:BIO
-BIO_new_ssl_connect 174 EXIST::FUNCTION:BIO
-SSL_get_ex_data_X509_STORE_CTX_idx 175 EXIST:!VMS:FUNCTION:
-SSL_get_ex_d_X509_STORE_CTX_idx 175 EXIST:VMS:FUNCTION:
-SSL_CTX_set_tmp_dh_callback 176 EXIST::FUNCTION:DH
-SSL_CTX_set_tmp_rsa_callback 177 EXIST::FUNCTION:RSA
-SSL_CTX_set_timeout 178 EXIST::FUNCTION:
-SSL_CTX_get_timeout 179 EXIST::FUNCTION:
-SSL_CTX_get_cert_store 180 EXIST::FUNCTION:
-SSL_CTX_set_cert_store 181 EXIST::FUNCTION:
-SSL_want 182 EXIST::FUNCTION:
-SSL_library_init 183 EXIST::FUNCTION:
-SSL_COMP_add_compression_method 184 EXIST::FUNCTION:COMP
-SSL_add_file_cert_subjects_to_stack 185 EXIST:!VMS:FUNCTION:STDIO
-SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO
-SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA
-SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH
-SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO
-SSL_add_dir_cert_subjs_to_stk 188 EXIST:VMS:FUNCTION:STDIO
-SSL_set_session_id_context 189 EXIST::FUNCTION:
-SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO
-SSL_CTX_use_cert_chain_file 222 EXIST:VMS:FUNCTION:STDIO
-SSL_CTX_set_verify_depth 225 EXIST::FUNCTION:
-SSL_set_verify_depth 226 EXIST::FUNCTION:
-SSL_CTX_get_verify_depth 228 EXIST::FUNCTION:
-SSL_get_verify_depth 229 EXIST::FUNCTION:
-SSL_CTX_set_session_id_context 231 EXIST::FUNCTION:
-SSL_CTX_set_cert_verify_callback 232 EXIST:!VMS:FUNCTION:
-SSL_CTX_set_cert_verify_cb 232 EXIST:VMS:FUNCTION:
-SSL_test_functions 233 EXIST::FUNCTION:UNIT_TEST
-SSL_CTX_set_default_passwd_cb_userdata 235 EXIST:!VMS:FUNCTION:
-SSL_CTX_set_def_passwd_cb_ud 235 EXIST:VMS:FUNCTION:
-SSL_set_purpose 236 EXIST::FUNCTION:
-SSL_CTX_set_trust 237 EXIST::FUNCTION:
-SSL_CTX_set_purpose 238 EXIST::FUNCTION:
-SSL_set_trust 239 EXIST::FUNCTION:
-SSL_get_finished 240 EXIST::FUNCTION:
-SSL_get_peer_finished 241 EXIST::FUNCTION:
-SSL_get1_session 242 EXIST::FUNCTION:
-SSL_CTX_callback_ctrl 243 EXIST::FUNCTION:
-SSL_callback_ctrl 244 EXIST::FUNCTION:
-SSL_CTX_sessions 245 EXIST::FUNCTION:
-SSL_get_rfd 246 EXIST::FUNCTION:
-SSL_get_wfd 247 EXIST::FUNCTION:
-kssl_cget_tkt 248 EXIST::FUNCTION:KRB5
-SSL_has_matching_session_id 249 EXIST::FUNCTION:
-kssl_err_set 250 EXIST::FUNCTION:KRB5
-kssl_ctx_show 251 EXIST::FUNCTION:KRB5
-kssl_validate_times 252 EXIST::FUNCTION:KRB5
-kssl_check_authent 253 EXIST::FUNCTION:KRB5
-kssl_ctx_new 254 EXIST::FUNCTION:KRB5
-kssl_build_principal_2 255 EXIST::FUNCTION:KRB5
-kssl_skip_confound 256 EXIST::FUNCTION:KRB5
-kssl_sget_tkt 257 EXIST::FUNCTION:KRB5
-SSL_set_generate_session_id 258 EXIST::FUNCTION:
-kssl_ctx_setkey 259 EXIST::FUNCTION:KRB5
-kssl_ctx_setprinc 260 EXIST::FUNCTION:KRB5
-kssl_ctx_free 261 EXIST::FUNCTION:KRB5
-kssl_krb5_free_data_contents 262 EXIST::FUNCTION:KRB5
-kssl_ctx_setstring 263 EXIST::FUNCTION:KRB5
-SSL_CTX_set_generate_session_id 264 EXIST::FUNCTION:
-SSL_renegotiate_pending 265 EXIST::FUNCTION:
-SSL_CTX_set_msg_callback 266 EXIST::FUNCTION:
-SSL_set_msg_callback 267 EXIST::FUNCTION:
-DTLSv1_client_method 268 EXIST::FUNCTION:
-SSL_CTX_set_tmp_ecdh_callback 269 EXIST::FUNCTION:ECDH
-SSL_set_tmp_ecdh_callback 270 EXIST::FUNCTION:ECDH
-SSL_COMP_get_name 271 EXIST::FUNCTION:COMP
-SSL_get_current_compression 272 EXIST::FUNCTION:COMP
-DTLSv1_method 273 EXIST::FUNCTION:
-SSL_get_current_expansion 274 EXIST::FUNCTION:COMP
-DTLSv1_server_method 275 EXIST::FUNCTION:
-SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP
-SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP
-SSL_SESSION_get_id 277 EXIST::FUNCTION:
-SSL_CTX_sess_set_new_cb 278 EXIST::FUNCTION:
-SSL_CTX_sess_get_get_cb 279 EXIST::FUNCTION:
-SSL_CTX_sess_set_get_cb 280 EXIST::FUNCTION:
-SSL_CTX_set_cookie_verify_cb 281 EXIST::FUNCTION:
-SSL_CTX_get_info_callback 282 EXIST::FUNCTION:
-SSL_CTX_set_cookie_generate_cb 283 EXIST::FUNCTION:
-SSL_CTX_set_client_cert_cb 284 EXIST::FUNCTION:
-SSL_CTX_sess_set_remove_cb 285 EXIST::FUNCTION:
-SSL_CTX_set_info_callback 286 EXIST::FUNCTION:
-SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION:
-SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION:
-SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION:
-SSL_set_SSL_CTX 290 EXIST::FUNCTION:
-SSL_get_servername 291 EXIST::FUNCTION:TLSEXT
-SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT
-SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE
-SSL_CTX_use_psk_identity_hint 294 EXIST::FUNCTION:PSK
-SSL_CTX_set_psk_client_callback 295 EXIST::FUNCTION:PSK
-PEM_write_bio_SSL_SESSION 296 EXIST::FUNCTION:
-SSL_get_psk_identity_hint 297 EXIST::FUNCTION:PSK
-SSL_set_psk_server_callback 298 EXIST::FUNCTION:PSK
-SSL_use_psk_identity_hint 299 EXIST::FUNCTION:PSK
-SSL_set_psk_client_callback 300 EXIST::FUNCTION:PSK
-PEM_read_SSL_SESSION 301 EXIST:!WIN16:FUNCTION:
-PEM_read_bio_SSL_SESSION 302 EXIST::FUNCTION:
-SSL_CTX_set_psk_server_callback 303 EXIST::FUNCTION:PSK
-SSL_get_psk_identity 304 EXIST::FUNCTION:PSK
-PEM_write_SSL_SESSION 305 EXIST:!WIN16:FUNCTION:
-SSL_set_session_ticket_ext 306 EXIST::FUNCTION:
-SSL_set_session_secret_cb 307 EXIST::FUNCTION:
-SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION:
-SSL_set1_param 309 EXIST::FUNCTION:
-SSL_CTX_set1_param 310 EXIST::FUNCTION:
-SSL_tls1_key_exporter 311 NOEXIST::FUNCTION:
-SSL_renegotiate_abbreviated 312 EXIST::FUNCTION:
-TLSv1_1_method 313 EXIST::FUNCTION:
-TLSv1_1_client_method 314 EXIST::FUNCTION:
-TLSv1_1_server_method 315 EXIST::FUNCTION:
-SSL_CTX_set_srp_client_pwd_callback 316 EXIST:!VMS:FUNCTION:SRP
-SSL_CTX_set_srp_client_pwd_cb 316 EXIST:VMS:FUNCTION:SRP
-SSL_get_srp_g 317 EXIST::FUNCTION:SRP
-SSL_CTX_set_srp_username_callback 318 EXIST:!VMS:FUNCTION:SRP
-SSL_CTX_set_srp_un_cb 318 EXIST:VMS:FUNCTION:SRP
-SSL_get_srp_userinfo 319 EXIST::FUNCTION:SRP
-SSL_set_srp_server_param 320 EXIST::FUNCTION:SRP
-SSL_set_srp_server_param_pw 321 EXIST::FUNCTION:SRP
-SSL_get_srp_N 322 EXIST::FUNCTION:SRP
-SSL_get_srp_username 323 EXIST::FUNCTION:SRP
-SSL_CTX_set_srp_password 324 EXIST::FUNCTION:SRP
-SSL_CTX_set_srp_strength 325 EXIST::FUNCTION:SRP
-SSL_CTX_set_srp_verify_param_callback 326 EXIST:!VMS:FUNCTION:SRP
-SSL_CTX_set_srp_vfy_param_cb 326 EXIST:VMS:FUNCTION:SRP
-SSL_CTX_set_srp_miss_srp_un_cb 327 NOEXIST::FUNCTION:
-SSL_CTX_set_srp_missing_srp_username_callback 327 NOEXIST::FUNCTION:
-SSL_CTX_set_srp_cb_arg 328 EXIST::FUNCTION:SRP
-SSL_CTX_set_srp_username 329 EXIST::FUNCTION:SRP
-SSL_CTX_SRP_CTX_init 330 EXIST::FUNCTION:SRP
-SSL_SRP_CTX_init 331 EXIST::FUNCTION:SRP
-SRP_Calc_A_param 332 EXIST::FUNCTION:SRP
-SRP_generate_server_master_secret 333 EXIST:!VMS:FUNCTION:SRP
-SRP_gen_server_master_secret 333 EXIST:VMS:FUNCTION:SRP
-SSL_CTX_SRP_CTX_free 334 EXIST::FUNCTION:SRP
-SRP_generate_client_master_secret 335 EXIST:!VMS:FUNCTION:SRP
-SRP_gen_client_master_secret 335 EXIST:VMS:FUNCTION:SRP
-SSL_srp_server_param_with_username 336 EXIST:!VMS:FUNCTION:SRP
-SSL_srp_server_param_with_un 336 EXIST:VMS:FUNCTION:SRP
-SRP_have_to_put_srp_username 337 NOEXIST::FUNCTION:
-SSL_SRP_CTX_free 338 EXIST::FUNCTION:SRP
-SSL_set_debug 339 EXIST::FUNCTION:
-SSL_SESSION_get0_peer 340 EXIST::FUNCTION:
-TLSv1_2_client_method 341 EXIST::FUNCTION:
-SSL_SESSION_set1_id_context 342 EXIST::FUNCTION:
-TLSv1_2_server_method 343 EXIST::FUNCTION:
-SSL_cache_hit 344 EXIST::FUNCTION:
-SSL_get0_kssl_ctx 345 EXIST::FUNCTION:KRB5
-SSL_set0_kssl_ctx 346 EXIST::FUNCTION:KRB5
-SSL_SESSION_get0_id 347 NOEXIST::FUNCTION:
-SSL_set_state 348 EXIST::FUNCTION:
-SSL_CIPHER_get_id 349 EXIST::FUNCTION:
-TLSv1_2_method 350 EXIST::FUNCTION:
-SSL_SESSION_get_id_len 351 NOEXIST::FUNCTION:
-kssl_ctx_get0_client_princ 352 EXIST::FUNCTION:KRB5
-SSL_export_keying_material 353 EXIST::FUNCTION:TLSEXT
-SSL_set_tlsext_use_srtp 354 EXIST::FUNCTION:SRTP
-SSL_CTX_set_next_protos_advertised_cb 355 EXIST:!VMS:FUNCTION:NEXTPROTONEG
-SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
-SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
-SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:SRTP
-SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:SRTP
-SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG
-SSL_get_srtp_profiles 360 EXIST::FUNCTION:SRTP
-SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
-SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG
-SSL_SESSION_get_compress_id 362 EXIST::FUNCTION:
Copied: vendor-crypto/openssl/1.0.1u/util/ssleay.num (from rev 11605, vendor-crypto/openssl/dist/util/ssleay.num)
===================================================================
--- vendor-crypto/openssl/1.0.1u/util/ssleay.num (rev 0)
+++ vendor-crypto/openssl/1.0.1u/util/ssleay.num 2018-07-08 16:17:13 UTC (rev 11606)
@@ -0,0 +1,323 @@
+ERR_load_SSL_strings 1 EXIST::FUNCTION:
+SSL_CIPHER_description 2 EXIST::FUNCTION:
+SSL_CTX_add_client_CA 3 EXIST::FUNCTION:
+SSL_CTX_add_session 4 EXIST::FUNCTION:
+SSL_CTX_check_private_key 5 EXIST::FUNCTION:
+SSL_CTX_ctrl 6 EXIST::FUNCTION:
+SSL_CTX_flush_sessions 7 EXIST::FUNCTION:
+SSL_CTX_free 8 EXIST::FUNCTION:
+SSL_CTX_get_client_CA_list 9 EXIST::FUNCTION:
+SSL_CTX_get_verify_callback 10 EXIST::FUNCTION:
+SSL_CTX_get_verify_mode 11 EXIST::FUNCTION:
+SSL_CTX_new 12 EXIST::FUNCTION:
+SSL_CTX_remove_session 13 EXIST::FUNCTION:
+SSL_CTX_set_cipher_list 15 EXIST::FUNCTION:
+SSL_CTX_set_client_CA_list 16 EXIST::FUNCTION:
+SSL_CTX_set_default_passwd_cb 17 EXIST::FUNCTION:
+SSL_CTX_set_ssl_version 19 EXIST::FUNCTION:
+SSL_CTX_set_verify 21 EXIST::FUNCTION:
+SSL_CTX_use_PrivateKey 22 EXIST::FUNCTION:
+SSL_CTX_use_PrivateKey_ASN1 23 EXIST::FUNCTION:
+SSL_CTX_use_PrivateKey_file 24 EXIST::FUNCTION:STDIO
+SSL_CTX_use_RSAPrivateKey 25 EXIST::FUNCTION:RSA
+SSL_CTX_use_RSAPrivateKey_ASN1 26 EXIST::FUNCTION:RSA
+SSL_CTX_use_RSAPrivateKey_file 27 EXIST::FUNCTION:RSA,STDIO
+SSL_CTX_use_certificate 28 EXIST::FUNCTION:
+SSL_CTX_use_certificate_ASN1 29 EXIST::FUNCTION:
+SSL_CTX_use_certificate_file 30 EXIST::FUNCTION:STDIO
+SSL_SESSION_free 31 EXIST::FUNCTION:
+SSL_SESSION_new 32 EXIST::FUNCTION:
+SSL_SESSION_print 33 EXIST::FUNCTION:BIO
+SSL_SESSION_print_fp 34 EXIST::FUNCTION:FP_API
+SSL_accept 35 EXIST::FUNCTION:
+SSL_add_client_CA 36 EXIST::FUNCTION:
+SSL_alert_desc_string 37 EXIST::FUNCTION:
+SSL_alert_desc_string_long 38 EXIST::FUNCTION:
+SSL_alert_type_string 39 EXIST::FUNCTION:
+SSL_alert_type_string_long 40 EXIST::FUNCTION:
+SSL_check_private_key 41 EXIST::FUNCTION:
+SSL_clear 42 EXIST::FUNCTION:
+SSL_connect 43 EXIST::FUNCTION:
+SSL_copy_session_id 44 EXIST::FUNCTION:
+SSL_ctrl 45 EXIST::FUNCTION:
+SSL_dup 46 EXIST::FUNCTION:
+SSL_dup_CA_list 47 EXIST::FUNCTION:
+SSL_free 48 EXIST::FUNCTION:
+SSL_get_certificate 49 EXIST::FUNCTION:
+SSL_get_cipher_list 52 EXIST::FUNCTION:
+SSL_get_ciphers 55 EXIST::FUNCTION:
+SSL_get_client_CA_list 56 EXIST::FUNCTION:
+SSL_get_default_timeout 57 EXIST::FUNCTION:
+SSL_get_error 58 EXIST::FUNCTION:
+SSL_get_fd 59 EXIST::FUNCTION:
+SSL_get_peer_cert_chain 60 EXIST::FUNCTION:
+SSL_get_peer_certificate 61 EXIST::FUNCTION:
+SSL_get_rbio 63 EXIST::FUNCTION:BIO
+SSL_get_read_ahead 64 EXIST::FUNCTION:
+SSL_get_shared_ciphers 65 EXIST::FUNCTION:
+SSL_get_ssl_method 66 EXIST::FUNCTION:
+SSL_get_verify_callback 69 EXIST::FUNCTION:
+SSL_get_verify_mode 70 EXIST::FUNCTION:
+SSL_get_version 71 EXIST::FUNCTION:
+SSL_get_wbio 72 EXIST::FUNCTION:BIO
+SSL_load_client_CA_file 73 EXIST::FUNCTION:STDIO
+SSL_load_error_strings 74 EXIST::FUNCTION:
+SSL_new 75 EXIST::FUNCTION:
+SSL_peek 76 EXIST::FUNCTION:
+SSL_pending 77 EXIST::FUNCTION:
+SSL_read 78 EXIST::FUNCTION:
+SSL_renegotiate 79 EXIST::FUNCTION:
+SSL_rstate_string 80 EXIST::FUNCTION:
+SSL_rstate_string_long 81 EXIST::FUNCTION:
+SSL_set_accept_state 82 EXIST::FUNCTION:
+SSL_set_bio 83 EXIST::FUNCTION:BIO
+SSL_set_cipher_list 84 EXIST::FUNCTION:
+SSL_set_client_CA_list 85 EXIST::FUNCTION:
+SSL_set_connect_state 86 EXIST::FUNCTION:
+SSL_set_fd 87 EXIST::FUNCTION:SOCK
+SSL_set_read_ahead 88 EXIST::FUNCTION:
+SSL_set_rfd 89 EXIST::FUNCTION:SOCK
+SSL_set_session 90 EXIST::FUNCTION:
+SSL_set_ssl_method 91 EXIST::FUNCTION:
+SSL_set_verify 94 EXIST::FUNCTION:
+SSL_set_wfd 95 EXIST::FUNCTION:SOCK
+SSL_shutdown 96 EXIST::FUNCTION:
+SSL_state_string 97 EXIST::FUNCTION:
+SSL_state_string_long 98 EXIST::FUNCTION:
+SSL_use_PrivateKey 99 EXIST::FUNCTION:
+SSL_use_PrivateKey_ASN1 100 EXIST::FUNCTION:
+SSL_use_PrivateKey_file 101 EXIST::FUNCTION:STDIO
+SSL_use_RSAPrivateKey 102 EXIST::FUNCTION:RSA
+SSL_use_RSAPrivateKey_ASN1 103 EXIST::FUNCTION:RSA
+SSL_use_RSAPrivateKey_file 104 EXIST::FUNCTION:RSA,STDIO
+SSL_use_certificate 105 EXIST::FUNCTION:
+SSL_use_certificate_ASN1 106 EXIST::FUNCTION:
+SSL_use_certificate_file 107 EXIST::FUNCTION:STDIO
+SSL_write 108 EXIST::FUNCTION:
+SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION:
+SSLv23_client_method 110 EXIST::FUNCTION:RSA
+SSLv23_method 111 EXIST::FUNCTION:RSA
+SSLv23_server_method 112 EXIST::FUNCTION:RSA
+SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2_METHOD
+SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2_METHOD
+SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2_METHOD
+SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD
+SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD
+SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD
+d2i_SSL_SESSION 119 EXIST::FUNCTION:
+i2d_SSL_SESSION 120 EXIST::FUNCTION:
+BIO_f_ssl 121 EXIST::FUNCTION:BIO
+BIO_new_ssl 122 EXIST::FUNCTION:BIO
+BIO_proxy_ssl_copy_session_id 123 NOEXIST::FUNCTION:
+BIO_ssl_copy_session_id 124 EXIST::FUNCTION:BIO
+SSL_do_handshake 125 EXIST::FUNCTION:
+SSL_get_privatekey 126 EXIST::FUNCTION:
+SSL_get_current_cipher 127 EXIST::FUNCTION:
+SSL_CIPHER_get_bits 128 EXIST::FUNCTION:
+SSL_CIPHER_get_version 129 EXIST::FUNCTION:
+SSL_CIPHER_get_name 130 EXIST::FUNCTION:
+BIO_ssl_shutdown 131 EXIST::FUNCTION:BIO
+SSL_SESSION_cmp 132 NOEXIST::FUNCTION:
+SSL_SESSION_hash 133 NOEXIST::FUNCTION:
+SSL_SESSION_get_time 134 EXIST::FUNCTION:
+SSL_SESSION_set_time 135 EXIST::FUNCTION:
+SSL_SESSION_get_timeout 136 EXIST::FUNCTION:
+SSL_SESSION_set_timeout 137 EXIST::FUNCTION:
+SSL_CTX_get_ex_data 138 EXIST::FUNCTION:
+SSL_CTX_get_quiet_shutdown 140 EXIST::FUNCTION:
+SSL_CTX_load_verify_locations 141 EXIST::FUNCTION:
+SSL_CTX_set_default_verify_paths 142 EXIST:!VMS:FUNCTION:
+SSL_CTX_set_def_verify_paths 142 EXIST:VMS:FUNCTION:
+SSL_CTX_set_ex_data 143 EXIST::FUNCTION:
+SSL_CTX_set_quiet_shutdown 145 EXIST::FUNCTION:
+SSL_SESSION_get_ex_data 146 EXIST::FUNCTION:
+SSL_SESSION_set_ex_data 148 EXIST::FUNCTION:
+SSL_get_SSL_CTX 150 EXIST::FUNCTION:
+SSL_get_ex_data 151 EXIST::FUNCTION:
+SSL_get_quiet_shutdown 153 EXIST::FUNCTION:
+SSL_get_session 154 EXIST::FUNCTION:
+SSL_get_shutdown 155 EXIST::FUNCTION:
+SSL_get_verify_result 157 EXIST::FUNCTION:
+SSL_set_ex_data 158 EXIST::FUNCTION:
+SSL_set_info_callback 160 EXIST::FUNCTION:
+SSL_set_quiet_shutdown 161 EXIST::FUNCTION:
+SSL_set_shutdown 162 EXIST::FUNCTION:
+SSL_set_verify_result 163 EXIST::FUNCTION:
+SSL_version 164 EXIST::FUNCTION:
+SSL_get_info_callback 165 EXIST::FUNCTION:
+SSL_state 166 EXIST::FUNCTION:
+SSL_CTX_get_ex_new_index 167 EXIST::FUNCTION:
+SSL_SESSION_get_ex_new_index 168 EXIST::FUNCTION:
+SSL_get_ex_new_index 169 EXIST::FUNCTION:
+TLSv1_method 170 EXIST::FUNCTION:
+TLSv1_server_method 171 EXIST::FUNCTION:
+TLSv1_client_method 172 EXIST::FUNCTION:
+BIO_new_buffer_ssl_connect 173 EXIST::FUNCTION:BIO
+BIO_new_ssl_connect 174 EXIST::FUNCTION:BIO
+SSL_get_ex_data_X509_STORE_CTX_idx 175 EXIST:!VMS:FUNCTION:
+SSL_get_ex_d_X509_STORE_CTX_idx 175 EXIST:VMS:FUNCTION:
+SSL_CTX_set_tmp_dh_callback 176 EXIST::FUNCTION:DH
+SSL_CTX_set_tmp_rsa_callback 177 EXIST::FUNCTION:RSA
+SSL_CTX_set_timeout 178 EXIST::FUNCTION:
+SSL_CTX_get_timeout 179 EXIST::FUNCTION:
+SSL_CTX_get_cert_store 180 EXIST::FUNCTION:
+SSL_CTX_set_cert_store 181 EXIST::FUNCTION:
+SSL_want 182 EXIST::FUNCTION:
+SSL_library_init 183 EXIST::FUNCTION:
+SSL_COMP_add_compression_method 184 EXIST::FUNCTION:COMP
+SSL_add_file_cert_subjects_to_stack 185 EXIST:!VMS:FUNCTION:STDIO
+SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO
+SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA
+SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH
+SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO
+SSL_add_dir_cert_subjs_to_stk 188 EXIST:VMS:FUNCTION:STDIO
+SSL_set_session_id_context 189 EXIST::FUNCTION:
+SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO
+SSL_CTX_use_cert_chain_file 222 EXIST:VMS:FUNCTION:STDIO
+SSL_CTX_set_verify_depth 225 EXIST::FUNCTION:
+SSL_set_verify_depth 226 EXIST::FUNCTION:
+SSL_CTX_get_verify_depth 228 EXIST::FUNCTION:
+SSL_get_verify_depth 229 EXIST::FUNCTION:
+SSL_CTX_set_session_id_context 231 EXIST::FUNCTION:
+SSL_CTX_set_cert_verify_callback 232 EXIST:!VMS:FUNCTION:
+SSL_CTX_set_cert_verify_cb 232 EXIST:VMS:FUNCTION:
+SSL_test_functions 233 EXIST::FUNCTION:UNIT_TEST
+SSL_CTX_set_default_passwd_cb_userdata 235 EXIST:!VMS:FUNCTION:
+SSL_CTX_set_def_passwd_cb_ud 235 EXIST:VMS:FUNCTION:
+SSL_set_purpose 236 EXIST::FUNCTION:
+SSL_CTX_set_trust 237 EXIST::FUNCTION:
+SSL_CTX_set_purpose 238 EXIST::FUNCTION:
+SSL_set_trust 239 EXIST::FUNCTION:
+SSL_get_finished 240 EXIST::FUNCTION:
+SSL_get_peer_finished 241 EXIST::FUNCTION:
+SSL_get1_session 242 EXIST::FUNCTION:
+SSL_CTX_callback_ctrl 243 EXIST::FUNCTION:
+SSL_callback_ctrl 244 EXIST::FUNCTION:
+SSL_CTX_sessions 245 EXIST::FUNCTION:
+SSL_get_rfd 246 EXIST::FUNCTION:
+SSL_get_wfd 247 EXIST::FUNCTION:
+kssl_cget_tkt 248 EXIST::FUNCTION:KRB5
+SSL_has_matching_session_id 249 EXIST::FUNCTION:
+kssl_err_set 250 EXIST::FUNCTION:KRB5
+kssl_ctx_show 251 EXIST::FUNCTION:KRB5
+kssl_validate_times 252 EXIST::FUNCTION:KRB5
+kssl_check_authent 253 EXIST::FUNCTION:KRB5
+kssl_ctx_new 254 EXIST::FUNCTION:KRB5
+kssl_build_principal_2 255 EXIST::FUNCTION:KRB5
+kssl_skip_confound 256 EXIST::FUNCTION:KRB5
+kssl_sget_tkt 257 EXIST::FUNCTION:KRB5
+SSL_set_generate_session_id 258 EXIST::FUNCTION:
+kssl_ctx_setkey 259 EXIST::FUNCTION:KRB5
+kssl_ctx_setprinc 260 EXIST::FUNCTION:KRB5
+kssl_ctx_free 261 EXIST::FUNCTION:KRB5
+kssl_krb5_free_data_contents 262 EXIST::FUNCTION:KRB5
+kssl_ctx_setstring 263 EXIST::FUNCTION:KRB5
+SSL_CTX_set_generate_session_id 264 EXIST::FUNCTION:
+SSL_renegotiate_pending 265 EXIST::FUNCTION:
+SSL_CTX_set_msg_callback 266 EXIST::FUNCTION:
+SSL_set_msg_callback 267 EXIST::FUNCTION:
+DTLSv1_client_method 268 EXIST::FUNCTION:
+SSL_CTX_set_tmp_ecdh_callback 269 EXIST::FUNCTION:ECDH
+SSL_set_tmp_ecdh_callback 270 EXIST::FUNCTION:ECDH
+SSL_COMP_get_name 271 EXIST::FUNCTION:COMP
+SSL_get_current_compression 272 EXIST::FUNCTION:COMP
+DTLSv1_method 273 EXIST::FUNCTION:
+SSL_get_current_expansion 274 EXIST::FUNCTION:COMP
+DTLSv1_server_method 275 EXIST::FUNCTION:
+SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP
+SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP
+SSL_SESSION_get_id 277 EXIST::FUNCTION:
+SSL_CTX_sess_set_new_cb 278 EXIST::FUNCTION:
+SSL_CTX_sess_get_get_cb 279 EXIST::FUNCTION:
+SSL_CTX_sess_set_get_cb 280 EXIST::FUNCTION:
+SSL_CTX_set_cookie_verify_cb 281 EXIST::FUNCTION:
+SSL_CTX_get_info_callback 282 EXIST::FUNCTION:
+SSL_CTX_set_cookie_generate_cb 283 EXIST::FUNCTION:
+SSL_CTX_set_client_cert_cb 284 EXIST::FUNCTION:
+SSL_CTX_sess_set_remove_cb 285 EXIST::FUNCTION:
+SSL_CTX_set_info_callback 286 EXIST::FUNCTION:
+SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION:
+SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION:
+SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION:
+SSL_set_SSL_CTX 290 EXIST::FUNCTION:
+SSL_get_servername 291 EXIST::FUNCTION:TLSEXT
+SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT
+SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE
+SSL_CTX_use_psk_identity_hint 294 EXIST::FUNCTION:PSK
+SSL_CTX_set_psk_client_callback 295 EXIST::FUNCTION:PSK
+PEM_write_bio_SSL_SESSION 296 EXIST::FUNCTION:
+SSL_get_psk_identity_hint 297 EXIST::FUNCTION:PSK
+SSL_set_psk_server_callback 298 EXIST::FUNCTION:PSK
+SSL_use_psk_identity_hint 299 EXIST::FUNCTION:PSK
+SSL_set_psk_client_callback 300 EXIST::FUNCTION:PSK
+PEM_read_SSL_SESSION 301 EXIST:!WIN16:FUNCTION:
+PEM_read_bio_SSL_SESSION 302 EXIST::FUNCTION:
+SSL_CTX_set_psk_server_callback 303 EXIST::FUNCTION:PSK
+SSL_get_psk_identity 304 EXIST::FUNCTION:PSK
+PEM_write_SSL_SESSION 305 EXIST:!WIN16:FUNCTION:
+SSL_set_session_ticket_ext 306 EXIST::FUNCTION:
+SSL_set_session_secret_cb 307 EXIST::FUNCTION:
+SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION:
+SSL_set1_param 309 EXIST::FUNCTION:
+SSL_CTX_set1_param 310 EXIST::FUNCTION:
+SSL_tls1_key_exporter 311 NOEXIST::FUNCTION:
+SSL_renegotiate_abbreviated 312 EXIST::FUNCTION:
+TLSv1_1_method 313 EXIST::FUNCTION:
+TLSv1_1_client_method 314 EXIST::FUNCTION:
+TLSv1_1_server_method 315 EXIST::FUNCTION:
+SSL_CTX_set_srp_client_pwd_callback 316 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_client_pwd_cb 316 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_g 317 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username_callback 318 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_un_cb 318 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_userinfo 319 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param 320 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param_pw 321 EXIST::FUNCTION:SRP
+SSL_get_srp_N 322 EXIST::FUNCTION:SRP
+SSL_get_srp_username 323 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_password 324 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_strength 325 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_verify_param_callback 326 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_vfy_param_cb 326 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_set_srp_miss_srp_un_cb 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_missing_srp_username_callback 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_cb_arg 328 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username 329 EXIST::FUNCTION:SRP
+SSL_CTX_SRP_CTX_init 330 EXIST::FUNCTION:SRP
+SSL_SRP_CTX_init 331 EXIST::FUNCTION:SRP
+SRP_Calc_A_param 332 EXIST::FUNCTION:SRP
+SRP_generate_server_master_secret 333 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_server_master_secret 333 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_SRP_CTX_free 334 EXIST::FUNCTION:SRP
+SRP_generate_client_master_secret 335 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_client_master_secret 335 EXIST:VMS:FUNCTION:SRP
+SSL_srp_server_param_with_username 336 EXIST:!VMS:FUNCTION:SRP
+SSL_srp_server_param_with_un 336 EXIST:VMS:FUNCTION:SRP
+SRP_have_to_put_srp_username 337 NOEXIST::FUNCTION:
+SSL_SRP_CTX_free 338 EXIST::FUNCTION:SRP
+SSL_set_debug 339 EXIST::FUNCTION:
+SSL_SESSION_get0_peer 340 EXIST::FUNCTION:
+TLSv1_2_client_method 341 EXIST::FUNCTION:
+SSL_SESSION_set1_id_context 342 EXIST::FUNCTION:
+TLSv1_2_server_method 343 EXIST::FUNCTION:
+SSL_cache_hit 344 EXIST::FUNCTION:
+SSL_get0_kssl_ctx 345 EXIST::FUNCTION:KRB5
+SSL_set0_kssl_ctx 346 EXIST::FUNCTION:KRB5
+SSL_SESSION_get0_id 347 NOEXIST::FUNCTION:
+SSL_set_state 348 EXIST::FUNCTION:
+SSL_CIPHER_get_id 349 EXIST::FUNCTION:
+TLSv1_2_method 350 EXIST::FUNCTION:
+SSL_SESSION_get_id_len 351 NOEXIST::FUNCTION:
+kssl_ctx_get0_client_princ 352 EXIST::FUNCTION:KRB5
+SSL_export_keying_material 353 EXIST::FUNCTION:TLSEXT
+SSL_set_tlsext_use_srtp 354 EXIST::FUNCTION:SRTP
+SSL_CTX_set_next_protos_advertised_cb 355 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:SRTP
+SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:SRTP
+SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_srtp_profiles 360 EXIST::FUNCTION:SRTP
+SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_SESSION_get_compress_id 362 EXIST::FUNCTION:
More information about the Midnightbsd-cvs
mailing list